Prior to this commit, several test functions were using
"True" to flag internal and "False" to flag external for
the HD branch for the wallet, but we now use BaseWallet vars
ADDRESS_TYPE_[IN/EX]TERNAL (1/0), so this
is changed to explicitly reference those. There is no change
to the live code (which calls get_[internal/external]_addr).
In addition _index_cache updates in wallet are protected
with a wrapper function to ensure that the branch requested
is valid.
Tests pass both before and after this change.
... with wallet-tool method `signpsbt`. Specifically,
supports co-signing of PSBTs prepared elsewhere (so,
basic Updater/Signer and Finalizer roles, but not
Creator).
Provides detailed user feedback, command line only, and
supports broadcast of finalized transactions.
Supports native and p2sh segwit (and mixed, of course).
Also adds tests using externally prepared PSBTs.
Documentation of PSBT function added to USAGE.md.
See #772. This is likely a partial fix but that issue
may be more complex.
More generally, while we may have to process multiple
entries in the return of `listtransactions`, with the
same txid, because they may have different wallet labels,
we do not want to call `gettransaction` repeatedly on
the same txid in the same monitor loop call. Note however,
that we *do* need to call `gettransaction` again in
the next monitor loop, since the state (confirmations)
updates, so we cannot permanently cache those results.
Additionally removed redundant old_txs entries with set().
Prior to this commit, the list of used addresses,
which is required to check for address reuse, is populated
on startup in fast sync, and updated as new transactions
arrive; but if --recoversync is chosen, this list was not
originally getting populated. This commit corrects that bug.
Allow YG settings to be saved to joinmarket.cfg.
Before this commit, yield generator settings were
set inside the python script, which is not good.
After this commit, the order of precedence for the
settings for a yield generator is:
* Command line arguments, or
* Settings in [YIELDGENERATOR] in joinmarket.cfg, or
* default config settings in jmclient.configure.py
Fixes#784. In `Taker.receive_utxos` we check, in the
sweep case, whether the fee violates the user config
setting `max_sweep_fee_change`; if so, the tx is aborted,
and we shut down for single-shot coinjoins, but wait for
stallMonitor to restart for multi-schedules. The value is
defaulted to 80% to give plenty of breathing room to avoid
using up too many commitments.
Before this commit, the help message for wallet-tool was
very hard to read; this improves the format of the message
by overriding optparse's default handling of description
paragraphs, making it pass through the string exactly as is,
and also reformatting the string itself.
Fixes#778. Prior to this commit, attempting to run
sendpayment with a schedule specified with -S would
fail due to a bug. This is now fixed, and the
sendpayment help message now accurately reflects the
facts that no arguments other than the wallet name are
needed in case -S is used.
Fixes#743. The utility function `get_utxo_info`
tests the validity of the utxo string and the private
key, so there is no need to repeat this test; but we
need to add utxo data in binary format, so an option
is included to return it in this form.
The 4 ways of adding external commitments were tested
as all working after this commit: read in from json,
read in from file (csv format), read in from command
line and read from wallet.
Also fixes#741 - help message refers to correct
scriptpubkey types.
Before this commit, if an RPC connection failure occurred,
while the program is shutting down, it could raise an Exception
in the BitcoinCoreInterface.get_transaction() call triggered
by the WalletService.transaction_monitor loop. This commit
prevents that.
Fixes#736. Prior to this commit, the 'relay fee floor'
was being shown at INFO level in the command line output,
but not the actual feerate paid (in direct send scenarios;
the coinjoin scenario is rather more complex since fees are
not known before negotiation flow, but estimates are printed).
After this commit, the output at INFO level for direct
sends shows specifically the feerate and then the actual fee,
with min relay feerate relegated to DEBUG messages only, for
cases of manual feerate setting.
There is also some minor cleanup in comments and coinjoin fee
estimate messages are removed for non-coinjoins.
Before this commit, if a user specified a wallet filename argument
to `wallet-tool.py` and also one of the noseed methods 'generate',
'recover' or 'createwatchonly', it would cause a crash. This is
now checked for and a readable parser error is provided instead.
Before this commit, the taker would choose offers from
the pit based on the setting of `native` in the `[POLICY]`
section of the config object; however this could lead to
users unwittingly choosing the wrong offer type, i.e. one
that is incompatible with their own wallets, which could
result in coinjoins with mixed address types.
This commit fixes that error by only selecting offers that
are compatible with the return value of `BaseWallet.get_txtype()`.
Also fixes up tests for this wallet type enforcement.
Before this bugfix, the user-chosen minsize is passed
to the constructor of the YieldGenerator class unaltered,
even though it was dynamically updated to ensure 20% of
txfee profit in all cases (the wrong variable was passed).
This commit fixes that (`minsize` not `options.minsize`).
This commit updates sendtomany.py and add-utxo.py to reflect
the new default wallet type (p2wpkh) and the new bitcoin
backend code; in doing this it slightly modifies the functions
in commitment_utils.py.
* yg scripts set reloffer/absoffer only:
Prior to this commit, the yield generator user
level scripts required the user to specify offer
types depending on the wallet, but only 'rel/abs'
distinction is user choice; the other element
(native segwit, p2sh or p2pkh) must be defined
by the wallet, so we now call `wallet.get_txtype()`
to translate from reloffer/absoffer to sw0.. etc.
* Taker chooses nversion, nlocktime per wallet type:
Takers who are still using p2sh-p2wpkh wallets will
not want to flag their transactions with different
tx metadata than previous versions that are still
running, so we check the `get_txtype()` output to
decide which nVersion and nLockTime to use.
Also, the SNICKER locktime is reverted to zero as
according to draft spec.
* change offer type in test_coinjoin
* update docs for bech32 wallets
As per BIP78, new inputs or outputs must be
inserted, without changing the original order;
since we don't add extra outputs, we should leave
them in an unchanged order. Previously they were
shuffled.
Before this commit, if a BIP78 sender rejected the
PSBT sent by the receiver in the negotiation, JM's
receiver was hanging as the fallback broadcast was not
triggered. This commit corrects that error, and also
makes the fallback message visible on the GUI, and makes
it more ambiguous (since it not always clear whether
the transaction was broadcast or not, in this case).
The handle_unbroadcast_transaction fallback in Taker
is useful because Makers may not cooperate in broadcasting
a transaction, but it is only appropriate for the
random-peer option of `tx_broadcast`; for not-self the
user has chosen to avoid using their own IP, so this
commit simply abandons the attempt to broadcast the
transaction in that case.
The comments added to the config emphasize the problematic
aspect of this, which is that the tx may need to be
manually broadcast via another channel.
Prior to this commit, the payjoin receiver code
was signing a PSBT containing the utxo field
for every input, including the ones it did not
own, and transferring this to the sender.
However BIP78 specifies that, for inputs belonging
to the sender, no utxo field should be included.
This is corrected in this commit.
Also, ensure witness_utxo field is populated,
plus minor bugfixes related to presence of
NONWITNESS_UTXO field in provided payment PSBT.
Tested as being functional either with or without
NONWITNESS_UTXO field, for all-segwit inputs.
Also manually fire order creation in coinjoin tests.
This clarification and test change is required due
to the fact that LoopingCalls are designed to fire
immediately by default, before the reactor is
initialized (and therefore in a `running` state),
making it not possible to shutdown the reactor as
a result of events happening in that first call;
so we delay the first call of the maker's orderbook
populating code, so that if a no-coins error
occurs, it will actually shut down the reactor and
hence the whole yield generator program, as intended.
Prior to this commit, in case an RPC failure occurred when
accesing the block height, the program would continue but the
wallet would be in an un-writeable state (for command line
programs, specifically yield generators; for Qt the shutdown
would occur).
This commit slightly cleans up the process of shutting down,
ensuring that duplicate shutdown calls do not result in
stack traces. It also ensures that also for command line
programs, the application will immediately shutdown if the
regular heartbeat call to query the block height fails, as this
risks inconsistencies in the wallet (though the previous
situation luckily did not result in this as the call to
BaseWallet.close() resulted in the wallet being read only).
A future PR should develop a more sophisticated approach to
RPC call failures that may allow the program to wait.
stopservice
Prior to this commit, the cancel button remained
activated when the BIP78 payjoin processing had
completed, either successfully or unsuccessfully
which could be confusing for the user.
After this commit, when the processing is complete,
the JMBIP78ReceiverManager object fires the shutdown
callback, which Qt uses to signal the dialog, which
then updates to disable the Cancel button and show
the Close button.
Additionally, line breaks were added to make tooltips
more readable.
This commit implements a command line script and a GUI
dialog to receive a payment using the BIP78 protocol,
by setting up an ephemeral hidden service.
It also deprecates the pre-existing inter-Joinmarket
protocol for payjoin payments, since we now have
both sending and receiving support for BIP78. Thus,
much code in Maker, Taker and client-daemon protocol
is removed, as is some documentation in docs/PAYJOIN.md.
Also the script `sendpayment.py` is altered to support
only the BIP78 variant.
The test in jmclient/test/test_payjoin now implements
BIP78 over a TCP connection, while the custom tests in
test/payjoinserver.py can support hidden service based
tests, but the latter is not included in the test suite
and may not always work (it is only for manual
investigations).
The following features of BIP78 are supported:
minfeerate
additionalfeeoutputindex - but *only* for single
change output transactions
maxadditionalfeecontribution
The receiver does not have nor request payment
output substitution.
Utxo selection is no longer sophisticated, instead
we only choose a single utxo to keep the size
increase of the transaction minimal. Thus UIH is
not addressed at the moment.
Errors returned are in line with BIP78.
Sequence numbers are checked by receiver, and
kept identical if uniform, otherwise respected.
Receiver uses transaction monitor to shut down
when the payment is seen.
The workflow is almost entirely implemented in
jmclient/payjoin.py and the command line script
is in scripts/receive-payjoin.py. The setup, including
configuration changes for Tor, are documented in
docs/PAYJOIN.md, including a user guide video linked.
Adam Gibson
Kristaps Kaupe
dchoe
Jules Comte
nixbitcoin