This release includes algorithmic improvements which increase the speed
of key generation and signing. At the same time, the binary size has
been reduced significantly.
Full changelog: https://github.com/bitcoin-core/secp256k1/blob/master/CHANGELOG.md#050---2024-05-06
The ABI is backward compatible with versions 0.4.x and 0.3.x, so no
python-bitcointx update is needed.
30557a498e CI: Bump Bitcoin Core from 26.1 to 27.0 (Kristaps Kaupe)
Pull request description:
.
Top commit has no ACKs.
Tree-SHA512: 814a8fd88cb76ac50ab8cbe0d91393f0ffb17a6ebd2085ce8d9ff40e983dcf0cd2afc48f3ed9cbe694c146e517db14fae765fb7b01899271deec89ea3513da97
719f242389 Fix run_tests.sh for Bitcoin Core v27 (Kristaps Kaupe)
Pull request description:
Should fix#1694 CI failure.
Top commit has no ACKs.
Tree-SHA512: 0faea0d53ae483c9b8f2ba7f7c651219d06d8af1ce794208584edbfbb395d675fbd07f6f4a61a18725482c05b2a69ed03870f26a040f229851226a3d8979fd8c
f3f4f0a4fb Multiple (batch) payment support in `direct_send()` (Kristaps Kaupe)
Pull request description:
Work towards #1012. Changes `direct_send()` to instead of single `amount` and `destination` to accept `dest_and_amounts` which is list of tuples of addresses and amounts instead. Haven't yet implemented and tested actual payments to multiple recipients, but tested that this doesn't break existing stuff.
Top commit has no ACKs.
Tree-SHA512: 02195a28d071c9537cb5297e63854ad2571e0ae9b5e06b850d6173c47d53caae953e9d7671ff861a6584a104d7a59da2293781d4440f7db4814f9b2fc4116c46
4040aced18 update sourcing commitments link (Marnix)
26c157d2f9 small fixes/updates in tumblerguide doc (Marnix)
Pull request description:
small fixes and link updates
ACKs for top commit:
kristapsk:
ACK 4040aced18
Tree-SHA512: 4f1d5a593c87296f091d5aa801ddef8a5eca51884b14c22f0b8d41a3cdacb9d2b094654bedd3335f51d319bb02c3e486e96f632de9791b1d0f52192acba83594
d11779184f yieldgenerator: allow change address to be overridden (Matt Whitlock)
Pull request description:
I have a custom yield generator that sometimes sends change to external addresses. Implementing this required me to add an extension point in `jmclient/yieldgenerator.py` to allow the change address to be overridden. As this could be useful to others as well, I am submitting it for review and merge.
ACKs for top commit:
kristapsk:
cr utACK d11779184f. Tests pass, that should be enough here.
Tree-SHA512: 459e4d5cd64010feda2092ebf69c4227b428b0ff45edcca3635ca553e5aa64bd1395374d5bc31080091dcd49426c3f8bf018c9cad2476411e99f65ab46aa31b7
6e5cdc81ae Refactor: move bitcoin unit conversion functions from ob-watcher to jmbitcoin (Kristaps Kaupe)
Pull request description:
Get rid of `satoshi_to_unit_power()` and `satoshi_to_unit()` in `scripts/obwatch/ob-watcher.py`, move that code where it belongs, to `src/jmbitcoin/amount.py`, with the rest of bitcoin unit conversion functions.
Top commit has no ACKs.
Tree-SHA512: 5d61d6148d283607a9fd8296788d409f9c86c7ca99a47e0c99ecf8ea6504214e867f94b3f889cd0e17aee0533b50115df32a1e6a75bd1326fe0e6ce9aa19e8ef
904b780b80 Unify cli user input code where limited range of answers are allowed (Kristaps Kaupe)
Pull request description:
Fixes#1494.
Top commit has no ACKs.
Tree-SHA512: ec19d8e3fa9651f0eba8930dc0fc57495770cda8f1d6e926d7a361eb0e5dabe876f9e9fceaf48ae50808e30549be17109452a43411ba5e76b7f44fad0888d559
6e33686ccb update Installation on Linux (Marnix)
Pull request description:
.
ACKs for top commit:
kristapsk:
ACK 6e33686ccb
Tree-SHA512: 62d200dee12d6f076367d18fa3978d16be5e5c65687de764eef904f7f4d4a53a37e010d7f1cb243c2acd0da7129d849202d0ea9692a7a5c429f18c808257e176
b9cfd89dd7 Bump built-in Tor from 0.4.8.7 to 0.4.8.10 (Kristaps Kaupe)
Pull request description:
There have been some bugfixes in between.
[Full changes](https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.10/ChangeLog):
```
Changes in version 0.4.8.10 - 2023-12-08
This is a security release fixing a high severity bug (TROVE-2023-007)
affecting Exit relays supporting Conflux. We strongly recommend to update as
soon as possible.
o Major bugfixes (TROVE-2023-007, exit):
- Improper error propagation from a safety check in conflux leg
linking lead to a desynchronization of which legs were part of a
conflux set, ultimately causing a UAF and NULL pointer dereference
crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 08, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/12/08.
o Minor bugfixes (bridges, statistics):
- Correctly report statistics for client count over Pluggable
transport. Fixes bug 40871; bugfix on 0.4.8.4
Changes in version 0.4.8.9 - 2023-11-09
This is another security release fixing a high severity bug affecting onion
services which is tracked by TROVE-2023-006. We are also releasing a guard
major bugfix as well. If you are an onion service operator, we strongly
recommend to update as soon as possible.
o Major bugfixes (guard usage):
- When Tor excluded a guard due to temporary circuit restrictions,
it considered *additional* primary guards for potential usage by
that circuit. This could result in more than the specified number
of guards (currently 2) being used, long-term, by the tor client.
This could happen when a Guard was also selected as an Exit node,
but it was exacerbated by the Conflux guard restrictions. Both
instances have been fixed. Fixes bug 40876; bugfix
on 0.3.0.1-alpha.
o Major bugfixes (onion service, TROVE-2023-006):
- Fix a possible hard assert on a NULL pointer when recording a
failed rendezvous circuit on the service side for the MetricsPort.
Fixes bug 40883; bugfix on 0.4.8.1-alpha
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 09, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/09.
Changes in version 0.4.8.8 - 2023-11-03
We are releasing today a fix for a high security issue, TROVE-2023-004, that
is affecting relays. Also a few minor bugfixes detailed below. Please upgrade
as soon as posssible.
o Major bugfixes (TROVE-2023-004, relay):
- Mitigate an issue when Tor compiled with OpenSSL can crash during
handshake with a remote relay. Fixes bug 40874; bugfix
on 0.2.7.2-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 03, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/03.
o Minor bugfixes (directory authority):
- Look at the network parameter "maxunmeasuredbw" with the correct
spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha.
o Minor bugfixes (vanguards addon support):
- Count the conflux linked cell as valid when it is successfully
processed. This will quiet a spurious warn in the vanguards addon.
Fixes bug 40878; bugfix on 0.4.8.1-alpha.
```
Checksum file - https://dist.torproject.org/tor-0.4.8.10.tar.gz.sha256sum .
Top commit has no ACKs.
Tree-SHA512: 260cad87810fb17de3bd0f9d75fe83b6c9b06a779c493ddfbbb9a8b822719a50374389fafb1c5e72d89dd8330f100d775f96e4a14a56589be0edb53fe22c4a9e
24feda79d3 Fix / remove broken links (Kristaps Kaupe)
Pull request description:
These were found with [link-inspector](https://github.com/justindhillon/link-inspector).
Top commit has no ACKs.
Tree-SHA512: 0c58d17790cd721f8adc5a042b87482277879c3e539ea89804c47d6927f28ffd7f115561e828901e330dd497e42eebe8858a3de57edf57cfed07e12ec193b216
053d8a18f2 Implement mixdepth filtering for showutxos (Kristaps Kaupe)
Pull request description:
Resolves#1539. As usual, also added type hints here and there.
Top commit has no ACKs.
Tree-SHA512: a61ce96cb1c79e046c0d44289411029cae050f30349aafa886c4882d77addcd8ec84d5f8990328fb7257436779c6cca9b87e89376aedbeb3e9d61d0e6d31a4c7
f0b0e55431 Cache None in tx_cache for non-wallet transactions (Kristaps Kaupe)
Pull request description:
`wallet_fetch_history()` calls `BlockchainInterface.get_transaction()` for each input of wallet transactions to figure out which of the inputs are ours and which aren't. It will return `None` for non-wallet transactions and that weren't cached, so, if the same non-wallet transaction appears in inputs of wallet transactions multiple times, unnecessary `gettransaction` RPCs to Bitcoin Core were made.
Top commit has no ACKs.
Tree-SHA512: 43b7166f2cfb1ed02fa46d78333c045cab8b8a94765dba44a3190c8e67ec353bf9e0a0c9fec8386ab489b1ea1448188ee3078c5a37de9140f99199b3a5a066f6
bbc2150c3b Tell libsodium not to download code from savannah.gnu.org in autogen.sh (Kristaps Kaupe)
Pull request description:
Fixes#1655.
Top commit has no ACKs.
Tree-SHA512: 14d9be5990cca6f88d5369bab50e8bfa5838d28c2ce7a9f6ea2f1e1274dacc4814fb4a7b6cacd528973621cd8cbca4f05de2a31de8ea231ffb97e60c04c28ac4
07bad142ba Bump cryptography from 41.0.6 to 42.0.4 (dependabot[bot])
Pull request description:
Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.6 to 42.0.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's changelog</a>.</em></p>
<blockquote>
<p>42.0.4 - 2024-02-20</p>
<pre><code>
* Fixed a null-pointer-dereference and segfault that could occur when creating
a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields ``SMIMECapabilities``
and ``SignatureAlgorithmIdentifier`` should now be correctly encoded according to the
definitions in :rfc:`2633` :rfc:`3370`.
<p>.. _v42-0-3:</p>
<p>42.0.3 - 2024-02-15
</code></pre></p>
<ul>
<li>Fixed an initialization issue that caused key loading failures for some
users.</li>
</ul>
<p>.. _v42-0-2:</p>
<p>42.0.2 - 2024-01-30</p>
<pre><code>
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol objects in
``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange`,
``X25519PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange`,
``X448PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
and ``DHPrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.
<p>.. _v42-0-1:</p>
<p>42.0.1 - 2024-01-24
</code></pre></p>
<ul>
<li>Fixed an issue with incorrect keyword-argument naming with <code>EllipticCurvePrivateKey</code>
:meth:<code>~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign</code>.</li>
<li>Resolved compatibility issue with loading certain RSA public keys in
:func:<code>~cryptography.hazmat.primitives.serialization.load_pem_public_key</code>.</li>
</ul>
<p>.. _v42-0-0:</p>
<p>42.0.0 - 2024-01-22</p>
<pre><code>
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="fe18470f7d"><code>fe18470</code></a> Bump for 42.0.4 release (<a href="https://redirect.github.com/pyca/cryptography/issues/10445">#10445</a>)</li>
<li><a href="aaa2dd06ed"><code>aaa2dd0</code></a> Fix ASN.1 issues in PKCS#7 and S/MIME signing (<a href="https://redirect.github.com/pyca/cryptography/issues/10373">#10373</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10442">#10442</a>)</li>
<li><a href="7a4d012991"><code>7a4d012</code></a> Fixes <a href="https://redirect.github.com/pyca/cryptography/issues/10422">#10422</a> -- don't crash when a PKCS#12 key and cert don't match (<a href="https://redirect.github.com/pyca/cryptography/issues/10423">#10423</a>) ...</li>
<li><a href="df314bb182"><code>df314bb</code></a> backport actions m1 switch to 42.0.x (<a href="https://redirect.github.com/pyca/cryptography/issues/10415">#10415</a>)</li>
<li><a href="c49a7a5271"><code>c49a7a5</code></a> changelog and version bump for 42.0.3 (<a href="https://redirect.github.com/pyca/cryptography/issues/10396">#10396</a>)</li>
<li><a href="396bcf64c5"><code>396bcf6</code></a> fix provider loading take two (<a href="https://redirect.github.com/pyca/cryptography/issues/10390">#10390</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10395">#10395</a>)</li>
<li><a href="0e0e46f5f7"><code>0e0e46f</code></a> backport: initialize openssl's legacy provider in rust (<a href="https://redirect.github.com/pyca/cryptography/issues/10323">#10323</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10333">#10333</a>)</li>
<li><a href="2202123b50"><code>2202123</code></a> changelog and version bump 42.0.2 (<a href="https://redirect.github.com/pyca/cryptography/issues/10268">#10268</a>)</li>
<li><a href="f7032bdd40"><code>f7032bd</code></a> bump openssl in CI (<a href="https://redirect.github.com/pyca/cryptography/issues/10298">#10298</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10299">#10299</a>)</li>
<li><a href="002e886f16"><code>002e886</code></a> Fixes <a href="https://redirect.github.com/pyca/cryptography/issues/10294">#10294</a> -- correct accidental change to exchange kwarg (<a href="https://redirect.github.com/pyca/cryptography/issues/10295">#10295</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10296">#10296</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/pyca/cryptography/compare/41.0.6...42.0.4">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/JoinMarket-Org/joinmarket-clientserver/network/alerts).
</details>
Top commit has no ACKs.
Tree-SHA512: 2f5321f32270c80ea423555f504a26c608cfe25aca0693470d696bff0a178b51702a6c6646cfd5dc397fb8d41fb5f84170dfad9add81687ab2d6ded299fd090e
bd22dd0d9f Bump pyopenssl from 23.2.0 to 24.0.0 (Kristaps Kaupe)
Pull request description:
Needed for #1669, allows upgrading `cryptography` to 42.x, see https://github.com/pyca/pyopenssl/issues/1285 and https://github.com/pyca/pyopenssl/pull/1284.
Top commit has no ACKs.
Tree-SHA512: 9402c257d2a6c012bacd7cd8064f5d1b72a8a8751e28c5544b90b749ba7d1a5f22bb8ae6056f244b06c5f928cf88b5438328a53246f418fed125aa659ff667c6
053e9d882c Release notes and version for v0.9.11 (Kristaps Kaupe)
Pull request description:
Please review and test. Treat this as a release candidate. :)
ACKs for top commit:
AdamISZ:
ACK 053e9d882c
Tree-SHA512: 9d3e1cfed40360e34a472d2fb5fd63eafbc91a3dc0947ca0a92c45593be01ee07bb226baa8296ccc6759429c675bc353dc008717a3e55c807941c2e7a6003d14
a5a5132160 update payjoin doc (Marnix)
Pull request description:
remove old dead links
If you'd rather replace the links with newer ones, please share them. happy to add/update
ACKs for top commit:
kristapsk:
ACK a5a5132160
Tree-SHA512: aab19aa4cd9f0452ea6206a19f843481f1cbad56c4fc746d613707a3991fefe83ff191b4da2d436d1f3024492687ee85504f3842f1ac95e886c98a09aa13af85
cde6b4ca9a Fix no amount entered message (can be sats too, not only BTC) (Kristaps Kaupe)
Pull request description:
Message was wrong since dropdown to switch between BTC and sat amounts was added.
Top commit has no ACKs.
Tree-SHA512: e4f5c85e7fb6f657fe49b8ff1748bc23cbb9bd29dc947991798d907459500423f7348945784798c54ce0e9010a45a5e3e5488b7cdf8b97dd43ec7a45e6bf3fb3
8846c4da62 Remove --disable-jni from libsecp256k1_build (Kristaps Kaupe)
Pull request description:
JNI was removed with libsecp256k1 v0.2.0, see https://github.com/bitcoin-core/secp256k1/pull/682.
Top commit has no ACKs.
Tree-SHA512: 4d0b67527e3d4530528beaaf54c926fc0848324be7051b22998d6d695c95b0de4b70e7483832068dc2abb9c3183b76d64c372a088958f6508b280c4cceee0840
f2ae8abac1 Don't validate cache during initial sync. (Adam Gibson)
Pull request description:
Prior to this commit, the calls to get_new_addr in the functions in the initial sync algo used for recovery, used the default value of the argument validate_cache, which is True (because in normal running, get_new_addr is used to derive addresses as destinations, for which it's safer to not use the cache, and as one-off calls, are not performance-sensitive). This caused initial sync to be very slow in recovery, especially if using large gap limits (which is common). After this commit, we set the argument validate_cache to False, as is intended during initial sync. This allows the optimised performance from caching to be in effect. See earlier PRs #1594 and #1614 for context.
Top commit has no ACKs.
Tree-SHA512: 2e16642dbb071f3f4e8c3bcfc6cfb71b63865acfb576be6f31b2a8945795b9e9a5de5c93bc2ed534db8ee9ac12cbddef180c303ed6e3c30c89f6f67d49a2d834
0a225c1178 Payjoin: log full proposed PSBT from sender if it fails sanity checks (Kristaps Kaupe)
Pull request description:
It's useful when debugging receiving payjoins from other wallets.
Top commit has no ACKs.
Tree-SHA512: db14d79ec6ed29b0da88717089541dabd13dde4623bcec71c16f3cfc60f321d46c5288d14a56e0134e887b67a3278ce528c873c56dc5c716e1c27b83fe0d339f
c4414e8c9c Minor quality improvements in wallet code (Kristaps Kaupe)
Pull request description:
Was looking at #1278 changes in context of #1588. Couldn't find any errors there, that seems correct and should be working. But in process I corrected wrong comment, changed to use `btc_to_sat()` helper function for unit conversion and added some type hints.
ACKs for top commit:
AdamISZ:
utACK c4414e8c9c
Tree-SHA512: df227ca7316ad9cc4b7cb3133df940bd3a3132a521f552756906f090b82b1b08c6e11775c47698685be23017ea8e9893ba5e9467c415158aeec7075839e32ea4
9c13180c13 Raise fallback fee rate from 10 sat/vB to 20 sat/vB (Kristaps Kaupe)
Pull request description:
It's just current reality on mainnet, that's around what `bitcoin-cli estimatesmartfee 1008` (1 week confirmation target) returns.
ACKs for top commit:
AdamISZ:
utACK 9c13180c13
Tree-SHA512: 15057a92bc498c17d66141fb08e31c0e21f5a070f13de5bc99aa9236290e8d65c64ed2060239f616b4bb6b684e1abe498bb0976fe2b0c26ea61f601b6a6a4293
Kristaps Kaupe
Marnix
Matt Whitlock
dependabot[bot]