Prior to this commit the txtorcon package was issuing
a `GETINFO 'config/defaults'` request to the Tor control
port, which reveals potentially sensitive info, and also
sending a `CONF_CHANGED` request which is not needed. These
requests are removed by patching the library (which is hacky
but in a pretty minor way). This does not affect the Payjoin
workflow.
Prior to this commit, the Tor control request `ADD_ONION`
did not specify that the private key need not be returned.
After this commit we add the flag `DiscardPK` by specifying
the argument private_key=txtorcon.DISCARD to the call to
`create_onion_endpoint`, so that the private key is not
returned. The private key is not needed, so this is better.
This completes the task of enabling
network isolation by running the receiver
side using a hidden service in the daemon,
and communicating over AMP, as is already
the case for the sender.
Updates test_payjoin for daemon receiver.
Qt BIP78 receiver update for daemon.
Also manually fire order creation in coinjoin tests.
This clarification and test change is required due
to the fact that LoopingCalls are designed to fire
immediately by default, before the reactor is
initialized (and therefore in a `running` state),
making it not possible to shutdown the reactor as
a result of events happening in that first call;
so we delay the first call of the maker's orderbook
populating code, so that if a no-coins error
occurs, it will actually shut down the reactor and
hence the whole yield generator program, as intended.
Prior to this commit, in case an RPC failure occurred when
accesing the block height, the program would continue but the
wallet would be in an un-writeable state (for command line
programs, specifically yield generators; for Qt the shutdown
would occur).
This commit slightly cleans up the process of shutting down,
ensuring that duplicate shutdown calls do not result in
stack traces. It also ensures that also for command line
programs, the application will immediately shutdown if the
regular heartbeat call to query the block height fails, as this
risks inconsistencies in the wallet (though the previous
situation luckily did not result in this as the call to
BaseWallet.close() resulted in the wallet being read only).
A future PR should develop a more sophisticated approach to
RPC call failures that may allow the program to wait.
stopservice
Kristaps Kaupe
Adam Gibson