67da0090e7 CI: Bump Bitcoin Core from 27.0 to 27.1 (Kristaps Kaupe)
Pull request description:
.
Top commit has no ACKs.
Tree-SHA512: 03e7edd86fd57cf4e05ec69178ac22fb84b4336710fb337e5ea52445d7338e89d26b6f83eef2c7a7b349bc232de3fc658b48a1c9389434326045daafac8e4f3e
53d89ecc9a Bump libsecp256k1 from v0.4.1 to v0.5.0 (Kristaps Kaupe)
Pull request description:
This release includes algorithmic improvements which increase the speed of key generation and signing. At the same time, the binary size has been reduced significantly.
Full changelog: https://github.com/bitcoin-core/secp256k1/blob/master/CHANGELOG.md#050---2024-05-06
The ABI is backward compatible with versions 0.4.x and 0.3.x, so no python-bitcointx update is needed.
Top commit has no ACKs.
Tree-SHA512: 6eba667915f391e93fc9541e4e0ff0d4847f872a57bfb2d4a13e56112f03a5009ed7e2d5703c844dd15202072c0ec4c5638396b84aef48222d08b161d9432de1
865247cf8d Support payjoin PSBT with multiple sender inputs (spacebear)
Pull request description:
[Compatibility testing with PDK](https://github.com/payjoin/rust-payjoin/issues/51#issuecomment-2100765588) revealed that the JoinMarket payjoin receiver doesn't support signing for PSBTs that contain multiple sender inputs. This patch fixes that.
ACKs for top commit:
AdamISZ:
tACK 865247cf8d
kristapsk:
re-ACK 865247cf8d
Tree-SHA512: cf25e161be229bc440e1f0a5ad16d529e30c1470e7f6ba450ab912458f6c4db05b3ed9e463549685c5a52f37c234809f4d042522f358a0293a36932c005bbe0d
954dc36e75 Remove Ilita IRC, re-enable hackint (Kristaps Kaupe)
Pull request description:
Ilita isn't working for me, but have seen no problems with both darkscience and hackint recently. More resiliance with messaging channels is better.
Also changed `[MESSAGING:server1]` and `[MESSAGING:server2]` to `[MESSAGING:darkscience]` and `[MESSAGING:hackint]`.
ACKs for top commit:
roshii:
utACK 954dc36e75
Tree-SHA512: 77d9030189f34c22c78a7d8b94fb5c8e07bdf7c56317b1e0f98200c33e483572228785b345ad7148791bc55be85dfa6f3ad39a3237b87902efde650f8c8508ec
8eb55be6e0 Handle None enter_seed_callback() response (Kristaps Kaupe)
Pull request description:
Fixes#1698. Also added type hints.
Top commit has no ACKs.
Tree-SHA512: c5d6e9f0dd63528013c64556086b119a0b25e24f10d683f21c43bf88f794d02d8da28191f05e3bcb204ed2d43cba314962536c62e24c46334644234b458220d3
508b4ee5d1 fix-debian (st3b1t)
Pull request description:
this fix an error on debian install:
```
~/joinmarket-clientserver/deps ~/joinmarket-clientserver
~/joinmarket-clientserver/deps/libffi-3.2.1 ~/joinmarket-clientserver/deps ~/joinmarket-clientserver
patching file Makefile.am
patching file configure.ac
patching file configure.ac
./autogen.sh: 2: exec: autoreconf: not found
./install.sh: line 271: ./configure: No such file or directory
gmake: *** No rule to make target 'uninstall'. Stop.
gmake: *** No targets specified and no makefile found. Stop.
```
`autoreconf: not found`
the `autoreconf` command is part of `autoconf` pkg that was not included
fix some issues like this: https://github.com/JoinMarket-Org/joinmarket-clientserver/issues/541
ACKs for top commit:
kristapsk:
ACK 508b4ee5d1
roshii:
utACK 508b4ee5d1
Tree-SHA512: c8ba502d8ae25e2dbc70b539bb3d4c85624751c24c71cafad72e612928dcde7c4f801525c3f4afd2af6f8a755ccd082d77b699a0838312111514394699681e15
8798b8bc6e Redirect back to / after /refreshorderbook and /rotateOb (Kristaps Kaupe)
Pull request description:
Fixes#1684.
Top commit has no ACKs.
Tree-SHA512: 3f4ff430888e3cc200ab956ffc84321d54d59ebde69b49dc78ca7534833e0bb06131a6216dfa1791e3ee2998019de5ec58d0f18e03b2efc6e0b02cea3e26ca47
This release includes algorithmic improvements which increase the speed
of key generation and signing. At the same time, the binary size has
been reduced significantly.
Full changelog: https://github.com/bitcoin-core/secp256k1/blob/master/CHANGELOG.md#050---2024-05-06
The ABI is backward compatible with versions 0.4.x and 0.3.x, so no
python-bitcointx update is needed.
30557a498e CI: Bump Bitcoin Core from 26.1 to 27.0 (Kristaps Kaupe)
Pull request description:
.
Top commit has no ACKs.
Tree-SHA512: 814a8fd88cb76ac50ab8cbe0d91393f0ffb17a6ebd2085ce8d9ff40e983dcf0cd2afc48f3ed9cbe694c146e517db14fae765fb7b01899271deec89ea3513da97
719f242389 Fix run_tests.sh for Bitcoin Core v27 (Kristaps Kaupe)
Pull request description:
Should fix#1694 CI failure.
Top commit has no ACKs.
Tree-SHA512: 0faea0d53ae483c9b8f2ba7f7c651219d06d8af1ce794208584edbfbb395d675fbd07f6f4a61a18725482c05b2a69ed03870f26a040f229851226a3d8979fd8c
f3f4f0a4fb Multiple (batch) payment support in `direct_send()` (Kristaps Kaupe)
Pull request description:
Work towards #1012. Changes `direct_send()` to instead of single `amount` and `destination` to accept `dest_and_amounts` which is list of tuples of addresses and amounts instead. Haven't yet implemented and tested actual payments to multiple recipients, but tested that this doesn't break existing stuff.
Top commit has no ACKs.
Tree-SHA512: 02195a28d071c9537cb5297e63854ad2571e0ae9b5e06b850d6173c47d53caae953e9d7671ff861a6584a104d7a59da2293781d4440f7db4814f9b2fc4116c46
4040aced18 update sourcing commitments link (Marnix)
26c157d2f9 small fixes/updates in tumblerguide doc (Marnix)
Pull request description:
small fixes and link updates
ACKs for top commit:
kristapsk:
ACK 4040aced18
Tree-SHA512: 4f1d5a593c87296f091d5aa801ddef8a5eca51884b14c22f0b8d41a3cdacb9d2b094654bedd3335f51d319bb02c3e486e96f632de9791b1d0f52192acba83594
d11779184f yieldgenerator: allow change address to be overridden (Matt Whitlock)
Pull request description:
I have a custom yield generator that sometimes sends change to external addresses. Implementing this required me to add an extension point in `jmclient/yieldgenerator.py` to allow the change address to be overridden. As this could be useful to others as well, I am submitting it for review and merge.
ACKs for top commit:
kristapsk:
cr utACK d11779184f. Tests pass, that should be enough here.
Tree-SHA512: 459e4d5cd64010feda2092ebf69c4227b428b0ff45edcca3635ca553e5aa64bd1395374d5bc31080091dcd49426c3f8bf018c9cad2476411e99f65ab46aa31b7
6e5cdc81ae Refactor: move bitcoin unit conversion functions from ob-watcher to jmbitcoin (Kristaps Kaupe)
Pull request description:
Get rid of `satoshi_to_unit_power()` and `satoshi_to_unit()` in `scripts/obwatch/ob-watcher.py`, move that code where it belongs, to `src/jmbitcoin/amount.py`, with the rest of bitcoin unit conversion functions.
Top commit has no ACKs.
Tree-SHA512: 5d61d6148d283607a9fd8296788d409f9c86c7ca99a47e0c99ecf8ea6504214e867f94b3f889cd0e17aee0533b50115df32a1e6a75bd1326fe0e6ce9aa19e8ef
904b780b80 Unify cli user input code where limited range of answers are allowed (Kristaps Kaupe)
Pull request description:
Fixes#1494.
Top commit has no ACKs.
Tree-SHA512: ec19d8e3fa9651f0eba8930dc0fc57495770cda8f1d6e926d7a361eb0e5dabe876f9e9fceaf48ae50808e30549be17109452a43411ba5e76b7f44fad0888d559
6e33686ccb update Installation on Linux (Marnix)
Pull request description:
.
ACKs for top commit:
kristapsk:
ACK 6e33686ccb
Tree-SHA512: 62d200dee12d6f076367d18fa3978d16be5e5c65687de764eef904f7f4d4a53a37e010d7f1cb243c2acd0da7129d849202d0ea9692a7a5c429f18c808257e176
b9cfd89dd7 Bump built-in Tor from 0.4.8.7 to 0.4.8.10 (Kristaps Kaupe)
Pull request description:
There have been some bugfixes in between.
[Full changes](https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.10/ChangeLog):
```
Changes in version 0.4.8.10 - 2023-12-08
This is a security release fixing a high severity bug (TROVE-2023-007)
affecting Exit relays supporting Conflux. We strongly recommend to update as
soon as possible.
o Major bugfixes (TROVE-2023-007, exit):
- Improper error propagation from a safety check in conflux leg
linking lead to a desynchronization of which legs were part of a
conflux set, ultimately causing a UAF and NULL pointer dereference
crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 08, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/12/08.
o Minor bugfixes (bridges, statistics):
- Correctly report statistics for client count over Pluggable
transport. Fixes bug 40871; bugfix on 0.4.8.4
Changes in version 0.4.8.9 - 2023-11-09
This is another security release fixing a high severity bug affecting onion
services which is tracked by TROVE-2023-006. We are also releasing a guard
major bugfix as well. If you are an onion service operator, we strongly
recommend to update as soon as possible.
o Major bugfixes (guard usage):
- When Tor excluded a guard due to temporary circuit restrictions,
it considered *additional* primary guards for potential usage by
that circuit. This could result in more than the specified number
of guards (currently 2) being used, long-term, by the tor client.
This could happen when a Guard was also selected as an Exit node,
but it was exacerbated by the Conflux guard restrictions. Both
instances have been fixed. Fixes bug 40876; bugfix
on 0.3.0.1-alpha.
o Major bugfixes (onion service, TROVE-2023-006):
- Fix a possible hard assert on a NULL pointer when recording a
failed rendezvous circuit on the service side for the MetricsPort.
Fixes bug 40883; bugfix on 0.4.8.1-alpha
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 09, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/09.
Changes in version 0.4.8.8 - 2023-11-03
We are releasing today a fix for a high security issue, TROVE-2023-004, that
is affecting relays. Also a few minor bugfixes detailed below. Please upgrade
as soon as posssible.
o Major bugfixes (TROVE-2023-004, relay):
- Mitigate an issue when Tor compiled with OpenSSL can crash during
handshake with a remote relay. Fixes bug 40874; bugfix
on 0.2.7.2-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 03, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/03.
o Minor bugfixes (directory authority):
- Look at the network parameter "maxunmeasuredbw" with the correct
spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha.
o Minor bugfixes (vanguards addon support):
- Count the conflux linked cell as valid when it is successfully
processed. This will quiet a spurious warn in the vanguards addon.
Fixes bug 40878; bugfix on 0.4.8.1-alpha.
```
Checksum file - https://dist.torproject.org/tor-0.4.8.10.tar.gz.sha256sum .
Top commit has no ACKs.
Tree-SHA512: 260cad87810fb17de3bd0f9d75fe83b6c9b06a779c493ddfbbb9a8b822719a50374389fafb1c5e72d89dd8330f100d775f96e4a14a56589be0edb53fe22c4a9e
24feda79d3 Fix / remove broken links (Kristaps Kaupe)
Pull request description:
These were found with [link-inspector](https://github.com/justindhillon/link-inspector).
Top commit has no ACKs.
Tree-SHA512: 0c58d17790cd721f8adc5a042b87482277879c3e539ea89804c47d6927f28ffd7f115561e828901e330dd497e42eebe8858a3de57edf57cfed07e12ec193b216
053d8a18f2 Implement mixdepth filtering for showutxos (Kristaps Kaupe)
Pull request description:
Resolves#1539. As usual, also added type hints here and there.
Top commit has no ACKs.
Tree-SHA512: a61ce96cb1c79e046c0d44289411029cae050f30349aafa886c4882d77addcd8ec84d5f8990328fb7257436779c6cca9b87e89376aedbeb3e9d61d0e6d31a4c7
f0b0e55431 Cache None in tx_cache for non-wallet transactions (Kristaps Kaupe)
Pull request description:
`wallet_fetch_history()` calls `BlockchainInterface.get_transaction()` for each input of wallet transactions to figure out which of the inputs are ours and which aren't. It will return `None` for non-wallet transactions and that weren't cached, so, if the same non-wallet transaction appears in inputs of wallet transactions multiple times, unnecessary `gettransaction` RPCs to Bitcoin Core were made.
Top commit has no ACKs.
Tree-SHA512: 43b7166f2cfb1ed02fa46d78333c045cab8b8a94765dba44a3190c8e67ec353bf9e0a0c9fec8386ab489b1ea1448188ee3078c5a37de9140f99199b3a5a066f6
bbc2150c3b Tell libsodium not to download code from savannah.gnu.org in autogen.sh (Kristaps Kaupe)
Pull request description:
Fixes#1655.
Top commit has no ACKs.
Tree-SHA512: 14d9be5990cca6f88d5369bab50e8bfa5838d28c2ce7a9f6ea2f1e1274dacc4814fb4a7b6cacd528973621cd8cbca4f05de2a31de8ea231ffb97e60c04c28ac4
07bad142ba Bump cryptography from 41.0.6 to 42.0.4 (dependabot[bot])
Pull request description:
Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.6 to 42.0.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's changelog</a>.</em></p>
<blockquote>
<p>42.0.4 - 2024-02-20</p>
<pre><code>
* Fixed a null-pointer-dereference and segfault that could occur when creating
a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields ``SMIMECapabilities``
and ``SignatureAlgorithmIdentifier`` should now be correctly encoded according to the
definitions in :rfc:`2633` :rfc:`3370`.
<p>.. _v42-0-3:</p>
<p>42.0.3 - 2024-02-15
</code></pre></p>
<ul>
<li>Fixed an initialization issue that caused key loading failures for some
users.</li>
</ul>
<p>.. _v42-0-2:</p>
<p>42.0.2 - 2024-01-30</p>
<pre><code>
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol objects in
``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange`,
``X25519PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange`,
``X448PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
and ``DHPrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.
<p>.. _v42-0-1:</p>
<p>42.0.1 - 2024-01-24
</code></pre></p>
<ul>
<li>Fixed an issue with incorrect keyword-argument naming with <code>EllipticCurvePrivateKey</code>
:meth:<code>~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign</code>.</li>
<li>Resolved compatibility issue with loading certain RSA public keys in
:func:<code>~cryptography.hazmat.primitives.serialization.load_pem_public_key</code>.</li>
</ul>
<p>.. _v42-0-0:</p>
<p>42.0.0 - 2024-01-22</p>
<pre><code>
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="fe18470f7d"><code>fe18470</code></a> Bump for 42.0.4 release (<a href="https://redirect.github.com/pyca/cryptography/issues/10445">#10445</a>)</li>
<li><a href="aaa2dd06ed"><code>aaa2dd0</code></a> Fix ASN.1 issues in PKCS#7 and S/MIME signing (<a href="https://redirect.github.com/pyca/cryptography/issues/10373">#10373</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10442">#10442</a>)</li>
<li><a href="7a4d012991"><code>7a4d012</code></a> Fixes <a href="https://redirect.github.com/pyca/cryptography/issues/10422">#10422</a> -- don't crash when a PKCS#12 key and cert don't match (<a href="https://redirect.github.com/pyca/cryptography/issues/10423">#10423</a>) ...</li>
<li><a href="df314bb182"><code>df314bb</code></a> backport actions m1 switch to 42.0.x (<a href="https://redirect.github.com/pyca/cryptography/issues/10415">#10415</a>)</li>
<li><a href="c49a7a5271"><code>c49a7a5</code></a> changelog and version bump for 42.0.3 (<a href="https://redirect.github.com/pyca/cryptography/issues/10396">#10396</a>)</li>
<li><a href="396bcf64c5"><code>396bcf6</code></a> fix provider loading take two (<a href="https://redirect.github.com/pyca/cryptography/issues/10390">#10390</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10395">#10395</a>)</li>
<li><a href="0e0e46f5f7"><code>0e0e46f</code></a> backport: initialize openssl's legacy provider in rust (<a href="https://redirect.github.com/pyca/cryptography/issues/10323">#10323</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10333">#10333</a>)</li>
<li><a href="2202123b50"><code>2202123</code></a> changelog and version bump 42.0.2 (<a href="https://redirect.github.com/pyca/cryptography/issues/10268">#10268</a>)</li>
<li><a href="f7032bdd40"><code>f7032bd</code></a> bump openssl in CI (<a href="https://redirect.github.com/pyca/cryptography/issues/10298">#10298</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10299">#10299</a>)</li>
<li><a href="002e886f16"><code>002e886</code></a> Fixes <a href="https://redirect.github.com/pyca/cryptography/issues/10294">#10294</a> -- correct accidental change to exchange kwarg (<a href="https://redirect.github.com/pyca/cryptography/issues/10295">#10295</a>) (<a href="https://redirect.github.com/pyca/cryptography/issues/10296">#10296</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/pyca/cryptography/compare/41.0.6...42.0.4">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/JoinMarket-Org/joinmarket-clientserver/network/alerts).
</details>
Top commit has no ACKs.
Tree-SHA512: 2f5321f32270c80ea423555f504a26c608cfe25aca0693470d696bff0a178b51702a6c6646cfd5dc397fb8d41fb5f84170dfad9add81687ab2d6ded299fd090e
Kristaps Kaupe
Matt Whitlock
Simon Castano
st3b1t
spacebear
Marnix