When applying a fork, everything is done in memory to be able to
rewind if it's either invalid or doesn't have more work. But
checking for the UTXO index was done only against the store. Now
checking the memory as well to find UTXOs that haven't been
stored yet.
The method `is_unspent` hadn't been fixed with the other sumtree
functions to check the MMR before deciding whether something is
really unspent. This is now fixed and also checks the output
hash is the one we expect.
* added debug logging to see what we're doing in save_pos_index
* add counts to logging
* make sure inputs/outputs in tx are sorted
tweak debug logging
* DRY up sorting of inputs/outputs/kernels via a simple sort() in ser/deser
* add explicit validation fo sort order during tx and block validation
* sort order consensus rule for inputs/outputs/kernels in blocks
* we want a max of 10*num_peers blocks during sync...
not min
* fix test imports
* wip
* rework check_orphans to be smart about _which_ orphan(s) to check
* cleanup
* limit max of 100 blocks at a time, and corresponding 100 max orphan blocks
* distinguish select (among futures) from select coins. Regex search in project for select\b shows we hardly use select, but maybe could use it to add timeouts more cleanly. ("Want to add a timeout to any future? Just do a select of that future and a timeout future!" from https://aturon.github.io/blog/2016/08/11/futures/)
* remove a trailing space
* FAQ.md - fix typo
* wallet: display problematic tx
* update FAQ build troubleshooting to cover #443
* stdout_log_level = Info
file_log_level = Debug
* sync: show total diff @ height when syncronization is completed
* better wallet send dest format error
* move INFO "Client conn ... lost" and "Connected to peer" down to Debug
* move some level=Info to Debug, add 1000-block outputs
* timeout connection already tracks "expected" responses
use this to deduplicate requests and do not ask a peer for the same thing again
(until either success or timeout)
* do not ask for orphan blocks repeatedly
allow more than preferred number of peers (clean if we exceed max number)
Without a backup, the in-memory data structure stays truncated
even if the rewind is abandoned. Also add some logging on our
most problematic block in case it still is problematic.
* Very quick peer banning endpoint, helps with #406
* Ping heights (#407)
* add height to ping/ping
* reformat output
* fix p2p test
* Fix orphan handling, not related to current head. Fixes#412
* Check before borrow, fixes#267
* Not finding an output commit in pos is an AlreadySpent
* Fix race condition, sending before conn is ready
* Explicit error for unknown pos of a forked block
* Remove config outdated tests. Fix#333
* Check ref and try before borrow, fix#400
* We do not want to sync with old peers anyway
* Hide cargo compiler warning for unused NoopAdapter and unused test code. Add TODOs
When rewinding, it's possible to have a commitment (or kernel)
identical to the one we're adding both in the index and in the
data file (because it's not truncated by rewind, by design). To
detect this, we just need to make sure we don't look for anything
past the size of the rewound MMR.
Added support for peer banning on the p2p server. The peer status
is changed and the peer is disconnected. A banned peer won't be
able to reconnect as well.
Tracking of chain errors due to a block that's intrinsically bad
and banning of the peer that sent it. If we're syncing, resetting
the header chain to the same as the main chain to force
backtracking.
* port simple_sync across from testnet1, sync head & improved fork handling
* introduce new sync_head for tracking header chain during sync
* add debug logging in body_sync for state of various heads
* update header_head during sync if header is now the one with most work, pass in sync and head contexts to pipe
* port across sync_head changes from master, put the 1s sleep back in...
* let sync run even if the full 512 headers are all known, give sync a chance to sync against a fork that forked a long time ago
* handle height jumping during a reorg
block validaton should not check for height+1 based on head
no assumptions should be made about height indices
* quick(er) check for previous block in process_block (we cannot check height against ctx head)
* make body_sync a _lot_ faster by finding the forked block more efficiently...
* fix monitoring peers log msg
* fix chain tests
* fix grin tests - we were using the wrong genesis hash (wrong chain type)
* apparently needs setting in both places...
* body -> header -> sync (#414)
* port over body -> header -> sync changes from testnet1
* port across "simple_sync" changes from testnet1 branch
Cleanup direct refs to peer map or peer store
P2P server acts as a facade, handling the list of connected peers
and the storage of their information. Everything else goes through
the p2p server instead of having a peer map reference or going
straight to the store.
Fix p2p tests
* fix "monitoring peers" log msg (use connected_peers)
Duplicate commitment and ducplicate kernel errors, as well as
`is_unspent` did not check the total PMMR size, leading to
wrong detection of duplicates or unspent.
* beginning to add wallet restore... api endpoints and basic restore
* basic restore working, still missing features
* rustfmt
* large speed up to output search, should be more or less working
* properly mark coinbase status
* ensure only unspent utxos are returned from sumtree
Fixes#281 by doing:
- "Starting validation pipeline for " -> "Processing "
- stdout logging default = Warning
- ERR -> INFO for "Transaction rejected: Already in pool" -- only for netadapter transaction_received, which (hopefully!) only gets tx from peers, and lots of those will be duplicates, that's good and not an error.
* Downgrade ERR even down to DEBUG.
Also let Transaction rejected show tx hash,
so users can check if such a rejection is for the
payment they expected, or just any random peer
sending in some old and already known tx.
Renamed mining parameter mode to chain type, with existing types
of CI testing, user testing, testnet1 or mainnet. The public
chains (testnet1 and mainnet) come with their fully pre-defined
genesis block.
Still need to set the nonce and cycle for testnet1 genesis.
* bad case of trying to rewind to block header height 0
* rewind_to_genesis appears to work
* do not assume genesis block at height 0 is empty, pass full block in to rewind, check for last output and kernel, use index 0 if block is empty
* allow selecting a commit while providing a key index
* added static reference to libsecp that can be called throughout
* don't serialise rangeproof to json if it's not desired
Moved the HTTP APIs away from the REST endpoint abstraction and
to simpler Hyper handlers. Re-established all routes as v1.
Changed wallet receiver port to 13415 to avoid a gap in port
numbers.
Finally, rustfmt seems to have ignored specific files arguments,
running on everything.
* adding more useful handlers
* added method to return last n leaf nodes inserted into the sum tree
* endpoints in place for getting last n sumtree nodes
* Fix for the chain pipeline partly relying on an outdated head,
leading to not properly recognizing a fork and inconsistent sum
tree state.
* Do not drop block requests during sync that don't get satisfied,
retry enough time to get them and avoid stall.
* Always validate header, even in sync where we may have validated
it already. We don't want a block coming from a peer that could
squeeze through with an invalid header.
* When syncing, do not mark blocks that were errored by the chain
as received (typical case: orphan). Keep retrying.
* Improved chain state dump for debugging.
* Do not add to orphans blocks too far in the future.
* Better error reporting on db errors.
* Related sync test fixes.
TODO figure out why syncing peers timeout so often, very useful
to test but not that great for a fast sync experience.
Addresses a corner case of sync. If we're still in sync mode but
just caught up to the head, a block could be added through normal
gossip. So we can't short-circuit some of the header handling
even though during sync the header should have already been
validated and saved, because we can still get a block from gossip.
* Adding switch commit to grin outputs
* logging output fix
* adding switch commitment hash to sum tree node
* added hash_with to Hashed trait, to allow for hashing to include another writeable element
* adding hash_with as method in hashed trait
* fail deserialization if input or outputs are not sorted for txs, fail deserialization if inputs or outputs or kernels are not sorted for blocks, make sure we sort them before serialization
* extract consensus rule into verify_sort_order on VerifySortOrder trait
* rework the sort and write into WriteableSorted trait
* fix wallet sending bug (fees related) so we can test
* refactored read_and_verify_ordered out into ser, used in transaction and block
* rename pubkey -> key_id, these are key identifiers, not public keys
* reduce identifier seize to 10 bytes, get rid of fingerprints (identifiers are now small enough to use as-is)
* IDENTIFIER_SIZE const
* add FeeDispute error for when sender and recipient disagre on fee calculation (should never happen)
* does not need to be mut
* cleaned up some warnings
* added global slog instance, changed all logging macro formats to include logger instance
* adding configuration to logging, allowing for multiple log outputs
* updates to test, changes to build docs
* rustfmt
* moving logging functions into util crate
* add lock_height to Transaction and TxKernel, sign msg including both fee and lock_height in kernel
* make the order of the fields in tx and kernel more consistent
* rename to kernel_sig_msg
* add test to cover adding timelocked tx to pool, where tx is invalid based on current height of the blockchain
* add tests for adding timelocked txs to blocks (valid and otherwise)
* store wallet output data in hashmap
* cleanup up commented out code
* pass pubkey/identifier and not derivation around to miner etc.
* fix failing tests
Update coinbase building and block summation to account for half of
the fees going to the coinbase. Forcing fees to be even as a
consequence. Now that we can't build the coinbase independently
from the block (because fees), had to update the miner to keep the
key derivation so a new derivation isn't made any time a new block
gets worked on.
Minor doc and warning cleanups.
* introduce grin_keychain, encapsulate derivation of secret_keys
* core compiles against keychain, tests don't run yet
* core tests are now passing against keychain
* wip - getting wallet working with keychain
* add util and keychain to travis test matrix
* basic test around key derivation
* Integrate PMMR and its persistent backend with the Chain
* Chain can set tree roots; PMMR backend discard
* Check spent and prune for each input in new block
* Handling of forks by rewinding the state
* More PMMR tests and fixes, mostly around rewind
* Rewrite get_unspent to use the sumtrees, fix remaining compilation issues
* workaround the "commitment is not a public key" problem by using to_two_keys() from rust-secp256k1-zkp
* remove secp256k1zkp, update the various Cargo.toml to use rust-secp256k1-zkp from external git repo, update code to not rely on to_pubkey (and use verify_from_commit)
* secp256k1zkp from git
* cleanup secp256k1 dependencies
* gitignore node1 and node2 dirs
* use head_header in add_to_memory_pool
* add COINBASE_MATURITY const to consensus
* add coinbase maturity (wip) validaton rule to validate_block
* add coinbase maturity check to validate_block
* map errors in adapters - specific errors still wip
* reworked so adapter translates chain errors to pool errors (core errors not required)
* add test for spending immature coinbase in memory pool
* wip - add test to cover spending coinbase output in chain.process_block
* added test coverage around process_block - we have a problem with coinbase output commitments
* add a comment on the failing test
* process_block will now fail validation if we attempt to spend coinbase that has not yet matured
(remember to use a new reward_key for every block). test coverage in place to verify this
* initial pass at indexing block header hashes by commitments
* check block height matches currently indexed block height
when getting block header for an output commit
* add some test coverage
* document get_block_header_by_output_commit
* Adding output stats from plugin, when available
* adding grin config
* moving pow crate from core/pow to it's own crate
* moving POW/mining stuff into pow module, and removing mining dependency from chain
* refactored most of mining into pow module...miner.rs still in server
* update grin tests
* updating genesis block mining to use configured miner, if available
* chain tests back into chain, done with pow refactor
* use tag of cuckoo-miner for pr
* playing around with changing cuckoo sizes on the fly
* modifying tests to use global cuckoo parameters, and checking results
* check for pow size
* Changing global function names, and removing length from POW serialization
* changes to use blake2 for cuckoo seed generation
* updating tests to blake 2
* minor cleanup - unused imports
* cleanup build warnings - unused vars
* make structs pub to get rid of the private_in_public lint warning
* missing docs on RangeProof
* add missing docs to store delete function
* cleaned up deprecation warning -
tokio_core -> tokio_io
complete() -> send()
* playing around with changing cuckoo sizes on the fly
* modifying tests to use global cuckoo parameters, and checking results
* check for pow size
* Changing global function names, and removing length from POW serialization
* Adding ability to serialise parts of the header, pre-nonce and post-nonce
* Some test integration of queueing functions in cuckoo-miner
* more cuckoo-miner async mode integration, now more or less working
* integrating async miner workflow
* rocksdb update
* u64 internal difficulty representation, and integration of latest Cuckoo-miner API
* change to cuckoo-miner notify function
* Issue in testing, and if use_async value is None in grin.toml
* making async mode explicit in tests - 2
* fiddle with port numbers for CI
* update tag to ensure cuckoo-miner build doesn't fail on windows
* change the order in which tests are run
When a new block is rejected by the validation pipeline as orphan,
the chain now keeps it in a ring buffer of capped size. Anytime
a new block is accepted, all orphans in the ring buffer are
retried. This is helpful to handle all the cases where we receive
blocks out of order for networking/timing reasons.
* Adding cuckoo-miner into grin as a proper dependency now
* Defaulting to using cuckoo-miner
* Updates to tests to use cuckoo_miner by default, (using cuckoo16)
Introduce a new Chain struct that maintains the current head,
acts as facade to the store and the block processing pipeline
and handles all appropriate locking.
All higher level components, like the overall server, REST APIs
and miner have been update to only depend on Chain. Cleaned up
some duplication and tests now that there's a single entry point
to all blockchain operations.
Integrate the new difficulty calculation into the block chain
validation, the miner and tests. As the difficulty calculation
doesn't use varying Cuckoo sizes anymore and we narrowed down
reasonable final Cuckoo Cycle parameters, removed all Cuckoo
Cycle sizes from block headers.
Formalized easier Cuckoo Cycle sizes for testing (and possibly
testnet) by introducing a test mode in configuration. Updated
all tests.
Fixes a few loose ends in the full cycle of sending coins,
accepting them, pushing that transaction to the pool and having it
mined. More specifically:
* The API output endpoint needs to be a UTXO endpoint, as the
server can't make any guarantee about having a spent output.
* Bubbling up HTTP not found errors.
* Wallet output status checker now handles spent outputs.
* Transaction pool validates the transaction before accepting it.
* Fixed the operation API routes.
* Fixed too greedy wallet coin selection loop.
Most of the logic to build a transaction that sends coin to
another party. Still requires more debugging and clean up.
Main changes and additions are:
* Update to serde 1.0
* API endpoint to retrieve an Output
* Output is now Serialize and Deserialize
* Wallet configuration
* Command line for the send operation
* Wallet data checker to update created outputs into confirmed
* Wallet-specific configuration
* Sample Signatures for put_enc and get_dec
* Implement put_enc and get_dec
* Implement ChainCodec in grin_chain
* Truncate src only on complete Blocks
* Truncate src only on complete Tip + Check Len
* Move BlockHeader Encoding to BlockHeaderCodec
* Define put_enc for store::Batch
* Replace BlockCodec and BlockHeaderCodec with generic BlockCodec<T>
* Implement Default for BlockCodec Manually
* Replace get_ser/put_ser with get_enc/get_dec for chain::ChainKVStore
* Remove Writeable/Readable for chain::Tip
* Add Tokio-io and Bytes to grin_p2p
* Additional Setup for Message enum + Msg{Encode,Decode} traits
* base msg ping pong encoding and test
* fill out msg-codec tests
* Implement Hand Encoding/Decoding
* msg-encode shake
* msg-encode getpeeraddr
* codec peer-addrs message, SockAddr struct wierdness
* header message codec
* msg encoding finished prelim
* Implement PeerCodec Encoding/Decoding
* Set PeerStore to use PeerCodec for Encoding/Decoding
* Add a DecIterator
* Prune PeerStore
* Replace Decoding and Encoding in handle_payload
* Prune Writeable/Readable methods in store::Store
* Remove Incomplete Frame Testing ( Not Nessesary right now )
* separate block and tx codec tests
* Refactor {Tx,Block}Codec Tests
Adds checks to ignore a block that's already known (can happen
if the block was saved but the chain update failed). Also saves
saves the chain slightly differently during bootstrap as the
header chain should only be updated when a header is received
(and not when we got a full block). Finally, do not broadcast
during bootstrap.
Save outputs in every new block under their own hash. Done in the
same batch as the block. Allows for direct output lookups by hash
required by the p2p layer. Also store an index of output
commitment to output hash for wallet and input lookups.
* core: cleanup slicing impls for Hash
* core: clean up Readable trait, implement Readable/Writeable for various integers
* core: change Hash debug output to hex
* core: correct warnings in all modules
* Replace AsFixedBytes with Sized + AsRef<[u8]>
* Add AsRef<u8> to impl_array_newtype!
* Include AsFixedBytes as marker trait
* Related fixes
* Remove Deref
Block, Output and Kernel now have bitmasks to hold supported
features and eventually versioning. Will make adding features and
updates easier and open the possibility of soft forks.
First added feature for Output and Kernel is the marking of coinbase
related ones. Allows the validation of the coinbase part of a block.
* use MESSAGE_SIZE constant instead of 32
* use Hashed trait in genesis
* safer serialization of Hash
* Hashed of [u8] should send only data to hash function, not length + data
* Safer serialization of Proof
* Safer serialization of Commitment
* Safer serialization of RangeProof
* introduce read_limited_vec instead of potential panic in conversion