* Allow TLS for Wallet APIs
This PR adds an optional support of TLS for wallet APIs. Only PKCS12 format is supported, will address .pem support in next PR and provide some documentation.
Address #1425
* Add api_secret
* Add to base64 method
* Add basic auth in API
* Add Basic Auth to owner API
* Add flag to enable disable basic auth
* Add .api_secret file
We used to launch a thread for API server inside the wallet crate, now we do it inside api crate, so the cmd tool launches API and exit. This fix makes sure that command will wait for API thread.
* Middleware and handler (mw implements the same trait) could be attached to multiple nodes inside the router
* Middleware could be attached to the router (syntactic sugar, it is attached to the root node) as well as to any node
* Handler's call method receives an iterator of handlers and responsible for calling the next handler if needed
* Support TLS in ApiServer
This is ground work to support TLS in Grin APIs (like wallet ot node). Particular API implemention needs to decide if TLS is used or not and pass certificate data etc.
* P12 format support
* New method to start TLS server
* Transparent TLS support in API client (depends on URL scheme http/https)
* Refactoring
* Initial support for graceful shutdown (commentred out int this PR, unstable for now)
* API server tests (TLS server test is disabled by default, hyper client rejects self-signed certificates, so extra step is needed to install local CA (I used mkcert)
* Add a cert file to make test complile
* Make it simpler to implement middleware
* Switch from the current thread runtime to the default one. It enables us to inject TLS support later one and potentially more scalable, unfortunately it involves some additonal cloning of the router, because we can't rely on thread local vars anymore
* Introduce `call` entrypoint for Handler, so it's possible to handle any HTTP method in one place, handy for middleware
* Implement example of middleware
Address ##1525 in particular and improve error messages in general.
Instead of `Request Error: Error { inner:` a client would get:
`Generic error: Invalid request body: missing field `method` at line 1 column 162`
* Add file based transaction in owner API
* Add finalize tx in owner API
* Code cleanup and placed file_receive in correct API
* Output an explicit error when http dest seems incorrect
* Add doc on send method
* Add cancel tx endpoint in owner API
* Add dump stored tx endpoint in owner API
* Add missing parameters
* config file can now be generated by executable
* rustfmt
* remove now-unnecessary config defaults test
* set up paths and config file creation in user's home directory
* rustfmt
* remove default grin.toml
* add grin configuration command to spit out config file
* Split configuration into wallet and server
* rustfmt
* Restore logging to wallet configurations
* rustfmt
* simplify tx validation and aggregation
we *only* need to account for reward when building a block from txs
* rustfmt
* cleanup and tests passing
* rustfmt
* better comments in with_reward()
* fix wallet tests
Instead of generating a private file on send that needs to be
provided again in finalize, the private context information is
saved in the wallet db.
Also move internal Context to bona fide libwallet type
* Sort pool tx by fee over weight for mining. Fixes#1105
* Bucketing dependent transactions before weighing. Minor tx weight fixes.
* Limit length of tx chain, cleanup and test fixes
* Cleanup all mining references to a hardcoded tx count
* Small test improvement, cleanup
* commit - wip
* rustfmt
* save output commitment when saving output in wallet
* rustfmt
* fixup wallet tests with commitments in the wallet db
* rustfmt
* Include commitments non-duplicate checks in aggregate
* Remove said check from the pool
* Block building now uses tx aggregation to reduce duplication
* First implementation of file-based transaction send, receive and finalize in libwallet
* Switch from TOML to JSON (needless complication). Plug in send, receive and finalize wallet commands.
* Pretty JSON for response is too large (all whitespace)
* Fix get outputs call in wallet. It generates an invalid url if there are 1000+ outputs.
* Also switched to async http client for performance reasons
* Couple unrelated cleanups
* fixup! Fix get outputs call in wallet
* Remove Iron dependecy and update hyper to version 0.12 #876
* REMOVE ME
* Revert "REMOVE ME"
This reverts commit e9a976eee98a2d5a4dfae5d9e1e4f5ed640c05d3.
* Rebase and start updating libwallet
Libwallet doesn't compile yet.
* Wallet compiles
* Grin compiles
* No compilation errors in tests
* All tests pass
* Reeturn future from handler
* Refactoring
* Fix lifetime issue one more time
I have to force push to rollback all the work done in last 2 days
* Fix wallet send issue
* Clean up
* improve: time crate flagged as deprecated, switch to actively maintained chrono crate
* improve: complete the switching from deprecated time crate to chrono crate, for all the tests part
* improve: complete switching to chrono crate, for the left tests in 'chain' and 'wallet'
* Make grin.toml config optional. Mirror exisiting config parameters in grin.toml to source code, so binary can run without a config file. Add test for it.
* fixup! Make grin.toml config optional
* beginnings of transaction log for db
* add migrate utility for file-wallet to db wallet
* rustfmt + missing file
* update transaction log entry status on confirmed txs, add basic tests for transaction log
* beginnings to testclient implementation for more complete wallet API testing
* rework TestWalletClient to be message-based proxy
* test fix
* wallet tests now exercising the API directly as much as possible, capable of instantiating multiple wallets
* test in place to run both file and db wallets
* ensure all wallet api functions lock wallet as needed. Split up transaction creation from posting to chain
* Added sizeshift to proof of work and encoding as VLQ
* Fix some loose ends to get things to compile
* Rename sizehift to min_sizeshift
* Pipeline checks for PoW Cuckoo Cycle size shift and adjustment
factor before difficulty comparison.
* Working delta+VLQ encoding of u64 PoW, unfortunately still a
little larger than u32, at least for Cuckoo30.
* Changed binary encoding of proof of work to a sequence of exact
compact bit representation of each nonce. Somewhat simpler,
shorter and matches the data to be hashed.
* Few fixes based on @tromp feedback:
* Max nonce is 2^(N-1)
* Need a separate constant for reference sizeshift
* Cuckoo implementation now conserves sizeshift. Test providing a
block at higher sizeshift.
* Last small overflow protection
* we do not need Merkle proofs to spend coinbase outputs
we only need the output_mmr_size from the block header
* tests working with no Merkle proofs in inputs
* Migrate main node store to LMDB
In preparation to using LMDB as a wallet database, migrate the
node db. There's no point in having 2 key-value stores.
In addition LMDB provides a few advantages as a node db, namely a
much faster build (compared to RocksDb), lesser dependencies and
transactions.
* Migrated p2p store to lmdb, stuff compiles
* More fixes, chain tests starting to pass
* Fixed txhashset rollback messing with block save and general batch delimitation. Chain tests passing.
* rustfmt
* LMDB max map size of 10MB isn't really workable. Half TB seems reasonable.
* Fix wallet tests
* Rather crucial commit was missing
* rustfmt
* Fixing new merged tests following lmdb changes
* rustfmt
* * Make txhashset validation read-only on fast sync to avoid having
a really long open transaction.
* Fix deadlock in new block processing, batch should always be
created within a txhashset lock (when they interact).
* Comment about batch and txhashset interlacing
* Fix store tests to use batch
* Externalize wallet config and seed
* Converted direct read access to file outputs map to an iterator
* Cleaned up and simplified wallet Backend trait:
* No more direct mutable access to internal structures (HashMap)
* Batch interface for all writes
* Remove unneeded read wrapper (read_wallet)
* rustfmt
* First (incomplete) pass at wallet LMDB backend
* Progressing on lmdb backent iml
* Added batch impl for LMDB wallet backend. Pretty much done with it, but not sure how to deal with commit (owned).
* rustfmt
* Wrapping LMDB batch around a refcell to work around borrow rules
* Compilation up to grin chain
* Add kernel commitments sum and kernel and output MMR sizes to block header
* Sum a block without including previous sums, cleanup. Blocks are now summed and validated based on their own totals and not the totals since genesis. This allows to get rid of BlockSum and simplified the setting of a new block's roots, kernel sum and MMR sizes. Fixes#116
* Additional kernel MMR validation to check all prior header roots successively
* Wallet tests fix
* First pass at restructuring the keychain crate and introducing a Keychain trait
* Parameterized everything that had to. Stuff compiles.
* More stuff compiles, fix most tests
* Big merge, pushing down opening the keychain forced adding factory methods on trait
* Test fixes for pool and servers crate
* move http calls out from libwallet internal
* rustfmt
* start to think about wallet communication traits
* rustfmt
* start of factoring out wallet client trait
* rustfmt
* move node_url trait fn into walletclient
* rustfmt
* comms factored out (with exception of wallet restore)
* rustfmt
* fix test
* rustfmt
* further test fix
Small refactoring of one folder, if it makes sense I could extend the scope.
* Remove some cloning (real and just verbosity in the code)
* Naming conventions like to/into*
* Some Clippy's suggestions
I found that we don't use field init shorthand syntax, so I didn't touch this part, was it discussed before?
* move checker and rename to updater
* rustfmt
* complete checker/updater move
* rustfmt
* move libwallet error into separate file
* rustfmt
* starting to sort our error types
* updating errors in libtx and libwallet
* rustfmt
* factor out error type
* rustfmt
* compiling, errors split into libwallet and wallet errors
* rustfmt
* changing user error reporting to new format
* rustfmt
* clean up error types
* clean up error types
* move restore into libwallet
* rustfmt
* verify a tx like we verify a block (experimental)
* first minimal_pool test up and running but not testing what we need to
* rework tx_pool validation to use txhashset extension
* minimal tx pool wired up but rough
* works locally (rough statew though)
delete "legacy" pool and graph code
* rework the new pool into TransactionPool and Pool impls
* rework pool to store pool entries
with associated timer and source etc.
* all_transactions
* extra_txs so we can validate stempool against existing txpool
* rework reconcile_block
* txhashset apply_raw_tx can now rewind to a checkpoint (prev raw tx)
* wip - txhashset tx tests
* more flexible rewind on MMRs
* add tests to cover apply_raw_txs on txhashset extension
* add_to_stempool and add_to_txpool
* deaggregate multi kernel tx when adding to txpoool
* handle freshness in stempool
handle propagation of stempool txs via dandelion monitor
* patience timer and fluff if we cannot propagate
to next relay
* aggregate and fluff stempool is we have no relay
* refactor coinbase maturity
* rewrote basic tx pool tests to use a real txhashset via chain adapter
* rework dandelion monitor to reflect recent discussion
works locally but needs a cleanup
* refactor dandelion_monitor - split out phases
* more pool test coverage
* remove old test code from pool (still wip)
* block_building and block_reconciliation tests
* tracked down chain test failure...
* fix test_coinbase_maturity
* dandelion_monitor now runs...
* refactor dandelion config, shared across p2p and pool components
* fix pool tests with new config
* fix p2p tests
* rework tx pool to deal with duplicate commitments (testnet2 limitation)
* cleanup and address some PR feedback
* add big comment about pre_tx...
* remove context object from aggsig and transaction libs
* fix to aggsig, and remove unnecessary warnings
* put tx_fee function into libwallet::transaction
* Error cleanup, and creating libwallet error type
* remove some unwraps
* checker bug
* ensure transaction tests checks sender's wallet
* Beginning to rework aggsig library workflow
* more refactoring of transaction api
* whoever does round 1 first creates offset
* slate finalisation now context-free, so anyone can do it
* remove concept of transaction phase
* remove slate phase enum
* update actual send/receive code with new transaction lib workflow
* refactoring transaction building code
* serialise return transaction
* move shared functions into transactions, ensure wallet manipulation is only done outside of aggsig transaction lib
* remove unneeded wallet config from fn
* adding test functions to facilitate libwallet transaction testing
* rustfmt
* refactoring checker somewhat, adding ability to create and transactions against local copy of chain for simpler testing
* finish transaction testing functionality which verifies transactions work properly
* Remove wallet output manipulation from transaction building lib
* ensure sender expects full transaction back on last phase
* ensure sender expects full transaction back on last phase
* beginning to refactor keychain into wallet lib
* rustfmt
* more refactor of aggsig lib, simplify aggsig context manager, hold instance statically for now
* clean some warnings
* clean some warnings
* fix wallet send test a bit
* fix core tests, move wallet dependent tests into integration tests
* repair chain tests
* refactor/fix pool tests
* fix wallet tests, moved from keychain
* add wallet tests
* block sums and reworked block validation
read and write block_sums
refactor validate on both block and txhashset
write block_sum on fast sync
we store the kernel_sum (need to account for the offset)
* block_sums
* rustfmt
* cleanup
* mods to speed up restore a bit
* mods to speed up restore a bit
* performance improvements to wallet restore and split large server queries into multiple
It looks like lockfile implementation did still suffer from a race
condition. Only when creating the file with O_EXCL, file creation fails
if the file does already exist. One could use O_EXCL, but Windows
might use another flag to achieve the same. Moreover, O_EXCL doesn't
work as expected if the files are accessed over NFS.
In contrast, mkdir() is atomic in every of the mentioned cases.
Aside from using a lockdirectory, this patch also backups the current
wallet.dat contents to wallet.bck in case writing a possibly hefty
amount of JSON to the new wallet.dat fails. It is hoped that at least
one of the .bck and .dat files has usable contents in case failure.