Essentially enforces sequence numbers as a relative lock-time as an IsStandard() rule to make it easy to test applications using it; blocks containing transactions with invalid sequence numbers given the age of their inputs per BIP 68 are still accepted.

This pull-req is not a soft-fork nor does it contain any code to start that process.

This pull request builds on top of #6177.

Background: BIP 68, Consensus-enforced transaction replacement signalled via sequence numbers

Introduction

The getutxo command allows querying of the UTXO set given a set of of outpoints. It has a simple implementation and the results are not authenticated in any way. Despite this, there are times when it is a useful capability to have. I believe @jgarzik also has a use case for this, though I don't know what it is.

As a motivating example I present Lighthouse, an app I'm writing that implements assurance contracts:

http://blog.vinumeris.com/2014/05/17/lighthouse/

Lighthouse works by collecting pledges, which contain an invalid transaction signed with SIGHASH_ANYONECANPAY. Once sufficient pledges are collected to make the combination valid, we say the contract is complete and it can be broadcast onto the network, spending the pledged outputs. Before that occurs however, a pledge can be revoked and the pledged money redeemed by double spending the pledged output. For instance you might want to do this if it becomes clear not enough people care about the assurance contract for it to reach its goal in a timely manner, or if you simply need the money back due to some kind of cashflow crunch.

It is convenient to be able to see when a pledge has been revoked, so the user interface can be updated, and so when the final contract is created revoked pledges can be left out. For this purpose "getutxos" is used.

Protocol

The getutxos message takes a boolean which controls whether outputs in the memory pool are considered, and a vector of COutPoint structures. It returns a bitmap with the same number of bits as outputs specified rounded up to the nearest 8 bits, and then a list of CTxOut structures, one for each set bit in the bitmap. The bitmap encodes whether the UTXO was found (i.e. is indeed unspent).

Authentication

The results of getutxos is not authenticated. This is because the obvious way to do this requires the work maaku has been doing on UTXO commitments to be merged, activated by default, miners to upgrade and a forking change made to enforce their accuracy. All this is a big project that may or may not ever come to fruition.

For the Lighthouse security model however, this doesn't matter much. The reason is that the pledge transactions you're getting (which may be malicious) don't come from the P2P network. They come in the form of files either from a simple rendezvous server, or e.g. a shared folder or email attachments. The people sending these files have no way to influence the choice of peers made by the app. Once the outputs are returned, they are used to check the signatures on the pledge, thus verifying that the pledge spends the UTXO returned by the P2P network.

So we can be attacked in the following ways:

• The pledge may be attempting to pledge non-existent outputs, but this will be detected if the majority of peers are honest.
• The peers may be malicious and return a wrong or bogus output, but this will be detected when the signature is checked, except for the value (!) but we want to fix this by including the value into the sighash at some point anyway because we need it to make the TREZOR efficient/faster.
• The peers may bogusly claim no such UTXO exists when it does, but this would result in the pledge being seen as invalid. When the project creator asks the pledgor why they revoked their money, and learns that in fact they never did, the bogus peers will be detected. No money is at risk as the pledges cannot be spent.
• If the pledgor AND all the peers collaborate (i.e. the pledgor controls your internet connection) then they can make you believe you have a valid pledge when you don't. This would result in the app getting "jammed" and attempting to close an uncloseable contract. No money is at risk and the user will eventually wonder why their contract is not confirming. Once they get to a working internet connection the subterfuge will be discovered.

There is a final issue: the answer to getutxos can of course change the instant the result is generated, thus leading you to construct an uncloseable transaction if the process of revocation races with the construction. The app can detect this by watching for either a reject message, or an inv requesting one of the inputs that is supposed to be in the UTXO set (i.e. the remote peer thinks it's an orphan). This can then cause the app to re-request the UTXO set and drop the raced pledge.

In practice I do not anticipate such attacks are likely to occur, as they're complicated to pull off and it's not obvious what the gain is.

There may be other apps that wish to use getutxos, with different security models. They may find this useful despite the lack of UTXO commitments, and the fact that the answer can change a moment later, if:

• They are connecting to a trusted peer, i.e. localhost.
• They trust their internet connection and peer selection, i.e. because they don't believe their datacenter or ISP will commit financial fraud against them, or they are tunnelling via endpoints they trust like a randomly chosen Tor exit.
• They are not using the response for anything important or worth attacking, like some kind of visualisation.

Upgrade

If enforced UTXO commitments are added to the block chain in future, it would make sense to rev the P2P protocol to add the proofs (merkle branches) to the response.

Testing

I attempted to write unit tests for this, but Core has no infrastructure for building test chains .... the miner_tests.cpp code does it but at the cost of not allowing any other unit test to do so, as it doesn't reset or clean up the global state afterwards! I tried to fix this and ended up down a giant rabbit hole.

So instead I've tested it with a local test app I wrote, which also exercises the client side part in bitcoinj.

BIP

If the code is ACKd then I will write a short BIP explaining the new message.

Philosophy

On IRC I have discussed this patch a little bit before. One objection that was raised is that we shouldn't add anything to the P2P protocol unless it's unattackable, because otherwise it's a sharp knife that people might use to cut themselves.

I personally disagree with this notion for the following reasons.

Firstly, many parts of the P2P protocol are not completely unattackable: malicious remote nodes can withhold broadcast transactions, invent fictional ones (you'd think they're orphans), miss out Bloom filter responses, send addr messages for IP's that were never announced, etc. We shouldn't hold new messages to a standard existing messages don't meet.

Secondly, even with UTXO commitments in the block chain, given the sick state of mining this only requires a collaboration of two people to undo, although that failure would be publicly detectable which is at least something. But anyway, there's a clean upgrade path if/when UTXO authentication becomes available.

Thirdly, we have a valid use case that's actually implemented. This isn't some academic pie in the sky project.

Finally, Bitcoin is already the sharpest knife imaginable. I don't think we should start rejecting useful features on the grounds that someone else might screw up with them.

If the above analysis ends up not holding for some reason, and people do get attacked due to the lack of authentication, then Lighthouse and other apps can always fall back to connecting to trusted nodes (perhaps over SSL). But I would like to optimistically assume success up front and see what happens, than pessimistically assume the worst and centralise things up front.

Reverts #25353

I've laid out my reasoning for removing this option on the mailing list (https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-October/021135.html).

If any reviewers are unconvinced by my rationale, I'd appreciate answers to the questions I laid out at the end of that email:

• Does fullrbf offer any benefits other than breaking zeroconf business practices? If so, what are they?

• Is it reasonable to enforce BIP 125's rbf rules on all transactions, if those rules themselves are not always incentive compatible?

• If someone were to propose a command line option that breaks v3 transaction relay in the future, is there a logical basis for opposing that which is consistent with moving towards fullrbf now?

This is a quick, safe fix for transaction fee handling. A riskier, more complicated fix still needs to happen, but will take more time to code/test/etc.

Two motivations for this pull:

First, to discourage people from bloating users' wallets and the UTXO set with tiny outputs.

This pull defines 'uneconomic dust' as 54.3 uBTC (5430 satoshis, about $0.007 at current prices), and treats any transaction with outputs less than 5430 satoshis as non-standard (won't be relayed, won't be mined). 5430 satoshis is derived from the cost (in fees) to spend a TxOut/TxIn. See https://people.xiph.org/~greg/txouts2.png for proportion of recent outputs this will (eventually) affect.

Second, we have no idea what will happen to Bitcoin prices or transaction volume / competition for space in blocks. So this patch lets users and miners specify the minimum transaction fees at startup, using the -mintxfee / -mintxrelayfee options (which I'm intentionally leaving undocumented for now). The dust/nonstandard test is based on the -mintxrelayfee.

Qt and RPC both now tell the user why CreateTransaction fails, if it fails; Qt error reporting is a little wonky (try to send one satoshi, and you get two modal dialog boxes, one after the other; I don't care enough to try to fix that).

Note: I spent several hours trying, and failing, to create unit tests for this patch; CWallet::fFileBacked is ignored by several of the wallet routines used by CWallet::CreateNewTransaction. In the end, I decided thatrefactoring CWallet to support unit testing would be much more extensive and riskier than these changes.

Client info

2015-01-15 18:15:21 Bitcoin version v0.10.99.0-4f73a8f-dirty (2015-01-09 20:21:19 -0800) 2015-01-15 18:15:21 Using OpenSSL version OpenSSL 1.0.1f 6 Jan 2014 2015-01-15 18:15:21 Using BerkeleyDB version Berkeley DB 5.3.28: (September 9, 2013) 2015-01-15 18:15:21 Default data directory /home/fredrik/.bitcoin 2015-01-15 18:15:21 Using data directory /home/fredrik/.bitcoin 2015-01-15 18:15:21 Using config file /home/fredrik/.bitcoin/bitcoin.conf 2015-01-15 18:15:21 Using at most 200 connections (1024 file descriptors available) 2015-01-15 18:15:21 Using 0 threads for script verification 2015-01-15 18:15:21 Binding RPC on address ::1 port 8332 (IPv4+IPv6 bind any: 0) 2015-01-15 18:15:21 Binding RPC on address 127.0.0.1 port 8332 (IPv4+IPv6 bind any: 0) 2015-01-15 18:15:21 Using wallet wallet.dat 2015-01-15 18:15:21 init message: Verifying wallet... 2015-01-15 18:15:21 CDBEnv::Open : LogDir=/home/fredrik/.bitcoin/database ErrorFile=/home/fredrik/.bitcoin/db.log 2015-01-15 18:15:21 Bound to [::]:8333 2015-01-15 18:15:21 Bound to 0.0.0.0:8333 2015-01-15 18:15:21 init message: Loading block index... 2015-01-15 18:15:21 Opening LevelDB in /home/fredrik/.bitcoin/blocks/index 2015-01-15 18:15:22 Opened LevelDB successfully 2015-01-15 18:15:22 Opening LevelDB in /home/fredrik/.bitcoin/chainstate 2015-01-15 18:15:28 Opened LevelDB successfully 2015-01-15 18:15:32 LoadBlockIndexDB: last block file = 218 2015-01-15 18:15:32 LoadBlockIndexDB: last block file info: CBlockFileInfo(blocks=274, size=115501816, heights=338812...339085, time=2015-01-13...2015-01-15) 2015-01-15 18:15:32 Checking all blk files are present... 2015-01-15 18:15:32 LoadBlockIndexDB(): transaction index disabled 2015-01-15 18:15:32 LoadBlockIndexDB(): hashBestChain=0000000000000000188de542fd76b1676c4be6c380b39ddea119358c290cebd7 height=339085 date=2015-01-15 18:07:14 progress=0.999987 2015-01-15 18:15:32 init message: Verifying blocks... 2015-01-15 18:15:32 Verifying last 288 blocks at level 3

log before crash

2015-01-13 22:15:27 UpdateTip: new best=0000000000000000159e7d66c954312bccb5f12de808f2991b3859205665c442 height=338819 log2_work=81.997891 tx=56658614 date=2015-01-13 22:14:41 progress=0.999999 cache=6969 2015-01-13 22:15:58 ResendWalletTransactions() 2015-01-13 22:17:06 receive version message: /Satoshi:0.9.2/opennodes.org:0.1/: version 70002, blocks=338819, us=84.215.171.162:8333, peer=2855 2015-01-13 22:17:25 receive version message: /libbitcoin:2.0/: version 60000, blocks=0, us=10.0.0.1:8333, peer=2856 2015-01-13 22:17:25 Added time data, samples 200, offset -5 (+0 minutes) 2015-01-13 22:18:06 socket recv error Connection reset by peer (104) 2015-01-13 22:18:13 receive version message: /bitcoinseeder:0.01/: version 60000, blocks=230000, us=84.215.171.162:8333, peer=2857 2015-01-13 22:18:31 receive version message: /getaddr.bitnodes.io:0.1/: version 70002, blocks=338818, us=84.215.171.162:8333, peer=2858 2015-01-13 22:19:16 receive version message: /Satoshi:0.9.3/: version 70002, blocks=338817, us=84.215.171.162:8333, peer=2859 2015-01-13 22:19:16 Added time data, samples 200, offset -2 (+0 minutes) 2015-01-13 22:19:32 receive version message: /Snoopy:0.1/: version 60001, blocks=0, us=84.215.171.162:8333, peer=2860 2015-01-13 22:19:47 receive version message: /bitcoinseeder:0.01/: version 60000, blocks=230000, us=84.215.171.162:8333, peer=2861 2015-01-13 22:22:36 receive version message: /getaddr.bitnodes.io:0.1/: version 70002, blocks=338819, us=84.215.171.162:8333, peer=2862 2015-01-13 22:22:44 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:22:45 receive version message: /BTCXchange.ro Mapper:0.01/: version 60000, blocks=230000, us=84.215.171.162:8333, peer=2863 2015-01-13 22:22:47 receive version message: /BitCoinJ:0.11.2/MultiBit:0.5.18/: version 70001, blocks=338819, us=127.0.0.1:8333, peer=2864 2015-01-13 22:22:47 Added time data, samples 200, offset +10 (+0 minutes) 2015-01-13 22:23:00 receive version message: /Satoshi:0.8.4/: version 70001, blocks=338819, us=84.215.171.162:8333, peer=2865 2015-01-13 22:23:00 Added time data, samples 200, offset -7 (+0 minutes) 2015-01-13 22:23:53 receive version message: /Satoshi:0.8.2.2/: version 70001, blocks=336635, us=84.215.171.162:8333, peer=2866 2015-01-13 22:23:53 Added time data, samples 200, offset +14 (+0 minutes) 2015-01-13 22:24:13 receive version message: /Satoshi:0.9.3/: version 70002, blocks=338735, us=84.215.171.162:8333, peer=2867 2015-01-13 22:24:13 Added time data, samples 200, offset -5 (+0 minutes) 2015-01-13 22:25:06 receive version message: /Snoopy:0.1/: version 60001, blocks=0, us=84.215.171.162:8333, peer=2868 2015-01-13 22:25:49 receive version message: /bitcoinseeder:0.01/: version 60000, blocks=230000, us=84.215.171.162:8333, peer=2869 2015-01-13 22:26:33 UpdateTip: new best=00000000000000001829e20898eaff72aa667d3715a94535afae5ae7ada07bc0 height=338820 log2_work=81.997947 tx=56659414 date=2015-01-13 22:25:41 progress=0.999999 cache=9596 2015-01-13 22:26:35 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:26:43 ERROR: AcceptToMemoryPool : nonstandard transaction: dust 2015-01-13 22:26:48 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:26:58 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:27:01 receive version message: /bitcoinseeder:0.01/: version 60000, blocks=230000, us=84.215.171.162:8333, peer=2870 2015-01-13 22:27:20 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:27:22 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:27:46 UpdateTip: new best=000000000000000008b332686e0043a4b95ca7e46d1b0785536981b543dfc755 height=338821 log2_work=81.998004 tx=56659415 date=2015-01-13 22:36:09 progress=1.000013 cache=9706 2015-01-13 22:28:29 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:28:34 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:28:48 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:28:52 receive version message: /getaddr.bitnodes.io:0.1/: version 70002, blocks=338819, us=84.215.171.162:8333, peer=2871 2015-01-13 22:29:22 ERROR: AcceptToMemoryPool : inputs already spent 2015-01-13 22:30:29 ERROR: ReadBlockFromDisk : Deserialize or I/O error - ReadCompactSize() : size too large 2015-01-15 18:02:07

This PR replaces our Boost Filesystem usage with std::filesystem and includes dropping Boost System as a dependency. It includes a squashed down version of the changes from #19245.

A macro has been added, modelling how we check for -latomic to facilitate linking with -lstdc++fs when required. This is ~GCC < 9.1 & ~Clang < 9.0, however not always. i.e you could be using Clang 7 on top of a GCC 9 installation (i.e Ubuntu Focal) and use <filesystem> without passing any additional arguments. I've tested this with GCC 8 on Bionic, Clang 7 on Focal & with Apple Clang 12.0.0 on macOS.

Guix build:

bash-5.1# find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
c1f9b326f9be4140f00cebeae5ff8de428a2fb8ecced539fcc36c53f53bfecf4  guix-build-07269321f38e/output/aarch64-linux-gnu/SHA256SUMS.part
b44aca3bcf5ea92a3a6c48c24d6f85576f425f59b73528d4d00c20e950cf2128  guix-build-07269321f38e/output/aarch64-linux-gnu/bitcoin-07269321f38e-aarch64-linux-gnu-debug.tar.gz
27a5553f7bd14797293fc40c5fb131c91e98a61d5481a283f13a1d0497eb5ed8  guix-build-07269321f38e/output/aarch64-linux-gnu/bitcoin-07269321f38e-aarch64-linux-gnu.tar.gz
99e55a88823f6095864a09c9eaa824e24d9ec527380eb394f751c7205b930f69  guix-build-07269321f38e/output/arm-linux-gnueabihf/SHA256SUMS.part
b720b2724fa47fde584f58ed3b587f1d1183523540777fd367ab7e582605cfea  guix-build-07269321f38e/output/arm-linux-gnueabihf/bitcoin-07269321f38e-arm-linux-gnueabihf-debug.tar.gz
c19c247f4e9e0d7f888ac8ba9de1c12d382f48fa828a685d4fe02818a18abd1f  guix-build-07269321f38e/output/arm-linux-gnueabihf/bitcoin-07269321f38e-arm-linux-gnueabihf.tar.gz
55b49ccb38de03bb95101354a16fd8d2190abede5ccc0d9b00b40c0cd526a2f6  guix-build-07269321f38e/output/arm64-apple-darwin/SHA256SUMS.part
baa44752470a6be9acae1c2f8fd1b9bc37afb00971787ea11fbaeddc9ab7c4aa  guix-build-07269321f38e/output/arm64-apple-darwin/bitcoin-07269321f38e-arm64-apple-darwin.tar.gz
ad7df4d8026d5bcce1321cdccc2e1820e8a8bb7e1064ed16e20a7ea354057fd2  guix-build-07269321f38e/output/arm64-apple-darwin/bitcoin-07269321f38e-osx-unsigned.dmg
f342066dc34a14d67c47779a2413a14633a996e8e7ddca89ae0184e23ef99efd  guix-build-07269321f38e/output/arm64-apple-darwin/bitcoin-07269321f38e-osx-unsigned.tar.gz
f6905346a5d48f57805fb062d0247ab5007c89047070a0b3125941dd1a2b8aa6  guix-build-07269321f38e/output/dist-archive/bitcoin-07269321f38e.tar.gz
a1f6c4b2b118dbd89770801f0bcffd2218b82df408cd227e34c40493469bb7a2  guix-build-07269321f38e/output/powerpc64-linux-gnu/SHA256SUMS.part
ba8359426e523bf013d93579c1bedc57380214c8170a9743b64ec1a8a3bbccbf  guix-build-07269321f38e/output/powerpc64-linux-gnu/bitcoin-07269321f38e-powerpc64-linux-gnu-debug.tar.gz
b0bb500c274a683ea28ecbc1e8f18c618a9f8acb00045f80ae43c515288402c0  guix-build-07269321f38e/output/powerpc64-linux-gnu/bitcoin-07269321f38e-powerpc64-linux-gnu.tar.gz
38c85e9589e092cd3aa08996aa383c0ccd5c73208943389741355a6eb7f72537  guix-build-07269321f38e/output/powerpc64le-linux-gnu/SHA256SUMS.part
50fcba7942ff48d91e84c093fda0affc17e46167fe1d5137c6e14c5c41f289d1  guix-build-07269321f38e/output/powerpc64le-linux-gnu/bitcoin-07269321f38e-powerpc64le-linux-gnu-debug.tar.gz
fa08ef1ceca072e014faa95ffee945954b2976fa28f90926b87ab0e5f15f8ca5  guix-build-07269321f38e/output/powerpc64le-linux-gnu/bitcoin-07269321f38e-powerpc64le-linux-gnu.tar.gz
e52dd80a9c306d6aeb544acaa1f4ed560b6b92b5184764a05026d45451aa2e94  guix-build-07269321f38e/output/riscv64-linux-gnu/SHA256SUMS.part
864e0a16c485b4159cec3ee0a83b046f1b1c3bc821670011c5ac5cd09ddfb91f  guix-build-07269321f38e/output/riscv64-linux-gnu/bitcoin-07269321f38e-riscv64-linux-gnu-debug.tar.gz
4a061172181322e7ad0cf06405bf74f4c8683eaba3a67ecfd46158cba7627f62  guix-build-07269321f38e/output/riscv64-linux-gnu/bitcoin-07269321f38e-riscv64-linux-gnu.tar.gz
876d82251853205420dffe7237523fc6ee3d09f78bf74cc03dc71f548446f335  guix-build-07269321f38e/output/x86_64-apple-darwin/SHA256SUMS.part
3f82b2e62c60eee68e7b8fc28e4792e069e3c2cd780ee2d67290ca422cdbc47c  guix-build-07269321f38e/output/x86_64-apple-darwin/bitcoin-07269321f38e-osx-unsigned.dmg
4ccdd4c410cac9d627e54ce83ee4816608681735da3cb93c60c5eb70ca86337a  guix-build-07269321f38e/output/x86_64-apple-darwin/bitcoin-07269321f38e-osx-unsigned.tar.gz
2179d36b2f60e28c15262d4e51f27465b5ae077f60e550345e125683ca611066  guix-build-07269321f38e/output/x86_64-apple-darwin/bitcoin-07269321f38e-osx64.tar.gz
b377e72fe84b6a982b8d414d60c85e6319523dff50dc852a0ba907f6d850ddd0  guix-build-07269321f38e/output/x86_64-linux-gnu/SHA256SUMS.part
8547e2f582ce05ae6a6224793b64efb2eb63f2816bf0bed5d53fcc4786274597  guix-build-07269321f38e/output/x86_64-linux-gnu/bitcoin-07269321f38e-x86_64-linux-gnu-debug.tar.gz
83b64805aa39f31a6fa4c2ed41e029c3be084e6dea06b90fac1ebca5c95bce29  guix-build-07269321f38e/output/x86_64-linux-gnu/bitcoin-07269321f38e-x86_64-linux-gnu.tar.gz

Rebased version of #3354.

Instead of dropping double-spend transactions, relay them to peers. This is crucial to allowing all parts of the network to detect double-spend attempts as quickly as possible, i.e. reducing the "confirmation" time for buying coffee to a time on par with credit card transactions. Only the first respend seen is relayed.

I successfully completed a primary test running 3 copies of bitcoin-qt in regtest mode with this patch applied, connected in a node1-newtorknode-node2 configuration.

I used the rawtransaction API for steps 2 and 3, but with -salvagewallet and a single funding transaction, tests would be possible that did not require rawtransactions.

Still TODO: Regression test plan

Primary Test Details Step 1

• Send transaction from node1 to a node2 address
• * Transaction is relayed through networknode, to node2
• * Transaction appears in node2 wallet

Step 2

• Restart node1 with -salvagewallet (so it forgets about 1st spend)
• Send new transaction using same input (first double-spend), using rawtransaction API
• * Transaction is relayed through networknode, to node2
• * node2 does not accept the double-spend into its mempool and it does not appear in node2 wallet

Step 3

• Restart node1 with -salvagewallet again
• Send transaction using same input (second double spend), using rawtransaction API
• * Transaction is not relayed through networknode

Step 4 One more test for good measure

• Restart node1 with -salvagewallet again
• Using regular UI (not rawtransaction API), send entire wallet balance to node2 (third double spend). This included additional inputs besides the spent one.
• * Transaction is not relayed through networknode

This PR is a part of BIP-325 (https://github.com/bitcoin/bips/blob/master/bip-0325.mediawiki), and is a sub-PR of #16411.

• Signet consensus (this)
• Signet RPC tools (pending)
• Signet utility scripts (contrib/signet) (pending)

This is just a very basic implementation for exposure/review, with lacking documentation, and no functionality to look up transactions by normalized txid.

I noticed the other day Bitcoin was maxing out my upload bandwidth on ADSL. Probably due to sending the block chain to fellow bitcoin users ( I had about 65 connections at the time )..

The ability to limit / throttle the network usage like most other p2p programs would be beneficial. Otherwise I have to ensure I close the Bitcoin application to keep it from killing my upload.

...reads from runtime params and simplify the creation of partitioned chains by simply generating different gensis block hashes from a given custom name.

It also allows to customize any chain param in these custom chains (but not the other chains).

Dependencies:

• [ ] Testschains: Many regtests with different genesis and default datadir #17037
• [ ] Tests: Chainparams: Make regtest almost fully customizable #17032
• [ ] Tests: Use self.chain instead of 'regtest' in all current tests #16681
• [x] Preparations for more testchains #16680
• [x] Use a proper factory for creating chainparams #8855 ~~- [ ] Really don't validate genesis block #9102~~
• [x] Introduce an ArgsManager class encapsulating cs_args, mapArgs and mapMultiArgs #9494
• [x] QA: segwit.py: s/find_unspent/find_spendable_utxo/ #11869
• [x] Refactor: One CBaseChainParams should be enough #12128

Other features:

• [x] Uses a custom chain for all python tests.
• [X] Create new testchains with different genesis hashes at will.
• [X] Load chainparams from ~~separated~~ file or command line. (file left for later, see https://github.com/jtimon/bitcoin/tree/b16-new-testnet-file )
• [X] New chains are neither orange, blue nor green: they're purple and have your custom chain petname shown in the GUI.
• Extra context: some people asked for signed blocks but that's way more disruptive and this is already review-thirsty (see #9177 ).

This change is related to removing the use of compat.h as a miscellaneous catch-all for unclear/platform specific includes. Somewhat prompted by IWYU-related discussion here: https://github.com/bitcoin/bitcoin/pull/26763/files#r1058861693.

The only reason compat.h is required in random.cpp for Windows (note the #ifdef WIN32), is for ssize_t and an "indirect" inclusion of windows.h. I say indirect, because windows.h isn't actually included in compat.h either, it's dragged in as a side-effect of other windows includes there, i.e winsock2.h.

Remove this coupling by replacing ssize_t with int, just including windows.h and removing compat.h.

Guix Build:

09dac25fbdab751b178d1c4cbbd630d9cd33025de4618b38f44254fedee14ce5  guix-build-4e7bed297a6d/output/aarch64-linux-gnu/SHA256SUMS.part
e54d38dc15d4159dbaac90edf3d4bd7983166dc262005a099e67be4064570527  guix-build-4e7bed297a6d/output/aarch64-linux-gnu/bitcoin-4e7bed297a6d-aarch64-linux-gnu-debug.tar.gz
bd33b0d2b4506a6d2d03e8e0d30d21119c8df25cb6a6979146d3913cbbf2cd63  guix-build-4e7bed297a6d/output/aarch64-linux-gnu/bitcoin-4e7bed297a6d-aarch64-linux-gnu.tar.gz
1fa2eb8ffb8f81237addf0c93a86cd22e47cd5df5f7aab60f52fb80a82469079  guix-build-4e7bed297a6d/output/arm-linux-gnueabihf/SHA256SUMS.part
17cb743cc7e3e5e9203d1ff1b5296db34508dd071f4413aa8efb24822c0349c3  guix-build-4e7bed297a6d/output/arm-linux-gnueabihf/bitcoin-4e7bed297a6d-arm-linux-gnueabihf-debug.tar.gz
0fbb39afe86b3fcb3bc42c69d5c13f8f8b65e5a20bbc1f39266cd4830edf3408  guix-build-4e7bed297a6d/output/arm-linux-gnueabihf/bitcoin-4e7bed297a6d-arm-linux-gnueabihf.tar.gz
c6352888aa57e9b723efb2eddca6eb0167160f67ba04caa628dde0d11ad35db2  guix-build-4e7bed297a6d/output/arm64-apple-darwin/SHA256SUMS.part
3803e8f562036e76f9561a6ed3d95ae255298eaff498c4f9dc4cd1bbced06187  guix-build-4e7bed297a6d/output/arm64-apple-darwin/bitcoin-4e7bed297a6d-arm64-apple-darwin-unsigned.dmg
713423eb97f0c385b6f97a70bb321d0c2aa3a93ed8b8b1251dd4af20d00f2a9b  guix-build-4e7bed297a6d/output/arm64-apple-darwin/bitcoin-4e7bed297a6d-arm64-apple-darwin-unsigned.tar.gz
b10d53f9e2623b29e1697bb98f0dcfba5039b398987dfb8f958eb1d779ca5a1e  guix-build-4e7bed297a6d/output/arm64-apple-darwin/bitcoin-4e7bed297a6d-arm64-apple-darwin.tar.gz
395fa303fc0ae0e324282045dc935ca90b92b728ab38d331dea954ecc257ee03  guix-build-4e7bed297a6d/output/dist-archive/bitcoin-4e7bed297a6d.tar.gz
5240d998d3e6b32b3ce1ce2c9d65b76044615294aa03bb821ade684884fbd459  guix-build-4e7bed297a6d/output/powerpc64-linux-gnu/SHA256SUMS.part
800aec5e62b60eb98d6d06b488a15313a22a85f2ecaeac45c3e2b7339ae79146  guix-build-4e7bed297a6d/output/powerpc64-linux-gnu/bitcoin-4e7bed297a6d-powerpc64-linux-gnu-debug.tar.gz
d29f667caf868238447d1712e34bacab8e1441f1482d955af60c0b512fb112e4  guix-build-4e7bed297a6d/output/powerpc64-linux-gnu/bitcoin-4e7bed297a6d-powerpc64-linux-gnu.tar.gz
5d081e380ce7b9a4e2349aa2ec91dc029f90697d6ce5be4d12f5f7519474de0d  guix-build-4e7bed297a6d/output/powerpc64le-linux-gnu/SHA256SUMS.part
260f46ee11a9c77b68b30f297d9041494adab7b08fc13fae261445f187588587  guix-build-4e7bed297a6d/output/powerpc64le-linux-gnu/bitcoin-4e7bed297a6d-powerpc64le-linux-gnu-debug.tar.gz
a22f7eb6f70043494ded38dc316f462a93c7f14abbf94989915850338d6ea90f  guix-build-4e7bed297a6d/output/powerpc64le-linux-gnu/bitcoin-4e7bed297a6d-powerpc64le-linux-gnu.tar.gz
69abc60d6a580fa810c8c371d4726b6e664562951bdceebb9d8809867e49caa5  guix-build-4e7bed297a6d/output/riscv64-linux-gnu/SHA256SUMS.part
8c108e4ed9c79e180f19016e53eba14c23fdd0c8ac91f6177a56f53aa2e547c5  guix-build-4e7bed297a6d/output/riscv64-linux-gnu/bitcoin-4e7bed297a6d-riscv64-linux-gnu-debug.tar.gz
f282b3fa8b05a7f06254adf84ac7a3798dfc50a3b12a41ed294a72011399007a  guix-build-4e7bed297a6d/output/riscv64-linux-gnu/bitcoin-4e7bed297a6d-riscv64-linux-gnu.tar.gz
59c8c5b2a210361c2906474af9bdda714bca2dff79f536eec2ca87343e8e3981  guix-build-4e7bed297a6d/output/x86_64-apple-darwin/SHA256SUMS.part
ad3f0435431e78ef4cfd0a5e38db41f1ccdf6f8279b6875b0729d46d67baab16  guix-build-4e7bed297a6d/output/x86_64-apple-darwin/bitcoin-4e7bed297a6d-x86_64-apple-darwin-unsigned.dmg
8eb48e20b9dd64ffda74f2bd47faa78c9b49d9874c86db5a7605fa5deafda9e5  guix-build-4e7bed297a6d/output/x86_64-apple-darwin/bitcoin-4e7bed297a6d-x86_64-apple-darwin-unsigned.tar.gz
f0aa9e3f8921c44a1915b593559c5f180a811621c5e4579177afabe901bd66cb  guix-build-4e7bed297a6d/output/x86_64-apple-darwin/bitcoin-4e7bed297a6d-x86_64-apple-darwin.tar.gz
38e64e4a7b9f396aa47ea2da89fe7c5b3098c4ff9c2fd669a4b72f7125cc2fe6  guix-build-4e7bed297a6d/output/x86_64-linux-gnu/SHA256SUMS.part
d37ec2889aae05b5e721497d0912134854f9e5ba61e3c5ceb6ebe3bf0788eaa8  guix-build-4e7bed297a6d/output/x86_64-linux-gnu/bitcoin-4e7bed297a6d-x86_64-linux-gnu-debug.tar.gz
2157d19dfa6e2d12ea28758de3160f5602a0d74efd8be3dda99e91dc0f8f6fef  guix-build-4e7bed297a6d/output/x86_64-linux-gnu/bitcoin-4e7bed297a6d-x86_64-linux-gnu.tar.gz
8834e9bcf8f0fb84d39109a2526cd1798833578a3997fc40a7b27fcd3c0a147c  guix-build-4e7bed297a6d/output/x86_64-w64-mingw32/SHA256SUMS.part
c4b04398881d245284d4e2d8ce1f11db95235205e9d92e52b1c60dbe27f432fb  guix-build-4e7bed297a6d/output/x86_64-w64-mingw32/bitcoin-4e7bed297a6d-win64-debug.zip
512973f99582ed523af5009112d2555540dc9c4d59971453f51939bae4d8655f  guix-build-4e7bed297a6d/output/x86_64-w64-mingw32/bitcoin-4e7bed297a6d-win64-setup-unsigned.exe
dce28e8c8182b30ab3bad12de7f06c39a6e5ca99347e6e629c065b5347414e24  guix-build-4e7bed297a6d/output/x86_64-w64-mingw32/bitcoin-4e7bed297a6d-win64-unsigned.tar.gz
c93a4d1a74346119d03b5623052ecca4b5b185cf310af79f701bb4f54b9693e7  guix-build-4e7bed297a6d/output/x86_64-w64-mingw32/bitcoin-4e7bed297a6d-win64.zip

https://bitcoincore.org/bin/bitcoin-core-24.0.1/bitcoin-24.0.1-x86_64-linux-gnu.tar.gz

Problem: listreceivedbyaddress always returns an empty array for a watch-only wallet when it's of type descriptor (not legacy). This problem doesn't occur with a legacy watch-only wallet, only a descriptor watch-only wallet.

Apparent reason: bitcoind thinks the addresses are for change.

Work-around: When importing descriptors, set active=true.

Thanks to achow101 on IRC Libera Chat #bitcoin-core-dev, 2023-01-04.

$ cat $HOME/data1/bitcoin.conf 
printtoconsole=1
regtest=1
txindex=1
[regtest]
port=18444
rpcport=18443

$ $HOME/bitcoin-24.0.1/bin/bitcoin-qt -datadir=$HOME/data1 -server -fallbackfee=0.00001 &

$ cat bcli.sh 
#!/bin/bash
$HOME/bitcoin-24.0.1/bin/bitcoin-cli -datadir=$HOME/data1 "$@"


$ bcli.sh createwallet w1
$ bcli.sh createwallet w2 true true
$ bcli.sh -rpcwallet=w1 listdescriptors
...
    {
      "desc": "wpkh([577ce3ca/84'/1'/0']tpubDCNwCevBBSLGZm5d2urnpLDD2B4s5dWf7TRigFngte9M7sijNQg6QVjq1K7Nb7uLAP7xLn2h4X1MoiT3JmMP3sQYuKsY1qnPj1HR63hQDuT/0/*)#cw6xz6mx",
      "timestamp": 1672848018,
      "active": true,
      "internal": false,
      "range": [
        0,
        999
      ],
      "next": 0
    },
...

$ bcli.sh -rpcwallet=w2 importdescriptors "[{\"desc\": \"wpkh([577ce3ca/84'/1'/0']tpubDCNwCevBBSLGZm5d2urnpLDD2B4s5dWf7TRigFngte9M7sijNQg6QVjq1K7Nb7uLAP7xLn2h4X1MoiT3JmMP3sQYuKsY1qnPj1HR63hQDuT/0/*)#cw6xz6mx\", \"timestamp\": 0, \"range\": 999}]"

$ bcli.sh -rpcwallet=w1 getnewaddress
bcrt1qxu3fl6lyqydvtgxsdpeu69gyywy2dya5a4kray

$ bcli.sh -rpcwallet=w1 generatetoaddress 101 bcrt1qxu3fl6lyqydvtgxsdpeu69gyywy2dya5a4kray

$ bcli.sh -rpcwallet=w2 listreceivedbyaddress 1 true true "" true
[
]

Add fuzz and unit tests that write (fuzzed) data to a mocked socket and inspect what CConnman/PeerManager have written back to the socket, or check the internal state to verify that the behavior is as expected.

This is now possible, after most of https://github.com/bitcoin/bitcoin/pull/21878 has been merged - we don't do any syscalls (e.g. connect(), recv()) from the high level code and using a mocked socket allows testing the entire networking stack without opening actual network connections.

https://cirrus-ci.com/task/5426348117196800?logs=ci#L4502

 test  2022-12-17T13:12:20.699000Z TestFramework.utils (ERROR): wait_until() failed. Predicate: '''' 
                                           self.wait_until(lambda: sum(peer['version'] != 0 for peer in to_connection.getpeerinfo()) == to_num_peers)
                                   '''
 test  2022-12-17T13:12:20.699000Z TestFramework (ERROR): Assertion failed 
                                   Traceback (most recent call last):
                                     File "/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/test/functional/test_framework/test_framework.py", line 134, in main
                                       self.run_test()
                                     File "/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/test/functional/p2p_disconnect_ban.py", line 112, in run_test
                                       self.connect_nodes(0, 1)  # reconnect the node
                                     File "/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/test/functional/test_framework/test_framework.py", line 608, in connect_nodes
                                       self.wait_until(lambda: sum(peer['version'] != 0 for peer in to_connection.getpeerinfo()) == to_num_peers)
                                     File "/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/test/functional/test_framework/test_framework.py", line 732, in wait_until
                                       return wait_until_helper(test_function, timeout=timeout, timeout_factor=self.options.timeout_factor)
                                     File "/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/test/functional/test_framework/util.py", line 281, in wait_until_helper
                                       raise AssertionError("Predicate {} not true after {} seconds".format(predicate_source, timeout))
                                   AssertionError: Predicate ''''
                                           self.wait_until(lambda: sum(peer['version'] != 0 for peer in to_connection.getpeerinfo()) == to_num_peers)
                                   ''' not true after 2400.0 seconds

The ZMQ interface tests should use unique ports as we do for the p2p and rpc ports so that multiple instances of the test can be run at the same time.

Without this, the test may hang until killed, or fail.