hush
/
hush3
9
0
Fork 11
Code Issues 142 Pull Requests 3 Projects Releases 16 Wiki Activity
Browse Source

The term 'whitelist' is racist and so we choose to call this feature 'allowlist'

pull/32/head
Duke Leto 3 years ago
parent
70f9ac87b6
commit
cde6d33ad1
25 changed files with 131 additions and 139 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      contrib/debian/examples/HUSH3.conf
  2. 2
      contrib/devtools/gen-manpages.sh
  3. 6
      doc/man/hush-cli.1
  4. 14
      doc/man/hush-tx.1
  5. 18
      doc/man/hushd.1
  6. 2
      qa/pull-tester/run-bitcoind-for-test.sh.in
  7. 2
      qa/rpc-tests/ac_private.py
  8. 2
      qa/rpc-tests/bip65-cltv-p2p.py
  9. 2
      qa/rpc-tests/bipdersig-p2p.py
  10. 4
      qa/rpc-tests/cryptoconditions.py
  11. 2
      qa/rpc-tests/dpowconfs.py
  12. 2
      qa/rpc-tests/maxblocksinflight.py
  13. 32
      qa/rpc-tests/p2p-acceptblock.py
  14. 2
      qa/rpc-tests/smartfees.py
  15. 10
      qa/rpc-tests/test_framework/test_framework.py
  16. 2
      src/cc/CC_made_easy.md
  17. 2
      src/hush_defs.h
  18. 2
      src/hush_globals.h
  19. 39
      src/init.cpp
  20. 20
      src/main.cpp
  21. 2
      src/main.h
  22. 44
      src/net.cpp
  23. 18
      src/net.h
  24. 2
      src/rpc/net.cpp
  25. 35
      src/wallet/wallet.cpp

4
contrib/debian/examples/HUSH3.conf
View File

@ -11,8 +11,8 @@
# Bind to given address and always listen on it. Use [host]:port notation for IPv6
#bind=<addr>
# Bind to given address and whitelist peers connecting to it. Use [host]:port notation for IPv6
#whitebind=<addr>
# Bind to given address and allowlist peers connecting to it. Use [host]:port notation for IPv6
#allowbind=<addr>
##############################################################
## Quick Primer on addnode vs connect ##

2
contrib/devtools/gen-manpages.sh
View File

@ -12,7 +12,7 @@ HUSHTX=${HUSHTX:-$SRCDIR/hush-tx}
[ ! -x $HUSHD ] && echo "$HUSHD not found or not executable." && exit 1
HUSHVER="v3.6.0"
HUSHVER="v3.6.1"
#HUSHVER=$(./src/hushd --version|head -n2|tail -n1|cut -d' ' -f4|cut -d- -f1)
# Create a footer file with copyright content.

6
doc/man/hush-cli.1
View File

@ -1,9 +1,9 @@
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.10.
.TH HUSH-CLI "1" "December 2020" "hush-cli v3.6.0" "User Commands"
.TH HUSH-CLI "1" "January 2021" "hush-cli v3.6.1" "User Commands"
.SH NAME
hush-cli \- manual page for hush-cli v3.6.0
hush-cli \- manual page for hush-cli v3.6.1
.SH DESCRIPTION
Hush RPC client version v3.6.0\-12fabf7fd
Hush RPC client version v3.6.0\-e05a4e473\-dirty
.PP
In order to ensure you are adequately protecting your privacy when using Hush,
please see <https://hush.is/security/>.

14
doc/man/hush-tx.1
View File

@ -1,16 +1,16 @@
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.10.
.TH HUSH-TX "1" "December 2020" "hush-tx v3.6.0" "User Commands"
.TH HUSH-TX "1" "January 2021" "hush-tx v3.6.1" "User Commands"
.SH NAME
hush-tx \- manual page for hush-tx v3.6.0
hush-tx \- manual page for hush-tx v3.6.1
.SH DESCRIPTION
Hush komodo\-tx utility version v3.6.0\-12fabf7fd
hush\-tx utility version v3.6.0\-e05a4e473\-dirty
.SS "Usage:"
.TP
komodo\-tx [options] <hex\-tx> [commands]
Update hex\-encoded zcash transaction
hush\-tx [options] <hex\-tx> [commands]
Update hex\-encoded Hush transaction
.TP
komodo\-tx [options] \fB\-create\fR [commands]
Create hex\-encoded zcash transaction
hush\-tx [options] \fB\-create\fR [commands]
Create hex\-encoded Hush transaction
.SH OPTIONS
.HP
\-?

18
doc/man/hushd.1
View File

@ -1,9 +1,9 @@
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.10.
.TH HUSHD "1" "December 2020" "hushd v3.6.0" "User Commands"
.TH HUSHD "1" "January 2021" "hushd v3.6.1" "User Commands"
.SH NAME
hushd \- manual page for hushd v3.6.0
hushd \- manual page for hushd v3.6.1
.SH DESCRIPTION
Hush Daemon version v3.6.0\-12fabf7fd
Hush Daemon version v3.6.0\-e05a4e473\-dirty
.PP
In order to ensure you are adequately protecting your privacy when using Hush,
please see <https://hush.is/security/>.
@ -17,10 +17,6 @@ Start a Hush Daemon
.IP
This help message
.HP
\fB\-alerts\fR
.IP
Receive and display P2P network alerts (default: 1)
.HP
\fB\-alertnotify=\fR<cmd>
.IP
Execute command when a relevant alert is received or we see a really
@ -343,12 +339,12 @@ Keep transactions for at least <n> blocks (default: 10000)
.HP
\fB\-opretmintxfee=\fR<amt>
.IP
Minimum fee (in KMD/kB) to allow for OP_RETURN transactions (default:
Minimum fee (in HUSH/kB) to allow for OP_RETURN transactions (default:
400000)
.HP
\fB\-paytxfee=\fR<amt>
.IP
Fee (in KMD/kB) to add to transactions you send (default: 0.00)
Fee (in HUSH/kB) to add to transactions you send (default: 0.00)
.HP
\fB\-rescan\fR
.IP
@ -378,7 +374,7 @@ mined will become invalid (default: 200)
.HP
\fB\-maxtxfee=\fR<amt>
.IP
Maximum total fees (in KMD) to use in a single wallet transaction;
Maximum total fees (in HUSH) to use in a single wallet transaction;
setting this too low may abort large transactions (default: 0.10)
.HP
\fB\-upgradewallet\fR
@ -462,7 +458,7 @@ Prepend debug output with timestamp (default: 1)
.HP
\fB\-minrelaytxfee=\fR<amt>
.IP
Fees (in KMD/kB) smaller than this are considered zero fee for relaying
Fees (in HUSH/kB) smaller than this are considered zero fee for relaying
(default: 0.000001)
.HP
\fB\-printtoconsole\fR

2
qa/pull-tester/run-bitcoind-for-test.sh.in
View File

@ -13,7 +13,7 @@ touch "$DATADIR/regtest/debug.log"
tail -q -n 1 -F "$DATADIR/regtest/debug.log" | grep -m 1 -q "Done loading" &
WAITER=$!
PORT=`expr 10000 + $$ % 55536`
"@abs_top_builddir@/src/hushd@EXEEXT@" -connect=0.0.0.0 -datadir="$DATADIR" -rpcuser=user -rpcpassword=pass -listen -keypool=3 -debug -debug=net -logtimestamps -checkmempool=0 -relaypriority=0 -port=$PORT -whitelist=127.0.0.1 -regtest -rpcport=`expr $PORT + 1` &
"@abs_top_builddir@/src/hushd@EXEEXT@" -connect=0.0.0.0 -datadir="$DATADIR" -rpcuser=user -rpcpassword=pass -listen -keypool=3 -debug -debug=net -logtimestamps -checkmempool=0 -relaypriority=0 -port=$PORT -allowlist=127.0.0.1 -regtest -rpcport=`expr $PORT + 1` &
BITCOIND=$!
#Install a watchdog.

2
qa/rpc-tests/ac_private.py
View File

@ -49,7 +49,7 @@ class AssetChainPrivateTest (BitcoinTestFramework):
'-ac_supply=0',
'-ac_reward=25600000000',
'-ac_private=1',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'--daemon',
'-rpcuser=rt',

2
qa/rpc-tests/bip65-cltv-p2p.py
View File

@ -30,7 +30,7 @@ class BIP65Test(ComparisonTestFramework):
def setup_network(self):
self.nodes = start_nodes(1, self.options.tmpdir,
extra_args=[['-debug', '-whitelist=127.0.0.1']],
extra_args=[['-debug', '-allowlist=127.0.0.1']],
binary=[self.options.testbinary])
self.is_network_split = False

2
qa/rpc-tests/bipdersig-p2p.py
View File

@ -30,7 +30,7 @@ class BIP66Test(ComparisonTestFramework):
def setup_network(self):
self.nodes = start_nodes(1, self.options.tmpdir,
extra_args=[['-debug', '-whitelist=127.0.0.1']],
extra_args=[['-debug', '-allowlist=127.0.0.1']],
binary=[self.options.testbinary])
self.is_network_split = False

4
qa/rpc-tests/cryptoconditions.py
View File

@ -54,7 +54,7 @@ class CryptoConditionsTest (BitcoinTestFramework):
'-ac_reward=10000000000000',
'-pubkey=' + self.pubkey,
'-ac_cc=2',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'--daemon',
'-rpcuser=rt',
@ -71,7 +71,7 @@ class CryptoConditionsTest (BitcoinTestFramework):
'-ac_reward=10000000000000',
'-pubkey=' + self.pubkey1,
'-ac_cc=2',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'-addnode=127.0.0.1:64367',
'--daemon',

2
qa/rpc-tests/dpowconfs.py
View File

@ -46,7 +46,7 @@ class DPoWConfsTest(BitcoinTestFramework):
'-ac_reward=10000000000000',
#'-pubkey=' + self.pubkey,
'-ac_cc=2',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'--daemon',
'-rpcuser=rt',

2
qa/rpc-tests/maxblocksinflight.py
View File

@ -94,7 +94,7 @@ class MaxBlocksInFlightTest(BitcoinTestFramework):
def setup_network(self):
self.nodes = start_nodes(1, self.options.tmpdir,
extra_args=[['-debug', '-whitelist=127.0.0.1']],
extra_args=[['-debug', '-allowlist=127.0.0.1']],
binary=[self.options.testbinary])
def run_test(self):

32
qa/rpc-tests/p2p-acceptblock.py
View File

@ -19,12 +19,12 @@ import time
'''
AcceptBlockTest -- test processing of unrequested blocks.
Since behavior differs when receiving unrequested blocks from whitelisted peers
versus non-whitelisted peers, this tests the behavior of both (effectively two
Since behavior differs when receiving unrequested blocks from allowlisted peers
versus non-allowlisted peers, this tests the behavior of both (effectively two
separate tests running in parallel).
Setup: two nodes, node0 and node1, not connected to each other. Node0 does not
whitelist localhost, but node1 does. They will each be on their own chain for
allowlist localhost, but node1 does. They will each be on their own chain for
this test.
We have one NodeConn connection to each, test_node and white_node respectively.
@ -39,7 +39,7 @@ The test:
corresponding peer.
Node0 should not process this block (just accept the header), because it is
unrequested and doesn't have more work than the tip.
Node1 should process because this is coming from a whitelisted peer.
Node1 should process because this is coming from a allowlisted peer.
4. Send another block that builds on the forking block.
Node0 should process this block but be stuck on the shorter chain, because
@ -49,7 +49,7 @@ The test:
4b.Send 288 more blocks on the longer chain.
Node0 should process all but the last block (too far ahead in height).
Send all headers to Node1, and then send the last block in that chain.
Node1 should accept the block because it's coming from a whitelisted peer.
Node1 should accept the block because it's coming from a allowlisted peer.
5. Send a duplicate of the block in #3 to Node0.
Node0 should not process the block because it is unrequested, and stay on
@ -124,19 +124,19 @@ class AcceptBlockTest(BitcoinTestFramework):
def setup_network(self):
# Node0 will be used to test behavior of processing unrequested blocks
# from peers which are not whitelisted, while Node1 will be used for
# the whitelisted case.
# from peers which are not allowlisted, while Node1 will be used for
# the allowlisted case.
self.nodes = []
self.nodes.append(start_node(0, self.options.tmpdir, ["-debug"],
binary=self.options.testbinary))
self.nodes.append(start_node(1, self.options.tmpdir,
["-debug", "-whitelist=127.0.0.1"],
["-debug", "-allowlist=127.0.0.1"],
binary=self.options.testbinary))
def run_test(self):
# Setup the p2p connections and start up the network thread.
test_node = TestNode() # connects to node0 (not whitelisted)
white_node = TestNode() # connects to node1 (whitelisted)
test_node = TestNode() # connects to node0 (not allowlisted)
white_node = TestNode() # connects to node1 (allowlisted)
connections = []
connections.append(NodeConn('127.0.0.1', p2p_port(0), self.nodes[0], test_node))
@ -187,7 +187,7 @@ class AcceptBlockTest(BitcoinTestFramework):
if x['hash'] == blocks_h2f[1].hash:
assert_equal(x['status'], "valid-headers")
print "Second height 2 block accepted only from whitelisted peer"
print "Second height 2 block accepted only from allowlisted peer"
# 4. Now send another block that builds on the forking chain.
blocks_h3 = []
@ -207,13 +207,13 @@ class AcceptBlockTest(BitcoinTestFramework):
# But this block should be accepted by node0 since it has more work.
try:
self.nodes[0].getblock(blocks_h3[0].hash)
print "Unrequested more-work block accepted from non-whitelisted peer"
print "Unrequested more-work block accepted from non-allowlisted peer"
except:
raise AssertionError("Unrequested more work block was not processed")
# Node1 should have accepted and reorged.
assert_equal(self.nodes[1].getblockcount(), 3)
print "Successfully reorged to length 3 chain from whitelisted peer"
print "Successfully reorged to length 3 chain from allowlisted peer"
# 4b. Now mine 288 more blocks and deliver; all should be processed but
# the last (height-too-high) on node0. Node1 should process the tip if
@ -250,9 +250,9 @@ class AcceptBlockTest(BitcoinTestFramework):
try:
white_node.sync_with_ping()
self.nodes[1].getblock(tips[1].hash)
print "Unrequested block far ahead of tip accepted from whitelisted peer"
print "Unrequested block far ahead of tip accepted from allowlisted peer"
except:
raise AssertionError("Unrequested block from whitelisted peer not accepted")
raise AssertionError("Unrequested block from allowlisted peer not accepted")
# 5. Test handling of unrequested block on the node that didn't process
# Should still not be processed (even though it has a child that has more
@ -289,7 +289,7 @@ class AcceptBlockTest(BitcoinTestFramework):
test_node.sync_with_ping()
assert_equal(self.nodes[0].getblockcount(), 290)
print "Successfully reorged to longer chain from non-whitelisted peer"
print "Successfully reorged to longer chain from non-allowlisted peer"
[ c.disconnect_node() for c in connections ]

2
qa/rpc-tests/smartfees.py
View File

@ -152,7 +152,7 @@ class EstimateFeeTest(BitcoinTestFramework):
self.nodes = []
# Use node0 to mine blocks for input splitting
self.nodes.append(start_node(0, self.options.tmpdir, ["-maxorphantx=1000",
"-relaypriority=0", "-whitelist=127.0.0.1"]))
"-relaypriority=0", "-allowlist=127.0.0.1"]))
print("This test is time consuming, please be patient")
print("Splitting inputs to small size so we can generate low priority tx's")

10
qa/rpc-tests/test_framework/test_framework.py
View File

@ -174,7 +174,7 @@ class ComparisonTestFramework(BitcoinTestFramework):
def setup_network(self):
self.nodes = start_nodes(self.num_nodes, self.options.tmpdir,
extra_args=[['-debug', '-whitelist=127.0.0.1']] * self.num_nodes,
extra_args=[['-debug', '-allowlist=127.0.0.1']] * self.num_nodes,
binary=[self.options.testbinary] +
[self.options.refbinary]*(self.num_nodes-1))
@ -209,7 +209,7 @@ class HushTestFramework(BitcoinTestFramework):
'-ac_reward=10000000000000',
'-pubkey=' + self.pubkey,
'-ac_cc=2',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'--daemon',
'-rpcuser=rt',
@ -226,7 +226,7 @@ class HushTestFramework(BitcoinTestFramework):
'-ac_reward=10000000000000',
'-pubkey=' + self.pubkey1,
'-ac_cc=2',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'-addnode=127.0.0.1:64367',
'--daemon',
@ -270,7 +270,7 @@ class CryptoconditionsTestFramework(BitcoinTestFramework):
'-ac_reward=10000000000000',
'-pubkey=' + self.pubkey,
'-ac_cc=2',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'--daemon',
'-rpcuser=rt',
@ -287,7 +287,7 @@ class CryptoconditionsTestFramework(BitcoinTestFramework):
'-ac_reward=10000000000000',
'-pubkey=' + self.pubkey1,
'-ac_cc=2',
'-whitelist=127.0.0.1',
'-allowlist=127.0.0.1',
'-debug',
'-addnode=127.0.0.1:64367',
'--daemon',

2
src/cc/CC_made_easy.md
View File

@ -638,7 +638,7 @@ vout.n-1: opreturn with oracletxid, prevbatontxid and data in proper format
The oraclesdata transaction is the most complex as it needs to find and spend the baton utxo, use the correct datafee and spend funds from the locked subscription funds. With the above, the oracles CC is complete and allows the creations of massively parallel data streams from multiple vendors that uses free market feedback via payments, ie. poorly performing providers wont get renewals.
I expect that at first, the data providers will just be dapp developers deploying a working system including the required data, but its structure allows open market competition. Of course, specific dapps could restrict themselves to using only publishers from a whitelist of pubkeys. The potential usecases for oracles CC is quite varied and limited only by the imagination.
I expect that at first, the data providers will just be dapp developers deploying a working system including the required data, but its structure allows open market competition. Of course, specific dapps could restrict themselves to using only publishers from a allowlist of pubkeys. The potential usecases for oracles CC is quite varied and limited only by the imagination.
Chapter 12 - limitless possibilities
As can be seen, CC contracts can do a wide range of things and since they are Turing complete, we know that this is true. However, what is more important is the added security gained from using a utxo based system. While in some ways it is more complex to have to deal with utxo, as can be seen by the above examples, it is either solved and made invisible at the rpc level, or actually used as part of the solution.

2
src/hush_defs.h
View File

@ -530,7 +530,7 @@ extern char NOTARY_ADDRESSES[NUM_HUSH_SEASONS][64][64];
extern int32_t HUSH_TESTNODE, HUSH_SNAPSHOT_INTERVAL;
extern int32_t ASSETCHAINS_EARLYTXIDCONTRACT;
int tx_height( const uint256 &hash );
extern std::vector<std::string> vWhiteListAddress;
extern std::vector<std::string> vAllowListAddress;
extern std::map <std::int8_t, int32_t> mapHeightEvalActivate;
void komodo_netevent(std::vector<uint8_t> payload);
int32_t getacseason(uint32_t timestamp);

2
src/hush_globals.h
View File

@ -53,7 +53,7 @@ std::string NOTARY_PUBKEY,ASSETCHAINS_NOTARIES,ASSETCHAINS_OVERRIDE_PUBKEY,DONAT
uint8_t NOTARY_PUBKEY33[33],ASSETCHAINS_OVERRIDE_PUBKEY33[33],ASSETCHAINS_OVERRIDE_PUBKEYHASH[20],ASSETCHAINS_PUBLIC,ASSETCHAINS_PRIVATE,ASSETCHAINS_TXPOW,ASSETCHAINS_MARMARA;
int8_t ASSETCHAINS_ADAPTIVEPOW;
std::vector<uint8_t> Mineropret;
std::vector<std::string> vWhiteListAddress;
std::vector<std::string> vAllowListAddress;
char NOTARYADDRS[64][64];
char NOTARY_ADDRESSES[NUM_HUSH_SEASONS][64][64];

39
src/init.cpp
View File

@ -118,7 +118,7 @@ enum BindFlags {
BF_NONE = 0,
BF_EXPLICIT = (1U << 0),
BF_REPORT_ERROR = (1U << 1),
BF_WHITELIST = (1U << 2),
BF_ALLOWLIST = (1U << 2),
};
static const char* FEE_ESTIMATES_FILENAME="fee_estimates.dat";
@ -319,7 +319,7 @@ bool static Bind(const CService &addr, unsigned int flags) {
if (!(flags & BF_EXPLICIT) && IsLimited(addr))
return false;
std::string strError;
if (!BindListenPort(addr, strError, (flags & BF_WHITELIST) != 0)) {
if (!BindListenPort(addr, strError, (flags & BF_ALLOWLIST) != 0)) {
if (flags & BF_REPORT_ERROR)
return InitError(strError);
return false;
@ -425,9 +425,9 @@ std::string HelpMessage(HelpMessageMode mode)
strUsage += HelpMessageOpt("-tlskeypwd=<password>", _("Password for a private key encryption (default: not set, i.e. private key will be stored unencrypted)"));
strUsage += HelpMessageOpt("-tlscertpath=<path>", _("Full path to a certificate"));
strUsage += HelpMessageOpt("-tlstrustdir=<path>", _("Full path to a trusted certificates directory"));
strUsage += HelpMessageOpt("-whitebind=<addr>", _("Bind to given address and whitelist peers connecting to it. Use [host]:port notation for IPv6"));
strUsage += HelpMessageOpt("-whitelist=<netmask>", _("Whitelist peers connecting from the given netmask or IP address. Can be specified multiple times.") +
" " + _("Whitelisted peers cannot be DoS banned and their transactions are always relayed, even if they are already in the mempool, useful e.g. for a gateway"));
strUsage += HelpMessageOpt("-allowbind=<addr>", _("Bind to given address and allowlist peers connecting to it. Use [host]:port notation for IPv6"));
strUsage += HelpMessageOpt("-allowlist=<netmask>", _("Allowlist peers connecting from the given netmask or IP address. Can be specified multiple times.") +
" " + _("Allowlisted peers cannot be DoS banned and their transactions are always relayed, even if they are already in the mempool, useful e.g. for a gateway"));
#ifdef ENABLE_WALLET
strUsage += HelpMessageGroup(_("Wallet options:"));
@ -457,7 +457,7 @@ std::string HelpMessage(HelpMessageMode mode)
strUsage += HelpMessageOpt("-wallet=<file>", _("Specify wallet file absolute path or a path relative to the data directory") + " " + strprintf(_("(default: %s)"), DEFAULT_WALLET_DAT));
strUsage += HelpMessageOpt("-walletbroadcast", _("Make the wallet broadcast transactions") + " " + strprintf(_("(default: %u)"), true));
strUsage += HelpMessageOpt("-walletnotify=<cmd>", _("Execute command when a wallet transaction changes (%s in cmd is replaced by TxID)"));
strUsage += HelpMessageOpt("-whitelistaddress=<Raddress>", _("Enable the wallet filter for notary nodes and add one Raddress to the whitelist of the wallet filter. If -whitelistaddress= is used, then the wallet filter is automatically activated. Several Raddresses can be defined using several -whitelistaddress= (similar to -addnode). The wallet filter will filter the utxo to only ones coming from my own Raddress (derived from pubkey) and each Raddress defined using -whitelistaddress= this option is mostly for Notary Nodes)."));
strUsage += HelpMessageOpt("-allowlistaddress=<Raddress>", _("Enable the wallet filter for notary nodes and add one Raddress to the allowlist of the wallet filter. If -allowlistaddress= is used, then the wallet filter is automatically activated. Several Raddresses can be defined using several -allowlistaddress= (similar to -addnode). The wallet filter will filter the utxo to only ones coming from my own Raddress (derived from pubkey) and each Raddress defined using -allowlistaddress= this option is mostly for Notary Nodes)."));
strUsage += HelpMessageOpt("-zapwallettxes=<mode>", _("Delete all wallet transactions and only recover those parts of the blockchain through -rescan on startup") +
" " + _("(1 = keep tx meta data e.g. account owner and payment request information, 2 = drop tx meta data)"));
#endif
@ -1038,9 +1038,9 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
if (SoftSetBoolArg("-listen", true))
LogPrintf("%s: parameter interaction: -bind set -> setting -listen=1\n", __func__);
}
if (mapArgs.count("-whitebind")) {
if (mapArgs.count("-allowbind")) {
if (SoftSetBoolArg("-listen", true))
LogPrintf("%s: parameter interaction: -whitebind set -> setting -listen=1\n", __func__);
LogPrintf("%s: parameter interaction: -allowbind set -> setting -listen=1\n", __func__);
}
//fprintf(stderr,"%s tik3\n", __FUNCTION__);
@ -1114,7 +1114,7 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
//fprintf(stderr,"%s tik4\n", __FUNCTION__);
// Make sure enough file descriptors are available
int nBind = std::max((int)mapArgs.count("-bind") + (int)mapArgs.count("-whitebind"), 1);
int nBind = std::max((int)mapArgs.count("-bind") + (int)mapArgs.count("-allowbind"), 1);
nMaxConnections = GetArg("-maxconnections", DEFAULT_MAX_PEER_CONNECTIONS);
//fprintf(stderr,"nMaxConnections %d\n",nMaxConnections);
nMaxConnections = std::max(std::min(nMaxConnections, (int)(FD_SETSIZE - nBind - MIN_CORE_FILEDESCRIPTORS)), 0);
@ -1533,12 +1533,12 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
}
//fprintf(stderr,"%s tik19\n", __FUNCTION__);
if (mapArgs.count("-whitelist")) {
BOOST_FOREACH(const std::string& net, mapMultiArgs["-whitelist"]) {
if (mapArgs.count("-allowlist")) {
BOOST_FOREACH(const std::string& net, mapMultiArgs["-allowlist"]) {
CSubNet subnet(net);
if (!subnet.IsValid())
return InitError(strprintf(_("Invalid netmask specified in -whitelist: '%s'"), net));
CNode::AddWhitelistedRange(subnet);
return InitError(strprintf(_("Invalid netmask specified in -allowlist: '%s'"), net));
CNode::AddAllowlistedRange(subnet);
}
}
@ -1584,23 +1584,22 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
//fprintf(stderr,"%s tik22\n", __FUNCTION__);
bool fBound = false;
if (fListen) {
if (mapArgs.count("-bind") || mapArgs.count("-whitebind")) {
if (mapArgs.count("-bind") || mapArgs.count("-allowbind")) {
BOOST_FOREACH(const std::string& strBind, mapMultiArgs["-bind"]) {
CService addrBind;
if (!Lookup(strBind.c_str(), addrBind, GetListenPort(), false))
return InitError(strprintf(_("Cannot resolve -bind address: '%s'"), strBind));
fBound |= Bind(addrBind, (BF_EXPLICIT | BF_REPORT_ERROR));
}
BOOST_FOREACH(const std::string& strBind, mapMultiArgs["-whitebind"]) {
BOOST_FOREACH(const std::string& strBind, mapMultiArgs["-allowbind"]) {
CService addrBind;
if (!Lookup(strBind.c_str(), addrBind, 0, false))
return InitError(strprintf(_("Cannot resolve -whitebind address: '%s'"), strBind));
return InitError(strprintf(_("Cannot resolve -allowbind address: '%s'"), strBind));
if (addrBind.GetPort() == 0)
return InitError(strprintf(_("Need to specify a port with -whitebind: '%s'"), strBind));
fBound |= Bind(addrBind, (BF_EXPLICIT | BF_REPORT_ERROR | BF_WHITELIST));
return InitError(strprintf(_("Need to specify a port with -allowbind: '%s'"), strBind));
fBound |= Bind(addrBind, (BF_EXPLICIT | BF_REPORT_ERROR | BF_ALLOWLIST));
}
}
else {
} else {
struct in_addr inaddr_any;
inaddr_any.s_addr = INADDR_ANY;
fBound |= Bind(CService(in6addr_any, GetListenPort()), BF_NONE);

20
src/main.cpp
View File

@ -284,7 +284,7 @@ namespace {
bool fCurrentlyConnected;
//! Accumulated misbehaviour score for this peer.
int nMisbehavior;
//! Whether this peer should be disconnected and banned (unless whitelisted).
//! Whether this peer should be disconnected and banned (unless allowlisted).
bool fShouldBan;
//! String name of this peer (debugging/logging purposes).
std::string name;
@ -345,7 +345,7 @@ namespace {
nPreferredDownload -= state->fPreferredDownload;
// Whether this node should be marked as a preferred download node.
state->fPreferredDownload = (!node->fInbound || node->fWhitelisted) && !node->fOneShot && !node->fClient;
state->fPreferredDownload = (!node->fInbound || node->fAllowlisted) && !node->fOneShot && !node->fClient;
nPreferredDownload += state->fPreferredDownload;
}
@ -7589,8 +7589,8 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
assert(recentRejects);
recentRejects->insert(tx.GetHash());
if (pfrom->fWhitelisted) {
// Always relay transactions received from whitelisted peers, even
if (pfrom->fAllowlisted) {
// Always relay transactions received from allowlisted peers, even
// if they were already in the mempool or rejected from it due
// to policy, allowing the node to function as a gateway for
// nodes hidden behind it.
@ -7600,10 +7600,10 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
// case.
int nDoS = 0;
if (!state.IsInvalid(nDoS) || nDoS == 0) {
LogPrintf("Force relaying tx %s from whitelisted peer=%d\n", tx.GetHash().ToString(), pfrom->id);
LogPrintf("Force relaying tx %s from allowlisted peer=%d\n", tx.GetHash().ToString(), pfrom->id);
RelayTransaction(tx);
} else {
LogPrintf("Not relaying invalid transaction %s from whitelisted peer=%d (%s (code %d))\n",
LogPrintf("Not relaying invalid transaction %s from allowlisted peer=%d (%s (code %d))\n",
tx.GetHash().ToString(), pfrom->id, state.GetRejectReason(), state.GetRejectCode());
}
}
@ -7693,11 +7693,11 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
pfrom->AddInventoryKnown(inv);
CValidationState state;
// Process all blocks from whitelisted peers, even if not requested,
// Process all blocks from allowlisted peers, even if not requested,
// unless we're still syncing with the network.
// Such an unrequested block may still be processed, subject to the
// conditions in AcceptBlock().
bool forceProcessing = pfrom->fWhitelisted && !IsInitialBlockDownload();
bool forceProcessing = pfrom->fAllowlisted && !IsInitialBlockDownload();
ProcessNewBlock(0,0,state, pfrom, &block, forceProcessing, NULL);
int nDoS;
if (state.IsInvalid(nDoS)) {
@ -8039,8 +8039,8 @@ bool SendMessages(CNode* pto, bool fSendTrickle)
CNodeState &state = *State(pto->GetId());
if (state.fShouldBan) {
if (pto->fWhitelisted) {
LogPrintf("Warning: not punishing whitelisted peer %s!\n", pto->addr.ToString());
if (pto->fAllowlisted) {
LogPrintf("Warning: not punishing allowlisted peer %s!\n", pto->addr.ToString());
} else {
pto->fDisconnect = true;
if (pto->addr.IsLocal())

2
src/main.h
View File

@ -207,7 +207,7 @@ void UnregisterNodeSignals(CNodeSignals& nodeSignals);
* @param[out] state This may be set to an Error state if any error occurred processing it, including during validation/connection/etc of otherwise unrelated blocks during reorganisation; or it may be set to an Invalid state if pblock is itself invalid (but this is not guaranteed even when the block is checked). If you want to *possibly* get feedback on whether pblock is valid, you must also install a CValidationInterface (see validationinterface.h) - this will have its BlockChecked method called whenever *any* block completes validation.
* @param[in] pfrom The node which we are receiving the block from; it is added to mapBlockSource and may be penalised if the block is invalid.
* @param[in] pblock The block we want to process.
* @param[in] fForceProcessing Process this block even if unrequested; used for non-network block sources and whitelisted peers.
* @param[in] fForceProcessing Process this block even if unrequested; used for non-network block sources and allowlisted peers.
* @param[out] dbp If pblock is stored to disk (or already there), this will be set to its location.
* @return True if state.IsValid()
*/

44
src/net.cpp
View File

@ -79,9 +79,9 @@ namespace {
struct ListenSocket {
SOCKET socket;
bool whitelisted;
bool allowlisted;
ListenSocket(SOCKET socket, bool whitelisted) : socket(socket), whitelisted(whitelisted) {}
ListenSocket(SOCKET socket, bool allowlisted) : socket(socket), allowlisted(allowlisted) {}
};
}
@ -600,21 +600,21 @@ void CNode::GetBanned(std::map<CSubNet, int64_t> &banMap)
}
std::vector<CSubNet> CNode::vWhitelistedRange;
CCriticalSection CNode::cs_vWhitelistedRange;
std::vector<CSubNet> CNode::vAllowlistedRange;
CCriticalSection CNode::cs_vAllowlistedRange;
bool CNode::IsWhitelistedRange(const CNetAddr &addr) {
LOCK(cs_vWhitelistedRange);
BOOST_FOREACH(const CSubNet& subnet, vWhitelistedRange) {
bool CNode::IsAllowlistedRange(const CNetAddr &addr) {
LOCK(cs_vAllowlistedRange);
BOOST_FOREACH(const CSubNet& subnet, vAllowlistedRange) {
if (subnet.Match(addr))
return true;
}
return false;
}
void CNode::AddWhitelistedRange(const CSubNet &subnet) {
LOCK(cs_vWhitelistedRange);
vWhitelistedRange.push_back(subnet);
void CNode::AddAllowlistedRange(const CSubNet &subnet) {
LOCK(cs_vAllowlistedRange);
vAllowlistedRange.push_back(subnet);
}
void CNode::copyStats(CNodeStats &stats, const std::vector<bool> &m_asmap)
@ -635,7 +635,7 @@ void CNode::copyStats(CNodeStats &stats, const std::vector<bool> &m_asmap)
stats.nStartingHeight = nStartingHeight;
stats.nSendBytes = nSendBytes;
stats.nRecvBytes = nRecvBytes;
stats.fWhitelisted = fWhitelisted;
stats.fAllowlisted = fAllowlisted;
// It is common for nodes with good ping times to suddenly become lagged,
// due to a new block arriving or other large transfer.
@ -919,7 +919,7 @@ static bool AttemptToEvictConnection(bool fPreferNewConnection) {
LOCK(cs_vNodes);
BOOST_FOREACH(CNode *node, vNodes) {
if (node->fWhitelisted)
if (node->fAllowlisted)
continue;
if (!node->fInbound)
continue;
@ -1010,7 +1010,7 @@ static bool AttemptToEvictConnection(bool fPreferNewConnection) {
// Do not disconnect peers if there is only one unprotected connection from their network group.
if (vEvictionCandidates.size() <= 1)
// unless we prefer the new connection (for whitelisted peers)
// unless we prefer the new connection (for allowlisted peers)
if (!fPreferNewConnection)
return false;
@ -1032,7 +1032,7 @@ static void AcceptConnection(const ListenSocket& hListenSocket) {
if (!addr.SetSockAddr((const struct sockaddr*)&sockaddr))
LogPrintf("Warning: Unknown socket family\n");
bool whitelisted = hListenSocket.whitelisted || CNode::IsWhitelistedRange(addr);
bool allowlisted = hListenSocket.allowlisted || CNode::IsAllowlistedRange(addr);
int nInboundThisIP = 0;
{
@ -1065,7 +1065,7 @@ static void AcceptConnection(const ListenSocket& hListenSocket) {
return;
}
if (CNode::IsBanned(addr) && !whitelisted)
if (CNode::IsBanned(addr) && !allowlisted)
{
LogPrintf("connection from %s dropped (banned)\n", addr.ToString());
CloseSocket(hSocket);
@ -1074,7 +1074,7 @@ static void AcceptConnection(const ListenSocket& hListenSocket) {
if (nInbound >= nMaxInbound)
{
if (!AttemptToEvictConnection(whitelisted)) {
if (!AttemptToEvictConnection(allowlisted)) {
// No connection to evict, disconnect the new connection
LogPrint("net", "failed to find an eviction candidate - connection dropped (full)\n");
CloseSocket(hSocket);
@ -1118,7 +1118,7 @@ static void AcceptConnection(const ListenSocket& hListenSocket) {
CNode* pnode = new CNode(hSocket, addr, "", true, ssl);
pnode->AddRef();
pnode->fWhitelisted = whitelisted;
pnode->fAllowlisted = allowlisted;
LogPrint("net", "connection from %s accepted\n", addr.ToString());
@ -1674,7 +1674,7 @@ void ThreadMessageHandler()
{
TRY_LOCK(pnode->cs_vSend, lockSend);
if (lockSend)
g_signals.SendMessages(pnode, pnode == pnodeTrickle || pnode->fWhitelisted);
g_signals.SendMessages(pnode, pnode == pnodeTrickle || pnode->fAllowlisted);
}
boost::this_thread::interruption_point();
}
@ -1691,7 +1691,7 @@ void ThreadMessageHandler()
}
bool BindListenPort(const CService &addrBind, string& strError, bool fWhitelisted)
bool BindListenPort(const CService &addrBind, string& strError, bool fAllowlisted)
{
strError = "";
int nOne = 1;
@ -1787,9 +1787,9 @@ bool BindListenPort(const CService &addrBind, string& strError, bool fWhiteliste
return false;
}
vhListenSocket.push_back(ListenSocket(hListenSocket, fWhitelisted));
vhListenSocket.push_back(ListenSocket(hListenSocket, fAllowlisted));
if (addrBind.IsRoutable() && fDiscover && !fWhitelisted)
if (addrBind.IsRoutable() && fDiscover && !fAllowlisted)
AddLocal(addrBind, LOCAL_BIND);
return true;
@ -2172,7 +2172,7 @@ CNode::CNode(SOCKET hSocketIn, const CAddress& addrIn, const std::string& addrNa
addrName = addrNameIn == "" ? addr.ToStringIPPort() : addrNameIn;
nVersion = 0;
strSubVer = "";
fWhitelisted = false;
fAllowlisted = false;
fOneShot = false;
fClient = false; // set by version message
fInbound = fInboundIn;

18
src/net.h
View File

@ -90,7 +90,7 @@ CNode* FindNode(const CService& ip);
CNode* ConnectNode(CAddress addrConnect, const char *pszDest = NULL);
bool OpenNetworkConnection(const CAddress& addrConnect, CSemaphoreGrant *grantOutbound = NULL, const char *strDest = NULL, bool fOneShot = false);
unsigned short GetListenPort();
bool BindListenPort(const CService &bindAddr, std::string& strError, bool fWhitelisted = false);
bool BindListenPort(const CService &bindAddr, std::string& strError, bool fAllowlisted = false);
void StartNode(boost::thread_group& threadGroup, CScheduler& scheduler);
bool StopNode();
void SocketSendData(CNode *pnode);
@ -214,7 +214,7 @@ public:
int nStartingHeight;
uint64_t nSendBytes;
uint64_t nRecvBytes;
bool fWhitelisted;
bool fAllowlisted;
double dPingTime;
double dPingWait;
std::string addrLocal;
@ -312,7 +312,7 @@ public:
// store the sanitized version in cleanSubVer. The original should be used when dealing with
// the network or wire types and the cleaned string used when displayed or logged.
std::string strSubVer, cleanSubVer;
bool fWhitelisted; // This peer can bypass DoS banning.
bool fAllowlisted; // This peer can bypass DoS banning.
bool fOneShot;
bool fClient;
bool fInbound;
@ -340,10 +340,10 @@ protected:
static std::map<CSubNet, int64_t> setBanned;
static CCriticalSection cs_setBanned;
// Whitelisted ranges. Any node connecting from these is automatically
// whitelisted (as well as those connecting to whitelisted binds).
static std::vector<CSubNet> vWhitelistedRange;
static CCriticalSection cs_vWhitelistedRange;
// Allowlisted ranges. Any node connecting from these is automatically
// allowlisted (as well as those connecting to allowlisted binds).
static std::vector<CSubNet> vAllowlistedRange;
static CCriticalSection cs_vAllowlistedRange;
// Basic fuzz-testing
void Fuzz(int nChance); // modifies ssSend
@ -681,8 +681,8 @@ public:
void copyStats(CNodeStats &stats, const std::vector<bool> &m_asmap);
static bool IsWhitelistedRange(const CNetAddr &ip);
static void AddWhitelistedRange(const CSubNet &subnet);
static bool IsAllowlistedRange(const CNetAddr &ip);
static void AddAllowlistedRange(const CSubNet &subnet);
// Network stats
static void RecordBytesRecv(uint64_t bytes);

2
src/rpc/net.cpp
View File

@ -165,7 +165,7 @@ UniValue getpeerinfo(const UniValue& params, bool fHelp, const CPubKey& mypk)
}
obj.push_back(Pair("inflight", heights));
}
obj.push_back(Pair("whitelisted", stats.fWhitelisted));
obj.push_back(Pair("allowlisted", stats.fAllowlisted));
ret.push_back(obj);
}

35
src/wallet/wallet.cpp
View File

@ -1539,34 +1539,31 @@ bool CWallet::AddToWalletIfInvolvingMe(const CTransaction& tx, const CBlock* pbl
bool fExisted = mapWallet.count(tx.GetHash()) != 0;
if (fExisted && !fUpdate) return false;
auto saplingNoteDataAndAddressesToAdd = FindMySaplingNotes(tx);
auto saplingNoteData = saplingNoteDataAndAddressesToAdd.first;
auto addressesToAdd = saplingNoteDataAndAddressesToAdd.second;
auto saplingNoteData = saplingNoteDataAndAddressesToAdd.first;
auto addressesToAdd = saplingNoteDataAndAddressesToAdd.second;
for (const auto &addressToAdd : addressesToAdd) {
if (!AddSaplingIncomingViewingKey(addressToAdd.second, addressToAdd.first)) {
return false;
}
}
static std::string NotaryAddress; static bool didinit;
if ( !didinit && NotaryAddress.empty() && NOTARY_PUBKEY33[0] != 0 )
{
if ( !didinit && NotaryAddress.empty() && NOTARY_PUBKEY33[0] != 0 ) {
didinit = true;
char Raddress[64];
pubkey2addr((char *)Raddress,(uint8_t *)NOTARY_PUBKEY33);
NotaryAddress.assign(Raddress);
vWhiteListAddress = mapMultiArgs["-whitelistaddress"];
if ( !vWhiteListAddress.empty() )
vAllowListAddress = mapMultiArgs["-allowlistaddress"];
if ( !vAllowListAddress.empty() )
{
fprintf(stderr, "Activated Wallet Filter \n Notary Address: %s \n Adding whitelist address's:\n", NotaryAddress.c_str());
for ( auto wladdr : vWhiteListAddress )
fprintf(stderr, "Activated Wallet Filter \n Notary Address: %s \n Adding allowlist address's:\n", NotaryAddress.c_str());
for ( auto wladdr : vAllowListAddress )
fprintf(stderr, " %s\n", wladdr.c_str());
}
}
if (fExisted || IsMine(tx) || IsFromMe(tx) || saplingNoteData.size() > 0)
{
// wallet filter for notary nodes. Enables by setting -whitelistaddress= as startup param or in conf file (works same as -addnode byut with R-address's)
if ( !tx.IsCoinBase() && !vWhiteListAddress.empty() && !NotaryAddress.empty() )
{
int numvinIsOurs = 0, numvinIsWhiteList = 0;
if (fExisted || IsMine(tx) || IsFromMe(tx) || saplingNoteData.size() > 0) {
// wallet filter for notary nodes. Enables by setting -allowlistaddress= as startup param or in conf file (works same as -addnode but with taddr)
if ( !tx.IsCoinBase() && !vAllowListAddress.empty() && !NotaryAddress.empty() ) {
int numvinIsOurs = 0, numvinIsAllowList = 0;
for (size_t i = 0; i < tx.vin.size(); i++)
{
uint256 hash; CTransaction txin; CTxDestination address;
@ -1574,20 +1571,20 @@ bool CWallet::AddToWalletIfInvolvingMe(const CTransaction& tx, const CBlock* pbl
{
if ( CBitcoinAddress(address).ToString() == NotaryAddress )
numvinIsOurs++;
for ( auto wladdr : vWhiteListAddress )
for ( auto wladdr : vAllowListAddress )
{
if ( CBitcoinAddress(address).ToString() == wladdr )
{
//fprintf(stderr, "We received from whitelisted address.%s\n", wladdr.c_str());
numvinIsWhiteList++;
//fprintf(stderr, "We received from allowlisted address.%s\n", wladdr.c_str());
numvinIsAllowList++;
}
}
}
}
// Now we know if it was a tx sent to us, by either a whitelisted address, or ourself.
// Now we know if it was a tx sent to us, by either a allowlisted address, or ourself.
if ( numvinIsOurs != 0 )
fprintf(stderr, "We sent from address: %s vins: %d\n",NotaryAddress.c_str(),numvinIsOurs);
if ( numvinIsOurs == 0 && numvinIsWhiteList == 0 )
if ( numvinIsOurs == 0 && numvinIsAllowList == 0 )
return false;
}

Write Preview
Loading…
Cancel
Save