Make sure the taker checks the value of the 2-of-2 multisig output of
the deposit tx created by the maker, before signing it. This avoids a
potential security hole, where the maker attempts to steal most of the
deposit by using the wrong output value and adding an extra 'change'
output to himself.
Note that there's no actual vulnerability at present, as the output
value is indirectly checked via the validation of the delayed payout tx.
In particular, the extra checks added in 345426f as part of #4789 (Fix
remaining blackmail vulnerabilities) place a lower bound on the delayed
payout tx input value and with it the deposit tx output value. However,
explicitly checking the amount is more robust.
* Formatting changes to chart lines and axes.
* Removed middle chart as it displays no
new info.
* Function getMonthTickLabelFormatter rounds the
tick label display to the nearest month.
Only used for chart1.
* New variable chart1XBounds to keep track of
chart1 X-axis limits, as autoRanging set false.
Restore BsqSendView to version @ commit 48a515be01.
Author: jmacxx
Date: Tue Nov 10 19:35:31 2020 -0600
Add encrypted wallet password prompt when sending funds from BSQ wallet
Correct wording of transaction confirmation popup to use 'mining fee'
instead of 'transaction fee' to make it consistent with wording of
the BTC confirmation popup.
To persist in the very last moment before exit might cause problems on some OS.
We do not have confirmed that this might be an issue but to be on the safe side
we add a 1 sec. delay between persistence completed and exit.
Keeping the bats test simple. More complex use cases are tested in
apitest, and we don't want to be trading on mainnet with a bats test.
- Add new getunusedbsqaddress test, assert success return status.
- Add new getpaymentmethods test, assert success return status.
- Change the getbalance tests to just check a sucessful '0' status code.
The api's getbalance method returns full balance info now, not just a
formatted long. We still assert the cmd did not fail, but don't check
the value string.
- Remove obsolete createpaymentacct tests.
This is well tested in apitest, and testing this cmd is unnecesarily
complex to do in a bats script.
