The BisqTransactionSigner signs the inputs of a transaction after the
given offset using the LocalOffsetTransactionSigner. The
LocalOffsetTransactionSigner is identical to BitcoinJ's
LocalTransactionSigner. The only difference is that the
LocalOffsetTransactionSigner accepts an offset in its constructor. All
inputs below this offset are skipped during signing.
This is needed for Bisq's BSQ implementation because the mining fees of
BSQ transactions come from Bisq's BTC wallet. BitcoinJ's
LocalTransactionSigner expects all inputs to be part of the same wallet.
Removed *non-printable characters* that were accidentally added
during word analysis of the translations file:
... (например, «С днем \u200b\u200bрождения, Сьюзен!») ...
While apparently harmless and invisible, these do not belong
and a needle in the haystack later, so removing them now.
Previously, about 1,585 out of 2,676 strings (59.23%) were
translated into Russian, the rest remained in English.
This meant a native Russian speaker with limited English
ability might have great difficulty using Bisq application
and might not understand or notice the way the system
works and the many important pop-ups that can appear.
Now there are about 2,103 strings in Russian (78.59%) and
most of the messages the end user normally would see are
displayed in Russian, making the application very usable.
Users in most countries (see BankUtil.useValidation() ) can create a "Transfer Same Bank"
account with no BIC/SWIFT code. However, to create an offer using this account, it must
have a bankId or JAVA will throw a 'null pointer exception', and the app. will become
unhealthy and hang trying on exit. This fix adds a validation check for the condition and
throws a more "friendly" exception which explains the problem and keeps the app. healthy.
Offers match these payment method types only if bank names entered
in the maker and taker accounts are the same. However, if the maker
entered, for example, "BANK OF AMERICA" as bank name in their Bisq
account but the taker entered "Bank of America", the offer account
mismatches without this fix to make the match case-insensitive.
Added new displayStrings into other language files as a placeholder for
future translation, minor revision to order of payment method fields
in source code (cosmetic, no impact on functionality)
This is the standard P2P payment method in Russia to perform funds transfers and
payments between Russian bank accounts in Russian Rubles. There is no chargeback
risk. Recipient bank account is located using telephone number and bank name,
and sender receives recipients first name, middle name, and initial of last name
to confirm the phone number entered is correct before sending. Adding this new
payment method has been discussed at length on the GitHub 'growth' channel at:
https://github.com/bisq-network/growth/issues/288
The Bisq policy for displayStrings is stated in the comments
at the beginning of the primary (English) file that all string
keys should be present in all language files, even though
fallthrough would otherwise result. In reviewing how well
the language files actually comply with this rule, just 5
strings out 2,670 did not comply; these changes correct that
and restore all language files to have all strings.
Original commit omitted the new display string used by this new
feature. Additionally, added two unittests to verify the code
changes in this pull request work and do not break existing
functionality.
By default, JAVA sorts foreign characters below English characters.
However, the payment methods that are translated are also more
likely to be used by someone native to that language, so it makes
better sense to sort as two separate sets and put the foreign
language ones on top. This commit does that for payment methods.
Prevent 'KeyIsEncryptedException' from being thrown when signing with a
'LowRSigningKey'-wrapped, encrypted HD key, due to breakage of the
apparent invariant that the 'keyCrypter' field of 'ECKey' should be null
whenever the key isn't encrypted.
When signing with a wrapped, encrypted HD key, the original key is
decrypted and then re-wrapped as a 'LowRSigningKey' instance. This was
blindly copying the 'keyCrypter' property of the decrypted key. But
'DeterministicKey::getKeyCrypter' returns non-null if its parent does,
even if the actual field is null, and the decrypted HD key has the same
parent as the encrypted original. Thus, blindly copying the property
(rather than the field) breaks the above invariant.
Fixes issue #7241 with blind voting, caused by the earlier PR #7238
which introduced low-R nonce grinding.
To slightly save storage & bandwidth, create low-R signatures in places
besides tx ScriptSigs & witnesses, such as merit lists, proofs of burn,
filter, alert & accounting authentication data.
(Also, to make setup of mock keys a little easier, bypass wrapping of
keys that are already instances of 'LowRSigningKey' in the factory
method, 'LowRSigningKey.from(ECKey)'.)
Provide a 'BisqWallet' subclass of 'o.b.w.Wallet', in order to override
the 'signTransaction' method used internally by the bitcoinj SendRequest
API, so that it always produces txs with low-R signatures.
Also modify 'WalletService.signTransactionInput' to likewise wrap wallet
keys, so that the provided tx input is given a low-R signature.
Finally, modify the manual signing logic in TradeWalletService to wrap
multisig & deposit input keys, which should cover all tx signing in the
Bisq application.
Implement low-R nonce grinding with the class 'LowRSigningKey', which
always produces low-R signatures, consistent with the behaviour of
Bitcoin Core/Knots (post-2018), Sparrow, Coldcard and possibly other
wallets with recent updates, for hopefully improved privacy and slightly
lower and more predictable tx fees. Canonical DER-encoded signatures are
usually either 71 or 70 bytes (starting with hex 3045 or 3044 resp.),
with roughly 50-50 odds, depending on whether they are high-R or low-R.
(Less than 1% of the time, they will be shorter than 70 bytes, because
of the variable length bigint R & S encodings.) So trying different
nonces for low-R saves half-a-byte on average, at the cost of doubling
the average signing time.
To this end, provide the class 'CountingHMacDSAKCalculator' to supply a
custom nonce to 'o.b.c.s.ECDSASigner'. The first invocation of the
k-calculator instance matches the output of the RFC 6979 compliant
Bouncy Castle version, but subsequent invocations increment an internal
counter supplied as additional data/entropy to the HMAC, as mentioned in
section 3.6 of the RFC, until a low-R signature results. In this way, a
deterministic signing algorithm exactly matching that of (post-2018
versions of) Bitcoin Core results.
Also add unit tests, with test vectors taken from the RFC (which only
covers the NIST curves, unfortunately, not secp256k1), and test vectors
generated from signed txs created by the 'bitcoin-tx' command.
Replace the streaming of Map entry sets to pick out a single entry by
key equality, and instead do a lookup into the map. Also, optimise the
date range filtering in 'TradeStatisticsManager::getTradeStatisticsList'
by using 'RangeUtils::subSet' to avoid scanning the entire collection.
(This method is applicable, as the trade statistics set is navigable and
naturally sorted by date.)
