2da94a4c6f fuzz: add a fuzz target for Miniscript decoding from Script (Antoine Poinsot)
f8369996e7 Miniscript: ops limit and stack size computation (Pieter Wuille)
2e55e88f86 Miniscript: conversion from script (Pieter Wuille)
1ddaa66eae Miniscript: type system, script creation, text notation, tests (Pieter Wuille)
4fe29368c0 script: expose getter for CScriptNum, add a BuildScript helper (Antoine Poinsot)
f4e289f384 script: move CheckMinimalPush from interpreter to script.h (Antoine Poinsot)
31ec6ae92a script: make IsPushdataOp non-static (Antoine Poinsot)
Pull request description:
Miniscript is a language for writing (a subset of) Bitcoin Scripts in a structured way.
Miniscript permits:
- To safely extend the Output Descriptor language to many more scripting features thanks to the typing system (composition).
- Statical analysis of spending conditions, maximum spending cost of each branch, security properties, third-party malleability.
- General satisfaction of any correctly typed ("valid" [0]) Miniscript. The satisfaction itself is also analyzable.
- To extend the possibilities of external signers, because of all of the above and since it carries enough metadata.
Miniscript guarantees:
- That for any statically-analyzed as "safe" [0] Script, a witness can be constructed in the bounds of the consensus and standardness rules (standardness complete).
- That unless the conditions of the Miniscript are met, no witness can be created for the Script (consensus sound).
- Third-party malleability protection for the satisfaction of a sane Miniscript, which is too complex to summarize here.
For more details around Miniscript (including the specifications), please refer to the [website](https://bitcoin.sipa.be/miniscript/).
Miniscript was designed by Pieter Wuille, Andrew Poelstra and Sanket Kanjalkar.
This PR is an updated and rebased version of #16800. See [the commit history of the Miniscript repository](https://github.com/sipa/miniscript/commits/master) for details about the changes made since September 2019 (TL;DR: bugfixes, introduction of timelock conflicts in the type system, `pk()` and `pkh()` aliases, `thresh_m` renamed to `multi`, all recursive algorithms were made non-recursive).
This PR is also the first in a series of 3:
- The first one (here) integrates the backbone of Miniscript.
- The second one (#24148) introduces support for Miniscript in Output Descriptors, allowing for watch-only support of Miniscript Descriptors in the wallet.
- The third one (#24149) implements signing for these Miniscript Descriptors, using Miniscript's satisfaction algorithm.
Note to reviewers:
- Miniscript is currently defined only for P2WSH. No Taproot yet.
- Miniscript is different from the policy language (a high-level logical representation of a spending policy). A policy->Miniscript compiler is not included here.
- The fuzz target included here is more interestingly extended in the 3rd PR to check a script's satisfaction against `VerifyScript`. I think it could be further improved by having custom mutators as we now have for multisig (see https://github.com/bitcoin/bitcoin/issues/23105). A minified corpus of Miniscript Scripts is available at https://github.com/bitcoin-core/qa-assets/pull/85.
[0] We call "valid" any correctly-typed Miniscript. And "safe" any sane Miniscript, ie one whose satisfaction isn't malleable, which requires a key for any spending path, etc..
ACKs for top commit:
jb55:
ACK 2da94a4c6f
laanwj:
Light code review ACK 2da94a4c6f (mostly reviewed the changes to the existing code and build system)
Tree-SHA512: d3ef558436cfcc699a50ad13caf1e776f7d0addddb433ee28ef38f66ea5c3e581382d8c748ccac9b51768e4b95712ed7a6112b0e3281a6551e0f325331de9167
7b00595d33 build: stop overriding user CXXFLAGS (fanquake)
3e2ef23c3e build: stop overriding user LDFLAGS (fanquake)
35c3fd43c3 build: stop overriding user CPPFLAGS (fanquake)
bc7cc57607 doc: explain why we clear CXXFLAGS with enable-debug (fanquake)
Pull request description:
Historically our build system has hijacked `CXXFLAGS` and friends, and this has always been a source of complaints from users and developers. With this PR, we move away from using `CXXFLAGS`, `CPPFLAGS` and `LDFLAGS`, and instead use `CORE_*FLAGS` variables for our flags / options, leaving autoconfs `FLAG` vars to the user.
Note that there are currently two cases where we will at least clear `CXXFLAGS` (if not alreaddy overridden by the user), when doing debugging or when coverage is enabled, to avoid Autoconfs `-g -O2` CXXFLAG default.
ACKs for top commit:
hebasto:
ACK 7b00595d33
Tree-SHA512: bda936a7aa8f98a1bf1552306845cb4bbab54e19a7a0b9ce3210e10fef70db146e9fe42a0cc8c50b2908506771b5b96f39c334e41323b70ec878e4010373096c
7c218dacd0 build: specify cmake build dir for multiprocess depends build (fanquake)
Pull request description:
When no build dir is specified, cmake will warn:
```bash
Preprocessing libmultiprocess...
Configuring libmultiprocess...
CMake Warning:
No source or binary directory provided. Both will be assumed to be the
same as the current working directory, but note that this warning will
become a fatal error in future CMake releases.
```
It's unclear if this will actually ever become an error, but it's also easy
enough to just supply the directory, and save this maybe breaking in
future.
ACKs for top commit:
ryanofsky:
Code review ACK 7c218dacd0. I guess the purpose of the warning is to encourage people not to build in the source directory, but reasons for encouraging this don't really apply to the depends build system, so it is appropriate to disable the warning.
hebasto:
ACK 7c218dacd0, tested on Ubuntu 22.04.
Tree-SHA512: 6904f2095fe62cead4abc644ec888c5d836e54a3c0b2a84c467029116e5d14eba35190570acaa23c6831aed9a4a65898134480cc46cdb141279ec0dc6f534d5f
fa4943e8df doc: Add template for empty release notes (MarcoFalke)
Pull request description:
* Move release process notes from the release notes to the release process documentation
* Clarify that wallet RPC or Settings related release notes snippets should not be duplicated. I think it should be sufficient to only mention them in the wallet section and leave them out from the general RPC section.
* Create an empty template to ensure the release notes can be cleared with a single `cp` command. Also, this ensures that the "no duplication" note isn't deleted again. (We used to have it in at least the 22.0 and 21.0 release notes: https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-0.21.0.md#updated-settings , but it was lost in the 23.0 notes)
ACKs for top commit:
laanwj:
ACK fa4943e8df
Tree-SHA512: 808e100ee1e371f7746a479ddfb237c6895935cffefc0e49033505492a03288013d5c20386af30f2a7dca8ad0c0628bdb6673dcb5cc4fcf4d0183b0ec65ce941
fae211c0ae lint: Start to use py lint scripts (MarcoFalke)
fa82e890e7 Move lint script and data file to avoid lint- prefix (MarcoFalke)
Pull request description:
ACKs for top commit:
fjahr:
tACK fae211c0ae
Tree-SHA512: f8272a1bab9efb8203cac121710baae68f01f79e520ad71ff15aa516d19763d61c088b411b019de105a6a30e7ee3c274814d59963f6ac22ba1084560fb601f45
4d4dca43fc test: add regression test for bitcoin-core/gui/issues/567 (Vasil Dimov)
3b82608dd1 options: add a comment for -listenonion and dedup a long expression (Vasil Dimov)
Pull request description:
Add a test that would fail, should https://github.com/bitcoin-core/gui/issues/567 resurface.
Also, add a comment and dedup a long expression.
ACKs for top commit:
jarolrod:
reACK 4d4dca43fc
jonatack:
ACK 4d4dca43fc
hebasto:
ACK 4d4dca43fc, tested with reverting changes from bitcoin-core/gui#568, and getting an expected test failure.
shaavan:
ACK 4d4dca43fc
Tree-SHA512: 59f069bdaa84586bb599e9372f89e4e66a3cafcbf58677fdf913d685c17dfa9c3d5b118829d81021a9a33b4fd8e46d4c7eb68c1dd902cf1c44a41b8e66e2967b
112a7ab9a8 refactor: remove macOS MAP_ANONYMOUS work around (fanquake)
Pull request description:
This was added to support compilation on macOS 10.10, our minimum
required macOS is now 10.15. macOS has also supported it since 10.11.
See https://github.com/bitcoin/bitcoin/pull/9063.
macOS 12.3 manpage for mmap:
```bash
MAP_ANONYMOUS Synonym for MAP_ANON.
MAP_ANON Map anonymous memory not associated with any specific file.
```
ACKs for top commit:
laanwj:
Code review ACK 112a7ab9a8
jarolrod:
ACK 112a7ab9a8
Tree-SHA512: 920744c755d05d813ab312ff27e42eacb27b1297972800e6fb64bbaad1ea14258751a7dd80c07bfa554a172f36960b26a07505f67e82885253c8bf551073c38e
15893a0781 supp: remove Boost Valgrind suppression (fanquake)
b0740fdcb8 ci: use DWARF-4 for Valgrind CI job (fanquake)
Pull request description:
[clang-14 defaults to using DWARF-5](https://releases.llvm.org/14.0.0/tools/clang/docs/ReleaseNotes.html#dwarf-support-in-clang), which breaks vlagrinds (3.18) ability
to parse debug info. Valgrind [claims to support DWARF-5](https://valgrind.org/docs/manual/dist.news.html) from version
3.18 onwards, but maybe that only works when compiling with GCC.
Explicitly use DWARF-4 for now. Note that from 11.0 [GCC also defaults to
using DWARF-5](https://www.gnu.org/software/gcc/gcc-11/changes.html).
Also remove a Boost related suppression.
Top commit has no ACKs.
Tree-SHA512: e4f476170ac5ccbb43d26e990b24753bda3985b2ac5c8a32e74d2d1d64d1b3a2d80a90fbab345f0a9e404eac7fbd783c20147379208e615d526657e8a57890ca
d6fae988ef guix: fix vmov alignment issues with gcc 10.3.0 & mingw-w64 (fanquake)
Pull request description:
This introduces a patch to our GCC (10.3.0) mingw-w64 compiler, in Guix, to make
it avoid using aligned vmov instructions. This works around a longstanding issue
in GCC, https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54412, which was recently
discovered to be causing issues, see #24726.
Note that distros like Debian are also patching around this issue, and that is
where this patch comes from. This would also explain why we haven't run into this
problem earlier, in development builds. See:
https://salsa.debian.org/mingw-w64-team/gcc-mingw-w64/-/blob/master/debian/patches/vmov-alignment.patch.
Fixes#24726.
Alternative to #24727.
See also:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939559
ACKs for top commit:
laanwj:
Concept and code review ACK d6fae988ef
hebasto:
ACK d6fae988ef, tested Guix ` bitcoin-d6fae988eff7-win64.zip` artifact on Windows 11 Pro 21H2:
Tree-SHA512: f522efd8e604ab1d9f9c385147f6f488767cfe66f08a1c8b4ff67d448e065f8f2334bf825d99e7fe9571ada9038002b08434585f639120cb29b2e314da7b556e
When no build dir is specified, cmake will warn:
```bash
Preprocessing libmultiprocess...
Configuring libmultiprocess...
CMake Warning:
No source or binary directory provided. Both will be assumed to be the
same as the current working directory, but note that this warning will
become a fatal error in future CMake releases.
```
It's unclear if this will actually ever become an error, but it's also easy
enough to just supply the directory, and save this maybe breaking in
future.
7f6042849c build, qt: use one patch per line in depends/packages/qt.mk (Pavol Rusnak)
826cbc470f build, qt: drop fix_no_printer.patch (Hennadii Stepanov)
ef20add4c9 build, qt: bump Qt5 version to 5.15.3 (Pavol Rusnak)
Pull request description:
build, qt: bump Qt5 version to 5.15.3
Qt 5.15.3 release is a patch release made on the top of Qt 5.15.2. As a patch
release, Qt 5.15.3 does not add any new functionality but provides bug fixes
and other improvements.
https://code.qt.io/cgit/qt/qtreleasenotes.git/about/qt/5.15.3/release-note.md
* dropped patches:
- patches/qt/dont_use_avx_android_x86_64.patch
- patches/qt/fix_bigsur_style.patch
* adjusted patches:
- patches/qt/fix_android_jni_static.patch
- patches/qt/fix_limits_header.patch
- patches/qt/use_android_ndk23.patch
ACKs for top commit:
hebasto:
ACK 7f6042849c
fanquake:
ACK 7f6042849c
Tree-SHA512: dd79475901bc9636fb0ce2424f63ddfe8ab5f85f7f35ac64b0e8708042793c19663be1abdcaef6be95e30bae8aa9e6da4389d768de5c102ded8ab61b3d02b07b
37a16ffd70 refactor: fix clang-tidy named args usage (fanquake)
Pull request description:
> Incorrect named args are source of bugs, like https://github.com/bitcoin/bitcoin/pull/22979.
> To allow them being checked by clang-tidy, use a format it can understand.
Picks up #23545, with some additional changes and some feedback addressed.
With these changes invoking `./autogen.sh && ./configure CC=clang-12 CXX=clang++-12 && make clean && bear make -j9 && ( cd ./src/ && run-clang-tidy-12 -j9 )` no-longer results in named argument errors out of `clang-tidy`.
Ultimately I think we should just add `clang-tidy-*` jobs to the CI and automate things away.
ACKs for top commit:
MarcoFalke:
cr ACK 37a16ffd70
Tree-SHA512: 9bfc0d006eb187755b4fdb0bd92cee9266fc0816be42065ef7dcd885b9020ff12e3cdd7ca3a831613a56a0206d448e690ee4e1fa37628fa2013860e17f416ff3
0d01272cd8 build: don't use Boost multi_index serialization (fanquake)
Pull request description:
We don't use the serialization or archiving facilities of multi_index.
So globally disable support, which gives a minor improvement in build
time, i.e less preprocessing work, given we don't link any Boost libs.
See: https://www.boost.org/doc/libs/1_78_0/libs/multi_index/doc/tutorial/creation.html
> Serialization capabilities are automatically provided by just linking with the appropriate Boost.Serialization library module: it is not necessary to explicitly include any header from Boost.Serialization, apart from those declaring the type of archive used in the process. If not used, however, serialization support can be disabled by globally defining the macro BOOST_MULTI_INDEX_DISABLE_SERIALIZATION. Disabling serialization for Boost.MultiIndex can yield a small improvement in build times, and may be necessary in those defective compilers that fail to correctly process Boost.Serialization headers.
ACKs for top commit:
MarcoFalke:
cr ACK 0d01272cd8
Tree-SHA512: 87c664a2f142dc6b8f8598341f9829be3fda8cf614d73cc9a894c8033ee40c6daa9b50f4049ecb1f1e3aaf342568d9a5f5c65af1e04c36ee3a9cb46eca95767b
This was added to support compilation on macOS 10.10, our minimum
required macOS is now 10.15. macOS has also supported it since 10.11.
See https://github.com/bitcoin/bitcoin/pull/9063.
0c64401324 Revert "qt: Do not use QObject::tr plural syntax for numbers with a unit symbol" (Luke Dashjr)
Pull request description:
Apparently this got forgotten. Maybe too late for 23.x (it's a bugfix, but changes translation strings).
This reverts commit 3adde72bc9 (#296)
per [GChuf](https://github.com/bitcoin-core/gui/pull/296#issuecomment-962516055)
>I can confirm for slovenian and other slavic languages that we do have 3 or 4 different ways of saying "%n GB needed%, depending on the actual number of gigabytes. Similar to english "is/are". There's no way to cover all cases ... this is exactly why transifex allows you to have more than 2 options.
ACKs for top commit:
hebasto:
ACK 0c64401324, I have reviewed the code and it looks OK, I agree it can be merged.
Tree-SHA512: c01bae44a32b3ec324f2f9b8e4923bbb2e83bbd1460b745c5c911b98a9b2806fcbf815cfb19a1f1a7038c5c14312e102e7df8744c9002ef784b36d158e08eb14
3d70c05868 build: remove faketime unsetting and comments from configure.ac (fanquake)
Pull request description:
We no-longer use [`faketime`](https://github.com/wolfcw/libfaketime) (it used to be required in gitian), so as far as I'm aware, there is no need for us to unset `FAKETIME` or mention it in our build docs.
ACKs for top commit:
laanwj:
Code review ACK 3d70c05868
prusnak:
Approach ACK 3d70c05
hebasto:
ACK 3d70c05868, I have reviewed the code and it looks OK, I agree it can be merged.
Tree-SHA512: 9cf89d63b81119f3d2f02975a66ec0b93e861993fdb0e4f70538e3be6e0047dc09ce87ef2de40cbf877647a21706b39ddf07240c77765278d383d7a7878cc7eb
e8fc236da7 refactor: add missing std:: includes to threadnames.cpp (fanquake)
87f3c04cc5 doc: remove incorrect mention of PR_GET_NAME (fanquake)
Pull request description:
By removing the whole comment. These `#include // For` comments are near impossible
to maintain, pollute diffs, and generally don't add a lot of value.
While here, also add the missing `std::` includes.
ACKs for top commit:
junderw:
LGTM ACK e8fc236
Tree-SHA512: d29aff40c94f59c42f295a5738bc5ff2f4a2f2e6d270cc505f27d56d07d272597e2f8403d72fe45775661e1a1fc2af9fc52aeaeb41263bd3e9dfe255332383c8
Qt 5.15.3 release is a patch release made on the top of Qt 5.15.2. As a patch
release, Qt 5.15.3 does not add any new functionality but provides bug fixes
and other improvements.
https://code.qt.io/cgit/qt/qtreleasenotes.git/about/qt/5.15.3/release-note.md
* dropped patches:
- patches/qt/dont_use_avx_android_x86_64.patch
- patches/qt/fix_bigsur_style.patch
* adjusted patches:
- patches/qt/fix_android_jni_static.patch
- patches/qt/fix_limits_header.patch
- patches/qt/use_android_ndk23.patch
Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
7762c5683f build: Fix "ERR: Unsigned tarballs do not exist" (Hennadii Stepanov)
Pull request description:
This was missed in 53dd6165b8 (bitcoin/bitcoin#24549).
ACKs for top commit:
laanwj:
ACK 7762c5683f
fanquake:
ACK 7762c5683f - this should have been a part of #24549.
Tree-SHA512: 526e4e6ee1463003059b9703030c5b0537445783c45a205024c9c9e3493da967733153a1dc80594fed15a336805c1cf14c8d13cd106186a7544f51d0d542f335
bf77fea3c1 test: fix incorrect named args in txpackage tests (fanquake)
Pull request description:
Final non-scripted-diff commit split from #24661.
Could be tested with: `./autogen.sh && ./configure CC=clang-12 CXX=clang++-12 && make clean && bear make -j9 && ( cd ./src/ && run-clang-tidy-12 -j9 )`.
Motivation:
> Incorrect named args are source of bugs, like https://github.com/bitcoin/bitcoin/pull/22979.
> To allow them being checked by clang-tidy, use a format it can understand.
ACKs for top commit:
ajtowns:
ACK bf77fea3c1
Tree-SHA512: a13bfb5fc70424b13fbeec7f164d7a0d3b72b27ebec11dfd4115b7782a0037f26e9349e06eef8a6b17b8f529e0c7f43ae37a9c252bde65706dd164704d207d5f
This is currently causing the same failure in two different PRs:
```bash
duplicate symbol 'lcQpaFonts()' in:
/tmp/cirrus-ci-build/depends/x86_64-apple-darwin/lib/libQt5ThemeSupport.a(qgenericunixthemes.o)
/tmp/cirrus-ci-build/depends/x86_64-apple-darwin/lib/libQt5FontDatabaseSupport.a(qfontengine_coretext.o)
ld: 1 duplicate symbol for architecture x86_64
```
```bash
x86_64-apple-darwin-ld: error: duplicate symbol: __Z10lcQpaFontsv
>>> defined in /tmp/cirrus-ci-build/depends/x86_64-apple-darwin/lib/libQt5ThemeSupport.a(qgenericunixthemes.o)
>>> defined in /tmp/cirrus-ci-build/depends/x86_64-apple-darwin/lib/libQt5FontDatabaseSupport.a(qfontengine_coretext.o)
```
Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
21520b9551 fuzz: add target for coinselection (Martin Zumsande)
Pull request description:
This adds a fuzz target for the coinselection algorithms by creating random `OutputGroup`s and running all three coin selection algorithms for them.
It does not fuzz higher-level wallet logic for selecting eligible coins (as in `SelectCoins()`), thought it probably would make sense to have a fuzz target for that too.
ACKs for top commit:
achow101:
ACK 21520b9551
vasild:
ACK 21520b9551
Tree-SHA512: c763003cf5ff5317f929d3d0b2f06fa739ae41dd642042d9a5c5c96e6cb9b349a6c7aeabc77bc2b846d12c8bcb60e07ee20a9f38539429c65723ab76aeee6b2e
0c12f0116c wallet: Postpone NotifyWalletLoaded() for encrypted wallets (Hennadii Stepanov)
aeee419c6a wallet, refactor: Add wallet::NotifyWalletLoaded() function (Hennadii Stepanov)
Pull request description:
Fixesbitcoin-core/gui#571.
`CWallet::Create()` notifies about wallet loading too early, that results the notification goes before `DescriptorScriptPubKeyMan`s were created and added to an encrypted wallet.
And `interfaces::Wallet::taprootEnabled()` in ecf692b466/src/qt/receivecoinsdialog.cpp (L100-L102) erroneously returns `false` for just created encrypted descriptor wallets.
ACKs for top commit:
Sjors:
utACK 0c12f0116c
achow101:
ACK 0c12f0116c
Tree-SHA512: 2694bacd12748cd5f6c95d9d3bf8bcf4502ee67fecd8d057f33236b72069c61401b08f49deb013fc71c3f1e51ae16bdfd827ddcbc2a083d7044589be7a78982e
71038a151e rpc: Fix documentation assertion for `getrawtransaction` (laanwj)
Pull request description:
When `getrawtransaction` is successfully used on a coinbase transaction, there is an assertion error. This is very unlikely but happens in the `interface_usdt_utxocache.py` test in #24358.
This does the following:
- Add missing "coinbase" documentation.
- Synchronize documentation between `getrawtransaction` and `decoderawtransaction`, the two users of `TxToUniv` that have detailed documentation. `decodepsbt` and `getblock` also uses it but fortunately elides this block.
- Change "vout[].amount" to `STR_AMOUNT` for consistency.
- Add maintainer comment to keep the two places synchronized. It might be possible to get smarter with deduplication, but there are some extra fields that prevent the obvious way.
ACKs for top commit:
jonatack:
ACK 71038a151e
Tree-SHA512: 962236130455d805190ff9a5c971e4e25c17db35614a90ce340264ec953b0ad7fb814eb33ae430b5073955a8a350f72bdd67ba93e35f9c70e5175b836a767a35
