Merge pull request #1440 from psgreco/elem-23.2.7rc5

Prepare 23.2.7rc5

Author: delta1

SECURITY.md

@@ -2,7 +2,7 @@ AC_PREREQ([2.69])
 define(_CLIENT_VERSION_MAJOR, 23)
 define(_CLIENT_VERSION_MINOR, 2)
 define(_CLIENT_VERSION_BUILD, 7)
-define(_CLIENT_VERSION_RC, 4)
+define(_CLIENT_VERSION_RC, 5)
 define(_CLIENT_VERSION_IS_RELEASE, true)
 define(_COPYRIGHT_YEAR, 2025)
 define(_COPYRIGHT_HOLDERS,[The %s developers])

configure.ac

@@ -68,11 +68,13 @@ bool CreateAssetSurjectionProof(std::vector<unsigned char>& output_proof, const
 
 bool VerifyBlindAssetProof(const uint256& asset, const std::vector<unsigned char>& proof, const CConfidentialAsset& conf_asset)
 {
+    if (conf_asset.vchCommitment.size() != CConfidentialAsset::nCommittedSize || proof.empty()) {
+        return false;
+    }
     secp256k1_surjectionproof surj_proof;
     if (secp256k1_surjectionproof_parse(secp256k1_blind_context, &surj_proof, proof.data(), proof.size()) == 0) {
         return false;
     }
-
     secp256k1_generator blinded_asset_gen;
     if (secp256k1_generator_parse(secp256k1_blind_context, &blinded_asset_gen, conf_asset.vchCommitment.data()) == 0) {
         return false;

src/blindpsbt.cpp

@@ -390,6 +390,9 @@ bool VerifyAmounts(const std::vector<CTxOut>& inputs, const CTransaction& tx, st
         }
         if (!ptxoutwit)
             return false;
+        if (asset.vchCommitment.size() != CConfidentialAsset::nCommittedSize || ptxoutwit->vchSurjectionproof.empty()) {
+            return false;
+        }
         if (secp256k1_generator_parse(secp256k1_ctx_verify_amounts, &gen, &asset.vchCommitment[0]) != 1)
             return false;
 

src/confidential_validation.cpp

@@ -55,7 +55,7 @@ static const unsigned int MAX_STANDARD_SCRIPTSIG_SIZE = 1650;
  * standard and should be done with care and ideally rarely. It makes sense to
  * only increase the dust limit after prior releases were already not creating
  * outputs below the new threshold */
-static const unsigned int DUST_RELAY_TX_FEE = 3000;
+static const unsigned int DUST_RELAY_TX_FEE = 100;
 /**
  * Standard script verification flags that standard transactions will comply
  * with. However scripts violating these flags may still be present in valid
@@ -89,6 +89,9 @@ static constexpr unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCR
 static constexpr unsigned int STANDARD_LOCKTIME_VERIFY_FLAGS = LOCKTIME_VERIFY_SEQUENCE |
                                                                LOCKTIME_MEDIAN_TIME_PAST;
 
+// ELEMENTS: keep a copy of the upstream default dust relay fee rate
+static const unsigned int DUST_RELAY_TX_FEE_BITCOIN = 3000;
+
 CAmount GetDustThreshold(const CTxOut& txout, const CFeeRate& dustRelayFee);
 
 bool IsDust(const CTxOut& txout, const CFeeRate& dustRelayFee);

src/policy/policy.h

@@ -794,6 +794,7 @@ BOOST_AUTO_TEST_CASE(test_IsStandard)
     CheckIsStandard(t);
 
     // Check dust with default relay fee:
+    dustRelayFee = CFeeRate(DUST_RELAY_TX_FEE_BITCOIN); // ELEMENTS: use the Bitcoin default dust relay feerate
     CAmount nDustThreshold = 182 * dustRelayFee.GetFeePerK() / 1000;
     BOOST_CHECK_EQUAL(nDustThreshold, 546);
     // dust:
@@ -829,7 +830,7 @@ BOOST_AUTO_TEST_CASE(test_IsStandard)
     // not dust:
     t.vout[0].nValue = 674;
     CheckIsStandard(t);
-    dustRelayFee = CFeeRate(DUST_RELAY_TX_FEE);
+    dustRelayFee = CFeeRate(DUST_RELAY_TX_FEE_BITCOIN); // ELEMENTS: use the Bitcoin default dust relay feerate
 
     t.vout[0].scriptPubKey = CScript() << OP_1;
     CheckIsNotStandard(t, "scriptpubkey");

src/test/transaction_tests.cpp

@@ -106,6 +106,44 @@ def test_wallet_recovery(self):
         # clean up blind_details
         os.remove(file_path)
 
+    def test_no_surj(self):
+        self.generate(self.nodes[0], 1)
+
+        tx_hex = self.nodes[0].createrawtransaction([], [{self.nodes[1].getnewaddress(): 1000}])
+        tx_hex = self.nodes[0].fundrawtransaction(tx_hex)['hex']
+        tx_hex = self.nodes[0].blindrawtransaction(tx_hex)
+        # coming from initial free coins: no need to sign
+        assert_equal(self.nodes[0].testmempoolaccept([tx_hex])[0]['allowed'], True) # tx is ok
+
+        # remove a surjection proof from the tx
+        tx = CTransaction()
+        tx.deserialize(io.BytesIO(bytes.fromhex(tx_hex)))
+        tx.wit.vtxoutwit[0].vchSurjectionproof = b''
+        tx_hex = tx.serialize().hex()
+
+        # Both of these make the node crash
+        assert_equal(self.nodes[0].testmempoolaccept([tx_hex])[0]['allowed'], False)
+        assert_raises_rpc_error(-26, "bad-txns-in-ne-out", self.nodes[0].sendrawtransaction, tx_hex)
+
+    def test_no_range(self):
+        self.generate(self.nodes[0], 1)
+
+        tx_hex = self.nodes[0].createrawtransaction([], [{self.nodes[1].getnewaddress(): 1000}])
+        tx_hex = self.nodes[0].fundrawtransaction(tx_hex)['hex']
+        tx_hex = self.nodes[0].blindrawtransaction(tx_hex)
+        # coming from initial free coins: no need to sign
+        assert_equal(self.nodes[0].testmempoolaccept([tx_hex])[0]['allowed'], True) # tx is ok
+
+        # remove a surjection proof from the tx
+        tx = CTransaction()
+        tx.deserialize(io.BytesIO(bytes.fromhex(tx_hex)))
+        tx.wit.vtxoutwit[0].vchRangeproof = b''
+        tx_hex = tx.serialize().hex()
+
+        # Both of these make the node crash
+        assert_equal(self.nodes[0].testmempoolaccept([tx_hex])[0]['allowed'], False)
+        assert_raises_rpc_error(-26, "bad-txns-in-ne-out", self.nodes[0].sendrawtransaction, tx_hex)
+
     def test_null_rangeproof_enforcement(self):
         self.generate(self.nodes[0], 1)
 
@@ -160,6 +198,12 @@ def test_null_rangeproof_enforcement(self):
 
     def run_test(self):
 
+        print("Testing a transaction with a missing surjection proof")
+        self.test_no_surj()
+
+        print("Testing a transaction with a missing range proof")
+        self.test_no_range()
+
         print("Testing that null issuances must have null rangeproofs")
         self.test_null_rangeproof_enforcement()
 

test/functional/feature_confidential_transactions.py

@@ -46,6 +46,7 @@ def set_test_params(self):
             '-txindex',
             '-txindex','-permitbaremultisig=0',
             '-multi_data_permitted=1', # Elements test
+            '-dustrelayfee=0.00003000', # ELEMENTS: use the Bitcoin default dust relay fee rate
         ]] * self.num_nodes
         self.supports_cli = False
 

test/functional/mempool_accept.py

@@ -113,6 +113,7 @@
     'wallet_elements_regression_1172.py --legacy-wallet',
     'wallet_elements_regression_1259.py --legacy-wallet',
     'wallet_elements_21million.py',
+    'wallet_elements_dust_relay.py',
     'feature_trim_headers.py',
     # Longest test should go first, to favor running tests in parallel
     'wallet_hd.py --legacy-wallet',

test/functional/test_runner.py

@@ -0,0 +1,123 @@
+#!/usr/bin/env python3
+# Copyright (c) 2017-2020 The Bitcoin Core developers
+# Distributed under the MIT software license, see the accompanying
+# file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+from decimal import Decimal
+from test_framework.test_framework import BitcoinTestFramework
+from test_framework.util import (
+    assert_equal,
+    assert_raises_rpc_error,
+)
+
+class WalletTest(BitcoinTestFramework):
+    def set_test_params(self):
+        self.setup_clean_chain = False
+        self.num_nodes = 2
+        args = [
+            "-blindedaddresses=1",
+            "-minrelaytxfee=0.00000100",
+        ]
+        self.extra_args = [
+            args,
+            args + ["-dustrelayfee=0.00003000"], # second node uses default upstream dustrelayfee
+        ]
+
+    def skip_test_if_missing_module(self):
+        self.skip_if_no_wallet()
+
+    def select_unblinded_utxo(self, node):
+        for utxo in node.listunspent():
+            if utxo["amountblinder"] == "00" * 32:
+                return utxo
+            else:
+                continue
+        raise Exception("no unblinded utxo")
+
+    def run_test(self):
+        assert_equal(self.nodes[0].getbalance(), {'bitcoin': 1250})
+        assert_equal(self.nodes[1].getbalance(), {'bitcoin': 1250})
+
+        addr = self.nodes[0].getnewaddress()
+
+        # test dust threshold for upstream dustrelayfee=3sat/vb
+        # 495 sats should succeed for blinded output value
+        amt = "0.00000495"
+        self.nodes[1].sendtoaddress(address=addr, amount=amt)
+        self.generate(self.nodes[1], 1, sync_fun=self.no_op)
+
+        # 494 sats should fail for blinded output value
+        amt = "0.00000494"
+        assert_raises_rpc_error(-6, "Transaction amount too small", self.nodes[1].sendtoaddress, address=addr, amount=amt)
+
+        addr = self.nodes[1].getnewaddress()
+
+        # test dust threshold for elements default dustrelayfee=0.1sat/vb
+        # 17 sats should succeed for blinded output value
+        amt = "0.00000017"
+        self.nodes[0].sendtoaddress(address=addr, amount=amt)
+        self.generate(self.nodes[0], 1, sync_fun=self.no_op)
+
+        # 16 sats should fail for blinded output value
+        amt = "0.00000016"
+        assert_raises_rpc_error(-6, "Transaction amount too small", self.nodes[0].sendtoaddress, address=addr, amount=amt)
+
+        # a blinded transaction created manually can have an output value as low as 1 sat
+        addr = self.nodes[1].getnewaddress()
+        changeaddr = self.nodes[0].getnewaddress()
+        utxo = self.nodes[0].listunspent()[0]
+        amt = Decimal("0.00000001")
+        fee = Decimal("0.00000258")
+        change = utxo["amount"] - amt - fee
+        inputs = [{"txid": utxo["txid"], "vout": utxo["vout"]}]
+        outputs = [{addr: amt}, {changeaddr: change}, {"fee": fee}]
+        raw = self.nodes[0].createrawtransaction(inputs, outputs)
+        blinded = self.nodes[0].blindrawtransaction(raw)
+        signed = self.nodes[0].signrawtransactionwithwallet(blinded)
+        assert signed["complete"]
+        tx = signed["hex"]
+        assert self.nodes[1].testmempoolaccept([tx])[0]["allowed"]
+        assert self.nodes[0].testmempoolaccept([tx])[0]["allowed"]
+        assert_equal(self.nodes[1].sendrawtransaction(tx), self.nodes[0].sendrawtransaction(tx))
+        self.generate(self.nodes[0], 1, sync_fun=self.no_op)
+
+        # explicit transactions have slightly smaller outputs
+        # node 0 will accept an output value of 14 sats but node 1 will not
+        addr = self.nodes[1].getnewaddress(address_type="bech32")
+        changeaddr = self.nodes[0].getnewaddress(address_type="bech32")
+        utxo = self.select_unblinded_utxo(self.nodes[0])
+        amt = Decimal("0.00000014")
+        fee = Decimal("0.00000258")
+        change = utxo["amount"] - amt - fee
+        inputs = [{"txid": utxo["txid"], "vout": utxo["vout"]}]
+        outputs = [{addr: amt}, {changeaddr: change}, {"fee": fee}]
+        raw = self.nodes[0].createrawtransaction(inputs, outputs)
+        signed = self.nodes[0].signrawtransactionwithwallet(raw)
+        assert signed["complete"]
+        tx = signed["hex"]
+        assert self.nodes[0].testmempoolaccept([tx])[0]["allowed"]
+        assert not self.nodes[1].testmempoolaccept([tx])[0]["allowed"]
+        self.nodes[0].sendrawtransaction(tx)
+        assert_raises_rpc_error(-26, "dust", self.nodes[1].sendrawtransaction, tx)
+        self.generate(self.nodes[0], 1, sync_fun=self.no_op)
+
+        # neither node will accept an explicit output value of 13 sats
+        addr = self.nodes[1].getnewaddress(address_type="bech32")
+        changeaddr = self.nodes[0].getnewaddress(address_type="bech32")
+        utxo = self.select_unblinded_utxo(self.nodes[0])
+        amt = Decimal("0.00000013")
+        fee = Decimal("0.00000258")
+        change = utxo["amount"] - amt - fee
+        inputs = [{"txid": utxo["txid"], "vout": utxo["vout"]}]
+        outputs = [{addr: amt}, {changeaddr: change}, {"fee": fee}]
+        raw = self.nodes[0].createrawtransaction(inputs, outputs)
+        signed = self.nodes[0].signrawtransactionwithwallet(raw)
+        assert signed["complete"]
+        tx = signed["hex"]
+        assert not self.nodes[0].testmempoolaccept([tx])[0]["allowed"]
+        assert not self.nodes[1].testmempoolaccept([tx])[0]["allowed"]
+        assert_raises_rpc_error(-26, "dust", self.nodes[0].sendrawtransaction, tx)
+        assert_raises_rpc_error(-26, "dust", self.nodes[1].sendrawtransaction, tx)
+
+if __name__ == '__main__':
+    WalletTest().main()