Wallet, GUI: Warn when sending to already-used Bitcoin addresses#15987
Wallet, GUI: Warn when sending to already-used Bitcoin addresses#15987luke-jr wants to merge 12 commits intobitcoin:masterfrom
Conversation
|
Meta-concept-ack! we should absolutely do something like this (I haven't looked at the specifics of what this does yet) |
src/qt/sendcoinsdialog.cpp
Outdated
There was a problem hiding this comment.
Note: //: is how Qt lets us add notes for translators. (I'm not sure if it survives to Transifex?)
There was a problem hiding this comment.
Note:
//:is how Qt lets us add notes for translators. (I'm not sure if it survives to Transifex?)
Smth like #21465 is required for that.
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
|
Concept ACK This addresses #3266 I assume |
|
It doesn't take into consideration all the ideas/advice (even my own!) on #3266, but yes, it implements the general idea I think. |
|
Concept ACK |
1 similar comment
|
Concept ACK |
|
Concept ACK, didn't see the code but maybe you could split RPC changes to other PR? |
|
Concept ACK, but agree with @promag on splitting When I enter a duplicate address the field becomes yellow as expected, but when I also enter an absurdly high amount, it no longer shows the "insufficient balance error", but instead ignores the amount I entered and falls back to the previous amount. Also |
luke-jr
changed the title
luke-jr
force-pushed
the
wallet_no_reuse
branch
from
3a6d7ce to
c37f306
Compare
|
Rebased, fixed issues, and moved RPC change to a new |
luke-jr
force-pushed
the
wallet_no_reuse
branch
2 times, most recently
from
65c3c70 to
545af21
Compare
|
concept ACK |
- Dialog icon can be changed - Both buttons can be replaced with other standard buttons - "Yes" button can be renamed
luke-jr
force-pushed
the
wallet_no_reuse
branch
from
545af21 to
391c5d9
Compare
Sjors
left a comment
Sjors
left a comment
There was a problem hiding this comment.
391c5d9 looks good, except the triplet of choices is confusing:
- try renaming
OKtoCanceland making that the default action Overrideshould beSendorSend anyway(I initially thought Override meant overriding the address)- Consider dropping
Show Detailsand instead putSent ... BTC to this address across 2 transactions from 15-11-2019 through 15-11-2019as a text under the address. Being able to put an error message right under the address is useful for a #16807 GUI followup too.
| } | ||
|
|
||
| void CWallet::AddToAddressBloomFilter(const CWalletTx& wtx) | ||
| { |
There was a problem hiding this comment.
Assert that m_address_bloom_filter has been built?
| void UnlockAllCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_wallet); | ||
| void ListLockedCoins(std::vector<COutPoint>& vOutpts) const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet); | ||
|
|
||
| bool FindScriptPubKeyUsed(const std::set<CScript>& keys, const boost::variant<boost::blank, std::function<void(const CWalletTx&)>, std::function<void(const CWalletTx&, uint32_t)>>& callback = boost::blank()) const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet); |
There was a problem hiding this comment.
Can you document the params here? Also maybe explicitly state that this function corrects for any false positives found with the bloom filter.
I think using std::vector<CWalletTx&>& transactions instead of a callback is more readable (and avoids Boost). Or do you need this to be asynchronous?
| if (!found_any) { | ||
| return false; | ||
| } | ||
|
|
There was a problem hiding this comment.
Suggested comment: // Bloom filters can return false positives, so iterate through all wallet addresses
There was a problem hiding this comment.
Could early return if no callback?
| namespace interfaces { | ||
| namespace { | ||
|
|
||
| std::set<CScript> AddressesToKeys(std::vector<std::string> addresses) |
|
|
||
| // Check address for validity | ||
| bool validateAddress(const QString &address); | ||
| bool checkAddressForUsage(const std::vector<std::string>& addresses) const; |
| QStringList addresses; | ||
| for (const auto& recipient : recipients) { | ||
| #ifdef ENABLE_BIP70 | ||
| if (recipient.paymentRequest.IsInitialized()) continue; |
There was a problem hiding this comment.
Maybe add a comment here. Why not put ifndef ENABLE_BIP70 before the entire { block? Can users manually add destinations to a BIP70 payment?
There was a problem hiding this comment.
Can users manually add destinations to a BIP70 payment?
BIP70 is no longer supported. Looks like this needs to be rebased on master and any ENABLE_BIP70 additions needs to be removed.
| Needs rebase |
promag
left a comment
promag
left a comment
There was a problem hiding this comment.
Would it be too bad to index all wallet's scriptPubKey?
| if (!found_any) { | ||
| return false; | ||
| } | ||
|
|
There was a problem hiding this comment.
Could early return if no callback?
|
Planning to redo this as an addressbook |
|
@luke-jr re-open? |
|
Up for grabs? |
|
It's maintained. PR is pending on bitcoin-core/gui#404 |
aeb18b6 Bugfix: GUI: Check validity when QValidatedLineEdit::setText is called (Luke Dashjr) b1a544b Bugfix: GUI: Re-check validity after QValidatedLineEdit::setCheckValidator (Luke Dashjr) 2385b50 Bugfix: GUI: Only apply invalid style to QValidatedLineEdit, not its tooltip (Luke Dashjr) Pull request description: 1. Use a CSS selector to avoid changing the background colour of the tooltip. 2. Re-check validity of input when we first set the validator (probably a no-op in practice). 3. Check validity of input when it is set programmatically via `setText` (eg, via the address book). Probably no-op in practice UNTIL merging bitcoin/bitcoin#15987 or any other PR that adds a warning for valid addresses. Moved from bitcoin/bitcoin#18133 (just concept ACKs) ACKs for top commit: Sjors: tACK aeb18b6 hebasto: ACK aeb18b6, tested on Linux Mint 20.3 (Qt 5.12.8). Tree-SHA512: b6fa8ee4dec76e1c759095721240e6fa5071a02993cb28406e96a0fa2e819f5dddc03d2e7c9073354d7865c2b09eb263afaf853ecba42e9fc4f50ef4ae20bf0f
…ineEdit aeb18b6 Bugfix: GUI: Check validity when QValidatedLineEdit::setText is called (Luke Dashjr) b1a544b Bugfix: GUI: Re-check validity after QValidatedLineEdit::setCheckValidator (Luke Dashjr) 2385b50 Bugfix: GUI: Only apply invalid style to QValidatedLineEdit, not its tooltip (Luke Dashjr) Pull request description: 1. Use a CSS selector to avoid changing the background colour of the tooltip. 2. Re-check validity of input when we first set the validator (probably a no-op in practice). 3. Check validity of input when it is set programmatically via `setText` (eg, via the address book). Probably no-op in practice UNTIL merging bitcoin#15987 or any other PR that adds a warning for valid addresses. Moved from bitcoin#18133 (just concept ACKs) ACKs for top commit: Sjors: tACK aeb18b6 hebasto: ACK aeb18b6, tested on Linux Mint 20.3 (Qt 5.12.8). Tree-SHA512: b6fa8ee4dec76e1c759095721240e6fa5071a02993cb28406e96a0fa2e819f5dddc03d2e7c9073354d7865c2b09eb263afaf853ecba42e9fc4f50ef4ae20bf0f
|
Now blocking on PR #22693 for wallet changes |
13 participants
GUIUtil::dateTimeStrto not overflow with 64-bit timestamps.)