Make ScriptPubKeyMan an actual interface and the wallet to have multiple#17261
Make ScriptPubKeyMan an actual interface and the wallet to have multiple#17261meshcollider merged 13 commits intobitcoin:masterfrom
Conversation
|
The final diff is very similar to #16341 just with some things dropped as they were deemed unnecessary. |
achow101
force-pushed
the
wallet-box-pr-2
branch
from
1b62c69 to
c81a129
Compare
fanquake
added
Refactoring
and removed
Build system
GUI
RPC/REST/ZMQ
Utils/log/libs
labels
|
For comparison, my last ACK on the original was for c37be15. That code was identical to @ryanofsky's branch at 299296e, just using a different set of commits to get there. This PR rebases that on master @25d7e2e78137d07eb612c44d19b0d496050c947a, with the last two commits (952ba99 & 299296e) dropped. The result is f47ffe0a88111a63e1d7d98c25fbe2184215dbbe here (minus two linter changes). |
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
achow101
force-pushed
the
wallet-box-pr-2
branch
from
f47ffe0 to
4f559f7
Compare
Suggested by MarcoFalke <[email protected]> bitcoin#17260 (comment) The same check was also added in the followup commit "Refactor: Move SetupGeneration code out of CWallet" 9727a4d from bitcoin#17261, but it's safer to start checking now without waiting for that followup.
achow101
force-pushed
the
wallet-box-pr-2
branch
from
4f559f7 to
7250fab
Compare
|
Suggestion: there's a cluster of fairly trivial refactoring commits in this PR that I think could be pulled out into a separate PR and merged pretty quickly. Doing this would reduce the number of commits here by almost half:
@achow101, would you want to pull out the commits above into a separate PR? I'd also be happy to make the PR if it would be more convenient. |
achow101
force-pushed
the
wallet-box-pr-2
branch
from
7250fab to
f3c3e9e
Compare
|
@ryanofsky Done as #17304 |
Why? I thought that high-prio could only be used once per week per contributor. |
|
Achow requested it via IRC. He didn't have anything in high-prio.
…On Tue, 29 Oct 2019 at 16:15, MarcoFalke ***@***.***> wrote:
fanquake added this to Blockers in High-priority for review 5 hours ago
Why?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#17261?email_source=notifications&email_token=AAGS34SKBDHCRX7QCH2LWVLQRCKWDA5CNFSM4JFL4BW2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOECR5VXY#issuecomment-547609311>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAGS34RIQ5JLGSG4BKV3SCTQRCKWDANCNFSM4JFL4BWQ>
.
|
|
#17260 (comment) was in for this week, but fair enough |
achow101
force-pushed
the
wallet-box-pr-2
branch
from
f3c3e9e to
35b0f7b
Compare
|
re-utACK 126d6945e38cdc47b1227cdacfaa456714efcdf5 |
src/outputtype.h
Outdated
There was a problem hiding this comment.
Doesn't defining the value of non-primitive constants in the header file potentially cause linker issues in C++ (or duplication, as this literal data will be included in multiple files)?. I think it's better to only declare the variable here then initialize the value in the cpp.
There was a problem hiding this comment.
I don't think this would cause any issues since it's const. I also haven't seen any linker warnings or errors about this. I think there would only be some duplication, but isn't that the same for any constant global variable that is defined in a header?
There was a problem hiding this comment.
If you are fine trusting the word of Microsoft,
In C, constant values default to external linkage, so they can appear only in source files. In C++, constant values default to internal linkage, which allows them to appear in header files.
Another source said C++ does not normally create storage for consts, which I assume means they work like #defines, in which case there shouldn't be wasted duplicate data entries either.
There was a problem hiding this comment.
If you replace the {...} initializer with a function call, and then have the constant in multiple translation units, the function will get called once for each.
There was a problem hiding this comment.
I moved the initialization to the cpp file
This commit only affects locking behavior and doesn't have other changes.
In CWallet::LoadWallet, use this to detect and empty wallet with no keys This commit does not change behavior.
This avoids repeaded upgrades when support for more multiple keyman references is added in the next commit: bitcoin#16341 (comment)
Instead of having a uint256 representations of one scattered throughout where it is used, define it globally in uint256.h
Add wallet logic for dealing with multiple ScriptPubKeyMan instances. This doesn't change current behavior because there is still only a single LegacyScriptPubKeyMan. But in the future the new logic will be used to support descriptor wallets.
…eyMan This commit does not change behavior.
This commit does not change behavior.
Needed for future ScriptPubKeyMans which may need to create SigningProviders dynamically and thus a normal pointer is not enough This commit does not change behavior.
|
re-utACK 3f37365 |
|
re-utACK 3f37365 (it still compiles on macOS after #17261 (comment)) |
|
Tested re-ACK 3f37365 I think this is ready to go in |
ryanofsky
left a comment
ryanofsky
left a comment
There was a problem hiding this comment.
Post-merge code review ACK 3f37365. I did post two questions in review comments below that I think would be good to resolve.
Changes since last review (72df6f1):
- Dropped commit daf6d548de3efdfdb974bb52948f6086fb0e2ecc "Set state to WATCH_ONLY if we can get the pubkey"
- Added
EnsureLegacyScriptPubKeyMancreate argument to make RPCs likesethdseedwork on empty wallets coinselector_testssetup fixOUTPUT_TYPESdefinition moveAddAndGetDestinationForScriptformatting tweaks- Split commit 01b4511 "Make UpgradeKeyMetadata work only on LegacyScriptPubKeyMan" out of commit 264917ff4343b678007d89373aba6e99d521001c "Add multiple keyman maps and loops"
LegacyScriptPubKeyMan::Upgradehd split version check no longer added- Replacement hd seed generation skipped in
CWallet::EncryptWalletfor nonlegacy wallets CWallet::GetAllScriptPubKeyMansmethod added and used byCreateWalletFromFileto not skip inactive keyman instances when figuring out first key timeCWallet::GetScriptPubKeyManinternal true/false code dedupedCWallet::SetupLegacyScriptPubKeyManasserts removedLegacySigningProviderm_spk_manmember rename and comment tweak
| } | ||
| // Upgrade to HD chain split if necessary | ||
| if (m_storage.CanSupportFeature(FEATURE_HD_SPLIT)) { | ||
| if (m_storage.CanSupportFeature(FEATURE_HD_SPLIT) && CHDChain::VERSION_HD_CHAIN_SPLIT) { |
There was a problem hiding this comment.
In commit "HD Split: Avoid redundant upgrades" (415afcc):
This seems buggy and the change looks like it has no effect. Is this supposed to say && hdChain.nVersion < CHDChain::VERSION_HD_CHAIN_SPLIT?
src/wallet/wallet.cpp
Outdated
There was a problem hiding this comment.
re: #17261 (comment)
No, descriptor wallets have a different way of doing it.
In commit "Box the wallet: Add multiple keyman maps and loops" (c729afd):
It seems bad to do nothing at all and keep using unencrypted seeds for non-legacy wallets, and the comment here doesn't here doesn't explain any legacy/nonlegacy distinction. It would seem safer to trigger some kind of error for non-legacy wallets if planned behavior hasn't been implemented yet, than to just do nothing.
If there is supposed to be legacy / non-legacy distinction, it would seem better to move legacy code out of CWallet into LegacyScriptPubKeyMan in a PostEncrypt or similar ScriptPubKeyMan virtual method
12 participants
Continuation of wallet boxes project.
Actually makes ScriptPubKeyMan an interface which LegacyScriptPubkeyMan. Moves around functions and things from CWallet into LegacyScriptPubKeyMan so that they are actually separate things without circular dependencies.
Introducing the
ScriptPubKeyMan(short for ScriptPubKeyManager) for managing scriptPubKeys and their associated scripts and keys. This functionality is moved over fromCWallet. Instead,CWalletwill have a pointer to aScriptPubKeyManfor every possible address type, internal and external. It will fetch the correctScriptPubKeyManas necessary. When fetching new addresses, it chooses theScriptPubKeyManbased on address type and whether it is change. For signing, it takes the script and asks eachScriptPubKeyManfor whether thatScriptPubKeyManconsiders that scriptIsMine, whether it has that script, or whether it is able to produce a signature for it. If so, theScriptPubKeyManwill provide aSigningProviderto the caller which will use that in order to sign.There is currently one
ScriptPubKeyMan- theLegacyScriptPubKeyMan. EachCWalletwill have only oneLegacyScriptPubKeyManwith the pointers for all of the address types and change pointing to thisLegacyScriptPubKeyMan. It is created when the wallet is loaded and all keys and metadata are loaded into it instead ofCWallet. TheLegacyScriptPubKeyManis primarily made up of all of the key and script management that used to be inCWallet. For convenience,CWallethas aGetLegacyScriptPubKeyManwhich will return theLegacyScriptPubKeyManor anullptrif it does not have one (not yet implemented, but callers will check for thenullptr). For purposes of signing,LegacyScriptPubKeyMan'sGetSigningProviderwill return itself rather than a separateSigningProvider. This will be different for futureScriptPubKeyMans.The
LegacyScriptPubKeyManwill also handle the importing and exporting of keys and scripts instead ofCWallet. As such, a number of RPCs have been limited to work only if aLegacyScriptPubKeyMancan be retrieved from the wallet. These RPCs aresethdseed,addmultisigaddress,importaddress,importprivkey,importpubkey,importmulti,dumpprivkey, anddumpwallet. Other RPCs which relied on the wallet for scripts and keys have been modified in order to take theSigningProviderretrieved from theScriptPubKeyManfor a given script.Overall, these changes should not effect how everything actually works and the user should experience no difference between having this change and not having it. As such, no functional tests were changed, and the only unit tests changed were those that were directly accessing
CWalletfunctions that have been removed.This PR is the last step in the Wallet Structure Changes.