New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unlocking an encrypted wallet for a very long time fails silently #12100
Comments
The field is an I suppose this should be a |
Any value 2^63 and greater is already rejected. The bug I'm reporting is for numbers between 359711509437336257 and 2^63-1. ie.
|
Oh crap, I had a complete failure of math. My bad. |
It turns out I'm wrong:
So there are some bigger numbers of seconds I can unlock for. But I can't unlock for exactly 359711509437336257 seconds. |
|
The problem is that it uses a
|
I was thinking it might be because boost's posix_time::seconds is a 'long'. I notice the unlocking for 2^31 seconds works, but unlocking for 2^31+1 seconds doesn't. The RPCRunLater() callback which re-locks the wallet is running instantly when the 32 bit signed long number of seconds wraps around to a negative value.
2147483648 seconds is a little over 68 years which should be long enough. Maybe we should simply limit the unlock time to 2^31 seconds. Edit: or treat any number greater than 2^31 as meaning "forever", and skip the RPCRunLater() call. |
2^31+1 works find for me. |
OK. I've been testing against a very old version of Bitcoin. I'll try with the master branch. |
Through my basic testing, I have found that |
I found the same. It changes at
|
Yup, looks like it to me:
I guess the solution is to just put a bounds check at 9223372036854775 seconds. |
9223372036854775 seconds is 292 million years. Seems pretty safe to skip over the RPCRunLater() call if the specified time offset is greater than that... |
Actually it might be easier and make more sense when reading the code to make the input field an |
Wouldn't doing that break any existing script that runs "walletpassphrase $pass 9999999999" for instance. That call currently works, but stops working if we require the time to fit within 32 bits. How about this?
|
I'm wary of allowing super long timeouts since it keeps the unencrypted keys in memory. With the recent news of the Spectre and Meltdown attacks, I don't think allowing such large timeouts is a good idea at all as we should be trying to keep private keys in memory for as little time as possible. |
I'm thinking of hot wallets for sites which offer automated payments. If there's no way of keeping the private keys in memory constantly then I'll have no choice but not to use encryption at all for those wallets. At least using encryption but having the wallet unlocked on load means that stolen backups don't leak your private keys. |
136 years is still sufficient for that use case. |
This might be a cleaner patch:
|
136 years is long enough, but existing scripts could be using a value like 9999999999 which currently works and which your proposed fix would break. |
Yes, and the fix for it is trivial. Just make the value 999999. The change will be documented in the release notes. You can also make an alternative PR with your proposal. |
Fair enough. I don't see why you would want to break the existing scripts when there's an equally good fix which doesn't break them. |
…k its bounds 134cdc7 Test walletpassphrase timeout bounds and clamping (Andrew Chow) 0b63e3c Clamp walletpassphrase timeout to 2^(30) seconds and check its bounds (Andrew Chow) Pull request description: Fixes #12100 Makes the timeout be clamped to 2^30 seconds to avoid the issue with sign flipping with large timeout values and thus relocking the wallet instantly. Unlocking for at most ~34 years should be sufficient. Also checks that the timeout is not negative to avoid instant relocks. Tree-SHA512: 426922f08c54e323d259e25dcdbebc2cd560708a65111ce6051493a7e7c61e79d9da1ea4026cc0d68807d728f5d7c0d7c58168c6ef4167b94cf6c2877af88794
…nd check its bounds 134cdc7 Test walletpassphrase timeout bounds and clamping (Andrew Chow) 0b63e3c Clamp walletpassphrase timeout to 2^(30) seconds and check its bounds (Andrew Chow) Pull request description: Fixes bitcoin#12100 Makes the timeout be clamped to 2^30 seconds to avoid the issue with sign flipping with large timeout values and thus relocking the wallet instantly. Unlocking for at most ~34 years should be sufficient. Also checks that the timeout is not negative to avoid instant relocks. Tree-SHA512: 426922f08c54e323d259e25dcdbebc2cd560708a65111ce6051493a7e7c61e79d9da1ea4026cc0d68807d728f5d7c0d7c58168c6ef4167b94cf6c2877af88794
…nd check its bounds 134cdc7 Test walletpassphrase timeout bounds and clamping (Andrew Chow) 0b63e3c Clamp walletpassphrase timeout to 2^(30) seconds and check its bounds (Andrew Chow) Pull request description: Fixes bitcoin#12100 Makes the timeout be clamped to 2^30 seconds to avoid the issue with sign flipping with large timeout values and thus relocking the wallet instantly. Unlocking for at most ~34 years should be sufficient. Also checks that the timeout is not negative to avoid instant relocks. Tree-SHA512: 426922f08c54e323d259e25dcdbebc2cd560708a65111ce6051493a7e7c61e79d9da1ea4026cc0d68807d728f5d7c0d7c58168c6ef4167b94cf6c2877af88794
…nd check its bounds 134cdc7 Test walletpassphrase timeout bounds and clamping (Andrew Chow) 0b63e3c Clamp walletpassphrase timeout to 2^(30) seconds and check its bounds (Andrew Chow) Pull request description: Fixes bitcoin#12100 Makes the timeout be clamped to 2^30 seconds to avoid the issue with sign flipping with large timeout values and thus relocking the wallet instantly. Unlocking for at most ~34 years should be sufficient. Also checks that the timeout is not negative to avoid instant relocks. Tree-SHA512: 426922f08c54e323d259e25dcdbebc2cd560708a65111ce6051493a7e7c61e79d9da1ea4026cc0d68807d728f5d7c0d7c58168c6ef4167b94cf6c2877af88794
…nd check its bounds 134cdc7 Test walletpassphrase timeout bounds and clamping (Andrew Chow) 0b63e3c Clamp walletpassphrase timeout to 2^(30) seconds and check its bounds (Andrew Chow) Pull request description: Fixes bitcoin#12100 Makes the timeout be clamped to 2^30 seconds to avoid the issue with sign flipping with large timeout values and thus relocking the wallet instantly. Unlocking for at most ~34 years should be sufficient. Also checks that the timeout is not negative to avoid instant relocks. Tree-SHA512: 426922f08c54e323d259e25dcdbebc2cd560708a65111ce6051493a7e7c61e79d9da1ea4026cc0d68807d728f5d7c0d7c58168c6ef4167b94cf6c2877af88794
…nd check its bounds 134cdc7 Test walletpassphrase timeout bounds and clamping (Andrew Chow) 0b63e3c Clamp walletpassphrase timeout to 2^(30) seconds and check its bounds (Andrew Chow) Pull request description: Fixes bitcoin#12100 Makes the timeout be clamped to 2^30 seconds to avoid the issue with sign flipping with large timeout values and thus relocking the wallet instantly. Unlocking for at most ~34 years should be sufficient. Also checks that the timeout is not negative to avoid instant relocks. Tree-SHA512: 426922f08c54e323d259e25dcdbebc2cd560708a65111ce6051493a7e7c61e79d9da1ea4026cc0d68807d728f5d7c0d7c58168c6ef4167b94cf6c2877af88794
If I unlock an encrypted wallet for 359711509437336256 or less seconds, I can sign transactions with it:
But if I unlock it for 359711509437336257 or more seconds, it appears to have unlocked but I can't sign any transactions:
I don't know the significance of that number. It's nowhere near a power of 2.
I was trying to unlock the wallet effectively "forever", so put a big number. If I use too big a number (2^63 or more) I get an error message
JSON integer out of range
but for numbers between 359711509437336257 and 2^63-1 inclusive I get no error, but no actual unlocking.The text was updated successfully, but these errors were encountered: