New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RPC] Disallow using addresses in createmultisig #11415
Conversation
64d027c
to
eb95b57
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Definite concept ACK. Thanks for tackling the last item in #7965! 🎉
A few high-level thoughts:
- I don't love the
only_pubkeys
argument in_createmultisig_getpubkeys()
. I'm also not a huge fan of passing the address/keys in as a UniValue reference. Is it possible to change_createmultisig_getpubkeys()
and_createmultisig_getaddr_pubkeys()
to both take a single string and return a singleCPubKey
? You could then do the iteration over theUniValue keys_in
outside of the function. - I don't understand why
createmultisig
in deprecated mode calls_createmultisig_getpubkeys()
then_createmultisig_getaddrpubkeys()
, butaddmultisigaddress
calls them the other way round. Is there a reason for that? - I think you could take the opportunity to tidy up the error handling. Instead of calling
throw std::runtime_error
, callthrow JSONRPCError()
so the correct error codes are returned. - it'd be great to add some tests that call both these RPCs with a mixture of keys and addresses to verify that they can handle that.
- it seems a little gratuitous to change the return type of
addmultisigaddress
(especially without hiding it behind a-deprecatedrpc
argument). What was the reasoning for that? To not break the tests?
int required = request.params[0].get_int(); | ||
|
||
// Get the public keys | ||
const UniValue& keys = request.params[1].get_array(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we rename this variable keys_or_addresses
(and the same in addmultisigaddress
) so it's clear that these could be keys or addresses.
I don't really either. I was trying to avoid as much code duplication as possible, but I guess that can't really be avoided.
I'll try doing that.
Nope.
That was mostly to not break tests and also because I felt that |
The only reason would be to not break clients that are expecting a string and now receive a JSON object when they upgrade to v0.16. Hiding behind the I don't know if this would really be a problem for users, but worth considering. |
eb95b57
to
a324a92
Compare
The latest commit changes the loop to happen in the RPC call body and changes the two helper functions to take a single pubkey and string instead of vectors and UniValue. I have also put the old |
src/rpc/misc.cpp
Outdated
_createmultisig_hex_to_pubkey(pubkeys.at(i), keys[i].get_str()); | ||
} else | ||
#endif | ||
_createmultisig_hex_to_pubkey(pubkeys.at(i), keys[i].get_str()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Put inside a block?
} else {
#else
{
#endif
_createmultisig_hex_to_pubkey(pubkeys.at(i), keys[i].get_str());
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the else branch is unnecessary here. See comment above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed the else
branch.
a324a92
to
a169f17
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like this better, and I think that once the deprecated functionality is removed it'll be a cleaner interface.
I still think we should have cases that test both these RPCs with a mixture of addresses and keys (in different permutations). I'm happy to write those if you want.
src/wallet/rpcwallet.cpp
Outdated
return EncodeDestination(innerID); | ||
|
||
UniValue result(UniValue::VOBJ); | ||
if (IsDeprecatedRPCEnabled("addmultisigaddress")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can be made simpler:
if (IsDeprecatedRPCEnabled("addmultisigaddress")) {
// Old-style interface: just return the address
return EncodeDestination(innerID);
}
// return an object containing the address and redeem script
UniValue result(UniValue::VOBJ);
result.pushKV("address", EncodeDestination(innerID));
result.pushKV("redeemScript", HexStr(inner.begin(), inner.end()));
return result;
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
src/wallet/rpcwallet.cpp
Outdated
int required = request.params[0].get_int(); | ||
|
||
// Get the public keys | ||
const UniValue& keys = request.params[1].get_array(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggestion: name this variable keys_or_addresses
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Renamed to keys_or_addrs
src/rpc/misc.cpp
Outdated
#ifdef ENABLE_WALLET | ||
if (IsDeprecatedRPCEnabled("createmultisig")) { | ||
CWallet* const pwallet = GetWalletForJSONRPCRequest(request); | ||
if (!EnsureWalletIsAvailable(pwallet, request.fHelp)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's an implicit assumption here that if ENABLE_WALLET
is true then there will necessarily be a wallet available. That may be broken by dynamic wallet load/unload. If we allow the wallet to be unloaded then this rpc will stop working.
The else statement is also unnecessary (once we reach line 302, then both branches converge to calling _createmultisig_hex_to_pubkey()
).
How about:
#ifdef ENABLE_WALLET
CWallet* const pwallet = GetWalletForJSONRPCRequest(request);
if (IsDeprecatedRPCEnabled("createmultisig") &&
EnsureWalletIsAvailable(pwallet, request.fHelp) &&
pwallet) {
_createmultisig_addr_to_pubkey(pwallet, pubkeys.at(i), keys[i].get_str());
}
#endif
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
src/rpc/misc.cpp
Outdated
_createmultisig_hex_to_pubkey(pubkeys.at(i), keys[i].get_str()); | ||
} else | ||
#endif | ||
_createmultisig_hex_to_pubkey(pubkeys.at(i), keys[i].get_str()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the else branch is unnecessary here. See comment above.
src/rpc/misc.cpp
Outdated
{ | ||
// Gather public keys | ||
if (required < 1) { | ||
throw std::runtime_error("a multisignature address must require at least one key to redeem"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you replace these errors with better JSON errors?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
src/rpc/misc.cpp
Outdated
#endif | ||
_createmultisig_hex_to_pubkey(pubkeys.at(i), keys[i].get_str()); | ||
if (!pubkeys.at(i).IsFullyValid()) { | ||
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid public key: " + keys[i].get_str()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps add a note into the error text here: "Note that from V0.16, createmultisig no longer accepts addresses. Clients must transition to using addmultisigaddress to create multisig addresses with addresses known to the wallet before upgrading to v0.17. To use the deprecated functionality, start bitcoind with -deprecatedrpc=createmultisig"
This is the error that clients will hit if they're relying on old behaviour, so the error message should be delivered here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
Concept ACK. API change, added the "Needs release notes" tag. |
src/rpc/misc.cpp
Outdated
pubkeys[i] = vchPubKey; | ||
CPubKey vchPubKey(ParseHex(hex_in)); | ||
if (!vchPubKey.IsFullyValid()) { | ||
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid public key: " + hex_in); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should have tests for these JSONRPCError
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is that really necessary?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO yes, should always test success and failure cases as this is an interface others use.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a test in rawtransactions.py
a169f17
to
1e7a0ce
Compare
src/rpc/misc.cpp
Outdated
pubkeys.resize(keys.size()); | ||
for (unsigned int i = 0; i < keys.size(); ++i) { | ||
#ifdef ENABLE_WALLET | ||
CWallet* const pwallet = GetWalletForJSONRPCRequest(request); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Split in two loops:
#ifdef ENABLE_WALLET
CWallet* const pwallet = GetWalletForJSONRPCRequest(request);
if (IsDeprecatedRPCEnabled("createmultisig") && EnsureWalletIsAvailable(pwallet, request.fHelp) && pwallet) {
// call _createmultisig_addr_to_pubkey for each key
}
#endif // ENABLE_WALLET
// call _createmultisig_hex_to_pubkey for each key
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Guessing it was suggested for efficiency, but I think the code is better the way it is (one loop), since it avoids duplication.
1e7a0ce
to
a0e0c4b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK a0e0c4b674b1cde4e754ab0071b81eb8ba3df40a. Needs rebase to fix travis failures due to assert_raises_jsonrpc
obnoxiousness.
Maybe consider renaming the _createmultisig_getpubkeys
and _createmultisig_getaddr_pubkeys
functions to use current naming convention and to drop mention of multisig, since there is really nothing nothing multisig specific about them. All they are doing is turning strings into pubkeys.
src/rpc/misc.cpp
Outdated
{ | ||
int nRequired = params[0].get_int(); | ||
const UniValue& keys = params[1].get_array(); | ||
#ifdef ENABLE_WALLET |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need for ENABLE_WALLET macro here.
Following would be equivalent:
void _createmultisig_addr_to_pubkey(class CWallet* const pwallet, CPubKey& pubkey_out, const std::string& addr_in);
extern keyword also doesn't actually do anything, but maybe it is useful to make the declaration stand out more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed the ifdef here. I'm leaving the extern
for clarity
src/rpc/misc.cpp
Outdated
pubkeys.resize(keys.size()); | ||
for (unsigned int i = 0; i < keys.size(); ++i) { | ||
#ifdef ENABLE_WALLET | ||
CWallet* const pwallet = GetWalletForJSONRPCRequest(request); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Guessing it was suggested for efficiency, but I think the code is better the way it is (one loop), since it avoids duplication.
src/wallet/rpcwallet.cpp
Outdated
extern CScript _createmultisig_redeemScript(const int required, const std::vector<CPubKey>& pubkeys); | ||
extern void _createmultisig_hex_to_pubkey(CPubKey& pubkey_out, const std::string& hex_in); | ||
|
||
void _createmultisig_addr_to_pubkey(CWallet* const pwallet, CPubKey& pubkey_out, const std::string& addr_in) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is really no reason for this function to live in the wallet. The CWallet* argument could be changed to a CKeyStore argument and this could just be a generic jsonrpc util function without all the weird ifdef and naming and extern declaration stuff.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, that could be done, but is it necessary? Where else would you need to use such a function with a CKeyStore instead of CWallet?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a suggestion to let you define the two functions together in one place. Please ignore if you don't think this is an improvement, or don't think it is worth the effort.
a0e0c4b
to
2a7b80c
Compare
Rebased to fix travis. |
sorry @achow101 , you'll also need to change https://github.com/bitcoin/bitcoin/pull/11415/files#diff-8f3a598a6e52799596008ae7c19d1333R23 to use |
2a7b80c
to
897b5c0
Compare
Actually fixed travis this time, I think. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great stuff @achow101!
utACK 897b5c0cfbdbe90c032a980e8567ddca7b499281
Changes from a169f17434b9d96de478a6641e6a087be97631e8 are as expected: removing the unnecessary #ifdef
, using JSONRPCError
s, simplifying the logic in createmultisig()
, updating the variable name to keys_or_addrs
, simplifying the logic around returning the legacy object, adding tests for calling createmultisig()
and addmultisigaddress()` with a mixture of keys and addrs, and fixing the functional tests after rebase on master.
One very minor request for an additional comment.
test/functional/rawtransactions.py
Outdated
mSigObj = self.nodes[2].addmultisigaddress(2, [addr1Obj['pubkey'], addr2Obj['pubkey']]) | ||
# Tests for createmultisig and addmultisigaddress | ||
assert_raises_rpc_error(-5, "Invalid public key", self.nodes[0].createmultisig, 1, ["01020304"]) | ||
self.nodes[0].createmultisig(2, [addr1Obj['pubkey'], addr2Obj['pubkey']]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor nit: Future readers of this test may find it clearer if you add a comment saying that createmultisig can only take keys as inputs, but addmultisigaddress can take a mixture of keys and addrs (as long as the wallet owns those addresses)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
897b5c0
to
ac33d78
Compare
Tested ACK ac33d788e2d7dbfdf760f3a620c86eeaf7cff3fd |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK ac33d788e2d7dbfdf760f3a620c86eeaf7cff3fd. Only changes are assert_raises fix and test comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. Just some internal-API-nits and wishing it worked with segwit addresses.
src/rpc/misc.cpp
Outdated
#endif | ||
_createmultisig_hex_to_pubkey(pubkeys.at(i), keys[i].get_str()); | ||
if (!pubkeys.at(i).IsFullyValid()) { | ||
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, strprintf("Invalid public key: %s Note that from v0.16, createmultisig no longer accepts addresses. Clients must transition to using addmultisigaddress to create multisig addresses with addresses known to the wallet before upgrading to v0.17. To use the deprecated functionality, start bitcoind with -deprecatedrpc=createmultisig)", keys[i].get_str())); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Dangling ")" at the end of the err string.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
src/rpc/misc.cpp
Outdated
for (unsigned int i = 0; i < keys.size(); i++) | ||
void _createmultisig_hex_to_pubkey(CPubKey& pubkey_out, const std::string& hex_in) | ||
{ | ||
if (IsHex(hex_in)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I find this API super weird - its confusing as-is that we will throw if the hex represents an invalid pubkey but not if the string represents an empty string or something non-hex, expecting two functions which might each optioanlly populate pubkey_out to be called back-to-back. Can you add the IsHex() check in createmultisig/addmultisigaddress itself before the call so that you switch which function you call there instead? Then you could just throw a JSONRPCError here if !IsHex.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
src/rpc/misc.cpp
Outdated
for (unsigned int i = 0; i < keys.size(); ++i) { | ||
#ifdef ENABLE_WALLET | ||
CWallet* const pwallet = GetWalletForJSONRPCRequest(request); | ||
if (IsDeprecatedRPCEnabled("createmultisig") && EnsureWalletIsAvailable(pwallet, request.fHelp) && pwallet) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note that pretty much all EnsureWalletIsAvailable does is a null-check on pwallet, so the && pwallet part is pretty redundant here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
src/wallet/rpcwallet.cpp
Outdated
if (IsValidDestination(dest)) { | ||
const CKeyID *keyID = boost::get<CKeyID>(&dest); | ||
if (!keyID) { | ||
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, strprintf("%s does not refer to a key", addr_in)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This error message is somewhat confusing (maybe "%s is not an address"), but, also, it'd be nice if this also worked for WitnessV0KeyHash as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure what even causes this error to happen.
src/wallet/rpcwallet.cpp
Outdated
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, strprintf("no full public key for address %s", addr_in)); | ||
} | ||
if (!vchPubKey.IsFullyValid()) { | ||
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid public key: " + addr_in); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe we could INTERNAL_ERROR here as wallet should never contain invalid pubkeys (and call the error "Wallet contains invalid pubkey" instead).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
c4342d2
to
257d4fd
Compare
@laanwj I think this is ready to be merged. |
Merge please? |
18eb69c
to
d1916aa
Compare
Grr. fixed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some comments.
src/rpc/misc.cpp
Outdated
"1. nrequired (numeric, required) The number of required signatures out of the n keys or addresses.\n" | ||
"2. \"keys\" (string, required) A json array of keys which are bitcoin addresses or hex-encoded public keys\n" | ||
"1. nrequired (numeric, required) The number of required signatures out of the n keys or addresses.\n" | ||
"2. \"keys\" (string, required) A json array of keys which are bitcoin addresses or hex-encoded public keys\n" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove bitcoin addresses or ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
src/rpc/misc.cpp
Outdated
" [\n" | ||
" \"key\" (string) bitcoin address or hex-encoded public key\n" | ||
" \"key\" (string) hex-encoded public key\n" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit, use sentence case (string) The hex-encoded ....
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
src/rpc/util.cpp
Outdated
// file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||
|
||
#include "base58.h" | ||
#include "pubkey.h" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit, sort headers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
src/rpc/util.cpp
Outdated
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, strprintf("no full public key for address %s", addr_in)); | ||
} | ||
if (!vchPubKey.IsFullyValid()) { | ||
throw JSONRPCError(RPC_INTERNAL_ERROR, "Wallet contains an invalid public key"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No test for this error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This error is untestable. It requires a corrupted wallet.
src/rpc/util.cpp
Outdated
} | ||
CPubKey vchPubKey; | ||
if (!keystore->GetPubKey(*keyID, vchPubKey)) { | ||
throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, strprintf("no full public key for address %s", addr_in)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No test for this error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAIK, this error is untestable and requires a corrupted wallet.
9e69c4f
to
9bda49e
Compare
Had to rebase and fix |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK 9bda49eb30b154f927f8de79f54c29ab950e15a5. Main change since last review is rebase and wallet-dump test fix, and there are also minor include order and rpc documentation changes.
Again, this seems like it might be ready for merge.
Make createmultisig only accept public keys with the old functionality marked as deprecated. Splits _createmultisig_redeemscript into two functions, one for getting public keys from UniValue and one for getting addresses from UniValue and then their respective public keys. The one for retrieving address's public keys is located in rpcwallet.cpp Changes addwitnessaddress's output to be a JSON object with two fields, address and redeemscript. Adds a test to deprecated_rpc.py for testing the deprecation. Update the tests to use addwitnessaddress or give only public keys to createmultisig. Anything that used addwitnessaddress was also updated to reflect the new API.
9bda49e
to
1df206f
Compare
Rebased again. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sadly this is going to need another substantial rebase if #12213 gets merged. This has been rebased 5 times and has received several rounds of review:
@achow101 and I have asked for merge a couple of times here and in IRC. Maintainers - is there anything we can do to get this unblocked? Are you waiting for additional reviewers? It'd be a shame to have this go through another round of rebase/review. |
1df206f Disallow using addresses in createmultisig (Andrew Chow) Pull request description: This PR should be the last part of #7965. This PR makes createmultisig only accept public keys and marks the old functionality of accepting addresses as deprecated. It also splits `_createmultisig_redeemscript` into two functions, `_createmultisig_getpubkeys` and `_createmultisig_getaddr_pubkeys`. `_createmultisig_getpubkeys` retrieves public keys from the RPC parameters and `_createmultisig_getaddr_pubkeys` retrieves addresses' public keys from the wallet. `_createmultisig_getaddr_pubkeys` requires the wallet and is only used by `addwitnessaddress` (except when `createmultisig` is used in deprecated mode). `addwitnessaddress`'s API is also changed. Instead of returning just an address, it now returns the same thing as `createmultisig`: a JSON object with two fields, address and redeemscript. Tree-SHA512: a5796e41935ad5e47d8165ff996a8b20d5112b5fc1a06a6d3c7f5513c13e7628a4fd37ec30fde05d8b15abfed51bc250710140f6834b13f64d0a0e47a3817969
db1cbcc [RPC] Remove deprecated addmultisigaddress return format (John Newbery) cb28a0b [RPC] Remove deprecated createmultisig object (John Newbery) ed45c82 [tests] Remove test for deprecated createmultsig option (John Newbery) d066a1c [rpc] Remove deprecated getmininginfo RPC option (John Newbery) c6f09c2 [rpc] remove deprecated estimatefee RPC (John Newbery) a8e437a [tests] Remove estimatefee from rpc_deprecated.py test (John Newbery) a5623b1 [tests] Remove tests for deprecated estimatefee RPC (John Newbery) d119f2e [tests] Fix style warnings in feature_fee_estimation.py (John Newbery) Pull request description: There were some RPC/RPC options deprecated in v0.16. Those can now be removed from master since v0.16 has been branched. - `estimatefee` RPC has been removed. The `feature_fee_estimation.py` test has been updated to remove the RPC, but doesn't yet have good coverage of the replacement RPC `estimatesmartfee`. Improving the test coverage should be done in a new PR. (#11031) - the `errors` field returned by `getmininginfo` has been deprecated and replaced by a `warning` field. (#10858) - providing addresses as inputs to `createmultisig` has been deprecated. Users should use `addmultisigaddress` instead (#11415) - The return format from `addmultisigaddress` has changed (#11415) `getwitnessaddress` was also deprecated in v0.16 and can be removed, but many tests are using that RPC, so it's a larger job to remove. It should be removed in a separate PR (possibly after #11739 and #11398 have been merged and the segwit test code tidied up) Tree-SHA512: 8ffaa5f6094131339b9e9e468e8b141de4b144697d2271efa2992b80b12eb97849ade3da8df5c1c9400ed4c04e6a029926550a3e5846d2029b644f9e84ac7124
1df206f Disallow using addresses in createmultisig (Andrew Chow) Pull request description: This PR should be the last part of bitcoin#7965. This PR makes createmultisig only accept public keys and marks the old functionality of accepting addresses as deprecated. It also splits `_createmultisig_redeemscript` into two functions, `_createmultisig_getpubkeys` and `_createmultisig_getaddr_pubkeys`. `_createmultisig_getpubkeys` retrieves public keys from the RPC parameters and `_createmultisig_getaddr_pubkeys` retrieves addresses' public keys from the wallet. `_createmultisig_getaddr_pubkeys` requires the wallet and is only used by `addwitnessaddress` (except when `createmultisig` is used in deprecated mode). `addwitnessaddress`'s API is also changed. Instead of returning just an address, it now returns the same thing as `createmultisig`: a JSON object with two fields, address and redeemscript. Tree-SHA512: a5796e41935ad5e47d8165ff996a8b20d5112b5fc1a06a6d3c7f5513c13e7628a4fd37ec30fde05d8b15abfed51bc250710140f6834b13f64d0a0e47a3817969
…#3482) * Merge bitcoin#11415: [RPC] Disallow using addresses in createmultisig 1df206f Disallow using addresses in createmultisig (Andrew Chow) Pull request description: This PR should be the last part of bitcoin#7965. This PR makes createmultisig only accept public keys and marks the old functionality of accepting addresses as deprecated. It also splits `_createmultisig_redeemscript` into two functions, `_createmultisig_getpubkeys` and `_createmultisig_getaddr_pubkeys`. `_createmultisig_getpubkeys` retrieves public keys from the RPC parameters and `_createmultisig_getaddr_pubkeys` retrieves addresses' public keys from the wallet. `_createmultisig_getaddr_pubkeys` requires the wallet and is only used by `addwitnessaddress` (except when `createmultisig` is used in deprecated mode). `addwitnessaddress`'s API is also changed. Instead of returning just an address, it now returns the same thing as `createmultisig`: a JSON object with two fields, address and redeemscript. Tree-SHA512: a5796e41935ad5e47d8165ff996a8b20d5112b5fc1a06a6d3c7f5513c13e7628a4fd37ec30fde05d8b15abfed51bc250710140f6834b13f64d0a0e47a3817969 * fix backport Signed-off-by: pasta <pasta@dashboost.org> * fix backport Signed-off-by: pasta <pasta@dashboost.org> * fix backport Signed-off-by: pasta <pasta@dashboost.org> * Dashify Co-authored-by: dustinface <35775977+xdustinface@users.noreply.github.com> Co-authored-by: Wladimir J. van der Laan <laanwj@gmail.com> Co-authored-by: dustinface <35775977+xdustinface@users.noreply.github.com>
db1cbcc [RPC] Remove deprecated addmultisigaddress return format (John Newbery) cb28a0b [RPC] Remove deprecated createmultisig object (John Newbery) ed45c82 [tests] Remove test for deprecated createmultsig option (John Newbery) d066a1c [rpc] Remove deprecated getmininginfo RPC option (John Newbery) c6f09c2 [rpc] remove deprecated estimatefee RPC (John Newbery) a8e437a [tests] Remove estimatefee from rpc_deprecated.py test (John Newbery) a5623b1 [tests] Remove tests for deprecated estimatefee RPC (John Newbery) d119f2e [tests] Fix style warnings in feature_fee_estimation.py (John Newbery) Pull request description: There were some RPC/RPC options deprecated in v0.16. Those can now be removed from master since v0.16 has been branched. - `estimatefee` RPC has been removed. The `feature_fee_estimation.py` test has been updated to remove the RPC, but doesn't yet have good coverage of the replacement RPC `estimatesmartfee`. Improving the test coverage should be done in a new PR. (bitcoin#11031) - the `errors` field returned by `getmininginfo` has been deprecated and replaced by a `warning` field. (bitcoin#10858) - providing addresses as inputs to `createmultisig` has been deprecated. Users should use `addmultisigaddress` instead (bitcoin#11415) - The return format from `addmultisigaddress` has changed (bitcoin#11415) `getwitnessaddress` was also deprecated in v0.16 and can be removed, but many tests are using that RPC, so it's a larger job to remove. It should be removed in a separate PR (possibly after bitcoin#11739 and bitcoin#11398 have been merged and the segwit test code tidied up) Tree-SHA512: 8ffaa5f6094131339b9e9e468e8b141de4b144697d2271efa2992b80b12eb97849ade3da8df5c1c9400ed4c04e6a029926550a3e5846d2029b644f9e84ac7124
db1cbcc [RPC] Remove deprecated addmultisigaddress return format (John Newbery) cb28a0b [RPC] Remove deprecated createmultisig object (John Newbery) ed45c82 [tests] Remove test for deprecated createmultsig option (John Newbery) d066a1c [rpc] Remove deprecated getmininginfo RPC option (John Newbery) c6f09c2 [rpc] remove deprecated estimatefee RPC (John Newbery) a8e437a [tests] Remove estimatefee from rpc_deprecated.py test (John Newbery) a5623b1 [tests] Remove tests for deprecated estimatefee RPC (John Newbery) d119f2e [tests] Fix style warnings in feature_fee_estimation.py (John Newbery) Pull request description: There were some RPC/RPC options deprecated in v0.16. Those can now be removed from master since v0.16 has been branched. - `estimatefee` RPC has been removed. The `feature_fee_estimation.py` test has been updated to remove the RPC, but doesn't yet have good coverage of the replacement RPC `estimatesmartfee`. Improving the test coverage should be done in a new PR. (bitcoin#11031) - the `errors` field returned by `getmininginfo` has been deprecated and replaced by a `warning` field. (bitcoin#10858) - providing addresses as inputs to `createmultisig` has been deprecated. Users should use `addmultisigaddress` instead (bitcoin#11415) - The return format from `addmultisigaddress` has changed (bitcoin#11415) `getwitnessaddress` was also deprecated in v0.16 and can be removed, but many tests are using that RPC, so it's a larger job to remove. It should be removed in a separate PR (possibly after bitcoin#11739 and bitcoin#11398 have been merged and the segwit test code tidied up) Tree-SHA512: 8ffaa5f6094131339b9e9e468e8b141de4b144697d2271efa2992b80b12eb97849ade3da8df5c1c9400ed4c04e6a029926550a3e5846d2029b644f9e84ac7124
db1cbcc [RPC] Remove deprecated addmultisigaddress return format (John Newbery) cb28a0b [RPC] Remove deprecated createmultisig object (John Newbery) ed45c82 [tests] Remove test for deprecated createmultsig option (John Newbery) d066a1c [rpc] Remove deprecated getmininginfo RPC option (John Newbery) c6f09c2 [rpc] remove deprecated estimatefee RPC (John Newbery) a8e437a [tests] Remove estimatefee from rpc_deprecated.py test (John Newbery) a5623b1 [tests] Remove tests for deprecated estimatefee RPC (John Newbery) d119f2e [tests] Fix style warnings in feature_fee_estimation.py (John Newbery) Pull request description: There were some RPC/RPC options deprecated in v0.16. Those can now be removed from master since v0.16 has been branched. - `estimatefee` RPC has been removed. The `feature_fee_estimation.py` test has been updated to remove the RPC, but doesn't yet have good coverage of the replacement RPC `estimatesmartfee`. Improving the test coverage should be done in a new PR. (bitcoin#11031) - the `errors` field returned by `getmininginfo` has been deprecated and replaced by a `warning` field. (bitcoin#10858) - providing addresses as inputs to `createmultisig` has been deprecated. Users should use `addmultisigaddress` instead (bitcoin#11415) - The return format from `addmultisigaddress` has changed (bitcoin#11415) `getwitnessaddress` was also deprecated in v0.16 and can be removed, but many tests are using that RPC, so it's a larger job to remove. It should be removed in a separate PR (possibly after bitcoin#11739 and bitcoin#11398 have been merged and the segwit test code tidied up) Tree-SHA512: 8ffaa5f6094131339b9e9e468e8b141de4b144697d2271efa2992b80b12eb97849ade3da8df5c1c9400ed4c04e6a029926550a3e5846d2029b644f9e84ac7124
db1cbcc [RPC] Remove deprecated addmultisigaddress return format (John Newbery) cb28a0b [RPC] Remove deprecated createmultisig object (John Newbery) ed45c82 [tests] Remove test for deprecated createmultsig option (John Newbery) d066a1c [rpc] Remove deprecated getmininginfo RPC option (John Newbery) c6f09c2 [rpc] remove deprecated estimatefee RPC (John Newbery) a8e437a [tests] Remove estimatefee from rpc_deprecated.py test (John Newbery) a5623b1 [tests] Remove tests for deprecated estimatefee RPC (John Newbery) d119f2e [tests] Fix style warnings in feature_fee_estimation.py (John Newbery) Pull request description: There were some RPC/RPC options deprecated in v0.16. Those can now be removed from master since v0.16 has been branched. - `estimatefee` RPC has been removed. The `feature_fee_estimation.py` test has been updated to remove the RPC, but doesn't yet have good coverage of the replacement RPC `estimatesmartfee`. Improving the test coverage should be done in a new PR. (bitcoin#11031) - the `errors` field returned by `getmininginfo` has been deprecated and replaced by a `warning` field. (bitcoin#10858) - providing addresses as inputs to `createmultisig` has been deprecated. Users should use `addmultisigaddress` instead (bitcoin#11415) - The return format from `addmultisigaddress` has changed (bitcoin#11415) `getwitnessaddress` was also deprecated in v0.16 and can be removed, but many tests are using that RPC, so it's a larger job to remove. It should be removed in a separate PR (possibly after bitcoin#11739 and bitcoin#11398 have been merged and the segwit test code tidied up) Tree-SHA512: 8ffaa5f6094131339b9e9e468e8b141de4b144697d2271efa2992b80b12eb97849ade3da8df5c1c9400ed4c04e6a029926550a3e5846d2029b644f9e84ac7124
db1cbcc [RPC] Remove deprecated addmultisigaddress return format (John Newbery) cb28a0b [RPC] Remove deprecated createmultisig object (John Newbery) ed45c82 [tests] Remove test for deprecated createmultsig option (John Newbery) d066a1c [rpc] Remove deprecated getmininginfo RPC option (John Newbery) c6f09c2 [rpc] remove deprecated estimatefee RPC (John Newbery) a8e437a [tests] Remove estimatefee from rpc_deprecated.py test (John Newbery) a5623b1 [tests] Remove tests for deprecated estimatefee RPC (John Newbery) d119f2e [tests] Fix style warnings in feature_fee_estimation.py (John Newbery) Pull request description: There were some RPC/RPC options deprecated in v0.16. Those can now be removed from master since v0.16 has been branched. - `estimatefee` RPC has been removed. The `feature_fee_estimation.py` test has been updated to remove the RPC, but doesn't yet have good coverage of the replacement RPC `estimatesmartfee`. Improving the test coverage should be done in a new PR. (bitcoin#11031) - the `errors` field returned by `getmininginfo` has been deprecated and replaced by a `warning` field. (bitcoin#10858) - providing addresses as inputs to `createmultisig` has been deprecated. Users should use `addmultisigaddress` instead (bitcoin#11415) - The return format from `addmultisigaddress` has changed (bitcoin#11415) `getwitnessaddress` was also deprecated in v0.16 and can be removed, but many tests are using that RPC, so it's a larger job to remove. It should be removed in a separate PR (possibly after bitcoin#11739 and bitcoin#11398 have been merged and the segwit test code tidied up) Tree-SHA512: 8ffaa5f6094131339b9e9e468e8b141de4b144697d2271efa2992b80b12eb97849ade3da8df5c1c9400ed4c04e6a029926550a3e5846d2029b644f9e84ac7124
db1cbcc [RPC] Remove deprecated addmultisigaddress return format (John Newbery) cb28a0b [RPC] Remove deprecated createmultisig object (John Newbery) ed45c82 [tests] Remove test for deprecated createmultsig option (John Newbery) d066a1c [rpc] Remove deprecated getmininginfo RPC option (John Newbery) c6f09c2 [rpc] remove deprecated estimatefee RPC (John Newbery) a8e437a [tests] Remove estimatefee from rpc_deprecated.py test (John Newbery) a5623b1 [tests] Remove tests for deprecated estimatefee RPC (John Newbery) d119f2e [tests] Fix style warnings in feature_fee_estimation.py (John Newbery) Pull request description: There were some RPC/RPC options deprecated in v0.16. Those can now be removed from master since v0.16 has been branched. - `estimatefee` RPC has been removed. The `feature_fee_estimation.py` test has been updated to remove the RPC, but doesn't yet have good coverage of the replacement RPC `estimatesmartfee`. Improving the test coverage should be done in a new PR. (bitcoin#11031) - the `errors` field returned by `getmininginfo` has been deprecated and replaced by a `warning` field. (bitcoin#10858) - providing addresses as inputs to `createmultisig` has been deprecated. Users should use `addmultisigaddress` instead (bitcoin#11415) - The return format from `addmultisigaddress` has changed (bitcoin#11415) `getwitnessaddress` was also deprecated in v0.16 and can be removed, but many tests are using that RPC, so it's a larger job to remove. It should be removed in a separate PR (possibly after bitcoin#11739 and bitcoin#11398 have been merged and the segwit test code tidied up) Tree-SHA512: 8ffaa5f6094131339b9e9e468e8b141de4b144697d2271efa2992b80b12eb97849ade3da8df5c1c9400ed4c04e6a029926550a3e5846d2029b644f9e84ac7124
This PR should be the last part of #7965.
This PR makes createmultisig only accept public keys and marks the old functionality of accepting addresses as deprecated.
It also splits
_createmultisig_redeemscript
into two functions,_createmultisig_getpubkeys
and_createmultisig_getaddr_pubkeys
._createmultisig_getpubkeys
retrieves public keys from the RPC parameters and_createmultisig_getaddr_pubkeys
retrieves addresses' public keys from the wallet._createmultisig_getaddr_pubkeys
requires the wallet and is only used byaddwitnessaddress
(except whencreatemultisig
is used in deprecated mode).addwitnessaddress
's API is also changed. Instead of returning just an address, it now returns the same thing ascreatemultisig
: a JSON object with two fields, address and redeemscript.