-
Notifications
You must be signed in to change notification settings - Fork 36.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace -upgradewallet startup option with upgradewallet RPC #15761
Conversation
No opposition to having this, but wouldn't |
I'm not really a fan of putting things that users might actually use and want to use in a place that is less accessible. |
36772ea
to
0612304
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just some style nits
Related: #13044 |
0612304
to
65e296d
Compare
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
Concept ACK although I agree with @laanwj that a utility function that does not require access to the chainstate or P2P rightly lives in the wallet tool.
I'd disagree that RPC is accessible to users who aren't able to use the command line. We shouldn't encourage users to type commands into the debug command window if they're not able to use the command line. Besides, |
Is this something that we'd like to be accessible to wallets why they're loaded? If so, it needs to be an RPC (and possibly also in the wallet tool). |
I would like it to be. |
This seems to me to potentially add complexity in future. I could imagine there may be some potential upgrade actions that would conflict badly when executed on a running wallet. Why not keep it simple and only allow upgrade when the wallet is not running? EDIT: to be clear, I'm not NACKing this. I think an |
Concept ACK removing the Why not add |
I think it makes more sense to have upgrading be separate from loading. |
Can you justify that? Upgrading wallets is something that most users will very rarely (if ever) have to do. What's the benefit to adding the flexibility to upgrade wallets during runtime? The downsides seem pretty obvious to me (potential increased complexity and having to reason about interactions with other wallet operations) so I'd like to understand what you're weighing that against. |
I disagree. It is far easier for users to understand and use the RPC console than it is for them to use and understand the wallet tool. The instructions for opening up the RPC console and then entering a command are far simpler than the instructions for using the wallet tool. There is exactly one set of instructions that users have to follow with the only thing that they need to consider is their wallet name and making sure that that wallet is selected. Conversely, with the wallet tool, the instructions for using it are dependent on how the user installed the software (i.e. they need to know the install location) and whether they changed the data directory. Then they have to specify the wallet in the command line which may involve escaping or quoting. All of these are extra options and information that users need to know which they may not. With the RPC console, all that stuff is already handled for them. The instructions are far simpler and easier to understand when using the RPC console than when using the command line wallet tool. In a similar vein, I disagree with "We shouldn't encourage users to type commands into the debug command window if they're not able to use the command line." As I mentioned, using the RPC console is far easier than using the command line. While they are similar, the command line has so many extra rules and gotchas that the RPC console does not. A user can be fine and comfortable using the RPC console but not able to use the command line simply because the command line does many other things that can cause screwups.
Conceptually, loading and upgrading are two separate functions that should be defined separately. From a UX standpoint, it makes more sense to users to do an explicit upgrade as a separate command rather than as an argument to some other command. If bundled with
I really don't think that's a reason against this. By that logic we just shouldn't change anything because it increases complexity and we have to reason about interactions with other operations. Moving upgrading to its own code will actually make it less complex and simpler. Currently I have it as largely a move-only, but it can actually be simplified. Keeping it as part of loading means that it has to distinguish between a new wallet and a wallet being upgraded. They follow largely the same codepaths but have just slightly different logic. The fact that these two are together in |
Concept ACK moving it to either or both (tool and rpc) |
The RPC variant probably has the advantage that the function could be added to the File menu later on (maybe right next to "Backup wallet..."), which would also alleviate the concerns about having users enter random stuff in the console |
Nit: commit messages misspell upgrade multiple times |
@@ -4064,67 +4064,6 @@ std::shared_ptr<CWallet> CWallet::CreateWalletFromFile(interfaces::Chain& chain, | |||
} | |||
} | |||
|
|||
int prev_version = walletInstance->GetVersion(); | |||
if (gArgs.GetBoolArg("-upgradewallet", fFirstRun)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is removed in the wrong commit.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The first commit is convoluted/difficult to review and broken (-upgradewallet
no longer works).
65e296d
to
bd92de2
Compare
Fixed
How so? It's mostly just a move
Should be fixed |
Re first commit: Since it's on the object, you drop the |
src/wallet/wallet.cpp
Outdated
walletInstance->SetMaxVersion(nMaxVersion); | ||
} | ||
|
||
// Upgrade to HD if explicit upgrade | ||
if (gArgs.GetBoolArg("-upgradewallet", false)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Part of this is supposed to run by default if fFirstRun
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That part is completely redundant. It just sets the wallet version but SetMinVersion
is already called below in the if (fFirstRun)
block. Furthermore, that call forces the wallet version to be the latest version so whatever version number specified for -upgradewallet
that would have been set is overridden anyways.
I've done some commit reorganization as suggested by @luke-jr so this should be easier to review now. |
bd92de2
to
30b71d3
Compare
Maybe split out the first commit (move-only) as a separate pull, to cut down on the conflicts in the future? |
238f7df
to
0d32d66
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code review ACK 0d32d66
I think this is definitely an improvement and do agree it should be an RPC not in the wallet tool. Tests? 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Going to merge this for 0.21.0
wen tests, sir?
ACK 0d32d66 🚵
Show signature and timestamp
Signature:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
ACK 0d32d661481f099af572e7a08a50e17bcc165c44 🚵
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEE+rVPoUahrI9sLGYTzit1aX5ppUgFAlwqrYAACgkQzit1aX5p
pUjK6gv/TC3347Yc0B3KJppRFbyvMZndV7FLINr0i6jsR6RlkeXC4tqTCGat8KRC
QKKRgJwpE8AYLmomgQlodds6OZ0NOxGDr+XkGfYcvZSXH8y8XPjrtgLgRVPpUeFg
F5tfZFGLttBnKhnL/n44vV+lGEbAIwDlTpKw+86vM9r8qf00KtKdLEwhhN1ZjZsk
3EM4NdZ7wxDzGTK8URF1egnFhaJayVLLQEXyWNiV4PQTDnnEr9SAr4N0B0khROML
ecpTlhzKGayQeYGYMNsvFJZl1FnSiuTosgjFbVRCyBHSeRvVhmEhSgGr3p9Ee9Pq
MycIK++P+r36bI/6uQo1L15mFDSITOPENPxBeRCar1btx0C/g0tK9TU0k5ji6OKH
cKueJdNsWxTnzJZJgNizVI/uY3UAk3MV5tN8oBkDKWXCU4kom8k5qbZKKWGBAh05
rUech6uc17vAPuk/XWk20dwVst50h5XdlwMd9EUzPn13Quk7xe06bDkJcD7RtfWd
g8IYq3zK
=LvtB
-----END PGP SIGNATURE-----
Timestamp of file with hash 7716a881705c80f791d9f508a2608fc565f0f69a935156d7ee952e846c5c6af2 -
src/wallet/wallet.cpp
Outdated
@@ -3831,7 +3831,7 @@ std::shared_ptr<CWallet> CWallet::CreateWalletFromFile(interfaces::Chain& chain, | |||
} | |||
|
|||
if (gArgs.GetBoolArg("-upgradewallet", false)) { | |||
if (!UpgradeWallet(walletInstance, gArgs.GetBoolArg("-upgradewallet", 0), error, warnings)) { | |||
if (!UpgradeWallet(gArgs.GetBoolArg("-upgradewallet", 0), error, warnings)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in commit 1e48796
This is a bug and it needs to call walletInstance->UpgradeWallet, but I see the code is removed in the next commit anyway
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Luckily it doesn't compile:
wallet/wallet.cpp:3831:14: error: call to non-static member function without an object argument
if (!UpgradeWallet(gArgs.GetBoolArg("-upgradewallet", 0), error, warnings)) {
^~~~~~~~~~~~~
1 error generated.
"\nUpgrade the wallet. Upgrades to the latest version if no version number is specified\n" | ||
"New keys may be generated and a new wallet backup will need to be made.", | ||
{ | ||
{"version", RPCArg::Type::NUM, /* default */ strprintf("%d", FEATURE_LATEST), "The version number to upgrade to. Default is the latest wallet version"} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{"version", RPCArg::Type::NUM, /* default */ strprintf("%d", FEATURE_LATEST), "The version number to upgrade to. Default is the latest wallet version"} | |
{"version", RPCArg::Type::NUM, /* default */ strprintf("%d", WalletFeature::LATEST), "The version number to upgrade to. Default is the latest wallet version"} |
Unrelated nit for future cleanup: This should probably be scoped and not in the global namespace
…dewallet RPC 0d32d66 Remove -upgradewallet startup option (Andrew Chow) 92263cc Add upgradewallet RPC (Andrew Chow) 1e48796 Make UpgradeWallet a member function of CWallet (Andrew Chow) c988f27 Have UpgradeWallet take the version to upgrade to and an error message out parameter (Andrew Chow) 1833237 Only run UpgradeWallet if the wallet needs to be upgraded (Andrew Chow) 9c16b17 Move wallet upgrading to its own function (Andrew Chow) Pull request description: `-upgradewallet` is largely incompatible with many recent wallet features and versions. For example, it was disabled if multiple wallets were used and would not work with encrypted wallets that were being upgraded to HD. This PR does away with the old method of upgrading upon startup and instead allows users to upgrade their wallets via an `upgradewallet` RPC. This does largely the same thing as the old `-upgradewallet` option but because the wallet is loaded, it can be unlocked to upgrade to HD. Furthermore it is compatible with multiwallet as it works on the individual wallet that is specified by the RPC. ACKs for top commit: meshcollider: Code review ACK 0d32d66 darosior: ACK 0d32d66 MarcoFalke: ACK 0d32d66 🚵 Tree-SHA512: b425bf6f5d605e26506889d63c780895482f07cbc086193218e031e8504d3072d41e90d65cd41bcc98ee4c1eb048954bc5d4ac85435f7394892373aac89a3b0a
Summary: Backport of Core [[bitcoin/bitcoin#15761 | PR15761]] [1/6] : bitcoin/bitcoin@9c16b17 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Differential Revision: https://reviews.bitcoinabc.org/D7922
Summary: Backport of Core [[bitcoin/bitcoin#15761 | PR15761]] [2/6] : bitcoin/bitcoin@1833237 Depends on D7922 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Differential Revision: https://reviews.bitcoinabc.org/D7923
…e out parameter Summary: Backport of Core [[bitcoin/bitcoin#15761 | PR15761]] [3/6] : bitcoin/bitcoin@c988f27 Depends on D7923 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Differential Revision: https://reviews.bitcoinabc.org/D7924
Summary: Backport of Core [[bitcoin/bitcoin#15761 | PR15761]] [4/6] : bitcoin/bitcoin@1e48796 Depends on D7924 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Differential Revision: https://reviews.bitcoinabc.org/D7925
Summary: Backport of Core [[bitcoin/bitcoin#15761 | PR15761]] [5/6] : bitcoin/bitcoin@92263cc Depends on D7925 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Subscribers: Fabien Differential Revision: https://reviews.bitcoinabc.org/D7926
Summary: Backport of Core [[bitcoin/bitcoin#15761 | PR15761]] [6/6] : bitcoin/bitcoin@0d32d66 Depends on D7926 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Differential Revision: https://reviews.bitcoinabc.org/D7927
-upgradewallet
is largely incompatible with many recent wallet features and versions. For example, it was disabled if multiple wallets were used and would not work with encrypted wallets that were being upgraded to HD.This PR does away with the old method of upgrading upon startup and instead allows users to upgrade their wallets via an
upgradewallet
RPC. This does largely the same thing as the old-upgradewallet
option but because the wallet is loaded, it can be unlocked to upgrade to HD. Furthermore it is compatible with multiwallet as it works on the individual wallet that is specified by the RPC.