Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

client: add support for dcr spv wallets #788

Merged
merged 22 commits into from Nov 8, 2021
Merged

client: add support for dcr spv wallets #788

merged 22 commits into from Nov 8, 2021

Conversation

itswisdomagain
Copy link
Member

@itswisdomagain itswisdomagain commented Oct 27, 2020
edited

The following is a summary of changes made to support dcr spv wallets:

  • Validate and (re-)broadcast txData when auditing contracts.
  • Replace getblockchaininfo with syncstatus to determine sync status.
  • In spv mode, use block cfilters to find tx confirmations if gettxout and gettransaction can't find a tx. Both rpcs only returns results for wallet unspent outputs.
  • Re-audit contracts after they receive the required confirmations but before sending counter-swap (if taker) and before sending redeem (if maker).

The dcr harness is modified to use SPV for the second trading wallet to facilitate testing.

@buck54321 buck54321 mentioned this pull request Oct 31, 2020
Merged
@itswisdomagain itswisdomagain marked this pull request as draft December 29, 2020 11:01
@itswisdomagain itswisdomagain mentioned this pull request Mar 6, 2021
Closed
@chappjc chappjc added this to the 0.3 milestone Apr 7, 2021
@itswisdomagain itswisdomagain force-pushed the dcr-spv branch 2 times, most recently from a669641 to 81a850c Compare June 1, 2021 09:47
@chappjc chappjc self-requested a review July 15, 2021 01:36
@itswisdomagain itswisdomagain changed the title client/asset/dcr: changes to support spv wallets client: add support for dcr spv wallets Jul 31, 2021
@itswisdomagain
Copy link
Member Author

The commit message on 9b51633 provides my reasoning for making clients re-audit contracts before acting.

Copied below for posterity:

There is a very slight possibility that contract outputs that pass
audit while in mempool or in some cases before they are broadcasted
(rawtx audit) may differ from the output later observed in a block
for the same coin.

This risk is higher for spv wallets that will mostly only perform
audits on rawtxs before broadcasting the txs, without a guarantee
that the tx is accepted to the mempool. A malicious actor could
broadcast a different tx with same hash (theoretically possible)
but with a different output at the expected vout index.

There is risk of funds if clients only later check that the hash for
the earlier-audited tx is found in a block and proceed to send their
counter swap or expose their contract secret via a redemption. This
commit aims to mitigate that risk by repeating contract audits after
the initial tx hash is observed on the blockchain, ensuring that the
tx now observed on the blockchain is as desired.

The risk of fund loss I describe above feels less real than when I first thought about it. I've made that change a separate commit so I can easily remove it if the risk identified is not realistic.

@chappjc
Copy link
Member

chappjc commented Jul 31, 2021
edited

The risk of fund loss I describe above feels less real than when I first thought about it. I've made that change a separate commit so I can easily remove it if the risk identified is not realistic.

Yeah barring hash collisions, I don't think the txns are malleable in any way that is significant for the counterparty, but checking again sounds just fine to me.

@itswisdomagain itswisdomagain marked this pull request as ready for review July 31, 2021 15:35
@itswisdomagain
Copy link
Member Author

itswisdomagain commented Jul 31, 2021
edited

I plan to add some new tests but code's set for review in the meantime.
All current tests are passing, including trade_simnet_tests and dcr simnet tests.

@chappjc chappjc added the SPV label Aug 2, 2021
@chappjc chappjc modified the milestones: 0.3, 0.4 Aug 3, 2021
@chappjc chappjc mentioned this pull request Aug 4, 2021
Merged
itswisdomagain
itswisdomagain commented Aug 24, 2021
View reviewed changes
Copy link
Member Author

@itswisdomagain itswisdomagain left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops.

client/asset/dcr/dcr.go Outdated Show resolved Hide resolved
chappjc
chappjc requested changes Aug 24, 2021
View reviewed changes
Copy link
Member

@chappjc chappjc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Partial review. I'm still going through externaltx.go, but I wanted to point out the block header thing.

client/asset/dcr/dcr.go Outdated Show resolved Hide resolved
dex/testing/dcr/harness.sh Show resolved Hide resolved
chappjc
chappjc requested changes Aug 24, 2021
View reviewed changes
Copy link
Member

@chappjc chappjc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code mostly makes sense, but there are somethings I think you can help me understand, plus I need to actually fire up dcrwallet with --spv to test.

client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
client/asset/dcr/externaltx.go Outdated Show resolved Hide resolved
@chappjc chappjc mentioned this pull request Sep 14, 2021
Merged
chappjc
chappjc reviewed Oct 6, 2021
View reviewed changes
client/asset/dcr/dcr.go Outdated Show resolved Hide resolved
chappjc
chappjc reviewed Nov 7, 2021
View reviewed changes
client/asset/btc/btc.go Outdated Show resolved Hide resolved
@itswisdomagain
client/asset/dcr: validate and broadcast txData in AuditContract()
0451243
@itswisdomagain
client/asset/dcr: add basic support for spv wallets
8fa63e5 
- Don't error for missing dcrdjsonrpcapi, instead set wallet.spvMode=true.
- Replace getblockchaininfo with syncstatus to determine sync status.
@itswisdomagain
dcr harness: use spv for trading2 wallet
c3d9007
@itswisdomagain
client/asset/dcr: use cfilters to find txout confirmations
af46a25
@itswisdomagain
client/asset/dcr.AuditContract: handle txdata broadcast errors
2355326
@itswisdomagain
multi: re-audit contracts after confirmation, before acting
4f5a5e2 
There is a very slight possibility that contract outputs that pass
audit while in mempool or in some cases before they are broadcasted
(rawtx audit) may differ from the output later observed in a block
for the same coin.

This risk is higher for spv wallets that will mostly only perform
audits on rawtxs before broadcasting the txs, without a guarantee
that the tx is accepted to the mempool. A malicious actor could
broadcast a different tx with same hash (theoretically possible)
but with a different output at the expected vout index.

There is risk of funds if clients only later check that the hash for
the earlier-audited tx is found in a block and proceed to send their
counter swap or expose their contract secret via a redemption. This
commit aims to mitigate that risk by repeating contract audits after
the initial tx hash is observed on the blockchain, ensuring that the
tx now observed on the blockchain is as desired.
@itswisdomagain
fix trade_simnet_test duplicate balance change tracking
3c11408
@itswisdomagain
client/asset/dcr: remove added calls to getrawtransaction
206f27d 
The getrawtransaction rpc requires txindex to be enabled on full nodes
but clients may run full nodes without enabling txindex as it is not
a requirement.

Use gettransaction where possible instead of getrawtransaction to avoid
errors when clients use full nodes without txindex enabled.
@itswisdomagain
rebase fix, partial chapp review corrections
b0749cf
@itswisdomagain
rework swap confirmations code
7e211c8
@itswisdomagain
more review fixes
ad2e26c 
fix dcr harness spv wallets startup issues
fix SwapConfirmations error for wallet contracts
fix output spent check bug and repaired log messages
@itswisdomagain
pass feeratesuggestion to PayFee, fix txoutspender loop
742432e
@itswisdomagain
use wallet+external output lookup for audit, refund and swapconfs
19fd34a
@itswisdomagain
client/asset/dcr: check walletInfo.SPV and handle rpcclient reconnects
e569f68
@itswisdomagain
no txdata for post-confirmation repeat audit
eb24720
@itswisdomagain
trade_simnet_test changes for better btc spv wallet support
785973a
@itswisdomagain
fix wallet output check for spv wallets
5a53e29
@itswisdomagain
bump dcr rpc requiredWalletVersion
ab0d0bd
@itswisdomagain
rework dcr.lookupTxOut{WithBlockFilters}, rename dcr.Wallet.GetTxOut
d798528
@itswisdomagain
buck's review, btc audit txdata only
5f884a5
@itswisdomagain
chapp review
73ca58c
buck54321
buck54321 approved these changes Nov 8, 2021
View reviewed changes
Copy link
Member

@buck54321 buck54321 left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the follow through. This seems solid now.

I'll be following up quickly to propose some small changes to the Wallet interface.

@chappjc chappjc merged commit fe1995a into decred:master Nov 8, 2021
@itswisdomagain itswisdomagain deleted the dcr-spv branch November 8, 2021 21:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@buck54321 buck54321 buck54321 approved these changes

@chappjc chappjc chappjc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.4
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@itswisdomagain @chappjc @buck54321