[Wallet] Prevent spending of immature coins

[zeptin]

Fix for #1255

Most tests are passing, I had to fix several dozen that were implicitly relying on the incorrect wallet logic.

There is still an issue with the SharedSteps.MineBlocks helper method not correctly taking fees into account.

[Aprogiena]

What does it mean if transaction data have null for Coinbase or coinstake flags?

[Aprogiena]

In any case it would be nice to separate the parts of the condition to variables and you could reuse that here and about

[Aprogiena]

When null?

[Aprogiena]

Not sure if explicitly naming the argument here has any value

[zeptin]

Elsewhere I have explicitly named it because in 99% of cases you do not want to use anything other than false for it, so using it at all is unexpected and it should be visually apparent what parameter is being passed. However, since an argument with the same name is being passed in this case, it does not really give additional information. I will remove it.

[Aprogiena]

Wouldn't it be better to use false instead of null?

[zeptin]

This construct is used for the existing IsCoinStake, I am merely duplicating it.

[bokobza]

By using null we prevent the IsCoinbase field from being written to the wallet file.
We could decide to skip it if it's false in the future.

[Aprogiena]

Brackets

[Aprogiena]

Any explanation about the logic here?

[fassadlr]

Yes please write this a bit better so that its more readable 👍

[fassadlr]

Woah dude you are essentially voiding the POS minting integration test that ensures that we can stake coins!? This isn't right at all.

[zeptin]

I think this needs to be analysed further. I think the choice of 110 PoW rewards was an incorrect constant now that the behaviour of GetSpendableTransactionsInWallet is fixed. I will have to examine the staking integration test in more detail to see what the expected spendable balance should be.

[zeptin]

Ok, this was very much my bad; I misread what this method was actually doing. I have added includeImmature flags to the other GetSpendable* methods so that the test logic can be used essentially unchanged here.

[fassadlr]

This isn't right as we need to ensure that the wallet has enough coins to stake with.

[zeptin]

The premine is not immediately spendable. Clearly this method only mines sufficient blocks to generate the coins, nowhere near enough for them to be spendable, the comment indicates. I am correcting a constant that was chosen under false assumptions.

[zeptin]

Perhaps a better way would be to optionally include the immature coins and leave the calculation of the expected balance unchanged. It feels incorrect using a method that gets 'spendable' transactions to do that, though, so maybe a different or new method should be used instead.

[fassadlr]

I also want to know how this can null? A transaction is either a coinbase tx or its not?

[zeptin]

The IsCoinStake JSON property is nullable, so I am merely matching that with the introduction of IsCoinBase. This was presumably originally done so that the wallet JSON does not get numerous unnecessary boolean fields (as coinbase/stake transactions are the exception rather than the rule).

[Aprogiena]

It would be probably better to replace it for the Coinbase as well instead.

[fassadlr]

@zeptin please see my comments regarding the staking tests? I'm not sure how the staking test still works with a wallet that doesn't have enough coins?

[fassadlr]

I would flip the condition here to just continue so that the nested if can be avoided.

[fassadlr]

I feel this whole new if can be written better so that we avoid code duplication here.

[fassadlr]

You can combine this if and the one below?

[fassadlr]

Yes please write this a bit better so that its more readable 👍

[bokobza]

would we ever want to include immature coins?

[Aprogiena]

I know this is just as for which we don't have many requirements in terms of code style, so just saying that about five lines should not use var

[bokobza]

To reiterate my question, why do we have bool includeImmature = false?
Is there a scenario where we actually want to be able to send immature coins? As opposed to it being forbidden. @zeptin

[zeptin]

@bokobza Removing it is an option, but some tests would have to be rearchitected to take the changed behaviour into account. Fixing the tests wasn't really in the initial time estimate for the task, I suspect, so this may push it out past the end of the sprint. I agree that it is messy having the parameter, and there is no obvious use case for it in reality.

[bokobza]

Fair enough. But having tests passing because something not allowed is now allowed is a bit of a problem.
How many tests are failing because of that? In any case we'll have to fix them.

[bokobza]

why the change?

[zeptin]

It fixes the failing CreateExtPubKeyOnlyWallet_creates_wallet_with_extra_flag test that no one else seemed to have bothered about yet.

[bokobza]

You mean this test was failing before that change?

[zeptin]

As far as I am aware, yes. AddNewAccount_for_xpub_only_wallet_informs_user_to_create_new_wallet_ as well.

[bokobza]

These 2 don't fail for me or for the others. The integration tests are not running smoothy and sometimes a rerun of the failed ones fixes the issue.

[zeptin]

Not sure how that can be:

https://github.com/stratisproject/StratisBitcoinFullNode/blob/master/src/Stratis.Bitcoin.Features.Wallet/Controllers/WalletController.cs#L285-L288

[bokobza]

Because the creationDate used is the default one: 01/01/0001 and doesn't fail.

[zeptin]

It does default, but it still throws:

{System.ArgumentOutOfRangeException: The UTC time represented when the offset is applied must be between year 0 and 10,000.
Parameter name: offset
   at System.DateTimeOffset.ValidateDate(DateTime dateTime, TimeSpan offset)
   at System.DateTimeOffset..ctor(DateTime dateTime)
   at System.DateTimeOffset.op_Implicit(DateTime dateTime)
   at Stratis.Bitcoin.Features.Wallet.WalletManager.RecoverWallet(String name, ExtPubKey extPubKey, Int32 accountIndex, DateTime creationTime) in C:\StratisBitcoinFullNode\src\Stratis.Bitcoin.Features.Wallet\WalletManager.cs:line 369
   at Stratis.Bitcoin.Features.Wallet.Controllers.WalletController.RecoverViaExtPubKey(WalletExtPubRecoveryRequest request) in C:\StratisBitcoinFullNode\src\Stratis.Bitcoin.Features.Wallet\Controllers\WalletController.cs:line 285}

[bokobza]

why has this moved down?

[bokobza]

Can we set the maturity in BeforeTest or even in private int maturity = 1; so that it's more visible, or would that not work?

[bokobza]

maybe create int maturity = 5 and then do stratisNodeSync.GenerateStratisWithMiner(maturity + 5); so that the calculation is clear?

[bokobza]

could you not change the network maturity in the ctor? then it'll be available for the whole class.

[bokobza]

@zeptin I've made a few comments. These are valid for all the tests so please apply where possible.
Also please revert the changes aimed at improving the speed of the tests. If the test works, it's fine to wait 100 more blocks. Otherwise it makes it hard to figure out what needed to be changed vs what is an improvement. We can do the improvements in a further PR.

[fassadlr]

@zeptin OK I understand now why this change is required. As a secondary measure, can we perhaps check the coinstake flag on the transactionData to verify that it IS in fact a coinstake tx? We can also check the value so that it matches the network's stake reward?

The whole point of this test is to ensure that we can stake and mint new coins, so just checking that there is a new tx might not be entirely sufficient?

[zeptin]

Yeah, that seems sensible, I've added a check for that.

Checking the value might be overkill, but it isn't hard to do. It is however dependent on how many outputs the coinstake consists of (I think it is 8 by default, but this can be overridden and could change in future).

[bokobza]

don't we need to check if the node is synced?

[zeptin]

The test failed for me unless I removed that. I tried it repeatedly.

[bokobza]

A test should never fail if we wait a bit longer for a node to be synced.
There is only one test that we know always fail and it's "A_cut_off_miner_advanced_ahead_of_network_causes_reorg_on_reconnect".

[zeptin]

The test does fail if it takes the node longer than the helper method's timeout to sync. Why it might be taking longer than that, I do not know.

[bokobza]

Here you can do KnownNetworks.RegTest.Consensus.CoinbaseMaturity = 1; in the beforeTests method.

[zeptin]

Done

[bokobza]

there is no more fees for the mine block?

[zeptin]

The test fails if I do not change this.

[bokobza]

should that not be "10 + maturity" instead of 10?

[zeptin]

It is used like this in GenerateCoins, implying that it is being done after maturity is already reached:

            MineCoinsToMaturity();
            PremineNodeMinesTenBlocksMoreEnsuringTheyCanBeStaked();

[fassadlr]

@bokobza this.nodes[this.PremineNode].GenerateStratisWithMiner(10); is correct as we want to advance the node 10 blocks so that they coins become "stake-able"

[bokobza]

ok so I guess before we mined coins of quantity "maturity" and that was too much?

[bokobza]

The goal of this method is simply to return the reward, whether or not the rewards are spendable or not.
Are you sure this change is necessary? It shouldn't be. If it is then it's the tests using it that need looking into.

[zeptin]

I spent the last two weeks looking at the tests. This change is the least required to get everything to work.

[bokobza]

This change is the least required to get everything to work.

I don't understand how this is related.

[zeptin]

I am not sure how I am supposed to simultaneously get the tests to pass, and not change anything about them. This method gets used implicitly every time SharedSteps.MineBlocks is called, to ensure internal consistency. Its result gets compared to the increase in wallet balance, and any discrepancy causes the test to immediately fail. As the wallet balance is dependent on the underlying bug this PR fixes, it necessitates that this function be changed too. The alternative is to change every test that uses MineBlocks, which results in a lot more changed code & possible structural changes to the tests.

[bokobza]

This method is used in GetProofOfWorkRewardForMinedBlocksTest to check what's the miner reward after mining, but here you've changed the test there to match your change.
And you've added a test called GetProofOfWorkRewardForMinedBlocksTestLowMaturity that includes maturity in your calculation but it's not related to the miner reward.
@zeptin @fassadlr

[bokobza]

Is it not better to wait for one node to be fully synced, before making sure all the nodes are in sync with each other? Same question for the other instances where TestHelper.WaitLoop(() => TestHelper.IsNodeSynced(some node)); has been removed.

[bokobza]

Maybe we can combine the 2 ifs if we format it like this:

if ((!isCoinBase && !isCoinStake) ||
	((isCoinBase || isCoinStake) && (confirmationCount >= network.Consensus.CoinbaseMaturity))
{
	yield return new UnspentOutputReference
	{
		Account = this,
		Address = address,
		Transaction = transactionData
	};
}

[zeptin]

Done

[bokobza]

Almost there!

[fassadlr]

@bokobza Im happy with the changes that I requested, should you wish to merge today 👍