forked from bitcoin/bitcoin
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge bitcoin#13756: wallet: "avoid_reuse" wallet flag for improved p…
…rivacy 5ebc6b0 bitcoind: update -avoidpartialspends description to account for auto-enable for avoid_reuse wallets (Karl-Johan Alm) ada258f doc: release notes for avoid_reuse (Karl-Johan Alm) 2766955 wallet: enable avoid_partial_spends by default if avoid_reuse is set (Karl-Johan Alm) 8f2e208 test: add test for avoidreuse feature (Karl-Johan Alm) 0bdfbd3 wallet/rpc: add 'avoid_reuse' option to RPC commands (Karl-Johan Alm) f904723 wallet/rpc: add setwalletflag RPC and MUTABLE_WALLET_FLAGS (Karl-Johan Alm) 8247a0d wallet: enable avoid_reuse feature (Karl-Johan Alm) eec1566 wallet: avoid reuse flags (Karl-Johan Alm) 5892809 wallet: make IsWalletFlagSet() const (Karl-Johan Alm) 129a5ba wallet: rename g_known_wallet_flags constant to KNOWN_WALLET_FLAGS (Karl-Johan Alm) Pull request description: Add a new wallet flag called `avoid_reuse` which, when enabled, will keep track of when a specific destination has been spent from, and will actively "blacklist" any new UTXOs which send to an already-spent-from destination. This improves privacy, as a payer could otherwise begin tracking a payee's wallet by regularly peppering a known UTXO with dust outputs, which would then be scooped up and used in payments by the payee, allowing the payer to map out (1) the inputs owned by the payee and (2) the destinations to which the payee is making payments. This replaces bitcoin#10386 and together with the (now merged) bitcoin#12257 it addresses bitcoin#10065 in full. The concerns raised in bitcoin#10386 (comment) are also addressed due to bitcoin#12257. ~~Note: this builds on top of bitcoin#15780.~~ (merged) ACKs for commit 5ebc6b: jnewbery: ACK 5ebc6b0 laanwj: Concept and code-review ACK 5ebc6b0 meshcollider: Code review ACK bitcoin@5ebc6b0 achow101: ACK 5ebc6b0 modulo above nits Tree-SHA512: fdef45826af544cbbb45634ac367852cc467ec87081d86d08b53ca849e588617e9a0a255b7e7bb28692d15332de58d6c3d274ac003355220e4213d7d9070742e
- Loading branch information
1 parent
9dcb976
commit 6bcaa95
Showing
11 changed files
with
477 additions
and
27 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
Coin selection | ||
-------------- | ||
|
||
### Reuse Avoidance | ||
|
||
A new wallet flag `avoid_reuse` has been added (default off). When enabled, | ||
a wallet will distinguish between used and unused addresses, and default to not | ||
use the former in coin selection. | ||
|
||
(Note: rescanning the blockchain is required, to correctly mark previously | ||
used destinations.) | ||
|
||
Together with "avoid partial spends" (present as of Bitcoin v0.17), this | ||
addresses a serious privacy issue where a malicious user can track spends by | ||
peppering a previously paid to address with near-dust outputs, which would then | ||
be inadvertently included in future payments. | ||
|
||
New RPCs | ||
-------- | ||
|
||
- A new `setwalletflag` RPC sets/unsets flags for an existing wallet. | ||
|
||
|
||
Updated RPCs | ||
------------ | ||
|
||
Several RPCs have been updated to include an "avoid_reuse" flag, used to control | ||
whether already used addresses should be left out or included in the operation. | ||
These include: | ||
|
||
- createwallet | ||
- getbalance | ||
- sendtoaddress | ||
|
||
In addition, `sendtoaddress` has been changed to enable `-avoidpartialspends` when | ||
`avoid_reuse` is enabled. | ||
|
||
The listunspent RPC has also been updated to now include a "reused" bool, for nodes | ||
with "avoid_reuse" enabled. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.