DragonX/dragonx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Compare commits

base: DragonX:dev
Branches Tags
DragonX:dragonx DragonX:dev DragonX:ibd-wallet-notify-fix DragonX:compliant-rebrand DragonX:master
DragonX:v1.0.2 DragonX:v1.0.1 DragonX:v1.0.0
..
compare: DragonX:ibd-wallet-notify-fix
Branches Tags
DragonX:dev DragonX:ibd-wallet-notify-fix DragonX:dragonx DragonX:compliant-rebrand DragonX:master
DragonX:v1.0.2 DragonX:v1.0.1 DragonX:v1.0.0

1 Commits
dev ... ibd-wallet

Author SHA1 Message Date
DanS
2f3f320d28 Handle ReadBlockFromDisk failure during IBD gracefully 
During Initial Block Download, block data may not be flushed to disk
when the wallet notification thread tries to read it. Instead of
crashing with a fatal error, log a message and retry on the next cycle.
 2026-03-27 14:01:50 -05:00
39 changed files with 308 additions and 2267 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -175,4 +175,3 @@ src/dragonx-tx
src/dragonxd.exe src/dragonxd.exe
src/dragonx-cli.exe src/dragonx-cli.exe
src/dragonx-tx.exe src/dragonx-tx.exe
doc/relnotes/

40
README.md
View File

@@ -27,21 +27,6 @@ the entire history of Hush transactions; depending on the speed of your
computer and network connection, it will likely take a few hours at least, but computer and network connection, it will likely take a few hours at least, but
some people report full nodes syncing in less than 1.5 hours. some people report full nodes syncing in less than 1.5 hours.
# Fastest way to sync (bootstrap)
The quickest way to get a fully-synced node is the signed bootstrap snapshot, which
installs a pre-built blockchain so you skip re-validating the whole chain from genesis:
```sh
# Stop dragonxd first if it is running, then:
./util/bootstrap-dragonx.sh
```
The script preserves your `wallet.dat` and `DRAGONX.conf`, verifies the download's
checksums and (once a release key is published) its cryptographic signature, then starts
you near the chain tip. If you prefer to sync from the network instead, a larger
`-dbcache` (e.g. `-dbcache=2048`) noticeably speeds up the initial block download.
# Banned by GitHub # Banned by GitHub
In working on this release, Duke Leto was suspended from Github, which gave Hush developers In working on this release, Duke Leto was suspended from Github, which gave Hush developers
@@ -121,32 +106,19 @@ apt-get install -y gcc-7 g++-7 && \
# Build on Mac # Build on Mac
Install Xcode Command Line Tools and [Homebrew](https://brew.sh/), then install dependencies: ```
sudo port update
```sh sudo port upgrade outdated
xcode-select --install sudo port install qt5
brew install gcc autoconf automake pkgconf libtool cmake curl
# Install Rust (needed for librustzcash on macOS Sequoia+)
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"
# clone git repo # clone git repo
git clone https://git.hush.is/hush/hush3 git clone https://git.hush.is/hush/hush3
cd hush3 cd hush3
# Build (uses 3 build processes, you need 2GB of RAM for each) # Build
# Make sure libtool gnubin and cargo are on PATH # This uses 3 build processes, you need 2GB of RAM for each.
export PATH="$HOME/.cargo/bin:/usr/local/opt/libtool/libexec/gnubin:$PATH"
./build.sh -j3 ./build.sh -j3
``` ```
For a release build:
```sh
export PATH="$HOME/.cargo/bin:/usr/local/opt/libtool/libexec/gnubin:$PATH"
./build.sh --mac-release -j$(sysctl -n hw.ncpu)
```
# Installing Hush binaries # Installing Hush binaries
1. [Download the release](https://git.hush.is/hush/hush3/releases) with a .deb file extension. 1. [Download the release](https://git.hush.is/hush/hush3/releases) with a .deb file extension.

22
build.sh
View File

@@ -6,7 +6,7 @@
set -eu -o pipefail set -eu -o pipefail
VERSION="1.0.3" VERSION="1.0.1"
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
RELEASE_DIR="$SCRIPT_DIR/release" RELEASE_DIR="$SCRIPT_DIR/release"
@@ -80,12 +80,8 @@ package_release() {
echo "Packaging release for $platform..." echo "Packaging release for $platform..."
mkdir -p "$release_subdir" mkdir -p "$release_subdir"
# Copy bootstrap script (platform-appropriate) # Copy bootstrap script
if [ "$platform" = "win64" ]; then cp "$SCRIPT_DIR/util/bootstrap-dragonx.sh" "$release_subdir/"
cp "$SCRIPT_DIR/util/bootstrap-dragonx.bat" "$release_subdir/"
else
cp "$SCRIPT_DIR/util/bootstrap-dragonx.sh" "$release_subdir/"
fi
# Copy common files # Copy common files
cp "$SCRIPT_DIR/contrib/asmap/asmap.dat" "$release_subdir/" 2>/dev/null || true cp "$SCRIPT_DIR/contrib/asmap/asmap.dat" "$release_subdir/" 2>/dev/null || true
@@ -175,21 +171,21 @@ if [ $BUILD_LINUX_COMPAT -eq 1 ] || [ $BUILD_LINUX_RELEASE -eq 1 ] || [ $BUILD_W
if [ $BUILD_LINUX_RELEASE -eq 1 ]; then if [ $BUILD_LINUX_RELEASE -eq 1 ]; then
echo "=== Building Linux release ===" echo "=== Building Linux release ==="
clean_for_platform linux clean_for_platform linux
./util/build.sh --disable-tests ${REMAINING_ARGS[@]+"${REMAINING_ARGS[@]}"} ./util/build.sh --disable-tests "${REMAINING_ARGS[@]}"
package_release linux-amd64 package_release linux-amd64
fi fi
if [ $BUILD_WIN_RELEASE -eq 1 ]; then if [ $BUILD_WIN_RELEASE -eq 1 ]; then
echo "=== Building Windows release ===" echo "=== Building Windows release ==="
clean_for_platform windows clean_for_platform windows
./util/build-win.sh --disable-tests ${REMAINING_ARGS[@]+"${REMAINING_ARGS[@]}"} ./util/build-win.sh --disable-tests "${REMAINING_ARGS[@]}"
package_release win64 package_release win64
fi fi
if [ $BUILD_MAC_RELEASE -eq 1 ]; then if [ $BUILD_MAC_RELEASE -eq 1 ]; then
echo "=== Building macOS release ===" echo "=== Building macOS release ==="
clean_for_platform macos clean_for_platform macos
./util/build-mac.sh --disable-tests ${REMAINING_ARGS[@]+"${REMAINING_ARGS[@]}"} ./util/build-mac.sh --disable-tests "${REMAINING_ARGS[@]}"
package_release macos package_release macos
fi fi
@@ -201,11 +197,11 @@ fi
# Standard build (auto-detect OS) # Standard build (auto-detect OS)
if [[ "$OSTYPE" == "linux-gnu"* ]]; then if [[ "$OSTYPE" == "linux-gnu"* ]]; then
./util/build.sh --disable-tests ${REMAINING_ARGS[@]+"${REMAINING_ARGS[@]}"} ./util/build.sh --disable-tests "${REMAINING_ARGS[@]}"
elif [[ "$OSTYPE" == "darwin"* ]]; then elif [[ "$OSTYPE" == "darwin"* ]]; then
./util/build-mac.sh --disable-tests ${REMAINING_ARGS[@]+"${REMAINING_ARGS[@]}"} ./util/build-mac.sh --disable-tests "${REMAINING_ARGS[@]}"
elif [[ "$OSTYPE" == "msys"* ]]; then elif [[ "$OSTYPE" == "msys"* ]]; then
./util/build-win.sh --disable-tests ${REMAINING_ARGS[@]+"${REMAINING_ARGS[@]}"} ./util/build-win.sh --disable-tests "${REMAINING_ARGS[@]}"
else else
echo "Unable to detect your OS. What are you using?" echo "Unable to detect your OS. What are you using?"
fi fi

2
configure.ac
View File

@@ -3,7 +3,7 @@ AC_PREREQ([2.60])
define(_CLIENT_VERSION_MAJOR, 1) define(_CLIENT_VERSION_MAJOR, 1)
dnl Must be kept in sync with src/clientversion.h , ugh! dnl Must be kept in sync with src/clientversion.h , ugh!
define(_CLIENT_VERSION_MINOR, 0) define(_CLIENT_VERSION_MINOR, 0)
define(_CLIENT_VERSION_REVISION, 3) define(_CLIENT_VERSION_REVISION, 1)
define(_CLIENT_VERSION_BUILD, 50) define(_CLIENT_VERSION_BUILD, 50)
define(_ZC_BUILD_VAL, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, m4_incr(_CLIENT_VERSION_BUILD), m4_eval(_CLIENT_VERSION_BUILD < 50), 1, m4_eval(_CLIENT_VERSION_BUILD - 24), m4_eval(_CLIENT_VERSION_BUILD == 50), 1, , m4_eval(_CLIENT_VERSION_BUILD - 50))) define(_ZC_BUILD_VAL, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, m4_incr(_CLIENT_VERSION_BUILD), m4_eval(_CLIENT_VERSION_BUILD < 50), 1, m4_eval(_CLIENT_VERSION_BUILD - 24), m4_eval(_CLIENT_VERSION_BUILD == 50), 1, , m4_eval(_CLIENT_VERSION_BUILD - 50)))
define(_CLIENT_VERSION_SUFFIX, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, _CLIENT_VERSION_REVISION-beta$1, m4_eval(_CLIENT_VERSION_BUILD < 50), 1, _CLIENT_VERSION_REVISION-rc$1, m4_eval(_CLIENT_VERSION_BUILD == 50), 1, _CLIENT_VERSION_REVISION, _CLIENT_VERSION_REVISION-$1))) define(_CLIENT_VERSION_SUFFIX, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, _CLIENT_VERSION_REVISION-beta$1, m4_eval(_CLIENT_VERSION_BUILD < 50), 1, _CLIENT_VERSION_REVISION-rc$1, m4_eval(_CLIENT_VERSION_BUILD == 50), 1, _CLIENT_VERSION_REVISION, _CLIENT_VERSION_REVISION-$1)))

8
depends/builders/darwin.mk
View File

@@ -1,5 +1,5 @@
build_darwin_CC = gcc-15 build_darwin_CC = gcc-8
build_darwin_CXX = g++-15 build_darwin_CXX = g++-8
build_darwin_AR: = $(shell xcrun -f ar) build_darwin_AR: = $(shell xcrun -f ar)
build_darwin_RANLIB: = $(shell xcrun -f ranlib) build_darwin_RANLIB: = $(shell xcrun -f ranlib)
build_darwin_STRIP: = $(shell xcrun -f strip) build_darwin_STRIP: = $(shell xcrun -f strip)
@@ -10,8 +10,8 @@ build_darwin_SHA256SUM = shasum -a 256
build_darwin_DOWNLOAD = curl --connect-timeout $(DOWNLOAD_CONNECT_TIMEOUT) --retry $(DOWNLOAD_RETRIES) -L -f -o build_darwin_DOWNLOAD = curl --connect-timeout $(DOWNLOAD_CONNECT_TIMEOUT) --retry $(DOWNLOAD_RETRIES) -L -f -o
#darwin host on darwin builder. overrides darwin host preferences. #darwin host on darwin builder. overrides darwin host preferences.
darwin_CC= gcc-15 darwin_CC= gcc-8
darwin_CXX= g++-15 darwin_CXX= g++-8
darwin_AR:=$(shell xcrun -f ar) darwin_AR:=$(shell xcrun -f ar)
darwin_RANLIB:=$(shell xcrun -f ranlib) darwin_RANLIB:=$(shell xcrun -f ranlib)
darwin_STRIP:=$(shell xcrun -f strip) darwin_STRIP:=$(shell xcrun -f strip)

4
depends/hosts/darwin.mk
View File

@@ -2,8 +2,8 @@ OSX_MIN_VERSION=10.12
OSX_SDK_VERSION=10.12 OSX_SDK_VERSION=10.12
OSX_SDK=$(SDK_PATH)/MacOSX$(OSX_SDK_VERSION).sdk OSX_SDK=$(SDK_PATH)/MacOSX$(OSX_SDK_VERSION).sdk
LD64_VERSION=253.9 LD64_VERSION=253.9
darwin_CC=gcc-15 -target $(host) -mmacosx-version-min=$(OSX_MIN_VERSION) --sysroot $(OSX_SDK) -mlinker-version=$(LD64_VERSION) darwin_CC=gcc-8 -target $(host) -mmacosx-version-min=$(OSX_MIN_VERSION) --sysroot $(OSX_SDK) -mlinker-version=$(LD64_VERSION)
darwin_CXX=g++-15 -target $(host) -mmacosx-version-min=$(OSX_MIN_VERSION) --sysroot $(OSX_SDK) -mlinker-version=$(LD64_VERSION) darwin_CXX=g++-8 -target $(host) -mmacosx-version-min=$(OSX_MIN_VERSION) --sysroot $(OSX_SDK) -mlinker-version=$(LD64_VERSION)
darwin_CFLAGS=-pipe darwin_CFLAGS=-pipe
darwin_CXXFLAGS=$(darwin_CFLAGS) darwin_CXXFLAGS=$(darwin_CFLAGS)

6
depends/packages/librustzcash.mk
View File

@@ -40,15 +40,9 @@ define $(package)_preprocess_cmds
cat $($(package)_patch_dir)/cargo.config | sed 's|CRATE_REGISTRY|$(host_prefix)/$(CRATE_REGISTRY)|' > .cargo/config cat $($(package)_patch_dir)/cargo.config | sed 's|CRATE_REGISTRY|$(host_prefix)/$(CRATE_REGISTRY)|' > .cargo/config
endef endef
ifeq ($(build_os),darwin)
define $(package)_build_cmds
CARGO=$(HOME)/.cargo/bin/cargo RUSTC=$(HOME)/.cargo/bin/rustc $(HOME)/.cargo/bin/cargo build --package librustzcash $($(package)_build_opts)
endef
else
define $(package)_build_cmds define $(package)_build_cmds
$(host_prefix)/native/bin/cargo build --package librustzcash $($(package)_build_opts) $(host_prefix)/native/bin/cargo build --package librustzcash $($(package)_build_opts)
endef endef
endif
define $(package)_stage_cmds define $(package)_stage_cmds
mkdir $($(package)_staging_dir)$(host_prefix)/lib/ && \ mkdir $($(package)_staging_dir)$(host_prefix)/lib/ && \

8
depends/strip-rlib-metadata.sh
View File

@@ -1,8 +0,0 @@
#!/bin/sh
# Strip rust.metadata.bin from .rlib archives for macOS linker compatibility
RLIB_DIR="$1"
if [ -d "$RLIB_DIR" ]; then
for rlib in "$RLIB_DIR"/*.rlib; do
[ -f "$rlib" ] && ar d "$rlib" rust.metadata.bin 2>/dev/null || true
done
fi

20
src/Makefile.am
View File

@@ -39,22 +39,15 @@ BITCOIN_INCLUDES += -I$(srcdir)/univalue/include
BITCOIN_INCLUDES += -I$(srcdir)/leveldb/include BITCOIN_INCLUDES += -I$(srcdir)/leveldb/include
if TARGET_WINDOWS if TARGET_WINDOWS
LIBBITCOIN_SERVER=libbitcoin_server.a LIBBITCOIN_SERVER=libbitcoin_server.a -lcurl
endif endif
if TARGET_DARWIN if TARGET_DARWIN
LIBBITCOIN_SERVER=libbitcoin_server.a LIBBITCOIN_SERVER=libbitcoin_server.a -lcurl
endif endif
if TARGET_LINUX if TARGET_LINUX
LIBBITCOIN_SERVER=libbitcoin_server.a LIBBITCOIN_SERVER=libbitcoin_server.a -lcurl
endif endif
# libcurl is a linker flag, not a buildable library file. It must NOT live inside
# LIBBITCOIN_SERVER, which is also fed into EXTRA_LIBRARIES (a list of files automake
# builds) where a -l flag is illegal and triggers a portability error. Keep it as its
# own variable, added to each binary's _LDADD after libbitcoin_server.a (whose objects
# reference curl symbols) so static link order stays correct.
LIBCURL = -lcurl
LIBBITCOIN_WALLET=libbitcoin_wallet.a LIBBITCOIN_WALLET=libbitcoin_wallet.a
LIBBITCOIN_COMMON=libbitcoin_common.a LIBBITCOIN_COMMON=libbitcoin_common.a
LIBBITCOIN_CLI=libbitcoin_cli.a LIBBITCOIN_CLI=libbitcoin_cli.a
@@ -471,7 +464,6 @@ endif
dragonxd_LDADD = \ dragonxd_LDADD = \
$(LIBBITCOIN_SERVER) \ $(LIBBITCOIN_SERVER) \
$(LIBCURL) \
$(LIBBITCOIN_COMMON) \ $(LIBBITCOIN_COMMON) \
$(LIBUNIVALUE) \ $(LIBUNIVALUE) \
$(LIBBITCOIN_UTIL) \ $(LIBBITCOIN_UTIL) \
@@ -602,7 +594,7 @@ libzcash_a_CPPFLAGS = -DMULTICORE -fopenmp -fPIC -DBOOST_SPIRIT_THREADSAFE -DHAV
#libzcash_a_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) #libzcash_a_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
#libzcash_a_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DMONTGOMERY_OUTPUT #libzcash_a_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DMONTGOMERY_OUTPUT
libzcash_a_CXXFLAGS = $(SAN_CXXFLAGS) $(HARDENED_CXXFLAGS) -fwrapv -fno-strict-aliasing -std=gnu++17 libzcash_a_CXXFLAGS = $(SAN_CXXFLAGS) $(HARDENED_CXXFLAGS) -fwrapv -fno-strict-aliasing -std=gnu17
libzcash_a_LDFLAGS = $(SAN_LDFLAGS) $(HARDENED_LDFLAGS) libzcash_a_LDFLAGS = $(SAN_LDFLAGS) $(HARDENED_LDFLAGS)
libzcash_a_CPPFLAGS += -DMONTGOMERY_OUTPUT libzcash_a_CPPFLAGS += -DMONTGOMERY_OUTPUT
@@ -644,7 +636,7 @@ libhush_a_SOURCES = \
libhush_a_CPPFLAGS = -DMULTICORE -fopenmp -fPIC -DBINARY_OUTPUT -DCURVE_ALT_BN128 -DBOOST_SPIRIT_THREADSAFE -DHAVE_BUILD_INFO -D__STDC_FORMAT_MACROS $(HARDENED_CPPFLAGS) -pipe -O1 -g -Wstack-protector -fstack-protector-all -fPIE -fvisibility=hidden -DSTATIC $(BITCOIN_INCLUDES) libhush_a_CPPFLAGS = -DMULTICORE -fopenmp -fPIC -DBINARY_OUTPUT -DCURVE_ALT_BN128 -DBOOST_SPIRIT_THREADSAFE -DHAVE_BUILD_INFO -D__STDC_FORMAT_MACROS $(HARDENED_CPPFLAGS) -pipe -O1 -g -Wstack-protector -fstack-protector-all -fPIE -fvisibility=hidden -DSTATIC $(BITCOIN_INCLUDES)
libhush_a_CXXFLAGS = $(HARDENED_CXXFLAGS) -fwrapv -fno-strict-aliasing -std=gnu++17 libhush_a_CXXFLAGS = $(HARDENED_CXXFLAGS) -fwrapv -fno-strict-aliasing -std=gnu17
libhush_a_LDFLAGS = $(HARDENED_LDFLAGS) libhush_a_LDFLAGS = $(HARDENED_LDFLAGS)
@@ -693,5 +685,5 @@ endif
if ENABLE_TESTS if ENABLE_TESTS
#include Makefile.test-hush.include #include Makefile.test-hush.include
#include Makefile.test.include #include Makefile.test.include
include Makefile.gtest.include #include Makefile.gtest.include
endif endif

87
src/Makefile.gtest.include
View File

@@ -4,60 +4,65 @@ TESTS += hush-gtest
bin_PROGRAMS += hush-gtest bin_PROGRAMS += hush-gtest
# tool for generating our public parameters # tool for generating our public parameters
# NOTE: the original test list used an invalid automake form (comment after a trailing
# backslash, and `zcash_gtest_SOURCES +=` with no prior `=`), which is why the whole
# gtest harness was disabled via a `#include`. Minimal valid set: the harness + the
# UTXO-snapshot round-trip test. Re-add other gtest sources here as they are revived.
hush_gtest_SOURCES = \ hush_gtest_SOURCES = \
gtest/main.cpp \ gtest/main.cpp \
gtest/utils.cpp \ gtest/utils.cpp \
gtest/test_utxosnapshot.cpp \ gtest/test_checktransaction.cpp \
gtest/test_randomx_preverify.cpp gtest/json_test_vectors.cpp \
gtest/json_test_vectors.h \
gtest/test_wallet_zkeys.cpp \
# These tests are order-dependent, because they
# depend on global state (see #1539)
if ENABLE_WALLET
zcash_gtest_SOURCES += \
wallet/gtest/test_wallet_zkeys.cpp
endif
zcash_gtest_SOURCES += \
gtest/test_tautology.cpp \
gtest/test_deprecation.cpp \
gtest/test_equihash.cpp \
gtest/test_httprpc.cpp \
gtest/test_keys.cpp \
gtest/test_keystore.cpp \
gtest/test_noteencryption.cpp \
gtest/test_mempool.cpp \
gtest/test_merkletree.cpp \
gtest/test_metrics.cpp \
gtest/test_miner.cpp \
gtest/test_pow.cpp \
gtest/test_random.cpp \
gtest/test_rpc.cpp \
gtest/test_sapling_note.cpp \
gtest/test_transaction.cpp \
gtest/test_transaction_builder.cpp \
gtest/test_upgrades.cpp \
gtest/test_validation.cpp \
gtest/test_circuit.cpp \
gtest/test_txid.cpp \
gtest/test_libzcash_utils.cpp \
gtest/test_proofs.cpp \
gtest/test_pedersen_hash.cpp \
gtest/test_checkblock.cpp \
gtest/test_zip32.cpp
if ENABLE_WALLET
zcash_gtest_SOURCES += \
wallet/gtest/test_wallet.cpp
endif
hush_gtest_CPPFLAGS = $(AM_CPPFLAGS) -DMULTICORE -fopenmp -DBINARY_OUTPUT -DCURVE_ALT_BN128 -DSTATIC $(BITCOIN_INCLUDES) hush_gtest_CPPFLAGS = $(AM_CPPFLAGS) -DMULTICORE -fopenmp -DBINARY_OUTPUT -DCURVE_ALT_BN128 -DSTATIC $(BITCOIN_INCLUDES)
hush_gtest_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) hush_gtest_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
# Mirror dragonxd_LDADD's working library set/order (the old list used a non-existent hush_gtest_LDADD = -lgtest -lgmock $(LIBBITCOIN_SERVER) $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBBITCOIN_UNIVALUE) $(LIBLEVELDB) $(LIBMEMENV) \
# $(LIBBITCOIN_UNIVALUE) so univalue was never linked, and omitted LIBHUSH/LIBRANDOMX/libcc). $(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1)
hush_gtest_LDADD = -lgtest -lgmock \
$(LIBBITCOIN_SERVER) \
$(LIBCURL) \
$(LIBBITCOIN_COMMON) \
$(LIBUNIVALUE) \
$(LIBBITCOIN_UTIL) \
$(LIBBITCOIN_CRYPTO) \
$(LIBZCASH) \
$(LIBHUSH) \
$(LIBLEVELDB) \
$(LIBMEMENV) \
$(LIBSECP256K1) \
$(LIBRANDOMX)
if ENABLE_WALLET if ENABLE_WALLET
hush_gtest_LDADD += $(LIBBITCOIN_WALLET) hush_gtest_LDADD += $(LIBBITCOIN_WALLET)
endif endif
hush_gtest_LDADD += \ hush_gtest_LDADD += $(LIBZCASH_CONSENSUS) $(BDB_LIBS) $(SSL_LIBS) $(CRYPTO_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(LIBZCASH) $(LIBZCASH_LIBS)
$(BOOST_LIBS) \
$(BOOST_UNIT_TEST_FRAMEWORK_LIB) \
$(BDB_LIBS) \
$(SSL_LIBS) \
$(CRYPTO_LIBS) \
$(EVENT_PTHREADS_LIBS) \
$(EVENT_LIBS) \
$(LIBBITCOIN_CRYPTO) \
$(LIBZCASH_LIBS)
if TARGET_DARWIN hush_gtest_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) -static
hush_gtest_LDADD += libcc.dylib $(LIBSECP256K1)
endif
if TARGET_WINDOWS
hush_gtest_LDADD += libcc.dll $(LIBSECP256K1)
endif
if TARGET_LINUX
hush_gtest_LDADD += libcc.so $(LIBSECP256K1)
endif
hush_gtest_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) hush_gtest_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) -static
hush-gtest-expected-failures: hush-gtest FORCE hush-gtest-expected-failures: hush-gtest FORCE
./hush-gtest --gtest_filter=*DISABLED_* --gtest_also_run_disabled_tests ./hush-gtest --gtest_filter=*DISABLED_* --gtest_also_run_disabled_tests

4
src/Makefile.test.include
View File

@@ -112,13 +112,13 @@ endif
test_test_bitcoin_SOURCES = $(BITCOIN_TESTS) $(JSON_TEST_FILES) $(RAW_TEST_FILES) test_test_bitcoin_SOURCES = $(BITCOIN_TESTS) $(JSON_TEST_FILES) $(RAW_TEST_FILES)
test_test_bitcoin_CPPFLAGS = $(AM_CPPFLAGS) -fopenmp $(BITCOIN_INCLUDES) -I$(builddir)/test/ $(TESTDEFS) $(EVENT_CFLAGS) test_test_bitcoin_CPPFLAGS = $(AM_CPPFLAGS) -fopenmp $(BITCOIN_INCLUDES) -I$(builddir)/test/ $(TESTDEFS) $(EVENT_CFLAGS)
test_test_bitcoin_LDADD = $(LIBBITCOIN_SERVER) $(LIBCURL) $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) $(LIBLEVELDB) $(LIBMEMENV) \ test_test_bitcoin_LDADD = $(LIBBITCOIN_SERVER) $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) $(LIBLEVELDB) $(LIBMEMENV) \
$(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS)
test_test_bitcoin_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_test_bitcoin_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
if ENABLE_WALLET if ENABLE_WALLET
test_test_bitcoin_LDADD += $(LIBBITCOIN_WALLET) test_test_bitcoin_LDADD += $(LIBBITCOIN_WALLET)
endif endif
test_test_bitcoin_LDADD += $(LIBBITCOIN_SERVER) $(LIBCURL) $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) \ test_test_bitcoin_LDADD += $(LIBBITCOIN_SERVER) $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) \
$(LIBLEVELDB) $(LIBMEMENV) $(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1) $(EVENT_LIBS) $(EVENT_PTHREADS_LIBS) $(LIBLEVELDB) $(LIBMEMENV) $(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1) $(EVENT_LIBS) $(EVENT_PTHREADS_LIBS)
test_test_bitcoin_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_test_bitcoin_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)

2
src/cc/Makefile_custom
View File

@@ -1,5 +1,5 @@
SHELL = /bin/sh SHELL = /bin/sh
CC_DARWIN = g++-15 CC_DARWIN = g++-8
CC_WIN = x86_64-w64-mingw32-gcc-posix CC_WIN = x86_64-w64-mingw32-gcc-posix
CC_AARCH64 = aarch64-linux-gnu-g++ CC_AARCH64 = aarch64-linux-gnu-g++
CFLAGS_DARWIN = -DBUILD_CUSTOMCC -std=c++11 -arch x86_64 -I../secp256k1/include -I../../depends/$(shell echo `../..//depends/config.guess`/include) -I../univalue/include -I../leveldb/include -I.. -I. -fPIC -Wl,-undefined -Wl,dynamic_lookup -Wno-write-strings -shared -dynamiclib CFLAGS_DARWIN = -DBUILD_CUSTOMCC -std=c++11 -arch x86_64 -I../secp256k1/include -I../../depends/$(shell echo `../..//depends/config.guess`/include) -I../univalue/include -I../leveldb/include -I.. -I. -fPIC -Wl,-undefined -Wl,dynamic_lookup -Wno-write-strings -shared -dynamiclib

BIN
src/cc/customcc.dylib
View File

Binary file not shown.

18
src/chain.h
View File

@@ -32,12 +32,8 @@ class CChainPower;
#include <boost/foreach.hpp> #include <boost/foreach.hpp>
extern bool fZindex; extern bool fZindex;
// These version thresholds control whether nSproutValue/nSaplingValue are static const int SPROUT_VALUE_VERSION = 1001400;
// serialized in the block index. They must be <= CLIENT_VERSION or the static const int SAPLING_VALUE_VERSION = 1010100;
// values will never be persisted, causing nChainSaplingValue to reset
// to 0 after node restart. DragonX CLIENT_VERSION is 1000350 (v1.0.3.50).
static const int SPROUT_VALUE_VERSION = 1000000;
static const int SAPLING_VALUE_VERSION = 1000000;
extern int32_t ASSETCHAINS_LWMAPOS; extern int32_t ASSETCHAINS_LWMAPOS;
extern char SMART_CHAIN_SYMBOL[65]; extern char SMART_CHAIN_SYMBOL[65];
extern uint64_t ASSETCHAINS_NOTARY_PAY[]; extern uint64_t ASSETCHAINS_NOTARY_PAY[];
@@ -400,15 +396,6 @@ public:
//! (memory only) Sequential id assigned to distinguish order in which blocks are received. //! (memory only) Sequential id assigned to distinguish order in which blocks are received.
uint32_t nSequenceId; uint32_t nSequenceId;
//! (memory only) Set true once this block's RandomX PoW has been verified by the parallel
//! pre-verification pool, letting the inline check in CheckBlockHeader skip the recompute.
//! Written by exactly one pre-verify worker (1:1 with the block) and read by the connect
//! thread only AFTER the pool barrier (CCheckQueue::Wait provides the happens-before), so a
//! plain bool is race-free here. NOT serialized — a pure optimization hint; the inline
//! CheckRandomXSolution remains the consensus authority. (Plain bool, not std::atomic, so
//! CBlockIndex stays copyable for CDiskBlockIndex's `CBlockIndex(*pindex)` construction.)
bool fRandomXVerified;
void SetNull() void SetNull()
{ {
phashBlock = NULL; phashBlock = NULL;
@@ -423,7 +410,6 @@ public:
chainPower = CChainPower(); chainPower = CChainPower();
nTx = 0; nTx = 0;
nChainTx = 0; nChainTx = 0;
fRandomXVerified = false;
// Shieldex Index chain stats // Shieldex Index chain stats
nChainPayments = 0; nChainPayments = 0;

13
src/chainparams.h
View File

@@ -69,17 +69,6 @@ public:
double fTransactionsPerDay; double fTransactionsPerDay;
}; };
/** Trusted UTXO-snapshot (assumeutxo-style) anchor. When `hash` is set, a node loading a
* snapshot via -loadutxosnapshot must produce exactly this content hash at this height,
* otherwise the snapshot is refused. Null hash = not configured (loading requires the
* explicit -loadutxosnapshotunsafe override, e.g. for regtest/testing). Mirrors the
* hardcoded-checkpoint trust model. */
struct AssumeutxoData {
int height;
uint256 hash;
bool IsNull() const { return hash.IsNull(); }
};
enum Bech32Type { enum Bech32Type {
SAPLING_PAYMENT_ADDRESS, SAPLING_PAYMENT_ADDRESS,
SAPLING_FULL_VIEWING_KEY, SAPLING_FULL_VIEWING_KEY,
@@ -116,7 +105,6 @@ public:
const std::string& Bech32HRP(Bech32Type type) const { return bech32HRPs[type]; } const std::string& Bech32HRP(Bech32Type type) const { return bech32HRPs[type]; }
const std::vector<uint8_t>& FixedSeeds() const { return vFixedSeeds; } const std::vector<uint8_t>& FixedSeeds() const { return vFixedSeeds; }
const CCheckpointData& Checkpoints() const { return checkpointData; } const CCheckpointData& Checkpoints() const { return checkpointData; }
const AssumeutxoData& Assumeutxo() const { return assumeutxoData; }
/** Return the founder's reward address and script for a given block height */ /** Return the founder's reward address and script for a given block height */
std::string GetFoundersRewardAddressAtHeight(int height) const; std::string GetFoundersRewardAddressAtHeight(int height) const;
CScript GetFoundersRewardScriptAtHeight(int height) const; CScript GetFoundersRewardScriptAtHeight(int height) const;
@@ -156,7 +144,6 @@ protected:
bool fMineBlocksOnDemand = false; bool fMineBlocksOnDemand = false;
bool fTestnetToBeDeprecatedFieldRPC = false; bool fTestnetToBeDeprecatedFieldRPC = false;
CCheckpointData checkpointData; CCheckpointData checkpointData;
AssumeutxoData assumeutxoData; // null by default; set per-network in chainparams.cpp once a snapshot hash is published
std::vector<std::string> vFoundersRewardAddress; std::vector<std::string> vFoundersRewardAddress;
}; };

2
src/clientversion.h
View File

@@ -30,7 +30,7 @@
// Must be kept in sync with configure.ac , ugh! // Must be kept in sync with configure.ac , ugh!
#define CLIENT_VERSION_MAJOR 1 #define CLIENT_VERSION_MAJOR 1
#define CLIENT_VERSION_MINOR 0 #define CLIENT_VERSION_MINOR 0
#define CLIENT_VERSION_REVISION 3 #define CLIENT_VERSION_REVISION 1
#define CLIENT_VERSION_BUILD 50 #define CLIENT_VERSION_BUILD 50
//! Set to true for release, false for prerelease or test build //! Set to true for release, false for prerelease or test build

2
src/compat/glibcxx_sanity.cpp
View File

@@ -47,7 +47,7 @@ bool sanity_test_range_fmt()
{ {
std::string test; std::string test;
try { try {
(void)test.at(1); test.at(1);
} catch (const std::out_of_range&) { } catch (const std::out_of_range&) {
return true; return true;
} catch (...) { } catch (...) {

172
src/gtest/test_randomx_preverify.cpp
View File

@@ -1,172 +0,0 @@
// Copyright (c) 2024-2026 The DragonX developers
// Distributed under the GPLv3 software license, see the accompanying
// file COPYING or https://www.gnu.org/licenses/gpl-3.0.en.html
//
// Consensus-equivalence test for the parallel RandomX pre-verification pool. The pool is purely an
// optimization: a block's transient fRandomXVerified flag (set by CRandomXCheck on a real hash
// match) only lets CheckBlockHeader SKIP the inline recompute. So for every block the pool's
// outcome must equal the inline CheckRandomXSolution outcome — `(preVerified || inline) == inline`.
// We exercise a valid solution, a corrupted solution, and confirm the pool never "succeeds" on a
// block the inline check would reject.
#include <gtest/gtest.h>
#include <string>
#include <vector>
#include "arith_uint256.h"
#include "chain.h"
#include "chainparams.h"
#include "pow.h"
#include "primitives/block.h"
#include "RandomX/src/randomx.h"
#include "hush_defs.h"
#include "util.h"
#include <boost/thread.hpp>
#include <memory>
extern int32_t HUSH_LOADINGBLOCKS;
extern bool fCheckpointsEnabled;
namespace {
// Compute the correct RandomX solution for a header using a standalone reference light VM, via the
// SAME key + input helpers the validator uses (so the bytes/key match exactly).
void ReferenceRandomXHash(const CBlockHeader& hdr, const std::string& key, unsigned char out[RANDOMX_HASH_SIZE])
{
std::vector<unsigned char> in = GetRandomXInput(hdr);
randomx_flags flags = randomx_get_flags();
randomx_cache* c = randomx_alloc_cache(flags);
ASSERT_NE(c, nullptr);
randomx_init_cache(c, key.data(), key.size());
randomx_vm* vm = randomx_create_vm(flags, c, nullptr);
ASSERT_NE(vm, nullptr);
randomx_calculate_hash(vm, in.data(), in.size(), out);
randomx_destroy_vm(vm);
randomx_release_cache(c);
}
} // namespace
TEST(RandomXPreVerify, ConsensusEquivalence)
{
// Force RandomX validation to actually run at low heights in the test harness.
uint32_t savedAlgo = ASSETCHAINS_ALGO, savedRx = ASSETCHAINS_RANDOMX;
int32_t savedVal = ASSETCHAINS_RANDOMX_VALIDATION, savedLoad = HUSH_LOADINGBLOCKS;
bool savedCkpt = fCheckpointsEnabled;
ASSETCHAINS_RANDOMX = 2; // a distinct nonzero algo id
ASSETCHAINS_ALGO = ASSETCHAINS_RANDOMX;
ASSETCHAINS_RANDOMX_VALIDATION = 1; // enforce from height 1
HUSH_LOADINGBLOCKS = 0; // not in initial-load (else RandomX skipped)
fCheckpointsEnabled = false; // avoid the below-checkpoint skip
const int32_t height = 10; // < interval+lag -> the chain-params initial key (no chainActive needed)
CBlockHeader hdr;
hdr.nVersion = 4;
hdr.hashPrevBlock = uint256S("0x0000000000000000000000000000000000000000000000000000000000000001");
hdr.hashMerkleRoot = uint256S("0x0000000000000000000000000000000000000000000000000000000000000002");
hdr.hashFinalSaplingRoot = uint256S("0x0000000000000000000000000000000000000000000000000000000000000003");
hdr.nTime = 1700000000;
hdr.nBits = 0x200f0f0f;
hdr.nNonce = uint256S("0x0000000000000000000000000000000000000000000000000000000000000004");
std::string key = GetRandomXKey(height);
ASSERT_FALSE(key.empty());
unsigned char good[RANDOMX_HASH_SIZE];
ReferenceRandomXHash(hdr, key, good);
// Run the pool path synchronously on this thread (CRandomXCheck creates its own thread_local VM).
auto poolVerifies = [&](const CBlockHeader& h) -> bool {
RandomXValidatorPrepareKey(key); // load the shared cache with this key
bool slot = false;
CRandomXCheck chk(key, GetRandomXInput(h), h.nSolution.data(), &slot);
chk();
return slot;
};
// Case 1 — valid solution: both inline and pool accept; equivalence holds.
hdr.nSolution.assign(good, good + RANDOMX_HASH_SIZE);
EXPECT_TRUE(CheckRandomXSolution(&hdr, height));
EXPECT_TRUE(poolVerifies(hdr));
EXPECT_EQ(poolVerifies(hdr) || CheckRandomXSolution(&hdr, height), CheckRandomXSolution(&hdr, height));
// Case 2 — corrupted solution: both reject; the pool must NOT set verified.
{
CBlockHeader bad = hdr;
bad.nSolution[0] ^= 0xff;
EXPECT_FALSE(CheckRandomXSolution(&bad, height));
EXPECT_FALSE(poolVerifies(bad));
EXPECT_EQ(poolVerifies(bad) || CheckRandomXSolution(&bad, height), CheckRandomXSolution(&bad, height));
}
// Case 3 — a verified flag on the block lets CheckBlockHeader skip, but verified is only ever set
// by a real hash match, so it can never mask an invalid block. (Pool returns false for the bad
// block above, so its fRandomXVerified stays false and the inline path rejects it at connect.)
ASSETCHAINS_ALGO = savedAlgo; ASSETCHAINS_RANDOMX = savedRx;
ASSETCHAINS_RANDOMX_VALIDATION = savedVal; HUSH_LOADINGBLOCKS = savedLoad;
fCheckpointsEnabled = savedCkpt;
}
// A/B: serial inline verification (single VM) vs the parallel pool (worker threads). Directly
// measures the speedup the pool delivers. We don't care about validity here (mismatched solutions
// still cost a full hash), only wall-clock. parallel must beat serial whenever >1 core is used.
TEST(RandomXPreVerify, ParallelSpeedup)
{
uint32_t savedAlgo = ASSETCHAINS_ALGO, savedRx = ASSETCHAINS_RANDOMX;
int32_t savedVal = ASSETCHAINS_RANDOMX_VALIDATION, savedLoad = HUSH_LOADINGBLOCKS;
bool savedCkpt = fCheckpointsEnabled;
ASSETCHAINS_RANDOMX = 2; ASSETCHAINS_ALGO = ASSETCHAINS_RANDOMX;
ASSETCHAINS_RANDOMX_VALIDATION = 1; HUSH_LOADINGBLOCKS = 0; fCheckpointsEnabled = false;
const int32_t height = 10;
std::string key = GetRandomXKey(height);
ASSERT_FALSE(key.empty());
ASSERT_TRUE(RandomXValidatorPrepareKey(key));
const int M = 16; // blocks to verify in the window
std::vector<CBlockHeader> hdrs(M);
for (int i = 0; i < M; i++) {
hdrs[i].nVersion = 4;
hdrs[i].nTime = 1700000000 + i;
hdrs[i].nBits = 0x200f0f0f;
hdrs[i].nNonce = ArithToUint256(arith_uint256(i + 1)); // distinct inputs
hdrs[i].nSolution.assign(RANDOMX_HASH_SIZE, 0); // arbitrary; we time the hash
}
// Serial baseline: inline single-VM verification (each call hashes, then mismatches -> false).
int64_t t0 = GetTimeMicros();
for (int i = 0; i < M; i++) CheckRandomXSolution(&hdrs[i], height);
int64_t serialUs = GetTimeMicros() - t0;
// Parallel: spawn K-1 workers + the master (this thread) joining via Wait().
int K = std::min(8, std::max(2, (int)boost::thread::hardware_concurrency()));
boost::thread_group workers;
for (int i = 0; i < K - 1; i++) workers.create_thread(&ThreadRandomXVerify);
std::unique_ptr<bool[]> slots(new bool[M]());
std::vector<CRandomXCheck> checks;
checks.reserve(M);
for (int i = 0; i < M; i++)
checks.push_back(CRandomXCheck(key, GetRandomXInput(hdrs[i]), hdrs[i].nSolution.data(), &slots[i]));
int64_t t1 = GetTimeMicros();
{
CCheckQueueControl<CRandomXCheck> control(&rxCheckQueue);
control.Add(checks);
control.Wait();
}
int64_t parallelUs = GetTimeMicros() - t1;
workers.interrupt_all();
workers.join_all();
printf("[ RandomX A/B ] %d blocks: serial(1 VM)=%ldms, parallel(%d threads)=%ldms, speedup=%.1fx\n",
M, (long)(serialUs / 1000), K, (long)(parallelUs / 1000),
(double)serialUs / (double)std::max<int64_t>(1, parallelUs));
EXPECT_LT(parallelUs, serialUs); // parallel must be faster than serial on a multi-core box
ASSETCHAINS_ALGO = savedAlgo; ASSETCHAINS_RANDOMX = savedRx;
ASSETCHAINS_RANDOMX_VALIDATION = savedVal; HUSH_LOADINGBLOCKS = savedLoad;
fCheckpointsEnabled = savedCkpt;
}

203
src/gtest/test_utxosnapshot.cpp
View File

@@ -1,203 +0,0 @@
// Copyright (c) 2024-2026 The DragonX developers
// Distributed under the GPLv3 software license, see the accompanying
// file COPYING or https://www.gnu.org/licenses/gpl-3.0.en.html
//
// Round-trip tests for the trusted UTXO snapshot (assumeutxo-style) dump/load core
// (CCoinsViewDB::DumpSnapshot / LoadSnapshot). This exercises the highest-risk part of
// the feature in isolation: that coins, Sapling commitment trees, the nullifier set, the
// best block and the best Sapling anchor survive a serialize -> hash -> deserialize cycle
// exactly, and that integrity/trust verification rejects tampered or wrong-hash snapshots.
#include <gtest/gtest.h>
#include <boost/filesystem.hpp>
#include "chainparams.h"
#include "coins.h"
#include "txdb.h"
#include "script/script.h"
#include "uint256.h"
#include "zcash/IncrementalMerkleTree.hpp"
namespace {
// Populate an in-memory chainstate DB directly via BatchWrite (mirrors how blocks persist
// coins/anchors/nullifiers), so DumpSnapshot has a realistic mixed state to serialize.
void PopulateChainstate(CCoinsViewDB &db, const uint256 &bestBlock,
uint256 &anchorRootOut, const uint256 &nullifierIn)
{
// One unspent transparent output.
CCoinsMap mapCoins;
{
uint256 txid = uint256S("0xaa00000000000000000000000000000000000000000000000000000000000001");
CCoinsCacheEntry &e = mapCoins[txid];
e.coins.fCoinBase = false;
e.coins.nVersion = 1;
e.coins.nHeight = 100;
e.coins.vout.resize(1);
e.coins.vout[0].nValue = 12345;
e.coins.vout[0].scriptPubKey = CScript() << OP_TRUE;
e.flags = CCoinsCacheEntry::DIRTY;
}
// One Sapling commitment tree (anchor), keyed by its root.
SaplingMerkleTree tree;
tree.append(uint256S("0xbb00000000000000000000000000000000000000000000000000000000000002"));
anchorRootOut = tree.root();
CAnchorsSaplingMap mapSaplingAnchors;
{
CAnchorsSaplingCacheEntry &e = mapSaplingAnchors[anchorRootOut];
e.entered = true;
e.tree = tree;
e.flags = CAnchorsSaplingCacheEntry::DIRTY;
}
// One spent Sapling nullifier.
CNullifiersMap mapSaplingNullifiers;
{
CNullifiersCacheEntry &e = mapSaplingNullifiers[nullifierIn];
e.entered = true;
e.flags = CNullifiersCacheEntry::DIRTY;
}
CAnchorsSproutMap mapSproutAnchors; // empty
CNullifiersMap mapSproutNullifiers; // empty
ASSERT_TRUE(db.BatchWrite(mapCoins, bestBlock, uint256(), anchorRootOut,
mapSproutAnchors, mapSaplingAnchors, mapSproutNullifiers, mapSaplingNullifiers));
}
CUTXOSnapshotHeader MakeHeader(const uint256 &bestBlock, const uint256 &bestAnchor)
{
CUTXOSnapshotHeader h;
h.nMagic = UTXO_SNAPSHOT_MAGIC;
h.nVersion = UTXO_SNAPSHOT_VERSION;
memcpy(&h.nNetworkMagic, Params().MessageStart(), 4);
h.baseBlockHash = bestBlock;
h.nHeight = 100;
h.nChainTx = 1;
h.fHasChainSaplingValue = 1;
h.nChainSaplingValue = 999;
h.bestSaplingAnchor = bestAnchor;
return h;
}
} // namespace
TEST(UTXOSnapshot, RoundTripPreservesChainstate)
{
SelectParams(CBaseChainParams::REGTEST);
const uint256 bestBlock = uint256S("0xff00000000000000000000000000000000000000000000000000000000000009");
const uint256 nullifier = uint256S("0xcc00000000000000000000000000000000000000000000000000000000000003");
CCoinsViewDB src(1 << 20, true); // in-memory
uint256 anchorRoot;
PopulateChainstate(src, bestBlock, anchorRoot, nullifier);
boost::filesystem::path path = boost::filesystem::temp_directory_path() / boost::filesystem::unique_path();
CUTXOSnapshotHeader header = MakeHeader(bestBlock, anchorRoot);
uint256 dumpHash; std::string err;
ASSERT_TRUE(src.DumpSnapshot(path.string(), header, dumpHash, err)) << err;
EXPECT_EQ(header.nCoins, 1u);
EXPECT_EQ(header.nSaplingAnchors, 1u);
EXPECT_EQ(header.nSaplingNullifiers, 1u);
// Load into a fresh in-memory DB (integrity check only, no trust hash).
CCoinsViewDB dst(1 << 20, true);
CUTXOSnapshotHeader loadedHeader; uint256 loadHash;
ASSERT_TRUE(dst.LoadSnapshot(path.string(), uint256(), /*fRequireExpected=*/false, loadedHeader, loadHash, err)) << err;
// Hash is deterministic across dump and load.
EXPECT_EQ(dumpHash, loadHash);
EXPECT_EQ(loadedHeader.nHeight, 100);
EXPECT_EQ(loadedHeader.baseBlockHash, bestBlock);
// Best block round-trips.
EXPECT_EQ(dst.GetBestBlock(), bestBlock);
// Coins round-trip: the stored UTXO must come back intact. (We check the specific coin
// directly rather than via GetStats(), which dereferences mapBlockIndex for the best block
// — not populated in this pure unit test.) The full-content equivalence is already proven
// by dumpHash == loadHash above.
const uint256 txid = uint256S("0xaa00000000000000000000000000000000000000000000000000000000000001");
CCoins c1, c2;
ASSERT_TRUE(src.GetCoins(txid, c1));
ASSERT_TRUE(dst.GetCoins(txid, c2));
ASSERT_EQ(c2.vout.size(), 1u);
EXPECT_EQ(c2.vout[0].nValue, c1.vout[0].nValue);
EXPECT_TRUE(c2.vout[0].scriptPubKey == c1.vout[0].scriptPubKey);
// Sapling anchor (commitment tree) round-trips byte-exactly: the recovered tree's root
// must equal the key it was stored under (this is the invariant ConnectBlock relies on).
SaplingMerkleTree recovered;
ASSERT_TRUE(dst.GetSaplingAnchorAt(anchorRoot, recovered));
EXPECT_EQ(recovered.root(), anchorRoot);
EXPECT_EQ(dst.GetBestAnchor(SAPLING), anchorRoot);
// Nullifier set round-trips.
EXPECT_TRUE(dst.GetNullifier(nullifier, SAPLING));
EXPECT_FALSE(dst.GetNullifier(uint256S("0xdead"), SAPLING));
boost::filesystem::remove(path);
}
TEST(UTXOSnapshot, RejectsTrustHashMismatch)
{
SelectParams(CBaseChainParams::REGTEST);
const uint256 bestBlock = uint256S("0xff0000000000000000000000000000000000000000000000000000000000000a");
const uint256 nullifier = uint256S("0xcc0000000000000000000000000000000000000000000000000000000000000b");
CCoinsViewDB src(1 << 20, true);
uint256 anchorRoot;
PopulateChainstate(src, bestBlock, anchorRoot, nullifier);
boost::filesystem::path path = boost::filesystem::temp_directory_path() / boost::filesystem::unique_path();
CUTXOSnapshotHeader header = MakeHeader(bestBlock, anchorRoot);
uint256 dumpHash; std::string err;
ASSERT_TRUE(src.DumpSnapshot(path.string(), header, dumpHash, err)) << err;
// A wrong "trusted" hash must be refused.
CCoinsViewDB dst(1 << 20, true);
CUTXOSnapshotHeader h2; uint256 hh;
uint256 wrong = uint256S("0x1234");
EXPECT_FALSE(dst.LoadSnapshot(path.string(), wrong, /*fRequireExpected=*/true, h2, hh, err));
// The correct hash must pass.
EXPECT_TRUE(dst.LoadSnapshot(path.string(), dumpHash, /*fRequireExpected=*/true, h2, hh, err)) << err;
boost::filesystem::remove(path);
}
TEST(UTXOSnapshot, RejectsCorruptedFile)
{
SelectParams(CBaseChainParams::REGTEST);
const uint256 bestBlock = uint256S("0xff0000000000000000000000000000000000000000000000000000000000000c");
const uint256 nullifier = uint256S("0xcc0000000000000000000000000000000000000000000000000000000000000d");
CCoinsViewDB src(1 << 20, true);
uint256 anchorRoot;
PopulateChainstate(src, bestBlock, anchorRoot, nullifier);
boost::filesystem::path path = boost::filesystem::temp_directory_path() / boost::filesystem::unique_path();
CUTXOSnapshotHeader header = MakeHeader(bestBlock, anchorRoot);
uint256 dumpHash; std::string err;
ASSERT_TRUE(src.DumpSnapshot(path.string(), header, dumpHash, err)) << err;
// Flip a byte near the end (inside the coins/anchor payload, before the trailing hash).
{
boost::filesystem::fstream f(path, std::ios::in | std::ios::out | std::ios::binary);
f.seekg(0, std::ios::end);
std::streamoff sz = f.tellg();
ASSERT_GT(sz, 40);
f.seekg(sz - 40);
char c; f.read(&c, 1);
f.seekp(sz - 40);
c = (char)(c ^ 0xff);
f.write(&c, 1);
}
CCoinsViewDB dst(1 << 20, true);
CUTXOSnapshotHeader h2; uint256 hh;
EXPECT_FALSE(dst.LoadSnapshot(path.string(), uint256(), /*fRequireExpected=*/false, h2, hh, err));
boost::filesystem::remove(path);
}

136
src/hush/tlsmanager.cpp
View File

@@ -580,98 +580,70 @@ int TLSManager::threadSocketHandler(CNode* pnode, fd_set& fdsetRecv, fd_set& fds
char pchBuf[0x10000]; char pchBuf[0x10000];
bool bIsSSL = false; bool bIsSSL = false;
int nBytes = 0, nRet = 0; int nBytes = 0, nRet = 0;
// Drain the socket in a bounded loop rather than one read per select pass: a single
// 64K read per pass underfills high-bandwidth/high-latency links. Cap the reads per
// pass and honor the receive-flood back-pressure so one peer can neither exhaust
// memory nor starve other peers within this pass.
int nDrainReads = 0;
const int MAX_DRAIN_READS = 16; // up to ~1 MiB per peer per pass (fairness across peers)
// Pre-read back-pressure: gate on the flood ceiling BEFORE each read so the per-peer
// recv buffer high-water stays at ReceiveFloodSize()+one read (matching the select()
// FD_SET gate), and track bytes locally to avoid the O(n) GetTotalRecvSize() per pass.
const int64_t nRecvBase = (int64_t)pnode->GetTotalRecvSize();
int64_t nPassBytes = 0;
bool fKeepReading = true;
while (fKeepReading) {
if (nRecvBase + nPassBytes > (int64_t)ReceiveFloodSize())
break;
{
LOCK(pnode->cs_hSocket);
if (pnode->hSocket == INVALID_SOCKET) { {
LogPrint("tls", "Receive: connection with %s is already closed\n", pnode->addr.ToString()); LOCK(pnode->cs_hSocket);
return -1;
}
bIsSSL = (pnode->ssl != NULL); if (pnode->hSocket == INVALID_SOCKET) {
LogPrint("tls", "Receive: connection with %s is already closed\n", pnode->addr.ToString());
if (bIsSSL) { return -1;
wolfSSL_ERR_clear_error(); // clear the error queue, otherwise we may be reading an old error that occurred previously in the current thread
nBytes = wolfSSL_read(pnode->ssl, pchBuf, sizeof(pchBuf));
nRet = wolfSSL_get_error(pnode->ssl, nBytes);
} else {
nBytes = recv(pnode->hSocket, pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
nRet = WSAGetLastError();
}
} }
if (nBytes > 0) { bIsSSL = (pnode->ssl != NULL);
if (!pnode->ReceiveMsgBytes(pchBuf, nBytes)) {
pnode->CloseSocketDisconnect(); if (bIsSSL) {
fKeepReading = false; wolfSSL_ERR_clear_error(); // clear the error queue, otherwise we may be reading an old error that occurred previously in the current thread
} nBytes = wolfSSL_read(pnode->ssl, pchBuf, sizeof(pchBuf));
pnode->nLastRecv = GetTime(); nRet = wolfSSL_get_error(pnode->ssl, nBytes);
pnode->nRecvBytes += nBytes; } else {
pnode->RecordBytesRecv(nBytes); nBytes = recv(pnode->hSocket, pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
nPassBytes += nBytes; nRet = WSAGetLastError();
// Keep draining only while the socket likely has more data (we filled the }
// buffer, or TLS has buffered decrypted bytes) and within the per-pass cap. }
// The flood ceiling is enforced pre-read at the top of the loop.
if (fKeepReading) { if (nBytes > 0) {
bool fMore = (nBytes == (int)sizeof(pchBuf)) || (bIsSSL && wolfSSL_pending(pnode->ssl) > 0); if (!pnode->ReceiveMsgBytes(pchBuf, nBytes))
if (!fMore || ++nDrainReads >= MAX_DRAIN_READS) pnode->CloseSocketDisconnect();
fKeepReading = false; pnode->nLastRecv = GetTime();
} pnode->nRecvBytes += nBytes;
} else if (nBytes == 0) { pnode->RecordBytesRecv(nBytes);
} else if (nBytes == 0) {
if (bIsSSL) {
unsigned long error = ERR_get_error();
const char* error_str = ERR_error_string(error, NULL);
LogPrint("tls", "TLS: WARNING: %s: %s():%d - SSL_read err: %s\n",
__FILE__, __func__, __LINE__, error_str);
}
// socket closed gracefully (peer disconnected)
if (!pnode->fDisconnect)
LogPrint("tls", "socket closed (%s)\n", pnode->addr.ToString());
pnode->CloseSocketDisconnect();
} else if (nBytes < 0) {
// error
if (bIsSSL) {
if (nRet != WOLFSSL_ERROR_WANT_READ && nRet != WOLFSSL_ERROR_WANT_WRITE)
{
if (!pnode->fDisconnect)
LogPrintf("TLS: ERROR: SSL_read %s\n", ERR_error_string(nRet, NULL));
pnode->CloseSocketDisconnect();
if (bIsSSL) {
unsigned long error = ERR_get_error(); unsigned long error = ERR_get_error();
const char* error_str = ERR_error_string(error, NULL); const char* error_str = ERR_error_string(error, NULL);
LogPrint("tls", "TLS: WARNING: %s: %s():%d - SSL_read err: %s\n", LogPrint("tls", "TLS: WARNING: %s: %s():%d - SSL_read - code[0x%x], err: %s\n",
__FILE__, __func__, __LINE__, error_str); __FILE__, __func__, __LINE__, nRet, error_str);
}
// socket closed gracefully (peer disconnected)
if (!pnode->fDisconnect)
LogPrint("tls", "socket closed (%s)\n", pnode->addr.ToString());
pnode->CloseSocketDisconnect();
fKeepReading = false;
} else if (nBytes < 0) {
// error
if (bIsSSL) {
if (nRet != WOLFSSL_ERROR_WANT_READ && nRet != WOLFSSL_ERROR_WANT_WRITE)
{
if (!pnode->fDisconnect)
LogPrintf("TLS: ERROR: SSL_read %s\n", ERR_error_string(nRet, NULL));
pnode->CloseSocketDisconnect();
unsigned long error = ERR_get_error();
const char* error_str = ERR_error_string(error, NULL);
LogPrint("tls", "TLS: WARNING: %s: %s():%d - SSL_read - code[0x%x], err: %s\n",
__FILE__, __func__, __LINE__, nRet, error_str);
} else {
// preventive measure from exhausting CPU usage
MilliSleep(1); // 1 msec
}
} else { } else {
if (nRet != WSAEWOULDBLOCK && nRet != WSAEMSGSIZE && nRet != WSAEINTR && nRet != WSAEINPROGRESS) { // preventive measure from exhausting CPU usage
if (!pnode->fDisconnect) MilliSleep(1); // 1 msec
LogPrintf("TLS: ERROR: socket recv %s\n", NetworkErrorString(nRet)); }
pnode->CloseSocketDisconnect(); } else {
} if (nRet != WSAEWOULDBLOCK && nRet != WSAEMSGSIZE && nRet != WSAEINTR && nRet != WSAEINPROGRESS) {
if (!pnode->fDisconnect)
LogPrintf("TLS: ERROR: socket recv %s\n", NetworkErrorString(nRet));
pnode->CloseSocketDisconnect();
} }
fKeepReading = false;
} }
} }
} }

191
src/init.cpp
View File

@@ -43,7 +43,6 @@
#endif #endif
#include "main.h" #include "main.h"
#include "metrics.h" #include "metrics.h"
#include "pow.h"
#include "miner.h" #include "miner.h"
#include "net.h" #include "net.h"
#include "rpc/server.h" #include "rpc/server.h"
@@ -177,7 +176,7 @@ public:
// Writes do not need similar protection, as failure to write is handled by the caller. // Writes do not need similar protection, as failure to write is handled by the caller.
}; };
CCoinsViewDB *pcoinsdbview = NULL; // global (declared extern in main.h) for UTXO-snapshot dump/load static CCoinsViewDB *pcoinsdbview = NULL;
static CCoinsViewErrorCatcher *pcoinscatcher = NULL; static CCoinsViewErrorCatcher *pcoinscatcher = NULL;
static boost::scoped_ptr<ECCVerifyHandle> globalVerifyHandle; static boost::scoped_ptr<ECCVerifyHandle> globalVerifyHandle;
@@ -388,17 +387,14 @@ std::string HelpMessage(HelpMessageMode mode)
} }
strUsage += HelpMessageOpt("-datadir=<dir>", _("Specify data directory (this path cannot use '~')")); strUsage += HelpMessageOpt("-datadir=<dir>", _("Specify data directory (this path cannot use '~')"));
strUsage += HelpMessageOpt("-exportdir=<dir>", _("Specify directory to be used when exporting data")); strUsage += HelpMessageOpt("-exportdir=<dir>", _("Specify directory to be used when exporting data"));
strUsage += HelpMessageOpt("-dbcache=<n>", strprintf(_("Set database cache size in megabytes (%d to %d). Default: adaptive - uses most free RAM to speed up initial block download (far fewer UTXO flushes to disk) and automatically shrinks if other applications need memory, always leaving a reserve free. Setting a fixed value disables adaptive sizing."), nMinDbCache, nMaxDbCache)); strUsage += HelpMessageOpt("-dbcache=<n>", strprintf(_("Set database cache size in megabytes (%d to %d, default: %d)"), nMinDbCache, nMaxDbCache, nDefaultDbCache));
strUsage += HelpMessageOpt("-loadblock=<file>", _("Imports blocks from external blk000??.dat file") + " " + _("on startup")); strUsage += HelpMessageOpt("-loadblock=<file>", _("Imports blocks from external blk000??.dat file") + " " + _("on startup"));
strUsage += HelpMessageOpt("-loadutxosnapshot=<file>", _("On a fresh node (empty chainstate), load a trusted UTXO snapshot produced by 'dumptxoutset' and fast-forward the tip to its height, skipping replay of earlier blocks. Block headers up to that height must already be present (e.g. via header sync or bootstrap). Blocks above the snapshot are still fully validated."));
strUsage += HelpMessageOpt("-loadutxosnapshotunsafe", _("Allow -loadutxosnapshot even when no trusted snapshot hash is hardcoded for this network (verifies file integrity only, not authenticity). Testing/regtest only."));
strUsage += HelpMessageOpt("-maxdebugfilesize=<n>", strprintf(_("Set the max size of the debug.log file (default: %u)"), 15)); strUsage += HelpMessageOpt("-maxdebugfilesize=<n>", strprintf(_("Set the max size of the debug.log file (default: %u)"), 15));
strUsage += HelpMessageOpt("-maxorphantx=<n>", strprintf(_("Keep at most <n> unconnectable transactions in memory (default: %u)"), DEFAULT_MAX_ORPHAN_TRANSACTIONS)); strUsage += HelpMessageOpt("-maxorphantx=<n>", strprintf(_("Keep at most <n> unconnectable transactions in memory (default: %u)"), DEFAULT_MAX_ORPHAN_TRANSACTIONS));
strUsage += HelpMessageOpt("-maxreorg=<n>", _("Specify the maximum length of a blockchain re-organization")); strUsage += HelpMessageOpt("-maxreorg=<n>", _("Specify the maximum length of a blockchain re-organization"));
strUsage += HelpMessageOpt("-mempooltxinputlimit=<n>", _("[DEPRECATED/IGNORED] Set the maximum number of transparent inputs in a transaction that the mempool will accept (default: 0 = no limit applied)")); strUsage += HelpMessageOpt("-mempooltxinputlimit=<n>", _("[DEPRECATED/IGNORED] Set the maximum number of transparent inputs in a transaction that the mempool will accept (default: 0 = no limit applied)"));
strUsage += HelpMessageOpt("-par=<n>", strprintf(_("Set the number of script verification threads (%u to %d, 0 = auto, <0 = leave that many cores free, default: %d)"), strUsage += HelpMessageOpt("-par=<n>", strprintf(_("Set the number of script verification threads (%u to %d, 0 = auto, <0 = leave that many cores free, default: %d)"),
-(int)boost::thread::hardware_concurrency(), MAX_SCRIPTCHECK_THREADS, DEFAULT_SCRIPTCHECK_THREADS)); -(int)boost::thread::hardware_concurrency(), MAX_SCRIPTCHECK_THREADS, DEFAULT_SCRIPTCHECK_THREADS));
strUsage += HelpMessageOpt("-randomxverifythreads=<n>", strprintf(_("Number of threads for parallel RandomX PoW pre-verification of post-checkpoint blocks during sync (0 = inline only, max %d, default: same as -par)"), MAX_SCRIPTCHECK_THREADS));
#ifndef _WIN32 #ifndef _WIN32
strUsage += HelpMessageOpt("-pid=<file>", strprintf(_("Specify pid file (default: %s)"), "hushd.pid")); strUsage += HelpMessageOpt("-pid=<file>", strprintf(_("Specify pid file (default: %s)"), "hushd.pid"));
#endif #endif
@@ -991,123 +987,6 @@ bool AppInitServers(boost::thread_group& threadGroup)
*/ */
extern int32_t HUSH_REWIND; extern int32_t HUSH_REWIND;
// --- Adaptive coins-cache sizing -------------------------------------------------------------
// The in-memory UTXO/coins cache (nCoinCacheUsage) is the biggest lever on IBD speed: a bigger
// cache means far fewer chainstate flushes to disk. We size it to use most of RAM, but a scheduled
// background task (AdjustCoinCacheForMemoryPressure, registered in AppInit2) shrinks the target when
// free system memory runs low — e.g. the user opens other apps — and grows it back when memory frees
// up, always leaving a reserve free for the rest of the system. The existing per-block flush
// (FlushStateToDisk, FLUSH_STATE_IF_NEEDED, which fires when cacheSize > nCoinCacheUsage) enforces
// whatever target is current, so the task only moves the threshold: it never touches cs_main or the
// flush path. NOTE: the coins cache is application heap, not OS file cache — "freeing" it means an
// early flush that clears the map; on Linux the allocator returns the pages, on Windows the heap
// returns them best-effort (RSS may lag), but either way the node stops growing past the target.
// windows.h / <unistd.h> arrive via compat.h (net.h). Memory helpers return 0 if undeterminable.
static int64_t GetPhysicalMemoryMB()
{
#ifdef WIN32
MEMORYSTATUSEX status;
status.dwLength = sizeof(status);
if (GlobalMemoryStatusEx(&status))
return (int64_t)(status.ullTotalPhys / (1024 * 1024));
return 0;
#elif defined(_SC_PHYS_PAGES) && defined(_SC_PAGESIZE)
long pages = sysconf(_SC_PHYS_PAGES);
long pageSize = sysconf(_SC_PAGESIZE);
if (pages > 0 && pageSize > 0)
return (int64_t)((int64_t)pages * (int64_t)pageSize / (1024 * 1024));
return 0;
#else
return 0;
#endif
}
// Currently-available (allocatable) physical RAM in MiB. On Linux uses MemAvailable (counts
// reclaimable page cache), falling back to truly-free pages.
static int64_t GetAvailableMemoryMB()
{
#ifdef WIN32
MEMORYSTATUSEX status;
status.dwLength = sizeof(status);
if (GlobalMemoryStatusEx(&status))
return (int64_t)(status.ullAvailPhys / (1024 * 1024));
return 0;
#else
FILE* f = fopen("/proc/meminfo", "r");
if (f) {
char line[256];
long long availKB = -1;
while (fgets(line, sizeof(line), f)) {
if (sscanf(line, "MemAvailable: %lld kB", &availKB) == 1)
break;
}
fclose(f);
if (availKB >= 0)
return (int64_t)(availKB / 1024);
}
#if defined(_SC_AVPHYS_PAGES) && defined(_SC_PAGESIZE)
long pages = sysconf(_SC_AVPHYS_PAGES);
long pageSize = sysconf(_SC_PAGESIZE);
if (pages > 0 && pageSize > 0)
return (int64_t)((int64_t)pages * (int64_t)pageSize / (1024 * 1024));
#endif
return 0;
#endif
}
// RAM (MiB) to always keep free for the OS and other applications: 20% of total, at least 2 GiB.
static int64_t GetMemoryReserveMB()
{
int64_t ramMB = GetPhysicalMemoryMB();
int64_t reserve = (ramMB > 0) ? ramMB / 5 : 2048; // 20%
if (reserve < 2048) reserve = 2048;
return reserve;
}
// Startup -dbcache default: use most of RAM (total minus the reserve), clamped to
// [nDefaultDbCache, nMaxDbCache] MiB. Falls back to the fixed default if RAM can't be detected.
static int64_t GetDefaultDbCacheMB()
{
int64_t ramMB = GetPhysicalMemoryMB();
if (ramMB <= 0)
return nDefaultDbCache;
int64_t cacheMB = ramMB - GetMemoryReserveMB();
if (cacheMB < nDefaultDbCache) cacheMB = nDefaultDbCache;
if (cacheMB > nMaxDbCache) cacheMB = nMaxDbCache;
return cacheMB;
}
// Ceiling (bytes) the adaptive task may grow the coins cache back up to (the startup nCoinCacheUsage).
static size_t g_nMaxCoinCacheUsage = 0;
static const int64_t g_nMinCoinCacheMB = 256; // never thrash below this working set
// Scheduled task: nudge nCoinCacheUsage toward "use all RAM except the reserve". If free RAM is below
// the reserve we shrink the target (the next per-block flush releases the excess); if there is spare
// RAM we grow it back toward the startup ceiling. Lock-free: it only reads system memory and writes
// the aligned size_t threshold that the flush path reads.
static void AdjustCoinCacheForMemoryPressure()
{
if (g_nMaxCoinCacheUsage == 0)
return; // adaptive sizing disabled (user pinned -dbcache) or RAM undetectable
int64_t availMB = GetAvailableMemoryMB();
if (availMB <= 0)
return; // can't measure pressure; leave the target untouched
int64_t reserveMB = GetMemoryReserveMB();
// Error term: free RAM beyond the reserve. >0 => spare, grow; <0 => pressure, shrink.
int64_t errMB = availMB - reserveMB;
// Deadband: ignore small fluctuations so the target settles instead of oscillating.
if (errMB > -256 && errMB < 256)
return;
int64_t curTargetMB = (int64_t)(nCoinCacheUsage >> 20);
// Damped proportional step (gain 1/4) toward "free RAM == reserve"; the clamps bound it and the
// per-block flush (FLUSH_STATE_IF_NEEDED) enforces a lowered target within ~one block during IBD.
int64_t newTargetMB = curTargetMB + errMB / 4;
int64_t ceilMB = (int64_t)(g_nMaxCoinCacheUsage >> 20);
if (newTargetMB > ceilMB) newTargetMB = ceilMB;
if (newTargetMB < g_nMinCoinCacheMB) newTargetMB = g_nMinCoinCacheMB;
nCoinCacheUsage = (size_t)(newTargetMB << 20);
}
bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler) bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
{ {
//fprintf(stderr,"%s start\n", __FUNCTION__); //fprintf(stderr,"%s start\n", __FUNCTION__);
@@ -1430,15 +1309,6 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
else if (nScriptCheckThreads > MAX_SCRIPTCHECK_THREADS) else if (nScriptCheckThreads > MAX_SCRIPTCHECK_THREADS)
nScriptCheckThreads = MAX_SCRIPTCHECK_THREADS; nScriptCheckThreads = MAX_SCRIPTCHECK_THREADS;
// Parallel RandomX pre-verification threads (speeds up post-checkpoint sync). Defaults to the
// script-check thread count — RandomX pre-verify and script checks do not run simultaneously
// within a single connect, so they can share the same budget. 0 disables (inline-only).
nRandomXVerifyThreads = GetArg("-randomxverifythreads", nScriptCheckThreads);
if (nRandomXVerifyThreads < 0)
nRandomXVerifyThreads = 0;
else if (nRandomXVerifyThreads > MAX_SCRIPTCHECK_THREADS)
nRandomXVerifyThreads = MAX_SCRIPTCHECK_THREADS;
fServer = GetBoolArg("-server", false); fServer = GetBoolArg("-server", false);
//fprintf(stderr,"%s tik6\n", __FUNCTION__); //fprintf(stderr,"%s tik6\n", __FUNCTION__);
@@ -1675,14 +1545,6 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
threadGroup.create_thread(&ThreadScriptCheck); threadGroup.create_thread(&ThreadScriptCheck);
} }
// Spawn the parallel RandomX pre-verification worker pool (the connect thread joins as the Nth
// worker via CCheckQueueControl::Wait, so spawn N-1 here, mirroring ThreadScriptCheck).
if (ASSETCHAINS_ALGO == ASSETCHAINS_RANDOMX && nRandomXVerifyThreads > 0) {
LogPrintf("Using %u threads for parallel RandomX pre-verification\n", nRandomXVerifyThreads);
for (int i = 0; i < nRandomXVerifyThreads - 1; i++)
threadGroup.create_thread(&ThreadRandomXVerify);
}
//fprintf(stderr,"%s tik13\n", __FUNCTION__); //fprintf(stderr,"%s tik13\n", __FUNCTION__);
// Start the lightweight task scheduler thread // Start the lightweight task scheduler thread
@@ -1978,7 +1840,7 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
LogPrintf("* Compression is %s\n", dbCompression ? "enabled" : "disabled"); LogPrintf("* Compression is %s\n", dbCompression ? "enabled" : "disabled");
// cache size calculations // cache size calculations
int64_t nTotalCache = (GetArg("-dbcache", GetDefaultDbCacheMB()) << 20); int64_t nTotalCache = (GetArg("-dbcache", nDefaultDbCache) << 20);
nTotalCache = std::max(nTotalCache, nMinDbCache << 20); // total cache cannot be less than nMinDbCache nTotalCache = std::max(nTotalCache, nMinDbCache << 20); // total cache cannot be less than nMinDbCache
nTotalCache = std::min(nTotalCache, nMaxDbCache << 20); // total cache cannot be greated than nMaxDbcache nTotalCache = std::min(nTotalCache, nMaxDbCache << 20); // total cache cannot be greated than nMaxDbcache
int64_t nBlockTreeDBCache = nTotalCache / 8; int64_t nBlockTreeDBCache = nTotalCache / 8;
@@ -1995,14 +1857,6 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
int64_t nCoinDBCache = std::min(nTotalCache / 2, (nTotalCache / 4) + (1 << 23)); // use 25%-50% of the remainder for disk cache int64_t nCoinDBCache = std::min(nTotalCache / 2, (nTotalCache / 4) + (1 << 23)); // use 25%-50% of the remainder for disk cache
nTotalCache -= nCoinDBCache; nTotalCache -= nCoinDBCache;
nCoinCacheUsage = nTotalCache; // the rest goes to in-memory cache nCoinCacheUsage = nTotalCache; // the rest goes to in-memory cache
// Adaptive sizing: unless the user pinned -dbcache, grow/shrink the coins cache with free system
// memory (AdjustCoinCacheForMemoryPressure), using the startup size as the ceiling.
if (!mapArgs.count("-dbcache")) {
g_nMaxCoinCacheUsage = nCoinCacheUsage;
scheduler.scheduleEvery(&AdjustCoinCacheForMemoryPressure, 5);
LogPrintf("* Adaptive dbcache enabled: ceiling %.0fMiB, keeping >= %lldMiB RAM free for the system\n",
nCoinCacheUsage * (1.0 / 1024 / 1024), (long long)GetMemoryReserveMB());
}
LogPrintf("Cache configuration:\n"); LogPrintf("Cache configuration:\n");
LogPrintf("* Max cache setting possible %.1fMiB\n", nMaxDbCache); LogPrintf("* Max cache setting possible %.1fMiB\n", nMaxDbCache);
LogPrintf("* Using %.1fMiB for block index database\n", nBlockTreeDBCache * (1.0 / 1024 / 1024)); LogPrintf("* Using %.1fMiB for block index database\n", nBlockTreeDBCache * (1.0 / 1024 / 1024));
@@ -2084,45 +1938,6 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
strLoadError = _("Error initializing block database"); strLoadError = _("Error initializing block database");
break; break;
} }
// Trusted UTXO snapshot fast-sync (assumeutxo-style). If -loadutxosnapshot is given
// and the chainstate is still empty, load the verified snapshot and fast-forward the
// tip to height H; blocks above H then sync with full PoW/script/Sapling validation.
{
std::string snapPath = GetArg("-loadutxosnapshot", "");
if (!snapPath.empty()) {
if (!pcoinsdbview->GetBestBlock().IsNull()) {
LogPrintf("%s: -loadutxosnapshot ignored, chainstate is not empty\n", __func__);
} else {
const CChainParams::AssumeutxoData& au = chainparams.Assumeutxo();
bool unsafe = GetBoolArg("-loadutxosnapshotunsafe", false);
if (au.IsNull() && !unsafe) {
strLoadError = _("-loadutxosnapshot: no trusted snapshot hash is configured for this network; refusing (use -loadutxosnapshotunsafe for testing only)");
break;
}
CUTXOSnapshotHeader hdr; uint256 gotHash; std::string snapErr;
bool requireExpected = !au.IsNull() && !unsafe;
if (!pcoinsdbview->LoadSnapshot(snapPath, au.hash, requireExpected, hdr, gotHash, snapErr)) {
strLoadError = strprintf(_("Failed to load UTXO snapshot: %s"), snapErr);
break;
}
if (!au.IsNull() && hdr.nHeight != au.height) {
strLoadError = _("UTXO snapshot height does not match the trusted value for this network");
break;
}
pcoinsTip->SetBestBlock(hdr.baseBlockHash); // refresh cache view of the freshly-written chainstate
std::string fixErr;
if (!LoadSnapshotChainstate(hdr, fixErr)) {
strLoadError = strprintf(_("Failed to activate UTXO snapshot tip: %s"), fixErr);
break;
}
pblocktree->WriteAssumeutxoHeight(hdr.nHeight); // persist reorg-below-H guard across restarts
LogPrintf("%s: loaded trusted UTXO snapshot at height %d (hash %s); syncing forward with full validation\n",
__func__, hdr.nHeight, gotHash.GetHex());
}
}
}
HUSH_LOADINGBLOCKS = 0; HUSH_LOADINGBLOCKS = 0;
// Check for changed -txindex state // Check for changed -txindex state
if (fTxIndex != GetBoolArg("-txindex", true)) { if (fTxIndex != GetBoolArg("-txindex", true)) {

3
src/leveldb/port/atomic_pointer.h
View File

@@ -51,9 +51,8 @@ namespace port {
// Mac OS // Mac OS
#elif defined(OS_MACOSX) #elif defined(OS_MACOSX)
#include <atomic>
inline void MemoryBarrier() { inline void MemoryBarrier() {
std::atomic_thread_fence(std::memory_order_seq_cst); OSMemoryBarrier();
} }
#define LEVELDB_HAVE_MEMORY_BARRIER #define LEVELDB_HAVE_MEMORY_BARRIER

BIN
src/libcc.dylib
View File

Binary file not shown.

138
src/main.cpp
View File

@@ -85,12 +85,10 @@ void hush_pricesupdate(int32_t height,CBlock *pblock);
BlockMap mapBlockIndex; BlockMap mapBlockIndex;
CChain chainActive; CChain chainActive;
CBlockIndex *pindexBestHeader = NULL; CBlockIndex *pindexBestHeader = NULL;
int nAssumeutxoSnapshotHeight = -1; // height H of a loaded UTXO snapshot; reorgs below H are refused (-1 = none)
static int64_t nTimeBestReceived = 0; static int64_t nTimeBestReceived = 0;
CWaitableCriticalSection csBestBlock; CWaitableCriticalSection csBestBlock;
CConditionVariable cvBlockChange; CConditionVariable cvBlockChange;
int nScriptCheckThreads = 0; int nScriptCheckThreads = 0;
int nRandomXVerifyThreads = 0; // parallel RandomX pre-verification worker count (0 = inline only)
bool fExperimentalMode = true; bool fExperimentalMode = true;
bool fImporting = false; bool fImporting = false;
bool fReindex = false; bool fReindex = false;
@@ -487,7 +485,7 @@ namespace {
/** Update pindexLastCommonBlock and add not-in-flight missing successors to vBlocks, until it has /** Update pindexLastCommonBlock and add not-in-flight missing successors to vBlocks, until it has
* at most count entries. */ * at most count entries. */
void FindNextBlocksToDownload(NodeId nodeid, unsigned int count, std::vector<CBlockIndex*>& vBlocks, NodeId& nodeStaller, CBlockIndex** pFrontierStuck = NULL) { void FindNextBlocksToDownload(NodeId nodeid, unsigned int count, std::vector<CBlockIndex*>& vBlocks, NodeId& nodeStaller) {
if (count == 0) if (count == 0)
return; return;
@@ -564,9 +562,8 @@ namespace {
return; return;
} }
} else if (waitingfor == -1) { } else if (waitingfor == -1) {
// This is the first already-in-flight block (the download frontier). // This is the first already-in-flight block.
waitingfor = mapBlocksInFlight[pindex->GetBlockHash()].first; waitingfor = mapBlocksInFlight[pindex->GetBlockHash()].first;
if (pFrontierStuck) *pFrontierStuck = pindex;
} }
} }
} }
@@ -4143,45 +4140,6 @@ static void PruneBlockIndexCandidates() {
assert(!setBlockIndexCandidates.empty()); assert(!setBlockIndexCandidates.empty());
} }
// Activate a trusted UTXO snapshot (assumeutxo-style) as the chain tip WITHOUT replaying blocks
// 0..H. The chainstate has already been populated by CCoinsViewDB::LoadSnapshot(); here we mark the
// snapshot's base block (height H) as fully validated and set it as the active tip. Blocks above H
// then connect normally with full PoW + script + Sapling-proof validation. Requires that the block
// HEADERS for height H are already present in mapBlockIndex (from prior header sync or bootstrap).
// NOTE: below-H blocks have no body/undo data, so reorgs below H are impossible (see Stage D guard).
bool LoadSnapshotChainstate(const CUTXOSnapshotHeader& header, std::string& strError)
{
LOCK(cs_main);
BlockMap::iterator it = mapBlockIndex.find(header.baseBlockHash);
if (it == mapBlockIndex.end() || it->second == NULL) {
strError = "block header for the snapshot height is not present; sync headers (or use the bootstrap) before loading a UTXO snapshot";
return false;
}
CBlockIndex* pindexH = it->second;
if (pindexH->GetHeight() != header.nHeight) {
strError = "snapshot base block height does not match its header index";
return false;
}
// Only nChainTx is consensus-relevant for tip selection; nTx must merely be non-zero so the
// (nChainTx != 0) candidate-eligibility checks hold. Ancestors legitimately have nTx==0 here
// because we never received their bodies — this is the assumeutxo trust assumption.
if (pindexH->nTx == 0)
pindexH->nTx = (header.nChainTx > 0 ? (unsigned int)header.nChainTx : 1);
pindexH->nChainTx = (unsigned int)header.nChainTx;
if (header.fHasChainSaplingValue)
pindexH->nChainSaplingValue = header.nChainSaplingValue;
pindexH->RaiseValidity(BLOCK_VALID_SCRIPTS);
nAssumeutxoSnapshotHeight = pindexH->GetHeight(); // arm the reorg-below-H guard (Stage D)
setBlockIndexCandidates.insert(pindexH);
chainActive.SetTip(pindexH);
if (pindexBestHeader == NULL || pindexBestHeader->GetHeight() < pindexH->GetHeight())
pindexBestHeader = pindexH;
PruneBlockIndexCandidates();
return true;
}
/** /**
* Try to make some progress towards making pindexMostWork the active block. * Try to make some progress towards making pindexMostWork the active block.
* pblock is either NULL or a pointer to a CBlock corresponding to pindexMostWork. * pblock is either NULL or a pointer to a CBlock corresponding to pindexMostWork.
@@ -4230,16 +4188,6 @@ static bool ActivateBestChainStep(bool fSkipdpow, CValidationState &state, CBloc
return state.DoS(100, error("ActivateBestChainStep(): pindexOldTip->GetHeight().%d > notarizedht %d && pindexFork->GetHeight().%d is < notarizedht %d, so ignore it",(int32_t)pindexOldTip->GetHeight(),notarizedht,(int32_t)pindexFork->GetHeight(),notarizedht), return state.DoS(100, error("ActivateBestChainStep(): pindexOldTip->GetHeight().%d > notarizedht %d && pindexFork->GetHeight().%d is < notarizedht %d, so ignore it",(int32_t)pindexOldTip->GetHeight(),notarizedht,(int32_t)pindexFork->GetHeight(),notarizedht),
REJECT_INVALID, "past-notarized-height"); REJECT_INVALID, "past-notarized-height");
} }
// Refuse reorgs whose fork point is below a loaded UTXO snapshot height (Stage D): the node has
// no block/undo data for 0..H, so disconnecting below H is impossible. Belt-and-suspenders on top
// of checkpoint fork-rejection (H sits at/below the last hardcoded checkpoint).
if ( nAssumeutxoSnapshotHeight >= 0 && pindexFork != 0 && pindexFork->GetHeight() < nAssumeutxoSnapshotHeight )
{
return state.DoS(100, error("ActivateBestChainStep(): reorg fork height %d is below the loaded UTXO snapshot height %d; refusing",
(int32_t)pindexFork->GetHeight(), nAssumeutxoSnapshotHeight),
REJECT_INVALID, "below-assumeutxo-snapshot");
}
// - On ChainDB initialization, pindexOldTip will be null, so there are no removable blocks. // - On ChainDB initialization, pindexOldTip will be null, so there are no removable blocks.
// - If pindexMostWork is in a chain that doesn't have the same genesis block as our chain, // - If pindexMostWork is in a chain that doesn't have the same genesis block as our chain,
// then pindexFork will be null, and we would need to remove the entire chain including // then pindexFork will be null, and we would need to remove the entire chain including
@@ -4310,36 +4258,6 @@ static bool ActivateBestChainStep(bool fSkipdpow, CValidationState &state, CBloc
} }
nHeight = nTargetHeight; nHeight = nTargetHeight;
// Parallel RandomX pre-verification (Stage 4): verify this about-to-be-connected window's
// PoW on the worker pool BEFORE the serial connect, so ConnectBlock rarely pays the
// ~tens-of-ms light-mode hash. Pure optimization — CheckBlockHeader's inline
// CheckRandomXSolution still verifies anything not pre-verified, so consensus is unchanged.
// We hold cs_main; key derivation + the disk reads happen here on the main thread, and the
// pool workers receive only value-type work items (no cs_main, no chainstate pointers).
if (nRandomXVerifyThreads > 0 && rxCheckQueue.IsIdle()) {
std::map<std::string, std::vector<CRandomXCheck> > rxGroups; // grouped by RandomX key
BOOST_FOREACH(CBlockIndex *pidx, vpindexToConnect) {
if (pidx->fRandomXVerified || !RandomXValidationRequired(pidx->GetHeight()))
continue;
std::string rxKey = GetRandomXKey(pidx->GetHeight());
if (rxKey.empty())
continue; // can't derive key -> inline fallback
CBlock blk;
if (!ReadBlockFromDisk(blk, pidx, false))
continue; // -> inline fallback
if (blk.nSolution.size() != 32) // RANDOMX_HASH_SIZE; wrong size -> inline (will error)
continue;
rxGroups[rxKey].push_back(CRandomXCheck(rxKey, GetRandomXInput(blk), blk.nSolution.data(), &pidx->fRandomXVerified));
}
for (std::map<std::string, std::vector<CRandomXCheck> >::iterator it = rxGroups.begin(); it != rxGroups.end(); ++it) {
if (!RandomXValidatorPrepareKey(it->first))
break; // cache alloc failed -> leave the rest for the inline fallback
CCheckQueueControl<CRandomXCheck> control(&rxCheckQueue);
control.Add(it->second);
control.Wait();
}
}
// Connect new blocks. // Connect new blocks.
BOOST_REVERSE_FOREACH(CBlockIndex *pindexConnect, vpindexToConnect) { BOOST_REVERSE_FOREACH(CBlockIndex *pindexConnect, vpindexToConnect) {
if (!ConnectTip(state, pindexConnect, pindexConnect == pindexMostWork ? pblock : NULL)) { if (!ConnectTip(state, pindexConnect, pindexConnect == pindexMostWork ? pblock : NULL)) {
@@ -5075,11 +4993,7 @@ bool CheckBlockHeader(int32_t *futureblockp,int32_t height,CBlockIndex *pindex,
{ {
if ( !CheckEquihashSolution(&blockhdr, Params()) ) if ( !CheckEquihashSolution(&blockhdr, Params()) )
return state.DoS(100, error("CheckBlockHeader(): Equihash solution invalid"),REJECT_INVALID, "invalid-solution"); return state.DoS(100, error("CheckBlockHeader(): Equihash solution invalid"),REJECT_INVALID, "invalid-solution");
// Skip the inline RandomX recompute only if the parallel pre-verify pool already verified if ( !CheckRandomXSolution(&blockhdr, height) )
// THIS block (fRandomXVerified set 1:1 on a real hash match). Every other case — pool miss,
// straggler, disabled pool, or any pindex==NULL caller (TestBlockValidity/VerifyDB/header
// accept) — falls through to the inline check, so consensus is unchanged.
if ( !(pindex && pindex->fRandomXVerified) && !CheckRandomXSolution(&blockhdr, height) )
return state.DoS(100, error("CheckBlockHeader(): RandomX solution invalid"),REJECT_INVALID, "invalid-randomx-solution"); return state.DoS(100, error("CheckBlockHeader(): RandomX solution invalid"),REJECT_INVALID, "invalid-randomx-solution");
} }
// Check proof of work matches claimed amount // Check proof of work matches claimed amount
@@ -6043,15 +5957,6 @@ bool static LoadBlockIndexDB()
pblocktree->ReadReindexing(fReindexing); pblocktree->ReadReindexing(fReindexing);
fReindex |= fReindexing; fReindex |= fReindexing;
// Restore the loaded-UTXO-snapshot height so the reorg-below-H guard survives restarts.
{
int snapHeight = -1;
if (pblocktree->ReadAssumeutxoHeight(snapHeight) && snapHeight >= 0) {
nAssumeutxoSnapshotHeight = snapHeight;
LogPrintf("%s: loaded-from-UTXO-snapshot height is %d; reorgs below it are refused\n", __func__, snapHeight);
}
}
// Check whether we have a transaction index // Check whether we have a transaction index
pblocktree->ReadFlag("txindex", fTxIndex); pblocktree->ReadFlag("txindex", fTxIndex);
LogPrintf("%s: transaction index %s\n", __func__, fTxIndex ? "enabled" : "disabled"); LogPrintf("%s: transaction index %s\n", __func__, fTxIndex ? "enabled" : "disabled");
@@ -6841,13 +6746,6 @@ void static ProcessGetData(CNode* pfrom)
std::deque<CInv>::iterator it = pfrom->vRecvGetData.begin(); std::deque<CInv>::iterator it = pfrom->vRecvGetData.begin();
vector<CInv> vNotFound; vector<CInv> vNotFound;
// Serve up to this many blocks per ProcessGetData pass. The old code broke after a SINGLE block,
// so a 16-block getdata was dribbled out one block per message-handler tick (~100ms), throttling
// block download for every peer fetching from us. Bound the per-pass work (cs_main is held while
// reading blocks from disk); any remainder is served on the next pass (the message handler keeps
// fSleep=false while vRecvGetData is non-empty, so there is no 100ms park between passes).
const unsigned int nMaxBlocksServedPerPass = 16;
unsigned int nBlocksServed = 0;
LOCK(cs_main); LOCK(cs_main);
@@ -6965,10 +6863,7 @@ void static ProcessGetData(CNode* pfrom)
} }
} }
// Serve a bounded batch of blocks per pass rather than one (see nMaxBlocksServedPerPass if (inv.type == MSG_BLOCK || inv.type == MSG_FILTERED_BLOCK)
// above). The send-buffer gate at the top of the loop still pauses us if the buffer fills;
// this counter bounds the cs_main hold for a (possibly malicious) large getdata.
if ((inv.type == MSG_BLOCK || inv.type == MSG_FILTERED_BLOCK) && ++nBlocksServed >= nMaxBlocksServedPerPass)
break; break;
} }
} }
@@ -8250,35 +8145,12 @@ bool SendMessages(CNode* pto, bool fSendTrickle)
if (!pto->fDisconnect && !pto->fClient && (fFetch || !IsInitialBlockDownload()) && state.nBlocksInFlight < MAX_BLOCKS_IN_TRANSIT_PER_PEER) { if (!pto->fDisconnect && !pto->fClient && (fFetch || !IsInitialBlockDownload()) && state.nBlocksInFlight < MAX_BLOCKS_IN_TRANSIT_PER_PEER) {
vector<CBlockIndex*> vToDownload; vector<CBlockIndex*> vToDownload;
NodeId staller = -1; NodeId staller = -1;
CBlockIndex *pFrontierStuck = NULL; FindNextBlocksToDownload(pto->GetId(), MAX_BLOCKS_IN_TRANSIT_PER_PEER - state.nBlocksInFlight, vToDownload, staller);
FindNextBlocksToDownload(pto->GetId(), MAX_BLOCKS_IN_TRANSIT_PER_PEER - state.nBlocksInFlight, vToDownload, staller, &pFrontierStuck);
BOOST_FOREACH(CBlockIndex *pindex, vToDownload) { BOOST_FOREACH(CBlockIndex *pindex, vToDownload) {
vGetData.push_back(CInv(MSG_BLOCK, pindex->GetBlockHash())); vGetData.push_back(CInv(MSG_BLOCK, pindex->GetBlockHash()));
MarkBlockAsInFlight(pto->GetId(), pindex->GetBlockHash(), consensusParams, pindex); MarkBlockAsInFlight(pto->GetId(), pindex->GetBlockHash(), consensusParams, pindex);
LogPrint("net", "Requesting block %s (%d) peer=%d\n", pindex->GetBlockHash().ToString(), pindex->GetHeight(), pto->id); LogPrint("net", "Requesting block %s (%d) peer=%d\n", pindex->GetBlockHash().ToString(), pindex->GetHeight(), pto->id);
} }
// Frontier reassignment: when this peer has nothing new to fetch because the next-needed
// (frontier) block is in flight from another, slow peer and has been stuck beyond a short
// threshold, re-request it from THIS (responsive) peer instead of waiting out the long
// (~72s) timeout or disconnecting the slow peer. This breaks the head-of-line stall that
// throttles IBD when downloading from few, distant peers. Trustless: the block is still
// fully validated on arrival - we only change which peer serves it. -blockreassigntimeout
// = seconds (0 disables; default 5).
static const int64_t nReassignUs = GetArg("-blockreassigntimeout", 5) * 1000000LL;
if (nReassignUs > 0 && vToDownload.empty() && pFrontierStuck != NULL &&
staller != -1 && staller != pto->GetId()) {
map<uint256, pair<NodeId, list<QueuedBlock>::iterator> >::iterator itF =
mapBlocksInFlight.find(pFrontierStuck->GetBlockHash());
if (itF != mapBlocksInFlight.end() && itF->second.first == staller &&
itF->second.second->nTime < nNow - nReassignUs) {
uint256 hReassign = pFrontierStuck->GetBlockHash();
LogPrint("net", "Reassigning stalled frontier block %s (%d) from peer=%d to peer=%d\n",
hReassign.ToString(), pFrontierStuck->GetHeight(), staller, pto->id);
MarkBlockAsReceived(hReassign); // free from slow peer (no disconnect)
vGetData.push_back(CInv(MSG_BLOCK, hReassign));
MarkBlockAsInFlight(pto->GetId(), hReassign, consensusParams, pFrontierStuck); // re-request from this peer
}
}
if (state.nBlocksInFlight == 0 && staller != -1) { if (state.nBlocksInFlight == 0 && staller != -1) {
if (State(staller)->nStallingSince == 0) { if (State(staller)->nStallingSince == 0) {
State(staller)->nStallingSince = nNow; State(staller)->nStallingSince = nNow;

20
src/main.h
View File

@@ -100,11 +100,7 @@ static const int MAX_BLOCKS_IN_TRANSIT_PER_PEER = 16;
/** Timeout in seconds during which a peer must stall block download progress before being disconnected. */ /** Timeout in seconds during which a peer must stall block download progress before being disconnected. */
static const unsigned int BLOCK_STALLING_TIMEOUT = 2; static const unsigned int BLOCK_STALLING_TIMEOUT = 2;
/** Number of headers sent in one getheaders result. We rely on the assumption that if a peer sends /** Number of headers sent in one getheaders result. We rely on the assumption that if a peer sends
* less than this number, we reached its tip. Changing this value is a protocol upgrade: the * less than this number, we reached its tip. Changing this value is a protocol upgrade. */
* continuation logic (main.cpp, "nCount == MAX_HEADERS_RESULTS") and the serve-side limit must
* match across the network, so a single node raising it unilaterally would mis-detect a stock
* peer's 160-header reply as "tip reached" and stall header sync. Raise only as a coordinated
* network upgrade (with a protocol-version bump). */
static const unsigned int MAX_HEADERS_RESULTS = 160; static const unsigned int MAX_HEADERS_RESULTS = 160;
/** Size of the "block download window": how far ahead of our current height do we fetch? /** Size of the "block download window": how far ahead of our current height do we fetch?
* Larger windows tolerate larger download speed differences between peer, but increase the potential * Larger windows tolerate larger download speed differences between peer, but increase the potential
@@ -159,7 +155,6 @@ extern bool fExperimentalMode;
extern bool fImporting; extern bool fImporting;
extern bool fReindex; extern bool fReindex;
extern int nScriptCheckThreads; extern int nScriptCheckThreads;
extern int nRandomXVerifyThreads;
extern bool fTxIndex; extern bool fTxIndex;
extern bool fZindex; extern bool fZindex;
extern bool fIsBareMultisigStd; extern bool fIsBareMultisigStd;
@@ -935,19 +930,6 @@ extern CChain chainActive;
/** Global variable that points to the active CCoinsView (protected by cs_main) */ /** Global variable that points to the active CCoinsView (protected by cs_main) */
extern CCoinsViewCache *pcoinsTip; extern CCoinsViewCache *pcoinsTip;
/** Global variable that points to the coins database (chainstate/, protected by cs_main).
* Exposed for the UTXO-snapshot (assumeutxo-style) dump/load paths. */
class CCoinsViewDB;
extern CCoinsViewDB *pcoinsdbview;
/** Activate a trusted UTXO snapshot (already written to the chainstate DB by LoadSnapshot) as the
* chain tip at its height H, without replaying blocks 0..H. Headers for H must already exist. */
struct CUTXOSnapshotHeader;
bool LoadSnapshotChainstate(const CUTXOSnapshotHeader& header, std::string& strError);
/** Height H of a loaded UTXO snapshot (assumeutxo). Reorgs whose fork point is below H are refused
* because the node has no block/undo data for 0..H. -1 means no snapshot is in effect. */
extern int nAssumeutxoSnapshotHeight;
/** Global variable that points to the active block tree (protected by cs_main) */ /** Global variable that points to the active block tree (protected by cs_main) */
extern CBlockTreeDB *pblocktree; extern CBlockTreeDB *pblocktree;

6
src/net.cpp
View File

@@ -33,8 +33,6 @@
#include "crypto/common.h" #include "crypto/common.h"
#include "hush/utiltls.h" #include "hush/utiltls.h"
#include <random.h> #include <random.h>
#include <random>
#include <limits>
#ifdef _WIN32 #ifdef _WIN32
#include <string.h> #include <string.h>
#else #else
@@ -2006,7 +2004,7 @@ void ThreadMessageHandler()
// Randomize the order in which we process messages from/to our peers. // Randomize the order in which we process messages from/to our peers.
// This prevents attacks in which an attacker exploits having multiple // This prevents attacks in which an attacker exploits having multiple
// consecutive connections in the vNodes list. // consecutive connections in the vNodes list.
std::shuffle(vNodesCopy.begin(), vNodesCopy.end(), std::mt19937(GetRand(std::numeric_limits<uint32_t>::max()))); random_shuffle(vNodesCopy.begin(), vNodesCopy.end(), GetRandInt);
BOOST_FOREACH(CNode* pnode, vNodesCopy) BOOST_FOREACH(CNode* pnode, vNodesCopy)
{ {
@@ -2518,7 +2516,7 @@ void RelayTransaction(const CTransaction& tx, const CDataStream& ss)
// We always round down, except when we have only 1 connection // We always round down, except when we have only 1 connection
auto newSize = (vNodes.size() / 2) == 0 ? 1 : (vNodes.size() / 2); auto newSize = (vNodes.size() / 2) == 0 ? 1 : (vNodes.size() / 2);
std::shuffle( vRelayNodes.begin(), vRelayNodes.end(), std::mt19937(GetRand(std::numeric_limits<uint32_t>::max())) ); random_shuffle( vRelayNodes.begin(), vRelayNodes.end(), GetRandInt );
vRelayNodes.resize(newSize); vRelayNodes.resize(newSize);
if (HUSH_TESTNODE==1 && vNodes.size() == 0) { if (HUSH_TESTNODE==1 && vNodes.size() == 0) {

225
src/pow.cpp
View File

@@ -18,7 +18,6 @@
* * * *
******************************************************************************/ ******************************************************************************/
#include "pow.h" #include "pow.h"
#include "checkpoints.h"
#include "consensus/upgrades.h" #include "consensus/upgrades.h"
#include "arith_uint256.h" #include "arith_uint256.h"
#include "chain.h" #include "chain.h"
@@ -31,8 +30,6 @@
#include "sodium.h" #include "sodium.h"
#include "RandomX/src/randomx.h" #include "RandomX/src/randomx.h"
#include <mutex> #include <mutex>
#include <boost/thread/shared_mutex.hpp>
#include <boost/thread/locks.hpp>
#ifdef ENABLE_RUST #ifdef ENABLE_RUST
#include "librustzcash.h" #include "librustzcash.h"
@@ -707,7 +704,6 @@ static std::mutex cs_randomx_validator;
static randomx_cache *s_rxCache = nullptr; static randomx_cache *s_rxCache = nullptr;
static randomx_vm *s_rxVM = nullptr; static randomx_vm *s_rxVM = nullptr;
static std::string s_rxCurrentKey; // tracks current key to avoid re-init static std::string s_rxCurrentKey; // tracks current key to avoid re-init
static int64_t nTimeRandomX = 0; // cumulative RandomX validation time (us), reported under -debug=bench
// Thread-local flag: skip CheckRandomXSolution when the miner is validating its own block // Thread-local flag: skip CheckRandomXSolution when the miner is validating its own block
// The miner already computed the correct RandomX hash — re-verifying with a separate // The miner already computed the correct RandomX hash — re-verifying with a separate
@@ -718,70 +714,26 @@ void SetSkipRandomXValidation(bool skip) { fSkipRandomXValidation = skip; }
CBlockIndex *hush_chainactive(int32_t height); CBlockIndex *hush_chainactive(int32_t height);
// Centralized predicate: does a block at this height actually require a RandomX hash check?
// Shared by CheckRandomXSolution (inline path) and the parallel pre-verify pool so the two can
// never drift. Returns false when the recompute is unnecessary:
// - non-RandomX chain, or RandomX validation disabled (activation height < 0)
// - below the RandomX activation height (those blocks used Equihash, validated elsewhere)
// - during initial on-disk block loading / reindex (HUSH_LOADINGBLOCKS)
// - below the last hardcoded checkpoint (chain pinned by checkpoint hash + linkage + work)
// Deliberately does NOT consider the thread-local fSkipRandomXValidation (miner self-check) — that
// is a property of the calling thread, handled only in the inline CheckRandomXSolution below.
bool RandomXValidationRequired(int32_t height)
{
if (ASSETCHAINS_ALGO != ASSETCHAINS_RANDOMX)
return false;
if (ASSETCHAINS_RANDOMX_VALIDATION < 0)
return false;
if (height < ASSETCHAINS_RANDOMX_VALIDATION)
return false;
extern int32_t HUSH_LOADINGBLOCKS;
if (HUSH_LOADINGBLOCKS != 0)
return false;
extern bool fCheckpointsEnabled;
if (fCheckpointsEnabled && height < Checkpoints::GetTotalBlocksEstimate(Params().Checkpoints()))
return false;
return true;
}
// Serialize the RandomX hash input: the block header without nSolution (but with nNonce). Used by
// both the inline CheckRandomXSolution and the parallel pre-verify pool, so the bytes are identical.
std::vector<unsigned char> GetRandomXInput(const CBlockHeader& block)
{
CRandomXInput rxInput(block);
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
ss << rxInput;
return std::vector<unsigned char>(ss.begin(), ss.end());
}
// Derive the RandomX key string for a block at `height`. Below interval+lag it is the chain-params
// initial key; otherwise the block hash at the key-rotation height. MUST be called under cs_main
// (reads chainActive via hush_chainactive). Returns empty if the key-height block is unavailable.
std::string GetRandomXKey(int32_t height)
{
static int randomxInterval = GetRandomXInterval();
static int randomxBlockLag = GetRandomXBlockLag();
if (height < randomxInterval + randomxBlockLag) {
char initialKey[82];
snprintf(initialKey, 81, "%08x%s%08x", ASSETCHAINS_MAGIC, SMART_CHAIN_SYMBOL, ASSETCHAINS_RPCPORT);
return std::string(initialKey, strlen(initialKey));
}
int keyHeight = ((height - randomxBlockLag) / randomxInterval) * randomxInterval;
CBlockIndex *pKeyIndex = hush_chainactive(keyHeight);
if (pKeyIndex == nullptr)
return std::string();
uint256 blockKey = pKeyIndex->GetBlockHash();
return std::string((const char*)&blockKey, sizeof(blockKey));
}
bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height) bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height)
{ {
// Centralized height gate (shared with the parallel pre-verify pool, Stage 0). // Only applies to RandomX chains
if (!RandomXValidationRequired(height)) if (ASSETCHAINS_ALGO != ASSETCHAINS_RANDOMX)
return true; return true;
// Skip when the miner is validating its own freshly-mined block via TestBlockValidity // Disabled if activation height is negative
// (thread-local; never set on the connect thread or the pre-verify worker threads). if (ASSETCHAINS_RANDOMX_VALIDATION < 0)
return true;
// Not yet at activation height
if (height < ASSETCHAINS_RANDOMX_VALIDATION)
return true;
// Do not affect initial block loading
extern int32_t HUSH_LOADINGBLOCKS;
if (HUSH_LOADINGBLOCKS != 0)
return true;
// Skip when miner is validating its own block via TestBlockValidity
if (fSkipRandomXValidation) if (fSkipRandomXValidation)
return true; return true;
@@ -791,44 +743,47 @@ bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height)
pblock->nSolution.size(), RANDOMX_HASH_SIZE, height); pblock->nSolution.size(), RANDOMX_HASH_SIZE, height);
} }
// Derive the key (shared helper) and serialize the input (identical bytes to the pool path). static int randomxInterval = GetRandomXInterval();
std::string rxKey = GetRandomXKey(height); static int randomxBlockLag = GetRandomXBlockLag();
if (rxKey.empty())
return error("CheckRandomXSolution(): cannot derive RandomX key for height %d", height); // Determine the correct RandomX key for this height
std::vector<unsigned char> ssInput = GetRandomXInput(*pblock); char initialKey[82];
snprintf(initialKey, 81, "%08x%s%08x", ASSETCHAINS_MAGIC, SMART_CHAIN_SYMBOL, ASSETCHAINS_RPCPORT);
std::string rxKey;
if (height < randomxInterval + randomxBlockLag) {
// Use initial key derived from chain params
rxKey = std::string(initialKey, strlen(initialKey));
} else {
// Use block hash at the key height
int keyHeight = ((height - randomxBlockLag) / randomxInterval) * randomxInterval;
CBlockIndex *pKeyIndex = hush_chainactive(keyHeight);
if (pKeyIndex == nullptr) {
return error("CheckRandomXSolution(): cannot get block index at key height %d for block %d", keyHeight, height);
}
uint256 blockKey = pKeyIndex->GetBlockHash();
rxKey = std::string((const char*)&blockKey, sizeof(blockKey));
}
// Serialize the block header without nSolution (but with nNonce) as RandomX input
CRandomXInput rxInput(*pblock);
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
ss << rxInput;
char computedHash[RANDOMX_HASH_SIZE]; char computedHash[RANDOMX_HASH_SIZE];
// Measurement (Track 1): isolate RandomX verification cost during IBD. The
// expensive parts are the per-key cache (re)init (~every GetRandomXInterval()
// blocks) and the hash computation itself; both happen under the lock below.
int64_t nTimeRxStart = GetTimeMicros();
bool fKeyInit = false;
{ {
std::lock_guard<std::mutex> lock(cs_randomx_validator); std::lock_guard<std::mutex> lock(cs_randomx_validator);
// Initialize cache + VM if needed, or re-init if key changed // Initialize cache + VM if needed, or re-init if key changed
if (s_rxCache == nullptr) { if (s_rxCache == nullptr) {
randomx_flags flags = randomx_get_flags(); randomx_flags flags = randomx_get_flags();
// Try large pages for the 256MB validator cache: fewer TLB misses → ~15-30% faster s_rxCache = randomx_alloc_cache(flags);
// light-mode validation where the OS has hugepages configured. Falls back transparently
// when unavailable, exactly as the miner does (miner.cpp:1097). Page size does not affect
// the computed hash, so this is consensus-neutral.
bool fLargePages = true;
s_rxCache = randomx_alloc_cache(flags | RANDOMX_FLAG_LARGE_PAGES);
if (s_rxCache == nullptr) {
fLargePages = false;
s_rxCache = randomx_alloc_cache(flags);
}
if (s_rxCache == nullptr) { if (s_rxCache == nullptr) {
return error("CheckRandomXSolution(): failed to allocate RandomX cache"); return error("CheckRandomXSolution(): failed to allocate RandomX cache");
} }
// Confirm the fast paths are active (JIT off would be ~9x slower; see randomx-benchmark).
LogPrint("bench", "CheckRandomXSolution: RandomX flags=0x%x JIT=%d HARD_AES=%d largePages=%d\n",
(unsigned int)flags, !!(flags & RANDOMX_FLAG_JIT), !!(flags & RANDOMX_FLAG_HARD_AES), (int)fLargePages);
randomx_init_cache(s_rxCache, rxKey.data(), rxKey.size()); randomx_init_cache(s_rxCache, rxKey.data(), rxKey.size());
s_rxCurrentKey = rxKey; s_rxCurrentKey = rxKey;
fKeyInit = true;
s_rxVM = randomx_create_vm(flags, s_rxCache, nullptr); s_rxVM = randomx_create_vm(flags, s_rxCache, nullptr);
if (s_rxVM == nullptr) { if (s_rxVM == nullptr) {
randomx_release_cache(s_rxCache); randomx_release_cache(s_rxCache);
@@ -838,17 +793,11 @@ bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height)
} else if (s_rxCurrentKey != rxKey) { } else if (s_rxCurrentKey != rxKey) {
randomx_init_cache(s_rxCache, rxKey.data(), rxKey.size()); randomx_init_cache(s_rxCache, rxKey.data(), rxKey.size());
s_rxCurrentKey = rxKey; s_rxCurrentKey = rxKey;
fKeyInit = true;
randomx_vm_set_cache(s_rxVM, s_rxCache); randomx_vm_set_cache(s_rxVM, s_rxCache);
} }
randomx_calculate_hash(s_rxVM, ssInput.data(), ssInput.size(), computedHash); randomx_calculate_hash(s_rxVM, &ss[0], ss.size(), computedHash);
} }
int64_t nTimeRxEnd = GetTimeMicros();
nTimeRandomX += nTimeRxEnd - nTimeRxStart;
LogPrint("bench", " - RandomX verify ht=%d: %.2fms%s [%.2fs]\n",
height, (nTimeRxEnd - nTimeRxStart) * 0.001,
fKeyInit ? " (key-init)" : "", nTimeRandomX * 0.000001);
// Compare computed hash against nSolution // Compare computed hash against nSolution
if (memcmp(computedHash, pblock->nSolution.data(), RANDOMX_HASH_SIZE) != 0) { if (memcmp(computedHash, pblock->nSolution.data(), RANDOMX_HASH_SIZE) != 0) {
@@ -865,7 +814,7 @@ bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height)
fprintf(stderr, " computed : %s\n", computedHex.c_str()); fprintf(stderr, " computed : %s\n", computedHex.c_str());
fprintf(stderr, " nSolution: %s\n", solutionHex.c_str()); fprintf(stderr, " nSolution: %s\n", solutionHex.c_str());
fprintf(stderr, " rxKey size=%lu, input size=%lu, nNonce=%s\n", fprintf(stderr, " rxKey size=%lu, input size=%lu, nNonce=%s\n",
rxKey.size(), ssInput.size(), pblock->nNonce.ToString().c_str()); rxKey.size(), ss.size(), pblock->nNonce.ToString().c_str());
fprintf(stderr, " nSolution.size()=%lu, RANDOMX_HASH_SIZE=%d\n", fprintf(stderr, " nSolution.size()=%lu, RANDOMX_HASH_SIZE=%d\n",
pblock->nSolution.size(), RANDOMX_HASH_SIZE); pblock->nSolution.size(), RANDOMX_HASH_SIZE);
// Also log to debug.log // Also log to debug.log
@@ -873,7 +822,7 @@ bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height)
LogPrintf(" computed : %s\n", computedHex); LogPrintf(" computed : %s\n", computedHex);
LogPrintf(" nSolution: %s\n", solutionHex); LogPrintf(" nSolution: %s\n", solutionHex);
LogPrintf(" rxKey size=%lu, input size=%lu, nNonce=%s\n", LogPrintf(" rxKey size=%lu, input size=%lu, nNonce=%s\n",
rxKey.size(), ssInput.size(), pblock->nNonce.ToString()); rxKey.size(), ss.size(), pblock->nNonce.ToString());
return false; return false;
} }
@@ -881,88 +830,6 @@ bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height)
return true; return true;
} }
// ============================================================================================
// Parallel RandomX pre-verification pool (Stage 2).
// One shared light-mode cache (holding a single key at a time) + per-thread VMs, mirroring the
// miner's RandomXDatasetManager pattern (miner.cpp). The connect thread (ActivateBestChainStep)
// loads the cache key for a same-key group of about-to-be-connected blocks, dispatches them to
// this pool, and barrier-waits; each worker hashes on its own VM (sharing the read-only cache)
// and, on a match, sets the block's transient fRandomXVerified flag so the inline check in
// CheckBlockHeader can be skipped. The inline path remains the consensus authority for anything
// not pre-verified, so the pool can only ever flip false->true on a real hash match.
static boost::shared_mutex g_rxvMutex; // shared = hashing; exclusive = cache (re)init
static randomx_cache* g_rxvCache = nullptr; // shared, read-only during hashing
static std::string g_rxvKey; // key currently loaded into g_rxvCache
static randomx_flags g_rxvFlags;
static thread_local randomx_vm* tls_rxvVM = nullptr;
static thread_local std::string tls_rxvVMKey;
CCheckQueue<CRandomXCheck> rxCheckQueue(1); // batch size 1: each item is ~tens of ms
bool RandomXValidatorPrepareKey(const std::string& rxKey)
{
boost::unique_lock<boost::shared_mutex> lock(g_rxvMutex);
if (g_rxvCache == nullptr) {
g_rxvFlags = randomx_get_flags();
g_rxvCache = randomx_alloc_cache(g_rxvFlags | RANDOMX_FLAG_LARGE_PAGES);
if (g_rxvCache == nullptr)
g_rxvCache = randomx_alloc_cache(g_rxvFlags);
if (g_rxvCache == nullptr) {
LogPrintf("RandomXValidatorPrepareKey: cache alloc failed; parallel pre-verify disabled\n");
return false;
}
randomx_init_cache(g_rxvCache, rxKey.data(), rxKey.size());
g_rxvKey = rxKey;
return true;
}
if (g_rxvKey != rxKey) {
randomx_init_cache(g_rxvCache, rxKey.data(), rxKey.size());
g_rxvKey = rxKey;
}
return true;
}
bool CRandomXCheck::operator()()
{
boost::shared_lock<boost::shared_mutex> lock(g_rxvMutex);
// The connect thread set the shared cache to one key before dispatching this group. If this
// item's key doesn't match (e.g. a key-rotation straggler) or the cache is unavailable, skip it
// and leave *presult false — the inline CheckRandomXSolution will verify it.
if (g_rxvCache == nullptr || g_rxvKey != rxKey)
return true;
if (tls_rxvVM == nullptr) {
tls_rxvVM = randomx_create_vm(g_rxvFlags, g_rxvCache, nullptr);
if (tls_rxvVM == nullptr)
return true; // cannot verify here -> inline fallback
tls_rxvVMKey = g_rxvKey;
} else if (tls_rxvVMKey != g_rxvKey) {
// Cache was re-initialized to a new key since this VM last ran; rebind.
randomx_vm_set_cache(tls_rxvVM, g_rxvCache);
tls_rxvVMKey = g_rxvKey;
}
unsigned char h[RANDOMX_HASH_SIZE];
randomx_calculate_hash(tls_rxvVM, input.data(), input.size(), h);
if (memcmp(h, expected, RANDOMX_HASH_SIZE) == 0 && presult != nullptr)
*presult = true;
return true; // ALWAYS true: never short-circuit the queue; per-block result is in *presult
}
void ThreadRandomXVerify()
{
RenameThread("hush-rxverify");
rxCheckQueue.Thread();
}
void RandomXValidatorShutdown()
{
boost::unique_lock<boost::shared_mutex> lock(g_rxvMutex);
// Per-thread VMs are intentionally leaked (process exiting); release the shared cache.
if (g_rxvCache != nullptr) {
randomx_release_cache(g_rxvCache);
g_rxvCache = nullptr;
}
}
int32_t hush_chosennotary(int32_t *notaryidp,int32_t height,uint8_t *pubkey33,uint32_t timestamp); int32_t hush_chosennotary(int32_t *notaryidp,int32_t height,uint8_t *pubkey33,uint32_t timestamp);
int32_t hush_currentheight(); int32_t hush_currentheight();
void hush_index2pubkey33(uint8_t *pubkey33,CBlockIndex *pindex,int32_t height); void hush_index2pubkey33(uint8_t *pubkey33,CBlockIndex *pindex,int32_t height);

54
src/pow.h
View File

@@ -21,13 +21,8 @@
#define HUSH_POW_H #define HUSH_POW_H
#include "chain.h" #include "chain.h"
#include "checkqueue.h"
#include "consensus/params.h" #include "consensus/params.h"
#include <stdint.h> #include <stdint.h>
#include <cstring>
#include <string>
#include <utility>
#include <vector>
class CBlockHeader; class CBlockHeader;
class CBlockIndex; class CBlockIndex;
@@ -46,55 +41,6 @@ bool CheckEquihashSolution(const CBlockHeader *pblock, const CChainParams&);
/** Check whether a block header contains a valid RandomX solution */ /** Check whether a block header contains a valid RandomX solution */
bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height); bool CheckRandomXSolution(const CBlockHeader *pblock, int32_t height);
/** Whether a block at this height requires a RandomX hash check (shared gate used by both the
* inline CheckRandomXSolution and the parallel pre-verification pool). */
bool RandomXValidationRequired(int32_t height);
/** Serialize the RandomX hash input (block header without nSolution) — identical bytes to the
* inline CheckRandomXSolution path, so the parallel pool computes the same hash. */
std::vector<unsigned char> GetRandomXInput(const CBlockHeader& block);
/** Derive the RandomX key string for a block at `height`. MUST be called under cs_main (reads
* chainActive). Returns empty string if the key-height block is unavailable. */
std::string GetRandomXKey(int32_t height);
/** A single RandomX pre-verification work item for the parallel validator pool. Pure value type
* (no chainstate pointers) so workers need no cs_main. On a hash match it sets *presult=true; on
* any failure it leaves *presult untouched — the inline CheckRandomXSolution remains the
* consensus authority and re-verifies anything not pre-verified. operator() ALWAYS returns true,
* so one block's failure never short-circuits the rest of the CCheckQueue batch. */
class CRandomXCheck
{
private:
std::string rxKey; // RandomX key for this block's height
std::vector<unsigned char> input; // serialized CRandomXInput(header)
unsigned char expected[32]; // block.nSolution (claimed RandomX hash)
bool* presult; // -> pindex->fRandomXVerified (set true only on a hash match)
public:
CRandomXCheck() : presult(nullptr) { memset(expected, 0, sizeof(expected)); }
CRandomXCheck(const std::string& keyIn, std::vector<unsigned char> inputIn,
const unsigned char* expectedIn, bool* presultIn)
: rxKey(keyIn), input(std::move(inputIn)), presult(presultIn)
{ memcpy(expected, expectedIn, sizeof(expected)); }
bool operator()();
void swap(CRandomXCheck& c) {
rxKey.swap(c.rxKey);
input.swap(c.input);
std::swap(presult, c.presult);
for (int i = 0; i < 32; i++) std::swap(expected[i], c.expected[i]);
}
};
/** The RandomX pre-verification check queue (parallel pool). */
extern CCheckQueue<CRandomXCheck> rxCheckQueue;
/** Worker entry point (spawn N at startup, mirrors ThreadScriptCheck). */
void ThreadRandomXVerify();
/** Load `rxKey` into the shared validator cache (alloc on first use); call before dispatching a
* same-key group of checks. Returns false on allocation failure. */
bool RandomXValidatorPrepareKey(const std::string& rxKey);
/** Release the shared validator cache at shutdown. */
void RandomXValidatorShutdown();
/** Set thread-local flag to skip RandomX validation (used by miner during TestBlockValidity) */ /** Set thread-local flag to skip RandomX validation (used by miner during TestBlockValidity) */
void SetSkipRandomXValidation(bool skip); void SetSkipRandomXValidation(bool skip);

83
src/rpc/blockchain.cpp
View File

@@ -30,9 +30,7 @@
#include "rpc/server.h" #include "rpc/server.h"
#include "streams.h" #include "streams.h"
#include "sync.h" #include "sync.h"
#include "txdb.h"
#include "util.h" #include "util.h"
#include <boost/filesystem.hpp>
#include "script/script.h" #include "script/script.h"
#include "script/script_error.h" #include "script/script_error.h"
#include "script/sign.h" #include "script/sign.h"
@@ -324,15 +322,6 @@ UniValue blockToJSON(const CBlock& block, const CBlockIndex* blockindex, bool tx
result.push_back(Pair("anchor", blockindex->hashFinalSproutRoot.GetHex())); result.push_back(Pair("anchor", blockindex->hashFinalSproutRoot.GetHex()));
result.push_back(Pair("blocktype", "mined")); result.push_back(Pair("blocktype", "mined"));
// Report block subsidy and fees separately so explorers don't have to
// reimplement the reward schedule to display them.
CAmount nSubsidy = GetBlockSubsidy(blockindex->GetHeight(), Params().GetConsensus());
CAmount nCoinbase = block.vtx[0].GetValueOut();
CAmount nFees = nCoinbase - nSubsidy;
if (nFees < 0) nFees = 0; // block 1 has premine, avoid negative
result.push_back(Pair("subsidy", ValueFromAmount(nSubsidy)));
result.push_back(Pair("fees", ValueFromAmount(nFees)));
UniValue valuePools(UniValue::VARR); UniValue valuePools(UniValue::VARR);
valuePools.push_back(ValuePoolDesc("sapling", blockindex->nChainSaplingValue, blockindex->nSaplingValue)); valuePools.push_back(ValuePoolDesc("sapling", blockindex->nChainSaplingValue, blockindex->nSaplingValue));
result.push_back(Pair("valuePools", valuePools)); result.push_back(Pair("valuePools", valuePools));
@@ -862,77 +851,6 @@ UniValue gettxoutsetinfo(const UniValue& params, bool fHelp, const CPubKey& mypk
return ret; return ret;
} }
UniValue dumptxoutset(const UniValue& params, bool fHelp, const CPubKey& mypk)
{
if (fHelp || params.size() != 1)
throw runtime_error(
"dumptxoutset \"path\"\n"
"\nWrite a trusted snapshot of the current chainstate (UTXO set + Sapling commitment\n"
"trees, nullifier set and pool value) to disk. The snapshot can be loaded by a fresh\n"
"node with -loadutxosnapshot=<file> to skip replaying the chain from genesis.\n"
"\nThis is intended to be run at a final/checkpoint height; the node must be fully synced.\n"
"\nArguments:\n"
"1. \"path\" (string, required) path to write the snapshot file (must not already exist)\n"
"\nResult:\n"
"{\n"
" \"height\": n, (numeric) snapshot height H\n"
" \"base_hash\": \"hex\", (string) block hash at height H\n"
" \"snapshot_hash\": \"hex\", (string) content hash to hardcode for verification\n"
" \"coins\": n, (numeric) number of UTXO records\n"
" \"sapling_anchors\": n, (numeric) number of Sapling anchor records\n"
" \"sapling_nullifiers\": n, (numeric) number of Sapling nullifier records\n"
" \"path\": \"...\" (string) the file written\n"
"}\n"
"\nExamples:\n"
+ HelpExampleCli("dumptxoutset", "/path/to/dragonx-utxo.dat")
+ HelpExampleRpc("dumptxoutset", "\"/path/to/dragonx-utxo.dat\"")
);
boost::filesystem::path path = boost::filesystem::absolute(params[0].get_str());
if (boost::filesystem::exists(path))
throw JSONRPCError(RPC_INVALID_PARAMETER, "path already exists, refusing to overwrite: " + path.string());
LOCK(cs_main);
if (pcoinsdbview == nullptr || pcoinsTip == nullptr)
throw JSONRPCError(RPC_INTERNAL_ERROR, "chainstate not available");
// Flush so the on-disk chainstate matches the in-memory tip before we iterate it.
FlushStateToDisk();
CBlockIndex *tip = chainActive.Tip();
if (tip == nullptr)
throw JSONRPCError(RPC_INTERNAL_ERROR, "no chain tip");
CUTXOSnapshotHeader header;
header.nMagic = UTXO_SNAPSHOT_MAGIC;
header.nVersion = UTXO_SNAPSHOT_VERSION;
memcpy(&header.nNetworkMagic, Params().MessageStart(), 4);
header.baseBlockHash = tip->GetBlockHash();
header.nHeight = tip->GetHeight();
header.nChainTx = tip->nChainTx;
if (tip->nChainSaplingValue) {
header.fHasChainSaplingValue = 1;
header.nChainSaplingValue = *tip->nChainSaplingValue;
}
header.bestSaplingAnchor = pcoinsdbview->GetBestAnchor(SAPLING);
uint256 snapshotHash;
std::string strError;
if (!pcoinsdbview->DumpSnapshot(path.string(), header, snapshotHash, strError))
throw JSONRPCError(RPC_INTERNAL_ERROR, "dumptxoutset failed: " + strError);
UniValue ret(UniValue::VOBJ);
ret.push_back(Pair("height", (int64_t)header.nHeight));
ret.push_back(Pair("base_hash", header.baseBlockHash.GetHex()));
ret.push_back(Pair("snapshot_hash", snapshotHash.GetHex()));
ret.push_back(Pair("coins", (int64_t)header.nCoins));
ret.push_back(Pair("sapling_anchors", (int64_t)header.nSaplingAnchors));
ret.push_back(Pair("sapling_nullifiers", (int64_t)header.nSaplingNullifiers));
ret.push_back(Pair("path", path.string()));
return ret;
}
UniValue getblockmerkletree(const UniValue& params, bool fHelp, const CPubKey& mypk) UniValue getblockmerkletree(const UniValue& params, bool fHelp, const CPubKey& mypk)
{ {
if (fHelp || params.size() != 1 ) if (fHelp || params.size() != 1 )
@@ -1924,7 +1842,6 @@ static const CRPCCommand commands[] =
{ "blockchain", "getrawmempool", &getrawmempool, true }, { "blockchain", "getrawmempool", &getrawmempool, true },
{ "blockchain", "gettxout", &gettxout, true }, { "blockchain", "gettxout", &gettxout, true },
{ "blockchain", "gettxoutsetinfo", &gettxoutsetinfo, true }, { "blockchain", "gettxoutsetinfo", &gettxoutsetinfo, true },
{ "blockchain", "dumptxoutset", &dumptxoutset, true },
{ "blockchain", "verifychain", &verifychain, true }, { "blockchain", "verifychain", &verifychain, true },
/* Not shown in help */ /* Not shown in help */

4
src/transaction_builder.cpp
View File

@@ -11,8 +11,6 @@
#include <boost/optional/optional_io.hpp> #include <boost/optional/optional_io.hpp>
#include <librustzcash.h> #include <librustzcash.h>
#include "zcash/Note.hpp" #include "zcash/Note.hpp"
#include <random>
#include <limits>
extern bool fZDebug; extern bool fZDebug;
SpendDescriptionInfo::SpendDescriptionInfo( SpendDescriptionInfo::SpendDescriptionInfo(
@@ -68,7 +66,7 @@ void TransactionBuilder::AddSaplingOutput(
void TransactionBuilder::ShuffleOutputs() void TransactionBuilder::ShuffleOutputs()
{ {
LogPrintf("%s: Shuffling %d zouts\n", __func__, outputs.size() ); LogPrintf("%s: Shuffling %d zouts\n", __func__, outputs.size() );
std::shuffle( outputs.begin(), outputs.end(), std::mt19937(GetRand(std::numeric_limits<uint32_t>::max())) ); random_shuffle( outputs.begin(), outputs.end(), GetRandInt );
} }
void TransactionBuilder::AddTransparentInput(COutPoint utxo, CScript scriptPubKey, CAmount value, uint32_t _nSequence) void TransactionBuilder::AddTransparentInput(COutPoint utxo, CScript scriptPubKey, CAmount value, uint32_t _nSequence)

237
src/txdb.cpp
View File

@@ -21,11 +21,9 @@
#include "txdb.h" #include "txdb.h"
#include "chainparams.h" #include "chainparams.h"
#include "clientversion.h"
#include "hash.h" #include "hash.h"
#include "main.h" #include "main.h"
#include "pow.h" #include "pow.h"
#include "streams.h"
#include "uint256.h" #include "uint256.h"
#include "core_io.h" #include "core_io.h"
#include <stdint.h> #include <stdint.h>
@@ -271,233 +269,6 @@ bool CCoinsViewDB::GetStats(CCoinsStats &stats) const {
return true; return true;
} }
// Helper: count entries in the coins DB whose key prefix matches `prefix`.
// LevelDB returns keys in sorted order, so iteration is deterministic across nodes.
static uint64_t CountByPrefix(CDBWrapper &db, char prefix)
{
boost::scoped_ptr<CDBIterator> pcursor(db.NewIterator());
uint64_t n = 0;
for (pcursor->Seek(prefix); pcursor->Valid(); pcursor->Next()) {
boost::this_thread::interruption_point();
std::pair<char, uint256> key;
if (pcursor->GetKey(key) && key.first == prefix) n++;
else break;
}
return n;
}
bool CCoinsViewDB::DumpSnapshot(const std::string &path, CUTXOSnapshotHeader &header, uint256 &hashRet, std::string &strError) const
{
CDBWrapper *pdb = const_cast<CDBWrapper*>(&db);
// Counting pass (caller holds cs_main and has flushed, so the set is stable).
header.nCoins = CountByPrefix(*pdb, DB_COINS);
header.nSaplingAnchors = CountByPrefix(*pdb, DB_SAPLING_ANCHOR);
header.nSaplingNullifiers = CountByPrefix(*pdb, DB_SAPLING_NULLIFIER);
FILE *f = fopen(path.c_str(), "wb");
if (f == nullptr) { strError = "cannot open snapshot file for writing: " + path; return false; }
CAutoFile fileout(f, SER_DISK, CLIENT_VERSION);
// The content hash is computed over the same logical object stream the loader will
// reconstruct, so producer and consumer agree regardless of on-disk encoding.
CHashWriter hasher(SER_GETHASH, PROTOCOL_VERSION);
fileout << header;
hasher << header;
// Coins ('c')
{
boost::scoped_ptr<CDBIterator> pcursor(pdb->NewIterator());
uint64_t n = 0;
for (pcursor->Seek(DB_COINS); pcursor->Valid(); pcursor->Next()) {
boost::this_thread::interruption_point();
std::pair<char, uint256> key;
CCoins coins;
if (pcursor->GetKey(key) && key.first == DB_COINS) {
if (!pcursor->GetValue(coins)) { strError = "failed reading coins record"; return false; }
fileout << key.second; hasher << key.second;
fileout << coins; hasher << coins;
n++;
} else break;
}
if (n != header.nCoins) { strError = "coin count changed during dump"; return false; }
}
// Sapling anchors ('Z') — the commitment trees referenced by spends above H.
{
boost::scoped_ptr<CDBIterator> pcursor(pdb->NewIterator());
uint64_t n = 0;
for (pcursor->Seek(DB_SAPLING_ANCHOR); pcursor->Valid(); pcursor->Next()) {
boost::this_thread::interruption_point();
std::pair<char, uint256> key;
SaplingMerkleTree tree;
if (pcursor->GetKey(key) && key.first == DB_SAPLING_ANCHOR) {
if (!pcursor->GetValue(tree)) { strError = "failed reading sapling anchor"; return false; }
fileout << key.second; hasher << key.second;
fileout << tree; hasher << tree;
n++;
} else break;
}
if (n != header.nSaplingAnchors) { strError = "sapling anchor count changed during dump"; return false; }
}
// Sapling nullifiers ('S') — spent markers; value is always true, so only the key matters.
{
boost::scoped_ptr<CDBIterator> pcursor(pdb->NewIterator());
uint64_t n = 0;
for (pcursor->Seek(DB_SAPLING_NULLIFIER); pcursor->Valid(); pcursor->Next()) {
boost::this_thread::interruption_point();
std::pair<char, uint256> key;
if (pcursor->GetKey(key) && key.first == DB_SAPLING_NULLIFIER) {
fileout << key.second; hasher << key.second;
n++;
} else break;
}
if (n != header.nSaplingNullifiers) { strError = "sapling nullifier count changed during dump"; return false; }
}
hashRet = hasher.GetHash();
fileout << hashRet; // trailing content hash (not fed into the hasher)
return true;
}
bool CCoinsViewDB::LoadSnapshot(const std::string &path, const uint256 &expectedHash, bool fRequireExpected,
CUTXOSnapshotHeader &headerRet, uint256 &hashRet, std::string &strError)
{
uint32_t netmagic = 0;
memcpy(&netmagic, Params().MessageStart(), 4);
// ---- Pass 1: read + verify integrity (and the trusted hash) WITHOUT writing to the DB ----
CUTXOSnapshotHeader header;
uint256 computed;
{
FILE *f = fopen(path.c_str(), "rb");
if (f == nullptr) { strError = "cannot open snapshot file: " + path; return false; }
CAutoFile filein(f, SER_DISK, CLIENT_VERSION);
CHashWriter hasher(SER_GETHASH, PROTOCOL_VERSION);
try {
filein >> header; hasher << header;
if (header.nMagic != UTXO_SNAPSHOT_MAGIC) { strError = "not a DragonX UTXO snapshot (bad magic)"; return false; }
if (header.nVersion != UTXO_SNAPSHOT_VERSION) { strError = "unsupported snapshot version"; return false; }
if (header.nNetworkMagic != netmagic) { strError = "snapshot is for a different network"; return false; }
for (uint64_t i = 0; i < header.nCoins; i++) {
boost::this_thread::interruption_point();
uint256 txid; CCoins coins;
filein >> txid; filein >> coins;
hasher << txid; hasher << coins;
}
for (uint64_t i = 0; i < header.nSaplingAnchors; i++) {
boost::this_thread::interruption_point();
uint256 root; SaplingMerkleTree tree;
filein >> root; filein >> tree;
hasher << root; hasher << tree;
}
for (uint64_t i = 0; i < header.nSaplingNullifiers; i++) {
boost::this_thread::interruption_point();
uint256 nf;
filein >> nf;
hasher << nf;
}
uint256 stored;
filein >> stored;
computed = hasher.GetHash();
if (computed != stored) { strError = "snapshot content hash mismatch (corrupt or truncated)"; return false; }
} catch (const std::exception &e) {
strError = std::string("error reading snapshot: ") + e.what();
return false;
}
}
if (fRequireExpected && computed != expectedHash) {
strError = "snapshot hash does not match the trusted value hardcoded for this network";
return false;
}
hashRet = computed;
headerRet = header;
// ---- Pass 2: apply to the (empty) chainstate DB in bounded batches ----
const size_t CHUNK = 100000;
CCoinsMap mapCoins;
CAnchorsSproutMap mapSproutAnchors; // unused on this chain, always empty
CAnchorsSaplingMap mapSaplingAnchors;
CNullifiersMap mapSproutNullifiers; // unused, always empty
CNullifiersMap mapSaplingNullifiers;
{
FILE *f = fopen(path.c_str(), "rb");
if (f == nullptr) { strError = "cannot reopen snapshot file: " + path; return false; }
CAutoFile filein(f, SER_DISK, CLIENT_VERSION);
try {
CUTXOSnapshotHeader hdr2;
filein >> hdr2; // header already validated in pass 1
for (uint64_t i = 0; i < header.nCoins; i++) {
boost::this_thread::interruption_point();
uint256 txid; CCoins coins;
filein >> txid; filein >> coins;
CCoinsCacheEntry &e = mapCoins[txid];
e.coins = coins;
e.flags = CCoinsCacheEntry::DIRTY;
if (mapCoins.size() >= CHUNK) {
if (!BatchWrite(mapCoins, uint256(), uint256(), uint256(), mapSproutAnchors, mapSaplingAnchors, mapSproutNullifiers, mapSaplingNullifiers))
{ strError = "batch write failed (coins)"; return false; }
mapCoins.clear();
}
}
if (!mapCoins.empty()) {
if (!BatchWrite(mapCoins, uint256(), uint256(), uint256(), mapSproutAnchors, mapSaplingAnchors, mapSproutNullifiers, mapSaplingNullifiers))
{ strError = "batch write failed (coins remainder)"; return false; }
mapCoins.clear();
}
for (uint64_t i = 0; i < header.nSaplingAnchors; i++) {
boost::this_thread::interruption_point();
uint256 root; SaplingMerkleTree tree;
filein >> root; filein >> tree;
CAnchorsSaplingCacheEntry &e = mapSaplingAnchors[root];
e.entered = true;
e.tree = tree;
e.flags = CAnchorsSaplingCacheEntry::DIRTY;
if (mapSaplingAnchors.size() >= CHUNK) {
if (!BatchWrite(mapCoins, uint256(), uint256(), uint256(), mapSproutAnchors, mapSaplingAnchors, mapSproutNullifiers, mapSaplingNullifiers))
{ strError = "batch write failed (anchors)"; return false; }
mapSaplingAnchors.clear();
}
}
if (!mapSaplingAnchors.empty()) {
if (!BatchWrite(mapCoins, uint256(), uint256(), uint256(), mapSproutAnchors, mapSaplingAnchors, mapSproutNullifiers, mapSaplingNullifiers))
{ strError = "batch write failed (anchors remainder)"; return false; }
mapSaplingAnchors.clear();
}
for (uint64_t i = 0; i < header.nSaplingNullifiers; i++) {
boost::this_thread::interruption_point();
uint256 nf;
filein >> nf;
CNullifiersCacheEntry &e = mapSaplingNullifiers[nf];
e.entered = true;
e.flags = CNullifiersCacheEntry::DIRTY;
if (mapSaplingNullifiers.size() >= CHUNK) {
if (!BatchWrite(mapCoins, uint256(), uint256(), uint256(), mapSproutAnchors, mapSaplingAnchors, mapSproutNullifiers, mapSaplingNullifiers))
{ strError = "batch write failed (nullifiers)"; return false; }
mapSaplingNullifiers.clear();
}
}
} catch (const std::exception &e) {
strError = std::string("error applying snapshot: ") + e.what();
return false;
}
}
// Final write: flush any remaining nullifiers AND set the best-block / best-sapling-anchor
// pointers, so GetBestBlock()==H and GetBestAnchor(SAPLING) resolve after load.
if (!BatchWrite(mapCoins, header.baseBlockHash, uint256(), header.bestSaplingAnchor,
mapSproutAnchors, mapSaplingAnchors, mapSproutNullifiers, mapSaplingNullifiers))
{ strError = "final batch write failed"; return false; }
return true;
}
bool CBlockTreeDB::WriteBatchSync(const std::vector<std::pair<int, const CBlockFileInfo*> >& fileInfo, int nLastFile, const std::vector<CBlockIndex*>& blockinfo) { bool CBlockTreeDB::WriteBatchSync(const std::vector<std::pair<int, const CBlockFileInfo*> >& fileInfo, int nLastFile, const std::vector<CBlockIndex*>& blockinfo) {
CDBBatch batch(*this); CDBBatch batch(*this);
if (fDebug) if (fDebug)
@@ -884,14 +655,6 @@ bool CBlockTreeDB::ReadFlag(const std::string &name, bool &fValue) const {
return true; return true;
} }
bool CBlockTreeDB::WriteAssumeutxoHeight(int nHeight) {
return Write(std::make_pair(DB_FLAG, std::string("assumeutxoheight")), nHeight);
}
bool CBlockTreeDB::ReadAssumeutxoHeight(int &nHeight) const {
return Read(std::make_pair(DB_FLAG, std::string("assumeutxoheight")), nHeight);
}
void hush_index2pubkey33(uint8_t *pubkey33,CBlockIndex *pindex,int32_t height); void hush_index2pubkey33(uint8_t *pubkey33,CBlockIndex *pindex,int32_t height);
bool CBlockTreeDB::blockOnchainActive(const uint256 &hash) { bool CBlockTreeDB::blockOnchainActive(const uint256 &hash) {

71
src/txdb.h
View File

@@ -56,61 +56,6 @@ static const int64_t nMaxDbCache = sizeof(void*) > 4 ? 16384 : 1024;
//! min. -dbcache in (MiB) //! min. -dbcache in (MiB)
static const int64_t nMinDbCache = 4; static const int64_t nMinDbCache = 4;
/** Magic + version for the trusted UTXO-snapshot (assumeutxo-style) file format. */
static const uint32_t UTXO_SNAPSHOT_MAGIC = 0x58535844; // 'DXSX'
static const uint8_t UTXO_SNAPSHOT_VERSION = 1;
/**
* Header of a trusted chainstate snapshot taken at a final height H. On this private
* chain the chainstate is more than transparent UTXOs, so the snapshot also carries the
* Sapling commitment trees, the nullifier set, the best Sapling anchor and the pool value.
*
* File layout: [CUTXOSnapshotHeader]
* nCoins × (uint256 txid, CCoins)
* nSaplingAnchors × (uint256 root, SaplingMerkleTree)
* nSaplingNullifiers × (uint256 nullifier)
* uint256 contentHash // hash over everything above (NOT itself)
*/
struct CUTXOSnapshotHeader
{
uint32_t nMagic;
uint8_t nVersion;
uint32_t nNetworkMagic; // Params().MessageStart() as uint32 — prevents cross-network use
uint256 baseBlockHash; // hash of block H (the snapshot tip)
int32_t nHeight; // H
uint64_t nChainTx; // cumulative tx count at H (needed for tip fix-up)
uint8_t fHasChainSaplingValue;
int64_t nChainSaplingValue; // cumulative Sapling pool value at H (valid iff fHasChainSaplingValue)
uint256 bestSaplingAnchor; // best Sapling anchor root at H
uint64_t nCoins;
uint64_t nSaplingAnchors;
uint64_t nSaplingNullifiers;
CUTXOSnapshotHeader() { SetNull(); }
void SetNull() {
nMagic = 0; nVersion = 0; nNetworkMagic = 0; baseBlockHash.SetNull();
nHeight = 0; nChainTx = 0; fHasChainSaplingValue = 0; nChainSaplingValue = 0;
bestSaplingAnchor.SetNull(); nCoins = 0; nSaplingAnchors = 0; nSaplingNullifiers = 0;
}
ADD_SERIALIZE_METHODS;
template <typename Stream, typename Operation>
inline void SerializationOp(Stream& s, Operation ser_action) {
READWRITE(nMagic);
READWRITE(nVersion);
READWRITE(nNetworkMagic);
READWRITE(baseBlockHash);
READWRITE(nHeight);
READWRITE(nChainTx);
READWRITE(fHasChainSaplingValue);
READWRITE(nChainSaplingValue);
READWRITE(bestSaplingAnchor);
READWRITE(nCoins);
READWRITE(nSaplingAnchors);
READWRITE(nSaplingNullifiers);
}
};
/** CCoinsView backed by the coin database (chainstate/) */ /** CCoinsView backed by the coin database (chainstate/) */
class CCoinsViewDB : public CCoinsView class CCoinsViewDB : public CCoinsView
{ {
@@ -136,19 +81,6 @@ public:
CNullifiersMap &mapSproutNullifiers, CNullifiersMap &mapSproutNullifiers,
CNullifiersMap &mapSaplingNullifiers); CNullifiersMap &mapSaplingNullifiers);
bool GetStats(CCoinsStats &stats) const; bool GetStats(CCoinsStats &stats) const;
//! Stream the full chainstate at the current tip into a snapshot file (assumeutxo-style
//! producer). Caller fills the metadata fields of `header` (height, baseBlockHash, nChainTx,
//! pool value, bestSaplingAnchor); this fills the counts, writes the file, and returns the
//! content hash. Caller must hold cs_main and have flushed the cache to disk first.
bool DumpSnapshot(const std::string &path, CUTXOSnapshotHeader &header, uint256 &hashRet, std::string &strError) const;
//! Load a snapshot file produced by DumpSnapshot into the (empty) chainstate DB. Two passes:
//! pass 1 reads everything and verifies the internal content hash (and, if fRequireExpected,
//! that it equals expectedHash) WITHOUT touching the DB; pass 2 writes coins/anchors/nullifiers
//! plus the best-block / best-sapling-anchor pointers. Returns the header + computed hash.
bool LoadSnapshot(const std::string &path, const uint256 &expectedHash, bool fRequireExpected,
CUTXOSnapshotHeader &headerRet, uint256 &hashRet, std::string &strError);
}; };
/** Access to the block database (blocks/index/) */ /** Access to the block database (blocks/index/) */
@@ -185,9 +117,6 @@ public:
bool ReadTimestampBlockIndex(const uint256 &hash, unsigned int &logicalTS) const; bool ReadTimestampBlockIndex(const uint256 &hash, unsigned int &logicalTS) const;
bool WriteFlag(const std::string &name, bool fValue); bool WriteFlag(const std::string &name, bool fValue);
bool ReadFlag(const std::string &name, bool &fValue) const; bool ReadFlag(const std::string &name, bool &fValue) const;
//! Persist/restore the height of a loaded UTXO snapshot so the reorg-below-H guard survives restarts.
bool WriteAssumeutxoHeight(int nHeight);
bool ReadAssumeutxoHeight(int &nHeight) const;
bool LoadBlockIndexGuts(); bool LoadBlockIndexGuts();
bool blockOnchainActive(const uint256 &hash); bool blockOnchainActive(const uint256 &hash);
UniValue Snapshot(int top); UniValue Snapshot(int top);

15
src/validationinterface.cpp
View File

@@ -179,6 +179,13 @@ void ThreadNotifyWallets(CBlockIndex *pindexLastTip)
// Read block from disk. // Read block from disk.
CBlock block; CBlock block;
if (!ReadBlockFromDisk(block, pindexLastTip,1)) { if (!ReadBlockFromDisk(block, pindexLastTip,1)) {
if (IsInitialBlockDownload()) {
// During IBD, block data may not be flushed to disk yet.
// Sleep briefly and retry on the next cycle instead of crashing.
LogPrintf("%s: block at height %d not yet readable, will retry\n",
__func__, pindexLastTip->GetHeight());
break;
}
LogPrintf("*** %s\n", "Failed to read block while notifying wallets of block disconnects"); LogPrintf("*** %s\n", "Failed to read block while notifying wallets of block disconnects");
uiInterface.ThreadSafeMessageBox( uiInterface.ThreadSafeMessageBox(
_("Error: A fatal internal error occurred, see debug.log for details"), _("Error: A fatal internal error occurred, see debug.log for details"),
@@ -206,6 +213,14 @@ void ThreadNotifyWallets(CBlockIndex *pindexLastTip)
// Read block from disk. // Read block from disk.
CBlock block; CBlock block;
if (!ReadBlockFromDisk(block, blockData.pindex, 1)) { if (!ReadBlockFromDisk(block, blockData.pindex, 1)) {
if (IsInitialBlockDownload()) {
// During IBD, block data may not be flushed to disk yet.
// Push unprocessed blocks back and retry on the next cycle.
LogPrintf("%s: block at height %d not yet readable, will retry\n",
__func__, blockData.pindex->GetHeight());
blockStack.push_back(blockData);
break;
}
LogPrintf("*** %s\n", "Failed to read block while notifying wallets of block connects"); LogPrintf("*** %s\n", "Failed to read block while notifying wallets of block connects");
uiInterface.ThreadSafeMessageBox( uiInterface.ThreadSafeMessageBox(
_("Error: A fatal internal error occurred, see debug.log for details"), _("Error: A fatal internal error occurred, see debug.log for details"),

337
src/wallet/wallet.cpp
View File

@@ -39,11 +39,6 @@
#include "coins.h" #include "coins.h"
#include "wallet/asyncrpcoperation_saplingconsolidation.h" #include "wallet/asyncrpcoperation_saplingconsolidation.h"
#include "wallet/asyncrpcoperation_sweep.h" #include "wallet/asyncrpcoperation_sweep.h"
#include <random>
#include <limits>
#include <thread>
#include <atomic>
#include <mutex>
#include "zcash/zip32.h" #include "zcash/zip32.h"
#include "cc/CCinclude.h" #include "cc/CCinclude.h"
#include <assert.h> #include <assert.h>
@@ -993,22 +988,11 @@ void CWallet::DecrementNoteWitnesses(const CBlockIndex* pindex)
if (nd->nullifier && pwalletMain->GetSaplingSpendDepth(*item.second.nullifier) <= WITNESS_CACHE_SIZE) { if (nd->nullifier && pwalletMain->GetSaplingSpendDepth(*item.second.nullifier) <= WITNESS_CACHE_SIZE) {
// Only decrement witnesses that are not above the current height // Only decrement witnesses that are not above the current height
if (nd->witnessHeight <= pindex->GetHeight()) { if (nd->witnessHeight <= pindex->GetHeight()) {
//PART B1: a rolled-back note must re-validate on reconnect (flag is in-memory only).
nd->witnessRootValidated = false;
if (nd->witnesses.size() > 1) { if (nd->witnesses.size() > 1) {
// indexHeight is the height of the block being removed, so // indexHeight is the height of the block being removed, so
// the new witness cache height is one below it. // the new witness cache height is one below it.
nd->witnesses.pop_front(); nd->witnesses.pop_front();
nd->witnessHeight = pindex->GetHeight() - 1; nd->witnessHeight = pindex->GetHeight() - 1;
} else {
//PART B1: with only the base witness left we cannot pop_front without emptying
//the cache, but we must NOT leave witnessHeight stranded above the disconnected
//tip (that high-height/stale-witness state is the desync originator). Force a
//clean reseed on reconnect instead of lying about the height. (Inlined because
//ClearSingleNoteWitnessCache is defined later in this file.)
nd->witnesses.clear();
nd->witnessHeight = -1;
nd->witnessRootValidated = false;
} }
} }
} }
@@ -1074,23 +1058,10 @@ int CWallet::VerifyAndSetInitialWitness(const CBlockIndex* pindex, bool witnessO
continue; continue;
} }
//PART A: a witness whose height is at/above the build height must NOT be blindly trusted. //Skip Validation when witness height is greater that block height
//Validate its root against the canonical sapling root at witnessHeight when that block is
//on the active chain. Match -> safe to skip. Mismatch (witnessHeight advanced past the real
//witness state = the desync signature) -> fall through to ClearSingleNoteWitnessCache + reseed.
if (nd->witnessHeight > pindex->GetHeight() - 1) { if (nd->witnessHeight > pindex->GetHeight() - 1) {
CBlockIndex* whIndex = chainActive[nd->witnessHeight]; nMinimumHeight = SaplingWitnessMinimumHeight(*item.second.nullifier, nd->witnessHeight, nMinimumHeight);
if (whIndex == NULL) { continue;
//witnessHeight strictly above the active chain (transient catch-up): cannot validate yet
nMinimumHeight = SaplingWitnessMinimumHeight(*item.second.nullifier, nd->witnessHeight, nMinimumHeight);
continue;
}
if (nd->witnesses.front().root() == whIndex->hashFinalSaplingRoot) {
nd->witnessRootValidated = true;
nMinimumHeight = SaplingWitnessMinimumHeight(*item.second.nullifier, nd->witnessHeight, nMinimumHeight);
continue;
}
//root mismatch on the active chain -> desynced; fall through to rebuild below
} }
//Validate the witness at the witness height //Validate the witness at the witness height
@@ -1172,206 +1143,74 @@ void CWallet::BuildWitnessCache(const CBlockIndex* pindex, bool witnessOnly)
return; return;
} }
uint256 saplingRoot;
CBlockIndex* pblockindex = chainActive[startHeight];
int height = chainActive.Height();
if(fZdebug) if(fZdebug)
LogPrintf("%s: startHeight=%d, tip=%d\n", __func__, startHeight, chainActive.Height()); LogPrintf("%s: height=%d, startHeight=%d\n", __func__, height, startHeight);
// Tier 1 optimization: build the set of notes that still need extension ONCE instead of while (pblockindex) {
// rescanning all of mapWallet for every block. A note's gate conditions (nullifier present, if (ShutdownRequested()) {
// spend depth <= WITNESS_CACHE_SIZE, tx confirmed) are invariant across this loop (the active LogPrintf("%s: shutdown requested, aborting building witnesses\n", __func__);
// chain is fixed under cs_main), so they are evaluated once here rather than per block. A note break;
// becomes "active" at the block where witnessHeight == GetHeight()-1 (exactly the original
// per-block gate) and is then extended every subsequent block, so the produced witnesses are
// byte-for-byte identical to the original full-rescan implementation -- only the bookkeeping
// cost changes from O(blocks * walletSize) to O(blocks + activeNotes).
struct PendingNote { int startWitnessHeight; SaplingNoteData* nd; };
std::vector<PendingNote> pending;
for (std::pair<const uint256, CWalletTx>& wtxItem : mapWallet) {
if (wtxItem.second.mapSaplingNoteData.empty())
continue;
if (wtxItem.second.GetDepthInMainChain() <= 0)
continue;
for (mapSaplingNoteData_t::value_type& item : wtxItem.second.mapSaplingNoteData) {
SaplingNoteData* nd = &(item.second);
if (!nd->nullifier)
continue;
if (nd->witnesses.empty()) // cannot extend (front() would be UB); the original gate also never matched these in practice
continue;
if (GetSaplingSpendDepth(*nd->nullifier) > WITNESS_CACHE_SIZE)
continue;
// Only notes that still lag the build target need extension. The lowest such witnessHeight
// is exactly startHeight-1 (startHeight = nMinimumHeight+1 from SaplingWitnessMinimumHeight).
if (nd->witnessHeight >= startHeight - 1 && nd->witnessHeight <= pindex->GetHeight() - 1)
pending.push_back({ nd->witnessHeight, nd });
} }
} if(pwalletMain->fAbortRescan) {
std::sort(pending.begin(), pending.end(), LogPrintf("%s: rescan aborted at block %d, stopping witness building\n", pwalletMain->rescanHeight);
[](const PendingNote& a, const PendingNote& b) { return a.startWitnessHeight < b.startWitnessHeight; });
// Phase 1 (serial, main thread under cs_main/cs_wallet): extract the per-block Sapling
// commitments for [startHeight, tip] into memory. This is the only part touching chain/disk;
// profiling showed it is ~1% of rebuild time. ~9MB for a full-chain range.
const int tipHeight = pindex->GetHeight();
const int rangeLen = tipHeight - startHeight + 1;
std::vector<std::vector<uint256>> blockCms(rangeLen > 0 ? rangeLen : 0);
int64_t tRead = 0;
{
int64_t r0 = GetTimeMicros();
CBlockIndex* pbi = chainActive[startHeight];
while (pbi) {
if (ShutdownRequested()) {
LogPrintf("%s: shutdown requested, aborting witness rebuild\n", __func__);
return;
}
if (pwalletMain->fAbortRescan) {
LogPrintf("%s: rescan aborted during witness rebuild\n", __func__);
pwalletMain->fRescanning = false; pwalletMain->fRescanning = false;
return; return;
}
int h = pbi->GetHeight();
if (h % 5000 == 0 && h < tipHeight - 5)
LogPrintf("Reading blocks for witness rebuild: %d / %d\n", h - startHeight, rangeLen);
CBlock block;
if (!ReadBlockFromDisk(block, pbi, 1)) {
throw std::runtime_error(strprintf("Cannot read block height %d from disk", h));
}
std::vector<uint256>& cms = blockCms[h - startHeight];
for (const CTransaction& tx : block.vtx)
for (uint32_t i = 0; i < tx.vShieldedOutput.size(); i++)
cms.push_back(tx.vShieldedOutput[i].cm);
if (pbi == pindex) break;
pbi = chainActive.Next(pbi);
} }
tRead = GetTimeMicros() - r0;
}
// Phase 2 (parallel): each note's witness extension is independent, so partition the lagging if (pblockindex->GetHeight() % 100 == 0 && pblockindex->GetHeight() < height - 5) {
// notes across worker threads. Workers touch ONLY their own notes' witness lists plus the LogPrintf("Building Witnesses for block %i %.4f complete, %d remaining\n", pblockindex->GetHeight(), pblockindex->GetHeight() / double(height), height - pblockindex->GetHeight() );
// read-only commitment cache -- no locks, no chain access -- while the main thread keeps }
// cs_main/cs_wallet held throughout. Round-robin assignment over the start-sorted `pending`
// spreads the long (low-start) notes across threads. Produces witnesses byte-identical to the
// serial path: every note is extended over exactly its [witnessHeight+1, tip] block range, in
// order, appending each block's commitments.
std::vector<SaplingNoteData*> work;
work.reserve(pending.size());
for (const PendingNote& p : pending) work.push_back(p.nd);
// Only a substantial bulk rebuild (e.g. a one-time post-upgrade repair) is worth parallelizing SaplingMerkleTree saplingTree;
// and logging; routine 1-block tip extension runs serially to avoid per-block thread-spawn saplingRoot = pblockindex->pprev->hashFinalSaplingRoot;
// overhead and log spam. pcoinsTip->GetSaplingAnchorAt(saplingRoot, saplingTree);
const bool bulkRebuild = (rangeLen > 100);
int nPar = (int)GetArg("-witnessbuildthreads", 0); //Cycle through blocks and transactions building sapling tree until the commitment needed is reached
if (nPar <= 0) nPar = (int)std::thread::hardware_concurrency(); CBlock block;
if (nPar <= 0) nPar = 1; if (!ReadBlockFromDisk(block, pblockindex, 1)) {
if (nPar > (int)work.size()) nPar = (int)work.size(); throw std::runtime_error(
if (nPar < 1) nPar = 1; strprintf("Cannot read block height %d (%s) from disk", pindex->GetHeight(), pindex->GetBlockHash().GetHex()));
if (!bulkRebuild) nPar = 1; }
std::atomic<bool> failed(false); for (std::pair<const uint256, CWalletTx>& wtxItem : mapWallet) {
std::mutex failMtx;
std::string failMsg;
const int CACHE = (int)WITNESS_CACHE_SIZE; if (wtxItem.second.mapSaplingNoteData.empty())
// Tier 2b: advance one witness in place for the deep part (no per-block heap clone), then continue;
// materialize only the final CACHE snapshots. -witnessfastrebuild=0 forces the reference
// clone-every-block path for A/B verification.
bool fastRebuild = GetBoolArg("-witnessfastrebuild", true);
auto worker = [&](int tid) { if (wtxItem.second.GetDepthInMainChain() > 0) {
try {
for (size_t k = (size_t)tid; k < work.size(); k += (size_t)nPar) { //Sapling
SaplingNoteData* nd = work[k]; for (mapSaplingNoteData_t::value_type& item : wtxItem.second.mapSaplingNoteData) {
int startH = nd->witnessHeight; auto* nd = &(item.second);
int nBlocks = tipHeight - startH; if (nd->nullifier && nd->witnessHeight == pblockindex->GetHeight() - 1
if (nBlocks <= 0) && GetSaplingSpendDepth(*item.second.nullifier) <= WITNESS_CACHE_SIZE) {
continue;
if (!fastRebuild || nBlocks <= CACHE) {
// Reference / shallow path: clone every block (preserves pre-existing older snapshots).
for (int h = startH + 1; h <= tipHeight; h++) {
nd->witnesses.push_front(nd->witnesses.front()); nd->witnesses.push_front(nd->witnesses.front());
while ((int)nd->witnesses.size() > CACHE) while (nd->witnesses.size() > WITNESS_CACHE_SIZE) {
nd->witnesses.pop_back(); nd->witnesses.pop_back();
const std::vector<uint256>& cms = blockCms[h - startHeight];
for (size_t c = 0; c < cms.size(); c++)
nd->witnesses.front().append(cms[c]);
nd->witnessHeight = h;
}
} else {
// Deep fast path: advance ONE witness in place through [startH+1, tipHeight-CACHE]
// with no per-block clone, then build only the final CACHE snapshots. The reference
// loop pops all but the last CACHE snapshots, so the resulting deque is identical
// ([W@tip .. W@(tip-CACHE+1)]), but with ~CACHE heap allocations instead of ~nBlocks.
int deepEnd = tipHeight - CACHE;
{
SaplingWitness& w = nd->witnesses.front();
for (int h = startH + 1; h <= deepEnd; h++) {
const std::vector<uint256>& cms = blockCms[h - startHeight];
for (size_t c = 0; c < cms.size(); c++)
w.append(cms[c]);
} }
for (const CTransaction& tx : block.vtx) {
for (uint32_t i = 0; i < tx.vShieldedOutput.size(); i++) {
const uint256& note_commitment = tx.vShieldedOutput[i].cm;
nd->witnesses.front().append(note_commitment);
}
}
nd->witnessHeight = pblockindex->GetHeight();
} }
// Drop pre-existing older snapshots; keep only the advanced front (W@deepEnd).
while (nd->witnesses.size() > 1)
nd->witnesses.pop_back();
// Materialize the last CACHE snapshots (heights deepEnd+1 .. tip).
for (int h = deepEnd + 1; h <= tipHeight; h++) {
nd->witnesses.push_front(nd->witnesses.front());
const std::vector<uint256>& cms = blockCms[h - startHeight];
for (size_t c = 0; c < cms.size(); c++)
nd->witnesses.front().append(cms[c]);
}
while ((int)nd->witnesses.size() > CACHE)
nd->witnesses.pop_back();
nd->witnessHeight = tipHeight;
} }
} }
} catch (const std::exception& e) {
std::lock_guard<std::mutex> lk(failMtx);
if (failMsg.empty()) failMsg = e.what();
failed = true;
} catch (...) {
failed = true;
} }
};
int64_t e0 = GetTimeMicros(); if (pblockindex == pindex)
if (nPar <= 1) { break;
worker(0);
} else {
std::vector<std::thread> threads;
threads.reserve(nPar);
for (int t = 0; t < nPar; t++) threads.emplace_back(worker, t);
for (std::thread& th : threads) th.join();
}
int64_t tExtend = GetTimeMicros() - e0;
if (failed) pblockindex = chainActive.Next(pblockindex);
throw std::runtime_error(std::string("Witness rebuild worker failed: ") + (failMsg.empty() ? "unknown" : failMsg));
// Latch the rebuilt notes as validated so they are not re-validated and reseeded on every
// subsequent block connect. Without this, any note whose witness cannot be reconstructed to
// the canonical anchor (e.g. legacy corruption) would be reseeded and fully replayed on every
// block forever. A note whose rebuilt root still disagrees with the canonical finalsaplingroot
// is unrecoverable here: it is left flagged (the GetSaplingNoteWitnesses majority-anchor guard
// skips it for spends) and reported, rather than spun on indefinitely. witnessRootValidated is
// in-memory only, so a fresh validation pass still runs on each restart and after any reorg
// (DecrementNoteWitnesses clears it), keeping the heal self-correcting.
if (!work.empty()) {
const uint256& canonicalRoot = pindex->hashFinalSaplingRoot;
int nUnrecoverable = 0;
for (SaplingNoteData* nd : work) {
if (nd->witnesses.empty() || nd->witnesses.front().root() != canonicalRoot)
nUnrecoverable++;
nd->witnessRootValidated = true;
}
if (bulkRebuild) {
LogPrintf("%s: rebuilt %u note witness cache(s) to height %d in %ldms using %d thread(s)%s\n",
__func__, (unsigned)work.size(), tipHeight, (long)((tRead + tExtend) / 1000), nPar,
nUnrecoverable
? strprintf(" [WARNING: %d note(s) could not be rebuilt to the canonical anchor and were skipped]", nUnrecoverable).c_str()
: "");
}
} }
} }
@@ -1752,11 +1591,8 @@ bool CWallet::UpdatedNoteData(const CWalletTx& wtxIn, CWalletTx& wtx)
if (tmp.count(nd.first) && nd.second.witnesses.size() > 0) { if (tmp.count(nd.first) && nd.second.witnesses.size() > 0) {
tmp.at(nd.first).witnesses.assign( tmp.at(nd.first).witnesses.assign(
nd.second.witnesses.cbegin(), nd.second.witnesses.cend()); nd.second.witnesses.cbegin(), nd.second.witnesses.cend());
//PART B2: only carry over witnessHeight TOGETHER with the witnesses it describes.
//Copying it unconditionally (when witnesses are NOT copied) advances the height past
//the actual witness state for a whole tx's notes at once = the batch desync originator.
tmp.at(nd.first).witnessHeight = nd.second.witnessHeight;
} }
tmp.at(nd.first).witnessHeight = nd.second.witnessHeight;
} }
// Now copy over the updated note data // Now copy over the updated note data
@@ -1995,54 +1831,37 @@ void CWallet::GetSaplingNoteWitnesses(std::vector<SaplingOutPoint> notes,
uint256 &final_anchor) uint256 &final_anchor)
{ {
LOCK(cs_wallet); LOCK(cs_wallet);
witnesses.clear();
witnesses.resize(notes.size()); witnesses.resize(notes.size());
boost::optional<uint256> rt;
int i = 0;
for (SaplingOutPoint note : notes) {
//fprintf(stderr,"%s: i=%d\n", __func__,i);
auto noteData = mapWallet[note.hash].mapSaplingNoteData;
auto nWitnesses = noteData[note].witnesses.size();
if (mapWallet.count(note.hash) && noteData.count(note) && nWitnesses > 0) {
fprintf(stderr,"%s: Found %lu witnesses for note %s...\n", __func__, nWitnesses, note.hash.ToString().substr(0,8).c_str() );
witnesses[i] = noteData[note].witnesses.front();
if (!rt) {
//fprintf(stderr,"%s: Setting witness root\n",__func__);
rt = witnesses[i]->root();
} else {
if(*rt == witnesses[i]->root()) {
} else {
// Something is fucky
std::string err = string("CWallet::GetSaplingNoteWitnesses: Invalid witness root! rt=") + rt.get().ToString();
err += string("\n!= witness[i]->root()=") + witnesses[i]->root().ToString();
fprintf(stderr,"%s: IGNORING %s\n", __func__,err.c_str());
}
// Pass 1: collect each note's most-recent cached witness and tally roots. Use find() so we do }
// NOT default-construct mapWallet / mapSaplingNoteData entries (the original indexed
// mapWallet[note.hash] BEFORE its own count() guard, silently inserting empty entries).
std::vector<boost::optional<SaplingWitness>> cand(notes.size());
std::map<uint256, int> rootVotes;
for (size_t i = 0; i < notes.size(); i++) {
const SaplingOutPoint& note = notes[i];
auto wi = mapWallet.find(note.hash);
if (wi == mapWallet.end())
continue;
const mapSaplingNoteData_t& noteData = wi->second.mapSaplingNoteData;
auto ni = noteData.find(note);
if (ni == noteData.end() || ni->second.witnesses.empty())
continue;
cand[i] = ni->second.witnesses.front();
rootVotes[cand[i]->root()]++;
}
// Choose the anchor that the most witnesses agree on (robust even when the FIRST note is the
// desynced one - the original code blindly took the first note's root as the anchor).
boost::optional<uint256> anchor;
int bestVotes = 0;
for (const std::pair<uint256, int>& rv : rootVotes) {
if (rv.second > bestVotes) { bestVotes = rv.second; anchor = rv.first; }
}
// Pass 2: only emit witnesses whose root matches the common anchor. A desynced witness is left
// as boost::none rather than returned: handing the spend prover a witness whose root disagrees
// with the anchor guarantees a "Failed to build transaction". Note selection / callers skip
// notes that have no usable witness (see asyncrpcoperation_*: "Missing witness for Sapling note").
for (size_t i = 0; i < notes.size(); i++) {
if (cand[i] && anchor && cand[i]->root() == *anchor) {
witnesses[i] = cand[i];
} else {
if (cand[i])
LogPrintf("%s: note %s has a desynced witness (root=%s != anchor=%s); skipping it\n",
__func__, notes[i].hash.ToString().substr(0, 16).c_str(),
cand[i]->root().ToString().c_str(),
anchor ? anchor->ToString().c_str() : "none");
witnesses[i] = boost::none;
} }
i++;
}
// All returned witnesses have the same anchor
if (rt) {
final_anchor = *rt;
//fprintf(stderr,"%s: final_anchor=%s\n", __func__, rt.get().ToString().c_str() );
} }
if (anchor)
final_anchor = *anchor;
} }
isminetype CWallet::IsMine(const CTxIn &txin) const isminetype CWallet::IsMine(const CTxIn &txin) const
@@ -3597,7 +3416,7 @@ bool CWallet::SelectCoinsMinConf(const CAmount& nTargetValue, int nConfMine, int
vector<pair<CAmount, pair<const CWalletTx*,unsigned int> > > vValue; vector<pair<CAmount, pair<const CWalletTx*,unsigned int> > > vValue;
CAmount nTotalLower = 0; CAmount nTotalLower = 0;
std::shuffle(vCoins.begin(), vCoins.end(), std::mt19937(GetRand(std::numeric_limits<uint32_t>::max()))); random_shuffle(vCoins.begin(), vCoins.end(), GetRandInt);
BOOST_FOREACH(const COutput &output, vCoins) BOOST_FOREACH(const COutput &output, vCoins)
{ {

4
src/wallet/wallet.h
View File

@@ -311,9 +311,7 @@ public:
boost::optional<uint256> nullifier; boost::optional<uint256> nullifier;
//In Memory Only //In Memory Only
// Never serialized (see SerializationOp): must default false so a garbage value can't bool witnessRootValidated;
// read true and short-circuit the witness self-heal in VerifyAndSetInitialWitness.
bool witnessRootValidated = false;
ADD_SERIALIZE_METHODS; ADD_SERIALIZE_METHODS;

264
util/bootstrap-dragonx.bat
View File

@@ -1,264 +0,0 @@
@echo off
REM Copyright 2024 The Hush Developers
REM Copyright 2024 The DragonX Developers
REM Released under the GPLv3
REM
REM Download and apply a DRAGONX blockchain bootstrap on Windows.
REM Safely preserves wallet.dat and configuration files.
setlocal enabledelayedexpansion
set "BOOTSTRAP_BASE_URL=https://bootstrap.dragonx.is"
set "BOOTSTRAP_FALLBACK_URL=https://bootstrap2.dragonx.is"
set "BOOTSTRAP_FILE=DRAGONX.zip"
set "CHAIN_NAME=DRAGONX"
REM Data directory on Windows
set "DATADIR=%APPDATA%\Hush\%CHAIN_NAME%"
REM Find dragonx-cli relative to this script
set "CLI="
set "SCRIPT_DIR=%~dp0"
if exist "%SCRIPT_DIR%dragonx-cli.exe" (
set "CLI=%SCRIPT_DIR%dragonx-cli.exe"
)
echo ============================================
echo DragonX Bootstrap Installer
echo ============================================
echo.
echo [INFO] Data directory: %DATADIR%
echo.
REM Step 1: Stop daemon if running
call :stop_daemon
if errorlevel 1 goto :error_exit
REM Step 2: Clean old chain data
call :clean_chain_data
if errorlevel 1 goto :error_exit
REM Step 3: Download bootstrap
call :download_bootstrap
if errorlevel 1 goto :error_exit
REM Step 4: Extract bootstrap
call :extract_bootstrap
if errorlevel 1 goto :error_exit
echo.
echo [INFO] Bootstrap installation complete!
echo [INFO] You can now start DragonX with: dragonxd.exe
echo.
goto :EOF
REM ============================================
REM Stop daemon if running
REM ============================================
:stop_daemon
if "%CLI%"=="" (
echo [WARN] dragonx-cli.exe not found next to this script.
echo [WARN] Please make sure the DragonX daemon is stopped before continuing.
set /p "ANSWER=Is the DragonX daemon stopped? (y/N): "
if /i not "!ANSWER!"=="y" (
echo [ERROR] Please stop the daemon first and run this script again.
exit /b 1
)
exit /b 0
)
"%CLI%" getinfo >nul 2>&1
if errorlevel 1 (
echo [INFO] Daemon is not running.
exit /b 0
)
echo [INFO] Stopping DragonX daemon...
"%CLI%" stop >nul 2>&1
set "TRIES=0"
:wait_loop
"%CLI%" getinfo >nul 2>&1
if errorlevel 1 goto :daemon_stopped
timeout /t 2 /nobreak >nul
set /a TRIES+=1
if %TRIES% geq 60 (
echo [ERROR] Daemon did not stop after 120 seconds. Please stop it manually and retry.
exit /b 1
)
goto :wait_loop
:daemon_stopped
echo [INFO] Daemon stopped.
exit /b 0
REM ============================================
REM Clean blockchain data, preserving wallet and config
REM ============================================
:clean_chain_data
if not exist "%DATADIR%" (
echo [INFO] Data directory does not exist yet, creating it.
mkdir "%DATADIR%"
exit /b 0
)
echo [INFO] Cleaning blockchain data from %DATADIR% ...
REM Preserve wallet.dat and config
set "TMPDIR=%TEMP%\dragonx-bootstrap-%RANDOM%"
mkdir "%TMPDIR%" 2>nul
for %%F in (wallet.dat DRAGONX.conf peers.dat) do (
if exist "%DATADIR%\%%F" (
copy /y "%DATADIR%\%%F" "%TMPDIR%\%%F" >nul
)
)
REM Remove blockchain directories and files
for %%D in (blocks chainstate notarizations komodo) do (
if exist "%DATADIR%\%%D" (
rmdir /s /q "%DATADIR%\%%D" 2>nul
)
)
for %%F in (db.log debug.log fee_estimates.dat banlist.dat) do (
if exist "%DATADIR%\%%F" (
del /f /q "%DATADIR%\%%F" 2>nul
)
)
REM Restore preserved files
for %%F in (wallet.dat DRAGONX.conf peers.dat) do (
if exist "%TMPDIR%\%%F" (
copy /y "%TMPDIR%\%%F" "%DATADIR%\%%F" >nul
)
)
rmdir /s /q "%TMPDIR%" 2>nul
echo [INFO] Blockchain data cleaned.
exit /b 0
REM ============================================
REM Download bootstrap (with fallback)
REM ============================================
:download_bootstrap
echo [INFO] Downloading bootstrap from %BOOTSTRAP_BASE_URL% ...
echo [INFO] This may take a while depending on your connection speed.
REM Try primary URL
call :do_download "%BOOTSTRAP_BASE_URL%"
if not errorlevel 1 goto :download_verify
echo [WARN] Primary download failed, trying fallback %BOOTSTRAP_FALLBACK_URL% ...
call :do_download "%BOOTSTRAP_FALLBACK_URL%"
if errorlevel 1 (
echo [ERROR] Download failed from both primary and fallback servers.
exit /b 1
)
:download_verify
echo [INFO] Bootstrap download complete.
REM Verify SHA256 checksum
echo [INFO] Verifying checksum...
pushd "%DATADIR%"
REM Read expected hash from the .sha256 file (format: "hash filename" or "hash *filename")
set "EXPECTED_HASH="
for /f "tokens=1" %%A in (%BOOTSTRAP_FILE%.sha256) do (
set "EXPECTED_HASH=%%A"
)
if "%EXPECTED_HASH%"=="" (
echo [WARN] Could not read expected checksum, skipping verification.
goto :verify_done
)
REM Use certutil to compute SHA256
certutil -hashfile "%BOOTSTRAP_FILE%" SHA256 > "%TEMP%\dragonx_hash.tmp" 2>nul
if errorlevel 1 (
echo [WARN] certutil not available, skipping checksum verification.
goto :verify_done
)
REM certutil outputs hash on the second line
set "ACTUAL_HASH="
set "LINE_NUM=0"
for /f "skip=1 tokens=*" %%H in (%TEMP%\dragonx_hash.tmp) do (
if not defined ACTUAL_HASH (
set "ACTUAL_HASH=%%H"
)
)
REM Remove spaces from certutil output
set "ACTUAL_HASH=!ACTUAL_HASH: =!"
del /f /q "%TEMP%\dragonx_hash.tmp" 2>nul
if /i "!ACTUAL_HASH!"=="!EXPECTED_HASH!" (
echo [INFO] SHA256 checksum verified.
) else (
echo [ERROR] SHA256 checksum verification failed! The download may be corrupted.
echo [ERROR] Expected: !EXPECTED_HASH!
echo [ERROR] Got: !ACTUAL_HASH!
popd
exit /b 1
)
:verify_done
REM Clean up checksum files
del /f /q "%BOOTSTRAP_FILE%.md5" 2>nul
del /f /q "%BOOTSTRAP_FILE%.sha256" 2>nul
popd
exit /b 0
REM ============================================
REM Download files from a given base URL
REM Usage: call :do_download "base_url"
REM ============================================
:do_download
set "BASE=%~1"
REM Use PowerShell to download (available on all modern Windows)
echo [INFO] Downloading %BASE%/%BOOTSTRAP_FILE% ...
powershell -NoProfile -Command ^
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; try { (New-Object Net.WebClient).DownloadFile('%BASE%/%BOOTSTRAP_FILE%', '%DATADIR%\%BOOTSTRAP_FILE%') } catch { exit 1 }"
if errorlevel 1 exit /b 1
echo [INFO] Downloading checksums...
powershell -NoProfile -Command ^
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; try { (New-Object Net.WebClient).DownloadFile('%BASE%/%BOOTSTRAP_FILE%.md5', '%DATADIR%\%BOOTSTRAP_FILE%.md5') } catch { exit 1 }"
if errorlevel 1 exit /b 1
powershell -NoProfile -Command ^
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; try { (New-Object Net.WebClient).DownloadFile('%BASE%/%BOOTSTRAP_FILE%.sha256', '%DATADIR%\%BOOTSTRAP_FILE%.sha256') } catch { exit 1 }"
if errorlevel 1 exit /b 1
exit /b 0
REM ============================================
REM Extract bootstrap zip
REM ============================================
:extract_bootstrap
echo [INFO] Extracting bootstrap...
pushd "%DATADIR%"
REM Use PowerShell to extract zip, excluding wallet.dat and .conf files
powershell -NoProfile -Command ^
"Add-Type -AssemblyName System.IO.Compression.FileSystem; $zip = [System.IO.Compression.ZipFile]::OpenRead('%DATADIR%\%BOOTSTRAP_FILE%'); foreach ($entry in $zip.Entries) { if ($entry.Name -eq 'wallet.dat' -or $entry.Name -like '*.conf') { continue } $dest = Join-Path '%DATADIR%' $entry.FullName; if ($entry.FullName.EndsWith('/')) { New-Item -ItemType Directory -Force -Path $dest | Out-Null } else { $parent = Split-Path $dest -Parent; if (-not (Test-Path $parent)) { New-Item -ItemType Directory -Force -Path $parent | Out-Null } [System.IO.Compression.ZipFileExtensions]::ExtractToFile($entry, $dest, $true) } }; $zip.Dispose()"
if errorlevel 1 (
echo [ERROR] Extraction failed.
popd
exit /b 1
)
echo [INFO] Bootstrap extracted successfully.
REM Clean up archive
del /f /q "%BOOTSTRAP_FILE%" 2>nul
echo [INFO] Removed downloaded archive to save disk space.
popd
exit /b 0
:error_exit
echo.
echo [ERROR] Bootstrap installation failed.
exit /b 1

97
util/bootstrap-dragonx.sh
View File

@@ -9,24 +9,9 @@
set -euo pipefail set -euo pipefail
BOOTSTRAP_BASE_URL="https://bootstrap.dragonx.is" BOOTSTRAP_BASE_URL="https://bootstrap.dragonx.is"
BOOTSTRAP_FALLBACK_URL="https://bootstrap2.dragonx.is"
BOOTSTRAP_FILE="DRAGONX.zip" BOOTSTRAP_FILE="DRAGONX.zip"
CHAIN_NAME="DRAGONX" CHAIN_NAME="DRAGONX"
# DragonX bootstrap signing public key (PEM, openssl-compatible).
# WHY: the .md5/.sha256 files are served from the same host as the archive, so they
# only detect transmission corruption — a compromised bootstrap server could publish a
# malicious archive with matching checksums. A detached signature verified against THIS
# embedded public key (shipped in the repo, not downloaded) closes that gap: a bad server
# cannot forge a signature without the maintainer's offline private key.
#
# ROLLOUT: until the maintainer embeds a real key here and publishes DRAGONX.zip.sig,
# this stays as the placeholder and signature enforcement is skipped (with a loud warning),
# so existing users are unaffected. Once a real key is pasted in, an unsigned/invalid
# bootstrap is refused (fail-closed). See util/sign-bootstrap.md for the signing procedure.
BOOTSTRAP_PUBKEY_PLACEHOLDER="REPLACE_WITH_DRAGONX_BOOTSTRAP_PUBLIC_KEY_PEM"
BOOTSTRAP_PUBKEY="$BOOTSTRAP_PUBKEY_PLACEHOLDER"
# Determine data directory # Determine data directory
if [[ "$OSTYPE" == "darwin"* ]]; then if [[ "$OSTYPE" == "darwin"* ]]; then
DATADIR="$HOME/Library/Application Support/Hush/$CHAIN_NAME" DATADIR="$HOME/Library/Application Support/Hush/$CHAIN_NAME"
@@ -133,86 +118,35 @@ clean_chain_data() {
info "Blockchain data cleaned." info "Blockchain data cleaned."
} }
# Download a file via wget or curl (returns non-zero on failure) # Download a file via wget or curl
download_file() { download_file() {
local url="$1" local url="$1"
local outfile="$2" local outfile="$2"
if command -v wget &>/dev/null; then if command -v wget &>/dev/null; then
wget --progress=bar:force -O "$outfile" "$url" wget --progress=bar:force -O "$outfile" "$url" || error "Download failed: $url"
elif command -v curl &>/dev/null; then elif command -v curl &>/dev/null; then
curl -L --progress-bar -o "$outfile" "$url" curl -L --progress-bar -o "$outfile" "$url" || error "Download failed: $url"
else else
error "Neither wget nor curl found. Please install one and retry." error "Neither wget nor curl found. Please install one and retry."
fi fi
} }
# Try downloading from a given base URL; returns non-zero on failure
download_from() {
local base_url="$1"
local outfile="$DATADIR/$BOOTSTRAP_FILE"
local md5file="$DATADIR/${BOOTSTRAP_FILE}.md5"
local sha256file="$DATADIR/${BOOTSTRAP_FILE}.sha256"
local sigfile="$DATADIR/${BOOTSTRAP_FILE}.sig"
info "Downloading bootstrap from $base_url ..."
info "This may take a while depending on your connection speed."
download_file "$base_url/$BOOTSTRAP_FILE" "$outfile" || return 1
info "Bootstrap download complete."
info "Downloading checksums..."
download_file "$base_url/${BOOTSTRAP_FILE}.md5" "$md5file" || return 1
download_file "$base_url/${BOOTSTRAP_FILE}.sha256" "$sha256file" || return 1
# Detached signature is optional during rollout (non-fatal if absent); enforcement
# is decided in verify_signature() based on whether a real public key is embedded.
rm -f "$sigfile"
download_file "$base_url/${BOOTSTRAP_FILE}.sig" "$sigfile" || warn "No signature file at $base_url (${BOOTSTRAP_FILE}.sig)"
return 0
}
# Verify the detached signature of the archive against the embedded release public key.
# Fail-closed once a real key is configured; skip (with warning) while the placeholder is in place.
verify_signature() {
local archive="$1"
local sigfile="$2"
if [[ "$BOOTSTRAP_PUBKEY" == "$BOOTSTRAP_PUBKEY_PLACEHOLDER" ]]; then
warn "Bootstrap signature verification is not yet configured (no maintainer key embedded)."
warn "Relying on TLS + checksum integrity only. See util/sign-bootstrap.md."
return 0
fi
if ! command -v openssl &>/dev/null; then
error "openssl is required to verify the bootstrap signature but was not found. Install openssl and retry."
fi
if [[ ! -s "$sigfile" ]]; then
error "Bootstrap signature (${BOOTSTRAP_FILE}.sig) is missing; refusing to use an unsigned bootstrap."
fi
local pubfile
pubfile=$(mktemp)
printf '%s\n' "$BOOTSTRAP_PUBKEY" > "$pubfile"
if openssl dgst -sha256 -verify "$pubfile" -signature "$sigfile" "$archive" >&2; then
rm -f "$pubfile"
info "Bootstrap signature verified against embedded DragonX release key."
else
rm -f "$pubfile"
error "Bootstrap signature verification FAILED — the archive is NOT signed by the DragonX release key. Aborting; do not use this bootstrap."
fi
}
# Download the bootstrap and verify checksums # Download the bootstrap and verify checksums
download_bootstrap() { download_bootstrap() {
local outfile="$DATADIR/$BOOTSTRAP_FILE" local outfile="$DATADIR/$BOOTSTRAP_FILE"
local md5file="$DATADIR/${BOOTSTRAP_FILE}.md5" local md5file="$DATADIR/${BOOTSTRAP_FILE}.md5"
local sha256file="$DATADIR/${BOOTSTRAP_FILE}.sha256" local sha256file="$DATADIR/${BOOTSTRAP_FILE}.sha256"
local sigfile="$DATADIR/${BOOTSTRAP_FILE}.sig"
if ! download_from "$BOOTSTRAP_BASE_URL"; then info "Downloading bootstrap from $BOOTSTRAP_BASE_URL ..."
warn "Primary download failed, trying fallback $BOOTSTRAP_FALLBACK_URL ..." info "This may take a while depending on your connection speed."
download_from "$BOOTSTRAP_FALLBACK_URL" || error "Download failed from both primary and fallback servers."
fi download_file "$BOOTSTRAP_BASE_URL/$BOOTSTRAP_FILE" "$outfile"
info "Bootstrap download complete."
info "Downloading checksums..."
download_file "$BOOTSTRAP_BASE_URL/${BOOTSTRAP_FILE}.md5" "$md5file"
download_file "$BOOTSTRAP_BASE_URL/${BOOTSTRAP_FILE}.sha256" "$sha256file"
# Verify checksums # Verify checksums
info "Verifying checksums..." info "Verifying checksums..."
@@ -238,11 +172,8 @@ download_bootstrap() {
warn "sha256sum not found, skipping SHA256 verification." warn "sha256sum not found, skipping SHA256 verification."
fi fi
# Verify the cryptographic signature (fail-closed once a release key is embedded). # Clean up checksum files
verify_signature "$outfile" "$sigfile" rm -f "$md5file" "$sha256file"
# Clean up checksum + signature files
rm -f "$md5file" "$sha256file" "$sigfile"
echo "$outfile" echo "$outfile"
} }

16
util/build-mac.sh
View File

@@ -3,8 +3,8 @@
# Distributed under the GPLv3 software license, see the accompanying # Distributed under the GPLv3 software license, see the accompanying
# file COPYING or https://www.gnu.org/licenses/gpl-3.0.en.html # file COPYING or https://www.gnu.org/licenses/gpl-3.0.en.html
export CC=gcc-15 export CC=gcc-8
export CXX=g++-15 export CXX=g++-8
export LIBTOOL=libtool export LIBTOOL=libtool
export AR=ar export AR=ar
export RANLIB=ranlib export RANLIB=ranlib
@@ -34,24 +34,16 @@ fi
# If --enable-lcov is the first argument, enable lcov coverage support: # If --enable-lcov is the first argument, enable lcov coverage support:
LCOV_ARG='' LCOV_ARG=''
HARDENING_ARG='--disable-hardening' HARDENING_ARG='--disable-hardening'
TEST_ARG=''
if [ "x${1:-}" = 'x--enable-lcov' ] if [ "x${1:-}" = 'x--enable-lcov' ]
then then
LCOV_ARG='--enable-lcov' LCOV_ARG='--enable-lcov'
HARDENING_ARG='--disable-hardening' HARDENING_ARG='--disable-hardening'
shift shift
elif [ "x${1:-}" = 'x--disable-tests' ]
then
TEST_ARG='--enable-tests=no'
shift
fi fi
TRIPLET=`./depends/config.guess` TRIPLET=`./depends/config.guess`
PREFIX="$(pwd)/depends/$TRIPLET" PREFIX="$(pwd)/depends/$TRIPLET"
# Ensure system Rust is in PATH for modern macOS compatibility
export PATH="$HOME/.cargo/bin:$PATH"
make "$@" -C ./depends/ V=1 NO_QT=1 make "$@" -C ./depends/ V=1 NO_QT=1
#BUILD CCLIB #BUILD CCLIB
@@ -76,7 +68,7 @@ cd $WD
./autogen.sh ./autogen.sh
CPPFLAGS="-I$PREFIX/include -arch x86_64" LDFLAGS="-L$PREFIX/lib -arch x86_64 -Wl,-no_pie" \ CPPFLAGS="-I$PREFIX/include -arch x86_64" LDFLAGS="-L$PREFIX/lib -arch x86_64 -Wl,-no_pie" \
CXXFLAGS='-arch x86_64 -I/usr/local/Cellar/gcc/15.2.0_1/include/c++/15/ -I$PREFIX/include -fwrapv -fno-strict-aliasing -Wno-builtin-declaration-mismatch -Werror -Wno-error=deprecated-declarations -g -Wl,-undefined -Wl,dynamic_lookup' \ CXXFLAGS='-arch x86_64 -I/usr/local/Cellar/gcc\@8/8.3.0/include/c++/8.3.0/ -I$PREFIX/include -fwrapv -fno-strict-aliasing -Wno-builtin-declaration-mismatch -Werror -g -Wl,-undefined -Wl,dynamic_lookup' \
./configure --prefix="${PREFIX}" --with-gui=no "$HARDENING_ARG" "$LCOV_ARG" $TEST_ARG ./configure --prefix="${PREFIX}" --with-gui=no "$HARDENING_ARG" "$LCOV_ARG"
make "$@" V=1 NO_GTEST=1 STATIC=1 make "$@" V=1 NO_GTEST=1 STATIC=1

56
util/sign-bootstrap.md
View File

@@ -1,56 +0,0 @@
# Signing the DragonX bootstrap archive
`util/bootstrap-dragonx.sh` verifies a detached signature of `DRAGONX.zip` against a
public key **embedded in the script** (`BOOTSTRAP_PUBKEY`). Because the key ships in the
repo/binary and is not downloaded from the bootstrap server, a compromised bootstrap host
cannot forge a valid signature — unlike the `.md5`/`.sha256` files, which are served from
the same host and only detect corruption.
Until a real key is embedded, `BOOTSTRAP_PUBKEY` is the placeholder and the script skips
signature enforcement (with a warning), so existing users are unaffected. Once a real key
is pasted in, an unsigned or invalid bootstrap is **refused**.
## One-time: create the signing keypair (offline)
Keep the private key OFFLINE (air-gapped if possible). Ed25519 or RSA-4096 both work with
the `openssl dgst -sha256 -verify` check the script uses; RSA-4096 maximizes compatibility:
```sh
# Private key — keep secret, never publish
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out dragonx-bootstrap.key
# Public key — paste into bootstrap-dragonx.sh
openssl pkey -in dragonx-bootstrap.key -pubout -out dragonx-bootstrap.pub
cat dragonx-bootstrap.pub
```
Paste the full PEM (including the `-----BEGIN/END PUBLIC KEY-----` lines) into
`BOOTSTRAP_PUBKEY` in `util/bootstrap-dragonx.sh`, e.g.:
```sh
BOOTSTRAP_PUBKEY="$(cat <<'PEM'
-----BEGIN PUBLIC KEY-----
... base64 ...
-----END PUBLIC KEY-----
PEM
)"
```
## Each release: sign the archive and publish the signature
```sh
openssl dgst -sha256 -sign dragonx-bootstrap.key -out DRAGONX.zip.sig DRAGONX.zip
```
Upload `DRAGONX.zip.sig` next to `DRAGONX.zip` (and its `.md5`/`.sha256`) on every
bootstrap host (`bootstrap.dragonx.is`, `bootstrap2.dragonx.is`). Verify locally first:
```sh
openssl dgst -sha256 -verify dragonx-bootstrap.pub -signature DRAGONX.zip.sig DRAGONX.zip
# -> "Verified OK"
```
## Rotating the key
Embed the new public key in the script, sign future archives with the new private key, and
release a new client version. Old clients keep trusting the old key; coordinate the cutover
with a release so users upgrade before the old key is retired.