From dd4aac4f5f7f9b80931d021429d5bef74faa7ad9 Mon Sep 17 00:00:00 2001 From: Duke Date: Fri, 16 May 2025 21:18:56 -0400 Subject: [PATCH] Ensure ASSETCHAINS_MINOPRETURNFEE modifies chain magic and document why --- doc/DEVELOPING.md | 35 +++++++++++++++++++++++++++++++++++ src/hush_utils.h | 7 ++++++- 2 files changed, 41 insertions(+), 1 deletion(-) diff --git a/doc/DEVELOPING.md b/doc/DEVELOPING.md index 1de87fcc6..4b6302daf 100644 --- a/doc/DEVELOPING.md +++ b/doc/DEVELOPING.md @@ -89,6 +89,41 @@ After successfully compiling Hush, you can generate a debian package of these bi This command will not work on Mac OS X. Currently you cannot generate a Debian package from operating systems other than Linux. Oh well. +## Adding new CLI options that change consensus rules + +If you are adding a new CLI option that changes consensus rules such as +`-ac_foo` then make sure to also modify the the `extraptr` variable in +`src/hush_utils.h` with the value of the `ASSETCHAINS_FOO` variable. Our +convention is that if a CLI option affects consensus, it MUST begin with `-ac_` +and if it does not affect consensus (such as -datadir) then it MUST NOT begin +with `-ac_`. Originally the `ac` meant "asset chain" but now it means "affects +consensus" or "arrakis chain", take your pick. + +The reason for this is the `extraptr` variable is used to deterministically +generate the "chain magic" `ASSETCHAINS_MAGIC` as well as the default p2p and +rpc ports for a HAC. This means that if two HACs have *exactly* the same +consensus options except for `-ac_foo` (even if they have the same `-ac_name`) +then they will still get different chain magic values and p2p and rpc ports. +This is a way of preventing HACs with different consensus rules from trying to +talk with each other when they should not. For instance, if you make a HAC with +`-ac_name=MYCOIN` on one machine with one set of consensus rules and then +another HAC with the same name on a different machine but with different +consensus rules, the chain magic being different (as well as the default p2p +port) are ways to prevent them from communicating. This is good because these +two HACs will eventually chain fork due to their different consensus rules and +ban each other, wasting time, bandwidth and sanity. + +An example of doing this can be seen in the commit +https://git.hush.is/hush/hush3/commit/d39503c13b7419620d138050899705ced557eef9 +which added the `-ac_burn` consensus changing option. + +The chain magic value is the CRC32 checksum of every non-default consensus +option the HAC uses. + +Also make sure to actually validate the new consensus option! That is probably +going to happen in `src/main.cpp` . If you don't, a malicious node can just +modify `src/miner.cpp` to do whatever they want. + ## Updates to this document If you think something else should be in this guide, please send your suggestions! diff --git a/src/hush_utils.h b/src/hush_utils.h index e2d6a7968..dc2d3ddfd 100644 --- a/src/hush_utils.h +++ b/src/hush_utils.h @@ -2169,7 +2169,7 @@ void hush_args(char *argv0) } } - if ( ASSETCHAINS_ENDSUBSIDY[0] != 0 || ASSETCHAINS_REWARD[0] != 0 || ASSETCHAINS_HALVING[0] != 0 || ASSETCHAINS_DECAY[0] != 0 || ASSETCHAINS_COMMISSION != 0 || ASSETCHAINS_PUBLIC != 0 || ASSETCHAINS_PRIVATE != 0 || ASSETCHAINS_TXPOW != 0 || ASSETCHAINS_FOUNDERS != 0 || ASSETCHAINS_SCRIPTPUB.size() > 1 || ASSETCHAINS_SELFIMPORT.size() > 0 || ASSETCHAINS_OVERRIDE_PUBKEY33[0] != 0 || ASSETCHAINS_TIMELOCKGTE != _ASSETCHAINS_TIMELOCKOFF|| ASSETCHAINS_ALGO != ASSETCHAINS_EQUIHASH || ASSETCHAINS_LWMAPOS != 0 || ASSETCHAINS_LASTERA > 0 || ASSETCHAINS_BEAMPORT != 0 || ASSETCHAINS_CODAPORT != 0 || ASSETCHAINS_MARMARA != 0 || nonz > 0 || ASSETCHAINS_CCLIB.size() > 0 || ASSETCHAINS_FOUNDERS_REWARD != 0 || ASSETCHAINS_NOTARY_PAY[0] != 0 || ASSETCHAINS_BLOCKTIME != 60 || ASSETCHAINS_CBOPRET != 0 || Mineropret.size() != 0 || (ASSETCHAINS_NK[0] != 0 && ASSETCHAINS_NK[1] != 0) || HUSH_SNAPSHOT_INTERVAL != 0 || ASSETCHAINS_EARLYTXIDCONTRACT != 0 || ASSETCHAINS_CBMATURITY != 0 || ASSETCHAINS_ADAPTIVEPOW != 0 || ASSETCHAINS_BURN != 0) + if ( ASSETCHAINS_ENDSUBSIDY[0] != 0 || ASSETCHAINS_REWARD[0] != 0 || ASSETCHAINS_HALVING[0] != 0 || ASSETCHAINS_DECAY[0] != 0 || ASSETCHAINS_COMMISSION != 0 || ASSETCHAINS_PUBLIC != 0 || ASSETCHAINS_PRIVATE != 0 || ASSETCHAINS_TXPOW != 0 || ASSETCHAINS_FOUNDERS != 0 || ASSETCHAINS_SCRIPTPUB.size() > 1 || ASSETCHAINS_SELFIMPORT.size() > 0 || ASSETCHAINS_OVERRIDE_PUBKEY33[0] != 0 || ASSETCHAINS_TIMELOCKGTE != _ASSETCHAINS_TIMELOCKOFF|| ASSETCHAINS_ALGO != ASSETCHAINS_EQUIHASH || ASSETCHAINS_LWMAPOS != 0 || ASSETCHAINS_LASTERA > 0 || ASSETCHAINS_BEAMPORT != 0 || ASSETCHAINS_CODAPORT != 0 || ASSETCHAINS_MARMARA != 0 || nonz > 0 || ASSETCHAINS_CCLIB.size() > 0 || ASSETCHAINS_FOUNDERS_REWARD != 0 || ASSETCHAINS_NOTARY_PAY[0] != 0 || ASSETCHAINS_BLOCKTIME != 60 || ASSETCHAINS_CBOPRET != 0 || Mineropret.size() != 0 || (ASSETCHAINS_NK[0] != 0 && ASSETCHAINS_NK[1] != 0) || HUSH_SNAPSHOT_INTERVAL != 0 || ASSETCHAINS_EARLYTXIDCONTRACT != 0 || ASSETCHAINS_CBMATURITY != 0 || ASSETCHAINS_ADAPTIVEPOW != 0 || ASSETCHAINS_BURN != 0 || ASSETCHAINS_MINOPRETURNFEE) { if(fDebug) fprintf(stderr,"perc %.4f%% ac_pub=[%02x%02x%02x...] acsize.%d\n",dstr(ASSETCHAINS_COMMISSION)*100,ASSETCHAINS_OVERRIDE_PUBKEY33[0],ASSETCHAINS_OVERRIDE_PUBKEY33[1],ASSETCHAINS_OVERRIDE_PUBKEY33[2],(int32_t)ASSETCHAINS_SCRIPTPUB.size()); @@ -2334,6 +2334,11 @@ void hush_args(char *argv0) { extralen += dragon_rwnum(1,&extraptr[extralen],sizeof(ASSETCHAINS_BURN),(void *)&ASSETCHAINS_BURN); } + + if ( ASSETCHAINS_MINOPRETURNFEE != 0 ) + { + extralen += dragon_rwnum(1,&extraptr[extralen],sizeof(ASSETCHAINS_MINOPRETURNFEE),(void *)&ASSETCHAINS_MINOPRETURNFEE); + } } addn = GetArg("-seednode","");