Enforce that coinbases must be protected
This PR forces miners to place their funds in the private value transfer system, making "transparent coins" opt-in for users, and increasing privacy for all participants on a systemic level.
Closes#101.
Signing pours with ed25519
This is an alternative to #964 which uses ed25519 instead of secp256k1, and avoids the separate hash for fitting the public key into the `h_sig` block. It's based on @defuse's work in that branch.
Closes#808.
All blocks before the first subsidy halving block, with the exception of
the genesis block, must contain an output which sends 20% of the block
subsidy value to a scriptPubKey `FOUNDERS_REWARD_SCRIPT`.
The main and test networks are configured to use parameters that are currently
low-memory but usable with the basic solver; they will be increased once the
solver is optimised. The regtest network is configured to have extremely low
memory usage for speed.
Note that Bitcoin's double-hasher is used for the difficulty check. This does
not match the paper, but is simpler than changing the block header
serialization. Single hashing is kept for the EquiHash solver because there is
no requirement on execution time there, only on memory usage.
Some specifics on consensus changes:
* Transactions must be anchored to a real anchor in the chain.
* Anchors are pushed and popped during ConnectBlock/DisconnectBlock as appropriate.
* DisconnectTip triggers evictions, under some circumstances, of transactions in the
mempool which are anchored to roots that are no longer valid.
* Commitments append to the tree at the current best root during ConnectBlock.
* PourTxs cannot appear in coinbase transactions.
* Transactions can only contain empty vin/vouts if they contain a PourTx.
* PourTx public values must be well-formed (not negative or too large).
* Transactions cannot have the same serial twice throughout all PourTxs.
Previously, the undo weren't being flushed during a reindex because
fKnown was set to true in FindBlockPos. That is the correct behaviour
for block files as they aren't being touched, but undo files are
touched.
This changes the behaviour to always flush when switching to a new file
(even for block files, though that isn't really necessary).
Rebased-From: 22e780737db57bcb18b3824eb8158e19a4775cb6
Github-Pull: #6948
af6edac *: alias -h for --help (Daniel Cousens)
131d7f9 Change URLs to https in debian/control (Matt Corallo)
7ce2c91 Update debian/changelog and slight tweak to debian/control (Matt Corallo)
4fbfebe Correct spelling mistakes in doc folder (Mitchell Cash)
e42bf16 Clarification of unit test build instructions. (Eric Lombrozo)
54f9dee Update bluematt-key, the old one is long-since revoked (Matt Corallo)
bfc6154 [Trivial] Fixed typo when referring to a previous section in depends/README.md [skip ci] (Chris Kleeschulte)
9e45157 build: disable -Wself-assign (Wladimir J. van der Laan)
33d6825 Bugfix: Allow mining on top of old tip blocks for testnet (fixes testnet-in-a-box use case) (Luke Dashjr)
87a797a build: Remove dependency of bitcoin-cli on secp256k1 (Wladimir J. van der Laan)
a33cd5b [trivial] Fix rpc message "help generate" (MarcoFalke)
6fd0019 Drop "with minimal dependencies" from description (Zak Wilcox)
2394f4d Split bitcoin-tx into its own package (Zak Wilcox)
1e672ae Include bitcoin-tx binary on Debian/Ubuntu (Zak Wilcox)
b3eaa30 [Qt] Raise debug window when requested (MarcoFalke)
01878c9 Fix locking in GetTransaction. (Alex Morcos)
9b9acc2 Fix spelling of Qt (Diego Viola)
The lock-time code currently uses CBlock::nTime as the cutoff point for time based locked transactions. This has the unfortunate outcome of creating a perverse incentive for miners to lie about the time of a block in order to collect more fees by including transactions that by wall clock determination have not yet matured. By using CBlockIndex::GetMedianTimePast from the prior block instead, the self-interested miner no longer gains from generating blocks with fraudulent timestamps. Users can compensate for this change by simply adding an hour (3600 seconds) to their time-based lock times.
If enforced, this would be a soft-fork change. This commit only adds the functionality on an unexecuted code path, without changing the behaviour of Bitcoin Core.
