diff --git a/src/chainparams.cpp b/src/chainparams.cpp --- a/src/chainparams.cpp +++ b/src/chainparams.cpp @@ -155,6 +155,9 @@ // May 15, 2018 hard fork consensus.monolithActivationTime = 1526400000; + // Nov 15, 2018 hard fork + consensus.magneticAnomalyActivationTime = 1542300000; + /** * The message start string is designed to be unlikely to occur in * normal data. The characters are rarely used upper ASCII, not valid as @@ -331,6 +334,9 @@ // May 15, 2018 hard fork consensus.monolithActivationTime = 1526400000; + // Nov 15, 2018 hard fork + consensus.magneticAnomalyActivationTime = 1542300000; + diskMagic[0] = 0x0b; diskMagic[1] = 0x11; diskMagic[2] = 0x09; @@ -458,6 +464,9 @@ // May 15, 2018 hard fork. consensus.monolithActivationTime = 1526400000; + // Nov 15, 2018 hard fork + consensus.magneticAnomalyActivationTime = 1542300000; + diskMagic[0] = 0xfa; diskMagic[1] = 0xbf; diskMagic[2] = 0xb5; diff --git a/src/consensus/params.h b/src/consensus/params.h --- a/src/consensus/params.h +++ b/src/consensus/params.h @@ -54,6 +54,8 @@ int daaHeight; /** Unix time used for MTP activation of May 15 2018, hardfork */ int monolithActivationTime; + /** Unix time used for MTP activation of Nov 15 2018, hardfork */ + int magneticAnomalyActivationTime; /** Block height at which OP_RETURN replay protection stops */ int antiReplayOpReturnSunsetHeight; /** Committed OP_RETURN value for replay protection */ diff --git a/src/validation.cpp b/src/validation.cpp --- a/src/validation.cpp +++ b/src/validation.cpp @@ -613,6 +613,28 @@ return IsMonolithEnabled(config, pindexPrev->GetMedianTimePast()); } +static bool IsReplayProtectionEnabled(const Config &config, + int64_t nMedianTimePast) { + return nMedianTimePast >= gArgs.GetArg("-replayprotectionactivationtime", + config.GetChainParams() + .GetConsensus() + .magneticAnomalyActivationTime); +} + +static bool IsReplayProtectionEnabled(const Config &config, + const CBlockIndex *pindexPrev) { + if (pindexPrev == nullptr) { + return false; + } + + return IsReplayProtectionEnabled(config, pindexPrev->GetMedianTimePast()); +} + +static bool IsReplayProtectionEnabledForCurrentBlock(const Config &config) { + AssertLockHeld(cs_main); + return IsReplayProtectionEnabled(config, chainActive.Tip()); +} + /** * Make mempool consistent after a reorg, by re-adding or recursively erasing * disconnected block transactions from the mempool, and also removing any other @@ -968,6 +990,12 @@ gArgs.GetArg("-promiscuousmempoolflags", scriptVerifyFlags); } + const bool hasReplayProtection = + IsReplayProtectionEnabledForCurrentBlock(config); + if (hasReplayProtection) { + scriptVerifyFlags |= SCRIPT_ENABLE_REPLAY_PROTECTION; + } + // Check against previous transactions. This is done last to help // prevent CPU exhaustion denial-of-service attacks. PrecomputedTransactionData txdata(tx); @@ -994,6 +1022,13 @@ // transactions into the mempool can be exploited as a DoS attack. uint32_t currentBlockScriptVerifyFlags = GetBlockScriptFlags(chainActive.Tip(), config); + // We have an off by one error for flag activation. As a result, we need + // to set the replay protection flag manually here until this is fixed. + // FIXME: https://reviews.bitcoinabc.org/T288 + if (hasReplayProtection) { + currentBlockScriptVerifyFlags |= SCRIPT_ENABLE_REPLAY_PROTECTION; + } + if (!CheckInputsFromMempoolAndCache(tx, state, view, pool, currentBlockScriptVerifyFlags, true, txdata)) { @@ -1007,8 +1042,12 @@ __func__, txid.ToString(), FormatStateMessage(state)); } - if (!CheckInputs(tx, state, view, true, - MANDATORY_SCRIPT_VERIFY_FLAGS, true, false, + uint32_t mandatoryFlags = MANDATORY_SCRIPT_VERIFY_FLAGS; + if (hasReplayProtection) { + mandatoryFlags |= SCRIPT_ENABLE_REPLAY_PROTECTION; + } + + if (!CheckInputs(tx, state, view, true, mandatoryFlags, true, false, txdata)) { return error( "%s: ConnectInputs failed against MANDATORY but not " @@ -1893,6 +1932,12 @@ flags |= SCRIPT_VERIFY_NULLFAIL; } + // We make sure this node will have replay protection during the next hard + // fork. + if (IsReplayProtectionEnabled(config, pindex->pprev)) { + flags |= SCRIPT_ENABLE_REPLAY_PROTECTION; + } + return flags; } @@ -2044,6 +2089,8 @@ nLockTimeFlags |= LOCKTIME_VERIFY_SEQUENCE; } + // FIXME: This should be called with pindex->pprev, to match the result + // given to AcceptToMemoryPoolWorker: https://reviews.bitcoinabc.org/T288 uint32_t flags = GetBlockScriptFlags(pindex, config); int64_t nTime2 = GetTimeMicros(); @@ -2222,6 +2269,14 @@ LogPrint(BCLog::BENCH, " - Callbacks: %.2fms [%.2fs]\n", 0.001 * (nTime6 - nTime5), nTimeCallbacks * 0.000001); + // If we just activated the replay protection with that block, it means + // transaction in the mempool are now invalid. As a result, we need to clear + // the mempool. + if (IsReplayProtectionEnabled(config, pindex) && + !IsReplayProtectionEnabled(config, pindex->pprev)) { + mempool.clear(); + } + return true; } @@ -2521,6 +2576,21 @@ return false; } + // If this block was deactivating the replay protection, then we need to + // remove transactions that are replay protected from the mempool. There is + // no easy way to do this so we'll just discard the whole mempool and then + // add the transaction of the block we just disconnected back. + if (IsReplayProtectionEnabled(config, pindexDelete) && + !IsReplayProtectionEnabled(config, pindexDelete->pprev)) { + mempool.clear(); + // While not strictly necessary, clearing the disconnect pool is also + // beneficial so we don't try to reuse its content at the end of the + // reorg, which we know will fail. + if (disconnectpool) { + disconnectpool->clear(); + } + } + if (disconnectpool) { // Save transactions to re-add to mempool at end of reorg for (const auto &tx : boost::adaptors::reverse(block.vtx)) { diff --git a/test/functional/abc-p2p-fullblocktest.py b/test/functional/abc-p2p-fullblocktest.py --- a/test/functional/abc-p2p-fullblocktest.py +++ b/test/functional/abc-p2p-fullblocktest.py @@ -12,7 +12,7 @@ """ from test_framework.test_framework import ComparisonTestFramework -from test_framework.util import * +from test_framework.util import assert_equal, assert_raises_rpc_error from test_framework.comptool import TestManager, TestInstance, RejectResult from test_framework.blocktools import * import time @@ -48,6 +48,8 @@ self.excessive_block_size = 100 * ONE_MEGABYTE self.extra_args = [['-whitelist=127.0.0.1', "-monolithactivationtime=%d" % MONOLITH_START_TIME, + "-replayprotectionactivationtime=%d" % ( + 2 * MONOLITH_START_TIME), "-excessiveblocksize=%d" % self.excessive_block_size]] @@ -71,8 +73,8 @@ block.vtx.extend(tx_list) # this is a little handier to use than the version in blocktools.py - def create_tx(self, spend_tx, n, value, script=CScript([OP_TRUE])): - tx = create_transaction(spend_tx, n, b"", value, script) + def create_tx(self, spend, value, script=CScript([OP_TRUE])): + tx = create_transaction(spend.tx, spend.n, b"", value, script) return tx def next_block(self, number, spend=None, script=CScript([OP_TRUE]), block_size=0, extra_sigops=0): @@ -383,7 +385,7 @@ p2sh_script = CScript([OP_HASH160, redeem_script_hash, OP_EQUAL]) # Create a p2sh transaction - p2sh_tx = self.create_tx(out[22].tx, out[22].n, 1, p2sh_script) + p2sh_tx = self.create_tx(out[22], 1, p2sh_script) # Add the transaction to the block block(30) diff --git a/test/functional/abc-replay-protection.py b/test/functional/abc-replay-protection.py new file mode 100755 --- /dev/null +++ b/test/functional/abc-replay-protection.py @@ -0,0 +1,281 @@ +#!/usr/bin/env python3 +# Copyright (c) 2015-2016 The Bitcoin Core developers +# Copyright (c) 2017 The Bitcoin developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or http://www.opensource.org/licenses/mit-license.php. +""" +This test checks activation of UAHF and the different consensus +related to this activation. +It is derived from the much more complex p2p-fullblocktest. +""" + +from test_framework.test_framework import ComparisonTestFramework +from test_framework.util import assert_equal, assert_raises_rpc_error +from test_framework.comptool import TestManager, TestInstance, RejectResult +from test_framework.blocktools import * +import time +from test_framework.key import CECKey +from test_framework.script import * + +# far into the future +REPLAY_PROTECTION_START_TIME = 2000000000 + +# Error due to invalid signature +INVALID_SIGNATURE_ERROR = b'mandatory-script-verify-flag-failed (Signature must be zero for failed CHECK(MULTI)SIG operation)' +RPC_INVALID_SIGNATURE_ERROR = "16: " + \ + INVALID_SIGNATURE_ERROR.decode("utf-8") + + +class PreviousSpendableOutput(object): + + def __init__(self, tx=CTransaction(), n=-1): + self.tx = tx + self.n = n # the output we're spending + + +class ReplayProtectionTest(ComparisonTestFramework): + + def set_test_params(self): + self.num_nodes = 1 + self.setup_clean_chain = True + self.block_heights = {} + self.tip = None + self.blocks = {} + self.extra_args = [['-whitelist=127.0.0.1', + "-replayprotectionactivationtime=%d" % REPLAY_PROTECTION_START_TIME]] + + def run_test(self): + self.test = TestManager(self, self.options.tmpdir) + self.test.add_all_connections(self.nodes) + # Start up network handling in another thread + NetworkThread().start() + self.nodes[0].setmocktime(REPLAY_PROTECTION_START_TIME) + self.test.run() + + def next_block(self, number): + if self.tip == None: + base_block_hash = self.genesis_hash + block_time = int(time.time()) + 1 + else: + base_block_hash = self.tip.sha256 + block_time = self.tip.nTime + 1 + # First create the coinbase + height = self.block_heights[base_block_hash] + 1 + coinbase = create_coinbase(height) + coinbase.rehash() + block = create_block(base_block_hash, coinbase, block_time) + + # Do PoW, which is cheap on regnet + block.solve() + self.tip = block + self.block_heights[block.sha256] = height + assert number not in self.blocks + self.blocks[number] = block + return block + + def get_tests(self): + self.genesis_hash = int(self.nodes[0].getbestblockhash(), 16) + self.block_heights[self.genesis_hash] = 0 + spendable_outputs = [] + + # save the current tip so it can be spent by a later block + def save_spendable_output(): + spendable_outputs.append(self.tip) + + # get an output that we previously marked as spendable + def get_spendable_output(): + return PreviousSpendableOutput(spendable_outputs.pop(0).vtx[0], 0) + + # returns a test case that asserts that the current tip was accepted + def accepted(): + return TestInstance([[self.tip, True]]) + + # returns a test case that asserts that the current tip was rejected + def rejected(reject=None): + if reject is None: + return TestInstance([[self.tip, False]]) + else: + return TestInstance([[self.tip, reject]]) + + # move the tip back to a previous block + def tip(number): + self.tip = self.blocks[number] + + # adds transactions to the block and updates state + def update_block(block_number, new_transactions): + [tx.rehash() for tx in new_transactions] + block = self.blocks[block_number] + block.vtx.extend(new_transactions) + old_sha256 = block.sha256 + block.hashMerkleRoot = block.calc_merkle_root() + block.solve() + # Update the internal state just like in next_block + self.tip = block + if block.sha256 != old_sha256: + self.block_heights[ + block.sha256] = self.block_heights[old_sha256] + del self.block_heights[old_sha256] + self.blocks[block_number] = block + return block + + # shorthand for functions + block = self.next_block + node = self.nodes[0] + + # Create a new block + block(0) + save_spendable_output() + yield accepted() + + # Now we need that block to mature so we can spend the coinbase. + test = TestInstance(sync_every_block=False) + for i in range(99): + block(5000 + i) + test.blocks_and_transactions.append([self.tip, True]) + save_spendable_output() + yield test + + # collect spendable outputs now to avoid cluttering the code later on + out = [] + for i in range(100): + out.append(get_spendable_output()) + + # Generate a key pair to test P2SH sigops count + private_key = CECKey() + private_key.set_secretbytes(b"replayprotection") + public_key = private_key.get_pubkey() + + # This is a little handier to use than the version in blocktools.py + def create_fund_and_spend_tx(spend, forkvalue=0): + # Fund transaction + script = CScript([public_key, OP_CHECKSIG]) + txfund = create_transaction( + spend.tx, spend.n, b'', 50 * COIN, script) + txfund.rehash() + + # Spend transaction + txspend = CTransaction() + txspend.vout.append(CTxOut(50 * COIN - 1000, CScript([OP_TRUE]))) + txspend.vin.append(CTxIn(COutPoint(txfund.sha256, 0), b'')) + + # Sign the transaction + sighashtype = (forkvalue << 8) | SIGHASH_ALL | SIGHASH_FORKID + sighash = SignatureHashForkId( + script, txspend, 0, sighashtype, 50 * COIN) + sig = private_key.sign(sighash) + \ + bytes(bytearray([SIGHASH_ALL | SIGHASH_FORKID])) + txspend.vin[0].scriptSig = CScript([sig]) + txspend.rehash() + + return [txfund, txspend] + + def send_transaction_to_mempool(tx): + tx_id = node.sendrawtransaction(ToHex(tx)) + assert(tx_id in set(node.getrawmempool())) + return tx_id + + # Before the fork, no replay protection required to get in the mempool. + txns = create_fund_and_spend_tx(out[0]) + send_transaction_to_mempool(txns[0]) + send_transaction_to_mempool(txns[1]) + + # And txns get mined in a block properly. + block(1) + update_block(1, txns) + yield accepted() + + # Replay protected transactions are rejected. + replay_txns = create_fund_and_spend_tx(out[1], 0xffdead) + send_transaction_to_mempool(replay_txns[0]) + assert_raises_rpc_error(-26, RPC_INVALID_SIGNATURE_ERROR, + node.sendrawtransaction, ToHex(replay_txns[1])) + + # And block containing them are rejected as well. + block(2) + update_block(2, replay_txns) + yield rejected(RejectResult(16, b'blk-bad-inputs')) + + # Rewind bad block + tip(1) + + # Create a block that would activate the replay protection. + bfork = block(5555) + bfork.nTime = REPLAY_PROTECTION_START_TIME - 1 + update_block(5555, []) + yield accepted() + + for i in range(5): + block(5100 + i) + test.blocks_and_transactions.append([self.tip, True]) + yield test + + # Check we are just before the activation time + assert_equal(node.getblockheader(node.getbestblockhash())['mediantime'], + REPLAY_PROTECTION_START_TIME - 1) + + # We are just before the fork, replay protected txns still are rejected + assert_raises_rpc_error(-26, RPC_INVALID_SIGNATURE_ERROR, + node.sendrawtransaction, ToHex(replay_txns[1])) + + block(3) + update_block(3, replay_txns) + yield rejected(RejectResult(16, b'blk-bad-inputs')) + + # Rewind bad block + tip(5104) + + # Send some non replay protected txns in the mempool to check + # they get cleaned at activation. + txns = create_fund_and_spend_tx(out[2]) + send_transaction_to_mempool(txns[0]) + tx_id = send_transaction_to_mempool(txns[1]) + + # Activate the replay protection + block(5556) + yield accepted() + + # Non replay protected transactions are not valid anymore, + # so they should be removed from the mempool. + assert(tx_id not in set(node.getrawmempool())) + + # Good old transactions are now invalid. + send_transaction_to_mempool(txns[0]) + assert_raises_rpc_error(-26, RPC_INVALID_SIGNATURE_ERROR, + node.sendrawtransaction, ToHex(txns[1])) + + # They also cannot be mined + block(4) + update_block(4, txns) + yield rejected(RejectResult(16, b'blk-bad-inputs')) + + # Rewind bad block + tip(5556) + + # The replay protected transaction is now valid + send_transaction_to_mempool(replay_txns[0]) + replay_tx_id = send_transaction_to_mempool(replay_txns[1]) + + # They also can also be mined + b5 = block(5) + update_block(5, replay_txns) + yield accepted() + + # Ok, now we check if a reorg work properly accross the activation. + postforkblockid = node.getbestblockhash() + node.invalidateblock(postforkblockid) + assert(replay_tx_id in set(node.getrawmempool())) + + # Deactivating replay protection. + forkblockid = node.getbestblockhash() + node.invalidateblock(forkblockid) + assert(replay_tx_id not in set(node.getrawmempool())) + + # Check that we also do it properly on deeper reorg. + node.reconsiderblock(forkblockid) + node.reconsiderblock(postforkblockid) + node.invalidateblock(forkblockid) + assert(replay_tx_id not in set(node.getrawmempool())) + + +if __name__ == '__main__': + ReplayProtectionTest().main()