diff --git a/src/script/scriptcache.h b/src/script/scriptcache.h
index b4928424c..adeaf9a47 100644
--- a/src/script/scriptcache.h
+++ b/src/script/scriptcache.h
@@ -1,58 +1,66 @@
 // Copyright (c) 2017 The Bitcoin developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #ifndef BITCOIN_SCRIPT_SCRIPTCACHE_H
 #define BITCOIN_SCRIPT_SCRIPTCACHE_H
 
 #include <array>
 #include <cstdint>
 
+#include <sync.h>
+
+// Actually declared in validation.cpp; can't include because of circular
+// dependency.
+extern RecursiveMutex cs_main;
+
 class CTransaction;
 
 /**
  * The script cache is a map using a key/value element, that caches the
  * success of executing a specific transaction's input scripts under a
  * specific set of flags, along with any associated information learned
  * during execution.
  *
  * The key is slightly shorter than a power-of-two size to make room for
  * the value.
  */
 class ScriptCacheKey {
     std::array<uint8_t, 28> data;
 
 public:
     ScriptCacheKey() = default;
     ScriptCacheKey(const ScriptCacheKey &rhs) = default;
     ScriptCacheKey(const CTransaction &tx, uint32_t flags);
 
     bool operator==(const ScriptCacheKey &rhs) const {
         return rhs.data == data;
     }
 
     friend class ScriptCacheHasher;
 };
 
 // DoS prevention: limit cache size to 32MB (over 1000000 entries on 64-bit
 // systems). Due to how we count cache size, actual memory usage is slightly
 // more (~32.25 MB)
 static const unsigned int DEFAULT_MAX_SCRIPT_CACHE_SIZE = 32;
 // Maximum sig cache size allowed
 static const int64_t MAX_MAX_SCRIPT_CACHE_SIZE = 16384;
 
 /** Initializes the script-execution cache */
 void InitScriptExecutionCache();
 
 /**
  * Check if a given key is in the cache, and if so, return its values.
  * (if not found, nSigChecks may or may not be set to an arbitrary value)
  */
-bool IsKeyInScriptCache(ScriptCacheKey key, bool erase, int &nSigChecksOut);
+bool IsKeyInScriptCache(ScriptCacheKey key, bool erase, int &nSigChecksOut)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /**
  * Add an entry in the cache.
  */
-void AddKeyInScriptCache(ScriptCacheKey key, int nSigChecks);
+void AddKeyInScriptCache(ScriptCacheKey key, int nSigChecks)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 #endif // BITCOIN_SCRIPT_SCRIPTCACHE_H
diff --git a/src/sync.cpp b/src/sync.cpp
index 92e5a6aef..3474f9f9a 100644
--- a/src/sync.cpp
+++ b/src/sync.cpp
@@ -1,288 +1,293 @@
 // Copyright (c) 2011-2016 The Bitcoin Core developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <sync.h>
 
 #include <logging.h>
 #include <tinyformat.h>
 #include <util/strencodings.h>
 #include <util/threadnames.h>
 
 #include <tinyformat.h>
 
 #include <map>
 #include <set>
 #include <system_error>
 #include <thread>
 #include <unordered_map>
 #include <utility>
 #include <vector>
 
 #ifdef DEBUG_LOCKCONTENTION
 void PrintLockContention(const char *pszName, const char *pszFile, int nLine) {
     LogPrintf("LOCKCONTENTION: %s\n", pszName);
     LogPrintf("Locker: %s:%d\n", pszFile, nLine);
 }
 #endif /* DEBUG_LOCKCONTENTION */
 
 #ifdef DEBUG_LOCKORDER
 //
 // Early deadlock detection.
 // Problem being solved:
 //    Thread 1 locks A, then B, then C
 //    Thread 2 locks D, then C, then A
 //     --> may result in deadlock between the two threads, depending on when
 //     they run.
 // Solution implemented here:
 // Keep track of pairs of locks: (A before B), (A before C), etc.
 // Complain if any thread tries to lock in a different order.
 //
 
 struct CLockLocation {
     CLockLocation(const char *pszName, const char *pszFile, int nLine,
                   bool fTryIn, const std::string &thread_name)
         : fTry(fTryIn), mutexName(pszName), sourceFile(pszFile),
           m_thread_name(thread_name), sourceLine(nLine) {}
 
     std::string ToString() const {
         return strprintf("'%s' in %s:%s%s (in thread '%s')", mutexName,
                          sourceFile, sourceLine, (fTry ? " (TRY)" : ""),
                          m_thread_name);
     }
 
     std::string Name() const { return mutexName; }
 
 private:
     bool fTry;
     std::string mutexName;
     std::string sourceFile;
     const std::string &m_thread_name;
     int sourceLine;
 };
 
 using LockStackItem = std::pair<void *, CLockLocation>;
 using LockStack = std::vector<LockStackItem>;
 using LockStacks = std::unordered_map<std::thread::id, LockStack>;
 
 using LockPair = std::pair<void *, void *>;
 using LockOrders = std::map<LockPair, LockStack>;
 using InvLockOrders = std::set<LockPair>;
 
 struct LockData {
     LockStacks m_lock_stacks;
     LockOrders lockorders;
     InvLockOrders invlockorders;
     std::mutex dd_mutex;
 };
 
 LockData &GetLockData() {
     // This approach guarantees that the object is not destroyed until after its
     // last use. The operating system automatically reclaims all the memory in a
     // program's heap when that program exits.
     // Since the ~LockData() destructor is never called, the LockData class and
     // all its subclasses must have implicitly-defined destructors.
     static LockData &lock_data = *new LockData();
     return lock_data;
 }
 
 static void potential_deadlock_detected(const LockPair &mismatch,
                                         const LockStack &s1,
                                         const LockStack &s2) {
     LogPrintf("POTENTIAL DEADLOCK DETECTED\n");
     LogPrintf("Previous lock order was:\n");
     for (const LockStackItem &i : s1) {
         if (i.first == mismatch.first) {
             LogPrintfToBeContinued(" (1)");
         }
         if (i.first == mismatch.second) {
             LogPrintfToBeContinued(" (2)");
         }
         LogPrintf(" %s\n", i.second.ToString());
     }
 
     std::string mutex_a, mutex_b;
     LogPrintf("Current lock order is:\n");
     for (const LockStackItem &i : s2) {
         if (i.first == mismatch.first) {
             LogPrintfToBeContinued(" (1)");
             mutex_a = i.second.Name();
         }
         if (i.first == mismatch.second) {
             LogPrintfToBeContinued(" (2)");
             mutex_b = i.second.Name();
         }
         LogPrintf(" %s\n", i.second.ToString());
     }
     if (g_debug_lockorder_abort) {
         tfm::format(
             std::cerr,
             "Assertion failed: detected inconsistent lock order for %s, "
             "details in debug log.\n",
             s2.back().second.ToString());
         abort();
     }
     throw std::logic_error(
         strprintf("potential deadlock detected: %s -> %s -> %s", mutex_b,
                   mutex_a, mutex_b));
 }
 
 static void push_lock(void *c, const CLockLocation &locklocation) {
     LockData &lockdata = GetLockData();
     std::lock_guard<std::mutex> lock(lockdata.dd_mutex);
 
     LockStack &lock_stack = lockdata.m_lock_stacks[std::this_thread::get_id()];
     lock_stack.emplace_back(c, locklocation);
     for (const LockStackItem &i : lock_stack) {
         if (i.first == c) {
             break;
         }
 
         const LockPair p1 = std::make_pair(i.first, c);
         if (lockdata.lockorders.count(p1)) {
             continue;
         }
 
         const LockPair p2 = std::make_pair(c, i.first);
         if (lockdata.lockorders.count(p2)) {
             auto lock_stack_copy = lock_stack;
             lock_stack.pop_back();
             potential_deadlock_detected(p1, lockdata.lockorders[p2],
                                         lock_stack_copy);
             // potential_deadlock_detected() does not return.
         }
 
         lockdata.lockorders.emplace(p1, lock_stack);
         lockdata.invlockorders.insert(p2);
     }
 }
 
 static void pop_lock() {
     LockData &lockdata = GetLockData();
     std::lock_guard<std::mutex> lock(lockdata.dd_mutex);
 
     LockStack &lock_stack = lockdata.m_lock_stacks[std::this_thread::get_id()];
     lock_stack.pop_back();
     if (lock_stack.empty()) {
         lockdata.m_lock_stacks.erase(std::this_thread::get_id());
     }
 }
 
 void EnterCritical(const char *pszName, const char *pszFile, int nLine,
                    void *cs, bool fTry) {
     push_lock(cs, CLockLocation(pszName, pszFile, nLine, fTry,
                                 util::ThreadGetInternalName()));
 }
 
 void CheckLastCritical(void *cs, std::string &lockname, const char *guardname,
                        const char *file, int line) {
     {
         LockData &lockdata = GetLockData();
         std::lock_guard<std::mutex> lock(lockdata.dd_mutex);
 
         const LockStack &lock_stack =
             lockdata.m_lock_stacks[std::this_thread::get_id()];
         if (!lock_stack.empty()) {
             const auto &lastlock = lock_stack.back();
             if (lastlock.first == cs) {
                 lockname = lastlock.second.Name();
                 return;
             }
         }
     }
     throw std::system_error(
         EPERM, std::generic_category(),
         strprintf("%s:%s %s was not most recent critical section locked", file,
                   line, guardname));
 }
 
 void LeaveCritical() {
     pop_lock();
 }
 
 std::string LocksHeld() {
     LockData &lockdata = GetLockData();
     std::lock_guard<std::mutex> lock(lockdata.dd_mutex);
 
     const LockStack &lock_stack =
         lockdata.m_lock_stacks[std::this_thread::get_id()];
     std::string result;
     for (const LockStackItem &i : lock_stack) {
         result += i.second.ToString() + std::string("\n");
     }
     return result;
 }
 
 static bool LockHeld(void *mutex) {
     LockData &lockdata = GetLockData();
     std::lock_guard<std::mutex> lock(lockdata.dd_mutex);
 
     const LockStack &lock_stack =
         lockdata.m_lock_stacks[std::this_thread::get_id()];
     for (const LockStackItem &i : lock_stack) {
         if (i.first == mutex) {
             return true;
         }
     }
 
     return false;
 }
 
 template <typename MutexType>
 void AssertLockHeldInternal(const char *pszName, const char *pszFile, int nLine,
                             MutexType *cs) {
     if (LockHeld(cs)) {
         return;
     }
     tfm::format(std::cerr,
                 "Assertion failed: lock %s not held in %s:%i; locks held:\n%s",
                 pszName, pszFile, nLine, LocksHeld());
     abort();
 }
 template void AssertLockHeldInternal(const char *, const char *, int, Mutex *);
 template void AssertLockHeldInternal(const char *, const char *, int,
                                      RecursiveMutex *);
 
+template <typename MutexType>
 void AssertLockNotHeldInternal(const char *pszName, const char *pszFile,
-                               int nLine, void *cs) {
+                               int nLine, MutexType *cs) {
     if (!LockHeld(cs)) {
         return;
     }
     tfm::format(std::cerr,
                 "Assertion failed: lock %s held in %s:%i; locks held:\n%s",
                 pszName, pszFile, nLine, LocksHeld());
     abort();
 }
+template void AssertLockNotHeldInternal(const char *, const char *, int,
+                                        Mutex *);
+template void AssertLockNotHeldInternal(const char *, const char *, int,
+                                        RecursiveMutex *);
 
 void DeleteLock(void *cs) {
     LockData &lockdata = GetLockData();
     std::lock_guard<std::mutex> lock(lockdata.dd_mutex);
     const LockPair item = std::make_pair(cs, nullptr);
     LockOrders::iterator it = lockdata.lockorders.lower_bound(item);
     while (it != lockdata.lockorders.end() && it->first.first == cs) {
         const LockPair invitem =
             std::make_pair(it->first.second, it->first.first);
         lockdata.invlockorders.erase(invitem);
         lockdata.lockorders.erase(it++);
     }
     InvLockOrders::iterator invit = lockdata.invlockorders.lower_bound(item);
     while (invit != lockdata.invlockorders.end() && invit->first == cs) {
         const LockPair invinvitem = std::make_pair(invit->second, invit->first);
         lockdata.lockorders.erase(invinvitem);
         lockdata.invlockorders.erase(invit++);
     }
 }
 
 bool LockStackEmpty() {
     LockData &lockdata = GetLockData();
     std::lock_guard<std::mutex> lock(lockdata.dd_mutex);
     const auto it = lockdata.m_lock_stacks.find(std::this_thread::get_id());
     if (it == lockdata.m_lock_stacks.end()) {
         return true;
     }
     return it->second.empty();
 }
 
 bool g_debug_lockorder_abort = true;
 
 #endif /* DEBUG_LOCKORDER */
diff --git a/src/sync.h b/src/sync.h
index 62d8a491d..c801cc93d 100644
--- a/src/sync.h
+++ b/src/sync.h
@@ -1,373 +1,378 @@
 // Copyright (c) 2009-2010 Satoshi Nakamoto
 // Copyright (c) 2009-2016 The Bitcoin Core developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #ifndef BITCOIN_SYNC_H
 #define BITCOIN_SYNC_H
 
 #include <threadsafety.h>
 #include <util/macros.h>
 
 #include <condition_variable>
 #include <mutex>
 #include <string>
 #include <thread>
 
 /////////////////////////////////////////////////
 //                                             //
 // THE SIMPLE DEFINITION, EXCLUDING DEBUG CODE //
 //                                             //
 /////////////////////////////////////////////////
 
 /*
 RecursiveMutex mutex;
     std::recursive_mutex mutex;
 
 LOCK(mutex);
     std::unique_lock<std::recursive_mutex> criticalblock(mutex);
 
 LOCK2(mutex1, mutex2);
     std::unique_lock<std::recursive_mutex> criticalblock1(mutex1);
     std::unique_lock<std::recursive_mutex> criticalblock2(mutex2);
 
 TRY_LOCK(mutex, name);
     std::unique_lock<std::recursive_mutex> name(mutex, std::try_to_lock_t);
 
 ENTER_CRITICAL_SECTION(mutex); // no RAII
     mutex.lock();
 
 LEAVE_CRITICAL_SECTION(mutex); // no RAII
     mutex.unlock();
  */
 
 ///////////////////////////////
 //                           //
 // THE ACTUAL IMPLEMENTATION //
 //                           //
 ///////////////////////////////
 
 #ifdef DEBUG_LOCKORDER
 void EnterCritical(const char *pszName, const char *pszFile, int nLine,
                    void *cs, bool fTry = false);
 void LeaveCritical();
 void CheckLastCritical(void *cs, std::string &lockname, const char *guardname,
                        const char *file, int line);
 std::string LocksHeld();
 template <typename MutexType>
 void AssertLockHeldInternal(const char *pszName, const char *pszFile, int nLine,
-                            MutexType *cs);
+                            MutexType *cs) EXCLUSIVE_LOCKS_REQUIRED(cs);
+template <typename MutexType>
 void AssertLockNotHeldInternal(const char *pszName, const char *pszFile,
-                               int nLine, void *cs);
+                               int nLine, MutexType *cs)
+    EXCLUSIVE_LOCKS_REQUIRED(!cs);
 void DeleteLock(void *cs);
 bool LockStackEmpty();
 
 /**
  * Call abort() if a potential lock order deadlock bug is detected, instead of
  * just logging information and throwing a logic_error. Defaults to true, and
  * set to false in DEBUG_LOCKORDER unit tests.
  */
 extern bool g_debug_lockorder_abort;
 #else
 inline void EnterCritical(const char *pszName, const char *pszFile, int nLine,
                           void *cs, bool fTry = false) {}
 inline void LeaveCritical() {}
 inline void CheckLastCritical(void *cs, std::string &lockname,
                               const char *guardname, const char *file,
                               int line) {}
 template <typename MutexType>
 inline void AssertLockHeldInternal(const char *pszName, const char *pszFile,
-                                   int nLine, MutexType *cs) {}
-inline void AssertLockNotHeldInternal(const char *pszName, const char *pszFile,
-                                      int nLine, void *cs) {}
+                                   int nLine, MutexType *cs)
+    EXCLUSIVE_LOCKS_REQUIRED(cs) {}
+template <typename MutexType>
+void AssertLockNotHeldInternal(const char *pszName, const char *pszFile,
+                               int nLine, MutexType *cs)
+    EXCLUSIVE_LOCKS_REQUIRED(!cs) {}
 inline void DeleteLock(void *cs) {}
 inline bool LockStackEmpty() {
     return true;
 }
 #endif
 #define AssertLockHeld(cs) AssertLockHeldInternal(#cs, __FILE__, __LINE__, &cs)
 #define AssertLockNotHeld(cs)                                                  \
     AssertLockNotHeldInternal(#cs, __FILE__, __LINE__, &cs)
 
 /**
  * Template mixin that adds -Wthread-safety locking annotations and lock order
  * checking to a subset of the mutex API.
  */
 template <typename PARENT> class LOCKABLE AnnotatedMixin : public PARENT {
 public:
     ~AnnotatedMixin() { DeleteLock((void *)this); }
 
     void lock() EXCLUSIVE_LOCK_FUNCTION() { PARENT::lock(); }
 
     void unlock() UNLOCK_FUNCTION() { PARENT::unlock(); }
 
     bool try_lock() EXCLUSIVE_TRYLOCK_FUNCTION(true) {
         return PARENT::try_lock();
     }
 
     using UniqueLock = std::unique_lock<PARENT>;
 #ifdef __clang__
     //! For negative capabilities in the Clang Thread Safety Analysis.
     //! A negative requirement uses the EXCLUSIVE_LOCKS_REQUIRED attribute, in
     //! conjunction with the ! operator, to indicate that a mutex should not be
     //! held.
     const AnnotatedMixin &operator!() const { return *this; }
 #endif // __clang__
 };
 
 /**
  * Wrapped mutex: supports recursive locking, but no waiting
  * TODO: We should move away from using the recursive lock by default.
  */
 using RecursiveMutex = AnnotatedMixin<std::recursive_mutex>;
 
 /** Wrapped mutex: supports waiting but not recursive locking */
 typedef AnnotatedMixin<std::mutex> Mutex;
 
 #ifdef DEBUG_LOCKCONTENTION
 void PrintLockContention(const char *pszName, const char *pszFile, int nLine);
 #endif
 
 /** Wrapper around std::unique_lock style lock for Mutex. */
 template <typename Mutex, typename Base = typename Mutex::UniqueLock>
 class SCOPED_LOCKABLE UniqueLock : public Base {
 private:
     void Enter(const char *pszName, const char *pszFile, int nLine) {
         EnterCritical(pszName, pszFile, nLine, (void *)(Base::mutex()));
 #ifdef DEBUG_LOCKCONTENTION
         if (!Base::try_lock()) {
             PrintLockContention(pszName, pszFile, nLine);
 #endif
             Base::lock();
 #ifdef DEBUG_LOCKCONTENTION
         }
 #endif
     }
 
     bool TryEnter(const char *pszName, const char *pszFile, int nLine) {
         EnterCritical(pszName, pszFile, nLine, (void *)(Base::mutex()), true);
         Base::try_lock();
         if (!Base::owns_lock()) {
             LeaveCritical();
         }
         return Base::owns_lock();
     }
 
 public:
     UniqueLock(Mutex &mutexIn, const char *pszName, const char *pszFile,
                int nLine, bool fTry = false) EXCLUSIVE_LOCK_FUNCTION(mutexIn)
         : Base(mutexIn, std::defer_lock) {
         if (fTry) {
             TryEnter(pszName, pszFile, nLine);
         } else {
             Enter(pszName, pszFile, nLine);
         }
     }
 
     UniqueLock(Mutex *pmutexIn, const char *pszName, const char *pszFile,
                int nLine, bool fTry = false) EXCLUSIVE_LOCK_FUNCTION(pmutexIn) {
         if (!pmutexIn) {
             return;
         }
 
         *static_cast<Base *>(this) = Base(*pmutexIn, std::defer_lock);
         if (fTry) {
             TryEnter(pszName, pszFile, nLine);
         } else {
             Enter(pszName, pszFile, nLine);
         }
     }
 
     ~UniqueLock() UNLOCK_FUNCTION() {
         if (Base::owns_lock()) {
             LeaveCritical();
         }
     }
 
     operator bool() { return Base::owns_lock(); }
 
 protected:
     // needed for reverse_lock
     UniqueLock() {}
 
 public:
     /**
      * An RAII-style reverse lock. Unlocks on construction and locks on
      * destruction.
      */
     class reverse_lock {
     public:
         explicit reverse_lock(UniqueLock &_lock, const char *_guardname,
                               const char *_file, int _line)
             : lock(_lock), file(_file), line(_line) {
             CheckLastCritical((void *)lock.mutex(), lockname, _guardname, _file,
                               _line);
             lock.unlock();
             LeaveCritical();
             lock.swap(templock);
         }
 
         ~reverse_lock() {
             templock.swap(lock);
             EnterCritical(lockname.c_str(), file.c_str(), line,
                           (void *)lock.mutex());
             lock.lock();
         }
 
     private:
         reverse_lock(reverse_lock const &);
         reverse_lock &operator=(reverse_lock const &);
 
         UniqueLock &lock;
         UniqueLock templock;
         std::string lockname;
         const std::string file;
         const int line;
     };
     friend class reverse_lock;
 };
 
 #define REVERSE_LOCK(g)                                                        \
     typename std::decay<decltype(g)>::type::reverse_lock PASTE2(               \
         revlock, __COUNTER__)(g, #g, __FILE__, __LINE__)
 
 template <typename MutexArg>
 using DebugLock = UniqueLock<typename std::remove_reference<
     typename std::remove_pointer<MutexArg>::type>::type>;
 
 #define LOCK(cs)                                                               \
     DebugLock<decltype(cs)> PASTE2(criticalblock,                              \
                                    __COUNTER__)(cs, #cs, __FILE__, __LINE__)
 #define LOCK2(cs1, cs2)                                                        \
     DebugLock<decltype(cs1)> criticalblock1(cs1, #cs1, __FILE__, __LINE__);    \
     DebugLock<decltype(cs2)> criticalblock2(cs2, #cs2, __FILE__, __LINE__);
 #define TRY_LOCK(cs, name)                                                     \
     DebugLock<decltype(cs)> name(cs, #cs, __FILE__, __LINE__, true)
 #define WAIT_LOCK(cs, name)                                                    \
     DebugLock<decltype(cs)> name(cs, #cs, __FILE__, __LINE__)
 
 #define ENTER_CRITICAL_SECTION(cs)                                             \
     {                                                                          \
         EnterCritical(#cs, __FILE__, __LINE__, (void *)(&cs));                 \
         (cs).lock();                                                           \
     }
 
 #define LEAVE_CRITICAL_SECTION(cs)                                             \
     {                                                                          \
         (cs).unlock();                                                         \
         LeaveCritical();                                                       \
     }
 
 //! Run code while locking a mutex.
 //!
 //! Examples:
 //!
 //!   WITH_LOCK(cs, shared_val = shared_val + 1);
 //!
 //!   int val = WITH_LOCK(cs, return shared_val);
 //!
 #define WITH_LOCK(cs, code)                                                    \
     [&] {                                                                      \
         LOCK(cs);                                                              \
         code;                                                                  \
     }()
 
 class CSemaphore {
 private:
     std::condition_variable condition;
     std::mutex mutex;
     int value;
 
 public:
     explicit CSemaphore(int init) : value(init) {}
 
     void wait() {
         std::unique_lock<std::mutex> lock(mutex);
         condition.wait(lock, [&]() { return value >= 1; });
         value--;
     }
 
     bool try_wait() {
         std::lock_guard<std::mutex> lock(mutex);
         if (value < 1) {
             return false;
         }
         value--;
         return true;
     }
 
     void post() {
         {
             std::lock_guard<std::mutex> lock(mutex);
             value++;
         }
         condition.notify_one();
     }
 };
 
 /** RAII-style semaphore lock */
 class CSemaphoreGrant {
 private:
     CSemaphore *sem;
     bool fHaveGrant;
 
 public:
     void Acquire() {
         if (fHaveGrant) {
             return;
         }
         sem->wait();
         fHaveGrant = true;
     }
 
     void Release() {
         if (!fHaveGrant) {
             return;
         }
         sem->post();
         fHaveGrant = false;
     }
 
     bool TryAcquire() {
         if (!fHaveGrant && sem->try_wait()) {
             fHaveGrant = true;
         }
         return fHaveGrant;
     }
 
     void MoveTo(CSemaphoreGrant &grant) {
         grant.Release();
         grant.sem = sem;
         grant.fHaveGrant = fHaveGrant;
         fHaveGrant = false;
     }
 
     CSemaphoreGrant() : sem(nullptr), fHaveGrant(false) {}
 
     explicit CSemaphoreGrant(CSemaphore &sema, bool fTry = false)
         : sem(&sema), fHaveGrant(false) {
         if (fTry) {
             TryAcquire();
         } else {
             Acquire();
         }
     }
 
     ~CSemaphoreGrant() { Release(); }
 
     operator bool() const { return fHaveGrant; }
 };
 
 // Utility class for indicating to compiler thread analysis that a mutex is
 // locked (when it couldn't be determined otherwise).
 struct SCOPED_LOCKABLE LockAssertion {
     template <typename Mutex>
     explicit LockAssertion(Mutex &mutex) EXCLUSIVE_LOCK_FUNCTION(mutex) {
 #ifdef DEBUG_LOCKORDER
         AssertLockHeld(mutex);
 #endif
     }
     ~LockAssertion() UNLOCK_FUNCTION() {}
 };
 
 #endif // BITCOIN_SYNC_H
diff --git a/src/validation.h b/src/validation.h
index 849bb6bbe..0df7839fa 100644
--- a/src/validation.h
+++ b/src/validation.h
@@ -1,1317 +1,1318 @@
 // Copyright (c) 2009-2010 Satoshi Nakamoto
 // Copyright (c) 2009-2019 The Bitcoin Core developers
 // Copyright (c) 2017-2020 The Bitcoin developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #ifndef BITCOIN_VALIDATION_H
 #define BITCOIN_VALIDATION_H
 
 #if defined(HAVE_CONFIG_H)
 #include <config/bitcoin-config.h>
 #endif
 
 #include <amount.h>
 #include <blockfileinfo.h>
 #include <blockindexworkcomparator.h>
 #include <coins.h>
 #include <consensus/consensus.h>
 #include <disconnectresult.h>
 #include <flatfile.h>
 #include <fs.h>
 #include <protocol.h> // For CMessageHeader::MessageMagic
 #include <script/script_error.h>
 #include <script/script_metrics.h>
 #include <sync.h>
 #include <txdb.h>
 #include <txmempool.h> // For CTxMemPool::cs
 #include <versionbits.h>
 
 #include <atomic>
 #include <cstdint>
 #include <map>
 #include <memory>
 #include <optional>
 #include <set>
 #include <string>
 #include <utility>
 #include <vector>
 
 class BlockValidationState;
 class CBlockIndex;
 class CBlockTreeDB;
 class CBlockUndo;
 class CChainParams;
 class CChain;
 class CChainState;
 class CConnman;
 class CInv;
 class ChainstateManager;
 class Config;
 class CScriptCheck;
 class CTxMemPool;
 class CTxUndo;
 class DisconnectedBlockTransactions;
 class TxValidationState;
 
 struct ChainTxData;
 struct FlatFilePos;
 struct PrecomputedTransactionData;
 struct LockPoints;
 
 namespace Consensus {
 struct Params;
 }
 
 #define MIN_TRANSACTION_SIZE                                                   \
     (::GetSerializeSize(CTransaction(), PROTOCOL_VERSION))
 
 /** Default for -minrelaytxfee, minimum relay fee for transactions */
 static const Amount DEFAULT_MIN_RELAY_TX_FEE_PER_KB(1000 * SATOSHI);
 /** Default for -excessutxocharge for transactions transactions */
 static const Amount DEFAULT_UTXO_FEE = Amount::zero();
 /**
  * Default for -mempoolexpiry, expiration time for mempool transactions in
  * hours.
  */
 static const unsigned int DEFAULT_MEMPOOL_EXPIRY = 336;
 /** The maximum size of a blk?????.dat file (since 0.8) */
 static const unsigned int MAX_BLOCKFILE_SIZE = 0x8000000; // 128 MiB
 /** Maximum number of dedicated script-checking threads allowed */
 static const int MAX_SCRIPTCHECK_THREADS = 15;
 /** -par default (number of script-checking threads, 0 = auto) */
 static const int DEFAULT_SCRIPTCHECK_THREADS = 0;
 static const int64_t DEFAULT_MAX_TIP_AGE = 24 * 60 * 60;
 static const bool DEFAULT_CHECKPOINTS_ENABLED = true;
 static const bool DEFAULT_TXINDEX = false;
 static const char *const DEFAULT_BLOCKFILTERINDEX = "0";
 
 /** Default for -persistmempool */
 static const bool DEFAULT_PERSIST_MEMPOOL = true;
 /** Default for using fee filter */
 static const bool DEFAULT_FEEFILTER = true;
 
 static const bool DEFAULT_PEERBLOOMFILTERS = true;
 
 /** Default for -stopatheight */
 static const int DEFAULT_STOPATHEIGHT = 0;
 /** Default for -maxreorgdepth */
 static const int DEFAULT_MAX_REORG_DEPTH = 10;
 /**
  * Default for -finalizationdelay
  * This is the minimum time between a block header reception and the block
  * finalization.
  * This value should be >> block propagation and validation time
  */
 static const int64_t DEFAULT_MIN_FINALIZATION_DELAY = 2 * 60 * 60;
 /**
  * Block files containing a block-height within MIN_BLOCKS_TO_KEEP of
  * ::ChainActive().Tip() will not be pruned.
  */
 static const unsigned int MIN_BLOCKS_TO_KEEP = 288;
 static const signed int DEFAULT_CHECKBLOCKS = 6;
 static const unsigned int DEFAULT_CHECKLEVEL = 3;
 /**
  * Require that user allocate at least 550 MiB for block & undo files
  * (blk???.dat and rev???.dat)
  * At 1MB per block, 288 blocks = 288MB.
  * Add 15% for Undo data = 331MB
  * Add 20% for Orphan block rate = 397MB
  * We want the low water mark after pruning to be at least 397 MB and since we
  * prune in full block file chunks, we need the high water mark which triggers
  * the prune to be one 128MB block file + added 15% undo data = 147MB greater
  * for a total of 545MB
  * Setting the target to >= 550 MiB will make it likely we can respect the
  * target.
  */
 static const uint64_t MIN_DISK_SPACE_FOR_BLOCK_FILES = 550 * 1024 * 1024;
 
 /** Current sync state passed to tip changed callbacks. */
 enum class SynchronizationState { INIT_REINDEX, INIT_DOWNLOAD, POST_INIT };
 
 extern RecursiveMutex cs_main;
 typedef std::unordered_map<BlockHash, CBlockIndex *, BlockHasher> BlockMap;
 extern Mutex g_best_block_mutex;
 extern std::condition_variable g_best_block_cv;
 extern uint256 g_best_block;
 extern std::atomic_bool fImporting;
 extern std::atomic_bool fReindex;
 extern bool fRequireStandard;
 extern bool fCheckBlockIndex;
 extern bool fCheckpointsEnabled;
 
 /**
  * A fee rate smaller than this is considered zero fee (for relaying, mining and
  * transaction creation)
  */
 extern CFeeRate minRelayTxFee;
 /**
  * If the tip is older than this (in seconds), the node is considered to be in
  * initial block download.
  */
 extern int64_t nMaxTipAge;
 
 /**
  * Block hash whose ancestors we will assume to have valid scripts without
  * checking them.
  */
 extern BlockHash hashAssumeValid;
 
 /**
  * Minimum work we will assume exists on some valid chain.
  */
 extern arith_uint256 nMinimumChainWork;
 
 /**
  * Best header we've seen so far (used for getheaders queries' starting points).
  */
 extern CBlockIndex *pindexBestHeader;
 
 /** Pruning-related variables and constants */
 /** True if any block files have ever been pruned. */
 extern bool fHavePruned;
 /** True if we're running in -prune mode. */
 extern bool fPruneMode;
 /** Number of MiB of block files that we're trying to stay below. */
 extern uint64_t nPruneTarget;
 /** Documentation for argument 'checklevel'. */
 extern const std::vector<std::string> CHECKLEVEL_DOC;
 
 class BlockValidationOptions {
 private:
     uint64_t excessiveBlockSize;
     bool checkPoW : 1;
     bool checkMerkleRoot : 1;
 
 public:
     // Do full validation by default
     explicit BlockValidationOptions(const Config &config);
     explicit BlockValidationOptions(uint64_t _excessiveBlockSize,
                                     bool _checkPow = true,
                                     bool _checkMerkleRoot = true)
         : excessiveBlockSize(_excessiveBlockSize), checkPoW(_checkPow),
           checkMerkleRoot(_checkMerkleRoot) {}
 
     BlockValidationOptions withCheckPoW(bool _checkPoW = true) const {
         BlockValidationOptions ret = *this;
         ret.checkPoW = _checkPoW;
         return ret;
     }
 
     BlockValidationOptions
     withCheckMerkleRoot(bool _checkMerkleRoot = true) const {
         BlockValidationOptions ret = *this;
         ret.checkMerkleRoot = _checkMerkleRoot;
         return ret;
     }
 
     bool shouldValidatePoW() const { return checkPoW; }
     bool shouldValidateMerkleRoot() const { return checkMerkleRoot; }
     uint64_t getExcessiveBlockSize() const { return excessiveBlockSize; }
 };
 
 /**
  * Import blocks from an external file.
  */
 void LoadExternalBlockFile(const Config &config, FILE *fileIn,
                            FlatFilePos *dbp = nullptr);
 
 /**
  * Ensures we have a genesis block in the block tree, possibly writing one to
  * disk.
  */
 bool LoadGenesisBlock(const CChainParams &chainparams);
 
 /**
  * Unload database information.
  */
 void UnloadBlockIndex(CTxMemPool *mempool, ChainstateManager &chainman);
 
 /**
  * Run an instance of the script checking thread.
  */
 void ThreadScriptCheck(int worker_num);
 
 /**
  * Return transaction from the block at block_index.
  * If block_index is not provided, fall back to mempool.
  * If mempool is not provided or the tx couldn't be found in mempool, fall back
  * to g_txindex.
  *
  * @param[in]  block_index     The block to read from disk, or nullptr
  * @param[in]  mempool         If block_index is not provided, look in the
  *                             mempool, if provided
  * @param[in]  txid            The txid
  * @param[in]  consensusParams The params
  * @param[out] hashBlock       The hash of block_index, if the tx was found via
  *                             block_index
  * @returns                    The tx if found, otherwise nullptr
  */
 CTransactionRef GetTransaction(const CBlockIndex *const block_index,
                                const CTxMemPool *const mempool,
                                const TxId &txid,
                                const Consensus::Params &consensusParams,
                                BlockHash &hashBlock);
 /**
  * Find the best known block, and make it the tip of the block chain
  *
  * May not be called with cs_main held. May not be called in a
  * validationinterface callback.
  */
 bool ActivateBestChain(
     const Config &config, BlockValidationState &state,
     std::shared_ptr<const CBlock> pblock = std::shared_ptr<const CBlock>());
 Amount GetBlockSubsidy(int nHeight, const Consensus::Params &consensusParams);
 
 /**
  * Guess verification progress (as a fraction between 0.0=genesis and
  * 1.0=current tip).
  */
 double GuessVerificationProgress(const ChainTxData &data,
                                  const CBlockIndex *pindex);
 
 /**
  * Calculate the amount of disk space the block & undo files currently use.
  */
 uint64_t CalculateCurrentUsage();
 
 /**
  * Actually unlink the specified files
  */
 void UnlinkPrunedFiles(const std::set<int> &setFilesToPrune);
 
 /** Prune block files up to a given height */
 void PruneBlockFilesManual(int nManualPruneHeight);
 
 /**
  * (try to) add transaction to memory pool
  */
 bool AcceptToMemoryPool(const Config &config, CTxMemPool &pool,
                         TxValidationState &state, const CTransactionRef &tx,
                         bool bypass_limits, const Amount nAbsurdFee,
                         bool test_accept = false)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /**
  * Simple class for regulating resource usage during CheckInputScripts (and
  * CScriptCheck), atomic so as to be compatible with parallel validation.
  */
 class CheckInputsLimiter {
 protected:
     std::atomic<int64_t> remaining;
 
 public:
     explicit CheckInputsLimiter(int64_t limit) : remaining(limit) {}
 
     bool consume_and_check(int consumed) {
         auto newvalue = (remaining -= consumed);
         return newvalue >= 0;
     }
 
     bool check() { return remaining >= 0; }
 };
 
 class TxSigCheckLimiter : public CheckInputsLimiter {
 public:
     TxSigCheckLimiter() : CheckInputsLimiter(MAX_TX_SIGCHECKS) {}
 
     // Let's make this bad boy copiable.
     TxSigCheckLimiter(const TxSigCheckLimiter &rhs)
         : CheckInputsLimiter(rhs.remaining.load()) {}
 
     TxSigCheckLimiter &operator=(const TxSigCheckLimiter &rhs) {
         remaining = rhs.remaining.load();
         return *this;
     }
 
     static TxSigCheckLimiter getDisabled() {
         TxSigCheckLimiter txLimiter;
         // Historically, there has not been a transaction with more than 20k sig
         // checks on testnet or mainnet, so this effectively disable sigchecks.
         txLimiter.remaining = 20000;
         return txLimiter;
     }
 };
 
 class ConnectTrace;
 
 /**
  * Check whether all of this transaction's input scripts succeed.
  *
  * This involves ECDSA signature checks so can be computationally intensive.
  * This function should only be called after the cheap sanity checks in
  * CheckTxInputs passed.
  *
  * If pvChecks is not nullptr, script checks are pushed onto it instead of being
  * performed inline. Any script checks which are not necessary (eg due to script
  * execution cache hits) are, obviously, not pushed onto pvChecks/run.
  *
  * Upon success nSigChecksOut will be filled in with either:
  * - correct total for all inputs, or,
  * - 0, in the case when checks were pushed onto pvChecks (i.e., a cache miss
  * with pvChecks non-null), in which case the total can be found by executing
  * pvChecks and adding the results.
  *
  * Setting sigCacheStore/scriptCacheStore to false will remove elements from the
  * corresponding cache which are matched. This is useful for checking blocks
  * where we will likely never need the cache entry again.
  *
  * pLimitSigChecks can be passed to limit the sigchecks count either in parallel
  * or serial validation. With pvChecks null (serial validation), breaking the
  * pLimitSigChecks limit will abort evaluation early and return false. With
  * pvChecks not-null (parallel validation): the cached nSigChecks may itself
  * break the limit in which case false is returned, OR, each entry in the
  * returned pvChecks must be executed exactly once in order to probe the limit
  * accurately.
  */
 bool CheckInputScripts(const CTransaction &tx, TxValidationState &state,
                        const CCoinsViewCache &view, const uint32_t flags,
                        bool sigCacheStore, bool scriptCacheStore,
                        const PrecomputedTransactionData &txdata,
                        int &nSigChecksOut, TxSigCheckLimiter &txLimitSigChecks,
                        CheckInputsLimiter *pBlockLimitSigChecks,
                        std::vector<CScriptCheck> *pvChecks)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /**
  * Handy shortcut to full fledged CheckInputScripts call.
  */
 static inline bool
 CheckInputScripts(const CTransaction &tx, TxValidationState &state,
                   const CCoinsViewCache &view, const uint32_t flags,
                   bool sigCacheStore, bool scriptCacheStore,
                   const PrecomputedTransactionData &txdata, int &nSigChecksOut)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
     TxSigCheckLimiter nSigChecksTxLimiter;
     return CheckInputScripts(tx, state, view, flags, sigCacheStore,
                              scriptCacheStore, txdata, nSigChecksOut,
                              nSigChecksTxLimiter, nullptr, nullptr);
 }
 
 /** Get the BIP9 state for a given deployment at the current tip. */
 ThresholdState VersionBitsTipState(const Consensus::Params &params,
                                    Consensus::DeploymentPos pos);
 
 /** Get the BIP9 state for a given deployment at a given block. */
 ThresholdState VersionBitsBlockState(const Consensus::Params &params,
                                      Consensus::DeploymentPos pos,
                                      const CBlockIndex *pindex);
 
 /**
  * Get the numerical statistics for the BIP9 state for a given deployment at the
  * current tip.
  */
 BIP9Stats VersionBitsTipStatistics(const Consensus::Params &params,
                                    Consensus::DeploymentPos pos);
 
 /**
  * Get the block height at which the BIP9 deployment switched into the state for
  * the block building on the current tip.
  */
 int VersionBitsTipStateSinceHeight(const Consensus::Params &params,
                                    Consensus::DeploymentPos pos);
 
 /** Apply the effects of this transaction on the UTXO set represented by view */
 void UpdateCoins(const CTransaction &tx, CCoinsViewCache &inputs, int nHeight);
 
 /**
  * Mark all the coins corresponding to a given transaction inputs as spent.
  */
 void SpendCoins(CCoinsViewCache &view, const CTransaction &tx, CTxUndo &txundo,
                 int nHeight);
 
 /**
  * Apply the effects of this transaction on the UTXO set represented by view.
  */
 void UpdateCoins(CCoinsViewCache &view, const CTransaction &tx, int nHeight);
 void UpdateCoins(CCoinsViewCache &view, const CTransaction &tx, CTxUndo &txundo,
                  int nHeight);
 
 /**
  * Test whether the LockPoints height and time are still valid on the current
  * chain.
  */
 bool TestLockPointValidity(const LockPoints *lp)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /**
  * Check if transaction will be BIP 68 final in the next block to be created.
  *
  * Simulates calling SequenceLocks() with data from the tip of the current
  * active chain. Optionally stores in LockPoints the resulting height and time
  * calculated and the hash of the block needed for calculation or skips the
  * calculation and uses the LockPoints passed in for evaluation. The LockPoints
  * should not be considered valid if CheckSequenceLocks returns false.
  *
  * See consensus/consensus.h for flag definitions.
  */
 bool CheckSequenceLocks(const CTxMemPool &pool, const CTransaction &tx,
                         int flags, LockPoints *lp = nullptr,
                         bool useExistingLockPoints = false)
-    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+    EXCLUSIVE_LOCKS_REQUIRED(::cs_main, pool.cs);
 
 /**
  * Closure representing one script verification.
  * Note that this stores references to the spending transaction.
  *
  * Note that if pLimitSigChecks is passed, then failure does not imply that
  * scripts have failed.
  */
 class CScriptCheck {
 private:
     CTxOut m_tx_out;
     const CTransaction *ptxTo;
     unsigned int nIn;
     uint32_t nFlags;
     bool cacheStore;
     ScriptError error;
     ScriptExecutionMetrics metrics;
     PrecomputedTransactionData txdata;
     TxSigCheckLimiter *pTxLimitSigChecks;
     CheckInputsLimiter *pBlockLimitSigChecks;
 
 public:
     CScriptCheck()
         : ptxTo(nullptr), nIn(0), nFlags(0), cacheStore(false),
           error(ScriptError::UNKNOWN), txdata(), pTxLimitSigChecks(nullptr),
           pBlockLimitSigChecks(nullptr) {}
 
     CScriptCheck(const CTxOut &outIn, const CTransaction &txToIn,
                  unsigned int nInIn, uint32_t nFlagsIn, bool cacheIn,
                  const PrecomputedTransactionData &txdataIn,
                  TxSigCheckLimiter *pTxLimitSigChecksIn = nullptr,
                  CheckInputsLimiter *pBlockLimitSigChecksIn = nullptr)
         : m_tx_out(outIn), ptxTo(&txToIn), nIn(nInIn), nFlags(nFlagsIn),
           cacheStore(cacheIn), error(ScriptError::UNKNOWN), txdata(txdataIn),
           pTxLimitSigChecks(pTxLimitSigChecksIn),
           pBlockLimitSigChecks(pBlockLimitSigChecksIn) {}
 
     bool operator()();
 
     void swap(CScriptCheck &check) {
         std::swap(ptxTo, check.ptxTo);
         std::swap(m_tx_out, check.m_tx_out);
         std::swap(nIn, check.nIn);
         std::swap(nFlags, check.nFlags);
         std::swap(cacheStore, check.cacheStore);
         std::swap(error, check.error);
         std::swap(metrics, check.metrics);
         std::swap(txdata, check.txdata);
         std::swap(pTxLimitSigChecks, check.pTxLimitSigChecks);
         std::swap(pBlockLimitSigChecks, check.pBlockLimitSigChecks);
     }
 
     ScriptError GetScriptError() const { return error; }
 
     ScriptExecutionMetrics GetScriptExecutionMetrics() const { return metrics; }
 };
 
 bool UndoReadFromDisk(CBlockUndo &blockundo, const CBlockIndex *pindex);
 
 /** Functions for validating blocks and updating the block tree */
 
 /**
  * Context-independent validity checks.
  *
  * Returns true if the provided block is valid (has valid header,
  * transactions are valid, block is a valid size, etc.)
  */
 bool CheckBlock(const CBlock &block, BlockValidationState &state,
                 const Consensus::Params &params,
                 BlockValidationOptions validationOptions);
 
 /**
  * This is a variant of ContextualCheckTransaction which computes the contextual
  * check for a transaction based on the chain tip.
  *
  * See consensus/consensus.h for flag definitions.
  */
 bool ContextualCheckTransactionForCurrentBlock(const Consensus::Params &params,
                                                const CTransaction &tx,
                                                TxValidationState &state,
-                                               int flags = -1);
+                                               int flags = -1)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /**
  * Check a block is completely valid from start to finish (only works on top of
  * our current best block)
  */
 bool TestBlockValidity(BlockValidationState &state, const CChainParams &params,
                        const CBlock &block, CBlockIndex *pindexPrev,
                        BlockValidationOptions validationOptions)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /**
  * RAII wrapper for VerifyDB: Verify consistency of the block and coin
  * databases.
  */
 class CVerifyDB {
 public:
     CVerifyDB();
     ~CVerifyDB();
     bool VerifyDB(const Config &config, CCoinsView *coinsview, int nCheckLevel,
                   int nCheckDepth);
 };
 
 CBlockIndex *LookupBlockIndex(const BlockHash &hash)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /** Find the last common block between the parameter chain and a locator. */
 CBlockIndex *FindForkInGlobalIndex(const CChain &chain,
                                    const CBlockLocator &locator)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /** @see CChainState::FlushStateToDisk */
 enum class FlushStateMode { NONE, IF_NEEDED, PERIODIC, ALWAYS };
 
 /** Global variable that points to the active CCoinsView (protected by cs_main)
  */
 extern std::unique_ptr<CCoinsViewCache> pcoinsTip;
 
 /**
  * Maintains a tree of blocks (stored in `m_block_index`) which is consulted
  * to determine where the most-work tip is.
  *
  * This data is used mostly in `CChainState` - information about, e.g.,
  * candidate tips is not maintained here.
  */
 class BlockManager {
     friend CChainState;
 
 private:
     /**
      * Calculate the block/rev files to delete based on height specified
      * by user with RPC command pruneblockchain
      */
     void FindFilesToPruneManual(std::set<int> &setFilesToPrune,
                                 int nManualPruneHeight, int chain_tip_height);
 
     /**
      * Prune block and undo files (blk???.dat and undo???.dat) so that the disk
      * space used is less than a user-defined target. The user sets the target
      * (in MB) on the command line or in config file.  This will be run on
      * startup and whenever new space is allocated in a block or undo file,
      * staying below the target. Changing back to unpruned requires a reindex
      * (which in this case means the blockchain must be re-downloaded.)
      *
      * Pruning functions are called from FlushStateToDisk when the global
      * fCheckForPruning flag has been set. Block and undo files are deleted in
      * lock-step (when blk00003.dat is deleted, so is rev00003.dat.) Pruning
      * cannot take place until the longest chain is at least a certain length
      * (100000 on mainnet, 1000 on testnet, 1000 on regtest). Pruning will never
      * delete a block within a defined distance (currently 288) from the active
      * chain's tip. The block index is updated by unsetting HAVE_DATA and
      * HAVE_UNDO for any blocks that were stored in the deleted files. A db flag
      * records the fact that at least some block files have been pruned.
      *
      * @param[out]   setFilesToPrune   The set of file indices that can be
      *                                 unlinked will be returned
      */
     void FindFilesToPrune(std::set<int> &setFilesToPrune,
                           uint64_t nPruneAfterHeight, int chain_tip_height,
                           bool is_ibd);
 
 public:
     BlockMap m_block_index GUARDED_BY(cs_main);
 
     /**
      * In order to efficiently track invalidity of headers, we keep the set of
      * blocks which we tried to connect and found to be invalid here (ie which
      * were set to BLOCK_FAILED_VALID since the last restart). We can then
      * walk this set and check if a new header is a descendant of something in
      * this set, preventing us from having to walk m_block_index when we try
      * to connect a bad block and fail.
      *
      * While this is more complicated than marking everything which descends
      * from an invalid block as invalid at the time we discover it to be
      * invalid, doing so would require walking all of m_block_index to find all
      * descendants. Since this case should be very rare, keeping track of all
      * BLOCK_FAILED_VALID blocks in a set should be just fine and work just as
      * well.
      *
      * Because we already walk m_block_index in height-order at startup, we go
      * ahead and mark descendants of invalid blocks as FAILED_CHILD at that
      * time, instead of putting things in this set.
      */
     std::set<CBlockIndex *> m_failed_blocks;
 
     /**
      * All pairs A->B, where A (or one of its ancestors) misses transactions,
      * but B has transactions. Pruned nodes may have entries where B is missing
      * data.
      */
     std::multimap<CBlockIndex *, CBlockIndex *> m_blocks_unlinked;
 
     /**
      * Load the blocktree off disk and into memory. Populate certain metadata
      * per index entry (nStatus, nChainWork, nTimeMax, etc.) as well as
      * peripheral collections like setDirtyBlockIndex.
      *
      * @param[out] block_index_candidates  Fill this set with any valid blocks
      * for which we've downloaded all transactions.
      */
     bool LoadBlockIndex(const Consensus::Params &consensus_params,
                         CBlockTreeDB &blocktree,
                         std::set<CBlockIndex *, CBlockIndexWorkComparator>
                             &block_index_candidates)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     /** Clear all data members. */
     void Unload() EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     CBlockIndex *AddToBlockIndex(const CBlockHeader &block)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     /** Create a new block index entry for a given block hash */
     CBlockIndex *InsertBlockIndex(const BlockHash &hash)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     //! Mark one block file as pruned (modify associated database entries)
     void PruneOneBlockFile(const int fileNumber)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     /**
      * If a block header hasn't already been seen, call CheckBlockHeader on it,
      * ensure that it doesn't descend from an invalid block, and then add it to
      * m_block_index.
      */
     bool AcceptBlockHeader(const Config &config, const CBlockHeader &block,
                            BlockValidationState &state, CBlockIndex **ppindex)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     ~BlockManager() { Unload(); }
 };
 
 /**
  * A convenience class for constructing the CCoinsView* hierarchy used
  * to facilitate access to the UTXO set.
  *
  * This class consists of an arrangement of layered CCoinsView objects,
  * preferring to store and retrieve coins in memory via `m_cacheview` but
  * ultimately falling back on cache misses to the canonical store of UTXOs on
  * disk, `m_dbview`.
  */
 class CoinsViews {
 public:
     //! The lowest level of the CoinsViews cache hierarchy sits in a leveldb
     //! database on disk. All unspent coins reside in this store.
     CCoinsViewDB m_dbview GUARDED_BY(cs_main);
 
     //! This view wraps access to the leveldb instance and handles read errors
     //! gracefully.
     CCoinsViewErrorCatcher m_catcherview GUARDED_BY(cs_main);
 
     //! This is the top layer of the cache hierarchy - it keeps as many coins in
     //! memory as can fit per the dbcache setting.
     std::unique_ptr<CCoinsViewCache> m_cacheview GUARDED_BY(cs_main);
 
     //! This constructor initializes CCoinsViewDB and CCoinsViewErrorCatcher
     //! instances, but it *does not* create a CCoinsViewCache instance by
     //! default. This is done separately because the presence of the cache has
     //! implications on whether or not we're allowed to flush the cache's state
     //! to disk, which should not be done until the health of the database is
     //! verified.
     //!
     //! All arguments forwarded onto CCoinsViewDB.
     CoinsViews(std::string ldb_name, size_t cache_size_bytes, bool in_memory,
                bool should_wipe);
 
     //! Initialize the CCoinsViewCache member.
     void InitCache() EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 };
 
 enum class CoinsCacheSizeState {
     //! The coins cache is in immediate need of a flush.
     CRITICAL = 2,
     //! The cache is at >= 90% capacity.
     LARGE = 1,
     OK = 0
 };
 
 /**
  * CChainState stores and provides an API to update our local knowledge of the
  * current best chain.
  *
  * Eventually, the API here is targeted at being exposed externally as a
  * consumable libconsensus library, so any functions added must only call
  * other class member functions, pure functions in other parts of the consensus
  * library, callbacks via the validation interface, or read/write-to-disk
  * functions (eventually this will also be via callbacks).
  *
  * Anything that is contingent on the current tip of the chain is stored here,
  * whereas block information and metadata independent of the current tip is
  * kept in `BlockMetadataManager`.
  */
 class CChainState {
 private:
     /**
      * the ChainState CriticalSection
      * A lock that must be held when modifying this ChainState - held in
      * ActivateBestChain()
      */
     RecursiveMutex m_cs_chainstate;
 
     /**
      * Every received block is assigned a unique and increasing identifier, so
      * we know which one to give priority in case of a fork.
      * Blocks loaded from disk are assigned id 0, so start the counter at 1.
      */
     std::atomic<int32_t> nBlockSequenceId{1};
     /** Decreasing counter (used by subsequent preciousblock calls). */
     int32_t nBlockReverseSequenceId = -1;
     /** chainwork for the last block that preciousblock has been applied to. */
     arith_uint256 nLastPreciousChainwork = 0;
 
     /**
      * Whether this chainstate is undergoing initial block download.
      *
      * Mutable because we need to be able to mark IsInitialBlockDownload()
      * const, which latches this for caching purposes.
      */
     mutable std::atomic<bool> m_cached_finished_ibd{false};
 
     //! Reference to a BlockManager instance which itself is shared across all
     //! CChainState instances. Keeping a local reference allows us to test more
     //! easily as opposed to referencing a global.
     BlockManager &m_blockman;
 
     //! mempool that is kept in sync with the chain
     CTxMemPool &m_mempool;
 
     //! Manages the UTXO set, which is a reflection of the contents of
     //! `m_chain`.
     std::unique_ptr<CoinsViews> m_coins_views;
 
     /**
      * The best finalized block.
      * This block cannot be reorged in any way except by explicit user action.
      */
     const CBlockIndex *m_finalizedBlockIndex GUARDED_BY(cs_main) = nullptr;
 
 public:
     explicit CChainState(CTxMemPool &mempool, BlockManager &blockman,
                          BlockHash from_snapshot_blockhash = BlockHash());
 
     /**
      * Initialize the CoinsViews UTXO set database management data structures.
      * The in-memory cache is initialized separately.
      *
      * All parameters forwarded to CoinsViews.
      */
     void InitCoinsDB(size_t cache_size_bytes, bool in_memory, bool should_wipe,
                      std::string leveldb_name = "chainstate");
 
     //! Initialize the in-memory coins cache (to be done after the health of the
     //! on-disk database is verified).
     void InitCoinsCache(size_t cache_size_bytes)
         EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
     //! @returns whether or not the CoinsViews object has been fully initialized
     //! and we can
     //!          safely flush this object to disk.
     bool CanFlushToDisk() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
         return m_coins_views && m_coins_views->m_cacheview;
     }
 
     //! The current chain of blockheaders we consult and build on.
     //! @see CChain, CBlockIndex.
     CChain m_chain;
 
     /**
      * The blockhash which is the base of the snapshot this chainstate was
      * created from.
      *
      * IsNull() if this chainstate was not created from a snapshot.
      */
     const BlockHash m_from_snapshot_blockhash{};
 
     /**
      * The set of all CBlockIndex entries with BLOCK_VALID_TRANSACTIONS (for
      * itself and all ancestors) and as good as our current tip or better.
      * Entries may be failed, though, and pruning nodes may be missing the data
      * for the block.
      */
     std::set<CBlockIndex *, CBlockIndexWorkComparator> setBlockIndexCandidates;
 
     //! @returns A reference to the in-memory cache of the UTXO set.
     CCoinsViewCache &CoinsTip() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
         assert(m_coins_views->m_cacheview);
         return *m_coins_views->m_cacheview.get();
     }
 
     //! @returns A reference to the on-disk UTXO set database.
     CCoinsViewDB &CoinsDB() { return m_coins_views->m_dbview; }
 
     //! @returns A reference to a wrapped view of the in-memory UTXO set that
     //!     handles disk read errors gracefully.
     CCoinsViewErrorCatcher &CoinsErrorCatcher()
         EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
         return m_coins_views->m_catcherview;
     }
 
     //! Destructs all objects related to accessing the UTXO set.
     void ResetCoinsViews() { m_coins_views.reset(); }
 
     //! The cache size of the on-disk coins view.
     size_t m_coinsdb_cache_size_bytes{0};
 
     //! The cache size of the in-memory coins view.
     size_t m_coinstip_cache_size_bytes{0};
 
     //! Resize the CoinsViews caches dynamically and flush state to disk.
     //! @returns true unless an error occurred during the flush.
     bool ResizeCoinsCaches(size_t coinstip_size, size_t coinsdb_size)
         EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
     /**
      * Update the on-disk chain state.
      * The caches and indexes are flushed depending on the mode we're called
      * with if they're too large, if it's been a while since the last write, or
      * always and in all cases if we're in prune mode and are deleting files.
      *
      * If FlushStateMode::NONE is used, then FlushStateToDisk(...) won't do
      * anything besides checking if we need to prune.
      *
      * @returns true unless a system error occurred
      */
     bool FlushStateToDisk(const CChainParams &chainparams,
                           BlockValidationState &state, FlushStateMode mode,
                           int nManualPruneHeight = 0);
 
     //! Unconditionally flush all changes to disk.
     void ForceFlushStateToDisk();
 
     //! Prune blockfiles from the disk if necessary and then flush chainstate
     //! changes if we pruned.
     void PruneAndFlush();
 
     /**
      * Make the best chain active, in multiple steps. The result is either
      * failure or an activated best chain. pblock is either nullptr or a pointer
      * to a block that is already loaded (to avoid loading it again from disk).
      *
      * ActivateBestChain is split into steps (see ActivateBestChainStep) so that
      * we avoid holding cs_main for an extended period of time; the length of
      * this call may be quite long during reindexing or a substantial reorg.
      *
      * May not be called with cs_main held. May not be called in a
      * validationinterface callback.
      *
      * @returns true unless a system error occurred
      */
     bool ActivateBestChain(
         const Config &config, BlockValidationState &state,
         std::shared_ptr<const CBlock> pblock = std::shared_ptr<const CBlock>())
         LOCKS_EXCLUDED(cs_main);
 
     bool AcceptBlock(const Config &config,
                      const std::shared_ptr<const CBlock> &pblock,
                      BlockValidationState &state, bool fRequested,
                      const FlatFilePos *dbp, bool *fNewBlock)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     // Block (dis)connection on a given view:
     DisconnectResult DisconnectBlock(const CBlock &block,
                                      const CBlockIndex *pindex,
                                      CCoinsViewCache &view);
     bool ConnectBlock(const CBlock &block, BlockValidationState &state,
                       CBlockIndex *pindex, CCoinsViewCache &view,
                       const CChainParams &params,
                       BlockValidationOptions options, bool fJustCheck = false)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     // Block disconnection on our pcoinsTip:
     bool DisconnectTip(const CChainParams &params, BlockValidationState &state,
                        DisconnectedBlockTransactions *disconnectpool)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_mempool.cs);
 
     // Manual block validity manipulation:
     bool PreciousBlock(const Config &config, BlockValidationState &state,
                        CBlockIndex *pindex) LOCKS_EXCLUDED(cs_main);
     /** Mark a block as invalid. */
     bool InvalidateBlock(const Config &config, BlockValidationState &state,
                          CBlockIndex *pindex)
-        LOCKS_EXCLUDED(cs_main, m_cs_chainstate);
+        EXCLUSIVE_LOCKS_REQUIRED(!cs_main, !m_cs_chainstate);
     /** Park a block. */
     bool ParkBlock(const Config &config, BlockValidationState &state,
                    CBlockIndex *pindex)
-        LOCKS_EXCLUDED(cs_main, m_cs_chainstate);
+        EXCLUSIVE_LOCKS_REQUIRED(!cs_main, !m_cs_chainstate);
 
     /**
      * Finalize a block.
      * A finalized block can not be reorged in any way.
      */
     bool FinalizeBlock(const Config &config, BlockValidationState &state,
                        CBlockIndex *pindex)
-        LOCKS_EXCLUDED(cs_main, m_cs_chainstate);
+        EXCLUSIVE_LOCKS_REQUIRED(!cs_main, !m_cs_chainstate);
     /** Return the currently finalized block index. */
     const CBlockIndex *GetFinalizedBlock() const
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     /**
      * Checks if a block is finalized.
      */
     bool IsBlockFinalized(const CBlockIndex *pindex) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     void ResetBlockFailureFlags(CBlockIndex *pindex)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     template <typename F>
     bool UpdateFlagsForBlock(CBlockIndex *pindexBase, CBlockIndex *pindex, F f)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     template <typename F, typename C, typename AC>
     void UpdateFlags(CBlockIndex *pindex, CBlockIndex *&pindexReset, F f,
                      C fChild, AC fAncestorWasChanged)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     /** Remove parked status from a block and its descendants. */
     void UnparkBlockImpl(CBlockIndex *pindex, bool fClearChildren)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     /** Replay blocks that aren't fully applied to the database. */
     bool ReplayBlocks(const Consensus::Params &params);
     bool LoadGenesisBlock(const CChainParams &chainparams);
 
     void PruneBlockIndexCandidates();
 
     void UnloadBlockIndex() EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     /**
      * Check whether we are doing an initial block download (synchronizing from
      * disk or network)
      */
     bool IsInitialBlockDownload() const;
 
     /**
      * Make various assertions about the state of the block index.
      *
      * By default this only executes fully when using the Regtest chain; see:
      * fCheckBlockIndex.
      */
     void CheckBlockIndex(const Consensus::Params &consensusParams);
 
     /** Load the persisted mempool from disk */
     void LoadMempool(const Config &config, const ArgsManager &args);
 
     /** Update the chain tip based on database information, i.e. CoinsTip()'s
      * best block. */
     bool LoadChainTip(const CChainParams &chainparams)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     //! Dictates whether we need to flush the cache to disk or not.
     //!
     //! @return the state of the size of the coins cache.
     CoinsCacheSizeState GetCoinsCacheSizeState(const CTxMemPool *tx_pool)
         EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
     CoinsCacheSizeState GetCoinsCacheSizeState(
         const CTxMemPool *tx_pool, size_t max_coins_cache_size_bytes,
         size_t max_mempool_size_bytes) EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
     std::string ToString() EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
 private:
     bool ActivateBestChainStep(const Config &config,
                                BlockValidationState &state,
                                CBlockIndex *pindexMostWork,
                                const std::shared_ptr<const CBlock> &pblock,
                                bool &fInvalidFound, ConnectTrace &connectTrace)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_mempool.cs);
     bool ConnectTip(const Config &config, BlockValidationState &state,
                     CBlockIndex *pindexNew,
                     const std::shared_ptr<const CBlock> &pblock,
                     ConnectTrace &connectTrace,
                     DisconnectedBlockTransactions &disconnectpool)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_mempool.cs);
     void InvalidBlockFound(CBlockIndex *pindex,
                            const BlockValidationState &state)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     void InvalidChainFound(CBlockIndex *pindexNew)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     CBlockIndex *FindMostWorkChain() EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     bool MarkBlockAsFinal(BlockValidationState &state,
                           const CBlockIndex *pindex)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     void ReceivedBlockTransactions(const CBlock &block, CBlockIndex *pindexNew,
                                    const FlatFilePos &pos)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     bool RollforwardBlock(const CBlockIndex *pindex, CCoinsViewCache &inputs,
                           const Consensus::Params &params)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     bool UnwindBlock(const Config &config, BlockValidationState &state,
                      CBlockIndex *pindex, bool invalidate)
         EXCLUSIVE_LOCKS_REQUIRED(m_cs_chainstate);
 
     friend ChainstateManager;
 };
 
 /**
  * Mark a block as precious and reorganize.
  *
  * May not be called in a validationinterface callback.
  */
 bool PreciousBlock(const Config &config, BlockValidationState &state,
                    CBlockIndex *pindex) LOCKS_EXCLUDED(cs_main);
 
 /** Remove invalidity status from a block and its descendants. */
 void ResetBlockFailureFlags(CBlockIndex *pindex)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /** Remove parked status from a block and its descendants. */
 void UnparkBlockAndChildren(CBlockIndex *pindex)
     EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /** Remove parked status from a block. */
 void UnparkBlock(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
 /**
  * Provides an interface for creating and interacting with one or two
  * chainstates: an IBD chainstate generated by downloading blocks, and
  * an optional snapshot chainstate loaded from a UTXO snapshot. Managed
  * chainstates can be maintained at different heights simultaneously.
  *
  * This class provides abstractions that allow the retrieval of the current
  * most-work chainstate ("Active") as well as chainstates which may be in
  * background use to validate UTXO snapshots.
  *
  * Definitions:
  *
  * *IBD chainstate*: a chainstate whose current state has been "fully"
  *   validated by the initial block download process.
  *
  * *Snapshot chainstate*: a chainstate populated by loading in an
  *    assumeutxo UTXO snapshot.
  *
  * *Active chainstate*: the chainstate containing the current most-work
  *    chain. Consulted by most parts of the system (net_processing,
  *    wallet) as a reflection of the current chain and UTXO set.
  *    This may either be an IBD chainstate or a snapshot chainstate.
  *
  * *Background IBD chainstate*: an IBD chainstate for which the
  *    IBD process is happening in the background while use of the
  *    active (snapshot) chainstate allows the rest of the system to function.
  *
  * *Validated chainstate*: the most-work chainstate which has been validated
  *   locally via initial block download. This will be the snapshot chainstate
  *   if a snapshot was loaded and all blocks up to the snapshot starting point
  *   have been downloaded and validated (via background validation), otherwise
  *   it will be the IBD chainstate.
  */
 class ChainstateManager {
 private:
     //! The chainstate used under normal operation (i.e. "regular" IBD) or, if
     //! a snapshot is in use, for background validation.
     //!
     //! Its contents (including on-disk data) will be deleted *upon shutdown*
     //! after background validation of the snapshot has completed. We do not
     //! free the chainstate contents immediately after it finishes validation
     //! to cautiously avoid a case where some other part of the system is still
     //! using this pointer (e.g. net_processing).
     //!
     //! Once this pointer is set to a corresponding chainstate, it will not
     //! be reset until init.cpp:Shutdown(). This means it is safe to acquire
     //! the contents of this pointer with ::cs_main held, release the lock,
     //! and then use the reference without concern of it being deconstructed.
     //!
     //! This is especially important when, e.g., calling ActivateBestChain()
     //! on all chainstates because we are not able to hold ::cs_main going into
     //! that call.
     std::unique_ptr<CChainState> m_ibd_chainstate;
 
     //! A chainstate initialized on the basis of a UTXO snapshot. If this is
     //! non-null, it is always our active chainstate.
     //!
     //! Once this pointer is set to a corresponding chainstate, it will not
     //! be reset until init.cpp:Shutdown(). This means it is safe to acquire
     //! the contents of this pointer with ::cs_main held, release the lock,
     //! and then use the reference without concern of it being deconstructed.
     //!
     //! This is especially important when, e.g., calling ActivateBestChain()
     //! on all chainstates because we are not able to hold ::cs_main going into
     //! that call.
     std::unique_ptr<CChainState> m_snapshot_chainstate;
 
     //! Points to either the ibd or snapshot chainstate; indicates our
     //! most-work chain.
     //!
     //! Once this pointer is set to a corresponding chainstate, it will not
     //! be reset until init.cpp:Shutdown(). This means it is safe to acquire
     //! the contents of this pointer with ::cs_main held, release the lock,
     //! and then use the reference without concern of it being deconstructed.
     //!
     //! This is especially important when, e.g., calling ActivateBestChain()
     //! on all chainstates because we are not able to hold ::cs_main going into
     //! that call.
     CChainState *m_active_chainstate{nullptr};
 
     //! If true, the assumed-valid chainstate has been fully validated
     //! by the background validation chainstate.
     bool m_snapshot_validated{false};
 
     // For access to m_active_chainstate.
     friend CChainState &ChainstateActive();
     friend CChain &ChainActive();
 
 public:
     //! A single BlockManager instance is shared across each constructed
     //! chainstate to avoid duplicating block metadata.
     BlockManager m_blockman GUARDED_BY(::cs_main);
 
     //! The total number of bytes available for us to use across all in-memory
     //! coins caches. This will be split somehow across chainstates.
     int64_t m_total_coinstip_cache{0};
     //
     //! The total number of bytes available for us to use across all leveldb
     //! coins databases. This will be split somehow across chainstates.
     int64_t m_total_coinsdb_cache{0};
 
     //! Instantiate a new chainstate and assign it based upon whether it is
     //! from a snapshot.
     //!
     //! @param[in] mempool              The mempool to pass to the chainstate
     //                                  constructor
     //! @param[in] snapshot_blockhash   If given, signify that this chainstate
     //!                                 is based on a snapshot.
     CChainState &
     InitializeChainstate(CTxMemPool &mempool,
                          const BlockHash &snapshot_blockhash = BlockHash())
         EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
     //! Get all chainstates currently being used.
     std::vector<CChainState *> GetAll();
 
     //! The most-work chain.
     CChainState &ActiveChainstate() const;
     CChain &ActiveChain() const { return ActiveChainstate().m_chain; }
     int ActiveHeight() const { return ActiveChain().Height(); }
     CBlockIndex *ActiveTip() const { return ActiveChain().Tip(); }
 
     BlockMap &BlockIndex() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) {
         return m_blockman.m_block_index;
     }
 
     bool IsSnapshotActive() const;
 
     std::optional<BlockHash> SnapshotBlockhash() const;
 
     //! Is there a snapshot in use and has it been fully validated?
     bool IsSnapshotValidated() const { return m_snapshot_validated; }
 
     //! @returns true if this chainstate is being used to validate an active
     //!          snapshot in the background.
     bool IsBackgroundIBD(CChainState *chainstate) const;
 
     //! Return the most-work chainstate that has been fully validated.
     //!
     //! During background validation of a snapshot, this is the IBD chain. After
     //! background validation has completed, this is the snapshot chain.
     CChainState &ValidatedChainstate() const;
 
     CChain &ValidatedChain() const { return ValidatedChainstate().m_chain; }
     CBlockIndex *ValidatedTip() const { return ValidatedChain().Tip(); }
 
     /**
      * Process an incoming block. This only returns after the best known valid
      * block is made active. Note that it does not, however, guarantee that the
      * specific block passed to it has been checked for validity!
      *
      * If you want to *possibly* get feedback on whether pblock is valid, you
      * must install a CValidationInterface (see validationinterface.h) - this
      * will have its BlockChecked method called whenever *any* block completes
      * validation.
      *
      * Note that we guarantee that either the proof-of-work is valid on pblock,
      * or (and possibly also) BlockChecked will have been called.
      *
      * May not be called in a validationinterface callback.
      *
      * @param[in]   config  The global config.
      * @param[in]   pblock  The block we want to process.
      * @param[in]   fForceProcessing Process this block even if unrequested;
      *              used for non-network block sources.
      * @param[out]  fNewBlock A boolean which is set to indicate if the block
      * was first received via this call.
      * @returns     If the block was processed, independently of block validity
      */
     bool ProcessNewBlock(const Config &config,
                          const std::shared_ptr<const CBlock> pblock,
                          bool fForceProcessing, bool *fNewBlock)
         LOCKS_EXCLUDED(cs_main);
 
     /**
      * Process incoming block headers.
      *
      * May not be called in a validationinterface callback.
      *
      * @param[in]  config        The config.
      * @param[in]  block         The block headers themselves.
      * @param[out] state         This may be set to an Error state if any error
      *                           occurred processing them.
      * @param[out] ppindex       If set, the pointer will be set to point to the
      *                           last new block index object for the given
      * headers.
      * @return True if block headers were accepted as valid.
      */
     bool ProcessNewBlockHeaders(const Config &config,
                                 const std::vector<CBlockHeader> &block,
                                 BlockValidationState &state,
                                 const CBlockIndex **ppindex = nullptr)
         LOCKS_EXCLUDED(cs_main);
 
     //! Load the block tree and coins database from disk, initializing state if
     //! we're running with -reindex
     bool LoadBlockIndex(const Consensus::Params &params)
         EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     //! Unload block index and chain data before shutdown.
     void Unload() EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
     //! Clear (deconstruct) chainstate data.
     void Reset();
 
     //! Check to see if caches are out of balance and if so, call
     //! ResizeCoinsCaches() as needed.
     void MaybeRebalanceCaches() EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 };
 
 /**
  * DEPRECATED! Please use node.chainman instead. May only be used in
  * validation.cpp internally
  */
 extern ChainstateManager g_chainman GUARDED_BY(::cs_main);
 
 /** Please prefer the identical ChainstateManager::ActiveChainstate */
 CChainState &ChainstateActive();
 
 /** Please prefer the identical ChainstateManager::ActiveChain */
 CChain &ChainActive();
 
 /**
  * Global variable that points to the active block tree (protected by cs_main)
  */
 extern std::unique_ptr<CBlockTreeDB> pblocktree;
 
 /**
  * Return the spend height, which is one more than the inputs.GetBestBlock().
  * While checking, GetBestBlock() refers to the parent block. (protected by
  * cs_main)
  * This is also true for mempool checks.
  */
 int GetSpendHeight(const CCoinsViewCache &inputs);
 
 /**
  * Determine what nVersion a new block should use.
  */
 int32_t ComputeBlockVersion(const CBlockIndex *pindexPrev,
                             const Consensus::Params &params);
 
 /** Get block file info entry for one block file */
 CBlockFileInfo *GetBlockFileInfo(size_t n);
 
 /** Dump the mempool to disk. */
 bool DumpMempool(const CTxMemPool &pool);
 
 /** Load the mempool from disk. */
 bool LoadMempool(const Config &config, CTxMemPool &pool);
 
 //! Check whether the block associated with this index entry is pruned or not.
 bool IsBlockPruned(const CBlockIndex *pblockindex);
 
 #endif // BITCOIN_VALIDATION_H
diff --git a/src/wallet/wallet.h b/src/wallet/wallet.h
index 20fbc06ce..ddc312a0e 100644
--- a/src/wallet/wallet.h
+++ b/src/wallet/wallet.h
@@ -1,1638 +1,1638 @@
 // Copyright (c) 2009-2010 Satoshi Nakamoto
 // Copyright (c) 2009-2016 The Bitcoin Core developers
 // Copyright (c) 2018-2020 The Bitcoin developers
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #ifndef BITCOIN_WALLET_WALLET_H
 #define BITCOIN_WALLET_WALLET_H
 
 #include <amount.h>
 #include <interfaces/chain.h>
 #include <interfaces/handler.h>
 #include <outputtype.h>
 #include <primitives/blockhash.h>
 #include <psbt.h>
 #include <tinyformat.h>
 #include <util/message.h>
 #include <util/strencodings.h>
 #include <util/string.h>
 #include <util/system.h>
 #include <util/translation.h>
 #include <util/ui_change_type.h>
 #include <validationinterface.h>
 #include <wallet/coinselection.h>
 #include <wallet/crypter.h>
 #include <wallet/rpcwallet.h>
 #include <wallet/scriptpubkeyman.h>
 #include <wallet/walletdb.h>
 #include <wallet/walletutil.h>
 
 #include <algorithm>
 #include <atomic>
 #include <cstdint>
 #include <map>
 #include <memory>
 #include <optional>
 #include <set>
 #include <stdexcept>
 #include <string>
 #include <utility>
 #include <vector>
 
 #include <boost/signals2/signal.hpp>
 
 using LoadWalletFn =
     std::function<void(std::unique_ptr<interfaces::Wallet> wallet)>;
 
 struct bilingual_str;
 
 //! Explicitly unload and delete the wallet.
 //! Blocks the current thread after signaling the unload intent so that all
 //! wallet clients release the wallet.
 //! Note that, when blocking is not required, the wallet is implicitly unloaded
 //! by the shared pointer deleter.
 void UnloadWallet(std::shared_ptr<CWallet> &&wallet);
 
 bool AddWallet(const std::shared_ptr<CWallet> &wallet);
 bool RemoveWallet(const std::shared_ptr<CWallet> &wallet);
 std::vector<std::shared_ptr<CWallet>> GetWallets();
 std::shared_ptr<CWallet> GetWallet(const std::string &name);
 std::shared_ptr<CWallet> LoadWallet(const CChainParams &chainParams,
                                     interfaces::Chain &chain,
                                     const WalletLocation &location,
                                     bilingual_str &error,
                                     std::vector<bilingual_str> &warnings);
 std::unique_ptr<interfaces::Handler> HandleLoadWallet(LoadWalletFn load_wallet);
 
 enum class WalletCreationStatus { SUCCESS, CREATION_FAILED, ENCRYPTION_FAILED };
 
 WalletCreationStatus CreateWallet(const CChainParams &params,
                                   interfaces::Chain &chain,
                                   const SecureString &passphrase,
                                   uint64_t wallet_creation_flags,
                                   const std::string &name, bilingual_str &error,
                                   std::vector<bilingual_str> &warnings,
                                   std::shared_ptr<CWallet> &result);
 //! -paytxfee default
 constexpr Amount DEFAULT_PAY_TX_FEE = Amount::zero();
 //! -fallbackfee default
 static const Amount DEFAULT_FALLBACK_FEE = Amount::zero();
 //! -mintxfee default
 static const Amount DEFAULT_TRANSACTION_MINFEE_PER_KB = 1000 * SATOSHI;
 /**
  * maximum fee increase allowed to do partial spend avoidance, even for nodes
  * with this feature disabled by default
  *
  * A value of -1 disables this feature completely.
  * A value of 0 (current default) means to attempt to do partial spend
  * avoidance, and use its results if the fees remain *unchanged* A value > 0
  * means to do partial spend avoidance if the fee difference against a regular
  * coin selection instance is in the range [0..value].
  */
 static const Amount DEFAULT_MAX_AVOIDPARTIALSPEND_FEE = Amount::zero();
 //! discourage APS fee higher than this amount
 constexpr Amount HIGH_APS_FEE{COIN / 10000};
 //! minimum recommended increment for BIP 125 replacement txs
 static const Amount WALLET_INCREMENTAL_RELAY_FEE(5000 * SATOSHI);
 //! Default for -spendzeroconfchange
 static const bool DEFAULT_SPEND_ZEROCONF_CHANGE = true;
 //! Default for -walletrejectlongchains
 static const bool DEFAULT_WALLET_REJECT_LONG_CHAINS = false;
 static const bool DEFAULT_WALLETBROADCAST = true;
 static const bool DEFAULT_DISABLE_WALLET = false;
 //! -maxtxfee default
 constexpr Amount DEFAULT_TRANSACTION_MAXFEE{COIN / 10};
 //! Discourage users to set fees higher than this amount (in satoshis) per kB
 constexpr Amount HIGH_TX_FEE_PER_KB{COIN / 100};
 //! -maxtxfee will warn if called with a higher fee than this amount (in
 //! satoshis)
 constexpr Amount HIGH_MAX_TX_FEE{100 * HIGH_TX_FEE_PER_KB};
 //! Pre-calculated constants for input size estimation
 static constexpr size_t DUMMY_P2PKH_INPUT_SIZE = 148;
 
 class CChainParams;
 class CCoinControl;
 class COutput;
 class CScript;
 class CTxMemPool;
 class CWalletTx;
 class ReserveDestination;
 
 //! Default for -addresstype
 constexpr OutputType DEFAULT_ADDRESS_TYPE{OutputType::LEGACY};
 
 static constexpr uint64_t KNOWN_WALLET_FLAGS =
     WALLET_FLAG_AVOID_REUSE | WALLET_FLAG_BLANK_WALLET |
     WALLET_FLAG_KEY_ORIGIN_METADATA | WALLET_FLAG_DISABLE_PRIVATE_KEYS |
     WALLET_FLAG_DESCRIPTORS;
 
 static constexpr uint64_t MUTABLE_WALLET_FLAGS = WALLET_FLAG_AVOID_REUSE;
 
 static const std::map<std::string, WalletFlags> WALLET_FLAG_MAP{
     {"avoid_reuse", WALLET_FLAG_AVOID_REUSE},
     {"blank", WALLET_FLAG_BLANK_WALLET},
     {"key_origin_metadata", WALLET_FLAG_KEY_ORIGIN_METADATA},
     {"disable_private_keys", WALLET_FLAG_DISABLE_PRIVATE_KEYS},
     {"descriptor_wallet", WALLET_FLAG_DESCRIPTORS},
 };
 
 extern const std::map<uint64_t, std::string> WALLET_FLAG_CAVEATS;
 
 /**
  * A wrapper to reserve an address from a wallet
  *
  * ReserveDestination is used to reserve an address.
  * It is currently only used inside of CreateTransaction.
  *
  * Instantiating a ReserveDestination does not reserve an address. To do so,
  * GetReservedDestination() needs to be called on the object. Once an address
  * has been reserved, call KeepDestination() on the ReserveDestination object to
  * make sure it is not returned. Call ReturnDestination() to return the address
  * so it can be re-used (for example, if the address was used in a new
  * transaction and that transaction was not completed and needed to be aborted).
  *
  * If an address is reserved and KeepDestination() is not called, then the
  * address will be returned when the ReserveDestination goes out of scope.
  */
 class ReserveDestination {
 protected:
     //! The wallet to reserve from
     const CWallet *const pwallet;
     //! The ScriptPubKeyMan to reserve from. Based on type when
     //! GetReservedDestination is called
     ScriptPubKeyMan *m_spk_man{nullptr};
     OutputType const type;
     //! The index of the address's key in the keypool
     int64_t nIndex{-1};
     //! The destination
     CTxDestination address;
     //! Whether this is from the internal (change output) keypool
     bool fInternal{false};
 
 public:
     //! Construct a ReserveDestination object. This does NOT reserve an address
     //! yet
     explicit ReserveDestination(CWallet *_pwallet, OutputType _type)
         : pwallet(_pwallet), type(_type) {}
 
     ReserveDestination(const ReserveDestination &) = delete;
     ReserveDestination &operator=(const ReserveDestination &) = delete;
 
     //! Destructor. If a key has been reserved and not KeepKey'ed, it will be
     //! returned to the keypool
     ~ReserveDestination() { ReturnDestination(); }
 
     //! Reserve an address
     bool GetReservedDestination(CTxDestination &pubkey, bool internal);
     //! Return reserved address
     void ReturnDestination();
     //! Keep the address. Do not return it's key to the keypool when this object
     //! goes out of scope
     void KeepDestination();
 };
 
 /** Address book data */
 class CAddressBookData {
 private:
     bool m_change{true};
     std::string m_label;
 
 public:
     std::string purpose;
 
     CAddressBookData() : purpose("unknown") {}
 
     typedef std::map<std::string, std::string> StringMap;
     StringMap destdata;
 
     bool IsChange() const { return m_change; }
     const std::string &GetLabel() const { return m_label; }
     void SetLabel(const std::string &label) {
         m_change = false;
         m_label = label;
     }
 };
 
 struct CRecipient {
     CScript scriptPubKey;
     Amount nAmount;
     bool fSubtractFeeFromAmount;
 };
 
 typedef std::map<std::string, std::string> mapValue_t;
 
 static inline void ReadOrderPos(int64_t &nOrderPos, mapValue_t &mapValue) {
     if (!mapValue.count("n")) {
         // TODO: calculate elsewhere
         nOrderPos = -1;
         return;
     }
 
     nOrderPos = atoi64(mapValue["n"]);
 }
 
 static inline void WriteOrderPos(const int64_t &nOrderPos,
                                  mapValue_t &mapValue) {
     if (nOrderPos == -1) {
         return;
     }
     mapValue["n"] = ToString(nOrderPos);
 }
 
 struct COutputEntry {
     CTxDestination destination;
     Amount amount;
     int vout;
 };
 
 /**
  * Legacy class used for deserializing vtxPrev for backwards compatibility.
  * vtxPrev was removed in commit 93a18a3650292afbb441a47d1fa1b94aeb0164e3,
  * but old wallet.dat files may still contain vtxPrev vectors of CMerkleTxs.
  * These need to get deserialized for field alignment when deserializing
  * a CWalletTx, but the deserialized values are discarded.
  */
 class CMerkleTx {
 public:
     template <typename Stream> void Unserialize(Stream &s) {
         CTransactionRef tx;
         BlockHash hashBlock;
         std::vector<uint256> vMerkleBranch;
         int nIndex = 0;
 
         s >> tx >> hashBlock >> vMerkleBranch >> nIndex;
     }
 };
 
 // Get the marginal bytes of spending the specified output
 int CalculateMaximumSignedInputSize(const CTxOut &txout, const CWallet *pwallet,
                                     bool use_max_sig = false);
 
 /**
  * A transaction with a bunch of additional info that only the owner cares
  * about. It includes any unrecorded transactions needed to link it back to the
  * block chain.
  */
 class CWalletTx {
 private:
     const CWallet *const pwallet;
 
     /**
      * Constant used in hashBlock to indicate tx has been abandoned, only used
      * at serialization/deserialization to avoid ambiguity with conflicted.
      */
     static constexpr const uint256 &ABANDON_HASH = uint256::ONE;
 
 public:
     /**
      * Key/value map with information about the transaction.
      *
      * The following keys can be read and written through the map and are
      * serialized in the wallet database:
      *
      *     "comment", "to"   - comment strings provided to sendtoaddress,
      *                         and sendmany wallet RPCs
      *     "replaces_txid"   - txid (as HexStr) of transaction replaced by
      *                         bumpfee on transaction created by bumpfee
      *     "replaced_by_txid" - txid (as HexStr) of transaction created by
      *                         bumpfee on transaction replaced by bumpfee
      *     "from", "message" - obsolete fields that could be set in UI prior to
      *                         2011 (removed in commit 4d9b223)
      *
      * The following keys are serialized in the wallet database, but shouldn't
      * be read or written through the map (they will be temporarily added and
      * removed from the map during serialization):
      *
      *     "fromaccount"     - serialized strFromAccount value
      *     "n"               - serialized nOrderPos value
      *     "timesmart"       - serialized nTimeSmart value
      *     "spent"           - serialized vfSpent value that existed prior to
      *                         2014 (removed in commit 93a18a3)
      */
     mapValue_t mapValue;
     std::vector<std::pair<std::string, std::string>> vOrderForm;
     unsigned int fTimeReceivedIsTxTime;
     //! time received by this node
     unsigned int nTimeReceived;
     /**
      * Stable timestamp that never changes, and reflects the order a transaction
      * was added to the wallet. Timestamp is based on the block time for a
      * transaction added as part of a block, or else the time when the
      * transaction was received if it wasn't part of a block, with the timestamp
      * adjusted in both cases so timestamp order matches the order transactions
      * were added to the wallet. More details can be found in
      * CWallet::ComputeTimeSmart().
      */
     unsigned int nTimeSmart;
     /**
      * From me flag is set to 1 for transactions that were created by the wallet
      * on this bitcoin node, and set to 0 for transactions that were created
      * externally and came in through the network or sendrawtransaction RPC.
      */
     bool fFromMe;
     //! position in ordered transaction list
     int64_t nOrderPos;
     std::multimap<int64_t, CWalletTx *>::const_iterator m_it_wtxOrdered;
 
     // memory only
     enum AmountType {
         DEBIT,
         CREDIT,
         IMMATURE_CREDIT,
         AVAILABLE_CREDIT,
         AMOUNTTYPE_ENUM_ELEMENTS
     };
     Amount GetCachableAmount(AmountType type, const isminefilter &filter,
                              bool recalculate = false) const;
     mutable CachableAmount m_amounts[AMOUNTTYPE_ENUM_ELEMENTS];
     /**
      * This flag is true if all m_amounts caches are empty. This is particularly
      * useful in places where MarkDirty is conditionally called and the
      * condition can be expensive and thus can be skipped if the flag is true.
      * See MarkDestinationsDirty.
      */
     mutable bool m_is_cache_empty{true};
     mutable bool fChangeCached;
     mutable bool fInMempool;
     mutable Amount nChangeCached;
 
     CWalletTx(const CWallet *wallet, CTransactionRef arg)
         : pwallet(wallet), tx(std::move(arg)) {
         Init();
     }
 
     void Init() {
         mapValue.clear();
         vOrderForm.clear();
         fTimeReceivedIsTxTime = false;
         nTimeReceived = 0;
         nTimeSmart = 0;
         fFromMe = false;
         fChangeCached = false;
         fInMempool = false;
         nChangeCached = Amount::zero();
         nOrderPos = -1;
         m_confirm = Confirmation{};
     }
 
     CTransactionRef tx;
 
     /**
      * New transactions start as UNCONFIRMED. At BlockConnected,
      * they will transition to CONFIRMED. In case of reorg, at
      * BlockDisconnected, they roll back to UNCONFIRMED. If we detect a
      * conflicting transaction at block connection, we update conflicted tx and
      * its dependencies as CONFLICTED. If tx isn't confirmed and outside of
      * mempool, the user may switch it to ABANDONED by using the
      * abandontransaction call. This last status may be override by a CONFLICTED
      * or CONFIRMED transition.
      */
     enum Status { UNCONFIRMED, CONFIRMED, CONFLICTED, ABANDONED };
 
     /**
      * Confirmation includes tx status and a triplet of {block height/block
      * hash/tx index in block} at which tx has been confirmed. All three are set
      * to 0 if tx is unconfirmed or abandoned. Meaning of these fields changes
      * with CONFLICTED state where they instead point to block hash and block
      * height of the deepest conflicting tx.
      */
     struct Confirmation {
         Status status;
         int block_height;
         BlockHash hashBlock;
         int nIndex;
         Confirmation(Status s = UNCONFIRMED, int b = 0,
                      BlockHash h = BlockHash(), int i = 0)
             : status(s), block_height(b), hashBlock(h), nIndex(i) {}
     };
 
     Confirmation m_confirm;
 
     template <typename Stream> void Serialize(Stream &s) const {
         mapValue_t mapValueCopy = mapValue;
 
         mapValueCopy["fromaccount"] = "";
         WriteOrderPos(nOrderPos, mapValueCopy);
         if (nTimeSmart) {
             mapValueCopy["timesmart"] = strprintf("%u", nTimeSmart);
         }
 
         //! Used to be vMerkleBranch
         std::vector<char> dummy_vector1;
         //! Used to be vtxPrev
         std::vector<char> dummy_vector2;
         //! Used to be fSpent
         bool dummy_bool = false;
         uint256 serializedHash =
             isAbandoned() ? ABANDON_HASH : m_confirm.hashBlock;
         int serializedIndex =
             isAbandoned() || isConflicted() ? -1 : m_confirm.nIndex;
         s << tx << serializedHash << dummy_vector1 << serializedIndex
           << dummy_vector2 << mapValueCopy << vOrderForm
           << fTimeReceivedIsTxTime << nTimeReceived << fFromMe << dummy_bool;
     }
 
     template <typename Stream> void Unserialize(Stream &s) {
         Init();
 
         //! Used to be vMerkleBranch
         std::vector<uint256> dummy_vector1;
         //! Used to be vtxPrev
         std::vector<CMerkleTx> dummy_vector2;
         //! Used to be fSpent
         bool dummy_bool;
         int serializedIndex;
         s >> tx >> m_confirm.hashBlock >> dummy_vector1 >> serializedIndex >>
             dummy_vector2 >> mapValue >> vOrderForm >> fTimeReceivedIsTxTime >>
             nTimeReceived >> fFromMe >> dummy_bool;
 
         /*
          * At serialization/deserialization, an nIndex == -1 means that
          * hashBlock refers to the earliest block in the chain we know this or
          * any in-wallet ancestor conflicts with. If nIndex == -1 and hashBlock
          * is ABANDON_HASH, it means transaction is abandoned. In same context,
          * an nIndex >= 0 refers to a confirmed transaction (if hashBlock set)
          * or unconfirmed one. Older clients interpret nIndex == -1 as
          * unconfirmed for backward compatibility (pre-commit 9ac63d6).
          */
         if (serializedIndex == -1 && m_confirm.hashBlock == ABANDON_HASH) {
             setAbandoned();
         } else if (serializedIndex == -1) {
             setConflicted();
         } else if (!m_confirm.hashBlock.IsNull()) {
             m_confirm.nIndex = serializedIndex;
             setConfirmed();
         }
 
         ReadOrderPos(nOrderPos, mapValue);
         nTimeSmart = mapValue.count("timesmart")
                          ? (unsigned int)atoi64(mapValue["timesmart"])
                          : 0;
 
         mapValue.erase("fromaccount");
         mapValue.erase("spent");
         mapValue.erase("n");
         mapValue.erase("timesmart");
     }
 
     void SetTx(CTransactionRef arg) { tx = std::move(arg); }
 
     //! make sure balances are recalculated
     void MarkDirty() {
         m_amounts[DEBIT].Reset();
         m_amounts[CREDIT].Reset();
         m_amounts[IMMATURE_CREDIT].Reset();
         m_amounts[AVAILABLE_CREDIT].Reset();
         fChangeCached = false;
         m_is_cache_empty = true;
     }
 
     //! filter decides which addresses will count towards the debit
     Amount GetDebit(const isminefilter &filter) const;
     Amount GetCredit(const isminefilter &filter) const;
     Amount GetImmatureCredit(bool fUseCache = true) const;
     // TODO: Remove "NO_THREAD_SAFETY_ANALYSIS" and replace it with the correct
     // annotation "EXCLUSIVE_LOCKS_REQUIRED(pwallet->cs_wallet)". The
     // annotation "NO_THREAD_SAFETY_ANALYSIS" was temporarily added to avoid
     // having to resolve the issue of member access into incomplete type
     // CWallet.
     Amount GetAvailableCredit(bool fUseCache = true,
                               const isminefilter &filter = ISMINE_SPENDABLE)
         const NO_THREAD_SAFETY_ANALYSIS;
     Amount GetImmatureWatchOnlyCredit(const bool fUseCache = true) const;
     Amount GetChange() const;
 
     // Get the marginal bytes if spending the specified output from this
     // transaction
     int GetSpendSize(unsigned int out, bool use_max_sig = false) const {
         return CalculateMaximumSignedInputSize(tx->vout[out], pwallet,
                                                use_max_sig);
     }
 
     void GetAmounts(std::list<COutputEntry> &listReceived,
                     std::list<COutputEntry> &listSent, Amount &nFee,
                     const isminefilter &filter) const;
 
     bool IsFromMe(const isminefilter &filter) const {
         return GetDebit(filter) > Amount::zero();
     }
 
     // True if only scriptSigs are different
     bool IsEquivalentTo(const CWalletTx &tx) const;
 
     bool InMempool() const;
     bool IsTrusted() const;
 
     int64_t GetTxTime() const;
 
     // Pass this transaction to node for mempool insertion and relay to peers if
     // flag set to true
     bool SubmitMemoryPoolAndRelay(std::string &err_string, bool relay);
 
     // TODO: Remove "NO_THREAD_SAFETY_ANALYSIS" and replace it with the correct
     // annotation "EXCLUSIVE_LOCKS_REQUIRED(pwallet->cs_wallet)". The annotation
     // "NO_THREAD_SAFETY_ANALYSIS" was temporarily added to avoid having to
     // resolve the issue of member access into incomplete type CWallet. Note
     // that we still have the runtime check "AssertLockHeld(pwallet->cs_wallet)"
     // in place.
     std::set<TxId> GetConflicts() const NO_THREAD_SAFETY_ANALYSIS;
 
     /**
      * Return depth of transaction in blockchain:
      * <0  : conflicts with a transaction this deep in the blockchain
      *  0  : in memory pool, waiting to be included in a block
      * >=1 : this many blocks deep in the main chain
      */
     // TODO: Remove "NO_THREAD_SAFETY_ANALYSIS" and replace it with the correct
     // annotation "EXCLUSIVE_LOCKS_REQUIRED(pwallet->cs_wallet)". The annotation
     // "NO_THREAD_SAFETY_ANALYSIS" was temporarily added to avoid having to
     // resolve the issue of member access into incomplete type CWallet. Note
     // that we still have the runtime check "AssertLockHeld(pwallet->cs_wallet)"
     // in place.
     int GetDepthInMainChain() const NO_THREAD_SAFETY_ANALYSIS;
     bool IsInMainChain() const { return GetDepthInMainChain() > 0; }
 
     /**
      * @return number of blocks to maturity for this transaction:
      *  0 : is not a coinbase transaction, or is a mature coinbase transaction
      * >0 : is a coinbase transaction which matures in this many blocks
      */
     int GetBlocksToMaturity() const;
     bool isAbandoned() const {
         return m_confirm.status == CWalletTx::ABANDONED;
     }
     void setAbandoned() {
         m_confirm.status = CWalletTx::ABANDONED;
         m_confirm.hashBlock = BlockHash();
         m_confirm.block_height = 0;
         m_confirm.nIndex = 0;
     }
     bool isConflicted() const {
         return m_confirm.status == CWalletTx::CONFLICTED;
     }
     void setConflicted() { m_confirm.status = CWalletTx::CONFLICTED; }
     bool isUnconfirmed() const {
         return m_confirm.status == CWalletTx::UNCONFIRMED;
     }
     void setUnconfirmed() { m_confirm.status = CWalletTx::UNCONFIRMED; }
     bool isConfirmed() const {
         return m_confirm.status == CWalletTx::CONFIRMED;
     }
     void setConfirmed() { m_confirm.status = CWalletTx::CONFIRMED; }
     TxId GetId() const { return tx->GetId(); }
     bool IsCoinBase() const { return tx->IsCoinBase(); }
     bool IsImmatureCoinBase() const;
 
     // Disable copying of CWalletTx objects to prevent bugs where instances get
     // copied in and out of the mapWallet map, and fields are updated in the
     // wrong copy.
     CWalletTx(CWalletTx const &) = delete;
     void operator=(CWalletTx const &x) = delete;
 };
 
 class COutput {
 public:
     const CWalletTx *tx;
     int i;
     int nDepth;
 
     /**
      * Pre-computed estimated size of this output as a fully-signed input in a
      * transaction. Can be -1 if it could not be calculated.
      */
     int nInputBytes;
 
     /** Whether we have the private keys to spend this output */
     bool fSpendable;
 
     /** Whether we know how to spend this output, ignoring the lack of keys */
     bool fSolvable;
 
     /**
      * Whether to use the maximum sized, 72 byte signature when calculating the
      * size of the input spend. This should only be set when watch-only outputs
      * are allowed.
      */
     bool use_max_sig;
 
     /**
      * Whether this output is considered safe to spend. Unconfirmed transactions
      * from outside keys are considered unsafe and will not be used to fund new
      * spending transactions.
      */
     bool fSafe;
 
     COutput(const CWalletTx *txIn, int iIn, int nDepthIn, bool fSpendableIn,
             bool fSolvableIn, bool fSafeIn, bool use_max_sig_in = false) {
         tx = txIn;
         i = iIn;
         nDepth = nDepthIn;
         fSpendable = fSpendableIn;
         fSolvable = fSolvableIn;
         fSafe = fSafeIn;
         nInputBytes = -1;
         use_max_sig = use_max_sig_in;
         // If known and signable by the given wallet, compute nInputBytes
         // Failure will keep this value -1
         if (fSpendable && tx) {
             nInputBytes = tx->GetSpendSize(i, use_max_sig);
         }
     }
 
     std::string ToString() const;
 
     inline CInputCoin GetInputCoin() const {
         return CInputCoin(tx->tx, i, nInputBytes);
     }
 };
 
 struct CoinSelectionParams {
     bool use_bnb = true;
     size_t change_output_size = 0;
     size_t change_spend_size = 0;
     CFeeRate effective_fee = CFeeRate(Amount::zero());
     size_t tx_noinputs_size = 0;
     //! Indicate that we are subtracting the fee from outputs
     bool m_subtract_fee_outputs = false;
 
     CoinSelectionParams(bool use_bnb_, size_t change_output_size_,
                         size_t change_spend_size_, CFeeRate effective_fee_,
                         size_t tx_noinputs_size_)
         : use_bnb(use_bnb_), change_output_size(change_output_size_),
           change_spend_size(change_spend_size_), effective_fee(effective_fee_),
           tx_noinputs_size(tx_noinputs_size_) {}
     CoinSelectionParams() {}
 };
 
 // forward declarations for ScanForWalletTransactions/RescanFromTime
 class WalletRescanReserver;
 
 /**
  * A CWallet maintains a set of transactions and balances, and provides the
  * ability to create new transactions.
  */
 class CWallet final : public WalletStorage,
                       public interfaces::Chain::Notifications {
 private:
     CKeyingMaterial vMasterKey GUARDED_BY(cs_wallet);
 
     bool Unlock(const CKeyingMaterial &vMasterKeyIn,
                 bool accept_no_keys = false);
 
     std::atomic<bool> fAbortRescan{false};
     // controlled by WalletRescanReserver
     std::atomic<bool> fScanningWallet{false};
     std::atomic<int64_t> m_scanning_start{0};
     std::atomic<double> m_scanning_progress{0};
     friend class WalletRescanReserver;
 
     //! the current wallet version: clients below this version are not able to
     //! load the wallet
     int nWalletVersion GUARDED_BY(cs_wallet) = FEATURE_BASE;
 
     //! the maximum wallet format version: memory-only variable that specifies
     //! to what version this wallet may be upgraded
     int nWalletMaxVersion GUARDED_BY(cs_wallet) = FEATURE_BASE;
 
     int64_t nNextResend = 0;
     bool fBroadcastTransactions = false;
     // Local time that the tip block was received. Used to schedule wallet
     // rebroadcasts.
     std::atomic<int64_t> m_best_block_time{0};
 
     /**
      * Used to keep track of spent outpoints, and detect and report conflicts
      * (double-spends or mutated transactions where the mutant gets mined).
      */
     typedef std::multimap<COutPoint, TxId> TxSpends;
     TxSpends mapTxSpends GUARDED_BY(cs_wallet);
     void AddToSpends(const COutPoint &outpoint, const TxId &wtxid)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void AddToSpends(const TxId &wtxid) EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     /**
      * Add a transaction to the wallet, or update it. pIndex and posInBlock
      * should be set when the transaction was known to be included in a
      * block. When *pIndex == nullptr, then wallet state is not updated in
      * AddToWallet, but notifications happen and cached balances are marked
      * dirty.
      *
      * If fUpdate is true, existing transactions will be updated.
      * TODO: One exception to this is that the abandoned state is cleared under
      * the assumption that any further notification of a transaction that was
      * considered abandoned is an indication that it is not safe to be
      * considered abandoned. Abandoned state should probably be more carefully
      * tracked via different posInBlock signals or by checking mempool presence
      * when necessary.
      */
     bool AddToWalletIfInvolvingMe(const CTransactionRef &tx,
                                   CWalletTx::Confirmation confirm, bool fUpdate)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     /**
      * Mark a transaction (and its in-wallet descendants) as conflicting with a
      * particular block.
      */
     void MarkConflicted(const BlockHash &hashBlock, int conflicting_height,
                         const TxId &txid);
 
     /**
      * Mark a transaction's inputs dirty, thus forcing the outputs to be
      * recomputed
      */
     void MarkInputsDirty(const CTransactionRef &tx)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     void SyncMetaData(std::pair<TxSpends::iterator, TxSpends::iterator>)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     /**
      * Used by
      * TransactionAddedToMemorypool/BlockConnected/Disconnected/ScanForWalletTransactions.
      * Should be called with non-zero block_hash and posInBlock if this is for a
      * transaction that is included in a block.
      */
     void SyncTransaction(const CTransactionRef &tx,
                          CWalletTx::Confirmation confirm, bool update_tx = true)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     std::atomic<uint64_t> m_wallet_flags{0};
 
     bool SetAddressBookWithDB(WalletBatch &batch, const CTxDestination &address,
                               const std::string &strName,
                               const std::string &strPurpose);
 
     //! Unsets a wallet flag and saves it to disk
     void UnsetWalletFlagWithDB(WalletBatch &batch, uint64_t flag);
 
     //! Unset the blank wallet flag and saves it to disk
     void UnsetBlankWalletFlag(WalletBatch &batch) override;
 
     /** Interface for accessing chain state. */
     interfaces::Chain *m_chain;
 
     /**
      * Wallet location which includes wallet name (see WalletLocation).
      */
     WalletLocation m_location;
 
     /** Internal database handle. */
     std::unique_ptr<WalletDatabase> database;
 
     /**
      * The following is used to keep track of how far behind the wallet is
      * from the chain sync, and to allow clients to block on us being caught up.
      *
      * Processed hash is a pointer on node's tip and doesn't imply that the
      * wallet has scanned sequentially all blocks up to this one.
      */
     BlockHash m_last_block_processed GUARDED_BY(cs_wallet);
 
     /* Height of last block processed is used by wallet to know depth of
      * transactions without relying on Chain interface beyond asynchronous
      * updates. For safety, we initialize it to -1. Height is a pointer on
      * node's tip and doesn't imply that the wallet has scanned sequentially all
      * blocks up to this one.
      */
     int m_last_block_processed_height GUARDED_BY(cs_wallet) = -1;
 
     bool CreateTransactionInternal(const std::vector<CRecipient> &vecSend,
                                    CTransactionRef &tx, Amount &nFeeRet,
                                    int &nChangePosInOut, bilingual_str &error,
                                    const CCoinControl &coin_control, bool sign);
 
     std::map<OutputType, ScriptPubKeyMan *> m_external_spk_managers;
     std::map<OutputType, ScriptPubKeyMan *> m_internal_spk_managers;
 
     // Indexed by a unique identifier produced by each ScriptPubKeyMan using
     // ScriptPubKeyMan::GetID. In many cases it will be the hash of an internal
     // structure
     std::map<uint256, std::unique_ptr<ScriptPubKeyMan>> m_spk_managers;
 
 public:
     /*
      * Main wallet lock.
      * This lock protects all the fields added by CWallet.
      */
     mutable RecursiveMutex cs_wallet;
 
     /**
      * Get database handle used by this wallet. Ideally this function would not
      * be necessary.
      */
     WalletDatabase &GetDBHandle() { return *database; }
     WalletDatabase &GetDatabase() override { return *database; }
 
     /**
      * Select a set of coins such that nValueRet >= nTargetValue and at least
      * all coins from coinControl are selected; Never select unconfirmed coins
      * if they are not ours.
      */
     bool SelectCoins(const std::vector<COutput> &vAvailableCoins,
                      const Amount nTargetValue,
                      std::set<CInputCoin> &setCoinsRet, Amount &nValueRet,
                      const CCoinControl &coin_control,
                      CoinSelectionParams &coin_selection_params,
                      bool &bnb_used) const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     const WalletLocation &GetLocation() const { return m_location; }
 
     /**
      * Get a name for this wallet for logging/debugging purposes.
      */
     const std::string &GetName() const { return m_location.GetName(); }
 
     typedef std::map<unsigned int, CMasterKey> MasterKeyMap;
     MasterKeyMap mapMasterKeys;
     unsigned int nMasterKeyMaxID = 0;
 
     /** Construct wallet with specified name and database implementation. */
     CWallet(interfaces::Chain *chain, const WalletLocation &location,
             std::unique_ptr<WalletDatabase> _database)
         : m_chain(chain), m_location(location), database(std::move(_database)) {
     }
 
     ~CWallet() {
         // Should not have slots connected at this point.
         assert(NotifyUnload.empty());
     }
 
     /* Returns the chain params used by this wallet. */
     const CChainParams &GetChainParams() const override;
 
     bool IsCrypted() const;
     bool IsLocked() const override;
     bool Lock();
 
     /** Interface to assert chain access */
     bool HaveChain() const { return m_chain ? true : false; }
 
     std::map<TxId, CWalletTx> mapWallet GUARDED_BY(cs_wallet);
 
     typedef std::multimap<int64_t, CWalletTx *> TxItems;
     TxItems wtxOrdered;
 
     int64_t nOrderPosNext GUARDED_BY(cs_wallet) = 0;
     uint64_t nAccountingEntryNumber = 0;
 
     std::map<CTxDestination, CAddressBookData>
         m_address_book GUARDED_BY(cs_wallet);
     const CAddressBookData *
     FindAddressBookEntry(const CTxDestination &,
                          bool allow_change = false) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     std::set<COutPoint> setLockedCoins GUARDED_BY(cs_wallet);
 
     /** Registered interfaces::Chain::Notifications handler. */
     std::unique_ptr<interfaces::Handler> m_chain_notifications_handler;
 
     /** Interface for accessing chain state. */
     interfaces::Chain &chain() const {
         assert(m_chain);
         return *m_chain;
     }
 
     const CWalletTx *GetWalletTx(const TxId &txid) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     bool IsTrusted(const CWalletTx &wtx, std::set<TxId> &trusted_parents) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     //! check whether we are allowed to upgrade (or already support) to the
     //! named feature
     bool CanSupportFeature(enum WalletFeature wf) const override
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet) {
         AssertLockHeld(cs_wallet);
         return nWalletMaxVersion >= wf;
     }
 
     /**
      * populate vCoins with vector of available COutputs.
      */
     void AvailableCoins(std::vector<COutput> &vCoins, bool fOnlySafe = true,
                         const CCoinControl *coinControl = nullptr,
                         const Amount nMinimumAmount = SATOSHI,
                         const Amount nMaximumAmount = MAX_MONEY,
                         const Amount nMinimumSumAmount = MAX_MONEY,
                         const uint64_t nMaximumCount = 0) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     /**
      * Return list of available coins and locked coins grouped by non-change
      * output address.
      */
     std::map<CTxDestination, std::vector<COutput>> ListCoins() const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     /**
      * Find non-change parent output.
      */
     const CTxOut &FindNonChangeParentOutput(const CTransaction &tx,
                                             int output) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     /**
      * Shuffle and select coins until nTargetValue is reached while avoiding
      * small change; This method is stochastic for some inputs and upon
      * completion the coin set and corresponding actual target value is
      * assembled.
      */
     bool SelectCoinsMinConf(const Amount nTargetValue,
                             const CoinEligibilityFilter &eligibility_filter,
                             std::vector<OutputGroup> groups,
                             std::set<CInputCoin> &setCoinsRet,
                             Amount &nValueRet,
                             const CoinSelectionParams &coin_selection_params,
                             bool &bnb_used) const;
 
     bool IsSpent(const COutPoint &outpoint) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     // Whether this or any UTXO with the same CTxDestination has been spent.
     bool IsSpentKey(const TxId &txid, unsigned int n) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void SetSpentKeyState(WalletBatch &batch, const TxId &txid, unsigned int n,
                           bool used, std::set<CTxDestination> &tx_destinations)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     std::vector<OutputGroup> GroupOutputs(const std::vector<COutput> &outputs,
                                           bool single_coin,
                                           const size_t max_ancestors) const;
 
     bool IsLockedCoin(const COutPoint &outpoint) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void LockCoin(const COutPoint &output) EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void UnlockCoin(const COutPoint &output)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void UnlockAllCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void ListLockedCoins(std::vector<COutPoint> &vOutpts) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     /*
      * Rescan abort properties
      */
     void AbortRescan() { fAbortRescan = true; }
     bool IsAbortingRescan() const { return fAbortRescan; }
     bool IsScanning() const { return fScanningWallet; }
     int64_t ScanningDuration() const {
         return fScanningWallet ? GetTimeMillis() - m_scanning_start : 0;
     }
     double ScanningProgress() const {
         return fScanningWallet ? double(m_scanning_progress) : 0;
     }
 
     //! Upgrade stored CKeyMetadata objects to store key origin info as
     //! KeyOriginInfo
     void UpgradeKeyMetadata() EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     bool LoadMinVersion(int nVersion) EXCLUSIVE_LOCKS_REQUIRED(cs_wallet) {
         AssertLockHeld(cs_wallet);
         nWalletVersion = nVersion;
         nWalletMaxVersion = std::max(nWalletMaxVersion, nVersion);
         return true;
     }
 
     /**
      * Adds a destination data tuple to the store, and saves it to disk
      * When adding new fields, take care to consider how DelAddressBook should
      * handle it!
      */
     bool AddDestData(WalletBatch &batch, const CTxDestination &dest,
                      const std::string &key, const std::string &value)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     //! Erases a destination data tuple in the store and on disk
     bool EraseDestData(WalletBatch &batch, const CTxDestination &dest,
                        const std::string &key)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     //! Adds a destination data tuple to the store, without saving it to disk
     void LoadDestData(const CTxDestination &dest, const std::string &key,
                       const std::string &value)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     //! Look up a destination data tuple in the store, return true if found
     //! false otherwise
     bool GetDestData(const CTxDestination &dest, const std::string &key,
                      std::string *value) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     //! Get all destination values matching a prefix.
     std::vector<std::string> GetDestValues(const std::string &prefix) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     //! Holds a timestamp at which point the wallet is scheduled (externally) to
     //! be relocked. Caller must arrange for actual relocking to occur via
     //! Lock().
     int64_t nRelockTime GUARDED_BY(cs_wallet){0};
 
     // Used to prevent concurrent calls to walletpassphrase RPC.
     Mutex m_unlock_mutex;
     bool Unlock(const SecureString &strWalletPassphrase,
                 bool accept_no_keys = false);
     bool ChangeWalletPassphrase(const SecureString &strOldWalletPassphrase,
                                 const SecureString &strNewWalletPassphrase);
     bool EncryptWallet(const SecureString &strWalletPassphrase);
 
     void GetKeyBirthTimes(std::map<CKeyID, int64_t> &mapKeyBirth) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     unsigned int ComputeTimeSmart(const CWalletTx &wtx) const;
 
     /**
      * Increment the next transaction order id
      * @return next transaction order id
      */
     int64_t IncOrderPosNext(WalletBatch *batch = nullptr)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     DBErrors ReorderTransactions();
 
     void MarkDirty();
 
     //! Callback for updating transaction metadata in mapWallet.
     //!
     //! @param wtx - reference to mapWallet transaction to update
     //! @param new_tx - true if wtx is newly inserted, false if it previously
     //! existed
     //!
     //! @return true if wtx is changed and needs to be saved to disk, otherwise
     //! false
     using UpdateWalletTxFn = std::function<bool(CWalletTx &wtx, bool new_tx)>;
 
     CWalletTx *AddToWallet(CTransactionRef tx,
                            const CWalletTx::Confirmation &confirm,
                            const UpdateWalletTxFn &update_wtx = nullptr,
                            bool fFlushOnClose = true);
     bool LoadToWallet(const TxId &txid, const UpdateWalletTxFn &fill_wtx)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void transactionAddedToMempool(const CTransactionRef &tx) override;
     void blockConnected(const CBlock &block, int height) override;
     void blockDisconnected(const CBlock &block, int height) override;
     void updatedBlockTip() override;
     int64_t RescanFromTime(int64_t startTime,
                            const WalletRescanReserver &reserver, bool update);
 
     struct ScanResult {
         enum { SUCCESS, FAILURE, USER_ABORT } status = SUCCESS;
 
         //! Hash and height of most recent block that was successfully scanned.
         //! Unset if no blocks were scanned due to read errors or the chain
         //! being empty.
         BlockHash last_scanned_block;
         std::optional<int> last_scanned_height;
 
         //! Hash of the most recent block that could not be scanned due to
         //! read errors or pruning. Will be set if status is FAILURE, unset if
         //! status is SUCCESS, and may or may not be set if status is
         //! USER_ABORT.
         BlockHash last_failed_block;
     };
     ScanResult ScanForWalletTransactions(const BlockHash &start_block,
                                          int start_height,
                                          std::optional<int> max_height,
                                          const WalletRescanReserver &reserver,
                                          bool fUpdate);
     void transactionRemovedFromMempool(const CTransactionRef &tx,
                                        MemPoolRemovalReason reason) override;
     void ReacceptWalletTransactions() EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     void ResendWalletTransactions();
     struct Balance {
         //! Trusted, at depth=GetBalance.min_depth or more
         Amount m_mine_trusted{Amount::zero()};
         //! Untrusted, but in mempool (pending)
         Amount m_mine_untrusted_pending{Amount::zero()};
         //! Immature coinbases in the main chain
         Amount m_mine_immature{Amount::zero()};
         Amount m_watchonly_trusted{Amount::zero()};
         Amount m_watchonly_untrusted_pending{Amount::zero()};
         Amount m_watchonly_immature{Amount::zero()};
     };
     Balance GetBalance(int min_depth = 0, bool avoid_reuse = true) const;
     Amount GetAvailableBalance(const CCoinControl *coinControl = nullptr) const;
 
     OutputType
     TransactionChangeType(const std::optional<OutputType> &change_type,
                           const std::vector<CRecipient> &vecSend);
 
     /**
      * Insert additional inputs into the transaction by calling
      * CreateTransaction();
      */
     bool FundTransaction(CMutableTransaction &tx, Amount &nFeeRet,
                          int &nChangePosInOut, bilingual_str &error,
                          bool lockUnspents,
                          const std::set<int> &setSubtractFeeFromOutputs,
                          CCoinControl coinControl);
     // Fetch the inputs and sign with SIGHASH_ALL.
     bool SignTransaction(CMutableTransaction &tx) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     // Sign the tx given the input coins and sighash.
     bool SignTransaction(CMutableTransaction &tx,
                          const std::map<COutPoint, Coin> &coins,
                          SigHashType sighash,
                          std::map<int, std::string> &input_errors) const;
     SigningResult SignMessage(const std::string &message, const PKHash &pkhash,
                               std::string &str_sig) const;
 
     /**
      * Fills out a PSBT with information from the wallet. Fills in UTXOs if we
      * have them. Tries to sign if sign=true. Sets `complete` if the PSBT is now
      * complete (i.e. has all required signatures or signature-parts, and is
      * ready to finalize.) Sets `error` and returns false if something goes
      * wrong.
      *
      * @param[in]  psbtx PartiallySignedTransaction to fill in
      * @param[out] complete indicates whether the PSBT is now complete
      * @param[in]  sighash_type the sighash type to use when signing (if PSBT
      * does not specify)
      * @param[in]  sign whether to sign or not
      * @param[in]  bip32derivs whether to fill in bip32 derivation information
      * if available return error
      */
     TransactionError
     FillPSBT(PartiallySignedTransaction &psbtx, bool &complete,
              SigHashType sighash_type = SigHashType().withForkId(),
              bool sign = true, bool bip32derivs = true) const;
 
     /**
      * Create a new transaction paying the recipients with a set of coins
      * selected by SelectCoins(); Also create the change output, when needed
      * @note passing nChangePosInOut as -1 will result in setting a random
      * position
      */
     bool CreateTransaction(const std::vector<CRecipient> &vecSend,
                            CTransactionRef &tx, Amount &nFeeRet,
                            int &nChangePosInOut, bilingual_str &error,
                            const CCoinControl &coin_control, bool sign = true);
 
     /**
      * Submit the transaction to the node's mempool and then relay to peers.
      * Should be called after CreateTransaction unless you want to abort
      * broadcasting the transaction.
      *
      * @param[in] tx The transaction to be broadcast.
      * @param[in] mapValue key-values to be set on the transaction.
      * @param[in] orderForm BIP 70 / BIP 21 order form details to be set on the
      * transaction.
      */
     void CommitTransaction(
         CTransactionRef tx, mapValue_t mapValue,
         std::vector<std::pair<std::string, std::string>> orderForm);
 
     bool DummySignTx(CMutableTransaction &txNew, const std::set<CTxOut> &txouts,
                      bool use_max_sig = false) const {
         std::vector<CTxOut> v_txouts(txouts.size());
         std::copy(txouts.begin(), txouts.end(), v_txouts.begin());
         return DummySignTx(txNew, v_txouts, use_max_sig);
     }
     bool DummySignTx(CMutableTransaction &txNew,
                      const std::vector<CTxOut> &txouts,
                      bool use_max_sig = false) const;
     bool DummySignInput(CTxIn &tx_in, const CTxOut &txout,
                         bool use_max_sig = false) const;
 
     bool ImportScripts(const std::set<CScript> scripts, int64_t timestamp)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     bool ImportPrivKeys(const std::map<CKeyID, CKey> &privkey_map,
                         const int64_t timestamp)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     bool ImportPubKeys(
         const std::vector<CKeyID> &ordered_pubkeys,
         const std::map<CKeyID, CPubKey> &pubkey_map,
         const std::map<CKeyID, std::pair<CPubKey, KeyOriginInfo>> &key_origins,
         const bool add_keypool, const bool internal, const int64_t timestamp)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     bool ImportScriptPubKeys(const std::string &label,
                              const std::set<CScript> &script_pub_keys,
                              const bool have_solving_data,
                              const bool apply_label, const int64_t timestamp)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     CFeeRate m_pay_tx_fee{DEFAULT_PAY_TX_FEE};
     bool m_spend_zero_conf_change{DEFAULT_SPEND_ZEROCONF_CHANGE};
     //! will be false if -fallbackfee=0
     bool m_allow_fallback_fee{true};
     // Override with -mintxfee
     CFeeRate m_min_fee{DEFAULT_TRANSACTION_MINFEE_PER_KB};
     /**
      * If fee estimation does not have enough data to provide estimates, use
      * this fee instead. Has no effect if not using fee estimation Override with
      * -fallbackfee
      */
     CFeeRate m_fallback_fee{DEFAULT_FALLBACK_FEE};
     //! note: this is absolute fee, not fee rate
     Amount m_max_aps_fee{DEFAULT_MAX_AVOIDPARTIALSPEND_FEE};
     OutputType m_default_address_type{DEFAULT_ADDRESS_TYPE};
     /**
      * Default output type for change outputs. When unset, automatically choose
      * type based on address type setting and the types other of non-change
      * outputs (see implementation in CWallet::TransactionChangeType for
      * details).
      */
     std::optional<OutputType> m_default_change_type{};
     /**
      * Absolute maximum transaction fee (in satoshis) used by default for the
      * wallet.
      */
     Amount m_default_max_tx_fee{DEFAULT_TRANSACTION_MAXFEE};
 
     size_t KeypoolCountExternalKeys() const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     bool TopUpKeyPool(unsigned int kpSize = 0);
 
     int64_t GetOldestKeyPoolTime() const;
 
     std::set<std::set<CTxDestination>> GetAddressGroupings() const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     std::map<CTxDestination, Amount> GetAddressBalances() const;
 
     std::set<CTxDestination> GetLabelAddresses(const std::string &label) const;
 
     /**
      * Marks all outputs in each one of the destinations dirty, so their cache
      * is reset and does not return outdated information.
      */
     void MarkDestinationsDirty(const std::set<CTxDestination> &destinations)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     bool GetNewDestination(const OutputType type, const std::string label,
                            CTxDestination &dest, std::string &error);
     bool GetNewChangeDestination(const OutputType type, CTxDestination &dest,
                                  std::string &error);
 
     isminetype IsMine(const CTxDestination &dest) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     isminetype IsMine(const CScript &script) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     isminetype IsMine(const CTxIn &txin) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     /**
      * Returns amount of debit if the input matches the filter, otherwise
      * returns 0
      */
     Amount GetDebit(const CTxIn &txin, const isminefilter &filter) const;
     isminetype IsMine(const CTxOut &txout) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     ;
     Amount GetCredit(const CTxOut &txout, const isminefilter &filter) const;
     bool IsChange(const CTxOut &txout) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     bool IsChange(const CScript &script) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     Amount GetChange(const CTxOut &txout) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     bool IsMine(const CTransaction &tx) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
     /** should probably be renamed to IsRelevantToMe */
     bool IsFromMe(const CTransaction &tx) const;
     Amount GetDebit(const CTransaction &tx, const isminefilter &filter) const;
     /** Returns whether all of the inputs match the filter */
     bool IsAllFromMe(const CTransaction &tx, const isminefilter &filter) const;
     Amount GetCredit(const CTransaction &tx, const isminefilter &filter) const;
     Amount GetChange(const CTransaction &tx) const;
     void chainStateFlushed(const CBlockLocator &loc) override;
 
     DBErrors LoadWallet(bool &fFirstRunRet);
     DBErrors ZapSelectTx(std::vector<TxId> &txIdsIn,
                          std::vector<TxId> &txIdsOut)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     bool SetAddressBook(const CTxDestination &address,
                         const std::string &strName, const std::string &purpose);
 
     bool DelAddressBook(const CTxDestination &address);
 
     unsigned int GetKeyPoolSize() const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     //! signify that a particular wallet feature is now used. this may change
     //! nWalletVersion and nWalletMaxVersion if those are lower
     void SetMinVersion(enum WalletFeature, WalletBatch *batch_in = nullptr,
                        bool fExplicit = false) override;
 
     //! change which version we're allowed to upgrade to (note that this does
     //! not immediately imply upgrading to that format)
     bool SetMaxVersion(int nVersion);
 
     //! get the current wallet format (the oldest client version guaranteed to
     //! understand this wallet)
     int GetVersion() const {
         LOCK(cs_wallet);
         return nWalletVersion;
     }
 
     //! Get wallet transactions that conflict with given transaction (spend same
     //! outputs)
     std::set<TxId> GetConflicts(const TxId &txid) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     //! Check if a given transaction has any of its outputs spent by another
     //! transaction in the wallet
     bool HasWalletSpend(const TxId &txid) const
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     //! Flush wallet (bitdb flush)
     void Flush();
 
     //! Close wallet database
     void Close();
 
     /** Wallet is about to be unloaded */
     boost::signals2::signal<void()> NotifyUnload;
 
     /**
      * Address book entry changed.
      * @note called with lock cs_wallet held.
      */
     boost::signals2::signal<void(CWallet *wallet, const CTxDestination &address,
                                  const std::string &label, bool isMine,
                                  const std::string &purpose, ChangeType status)>
         NotifyAddressBookChanged;
 
     /**
      * Wallet transaction added, removed or updated.
      * @note called with lock cs_wallet held.
      */
     boost::signals2::signal<void(CWallet *wallet, const TxId &txid,
                                  ChangeType status)>
         NotifyTransactionChanged;
 
     /** Show progress e.g. for rescan */
     boost::signals2::signal<void(const std::string &title, int nProgress)>
         ShowProgress;
 
     /** Watch-only address added */
     boost::signals2::signal<void(bool fHaveWatchOnly)> NotifyWatchonlyChanged;
 
     /** Keypool has new keys */
     boost::signals2::signal<void()> NotifyCanGetAddressesChanged;
 
     /**
      * Wallet status (encrypted, locked) changed.
      * Note: Called without locks held.
      */
     boost::signals2::signal<void(CWallet *wallet)> NotifyStatusChanged;
 
     /** Inquire whether this wallet broadcasts transactions. */
     bool GetBroadcastTransactions() const { return fBroadcastTransactions; }
     /** Set whether this wallet broadcasts transactions. */
     void SetBroadcastTransactions(bool broadcast) {
         fBroadcastTransactions = broadcast;
     }
 
     /** Return whether transaction can be abandoned */
     bool TransactionCanBeAbandoned(const TxId &txid) const;
 
     /**
      * Mark a transaction (and it in-wallet descendants) as abandoned so its
      * inputs may be respent.
      */
     bool AbandonTransaction(const TxId &txid);
 
     //! Verify wallet naming and perform salvage on the wallet if required
     static bool Verify(const CChainParams &chainParams,
                        interfaces::Chain &chain, const WalletLocation &location,
                        bilingual_str &error_string,
                        std::vector<bilingual_str> &warnings);
 
     /**
      * Initializes the wallet, returns a new CWallet instance or a null pointer
      * in case of an error.
      */
     static std::shared_ptr<CWallet>
     CreateWalletFromFile(const CChainParams &chainParams,
                          interfaces::Chain &chain,
                          const WalletLocation &location, bilingual_str &error,
                          std::vector<bilingual_str> &warnings,
                          uint64_t wallet_creation_flags = 0);
 
     /**
      * Wallet post-init setup
      * Gives the wallet a chance to register repetitive tasks and complete
      * post-init tasks
      */
     void postInitProcess();
 
     bool BackupWallet(const std::string &strDest) const;
 
     /* Returns true if HD is enabled */
     bool IsHDEnabled() const;
 
     /**
      * Returns true if the wallet can give out new addresses. This means it has
      * keys in the keypool or can generate new keys.
      */
     bool CanGetAddresses(bool internal = false) const;
 
     /**
      * Blocks until the wallet state is up-to-date to /at least/ the current
      * chain at the time this function is entered.
      * Obviously holding cs_main/cs_wallet when going into this call may cause
      * deadlock
      */
     void BlockUntilSyncedToCurrentChain() const
-        LOCKS_EXCLUDED(cs_main, cs_wallet);
+        EXCLUSIVE_LOCKS_REQUIRED(!::cs_main, !cs_wallet);
 
     /**
      * Set a single wallet flag.
      */
     void SetWalletFlag(uint64_t flags);
 
     /**
      * Unsets a single wallet flag.
      */
     void UnsetWalletFlag(uint64_t flag);
 
     /**
      * Check if a certain wallet flag is set.
      */
     bool IsWalletFlagSet(uint64_t flag) const override;
 
     /**
      * Overwrite all flags by the given uint64_t.
      * Returns false if unknown, non-tolerable flags are present.
      */
     bool AddWalletFlags(uint64_t flags);
     /** Loads the flags into the wallet. (used by LoadWallet) */
     bool LoadWalletFlags(uint64_t flags);
 
     /** Determine if we are a legacy wallet */
     bool IsLegacy() const;
 
     /**
      * Returns a bracketed wallet name for displaying in logs, will return
      * [default wallet] if the wallet has no name.
      */
     const std::string GetDisplayName() const override {
         std::string wallet_name =
             GetName().length() == 0 ? "default wallet" : GetName();
         return strprintf("[%s]", wallet_name);
     };
 
     /**
      * Prepends the wallet name in logging output to ease debugging in
      * multi-wallet use cases.
      */
     template <typename... Params>
     void WalletLogPrintf(std::string fmt, Params... parameters) const {
         LogPrintf(("%s " + fmt).c_str(), GetDisplayName(), parameters...);
     };
 
     template <typename... Params>
     void WalletLogPrintfToBeContinued(std::string fmt,
                                       Params... parameters) const {
         LogPrintfToBeContinued(("%s " + fmt).c_str(), GetDisplayName(),
                                parameters...);
     };
 
     /** Upgrade the wallet */
     bool UpgradeWallet(int version, bilingual_str &error,
                        std::vector<bilingual_str> &warnings);
 
     //! Returns all unique ScriptPubKeyMans in m_internal_spk_managers and
     //! m_external_spk_managers
     std::set<ScriptPubKeyMan *> GetActiveScriptPubKeyMans() const;
 
     //! Returns all unique ScriptPubKeyMans
     std::set<ScriptPubKeyMan *> GetAllScriptPubKeyMans() const;
 
     //! Get the ScriptPubKeyMan for the given OutputType and internal/external
     //! chain.
     ScriptPubKeyMan *GetScriptPubKeyMan(const OutputType &type,
                                         bool internal) const;
 
     //! Get the ScriptPubKeyMan for a script
     ScriptPubKeyMan *GetScriptPubKeyMan(const CScript &script) const;
     //! Get the ScriptPubKeyMan by id
     ScriptPubKeyMan *GetScriptPubKeyMan(const uint256 &id) const;
 
     //! Get all of the ScriptPubKeyMans for a script given additional
     //! information in sigdata (populated by e.g. a psbt)
     std::set<ScriptPubKeyMan *>
     GetScriptPubKeyMans(const CScript &script, SignatureData &sigdata) const;
 
     //! Get the SigningProvider for a script
     std::unique_ptr<SigningProvider>
     GetSolvingProvider(const CScript &script) const;
     std::unique_ptr<SigningProvider>
     GetSolvingProvider(const CScript &script, SignatureData &sigdata) const;
 
     //! Get the LegacyScriptPubKeyMan which is used for all types, internal, and
     //! external.
     LegacyScriptPubKeyMan *GetLegacyScriptPubKeyMan() const;
     LegacyScriptPubKeyMan *GetOrCreateLegacyScriptPubKeyMan();
 
     //! Make a LegacyScriptPubKeyMan and set it for all types, internal, and
     //! external.
     void SetupLegacyScriptPubKeyMan();
 
     const CKeyingMaterial &GetEncryptionKey() const override;
     bool HasEncryptionKeys() const override;
 
     /** Get last block processed height */
     int GetLastBlockHeight() const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet) {
         AssertLockHeld(cs_wallet);
         assert(m_last_block_processed_height >= 0);
         return m_last_block_processed_height;
     };
     BlockHash GetLastBlockHash() const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet) {
         AssertLockHeld(cs_wallet);
         assert(m_last_block_processed_height >= 0);
         return m_last_block_processed;
     }
     /** Set last block processed height, currently only use in unit test */
     void SetLastBlockProcessed(int block_height, BlockHash block_hash)
         EXCLUSIVE_LOCKS_REQUIRED(cs_wallet) {
         AssertLockHeld(cs_wallet);
         m_last_block_processed_height = block_height;
         m_last_block_processed = block_hash;
     };
 
     //! Connect the signals from ScriptPubKeyMans to the signals in CWallet
     void ConnectScriptPubKeyManNotifiers();
 
     //! Instantiate a descriptor ScriptPubKeyMan from the WalletDescriptor and
     //! load it
     void LoadDescriptorScriptPubKeyMan(uint256 id, WalletDescriptor &desc);
 
     //! Adds the active ScriptPubKeyMan for the specified type and internal.
     //! Writes it to the wallet file
     //! @param[in] id The unique id for the ScriptPubKeyMan
     //! @param[in] type The OutputType this ScriptPubKeyMan provides addresses
     //!                 for
     //! @param[in] internal Whether this ScriptPubKeyMan provides change
     //!                     addresses
     void AddActiveScriptPubKeyMan(uint256 id, OutputType type, bool internal);
 
     //! Loads an active ScriptPubKeyMan for the specified type and internal.
     //! (used by LoadWallet)
     //! @param[in] id The unique id for the ScriptPubKeyMan
     //! @param[in] type The OutputType this ScriptPubKeyMan provides addresses
     //!                 for
     //! @param[in] internal Whether this ScriptPubKeyMan provides change
     //!                     addresses
     void LoadActiveScriptPubKeyMan(uint256 id, OutputType type, bool internal);
 
     //! Create new DescriptorScriptPubKeyMans and add them to the wallet
     void SetupDescriptorScriptPubKeyMans() EXCLUSIVE_LOCKS_REQUIRED(cs_wallet);
 
     //! Return the DescriptorScriptPubKeyMan for a WalletDescriptor if it is
     //! already in the wallet
     DescriptorScriptPubKeyMan *
     GetDescriptorScriptPubKeyMan(const WalletDescriptor &desc) const;
 
     //! Add a descriptor to the wallet, return a ScriptPubKeyMan & associated
     //! output type
     ScriptPubKeyMan *
     AddWalletDescriptor(WalletDescriptor &desc,
                         const FlatSigningProvider &signing_provider,
                         const std::string &label);
 };
 
 /**
  * Called periodically by the schedule thread. Prompts individual wallets to
  * resend their transactions. Actual rebroadcast schedule is managed by the
  * wallets themselves.
  */
 void MaybeResendWalletTxs();
 
 /** RAII object to check and reserve a wallet rescan */
 class WalletRescanReserver {
 private:
     CWallet &m_wallet;
     bool m_could_reserve;
 
 public:
     explicit WalletRescanReserver(CWallet &w)
         : m_wallet(w), m_could_reserve(false) {}
 
     bool reserve() {
         assert(!m_could_reserve);
         if (m_wallet.fScanningWallet.exchange(true)) {
             return false;
         }
         m_wallet.m_scanning_start = GetTimeMillis();
         m_wallet.m_scanning_progress = 0;
         m_could_reserve = true;
         return true;
     }
 
     bool isReserved() const {
         return (m_could_reserve && m_wallet.fScanningWallet);
     }
 
     ~WalletRescanReserver() {
         if (m_could_reserve) {
             m_wallet.fScanningWallet = false;
         }
     }
 };
 
 // Calculate the size of the transaction assuming all signatures are max size
 // Use DummySignatureCreator, which inserts 71 byte signatures everywhere.
 // NOTE: this requires that all inputs must be in mapWallet (eg the tx should
 // be IsAllFromMe).
 int64_t CalculateMaximumSignedTxSize(const CTransaction &tx,
                                      const CWallet *wallet,
                                      bool use_max_sig = false)
     EXCLUSIVE_LOCKS_REQUIRED(wallet->cs_wallet);
 int64_t CalculateMaximumSignedTxSize(const CTransaction &tx,
                                      const CWallet *wallet,
                                      const std::vector<CTxOut> &txouts,
                                      bool use_max_sig = false);
 
 #endif // BITCOIN_WALLET_WALLET_H