Bitcoin Core  27.99.0
P2P Digital Currency
validation.cpp
Go to the documentation of this file.
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2022 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 
6 #include <config/bitcoin-config.h> // IWYU pragma: keep
7 
8 #include <validation.h>
9 
10 #include <arith_uint256.h>
11 #include <chain.h>
12 #include <checkqueue.h>
13 #include <clientversion.h>
14 #include <consensus/amount.h>
15 #include <consensus/consensus.h>
16 #include <consensus/merkle.h>
17 #include <consensus/tx_check.h>
18 #include <consensus/tx_verify.h>
19 #include <consensus/validation.h>
20 #include <cuckoocache.h>
21 #include <flatfile.h>
22 #include <hash.h>
23 #include <kernel/chain.h>
24 #include <kernel/chainparams.h>
25 #include <kernel/coinstats.h>
27 #include <kernel/mempool_entry.h>
30 #include <kernel/warning.h>
31 #include <logging.h>
32 #include <logging/timer.h>
33 #include <node/blockstorage.h>
34 #include <node/utxo_snapshot.h>
35 #include <policy/policy.h>
36 #include <policy/rbf.h>
37 #include <policy/settings.h>
38 #include <policy/v3_policy.h>
39 #include <pow.h>
40 #include <primitives/block.h>
41 #include <primitives/transaction.h>
42 #include <random.h>
43 #include <reverse_iterator.h>
44 #include <script/script.h>
45 #include <script/sigcache.h>
46 #include <signet.h>
47 #include <tinyformat.h>
48 #include <txdb.h>
49 #include <txmempool.h>
50 #include <uint256.h>
51 #include <undo.h>
52 #include <util/check.h>
53 #include <util/fs.h>
54 #include <util/fs_helpers.h>
55 #include <util/hasher.h>
56 #include <util/moneystr.h>
57 #include <util/rbf.h>
58 #include <util/result.h>
59 #include <util/signalinterrupt.h>
60 #include <util/strencodings.h>
61 #include <util/string.h>
62 #include <util/time.h>
63 #include <util/trace.h>
64 #include <util/translation.h>
65 #include <validationinterface.h>
66 
67 #include <algorithm>
68 #include <cassert>
69 #include <chrono>
70 #include <deque>
71 #include <numeric>
72 #include <optional>
73 #include <string>
74 #include <tuple>
75 #include <utility>
76 
81 
82 using fsbridge::FopenFn;
83 using node::BlockManager;
84 using node::BlockMap;
88 
90 static constexpr std::chrono::hours DATABASE_WRITE_INTERVAL{1};
92 static constexpr std::chrono::hours DATABASE_FLUSH_INTERVAL{24};
94 static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE{3};
95 const std::vector<std::string> CHECKLEVEL_DOC {
96  "level 0 reads the blocks from disk",
97  "level 1 verifies block validity",
98  "level 2 verifies undo data",
99  "level 3 checks disconnection of tip blocks",
100  "level 4 tries to reconnect the blocks",
101  "each level includes the checks of the previous levels",
102 };
108 static constexpr int PRUNE_LOCK_BUFFER{10};
109 
111 std::condition_variable g_best_block_cv;
113 
114 const CBlockIndex* Chainstate::FindForkInGlobalIndex(const CBlockLocator& locator) const
115 {
117 
118  // Find the latest block common to locator and chain - we expect that
119  // locator.vHave is sorted descending by height.
120  for (const uint256& hash : locator.vHave) {
121  const CBlockIndex* pindex{m_blockman.LookupBlockIndex(hash)};
122  if (pindex) {
123  if (m_chain.Contains(pindex)) {
124  return pindex;
125  }
126  if (pindex->GetAncestor(m_chain.Height()) == m_chain.Tip()) {
127  return m_chain.Tip();
128  }
129  }
130  }
131  return m_chain.Genesis();
132 }
133 
134 bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
135  const CCoinsViewCache& inputs, unsigned int flags, bool cacheSigStore,
136  bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
137  std::vector<CScriptCheck>* pvChecks = nullptr)
139 
140 bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx)
141 {
143 
144  // CheckFinalTxAtTip() uses active_chain_tip.Height()+1 to evaluate
145  // nLockTime because when IsFinalTx() is called within
146  // AcceptBlock(), the height of the block *being*
147  // evaluated is what is used. Thus if we want to know if a
148  // transaction can be part of the *next* block, we need to call
149  // IsFinalTx() with one more than active_chain_tip.Height().
150  const int nBlockHeight = active_chain_tip.nHeight + 1;
151 
152  // BIP113 requires that time-locked transactions have nLockTime set to
153  // less than the median time of the previous block they're contained in.
154  // When the next block is created its previous block will be the current
155  // chain tip, so we use that to calculate the median time passed to
156  // IsFinalTx().
157  const int64_t nBlockTime{active_chain_tip.GetMedianTimePast()};
158 
159  return IsFinalTx(tx, nBlockHeight, nBlockTime);
160 }
161 
162 namespace {
173 std::optional<std::vector<int>> CalculatePrevHeights(
174  const CBlockIndex& tip,
175  const CCoinsView& coins,
176  const CTransaction& tx)
177 {
178  std::vector<int> prev_heights;
179  prev_heights.resize(tx.vin.size());
180  for (size_t i = 0; i < tx.vin.size(); ++i) {
181  const CTxIn& txin = tx.vin[i];
182  Coin coin;
183  if (!coins.GetCoin(txin.prevout, coin)) {
184  LogPrintf("ERROR: %s: Missing input %d in transaction \'%s\'\n", __func__, i, tx.GetHash().GetHex());
185  return std::nullopt;
186  }
187  if (coin.nHeight == MEMPOOL_HEIGHT) {
188  // Assume all mempool transaction confirm in the next block.
189  prev_heights[i] = tip.nHeight + 1;
190  } else {
191  prev_heights[i] = coin.nHeight;
192  }
193  }
194  return prev_heights;
195 }
196 } // namespace
197 
198 std::optional<LockPoints> CalculateLockPointsAtTip(
199  CBlockIndex* tip,
200  const CCoinsView& coins_view,
201  const CTransaction& tx)
202 {
203  assert(tip);
204 
205  auto prev_heights{CalculatePrevHeights(*tip, coins_view, tx)};
206  if (!prev_heights.has_value()) return std::nullopt;
207 
208  CBlockIndex next_tip;
209  next_tip.pprev = tip;
210  // When SequenceLocks() is called within ConnectBlock(), the height
211  // of the block *being* evaluated is what is used.
212  // Thus if we want to know if a transaction can be part of the
213  // *next* block, we need to use one more than active_chainstate.m_chain.Height()
214  next_tip.nHeight = tip->nHeight + 1;
215  const auto [min_height, min_time] = CalculateSequenceLocks(tx, STANDARD_LOCKTIME_VERIFY_FLAGS, prev_heights.value(), next_tip);
216 
217  // Also store the hash of the block with the highest height of
218  // all the blocks which have sequence locked prevouts.
219  // This hash needs to still be on the chain
220  // for these LockPoint calculations to be valid
221  // Note: It is impossible to correctly calculate a maxInputBlock
222  // if any of the sequence locked inputs depend on unconfirmed txs,
223  // except in the special case where the relative lock time/height
224  // is 0, which is equivalent to no sequence lock. Since we assume
225  // input height of tip+1 for mempool txs and test the resulting
226  // min_height and min_time from CalculateSequenceLocks against tip+1.
227  int max_input_height{0};
228  for (const int height : prev_heights.value()) {
229  // Can ignore mempool inputs since we'll fail if they had non-zero locks
230  if (height != next_tip.nHeight) {
231  max_input_height = std::max(max_input_height, height);
232  }
233  }
234 
235  // tip->GetAncestor(max_input_height) should never return a nullptr
236  // because max_input_height is always less than the tip height.
237  // It would, however, be a bad bug to continue execution, since a
238  // LockPoints object with the maxInputBlock member set to nullptr
239  // signifies no relative lock time.
240  return LockPoints{min_height, min_time, Assert(tip->GetAncestor(max_input_height))};
241 }
242 
244  const LockPoints& lock_points)
245 {
246  assert(tip != nullptr);
247 
248  CBlockIndex index;
249  index.pprev = tip;
250  // CheckSequenceLocksAtTip() uses active_chainstate.m_chain.Height()+1 to evaluate
251  // height based locks because when SequenceLocks() is called within
252  // ConnectBlock(), the height of the block *being*
253  // evaluated is what is used.
254  // Thus if we want to know if a transaction can be part of the
255  // *next* block, we need to use one more than active_chainstate.m_chain.Height()
256  index.nHeight = tip->nHeight + 1;
257 
258  return EvaluateSequenceLocks(index, {lock_points.height, lock_points.time});
259 }
260 
261 // Returns the script flags which should be checked for a given block
262 static unsigned int GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman);
263 
264 static void LimitMempoolSize(CTxMemPool& pool, CCoinsViewCache& coins_cache)
266 {
268  AssertLockHeld(pool.cs);
269  int expired = pool.Expire(GetTime<std::chrono::seconds>() - pool.m_opts.expiry);
270  if (expired != 0) {
271  LogPrint(BCLog::MEMPOOL, "Expired %i transactions from the memory pool\n", expired);
272  }
273 
274  std::vector<COutPoint> vNoSpendsRemaining;
275  pool.TrimToSize(pool.m_opts.max_size_bytes, &vNoSpendsRemaining);
276  for (const COutPoint& removed : vNoSpendsRemaining)
277  coins_cache.Uncache(removed);
278 }
279 
281 {
283  if (active_chainstate.m_chainman.IsInitialBlockDownload()) {
284  return false;
285  }
286  if (active_chainstate.m_chain.Tip()->GetBlockTime() < count_seconds(GetTime<std::chrono::seconds>() - MAX_FEE_ESTIMATION_TIP_AGE))
287  return false;
288  if (active_chainstate.m_chain.Height() < active_chainstate.m_chainman.m_best_header->nHeight - 1) {
289  return false;
290  }
291  return true;
292 }
293 
295  DisconnectedBlockTransactions& disconnectpool,
296  bool fAddToMempool)
297 {
298  if (!m_mempool) return;
299 
302  std::vector<uint256> vHashUpdate;
303  {
304  // disconnectpool is ordered so that the front is the most recently-confirmed
305  // transaction (the last tx of the block at the tip) in the disconnected chain.
306  // Iterate disconnectpool in reverse, so that we add transactions
307  // back to the mempool starting with the earliest transaction that had
308  // been previously seen in a block.
309  const auto queuedTx = disconnectpool.take();
310  auto it = queuedTx.rbegin();
311  while (it != queuedTx.rend()) {
312  // ignore validation errors in resurrected transactions
313  if (!fAddToMempool || (*it)->IsCoinBase() ||
314  AcceptToMemoryPool(*this, *it, GetTime(),
315  /*bypass_limits=*/true, /*test_accept=*/false).m_result_type !=
317  // If the transaction doesn't make it in to the mempool, remove any
318  // transactions that depend on it (which would now be orphans).
320  } else if (m_mempool->exists(GenTxid::Txid((*it)->GetHash()))) {
321  vHashUpdate.push_back((*it)->GetHash());
322  }
323  ++it;
324  }
325  }
326 
327  // AcceptToMemoryPool/addUnchecked all assume that new mempool entries have
328  // no in-mempool children, which is generally not true when adding
329  // previously-confirmed transactions back to the mempool.
330  // UpdateTransactionsFromBlock finds descendants of any transactions in
331  // the disconnectpool that were added back and cleans up the mempool state.
333 
334  // Predicate to use for filtering transactions in removeForReorg.
335  // Checks whether the transaction is still final and, if it spends a coinbase output, mature.
336  // Also updates valid entries' cached LockPoints if needed.
337  // If false, the tx is still valid and its lockpoints are updated.
338  // If true, the tx would be invalid in the next block; remove this entry and all of its descendants.
339  // Note that v3 rules are not applied here, so reorgs may cause violations of v3 inheritance or
340  // topology restrictions.
341  const auto filter_final_and_mature = [&](CTxMemPool::txiter it)
345  const CTransaction& tx = it->GetTx();
346 
347  // The transaction must be final.
348  if (!CheckFinalTxAtTip(*Assert(m_chain.Tip()), tx)) return true;
349 
350  const LockPoints& lp = it->GetLockPoints();
351  // CheckSequenceLocksAtTip checks if the transaction will be final in the next block to be
352  // created on top of the new chain.
355  return true;
356  }
357  } else {
358  const CCoinsViewMemPool view_mempool{&CoinsTip(), *m_mempool};
359  const std::optional<LockPoints> new_lock_points{CalculateLockPointsAtTip(m_chain.Tip(), view_mempool, tx)};
360  if (new_lock_points.has_value() && CheckSequenceLocksAtTip(m_chain.Tip(), *new_lock_points)) {
361  // Now update the mempool entry lockpoints as well.
362  it->UpdateLockPoints(*new_lock_points);
363  } else {
364  return true;
365  }
366  }
367 
368  // If the transaction spends any coinbase outputs, it must be mature.
369  if (it->GetSpendsCoinbase()) {
370  for (const CTxIn& txin : tx.vin) {
371  if (m_mempool->exists(GenTxid::Txid(txin.prevout.hash))) continue;
372  const Coin& coin{CoinsTip().AccessCoin(txin.prevout)};
373  assert(!coin.IsSpent());
374  const auto mempool_spend_height{m_chain.Tip()->nHeight + 1};
375  if (coin.IsCoinBase() && mempool_spend_height - coin.nHeight < COINBASE_MATURITY) {
376  return true;
377  }
378  }
379  }
380  // Transaction is still valid and cached LockPoints are updated.
381  return false;
382  };
383 
384  // We also need to remove any now-immature transactions
385  m_mempool->removeForReorg(m_chain, filter_final_and_mature);
386  // Re-limit mempool size, in case we added any transactions
388 }
389 
396  const CCoinsViewCache& view, const CTxMemPool& pool,
397  unsigned int flags, PrecomputedTransactionData& txdata, CCoinsViewCache& coins_tip)
399 {
402 
404  for (const CTxIn& txin : tx.vin) {
405  const Coin& coin = view.AccessCoin(txin.prevout);
406 
407  // This coin was checked in PreChecks and MemPoolAccept
408  // has been holding cs_main since then.
409  Assume(!coin.IsSpent());
410  if (coin.IsSpent()) return false;
411 
412  // If the Coin is available, there are 2 possibilities:
413  // it is available in our current ChainstateActive UTXO set,
414  // or it's a UTXO provided by a transaction in our mempool.
415  // Ensure the scriptPubKeys in Coins from CoinsView are correct.
416  const CTransactionRef& txFrom = pool.get(txin.prevout.hash);
417  if (txFrom) {
418  assert(txFrom->GetHash() == txin.prevout.hash);
419  assert(txFrom->vout.size() > txin.prevout.n);
420  assert(txFrom->vout[txin.prevout.n] == coin.out);
421  } else {
422  const Coin& coinFromUTXOSet = coins_tip.AccessCoin(txin.prevout);
423  assert(!coinFromUTXOSet.IsSpent());
424  assert(coinFromUTXOSet.out == coin.out);
425  }
426  }
427 
428  // Call CheckInputScripts() to cache signature and script validity against current tip consensus rules.
429  return CheckInputScripts(tx, state, view, flags, /* cacheSigStore= */ true, /* cacheFullScriptStore= */ true, txdata);
430 }
431 
432 namespace {
433 
434 class MemPoolAccept
435 {
436 public:
437  explicit MemPoolAccept(CTxMemPool& mempool, Chainstate& active_chainstate) :
438  m_pool(mempool),
439  m_view(&m_dummy),
440  m_viewmempool(&active_chainstate.CoinsTip(), m_pool),
441  m_active_chainstate(active_chainstate)
442  {
443  }
444 
445  // We put the arguments we're handed into a struct, so we can pass them
446  // around easier.
447  struct ATMPArgs {
448  const CChainParams& m_chainparams;
449  const int64_t m_accept_time;
450  const bool m_bypass_limits;
451  /*
452  * Return any outpoints which were not previously present in the coins
453  * cache, but were added as a result of validating the tx for mempool
454  * acceptance. This allows the caller to optionally remove the cache
455  * additions if the associated transaction ends up being rejected by
456  * the mempool.
457  */
458  std::vector<COutPoint>& m_coins_to_uncache;
460  const bool m_test_accept;
464  const bool m_allow_replacement;
466  const bool m_allow_sibling_eviction;
471  const bool m_package_submission;
475  const bool m_package_feerates;
480  const std::optional<CFeeRate> m_client_maxfeerate;
481 
483  const bool m_allow_carveouts;
484 
486  static ATMPArgs SingleAccept(const CChainParams& chainparams, int64_t accept_time,
487  bool bypass_limits, std::vector<COutPoint>& coins_to_uncache,
488  bool test_accept) {
489  return ATMPArgs{/* m_chainparams */ chainparams,
490  /* m_accept_time */ accept_time,
491  /* m_bypass_limits */ bypass_limits,
492  /* m_coins_to_uncache */ coins_to_uncache,
493  /* m_test_accept */ test_accept,
494  /* m_allow_replacement */ true,
495  /* m_allow_sibling_eviction */ true,
496  /* m_package_submission */ false,
497  /* m_package_feerates */ false,
498  /* m_client_maxfeerate */ {}, // checked by caller
499  /* m_allow_carveouts */ true,
500  };
501  }
502 
504  static ATMPArgs PackageTestAccept(const CChainParams& chainparams, int64_t accept_time,
505  std::vector<COutPoint>& coins_to_uncache) {
506  return ATMPArgs{/* m_chainparams */ chainparams,
507  /* m_accept_time */ accept_time,
508  /* m_bypass_limits */ false,
509  /* m_coins_to_uncache */ coins_to_uncache,
510  /* m_test_accept */ true,
511  /* m_allow_replacement */ false,
512  /* m_allow_sibling_eviction */ false,
513  /* m_package_submission */ false, // not submitting to mempool
514  /* m_package_feerates */ false,
515  /* m_client_maxfeerate */ {}, // checked by caller
516  /* m_allow_carveouts */ false,
517  };
518  }
519 
521  static ATMPArgs PackageChildWithParents(const CChainParams& chainparams, int64_t accept_time,
522  std::vector<COutPoint>& coins_to_uncache, const std::optional<CFeeRate>& client_maxfeerate) {
523  return ATMPArgs{/* m_chainparams */ chainparams,
524  /* m_accept_time */ accept_time,
525  /* m_bypass_limits */ false,
526  /* m_coins_to_uncache */ coins_to_uncache,
527  /* m_test_accept */ false,
528  /* m_allow_replacement */ true,
529  /* m_allow_sibling_eviction */ false,
530  /* m_package_submission */ true,
531  /* m_package_feerates */ true,
532  /* m_client_maxfeerate */ client_maxfeerate,
533  /* m_allow_carveouts */ false,
534  };
535  }
536 
538  static ATMPArgs SingleInPackageAccept(const ATMPArgs& package_args) {
539  return ATMPArgs{/* m_chainparams */ package_args.m_chainparams,
540  /* m_accept_time */ package_args.m_accept_time,
541  /* m_bypass_limits */ false,
542  /* m_coins_to_uncache */ package_args.m_coins_to_uncache,
543  /* m_test_accept */ package_args.m_test_accept,
544  /* m_allow_replacement */ true,
545  /* m_allow_sibling_eviction */ true,
546  /* m_package_submission */ true, // do not LimitMempoolSize in Finalize()
547  /* m_package_feerates */ false, // only 1 transaction
548  /* m_client_maxfeerate */ package_args.m_client_maxfeerate,
549  /* m_allow_carveouts */ false,
550  };
551  }
552 
553  private:
554  // Private ctor to avoid exposing details to clients and allowing the possibility of
555  // mixing up the order of the arguments. Use static functions above instead.
556  ATMPArgs(const CChainParams& chainparams,
557  int64_t accept_time,
558  bool bypass_limits,
559  std::vector<COutPoint>& coins_to_uncache,
560  bool test_accept,
561  bool allow_replacement,
562  bool allow_sibling_eviction,
563  bool package_submission,
564  bool package_feerates,
565  std::optional<CFeeRate> client_maxfeerate,
566  bool allow_carveouts)
567  : m_chainparams{chainparams},
568  m_accept_time{accept_time},
569  m_bypass_limits{bypass_limits},
570  m_coins_to_uncache{coins_to_uncache},
571  m_test_accept{test_accept},
572  m_allow_replacement{allow_replacement},
573  m_allow_sibling_eviction{allow_sibling_eviction},
574  m_package_submission{package_submission},
575  m_package_feerates{package_feerates},
576  m_client_maxfeerate{client_maxfeerate},
577  m_allow_carveouts{allow_carveouts}
578  {
579  // If we are using package feerates, we must be doing package submission.
580  // It also means carveouts and sibling eviction are not permitted.
581  if (m_package_feerates) {
582  Assume(m_package_submission);
583  Assume(!m_allow_carveouts);
584  Assume(!m_allow_sibling_eviction);
585  }
586  if (m_allow_sibling_eviction) Assume(m_allow_replacement);
587  }
588  };
589 
591  void CleanupTemporaryCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
592 
593  // Single transaction acceptance
594  MempoolAcceptResult AcceptSingleTransaction(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
595 
601  PackageMempoolAcceptResult AcceptMultipleTransactions(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
602 
613  PackageMempoolAcceptResult AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
615 
620  PackageMempoolAcceptResult AcceptPackage(const Package& package, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
621 
622 private:
623  // All the intermediate state that gets passed between the various levels
624  // of checking a given transaction.
625  struct Workspace {
626  explicit Workspace(const CTransactionRef& ptx) : m_ptx(ptx), m_hash(ptx->GetHash()) {}
629  std::set<Txid> m_conflicts;
632  CTxMemPool::setEntries m_iters_conflicting;
634  CTxMemPool::setEntries m_ancestors;
637  std::unique_ptr<CTxMemPoolEntry> m_entry;
640  bool m_sibling_eviction{false};
641 
644  int64_t m_vsize;
646  CAmount m_base_fees;
648  CAmount m_modified_fees;
649 
653  CFeeRate m_package_feerate{0};
654 
655  const CTransactionRef& m_ptx;
657  const Txid& m_hash;
658  TxValidationState m_state;
661  PrecomputedTransactionData m_precomputed_txdata;
662  };
663 
664  // Run the policy checks on a given transaction, excluding any script checks.
665  // Looks up inputs, calculates feerate, considers replacement, evaluates
666  // package limits, etc. As this function can be invoked for "free" by a peer,
667  // only tests that are fast should be done here (to avoid CPU DoS).
668  bool PreChecks(ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
669 
670  // Run checks for mempool replace-by-fee, only used in AcceptSingleTransaction.
671  bool ReplacementChecks(Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
672 
673  // Enforce package mempool ancestor/descendant limits (distinct from individual
674  // ancestor/descendant limits done in PreChecks) and run Package RBF checks.
675  bool PackageMempoolChecks(const std::vector<CTransactionRef>& txns,
676  std::vector<Workspace>& workspaces,
677  int64_t total_vsize,
678  PackageValidationState& package_state) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
679 
680  // Run the script checks using our policy flags. As this can be slow, we should
681  // only invoke this on transactions that have otherwise passed policy checks.
682  bool PolicyScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
683 
684  // Re-run the script checks, using consensus flags, and try to cache the
685  // result in the scriptcache. This should be done after
686  // PolicyScriptChecks(). This requires that all inputs either be in our
687  // utxo set or in the mempool.
688  bool ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
689 
690  // Try to add the transaction to the mempool, removing any conflicts first.
691  // Returns true if the transaction is in the mempool after any size
692  // limiting is performed, false otherwise.
693  bool Finalize(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
694 
695  // Submit all transactions to the mempool and call ConsensusScriptChecks to add to the script
696  // cache - should only be called after successful validation of all transactions in the package.
697  // Does not call LimitMempoolSize(), so mempool max_size_bytes may be temporarily exceeded.
698  bool SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces, PackageValidationState& package_state,
699  std::map<uint256, MempoolAcceptResult>& results)
700  EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
701 
702  // Compare a package's feerate against minimum allowed.
703  bool CheckFeeRate(size_t package_size, CAmount package_fee, TxValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs)
704  {
706  AssertLockHeld(m_pool.cs);
707  CAmount mempoolRejectFee = m_pool.GetMinFee().GetFee(package_size);
708  if (mempoolRejectFee > 0 && package_fee < mempoolRejectFee) {
709  return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool min fee not met", strprintf("%d < %d", package_fee, mempoolRejectFee));
710  }
711 
712  if (package_fee < m_pool.m_opts.min_relay_feerate.GetFee(package_size)) {
713  return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "min relay fee not met",
714  strprintf("%d < %d", package_fee, m_pool.m_opts.min_relay_feerate.GetFee(package_size)));
715  }
716  return true;
717  }
718 
719 private:
720  CTxMemPool& m_pool;
721  CCoinsViewCache m_view;
722  CCoinsViewMemPool m_viewmempool;
723  CCoinsView m_dummy;
724 
725  Chainstate& m_active_chainstate;
726 
727  // Fields below are per *sub*package state and must be reset prior to subsequent
728  // AcceptSingleTransaction and AcceptMultipleTransactions invocations
729  struct SubPackageState {
731  CAmount m_total_modified_fees{0};
733  int64_t m_total_vsize{0};
734 
735  // RBF-related members
738  bool m_rbf{false};
740  CTxMemPool::setEntries m_all_conflicts;
742  std::list<CTransactionRef> m_replaced_transactions;
743 
745  CAmount m_conflicting_fees{0};
747  size_t m_conflicting_size{0};
748  };
749 
750  struct SubPackageState m_subpackage;
751 
753  void ClearSubPackageState() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs)
754  {
755  m_subpackage = SubPackageState{};
756 
757  // And clean coins while at it
758  CleanupTemporaryCoins();
759  }
760 };
761 
762 bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
763 {
765  AssertLockHeld(m_pool.cs);
766  const CTransactionRef& ptx = ws.m_ptx;
767  const CTransaction& tx = *ws.m_ptx;
768  const Txid& hash = ws.m_hash;
769 
770  // Copy/alias what we need out of args
771  const int64_t nAcceptTime = args.m_accept_time;
772  const bool bypass_limits = args.m_bypass_limits;
773  std::vector<COutPoint>& coins_to_uncache = args.m_coins_to_uncache;
774 
775  // Alias what we need out of ws
776  TxValidationState& state = ws.m_state;
777  std::unique_ptr<CTxMemPoolEntry>& entry = ws.m_entry;
778 
779  if (!CheckTransaction(tx, state)) {
780  return false; // state filled in by CheckTransaction
781  }
782 
783  // Coinbase is only valid in a block, not as a loose transaction
784  if (tx.IsCoinBase())
785  return state.Invalid(TxValidationResult::TX_CONSENSUS, "coinbase");
786 
787  // Rather not work on nonstandard transactions (unless -testnet/-regtest)
788  std::string reason;
789  if (m_pool.m_opts.require_standard && !IsStandardTx(tx, m_pool.m_opts.max_datacarrier_bytes, m_pool.m_opts.permit_bare_multisig, m_pool.m_opts.dust_relay_feerate, reason)) {
790  return state.Invalid(TxValidationResult::TX_NOT_STANDARD, reason);
791  }
792 
793  // Transactions smaller than 65 non-witness bytes are not relayed to mitigate CVE-2017-12842.
795  return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "tx-size-small");
796 
797  // Only accept nLockTime-using transactions that can be mined in the next
798  // block; we don't want our mempool filled up with transactions that can't
799  // be mined yet.
800  if (!CheckFinalTxAtTip(*Assert(m_active_chainstate.m_chain.Tip()), tx)) {
801  return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-final");
802  }
803 
804  if (m_pool.exists(GenTxid::Wtxid(tx.GetWitnessHash()))) {
805  // Exact transaction already exists in the mempool.
806  return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-in-mempool");
807  } else if (m_pool.exists(GenTxid::Txid(tx.GetHash()))) {
808  // Transaction with the same non-witness data but different witness (same txid, different
809  // wtxid) already exists in the mempool.
810  return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-same-nonwitness-data-in-mempool");
811  }
812 
813  // Check for conflicts with in-memory transactions
814  for (const CTxIn &txin : tx.vin)
815  {
816  const CTransaction* ptxConflicting = m_pool.GetConflictTx(txin.prevout);
817  if (ptxConflicting) {
818  if (!args.m_allow_replacement) {
819  // Transaction conflicts with a mempool tx, but we're not allowing replacements.
820  return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "bip125-replacement-disallowed");
821  }
822  if (!ws.m_conflicts.count(ptxConflicting->GetHash()))
823  {
824  // Transactions that don't explicitly signal replaceability are
825  // *not* replaceable with the current logic, even if one of their
826  // unconfirmed ancestors signals replaceability. This diverges
827  // from BIP125's inherited signaling description (see CVE-2021-31876).
828  // Applications relying on first-seen mempool behavior should
829  // check all unconfirmed ancestors; otherwise an opt-in ancestor
830  // might be replaced, causing removal of this descendant.
831  //
832  // All V3 transactions are considered replaceable.
833  //
834  // Replaceability signaling of the original transactions may be
835  // ignored due to node setting.
836  const bool allow_rbf{m_pool.m_opts.full_rbf || SignalsOptInRBF(*ptxConflicting) || ptxConflicting->version == TRUC_VERSION};
837  if (!allow_rbf) {
838  return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "txn-mempool-conflict");
839  }
840 
841  ws.m_conflicts.insert(ptxConflicting->GetHash());
842  }
843  }
844  }
845 
846  m_view.SetBackend(m_viewmempool);
847 
848  const CCoinsViewCache& coins_cache = m_active_chainstate.CoinsTip();
849  // do all inputs exist?
850  for (const CTxIn& txin : tx.vin) {
851  if (!coins_cache.HaveCoinInCache(txin.prevout)) {
852  coins_to_uncache.push_back(txin.prevout);
853  }
854 
855  // Note: this call may add txin.prevout to the coins cache
856  // (coins_cache.cacheCoins) by way of FetchCoin(). It should be removed
857  // later (via coins_to_uncache) if this tx turns out to be invalid.
858  if (!m_view.HaveCoin(txin.prevout)) {
859  // Are inputs missing because we already have the tx?
860  for (size_t out = 0; out < tx.vout.size(); out++) {
861  // Optimistically just do efficient check of cache for outputs
862  if (coins_cache.HaveCoinInCache(COutPoint(hash, out))) {
863  return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-known");
864  }
865  }
866  // Otherwise assume this might be an orphan tx for which we just haven't seen parents yet
867  return state.Invalid(TxValidationResult::TX_MISSING_INPUTS, "bad-txns-inputs-missingorspent");
868  }
869  }
870 
871  // This is const, but calls into the back end CoinsViews. The CCoinsViewDB at the bottom of the
872  // hierarchy brings the best block into scope. See CCoinsViewDB::GetBestBlock().
873  m_view.GetBestBlock();
874 
875  // we have all inputs cached now, so switch back to dummy (to protect
876  // against bugs where we pull more inputs from disk that miss being added
877  // to coins_to_uncache)
878  m_view.SetBackend(m_dummy);
879 
880  assert(m_active_chainstate.m_blockman.LookupBlockIndex(m_view.GetBestBlock()) == m_active_chainstate.m_chain.Tip());
881 
882  // Only accept BIP68 sequence locked transactions that can be mined in the next
883  // block; we don't want our mempool filled up with transactions that can't
884  // be mined yet.
885  // Pass in m_view which has all of the relevant inputs cached. Note that, since m_view's
886  // backend was removed, it no longer pulls coins from the mempool.
887  const std::optional<LockPoints> lock_points{CalculateLockPointsAtTip(m_active_chainstate.m_chain.Tip(), m_view, tx)};
888  if (!lock_points.has_value() || !CheckSequenceLocksAtTip(m_active_chainstate.m_chain.Tip(), *lock_points)) {
889  return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-BIP68-final");
890  }
891 
892  // The mempool holds txs for the next block, so pass height+1 to CheckTxInputs
893  if (!Consensus::CheckTxInputs(tx, state, m_view, m_active_chainstate.m_chain.Height() + 1, ws.m_base_fees)) {
894  return false; // state filled in by CheckTxInputs
895  }
896 
897  if (m_pool.m_opts.require_standard && !AreInputsStandard(tx, m_view)) {
898  return state.Invalid(TxValidationResult::TX_INPUTS_NOT_STANDARD, "bad-txns-nonstandard-inputs");
899  }
900 
901  // Check for non-standard witnesses.
902  if (tx.HasWitness() && m_pool.m_opts.require_standard && !IsWitnessStandard(tx, m_view)) {
903  return state.Invalid(TxValidationResult::TX_WITNESS_MUTATED, "bad-witness-nonstandard");
904  }
905 
906  int64_t nSigOpsCost = GetTransactionSigOpCost(tx, m_view, STANDARD_SCRIPT_VERIFY_FLAGS);
907 
908  // ws.m_modified_fees includes any fee deltas from PrioritiseTransaction
909  ws.m_modified_fees = ws.m_base_fees;
910  m_pool.ApplyDelta(hash, ws.m_modified_fees);
911 
912  // Keep track of transactions that spend a coinbase, which we re-scan
913  // during reorgs to ensure COINBASE_MATURITY is still met.
914  bool fSpendsCoinbase = false;
915  for (const CTxIn &txin : tx.vin) {
916  const Coin &coin = m_view.AccessCoin(txin.prevout);
917  if (coin.IsCoinBase()) {
918  fSpendsCoinbase = true;
919  break;
920  }
921  }
922 
923  // Set entry_sequence to 0 when bypass_limits is used; this allows txs from a block
924  // reorg to be marked earlier than any child txs that were already in the mempool.
925  const uint64_t entry_sequence = bypass_limits ? 0 : m_pool.GetSequence();
926  entry.reset(new CTxMemPoolEntry(ptx, ws.m_base_fees, nAcceptTime, m_active_chainstate.m_chain.Height(), entry_sequence,
927  fSpendsCoinbase, nSigOpsCost, lock_points.value()));
928  ws.m_vsize = entry->GetTxSize();
929 
930  if (nSigOpsCost > MAX_STANDARD_TX_SIGOPS_COST)
931  return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "bad-txns-too-many-sigops",
932  strprintf("%d", nSigOpsCost));
933 
934  // No individual transactions are allowed below the min relay feerate except from disconnected blocks.
935  // This requirement, unlike CheckFeeRate, cannot be bypassed using m_package_feerates because,
936  // while a tx could be package CPFP'd when entering the mempool, we do not have a DoS-resistant
937  // method of ensuring the tx remains bumped. For example, the fee-bumping child could disappear
938  // due to a replacement.
939  // The only exception is v3 transactions.
940  if (!bypass_limits && ws.m_ptx->version != TRUC_VERSION && ws.m_modified_fees < m_pool.m_opts.min_relay_feerate.GetFee(ws.m_vsize)) {
941  // Even though this is a fee-related failure, this result is TX_MEMPOOL_POLICY, not
942  // TX_RECONSIDERABLE, because it cannot be bypassed using package validation.
943  return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "min relay fee not met",
944  strprintf("%d < %d", ws.m_modified_fees, m_pool.m_opts.min_relay_feerate.GetFee(ws.m_vsize)));
945  }
946  // No individual transactions are allowed below the mempool min feerate except from disconnected
947  // blocks and transactions in a package. Package transactions will be checked using package
948  // feerate later.
949  if (!bypass_limits && !args.m_package_feerates && !CheckFeeRate(ws.m_vsize, ws.m_modified_fees, state)) return false;
950 
951  ws.m_iters_conflicting = m_pool.GetIterSet(ws.m_conflicts);
952 
953  // Note that these modifications are only applicable to single transaction scenarios;
954  // carve-outs are disabled for multi-transaction evaluations.
955  CTxMemPool::Limits maybe_rbf_limits = m_pool.m_opts.limits;
956 
957  // Calculate in-mempool ancestors, up to a limit.
958  if (ws.m_conflicts.size() == 1 && args.m_allow_carveouts) {
959  // In general, when we receive an RBF transaction with mempool conflicts, we want to know whether we
960  // would meet the chain limits after the conflicts have been removed. However, there isn't a practical
961  // way to do this short of calculating the ancestor and descendant sets with an overlay cache of
962  // changed mempool entries. Due to both implementation and runtime complexity concerns, this isn't
963  // very realistic, thus we only ensure a limited set of transactions are RBF'able despite mempool
964  // conflicts here. Importantly, we need to ensure that some transactions which were accepted using
965  // the below carve-out are able to be RBF'ed, without impacting the security the carve-out provides
966  // for off-chain contract systems (see link in the comment below).
967  //
968  // Specifically, the subset of RBF transactions which we allow despite chain limits are those which
969  // conflict directly with exactly one other transaction (but may evict children of said transaction),
970  // and which are not adding any new mempool dependencies. Note that the "no new mempool dependencies"
971  // check is accomplished later, so we don't bother doing anything about it here, but if our
972  // policy changes, we may need to move that check to here instead of removing it wholesale.
973  //
974  // Such transactions are clearly not merging any existing packages, so we are only concerned with
975  // ensuring that (a) no package is growing past the package size (not count) limits and (b) we are
976  // not allowing something to effectively use the (below) carve-out spot when it shouldn't be allowed
977  // to.
978  //
979  // To check these we first check if we meet the RBF criteria, above, and increment the descendant
980  // limits by the direct conflict and its descendants (as these are recalculated in
981  // CalculateMempoolAncestors by assuming the new transaction being added is a new descendant, with no
982  // removals, of each parent's existing dependent set). The ancestor count limits are unmodified (as
983  // the ancestor limits should be the same for both our new transaction and any conflicts).
984  // We don't bother incrementing m_limit_descendants by the full removal count as that limit never comes
985  // into force here (as we're only adding a single transaction).
986  assert(ws.m_iters_conflicting.size() == 1);
987  CTxMemPool::txiter conflict = *ws.m_iters_conflicting.begin();
988 
989  maybe_rbf_limits.descendant_count += 1;
990  maybe_rbf_limits.descendant_size_vbytes += conflict->GetSizeWithDescendants();
991  }
992 
993  if (auto ancestors{m_pool.CalculateMemPoolAncestors(*entry, maybe_rbf_limits)}) {
994  ws.m_ancestors = std::move(*ancestors);
995  } else {
996  // If CalculateMemPoolAncestors fails second time, we want the original error string.
997  const auto error_message{util::ErrorString(ancestors).original};
998 
999  // Carve-out is not allowed in this context; fail
1000  if (!args.m_allow_carveouts) {
1001  return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-long-mempool-chain", error_message);
1002  }
1003 
1004  // Contracting/payment channels CPFP carve-out:
1005  // If the new transaction is relatively small (up to 40k weight)
1006  // and has at most one ancestor (ie ancestor limit of 2, including
1007  // the new transaction), allow it if its parent has exactly the
1008  // descendant limit descendants. The transaction also cannot be v3,
1009  // as its topology restrictions do not allow a second child.
1010  //
1011  // This allows protocols which rely on distrusting counterparties
1012  // being able to broadcast descendants of an unconfirmed transaction
1013  // to be secure by simply only having two immediately-spendable
1014  // outputs - one for each counterparty. For more info on the uses for
1015  // this, see https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-November/016518.html
1016  CTxMemPool::Limits cpfp_carve_out_limits{
1017  .ancestor_count = 2,
1018  .ancestor_size_vbytes = maybe_rbf_limits.ancestor_size_vbytes,
1019  .descendant_count = maybe_rbf_limits.descendant_count + 1,
1020  .descendant_size_vbytes = maybe_rbf_limits.descendant_size_vbytes + EXTRA_DESCENDANT_TX_SIZE_LIMIT,
1021  };
1022  if (ws.m_vsize > EXTRA_DESCENDANT_TX_SIZE_LIMIT || ws.m_ptx->version == TRUC_VERSION) {
1023  return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-long-mempool-chain", error_message);
1024  }
1025  if (auto ancestors_retry{m_pool.CalculateMemPoolAncestors(*entry, cpfp_carve_out_limits)}) {
1026  ws.m_ancestors = std::move(*ancestors_retry);
1027  } else {
1028  return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-long-mempool-chain", error_message);
1029  }
1030  }
1031 
1032  // Even though just checking direct mempool parents for inheritance would be sufficient, we
1033  // check using the full ancestor set here because it's more convenient to use what we have
1034  // already calculated.
1035  if (const auto err{SingleV3Checks(ws.m_ptx, ws.m_ancestors, ws.m_conflicts, ws.m_vsize)}) {
1036  // Single transaction contexts only.
1037  if (args.m_allow_sibling_eviction && err->second != nullptr) {
1038  // We should only be considering where replacement is considered valid as well.
1039  Assume(args.m_allow_replacement);
1040 
1041  // Potential sibling eviction. Add the sibling to our list of mempool conflicts to be
1042  // included in RBF checks.
1043  ws.m_conflicts.insert(err->second->GetHash());
1044  // Adding the sibling to m_iters_conflicting here means that it doesn't count towards
1045  // RBF Carve Out above. This is correct, since removing to-be-replaced transactions from
1046  // the descendant count is done separately in SingleV3Checks for v3 transactions.
1047  ws.m_iters_conflicting.insert(m_pool.GetIter(err->second->GetHash()).value());
1048  ws.m_sibling_eviction = true;
1049  // The sibling will be treated as part of the to-be-replaced set in ReplacementChecks.
1050  // Note that we are not checking whether it opts in to replaceability via BIP125 or v3
1051  // (which is normally done in PreChecks). However, the only way a v3 transaction can
1052  // have a non-v3 and non-BIP125 descendant is due to a reorg.
1053  } else {
1054  return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "v3-rule-violation", err->first);
1055  }
1056  }
1057 
1058  // A transaction that spends outputs that would be replaced by it is invalid. Now
1059  // that we have the set of all ancestors we can detect this
1060  // pathological case by making sure ws.m_conflicts and ws.m_ancestors don't
1061  // intersect.
1062  if (const auto err_string{EntriesAndTxidsDisjoint(ws.m_ancestors, ws.m_conflicts, hash)}) {
1063  // We classify this as a consensus error because a transaction depending on something it
1064  // conflicts with would be inconsistent.
1065  return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-spends-conflicting-tx", *err_string);
1066  }
1067 
1068  // We want to detect conflicts in any tx in a package to trigger package RBF logic
1069  m_subpackage.m_rbf |= !ws.m_conflicts.empty();
1070  return true;
1071 }
1072 
1073 bool MemPoolAccept::ReplacementChecks(Workspace& ws)
1074 {
1076  AssertLockHeld(m_pool.cs);
1077 
1078  const CTransaction& tx = *ws.m_ptx;
1079  const uint256& hash = ws.m_hash;
1080  TxValidationState& state = ws.m_state;
1081 
1082  CFeeRate newFeeRate(ws.m_modified_fees, ws.m_vsize);
1083  // Enforce Rule #6. The replacement transaction must have a higher feerate than its direct conflicts.
1084  // - The motivation for this check is to ensure that the replacement transaction is preferable for
1085  // block-inclusion, compared to what would be removed from the mempool.
1086  // - This logic predates ancestor feerate-based transaction selection, which is why it doesn't
1087  // consider feerates of descendants.
1088  // - Note: Ancestor feerate-based transaction selection has made this comparison insufficient to
1089  // guarantee that this is incentive-compatible for miners, because it is possible for a
1090  // descendant transaction of a direct conflict to pay a higher feerate than the transaction that
1091  // might replace them, under these rules.
1092  if (const auto err_string{PaysMoreThanConflicts(ws.m_iters_conflicting, newFeeRate, hash)}) {
1093  // This fee-related failure is TX_RECONSIDERABLE because validating in a package may change
1094  // the result.
1096  strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1097  }
1098 
1099  // Calculate all conflicting entries and enforce Rule #5.
1100  if (const auto err_string{GetEntriesForConflicts(tx, m_pool, ws.m_iters_conflicting, m_subpackage.m_all_conflicts)}) {
1102  strprintf("too many potential replacements%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1103  }
1104  // Enforce Rule #2.
1105  if (const auto err_string{HasNoNewUnconfirmed(tx, m_pool, m_subpackage.m_all_conflicts)}) {
1106  // Sibling eviction is only done for v3 transactions, which cannot have multiple ancestors.
1107  Assume(!ws.m_sibling_eviction);
1109  strprintf("replacement-adds-unconfirmed%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1110  }
1111 
1112  // Check if it's economically rational to mine this transaction rather than the ones it
1113  // replaces and pays for its own relay fees. Enforce Rules #3 and #4.
1114  for (CTxMemPool::txiter it : m_subpackage.m_all_conflicts) {
1115  m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1116  m_subpackage.m_conflicting_size += it->GetTxSize();
1117  }
1118  if (const auto err_string{PaysForRBF(m_subpackage.m_conflicting_fees, ws.m_modified_fees, ws.m_vsize,
1119  m_pool.m_opts.incremental_relay_feerate, hash)}) {
1120  // Result may change in a package context
1122  strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1123  }
1124  return true;
1125 }
1126 
1127 bool MemPoolAccept::PackageMempoolChecks(const std::vector<CTransactionRef>& txns,
1128  std::vector<Workspace>& workspaces,
1129  const int64_t total_vsize,
1130  PackageValidationState& package_state)
1131 {
1133  AssertLockHeld(m_pool.cs);
1134 
1135  // CheckPackageLimits expects the package transactions to not already be in the mempool.
1136  assert(std::all_of(txns.cbegin(), txns.cend(), [this](const auto& tx)
1137  { return !m_pool.exists(GenTxid::Txid(tx->GetHash()));}));
1138 
1139  assert(txns.size() == workspaces.size());
1140 
1141  auto result = m_pool.CheckPackageLimits(txns, total_vsize);
1142  if (!result) {
1143  // This is a package-wide error, separate from an individual transaction error.
1144  return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package-mempool-limits", util::ErrorString(result).original);
1145  }
1146 
1147  // No conflicts means we're finished. Further checks are all RBF-only.
1148  if (!m_subpackage.m_rbf) return true;
1149 
1150  // We're in package RBF context; replacement proposal must be size 2
1151  if (workspaces.size() != 2 || !Assume(IsChildWithParents(txns))) {
1152  return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: package must be 1-parent-1-child");
1153  }
1154 
1155  // If the package has in-mempool ancestors, we won't consider a package RBF
1156  // since it would result in a cluster larger than 2.
1157  // N.B. To relax this constraint we will need to revisit how CCoinsViewMemPool::PackageAddTransaction
1158  // is being used inside AcceptMultipleTransactions to track available inputs while processing a package.
1159  for (const auto& ws : workspaces) {
1160  if (!ws.m_ancestors.empty()) {
1161  return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: new transaction cannot have mempool ancestors");
1162  }
1163  }
1164 
1165  // Aggregate all conflicts into one set.
1166  CTxMemPool::setEntries direct_conflict_iters;
1167  for (Workspace& ws : workspaces) {
1168  // Aggregate all conflicts into one set.
1169  direct_conflict_iters.merge(ws.m_iters_conflicting);
1170  }
1171 
1172  const auto& parent_ws = workspaces[0];
1173  const auto& child_ws = workspaces[1];
1174 
1175  // Don't consider replacements that would cause us to remove a large number of mempool entries.
1176  // This limit is not increased in a package RBF. Use the aggregate number of transactions.
1177  if (const auto err_string{GetEntriesForConflicts(*child_ws.m_ptx, m_pool, direct_conflict_iters,
1178  m_subpackage.m_all_conflicts)}) {
1179  return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1180  "package RBF failed: too many potential replacements", *err_string);
1181  }
1182 
1183  for (CTxMemPool::txiter it : m_subpackage.m_all_conflicts) {
1184  m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1185  m_subpackage.m_conflicting_size += it->GetTxSize();
1186  }
1187 
1188  // Use the child as the transaction for attributing errors to.
1189  const Txid& child_hash = child_ws.m_ptx->GetHash();
1190  if (const auto err_string{PaysForRBF(/*original_fees=*/m_subpackage.m_conflicting_fees,
1191  /*replacement_fees=*/m_subpackage.m_total_modified_fees,
1192  /*replacement_vsize=*/m_subpackage.m_total_vsize,
1193  m_pool.m_opts.incremental_relay_feerate, child_hash)}) {
1194  return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1195  "package RBF failed: insufficient anti-DoS fees", *err_string);
1196  }
1197 
1198  // Ensure this two transaction package is a "chunk" on its own; we don't want the child
1199  // to be only paying anti-DoS fees
1200  const CFeeRate parent_feerate(parent_ws.m_modified_fees, parent_ws.m_vsize);
1201  const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1202  if (package_feerate <= parent_feerate) {
1203  return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1204  "package RBF failed: package feerate is less than parent feerate",
1205  strprintf("package feerate %s <= parent feerate is %s", package_feerate.ToString(), parent_feerate.ToString()));
1206  }
1207 
1208  // Check if it's economically rational to mine this package rather than the ones it replaces.
1209  // This takes the place of ReplacementChecks()'s PaysMoreThanConflicts() in the package RBF setting.
1210  if (const auto err_tup{ImprovesFeerateDiagram(m_pool, direct_conflict_iters, m_subpackage.m_all_conflicts, m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize)}) {
1211  return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1212  "package RBF failed: " + err_tup.value().second, "");
1213  }
1214 
1215  LogPrint(BCLog::TXPACKAGES, "package RBF checks passed: parent %s (wtxid=%s), child %s (wtxid=%s)\n",
1216  txns.front()->GetHash().ToString(), txns.front()->GetWitnessHash().ToString(),
1217  txns.back()->GetHash().ToString(), txns.back()->GetWitnessHash().ToString());
1218 
1219 
1220  return true;
1221 }
1222 
1223 bool MemPoolAccept::PolicyScriptChecks(const ATMPArgs& args, Workspace& ws)
1224 {
1226  AssertLockHeld(m_pool.cs);
1227  const CTransaction& tx = *ws.m_ptx;
1228  TxValidationState& state = ws.m_state;
1229 
1230  constexpr unsigned int scriptVerifyFlags = STANDARD_SCRIPT_VERIFY_FLAGS;
1231 
1232  // Check input scripts and signatures.
1233  // This is done last to help prevent CPU exhaustion denial-of-service attacks.
1234  if (!CheckInputScripts(tx, state, m_view, scriptVerifyFlags, true, false, ws.m_precomputed_txdata)) {
1235  // SCRIPT_VERIFY_CLEANSTACK requires SCRIPT_VERIFY_WITNESS, so we
1236  // need to turn both off, and compare against just turning off CLEANSTACK
1237  // to see if the failure is specifically due to witness validation.
1238  TxValidationState state_dummy; // Want reported failures to be from first CheckInputScripts
1239  if (!tx.HasWitness() && CheckInputScripts(tx, state_dummy, m_view, scriptVerifyFlags & ~(SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_CLEANSTACK), true, false, ws.m_precomputed_txdata) &&
1240  !CheckInputScripts(tx, state_dummy, m_view, scriptVerifyFlags & ~SCRIPT_VERIFY_CLEANSTACK, true, false, ws.m_precomputed_txdata)) {
1241  // Only the witness is missing, so the transaction itself may be fine.
1243  state.GetRejectReason(), state.GetDebugMessage());
1244  }
1245  return false; // state filled in by CheckInputScripts
1246  }
1247 
1248  return true;
1249 }
1250 
1251 bool MemPoolAccept::ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws)
1252 {
1254  AssertLockHeld(m_pool.cs);
1255  const CTransaction& tx = *ws.m_ptx;
1256  const uint256& hash = ws.m_hash;
1257  TxValidationState& state = ws.m_state;
1258 
1259  // Check again against the current block tip's script verification
1260  // flags to cache our script execution flags. This is, of course,
1261  // useless if the next block has different script flags from the
1262  // previous one, but because the cache tracks script flags for us it
1263  // will auto-invalidate and we'll just have a few blocks of extra
1264  // misses on soft-fork activation.
1265  //
1266  // This is also useful in case of bugs in the standard flags that cause
1267  // transactions to pass as valid when they're actually invalid. For
1268  // instance the STRICTENC flag was incorrectly allowing certain
1269  // CHECKSIG NOT scripts to pass, even though they were invalid.
1270  //
1271  // There is a similar check in CreateNewBlock() to prevent creating
1272  // invalid blocks (using TestBlockValidity), however allowing such
1273  // transactions into the mempool can be exploited as a DoS attack.
1274  unsigned int currentBlockScriptVerifyFlags{GetBlockScriptFlags(*m_active_chainstate.m_chain.Tip(), m_active_chainstate.m_chainman)};
1275  if (!CheckInputsFromMempoolAndCache(tx, state, m_view, m_pool, currentBlockScriptVerifyFlags,
1276  ws.m_precomputed_txdata, m_active_chainstate.CoinsTip())) {
1277  LogPrintf("BUG! PLEASE REPORT THIS! CheckInputScripts failed against latest-block but not STANDARD flags %s, %s\n", hash.ToString(), state.ToString());
1278  return Assume(false);
1279  }
1280 
1281  return true;
1282 }
1283 
1284 bool MemPoolAccept::Finalize(const ATMPArgs& args, Workspace& ws)
1285 {
1287  AssertLockHeld(m_pool.cs);
1288  const CTransaction& tx = *ws.m_ptx;
1289  const uint256& hash = ws.m_hash;
1290  TxValidationState& state = ws.m_state;
1291  const bool bypass_limits = args.m_bypass_limits;
1292  std::unique_ptr<CTxMemPoolEntry>& entry = ws.m_entry;
1293 
1294  if (!m_subpackage.m_all_conflicts.empty()) Assume(args.m_allow_replacement);
1295  // Remove conflicting transactions from the mempool
1296  for (CTxMemPool::txiter it : m_subpackage.m_all_conflicts)
1297  {
1298  LogPrint(BCLog::MEMPOOL, "replacing mempool tx %s (wtxid=%s, fees=%s, vsize=%s). New tx %s (wtxid=%s, fees=%s, vsize=%s)\n",
1299  it->GetTx().GetHash().ToString(),
1300  it->GetTx().GetWitnessHash().ToString(),
1301  it->GetFee(),
1302  it->GetTxSize(),
1303  hash.ToString(),
1304  tx.GetWitnessHash().ToString(),
1305  entry->GetFee(),
1306  entry->GetTxSize());
1307  TRACE7(mempool, replaced,
1308  it->GetTx().GetHash().data(),
1309  it->GetTxSize(),
1310  it->GetFee(),
1311  std::chrono::duration_cast<std::chrono::duration<std::uint64_t>>(it->GetTime()).count(),
1312  hash.data(),
1313  entry->GetTxSize(),
1314  entry->GetFee()
1315  );
1316  m_subpackage.m_replaced_transactions.push_back(it->GetSharedTx());
1317  }
1318  m_pool.RemoveStaged(m_subpackage.m_all_conflicts, false, MemPoolRemovalReason::REPLACED);
1319  // Don't attempt to process the same conflicts repeatedly during subpackage evaluation:
1320  // they no longer exist on subsequent calls to Finalize() post-RemoveStaged
1321  m_subpackage.m_all_conflicts.clear();
1322  // Store transaction in memory
1323  m_pool.addUnchecked(*entry, ws.m_ancestors);
1324 
1325  // trim mempool and check if tx was trimmed
1326  // If we are validating a package, don't trim here because we could evict a previous transaction
1327  // in the package. LimitMempoolSize() should be called at the very end to make sure the mempool
1328  // is still within limits and package submission happens atomically.
1329  if (!args.m_package_submission && !bypass_limits) {
1330  LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1331  if (!m_pool.exists(GenTxid::Txid(hash)))
1332  // The tx no longer meets our (new) mempool minimum feerate but could be reconsidered in a package.
1333  return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool full");
1334  }
1335  return true;
1336 }
1337 
1338 bool MemPoolAccept::SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces,
1339  PackageValidationState& package_state,
1340  std::map<uint256, MempoolAcceptResult>& results)
1341 {
1343  AssertLockHeld(m_pool.cs);
1344  // Sanity check: none of the transactions should be in the mempool, and none of the transactions
1345  // should have a same-txid-different-witness equivalent in the mempool.
1346  assert(std::all_of(workspaces.cbegin(), workspaces.cend(), [this](const auto& ws){
1347  return !m_pool.exists(GenTxid::Txid(ws.m_ptx->GetHash())); }));
1348 
1349  bool all_submitted = true;
1350  // ConsensusScriptChecks adds to the script cache and is therefore consensus-critical;
1351  // CheckInputsFromMempoolAndCache asserts that transactions only spend coins available from the
1352  // mempool or UTXO set. Submit each transaction to the mempool immediately after calling
1353  // ConsensusScriptChecks to make the outputs available for subsequent transactions.
1354  for (Workspace& ws : workspaces) {
1355  if (!ConsensusScriptChecks(args, ws)) {
1356  results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1357  // Since PolicyScriptChecks() passed, this should never fail.
1358  Assume(false);
1359  all_submitted = false;
1361  strprintf("BUG! PolicyScriptChecks succeeded but ConsensusScriptChecks failed: %s",
1362  ws.m_ptx->GetHash().ToString()));
1363  }
1364 
1365  // Re-calculate mempool ancestors to call addUnchecked(). They may have changed since the
1366  // last calculation done in PreChecks, since package ancestors have already been submitted.
1367  {
1368  auto ancestors{m_pool.CalculateMemPoolAncestors(*ws.m_entry, m_pool.m_opts.limits)};
1369  if(!ancestors) {
1370  results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1371  // Since PreChecks() and PackageMempoolChecks() both enforce limits, this should never fail.
1372  Assume(false);
1373  all_submitted = false;
1375  strprintf("BUG! Mempool ancestors or descendants were underestimated: %s",
1376  ws.m_ptx->GetHash().ToString()));
1377  }
1378  ws.m_ancestors = std::move(ancestors).value_or(ws.m_ancestors);
1379  }
1380  // If we call LimitMempoolSize() for each individual Finalize(), the mempool will not take
1381  // the transaction's descendant feerate into account because it hasn't seen them yet. Also,
1382  // we risk evicting a transaction that a subsequent package transaction depends on. Instead,
1383  // allow the mempool to temporarily bypass limits, the maximum package size) while
1384  // submitting transactions individually and then trim at the very end.
1385  if (!Finalize(args, ws)) {
1386  results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1387  // Since LimitMempoolSize() won't be called, this should never fail.
1388  Assume(false);
1389  all_submitted = false;
1391  strprintf("BUG! Adding to mempool failed: %s", ws.m_ptx->GetHash().ToString()));
1392  }
1393  }
1394 
1395  std::vector<Wtxid> all_package_wtxids;
1396  all_package_wtxids.reserve(workspaces.size());
1397  std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1398  [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1399 
1400  if (!m_subpackage.m_replaced_transactions.empty()) {
1401  LogPrint(BCLog::MEMPOOL, "replaced %u mempool transactions with %u new one(s) for %s additional fees, %d delta bytes\n",
1402  m_subpackage.m_replaced_transactions.size(), workspaces.size(),
1403  m_subpackage.m_total_modified_fees - m_subpackage.m_conflicting_fees,
1404  m_subpackage.m_total_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1405  }
1406 
1407  // Add successful results. The returned results may change later if LimitMempoolSize() evicts them.
1408  for (Workspace& ws : workspaces) {
1409  const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1410  CFeeRate{ws.m_modified_fees, static_cast<uint32_t>(ws.m_vsize)};
1411  const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1412  std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1413  results.emplace(ws.m_ptx->GetWitnessHash(),
1414  MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1415  ws.m_base_fees, effective_feerate, effective_feerate_wtxids));
1416  if (!m_pool.m_opts.signals) continue;
1417  const CTransaction& tx = *ws.m_ptx;
1418  const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1419  ws.m_vsize, ws.m_entry->GetHeight(),
1420  args.m_bypass_limits, args.m_package_submission,
1421  IsCurrentForFeeEstimation(m_active_chainstate),
1422  m_pool.HasNoInputsOf(tx));
1423  m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1424  }
1425  return all_submitted;
1426 }
1427 
1428 MempoolAcceptResult MemPoolAccept::AcceptSingleTransaction(const CTransactionRef& ptx, ATMPArgs& args)
1429 {
1431  LOCK(m_pool.cs); // mempool "read lock" (held through m_pool.m_opts.signals->TransactionAddedToMempool())
1432 
1433  Workspace ws(ptx);
1434  const std::vector<Wtxid> single_wtxid{ws.m_ptx->GetWitnessHash()};
1435 
1436  if (!PreChecks(args, ws)) {
1437  if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1438  // Failed for fee reasons. Provide the effective feerate and which tx was included.
1439  return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1440  }
1441  return MempoolAcceptResult::Failure(ws.m_state);
1442  }
1443 
1444  // Individual modified feerate exceeded caller-defined max; abort
1445  if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1446  ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1447  return MempoolAcceptResult::Failure(ws.m_state);
1448  }
1449 
1450  if (m_subpackage.m_rbf && !ReplacementChecks(ws)) {
1451  if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1452  // Failed for incentives-based fee reasons. Provide the effective feerate and which tx was included.
1453  return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1454  }
1455  return MempoolAcceptResult::Failure(ws.m_state);
1456  }
1457 
1458  // Perform the inexpensive checks first and avoid hashing and signature verification unless
1459  // those checks pass, to mitigate CPU exhaustion denial-of-service attacks.
1460  if (!PolicyScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1461 
1462  if (!ConsensusScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1463 
1464  const CFeeRate effective_feerate{ws.m_modified_fees, static_cast<uint32_t>(ws.m_vsize)};
1465  // Tx was accepted, but not added
1466  if (args.m_test_accept) {
1467  return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1468  ws.m_base_fees, effective_feerate, single_wtxid);
1469  }
1470 
1471  if (!Finalize(args, ws)) {
1472  // The only possible failure reason is fee-related (mempool full).
1473  // Failed for fee reasons. Provide the effective feerate and which txns were included.
1474  Assume(ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE);
1475  return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), {ws.m_ptx->GetWitnessHash()});
1476  }
1477 
1478  if (m_pool.m_opts.signals) {
1479  const CTransaction& tx = *ws.m_ptx;
1480  const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1481  ws.m_vsize, ws.m_entry->GetHeight(),
1482  args.m_bypass_limits, args.m_package_submission,
1483  IsCurrentForFeeEstimation(m_active_chainstate),
1484  m_pool.HasNoInputsOf(tx));
1485  m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1486  }
1487 
1488  if (!m_subpackage.m_replaced_transactions.empty()) {
1489  LogPrint(BCLog::MEMPOOL, "replaced %u mempool transactions with 1 new transaction for %s additional fees, %d delta bytes\n",
1490  m_subpackage.m_replaced_transactions.size(),
1491  ws.m_modified_fees - m_subpackage.m_conflicting_fees,
1492  ws.m_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1493  }
1494 
1495  return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize, ws.m_base_fees,
1496  effective_feerate, single_wtxid);
1497 }
1498 
1499 PackageMempoolAcceptResult MemPoolAccept::AcceptMultipleTransactions(const std::vector<CTransactionRef>& txns, ATMPArgs& args)
1500 {
1502 
1503  // These context-free package limits can be done before taking the mempool lock.
1504  PackageValidationState package_state;
1505  if (!IsWellFormedPackage(txns, package_state, /*require_sorted=*/true)) return PackageMempoolAcceptResult(package_state, {});
1506 
1507  std::vector<Workspace> workspaces{};
1508  workspaces.reserve(txns.size());
1509  std::transform(txns.cbegin(), txns.cend(), std::back_inserter(workspaces),
1510  [](const auto& tx) { return Workspace(tx); });
1511  std::map<uint256, MempoolAcceptResult> results;
1512 
1513  LOCK(m_pool.cs);
1514 
1515  // Do all PreChecks first and fail fast to avoid running expensive script checks when unnecessary.
1516  for (Workspace& ws : workspaces) {
1517  if (!PreChecks(args, ws)) {
1518  package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1519  // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1520  results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1521  return PackageMempoolAcceptResult(package_state, std::move(results));
1522  }
1523 
1524  // Individual modified feerate exceeded caller-defined max; abort
1525  // N.B. this doesn't take into account CPFPs. Chunk-aware validation may be more robust.
1526  if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1527  // Need to set failure here both individually and at package level
1528  ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1529  package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1530  // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1531  results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1532  return PackageMempoolAcceptResult(package_state, std::move(results));
1533  }
1534 
1535  // Make the coins created by this transaction available for subsequent transactions in the
1536  // package to spend. If there are no conflicts within the package, no transaction can spend a coin
1537  // needed by another transaction in the package. We also need to make sure that no package
1538  // tx replaces (or replaces the ancestor of) the parent of another package tx. As long as we
1539  // check these two things, we don't need to track the coins spent.
1540  // If a package tx conflicts with a mempool tx, PackageMempoolChecks() ensures later that any package RBF attempt
1541  // has *no* in-mempool ancestors, so we don't have to worry about subsequent transactions in
1542  // same package spending the same in-mempool outpoints. This needs to be revisited for general
1543  // package RBF.
1544  m_viewmempool.PackageAddTransaction(ws.m_ptx);
1545  }
1546 
1547  // At this point we have all in-mempool ancestors, and we know every transaction's vsize.
1548  // Run the v3 checks on the package.
1549  for (Workspace& ws : workspaces) {
1550  if (auto err{PackageV3Checks(ws.m_ptx, ws.m_vsize, txns, ws.m_ancestors)}) {
1551  package_state.Invalid(PackageValidationResult::PCKG_POLICY, "v3-violation", err.value());
1552  return PackageMempoolAcceptResult(package_state, {});
1553  }
1554  }
1555 
1556  // Transactions must meet two minimum feerates: the mempool minimum fee and min relay fee.
1557  // For transactions consisting of exactly one child and its parents, it suffices to use the
1558  // package feerate (total modified fees / total virtual size) to check this requirement.
1559  // Note that this is an aggregate feerate; this function has not checked that there are transactions
1560  // too low feerate to pay for themselves, or that the child transactions are higher feerate than
1561  // their parents. Using aggregate feerate may allow "parents pay for child" behavior and permit
1562  // a child that is below mempool minimum feerate. To avoid these behaviors, callers of
1563  // AcceptMultipleTransactions need to restrict txns topology (e.g. to ancestor sets) and check
1564  // the feerates of individuals and subsets.
1565  m_subpackage.m_total_vsize = std::accumulate(workspaces.cbegin(), workspaces.cend(), int64_t{0},
1566  [](int64_t sum, auto& ws) { return sum + ws.m_vsize; });
1567  m_subpackage.m_total_modified_fees = std::accumulate(workspaces.cbegin(), workspaces.cend(), CAmount{0},
1568  [](CAmount sum, auto& ws) { return sum + ws.m_modified_fees; });
1569  const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1570  std::vector<Wtxid> all_package_wtxids;
1571  all_package_wtxids.reserve(workspaces.size());
1572  std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1573  [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1574  TxValidationState placeholder_state;
1575  if (args.m_package_feerates &&
1576  !CheckFeeRate(m_subpackage.m_total_vsize, m_subpackage.m_total_modified_fees, placeholder_state)) {
1577  package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1578  return PackageMempoolAcceptResult(package_state, {{workspaces.back().m_ptx->GetWitnessHash(),
1579  MempoolAcceptResult::FeeFailure(placeholder_state, CFeeRate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize), all_package_wtxids)}});
1580  }
1581 
1582  // Apply package mempool ancestor/descendant limits. Skip if there is only one transaction,
1583  // because it's unnecessary.
1584  if (txns.size() > 1 && !PackageMempoolChecks(txns, workspaces, m_subpackage.m_total_vsize, package_state)) {
1585  return PackageMempoolAcceptResult(package_state, std::move(results));
1586  }
1587 
1588  for (Workspace& ws : workspaces) {
1589  ws.m_package_feerate = package_feerate;
1590  if (!PolicyScriptChecks(args, ws)) {
1591  // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1592  package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1593  results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1594  return PackageMempoolAcceptResult(package_state, std::move(results));
1595  }
1596  if (args.m_test_accept) {
1597  const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1598  CFeeRate{ws.m_modified_fees, static_cast<uint32_t>(ws.m_vsize)};
1599  const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1600  std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1601  results.emplace(ws.m_ptx->GetWitnessHash(),
1602  MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions),
1603  ws.m_vsize, ws.m_base_fees, effective_feerate,
1604  effective_feerate_wtxids));
1605  }
1606  }
1607 
1608  if (args.m_test_accept) return PackageMempoolAcceptResult(package_state, std::move(results));
1609 
1610  if (!SubmitPackage(args, workspaces, package_state, results)) {
1611  // PackageValidationState filled in by SubmitPackage().
1612  return PackageMempoolAcceptResult(package_state, std::move(results));
1613  }
1614 
1615  return PackageMempoolAcceptResult(package_state, std::move(results));
1616 }
1617 
1618 void MemPoolAccept::CleanupTemporaryCoins()
1619 {
1620  // There are 3 kinds of coins in m_view:
1621  // (1) Temporary coins from the transactions in subpackage, constructed by m_viewmempool.
1622  // (2) Mempool coins from transactions in the mempool, constructed by m_viewmempool.
1623  // (3) Confirmed coins fetched from our current UTXO set.
1624  //
1625  // (1) Temporary coins need to be removed, regardless of whether the transaction was submitted.
1626  // If the transaction was submitted to the mempool, m_viewmempool will be able to fetch them from
1627  // there. If it wasn't submitted to mempool, it is incorrect to keep them - future calls may try
1628  // to spend those coins that don't actually exist.
1629  // (2) Mempool coins also need to be removed. If the mempool contents have changed as a result
1630  // of submitting or replacing transactions, coins previously fetched from mempool may now be
1631  // spent or nonexistent. Those coins need to be deleted from m_view.
1632  // (3) Confirmed coins don't need to be removed. The chainstate has not changed (we are
1633  // holding cs_main and no blocks have been processed) so the confirmed tx cannot disappear like
1634  // a mempool tx can. The coin may now be spent after we submitted a tx to mempool, but
1635  // we have already checked that the package does not have 2 transactions spending the same coin.
1636  // Keeping them in m_view is an optimization to not re-fetch confirmed coins if we later look up
1637  // inputs for this transaction again.
1638  for (const auto& outpoint : m_viewmempool.GetNonBaseCoins()) {
1639  // In addition to resetting m_viewmempool, we also need to manually delete these coins from
1640  // m_view because it caches copies of the coins it fetched from m_viewmempool previously.
1641  m_view.Uncache(outpoint);
1642  }
1643  // This deletes the temporary and mempool coins.
1644  m_viewmempool.Reset();
1645 }
1646 
1647 PackageMempoolAcceptResult MemPoolAccept::AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
1648 {
1650  AssertLockHeld(m_pool.cs);
1651  auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs) {
1652  if (subpackage.size() > 1) {
1653  return AcceptMultipleTransactions(subpackage, args);
1654  }
1655  const auto& tx = subpackage.front();
1656  ATMPArgs single_args = ATMPArgs::SingleInPackageAccept(args);
1657  const auto single_res = AcceptSingleTransaction(tx, single_args);
1658  PackageValidationState package_state_wrapped;
1659  if (single_res.m_result_type != MempoolAcceptResult::ResultType::VALID) {
1660  package_state_wrapped.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1661  }
1662  return PackageMempoolAcceptResult(package_state_wrapped, {{tx->GetWitnessHash(), single_res}});
1663  }();
1664 
1665  // Clean up m_view and m_viewmempool so that other subpackage evaluations don't have access to
1666  // coins they shouldn't. Keep some coins in order to minimize re-fetching coins from the UTXO set.
1667  // Clean up package feerate and rbf calculations
1668  ClearSubPackageState();
1669 
1670  return result;
1671 }
1672 
1673 PackageMempoolAcceptResult MemPoolAccept::AcceptPackage(const Package& package, ATMPArgs& args)
1674 {
1676  // Used if returning a PackageMempoolAcceptResult directly from this function.
1677  PackageValidationState package_state_quit_early;
1678 
1679  // Check that the package is well-formed. If it isn't, we won't try to validate any of the
1680  // transactions and thus won't return any MempoolAcceptResults, just a package-wide error.
1681 
1682  // Context-free package checks.
1683  if (!IsWellFormedPackage(package, package_state_quit_early, /*require_sorted=*/true)) {
1684  return PackageMempoolAcceptResult(package_state_quit_early, {});
1685  }
1686 
1687  // All transactions in the package must be a parent of the last transaction. This is just an
1688  // opportunity for us to fail fast on a context-free check without taking the mempool lock.
1689  if (!IsChildWithParents(package)) {
1690  package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-parents");
1691  return PackageMempoolAcceptResult(package_state_quit_early, {});
1692  }
1693 
1694  // IsChildWithParents() guarantees the package is > 1 transactions.
1695  assert(package.size() > 1);
1696  // The package must be 1 child with all of its unconfirmed parents. The package is expected to
1697  // be sorted, so the last transaction is the child.
1698  const auto& child = package.back();
1699  std::unordered_set<uint256, SaltedTxidHasher> unconfirmed_parent_txids;
1700  std::transform(package.cbegin(), package.cend() - 1,
1701  std::inserter(unconfirmed_parent_txids, unconfirmed_parent_txids.end()),
1702  [](const auto& tx) { return tx->GetHash(); });
1703 
1704  // All child inputs must refer to a preceding package transaction or a confirmed UTXO. The only
1705  // way to verify this is to look up the child's inputs in our current coins view (not including
1706  // mempool), and enforce that all parents not present in the package be available at chain tip.
1707  // Since this check can bring new coins into the coins cache, keep track of these coins and
1708  // uncache them if we don't end up submitting this package to the mempool.
1709  const CCoinsViewCache& coins_tip_cache = m_active_chainstate.CoinsTip();
1710  for (const auto& input : child->vin) {
1711  if (!coins_tip_cache.HaveCoinInCache(input.prevout)) {
1712  args.m_coins_to_uncache.push_back(input.prevout);
1713  }
1714  }
1715  // Using the MemPoolAccept m_view cache allows us to look up these same coins faster later.
1716  // This should be connecting directly to CoinsTip, not to m_viewmempool, because we specifically
1717  // require inputs to be confirmed if they aren't in the package.
1718  m_view.SetBackend(m_active_chainstate.CoinsTip());
1719  const auto package_or_confirmed = [this, &unconfirmed_parent_txids](const auto& input) {
1720  return unconfirmed_parent_txids.count(input.prevout.hash) > 0 || m_view.HaveCoin(input.prevout);
1721  };
1722  if (!std::all_of(child->vin.cbegin(), child->vin.cend(), package_or_confirmed)) {
1723  package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-unconfirmed-parents");
1724  return PackageMempoolAcceptResult(package_state_quit_early, {});
1725  }
1726  // Protect against bugs where we pull more inputs from disk that miss being added to
1727  // coins_to_uncache. The backend will be connected again when needed in PreChecks.
1728  m_view.SetBackend(m_dummy);
1729 
1730  LOCK(m_pool.cs);
1731  // Stores results from which we will create the returned PackageMempoolAcceptResult.
1732  // A result may be changed if a mempool transaction is evicted later due to LimitMempoolSize().
1733  std::map<uint256, MempoolAcceptResult> results_final;
1734  // Results from individual validation which will be returned if no other result is available for
1735  // this transaction. "Nonfinal" because if a transaction fails by itself but succeeds later
1736  // (i.e. when evaluated with a fee-bumping child), the result in this map may be discarded.
1737  std::map<uint256, MempoolAcceptResult> individual_results_nonfinal;
1738  bool quit_early{false};
1739  std::vector<CTransactionRef> txns_package_eval;
1740  for (const auto& tx : package) {
1741  const auto& wtxid = tx->GetWitnessHash();
1742  const auto& txid = tx->GetHash();
1743  // There are 3 possibilities: already in mempool, same-txid-diff-wtxid already in mempool,
1744  // or not in mempool. An already confirmed tx is treated as one not in mempool, because all
1745  // we know is that the inputs aren't available.
1746  if (m_pool.exists(GenTxid::Wtxid(wtxid))) {
1747  // Exact transaction already exists in the mempool.
1748  // Node operators are free to set their mempool policies however they please, nodes may receive
1749  // transactions in different orders, and malicious counterparties may try to take advantage of
1750  // policy differences to pin or delay propagation of transactions. As such, it's possible for
1751  // some package transaction(s) to already be in the mempool, and we don't want to reject the
1752  // entire package in that case (as that could be a censorship vector). De-duplicate the
1753  // transactions that are already in the mempool, and only call AcceptMultipleTransactions() with
1754  // the new transactions. This ensures we don't double-count transaction counts and sizes when
1755  // checking ancestor/descendant limits, or double-count transaction fees for fee-related policy.
1756  const auto& entry{*Assert(m_pool.GetEntry(txid))};
1757  results_final.emplace(wtxid, MempoolAcceptResult::MempoolTx(entry.GetTxSize(), entry.GetFee()));
1758  } else if (m_pool.exists(GenTxid::Txid(txid))) {
1759  // Transaction with the same non-witness data but different witness (same txid,
1760  // different wtxid) already exists in the mempool.
1761  //
1762  // We don't allow replacement transactions right now, so just swap the package
1763  // transaction for the mempool one. Note that we are ignoring the validity of the
1764  // package transaction passed in.
1765  // TODO: allow witness replacement in packages.
1766  const auto& entry{*Assert(m_pool.GetEntry(txid))};
1767  // Provide the wtxid of the mempool tx so that the caller can look it up in the mempool.
1768  results_final.emplace(wtxid, MempoolAcceptResult::MempoolTxDifferentWitness(entry.GetTx().GetWitnessHash()));
1769  } else {
1770  // Transaction does not already exist in the mempool.
1771  // Try submitting the transaction on its own.
1772  const auto single_package_res = AcceptSubPackage({tx}, args);
1773  const auto& single_res = single_package_res.m_tx_results.at(wtxid);
1774  if (single_res.m_result_type == MempoolAcceptResult::ResultType::VALID) {
1775  // The transaction succeeded on its own and is now in the mempool. Don't include it
1776  // in package validation, because its fees should only be "used" once.
1777  assert(m_pool.exists(GenTxid::Wtxid(wtxid)));
1778  results_final.emplace(wtxid, single_res);
1779  } else if (single_res.m_state.GetResult() != TxValidationResult::TX_RECONSIDERABLE &&
1780  single_res.m_state.GetResult() != TxValidationResult::TX_MISSING_INPUTS) {
1781  // Package validation policy only differs from individual policy in its evaluation
1782  // of feerate. For example, if a transaction fails here due to violation of a
1783  // consensus rule, the result will not change when it is submitted as part of a
1784  // package. To minimize the amount of repeated work, unless the transaction fails
1785  // due to feerate or missing inputs (its parent is a previous transaction in the
1786  // package that failed due to feerate), don't run package validation. Note that this
1787  // decision might not make sense if different types of packages are allowed in the
1788  // future. Continue individually validating the rest of the transactions, because
1789  // some of them may still be valid.
1790  quit_early = true;
1791  package_state_quit_early.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1792  individual_results_nonfinal.emplace(wtxid, single_res);
1793  } else {
1794  individual_results_nonfinal.emplace(wtxid, single_res);
1795  txns_package_eval.push_back(tx);
1796  }
1797  }
1798  }
1799 
1800  auto multi_submission_result = quit_early || txns_package_eval.empty() ? PackageMempoolAcceptResult(package_state_quit_early, {}) :
1801  AcceptSubPackage(txns_package_eval, args);
1802  PackageValidationState& package_state_final = multi_submission_result.m_state;
1803 
1804  // Make sure we haven't exceeded max mempool size.
1805  // Package transactions that were submitted to mempool or already in mempool may be evicted.
1806  LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1807 
1808  for (const auto& tx : package) {
1809  const auto& wtxid = tx->GetWitnessHash();
1810  if (multi_submission_result.m_tx_results.count(wtxid) > 0) {
1811  // We shouldn't have re-submitted if the tx result was already in results_final.
1812  Assume(results_final.count(wtxid) == 0);
1813  // If it was submitted, check to see if the tx is still in the mempool. It could have
1814  // been evicted due to LimitMempoolSize() above.
1815  const auto& txresult = multi_submission_result.m_tx_results.at(wtxid);
1816  if (txresult.m_result_type == MempoolAcceptResult::ResultType::VALID && !m_pool.exists(GenTxid::Wtxid(wtxid))) {
1817  package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1818  TxValidationState mempool_full_state;
1819  mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1820  results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1821  } else {
1822  results_final.emplace(wtxid, txresult);
1823  }
1824  } else if (const auto it{results_final.find(wtxid)}; it != results_final.end()) {
1825  // Already-in-mempool transaction. Check to see if it's still there, as it could have
1826  // been evicted when LimitMempoolSize() was called.
1827  Assume(it->second.m_result_type != MempoolAcceptResult::ResultType::INVALID);
1828  Assume(individual_results_nonfinal.count(wtxid) == 0);
1829  // Query by txid to include the same-txid-different-witness ones.
1830  if (!m_pool.exists(GenTxid::Txid(tx->GetHash()))) {
1831  package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1832  TxValidationState mempool_full_state;
1833  mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1834  // Replace the previous result.
1835  results_final.erase(wtxid);
1836  results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1837  }
1838  } else if (const auto it{individual_results_nonfinal.find(wtxid)}; it != individual_results_nonfinal.end()) {
1839  Assume(it->second.m_result_type == MempoolAcceptResult::ResultType::INVALID);
1840  // Interesting result from previous processing.
1841  results_final.emplace(wtxid, it->second);
1842  }
1843  }
1844  Assume(results_final.size() == package.size());
1845  return PackageMempoolAcceptResult(package_state_final, std::move(results_final));
1846 }
1847 
1848 } // anon namespace
1849 
1851  int64_t accept_time, bool bypass_limits, bool test_accept)
1853 {
1855  const CChainParams& chainparams{active_chainstate.m_chainman.GetParams()};
1856  assert(active_chainstate.GetMempool() != nullptr);
1857  CTxMemPool& pool{*active_chainstate.GetMempool()};
1858 
1859  std::vector<COutPoint> coins_to_uncache;
1860  auto args = MemPoolAccept::ATMPArgs::SingleAccept(chainparams, accept_time, bypass_limits, coins_to_uncache, test_accept);
1861  MempoolAcceptResult result = MemPoolAccept(pool, active_chainstate).AcceptSingleTransaction(tx, args);
1863  // Remove coins that were not present in the coins cache before calling
1864  // AcceptSingleTransaction(); this is to prevent memory DoS in case we receive a large
1865  // number of invalid transactions that attempt to overrun the in-memory coins cache
1866  // (`CCoinsViewCache::cacheCoins`).
1867 
1868  for (const COutPoint& hashTx : coins_to_uncache)
1869  active_chainstate.CoinsTip().Uncache(hashTx);
1870  TRACE2(mempool, rejected,
1871  tx->GetHash().data(),
1872  result.m_state.GetRejectReason().c_str()
1873  );
1874  }
1875  // After we've (potentially) uncached entries, ensure our coins cache is still within its size limits
1876  BlockValidationState state_dummy;
1877  active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1878  return result;
1879 }
1880 
1882  const Package& package, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
1883 {
1885  assert(!package.empty());
1886  assert(std::all_of(package.cbegin(), package.cend(), [](const auto& tx){return tx != nullptr;}));
1887 
1888  std::vector<COutPoint> coins_to_uncache;
1889  const CChainParams& chainparams = active_chainstate.m_chainman.GetParams();
1890  auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
1892  if (test_accept) {
1893  auto args = MemPoolAccept::ATMPArgs::PackageTestAccept(chainparams, GetTime(), coins_to_uncache);
1894  return MemPoolAccept(pool, active_chainstate).AcceptMultipleTransactions(package, args);
1895  } else {
1896  auto args = MemPoolAccept::ATMPArgs::PackageChildWithParents(chainparams, GetTime(), coins_to_uncache, client_maxfeerate);
1897  return MemPoolAccept(pool, active_chainstate).AcceptPackage(package, args);
1898  }
1899  }();
1900 
1901  // Uncache coins pertaining to transactions that were not submitted to the mempool.
1902  if (test_accept || result.m_state.IsInvalid()) {
1903  for (const COutPoint& hashTx : coins_to_uncache) {
1904  active_chainstate.CoinsTip().Uncache(hashTx);
1905  }
1906  }
1907  // Ensure the coins cache is still within limits.
1908  BlockValidationState state_dummy;
1909  active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1910  return result;
1911 }
1912 
1913 CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams)
1914 {
1915  int halvings = nHeight / consensusParams.nSubsidyHalvingInterval;
1916  // Force block reward to zero when right shift is undefined.
1917  if (halvings >= 64)
1918  return 0;
1919 
1920  CAmount nSubsidy = 50 * COIN;
1921  // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years.
1922  nSubsidy >>= halvings;
1923  return nSubsidy;
1924 }
1925 
1927  : m_dbview{std::move(db_params), std::move(options)},
1928  m_catcherview(&m_dbview) {}
1929 
1930 void CoinsViews::InitCache()
1931 {
1933  m_cacheview = std::make_unique<CCoinsViewCache>(&m_catcherview);
1934 }
1935 
1937  CTxMemPool* mempool,
1938  BlockManager& blockman,
1939  ChainstateManager& chainman,
1940  std::optional<uint256> from_snapshot_blockhash)
1941  : m_mempool(mempool),
1942  m_blockman(blockman),
1943  m_chainman(chainman),
1944  m_from_snapshot_blockhash(from_snapshot_blockhash) {}
1945 
1946 const CBlockIndex* Chainstate::SnapshotBase()
1947 {
1948  if (!m_from_snapshot_blockhash) return nullptr;
1949  if (!m_cached_snapshot_base) m_cached_snapshot_base = Assert(m_chainman.m_blockman.LookupBlockIndex(*m_from_snapshot_blockhash));
1950  return m_cached_snapshot_base;
1951 }
1952 
1953 void Chainstate::InitCoinsDB(
1954  size_t cache_size_bytes,
1955  bool in_memory,
1956  bool should_wipe,
1957  fs::path leveldb_name)
1958 {
1960  leveldb_name += node::SNAPSHOT_CHAINSTATE_SUFFIX;
1961  }
1962 
1963  m_coins_views = std::make_unique<CoinsViews>(
1964  DBParams{
1965  .path = m_chainman.m_options.datadir / leveldb_name,
1966  .cache_bytes = cache_size_bytes,
1967  .memory_only = in_memory,
1968  .wipe_data = should_wipe,
1969  .obfuscate = true,
1970  .options = m_chainman.m_options.coins_db},
1972 }
1973 
1974 void Chainstate::InitCoinsCache(size_t cache_size_bytes)
1975 {
1977  assert(m_coins_views != nullptr);
1978  m_coinstip_cache_size_bytes = cache_size_bytes;
1979  m_coins_views->InitCache();
1980 }
1981 
1982 // Note that though this is marked const, we may end up modifying `m_cached_finished_ibd`, which
1983 // is a performance-related implementation detail. This function must be marked
1984 // `const` so that `CValidationInterface` clients (which are given a `const Chainstate*`)
1985 // can call it.
1986 //
1988 {
1989  // Optimization: pre-test latch before taking the lock.
1990  if (m_cached_finished_ibd.load(std::memory_order_relaxed))
1991  return false;
1992 
1993  LOCK(cs_main);
1994  if (m_cached_finished_ibd.load(std::memory_order_relaxed))
1995  return false;
1996  if (m_blockman.LoadingBlocks()) {
1997  return true;
1998  }
1999  CChain& chain{ActiveChain()};
2000  if (chain.Tip() == nullptr) {
2001  return true;
2002  }
2003  if (chain.Tip()->nChainWork < MinimumChainWork()) {
2004  return true;
2005  }
2006  if (chain.Tip()->Time() < Now<NodeSeconds>() - m_options.max_tip_age) {
2007  return true;
2008  }
2009  LogPrintf("Leaving InitialBlockDownload (latching to false)\n");
2010  m_cached_finished_ibd.store(true, std::memory_order_relaxed);
2011  return false;
2012 }
2013 
2015 {
2017 
2018  // Before we get past initial download, we cannot reliably alert about forks
2019  // (we assume we don't get stuck on a fork before finishing our initial sync)
2021  return;
2022  }
2023 
2024  if (m_chainman.m_best_invalid && m_chainman.m_best_invalid->nChainWork > m_chain.Tip()->nChainWork + (GetBlockProof(*m_chain.Tip()) * 6)) {
2025  LogPrintf("%s: Warning: Found invalid chain at least ~6 blocks longer than our best chain.\nChain state database corruption likely.\n", __func__);
2028  _("Warning: We do not appear to fully agree with our peers! You may need to upgrade, or other nodes may need to upgrade."));
2029  } else {
2031  }
2032 }
2033 
2034 // Called both upon regular invalid block discovery *and* InvalidateBlock
2036 {
2038  if (!m_chainman.m_best_invalid || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork) {
2039  m_chainman.m_best_invalid = pindexNew;
2040  }
2041  if (m_chainman.m_best_header != nullptr && m_chainman.m_best_header->GetAncestor(pindexNew->nHeight) == pindexNew) {
2042  m_chainman.m_best_header = m_chain.Tip();
2043  }
2044 
2045  LogPrintf("%s: invalid block=%s height=%d log2_work=%f date=%s\n", __func__,
2046  pindexNew->GetBlockHash().ToString(), pindexNew->nHeight,
2047  log(pindexNew->nChainWork.getdouble())/log(2.0), FormatISO8601DateTime(pindexNew->GetBlockTime()));
2048  CBlockIndex *tip = m_chain.Tip();
2049  assert (tip);
2050  LogPrintf("%s: current best=%s height=%d log2_work=%f date=%s\n", __func__,
2051  tip->GetBlockHash().ToString(), m_chain.Height(), log(tip->nChainWork.getdouble())/log(2.0),
2054 }
2055 
2056 // Same as InvalidChainFound, above, except not called directly from InvalidateBlock,
2057 // which does its own setBlockIndexCandidates management.
2059 {
2062  pindex->nStatus |= BLOCK_FAILED_VALID;
2063  m_chainman.m_failed_blocks.insert(pindex);
2064  m_blockman.m_dirty_blockindex.insert(pindex);
2065  setBlockIndexCandidates.erase(pindex);
2066  InvalidChainFound(pindex);
2067  }
2068 }
2069 
2070 void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo &txundo, int nHeight)
2071 {
2072  // mark inputs spent
2073  if (!tx.IsCoinBase()) {
2074  txundo.vprevout.reserve(tx.vin.size());
2075  for (const CTxIn &txin : tx.vin) {
2076  txundo.vprevout.emplace_back();
2077  bool is_spent = inputs.SpendCoin(txin.prevout, &txundo.vprevout.back());
2078  assert(is_spent);
2079  }
2080  }
2081  // add outputs
2082  AddCoins(inputs, tx, nHeight);
2083 }
2084 
2086  const CScript &scriptSig = ptxTo->vin[nIn].scriptSig;
2087  const CScriptWitness *witness = &ptxTo->vin[nIn].scriptWitness;
2089 }
2090 
2093 
2094 bool InitScriptExecutionCache(size_t max_size_bytes)
2095 {
2096  // Setup the salted hasher
2098  // We want the nonce to be 64 bytes long to force the hasher to process
2099  // this chunk, which makes later hash computations more efficient. We
2100  // just write our 32-byte entropy twice to fill the 64 bytes.
2103 
2104  auto setup_results = g_scriptExecutionCache.setup_bytes(max_size_bytes);
2105  if (!setup_results) return false;
2106 
2107  const auto [num_elems, approx_size_bytes] = *setup_results;
2108  LogPrintf("Using %zu MiB out of %zu MiB requested for script execution cache, able to store %zu elements\n",
2109  approx_size_bytes >> 20, max_size_bytes >> 20, num_elems);
2110  return true;
2111 }
2112 
2133  const CCoinsViewCache& inputs, unsigned int flags, bool cacheSigStore,
2134  bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
2135  std::vector<CScriptCheck>* pvChecks)
2136 {
2137  if (tx.IsCoinBase()) return true;
2138 
2139  if (pvChecks) {
2140  pvChecks->reserve(tx.vin.size());
2141  }
2142 
2143  // First check if script executions have been cached with the same
2144  // flags. Note that this assumes that the inputs provided are
2145  // correct (ie that the transaction hash which is in tx's prevouts
2146  // properly commits to the scriptPubKey in the inputs view of that
2147  // transaction).
2148  uint256 hashCacheEntry;
2150  hasher.Write(UCharCast(tx.GetWitnessHash().begin()), 32).Write((unsigned char*)&flags, sizeof(flags)).Finalize(hashCacheEntry.begin());
2151  AssertLockHeld(cs_main); //TODO: Remove this requirement by making CuckooCache not require external locks
2152  if (g_scriptExecutionCache.contains(hashCacheEntry, !cacheFullScriptStore)) {
2153  return true;
2154  }
2155 
2156  if (!txdata.m_spent_outputs_ready) {
2157  std::vector<CTxOut> spent_outputs;
2158  spent_outputs.reserve(tx.vin.size());
2159 
2160  for (const auto& txin : tx.vin) {
2161  const COutPoint& prevout = txin.prevout;
2162  const Coin& coin = inputs.AccessCoin(prevout);
2163  assert(!coin.IsSpent());
2164  spent_outputs.emplace_back(coin.out);
2165  }
2166  txdata.Init(tx, std::move(spent_outputs));
2167  }
2168  assert(txdata.m_spent_outputs.size() == tx.vin.size());
2169 
2170  for (unsigned int i = 0; i < tx.vin.size(); i++) {
2171 
2172  // We very carefully only pass in things to CScriptCheck which
2173  // are clearly committed to by tx' witness hash. This provides
2174  // a sanity check that our caching is not introducing consensus
2175  // failures through additional data in, eg, the coins being
2176  // spent being checked as a part of CScriptCheck.
2177 
2178  // Verify signature
2179  CScriptCheck check(txdata.m_spent_outputs[i], tx, i, flags, cacheSigStore, &txdata);
2180  if (pvChecks) {
2181  pvChecks->emplace_back(std::move(check));
2182  } else if (!check()) {
2184  // Check whether the failure was caused by a
2185  // non-mandatory script verification check, such as
2186  // non-standard DER encodings or non-null dummy
2187  // arguments; if so, ensure we return NOT_STANDARD
2188  // instead of CONSENSUS to avoid downstream users
2189  // splitting the network between upgraded and
2190  // non-upgraded nodes by banning CONSENSUS-failing
2191  // data providers.
2192  CScriptCheck check2(txdata.m_spent_outputs[i], tx, i,
2193  flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, cacheSigStore, &txdata);
2194  if (check2())
2195  return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("non-mandatory-script-verify-flag (%s)", ScriptErrorString(check.GetScriptError())));
2196  }
2197  // MANDATORY flag failures correspond to
2198  // TxValidationResult::TX_CONSENSUS. Because CONSENSUS
2199  // failures are the most serious case of validation
2200  // failures, we may need to consider using
2201  // RECENT_CONSENSUS_CHANGE for any script failure that
2202  // could be due to non-upgraded nodes which we may want to
2203  // support, to avoid splitting the network (but this
2204  // depends on the details of how net_processing handles
2205  // such errors).
2206  return state.Invalid(TxValidationResult::TX_CONSENSUS, strprintf("mandatory-script-verify-flag-failed (%s)", ScriptErrorString(check.GetScriptError())));
2207  }
2208  }
2209 
2210  if (cacheFullScriptStore && !pvChecks) {
2211  // We executed all of the provided scripts, and were told to
2212  // cache the result. Do so now.
2213  g_scriptExecutionCache.insert(hashCacheEntry);
2214  }
2215 
2216  return true;
2217 }
2218 
2219 bool FatalError(Notifications& notifications, BlockValidationState& state, const bilingual_str& message)
2220 {
2221  notifications.fatalError(message);
2222  return state.Error(message.original);
2223 }
2224 
2232 int ApplyTxInUndo(Coin&& undo, CCoinsViewCache& view, const COutPoint& out)
2233 {
2234  bool fClean = true;
2235 
2236  if (view.HaveCoin(out)) fClean = false; // overwriting transaction output
2237 
2238  if (undo.nHeight == 0) {
2239  // Missing undo metadata (height and coinbase). Older versions included this
2240  // information only in undo records for the last spend of a transactions'
2241  // outputs. This implies that it must be present for some other output of the same tx.
2242  const Coin& alternate = AccessByTxid(view, out.hash);
2243  if (!alternate.IsSpent()) {
2244  undo.nHeight = alternate.nHeight;
2245  undo.fCoinBase = alternate.fCoinBase;
2246  } else {
2247  return DISCONNECT_FAILED; // adding output for transaction without known metadata
2248  }
2249  }
2250  // If the coin already exists as an unspent coin in the cache, then the
2251  // possible_overwrite parameter to AddCoin must be set to true. We have
2252  // already checked whether an unspent coin exists above using HaveCoin, so
2253  // we don't need to guess. When fClean is false, an unspent coin already
2254  // existed and it is an overwrite.
2255  view.AddCoin(out, std::move(undo), !fClean);
2256 
2257  return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2258 }
2259 
2262 DisconnectResult Chainstate::DisconnectBlock(const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
2263 {
2265  bool fClean = true;
2266 
2267  CBlockUndo blockUndo;
2268  if (!m_blockman.UndoReadFromDisk(blockUndo, *pindex)) {
2269  LogError("DisconnectBlock(): failure reading undo data\n");
2270  return DISCONNECT_FAILED;
2271  }
2272 
2273  if (blockUndo.vtxundo.size() + 1 != block.vtx.size()) {
2274  LogError("DisconnectBlock(): block and undo data inconsistent\n");
2275  return DISCONNECT_FAILED;
2276  }
2277 
2278  // Ignore blocks that contain transactions which are 'overwritten' by later transactions,
2279  // unless those are already completely spent.
2280  // See https://github.com/bitcoin/bitcoin/issues/22596 for additional information.
2281  // Note: the blocks specified here are different than the ones used in ConnectBlock because DisconnectBlock
2282  // unwinds the blocks in reverse. As a result, the inconsistency is not discovered until the earlier
2283  // blocks with the duplicate coinbase transactions are disconnected.
2284  bool fEnforceBIP30 = !((pindex->nHeight==91722 && pindex->GetBlockHash() == uint256S("0x00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e")) ||
2285  (pindex->nHeight==91812 && pindex->GetBlockHash() == uint256S("0x00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f")));
2286 
2287  // undo transactions in reverse order
2288  for (int i = block.vtx.size() - 1; i >= 0; i--) {
2289  const CTransaction &tx = *(block.vtx[i]);
2290  Txid hash = tx.GetHash();
2291  bool is_coinbase = tx.IsCoinBase();
2292  bool is_bip30_exception = (is_coinbase && !fEnforceBIP30);
2293 
2294  // Check that all outputs are available and match the outputs in the block itself
2295  // exactly.
2296  for (size_t o = 0; o < tx.vout.size(); o++) {
2297  if (!tx.vout[o].scriptPubKey.IsUnspendable()) {
2298  COutPoint out(hash, o);
2299  Coin coin;
2300  bool is_spent = view.SpendCoin(out, &coin);
2301  if (!is_spent || tx.vout[o] != coin.out || pindex->nHeight != coin.nHeight || is_coinbase != coin.fCoinBase) {
2302  if (!is_bip30_exception) {
2303  fClean = false; // transaction output mismatch
2304  }
2305  }
2306  }
2307  }
2308 
2309  // restore inputs
2310  if (i > 0) { // not coinbases
2311  CTxUndo &txundo = blockUndo.vtxundo[i-1];
2312  if (txundo.vprevout.size() != tx.vin.size()) {
2313  LogError("DisconnectBlock(): transaction and undo data inconsistent\n");
2314  return DISCONNECT_FAILED;
2315  }
2316  for (unsigned int j = tx.vin.size(); j > 0;) {
2317  --j;
2318  const COutPoint& out = tx.vin[j].prevout;
2319  int res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
2320  if (res == DISCONNECT_FAILED) return DISCONNECT_FAILED;
2321  fClean = fClean && res != DISCONNECT_UNCLEAN;
2322  }
2323  // At this point, all of txundo.vprevout should have been moved out.
2324  }
2325  }
2326 
2327  // move best block pointer to prevout block
2328  view.SetBestBlock(pindex->pprev->GetBlockHash());
2329 
2330  return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2331 }
2332 
2337 {
2338 private:
2340  int m_bit;
2341 
2342 public:
2343  explicit WarningBitsConditionChecker(const ChainstateManager& chainman, int bit) : m_chainman{chainman}, m_bit(bit) {}
2344 
2345  int64_t BeginTime(const Consensus::Params& params) const override { return 0; }
2346  int64_t EndTime(const Consensus::Params& params) const override { return std::numeric_limits<int64_t>::max(); }
2347  int Period(const Consensus::Params& params) const override { return params.nMinerConfirmationWindow; }
2348  int Threshold(const Consensus::Params& params) const override { return params.nRuleChangeActivationThreshold; }
2349 
2350  bool Condition(const CBlockIndex* pindex, const Consensus::Params& params) const override
2351  {
2352  return pindex->nHeight >= params.MinBIP9WarningHeight &&
2354  ((pindex->nVersion >> m_bit) & 1) != 0 &&
2355  ((m_chainman.m_versionbitscache.ComputeBlockVersion(pindex->pprev, params) >> m_bit) & 1) == 0;
2356  }
2357 };
2358 
2359 static unsigned int GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman)
2360 {
2361  const Consensus::Params& consensusparams = chainman.GetConsensus();
2362 
2363  // BIP16 didn't become active until Apr 1 2012 (on mainnet, and
2364  // retroactively applied to testnet)
2365  // However, only one historical block violated the P2SH rules (on both
2366  // mainnet and testnet).
2367  // Similarly, only one historical block violated the TAPROOT rules on
2368  // mainnet.
2369  // For simplicity, always leave P2SH+WITNESS+TAPROOT on except for the two
2370  // violating blocks.
2372  const auto it{consensusparams.script_flag_exceptions.find(*Assert(block_index.phashBlock))};
2373  if (it != consensusparams.script_flag_exceptions.end()) {
2374  flags = it->second;
2375  }
2376 
2377  // Enforce the DERSIG (BIP66) rule
2378  if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_DERSIG)) {
2380  }
2381 
2382  // Enforce CHECKLOCKTIMEVERIFY (BIP65)
2383  if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CLTV)) {
2385  }
2386 
2387  // Enforce CHECKSEQUENCEVERIFY (BIP112)
2388  if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CSV)) {
2390  }
2391 
2392  // Enforce BIP147 NULLDUMMY (activated simultaneously with segwit)
2393  if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_SEGWIT)) {
2395  }
2396 
2397  return flags;
2398 }
2399 
2400 
2401 static SteadyClock::duration time_check{};
2402 static SteadyClock::duration time_forks{};
2403 static SteadyClock::duration time_connect{};
2404 static SteadyClock::duration time_verify{};
2405 static SteadyClock::duration time_undo{};
2406 static SteadyClock::duration time_index{};
2407 static SteadyClock::duration time_total{};
2408 static int64_t num_blocks_total = 0;
2409 
2413 bool Chainstate::ConnectBlock(const CBlock& block, BlockValidationState& state, CBlockIndex* pindex,
2414  CCoinsViewCache& view, bool fJustCheck)
2415 {
2417  assert(pindex);
2418 
2419  uint256 block_hash{block.GetHash()};
2420  assert(*pindex->phashBlock == block_hash);
2421  const bool parallel_script_checks{m_chainman.GetCheckQueue().HasThreads()};
2422 
2423  const auto time_start{SteadyClock::now()};
2424  const CChainParams& params{m_chainman.GetParams()};
2425 
2426  // Check it again in case a previous version let a bad block in
2427  // NOTE: We don't currently (re-)invoke ContextualCheckBlock() or
2428  // ContextualCheckBlockHeader() here. This means that if we add a new
2429  // consensus rule that is enforced in one of those two functions, then we
2430  // may have let in a block that violates the rule prior to updating the
2431  // software, and we would NOT be enforcing the rule here. Fully solving
2432  // upgrade from one software version to the next after a consensus rule
2433  // change is potentially tricky and issue-specific (see NeedsRedownload()
2434  // for one approach that was used for BIP 141 deployment).
2435  // Also, currently the rule against blocks more than 2 hours in the future
2436  // is enforced in ContextualCheckBlockHeader(); we wouldn't want to
2437  // re-enforce that rule here (at least until we make it impossible for
2438  // the clock to go backward).
2439  if (!CheckBlock(block, state, params.GetConsensus(), !fJustCheck, !fJustCheck)) {
2441  // We don't write down blocks to disk if they may have been
2442  // corrupted, so this should be impossible unless we're having hardware
2443  // problems.
2444  return FatalError(m_chainman.GetNotifications(), state, _("Corrupt block found indicating potential hardware failure."));
2445  }
2446  LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
2447  return false;
2448  }
2449 
2450  // verify that the view's current state corresponds to the previous block
2451  uint256 hashPrevBlock = pindex->pprev == nullptr ? uint256() : pindex->pprev->GetBlockHash();
2452  assert(hashPrevBlock == view.GetBestBlock());
2453 
2454  num_blocks_total++;
2455 
2456  // Special case for the genesis block, skipping connection of its transactions
2457  // (its coinbase is unspendable)
2458  if (block_hash == params.GetConsensus().hashGenesisBlock) {
2459  if (!fJustCheck)
2460  view.SetBestBlock(pindex->GetBlockHash());
2461  return true;
2462  }
2463 
2464  bool fScriptChecks = true;
2465  if (!m_chainman.AssumedValidBlock().IsNull()) {
2466  // We've been configured with the hash of a block which has been externally verified to have a valid history.
2467  // A suitable default value is included with the software and updated from time to time. Because validity
2468  // relative to a piece of software is an objective fact these defaults can be easily reviewed.
2469  // This setting doesn't force the selection of any particular chain but makes validating some faster by
2470  // effectively caching the result of part of the verification.
2471  BlockMap::const_iterator it{m_blockman.m_block_index.find(m_chainman.AssumedValidBlock())};
2472  if (it != m_blockman.m_block_index.end()) {
2473  if (it->second.GetAncestor(pindex->nHeight) == pindex &&
2474  m_chainman.m_best_header->GetAncestor(pindex->nHeight) == pindex &&
2475  m_chainman.m_best_header->nChainWork >= m_chainman.MinimumChainWork()) {
2476  // This block is a member of the assumed verified chain and an ancestor of the best header.
2477  // Script verification is skipped when connecting blocks under the
2478  // assumevalid block. Assuming the assumevalid block is valid this
2479  // is safe because block merkle hashes are still computed and checked,
2480  // Of course, if an assumed valid block is invalid due to false scriptSigs
2481  // this optimization would allow an invalid chain to be accepted.
2482  // The equivalent time check discourages hash power from extorting the network via DOS attack
2483  // into accepting an invalid block through telling users they must manually set assumevalid.
2484  // Requiring a software change or burying the invalid block, regardless of the setting, makes
2485  // it hard to hide the implication of the demand. This also avoids having release candidates
2486  // that are hardly doing any signature verification at all in testing without having to
2487  // artificially set the default assumed verified block further back.
2488  // The test against the minimum chain work prevents the skipping when denied access to any chain at
2489  // least as good as the expected chain.
2490  fScriptChecks = (GetBlockProofEquivalentTime(*m_chainman.m_best_header, *pindex, *m_chainman.m_best_header, params.GetConsensus()) <= 60 * 60 * 24 * 7 * 2);
2491  }
2492  }
2493  }
2494 
2495  const auto time_1{SteadyClock::now()};
2496  time_check += time_1 - time_start;
2497  LogPrint(BCLog::BENCH, " - Sanity checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2498  Ticks<MillisecondsDouble>(time_1 - time_start),
2499  Ticks<SecondsDouble>(time_check),
2500  Ticks<MillisecondsDouble>(time_check) / num_blocks_total);
2501 
2502  // Do not allow blocks that contain transactions which 'overwrite' older transactions,
2503  // unless those are already completely spent.
2504  // If such overwrites are allowed, coinbases and transactions depending upon those
2505  // can be duplicated to remove the ability to spend the first instance -- even after
2506  // being sent to another address.
2507  // See BIP30, CVE-2012-1909, and http://r6.ca/blog/20120206T005236Z.html for more information.
2508  // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC.
2509  // Now that the whole chain is irreversibly beyond that time it is applied to all blocks except the
2510  // two in the chain that violate it. This prevents exploiting the issue against nodes during their
2511  // initial block download.
2512  bool fEnforceBIP30 = !IsBIP30Repeat(*pindex);
2513 
2514  // Once BIP34 activated it was not possible to create new duplicate coinbases and thus other than starting
2515  // with the 2 existing duplicate coinbase pairs, not possible to create overwriting txs. But by the
2516  // time BIP34 activated, in each of the existing pairs the duplicate coinbase had overwritten the first
2517  // before the first had been spent. Since those coinbases are sufficiently buried it's no longer possible to create further
2518  // duplicate transactions descending from the known pairs either.
2519  // If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
2520 
2521  // BIP34 requires that a block at height X (block X) has its coinbase
2522  // scriptSig start with a CScriptNum of X (indicated height X). The above
2523  // logic of no longer requiring BIP30 once BIP34 activates is flawed in the
2524  // case that there is a block X before the BIP34 height of 227,931 which has
2525  // an indicated height Y where Y is greater than X. The coinbase for block
2526  // X would also be a valid coinbase for block Y, which could be a BIP30
2527  // violation. An exhaustive search of all mainnet coinbases before the
2528  // BIP34 height which have an indicated height greater than the block height
2529  // reveals many occurrences. The 3 lowest indicated heights found are
2530  // 209,921, 490,897, and 1,983,702 and thus coinbases for blocks at these 3
2531  // heights would be the first opportunity for BIP30 to be violated.
2532 
2533  // The search reveals a great many blocks which have an indicated height
2534  // greater than 1,983,702, so we simply remove the optimization to skip
2535  // BIP30 checking for blocks at height 1,983,702 or higher. Before we reach
2536  // that block in another 25 years or so, we should take advantage of a
2537  // future consensus change to do a new and improved version of BIP34 that
2538  // will actually prevent ever creating any duplicate coinbases in the
2539  // future.
2540  static constexpr int BIP34_IMPLIES_BIP30_LIMIT = 1983702;
2541 
2542  // There is no potential to create a duplicate coinbase at block 209,921
2543  // because this is still before the BIP34 height and so explicit BIP30
2544  // checking is still active.
2545 
2546  // The final case is block 176,684 which has an indicated height of
2547  // 490,897. Unfortunately, this issue was not discovered until about 2 weeks
2548  // before block 490,897 so there was not much opportunity to address this
2549  // case other than to carefully analyze it and determine it would not be a
2550  // problem. Block 490,897 was, in fact, mined with a different coinbase than
2551  // block 176,684, but it is important to note that even if it hadn't been or
2552  // is remined on an alternate fork with a duplicate coinbase, we would still
2553  // not run into a BIP30 violation. This is because the coinbase for 176,684
2554  // is spent in block 185,956 in transaction
2555  // d4f7fbbf92f4a3014a230b2dc70b8058d02eb36ac06b4a0736d9d60eaa9e8781. This
2556  // spending transaction can't be duplicated because it also spends coinbase
2557  // 0328dd85c331237f18e781d692c92de57649529bd5edf1d01036daea32ffde29. This
2558  // coinbase has an indicated height of over 4.2 billion, and wouldn't be
2559  // duplicatable until that height, and it's currently impossible to create a
2560  // chain that long. Nevertheless we may wish to consider a future soft fork
2561  // which retroactively prevents block 490,897 from creating a duplicate
2562  // coinbase. The two historical BIP30 violations often provide a confusing
2563  // edge case when manipulating the UTXO and it would be simpler not to have
2564  // another edge case to deal with.
2565 
2566  // testnet3 has no blocks before the BIP34 height with indicated heights
2567  // post BIP34 before approximately height 486,000,000. After block
2568  // 1,983,702 testnet3 starts doing unnecessary BIP30 checking again.
2569  assert(pindex->pprev);
2570  CBlockIndex* pindexBIP34height = pindex->pprev->GetAncestor(params.GetConsensus().BIP34Height);
2571  //Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
2572  fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == params.GetConsensus().BIP34Hash));
2573 
2574  // TODO: Remove BIP30 checking from block height 1,983,702 on, once we have a
2575  // consensus change that ensures coinbases at those heights cannot
2576  // duplicate earlier coinbases.
2577  if (fEnforceBIP30 || pindex->nHeight >= BIP34_IMPLIES_BIP30_LIMIT) {
2578  for (const auto& tx : block.vtx) {
2579  for (size_t o = 0; o < tx->vout.size(); o++) {
2580  if (view.HaveCoin(COutPoint(tx->GetHash(), o))) {
2581  LogPrintf("ERROR: ConnectBlock(): tried to overwrite transaction\n");
2582  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-BIP30");
2583  }
2584  }
2585  }
2586  }
2587 
2588  // Enforce BIP68 (sequence locks)
2589  int nLockTimeFlags = 0;
2591  nLockTimeFlags |= LOCKTIME_VERIFY_SEQUENCE;
2592  }
2593 
2594  // Get the script flags for this block
2595  unsigned int flags{GetBlockScriptFlags(*pindex, m_chainman)};
2596 
2597  const auto time_2{SteadyClock::now()};
2598  time_forks += time_2 - time_1;
2599  LogPrint(BCLog::BENCH, " - Fork checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2600  Ticks<MillisecondsDouble>(time_2 - time_1),
2601  Ticks<SecondsDouble>(time_forks),
2602  Ticks<MillisecondsDouble>(time_forks) / num_blocks_total);
2603 
2604  CBlockUndo blockundo;
2605 
2606  // Precomputed transaction data pointers must not be invalidated
2607  // until after `control` has run the script checks (potentially
2608  // in multiple threads). Preallocate the vector size so a new allocation
2609  // doesn't invalidate pointers into the vector, and keep txsdata in scope
2610  // for as long as `control`.
2611  CCheckQueueControl<CScriptCheck> control(fScriptChecks && parallel_script_checks ? &m_chainman.GetCheckQueue() : nullptr);
2612  std::vector<PrecomputedTransactionData> txsdata(block.vtx.size());
2613 
2614  std::vector<int> prevheights;
2615  CAmount nFees = 0;
2616  int nInputs = 0;
2617  int64_t nSigOpsCost = 0;
2618  blockundo.vtxundo.reserve(block.vtx.size() - 1);
2619  for (unsigned int i = 0; i < block.vtx.size(); i++)
2620  {
2621  const CTransaction &tx = *(block.vtx[i]);
2622 
2623  nInputs += tx.vin.size();
2624 
2625  if (!tx.IsCoinBase())
2626  {
2627  CAmount txfee = 0;
2628  TxValidationState tx_state;
2629  if (!Consensus::CheckTxInputs(tx, tx_state, view, pindex->nHeight, txfee)) {
2630  // Any transaction validation failure in ConnectBlock is a block consensus failure
2632  tx_state.GetRejectReason(), tx_state.GetDebugMessage());
2633  LogError("%s: Consensus::CheckTxInputs: %s, %s\n", __func__, tx.GetHash().ToString(), state.ToString());
2634  return false;
2635  }
2636  nFees += txfee;
2637  if (!MoneyRange(nFees)) {
2638  LogPrintf("ERROR: %s: accumulated fee in the block out of range.\n", __func__);
2639  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-accumulated-fee-outofrange");
2640  }
2641 
2642  // Check that transaction is BIP68 final
2643  // BIP68 lock checks (as opposed to nLockTime checks) must
2644  // be in ConnectBlock because they require the UTXO set
2645  prevheights.resize(tx.vin.size());
2646  for (size_t j = 0; j < tx.vin.size(); j++) {
2647  prevheights[j] = view.AccessCoin(tx.vin[j].prevout).nHeight;
2648  }
2649 
2650  if (!SequenceLocks(tx, nLockTimeFlags, prevheights, *pindex)) {
2651  LogPrintf("ERROR: %s: contains a non-BIP68-final transaction\n", __func__);
2652  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal");
2653  }
2654  }
2655 
2656  // GetTransactionSigOpCost counts 3 types of sigops:
2657  // * legacy (always)
2658  // * p2sh (when P2SH enabled in flags and excludes coinbase)
2659  // * witness (when witness enabled in flags and excludes coinbase)
2660  nSigOpsCost += GetTransactionSigOpCost(tx, view, flags);
2661  if (nSigOpsCost > MAX_BLOCK_SIGOPS_COST) {
2662  LogPrintf("ERROR: ConnectBlock(): too many sigops\n");
2663  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops");
2664  }
2665 
2666  if (!tx.IsCoinBase())
2667  {
2668  std::vector<CScriptCheck> vChecks;
2669  bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
2670  TxValidationState tx_state;
2671  if (fScriptChecks && !CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], parallel_script_checks ? &vChecks : nullptr)) {
2672  // Any transaction validation failure in ConnectBlock is a block consensus failure
2674  tx_state.GetRejectReason(), tx_state.GetDebugMessage());
2675  LogError("ConnectBlock(): CheckInputScripts on %s failed with %s\n",
2676  tx.GetHash().ToString(), state.ToString());
2677  return false;
2678  }
2679  control.Add(std::move(vChecks));
2680  }
2681 
2682  CTxUndo undoDummy;
2683  if (i > 0) {
2684  blockundo.vtxundo.emplace_back();
2685  }
2686  UpdateCoins(tx, view, i == 0 ? undoDummy : blockundo.vtxundo.back(), pindex->nHeight);
2687  }
2688  const auto time_3{SteadyClock::now()};
2689  time_connect += time_3 - time_2;
2690  LogPrint(BCLog::BENCH, " - Connect %u transactions: %.2fms (%.3fms/tx, %.3fms/txin) [%.2fs (%.2fms/blk)]\n", (unsigned)block.vtx.size(),
2691  Ticks<MillisecondsDouble>(time_3 - time_2), Ticks<MillisecondsDouble>(time_3 - time_2) / block.vtx.size(),
2692  nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_3 - time_2) / (nInputs - 1),
2693  Ticks<SecondsDouble>(time_connect),
2694  Ticks<MillisecondsDouble>(time_connect) / num_blocks_total);
2695 
2696  CAmount blockReward = nFees + GetBlockSubsidy(pindex->nHeight, params.GetConsensus());
2697  if (block.vtx[0]->GetValueOut() > blockReward) {
2698  LogPrintf("ERROR: ConnectBlock(): coinbase pays too much (actual=%d vs limit=%d)\n", block.vtx[0]->GetValueOut(), blockReward);
2699  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-amount");
2700  }
2701 
2702  if (!control.Wait()) {
2703  LogPrintf("ERROR: %s: CheckQueue failed\n", __func__);
2704  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "block-validation-failed");
2705  }
2706  const auto time_4{SteadyClock::now()};
2707  time_verify += time_4 - time_2;
2708  LogPrint(BCLog::BENCH, " - Verify %u txins: %.2fms (%.3fms/txin) [%.2fs (%.2fms/blk)]\n", nInputs - 1,
2709  Ticks<MillisecondsDouble>(time_4 - time_2),
2710  nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_4 - time_2) / (nInputs - 1),
2711  Ticks<SecondsDouble>(time_verify),
2712  Ticks<MillisecondsDouble>(time_verify) / num_blocks_total);
2713 
2714  if (fJustCheck)
2715  return true;
2716 
2717  if (!m_blockman.WriteUndoDataForBlock(blockundo, state, *pindex)) {
2718  return false;
2719  }
2720 
2721  const auto time_5{SteadyClock::now()};
2722  time_undo += time_5 - time_4;
2723  LogPrint(BCLog::BENCH, " - Write undo data: %.2fms [%.2fs (%.2fms/blk)]\n",
2724  Ticks<MillisecondsDouble>(time_5 - time_4),
2725  Ticks<SecondsDouble>(time_undo),
2726  Ticks<MillisecondsDouble>(time_undo) / num_blocks_total);
2727 
2728  if (!pindex->IsValid(BLOCK_VALID_SCRIPTS)) {
2730  m_blockman.m_dirty_blockindex.insert(pindex);
2731  }
2732 
2733  // add this block to the view's block chain
2734  view.SetBestBlock(pindex->GetBlockHash());
2735 
2736  const auto time_6{SteadyClock::now()};
2737  time_index += time_6 - time_5;
2738  LogPrint(BCLog::BENCH, " - Index writing: %.2fms [%.2fs (%.2fms/blk)]\n",
2739  Ticks<MillisecondsDouble>(time_6 - time_5),
2740  Ticks<SecondsDouble>(time_index),
2741  Ticks<MillisecondsDouble>(time_index) / num_blocks_total);
2742 
2743  TRACE6(validation, block_connected,
2744  block_hash.data(),
2745  pindex->nHeight,
2746  block.vtx.size(),
2747  nInputs,
2748  nSigOpsCost,
2749  time_5 - time_start // in microseconds (µs)
2750  );
2751 
2752  return true;
2753 }
2754 
2755 CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState()
2756 {
2758  return this->GetCoinsCacheSizeState(
2761 }
2762 
2763 CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState(
2764  size_t max_coins_cache_size_bytes,
2765  size_t max_mempool_size_bytes)
2766 {
2768  const int64_t nMempoolUsage = m_mempool ? m_mempool->DynamicMemoryUsage() : 0;
2769  int64_t cacheSize = CoinsTip().DynamicMemoryUsage();
2770  int64_t nTotalSpace =
2771  max_coins_cache_size_bytes + std::max<int64_t>(int64_t(max_mempool_size_bytes) - nMempoolUsage, 0);
2772 
2774  static constexpr int64_t MAX_BLOCK_COINSDB_USAGE_BYTES = 10 * 1024 * 1024; // 10MB
2775  int64_t large_threshold =
2776  std::max((9 * nTotalSpace) / 10, nTotalSpace - MAX_BLOCK_COINSDB_USAGE_BYTES);
2777 
2778  if (cacheSize > nTotalSpace) {
2779  LogPrintf("Cache size (%s) exceeds total space (%s)\n", cacheSize, nTotalSpace);
2781  } else if (cacheSize > large_threshold) {
2783  }
2784  return CoinsCacheSizeState::OK;
2785 }
2786 
2787 bool Chainstate::FlushStateToDisk(
2788  BlockValidationState &state,
2789  FlushStateMode mode,
2790  int nManualPruneHeight)
2791 {
2792  LOCK(cs_main);
2793  assert(this->CanFlushToDisk());
2794  std::set<int> setFilesToPrune;
2795  bool full_flush_completed = false;
2796 
2797  const size_t coins_count = CoinsTip().GetCacheSize();
2798  const size_t coins_mem_usage = CoinsTip().DynamicMemoryUsage();
2799 
2800  try {
2801  {
2802  bool fFlushForPrune = false;
2803  bool fDoFullFlush = false;
2804 
2805  CoinsCacheSizeState cache_state = GetCoinsCacheSizeState();
2808  // make sure we don't prune above any of the prune locks bestblocks
2809  // pruning is height-based
2810  int last_prune{m_chain.Height()}; // last height we can prune
2811  std::optional<std::string> limiting_lock; // prune lock that actually was the limiting factor, only used for logging
2812 
2813  for (const auto& prune_lock : m_blockman.m_prune_locks) {
2814  if (prune_lock.second.height_first == std::numeric_limits<int>::max()) continue;
2815  // Remove the buffer and one additional block here to get actual height that is outside of the buffer
2816  const int lock_height{prune_lock.second.height_first - PRUNE_LOCK_BUFFER - 1};
2817  last_prune = std::max(1, std::min(last_prune, lock_height));
2818  if (last_prune == lock_height) {
2819  limiting_lock = prune_lock.first;
2820  }
2821  }
2822 
2823  if (limiting_lock) {
2824  LogPrint(BCLog::PRUNE, "%s limited pruning to height %d\n", limiting_lock.value(), last_prune);
2825  }
2826 
2827  if (nManualPruneHeight > 0) {
2828  LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune (manual)", BCLog::BENCH);
2829 
2831  setFilesToPrune,
2832  std::min(last_prune, nManualPruneHeight),
2833  *this, m_chainman);
2834  } else {
2835  LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune", BCLog::BENCH);
2836 
2837  m_blockman.FindFilesToPrune(setFilesToPrune, last_prune, *this, m_chainman);
2839  }
2840  if (!setFilesToPrune.empty()) {
2841  fFlushForPrune = true;
2842  if (!m_blockman.m_have_pruned) {
2843  m_blockman.m_block_tree_db->WriteFlag("prunedblockfiles", true);
2844  m_blockman.m_have_pruned = true;
2845  }
2846  }
2847  }
2848  const auto nNow{SteadyClock::now()};
2849  // Avoid writing/flushing immediately after startup.
2850  if (m_last_write == decltype(m_last_write){}) {
2851  m_last_write = nNow;
2852  }
2853  if (m_last_flush == decltype(m_last_flush){}) {
2854  m_last_flush = nNow;
2855  }
2856  // The cache is large and we're within 10% and 10 MiB of the limit, but we have time now (not in the middle of a block processing).
2857  bool fCacheLarge = mode == FlushStateMode::PERIODIC && cache_state >= CoinsCacheSizeState::LARGE;
2858  // The cache is over the limit, we have to write now.
2859  bool fCacheCritical = mode == FlushStateMode::IF_NEEDED && cache_state >= CoinsCacheSizeState::CRITICAL;
2860  // It's been a while since we wrote the block index to disk. Do this frequently, so we don't need to redownload after a crash.
2861  bool fPeriodicWrite = mode == FlushStateMode::PERIODIC && nNow > m_last_write + DATABASE_WRITE_INTERVAL;
2862  // It's been very long since we flushed the cache. Do this infrequently, to optimize cache usage.
2863  bool fPeriodicFlush = mode == FlushStateMode::PERIODIC && nNow > m_last_flush + DATABASE_FLUSH_INTERVAL;
2864  // Combine all conditions that result in a full cache flush.
2865  fDoFullFlush = (mode == FlushStateMode::ALWAYS) || fCacheLarge || fCacheCritical || fPeriodicFlush || fFlushForPrune;
2866  // Write blocks and block index to disk.
2867  if (fDoFullFlush || fPeriodicWrite) {
2868  // Ensure we can write block index
2870  return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2871  }
2872  {
2873  LOG_TIME_MILLIS_WITH_CATEGORY("write block and undo data to disk", BCLog::BENCH);
2874 
2875  // First make sure all block and undo data is flushed to disk.
2876  // TODO: Handle return error, or add detailed comment why it is
2877  // safe to not return an error upon failure.
2879  LogPrintLevel(BCLog::VALIDATION, BCLog::Level::Warning, "%s: Failed to flush block file.\n", __func__);
2880  }
2881  }
2882 
2883  // Then update all block file information (which may refer to block and undo files).
2884  {
2885  LOG_TIME_MILLIS_WITH_CATEGORY("write block index to disk", BCLog::BENCH);
2886 
2887  if (!m_blockman.WriteBlockIndexDB()) {
2888  return FatalError(m_chainman.GetNotifications(), state, _("Failed to write to block index database."));
2889  }
2890  }
2891  // Finally remove any pruned files
2892  if (fFlushForPrune) {
2893  LOG_TIME_MILLIS_WITH_CATEGORY("unlink pruned files", BCLog::BENCH);
2894 
2895  m_blockman.UnlinkPrunedFiles(setFilesToPrune);
2896  }
2897  m_last_write = nNow;
2898  }
2899  // Flush best chain related state. This can only be done if the blocks / block index write was also done.
2900  if (fDoFullFlush && !CoinsTip().GetBestBlock().IsNull()) {
2901  LOG_TIME_MILLIS_WITH_CATEGORY(strprintf("write coins cache to disk (%d coins, %.2fkB)",
2902  coins_count, coins_mem_usage / 1000), BCLog::BENCH);
2903 
2904  // Typical Coin structures on disk are around 48 bytes in size.
2905  // Pushing a new one to the database can cause it to be written
2906  // twice (once in the log, and once in the tables). This is already
2907  // an overestimation, as most will delete an existing entry or
2908  // overwrite one. Still, use a conservative safety factor of 2.
2909  if (!CheckDiskSpace(m_chainman.m_options.datadir, 48 * 2 * 2 * CoinsTip().GetCacheSize())) {
2910  return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2911  }
2912  // Flush the chainstate (which may refer to block index entries).
2913  const auto empty_cache{(mode == FlushStateMode::ALWAYS) || fCacheLarge || fCacheCritical || fFlushForPrune};
2914  if (empty_cache ? !CoinsTip().Flush() : !CoinsTip().Sync()) {
2915  return FatalError(m_chainman.GetNotifications(), state, _("Failed to write to coin database."));
2916  }
2917  m_last_flush = nNow;
2918  full_flush_completed = true;
2919  TRACE5(utxocache, flush,
2920  int64_t{Ticks<std::chrono::microseconds>(SteadyClock::now() - nNow)},
2921  (uint32_t)mode,
2922  (uint64_t)coins_count,
2923  (uint64_t)coins_mem_usage,
2924  (bool)fFlushForPrune);
2925  }
2926  }
2927  if (full_flush_completed && m_chainman.m_options.signals) {
2928  // Update best block in wallet (so we can detect restored wallets).
2930  }
2931  } catch (const std::runtime_error& e) {
2932  return FatalError(m_chainman.GetNotifications(), state, strprintf(_("System error while flushing: %s"), e.what()));
2933  }
2934  return true;
2935 }
2936 
2938 {
2939  BlockValidationState state;
2940  if (!this->FlushStateToDisk(state, FlushStateMode::ALWAYS)) {
2941  LogPrintf("%s: failed to flush state (%s)\n", __func__, state.ToString());
2942  }
2943 }
2944 
2946 {
2947  BlockValidationState state;
2949  if (!this->FlushStateToDisk(state, FlushStateMode::NONE)) {
2950  LogPrintf("%s: failed to flush state (%s)\n", __func__, state.ToString());
2951  }
2952 }
2953 
2954 static void UpdateTipLog(
2955  const CCoinsViewCache& coins_tip,
2956  const CBlockIndex* tip,
2957  const CChainParams& params,
2958  const std::string& func_name,
2959  const std::string& prefix,
2960  const std::string& warning_messages) EXCLUSIVE_LOCKS_REQUIRED(::cs_main)
2961 {
2962 
2964  LogPrintf("%s%s: new best=%s height=%d version=0x%08x log2_work=%f tx=%lu date='%s' progress=%f cache=%.1fMiB(%utxo)%s\n",
2965  prefix, func_name,
2966  tip->GetBlockHash().ToString(), tip->nHeight, tip->nVersion,
2967  log(tip->nChainWork.getdouble()) / log(2.0), (unsigned long)tip->nChainTx,
2969  GuessVerificationProgress(params.TxData(), tip),
2970  coins_tip.DynamicMemoryUsage() * (1.0 / (1 << 20)),
2971  coins_tip.GetCacheSize(),
2972  !warning_messages.empty() ? strprintf(" warning='%s'", warning_messages) : "");
2973 }
2974 
2975 void Chainstate::UpdateTip(const CBlockIndex* pindexNew)
2976 {
2978  const auto& coins_tip = this->CoinsTip();
2979 
2980  const CChainParams& params{m_chainman.GetParams()};
2981 
2982  // The remainder of the function isn't relevant if we are not acting on
2983  // the active chainstate, so return if need be.
2984  if (this != &m_chainman.ActiveChainstate()) {
2985  // Only log every so often so that we don't bury log messages at the tip.
2986  constexpr int BACKGROUND_LOG_INTERVAL = 2000;
2987  if (pindexNew->nHeight % BACKGROUND_LOG_INTERVAL == 0) {
2988  UpdateTipLog(coins_tip, pindexNew, params, __func__, "[background validation] ", "");
2989  }
2990  return;
2991  }
2992 
2993  // New best block
2994  if (m_mempool) {
2996  }
2997 
2998  {
3000  g_best_block = pindexNew->GetBlockHash();
3001  g_best_block_cv.notify_all();
3002  }
3003 
3004  std::vector<bilingual_str> warning_messages;
3006  const CBlockIndex* pindex = pindexNew;
3007  for (int bit = 0; bit < VERSIONBITS_NUM_BITS; bit++) {
3009  ThresholdState state = checker.GetStateFor(pindex, params.GetConsensus(), m_chainman.m_warningcache.at(bit));
3010  if (state == ThresholdState::ACTIVE || state == ThresholdState::LOCKED_IN) {
3011  const bilingual_str warning = strprintf(_("Unknown new rules activated (versionbit %i)"), bit);
3012  if (state == ThresholdState::ACTIVE) {
3014  } else {
3015  warning_messages.push_back(warning);
3016  }
3017  }
3018  }
3019  }
3020  UpdateTipLog(coins_tip, pindexNew, params, __func__, "",
3021  util::Join(warning_messages, Untranslated(", ")).original);
3022 }
3023 
3035 {
3038 
3039  CBlockIndex *pindexDelete = m_chain.Tip();
3040  assert(pindexDelete);
3041  assert(pindexDelete->pprev);
3042  // Read block from disk.
3043  std::shared_ptr<CBlock> pblock = std::make_shared<CBlock>();
3044  CBlock& block = *pblock;
3045  if (!m_blockman.ReadBlockFromDisk(block, *pindexDelete)) {
3046  LogError("DisconnectTip(): Failed to read block\n");
3047  return false;
3048  }
3049  // Apply the block atomically to the chain state.
3050  const auto time_start{SteadyClock::now()};
3051  {
3052  CCoinsViewCache view(&CoinsTip());
3053  assert(view.GetBestBlock() == pindexDelete->GetBlockHash());
3054  if (DisconnectBlock(block, pindexDelete, view) != DISCONNECT_OK) {
3055  LogError("DisconnectTip(): DisconnectBlock %s failed\n", pindexDelete->GetBlockHash().ToString());
3056  return false;
3057  }
3058  bool flushed = view.Flush();
3059  assert(flushed);
3060  }
3061  LogPrint(BCLog::BENCH, "- Disconnect block: %.2fms\n",
3062  Ticks<MillisecondsDouble>(SteadyClock::now() - time_start));
3063 
3064  {
3065  // Prune locks that began at or after the tip should be moved backward so they get a chance to reorg
3066  const int max_height_first{pindexDelete->nHeight - 1};
3067  for (auto& prune_lock : m_blockman.m_prune_locks) {
3068  if (prune_lock.second.height_first <= max_height_first) continue;
3069 
3070  prune_lock.second.height_first = max_height_first;
3071  LogPrint(BCLog::PRUNE, "%s prune lock moved back to %d\n", prune_lock.first, max_height_first);
3072  }
3073  }
3074 
3075  // Write the chain state to disk, if necessary.
3076  if (!FlushStateToDisk(state, FlushStateMode::IF_NEEDED)) {
3077  return false;
3078  }
3079 
3080  if (disconnectpool && m_mempool) {
3081  // Save transactions to re-add to mempool at end of reorg. If any entries are evicted for
3082  // exceeding memory limits, remove them and their descendants from the mempool.
3083  for (auto&& evicted_tx : disconnectpool->AddTransactionsFromBlock(block.vtx)) {
3085  }
3086  }
3087 
3088  m_chain.SetTip(*pindexDelete->pprev);
3089 
3090  UpdateTip(pindexDelete->pprev);
3091  // Let wallets know transactions went from 1-confirmed to
3092  // 0-confirmed or conflicted:
3094  m_chainman.m_options.signals->BlockDisconnected(pblock, pindexDelete);
3095  }
3096  return true;
3097 }
3098 
3099 static SteadyClock::duration time_connect_total{};
3100 static SteadyClock::duration time_flush{};
3101 static SteadyClock::duration time_chainstate{};
3102 static SteadyClock::duration time_post_connect{};
3103 
3105  CBlockIndex* pindex = nullptr;
3106  std::shared_ptr<const CBlock> pblock;
3108 };
3117 private:
3118  std::vector<PerBlockConnectTrace> blocksConnected;
3119 
3120 public:
3121  explicit ConnectTrace() : blocksConnected(1) {}
3122 
3123  void BlockConnected(CBlockIndex* pindex, std::shared_ptr<const CBlock> pblock) {
3124  assert(!blocksConnected.back().pindex);
3125  assert(pindex);
3126  assert(pblock);
3127  blocksConnected.back().pindex = pindex;
3128  blocksConnected.back().pblock = std::move(pblock);
3129  blocksConnected.emplace_back();
3130  }
3131 
3132  std::vector<PerBlockConnectTrace>& GetBlocksConnected() {
3133  // We always keep one extra block at the end of our list because
3134  // blocks are added after all the conflicted transactions have
3135  // been filled in. Thus, the last entry should always be an empty
3136  // one waiting for the transactions from the next block. We pop
3137  // the last entry here to make sure the list we return is sane.
3138  assert(!blocksConnected.back().pindex);
3139  blocksConnected.pop_back();
3140  return blocksConnected;
3141  }
3142 };
3143 
3150 bool Chainstate::ConnectTip(BlockValidationState& state, CBlockIndex* pindexNew, const std::shared_ptr<const CBlock>& pblock, ConnectTrace& connectTrace, DisconnectedBlockTransactions& disconnectpool)
3151 {
3154 
3155  assert(pindexNew->pprev == m_chain.Tip());
3156  // Read block from disk.
3157  const auto time_1{SteadyClock::now()};
3158  std::shared_ptr<const CBlock> pthisBlock;
3159  if (!pblock) {
3160  std::shared_ptr<CBlock> pblockNew = std::make_shared<CBlock>();
3161  if (!m_blockman.ReadBlockFromDisk(*pblockNew, *pindexNew)) {
3162  return FatalError(m_chainman.GetNotifications(), state, _("Failed to read block."));
3163  }
3164  pthisBlock = pblockNew;
3165  } else {
3166  LogPrint(BCLog::BENCH, " - Using cached block\n");
3167  pthisBlock = pblock;
3168  }
3169  const CBlock& blockConnecting = *pthisBlock;
3170  // Apply the block atomically to the chain state.
3171  const auto time_2{SteadyClock::now()};
3172  SteadyClock::time_point time_3;
3173  // When adding aggregate statistics in the future, keep in mind that
3174  // num_blocks_total may be zero until the ConnectBlock() call below.
3175  LogPrint(BCLog::BENCH, " - Load block from disk: %.2fms\n",
3176  Ticks<MillisecondsDouble>(time_2 - time_1));
3177  {
3178  CCoinsViewCache view(&CoinsTip());
3179  bool rv = ConnectBlock(blockConnecting, state, pindexNew, view);
3181  m_chainman.m_options.signals->BlockChecked(blockConnecting, state);
3182  }
3183  if (!rv) {
3184  if (state.IsInvalid())
3185  InvalidBlockFound(pindexNew, state);
3186  LogError("%s: ConnectBlock %s failed, %s\n", __func__, pindexNew->GetBlockHash().ToString(), state.ToString());
3187  return false;
3188  }
3189  time_3 = SteadyClock::now();
3190  time_connect_total += time_3 - time_2;
3191  assert(num_blocks_total > 0);
3192  LogPrint(BCLog::BENCH, " - Connect total: %.2fms [%.2fs (%.2fms/blk)]\n",
3193  Ticks<MillisecondsDouble>(time_3 - time_2),
3194  Ticks<SecondsDouble>(time_connect_total),
3195  Ticks<MillisecondsDouble>(time_connect_total) / num_blocks_total);
3196  bool flushed = view.Flush();
3197  assert(flushed);
3198  }
3199  const auto time_4{SteadyClock::now()};
3200  time_flush += time_4 - time_3;
3201  LogPrint(BCLog::BENCH, " - Flush: %.2fms [%.2fs (%.2fms/blk)]\n",
3202  Ticks<MillisecondsDouble>(time_4 - time_3),
3203  Ticks<SecondsDouble>(time_flush),
3204  Ticks<MillisecondsDouble>(time_flush) / num_blocks_total);
3205  // Write the chain state to disk, if necessary.
3206  if (!FlushStateToDisk(state, FlushStateMode::IF_NEEDED)) {
3207  return false;
3208  }
3209  const auto time_5{SteadyClock::now()};
3210  time_chainstate += time_5 - time_4;
3211  LogPrint(BCLog::BENCH, " - Writing chainstate: %.2fms [%.2fs (%.2fms/blk)]\n",
3212  Ticks<MillisecondsDouble>(time_5 - time_4),
3213  Ticks<SecondsDouble>(time_chainstate),
3214  Ticks<MillisecondsDouble>(time_chainstate) / num_blocks_total);
3215  // Remove conflicting transactions from the mempool.;
3216  if (m_mempool) {
3217  m_mempool->removeForBlock(blockConnecting.vtx, pindexNew->nHeight);
3218  disconnectpool.removeForBlock(blockConnecting.vtx);
3219  }
3220  // Update m_chain & related variables.
3221  m_chain.SetTip(*pindexNew);
3222  UpdateTip(pindexNew);
3223 
3224  const auto time_6{SteadyClock::now()};
3225  time_post_connect += time_6 - time_5;
3226  time_total += time_6 - time_1;
3227  LogPrint(BCLog::BENCH, " - Connect postprocess: %.2fms [%.2fs (%.2fms/blk)]\n",
3228  Ticks<MillisecondsDouble>(time_6 - time_5),
3229  Ticks<SecondsDouble>(time_post_connect),
3230  Ticks<MillisecondsDouble>(time_post_connect) / num_blocks_total);
3231  LogPrint(BCLog::BENCH, "- Connect block: %.2fms [%.2fs (%.2fms/blk)]\n",
3232  Ticks<MillisecondsDouble>(time_6 - time_1),
3233  Ticks<SecondsDouble>(time_total),
3234  Ticks<MillisecondsDouble>(time_total) / num_blocks_total);
3235 
3236  // If we are the background validation chainstate, check to see if we are done
3237  // validating the snapshot (i.e. our tip has reached the snapshot's base block).
3238  if (this != &m_chainman.ActiveChainstate()) {
3239  // This call may set `m_disabled`, which is referenced immediately afterwards in
3240  // ActivateBestChain, so that we stop connecting blocks past the snapshot base.
3241  m_chainman.MaybeCompleteSnapshotValidation();
3242  }
3243 
3244  connectTrace.BlockConnected(pindexNew, std::move(pthisBlock));
3245  return true;
3246 }
3247 
3253 {
3255  do {
3256  CBlockIndex *pindexNew = nullptr;
3257 
3258  // Find the best candidate header.
3259  {
3260  std::set<CBlockIndex*, CBlockIndexWorkComparator>::reverse_iterator it = setBlockIndexCandidates.rbegin();
3261  if (it == setBlockIndexCandidates.rend())
3262  return nullptr;
3263  pindexNew = *it;
3264  }
3265 
3266  // Check whether all blocks on the path between the currently active chain and the candidate are valid.
3267  // Just going until the active chain is an optimization, as we know all blocks in it are valid already.
3268  CBlockIndex *pindexTest = pindexNew;
3269  bool fInvalidAncestor = false;
3270  while (pindexTest && !m_chain.Contains(pindexTest)) {
3271  assert(pindexTest->HaveNumChainTxs() || pindexTest->nHeight == 0);
3272 
3273  // Pruned nodes may have entries in setBlockIndexCandidates for
3274  // which block files have been deleted. Remove those as candidates
3275  // for the most work chain if we come across them; we can't switch
3276  // to a chain unless we have all the non-active-chain parent blocks.
3277  bool fFailedChain = pindexTest->nStatus & BLOCK_FAILED_MASK;
3278  bool fMissingData = !(pindexTest->nStatus & BLOCK_HAVE_DATA);
3279  if (fFailedChain || fMissingData) {
3280  // Candidate chain is not usable (either invalid or missing data)
3281  if (fFailedChain && (m_chainman.m_best_invalid == nullptr || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork)) {
3282  m_chainman.m_best_invalid = pindexNew;
3283  }
3284  CBlockIndex *pindexFailed = pindexNew;
3285  // Remove the entire chain from the set.
3286  while (pindexTest != pindexFailed) {
3287  if (fFailedChain) {
3288  pindexFailed->nStatus |= BLOCK_FAILED_CHILD;
3289  m_blockman.m_dirty_blockindex.insert(pindexFailed);
3290  } else if (fMissingData) {
3291  // If we're missing data, then add back to m_blocks_unlinked,
3292  // so that if the block arrives in the future we can try adding
3293  // to setBlockIndexCandidates again.
3295  std::make_pair(pindexFailed->pprev, pindexFailed));
3296  }
3297  setBlockIndexCandidates.erase(pindexFailed);
3298  pindexFailed = pindexFailed->pprev;
3299  }
3300  setBlockIndexCandidates.erase(pindexTest);
3301  fInvalidAncestor = true;
3302  break;
3303  }
3304  pindexTest = pindexTest->pprev;
3305  }
3306  if (!fInvalidAncestor)
3307  return pindexNew;
3308  } while(true);
3309 }
3310 
3313  // Note that we can't delete the current block itself, as we may need to return to it later in case a
3314  // reorganization to a better block fails.
3315  std::set<CBlockIndex*, CBlockIndexWorkComparator>::iterator it = setBlockIndexCandidates.begin();
3316  while (it != setBlockIndexCandidates.end() && setBlockIndexCandidates.value_comp()(*it, m_chain.Tip())) {
3317  setBlockIndexCandidates.erase(it++);
3318  }
3319  // Either the current tip or a successor of it we're working towards is left in setBlockIndexCandidates.
3320  assert(!setBlockIndexCandidates.empty());
3321 }
3322 
3329 bool Chainstate::ActivateBestChainStep(BlockValidationState& state, CBlockIndex* pindexMostWork, const std::shared_ptr<const CBlock>& pblock, bool& fInvalidFound, ConnectTrace& connectTrace)
3330 {
3333 
3334  const CBlockIndex* pindexOldTip = m_chain.Tip();
3335  const CBlockIndex* pindexFork = m_chain.FindFork(pindexMostWork);
3336 
3337  // Disconnect active blocks which are no longer in the best chain.
3338  bool fBlocksDisconnected = false;
3340  while (m_chain.Tip() && m_chain.Tip() != pindexFork) {
3341  if (!DisconnectTip(state, &disconnectpool)) {
3342  // This is likely a fatal error, but keep the mempool consistent,
3343  // just in case. Only remove from the mempool in this case.
3344  MaybeUpdateMempoolForReorg(disconnectpool, false);
3345 
3346  // If we're unable to disconnect a block during normal operation,
3347  // then that is a failure of our local system -- we should abort
3348  // rather than stay on a less work chain.
3349  FatalError(m_chainman.GetNotifications(), state, _("Failed to disconnect block."));
3350  return false;
3351  }
3352  fBlocksDisconnected = true;
3353  }
3354 
3355  // Build list of new blocks to connect (in descending height order).
3356  std::vector<CBlockIndex*> vpindexToConnect;
3357  bool fContinue = true;
3358  int nHeight = pindexFork ? pindexFork->nHeight : -1;
3359  while (fContinue && nHeight != pindexMostWork->nHeight) {
3360  // Don't iterate the entire list of potential improvements toward the best tip, as we likely only need
3361  // a few blocks along the way.
3362  int nTargetHeight = std::min(nHeight + 32, pindexMostWork->nHeight);
3363  vpindexToConnect.clear();
3364  vpindexToConnect.reserve(nTargetHeight - nHeight);
3365  CBlockIndex* pindexIter = pindexMostWork->GetAncestor(nTargetHeight);
3366  while (pindexIter && pindexIter->nHeight != nHeight) {
3367  vpindexToConnect.push_back(pindexIter);
3368  pindexIter = pindexIter->pprev;
3369  }
3370  nHeight = nTargetHeight;
3371 
3372  // Connect new blocks.
3373  for (CBlockIndex* pindexConnect : reverse_iterate(vpindexToConnect)) {
3374  if (!ConnectTip(state, pindexConnect, pindexConnect == pindexMostWork ? pblock : std::shared_ptr<const CBlock>(), connectTrace, disconnectpool)) {
3375  if (state.IsInvalid()) {
3376  // The block violates a consensus rule.
3378  InvalidChainFound(vpindexToConnect.front());
3379  }
3380  state = BlockValidationState();
3381  fInvalidFound = true;
3382  fContinue = false;
3383  break;
3384  } else {
3385  // A system error occurred (disk space, database error, ...).
3386  // Make the mempool consistent with the current tip, just in case
3387  // any observers try to use it before shutdown.
3388  MaybeUpdateMempoolForReorg(disconnectpool, false);
3389  return false;
3390  }
3391  } else {
3393  if (!pindexOldTip || m_chain.Tip()->nChainWork > pindexOldTip->nChainWork) {
3394  // We're in a better position than we were. Return temporarily to release the lock.
3395  fContinue = false;
3396  break;
3397  }
3398  }
3399  }
3400  }
3401 
3402  if (fBlocksDisconnected) {
3403  // If any blocks were disconnected, disconnectpool may be non empty. Add
3404  // any disconnected transactions back to the mempool.
3405  MaybeUpdateMempoolForReorg(disconnectpool, true);
3406  }
3407  if (m_mempool) m_mempool->check(this->CoinsTip(), this->m_chain.Height() + 1);
3408 
3410 
3411  return true;
3412 }
3413 
3414 static SynchronizationState GetSynchronizationState(bool init, bool blockfiles_indexed)
3415 {
3417  if (!blockfiles_indexed) return SynchronizationState::INIT_REINDEX;
3419 }
3420 
3422 {
3423  bool fNotify = false;
3424  bool fInitialBlockDownload = false;
3425  static CBlockIndex* pindexHeaderOld = nullptr;
3426  CBlockIndex* pindexHeader = nullptr;
3427  {
3428  LOCK(cs_main);
3429  pindexHeader = chainman.m_best_header;
3430 
3431  if (pindexHeader != pindexHeaderOld) {
3432  fNotify = true;
3433  fInitialBlockDownload = chainman.IsInitialBlockDownload();
3434  pindexHeaderOld = pindexHeader;
3435  }
3436  }
3437  // Send block tip changed notifications without cs_main
3438  if (fNotify) {
3439  chainman.GetNotifications().headerTip(GetSynchronizationState(fInitialBlockDownload, chainman.m_blockman.m_blockfiles_indexed), pindexHeader->nHeight, pindexHeader->nTime, false);
3440  }
3441  return fNotify;
3442 }
3443 
3446 
3447  if (signals.CallbacksPending() > 10) {
3448  signals.SyncWithValidationInterfaceQueue();
3449  }
3450 }
3451 
3452 bool Chainstate::ActivateBestChain(BlockValidationState& state, std::shared_ptr<const CBlock> pblock)
3453 {
3455 
3456  // Note that while we're often called here from ProcessNewBlock, this is
3457  // far from a guarantee. Things in the P2P/RPC will often end up calling
3458  // us in the middle of ProcessNewBlock - do not assume pblock is set
3459  // sanely for performance or correctness!
3461 
3462  // ABC maintains a fair degree of expensive-to-calculate internal state
3463  // because this function periodically releases cs_main so that it does not lock up other threads for too long
3464  // during large connects - and to allow for e.g. the callback queue to drain
3465  // we use m_chainstate_mutex to enforce mutual exclusion so that only one caller may execute this function at a time
3467 
3468  // Belt-and-suspenders check that we aren't attempting to advance the background
3469  // chainstate past the snapshot base block.
3470  if (WITH_LOCK(::cs_main, return m_disabled)) {
3471  LogPrintf("m_disabled is set - this chainstate should not be in operation. "
3472  "Please report this as a bug. %s\n", PACKAGE_BUGREPORT);
3473  return false;
3474  }
3475 
3476  CBlockIndex *pindexMostWork = nullptr;
3477  CBlockIndex *pindexNewTip = nullptr;
3478  bool exited_ibd{false};
3479  do {
3480  // Block until the validation queue drains. This should largely
3481  // never happen in normal operation, however may happen during
3482  // reindex, causing memory blowup if we run too far ahead.
3483  // Note that if a validationinterface callback ends up calling
3484  // ActivateBestChain this may lead to a deadlock! We should
3485  // probably have a DEBUG_LOCKORDER test for this in the future.
3487 
3488  {
3489  LOCK(cs_main);
3490  // Lock transaction pool for at least as long as it takes for connectTrace to be consumed
3491  LOCK(MempoolMutex());
3492  const bool was_in_ibd = m_chainman.IsInitialBlockDownload();
3493  CBlockIndex* starting_tip = m_chain.Tip();
3494  bool blocks_connected = false;
3495  do {
3496  // We absolutely may not unlock cs_main until we've made forward progress
3497  // (with the exception of shutdown due to hardware issues, low disk space, etc).
3498  ConnectTrace connectTrace; // Destructed before cs_main is unlocked
3499 
3500  if (pindexMostWork == nullptr) {
3501  pindexMostWork = FindMostWorkChain();
3502  }
3503 
3504  // Whether we have anything to do at all.
3505  if (pindexMostWork == nullptr || pindexMostWork == m_chain.Tip()) {
3506  break;
3507  }
3508 
3509  bool fInvalidFound = false;
3510  std::shared_ptr<const CBlock> nullBlockPtr;
3511  if (!ActivateBestChainStep(state, pindexMostWork, pblock && pblock->GetHash() == pindexMostWork->GetBlockHash() ? pblock : nullBlockPtr, fInvalidFound, connectTrace)) {
3512  // A system error occurred
3513  return false;
3514  }
3515  blocks_connected = true;
3516 
3517  if (fInvalidFound) {
3518  // Wipe cache, we may need another branch now.
3519  pindexMostWork = nullptr;
3520  }
3521  pindexNewTip = m_chain.Tip();
3522 
3523  for (const PerBlockConnectTrace& trace : connectTrace.GetBlocksConnected()) {
3524  assert(trace.pblock && trace.pindex);
3526  m_chainman.m_options.signals->BlockConnected(this->GetRole(), trace.pblock, trace.pindex);
3527  }
3528  }
3529 
3530  // This will have been toggled in
3531  // ActivateBestChainStep -> ConnectTip -> MaybeCompleteSnapshotValidation,
3532  // if at all, so we should catch it here.
3533  //
3534  // Break this do-while to ensure we don't advance past the base snapshot.
3535  if (m_disabled) {
3536  break;
3537  }
3538  } while (!m_chain.Tip() || (starting_tip && CBlockIndexWorkComparator()(m_chain.Tip(), starting_tip)));
3539  if (!blocks_connected) return true;
3540 
3541  const CBlockIndex* pindexFork = m_chain.FindFork(starting_tip);
3542  bool still_in_ibd = m_chainman.IsInitialBlockDownload();
3543 
3544  if (was_in_ibd && !still_in_ibd) {
3545  // Active chainstate has exited IBD.
3546  exited_ibd = true;
3547  }
3548 
3549  // Notify external listeners about the new tip.
3550  // Enqueue while holding cs_main to ensure that UpdatedBlockTip is called in the order in which blocks are connected
3551  if (this == &m_chainman.ActiveChainstate() && pindexFork != pindexNewTip) {
3552  // Notify ValidationInterface subscribers
3554  m_chainman.m_options.signals->UpdatedBlockTip(pindexNewTip, pindexFork, still_in_ibd);
3555  }
3556 
3557  // Always notify the UI if a new block tip was connected
3559  // Just breaking and returning success for now. This could
3560  // be changed to bubble up the kernel::Interrupted value to
3561  // the caller so the caller could distinguish between
3562  // completed and interrupted operations.
3563  break;
3564  }
3565  }
3566  }
3567  // When we reach this point, we switched to a new tip (stored in pindexNewTip).
3568 
3569  if (exited_ibd) {
3570  // If a background chainstate is in use, we may need to rebalance our
3571  // allocation of caches once a chainstate exits initial block download.
3572  LOCK(::cs_main);
3573  m_chainman.MaybeRebalanceCaches();
3574  }
3575 
3576  if (WITH_LOCK(::cs_main, return m_disabled)) {
3577  // Background chainstate has reached the snapshot base block, so exit.
3578 
3579  // Restart indexes to resume indexing for all blocks unique to the snapshot
3580  // chain. This resumes indexing "in order" from where the indexing on the
3581  // background validation chain left off.
3582  //
3583  // This cannot be done while holding cs_main (within
3584  // MaybeCompleteSnapshotValidation) or a cs_main deadlock will occur.
3587  }
3588  break;
3589  }
3590 
3591  // We check interrupt only after giving ActivateBestChainStep a chance to run once so that we
3592  // never interrupt before connecting the genesis block during LoadChainTip(). Previously this
3593  // caused an assert() failure during interrupt in such cases as the UTXO DB flushing checks
3594  // that the best block hash is non-null.
3595  if (m_chainman.m_interrupt) break;
3596  } while (pindexNewTip != pindexMostWork);
3597 
3599 
3600  // Write changes periodically to disk, after relay.
3601  if (!FlushStateToDisk(state, FlushStateMode::PERIODIC)) {
3602  return false;
3603  }
3604 
3605  return true;
3606 }
3607 
3608 bool Chainstate::PreciousBlock(BlockValidationState& state, CBlockIndex* pindex)
3609 {
3612  {
3613  LOCK(cs_main);
3614  if (pindex->nChainWork < m_chain.Tip()->nChainWork) {
3615  // Nothing to do, this block is not at the tip.
3616  return true;
3617  }
3619  // The chain has been extended since the last call, reset the counter.
3621  }
3623  setBlockIndexCandidates.erase(pindex);
3625  if (m_chainman.nBlockReverseSequenceId > std::numeric_limits<int32_t>::min()) {
3626  // We can't keep reducing the counter if somebody really wants to
3627  // call preciousblock 2**31-1 times on the same set of tips...
3629  }
3630  if (pindex->IsValid(BLOCK_VALID_TRANSACTIONS) && pindex->HaveNumChainTxs()) {
3631  setBlockIndexCandidates.insert(pindex);
3633  }
3634  }
3635 
3636  return ActivateBestChain(state, std::shared_ptr<const CBlock>());
3637 }
3638 
3639 bool Chainstate::InvalidateBlock(BlockValidationState& state, CBlockIndex* pindex)
3640 {
3643 
3644  // Genesis block can't be invalidated
3645  assert(pindex);
3646  if (pindex->nHeight == 0) return false;
3647 
3648  CBlockIndex* to_mark_failed = pindex;
3649  bool pindex_was_in_chain = false;
3650  int disconnected = 0;
3651 
3652  // We do not allow ActivateBestChain() to run while InvalidateBlock() is
3653  // running, as that could cause the tip to change while we disconnect
3654  // blocks.
3656 
3657  // We'll be acquiring and releasing cs_main below, to allow the validation
3658  // callbacks to run. However, we should keep the block index in a
3659  // consistent state as we disconnect blocks -- in particular we need to
3660  // add equal-work blocks to setBlockIndexCandidates as we disconnect.
3661  // To avoid walking the block index repeatedly in search of candidates,
3662  // build a map once so that we can look up candidate blocks by chain
3663  // work as we go.
3664  std::multimap<const arith_uint256, CBlockIndex *> candidate_blocks_by_work;
3665 
3666  {
3667  LOCK(cs_main);
3668  for (auto& entry : m_blockman.m_block_index) {
3669  CBlockIndex* candidate = &entry.second;
3670  // We don't need to put anything in our active chain into the
3671  // multimap, because those candidates will be found and considered
3672  // as we disconnect.
3673  // Instead, consider only non-active-chain blocks that have at
3674  // least as much work as where we expect the new tip to end up.
3675  if (!m_chain.Contains(candidate) &&
3676  !CBlockIndexWorkComparator()(candidate, pindex->pprev) &&
3677  candidate->IsValid(BLOCK_VALID_TRANSACTIONS) &&
3678  candidate->HaveNumChainTxs()) {
3679  candidate_blocks_by_work.insert(std::make_pair(candidate->nChainWork, candidate));
3680  }
3681  }
3682  }
3683 
3684  // Disconnect (descendants of) pindex, and mark them invalid.
3685  while (true) {
3686  if (m_chainman.m_interrupt) break;
3687 
3688  // Make sure the queue of validation callbacks doesn't grow unboundedly.
3690 
3691  LOCK(cs_main);
3692  // Lock for as long as disconnectpool is in scope to make sure MaybeUpdateMempoolForReorg is
3693  // called after DisconnectTip without unlocking in between
3694  LOCK(MempoolMutex());
3695  if (!m_chain.Contains(pindex)) break;
3696  pindex_was_in_chain = true;
3697  CBlockIndex *invalid_walk_tip = m_chain.Tip();
3698 
3699  // ActivateBestChain considers blocks already in m_chain
3700  // unconditionally valid already, so force disconnect away from it.
3702  bool ret = DisconnectTip(state, &disconnectpool);
3703  // DisconnectTip will add transactions to disconnectpool.
3704  // Adjust the mempool to be consistent with the new tip, adding
3705  // transactions back to the mempool if disconnecting was successful,
3706  // and we're not doing a very deep invalidation (in which case
3707  // keeping the mempool up to date is probably futile anyway).
3708  MaybeUpdateMempoolForReorg(disconnectpool, /* fAddToMempool = */ (++disconnected <= 10) && ret);
3709  if (!ret) return false;
3710  assert(invalid_walk_tip->pprev == m_chain.Tip());
3711 
3712  // We immediately mark the disconnected blocks as invalid.
3713  // This prevents a case where pruned nodes may fail to invalidateblock
3714  // and be left unable to start as they have no tip candidates (as there
3715  // are no blocks that meet the "have data and are not invalid per
3716  // nStatus" criteria for inclusion in setBlockIndexCandidates).
3717  invalid_walk_tip->nStatus |= BLOCK_FAILED_VALID;
3718  m_blockman.m_dirty_blockindex.insert(invalid_walk_tip);
3719  setBlockIndexCandidates.erase(invalid_walk_tip);
3720  setBlockIndexCandidates.insert(invalid_walk_tip->pprev);
3721  if (invalid_walk_tip->pprev == to_mark_failed && (to_mark_failed->nStatus & BLOCK_FAILED_VALID)) {
3722  // We only want to mark the last disconnected block as BLOCK_FAILED_VALID; its children
3723  // need to be BLOCK_FAILED_CHILD instead.
3724  to_mark_failed->nStatus = (to_mark_failed->nStatus ^ BLOCK_FAILED_VALID) | BLOCK_FAILED_CHILD;
3725  m_blockman.m_dirty_blockindex.insert(to_mark_failed);
3726  }
3727 
3728  // Add any equal or more work headers to setBlockIndexCandidates
3729  auto candidate_it = candidate_blocks_by_work.lower_bound(invalid_walk_tip->pprev->nChainWork);
3730  while (candidate_it != candidate_blocks_by_work.end()) {
3731  if (!CBlockIndexWorkComparator()(candidate_it->second, invalid_walk_tip->pprev)) {
3732  setBlockIndexCandidates.insert(candidate_it->second);
3733  candidate_it = candidate_blocks_by_work.erase(candidate_it);
3734  } else {
3735  ++candidate_it;
3736  }
3737  }
3738 
3739  // Track the last disconnected block, so we can correct its BLOCK_FAILED_CHILD status in future
3740  // iterations, or, if it's the last one, call InvalidChainFound on it.
3741  to_mark_failed = invalid_walk_tip;
3742  }
3743 
3745 
3746  {
3747  LOCK(cs_main);
3748  if (m_chain.Contains(to_mark_failed)) {
3749  // If the to-be-marked invalid block is in the active chain, something is interfering and we can't proceed.
3750  return false;
3751  }
3752 
3753  // Mark pindex (or the last disconnected block) as invalid, even when it never was in the main chain
3754  to_mark_failed->nStatus |= BLOCK_FAILED_VALID;
3755  m_blockman.m_dirty_blockindex.insert(to_mark_failed);
3756  setBlockIndexCandidates.erase(to_mark_failed);
3757  m_chainman.m_failed_blocks.insert(to_mark_failed);
3758 
3759  // If any new blocks somehow arrived while we were disconnecting
3760  // (above), then the pre-calculation of what should go into
3761  // setBlockIndexCandidates may have missed entries. This would
3762  // technically be an inconsistency in the block index, but if we clean
3763  // it up here, this should be an essentially unobservable error.
3764  // Loop back over all block index entries and add any missing entries
3765  // to setBlockIndexCandidates.
3766  for (auto& [_, block_index] : m_blockman.m_block_index) {
3767  if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && !setBlockIndexCandidates.value_comp()(&block_index, m_chain.Tip())) {
3768  setBlockIndexCandidates.insert(&block_index);
3769  }
3770  }
3771 
3772  InvalidChainFound(to_mark_failed);
3773  }
3774 
3775  // Only notify about a new block tip if the active chain was modified.
3776  if (pindex_was_in_chain) {
3777  // Ignoring return value for now, this could be changed to bubble up
3778  // kernel::Interrupted value to the caller so the caller could
3779  // distinguish between completed and interrupted operations. It might
3780  // also make sense for the blockTip notification to have an enum
3781  // parameter indicating the source of the tip change so hooks can
3782  // distinguish user-initiated invalidateblock changes from other
3783  // changes.
3785  }
3786  return true;
3787 }
3788 
3791 
3792  int nHeight = pindex->nHeight;
3793 
3794  // Remove the invalidity flag from this block and all its descendants.
3795  for (auto& [_, block_index] : m_blockman.m_block_index) {
3796  if (!block_index.IsValid() && block_index.GetAncestor(nHeight) == pindex) {
3797  block_index.nStatus &= ~BLOCK_FAILED_MASK;
3798  m_blockman.m_dirty_blockindex.insert(&block_index);
3799  if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && setBlockIndexCandidates.value_comp()(m_chain.Tip(), &block_index)) {
3800  setBlockIndexCandidates.insert(&block_index);
3801  }
3802  if (&block_index == m_chainman.m_best_invalid) {
3803  // Reset invalid block marker if it was pointing to one of those.
3804  m_chainman.m_best_invalid = nullptr;
3805  }
3806  m_chainman.m_failed_blocks.erase(&block_index);
3807  }
3808  }
3809 
3810  // Remove the invalidity flag from all ancestors too.
3811  while (pindex != nullptr) {
3812  if (pindex->nStatus & BLOCK_FAILED_MASK) {
3813  pindex->nStatus &= ~BLOCK_FAILED_MASK;
3814  m_blockman.m_dirty_blockindex.insert(pindex);
3815  m_chainman.m_failed_blocks.erase(pindex);
3816  }
3817  pindex = pindex->pprev;
3818  }
3819 }
3820 
3822 {
3824  // The block only is a candidate for the most-work-chain if it has the same
3825  // or more work than our current tip.
3826  if (m_chain.Tip() != nullptr && setBlockIndexCandidates.value_comp()(pindex, m_chain.Tip())) {
3827  return;
3828  }
3829 
3830  bool is_active_chainstate = this == &m_chainman.ActiveChainstate();
3831  if (is_active_chainstate) {
3832  // The active chainstate should always add entries that have more
3833  // work than the tip.
3834  setBlockIndexCandidates.insert(pindex);
3835  } else if (!m_disabled) {
3836  // For the background chainstate, we only consider connecting blocks
3837  // towards the snapshot base (which can't be nullptr or else we'll
3838  // never make progress).
3839  const CBlockIndex* snapshot_base{Assert(m_chainman.GetSnapshotBaseBlock())};
3840  if (snapshot_base->GetAncestor(pindex->nHeight) == pindex) {
3841  setBlockIndexCandidates.insert(pindex);
3842  }
3843  }
3844 }
3845 
3848 {
3850  pindexNew->nTx = block.vtx.size();
3851  // Typically nChainTx will be 0 at this point, but it can be nonzero if this
3852  // is a pruned block which is being downloaded again, or if this is an
3853  // assumeutxo snapshot block which has a hardcoded nChainTx value from the
3854  // snapshot metadata. If the pindex is not the snapshot block and the
3855  // nChainTx value is not zero, assert that value is actually correct.
3856  auto prev_tx_sum = [](CBlockIndex& block) { return block.nTx + (block.pprev ? block.pprev->nChainTx : 0); };
3857  if (!Assume(pindexNew->nChainTx == 0 || pindexNew->nChainTx == prev_tx_sum(*pindexNew) ||
3858  pindexNew == GetSnapshotBaseBlock())) {
3859  LogWarning("Internal bug detected: block %d has unexpected nChainTx %i that should be %i (%s %s). Please report this issue here: %s\n",
3860  pindexNew->nHeight, pindexNew->nChainTx, prev_tx_sum(*pindexNew), PACKAGE_NAME, FormatFullVersion(), PACKAGE_BUGREPORT);
3861  pindexNew->nChainTx = 0;
3862  }
3863  pindexNew->nFile = pos.nFile;
3864  pindexNew->nDataPos = pos.nPos;
3865  pindexNew->nUndoPos = 0;
3866  pindexNew->nStatus |= BLOCK_HAVE_DATA;
3867  if (DeploymentActiveAt(*pindexNew, *this, Consensus::DEPLOYMENT_SEGWIT)) {
3868  pindexNew->nStatus |= BLOCK_OPT_WITNESS;
3869  }
3871  m_blockman.m_dirty_blockindex.insert(pindexNew);
3872 
3873  if (pindexNew->pprev == nullptr || pindexNew->pprev->HaveNumChainTxs()) {
3874  // If pindexNew is the genesis block or all parents are BLOCK_VALID_TRANSACTIONS.
3875  std::deque<CBlockIndex*> queue;
3876  queue.push_back(pindexNew);
3877 
3878  // Recursively process any descendant blocks that now may be eligible to be connected.
3879  while (!queue.empty()) {
3880  CBlockIndex *pindex = queue.front();
3881  queue.pop_front();
3882  // Before setting nChainTx, assert that it is 0 or already set to
3883  // the correct value. This assert will fail after receiving the
3884  // assumeutxo snapshot block if assumeutxo snapshot metadata has an
3885  // incorrect hardcoded AssumeutxoData::nChainTx value.
3886  if (!Assume(pindex->nChainTx == 0 || pindex->nChainTx == prev_tx_sum(*pindex))) {
3887  LogWarning("Internal bug detected: block %d has unexpected nChainTx %i that should be %i (%s %s). Please report this issue here: %s\n",
3888  pindex->nHeight, pindex->nChainTx, prev_tx_sum(*pindex), PACKAGE_NAME, FormatFullVersion(), PACKAGE_BUGREPORT);
3889  }
3890  pindex->nChainTx = prev_tx_sum(*pindex);
3891  pindex->nSequenceId = nBlockSequenceId++;
3892  for (Chainstate *c : GetAll()) {
3893  c->TryAddBlockIndexCandidate(pindex);
3894  }
3895  std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> range = m_blockman.m_blocks_unlinked.equal_range(pindex);
3896  while (range.first != range.second) {
3897  std::multimap<CBlockIndex*, CBlockIndex*>::iterator it = range.first;
3898  queue.push_back(it->second);
3899  range.first++;
3900  m_blockman.m_blocks_unlinked.erase(it);
3901  }
3902  }
3903  } else {
3904  if (pindexNew->pprev && pindexNew->pprev->IsValid(BLOCK_VALID_TREE)) {
3905  m_blockman.m_blocks_unlinked.insert(std::make_pair(pindexNew->pprev, pindexNew));
3906  }
3907  }
3908 }
3909 
3910 static bool CheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true)
3911 {
3912  // Check proof of work matches claimed amount
3913  if (fCheckPOW && !CheckProofOfWork(block.GetHash(), block.nBits, consensusParams))
3914  return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "high-hash", "proof of work failed");
3915 
3916  return true;
3917 }
3918 
3919 static bool CheckMerkleRoot(const CBlock& block, BlockValidationState& state)
3920 {
3921  if (block.m_checked_merkle_root) return true;
3922 
3923  bool mutated;
3924  uint256 merkle_root = BlockMerkleRoot(block, &mutated);
3925  if (block.hashMerkleRoot != merkle_root) {
3926  return state.Invalid(
3928  /*reject_reason=*/"bad-txnmrklroot",
3929  /*debug_message=*/"hashMerkleRoot mismatch");
3930  }
3931 
3932  // Check for merkle tree malleability (CVE-2012-2459): repeating sequences
3933  // of transactions in a block without affecting the merkle root of a block,
3934  // while still invalidating it.
3935  if (mutated) {
3936  return state.Invalid(
3938  /*reject_reason=*/"bad-txns-duplicate",
3939  /*debug_message=*/"duplicate transaction");
3940  }
3941 
3942  block.m_checked_merkle_root = true;
3943  return true;
3944 }
3945 
3952 static bool CheckWitnessMalleation(const CBlock& block, bool expect_witness_commitment, BlockValidationState& state)
3953 {
3954  if (expect_witness_commitment) {
3955  if (block.m_checked_witness_commitment) return true;
3956 
3957  int commitpos = GetWitnessCommitmentIndex(block);
3958  if (commitpos != NO_WITNESS_COMMITMENT) {
3959  assert(!block.vtx.empty() && !block.vtx[0]->vin.empty());
3960  const auto& witness_stack{block.vtx[0]->vin[0].scriptWitness.stack};
3961 
3962  if (witness_stack.size() != 1 || witness_stack[0].size() != 32) {
3963  return state.Invalid(
3965  /*reject_reason=*/"bad-witness-nonce-size",
3966  /*debug_message=*/strprintf("%s : invalid witness reserved value size", __func__));
3967  }
3968 
3969  // The malleation check is ignored; as the transaction tree itself
3970  // already does not permit it, it is impossible to trigger in the
3971  // witness tree.
3972  uint256 hash_witness = BlockWitnessMerkleRoot(block, /*mutated=*/nullptr);
3973 
3974  CHash256().Write(hash_witness).Write(witness_stack[0]).Finalize(hash_witness);
3975  if (memcmp(hash_witness.begin(), &block.vtx[0]->vout[commitpos].scriptPubKey[6], 32)) {
3976  return state.Invalid(
3978  /*reject_reason=*/"bad-witness-merkle-match",
3979  /*debug_message=*/strprintf("%s : witness merkle commitment mismatch", __func__));
3980  }
3981 
3982  block.m_checked_witness_commitment = true;
3983  return true;
3984  }
3985  }
3986 
3987  // No witness data is allowed in blocks that don't commit to witness data, as this would otherwise leave room for spam
3988  for (const auto& tx : block.vtx) {
3989  if (tx->HasWitness()) {
3990  return state.Invalid(
3992  /*reject_reason=*/"unexpected-witness",
3993  /*debug_message=*/strprintf("%s : unexpected witness data found", __func__));
3994  }
3995  }
3996 
3997  return true;
3998 }
3999 
4000 bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
4001 {
4002  // These are checks that are independent of context.
4003 
4004  if (block.fChecked)
4005  return true;
4006 
4007  // Check that the header is valid (particularly PoW). This is mostly
4008  // redundant with the call in AcceptBlockHeader.
4009  if (!CheckBlockHeader(block, state, consensusParams, fCheckPOW))
4010  return false;
4011 
4012  // Signet only: check block solution
4013  if (consensusParams.signet_blocks && fCheckPOW && !CheckSignetBlockSolution(block, consensusParams)) {
4014  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-signet-blksig", "signet block signature validation failure");
4015  }
4016 
4017  // Check the merkle root.
4018  if (fCheckMerkleRoot && !CheckMerkleRoot(block, state)) {
4019  return false;
4020  }
4021 
4022  // All potential-corruption validation must be done before we do any
4023  // transaction validation, as otherwise we may mark the header as invalid
4024  // because we receive the wrong transactions for it.
4025  // Note that witness malleability is checked in ContextualCheckBlock, so no
4026  // checks that use witness data may be performed here.
4027 
4028  // Size limits
4030  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-length", "size limits failed");
4031 
4032  // First transaction must be coinbase, the rest must not be
4033  if (block.vtx.empty() || !block.vtx[0]->IsCoinBase())
4034  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-missing", "first tx is not coinbase");
4035  for (unsigned int i = 1; i < block.vtx.size(); i++)
4036  if (block.vtx[i]->IsCoinBase())
4037  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-multiple", "more than one coinbase");
4038 
4039  // Check transactions
4040  // Must check for duplicate inputs (see CVE-2018-17144)
4041  for (const auto& tx : block.vtx) {
4042  TxValidationState tx_state;
4043  if (!CheckTransaction(*tx, tx_state)) {
4044  // CheckBlock() does context-free validation checks. The only
4045  // possible failures are consensus failures.
4048  strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), tx_state.GetDebugMessage()));
4049  }
4050  }
4051  unsigned int nSigOps = 0;
4052  for (const auto& tx : block.vtx)
4053  {
4054  nSigOps += GetLegacySigOpCount(*tx);
4055  }
4057  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "out-of-bounds SigOpCount");
4058 
4059  if (fCheckPOW && fCheckMerkleRoot)
4060  block.fChecked = true;
4061 
4062  return true;
4063 }
4064 
4065 void ChainstateManager::UpdateUncommittedBlockStructures(CBlock& block, const CBlockIndex* pindexPrev) const
4066 {
4067  int commitpos = GetWitnessCommitmentIndex(block);
4068  static const std::vector<unsigned char> nonce(32, 0x00);
4069  if (commitpos != NO_WITNESS_COMMITMENT && DeploymentActiveAfter(pindexPrev, *this, Consensus::DEPLOYMENT_SEGWIT) && !block.vtx[0]->HasWitness()) {
4070  CMutableTransaction tx(*block.vtx[0]);
4071  tx.vin[0].scriptWitness.stack.resize(1);
4072  tx.vin[0].scriptWitness.stack[0] = nonce;
4073  block.vtx[0] = MakeTransactionRef(std::move(tx));
4074  }
4075 }
4076 
4077 std::vector<unsigned char> ChainstateManager::GenerateCoinbaseCommitment(CBlock& block, const CBlockIndex* pindexPrev) const
4078 {
4079  std::vector<unsigned char> commitment;
4080  int commitpos = GetWitnessCommitmentIndex(block);
4081  std::vector<unsigned char> ret(32, 0x00);
4082  if (commitpos == NO_WITNESS_COMMITMENT) {
4083  uint256 witnessroot = BlockWitnessMerkleRoot(block, nullptr);
4084  CHash256().Write(witnessroot).Write(ret).Finalize(witnessroot);
4085  CTxOut out;
4086  out.nValue = 0;
4087  out.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
4088  out.scriptPubKey[0] = OP_RETURN;
4089  out.scriptPubKey[1] = 0x24;
4090  out.scriptPubKey[2] = 0xaa;
4091  out.scriptPubKey[3] = 0x21;
4092  out.scriptPubKey[4] = 0xa9;
4093  out.scriptPubKey[5] = 0xed;
4094  memcpy(&out.scriptPubKey[6], witnessroot.begin(), 32);
4095  commitment = std::vector<unsigned char>(out.scriptPubKey.begin(), out.scriptPubKey.end());
4096  CMutableTransaction tx(*block.vtx[0]);
4097  tx.vout.push_back(out);
4098  block.vtx[0] = MakeTransactionRef(std::move(tx));
4099  }
4100  UpdateUncommittedBlockStructures(block, pindexPrev);
4101  return commitment;
4102 }
4103 
4104 bool HasValidProofOfWork(const std::vector<CBlockHeader>& headers, const Consensus::Params& consensusParams)
4105 {
4106  return std::all_of(headers.cbegin(), headers.cend(),
4107  [&](const auto& header) { return CheckProofOfWork(header.GetHash(), header.nBits, consensusParams);});
4108 }
4109 
4110 bool IsBlockMutated(const CBlock& block, bool check_witness_root)
4111 {
4112  BlockValidationState state;
4113  if (!CheckMerkleRoot(block, state)) {
4114  LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4115  return true;
4116  }
4117 
4118  if (block.vtx.empty() || !block.vtx[0]->IsCoinBase()) {
4119  // Consider the block mutated if any transaction is 64 bytes in size (see 3.1
4120  // in "Weaknesses in Bitcoin’s Merkle Root Construction":
4121  // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190225/a27d8837/attachment-0001.pdf).
4122  //
4123  // Note: This is not a consensus change as this only applies to blocks that
4124  // don't have a coinbase transaction and would therefore already be invalid.
4125  return std::any_of(block.vtx.begin(), block.vtx.end(),
4126  [](auto& tx) { return GetSerializeSize(TX_NO_WITNESS(tx)) == 64; });
4127  } else {
4128  // Theoretically it is still possible for a block with a 64 byte
4129  // coinbase transaction to be mutated but we neglect that possibility
4130  // here as it requires at least 224 bits of work.
4131  }
4132 
4133  if (!CheckWitnessMalleation(block, check_witness_root, state)) {
4134  LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4135  return true;
4136  }
4137 
4138  return false;
4139 }
4140 
4141 arith_uint256 CalculateClaimedHeadersWork(const std::vector<CBlockHeader>& headers)
4142 {
4143  arith_uint256 total_work{0};
4144  for (const CBlockHeader& header : headers) {
4145  CBlockIndex dummy(header);
4146  total_work += GetBlockProof(dummy);
4147  }
4148  return total_work;
4149 }
4150 
4160 static bool ContextualCheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, BlockManager& blockman, const ChainstateManager& chainman, const CBlockIndex* pindexPrev) EXCLUSIVE_LOCKS_REQUIRED(::cs_main)
4161 {
4163  assert(pindexPrev != nullptr);
4164  const int nHeight = pindexPrev->nHeight + 1;
4165 
4166  // Check proof of work
4167  const Consensus::Params& consensusParams = chainman.GetConsensus();
4168  if (block.nBits != GetNextWorkRequired(pindexPrev, &block, consensusParams))
4169  return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "bad-diffbits", "incorrect proof of work");
4170 
4171  // Check against checkpoints
4172  if (chainman.m_options.checkpoints_enabled) {
4173  // Don't accept any forks from the main chain prior to last checkpoint.
4174  // GetLastCheckpoint finds the last checkpoint in MapCheckpoints that's in our
4175  // BlockIndex().
4176  const CBlockIndex* pcheckpoint = blockman.GetLastCheckpoint(chainman.GetParams().Checkpoints());
4177  if (pcheckpoint && nHeight < pcheckpoint->nHeight) {
4178  LogPrintf("ERROR: %s: forked chain older than last checkpoint (height %d)\n", __func__, nHeight);
4179  return state.Invalid(BlockValidationResult::BLOCK_CHECKPOINT, "bad-fork-prior-to-checkpoint");
4180  }
4181  }
4182 
4183  // Check timestamp against prev
4184  if (block.GetBlockTime() <= pindexPrev->GetMedianTimePast())
4185  return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-too-old", "block's timestamp is too early");
4186 
4187  // Check timestamp
4188  if (block.Time() > NodeClock::now() + std::chrono::seconds{MAX_FUTURE_BLOCK_TIME}) {
4189  return state.Invalid(BlockValidationResult::BLOCK_TIME_FUTURE, "time-too-new", "block timestamp too far in the future");
4190  }
4191 
4192  // Reject blocks with outdated version
4193  if ((block.nVersion < 2 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB)) ||
4194  (block.nVersion < 3 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_DERSIG)) ||
4195  (block.nVersion < 4 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CLTV))) {
4196  return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, strprintf("bad-version(0x%08x)", block.nVersion),
4197  strprintf("rejected nVersion=0x%08x block", block.nVersion));
4198  }
4199 
4200  return true;
4201 }
4202 
4209 static bool ContextualCheckBlock(const CBlock& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev)
4210 {
4211  const int nHeight = pindexPrev == nullptr ? 0 : pindexPrev->nHeight + 1;
4212 
4213  // Enforce BIP113 (Median Time Past).
4214  bool enforce_locktime_median_time_past{false};
4215  if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CSV)) {
4216  assert(pindexPrev != nullptr);
4217  enforce_locktime_median_time_past = true;
4218  }
4219 
4220  const int64_t nLockTimeCutoff{enforce_locktime_median_time_past ?
4221  pindexPrev->GetMedianTimePast() :
4222  block.GetBlockTime()};
4223 
4224  // Check that all transactions are finalized
4225  for (const auto& tx : block.vtx) {
4226  if (!IsFinalTx(*tx, nHeight, nLockTimeCutoff)) {
4227  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal", "non-final transaction");
4228  }
4229  }
4230 
4231  // Enforce rule that the coinbase starts with serialized block height
4232  if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB))
4233  {
4234  CScript expect = CScript() << nHeight;
4235  if (block.vtx[0]->vin[0].scriptSig.size() < expect.size() ||
4236  !std::equal(expect.begin(), expect.end(), block.vtx[0]->vin[0].scriptSig.begin())) {
4237  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-height", "block height mismatch in coinbase");
4238  }
4239  }
4240 
4241  // Validation for witness commitments.
4242  // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the
4243  // coinbase (where 0x0000....0000 is used instead).
4244  // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness reserved value (unconstrained).
4245  // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header).
4246  // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are
4247  // {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness reserved value). In case there are
4248  // multiple, the last one is used.
4249  if (!CheckWitnessMalleation(block, DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_SEGWIT), state)) {
4250  return false;
4251  }
4252 
4253  // After the coinbase witness reserved value and commitment are verified,
4254  // we can check if the block weight passes (before we've checked the
4255  // coinbase witness, it would be possible for the weight to be too
4256  // large by filling up the coinbase witness, which doesn't change
4257  // the block hash, so we couldn't mark the block as permanently
4258  // failed).
4259  if (GetBlockWeight(block) > MAX_BLOCK_WEIGHT) {
4260  return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-weight", strprintf("%s : weight limit failed", __func__));
4261  }
4262 
4263  return true;
4264 }
4265 
4266 bool ChainstateManager::AcceptBlockHeader(const CBlockHeader& block, BlockValidationState& state, CBlockIndex** ppindex, bool min_pow_checked)
4267 {
4269 
4270  // Check for duplicate
4271  uint256 hash = block.GetHash();
4272  BlockMap::iterator miSelf{m_blockman.m_block_index.find(hash)};
4273  if (hash != GetConsensus().hashGenesisBlock) {
4274  if (miSelf != m_blockman.m_block_index.end()) {
4275  // Block header is already known.
4276  CBlockIndex* pindex = &(miSelf->second);
4277  if (ppindex)
4278  *ppindex = pindex;
4279  if (pindex->nStatus & BLOCK_FAILED_MASK) {
4280  LogPrint(BCLog::VALIDATION, "%s: block %s is marked invalid\n", __func__, hash.ToString());
4281  return state.Invalid(BlockValidationResult::BLOCK_CACHED_INVALID, "duplicate");
4282  }
4283  return true;
4284  }
4285 
4286  if (!CheckBlockHeader(block, state, GetConsensus())) {
4287  LogPrint(BCLog::VALIDATION, "%s: Consensus::CheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4288  return false;
4289  }
4290 
4291  // Get prev block index
4292  CBlockIndex* pindexPrev = nullptr;
4293  BlockMap::iterator mi{m_blockman.m_block_index.find(block.hashPrevBlock)};
4294  if (mi == m_blockman.m_block_index.end()) {
4295  LogPrint(BCLog::VALIDATION, "header %s has prev block not found: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4296  return state.Invalid(BlockValidationResult::BLOCK_MISSING_PREV, "prev-blk-not-found");
4297  }
4298  pindexPrev = &((*mi).second);
4299  if (pindexPrev->nStatus & BLOCK_FAILED_MASK) {
4300  LogPrint(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4301  return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
4302  }
4303  if (!ContextualCheckBlockHeader(block, state, m_blockman, *this, pindexPrev)) {
4304  LogPrint(BCLog::VALIDATION, "%s: Consensus::ContextualCheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4305  return false;
4306  }
4307 
4308  /* Determine if this block descends from any block which has been found
4309  * invalid (m_failed_blocks), then mark pindexPrev and any blocks between
4310  * them as failed. For example:
4311  *
4312  * D3
4313  * /
4314  * B2 - C2
4315  * / \
4316  * A D2 - E2 - F2
4317  * \
4318  * B1 - C1 - D1 - E1
4319  *
4320  * In the case that we attempted to reorg from E1 to F2, only to find
4321  * C2 to be invalid, we would mark D2, E2, and F2 as BLOCK_FAILED_CHILD
4322  * but NOT D3 (it was not in any of our candidate sets at the time).
4323  *
4324  * In any case D3 will also be marked as BLOCK_FAILED_CHILD at restart
4325  * in LoadBlockIndex.
4326  */
4327  if (!pindexPrev->IsValid(BLOCK_VALID_SCRIPTS)) {
4328  // The above does not mean "invalid": it checks if the previous block
4329  // hasn't been validated up to BLOCK_VALID_SCRIPTS. This is a performance
4330  // optimization, in the common case of adding a new block to the tip,
4331  // we don't need to iterate over the failed blocks list.
4332  for (const CBlockIndex* failedit : m_failed_blocks) {
4333  if (pindexPrev->GetAncestor(failedit->nHeight) == failedit) {
4334  assert(failedit->nStatus & BLOCK_FAILED_VALID);
4335  CBlockIndex* invalid_walk = pindexPrev;
4336  while (invalid_walk != failedit) {
4337  invalid_walk->nStatus |= BLOCK_FAILED_CHILD;
4338  m_blockman.m_dirty_blockindex.insert(invalid_walk);
4339  invalid_walk = invalid_walk->pprev;
4340  }
4341  LogPrint(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4342  return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
4343  }
4344  }
4345  }
4346  }
4347  if (!min_pow_checked) {
4348  LogPrint(BCLog::VALIDATION, "%s: not adding new block header %s, missing anti-dos proof-of-work validation\n", __func__, hash.ToString());
4349  return state.Invalid(BlockValidationResult::BLOCK_HEADER_LOW_WORK, "too-little-chainwork");
4350  }
4351  CBlockIndex* pindex{m_blockman.AddToBlockIndex(block, m_best_header)};
4352 
4353  if (ppindex)
4354  *ppindex = pindex;
4355 
4356  // Since this is the earliest point at which we have determined that a
4357  // header is both new and valid, log here.
4358  //
4359  // These messages are valuable for detecting potential selfish mining behavior;
4360  // if multiple displacing headers are seen near simultaneously across many
4361  // nodes in the network, this might be an indication of selfish mining. Having
4362  // this log by default when not in IBD ensures broad availability of this data
4363  // in case investigation is merited.
4364  const auto msg = strprintf(
4365  "Saw new header hash=%s height=%d", hash.ToString(), pindex->nHeight);
4366 
4367  if (IsInitialBlockDownload()) {
4369  } else {
4370  LogPrintf("%s\n", msg);
4371  }
4372 
4373  return true;
4374 }
4375 
4376 // Exposed wrapper for AcceptBlockHeader
4377 bool ChainstateManager::ProcessNewBlockHeaders(const std::vector<CBlockHeader>& headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex)
4378 {
4380  {
4381  LOCK(cs_main);
4382  for (const CBlockHeader& header : headers) {
4383  CBlockIndex *pindex = nullptr; // Use a temp pindex instead of ppindex to avoid a const_cast
4384  bool accepted{AcceptBlockHeader(header, state, &pindex, min_pow_checked)};
4385  CheckBlockIndex();
4386 
4387  if (!accepted) {
4388  return false;
4389  }
4390  if (ppindex) {
4391  *ppindex = pindex;
4392  }
4393  }
4394  }
4395  if (NotifyHeaderTip(*this)) {
4396  if (IsInitialBlockDownload() && ppindex && *ppindex) {
4397  const CBlockIndex& last_accepted{**ppindex};
4398  int64_t blocks_left{(NodeClock::now() - last_accepted.Time()) / GetConsensus().PowTargetSpacing()};
4399  blocks_left = std::max<int64_t>(0, blocks_left);
4400  const double progress{100.0 * last_accepted.nHeight / (last_accepted.nHeight + blocks_left)};
4401  LogInfo("Synchronizing blockheaders, height: %d (~%.2f%%)\n", last_accepted.nHeight, progress);
4402  }
4403  }
4404  return true;
4405 }
4406 
4407 void ChainstateManager::ReportHeadersPresync(const arith_uint256& work, int64_t height, int64_t timestamp)
4408 {
4410  {
4411  LOCK(cs_main);
4412  // Don't report headers presync progress if we already have a post-minchainwork header chain.
4413  // This means we lose reporting for potentially legitimate, but unlikely, deep reorgs, but
4414  // prevent attackers that spam low-work headers from filling our logs.
4415  if (m_best_header->nChainWork >= UintToArith256(GetConsensus().nMinimumChainWork)) return;
4416  // Rate limit headers presync updates to 4 per second, as these are not subject to DoS
4417  // protection.
4418  auto now = std::chrono::steady_clock::now();
4419  if (now < m_last_presync_update + std::chrono::milliseconds{250}) return;
4420  m_last_presync_update = now;
4421  }
4422  bool initial_download = IsInitialBlockDownload();
4423  GetNotifications().headerTip(GetSynchronizationState(initial_download, m_blockman.m_blockfiles_indexed), height, timestamp, /*presync=*/true);
4424  if (initial_download) {
4425  int64_t blocks_left{(NodeClock::now() - NodeSeconds{std::chrono::seconds{timestamp}}) / GetConsensus().PowTargetSpacing()};
4426  blocks_left = std::max<int64_t>(0, blocks_left);
4427  const double progress{100.0 * height / (height + blocks_left)};
4428  LogInfo("Pre-synchronizing blockheaders, height: %d (~%.2f%%)\n", height, progress);
4429  }
4430 }
4431 
4433 bool ChainstateManager::AcceptBlock(const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked)
4434 {
4435  const CBlock& block = *pblock;
4436 
4437  if (fNewBlock) *fNewBlock = false;
4439 
4440  CBlockIndex *pindexDummy = nullptr;
4441  CBlockIndex *&pindex = ppindex ? *ppindex : pindexDummy;
4442 
4443  bool accepted_header{AcceptBlockHeader(block, state, &pindex, min_pow_checked)};
4444  CheckBlockIndex();
4445 
4446  if (!accepted_header)
4447  return false;
4448 
4449  // Check all requested blocks that we do not already have for validity and
4450  // save them to disk. Skip processing of unrequested blocks as an anti-DoS
4451  // measure, unless the blocks have more work than the active chain tip, and
4452  // aren't too far ahead of it, so are likely to be attached soon.
4453  bool fAlreadyHave = pindex->nStatus & BLOCK_HAVE_DATA;
4454  bool fHasMoreOrSameWork = (ActiveTip() ? pindex->nChainWork >= ActiveTip()->nChainWork : true);
4455  // Blocks that are too out-of-order needlessly limit the effectiveness of
4456  // pruning, because pruning will not delete block files that contain any
4457  // blocks which are too close in height to the tip. Apply this test
4458  // regardless of whether pruning is enabled; it should generally be safe to
4459  // not process unrequested blocks.
4460  bool fTooFarAhead{pindex->nHeight > ActiveHeight() + int(MIN_BLOCKS_TO_KEEP)};
4461 
4462  // TODO: Decouple this function from the block download logic by removing fRequested
4463  // This requires some new chain data structure to efficiently look up if a
4464  // block is in a chain leading to a candidate for best tip, despite not
4465  // being such a candidate itself.
4466  // Note that this would break the getblockfrompeer RPC
4467 
4468  // TODO: deal better with return value and error conditions for duplicate
4469  // and unrequested blocks.
4470  if (fAlreadyHave) return true;
4471  if (!fRequested) { // If we didn't ask for it:
4472  if (pindex->nTx != 0) return true; // This is a previously-processed block that was pruned
4473  if (!fHasMoreOrSameWork) return true; // Don't process less-work chains
4474  if (fTooFarAhead) return true; // Block height is too high
4475 
4476  // Protect against DoS attacks from low-work chains.
4477  // If our tip is behind, a peer could try to send us
4478  // low-work blocks on a fake chain that we would never
4479  // request; don't process these.
4480  if (pindex->nChainWork < MinimumChainWork()) return true;
4481  }
4482 
4483  const CChainParams& params{GetParams()};
4484 
4485  if (!CheckBlock(block, state, params.GetConsensus()) ||
4486  !ContextualCheckBlock(block, state, *this, pindex->pprev)) {
4487  if (state.IsInvalid() && state.GetResult() != BlockValidationResult::BLOCK_MUTATED) {
4488  pindex->nStatus |= BLOCK_FAILED_VALID;
4489  m_blockman.m_dirty_blockindex.insert(pindex);
4490  }
4491  LogError("%s: %s\n", __func__, state.ToString());
4492  return false;
4493  }
4494 
4495  // Header is valid/has work, merkle tree and segwit merkle tree are good...RELAY NOW
4496  // (but if it does not build on our best tip, let the SendMessages loop relay it)
4497  if (!IsInitialBlockDownload() && ActiveTip() == pindex->pprev && m_options.signals) {
4498  m_options.signals->NewPoWValidBlock(pindex, pblock);
4499  }
4500 
4501  // Write block to history file
4502  if (fNewBlock) *fNewBlock = true;
4503  try {
4504  FlatFilePos blockPos{};
4505  if (dbp) {
4506  blockPos = *dbp;
4507  m_blockman.UpdateBlockInfo(block, pindex->nHeight, blockPos);
4508  } else {
4509  blockPos = m_blockman.SaveBlockToDisk(block, pindex->nHeight);
4510  if (blockPos.IsNull()) {
4511  state.Error(strprintf("%s: Failed to find position to write new block to disk", __func__));
4512  return false;
4513  }
4514  }
4515  ReceivedBlockTransactions(block, pindex, blockPos);
4516  } catch (const std::runtime_error& e) {
4517  return FatalError(GetNotifications(), state, strprintf(_("System error while saving block to disk: %s"), e.what()));
4518  }
4519 
4520  // TODO: FlushStateToDisk() handles flushing of both block and chainstate
4521  // data, so we should move this to ChainstateManager so that we can be more
4522  // intelligent about how we flush.
4523  // For now, since FlushStateMode::NONE is used, all that can happen is that
4524  // the block files may be pruned, so we can just call this on one
4525  // chainstate (particularly if we haven't implemented pruning with
4526  // background validation yet).
4527  ActiveChainstate().FlushStateToDisk(state, FlushStateMode::NONE);
4528 
4529  CheckBlockIndex();
4530 
4531  return true;
4532 }
4533 
4534 bool ChainstateManager::ProcessNewBlock(const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block)
4535 {
4537 
4538  {
4539  CBlockIndex *pindex = nullptr;
4540  if (new_block) *new_block = false;
4541  BlockValidationState state;
4542 
4543  // CheckBlock() does not support multi-threaded block validation because CBlock::fChecked can cause data race.
4544  // Therefore, the following critical section must include the CheckBlock() call as well.
4545  LOCK(cs_main);
4546 
4547  // Skipping AcceptBlock() for CheckBlock() failures means that we will never mark a block as invalid if
4548  // CheckBlock() fails. This is protective against consensus failure if there are any unknown forms of block
4549  // malleability that cause CheckBlock() to fail; see e.g. CVE-2012-2459 and
4550  // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html. Because CheckBlock() is
4551  // not very expensive, the anti-DoS benefits of caching failure (of a definitely-invalid block) are not substantial.
4552  bool ret = CheckBlock(*block, state, GetConsensus());
4553  if (ret) {
4554  // Store to disk
4555  ret = AcceptBlock(block, state, &pindex, force_processing, nullptr, new_block, min_pow_checked);
4556  }
4557  if (!ret) {
4558  if (m_options.signals) {
4559  m_options.signals->BlockChecked(*block, state);
4560  }
4561  LogError("%s: AcceptBlock FAILED (%s)\n", __func__, state.ToString());
4562  return false;
4563  }
4564  }
4565 
4566  NotifyHeaderTip(*this);
4567 
4568  BlockValidationState state; // Only used to report errors, not invalidity - ignore it
4569  if (!ActiveChainstate().ActivateBestChain(state, block)) {
4570  LogError("%s: ActivateBestChain failed (%s)\n", __func__, state.ToString());
4571  return false;
4572  }
4573 
4574  Chainstate* bg_chain{WITH_LOCK(cs_main, return BackgroundSyncInProgress() ? m_ibd_chainstate.get() : nullptr)};
4575  BlockValidationState bg_state;
4576  if (bg_chain && !bg_chain->ActivateBestChain(bg_state, block)) {
4577  LogError("%s: [background] ActivateBestChain failed (%s)\n", __func__, bg_state.ToString());
4578  return false;
4579  }
4580 
4581  return true;
4582 }
4583 
4585 {
4587  Chainstate& active_chainstate = ActiveChainstate();
4588  if (!active_chainstate.GetMempool()) {
4589  TxValidationState state;
4590  state.Invalid(TxValidationResult::TX_NO_MEMPOOL, "no-mempool");
4591  return MempoolAcceptResult::Failure(state);
4592  }
4593  auto result = AcceptToMemoryPool(active_chainstate, tx, GetTime(), /*bypass_limits=*/ false, test_accept);
4594  active_chainstate.GetMempool()->check(active_chainstate.CoinsTip(), active_chainstate.m_chain.Height() + 1);
4595  return result;
4596 }
4597 
4599  const CChainParams& chainparams,
4600  Chainstate& chainstate,
4601  const CBlock& block,
4602  CBlockIndex* pindexPrev,
4603  bool fCheckPOW,
4604  bool fCheckMerkleRoot)
4605 {
4607  assert(pindexPrev && pindexPrev == chainstate.m_chain.Tip());
4608  CCoinsViewCache viewNew(&chainstate.CoinsTip());
4609  uint256 block_hash(block.GetHash());
4610  CBlockIndex indexDummy(block);
4611  indexDummy.pprev = pindexPrev;
4612  indexDummy.nHeight = pindexPrev->nHeight + 1;
4613  indexDummy.phashBlock = &block_hash;
4614 
4615  // NOTE: CheckBlockHeader is called by CheckBlock
4616  if (!ContextualCheckBlockHeader(block, state, chainstate.m_blockman, chainstate.m_chainman, pindexPrev)) {
4617  LogError("%s: Consensus::ContextualCheckBlockHeader: %s\n", __func__, state.ToString());
4618  return false;
4619  }
4620  if (!CheckBlock(block, state, chainparams.GetConsensus(), fCheckPOW, fCheckMerkleRoot)) {
4621  LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
4622  return false;
4623  }
4624  if (!ContextualCheckBlock(block, state, chainstate.m_chainman, pindexPrev)) {
4625  LogError("%s: Consensus::ContextualCheckBlock: %s\n", __func__, state.ToString());
4626  return false;
4627  }
4628  if (!chainstate.ConnectBlock(block, state, &indexDummy, viewNew, true)) {
4629  return false;
4630  }
4631  assert(state.IsValid());
4632 
4633  return true;
4634 }
4635 
4636 /* This function is called from the RPC code for pruneblockchain */
4637 void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight)
4638 {
4639  BlockValidationState state;
4640  if (!active_chainstate.FlushStateToDisk(
4641  state, FlushStateMode::NONE, nManualPruneHeight)) {
4642  LogPrintf("%s: failed to flush state (%s)\n", __func__, state.ToString());
4643  }
4644 }
4645 
4647 {
4649  const CCoinsViewCache& coins_cache = CoinsTip();
4650  assert(!coins_cache.GetBestBlock().IsNull()); // Never called when the coins view is empty
4651  const CBlockIndex* tip = m_chain.Tip();
4652 
4653  if (tip && tip->GetBlockHash() == coins_cache.GetBestBlock()) {
4654  return true;
4655  }
4656 
4657  // Load pointer to end of best chain
4658  CBlockIndex* pindex = m_blockman.LookupBlockIndex(coins_cache.GetBestBlock());
4659  if (!pindex) {
4660  return false;
4661  }
4662  m_chain.SetTip(*pindex);
4664 
4665  tip = m_chain.Tip();
4666  LogPrintf("Loaded best chain: hashBestChain=%s height=%d date=%s progress=%f\n",
4667  tip->GetBlockHash().ToString(),
4668  m_chain.Height(),
4671  return true;
4672 }
4673 
4675  : m_notifications{notifications}
4676 {
4677  m_notifications.progress(_("Verifying blocks…"), 0, false);
4678 }
4679 
4681 {
4682  m_notifications.progress(bilingual_str{}, 100, false);
4683 }
4684 
4686  Chainstate& chainstate,
4687  const Consensus::Params& consensus_params,
4688  CCoinsView& coinsview,
4689  int nCheckLevel, int nCheckDepth)
4690 {
4692 
4693  if (chainstate.m_chain.Tip() == nullptr || chainstate.m_chain.Tip()->pprev == nullptr) {
4694  return VerifyDBResult::SUCCESS;
4695  }
4696 
4697  // Verify blocks in the best chain
4698  if (nCheckDepth <= 0 || nCheckDepth > chainstate.m_chain.Height()) {
4699  nCheckDepth = chainstate.m_chain.Height();
4700  }
4701  nCheckLevel = std::max(0, std::min(4, nCheckLevel));
4702  LogPrintf("Verifying last %i blocks at level %i\n", nCheckDepth, nCheckLevel);
4703  CCoinsViewCache coins(&coinsview);
4704  CBlockIndex* pindex;
4705  CBlockIndex* pindexFailure = nullptr;
4706  int nGoodTransactions = 0;
4707  BlockValidationState state;
4708  int reportDone = 0;
4709  bool skipped_no_block_data{false};
4710  bool skipped_l3_checks{false};
4711  LogPrintf("Verification progress: 0%%\n");
4712 
4713  const bool is_snapshot_cs{chainstate.m_from_snapshot_blockhash};
4714 
4715  for (pindex = chainstate.m_chain.Tip(); pindex && pindex->pprev; pindex = pindex->pprev) {
4716  const int percentageDone = std::max(1, std::min(99, (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * (nCheckLevel >= 4 ? 50 : 100))));
4717  if (reportDone < percentageDone / 10) {
4718  // report every 10% step
4719  LogPrintf("Verification progress: %d%%\n", percentageDone);
4720  reportDone = percentageDone / 10;
4721  }
4722  m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4723  if (pindex->nHeight <= chainstate.m_chain.Height() - nCheckDepth) {
4724  break;
4725  }
4726  if ((chainstate.m_blockman.IsPruneMode() || is_snapshot_cs) && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
4727  // If pruning or running under an assumeutxo snapshot, only go
4728  // back as far as we have data.
4729  LogPrintf("VerifyDB(): block verification stopping at height %d (no data). This could be due to pruning or use of an assumeutxo snapshot.\n", pindex->nHeight);
4730  skipped_no_block_data = true;
4731  break;
4732  }
4733  CBlock block;
4734  // check level 0: read from disk
4735  if (!chainstate.m_blockman.ReadBlockFromDisk(block, *pindex)) {
4736  LogPrintf("Verification error: ReadBlockFromDisk failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4738  }
4739  // check level 1: verify block validity
4740  if (nCheckLevel >= 1 && !CheckBlock(block, state, consensus_params)) {
4741  LogPrintf("Verification error: found bad block at %d, hash=%s (%s)\n",
4742  pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4744  }
4745  // check level 2: verify undo validity
4746  if (nCheckLevel >= 2 && pindex) {
4747  CBlockUndo undo;
4748  if (!pindex->GetUndoPos().IsNull()) {
4749  if (!chainstate.m_blockman.UndoReadFromDisk(undo, *pindex)) {
4750  LogPrintf("Verification error: found bad undo data at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4752  }
4753  }
4754  }
4755  // check level 3: check for inconsistencies during memory-only disconnect of tip blocks
4756  size_t curr_coins_usage = coins.DynamicMemoryUsage() + chainstate.CoinsTip().DynamicMemoryUsage();
4757 
4758  if (nCheckLevel >= 3) {
4759  if (curr_coins_usage <= chainstate.m_coinstip_cache_size_bytes) {
4760  assert(coins.GetBestBlock() == pindex->GetBlockHash());
4761  DisconnectResult res = chainstate.DisconnectBlock(block, pindex, coins);
4762  if (res == DISCONNECT_FAILED) {
4763  LogPrintf("Verification error: irrecoverable inconsistency in block data at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4765  }
4766  if (res == DISCONNECT_UNCLEAN) {
4767  nGoodTransactions = 0;
4768  pindexFailure = pindex;
4769  } else {
4770  nGoodTransactions += block.vtx.size();
4771  }
4772  } else {
4773  skipped_l3_checks = true;
4774  }
4775  }
4776  if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4777  }
4778  if (pindexFailure) {
4779  LogPrintf("Verification error: coin database inconsistencies found (last %i blocks, %i good transactions before that)\n", chainstate.m_chain.Height() - pindexFailure->nHeight + 1, nGoodTransactions);
4781  }
4782  if (skipped_l3_checks) {
4783  LogPrintf("Skipped verification of level >=3 (insufficient database cache size). Consider increasing -dbcache.\n");
4784  }
4785 
4786  // store block count as we move pindex at check level >= 4
4787  int block_count = chainstate.m_chain.Height() - pindex->nHeight;
4788 
4789  // check level 4: try reconnecting blocks
4790  if (nCheckLevel >= 4 && !skipped_l3_checks) {
4791  while (pindex != chainstate.m_chain.Tip()) {
4792  const int percentageDone = std::max(1, std::min(99, 100 - (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * 50)));
4793  if (reportDone < percentageDone / 10) {
4794  // report every 10% step
4795  LogPrintf("Verification progress: %d%%\n", percentageDone);
4796  reportDone = percentageDone / 10;
4797  }
4798  m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4799  pindex = chainstate.m_chain.Next(pindex);
4800  CBlock block;
4801  if (!chainstate.m_blockman.ReadBlockFromDisk(block, *pindex)) {
4802  LogPrintf("Verification error: ReadBlockFromDisk failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4804  }
4805  if (!chainstate.ConnectBlock(block, state, pindex, coins)) {
4806  LogPrintf("Verification error: found unconnectable block at %d, hash=%s (%s)\n", pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4808  }
4809  if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4810  }
4811  }
4812 
4813  LogPrintf("Verification: No coin database inconsistencies in last %i blocks (%i transactions)\n", block_count, nGoodTransactions);
4814 
4815  if (skipped_l3_checks) {
4817  }
4818  if (skipped_no_block_data) {
4820  }
4821  return VerifyDBResult::SUCCESS;
4822 }
4823 
4826 {
4828  // TODO: merge with ConnectBlock
4829  CBlock block;
4830  if (!m_blockman.ReadBlockFromDisk(block, *pindex)) {
4831  LogError("ReplayBlock(): ReadBlockFromDisk failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4832  return false;
4833  }
4834 
4835  for (const CTransactionRef& tx : block.vtx) {
4836  if (!tx->IsCoinBase()) {
4837  for (const CTxIn &txin : tx->vin) {
4838  inputs.SpendCoin(txin.prevout);
4839  }
4840  }
4841  // Pass check = true as every addition may be an overwrite.
4842  AddCoins(inputs, *tx, pindex->nHeight, true);
4843  }
4844  return true;
4845 }
4846 
4848 {
4849  LOCK(cs_main);
4850 
4851  CCoinsView& db = this->CoinsDB();
4852  CCoinsViewCache cache(&db);
4853 
4854  std::vector<uint256> hashHeads = db.GetHeadBlocks();
4855  if (hashHeads.empty()) return true; // We're already in a consistent state.
4856  if (hashHeads.size() != 2) {
4857  LogError("ReplayBlocks(): unknown inconsistent state\n");
4858  return false;
4859  }
4860 
4861  m_chainman.GetNotifications().progress(_("Replaying blocks…"), 0, false);
4862  LogPrintf("Replaying blocks\n");
4863 
4864  const CBlockIndex* pindexOld = nullptr; // Old tip during the interrupted flush.
4865  const CBlockIndex* pindexNew; // New tip during the interrupted flush.
4866  const CBlockIndex* pindexFork = nullptr; // Latest block common to both the old and the new tip.
4867 
4868  if (m_blockman.m_block_index.count(hashHeads[0]) == 0) {
4869  LogError("ReplayBlocks(): reorganization to unknown block requested\n");
4870  return false;
4871  }
4872  pindexNew = &(m_blockman.m_block_index[hashHeads[0]]);
4873 
4874  if (!hashHeads[1].IsNull()) { // The old tip is allowed to be 0, indicating it's the first flush.
4875  if (m_blockman.m_block_index.count(hashHeads[1]) == 0) {
4876  LogError("ReplayBlocks(): reorganization from unknown block requested\n");
4877  return false;
4878  }
4879  pindexOld = &(m_blockman.m_block_index[hashHeads[1]]);
4880  pindexFork = LastCommonAncestor(pindexOld, pindexNew);
4881  assert(pindexFork != nullptr);
4882  }
4883 
4884  // Rollback along the old branch.
4885  while (pindexOld != pindexFork) {
4886  if (pindexOld->nHeight > 0) { // Never disconnect the genesis block.
4887  CBlock block;
4888  if (!m_blockman.ReadBlockFromDisk(block, *pindexOld)) {
4889  LogError("RollbackBlock(): ReadBlockFromDisk() failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4890  return false;
4891  }
4892  LogPrintf("Rolling back %s (%i)\n", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight);
4893  DisconnectResult res = DisconnectBlock(block, pindexOld, cache);
4894  if (res == DISCONNECT_FAILED) {
4895  LogError("RollbackBlock(): DisconnectBlock failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4896  return false;
4897  }
4898  // If DISCONNECT_UNCLEAN is returned, it means a non-existing UTXO was deleted, or an existing UTXO was
4899  // overwritten. It corresponds to cases where the block-to-be-disconnect never had all its operations
4900  // applied to the UTXO set. However, as both writing a UTXO and deleting a UTXO are idempotent operations,
4901  // the result is still a version of the UTXO set with the effects of that block undone.
4902  }
4903  pindexOld = pindexOld->pprev;
4904  }
4905 
4906  // Roll forward from the forking point to the new tip.
4907  int nForkHeight = pindexFork ? pindexFork->nHeight : 0;
4908  for (int nHeight = nForkHeight + 1; nHeight <= pindexNew->nHeight; ++nHeight) {
4909  const CBlockIndex& pindex{*Assert(pindexNew->GetAncestor(nHeight))};
4910 
4911  LogPrintf("Rolling forward %s (%i)\n", pindex.GetBlockHash().ToString(), nHeight);
4912  m_chainman.GetNotifications().progress(_("Replaying blocks…"), (int)((nHeight - nForkHeight) * 100.0 / (pindexNew->nHeight - nForkHeight)), false);
4913  if (!RollforwardBlock(&pindex, cache)) return false;
4914  }
4915 
4916  cache.SetBestBlock(pindexNew->GetBlockHash());
4917  cache.Flush();
4919  return true;
4920 }
4921 
4923 {
4925 
4926  // At and above m_params.SegwitHeight, segwit consensus rules must be validated
4927  CBlockIndex* block{m_chain.Tip()};
4928 
4929  while (block != nullptr && DeploymentActiveAt(*block, m_chainman, Consensus::DEPLOYMENT_SEGWIT)) {
4930  if (!(block->nStatus & BLOCK_OPT_WITNESS)) {
4931  // block is insufficiently validated for a segwit client
4932  return true;
4933  }
4934  block = block->pprev;
4935  }
4936 
4937  return false;
4938 }
4939 
4940 void Chainstate::ClearBlockIndexCandidates()
4941 {
4943  setBlockIndexCandidates.clear();
4944 }
4945 
4947 {
4949  // Load block index from databases
4951  bool ret{m_blockman.LoadBlockIndexDB(SnapshotBlockhash())};
4952  if (!ret) return false;
4953 
4954  m_blockman.ScanAndUnlinkAlreadyPrunedFiles();
4955 
4956  std::vector<CBlockIndex*> vSortedByHeight{m_blockman.GetAllBlockIndices()};
4957  std::sort(vSortedByHeight.begin(), vSortedByHeight.end(),
4959 
4960  for (CBlockIndex* pindex : vSortedByHeight) {
4961  if (m_interrupt) return false;
4962  // If we have an assumeutxo-based chainstate, then the snapshot
4963  // block will be a candidate for the tip, but it may not be
4964  // VALID_TRANSACTIONS (eg if we haven't yet downloaded the block),
4965  // so we special-case the snapshot block as a potential candidate
4966  // here.
4967  if (pindex == GetSnapshotBaseBlock() ||
4968  (pindex->IsValid(BLOCK_VALID_TRANSACTIONS) &&
4969  (pindex->HaveNumChainTxs() || pindex->pprev == nullptr))) {
4970 
4971  for (Chainstate* chainstate : GetAll()) {
4972  chainstate->TryAddBlockIndexCandidate(pindex);
4973  }
4974  }
4975  if (pindex->nStatus & BLOCK_FAILED_MASK && (!m_best_invalid || pindex->nChainWork > m_best_invalid->nChainWork)) {
4976  m_best_invalid = pindex;
4977  }
4978  if (pindex->IsValid(BLOCK_VALID_TREE) && (m_best_header == nullptr || CBlockIndexWorkComparator()(m_best_header, pindex)))
4979  m_best_header = pindex;
4980  }
4981  }
4982  return true;
4983 }
4984 
4986 {
4987  LOCK(cs_main);
4988 
4989  const CChainParams& params{m_chainman.GetParams()};
4990 
4991  // Check whether we're already initialized by checking for genesis in
4992  // m_blockman.m_block_index. Note that we can't use m_chain here, since it is
4993  // set based on the coins db, not the block index db, which is the only
4994  // thing loaded at this point.
4995  if (m_blockman.m_block_index.count(params.GenesisBlock().GetHash()))
4996  return true;
4997 
4998  try {
4999  const CBlock& block = params.GenesisBlock();
5000  FlatFilePos blockPos{m_blockman.SaveBlockToDisk(block, 0)};
5001  if (blockPos.IsNull()) {
5002  LogError("%s: writing genesis block to disk failed\n", __func__);
5003  return false;
5004  }
5005  CBlockIndex* pindex = m_blockman.AddToBlockIndex(block, m_chainman.m_best_header);
5006  m_chainman.ReceivedBlockTransactions(block, pindex, blockPos);
5007  } catch (const std::runtime_error& e) {
5008  LogError("%s: failed to write genesis block: %s\n", __func__, e.what());
5009  return false;
5010  }
5011 
5012  return true;
5013 }
5014 
5016  AutoFile& file_in,
5017  FlatFilePos* dbp,
5018  std::multimap<uint256, FlatFilePos>* blocks_with_unknown_parent)
5019 {
5020  // Either both should be specified (-reindex), or neither (-loadblock).
5021  assert(!dbp == !blocks_with_unknown_parent);
5022 
5023  const auto start{SteadyClock::now()};
5024  const CChainParams& params{GetParams()};
5025 
5026  int nLoaded = 0;
5027  try {
5029  // nRewind indicates where to resume scanning in case something goes wrong,
5030  // such as a block fails to deserialize.
5031  uint64_t nRewind = blkdat.GetPos();
5032  while (!blkdat.eof()) {
5033  if (m_interrupt) return;
5034 
5035  blkdat.SetPos(nRewind);
5036  nRewind++; // start one byte further next time, in case of failure
5037  blkdat.SetLimit(); // remove former limit
5038  unsigned int nSize = 0;
5039  try {
5040  // locate a header
5041  MessageStartChars buf;
5042  blkdat.FindByte(std::byte(params.MessageStart()[0]));
5043  nRewind = blkdat.GetPos() + 1;
5044  blkdat >> buf;
5045  if (buf != params.MessageStart()) {
5046  continue;
5047  }
5048  // read size
5049  blkdat >> nSize;
5050  if (nSize < 80 || nSize > MAX_BLOCK_SERIALIZED_SIZE)
5051  continue;
5052  } catch (const std::exception&) {
5053  // no valid block header found; don't complain
5054  // (this happens at the end of every blk.dat file)
5055  break;
5056  }
5057  try {
5058  // read block header
5059  const uint64_t nBlockPos{blkdat.GetPos()};
5060  if (dbp)
5061  dbp->nPos = nBlockPos;
5062  blkdat.SetLimit(nBlockPos + nSize);
5063  CBlockHeader header;
5064  blkdat >> header;
5065  const uint256 hash{header.GetHash()};
5066  // Skip the rest of this block (this may read from disk into memory); position to the marker before the
5067  // next block, but it's still possible to rewind to the start of the current block (without a disk read).
5068  nRewind = nBlockPos + nSize;
5069  blkdat.SkipTo(nRewind);
5070 
5071  std::shared_ptr<CBlock> pblock{}; // needs to remain available after the cs_main lock is released to avoid duplicate reads from disk
5072 
5073  {
5074  LOCK(cs_main);
5075  // detect out of order blocks, and store them for later
5076  if (hash != params.GetConsensus().hashGenesisBlock && !m_blockman.LookupBlockIndex(header.hashPrevBlock)) {
5077  LogPrint(BCLog::REINDEX, "%s: Out of order block %s, parent %s not known\n", __func__, hash.ToString(),
5078  header.hashPrevBlock.ToString());
5079  if (dbp && blocks_with_unknown_parent) {
5080  blocks_with_unknown_parent->emplace(header.hashPrevBlock, *dbp);
5081  }
5082  continue;
5083  }
5084 
5085  // process in case the block isn't known yet
5086  const CBlockIndex* pindex = m_blockman.LookupBlockIndex(hash);
5087  if (!pindex || (pindex->nStatus & BLOCK_HAVE_DATA) == 0) {
5088  // This block can be processed immediately; rewind to its start, read and deserialize it.
5089  blkdat.SetPos(nBlockPos);
5090  pblock = std::make_shared<CBlock>();
5091  blkdat >> TX_WITH_WITNESS(*pblock);
5092  nRewind = blkdat.GetPos();
5093 
5094  BlockValidationState state;
5095  if (AcceptBlock(pblock, state, nullptr, true, dbp, nullptr, true)) {
5096