def handshake(self, alice_handshake):
"""Check that the proposed coinswap parameters
are acceptable.
"""
self.set_handshake_parameters()
self.bbmb = self.wallet.get_balance_by_mixdepth(verbose=False)
try:
d = alice_handshake[3]
if d["coinswapcs_version"] != cs_single().CSCS_VERSION:
return (False, "wrong CoinSwapCS version, was: " + \
str(d["coinswapcs_version"]) + ", should be: " + \
str(cs_single().CSCS_VERSION))
#Allow client to decide how long to wait, but within our range:
tx01min, tx01max = [int(x) for x in cs_single().config.get(
"SERVER", "tx01_confirm_range").split(",")]
if not isinstance(d["tx01_confirm_wait"], int):
return (False, "Invalid type confirm wait type (should be int)")
if d["tx01_confirm_wait"] < tx01min or d["tx01_confirm_wait"] > tx01max:
return (False, "Mismatched tx01_confirm_wait, was: " + str(
d["tx01_confirm_wait"]))
self.coinswap_parameters.set_tx01_confirm_wait(d["tx01_confirm_wait"])
self.sm.reset_timeouts([5, 6], cs_single().one_confirm_timeout * d[
"tx01_confirm_wait"])
if not "key_session" in d:
#TODO validate that it's a real pubkey
return (False, "no session key from Alice")
if d["source_chain"] != self.source_chain:
return (False, "source chain was wrong: " + d["source_chain"])
if d["destination_chain"] != self.destination_chain:
return (False, "destination chain was wrong: " + d[
"destination_chain"])
if not isinstance(d["amount"], int):
return (False, "Invalid amount type (should be int)")
if d["amount"] < self.minimum_amount:
return (False, "Requested amount too small: " + str(d["amount"]))
if d["amount"] > self.maximum_amount:
return (False, "Requested amount too large: " + str(d["amount"]))
self.coinswap_parameters.set_base_amount(d["amount"])
if not isinstance(d["bitcoin_fee"], int):
return (False, "Invalid type for bitcoin fee, should be int.")
if d["bitcoin_fee"] < estimate_tx_fee((1, 2, 2), 1,
txtype='p2shMofN')/2.0:
return (False, "Suggested bitcoin transaction fee is too low.")
if d["bitcoin_fee"] > estimate_tx_fee((1, 2, 2), 1,
txtype='p2shMofN')*2.0:
return (False, "Suggested bitcoin transaction fee is too high.")
self.coinswap_parameters.set_bitcoin_fee(d["bitcoin_fee"])
#set the session pubkey for authorising future requests
self.coinswap_parameters.set_pubkey("key_session", d["key_session"])
except Exception as e:
return (False,
"Error parsing handshake from counterparty, ignoring: " + \
repr(e))
return (self.coinswap_parameters.session_id,
"Handshake parameters from Alice accepted")
def make_sign_and_push(ins_full,
wallet,
amount,
output_addr=None,
change_addr=None,
hashcode=btc.SIGHASH_ALL,
estimate_fee = False):
"""Utility function for easily building transactions
from wallets
"""
total = sum(x['value'] for x in ins_full.values())
ins = list(ins_full.keys())
#random output address and change addr
output_addr = wallet.get_new_addr(1, 1) if not output_addr else output_addr
change_addr = wallet.get_new_addr(1, 0) if not change_addr else change_addr
fee_est = estimate_tx_fee(len(ins), 2) if estimate_fee else 10000
outs = [{'value': amount,
'address': output_addr}, {'value': total - amount - fee_est,
'address': change_addr}]
de_tx = btc.deserialize(btc.mktx(ins, outs))
scripts = {}
for index, ins in enumerate(de_tx['ins']):
utxo = ins['outpoint']['hash'] + ':' + str(ins['outpoint']['index'])
script = wallet.addr_to_script(ins_full[utxo]['address'])
scripts[index] = (script, ins_full[utxo]['value'])
binarize_tx(de_tx)
de_tx = wallet.sign_tx(de_tx, scripts, hashcode=hashcode)
#pushtx returns False on any error
tx = binascii.hexlify(btc.serialize(de_tx)).decode('ascii')
push_succeed = jm_single().bc_interface.pushtx(tx)
if push_succeed:
return btc.txhash(tx)
else:
return False
def sign(utxo, priv, destaddrs, utxo_address_type):
"""Sign a tx sending the amount amt, from utxo utxo,
equally to each of addresses in list destaddrs,
after fees; the purpose is to create multiple utxos.
utxo_address_type must be one of p2sh-p2wpkh/p2wpkh/p2pkh.
"""
results = validate_utxo_data([(utxo, priv)], retrieve=True,
utxo_address_type=utxo_address_type)
if not results:
return False
assert results[0][0] == utxo
amt = results[0][1]
ins = [utxo]
estfee = estimate_tx_fee(1, len(destaddrs), txtype=utxo_address_type)
outs = []
share = int((amt - estfee) / len(destaddrs))
fee = amt - share*len(destaddrs)
assert fee >= estfee
log.info("Using fee: " + str(fee))
for i, addr in enumerate(destaddrs):
outs.append({'address': addr, 'value': share})
tx = btc.make_shuffled_tx(ins, outs, version=2, locktime=compute_tx_locktime())
amtforsign = amt if utxo_address_type != "p2pkh" else None
rawpriv, _ = BTCEngine.wif_to_privkey(priv)
if utxo_address_type == "p2wpkh":
native = utxo_address_type
else:
native = False
success, msg = btc.sign(tx, 0, rawpriv, amount=amtforsign, native=native)
assert success, msg
return tx
def sign(utxo, priv, destaddrs, segwit=True):
"""Sign a tx sending the amount amt, from utxo utxo,
equally to each of addresses in list destaddrs,
after fees; the purpose is to create a large
number of utxos. If segwit=True the (single) utxo is assumed to
be of type segwit p2sh/p2wpkh.
"""
results = validate_utxo_data([(utxo, priv)], retrieve=True, segwit=segwit)
if not results:
return False
assert results[0][0] == utxo
amt = results[0][1]
ins = [utxo]
txtype = 'p2sh-p2wpkh' if segwit else 'p2pkh'
estfee = estimate_tx_fee(1, len(destaddrs), txtype=txtype)
outs = []
share = int((amt - estfee) / len(destaddrs))
fee = amt - share * len(destaddrs)
assert fee >= estfee
log.info("Using fee: " + str(fee))
for i, addr in enumerate(destaddrs):
outs.append({'address': addr, 'value': share})
unsigned_tx = btc.mktx(ins, outs)
amtforsign = amt if segwit else None
return btc.sign(unsigned_tx,
0,
btc.from_wif_privkey(priv, vbyte=get_p2pk_vbyte()),
amount=amtforsign)
def cli_creator(wallet_name,
bob_utxo,
bob_pubkey,
bob_amount,
verbose=True,
incentive=0):
"""This setup currently uses a joinmarket wallet;
this choice is just because it's easier for me. Given a
previously identified (utxo, pubkey, amount) found on the blockchain,
creates a partially signed coinjoin transaction using a utxo input
from our own wallet.
"""
if not isinstance(wallet_name, SegwitWallet):
wallet = cli_get_wallet(wallet_name)
else:
wallet = wallet_name
typical_fee = estimate_tx_fee(2, 3, 'p2sh-p2wpkh')
print('using fee estimate for utxo selection: ', typical_fee)
#Choose a single utxo sufficient for the required Bob utxo amount.
chosen_utxo = None
for k, v in wallet.get_utxos_by_mixdepth(False)[
options.mixdepth].iteritems():
if v['value'] > bob_amount + 2 * typical_fee:
chosen_utxo = (k, v)
break
if not chosen_utxo:
print("Unable to find a suitable utxo for amount: ", bob_amount)
return None
#need the private key to sign for this utxo
privkey = wallet.get_key_from_addr(chosen_utxo[1]['address'])
#get a destination and a change
alice_destination = wallet.get_new_addr(
(options.mixdepth + 1) % options.amtmixdepths, 1)
alice_change = wallet.get_new_addr(options.mixdepth, 1)
bobdata = [bob_utxo, bob_pubkey, bob_amount]
alicedata = [
chosen_utxo[0], privkey, chosen_utxo[1]['value'], alice_destination,
alice_change
]
tweak, partially_signed_tx = create_coinjoin_proposal(bobdata,
alicedata,
verbose=verbose,
incentive=incentive)
if not tweak:
print("You aborted the creation of a coinjoin proposal, quitting.")
exit(0)
encrypted_message = serialize_coinjoin_proposal(tweak, partially_signed_tx,
bob_pubkey)
if verbose:
print("Here is the encrypted message, broadcast it anywhere:")
print(encrypted_message)
return encrypted_message
def make_sign_and_push(ins_full,
wallet_service,
amount,
output_addr=None,
change_addr=None,
hashcode=btc.SIGHASH_ALL,
estimate_fee=False):
"""Utility function for easily building transactions
from wallets.
`ins_full` should be a list of dicts in format returned
by wallet.select_utxos:
{(txid, index): {"script":..,"value":..,"path":..}}
... although the path is not used.
The "script" and "value" data is used to allow signing.
"""
assert isinstance(wallet_service, WalletService)
total = sum(x['value'] for x in ins_full.values())
ins = list(ins_full.keys())
#random output address and change addr
output_addr = wallet_service.get_new_addr(
1,
BaseWallet.ADDRESS_TYPE_INTERNAL) if not output_addr else output_addr
change_addr = wallet_service.get_new_addr(
0,
BaseWallet.ADDRESS_TYPE_INTERNAL) if not change_addr else change_addr
fee_est = estimate_tx_fee(len(ins), 2) if estimate_fee else 10000
outs = [{
'value': amount,
'address': output_addr
}, {
'value': total - amount - fee_est,
'address': change_addr
}]
tx = btc.mktx(ins, outs)
scripts = {}
for i, j in enumerate(ins):
scripts[i] = (ins_full[j]["script"], ins_full[j]["value"])
success, msg = wallet_service.sign_tx(tx, scripts, hashcode=hashcode)
if not success:
return False
#pushtx returns False on any error
push_succeed = jm_single().bc_interface.pushtx(tx.serialize())
if push_succeed:
# in normal operation this happens automatically
# but in some tests there is no monitoring loop:
wallet_service.process_new_tx(tx)
return tx.GetTxid()[::-1]
else:
return False
def create_coinjoin_proposal(bobdata, alicedata, verbose=True, incentive=0):
"""A very crude/static implementation of a coinjoin for SNICKER.
**VERY DELIBERATELY STUPIDLY SIMPLE VERSION!**
We assume only one utxo for each side (this will certainly change, Alice
side, for flexibility). Two outputs equal size are created with 1 change
for Alice also (Bob's utxo is completely satisfied by 1 output).
The data for each side is utxo, and amount; alice must provide
privkey for partial sign. All scriptpubkeys assumed p2sh/p2wpkh for now.
Bob's destination is tweaked and included as a destination which he
will verify.
What is returned is (tweak, partially signed tx) which is enough information
for Bob to complete.
"""
fee = estimate_tx_fee(2, 3, 'p2sh-p2wpkh')
bob_utxo, bob_pubkey, amount = bobdata
alice_utxo, alice_privkey, alice_amount, alice_destination, change = alicedata
ins = [bob_utxo, alice_utxo]
random.shuffle(ins)
tweak, dest_pt, bob_destination = create_recipient_address(bob_pubkey,
segwit=True)
print('using amount, alice_amount,incentive, fee: ' +
','.join([str(x) for x in [amount, alice_amount, incentive, fee]]))
coinjoin_amount = amount + incentive
change_amount = alice_amount - coinjoin_amount - incentive - fee
outs = [{
"address": alice_destination,
"value": coinjoin_amount
}, {
"address": bob_destination,
"value": coinjoin_amount
}, {
"address": change,
"value": change_amount
}]
random.shuffle(outs)
unsigned_tx = btc.mktx(ins, outs)
if verbose:
print('here is proposed transaction:\n',
pformat(btc.deserialize(unsigned_tx)))
print('destination for Bob: ', bob_destination)
print('destination for Alice: ', alice_destination)
print('destination for Alice change: ', change)
if not raw_input("Is this acceptable? (y/n):") == "y":
return (None, None)
#Alice signs her input; assuming segwit here for now
partially_signed_tx = btc.sign(unsigned_tx,
1,
alice_privkey,
amount=alice_amount)
#return the material to be sent to Bob
return (tweak, partially_signed_tx)
def make_sign_and_push(ins_full,
wallet_service,
amount,
output_addr=None,
change_addr=None,
hashcode=btc.SIGHASH_ALL,
estimate_fee=False):
"""Utility function for easily building transactions
from wallets
"""
assert isinstance(wallet_service, WalletService)
total = sum(x['value'] for x in ins_full.values())
ins = list(ins_full.keys())
#random output address and change addr
output_addr = wallet_service.get_new_addr(
1, 1) if not output_addr else output_addr
change_addr = wallet_service.get_new_addr(
0, 1) if not change_addr else change_addr
fee_est = estimate_tx_fee(len(ins), 2) if estimate_fee else 10000
outs = [{
'value': amount,
'address': output_addr
}, {
'value': total - amount - fee_est,
'address': change_addr
}]
de_tx = btc.deserialize(btc.mktx(ins, outs))
scripts = {}
for index, ins in enumerate(de_tx['ins']):
utxo = ins['outpoint']['hash'] + ':' + str(ins['outpoint']['index'])
script = wallet_service.addr_to_script(ins_full[utxo]['address'])
scripts[index] = (script, ins_full[utxo]['value'])
binarize_tx(de_tx)
de_tx = wallet_service.sign_tx(de_tx, scripts, hashcode=hashcode)
#pushtx returns False on any error
push_succeed = jm_single().bc_interface.pushtx(btc.serialize(de_tx))
if push_succeed:
txid = btc.txhash(btc.serialize(de_tx))
# in normal operation this happens automatically
# but in some tests there is no monitoring loop:
wallet_service.process_new_tx(de_tx, txid)
return txid
else:
return False
def make_sign_and_push(ins_full,
wallet_service,
amount,
output_addr=None,
change_addr=None,
hashcode=btc.SIGHASH_ALL,
estimate_fee=False):
"""Utility function for easily building transactions
from wallets.
"""
assert isinstance(wallet_service, WalletService)
total = sum(x['value'] for x in ins_full.values())
ins = ins_full.keys()
#random output address and change addr
output_addr = wallet_service.get_new_addr(
1,
BaseWallet.ADDRESS_TYPE_INTERNAL) if not output_addr else output_addr
change_addr = wallet_service.get_new_addr(
0,
BaseWallet.ADDRESS_TYPE_INTERNAL) if not change_addr else change_addr
fee_est = estimate_tx_fee(len(ins), 2) if estimate_fee else 10000
outs = [{
'value': amount,
'address': output_addr
}, {
'value': total - amount - fee_est,
'address': change_addr
}]
tx = btc.mktx(ins, outs)
de_tx = btc.deserialize(tx)
for index, ins in enumerate(de_tx['ins']):
utxo = ins['outpoint']['hash'] + ':' + str(ins['outpoint']['index'])
addr = ins_full[utxo]['address']
priv = wallet_service.get_key_from_addr(addr)
if index % 2:
priv = binascii.unhexlify(priv)
tx = btc.sign(tx, index, priv, hashcode=hashcode)
#pushtx returns False on any error
print(btc.deserialize(tx))
push_succeed = jm_single().bc_interface.pushtx(tx)
if push_succeed:
return btc.txhash(tx)
else:
return False
def sign(utxo, priv, destaddrs):
"""Sign a tx sending the amount amt, from utxo utxo,
equally to each of addresses in list destaddrs,
after fees; the purpose is to create a large
number of utxos.
"""
results = validate_utxo_data([(utxo, priv)], retrieve=True)
if not results:
return False
assert results[0][0] == utxo
amt = results[0][1]
ins = [utxo]
estfee = estimate_tx_fee(1, len(destaddrs))
outs = []
share = int((amt - estfee) / len(destaddrs))
fee = amt - share*len(destaddrs)
assert fee >= estfee
log.info("Using fee: " + str(fee))
for i, addr in enumerate(destaddrs):
outs.append({'address': addr, 'value': share})
unsigned_tx = btc.mktx(ins, outs)
return btc.sign(unsigned_tx, 0, btc.from_wif_privkey(
priv, vbyte=get_p2pk_vbyte()))
def graft_onto_single_acp(wallet, txhex, amount, destaddr):
"""Given a serialized txhex which is checked to be of
form single|acp (one in, one out), a destination address
and an amount to spend, grafts in this in-out pair (at index zero)
to our own transaction spending amount amount to destination destaddr,
and uses a user-specified transaction fee (normal joinmarket
configuration), and sanity checks that the bump value is not
greater than user specified bump option.
Returned: serialized txhex of fully signed transaction.
"""
d = btc.deserialize(txhex)
if len(d['ins']) != 1 or len(d['outs']) != 1:
return (False, "Proposed tx should have 1 in 1 out, has: " +
','.join([str(len(d[x])) for x in ['ins', 'outs']]))
#most important part: check provider hasn't bumped more than options.bump:
other_utxo_in = d['ins'][0]['outpoint']['hash'] + ":" + str(
d['ins'][0]['outpoint']['index'])
res = jm_single().bc_interface.query_utxo_set(other_utxo_in)
assert len(res) == 1
if not res[0]:
return (False, "Utxo provided by counterparty not found.")
excess = d['outs'][0]['value'] - res[0]["value"]
if not excess <= options.bump:
return (False,
"Counterparty claims too much excess value: " + str(excess))
#Last sanity check - ensure that it's single|acp, else we're wasting our time
try:
if 'txinwitness' in d['ins'][0]:
sig, pub = d['ins'][0]['txinwitness']
else:
sig, pub = btc.deserialize_script(d['ins'][0]['script'])
assert sig[-2:] == "83"
except Exception as e:
return (
False, "The transaction's signature does not parse as signed with "
"SIGHASH_SINGLE|SIGHASH_ANYONECANPAY, for p2pkh or p2sh-p2wpkh, or "
"is otherwise invalid, and so is not valid for this function.\n" +
repr(e))
#source inputs for our own chosen spending amount:
try:
input_utxos = wallet.select_utxos(options.mixdepth, amount)
except Exception as e:
return (False, "Unable to select sufficient coins from mixdepth: " +
str(options.mixdepth))
total_selected = sum([x['value'] for x in input_utxos.values()])
fee = estimate_tx_fee(len(input_utxos) + 1, 3, txtype='p2sh-p2wpkh')
change_amount = total_selected - amount - excess - fee
changeaddr = wallet.get_new_addr(options.mixdepth, 1)
#Build new transaction and, graft in signature
ins = [other_utxo_in] + input_utxos.keys()
outs = [
d['outs'][0], {
'address': destaddr,
'value': amount
}, {
'address': changeaddr,
'value': change_amount
}
]
fulltx = btc.mktx(ins, outs)
df = btc.deserialize(fulltx)
#put back in original signature
df['ins'][0]['script'] = d['ins'][0]['script']
if 'txinwitness' in d['ins'][0]:
df['ins'][0]['txinwitness'] = d['ins'][0]['txinwitness']
fulltx = btc.serialize(df)
for i, iu in enumerate(input_utxos):
priv, inamt = get_privkey_amount_from_utxo(wallet, iu)
print("Signing index: ", i + 1, " with privkey: ", priv,
" and amount: ", inamt, " for utxo: ", iu)
fulltx = btc.sign(fulltx, i + 1, priv, amount=inamt)
return (True, fulltx)
def main():
parser = get_sendpayment_parser()
(options, args) = parser.parse_args()
load_program_config()
if options.p2ep and len(args) != 3:
parser.error("PayJoin requires exactly three arguments: "
"wallet, amount and destination address.")
sys.exit(0)
elif options.schedule == '' and len(args) != 3:
parser.error("Joinmarket sendpayment (coinjoin) needs arguments:"
" wallet, amount and destination address")
sys.exit(0)
#without schedule file option, use the arguments to create a schedule
#of a single transaction
sweeping = False
if options.schedule == '':
#note that sendpayment doesn't support fractional amounts, fractions throw
#here.
amount = int(args[1])
if amount == 0:
sweeping = True
destaddr = args[2]
mixdepth = options.mixdepth
addr_valid, errormsg = validate_address(destaddr)
if not addr_valid:
jmprint('ERROR: Address invalid. ' + errormsg, "error")
return
schedule = [[options.mixdepth, amount, options.makercount,
destaddr, 0.0, 0]]
else:
if options.p2ep:
parser.error("Schedule files are not compatible with PayJoin")
sys.exit(0)
result, schedule = get_schedule(options.schedule)
if not result:
log.error("Failed to load schedule file, quitting. Check the syntax.")
log.error("Error was: " + str(schedule))
sys.exit(0)
mixdepth = 0
for s in schedule:
if s[1] == 0:
sweeping = True
#only used for checking the maximum mixdepth required
mixdepth = max([mixdepth, s[0]])
wallet_name = args[0]
check_regtest()
if options.pickorders:
chooseOrdersFunc = pick_order
if sweeping:
jmprint('WARNING: You may have to pick offers multiple times', "warning")
jmprint('WARNING: due to manual offer picking while sweeping', "warning")
else:
chooseOrdersFunc = options.order_choose_fn
# Dynamically estimate a realistic fee if it currently is the default value.
# At this point we do not know even the number of our own inputs, so
# we guess conservatively with 2 inputs and 2 outputs each.
if options.txfee == -1:
options.txfee = max(options.txfee, estimate_tx_fee(2, 2,
txtype="p2sh-p2wpkh"))
log.debug("Estimated miner/tx fee for each cj participant: " + str(
options.txfee))
assert (options.txfee >= 0)
maxcjfee = (1, float('inf'))
if not options.p2ep and not options.pickorders and options.makercount != 0:
maxcjfee = get_max_cj_fee_values(jm_single().config, options)
log.info("Using maximum coinjoin fee limits per maker of {:.4%}, {} "
"sat".format(*maxcjfee))
log.debug('starting sendpayment')
max_mix_depth = max([mixdepth, options.amtmixdepths - 1])
wallet_path = get_wallet_path(wallet_name, None)
wallet = open_test_wallet_maybe(
wallet_path, wallet_name, max_mix_depth, gap_limit=options.gaplimit)
if jm_single().config.get("BLOCKCHAIN",
"blockchain_source") == "electrum-server" and options.makercount != 0:
jm_single().bc_interface.synctype = "with-script"
#wallet sync will now only occur on reactor start if we're joining.
while not jm_single().bc_interface.wallet_synced:
sync_wallet(wallet, fast=options.fastsync)
# From the estimated tx fees, check if the expected amount is a
# significant value compared the the cj amount
total_cj_amount = amount
if total_cj_amount == 0:
total_cj_amount = wallet.get_balance_by_mixdepth()[options.mixdepth]
if total_cj_amount == 0:
raise ValueError("No confirmed coins in the selected mixdepth. Quitting")
exp_tx_fees_ratio = ((1 + options.makercount) * options.txfee) / total_cj_amount
if exp_tx_fees_ratio > 0.05:
jmprint('WARNING: Expected bitcoin network miner fees for this coinjoin'
' amount are roughly {:.1%}'.format(exp_tx_fees_ratio), "warning")
if input('You might want to modify your tx_fee'
' settings in joinmarket.cfg. Still continue? (y/n):')[0] != 'y':
sys.exit('Aborted by user.')
else:
log.info("Estimated miner/tx fees for this coinjoin amount: {:.1%}"
.format(exp_tx_fees_ratio))
if options.makercount == 0 and not options.p2ep:
direct_send(wallet, amount, mixdepth, destaddr, options.answeryes)
return
if wallet.get_txtype() == 'p2pkh':
jmprint("Only direct sends (use -N 0) are supported for "
"legacy (non-segwit) wallets.", "error")
return
def filter_orders_callback(orders_fees, cjamount):
orders, total_cj_fee = orders_fees
log.info("Chose these orders: " +pprint.pformat(orders))
log.info('total cj fee = ' + str(total_cj_fee))
total_fee_pc = 1.0 * total_cj_fee / cjamount
log.info('total coinjoin fee = ' + str(float('%.3g' % (
100.0 * total_fee_pc))) + '%')
WARNING_THRESHOLD = 0.02 # 2%
if total_fee_pc > WARNING_THRESHOLD:
log.info('\n'.join(['=' * 60] * 3))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 1))
log.info('OFFERED COINJOIN FEE IS UNUSUALLY HIGH. DOUBLE/TRIPLE CHECK.')
log.info('\n'.join(['=' * 60] * 1))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 3))
if not options.answeryes:
if input('send with these orders? (y/n):')[0] != 'y':
return False
return True
def taker_finished(res, fromtx=False, waittime=0.0, txdetails=None):
if fromtx == "unconfirmed":
#If final entry, stop *here*, don't wait for confirmation
if taker.schedule_index + 1 == len(taker.schedule):
reactor.stop()
return
if fromtx:
if res:
txd, txid = txdetails
taker.wallet.remove_old_utxos(txd)
taker.wallet.add_new_utxos(txd, txid)
reactor.callLater(waittime*60,
clientfactory.getClient().clientStart)
else:
#a transaction failed; we'll try to repeat without the
#troublemakers.
#If this error condition is reached from Phase 1 processing,
#and there are less than minimum_makers honest responses, we
#just give up (note that in tumbler we tweak and retry, but
#for sendpayment the user is "online" and so can manually
#try again).
#However if the error is in Phase 2 and we have minimum_makers
#or more responses, we do try to restart with the honest set, here.
if taker.latest_tx is None:
#can only happen with < minimum_makers; see above.
log.info("A transaction failed but there are insufficient "
"honest respondants to continue; giving up.")
reactor.stop()
return
#This is Phase 2; do we have enough to try again?
taker.add_honest_makers(list(set(
taker.maker_utxo_data.keys()).symmetric_difference(
set(taker.nonrespondants))))
if len(taker.honest_makers) < jm_single().config.getint(
"POLICY", "minimum_makers"):
log.info("Too few makers responded honestly; "
"giving up this attempt.")
reactor.stop()
return
jmprint("We failed to complete the transaction. The following "
"makers responded honestly: " + str(taker.honest_makers) +\
", so we will retry with them.", "warning")
#Now we have to set the specific group we want to use, and hopefully
#they will respond again as they showed honesty last time.
#we must reset the number of counterparties, as well as fix who they
#are; this is because the number is used to e.g. calculate fees.
#cleanest way is to reset the number in the schedule before restart.
taker.schedule[taker.schedule_index][2] = len(taker.honest_makers)
log.info("Retrying with: " + str(taker.schedule[
taker.schedule_index][2]) + " counterparties.")
#rewind to try again (index is incremented in Taker.initialize())
taker.schedule_index -= 1
taker.set_honest_only(True)
reactor.callLater(5.0, clientfactory.getClient().clientStart)
else:
if not res:
log.info("Did not complete successfully, shutting down")
#Should usually be unreachable, unless conf received out of order;
#because we should stop on 'unconfirmed' for last (see above)
else:
log.info("All transactions completed correctly")
reactor.stop()
if options.p2ep:
# This workflow requires command line reading; we force info level logging
# to remove noise, and mostly communicate to the user with the fn
# log.info (directly or via default taker_info_callback).
set_logging_level("INFO")
# in the case where the payment just hangs for a long period, allow
# it to fail gracefully with an information message; this is triggered
# only by the stallMonitor, which gives up after 20*maker_timeout_sec:
def p2ep_on_finished_callback(res, fromtx=False, waittime=0.0,
txdetails=None):
log.error("PayJoin payment was NOT made, timed out.")
reactor.stop()
taker = P2EPTaker(options.p2ep, wallet, schedule,
callbacks=(None, None, p2ep_on_finished_callback))
else:
taker = Taker(wallet,
schedule,
order_chooser=chooseOrdersFunc,
max_cj_fee=maxcjfee,
callbacks=(filter_orders_callback, None, taker_finished))
clientfactory = JMClientProtocolFactory(taker)
nodaemon = jm_single().config.getint("DAEMON", "no_daemon")
daemon = True if nodaemon == 1 else False
p2ep = True if options.p2ep != "" else False
if jm_single().config.get("BLOCKCHAIN", "network") in ["regtest", "testnet"]:
startLogging(sys.stdout)
start_reactor(jm_single().config.get("DAEMON", "daemon_host"),
jm_single().config.getint("DAEMON", "daemon_port"),
clientfactory, daemon=daemon, p2ep=p2ep)
def main():
parser = get_sendpayment_parser()
(options, args) = parser.parse_args()
load_program_config()
if options.schedule == '' and len(args) < 3:
parser.error('Needs a wallet, amount and destination address')
sys.exit(0)
#without schedule file option, use the arguments to create a schedule
#of a single transaction
sweeping = False
if options.schedule == '':
#note that sendpayment doesn't support fractional amounts, fractions throw
#here.
amount = int(args[1])
if amount == 0:
sweeping = True
destaddr = args[2]
mixdepth = options.mixdepth
addr_valid, errormsg = validate_address(destaddr)
if not addr_valid:
print('ERROR: Address invalid. ' + errormsg)
return
schedule = [[options.mixdepth, amount, options.makercount,
destaddr, 0.0, 0]]
else:
result, schedule = get_schedule(options.schedule)
if not result:
log.info("Failed to load schedule file, quitting. Check the syntax.")
log.info("Error was: " + str(schedule))
sys.exit(0)
mixdepth = 0
for s in schedule:
if s[1] == 0:
sweeping = True
#only used for checking the maximum mixdepth required
mixdepth = max([mixdepth, s[0]])
wallet_name = args[0]
#to allow testing of confirm/unconfirm callback for multiple txs
if isinstance(jm_single().bc_interface, RegtestBitcoinCoreInterface):
jm_single().bc_interface.tick_forward_chain_interval = 10
jm_single().bc_interface.simulating = True
jm_single().maker_timeout_sec = 15
chooseOrdersFunc = None
if options.pickorders:
chooseOrdersFunc = pick_order
if sweeping:
print('WARNING: You may have to pick offers multiple times')
print('WARNING: due to manual offer picking while sweeping')
elif options.choosecheapest:
chooseOrdersFunc = cheapest_order_choose
else: # choose randomly (weighted)
chooseOrdersFunc = weighted_order_choose
# Dynamically estimate a realistic fee if it currently is the default value.
# At this point we do not know even the number of our own inputs, so
# we guess conservatively with 2 inputs and 2 outputs each.
if options.txfee == -1:
options.txfee = max(options.txfee, estimate_tx_fee(2, 2,
txtype="p2sh-p2wpkh"))
log.debug("Estimated miner/tx fee for each cj participant: " + str(
options.txfee))
assert (options.txfee >= 0)
log.debug('starting sendpayment')
if not options.userpcwallet:
#maxmixdepth in the wallet is actually the *number* of mixdepths (so misnamed);
#to ensure we have enough, must be at least (requested index+1)
max_mix_depth = max([mixdepth+1, options.amtmixdepths])
wallet_path = get_wallet_path(wallet_name, None)
wallet = open_test_wallet_maybe(
wallet_path, wallet_name, max_mix_depth, gap_limit=options.gaplimit)
else:
raise NotImplemented("Using non-joinmarket wallet is not supported.")
if jm_single().config.get("BLOCKCHAIN",
"blockchain_source") == "electrum-server" and options.makercount != 0:
jm_single().bc_interface.synctype = "with-script"
#wallet sync will now only occur on reactor start if we're joining.
while not jm_single().bc_interface.wallet_synced:
sync_wallet(wallet, fast=options.fastsync)
if options.makercount == 0:
direct_send(wallet, amount, mixdepth, destaddr, options.answeryes)
return
if wallet.get_txtype() == 'p2pkh':
print("Only direct sends (use -N 0) are supported for "
"legacy (non-segwit) wallets.")
return
def filter_orders_callback(orders_fees, cjamount):
orders, total_cj_fee = orders_fees
log.info("Chose these orders: " +pprint.pformat(orders))
log.info('total cj fee = ' + str(total_cj_fee))
total_fee_pc = 1.0 * total_cj_fee / cjamount
log.info('total coinjoin fee = ' + str(float('%.3g' % (
100.0 * total_fee_pc))) + '%')
WARNING_THRESHOLD = 0.02 # 2%
if total_fee_pc > WARNING_THRESHOLD:
log.info('\n'.join(['=' * 60] * 3))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 1))
log.info('OFFERED COINJOIN FEE IS UNUSUALLY HIGH. DOUBLE/TRIPLE CHECK.')
log.info('\n'.join(['=' * 60] * 1))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 3))
if not options.answeryes:
if raw_input('send with these orders? (y/n):')[0] != 'y':
return False
return True
def taker_finished(res, fromtx=False, waittime=0.0, txdetails=None):
if fromtx == "unconfirmed":
#If final entry, stop *here*, don't wait for confirmation
if taker.schedule_index + 1 == len(taker.schedule):
reactor.stop()
return
if fromtx:
if res:
txd, txid = txdetails
taker.wallet.remove_old_utxos(txd)
taker.wallet.add_new_utxos(txd, txid)
reactor.callLater(waittime*60,
clientfactory.getClient().clientStart)
else:
#a transaction failed; we'll try to repeat without the
#troublemakers.
#If this error condition is reached from Phase 1 processing,
#and there are less than minimum_makers honest responses, we
#just give up (note that in tumbler we tweak and retry, but
#for sendpayment the user is "online" and so can manually
#try again).
#However if the error is in Phase 2 and we have minimum_makers
#or more responses, we do try to restart with the honest set, here.
if taker.latest_tx is None:
#can only happen with < minimum_makers; see above.
log.info("A transaction failed but there are insufficient "
"honest respondants to continue; giving up.")
reactor.stop()
return
#This is Phase 2; do we have enough to try again?
taker.add_honest_makers(list(set(
taker.maker_utxo_data.keys()).symmetric_difference(
set(taker.nonrespondants))))
if len(taker.honest_makers) < jm_single().config.getint(
"POLICY", "minimum_makers"):
log.info("Too few makers responded honestly; "
"giving up this attempt.")
reactor.stop()
return
print("We failed to complete the transaction. The following "
"makers responded honestly: ", taker.honest_makers,
", so we will retry with them.")
#Now we have to set the specific group we want to use, and hopefully
#they will respond again as they showed honesty last time.
#we must reset the number of counterparties, as well as fix who they
#are; this is because the number is used to e.g. calculate fees.
#cleanest way is to reset the number in the schedule before restart.
taker.schedule[taker.schedule_index][2] = len(taker.honest_makers)
log.info("Retrying with: " + str(taker.schedule[
taker.schedule_index][2]) + " counterparties.")
#rewind to try again (index is incremented in Taker.initialize())
taker.schedule_index -= 1
taker.set_honest_only(True)
reactor.callLater(5.0, clientfactory.getClient().clientStart)
else:
if not res:
log.info("Did not complete successfully, shutting down")
#Should usually be unreachable, unless conf received out of order;
#because we should stop on 'unconfirmed' for last (see above)
else:
log.info("All transactions completed correctly")
reactor.stop()
taker = Taker(wallet,
schedule,
order_chooser=chooseOrdersFunc,
callbacks=(filter_orders_callback, None, taker_finished))
clientfactory = JMClientProtocolFactory(taker)
nodaemon = jm_single().config.getint("DAEMON", "no_daemon")
daemon = True if nodaemon == 1 else False
if jm_single().config.get("BLOCKCHAIN", "network") in ["regtest", "testnet"]:
startLogging(sys.stdout)
start_reactor(jm_single().config.get("DAEMON", "daemon_host"),
jm_single().config.getint("DAEMON", "daemon_port"),
clientfactory, daemon=daemon)
def main():
parser = get_sendpayment_parser()
(options, args) = parser.parse_args()
load_program_config()
if options.schedule == '' and len(args) < 3:
parser.error('Needs a wallet, amount and destination address')
sys.exit(0)
#without schedule file option, use the arguments to create a schedule
#of a single transaction
sweeping = False
if options.schedule == '':
#note that sendpayment doesn't support fractional amounts, fractions throw
#here.
amount = int(args[1])
if amount == 0:
sweeping = True
destaddr = args[2]
mixdepth = options.mixdepth
addr_valid, errormsg = validate_address(destaddr)
if not addr_valid:
print('ERROR: Address invalid. ' + errormsg)
return
schedule = [[
options.mixdepth, amount, options.makercount, destaddr, 0.0, 0
]]
else:
result, schedule = get_schedule(options.schedule)
if not result:
log.info(
"Failed to load schedule file, quitting. Check the syntax.")
log.info("Error was: " + str(schedule))
sys.exit(0)
mixdepth = 0
for s in schedule:
if s[1] == 0:
sweeping = True
#only used for checking the maximum mixdepth required
mixdepth = max([mixdepth, s[0]])
wallet_name = args[0]
#to allow testing of confirm/unconfirm callback for multiple txs
if isinstance(jm_single().bc_interface, RegtestBitcoinCoreInterface):
jm_single().bc_interface.tick_forward_chain_interval = 10
jm_single().bc_interface.simulating = True
jm_single().maker_timeout_sec = 15
chooseOrdersFunc = None
if options.pickorders:
chooseOrdersFunc = pick_order
if sweeping:
print('WARNING: You may have to pick offers multiple times')
print('WARNING: due to manual offer picking while sweeping')
elif options.choosecheapest:
chooseOrdersFunc = cheapest_order_choose
else: # choose randomly (weighted)
chooseOrdersFunc = weighted_order_choose
# Dynamically estimate a realistic fee if it currently is the default value.
# At this point we do not know even the number of our own inputs, so
# we guess conservatively with 2 inputs and 2 outputs each.
if options.txfee == -1:
options.txfee = max(options.txfee,
estimate_tx_fee(2, 2, txtype="p2sh-p2wpkh"))
log.debug("Estimated miner/tx fee for each cj participant: " +
str(options.txfee))
assert (options.txfee >= 0)
log.debug('starting sendpayment')
if not options.userpcwallet:
#maxmixdepth in the wallet is actually the *number* of mixdepths (so misnamed);
#to ensure we have enough, must be at least (requested index+1)
max_mix_depth = max([mixdepth + 1, options.amtmixdepths])
if not os.path.exists(os.path.join('wallets', wallet_name)):
wallet = get_wallet_cls()(wallet_name, None, max_mix_depth,
options.gaplimit)
else:
while True:
try:
pwd = get_password("Enter wallet decryption passphrase: ")
wallet = get_wallet_cls()(wallet_name, pwd, max_mix_depth,
options.gaplimit)
except WalletError:
print("Wrong password, try again.")
continue
except Exception as e:
print("Failed to load wallet, error message: " + repr(e))
sys.exit(0)
break
else:
wallet = BitcoinCoreWallet(fromaccount=wallet_name)
if jm_single().config.get(
"BLOCKCHAIN", "blockchain_source"
) == "electrum-server" and options.makercount != 0:
jm_single().bc_interface.synctype = "with-script"
#wallet sync will now only occur on reactor start if we're joining.
sync_wallet(wallet, fast=options.fastsync)
if options.makercount == 0:
if isinstance(wallet, BitcoinCoreWallet):
raise NotImplementedError(
"Direct send only supported for JM wallets")
direct_send(wallet, amount, mixdepth, destaddr, options.answeryes)
return
def filter_orders_callback(orders_fees, cjamount):
orders, total_cj_fee = orders_fees
log.info("Chose these orders: " + pprint.pformat(orders))
log.info('total cj fee = ' + str(total_cj_fee))
total_fee_pc = 1.0 * total_cj_fee / cjamount
log.info('total coinjoin fee = ' +
str(float('%.3g' % (100.0 * total_fee_pc))) + '%')
WARNING_THRESHOLD = 0.02 # 2%
if total_fee_pc > WARNING_THRESHOLD:
log.info('\n'.join(['=' * 60] * 3))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 1))
log.info(
'OFFERED COINJOIN FEE IS UNUSUALLY HIGH. DOUBLE/TRIPLE CHECK.')
log.info('\n'.join(['=' * 60] * 1))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 3))
if not options.answeryes:
if raw_input('send with these orders? (y/n):')[0] != 'y':
return False
return True
def taker_finished(res, fromtx=False, waittime=0.0, txdetails=None):
if fromtx == "unconfirmed":
#If final entry, stop *here*, don't wait for confirmation
if taker.schedule_index + 1 == len(taker.schedule):
reactor.stop()
return
if fromtx:
if res:
txd, txid = txdetails
taker.wallet.remove_old_utxos(txd)
taker.wallet.add_new_utxos(txd, txid)
reactor.callLater(waittime * 60,
clientfactory.getClient().clientStart)
else:
#a transaction failed; just stop
reactor.stop()
else:
if not res:
log.info("Did not complete successfully, shutting down")
#Should usually be unreachable, unless conf received out of order;
#because we should stop on 'unconfirmed' for last (see above)
else:
log.info("All transactions completed correctly")
reactor.stop()
taker = Taker(wallet,
schedule,
order_chooser=chooseOrdersFunc,
callbacks=(filter_orders_callback, None, taker_finished))
clientfactory = JMClientProtocolFactory(taker)
nodaemon = jm_single().config.getint("DAEMON", "no_daemon")
daemon = True if nodaemon == 1 else False
if jm_single().config.get("BLOCKCHAIN",
"network") in ["regtest", "testnet"]:
startLogging(sys.stdout)
start_reactor(jm_single().config.get("DAEMON", "daemon_host"),
jm_single().config.getint("DAEMON", "daemon_port"),
clientfactory,
daemon=daemon)
def main():
parser = OptionParser(usage='usage: %prog [options] walletname',
description=description)
add_base_options(parser)
parser.add_option('-m',
'--mixdepth',
action='store',
type='int',
dest='mixdepth',
help='mixdepth/account, default 0',
default=0)
parser.add_option('-g',
'--gap-limit',
action='store',
type='int',
dest='gaplimit',
default=6,
help='gap limit for Joinmarket wallet, default 6.')
parser.add_option(
'-f',
'--txfee',
action='store',
type='int',
dest='txfee',
default=-1,
help='Bitcoin miner tx_fee to use for transaction(s). A number higher '
'than 1000 is used as "satoshi per KB" tx fee. A number lower than that '
'uses the dynamic fee estimation of your blockchain provider as '
'confirmation target. This temporarily overrides the "tx_fees" setting '
'in your joinmarket.cfg. Works the same way as described in it. Check '
'it for examples.')
parser.add_option('-a',
'--amtmixdepths',
action='store',
type='int',
dest='amtmixdepths',
help='number of mixdepths in wallet, default 5',
default=5)
parser.add_option(
'-N',
'--net-transfer',
action='store',
type='int',
dest='net_transfer',
help='how many sats are sent to the "receiver", default randomised.',
default=-1000001)
(options, args) = parser.parse_args()
snicker_plugin = JMPluginService("SNICKER")
load_program_config(config_path=options.datadir,
plugin_services=[snicker_plugin])
if len(args) != 1:
log.error("Invalid arguments, see --help")
sys.exit(EXIT_ARGERROR)
wallet_name = args[0]
check_regtest()
# If tx_fees are set manually by CLI argument, override joinmarket.cfg:
if int(options.txfee) > 0:
jm_single().config.set("POLICY", "tx_fees", str(options.txfee))
max_mix_depth = max([options.mixdepth, options.amtmixdepths - 1])
wallet_path = get_wallet_path(wallet_name, None)
wallet = open_test_wallet_maybe(
wallet_path,
wallet_name,
max_mix_depth,
wallet_password_stdin=options.wallet_password_stdin,
gap_limit=options.gaplimit)
wallet_service = WalletService(wallet)
if wallet_service.rpc_error:
sys.exit(EXIT_FAILURE)
snicker_plugin.start_plugin_logging(wallet_service)
# in this script, we need the wallet synced before
# logic processing for some paths, so do it now:
while not wallet_service.synced:
wallet_service.sync_wallet(fast=not options.recoversync)
# the sync call here will now be a no-op:
wallet_service.startService()
fee_est = estimate_tx_fee(2, 3, txtype=wallet_service.get_txtype())
# first, order the utxos in the mixepth by size. Then (this is the
# simplest algorithm; we could be more sophisticated), choose the
# *second* largest utxo as the receiver utxo; this ensures that we
# have enough for the proposer to cover. We consume utxos greedily,
# meaning we'll at least some of the time, be consolidating.
utxo_dict = wallet_service.get_utxos_by_mixdepth()[options.mixdepth]
if not len(utxo_dict) >= 2:
log.error(
"Cannot create fake SNICKER tx without at least two utxos, quitting"
)
sys.exit(EXIT_ARGERROR)
# sort utxos by size
sorted_utxos = sorted(list(utxo_dict.keys()),
key=lambda k: utxo_dict[k]['value'],
reverse=True)
# receiver is the second largest:
receiver_utxo = sorted_utxos[1]
receiver_utxo_val = utxo_dict[receiver_utxo]
# gather the other utxos into a list to select from:
nonreceiver_utxos = [sorted_utxos[0]] + sorted_utxos[2:]
# get the net transfer in our fake coinjoin:
if options.net_transfer < -1000001:
log.error("Net transfer must be greater than negative 1M sats")
sys.exit(EXIT_ARGERROR)
if options.net_transfer == -1000001:
# default; low-ish is more realistic and avoids problems
# with dusty utxos
options.net_transfer = random.randint(-1000, 1000)
# select enough to cover: receiver value + fee + transfer + breathing room
# we select relatively greedily to support consolidation, since
# this transaction does not pretend to isolate the coins.
try:
available = [{
'utxo': utxo,
'value': utxo_dict[utxo]["value"]
} for utxo in nonreceiver_utxos]
# selection algos return [{"utxo":..,"value":..}]:
prop_utxos = {
x["utxo"]
for x in select_greedy(
available, receiver_utxo_val["value"] + fee_est +
options.net_transfer + 1000)
}
prop_utxos = list(prop_utxos)
prop_utxo_vals = [utxo_dict[prop_utxo] for prop_utxo in prop_utxos]
except NotEnoughFundsException as e:
log.error(repr(e))
sys.exit(EXIT_FAILURE)
# Due to the fake nature of this transaction, and its distinguishability
# (not only in trivial output pattern, but also in subset-sum), there
# is little advantage in making it use different output mixdepths, so
# here to prevent fragmentation, everything is kept in the same mixdepth.
receiver_addr, proposer_addr, change_addr = (wallet_service.script_to_addr(
wallet_service.get_new_script(options.mixdepth, 1)) for _ in range(3))
# persist index update:
wallet_service.save_wallet()
outputs = btc.construct_snicker_outputs(
sum([x["value"] for x in prop_utxo_vals]), receiver_utxo_val["value"],
receiver_addr, proposer_addr, change_addr, fee_est,
options.net_transfer)
tx = btc.make_shuffled_tx(prop_utxos + [receiver_utxo],
outputs,
version=2,
locktime=0)
# before signing, check we satisfied the criteria, otherwise
# this is pointless!
if not btc.is_snicker_tx(tx):
log.error("Code error, created non-SNICKER tx, not signing.")
sys.exit(EXIT_FAILURE)
# sign all inputs
# scripts: {input_index: (output_script, amount)}
our_inputs = {}
for index, ins in enumerate(tx.vin):
utxo = (ins.prevout.hash[::-1], ins.prevout.n)
script = utxo_dict[utxo]['script']
amount = utxo_dict[utxo]['value']
our_inputs[index] = (script, amount)
success, msg = wallet_service.sign_tx(tx, our_inputs)
if not success:
log.error("Failed to sign transaction: " + msg)
sys.exit(EXIT_FAILURE)
# TODO condition on automatic brdcst or not
if not jm_single().bc_interface.pushtx(tx.serialize()):
# this represents an error about state (or conceivably,
# an ultra-short window in which the spent utxo was
# consumed in another transaction), but not really
# an internal logic error, so we do NOT return False
log.error("Failed to broadcast fake SNICKER coinjoin: " +\
bintohex(tx.GetTxid()[::-1]))
log.info(btc.human_readable_transaction(tx))
sys.exit(EXIT_FAILURE)
log.info("Successfully broadcast fake SNICKER coinjoin: " +\
bintohex(tx.GetTxid()[::-1]))
def test_absurd_fee(setup_wallets):
jm_single().config.set("POLICY", "absurd_fee_per_kb", "1000")
with pytest.raises(ValueError) as e_info:
estimate_tx_fee(10, 2)
load_test_config()
def test_spend_then_rbf(setup_tx_creation):
""" Test plan: first, create a normal spend with
rbf enabled in direct_send, then broadcast but
do not mine a block. Then create a re-spend of
the same utxos with a higher fee and check
that broadcast succeeds.
"""
# First phase: broadcast with RBF enabled.
#
# set a baseline feerate:
old_feerate = jm_single().config.get("POLICY", "tx_fees")
jm_single().config.set("POLICY", "tx_fees", "20000")
# set up a single wallet with some coins:
wallet_service = make_wallets(1, [[2, 0, 0, 0, 1]], 3)[0]['wallet']
wallet_service.sync_wallet(fast=True)
# ensure selection of two utxos, doesn't really matter
# but a more general case than only one:
amount = 350000000
# destination doesn't matter; this is easiest:
destn = wallet_service.get_internal_addr(1)
# While `direct_send` usually encapsulates utxo selection
# for user, here we need to know what was chosen, hence
# we return the transaction object, not directly broadcast.
tx1 = direct_send(wallet_service,
amount,
0,
destn,
answeryes=True,
return_transaction=True,
optin_rbf=True)
assert tx1
# record the utxos for reuse:
assert isinstance(tx1, bitcoin.CTransaction)
utxos_objs = (x.prevout for x in tx1.vin)
utxos = [(x.hash[::-1], x.n) for x in utxos_objs]
# in order to sign on those utxos, we need their script and value.
scrs = {}
vals = {}
for u, details in wallet_service.get_utxos_by_mixdepth()[0].items():
if u in utxos:
scrs[u] = details["script"]
vals[u] = details["value"]
assert len(scrs.keys()) == 2
assert len(vals.keys()) == 2
# This will go to mempool but not get mined because
# we don't call `tick_forward_chain`.
push_succeed = jm_single().bc_interface.pushtx(tx1.serialize())
if push_succeed:
# mimics real operations with transaction monitor:
wallet_service.process_new_tx(tx1)
else:
assert False
# Second phase: bump fee.
#
# we set a larger fee rate.
jm_single().config.set("POLICY", "tx_fees", "30000")
# just a different destination to avoid confusion:
destn2 = wallet_service.get_internal_addr(2)
# We reuse *both* utxos so total fees are comparable
# (modulo tiny 1 byte differences in signatures).
# Ordinary wallet operations would remove the first-spent utxos,
# so for now we build a PSBT using the code from #921 to select
# the same utxos (it could be done other ways).
# Then we broadcast the PSBT and check it is allowed
# before constructing the outputs, we need a good fee estimate,
# using the bumped feerate:
fee = estimate_tx_fee(2, 2, wallet_service.get_txtype())
# reset the feerate:
total_input_val = sum(vals.values())
jm_single().config.set("POLICY", "tx_fees", old_feerate)
outs = [{
"address": destn2,
"value": 1000000
}, {
"address": wallet_service.get_internal_addr(0),
"value": total_input_val - 1000000 - fee
}]
tx2 = bitcoin.mktx(utxos, outs, version=2, locktime=compute_tx_locktime())
spent_outs = []
for u in utxos:
spent_outs.append(bitcoin.CTxOut(nValue=vals[u], scriptPubKey=scrs[u]))
psbt_unsigned = wallet_service.create_psbt_from_tx(tx2,
spent_outs=spent_outs)
signresultandpsbt, err = wallet_service.sign_psbt(
psbt_unsigned.serialize(), with_sign_result=True)
assert not err
signresult, psbt_signed = signresultandpsbt
tx2_signed = psbt_signed.extract_transaction()
# the following assertion is sufficient, because
# tx broadcast would fail if the replacement were
# not allowed by Core:
assert jm_single().bc_interface.pushtx(tx2_signed.serialize())
def test_snicker_e2e(setup_snicker, nw, wallet_structures, mean_amt, sdev_amt,
amt, net_transfer):
""" Test strategy:
1. create two wallets.
2. with wallet 1 (Receiver), create a single transaction
tx1, from mixdepth 0 to 1.
3. with wallet 2 (Proposer), take pubkey of all inputs from tx1, and use
them to create snicker proposals to the non-change out of tx1,
in base64 and place in proposals.txt.
4. Receiver polls for proposals in the file manually (instead of twisted
LoopingCall) and processes them.
5. Check for valid final transaction with broadcast.
"""
# TODO: Make this test work with native segwit wallets
wallets = make_wallets(nw,
wallet_structures,
mean_amt,
sdev_amt,
wallet_cls=SegwitLegacyWallet)
for w in wallets.values():
w['wallet'].sync_wallet(fast=True)
print(wallets)
wallet_r = wallets[0]['wallet']
wallet_p = wallets[1]['wallet']
# next, create a tx from the receiver wallet
our_destn_script = wallet_r.get_new_script(
1, BaseWallet.ADDRESS_TYPE_INTERNAL)
tx = direct_send(wallet_r,
btc.coins_to_satoshi(0.3),
0,
wallet_r.script_to_addr(our_destn_script),
accept_callback=dummy_accept_callback,
info_callback=dummy_info_callback,
return_transaction=True)
assert tx, "Failed to spend from receiver wallet"
print("Parent transaction OK. It was: ")
print(btc.human_readable_transaction(tx))
wallet_r.process_new_tx(tx)
# we must identify the receiver's output we're going to use;
# it can be destination or change, that's up to the proposer
# to guess successfully; here we'll just choose index 0.
txid1 = tx.GetTxid()[::-1]
txid1_index = 0
receiver_start_bal = sum(
[x['value'] for x in wallet_r.get_all_utxos().values()])
# Now create a proposal for every input index in tx1
# (version 1 proposals mean we source keys from the/an
# ancestor transaction)
propose_keys = []
for i in range(len(tx.vin)):
# todo check access to pubkey
sig, pub = [a for a in iter(tx.wit.vtxinwit[i].scriptWitness)]
propose_keys.append(pub)
# the proposer wallet needs to choose a single
# utxo that is bigger than the output amount of tx1
prop_m_utxos = wallet_p.get_utxos_by_mixdepth()[0]
prop_utxo = prop_m_utxos[list(prop_m_utxos)[0]]
# get the private key for that utxo
priv = wallet_p.get_key_from_addr(
wallet_p.script_to_addr(prop_utxo['script']))
prop_input_amt = prop_utxo['value']
# construct the arguments for the snicker proposal:
our_input = list(prop_m_utxos)[0] # should be (txid, index)
their_input = (txid1, txid1_index)
our_input_utxo = btc.CMutableTxOut(prop_utxo['value'], prop_utxo['script'])
fee_est = estimate_tx_fee(len(tx.vin), 2)
change_spk = wallet_p.get_new_script(0, BaseWallet.ADDRESS_TYPE_INTERNAL)
encrypted_proposals = []
for p in propose_keys:
# TODO: this can be a loop over all outputs,
# not just one guessed output, if desired.
encrypted_proposals.append(
wallet_p.create_snicker_proposal(our_input,
their_input,
our_input_utxo,
tx.vout[txid1_index],
net_transfer,
fee_est,
priv,
p,
prop_utxo['script'],
change_spk,
version_byte=1) + b"," +
bintohex(p).encode('utf-8'))
with open(TEST_PROPOSALS_FILE, "wb") as f:
f.write(b"\n".join(encrypted_proposals))
sR = SNICKERReceiver(wallet_r)
sR.proposals_source = TEST_PROPOSALS_FILE # avoid clashing with mainnet
sR.poll_for_proposals()
assert len(sR.successful_txs) == 1
wallet_r.process_new_tx(sR.successful_txs[0])
end_utxos = wallet_r.get_all_utxos()
print("At end the receiver has these utxos: ", end_utxos)
receiver_end_bal = sum([x['value'] for x in end_utxos.values()])
assert receiver_end_bal == receiver_start_bal + net_transfer
def send_tx0id_hx_tx2sig(self):
"""Create coinswap secret, create TX0 paying into 2 of 2 AC,
use the utxo/txid:n of it to create TX2, sign it, and send the hash,
the tx2 sig and the utxo to Carol.
"""
self.secret, self.hashed_secret = get_coinswap_secret()
#**CONSTRUCT TX0**
#precompute the entirely signed transaction, so as to pass the txid
self.initial_utxo_inputs = self.wallet.select_utxos(
0, self.coinswap_parameters.tx0_amount)
total_in = sum([x['value'] for x in self.initial_utxo_inputs.values()])
self.signing_privkeys = []
for i, v in enumerate(self.initial_utxo_inputs.values()):
privkey = self.wallet.get_key_from_addr(v['address'])
if not privkey:
raise CoinSwapException("Failed to get key to sign TX0")
self.signing_privkeys.append(privkey)
signing_pubkeys = [[btc.privkey_to_pubkey(x)]
for x in self.signing_privkeys]
signing_redeemscripts = [
btc.address_to_script(x['address'])
for x in self.initial_utxo_inputs.values()
]
#calculate size of change output; default p2pkh assumed
fee = estimate_tx_fee(len(self.initial_utxo_inputs), 2)
cslog.debug("got tx0 fee: " + str(fee))
cslog.debug("for tx0 input amount: " + str(total_in))
change_amount = total_in - self.coinswap_parameters.tx0_amount - fee
cslog.debug("got tx0 change amount: " + str(change_amount))
#get a change address in same mixdepth
change_address = self.wallet.get_internal_addr(0)
self.tx0 = CoinSwapTX01.from_params(
self.coinswap_parameters.pubkeys["key_2_2_AC_0"],
self.coinswap_parameters.pubkeys["key_2_2_AC_1"],
utxo_ins=self.initial_utxo_inputs.keys(),
signing_pubkeys=signing_pubkeys,
signing_redeem_scripts=signing_redeemscripts,
output_amount=self.coinswap_parameters.tx0_amount,
change_address=change_address,
change_amount=change_amount)
#sign and hold signature, recover txid
self.tx0.signall(self.signing_privkeys)
self.tx0.attach_signatures()
self.tx0.set_txid()
cslog.info("Alice created and signed TX0:")
cslog.info(self.tx0)
#**CONSTRUCT TX2**
#Input is outpoint from TX0
utxo_in = self.tx0.txid + ":" + str(self.tx0.pay_out_index)
self.tx2 = CoinSwapTX23.from_params(
self.coinswap_parameters.pubkeys["key_2_2_AC_0"],
self.coinswap_parameters.pubkeys["key_2_2_AC_1"],
self.coinswap_parameters.pubkeys["key_TX2_secret"],
utxo_in=utxo_in,
recipient_amount=self.coinswap_parameters.tx2_recipient_amount,
hashed_secret=self.hashed_secret,
absolutelocktime=self.coinswap_parameters.timeouts["LOCK0"],
refund_pubkey=self.coinswap_parameters.pubkeys["key_TX2_lock"])
#Create our own signature for TX2
self.tx2.sign_at_index(self.keyset["key_2_2_AC_0"][0], 0)
sigtx2 = self.tx2.signatures[0][0]
self.send(self.tx0.txid + ":" + str(self.tx0.pay_out_index),
self.hashed_secret, sigtx2)
return (True, "TX0id, H(X), TX2 sig sent OK")
def scan_for_coinjoins(privkey, amount, filename):
"""Given a file which contains encrypted coinjoin proposals,
and a private key for a pubkey with a known utxo existing
which we can spend, scan the entries in the file, all assumed
to be ECIES encrypted to a pubkey, for one which is encrypted
to *this* pubkey, if found, output the retrieved partially signed
transaction, and destination key, address to a list which is
returned to the caller.
Only if the retrieved coinjoin transaction passes basic checks
on validity in terms of amount paid, is it returned.
This is an elementary implementation that will obviously fail
any performance test (i.e. moderately large lists).
Note that the tweaked output address must be of type p2sh/p2wpkh.
"""
try:
with open(filename, "rb") as f:
msgs = f.readlines()
except:
print("Failed to read from file: ", filename)
return
valid_coinjoins = []
for msg in msgs:
try:
decrypted_msg = decrypt_message(msg, privkey)
tweak, tx = deserialize_coinjoin_proposal(decrypted_msg)
except:
print("Could not decrypt message, skipping")
continue
if not tweak:
print("Could not decrypt message, reason: " + str(tx))
continue
#We analyse the content of the transaction to check if it follows
#our requirements
try:
deserialized_tx = btc.deserialize(tx)
except:
print("Proposed transaction is not correctly formatted, skipping.")
continue
#construct our receiving address according to the tweak
pubkey = btc.privkey_to_pubkey(privkey)
tweak, destnpt, my_destn_addr = create_recipient_address(pubkey,
tweak=tweak,
segwit=True)
#add_privkeys requires both inputs to be compressed (or un-) consistently.
tweak_priv = tweak + "01"
my_destn_privkey = btc.add_privkeys(tweak_priv, privkey, True)
my_output_index = -1
for i, o in enumerate(deserialized_tx['outs']):
addr = btc.script_to_address(o['script'], get_p2sh_vbyte())
if addr == my_destn_addr:
print('found our output address: ', my_destn_addr)
my_output_index = i
break
if my_output_index == -1:
print("Proposal doesn't contain our output address, rejecting")
continue
my_output_amount = deserialized_tx['outs'][i]['value']
required_amount = amount - 2 * estimate_tx_fee(3, 3, 'p2sh-p2wpkh')
if my_output_amount < required_amount:
print("Proposal pays too little, difference is: ",
required_amount - my_output_amount)
continue
#now we know output is acceptable to us, we should check that the
#ctrprty input is signed and the other input is ours, but will do this
#later; if it's not, it just won't work so NBD for now.
valid_coinjoins.append((my_destn_addr, my_destn_privkey, tx))
return valid_coinjoins
def main():
tumble_log = get_tumble_log(logsdir)
(options, args) = get_tumbler_parser().parse_args()
options_org = options
options = vars(options)
if len(args) < 1:
jmprint('Error: Needs a wallet file', "error")
sys.exit(EXIT_ARGERROR)
load_program_config(config_path=options['datadir'])
if jm_single().bc_interface is None:
jmprint('Error: Needs a blockchain source', "error")
sys.exit(EXIT_FAILURE)
check_regtest()
#Load the wallet
wallet_name = args[0]
max_mix_depth = options['mixdepthsrc'] + options['mixdepthcount']
if options['amtmixdepths'] > max_mix_depth:
max_mix_depth = options['amtmixdepths']
wallet_path = get_wallet_path(wallet_name, None)
wallet = open_test_wallet_maybe(
wallet_path,
wallet_name,
max_mix_depth,
wallet_password_stdin=options_org.wallet_password_stdin)
wallet_service = WalletService(wallet)
if wallet_service.rpc_error:
sys.exit(EXIT_FAILURE)
# in this script, we need the wallet synced before
# logic processing for some paths, so do it now:
while not wallet_service.synced:
wallet_service.sync_wallet(fast=not options['recoversync'])
# the sync call here will now be a no-op:
wallet_service.startService()
maxcjfee = get_max_cj_fee_values(jm_single().config, options_org)
log.info(
"Using maximum coinjoin fee limits per maker of {:.4%}, {} sat".format(
*maxcjfee))
#Parse options and generate schedule
#Output information to log files
jm_single().mincjamount = options['mincjamount']
destaddrs = args[1:]
for daddr in destaddrs:
success, errmsg = validate_address(daddr)
if not success:
jmprint("Invalid destination address: " + daddr, "error")
sys.exit(EXIT_ARGERROR)
jmprint("Destination addresses: " + str(destaddrs), "important")
#If the --restart flag is set we read the schedule
#from the file, and filter out entries that are
#already complete
if options['restart']:
res, schedule = get_schedule(
os.path.join(logsdir, options['schedulefile']))
if not res:
jmprint(
"Failed to load schedule, name: " +
str(options['schedulefile']), "error")
jmprint("Error was: " + str(schedule), "error")
sys.exit(EXIT_FAILURE)
#This removes all entries that are marked as done
schedule = [s for s in schedule if s[-1] != 1]
# remaining destination addresses must be stored in Taker.tdestaddrs
# in case of tweaks; note we can't change, so any passed on command
# line must be ignored:
if len(destaddrs) > 0:
jmprint(
"For restarts, destinations are taken from schedule file,"
" so passed destinations on the command line were ignored.",
"important")
if input("OK? (y/n)") != "y":
sys.exit(EXIT_SUCCESS)
destaddrs = [
s[3] for s in schedule if s[3] not in ["INTERNAL", "addrask"]
]
jmprint(
"Remaining destination addresses in restart: " +
",".join(destaddrs), "important")
if isinstance(schedule[0][-1], str) and len(schedule[0][-1]) == 64:
#ensure last transaction is confirmed before restart
tumble_log.info("WAITING TO RESTART...")
txid = schedule[0][-1]
restart_waiter(txid)
#remove the already-done entry (this connects to the other TODO,
#probably better *not* to truncate the done-already txs from file,
#but simplest for now.
schedule = schedule[1:]
elif schedule[0][-1] != 0:
print("Error: first schedule entry is invalid.")
sys.exit(EXIT_FAILURE)
with open(os.path.join(logsdir, options['schedulefile']), "wb") as f:
f.write(schedule_to_text(schedule))
tumble_log.info("TUMBLE RESTARTING")
else:
#Create a new schedule from scratch
schedule = get_tumble_schedule(options, destaddrs,
wallet.get_balance_by_mixdepth())
tumble_log.info("TUMBLE STARTING")
with open(os.path.join(logsdir, options['schedulefile']), "wb") as f:
f.write(schedule_to_text(schedule))
print("Schedule written to logs/" + options['schedulefile'])
tumble_log.info("With this schedule: ")
tumble_log.info(pprint.pformat(schedule))
# If tx_fees are set manually by CLI argument, override joinmarket.cfg:
if int(options['txfee']) > 0:
jm_single().config.set("POLICY", "tx_fees", str(options['txfee']))
# Dynamically estimate an expected tx fee for the whole tumbling run.
# This is very rough: we guess with 2 inputs and 2 outputs each.
fee_per_cp_guess = estimate_tx_fee(2,
2,
txtype=wallet_service.get_txtype())
log.debug("Estimated miner/tx fee for each cj participant: " +
str(fee_per_cp_guess))
# From the estimated tx fees, check if the expected amount is a
# significant value compared the the cj amount
involved_parties = len(schedule) # own participation in each CJ
for item in schedule:
involved_parties += item[2] # number of total tumble counterparties
total_tumble_amount = int(0)
max_mix_to_tumble = min(options['mixdepthsrc']+options['mixdepthcount'], \
max_mix_depth)
for i in range(options['mixdepthsrc'], max_mix_to_tumble):
total_tumble_amount += wallet_service.get_balance_by_mixdepth()[i]
if total_tumble_amount == 0:
raise ValueError(
"No confirmed coins in the selected mixdepth(s). Quitting")
exp_tx_fees_ratio = (involved_parties * fee_per_cp_guess) \
/ total_tumble_amount
if exp_tx_fees_ratio > 0.05:
jmprint(
'WARNING: Expected bitcoin network miner fees for the whole '
'tumbling run are roughly {:.1%}'.format(exp_tx_fees_ratio),
"warning")
if not options['restart'] and input(
'You might want to modify your tx_fee'
' settings in joinmarket.cfg. Still continue? (y/n):'
)[0] != 'y':
sys.exit('Aborted by user.')
else:
log.info("Estimated miner/tx fees for this coinjoin amount for the "
"whole tumbling run: {:.1%}".format(exp_tx_fees_ratio))
print("Progress logging to logs/TUMBLE.log")
def filter_orders_callback(orders_fees, cjamount):
"""Decide whether to accept fees
"""
return tumbler_filter_orders_callback(orders_fees, cjamount, taker)
def taker_finished(res, fromtx=False, waittime=0.0, txdetails=None):
"""on_finished_callback for tumbler; processing is almost entirely
deferred to generic taker_finished in tumbler_support module, except
here reactor signalling.
"""
sfile = os.path.join(logsdir, options['schedulefile'])
tumbler_taker_finished_update(taker, sfile, tumble_log, options, res,
fromtx, waittime, txdetails)
if not fromtx:
reactor.stop()
elif fromtx != "unconfirmed":
reactor.callLater(waittime * 60,
clientfactory.getClient().clientStart)
#instantiate Taker with given schedule and run
taker = Taker(wallet_service,
schedule,
maxcjfee,
order_chooser=options['order_choose_fn'],
callbacks=(filter_orders_callback, None, taker_finished),
tdestaddrs=destaddrs)
clientfactory = JMClientProtocolFactory(taker)
nodaemon = jm_single().config.getint("DAEMON", "no_daemon")
daemon = True if nodaemon == 1 else False
if jm_single().config.get("BLOCKCHAIN",
"network") in ["regtest", "testnet"]:
startLogging(sys.stdout)
start_reactor(jm_single().config.get("DAEMON", "daemon_host"),
jm_single().config.getint("DAEMON", "daemon_port"),
clientfactory,
daemon=daemon)
def main_cs(test_data=None):
#twisted logging (TODO disable for non-debug runs)
if test_data:
wallet_name, args, options, use_ssl, alt_class, alt_c_class = test_data
else:
log.startLogging(sys.stdout)
#Joinmarket wallet
parser = get_coinswap_parser()
(options, args) = parser.parse_args()
load_coinswap_config()
wallet_name = args[0]
#depth 0: spend in, depth 1: receive out, depth 2: for backout transactions.
max_mix_depth = 3
if not os.path.exists(os.path.join('wallets', wallet_name)):
wallet = Wallet(wallet_name, None, max_mix_depth, 6)
else:
while True:
try:
pwd = get_password("Enter wallet decryption passphrase: ")
wallet = Wallet(wallet_name, pwd, max_mix_depth, 6)
except WalletError:
print("Wrong password, try again.")
continue
except Exception as e:
print("Failed to load wallet, error message: " + repr(e))
sys.exit(0)
break
#for testing main script (not test framework), need funds.
if not test_data and isinstance(cs_single().bc_interface,
RegtestBitcoinCoreInterface):
cs_single().bc_interface.grab_coins(wallet.get_new_addr(0, 0), 2.0)
time.sleep(3)
sync_wallet(wallet, fast=options.fastsync)
wallet.used_coins = None
if options.serve:
#sanity check that client params were not provided:
if len(args) > 1:
print("Extra parameters provided for running as server. "
"Are you sure you didn't want to run as client?")
sys.exit(0)
if not test_data:
main_server(options, wallet)
else:
main_server(options, wallet, {
'use_ssl': use_ssl,
'alt_c_class': alt_c_class
})
return wallet.get_balance_by_mixdepth()
return
tx01_amount = int(args[1])
#Reset the targetting for backout transactions
oldtarget = cs_single().config.get("POLICY", "tx_fees")
newtarget = cs_single().config.getint("POLICY", "backout_fee_target")
multiplier = float(cs_single().config.get("POLICY",
"backout_fee_multiplier"))
cs_single().config.set("POLICY", "tx_fees", str(newtarget))
tx23fee = estimate_tx_fee((1, 2, 2), 1, txtype='p2shMofN')
tx23fee = int(multiplier * tx23fee)
tx24_recipient_amount = tx01_amount - tx23fee
tx35_recipient_amount = tx01_amount - tx23fee
cs_single().config.set("POLICY", "tx_fees", oldtarget)
#to allow testing of confirm/unconfirm callback for multiple txs
if isinstance(cs_single().bc_interface, RegtestBitcoinCoreInterface):
cs_single().bc_interface.tick_forward_chain_interval = 2
cs_single().bc_interface.simulating = True
cs_single().config.set("BLOCKCHAIN", "notify_port", "62652")
cs_single().config.set("BLOCKCHAIN", "rpc_host", "127.0.0.2")
#if restart option selected, read state and backout
if options.recover:
session_id = options.recover
alice = CoinSwapAlice(wallet, 'alicestate')
alice.bbmb = wallet.get_balance_by_mixdepth(verbose=False)
alice.load(sessionid=session_id)
alice.backout("Recovering from shutdown")
reactor.run()
return
if len(args) > 2:
tx5address = args[2]
if not validate_address(tx5address):
print("Invalid address: ", tx5address)
sys.exit(0)
else:
#Our destination address should be in a separate mixdepth
tx5address = wallet.get_new_addr(1, 1)
#instantiate the parameters, but don't yet have the ephemeral pubkeys
#or destination addresses.
cpp = CoinSwapPublicParameters(tx01_amount, tx24_recipient_amount,
tx35_recipient_amount)
#Alice must set the unique identifier for this run.
cpp.set_session_id()
cpp.set_tx5_address(tx5address)
testing_mode = True if test_data else False
aliceclass = alt_class if test_data and alt_class else CoinSwapAlice
alice = aliceclass(wallet, 'alicestate', cpp, testing_mode=testing_mode)
scheme, server, port = options.serverport.split(":")
print("got this scheme, server, port: ", scheme, server, port)
if scheme == "https":
usessl = True
elif scheme == "http":
usessl = False
else:
print("Invalid server string: ", options.serverport)
sys.exit(0)
if not server[:2] == "//":
print("Invalid server string: ", options.serverport)
alice_client = CoinSwapJSONRPCClient(server[2:], port, alice.sm.tick,
alice.backout, usessl)
alice.set_jsonrpc_client(alice_client)
reactor.callWhenRunning(alice.sm.tick)
if not test_data:
reactor.run()
if test_data:
return alice
def main():
parser = OptionParser(
usage=
'usage: %prog [options] walletname hex-tx input-index output-index net-transfer',
description=description)
add_base_options(parser)
parser.add_option('-m',
'--mixdepth',
action='store',
type='int',
dest='mixdepth',
help='mixdepth/account to spend from, default=0',
default=0)
parser.add_option('-g',
'--gap-limit',
action='store',
type='int',
dest='gaplimit',
default=6,
help='gap limit for Joinmarket wallet, default 6.')
parser.add_option(
'-n',
'--no-upload',
action='store_true',
dest='no_upload',
default=False,
help="if set, we don't upload the new proposal to the servers")
parser.add_option(
'-f',
'--txfee',
action='store',
type='int',
dest='txfee',
default=-1,
help='Bitcoin miner tx_fee to use for transaction(s). A number higher '
'than 1000 is used as "satoshi per KB" tx fee. A number lower than that '
'uses the dynamic fee estimation of your blockchain provider as '
'confirmation target. This temporarily overrides the "tx_fees" setting '
'in your joinmarket.cfg. Works the same way as described in it. Check '
'it for examples.')
parser.add_option('-a',
'--amtmixdepths',
action='store',
type='int',
dest='amtmixdepths',
help='number of mixdepths in wallet, default 5',
default=5)
(options, args) = parser.parse_args()
snicker_plugin = JMPluginService("SNICKER")
load_program_config(config_path=options.datadir,
plugin_services=[snicker_plugin])
if len(args) != 5:
jmprint("Invalid arguments, see --help")
sys.exit(EXIT_ARGERROR)
wallet_name, hextx, input_index, output_index, net_transfer = args
input_index, output_index, net_transfer = [
int(x) for x in [input_index, output_index, net_transfer]
]
check_regtest()
# If tx_fees are set manually by CLI argument, override joinmarket.cfg:
if int(options.txfee) > 0:
jm_single().config.set("POLICY", "tx_fees", str(options.txfee))
max_mix_depth = max([options.mixdepth, options.amtmixdepths - 1])
wallet_path = get_wallet_path(wallet_name, None)
wallet = open_test_wallet_maybe(
wallet_path,
wallet_name,
max_mix_depth,
wallet_password_stdin=options.wallet_password_stdin,
gap_limit=options.gaplimit)
wallet_service = WalletService(wallet)
if wallet_service.rpc_error:
sys.exit(EXIT_FAILURE)
snicker_plugin.start_plugin_logging(wallet_service)
# in this script, we need the wallet synced before
# logic processing for some paths, so do it now:
while not wallet_service.synced:
wallet_service.sync_wallet(fast=not options.recoversync)
# the sync call here will now be a no-op:
wallet_service.startService()
# now that the wallet is available, we can construct a proposal
# before encrypting it:
originating_tx = btc.CMutableTransaction.deserialize(hextobin(hextx))
txid1 = originating_tx.GetTxid()[::-1]
# the proposer wallet needs to choose a single utxo, from his selected
# mixdepth, that is bigger than the output amount of tx1 at the given
# index.
fee_est = estimate_tx_fee(2, 3, txtype=wallet_service.get_txtype())
amt_required = originating_tx.vout[output_index].nValue + fee_est
prop_utxo_dict = wallet_service.select_utxos(options.mixdepth,
amt_required)
prop_utxos = list(prop_utxo_dict)
prop_utxo_vals = [prop_utxo_dict[x] for x in prop_utxos]
# get the private key for that utxo
priv = wallet_service.get_key_from_addr(
wallet_service.script_to_addr(prop_utxo_vals[0]['script']))
# construct the arguments for the snicker proposal:
our_input_utxos = [
btc.CMutableTxOut(x['value'], x['script']) for x in prop_utxo_vals
]
# destination must be a different mixdepth:
prop_destn_spk = wallet_service.get_new_script(
(options.mixdepth + 1) % (wallet_service.mixdepth + 1), 1)
change_spk = wallet_service.get_new_script(options.mixdepth, 1)
their_input = (txid1, output_index)
# we also need to extract the pubkey of the chosen input from
# the witness; we vary this depending on our wallet type:
pubkey, msg = btc.extract_pubkey_from_witness(originating_tx, input_index)
if not pubkey:
log.error("Failed to extract pubkey from transaction: {}".format(msg))
sys.exit(EXIT_FAILURE)
encrypted_proposal = wallet_service.create_snicker_proposal(
prop_utxos,
their_input,
our_input_utxos,
originating_tx.vout[output_index],
net_transfer,
fee_est,
priv,
pubkey,
prop_destn_spk,
change_spk,
version_byte=1) + b"," + bintohex(pubkey).encode('utf-8')
if options.no_upload:
jmprint(encrypted_proposal.decode("utf-8"))
sys.exit(EXIT_SUCCESS)
nodaemon = jm_single().config.getint("DAEMON", "no_daemon")
daemon = True if nodaemon == 1 else False
snicker_client = SNICKERPostingClient([encrypted_proposal])
servers = jm_single().config.get("SNICKER", "servers").split(",")
snicker_pf = SNICKERClientProtocolFactory(snicker_client, servers)
start_reactor(jm_single().config.get("DAEMON", "daemon_host"),
jm_single().config.getint("DAEMON", "daemon_port"),
None,
snickerfactory=snicker_pf,
daemon=daemon)
def main_cs(test_data=None):
#twisted logging (TODO disable for non-debug runs)
if test_data:
wallet_name, args, options, use_ssl, alt_class, alt_c_class, fail_alice_state, fail_carol_state = test_data
server, port, usessl = parse_server_string(options.serverport)
else:
parser = get_coinswap_parser()
(options, args) = parser.parse_args()
#Will only be used by client
server, port, usessl = parse_server_string(options.serverport)
if options.checkonly:
#no need for any more data; just query
alice_client = CoinSwapJSONRPCClient(server[2:],
port,
usessl=usessl)
reactor.callWhenRunning(alice_client.send_poll_unsigned, "status",
print_status)
reactor.run()
return
log.startLogging(sys.stdout)
load_coinswap_config()
wallet_name = args[0]
#depth 0: spend in, depth 1: receive out, depth 2: for backout transactions.
max_mix_depth = 3
wallet_dir = os.path.join(cs_single().homedir, 'wallets')
if not os.path.exists(os.path.join(wallet_dir, wallet_name)):
wallet = SegwitWallet(wallet_name,
None,
max_mix_depth,
6,
wallet_dir=wallet_dir)
else:
while True:
try:
pwd = get_password("Enter wallet decryption passphrase: ")
wallet = SegwitWallet(wallet_name,
pwd,
max_mix_depth,
6,
wallet_dir=wallet_dir)
except WalletError:
print("Wrong password, try again.")
continue
except Exception as e:
print("Failed to load wallet, error message: " + repr(e))
sys.exit(0)
break
#for testing main script (not test framework), need funds.
if not test_data and isinstance(cs_single().bc_interface,
RegtestBitcoinCoreInterface):
for i in range(3):
cs_single().bc_interface.grab_coins(
wallet.get_new_addr(0, 0, True), 2.0)
wallet.index[0][0] -= 3
time.sleep(3)
sync_wallet(wallet, fast=options.fastsync)
if test_data:
cs_single().bc_interface.wallet_synced = True
wallet.used_coins = None
if options.serve:
#sanity check that client params were not provided:
if len(args) > 1:
print("Extra parameters provided for running as server. "
"Are you sure you didn't want to run as client?")
sys.exit(0)
if not test_data:
main_server(options, wallet)
else:
main_server(
options, wallet, {
'use_ssl': use_ssl,
'alt_c_class': alt_c_class,
'fail_carol_state': fail_carol_state
})
return wallet.get_balance_by_mixdepth()
return
if not options.recover:
target_amount = int(args[1])
#Reset the targetting for backout transactions
#TODO must be removed/changed for updated fees handling
oldtarget = cs_single().config.get("POLICY", "tx_fees")
newtarget = cs_single().config.getint("POLICY", "backout_fee_target")
multiplier = float(cs_single().config.get("POLICY",
"backout_fee_multiplier"))
cs_single().config.set("POLICY", "tx_fees", str(newtarget))
tx23fee = estimate_tx_fee((1, 2, 2), 1, txtype='p2shMofN')
tx23fee = int(multiplier * tx23fee)
tx24_recipient_amount = target_amount - tx23fee
tx35_recipient_amount = target_amount - tx23fee
cs_single().config.set("POLICY", "tx_fees", oldtarget)
#to allow testing of confirm/unconfirm callback for multiple txs
if isinstance(cs_single().bc_interface, RegtestBitcoinCoreInterface):
cs_single().bc_interface.tick_forward_chain_interval = 2
cs_single().bc_interface.simulating = True
cs_single().config.set("BLOCKCHAIN", "notify_port", "62652")
cs_single().config.set("BLOCKCHAIN", "rpc_host", "127.0.0.2")
#if restart option selected, read state and backout
if options.recover:
session_id = options.recover
alice = CoinSwapAlice(wallet, 'alicestate')
alice.bbmb = wallet.get_balance_by_mixdepth(verbose=False)
alice.load(sessionid=session_id)
alice.backout("Recovering from shutdown")
reactor.run()
return
if len(args) > 2:
tx5address = args[2]
if not validate_address(tx5address):
print("Invalid address: ", tx5address)
sys.exit(0)
else:
#Our destination address should be in a separate mixdepth
tx5address = wallet.get_new_addr(1, 1, True)
#instantiate the parameters, but don't yet have the ephemeral pubkeys
#or destination addresses.
#TODO figure out best estimate incl. priority
btcfee_est = estimate_tx_fee((1, 2, 2), 1, txtype='p2shMofN')
cpp = CoinSwapPublicParameters(base_amount=target_amount,
bitcoin_fee=btcfee_est)
cpp.set_addr_data(addr5=tx5address)
testing_mode = True if test_data else False
aliceclass = alt_class if test_data and alt_class else CoinSwapAlice
if test_data and fail_alice_state:
alice = aliceclass(wallet,
'alicestate',
cpp,
testing_mode=testing_mode,
fail_state=fail_alice_state)
else:
if testing_mode or options.checkfee:
alice = aliceclass(wallet,
'alicestate',
cpp,
testing_mode=testing_mode)
else:
alice = aliceclass(wallet,
'alicestate',
cpp,
testing_mode=testing_mode,
fee_checker="cli")
alice_client = CoinSwapJSONRPCClient(server[2:], port, alice.sm.tick,
alice.backout, usessl)
alice.set_jsonrpc_client(alice_client)
reactor.callWhenRunning(alice_client.send_poll_unsigned, "status",
alice.check_server_status)
if not test_data:
reactor.run()
if test_data:
return alice
def main():
parser = get_sendpayment_parser()
(options, args) = parser.parse_args()
load_program_config(config_path=options.datadir)
if options.schedule == '':
if ((len(args) < 2) or (btc.is_bip21_uri(args[1]) and len(args) != 2)
or (not btc.is_bip21_uri(args[1]) and len(args) != 3)):
parser.error(
"Joinmarket sendpayment (coinjoin) needs arguments:"
" wallet, amount, destination address or wallet, bitcoin_uri.")
sys.exit(EXIT_ARGERROR)
#without schedule file option, use the arguments to create a schedule
#of a single transaction
sweeping = False
bip78url = None
if options.schedule == '':
if btc.is_bip21_uri(args[1]):
parsed = btc.decode_bip21_uri(args[1])
try:
amount = parsed['amount']
except KeyError:
parser.error("Given BIP21 URI does not contain amount.")
sys.exit(EXIT_ARGERROR)
destaddr = parsed['address']
if "pj" in parsed:
# note that this is a URL; its validity
# checking is deferred to twisted.web.client.Agent
bip78url = parsed["pj"]
# setting makercount only for fee sanity check.
# note we ignore any user setting and enforce N=0,
# as this is a flag in the code for a non-JM coinjoin;
# for the fee sanity check, note that BIP78 currently
# will only allow small fee changes, so N=0 won't
# be very inaccurate.
jmprint("Attempting to pay via payjoin.", "info")
options.makercount = 0
else:
amount = btc.amount_to_sat(args[1])
if amount == 0:
sweeping = True
destaddr = args[2]
mixdepth = options.mixdepth
addr_valid, errormsg = validate_address(destaddr)
command_to_burn = (is_burn_destination(destaddr) and sweeping
and options.makercount == 0)
if not addr_valid and not command_to_burn:
jmprint('ERROR: Address invalid. ' + errormsg, "error")
if is_burn_destination(destaddr):
jmprint(
"The required options for burning coins are zero makers" +
" (-N 0), sweeping (amount = 0) and not using BIP78 Payjoin",
"info")
sys.exit(EXIT_ARGERROR)
if sweeping == False and amount < DUST_THRESHOLD:
jmprint(
'ERROR: Amount ' + btc.amount_to_str(amount) +
' is below dust threshold ' +
btc.amount_to_str(DUST_THRESHOLD) + '.', "error")
sys.exit(EXIT_ARGERROR)
if (options.makercount != 0
and options.makercount < jm_single().config.getint(
"POLICY", "minimum_makers")):
jmprint(
'ERROR: Maker count ' + str(options.makercount) +
' below minimum_makers (' +
str(jm_single().config.getint("POLICY", "minimum_makers")) +
') in joinmarket.cfg.', "error")
sys.exit(EXIT_ARGERROR)
schedule = [[
options.mixdepth, amount, options.makercount, destaddr, 0.0,
NO_ROUNDING, 0
]]
else:
if len(args) > 1:
parser.error("Schedule files are not compatible with "
"payment destination/amount arguments.")
sys.exit(EXIT_ARGERROR)
result, schedule = get_schedule(options.schedule)
if not result:
log.error(
"Failed to load schedule file, quitting. Check the syntax.")
log.error("Error was: " + str(schedule))
sys.exit(EXIT_FAILURE)
mixdepth = 0
for s in schedule:
if s[1] == 0:
sweeping = True
#only used for checking the maximum mixdepth required
mixdepth = max([mixdepth, s[0]])
wallet_name = args[0]
check_regtest()
if options.pickorders:
chooseOrdersFunc = pick_order
if sweeping:
jmprint('WARNING: You may have to pick offers multiple times',
"warning")
jmprint('WARNING: due to manual offer picking while sweeping',
"warning")
else:
chooseOrdersFunc = options.order_choose_fn
# If tx_fees are set manually by CLI argument, override joinmarket.cfg:
if int(options.txfee) > 0:
jm_single().config.set("POLICY", "tx_fees", str(options.txfee))
maxcjfee = (1, float('inf'))
if not options.pickorders and options.makercount != 0:
maxcjfee = get_max_cj_fee_values(jm_single().config, options)
log.info("Using maximum coinjoin fee limits per maker of {:.4%}, {} "
"".format(maxcjfee[0], btc.amount_to_str(maxcjfee[1])))
log.info('starting sendpayment')
max_mix_depth = max([mixdepth, options.amtmixdepths - 1])
wallet_path = get_wallet_path(wallet_name, None)
wallet = open_test_wallet_maybe(
wallet_path,
wallet_name,
max_mix_depth,
wallet_password_stdin=options.wallet_password_stdin,
gap_limit=options.gaplimit)
wallet_service = WalletService(wallet)
if wallet_service.rpc_error:
sys.exit(EXIT_FAILURE)
# in this script, we need the wallet synced before
# logic processing for some paths, so do it now:
while not wallet_service.synced:
wallet_service.sync_wallet(fast=not options.recoversync)
# the sync call here will now be a no-op:
wallet_service.startService()
# Dynamically estimate a realistic fee, for coinjoins.
# At this point we do not know even the number of our own inputs, so
# we guess conservatively with 2 inputs and 2 outputs each.
if options.makercount != 0:
fee_per_cp_guess = estimate_tx_fee(2,
2,
txtype=wallet_service.get_txtype())
log.debug("Estimated miner/tx fee for each cj participant: " +
btc.amount_to_str(fee_per_cp_guess))
# From the estimated tx fees, check if the expected amount is a
# significant value compared the the cj amount; currently enabled
# only for single join (the predominant, non-advanced case)
if options.schedule == '' and options.makercount != 0:
total_cj_amount = amount
if total_cj_amount == 0:
total_cj_amount = wallet_service.get_balance_by_mixdepth()[
options.mixdepth]
if total_cj_amount == 0:
raise ValueError(
"No confirmed coins in the selected mixdepth. Quitting")
exp_tx_fees_ratio = (
(1 + options.makercount) * fee_per_cp_guess) / total_cj_amount
if exp_tx_fees_ratio > 0.05:
jmprint(
'WARNING: Expected bitcoin network miner fees for this coinjoin'
' amount are roughly {:.1%}'.format(exp_tx_fees_ratio),
"warning")
if input('You might want to modify your tx_fee'
' settings in joinmarket.cfg. Still continue? (y/n):'
)[0] != 'y':
sys.exit('Aborted by user.')
else:
log.info(
"Estimated miner/tx fees for this coinjoin amount: {:.1%}".
format(exp_tx_fees_ratio))
if options.makercount == 0 and not bip78url:
tx = direct_send(wallet_service,
amount,
mixdepth,
destaddr,
options.answeryes,
with_final_psbt=options.with_psbt)
if options.with_psbt:
log.info(
"This PSBT is fully signed and can be sent externally for "
"broadcasting:")
log.info(tx.to_base64())
return
if wallet.get_txtype() == 'p2pkh':
jmprint(
"Only direct sends (use -N 0) are supported for "
"legacy (non-segwit) wallets.", "error")
sys.exit(EXIT_ARGERROR)
def filter_orders_callback(orders_fees, cjamount):
orders, total_cj_fee = orders_fees
log.info("Chose these orders: " + pprint.pformat(orders))
log.info('total cj fee = ' + str(total_cj_fee))
total_fee_pc = 1.0 * total_cj_fee / cjamount
log.info('total coinjoin fee = ' +
str(float('%.3g' % (100.0 * total_fee_pc))) + '%')
WARNING_THRESHOLD = 0.02 # 2%
if total_fee_pc > WARNING_THRESHOLD:
log.info('\n'.join(['=' * 60] * 3))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 1))
log.info(
'OFFERED COINJOIN FEE IS UNUSUALLY HIGH. DOUBLE/TRIPLE CHECK.')
log.info('\n'.join(['=' * 60] * 1))
log.info('WARNING ' * 6)
log.info('\n'.join(['=' * 60] * 3))
if not options.answeryes:
if input('send with these orders? (y/n):')[0] != 'y':
return False
return True
def taker_finished(res, fromtx=False, waittime=0.0, txdetails=None):
if fromtx == "unconfirmed":
#If final entry, stop *here*, don't wait for confirmation
if taker.schedule_index + 1 == len(taker.schedule):
reactor.stop()
return
if fromtx:
if res:
txd, txid = txdetails
reactor.callLater(waittime * 60,
clientfactory.getClient().clientStart)
else:
#a transaction failed; we'll try to repeat without the
#troublemakers.
#If this error condition is reached from Phase 1 processing,
#and there are less than minimum_makers honest responses, we
#just give up (note that in tumbler we tweak and retry, but
#for sendpayment the user is "online" and so can manually
#try again).
#However if the error is in Phase 2 and we have minimum_makers
#or more responses, we do try to restart with the honest set, here.
if taker.latest_tx is None:
#can only happen with < minimum_makers; see above.
log.info("A transaction failed but there are insufficient "
"honest respondants to continue; giving up.")
reactor.stop()
return
#This is Phase 2; do we have enough to try again?
taker.add_honest_makers(
list(
set(taker.maker_utxo_data.keys()).symmetric_difference(
set(taker.nonrespondants))))
if len(taker.honest_makers) < jm_single().config.getint(
"POLICY", "minimum_makers"):
log.info("Too few makers responded honestly; "
"giving up this attempt.")
reactor.stop()
return
jmprint("We failed to complete the transaction. The following "
"makers responded honestly: " + str(taker.honest_makers) +\
", so we will retry with them.", "warning")
#Now we have to set the specific group we want to use, and hopefully
#they will respond again as they showed honesty last time.
#we must reset the number of counterparties, as well as fix who they
#are; this is because the number is used to e.g. calculate fees.
#cleanest way is to reset the number in the schedule before restart.
taker.schedule[taker.schedule_index][2] = len(
taker.honest_makers)
log.info("Retrying with: " +
str(taker.schedule[taker.schedule_index][2]) +
" counterparties.")
#rewind to try again (index is incremented in Taker.initialize())
taker.schedule_index -= 1
taker.set_honest_only(True)
reactor.callLater(5.0, clientfactory.getClient().clientStart)
else:
if not res:
log.info("Did not complete successfully, shutting down")
#Should usually be unreachable, unless conf received out of order;
#because we should stop on 'unconfirmed' for last (see above)
else:
log.info("All transactions completed correctly")
reactor.stop()
if bip78url:
# TODO sanity check wallet type is segwit
manager = parse_payjoin_setup(args[1], wallet_service,
options.mixdepth)
reactor.callWhenRunning(send_payjoin, manager)
reactor.run()
return
else:
taker = Taker(wallet_service,
schedule,
order_chooser=chooseOrdersFunc,
max_cj_fee=maxcjfee,
callbacks=(filter_orders_callback, None, taker_finished))
clientfactory = JMClientProtocolFactory(taker)
nodaemon = jm_single().config.getint("DAEMON", "no_daemon")
daemon = True if nodaemon == 1 else False
if jm_single().config.get("BLOCKCHAIN", "network") == "regtest":
startLogging(sys.stdout)
start_reactor(jm_single().config.get("DAEMON", "daemon_host"),
jm_single().config.getint("DAEMON", "daemon_port"),
clientfactory,
daemon=daemon)
def send_tx1id_tx2_sig_tx3_sig(self):
our_tx2_sig = self.tx2.signatures[0][1]
#**CONSTRUCT TX1**
#This call can throw insufficient funds; handled by backout.
#But, this should be avoided (see handshake). At least, any
#throw here will not cause fees for client.
print('wallet used coins is: ', self.wallet.used_coins)
self.initial_utxo_inputs = self.wallet.select_utxos(0,
self.coinswap_parameters.tx1_amount,
utxo_filter=self.wallet.used_coins)
#Lock these coins; only unlock if there is a pre-funding backout.
self.wallet.used_coins.extend(self.initial_utxo_inputs.keys())
total_in = sum([x['value'] for x in self.initial_utxo_inputs.values()])
self.signing_privkeys = []
for i, v in enumerate(self.initial_utxo_inputs.values()):
privkey = self.wallet.get_key_from_addr(v['address'])
if not privkey:
raise CoinSwapException("Failed to get key to sign TX1")
self.signing_privkeys.append(privkey)
signing_pubkeys = [[btc.privkey_to_pubkey(x)] for x in self.signing_privkeys]
signing_redeemscripts = [btc.address_to_script(
x['address']) for x in self.initial_utxo_inputs.values()]
#calculate size of change output; default p2pkh assumed
fee = estimate_tx_fee(len(self.initial_utxo_inputs), 2)
cslog.debug("got tx1 fee: " + str(fee))
cslog.debug("for tx1 input amount: " + str(total_in))
change_amount = total_in - self.coinswap_parameters.tx1_amount - fee
cslog.debug("got tx1 change amount: " + str(change_amount))
#get a change address in same mixdepth
change_address = self.wallet.get_internal_addr(0)
self.tx1 = CoinSwapTX01.from_params(
self.coinswap_parameters.pubkeys["key_2_2_CB_0"],
self.coinswap_parameters.pubkeys["key_2_2_CB_1"],
utxo_ins=self.initial_utxo_inputs.keys(),
signing_pubkeys=signing_pubkeys,
signing_redeem_scripts=signing_redeemscripts,
output_amount=self.coinswap_parameters.tx1_amount,
change_address=change_address,
change_amount=change_amount)
#sign and hold signature, recover txid
self.tx1.signall(self.signing_privkeys)
self.tx1.attach_signatures()
self.tx1.set_txid()
cslog.info("Carol created and signed TX1:")
cslog.info(self.tx1)
#**CONSTRUCT TX3**
utxo_in = self.tx1.txid + ":"+str(self.tx1.pay_out_index)
self.tx3 = CoinSwapTX23.from_params(
self.coinswap_parameters.pubkeys["key_2_2_CB_0"],
self.coinswap_parameters.pubkeys["key_2_2_CB_1"],
self.coinswap_parameters.pubkeys["key_TX3_secret"],
utxo_in=utxo_in,
recipient_amount=self.coinswap_parameters.tx3_recipient_amount,
hashed_secret=self.hashed_secret,
absolutelocktime=self.coinswap_parameters.timeouts["LOCK1"],
refund_pubkey=self.coinswap_parameters.pubkeys["key_TX3_lock"])
self.import_address(self.tx3.output_address)
#create our signature on TX3
self.tx3.sign_at_index(self.keyset["key_2_2_CB_0"][0], 0)
our_tx3_sig = self.tx3.signatures[0][0]
cslog.info("Carol now has partially signed TX3:")
cslog.info(self.tx3)
return ([self.tx1.txid + ":" + str(self.tx1.pay_out_index),
our_tx2_sig, our_tx3_sig], "OK")
