Bitcoin Core 29.99.0
P2P Digital Currency
validation.cpp
Go to the documentation of this file.
1// Copyright (c) 2009-2010 Satoshi Nakamoto
2// Copyright (c) 2009-present The Bitcoin Core developers
3// Distributed under the MIT software license, see the accompanying
4// file COPYING or http://www.opensource.org/licenses/mit-license.php.
5
6#include <bitcoin-build-config.h> // IWYU pragma: keep
7
8#include <validation.h>
9
10#include <arith_uint256.h>
11#include <chain.h>
12#include <checkqueue.h>
13#include <clientversion.h>
14#include <consensus/amount.h>
15#include <consensus/consensus.h>
16#include <consensus/merkle.h>
17#include <consensus/tx_check.h>
18#include <consensus/tx_verify.h>
20#include <cuckoocache.h>
21#include <flatfile.h>
22#include <hash.h>
23#include <kernel/chain.h>
24#include <kernel/chainparams.h>
25#include <kernel/coinstats.h>
30#include <kernel/warning.h>
31#include <logging.h>
32#include <logging/timer.h>
33#include <node/blockstorage.h>
34#include <node/utxo_snapshot.h>
36#include <policy/policy.h>
37#include <policy/rbf.h>
38#include <policy/settings.h>
39#include <policy/truc_policy.h>
40#include <pow.h>
41#include <primitives/block.h>
43#include <random.h>
44#include <script/script.h>
45#include <script/sigcache.h>
46#include <signet.h>
47#include <tinyformat.h>
48#include <txdb.h>
49#include <txmempool.h>
50#include <uint256.h>
51#include <undo.h>
52#include <util/check.h>
53#include <util/fs.h>
54#include <util/fs_helpers.h>
55#include <util/hasher.h>
56#include <util/moneystr.h>
57#include <util/rbf.h>
58#include <util/result.h>
60#include <util/strencodings.h>
61#include <util/string.h>
62#include <util/time.h>
63#include <util/trace.h>
64#include <util/translation.h>
65#include <validationinterface.h>
66
67#include <algorithm>
68#include <cassert>
69#include <chrono>
70#include <deque>
71#include <numeric>
72#include <optional>
73#include <ranges>
74#include <span>
75#include <string>
76#include <tuple>
77#include <utility>
78
83
86using node::BlockMap;
90
92static constexpr size_t WARN_FLUSH_COINS_SIZE = 1 << 30; // 1 GiB
97static constexpr auto DATABASE_WRITE_INTERVAL_MIN{50min};
98static constexpr auto DATABASE_WRITE_INTERVAL_MAX{70min};
100static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE{3};
101const std::vector<std::string> CHECKLEVEL_DOC {
102 "level 0 reads the blocks from disk",
103 "level 1 verifies block validity",
104 "level 2 verifies undo data",
105 "level 3 checks disconnection of tip blocks",
106 "level 4 tries to reconnect the blocks",
107 "each level includes the checks of the previous levels",
108};
114static constexpr int PRUNE_LOCK_BUFFER{10};
115
116TRACEPOINT_SEMAPHORE(validation, block_connected);
117TRACEPOINT_SEMAPHORE(utxocache, flush);
118TRACEPOINT_SEMAPHORE(mempool, replaced);
119TRACEPOINT_SEMAPHORE(mempool, rejected);
120
122{
124
125 // Find the latest block common to locator and chain - we expect that
126 // locator.vHave is sorted descending by height.
127 for (const uint256& hash : locator.vHave) {
128 const CBlockIndex* pindex{m_blockman.LookupBlockIndex(hash)};
129 if (pindex) {
130 if (m_chain.Contains(pindex)) {
131 return pindex;
132 }
133 if (pindex->GetAncestor(m_chain.Height()) == m_chain.Tip()) {
134 return m_chain.Tip();
135 }
136 }
137 }
138 return m_chain.Genesis();
139}
140
142 const CCoinsViewCache& inputs, unsigned int flags, bool cacheSigStore,
143 bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
144 ValidationCache& validation_cache,
145 std::vector<CScriptCheck>* pvChecks = nullptr)
147
148bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx)
149{
151
152 // CheckFinalTxAtTip() uses active_chain_tip.Height()+1 to evaluate
153 // nLockTime because when IsFinalTx() is called within
154 // AcceptBlock(), the height of the block *being*
155 // evaluated is what is used. Thus if we want to know if a
156 // transaction can be part of the *next* block, we need to call
157 // IsFinalTx() with one more than active_chain_tip.Height().
158 const int nBlockHeight = active_chain_tip.nHeight + 1;
159
160 // BIP113 requires that time-locked transactions have nLockTime set to
161 // less than the median time of the previous block they're contained in.
162 // When the next block is created its previous block will be the current
163 // chain tip, so we use that to calculate the median time passed to
164 // IsFinalTx().
165 const int64_t nBlockTime{active_chain_tip.GetMedianTimePast()};
166
167 return IsFinalTx(tx, nBlockHeight, nBlockTime);
168}
169
170namespace {
181std::optional<std::vector<int>> CalculatePrevHeights(
182 const CBlockIndex& tip,
183 const CCoinsView& coins,
184 const CTransaction& tx)
185{
186 std::vector<int> prev_heights;
187 prev_heights.resize(tx.vin.size());
188 for (size_t i = 0; i < tx.vin.size(); ++i) {
189 if (auto coin{coins.GetCoin(tx.vin[i].prevout)}) {
190 prev_heights[i] = coin->nHeight == MEMPOOL_HEIGHT
191 ? tip.nHeight + 1 // Assume all mempool transaction confirm in the next block.
192 : coin->nHeight;
193 } else {
194 LogPrintf("ERROR: %s: Missing input %d in transaction \'%s\'\n", __func__, i, tx.GetHash().GetHex());
195 return std::nullopt;
196 }
197 }
198 return prev_heights;
199}
200} // namespace
201
202std::optional<LockPoints> CalculateLockPointsAtTip(
203 CBlockIndex* tip,
204 const CCoinsView& coins_view,
205 const CTransaction& tx)
206{
207 assert(tip);
208
209 auto prev_heights{CalculatePrevHeights(*tip, coins_view, tx)};
210 if (!prev_heights.has_value()) return std::nullopt;
211
212 CBlockIndex next_tip;
213 next_tip.pprev = tip;
214 // When SequenceLocks() is called within ConnectBlock(), the height
215 // of the block *being* evaluated is what is used.
216 // Thus if we want to know if a transaction can be part of the
217 // *next* block, we need to use one more than active_chainstate.m_chain.Height()
218 next_tip.nHeight = tip->nHeight + 1;
219 const auto [min_height, min_time] = CalculateSequenceLocks(tx, STANDARD_LOCKTIME_VERIFY_FLAGS, prev_heights.value(), next_tip);
220
221 // Also store the hash of the block with the highest height of
222 // all the blocks which have sequence locked prevouts.
223 // This hash needs to still be on the chain
224 // for these LockPoint calculations to be valid
225 // Note: It is impossible to correctly calculate a maxInputBlock
226 // if any of the sequence locked inputs depend on unconfirmed txs,
227 // except in the special case where the relative lock time/height
228 // is 0, which is equivalent to no sequence lock. Since we assume
229 // input height of tip+1 for mempool txs and test the resulting
230 // min_height and min_time from CalculateSequenceLocks against tip+1.
231 int max_input_height{0};
232 for (const int height : prev_heights.value()) {
233 // Can ignore mempool inputs since we'll fail if they had non-zero locks
234 if (height != next_tip.nHeight) {
235 max_input_height = std::max(max_input_height, height);
236 }
237 }
238
239 // tip->GetAncestor(max_input_height) should never return a nullptr
240 // because max_input_height is always less than the tip height.
241 // It would, however, be a bad bug to continue execution, since a
242 // LockPoints object with the maxInputBlock member set to nullptr
243 // signifies no relative lock time.
244 return LockPoints{min_height, min_time, Assert(tip->GetAncestor(max_input_height))};
245}
246
248 const LockPoints& lock_points)
249{
250 assert(tip != nullptr);
251
252 CBlockIndex index;
253 index.pprev = tip;
254 // CheckSequenceLocksAtTip() uses active_chainstate.m_chain.Height()+1 to evaluate
255 // height based locks because when SequenceLocks() is called within
256 // ConnectBlock(), the height of the block *being*
257 // evaluated is what is used.
258 // Thus if we want to know if a transaction can be part of the
259 // *next* block, we need to use one more than active_chainstate.m_chain.Height()
260 index.nHeight = tip->nHeight + 1;
261
262 return EvaluateSequenceLocks(index, {lock_points.height, lock_points.time});
263}
264
265// Returns the script flags which should be checked for a given block
266static unsigned int GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman);
267
268static void LimitMempoolSize(CTxMemPool& pool, CCoinsViewCache& coins_cache)
270{
272 AssertLockHeld(pool.cs);
273 int expired = pool.Expire(GetTime<std::chrono::seconds>() - pool.m_opts.expiry);
274 if (expired != 0) {
275 LogDebug(BCLog::MEMPOOL, "Expired %i transactions from the memory pool\n", expired);
276 }
277
278 std::vector<COutPoint> vNoSpendsRemaining;
279 pool.TrimToSize(pool.m_opts.max_size_bytes, &vNoSpendsRemaining);
280 for (const COutPoint& removed : vNoSpendsRemaining)
281 coins_cache.Uncache(removed);
282}
283
285{
287 if (active_chainstate.m_chainman.IsInitialBlockDownload()) {
288 return false;
289 }
290 if (active_chainstate.m_chain.Tip()->GetBlockTime() < count_seconds(GetTime<std::chrono::seconds>() - MAX_FEE_ESTIMATION_TIP_AGE))
291 return false;
292 if (active_chainstate.m_chain.Height() < active_chainstate.m_chainman.m_best_header->nHeight - 1) {
293 return false;
294 }
295 return true;
296}
297
299 DisconnectedBlockTransactions& disconnectpool,
300 bool fAddToMempool)
301{
302 if (!m_mempool) return;
303
306 std::vector<uint256> vHashUpdate;
307 {
308 // disconnectpool is ordered so that the front is the most recently-confirmed
309 // transaction (the last tx of the block at the tip) in the disconnected chain.
310 // Iterate disconnectpool in reverse, so that we add transactions
311 // back to the mempool starting with the earliest transaction that had
312 // been previously seen in a block.
313 const auto queuedTx = disconnectpool.take();
314 auto it = queuedTx.rbegin();
315 while (it != queuedTx.rend()) {
316 // ignore validation errors in resurrected transactions
317 if (!fAddToMempool || (*it)->IsCoinBase() ||
318 AcceptToMemoryPool(*this, *it, GetTime(),
319 /*bypass_limits=*/true, /*test_accept=*/false).m_result_type !=
321 // If the transaction doesn't make it in to the mempool, remove any
322 // transactions that depend on it (which would now be orphans).
324 } else if (m_mempool->exists(GenTxid::Txid((*it)->GetHash()))) {
325 vHashUpdate.push_back((*it)->GetHash());
326 }
327 ++it;
328 }
329 }
330
331 // AcceptToMemoryPool/addNewTransaction all assume that new mempool entries have
332 // no in-mempool children, which is generally not true when adding
333 // previously-confirmed transactions back to the mempool.
334 // UpdateTransactionsFromBlock finds descendants of any transactions in
335 // the disconnectpool that were added back and cleans up the mempool state.
337
338 // Predicate to use for filtering transactions in removeForReorg.
339 // Checks whether the transaction is still final and, if it spends a coinbase output, mature.
340 // Also updates valid entries' cached LockPoints if needed.
341 // If false, the tx is still valid and its lockpoints are updated.
342 // If true, the tx would be invalid in the next block; remove this entry and all of its descendants.
343 // Note that TRUC rules are not applied here, so reorgs may cause violations of TRUC inheritance or
344 // topology restrictions.
345 const auto filter_final_and_mature = [&](CTxMemPool::txiter it)
349 const CTransaction& tx = it->GetTx();
350
351 // The transaction must be final.
352 if (!CheckFinalTxAtTip(*Assert(m_chain.Tip()), tx)) return true;
353
354 const LockPoints& lp = it->GetLockPoints();
355 // CheckSequenceLocksAtTip checks if the transaction will be final in the next block to be
356 // created on top of the new chain.
359 return true;
360 }
361 } else {
362 const CCoinsViewMemPool view_mempool{&CoinsTip(), *m_mempool};
363 const std::optional<LockPoints> new_lock_points{CalculateLockPointsAtTip(m_chain.Tip(), view_mempool, tx)};
364 if (new_lock_points.has_value() && CheckSequenceLocksAtTip(m_chain.Tip(), *new_lock_points)) {
365 // Now update the mempool entry lockpoints as well.
366 it->UpdateLockPoints(*new_lock_points);
367 } else {
368 return true;
369 }
370 }
371
372 // If the transaction spends any coinbase outputs, it must be mature.
373 if (it->GetSpendsCoinbase()) {
374 for (const CTxIn& txin : tx.vin) {
375 if (m_mempool->exists(GenTxid::Txid(txin.prevout.hash))) continue;
376 const Coin& coin{CoinsTip().AccessCoin(txin.prevout)};
377 assert(!coin.IsSpent());
378 const auto mempool_spend_height{m_chain.Tip()->nHeight + 1};
379 if (coin.IsCoinBase() && mempool_spend_height - coin.nHeight < COINBASE_MATURITY) {
380 return true;
381 }
382 }
383 }
384 // Transaction is still valid and cached LockPoints are updated.
385 return false;
386 };
387
388 // We also need to remove any now-immature transactions
389 m_mempool->removeForReorg(m_chain, filter_final_and_mature);
390 // Re-limit mempool size, in case we added any transactions
392}
393
400 const CCoinsViewCache& view, const CTxMemPool& pool,
401 unsigned int flags, PrecomputedTransactionData& txdata, CCoinsViewCache& coins_tip,
402 ValidationCache& validation_cache)
404{
407
409 for (const CTxIn& txin : tx.vin) {
410 const Coin& coin = view.AccessCoin(txin.prevout);
411
412 // This coin was checked in PreChecks and MemPoolAccept
413 // has been holding cs_main since then.
414 Assume(!coin.IsSpent());
415 if (coin.IsSpent()) return false;
416
417 // If the Coin is available, there are 2 possibilities:
418 // it is available in our current ChainstateActive UTXO set,
419 // or it's a UTXO provided by a transaction in our mempool.
420 // Ensure the scriptPubKeys in Coins from CoinsView are correct.
421 const CTransactionRef& txFrom = pool.get(txin.prevout.hash);
422 if (txFrom) {
423 assert(txFrom->GetHash() == txin.prevout.hash);
424 assert(txFrom->vout.size() > txin.prevout.n);
425 assert(txFrom->vout[txin.prevout.n] == coin.out);
426 } else {
427 const Coin& coinFromUTXOSet = coins_tip.AccessCoin(txin.prevout);
428 assert(!coinFromUTXOSet.IsSpent());
429 assert(coinFromUTXOSet.out == coin.out);
430 }
431 }
432
433 // Call CheckInputScripts() to cache signature and script validity against current tip consensus rules.
434 return CheckInputScripts(tx, state, view, flags, /* cacheSigStore= */ true, /* cacheFullScriptStore= */ true, txdata, validation_cache);
435}
436
437namespace {
438
439class MemPoolAccept
440{
441public:
442 explicit MemPoolAccept(CTxMemPool& mempool, Chainstate& active_chainstate) :
443 m_pool(mempool),
444 m_view(&m_dummy),
445 m_viewmempool(&active_chainstate.CoinsTip(), m_pool),
446 m_active_chainstate(active_chainstate)
447 {
448 }
449
450 // We put the arguments we're handed into a struct, so we can pass them
451 // around easier.
452 struct ATMPArgs {
453 const CChainParams& m_chainparams;
454 const int64_t m_accept_time;
455 const bool m_bypass_limits;
456 /*
457 * Return any outpoints which were not previously present in the coins
458 * cache, but were added as a result of validating the tx for mempool
459 * acceptance. This allows the caller to optionally remove the cache
460 * additions if the associated transaction ends up being rejected by
461 * the mempool.
462 */
463 std::vector<COutPoint>& m_coins_to_uncache;
465 const bool m_test_accept;
469 const bool m_allow_replacement;
471 const bool m_allow_sibling_eviction;
476 const bool m_package_submission;
480 const bool m_package_feerates;
485 const std::optional<CFeeRate> m_client_maxfeerate;
486
488 const bool m_allow_carveouts;
489
491 static ATMPArgs SingleAccept(const CChainParams& chainparams, int64_t accept_time,
492 bool bypass_limits, std::vector<COutPoint>& coins_to_uncache,
493 bool test_accept) {
494 return ATMPArgs{/* m_chainparams */ chainparams,
495 /* m_accept_time */ accept_time,
496 /* m_bypass_limits */ bypass_limits,
497 /* m_coins_to_uncache */ coins_to_uncache,
498 /* m_test_accept */ test_accept,
499 /* m_allow_replacement */ true,
500 /* m_allow_sibling_eviction */ true,
501 /* m_package_submission */ false,
502 /* m_package_feerates */ false,
503 /* m_client_maxfeerate */ {}, // checked by caller
504 /* m_allow_carveouts */ true,
505 };
506 }
507
509 static ATMPArgs PackageTestAccept(const CChainParams& chainparams, int64_t accept_time,
510 std::vector<COutPoint>& coins_to_uncache) {
511 return ATMPArgs{/* m_chainparams */ chainparams,
512 /* m_accept_time */ accept_time,
513 /* m_bypass_limits */ false,
514 /* m_coins_to_uncache */ coins_to_uncache,
515 /* m_test_accept */ true,
516 /* m_allow_replacement */ false,
517 /* m_allow_sibling_eviction */ false,
518 /* m_package_submission */ false, // not submitting to mempool
519 /* m_package_feerates */ false,
520 /* m_client_maxfeerate */ {}, // checked by caller
521 /* m_allow_carveouts */ false,
522 };
523 }
524
526 static ATMPArgs PackageChildWithParents(const CChainParams& chainparams, int64_t accept_time,
527 std::vector<COutPoint>& coins_to_uncache, const std::optional<CFeeRate>& client_maxfeerate) {
528 return ATMPArgs{/* m_chainparams */ chainparams,
529 /* m_accept_time */ accept_time,
530 /* m_bypass_limits */ false,
531 /* m_coins_to_uncache */ coins_to_uncache,
532 /* m_test_accept */ false,
533 /* m_allow_replacement */ true,
534 /* m_allow_sibling_eviction */ false,
535 /* m_package_submission */ true,
536 /* m_package_feerates */ true,
537 /* m_client_maxfeerate */ client_maxfeerate,
538 /* m_allow_carveouts */ false,
539 };
540 }
541
543 static ATMPArgs SingleInPackageAccept(const ATMPArgs& package_args) {
544 return ATMPArgs{/* m_chainparams */ package_args.m_chainparams,
545 /* m_accept_time */ package_args.m_accept_time,
546 /* m_bypass_limits */ false,
547 /* m_coins_to_uncache */ package_args.m_coins_to_uncache,
548 /* m_test_accept */ package_args.m_test_accept,
549 /* m_allow_replacement */ true,
550 /* m_allow_sibling_eviction */ true,
551 /* m_package_submission */ true, // do not LimitMempoolSize in Finalize()
552 /* m_package_feerates */ false, // only 1 transaction
553 /* m_client_maxfeerate */ package_args.m_client_maxfeerate,
554 /* m_allow_carveouts */ false,
555 };
556 }
557
558 private:
559 // Private ctor to avoid exposing details to clients and allowing the possibility of
560 // mixing up the order of the arguments. Use static functions above instead.
561 ATMPArgs(const CChainParams& chainparams,
562 int64_t accept_time,
563 bool bypass_limits,
564 std::vector<COutPoint>& coins_to_uncache,
565 bool test_accept,
566 bool allow_replacement,
567 bool allow_sibling_eviction,
568 bool package_submission,
569 bool package_feerates,
570 std::optional<CFeeRate> client_maxfeerate,
571 bool allow_carveouts)
572 : m_chainparams{chainparams},
573 m_accept_time{accept_time},
574 m_bypass_limits{bypass_limits},
575 m_coins_to_uncache{coins_to_uncache},
576 m_test_accept{test_accept},
577 m_allow_replacement{allow_replacement},
578 m_allow_sibling_eviction{allow_sibling_eviction},
579 m_package_submission{package_submission},
580 m_package_feerates{package_feerates},
581 m_client_maxfeerate{client_maxfeerate},
582 m_allow_carveouts{allow_carveouts}
583 {
584 // If we are using package feerates, we must be doing package submission.
585 // It also means carveouts and sibling eviction are not permitted.
586 if (m_package_feerates) {
587 Assume(m_package_submission);
588 Assume(!m_allow_carveouts);
589 Assume(!m_allow_sibling_eviction);
590 }
591 if (m_allow_sibling_eviction) Assume(m_allow_replacement);
592 }
593 };
594
596 void CleanupTemporaryCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
597
598 // Single transaction acceptance
599 MempoolAcceptResult AcceptSingleTransaction(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
600
606 PackageMempoolAcceptResult AcceptMultipleTransactions(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
607
618 PackageMempoolAcceptResult AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
620
625 PackageMempoolAcceptResult AcceptPackage(const Package& package, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
626
627private:
628 // All the intermediate state that gets passed between the various levels
629 // of checking a given transaction.
630 struct Workspace {
631 explicit Workspace(const CTransactionRef& ptx) : m_ptx(ptx), m_hash(ptx->GetHash()) {}
634 std::set<Txid> m_conflicts;
637 CTxMemPool::setEntries m_iters_conflicting;
639 CTxMemPool::setEntries m_ancestors;
640 /* Handle to the tx in the changeset */
644 bool m_sibling_eviction{false};
645
648 int64_t m_vsize;
650 CAmount m_base_fees;
652 CAmount m_modified_fees;
653
657 CFeeRate m_package_feerate{0};
658
659 const CTransactionRef& m_ptx;
661 const Txid& m_hash;
662 TxValidationState m_state;
665 PrecomputedTransactionData m_precomputed_txdata;
666 };
667
668 // Run the policy checks on a given transaction, excluding any script checks.
669 // Looks up inputs, calculates feerate, considers replacement, evaluates
670 // package limits, etc. As this function can be invoked for "free" by a peer,
671 // only tests that are fast should be done here (to avoid CPU DoS).
672 bool PreChecks(ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
673
674 // Run checks for mempool replace-by-fee, only used in AcceptSingleTransaction.
675 bool ReplacementChecks(Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
676
677 // Enforce package mempool ancestor/descendant limits (distinct from individual
678 // ancestor/descendant limits done in PreChecks) and run Package RBF checks.
679 bool PackageMempoolChecks(const std::vector<CTransactionRef>& txns,
680 std::vector<Workspace>& workspaces,
681 int64_t total_vsize,
682 PackageValidationState& package_state) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
683
684 // Run the script checks using our policy flags. As this can be slow, we should
685 // only invoke this on transactions that have otherwise passed policy checks.
686 bool PolicyScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
687
688 // Re-run the script checks, using consensus flags, and try to cache the
689 // result in the scriptcache. This should be done after
690 // PolicyScriptChecks(). This requires that all inputs either be in our
691 // utxo set or in the mempool.
692 bool ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
693
694 // Try to add the transaction to the mempool, removing any conflicts first.
695 void FinalizeSubpackage(const ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
696
697 // Submit all transactions to the mempool and call ConsensusScriptChecks to add to the script
698 // cache - should only be called after successful validation of all transactions in the package.
699 // Does not call LimitMempoolSize(), so mempool max_size_bytes may be temporarily exceeded.
700 bool SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces, PackageValidationState& package_state,
701 std::map<Wtxid, MempoolAcceptResult>& results)
703
704 // Compare a package's feerate against minimum allowed.
705 bool CheckFeeRate(size_t package_size, CAmount package_fee, TxValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs)
706 {
708 AssertLockHeld(m_pool.cs);
709 CAmount mempoolRejectFee = m_pool.GetMinFee().GetFee(package_size);
710 if (mempoolRejectFee > 0 && package_fee < mempoolRejectFee) {
711 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool min fee not met", strprintf("%d < %d", package_fee, mempoolRejectFee));
712 }
713
714 if (package_fee < m_pool.m_opts.min_relay_feerate.GetFee(package_size)) {
715 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "min relay fee not met",
716 strprintf("%d < %d", package_fee, m_pool.m_opts.min_relay_feerate.GetFee(package_size)));
717 }
718 return true;
719 }
720
721 ValidationCache& GetValidationCache()
722 {
723 return m_active_chainstate.m_chainman.m_validation_cache;
724 }
725
726private:
727 CTxMemPool& m_pool;
728 CCoinsViewCache m_view;
729 CCoinsViewMemPool m_viewmempool;
730 CCoinsView m_dummy;
731
732 Chainstate& m_active_chainstate;
733
734 // Fields below are per *sub*package state and must be reset prior to subsequent
735 // AcceptSingleTransaction and AcceptMultipleTransactions invocations
736 struct SubPackageState {
738 CAmount m_total_modified_fees{0};
740 int64_t m_total_vsize{0};
741
742 // RBF-related members
745 bool m_rbf{false};
747 std::list<CTransactionRef> m_replaced_transactions;
748 /* Changeset representing adding transactions and removing their conflicts. */
749 std::unique_ptr<CTxMemPool::ChangeSet> m_changeset;
750
752 CAmount m_conflicting_fees{0};
754 size_t m_conflicting_size{0};
755 };
756
757 struct SubPackageState m_subpackage;
758
760 void ClearSubPackageState() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs)
761 {
762 m_subpackage = SubPackageState{};
763
764 // And clean coins while at it
765 CleanupTemporaryCoins();
766 }
767};
768
769bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
770{
772 AssertLockHeld(m_pool.cs);
773 const CTransactionRef& ptx = ws.m_ptx;
774 const CTransaction& tx = *ws.m_ptx;
775 const Txid& hash = ws.m_hash;
776
777 // Copy/alias what we need out of args
778 const int64_t nAcceptTime = args.m_accept_time;
779 const bool bypass_limits = args.m_bypass_limits;
780 std::vector<COutPoint>& coins_to_uncache = args.m_coins_to_uncache;
781
782 // Alias what we need out of ws
783 TxValidationState& state = ws.m_state;
784
785 if (!CheckTransaction(tx, state)) {
786 return false; // state filled in by CheckTransaction
787 }
788
789 // Coinbase is only valid in a block, not as a loose transaction
790 if (tx.IsCoinBase())
791 return state.Invalid(TxValidationResult::TX_CONSENSUS, "coinbase");
792
793 // Rather not work on nonstandard transactions (unless -testnet/-regtest)
794 std::string reason;
795 if (m_pool.m_opts.require_standard && !IsStandardTx(tx, m_pool.m_opts.max_datacarrier_bytes, m_pool.m_opts.permit_bare_multisig, m_pool.m_opts.dust_relay_feerate, reason)) {
796 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, reason);
797 }
798
799 // Transactions smaller than 65 non-witness bytes are not relayed to mitigate CVE-2017-12842.
801 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "tx-size-small");
802
803 // Only accept nLockTime-using transactions that can be mined in the next
804 // block; we don't want our mempool filled up with transactions that can't
805 // be mined yet.
806 if (!CheckFinalTxAtTip(*Assert(m_active_chainstate.m_chain.Tip()), tx)) {
807 return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-final");
808 }
809
810 if (m_pool.exists(GenTxid::Wtxid(tx.GetWitnessHash()))) {
811 // Exact transaction already exists in the mempool.
812 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-in-mempool");
813 } else if (m_pool.exists(GenTxid::Txid(tx.GetHash()))) {
814 // Transaction with the same non-witness data but different witness (same txid, different
815 // wtxid) already exists in the mempool.
816 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-same-nonwitness-data-in-mempool");
817 }
818
819 // Check for conflicts with in-memory transactions
820 for (const CTxIn &txin : tx.vin)
821 {
822 const CTransaction* ptxConflicting = m_pool.GetConflictTx(txin.prevout);
823 if (ptxConflicting) {
824 if (!args.m_allow_replacement) {
825 // Transaction conflicts with a mempool tx, but we're not allowing replacements in this context.
826 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "bip125-replacement-disallowed");
827 }
828 ws.m_conflicts.insert(ptxConflicting->GetHash());
829 }
830 }
831
832 m_view.SetBackend(m_viewmempool);
833
834 const CCoinsViewCache& coins_cache = m_active_chainstate.CoinsTip();
835 // do all inputs exist?
836 for (const CTxIn& txin : tx.vin) {
837 if (!coins_cache.HaveCoinInCache(txin.prevout)) {
838 coins_to_uncache.push_back(txin.prevout);
839 }
840
841 // Note: this call may add txin.prevout to the coins cache
842 // (coins_cache.cacheCoins) by way of FetchCoin(). It should be removed
843 // later (via coins_to_uncache) if this tx turns out to be invalid.
844 if (!m_view.HaveCoin(txin.prevout)) {
845 // Are inputs missing because we already have the tx?
846 for (size_t out = 0; out < tx.vout.size(); out++) {
847 // Optimistically just do efficient check of cache for outputs
848 if (coins_cache.HaveCoinInCache(COutPoint(hash, out))) {
849 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-known");
850 }
851 }
852 // Otherwise assume this might be an orphan tx for which we just haven't seen parents yet
853 return state.Invalid(TxValidationResult::TX_MISSING_INPUTS, "bad-txns-inputs-missingorspent");
854 }
855 }
856
857 // This is const, but calls into the back end CoinsViews. The CCoinsViewDB at the bottom of the
858 // hierarchy brings the best block into scope. See CCoinsViewDB::GetBestBlock().
859 m_view.GetBestBlock();
860
861 // we have all inputs cached now, so switch back to dummy (to protect
862 // against bugs where we pull more inputs from disk that miss being added
863 // to coins_to_uncache)
864 m_view.SetBackend(m_dummy);
865
866 assert(m_active_chainstate.m_blockman.LookupBlockIndex(m_view.GetBestBlock()) == m_active_chainstate.m_chain.Tip());
867
868 // Only accept BIP68 sequence locked transactions that can be mined in the next
869 // block; we don't want our mempool filled up with transactions that can't
870 // be mined yet.
871 // Pass in m_view which has all of the relevant inputs cached. Note that, since m_view's
872 // backend was removed, it no longer pulls coins from the mempool.
873 const std::optional<LockPoints> lock_points{CalculateLockPointsAtTip(m_active_chainstate.m_chain.Tip(), m_view, tx)};
874 if (!lock_points.has_value() || !CheckSequenceLocksAtTip(m_active_chainstate.m_chain.Tip(), *lock_points)) {
875 return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-BIP68-final");
876 }
877
878 // The mempool holds txs for the next block, so pass height+1 to CheckTxInputs
879 if (!Consensus::CheckTxInputs(tx, state, m_view, m_active_chainstate.m_chain.Height() + 1, ws.m_base_fees)) {
880 return false; // state filled in by CheckTxInputs
881 }
882
883 if (m_pool.m_opts.require_standard && !AreInputsStandard(tx, m_view)) {
884 return state.Invalid(TxValidationResult::TX_INPUTS_NOT_STANDARD, "bad-txns-nonstandard-inputs");
885 }
886
887 // Check for non-standard witnesses.
888 if (tx.HasWitness() && m_pool.m_opts.require_standard && !IsWitnessStandard(tx, m_view)) {
889 return state.Invalid(TxValidationResult::TX_WITNESS_MUTATED, "bad-witness-nonstandard");
890 }
891
892 int64_t nSigOpsCost = GetTransactionSigOpCost(tx, m_view, STANDARD_SCRIPT_VERIFY_FLAGS);
893
894 // Keep track of transactions that spend a coinbase, which we re-scan
895 // during reorgs to ensure COINBASE_MATURITY is still met.
896 bool fSpendsCoinbase = false;
897 for (const CTxIn &txin : tx.vin) {
898 const Coin &coin = m_view.AccessCoin(txin.prevout);
899 if (coin.IsCoinBase()) {
900 fSpendsCoinbase = true;
901 break;
902 }
903 }
904
905 // Set entry_sequence to 0 when bypass_limits is used; this allows txs from a block
906 // reorg to be marked earlier than any child txs that were already in the mempool.
907 const uint64_t entry_sequence = bypass_limits ? 0 : m_pool.GetSequence();
908 if (!m_subpackage.m_changeset) {
909 m_subpackage.m_changeset = m_pool.GetChangeSet();
910 }
911 ws.m_tx_handle = m_subpackage.m_changeset->StageAddition(ptx, ws.m_base_fees, nAcceptTime, m_active_chainstate.m_chain.Height(), entry_sequence, fSpendsCoinbase, nSigOpsCost, lock_points.value());
912
913 // ws.m_modified_fees includes any fee deltas from PrioritiseTransaction
914 ws.m_modified_fees = ws.m_tx_handle->GetModifiedFee();
915
916 ws.m_vsize = ws.m_tx_handle->GetTxSize();
917
918 // Enforces 0-fee for dust transactions, no incentive to be mined alone
919 if (m_pool.m_opts.require_standard) {
920 if (!PreCheckEphemeralTx(*ptx, m_pool.m_opts.dust_relay_feerate, ws.m_base_fees, ws.m_modified_fees, state)) {
921 return false; // state filled in by PreCheckEphemeralTx
922 }
923 }
924
925 if (nSigOpsCost > MAX_STANDARD_TX_SIGOPS_COST)
926 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "bad-txns-too-many-sigops",
927 strprintf("%d", nSigOpsCost));
928
929 // No individual transactions are allowed below the min relay feerate except from disconnected blocks.
930 // This requirement, unlike CheckFeeRate, cannot be bypassed using m_package_feerates because,
931 // while a tx could be package CPFP'd when entering the mempool, we do not have a DoS-resistant
932 // method of ensuring the tx remains bumped. For example, the fee-bumping child could disappear
933 // due to a replacement.
934 // The only exception is TRUC transactions.
935 if (!bypass_limits && ws.m_ptx->version != TRUC_VERSION && ws.m_modified_fees < m_pool.m_opts.min_relay_feerate.GetFee(ws.m_vsize)) {
936 // Even though this is a fee-related failure, this result is TX_MEMPOOL_POLICY, not
937 // TX_RECONSIDERABLE, because it cannot be bypassed using package validation.
938 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "min relay fee not met",
939 strprintf("%d < %d", ws.m_modified_fees, m_pool.m_opts.min_relay_feerate.GetFee(ws.m_vsize)));
940 }
941 // No individual transactions are allowed below the mempool min feerate except from disconnected
942 // blocks and transactions in a package. Package transactions will be checked using package
943 // feerate later.
944 if (!bypass_limits && !args.m_package_feerates && !CheckFeeRate(ws.m_vsize, ws.m_modified_fees, state)) return false;
945
946 ws.m_iters_conflicting = m_pool.GetIterSet(ws.m_conflicts);
947
948 // Note that these modifications are only applicable to single transaction scenarios;
949 // carve-outs are disabled for multi-transaction evaluations.
950 CTxMemPool::Limits maybe_rbf_limits = m_pool.m_opts.limits;
951
952 // Calculate in-mempool ancestors, up to a limit.
953 if (ws.m_conflicts.size() == 1 && args.m_allow_carveouts) {
954 // In general, when we receive an RBF transaction with mempool conflicts, we want to know whether we
955 // would meet the chain limits after the conflicts have been removed. However, there isn't a practical
956 // way to do this short of calculating the ancestor and descendant sets with an overlay cache of
957 // changed mempool entries. Due to both implementation and runtime complexity concerns, this isn't
958 // very realistic, thus we only ensure a limited set of transactions are RBF'able despite mempool
959 // conflicts here. Importantly, we need to ensure that some transactions which were accepted using
960 // the below carve-out are able to be RBF'ed, without impacting the security the carve-out provides
961 // for off-chain contract systems (see link in the comment below).
962 //
963 // Specifically, the subset of RBF transactions which we allow despite chain limits are those which
964 // conflict directly with exactly one other transaction (but may evict children of said transaction),
965 // and which are not adding any new mempool dependencies. Note that the "no new mempool dependencies"
966 // check is accomplished later, so we don't bother doing anything about it here, but if our
967 // policy changes, we may need to move that check to here instead of removing it wholesale.
968 //
969 // Such transactions are clearly not merging any existing packages, so we are only concerned with
970 // ensuring that (a) no package is growing past the package size (not count) limits and (b) we are
971 // not allowing something to effectively use the (below) carve-out spot when it shouldn't be allowed
972 // to.
973 //
974 // To check these we first check if we meet the RBF criteria, above, and increment the descendant
975 // limits by the direct conflict and its descendants (as these are recalculated in
976 // CalculateMempoolAncestors by assuming the new transaction being added is a new descendant, with no
977 // removals, of each parent's existing dependent set). The ancestor count limits are unmodified (as
978 // the ancestor limits should be the same for both our new transaction and any conflicts).
979 // We don't bother incrementing m_limit_descendants by the full removal count as that limit never comes
980 // into force here (as we're only adding a single transaction).
981 assert(ws.m_iters_conflicting.size() == 1);
982 CTxMemPool::txiter conflict = *ws.m_iters_conflicting.begin();
983
984 maybe_rbf_limits.descendant_count += 1;
985 maybe_rbf_limits.descendant_size_vbytes += conflict->GetSizeWithDescendants();
986 }
987
988 if (auto ancestors{m_subpackage.m_changeset->CalculateMemPoolAncestors(ws.m_tx_handle, maybe_rbf_limits)}) {
989 ws.m_ancestors = std::move(*ancestors);
990 } else {
991 // If CalculateMemPoolAncestors fails second time, we want the original error string.
992 const auto error_message{util::ErrorString(ancestors).original};
993
994 // Carve-out is not allowed in this context; fail
995 if (!args.m_allow_carveouts) {
996 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-long-mempool-chain", error_message);
997 }
998
999 // Contracting/payment channels CPFP carve-out:
1000 // If the new transaction is relatively small (up to 40k weight)
1001 // and has at most one ancestor (ie ancestor limit of 2, including
1002 // the new transaction), allow it if its parent has exactly the
1003 // descendant limit descendants. The transaction also cannot be TRUC,
1004 // as its topology restrictions do not allow a second child.
1005 //
1006 // This allows protocols which rely on distrusting counterparties
1007 // being able to broadcast descendants of an unconfirmed transaction
1008 // to be secure by simply only having two immediately-spendable
1009 // outputs - one for each counterparty. For more info on the uses for
1010 // this, see https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-November/016518.html
1011 CTxMemPool::Limits cpfp_carve_out_limits{
1012 .ancestor_count = 2,
1013 .ancestor_size_vbytes = maybe_rbf_limits.ancestor_size_vbytes,
1014 .descendant_count = maybe_rbf_limits.descendant_count + 1,
1015 .descendant_size_vbytes = maybe_rbf_limits.descendant_size_vbytes + EXTRA_DESCENDANT_TX_SIZE_LIMIT,
1016 };
1017 if (ws.m_vsize > EXTRA_DESCENDANT_TX_SIZE_LIMIT || ws.m_ptx->version == TRUC_VERSION) {
1018 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-long-mempool-chain", error_message);
1019 }
1020 if (auto ancestors_retry{m_subpackage.m_changeset->CalculateMemPoolAncestors(ws.m_tx_handle, cpfp_carve_out_limits)}) {
1021 ws.m_ancestors = std::move(*ancestors_retry);
1022 } else {
1023 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-long-mempool-chain", error_message);
1024 }
1025 }
1026
1027 // Even though just checking direct mempool parents for inheritance would be sufficient, we
1028 // check using the full ancestor set here because it's more convenient to use what we have
1029 // already calculated.
1030 if (const auto err{SingleTRUCChecks(ws.m_ptx, ws.m_ancestors, ws.m_conflicts, ws.m_vsize)}) {
1031 // Single transaction contexts only.
1032 if (args.m_allow_sibling_eviction && err->second != nullptr) {
1033 // We should only be considering where replacement is considered valid as well.
1034 Assume(args.m_allow_replacement);
1035
1036 // Potential sibling eviction. Add the sibling to our list of mempool conflicts to be
1037 // included in RBF checks.
1038 ws.m_conflicts.insert(err->second->GetHash());
1039 // Adding the sibling to m_iters_conflicting here means that it doesn't count towards
1040 // RBF Carve Out above. This is correct, since removing to-be-replaced transactions from
1041 // the descendant count is done separately in SingleTRUCChecks for TRUC transactions.
1042 ws.m_iters_conflicting.insert(m_pool.GetIter(err->second->GetHash()).value());
1043 ws.m_sibling_eviction = true;
1044 // The sibling will be treated as part of the to-be-replaced set in ReplacementChecks.
1045 // Note that we are not checking whether it opts in to replaceability via BIP125 or TRUC
1046 // (which is normally done in PreChecks). However, the only way a TRUC transaction can
1047 // have a non-TRUC and non-BIP125 descendant is due to a reorg.
1048 } else {
1049 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "TRUC-violation", err->first);
1050 }
1051 }
1052
1053 // A transaction that spends outputs that would be replaced by it is invalid. Now
1054 // that we have the set of all ancestors we can detect this
1055 // pathological case by making sure ws.m_conflicts and ws.m_ancestors don't
1056 // intersect.
1057 if (const auto err_string{EntriesAndTxidsDisjoint(ws.m_ancestors, ws.m_conflicts, hash)}) {
1058 // We classify this as a consensus error because a transaction depending on something it
1059 // conflicts with would be inconsistent.
1060 return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-spends-conflicting-tx", *err_string);
1061 }
1062
1063 // We want to detect conflicts in any tx in a package to trigger package RBF logic
1064 m_subpackage.m_rbf |= !ws.m_conflicts.empty();
1065 return true;
1066}
1067
1068bool MemPoolAccept::ReplacementChecks(Workspace& ws)
1069{
1071 AssertLockHeld(m_pool.cs);
1072
1073 const CTransaction& tx = *ws.m_ptx;
1074 const uint256& hash = ws.m_hash;
1075 TxValidationState& state = ws.m_state;
1076
1077 CFeeRate newFeeRate(ws.m_modified_fees, ws.m_vsize);
1078 // Enforce Rule #6. The replacement transaction must have a higher feerate than its direct conflicts.
1079 // - The motivation for this check is to ensure that the replacement transaction is preferable for
1080 // block-inclusion, compared to what would be removed from the mempool.
1081 // - This logic predates ancestor feerate-based transaction selection, which is why it doesn't
1082 // consider feerates of descendants.
1083 // - Note: Ancestor feerate-based transaction selection has made this comparison insufficient to
1084 // guarantee that this is incentive-compatible for miners, because it is possible for a
1085 // descendant transaction of a direct conflict to pay a higher feerate than the transaction that
1086 // might replace them, under these rules.
1087 if (const auto err_string{PaysMoreThanConflicts(ws.m_iters_conflicting, newFeeRate, hash)}) {
1088 // This fee-related failure is TX_RECONSIDERABLE because validating in a package may change
1089 // the result.
1091 strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1092 }
1093
1094 CTxMemPool::setEntries all_conflicts;
1095
1096 // Calculate all conflicting entries and enforce Rule #5.
1097 if (const auto err_string{GetEntriesForConflicts(tx, m_pool, ws.m_iters_conflicting, all_conflicts)}) {
1099 strprintf("too many potential replacements%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1100 }
1101 // Enforce Rule #2.
1102 if (const auto err_string{HasNoNewUnconfirmed(tx, m_pool, all_conflicts)}) {
1103 // Sibling eviction is only done for TRUC transactions, which cannot have multiple ancestors.
1104 Assume(!ws.m_sibling_eviction);
1106 strprintf("replacement-adds-unconfirmed%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1107 }
1108
1109 // Check if it's economically rational to mine this transaction rather than the ones it
1110 // replaces and pays for its own relay fees. Enforce Rules #3 and #4.
1111 for (CTxMemPool::txiter it : all_conflicts) {
1112 m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1113 m_subpackage.m_conflicting_size += it->GetTxSize();
1114 }
1115 if (const auto err_string{PaysForRBF(m_subpackage.m_conflicting_fees, ws.m_modified_fees, ws.m_vsize,
1116 m_pool.m_opts.incremental_relay_feerate, hash)}) {
1117 // Result may change in a package context
1119 strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1120 }
1121
1122 // Add all the to-be-removed transactions to the changeset.
1123 for (auto it : all_conflicts) {
1124 m_subpackage.m_changeset->StageRemoval(it);
1125 }
1126 return true;
1127}
1128
1129bool MemPoolAccept::PackageMempoolChecks(const std::vector<CTransactionRef>& txns,
1130 std::vector<Workspace>& workspaces,
1131 const int64_t total_vsize,
1132 PackageValidationState& package_state)
1133{
1135 AssertLockHeld(m_pool.cs);
1136
1137 // CheckPackageLimits expects the package transactions to not already be in the mempool.
1138 assert(std::all_of(txns.cbegin(), txns.cend(), [this](const auto& tx)
1139 { return !m_pool.exists(GenTxid::Txid(tx->GetHash()));}));
1140
1141 assert(txns.size() == workspaces.size());
1142
1143 auto result = m_pool.CheckPackageLimits(txns, total_vsize);
1144 if (!result) {
1145 // This is a package-wide error, separate from an individual transaction error.
1146 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package-mempool-limits", util::ErrorString(result).original);
1147 }
1148
1149 // No conflicts means we're finished. Further checks are all RBF-only.
1150 if (!m_subpackage.m_rbf) return true;
1151
1152 // We're in package RBF context; replacement proposal must be size 2
1153 if (workspaces.size() != 2 || !Assume(IsChildWithParents(txns))) {
1154 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: package must be 1-parent-1-child");
1155 }
1156
1157 // If the package has in-mempool ancestors, we won't consider a package RBF
1158 // since it would result in a cluster larger than 2.
1159 // N.B. To relax this constraint we will need to revisit how CCoinsViewMemPool::PackageAddTransaction
1160 // is being used inside AcceptMultipleTransactions to track available inputs while processing a package.
1161 for (const auto& ws : workspaces) {
1162 if (!ws.m_ancestors.empty()) {
1163 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: new transaction cannot have mempool ancestors");
1164 }
1165 }
1166
1167 // Aggregate all conflicts into one set.
1168 CTxMemPool::setEntries direct_conflict_iters;
1169 for (Workspace& ws : workspaces) {
1170 // Aggregate all conflicts into one set.
1171 direct_conflict_iters.merge(ws.m_iters_conflicting);
1172 }
1173
1174 const auto& parent_ws = workspaces[0];
1175 const auto& child_ws = workspaces[1];
1176
1177 // Don't consider replacements that would cause us to remove a large number of mempool entries.
1178 // This limit is not increased in a package RBF. Use the aggregate number of transactions.
1179 CTxMemPool::setEntries all_conflicts;
1180 if (const auto err_string{GetEntriesForConflicts(*child_ws.m_ptx, m_pool, direct_conflict_iters,
1181 all_conflicts)}) {
1182 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1183 "package RBF failed: too many potential replacements", *err_string);
1184 }
1185
1186
1187 for (CTxMemPool::txiter it : all_conflicts) {
1188 m_subpackage.m_changeset->StageRemoval(it);
1189 m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1190 m_subpackage.m_conflicting_size += it->GetTxSize();
1191 }
1192
1193 // Use the child as the transaction for attributing errors to.
1194 const Txid& child_hash = child_ws.m_ptx->GetHash();
1195 if (const auto err_string{PaysForRBF(/*original_fees=*/m_subpackage.m_conflicting_fees,
1196 /*replacement_fees=*/m_subpackage.m_total_modified_fees,
1197 /*replacement_vsize=*/m_subpackage.m_total_vsize,
1198 m_pool.m_opts.incremental_relay_feerate, child_hash)}) {
1199 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1200 "package RBF failed: insufficient anti-DoS fees", *err_string);
1201 }
1202
1203 // Ensure this two transaction package is a "chunk" on its own; we don't want the child
1204 // to be only paying anti-DoS fees
1205 const CFeeRate parent_feerate(parent_ws.m_modified_fees, parent_ws.m_vsize);
1206 const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1207 if (package_feerate <= parent_feerate) {
1208 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1209 "package RBF failed: package feerate is less than or equal to parent feerate",
1210 strprintf("package feerate %s <= parent feerate is %s", package_feerate.ToString(), parent_feerate.ToString()));
1211 }
1212
1213 // Check if it's economically rational to mine this package rather than the ones it replaces.
1214 // This takes the place of ReplacementChecks()'s PaysMoreThanConflicts() in the package RBF setting.
1215 if (const auto err_tup{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
1216 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1217 "package RBF failed: " + err_tup.value().second, "");
1218 }
1219
1220 LogDebug(BCLog::TXPACKAGES, "package RBF checks passed: parent %s (wtxid=%s), child %s (wtxid=%s), package hash (%s)\n",
1221 txns.front()->GetHash().ToString(), txns.front()->GetWitnessHash().ToString(),
1222 txns.back()->GetHash().ToString(), txns.back()->GetWitnessHash().ToString(),
1223 GetPackageHash(txns).ToString());
1224
1225
1226 return true;
1227}
1228
1229bool MemPoolAccept::PolicyScriptChecks(const ATMPArgs& args, Workspace& ws)
1230{
1232 AssertLockHeld(m_pool.cs);
1233 const CTransaction& tx = *ws.m_ptx;
1234 TxValidationState& state = ws.m_state;
1235
1236 constexpr unsigned int scriptVerifyFlags = STANDARD_SCRIPT_VERIFY_FLAGS;
1237
1238 // Check input scripts and signatures.
1239 // This is done last to help prevent CPU exhaustion denial-of-service attacks.
1240 if (!CheckInputScripts(tx, state, m_view, scriptVerifyFlags, true, false, ws.m_precomputed_txdata, GetValidationCache())) {
1241 // SCRIPT_VERIFY_CLEANSTACK requires SCRIPT_VERIFY_WITNESS, so we
1242 // need to turn both off, and compare against just turning off CLEANSTACK
1243 // to see if the failure is specifically due to witness validation.
1244 TxValidationState state_dummy; // Want reported failures to be from first CheckInputScripts
1245 if (!tx.HasWitness() && CheckInputScripts(tx, state_dummy, m_view, scriptVerifyFlags & ~(SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_CLEANSTACK), true, false, ws.m_precomputed_txdata, GetValidationCache()) &&
1246 !CheckInputScripts(tx, state_dummy, m_view, scriptVerifyFlags & ~SCRIPT_VERIFY_CLEANSTACK, true, false, ws.m_precomputed_txdata, GetValidationCache())) {
1247 // Only the witness is missing, so the transaction itself may be fine.
1249 state.GetRejectReason(), state.GetDebugMessage());
1250 }
1251 return false; // state filled in by CheckInputScripts
1252 }
1253
1254 return true;
1255}
1256
1257bool MemPoolAccept::ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws)
1258{
1260 AssertLockHeld(m_pool.cs);
1261 const CTransaction& tx = *ws.m_ptx;
1262 const uint256& hash = ws.m_hash;
1263 TxValidationState& state = ws.m_state;
1264
1265 // Check again against the current block tip's script verification
1266 // flags to cache our script execution flags. This is, of course,
1267 // useless if the next block has different script flags from the
1268 // previous one, but because the cache tracks script flags for us it
1269 // will auto-invalidate and we'll just have a few blocks of extra
1270 // misses on soft-fork activation.
1271 //
1272 // This is also useful in case of bugs in the standard flags that cause
1273 // transactions to pass as valid when they're actually invalid. For
1274 // instance the STRICTENC flag was incorrectly allowing certain
1275 // CHECKSIG NOT scripts to pass, even though they were invalid.
1276 //
1277 // There is a similar check in CreateNewBlock() to prevent creating
1278 // invalid blocks (using TestBlockValidity), however allowing such
1279 // transactions into the mempool can be exploited as a DoS attack.
1280 unsigned int currentBlockScriptVerifyFlags{GetBlockScriptFlags(*m_active_chainstate.m_chain.Tip(), m_active_chainstate.m_chainman)};
1281 if (!CheckInputsFromMempoolAndCache(tx, state, m_view, m_pool, currentBlockScriptVerifyFlags,
1282 ws.m_precomputed_txdata, m_active_chainstate.CoinsTip(), GetValidationCache())) {
1283 LogPrintf("BUG! PLEASE REPORT THIS! CheckInputScripts failed against latest-block but not STANDARD flags %s, %s\n", hash.ToString(), state.ToString());
1284 return Assume(false);
1285 }
1286
1287 return true;
1288}
1289
1290void MemPoolAccept::FinalizeSubpackage(const ATMPArgs& args)
1291{
1293 AssertLockHeld(m_pool.cs);
1294
1295 if (!m_subpackage.m_changeset->GetRemovals().empty()) Assume(args.m_allow_replacement);
1296 // Remove conflicting transactions from the mempool
1297 for (CTxMemPool::txiter it : m_subpackage.m_changeset->GetRemovals())
1298 {
1299 std::string log_string = strprintf("replacing mempool tx %s (wtxid=%s, fees=%s, vsize=%s). ",
1300 it->GetTx().GetHash().ToString(),
1301 it->GetTx().GetWitnessHash().ToString(),
1302 it->GetFee(),
1303 it->GetTxSize());
1304 FeeFrac feerate{m_subpackage.m_total_modified_fees, int32_t(m_subpackage.m_total_vsize)};
1305 uint256 tx_or_package_hash{};
1306 const bool replaced_with_tx{m_subpackage.m_changeset->GetTxCount() == 1};
1307 if (replaced_with_tx) {
1308 const CTransaction& tx = m_subpackage.m_changeset->GetAddedTxn(0);
1309 tx_or_package_hash = tx.GetHash();
1310 log_string += strprintf("New tx %s (wtxid=%s, fees=%s, vsize=%s)",
1311 tx.GetHash().ToString(),
1312 tx.GetWitnessHash().ToString(),
1313 feerate.fee,
1314 feerate.size);
1315 } else {
1316 tx_or_package_hash = GetPackageHash(m_subpackage.m_changeset->GetAddedTxns());
1317 log_string += strprintf("New package %s with %lu txs, fees=%s, vsize=%s",
1318 tx_or_package_hash.ToString(),
1319 m_subpackage.m_changeset->GetTxCount(),
1320 feerate.fee,
1321 feerate.size);
1322
1323 }
1324 LogDebug(BCLog::MEMPOOL, "%s\n", log_string);
1325 TRACEPOINT(mempool, replaced,
1326 it->GetTx().GetHash().data(),
1327 it->GetTxSize(),
1328 it->GetFee(),
1329 std::chrono::duration_cast<std::chrono::duration<std::uint64_t>>(it->GetTime()).count(),
1330 tx_or_package_hash.data(),
1331 feerate.size,
1332 feerate.fee,
1333 replaced_with_tx
1334 );
1335 m_subpackage.m_replaced_transactions.push_back(it->GetSharedTx());
1336 }
1337 m_subpackage.m_changeset->Apply();
1338 m_subpackage.m_changeset.reset();
1339}
1340
1341bool MemPoolAccept::SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces,
1342 PackageValidationState& package_state,
1343 std::map<Wtxid, MempoolAcceptResult>& results)
1344{
1346 AssertLockHeld(m_pool.cs);
1347 // Sanity check: none of the transactions should be in the mempool, and none of the transactions
1348 // should have a same-txid-different-witness equivalent in the mempool.
1349 assert(std::all_of(workspaces.cbegin(), workspaces.cend(), [this](const auto& ws){
1350 return !m_pool.exists(GenTxid::Txid(ws.m_ptx->GetHash())); }));
1351
1352 bool all_submitted = true;
1353 FinalizeSubpackage(args);
1354 // ConsensusScriptChecks adds to the script cache and is therefore consensus-critical;
1355 // CheckInputsFromMempoolAndCache asserts that transactions only spend coins available from the
1356 // mempool or UTXO set. Submit each transaction to the mempool immediately after calling
1357 // ConsensusScriptChecks to make the outputs available for subsequent transactions.
1358 for (Workspace& ws : workspaces) {
1359 if (!ConsensusScriptChecks(args, ws)) {
1360 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1361 // Since PolicyScriptChecks() passed, this should never fail.
1362 Assume(false);
1363 all_submitted = false;
1365 strprintf("BUG! PolicyScriptChecks succeeded but ConsensusScriptChecks failed: %s",
1366 ws.m_ptx->GetHash().ToString()));
1367 // Remove the transaction from the mempool.
1368 if (!m_subpackage.m_changeset) m_subpackage.m_changeset = m_pool.GetChangeSet();
1369 m_subpackage.m_changeset->StageRemoval(m_pool.GetIter(ws.m_ptx->GetHash()).value());
1370 }
1371 }
1372 if (!all_submitted) {
1373 Assume(m_subpackage.m_changeset);
1374 // This code should be unreachable; it's here as belt-and-suspenders
1375 // to try to ensure we have no consensus-invalid transactions in the
1376 // mempool.
1377 m_subpackage.m_changeset->Apply();
1378 m_subpackage.m_changeset.reset();
1379 return false;
1380 }
1381
1382 std::vector<Wtxid> all_package_wtxids;
1383 all_package_wtxids.reserve(workspaces.size());
1384 std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1385 [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1386
1387 if (!m_subpackage.m_replaced_transactions.empty()) {
1388 LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with %u new one(s) for %s additional fees, %d delta bytes\n",
1389 m_subpackage.m_replaced_transactions.size(), workspaces.size(),
1390 m_subpackage.m_total_modified_fees - m_subpackage.m_conflicting_fees,
1391 m_subpackage.m_total_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1392 }
1393
1394 // Add successful results. The returned results may change later if LimitMempoolSize() evicts them.
1395 for (Workspace& ws : workspaces) {
1396 auto iter = m_pool.GetIter(ws.m_ptx->GetHash());
1397 Assume(iter.has_value());
1398 const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1399 CFeeRate{ws.m_modified_fees, static_cast<uint32_t>(ws.m_vsize)};
1400 const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1401 std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1402 results.emplace(ws.m_ptx->GetWitnessHash(),
1403 MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1404 ws.m_base_fees, effective_feerate, effective_feerate_wtxids));
1405 if (!m_pool.m_opts.signals) continue;
1406 const CTransaction& tx = *ws.m_ptx;
1407 const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1408 ws.m_vsize, (*iter)->GetHeight(),
1409 args.m_bypass_limits, args.m_package_submission,
1410 IsCurrentForFeeEstimation(m_active_chainstate),
1411 m_pool.HasNoInputsOf(tx));
1412 m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1413 }
1414 return all_submitted;
1415}
1416
1417MempoolAcceptResult MemPoolAccept::AcceptSingleTransaction(const CTransactionRef& ptx, ATMPArgs& args)
1418{
1420 LOCK(m_pool.cs); // mempool "read lock" (held through m_pool.m_opts.signals->TransactionAddedToMempool())
1421
1422 Workspace ws(ptx);
1423 const std::vector<Wtxid> single_wtxid{ws.m_ptx->GetWitnessHash()};
1424
1425 if (!PreChecks(args, ws)) {
1426 if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1427 // Failed for fee reasons. Provide the effective feerate and which tx was included.
1428 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1429 }
1430 return MempoolAcceptResult::Failure(ws.m_state);
1431 }
1432
1433 m_subpackage.m_total_vsize = ws.m_vsize;
1434 m_subpackage.m_total_modified_fees = ws.m_modified_fees;
1435
1436 // Individual modified feerate exceeded caller-defined max; abort
1437 if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1438 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1439 return MempoolAcceptResult::Failure(ws.m_state);
1440 }
1441
1442 if (m_pool.m_opts.require_standard) {
1443 Wtxid dummy_wtxid;
1444 if (!CheckEphemeralSpends(/*package=*/{ptx}, m_pool.m_opts.dust_relay_feerate, m_pool, ws.m_state, dummy_wtxid)) {
1445 return MempoolAcceptResult::Failure(ws.m_state);
1446 }
1447 }
1448
1449 if (m_subpackage.m_rbf && !ReplacementChecks(ws)) {
1450 if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1451 // Failed for incentives-based fee reasons. Provide the effective feerate and which tx was included.
1452 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1453 }
1454 return MempoolAcceptResult::Failure(ws.m_state);
1455 }
1456
1457 // Perform the inexpensive checks first and avoid hashing and signature verification unless
1458 // those checks pass, to mitigate CPU exhaustion denial-of-service attacks.
1459 if (!PolicyScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1460
1461 if (!ConsensusScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1462
1463 const CFeeRate effective_feerate{ws.m_modified_fees, static_cast<uint32_t>(ws.m_vsize)};
1464 // Tx was accepted, but not added
1465 if (args.m_test_accept) {
1466 return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1467 ws.m_base_fees, effective_feerate, single_wtxid);
1468 }
1469
1470 FinalizeSubpackage(args);
1471
1472 // Limit the mempool, if appropriate.
1473 if (!args.m_package_submission && !args.m_bypass_limits) {
1474 LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1475 if (!m_pool.exists(GenTxid::Txid(ws.m_hash))) {
1476 // The tx no longer meets our (new) mempool minimum feerate but could be reconsidered in a package.
1477 ws.m_state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool full");
1478 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), {ws.m_ptx->GetWitnessHash()});
1479 }
1480 }
1481
1482 if (m_pool.m_opts.signals) {
1483 const CTransaction& tx = *ws.m_ptx;
1484 auto iter = m_pool.GetIter(tx.GetHash());
1485 Assume(iter.has_value());
1486 const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1487 ws.m_vsize, (*iter)->GetHeight(),
1488 args.m_bypass_limits, args.m_package_submission,
1489 IsCurrentForFeeEstimation(m_active_chainstate),
1490 m_pool.HasNoInputsOf(tx));
1491 m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1492 }
1493
1494 if (!m_subpackage.m_replaced_transactions.empty()) {
1495 LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with 1 new transaction for %s additional fees, %d delta bytes\n",
1496 m_subpackage.m_replaced_transactions.size(),
1497 ws.m_modified_fees - m_subpackage.m_conflicting_fees,
1498 ws.m_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1499 }
1500
1501 return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize, ws.m_base_fees,
1502 effective_feerate, single_wtxid);
1503}
1504
1505PackageMempoolAcceptResult MemPoolAccept::AcceptMultipleTransactions(const std::vector<CTransactionRef>& txns, ATMPArgs& args)
1506{
1508
1509 // These context-free package limits can be done before taking the mempool lock.
1510 PackageValidationState package_state;
1511 if (!IsWellFormedPackage(txns, package_state, /*require_sorted=*/true)) return PackageMempoolAcceptResult(package_state, {});
1512
1513 std::vector<Workspace> workspaces{};
1514 workspaces.reserve(txns.size());
1515 std::transform(txns.cbegin(), txns.cend(), std::back_inserter(workspaces),
1516 [](const auto& tx) { return Workspace(tx); });
1517 std::map<Wtxid, MempoolAcceptResult> results;
1518
1519 LOCK(m_pool.cs);
1520
1521 // Do all PreChecks first and fail fast to avoid running expensive script checks when unnecessary.
1522 for (Workspace& ws : workspaces) {
1523 if (!PreChecks(args, ws)) {
1524 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1525 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1526 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1527 return PackageMempoolAcceptResult(package_state, std::move(results));
1528 }
1529
1530 // Individual modified feerate exceeded caller-defined max; abort
1531 // N.B. this doesn't take into account CPFPs. Chunk-aware validation may be more robust.
1532 if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1533 // Need to set failure here both individually and at package level
1534 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1535 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1536 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1537 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1538 return PackageMempoolAcceptResult(package_state, std::move(results));
1539 }
1540
1541 // Make the coins created by this transaction available for subsequent transactions in the
1542 // package to spend. If there are no conflicts within the package, no transaction can spend a coin
1543 // needed by another transaction in the package. We also need to make sure that no package
1544 // tx replaces (or replaces the ancestor of) the parent of another package tx. As long as we
1545 // check these two things, we don't need to track the coins spent.
1546 // If a package tx conflicts with a mempool tx, PackageMempoolChecks() ensures later that any package RBF attempt
1547 // has *no* in-mempool ancestors, so we don't have to worry about subsequent transactions in
1548 // same package spending the same in-mempool outpoints. This needs to be revisited for general
1549 // package RBF.
1550 m_viewmempool.PackageAddTransaction(ws.m_ptx);
1551 }
1552
1553 // At this point we have all in-mempool ancestors, and we know every transaction's vsize.
1554 // Run the TRUC checks on the package.
1555 for (Workspace& ws : workspaces) {
1556 if (auto err{PackageTRUCChecks(ws.m_ptx, ws.m_vsize, txns, ws.m_ancestors)}) {
1557 package_state.Invalid(PackageValidationResult::PCKG_POLICY, "TRUC-violation", err.value());
1558 return PackageMempoolAcceptResult(package_state, {});
1559 }
1560 }
1561
1562 // Transactions must meet two minimum feerates: the mempool minimum fee and min relay fee.
1563 // For transactions consisting of exactly one child and its parents, it suffices to use the
1564 // package feerate (total modified fees / total virtual size) to check this requirement.
1565 // Note that this is an aggregate feerate; this function has not checked that there are transactions
1566 // too low feerate to pay for themselves, or that the child transactions are higher feerate than
1567 // their parents. Using aggregate feerate may allow "parents pay for child" behavior and permit
1568 // a child that is below mempool minimum feerate. To avoid these behaviors, callers of
1569 // AcceptMultipleTransactions need to restrict txns topology (e.g. to ancestor sets) and check
1570 // the feerates of individuals and subsets.
1571 m_subpackage.m_total_vsize = std::accumulate(workspaces.cbegin(), workspaces.cend(), int64_t{0},
1572 [](int64_t sum, auto& ws) { return sum + ws.m_vsize; });
1573 m_subpackage.m_total_modified_fees = std::accumulate(workspaces.cbegin(), workspaces.cend(), CAmount{0},
1574 [](CAmount sum, auto& ws) { return sum + ws.m_modified_fees; });
1575 const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1576 std::vector<Wtxid> all_package_wtxids;
1577 all_package_wtxids.reserve(workspaces.size());
1578 std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1579 [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1580 TxValidationState placeholder_state;
1581 if (args.m_package_feerates &&
1582 !CheckFeeRate(m_subpackage.m_total_vsize, m_subpackage.m_total_modified_fees, placeholder_state)) {
1583 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1584 return PackageMempoolAcceptResult(package_state, {{workspaces.back().m_ptx->GetWitnessHash(),
1585 MempoolAcceptResult::FeeFailure(placeholder_state, CFeeRate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize), all_package_wtxids)}});
1586 }
1587
1588 // Apply package mempool ancestor/descendant limits. Skip if there is only one transaction,
1589 // because it's unnecessary.
1590 if (txns.size() > 1 && !PackageMempoolChecks(txns, workspaces, m_subpackage.m_total_vsize, package_state)) {
1591 return PackageMempoolAcceptResult(package_state, std::move(results));
1592 }
1593
1594 // Now that we've bounded the resulting possible ancestry count, check package for dust spends
1595 if (m_pool.m_opts.require_standard) {
1596 TxValidationState child_state;
1597 Wtxid child_wtxid;
1598 if (!CheckEphemeralSpends(txns, m_pool.m_opts.dust_relay_feerate, m_pool, child_state, child_wtxid)) {
1599 package_state.Invalid(PackageValidationResult::PCKG_TX, "unspent-dust");
1600 results.emplace(child_wtxid, MempoolAcceptResult::Failure(child_state));
1601 return PackageMempoolAcceptResult(package_state, std::move(results));
1602 }
1603 }
1604
1605 for (Workspace& ws : workspaces) {
1606 ws.m_package_feerate = package_feerate;
1607 if (!PolicyScriptChecks(args, ws)) {
1608 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1609 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1610 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1611 return PackageMempoolAcceptResult(package_state, std::move(results));
1612 }
1613 if (args.m_test_accept) {
1614 const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1615 CFeeRate{ws.m_modified_fees, static_cast<uint32_t>(ws.m_vsize)};
1616 const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1617 std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1618 results.emplace(ws.m_ptx->GetWitnessHash(),
1619 MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions),
1620 ws.m_vsize, ws.m_base_fees, effective_feerate,
1621 effective_feerate_wtxids));
1622 }
1623 }
1624
1625 if (args.m_test_accept) return PackageMempoolAcceptResult(package_state, std::move(results));
1626
1627 if (!SubmitPackage(args, workspaces, package_state, results)) {
1628 // PackageValidationState filled in by SubmitPackage().
1629 return PackageMempoolAcceptResult(package_state, std::move(results));
1630 }
1631
1632 return PackageMempoolAcceptResult(package_state, std::move(results));
1633}
1634
1635void MemPoolAccept::CleanupTemporaryCoins()
1636{
1637 // There are 3 kinds of coins in m_view:
1638 // (1) Temporary coins from the transactions in subpackage, constructed by m_viewmempool.
1639 // (2) Mempool coins from transactions in the mempool, constructed by m_viewmempool.
1640 // (3) Confirmed coins fetched from our current UTXO set.
1641 //
1642 // (1) Temporary coins need to be removed, regardless of whether the transaction was submitted.
1643 // If the transaction was submitted to the mempool, m_viewmempool will be able to fetch them from
1644 // there. If it wasn't submitted to mempool, it is incorrect to keep them - future calls may try
1645 // to spend those coins that don't actually exist.
1646 // (2) Mempool coins also need to be removed. If the mempool contents have changed as a result
1647 // of submitting or replacing transactions, coins previously fetched from mempool may now be
1648 // spent or nonexistent. Those coins need to be deleted from m_view.
1649 // (3) Confirmed coins don't need to be removed. The chainstate has not changed (we are
1650 // holding cs_main and no blocks have been processed) so the confirmed tx cannot disappear like
1651 // a mempool tx can. The coin may now be spent after we submitted a tx to mempool, but
1652 // we have already checked that the package does not have 2 transactions spending the same coin.
1653 // Keeping them in m_view is an optimization to not re-fetch confirmed coins if we later look up
1654 // inputs for this transaction again.
1655 for (const auto& outpoint : m_viewmempool.GetNonBaseCoins()) {
1656 // In addition to resetting m_viewmempool, we also need to manually delete these coins from
1657 // m_view because it caches copies of the coins it fetched from m_viewmempool previously.
1658 m_view.Uncache(outpoint);
1659 }
1660 // This deletes the temporary and mempool coins.
1661 m_viewmempool.Reset();
1662}
1663
1664PackageMempoolAcceptResult MemPoolAccept::AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
1665{
1667 AssertLockHeld(m_pool.cs);
1668 auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs) {
1669 if (subpackage.size() > 1) {
1670 return AcceptMultipleTransactions(subpackage, args);
1671 }
1672 const auto& tx = subpackage.front();
1673 ATMPArgs single_args = ATMPArgs::SingleInPackageAccept(args);
1674 const auto single_res = AcceptSingleTransaction(tx, single_args);
1675 PackageValidationState package_state_wrapped;
1676 if (single_res.m_result_type != MempoolAcceptResult::ResultType::VALID) {
1677 package_state_wrapped.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1678 }
1679 return PackageMempoolAcceptResult(package_state_wrapped, {{tx->GetWitnessHash(), single_res}});
1680 }();
1681
1682 // Clean up m_view and m_viewmempool so that other subpackage evaluations don't have access to
1683 // coins they shouldn't. Keep some coins in order to minimize re-fetching coins from the UTXO set.
1684 // Clean up package feerate and rbf calculations
1685 ClearSubPackageState();
1686
1687 return result;
1688}
1689
1690PackageMempoolAcceptResult MemPoolAccept::AcceptPackage(const Package& package, ATMPArgs& args)
1691{
1692 Assert(!package.empty());
1694 // Used if returning a PackageMempoolAcceptResult directly from this function.
1695 PackageValidationState package_state_quit_early;
1696
1697 // There are two topologies we are able to handle through this function:
1698 // (1) A single transaction
1699 // (2) A child-with-unconfirmed-parents package.
1700 // Check that the package is well-formed. If it isn't, we won't try to validate any of the
1701 // transactions and thus won't return any MempoolAcceptResults, just a package-wide error.
1702
1703 // Context-free package checks.
1704 if (!IsWellFormedPackage(package, package_state_quit_early, /*require_sorted=*/true)) {
1705 return PackageMempoolAcceptResult(package_state_quit_early, {});
1706 }
1707
1708 if (package.size() > 1) {
1709 // All transactions in the package must be a parent of the last transaction. This is just an
1710 // opportunity for us to fail fast on a context-free check without taking the mempool lock.
1711 if (!IsChildWithParents(package)) {
1712 package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-parents");
1713 return PackageMempoolAcceptResult(package_state_quit_early, {});
1714 }
1715
1716 // IsChildWithParents() guarantees the package is > 1 transactions.
1717 assert(package.size() > 1);
1718 // The package must be 1 child with all of its unconfirmed parents. The package is expected to
1719 // be sorted, so the last transaction is the child.
1720 const auto& child = package.back();
1721 std::unordered_set<uint256, SaltedTxidHasher> unconfirmed_parent_txids;
1722 std::transform(package.cbegin(), package.cend() - 1,
1723 std::inserter(unconfirmed_parent_txids, unconfirmed_parent_txids.end()),
1724 [](const auto& tx) { return tx->GetHash(); });
1725
1726 // All child inputs must refer to a preceding package transaction or a confirmed UTXO. The only
1727 // way to verify this is to look up the child's inputs in our current coins view (not including
1728 // mempool), and enforce that all parents not present in the package be available at chain tip.
1729 // Since this check can bring new coins into the coins cache, keep track of these coins and
1730 // uncache them if we don't end up submitting this package to the mempool.
1731 const CCoinsViewCache& coins_tip_cache = m_active_chainstate.CoinsTip();
1732 for (const auto& input : child->vin) {
1733 if (!coins_tip_cache.HaveCoinInCache(input.prevout)) {
1734 args.m_coins_to_uncache.push_back(input.prevout);
1735 }
1736 }
1737 // Using the MemPoolAccept m_view cache allows us to look up these same coins faster later.
1738 // This should be connecting directly to CoinsTip, not to m_viewmempool, because we specifically
1739 // require inputs to be confirmed if they aren't in the package.
1740 m_view.SetBackend(m_active_chainstate.CoinsTip());
1741 const auto package_or_confirmed = [this, &unconfirmed_parent_txids](const auto& input) {
1742 return unconfirmed_parent_txids.count(input.prevout.hash) > 0 || m_view.HaveCoin(input.prevout);
1743 };
1744 if (!std::all_of(child->vin.cbegin(), child->vin.cend(), package_or_confirmed)) {
1745 package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-unconfirmed-parents");
1746 return PackageMempoolAcceptResult(package_state_quit_early, {});
1747 }
1748 // Protect against bugs where we pull more inputs from disk that miss being added to
1749 // coins_to_uncache. The backend will be connected again when needed in PreChecks.
1750 m_view.SetBackend(m_dummy);
1751 }
1752
1753 LOCK(m_pool.cs);
1754 // Stores results from which we will create the returned PackageMempoolAcceptResult.
1755 // A result may be changed if a mempool transaction is evicted later due to LimitMempoolSize().
1756 std::map<Wtxid, MempoolAcceptResult> results_final;
1757 // Results from individual validation which will be returned if no other result is available for
1758 // this transaction. "Nonfinal" because if a transaction fails by itself but succeeds later
1759 // (i.e. when evaluated with a fee-bumping child), the result in this map may be discarded.
1760 std::map<Wtxid, MempoolAcceptResult> individual_results_nonfinal;
1761 // Tracks whether we think package submission could result in successful entry to the mempool
1762 bool quit_early{false};
1763 std::vector<CTransactionRef> txns_package_eval;
1764 for (const auto& tx : package) {
1765 const auto& wtxid = tx->GetWitnessHash();
1766 const auto& txid = tx->GetHash();
1767 // There are 3 possibilities: already in mempool, same-txid-diff-wtxid already in mempool,
1768 // or not in mempool. An already confirmed tx is treated as one not in mempool, because all
1769 // we know is that the inputs aren't available.
1770 if (m_pool.exists(GenTxid::Wtxid(wtxid))) {
1771 // Exact transaction already exists in the mempool.
1772 // Node operators are free to set their mempool policies however they please, nodes may receive
1773 // transactions in different orders, and malicious counterparties may try to take advantage of
1774 // policy differences to pin or delay propagation of transactions. As such, it's possible for
1775 // some package transaction(s) to already be in the mempool, and we don't want to reject the
1776 // entire package in that case (as that could be a censorship vector). De-duplicate the
1777 // transactions that are already in the mempool, and only call AcceptMultipleTransactions() with
1778 // the new transactions. This ensures we don't double-count transaction counts and sizes when
1779 // checking ancestor/descendant limits, or double-count transaction fees for fee-related policy.
1780 const auto& entry{*Assert(m_pool.GetEntry(txid))};
1781 results_final.emplace(wtxid, MempoolAcceptResult::MempoolTx(entry.GetTxSize(), entry.GetFee()));
1782 } else if (m_pool.exists(GenTxid::Txid(txid))) {
1783 // Transaction with the same non-witness data but different witness (same txid,
1784 // different wtxid) already exists in the mempool.
1785 //
1786 // We don't allow replacement transactions right now, so just swap the package
1787 // transaction for the mempool one. Note that we are ignoring the validity of the
1788 // package transaction passed in.
1789 // TODO: allow witness replacement in packages.
1790 const auto& entry{*Assert(m_pool.GetEntry(txid))};
1791 // Provide the wtxid of the mempool tx so that the caller can look it up in the mempool.
1792 results_final.emplace(wtxid, MempoolAcceptResult::MempoolTxDifferentWitness(entry.GetTx().GetWitnessHash()));
1793 } else {
1794 // Transaction does not already exist in the mempool.
1795 // Try submitting the transaction on its own.
1796 const auto single_package_res = AcceptSubPackage({tx}, args);
1797 const auto& single_res = single_package_res.m_tx_results.at(wtxid);
1798 if (single_res.m_result_type == MempoolAcceptResult::ResultType::VALID) {
1799 // The transaction succeeded on its own and is now in the mempool. Don't include it
1800 // in package validation, because its fees should only be "used" once.
1801 assert(m_pool.exists(GenTxid::Wtxid(wtxid)));
1802 results_final.emplace(wtxid, single_res);
1803 } else if (package.size() == 1 || // If there is only one transaction, no need to retry it "as a package"
1804 (single_res.m_state.GetResult() != TxValidationResult::TX_RECONSIDERABLE &&
1805 single_res.m_state.GetResult() != TxValidationResult::TX_MISSING_INPUTS)) {
1806 // Package validation policy only differs from individual policy in its evaluation
1807 // of feerate. For example, if a transaction fails here due to violation of a
1808 // consensus rule, the result will not change when it is submitted as part of a
1809 // package. To minimize the amount of repeated work, unless the transaction fails
1810 // due to feerate or missing inputs (its parent is a previous transaction in the
1811 // package that failed due to feerate), don't run package validation. Note that this
1812 // decision might not make sense if different types of packages are allowed in the
1813 // future. Continue individually validating the rest of the transactions, because
1814 // some of them may still be valid.
1815 quit_early = true;
1816 package_state_quit_early.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1817 individual_results_nonfinal.emplace(wtxid, single_res);
1818 } else {
1819 individual_results_nonfinal.emplace(wtxid, single_res);
1820 txns_package_eval.push_back(tx);
1821 }
1822 }
1823 }
1824
1825 auto multi_submission_result = quit_early || txns_package_eval.empty() ? PackageMempoolAcceptResult(package_state_quit_early, {}) :
1826 AcceptSubPackage(txns_package_eval, args);
1827 PackageValidationState& package_state_final = multi_submission_result.m_state;
1828
1829 // This is invoked by AcceptSubPackage() already, so this is just here for
1830 // clarity (since it's not permitted to invoke LimitMempoolSize() while a
1831 // changeset is outstanding).
1832 ClearSubPackageState();
1833
1834 // Make sure we haven't exceeded max mempool size.
1835 // Package transactions that were submitted to mempool or already in mempool may be evicted.
1836 LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1837
1838 for (const auto& tx : package) {
1839 const auto& wtxid = tx->GetWitnessHash();
1840 if (multi_submission_result.m_tx_results.count(wtxid) > 0) {
1841 // We shouldn't have re-submitted if the tx result was already in results_final.
1842 Assume(results_final.count(wtxid) == 0);
1843 // If it was submitted, check to see if the tx is still in the mempool. It could have
1844 // been evicted due to LimitMempoolSize() above.
1845 const auto& txresult = multi_submission_result.m_tx_results.at(wtxid);
1846 if (txresult.m_result_type == MempoolAcceptResult::ResultType::VALID && !m_pool.exists(GenTxid::Wtxid(wtxid))) {
1847 package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1848 TxValidationState mempool_full_state;
1849 mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1850 results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1851 } else {
1852 results_final.emplace(wtxid, txresult);
1853 }
1854 } else if (const auto it{results_final.find(wtxid)}; it != results_final.end()) {
1855 // Already-in-mempool transaction. Check to see if it's still there, as it could have
1856 // been evicted when LimitMempoolSize() was called.
1857 Assume(it->second.m_result_type != MempoolAcceptResult::ResultType::INVALID);
1858 Assume(individual_results_nonfinal.count(wtxid) == 0);
1859 // Query by txid to include the same-txid-different-witness ones.
1860 if (!m_pool.exists(GenTxid::Txid(tx->GetHash()))) {
1861 package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1862 TxValidationState mempool_full_state;
1863 mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1864 // Replace the previous result.
1865 results_final.erase(wtxid);
1866 results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1867 }
1868 } else if (const auto it{individual_results_nonfinal.find(wtxid)}; it != individual_results_nonfinal.end()) {
1869 Assume(it->second.m_result_type == MempoolAcceptResult::ResultType::INVALID);
1870 // Interesting result from previous processing.
1871 results_final.emplace(wtxid, it->second);
1872 }
1873 }
1874 Assume(results_final.size() == package.size());
1875 return PackageMempoolAcceptResult(package_state_final, std::move(results_final));
1876}
1877
1878} // anon namespace
1879
1881 int64_t accept_time, bool bypass_limits, bool test_accept)
1882{
1884 const CChainParams& chainparams{active_chainstate.m_chainman.GetParams()};
1885 assert(active_chainstate.GetMempool() != nullptr);
1886 CTxMemPool& pool{*active_chainstate.GetMempool()};
1887
1888 std::vector<COutPoint> coins_to_uncache;
1889 auto args = MemPoolAccept::ATMPArgs::SingleAccept(chainparams, accept_time, bypass_limits, coins_to_uncache, test_accept);
1890 MempoolAcceptResult result = MemPoolAccept(pool, active_chainstate).AcceptSingleTransaction(tx, args);
1892 // Remove coins that were not present in the coins cache before calling
1893 // AcceptSingleTransaction(); this is to prevent memory DoS in case we receive a large
1894 // number of invalid transactions that attempt to overrun the in-memory coins cache
1895 // (`CCoinsViewCache::cacheCoins`).
1896
1897 for (const COutPoint& hashTx : coins_to_uncache)
1898 active_chainstate.CoinsTip().Uncache(hashTx);
1899 TRACEPOINT(mempool, rejected,
1900 tx->GetHash().data(),
1901 result.m_state.GetRejectReason().c_str()
1902 );
1903 }
1904 // After we've (potentially) uncached entries, ensure our coins cache is still within its size limits
1905 BlockValidationState state_dummy;
1906 active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1907 return result;
1908}
1909
1911 const Package& package, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
1912{
1914 assert(!package.empty());
1915 assert(std::all_of(package.cbegin(), package.cend(), [](const auto& tx){return tx != nullptr;}));
1916
1917 std::vector<COutPoint> coins_to_uncache;
1918 const CChainParams& chainparams = active_chainstate.m_chainman.GetParams();
1919 auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
1921 if (test_accept) {
1922 auto args = MemPoolAccept::ATMPArgs::PackageTestAccept(chainparams, GetTime(), coins_to_uncache);
1923 return MemPoolAccept(pool, active_chainstate).AcceptMultipleTransactions(package, args);
1924 } else {
1925 auto args = MemPoolAccept::ATMPArgs::PackageChildWithParents(chainparams, GetTime(), coins_to_uncache, client_maxfeerate);
1926 return MemPoolAccept(pool, active_chainstate).AcceptPackage(package, args);
1927 }
1928 }();
1929
1930 // Uncache coins pertaining to transactions that were not submitted to the mempool.
1931 if (test_accept || result.m_state.IsInvalid()) {
1932 for (const COutPoint& hashTx : coins_to_uncache) {
1933 active_chainstate.CoinsTip().Uncache(hashTx);
1934 }
1935 }
1936 // Ensure the coins cache is still within limits.
1937 BlockValidationState state_dummy;
1938 active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1939 return result;
1940}
1941
1943{
1944 int halvings = nHeight / consensusParams.nSubsidyHalvingInterval;
1945 // Force block reward to zero when right shift is undefined.
1946 if (halvings >= 64)
1947 return 0;
1948
1949 CAmount nSubsidy = 50 * COIN;
1950 // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years.
1951 nSubsidy >>= halvings;
1952 return nSubsidy;
1953}
1954
1956 : m_dbview{std::move(db_params), std::move(options)},
1957 m_catcherview(&m_dbview) {}
1958
1959void CoinsViews::InitCache()
1960{
1962 m_cacheview = std::make_unique<CCoinsViewCache>(&m_catcherview);
1963}
1964
1966 CTxMemPool* mempool,
1967 BlockManager& blockman,
1968 ChainstateManager& chainman,
1969 std::optional<uint256> from_snapshot_blockhash)
1970 : m_mempool(mempool),
1971 m_blockman(blockman),
1972 m_chainman(chainman),
1973 m_from_snapshot_blockhash(from_snapshot_blockhash) {}
1974
1975const CBlockIndex* Chainstate::SnapshotBase()
1976{
1977 if (!m_from_snapshot_blockhash) return nullptr;
1978 if (!m_cached_snapshot_base) m_cached_snapshot_base = Assert(m_chainman.m_blockman.LookupBlockIndex(*m_from_snapshot_blockhash));
1979 return m_cached_snapshot_base;
1980}
1981
1983 size_t cache_size_bytes,
1984 bool in_memory,
1985 bool should_wipe,
1986 fs::path leveldb_name)
1987{
1989 leveldb_name += node::SNAPSHOT_CHAINSTATE_SUFFIX;
1990 }
1991
1992 m_coins_views = std::make_unique<CoinsViews>(
1993 DBParams{
1994 .path = m_chainman.m_options.datadir / leveldb_name,
1995 .cache_bytes = cache_size_bytes,
1996 .memory_only = in_memory,
1997 .wipe_data = should_wipe,
1998 .obfuscate = true,
1999 .options = m_chainman.m_options.coins_db},
2001
2002 m_coinsdb_cache_size_bytes = cache_size_bytes;
2003}
2004
2005void Chainstate::InitCoinsCache(size_t cache_size_bytes)
2006{
2008 assert(m_coins_views != nullptr);
2009 m_coinstip_cache_size_bytes = cache_size_bytes;
2010 m_coins_views->InitCache();
2011}
2012
2013// Note that though this is marked const, we may end up modifying `m_cached_finished_ibd`, which
2014// is a performance-related implementation detail. This function must be marked
2015// `const` so that `CValidationInterface` clients (which are given a `const Chainstate*`)
2016// can call it.
2017//
2019{
2020 // Optimization: pre-test latch before taking the lock.
2021 if (m_cached_finished_ibd.load(std::memory_order_relaxed))
2022 return false;
2023
2024 LOCK(cs_main);
2025 if (m_cached_finished_ibd.load(std::memory_order_relaxed))
2026 return false;
2027 if (m_blockman.LoadingBlocks()) {
2028 return true;
2029 }
2030 CChain& chain{ActiveChain()};
2031 if (chain.Tip() == nullptr) {
2032 return true;
2033 }
2034 if (chain.Tip()->nChainWork < MinimumChainWork()) {
2035 return true;
2036 }
2037 if (chain.Tip()->Time() < Now<NodeSeconds>() - m_options.max_tip_age) {
2038 return true;
2039 }
2040 LogPrintf("Leaving InitialBlockDownload (latching to false)\n");
2041 m_cached_finished_ibd.store(true, std::memory_order_relaxed);
2042 return false;
2043}
2044
2046{
2048
2049 // Before we get past initial download, we cannot reliably alert about forks
2050 // (we assume we don't get stuck on a fork before finishing our initial sync)
2051 // Also not applicable to the background chainstate
2052 if (m_chainman.IsInitialBlockDownload() || this->GetRole() == ChainstateRole::BACKGROUND) {
2053 return;
2054 }
2055
2056 if (m_chainman.m_best_invalid && m_chainman.m_best_invalid->nChainWork > m_chain.Tip()->nChainWork + (GetBlockProof(*m_chain.Tip()) * 6)) {
2057 LogPrintf("%s: Warning: Found invalid chain at least ~6 blocks longer than our best chain.\nChain state database corruption likely.\n", __func__);
2060 _("Warning: We do not appear to fully agree with our peers! You may need to upgrade, or other nodes may need to upgrade."));
2061 } else {
2063 }
2064}
2065
2066// Called both upon regular invalid block discovery *and* InvalidateBlock
2068{
2070 if (!m_chainman.m_best_invalid || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork) {
2071 m_chainman.m_best_invalid = pindexNew;
2072 }
2073 SetBlockFailureFlags(pindexNew);
2074 if (m_chainman.m_best_header != nullptr && m_chainman.m_best_header->GetAncestor(pindexNew->nHeight) == pindexNew) {
2075 m_chainman.RecalculateBestHeader();
2076 }
2077
2078 LogPrintf("%s: invalid block=%s height=%d log2_work=%f date=%s\n", __func__,
2079 pindexNew->GetBlockHash().ToString(), pindexNew->nHeight,
2080 log(pindexNew->nChainWork.getdouble())/log(2.0), FormatISO8601DateTime(pindexNew->GetBlockTime()));
2081 CBlockIndex *tip = m_chain.Tip();
2082 assert (tip);
2083 LogPrintf("%s: current best=%s height=%d log2_work=%f date=%s\n", __func__,
2084 tip->GetBlockHash().ToString(), m_chain.Height(), log(tip->nChainWork.getdouble())/log(2.0),
2087}
2088
2089// Same as InvalidChainFound, above, except not called directly from InvalidateBlock,
2090// which does its own setBlockIndexCandidates management.
2092{
2095 pindex->nStatus |= BLOCK_FAILED_VALID;
2096 m_chainman.m_failed_blocks.insert(pindex);
2097 m_blockman.m_dirty_blockindex.insert(pindex);
2098 setBlockIndexCandidates.erase(pindex);
2099 InvalidChainFound(pindex);
2100 }
2101}
2102
2103void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo &txundo, int nHeight)
2104{
2105 // mark inputs spent
2106 if (!tx.IsCoinBase()) {
2107 txundo.vprevout.reserve(tx.vin.size());
2108 for (const CTxIn &txin : tx.vin) {
2109 txundo.vprevout.emplace_back();
2110 bool is_spent = inputs.SpendCoin(txin.prevout, &txundo.vprevout.back());
2111 assert(is_spent);
2112 }
2113 }
2114 // add outputs
2115 AddCoins(inputs, tx, nHeight);
2116}
2117
2118std::optional<std::pair<ScriptError, std::string>> CScriptCheck::operator()() {
2119 const CScript &scriptSig = ptxTo->vin[nIn].scriptSig;
2120 const CScriptWitness *witness = &ptxTo->vin[nIn].scriptWitness;
2123 return std::nullopt;
2124 } else {
2125 auto debug_str = strprintf("input %i of %s (wtxid %s), spending %s:%i", nIn, ptxTo->GetHash().ToString(), ptxTo->GetWitnessHash().ToString(), ptxTo->vin[nIn].prevout.hash.ToString(), ptxTo->vin[nIn].prevout.n);
2126 return std::make_pair(error, std::move(debug_str));
2127 }
2128}
2129
2130ValidationCache::ValidationCache(const size_t script_execution_cache_bytes, const size_t signature_cache_bytes)
2131 : m_signature_cache{signature_cache_bytes}
2132{
2133 // Setup the salted hasher
2135 // We want the nonce to be 64 bytes long to force the hasher to process
2136 // this chunk, which makes later hash computations more efficient. We
2137 // just write our 32-byte entropy twice to fill the 64 bytes.
2140
2141 const auto [num_elems, approx_size_bytes] = m_script_execution_cache.setup_bytes(script_execution_cache_bytes);
2142 LogPrintf("Using %zu MiB out of %zu MiB requested for script execution cache, able to store %zu elements\n",
2143 approx_size_bytes >> 20, script_execution_cache_bytes >> 20, num_elems);
2144}
2145
2166 const CCoinsViewCache& inputs, unsigned int flags, bool cacheSigStore,
2167 bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
2168 ValidationCache& validation_cache,
2169 std::vector<CScriptCheck>* pvChecks)
2170{
2171 if (tx.IsCoinBase()) return true;
2172
2173 if (pvChecks) {
2174 pvChecks->reserve(tx.vin.size());
2175 }
2176
2177 // First check if script executions have been cached with the same
2178 // flags. Note that this assumes that the inputs provided are
2179 // correct (ie that the transaction hash which is in tx's prevouts
2180 // properly commits to the scriptPubKey in the inputs view of that
2181 // transaction).
2182 uint256 hashCacheEntry;
2183 CSHA256 hasher = validation_cache.ScriptExecutionCacheHasher();
2184 hasher.Write(UCharCast(tx.GetWitnessHash().begin()), 32).Write((unsigned char*)&flags, sizeof(flags)).Finalize(hashCacheEntry.begin());
2185 AssertLockHeld(cs_main); //TODO: Remove this requirement by making CuckooCache not require external locks
2186 if (validation_cache.m_script_execution_cache.contains(hashCacheEntry, !cacheFullScriptStore)) {
2187 return true;
2188 }
2189
2190 if (!txdata.m_spent_outputs_ready) {
2191 std::vector<CTxOut> spent_outputs;
2192 spent_outputs.reserve(tx.vin.size());
2193
2194 for (const auto& txin : tx.vin) {
2195 const COutPoint& prevout = txin.prevout;
2196 const Coin& coin = inputs.AccessCoin(prevout);
2197 assert(!coin.IsSpent());
2198 spent_outputs.emplace_back(coin.out);
2199 }
2200 txdata.Init(tx, std::move(spent_outputs));
2201 }
2202 assert(txdata.m_spent_outputs.size() == tx.vin.size());
2203
2204 for (unsigned int i = 0; i < tx.vin.size(); i++) {
2205
2206 // We very carefully only pass in things to CScriptCheck which
2207 // are clearly committed to by tx' witness hash. This provides
2208 // a sanity check that our caching is not introducing consensus
2209 // failures through additional data in, eg, the coins being
2210 // spent being checked as a part of CScriptCheck.
2211
2212 // Verify signature
2213 CScriptCheck check(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i, flags, cacheSigStore, &txdata);
2214 if (pvChecks) {
2215 pvChecks->emplace_back(std::move(check));
2216 } else if (auto result = check(); result.has_value()) {
2218 // Check whether the failure was caused by a
2219 // non-mandatory script verification check, such as
2220 // non-standard DER encodings or non-null dummy
2221 // arguments; if so, ensure we return NOT_STANDARD
2222 // instead of CONSENSUS to avoid downstream users
2223 // splitting the network between upgraded and
2224 // non-upgraded nodes by banning CONSENSUS-failing
2225 // data providers.
2226 CScriptCheck check2(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i,
2227 flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, cacheSigStore, &txdata);
2228 auto mandatory_result = check2();
2229 if (!mandatory_result.has_value()) {
2230 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("non-mandatory-script-verify-flag (%s)", ScriptErrorString(result->first)), result->second);
2231 } else {
2232 // If the second check failed, it failed due to a mandatory script verification
2233 // flag, but the first check might have failed on a non-mandatory script
2234 // verification flag.
2235 //
2236 // Avoid reporting a mandatory script check failure with a non-mandatory error
2237 // string by reporting the error from the second check.
2238 result = mandatory_result;
2239 }
2240 }
2241
2242 // MANDATORY flag failures correspond to
2243 // TxValidationResult::TX_CONSENSUS.
2244 return state.Invalid(TxValidationResult::TX_CONSENSUS, strprintf("mandatory-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
2245 }
2246 }
2247
2248 if (cacheFullScriptStore && !pvChecks) {
2249 // We executed all of the provided scripts, and were told to
2250 // cache the result. Do so now.
2251 validation_cache.m_script_execution_cache.insert(hashCacheEntry);
2252 }
2253
2254 return true;
2255}
2256
2257bool FatalError(Notifications& notifications, BlockValidationState& state, const bilingual_str& message)
2258{
2259 notifications.fatalError(message);
2260 return state.Error(message.original);
2261}
2262
2271{
2272 bool fClean = true;
2273
2274 if (view.HaveCoin(out)) fClean = false; // overwriting transaction output
2275
2276 if (undo.nHeight == 0) {
2277 // Missing undo metadata (height and coinbase). Older versions included this
2278 // information only in undo records for the last spend of a transactions'
2279 // outputs. This implies that it must be present for some other output of the same tx.
2280 const Coin& alternate = AccessByTxid(view, out.hash);
2281 if (!alternate.IsSpent()) {
2282 undo.nHeight = alternate.nHeight;
2283 undo.fCoinBase = alternate.fCoinBase;
2284 } else {
2285 return DISCONNECT_FAILED; // adding output for transaction without known metadata
2286 }
2287 }
2288 // If the coin already exists as an unspent coin in the cache, then the
2289 // possible_overwrite parameter to AddCoin must be set to true. We have
2290 // already checked whether an unspent coin exists above using HaveCoin, so
2291 // we don't need to guess. When fClean is false, an unspent coin already
2292 // existed and it is an overwrite.
2293 view.AddCoin(out, std::move(undo), !fClean);
2294
2295 return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2296}
2297
2300DisconnectResult Chainstate::DisconnectBlock(const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
2301{
2303 bool fClean = true;
2304
2305 CBlockUndo blockUndo;
2306 if (!m_blockman.ReadBlockUndo(blockUndo, *pindex)) {
2307 LogError("DisconnectBlock(): failure reading undo data\n");
2308 return DISCONNECT_FAILED;
2309 }
2310
2311 if (blockUndo.vtxundo.size() + 1 != block.vtx.size()) {
2312 LogError("DisconnectBlock(): block and undo data inconsistent\n");
2313 return DISCONNECT_FAILED;
2314 }
2315
2316 // Ignore blocks that contain transactions which are 'overwritten' by later transactions,
2317 // unless those are already completely spent.
2318 // See https://github.com/bitcoin/bitcoin/issues/22596 for additional information.
2319 // Note: the blocks specified here are different than the ones used in ConnectBlock because DisconnectBlock
2320 // unwinds the blocks in reverse. As a result, the inconsistency is not discovered until the earlier
2321 // blocks with the duplicate coinbase transactions are disconnected.
2322 bool fEnforceBIP30 = !((pindex->nHeight==91722 && pindex->GetBlockHash() == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
2323 (pindex->nHeight==91812 && pindex->GetBlockHash() == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"}));
2324
2325 // undo transactions in reverse order
2326 for (int i = block.vtx.size() - 1; i >= 0; i--) {
2327 const CTransaction &tx = *(block.vtx[i]);
2328 Txid hash = tx.GetHash();
2329 bool is_coinbase = tx.IsCoinBase();
2330 bool is_bip30_exception = (is_coinbase && !fEnforceBIP30);
2331
2332 // Check that all outputs are available and match the outputs in the block itself
2333 // exactly.
2334 for (size_t o = 0; o < tx.vout.size(); o++) {
2335 if (!tx.vout[o].scriptPubKey.IsUnspendable()) {
2336 COutPoint out(hash, o);
2337 Coin coin;
2338 bool is_spent = view.SpendCoin(out, &coin);
2339 if (!is_spent || tx.vout[o] != coin.out || pindex->nHeight != coin.nHeight || is_coinbase != coin.fCoinBase) {
2340 if (!is_bip30_exception) {
2341 fClean = false; // transaction output mismatch
2342 }
2343 }
2344 }
2345 }
2346
2347 // restore inputs
2348 if (i > 0) { // not coinbases
2349 CTxUndo &txundo = blockUndo.vtxundo[i-1];
2350 if (txundo.vprevout.size() != tx.vin.size()) {
2351 LogError("DisconnectBlock(): transaction and undo data inconsistent\n");
2352 return DISCONNECT_FAILED;
2353 }
2354 for (unsigned int j = tx.vin.size(); j > 0;) {
2355 --j;
2356 const COutPoint& out = tx.vin[j].prevout;
2357 int res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
2358 if (res == DISCONNECT_FAILED) return DISCONNECT_FAILED;
2359 fClean = fClean && res != DISCONNECT_UNCLEAN;
2360 }
2361 // At this point, all of txundo.vprevout should have been moved out.
2362 }
2363 }
2364
2365 // move best block pointer to prevout block
2366 view.SetBestBlock(pindex->pprev->GetBlockHash());
2367
2368 return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2369}
2370
2371static unsigned int GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman)
2372{
2373 const Consensus::Params& consensusparams = chainman.GetConsensus();
2374
2375 // BIP16 didn't become active until Apr 1 2012 (on mainnet, and
2376 // retroactively applied to testnet)
2377 // However, only one historical block violated the P2SH rules (on both
2378 // mainnet and testnet).
2379 // Similarly, only one historical block violated the TAPROOT rules on
2380 // mainnet.
2381 // For simplicity, always leave P2SH+WITNESS+TAPROOT on except for the two
2382 // violating blocks.
2384 const auto it{consensusparams.script_flag_exceptions.find(*Assert(block_index.phashBlock))};
2385 if (it != consensusparams.script_flag_exceptions.end()) {
2386 flags = it->second;
2387 }
2388
2389 // Enforce the DERSIG (BIP66) rule
2390 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_DERSIG)) {
2392 }
2393
2394 // Enforce CHECKLOCKTIMEVERIFY (BIP65)
2395 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CLTV)) {
2397 }
2398
2399 // Enforce CHECKSEQUENCEVERIFY (BIP112)
2400 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CSV)) {
2402 }
2403
2404 // Enforce BIP147 NULLDUMMY (activated simultaneously with segwit)
2405 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_SEGWIT)) {
2407 }
2408
2409 return flags;
2410}
2411
2412
2416bool Chainstate::ConnectBlock(const CBlock& block, BlockValidationState& state, CBlockIndex* pindex,
2417 CCoinsViewCache& view, bool fJustCheck)
2418{
2420 assert(pindex);
2421
2422 uint256 block_hash{block.GetHash()};
2423 assert(*pindex->phashBlock == block_hash);
2424
2425 const auto time_start{SteadyClock::now()};
2426 const CChainParams& params{m_chainman.GetParams()};
2427
2428 // Check it again in case a previous version let a bad block in
2429 // NOTE: We don't currently (re-)invoke ContextualCheckBlock() or
2430 // ContextualCheckBlockHeader() here. This means that if we add a new
2431 // consensus rule that is enforced in one of those two functions, then we
2432 // may have let in a block that violates the rule prior to updating the
2433 // software, and we would NOT be enforcing the rule here. Fully solving
2434 // upgrade from one software version to the next after a consensus rule
2435 // change is potentially tricky and issue-specific (see NeedsRedownload()
2436 // for one approach that was used for BIP 141 deployment).
2437 // Also, currently the rule against blocks more than 2 hours in the future
2438 // is enforced in ContextualCheckBlockHeader(); we wouldn't want to
2439 // re-enforce that rule here (at least until we make it impossible for
2440 // the clock to go backward).
2441 if (!CheckBlock(block, state, params.GetConsensus(), !fJustCheck, !fJustCheck)) {
2443 // We don't write down blocks to disk if they may have been
2444 // corrupted, so this should be impossible unless we're having hardware
2445 // problems.
2446 return FatalError(m_chainman.GetNotifications(), state, _("Corrupt block found indicating potential hardware failure."));
2447 }
2448 LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
2449 return false;
2450 }
2451
2452 // verify that the view's current state corresponds to the previous block
2453 uint256 hashPrevBlock = pindex->pprev == nullptr ? uint256() : pindex->pprev->GetBlockHash();
2454 assert(hashPrevBlock == view.GetBestBlock());
2455
2456 m_chainman.num_blocks_total++;
2457
2458 // Special case for the genesis block, skipping connection of its transactions
2459 // (its coinbase is unspendable)
2460 if (block_hash == params.GetConsensus().hashGenesisBlock) {
2461 if (!fJustCheck)
2462 view.SetBestBlock(pindex->GetBlockHash());
2463 return true;
2464 }
2465
2466 bool fScriptChecks = true;
2468 // We've been configured with the hash of a block which has been externally verified to have a valid history.
2469 // A suitable default value is included with the software and updated from time to time. Because validity
2470 // relative to a piece of software is an objective fact these defaults can be easily reviewed.
2471 // This setting doesn't force the selection of any particular chain but makes validating some faster by
2472 // effectively caching the result of part of the verification.
2473 BlockMap::const_iterator it{m_blockman.m_block_index.find(m_chainman.AssumedValidBlock())};
2474 if (it != m_blockman.m_block_index.end()) {
2475 if (it->second.GetAncestor(pindex->nHeight) == pindex &&
2476 m_chainman.m_best_header->GetAncestor(pindex->nHeight) == pindex &&
2477 m_chainman.m_best_header->nChainWork >= m_chainman.MinimumChainWork()) {
2478 // This block is a member of the assumed verified chain and an ancestor of the best header.
2479 // Script verification is skipped when connecting blocks under the
2480 // assumevalid block. Assuming the assumevalid block is valid this
2481 // is safe because block merkle hashes are still computed and checked,
2482 // Of course, if an assumed valid block is invalid due to false scriptSigs
2483 // this optimization would allow an invalid chain to be accepted.
2484 // The equivalent time check discourages hash power from extorting the network via DOS attack
2485 // into accepting an invalid block through telling users they must manually set assumevalid.
2486 // Requiring a software change or burying the invalid block, regardless of the setting, makes
2487 // it hard to hide the implication of the demand. This also avoids having release candidates
2488 // that are hardly doing any signature verification at all in testing without having to
2489 // artificially set the default assumed verified block further back.
2490 // The test against the minimum chain work prevents the skipping when denied access to any chain at
2491 // least as good as the expected chain.
2492 fScriptChecks = (GetBlockProofEquivalentTime(*m_chainman.m_best_header, *pindex, *m_chainman.m_best_header, params.GetConsensus()) <= 60 * 60 * 24 * 7 * 2);
2493 }
2494 }
2495 }
2496
2497 const auto time_1{SteadyClock::now()};
2498 m_chainman.time_check += time_1 - time_start;
2499 LogDebug(BCLog::BENCH, " - Sanity checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2500 Ticks<MillisecondsDouble>(time_1 - time_start),
2501 Ticks<SecondsDouble>(m_chainman.time_check),
2502 Ticks<MillisecondsDouble>(m_chainman.time_check) / m_chainman.num_blocks_total);
2503
2504 // Do not allow blocks that contain transactions which 'overwrite' older transactions,
2505 // unless those are already completely spent.
2506 // If such overwrites are allowed, coinbases and transactions depending upon those
2507 // can be duplicated to remove the ability to spend the first instance -- even after
2508 // being sent to another address.
2509 // See BIP30, CVE-2012-1909, and http://r6.ca/blog/20120206T005236Z.html for more information.
2510 // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC.
2511 // Now that the whole chain is irreversibly beyond that time it is applied to all blocks except the
2512 // two in the chain that violate it. This prevents exploiting the issue against nodes during their
2513 // initial block download.
2514 bool fEnforceBIP30 = !IsBIP30Repeat(*pindex);
2515
2516 // Once BIP34 activated it was not possible to create new duplicate coinbases and thus other than starting
2517 // with the 2 existing duplicate coinbase pairs, not possible to create overwriting txs. But by the
2518 // time BIP34 activated, in each of the existing pairs the duplicate coinbase had overwritten the first
2519 // before the first had been spent. Since those coinbases are sufficiently buried it's no longer possible to create further
2520 // duplicate transactions descending from the known pairs either.
2521 // If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
2522
2523 // BIP34 requires that a block at height X (block X) has its coinbase
2524 // scriptSig start with a CScriptNum of X (indicated height X). The above
2525 // logic of no longer requiring BIP30 once BIP34 activates is flawed in the
2526 // case that there is a block X before the BIP34 height of 227,931 which has
2527 // an indicated height Y where Y is greater than X. The coinbase for block
2528 // X would also be a valid coinbase for block Y, which could be a BIP30
2529 // violation. An exhaustive search of all mainnet coinbases before the
2530 // BIP34 height which have an indicated height greater than the block height
2531 // reveals many occurrences. The 3 lowest indicated heights found are
2532 // 209,921, 490,897, and 1,983,702 and thus coinbases for blocks at these 3
2533 // heights would be the first opportunity for BIP30 to be violated.
2534
2535 // The search reveals a great many blocks which have an indicated height
2536 // greater than 1,983,702, so we simply remove the optimization to skip
2537 // BIP30 checking for blocks at height 1,983,702 or higher. Before we reach
2538 // that block in another 25 years or so, we should take advantage of a
2539 // future consensus change to do a new and improved version of BIP34 that
2540 // will actually prevent ever creating any duplicate coinbases in the
2541 // future.
2542 static constexpr int BIP34_IMPLIES_BIP30_LIMIT = 1983702;
2543
2544 // There is no potential to create a duplicate coinbase at block 209,921
2545 // because this is still before the BIP34 height and so explicit BIP30
2546 // checking is still active.
2547
2548 // The final case is block 176,684 which has an indicated height of
2549 // 490,897. Unfortunately, this issue was not discovered until about 2 weeks
2550 // before block 490,897 so there was not much opportunity to address this
2551 // case other than to carefully analyze it and determine it would not be a
2552 // problem. Block 490,897 was, in fact, mined with a different coinbase than
2553 // block 176,684, but it is important to note that even if it hadn't been or
2554 // is remined on an alternate fork with a duplicate coinbase, we would still
2555 // not run into a BIP30 violation. This is because the coinbase for 176,684
2556 // is spent in block 185,956 in transaction
2557 // d4f7fbbf92f4a3014a230b2dc70b8058d02eb36ac06b4a0736d9d60eaa9e8781. This
2558 // spending transaction can't be duplicated because it also spends coinbase
2559 // 0328dd85c331237f18e781d692c92de57649529bd5edf1d01036daea32ffde29. This
2560 // coinbase has an indicated height of over 4.2 billion, and wouldn't be
2561 // duplicatable until that height, and it's currently impossible to create a
2562 // chain that long. Nevertheless we may wish to consider a future soft fork
2563 // which retroactively prevents block 490,897 from creating a duplicate
2564 // coinbase. The two historical BIP30 violations often provide a confusing
2565 // edge case when manipulating the UTXO and it would be simpler not to have
2566 // another edge case to deal with.
2567
2568 // testnet3 has no blocks before the BIP34 height with indicated heights
2569 // post BIP34 before approximately height 486,000,000. After block
2570 // 1,983,702 testnet3 starts doing unnecessary BIP30 checking again.
2571 assert(pindex->pprev);
2572 CBlockIndex* pindexBIP34height = pindex->pprev->GetAncestor(params.GetConsensus().BIP34Height);
2573 //Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
2574 fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == params.GetConsensus().BIP34Hash));
2575
2576 // TODO: Remove BIP30 checking from block height 1,983,702 on, once we have a
2577 // consensus change that ensures coinbases at those heights cannot
2578 // duplicate earlier coinbases.
2579 if (fEnforceBIP30 || pindex->nHeight >= BIP34_IMPLIES_BIP30_LIMIT) {
2580 for (const auto& tx : block.vtx) {
2581 for (size_t o = 0; o < tx->vout.size(); o++) {
2582 if (view.HaveCoin(COutPoint(tx->GetHash(), o))) {
2583 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-BIP30",
2584 "tried to overwrite transaction");
2585 }
2586 }
2587 }
2588 }
2589
2590 // Enforce BIP68 (sequence locks)
2591 int nLockTimeFlags = 0;
2593 nLockTimeFlags |= LOCKTIME_VERIFY_SEQUENCE;
2594 }
2595
2596 // Get the script flags for this block
2597 unsigned int flags{GetBlockScriptFlags(*pindex, m_chainman)};
2598
2599 const auto time_2{SteadyClock::now()};
2600 m_chainman.time_forks += time_2 - time_1;
2601 LogDebug(BCLog::BENCH, " - Fork checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2602 Ticks<MillisecondsDouble>(time_2 - time_1),
2603 Ticks<SecondsDouble>(m_chainman.time_forks),
2604 Ticks<MillisecondsDouble>(m_chainman.time_forks) / m_chainman.num_blocks_total);
2605
2606 CBlockUndo blockundo;
2607
2608 // Precomputed transaction data pointers must not be invalidated
2609 // until after `control` has run the script checks (potentially
2610 // in multiple threads). Preallocate the vector size so a new allocation
2611 // doesn't invalidate pointers into the vector, and keep txsdata in scope
2612 // for as long as `control`.
2613 std::optional<CCheckQueueControl<CScriptCheck>> control;
2614 if (auto& queue = m_chainman.GetCheckQueue(); queue.HasThreads() && fScriptChecks) control.emplace(queue);
2615
2616 std::vector<PrecomputedTransactionData> txsdata(block.vtx.size());
2617
2618 std::vector<int> prevheights;
2619 CAmount nFees = 0;
2620 int nInputs = 0;
2621 int64_t nSigOpsCost = 0;
2622 blockundo.vtxundo.reserve(block.vtx.size() - 1);
2623 for (unsigned int i = 0; i < block.vtx.size(); i++)
2624 {
2625 if (!state.IsValid()) break;
2626 const CTransaction &tx = *(block.vtx[i]);
2627
2628 nInputs += tx.vin.size();
2629
2630 if (!tx.IsCoinBase())
2631 {
2632 CAmount txfee = 0;
2633 TxValidationState tx_state;
2634 if (!Consensus::CheckTxInputs(tx, tx_state, view, pindex->nHeight, txfee)) {
2635 // Any transaction validation failure in ConnectBlock is a block consensus failure
2637 tx_state.GetRejectReason(),
2638 tx_state.GetDebugMessage() + " in transaction " + tx.GetHash().ToString());
2639 break;
2640 }
2641 nFees += txfee;
2642 if (!MoneyRange(nFees)) {
2643 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-accumulated-fee-outofrange",
2644 "accumulated fee in the block out of range");
2645 break;
2646 }
2647
2648 // Check that transaction is BIP68 final
2649 // BIP68 lock checks (as opposed to nLockTime checks) must
2650 // be in ConnectBlock because they require the UTXO set
2651 prevheights.resize(tx.vin.size());
2652 for (size_t j = 0; j < tx.vin.size(); j++) {
2653 prevheights[j] = view.AccessCoin(tx.vin[j].prevout).nHeight;
2654 }
2655
2656 if (!SequenceLocks(tx, nLockTimeFlags, prevheights, *pindex)) {
2657 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal",
2658 "contains a non-BIP68-final transaction " + tx.GetHash().ToString());
2659 break;
2660 }
2661 }
2662
2663 // GetTransactionSigOpCost counts 3 types of sigops:
2664 // * legacy (always)
2665 // * p2sh (when P2SH enabled in flags and excludes coinbase)
2666 // * witness (when witness enabled in flags and excludes coinbase)
2667 nSigOpsCost += GetTransactionSigOpCost(tx, view, flags);
2668 if (nSigOpsCost > MAX_BLOCK_SIGOPS_COST) {
2669 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "too many sigops");
2670 break;
2671 }
2672
2673 if (!tx.IsCoinBase() && fScriptChecks)
2674 {
2675 bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
2676 bool tx_ok;
2677 TxValidationState tx_state;
2678 // If CheckInputScripts is called with a pointer to a checks vector, the resulting checks are appended to it. In that case
2679 // they need to be added to control which runs them asynchronously. Otherwise, CheckInputScripts runs the checks before returning.
2680 if (control) {
2681 std::vector<CScriptCheck> vChecks;
2682 tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache, &vChecks);
2683 if (tx_ok) control->Add(std::move(vChecks));
2684 } else {
2685 tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache);
2686 }
2687 if (!tx_ok) {
2688 // Any transaction validation failure in ConnectBlock is a block consensus failure
2690 tx_state.GetRejectReason(), tx_state.GetDebugMessage());
2691 break;
2692 }
2693 }
2694
2695 CTxUndo undoDummy;
2696 if (i > 0) {
2697 blockundo.vtxundo.emplace_back();
2698 }
2699 UpdateCoins(tx, view, i == 0 ? undoDummy : blockundo.vtxundo.back(), pindex->nHeight);
2700 }
2701 const auto time_3{SteadyClock::now()};
2702 m_chainman.time_connect += time_3 - time_2;
2703 LogDebug(BCLog::BENCH, " - Connect %u transactions: %.2fms (%.3fms/tx, %.3fms/txin) [%.2fs (%.2fms/blk)]\n", (unsigned)block.vtx.size(),
2704 Ticks<MillisecondsDouble>(time_3 - time_2), Ticks<MillisecondsDouble>(time_3 - time_2) / block.vtx.size(),
2705 nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_3 - time_2) / (nInputs - 1),
2706 Ticks<SecondsDouble>(m_chainman.time_connect),
2707 Ticks<MillisecondsDouble>(m_chainman.time_connect) / m_chainman.num_blocks_total);
2708
2709 CAmount blockReward = nFees + GetBlockSubsidy(pindex->nHeight, params.GetConsensus());
2710 if (block.vtx[0]->GetValueOut() > blockReward && state.IsValid()) {
2711 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-amount",
2712 strprintf("coinbase pays too much (actual=%d vs limit=%d)", block.vtx[0]->GetValueOut(), blockReward));
2713 }
2714 if (control) {
2715 auto parallel_result = control->Complete();
2716 if (parallel_result.has_value() && state.IsValid()) {
2717 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, strprintf("mandatory-script-verify-flag-failed (%s)", ScriptErrorString(parallel_result->first)), parallel_result->second);
2718 }
2719 }
2720 if (!state.IsValid()) {
2721 LogInfo("Block validation error: %s", state.ToString());
2722 return false;
2723 }
2724 const auto time_4{SteadyClock::now()};
2725 m_chainman.time_verify += time_4 - time_2;
2726 LogDebug(BCLog::BENCH, " - Verify %u txins: %.2fms (%.3fms/txin) [%.2fs (%.2fms/blk)]\n", nInputs - 1,
2727 Ticks<MillisecondsDouble>(time_4 - time_2),
2728 nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_4 - time_2) / (nInputs - 1),
2729 Ticks<SecondsDouble>(m_chainman.time_verify),
2730 Ticks<MillisecondsDouble>(m_chainman.time_verify) / m_chainman.num_blocks_total);
2731
2732 if (fJustCheck) {
2733 return true;
2734 }
2735
2736 if (!m_blockman.WriteBlockUndo(blockundo, state, *pindex)) {
2737 return false;
2738 }
2739
2740 const auto time_5{SteadyClock::now()};
2741 m_chainman.time_undo += time_5 - time_4;
2742 LogDebug(BCLog::BENCH, " - Write undo data: %.2fms [%.2fs (%.2fms/blk)]\n",
2743 Ticks<MillisecondsDouble>(time_5 - time_4),
2744 Ticks<SecondsDouble>(m_chainman.time_undo),
2745 Ticks<MillisecondsDouble>(m_chainman.time_undo) / m_chainman.num_blocks_total);
2746
2747 if (!pindex->IsValid(BLOCK_VALID_SCRIPTS)) {
2749 m_blockman.m_dirty_blockindex.insert(pindex);
2750 }
2751
2752 // add this block to the view's block chain
2753 view.SetBestBlock(pindex->GetBlockHash());
2754
2755 const auto time_6{SteadyClock::now()};
2756 m_chainman.time_index += time_6 - time_5;
2757 LogDebug(BCLog::BENCH, " - Index writing: %.2fms [%.2fs (%.2fms/blk)]\n",
2758 Ticks<MillisecondsDouble>(time_6 - time_5),
2759 Ticks<SecondsDouble>(m_chainman.time_index),
2760 Ticks<MillisecondsDouble>(m_chainman.time_index) / m_chainman.num_blocks_total);
2761
2762 TRACEPOINT(validation, block_connected,
2763 block_hash.data(),
2764 pindex->nHeight,
2765 block.vtx.size(),
2766 nInputs,
2767 nSigOpsCost,
2768 Ticks<std::chrono::nanoseconds>(time_5 - time_start)
2769 );
2770
2771 return true;
2772}
2773
2774CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState()
2775{
2777 return this->GetCoinsCacheSizeState(
2780}
2781
2782CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState(
2783 size_t max_coins_cache_size_bytes,
2784 size_t max_mempool_size_bytes)
2785{
2787 const int64_t nMempoolUsage = m_mempool ? m_mempool->DynamicMemoryUsage() : 0;
2788 int64_t cacheSize = CoinsTip().DynamicMemoryUsage();
2789 int64_t nTotalSpace =
2790 max_coins_cache_size_bytes + std::max<int64_t>(int64_t(max_mempool_size_bytes) - nMempoolUsage, 0);
2791
2793 static constexpr int64_t MAX_BLOCK_COINSDB_USAGE_BYTES = 10 * 1024 * 1024; // 10MB
2794 int64_t large_threshold =
2795 std::max((9 * nTotalSpace) / 10, nTotalSpace - MAX_BLOCK_COINSDB_USAGE_BYTES);
2796
2797 if (cacheSize > nTotalSpace) {
2798 LogPrintf("Cache size (%s) exceeds total space (%s)\n", cacheSize, nTotalSpace);
2800 } else if (cacheSize > large_threshold) {
2802 }
2804}
2805
2807 BlockValidationState &state,
2808 FlushStateMode mode,
2809 int nManualPruneHeight)
2810{
2811 LOCK(cs_main);
2812 assert(this->CanFlushToDisk());
2813 std::set<int> setFilesToPrune;
2814 bool full_flush_completed = false;
2815
2816 const size_t coins_count = CoinsTip().GetCacheSize();
2817 const size_t coins_mem_usage = CoinsTip().DynamicMemoryUsage();
2818
2819 try {
2820 {
2821 bool fFlushForPrune = false;
2822
2823 CoinsCacheSizeState cache_state = GetCoinsCacheSizeState();
2826 // make sure we don't prune above any of the prune locks bestblocks
2827 // pruning is height-based
2828 int last_prune{m_chain.Height()}; // last height we can prune
2829 std::optional<std::string> limiting_lock; // prune lock that actually was the limiting factor, only used for logging
2830
2831 for (const auto& prune_lock : m_blockman.m_prune_locks) {
2832 if (prune_lock.second.height_first == std::numeric_limits<int>::max()) continue;
2833 // Remove the buffer and one additional block here to get actual height that is outside of the buffer
2834 const int lock_height{prune_lock.second.height_first - PRUNE_LOCK_BUFFER - 1};
2835 last_prune = std::max(1, std::min(last_prune, lock_height));
2836 if (last_prune == lock_height) {
2837 limiting_lock = prune_lock.first;
2838 }
2839 }
2840
2841 if (limiting_lock) {
2842 LogDebug(BCLog::PRUNE, "%s limited pruning to height %d\n", limiting_lock.value(), last_prune);
2843 }
2844
2845 if (nManualPruneHeight > 0) {
2846 LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune (manual)", BCLog::BENCH);
2847
2849 setFilesToPrune,
2850 std::min(last_prune, nManualPruneHeight),
2851 *this, m_chainman);
2852 } else {
2853 LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune", BCLog::BENCH);
2854
2855 m_blockman.FindFilesToPrune(setFilesToPrune, last_prune, *this, m_chainman);
2857 }
2858 if (!setFilesToPrune.empty()) {
2859 fFlushForPrune = true;
2861 m_blockman.m_block_tree_db->WriteFlag("prunedblockfiles", true);
2863 }
2864 }
2865 }
2866 const auto nNow{NodeClock::now()};
2867 // The cache is large and we're within 10% and 10 MiB of the limit, but we have time now (not in the middle of a block processing).
2868 bool fCacheLarge = mode == FlushStateMode::PERIODIC && cache_state >= CoinsCacheSizeState::LARGE;
2869 // The cache is over the limit, we have to write now.
2870 bool fCacheCritical = mode == FlushStateMode::IF_NEEDED && cache_state >= CoinsCacheSizeState::CRITICAL;
2871 // It's been a while since we wrote the block index and chain state to disk. Do this frequently, so we don't need to redownload or reindex after a crash.
2872 bool fPeriodicWrite = mode == FlushStateMode::PERIODIC && nNow >= m_next_write;
2873 // Combine all conditions that result in a write to disk.
2874 bool should_write = (mode == FlushStateMode::ALWAYS) || fCacheLarge || fCacheCritical || fPeriodicWrite || fFlushForPrune;
2875 // Write blocks, block index and best chain related state to disk.
2876 if (should_write) {
2877 // Ensure we can write block index
2879 return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2880 }
2881 {
2882 LOG_TIME_MILLIS_WITH_CATEGORY("write block and undo data to disk", BCLog::BENCH);
2883
2884 // First make sure all block and undo data is flushed to disk.
2885 // TODO: Handle return error, or add detailed comment why it is
2886 // safe to not return an error upon failure.
2888 LogPrintLevel(BCLog::VALIDATION, BCLog::Level::Warning, "%s: Failed to flush block file.\n", __func__);
2889 }
2890 }
2891
2892 // Then update all block file information (which may refer to block and undo files).
2893 {
2894 LOG_TIME_MILLIS_WITH_CATEGORY("write block index to disk", BCLog::BENCH);
2895
2896 if (!m_blockman.WriteBlockIndexDB()) {
2897 return FatalError(m_chainman.GetNotifications(), state, _("Failed to write to block index database."));
2898 }
2899 }
2900 // Finally remove any pruned files
2901 if (fFlushForPrune) {
2902 LOG_TIME_MILLIS_WITH_CATEGORY("unlink pruned files", BCLog::BENCH);
2903
2904 m_blockman.UnlinkPrunedFiles(setFilesToPrune);
2905 }
2906
2907 if (!CoinsTip().GetBestBlock().IsNull()) {
2908 if (coins_mem_usage >= WARN_FLUSH_COINS_SIZE) LogWarning("Flushing large (%d GiB) UTXO set to disk, it may take several minutes", coins_mem_usage >> 30);
2909 LOG_TIME_MILLIS_WITH_CATEGORY(strprintf("write coins cache to disk (%d coins, %.2fKiB)",
2910 coins_count, coins_mem_usage >> 10), BCLog::BENCH);
2911
2912 // Typical Coin structures on disk are around 48 bytes in size.
2913 // Pushing a new one to the database can cause it to be written
2914 // twice (once in the log, and once in the tables). This is already
2915 // an overestimation, as most will delete an existing entry or
2916 // overwrite one. Still, use a conservative safety factor of 2.
2917 if (!CheckDiskSpace(m_chainman.m_options.datadir, 48 * 2 * 2 * CoinsTip().GetCacheSize())) {
2918 return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2919 }
2920 // Flush the chainstate (which may refer to block index entries).
2921 const auto empty_cache{(mode == FlushStateMode::ALWAYS) || fCacheLarge || fCacheCritical};
2922 if (empty_cache ? !CoinsTip().Flush() : !CoinsTip().Sync()) {
2923 return FatalError(m_chainman.GetNotifications(), state, _("Failed to write to coin database."));
2924 }
2925 full_flush_completed = true;
2926 TRACEPOINT(utxocache, flush,
2927 int64_t{Ticks<std::chrono::microseconds>(NodeClock::now() - nNow)},
2928 (uint32_t)mode,
2929 (uint64_t)coins_count,
2930 (uint64_t)coins_mem_usage,
2931 (bool)fFlushForPrune);
2932 }
2933 }
2934
2935 if (should_write || m_next_write == NodeClock::time_point::max()) {
2938 }
2939 }
2940 if (full_flush_completed && m_chainman.m_options.signals) {
2941 // Update best block in wallet (so we can detect restored wallets).
2943 }
2944 } catch (const std::runtime_error& e) {
2945 return FatalError(m_chainman.GetNotifications(), state, strprintf(_("System error while flushing: %s"), e.what()));
2946 }
2947 return true;
2948}
2949
2951{
2953 if (!this->FlushStateToDisk(state, FlushStateMode::ALWAYS)) {
2954 LogPrintf("%s: failed to flush state (%s)\n", __func__, state.ToString());
2955 }
2956}
2957
2959{
2962 if (!this->FlushStateToDisk(state, FlushStateMode::NONE)) {
2963 LogPrintf("%s: failed to flush state (%s)\n", __func__, state.ToString());
2964 }
2965}
2966
2967static void UpdateTipLog(
2968 const ChainstateManager& chainman,
2969 const CCoinsViewCache& coins_tip,
2970 const CBlockIndex* tip,
2971 const std::string& func_name,
2972 const std::string& prefix,
2973 const std::string& warning_messages) EXCLUSIVE_LOCKS_REQUIRED(::cs_main)
2974{
2975
2977 LogPrintf("%s%s: new best=%s height=%d version=0x%08x log2_work=%f tx=%lu date='%s' progress=%f cache=%.1fMiB(%utxo)%s\n",
2978 prefix, func_name,
2979 tip->GetBlockHash().ToString(), tip->nHeight, tip->nVersion,
2980 log(tip->nChainWork.getdouble()) / log(2.0), tip->m_chain_tx_count,
2982 chainman.GuessVerificationProgress(tip),
2983 coins_tip.DynamicMemoryUsage() * (1.0 / (1 << 20)),
2984 coins_tip.GetCacheSize(),
2985 !warning_messages.empty() ? strprintf(" warning='%s'", warning_messages) : "");
2986}
2987
2988void Chainstate::UpdateTip(const CBlockIndex* pindexNew)
2989{
2991 const auto& coins_tip = this->CoinsTip();
2992
2993 // The remainder of the function isn't relevant if we are not acting on
2994 // the active chainstate, so return if need be.
2995 if (this != &m_chainman.ActiveChainstate()) {
2996 // Only log every so often so that we don't bury log messages at the tip.
2997 constexpr int BACKGROUND_LOG_INTERVAL = 2000;
2998 if (pindexNew->nHeight % BACKGROUND_LOG_INTERVAL == 0) {
2999 UpdateTipLog(m_chainman, coins_tip, pindexNew, __func__, "[background validation] ", "");
3000 }
3001 return;
3002 }
3003
3004 // New best block
3005 if (m_mempool) {
3007 }
3008
3009 std::vector<bilingual_str> warning_messages;
3012 for (auto [bit, active] : bits) {
3013 const bilingual_str warning = strprintf(_("Unknown new rules activated (versionbit %i)"), bit);
3014 if (active) {
3016 } else {
3017 warning_messages.push_back(warning);
3018 }
3019 }
3020 }
3021 UpdateTipLog(m_chainman, coins_tip, pindexNew, __func__, "",
3022 util::Join(warning_messages, Untranslated(", ")).original);
3023}
3024
3036{
3039
3040 CBlockIndex *pindexDelete = m_chain.Tip();
3041 assert(pindexDelete);
3042 assert(pindexDelete->pprev);
3043 // Read block from disk.
3044 std::shared_ptr<CBlock> pblock = std::make_shared<CBlock>();
3045 CBlock& block = *pblock;
3046 if (!m_blockman.ReadBlock(block, *pindexDelete)) {
3047 LogError("DisconnectTip(): Failed to read block\n");
3048 return false;
3049 }
3050 // Apply the block atomically to the chain state.
3051 const auto time_start{SteadyClock::now()};
3052 {
3053 CCoinsViewCache view(&CoinsTip());
3054 assert(view.GetBestBlock() == pindexDelete->GetBlockHash());
3055 if (DisconnectBlock(block, pindexDelete, view) != DISCONNECT_OK) {
3056 LogError("DisconnectTip(): DisconnectBlock %s failed\n", pindexDelete->GetBlockHash().ToString());
3057 return false;
3058 }
3059 bool flushed = view.Flush();
3060 assert(flushed);
3061 }
3062 LogDebug(BCLog::BENCH, "- Disconnect block: %.2fms\n",
3063 Ticks<MillisecondsDouble>(SteadyClock::now() - time_start));
3064
3065 {
3066 // Prune locks that began at or after the tip should be moved backward so they get a chance to reorg
3067 const int max_height_first{pindexDelete->nHeight - 1};
3068 for (auto& prune_lock : m_blockman.m_prune_locks) {
3069 if (prune_lock.second.height_first <= max_height_first) continue;
3070
3071 prune_lock.second.height_first = max_height_first;
3072 LogDebug(BCLog::PRUNE, "%s prune lock moved back to %d\n", prune_lock.first, max_height_first);
3073 }
3074 }
3075
3076 // Write the chain state to disk, if necessary.
3078 return false;
3079 }
3080
3081 if (disconnectpool && m_mempool) {
3082 // Save transactions to re-add to mempool at end of reorg. If any entries are evicted for
3083 // exceeding memory limits, remove them and their descendants from the mempool.
3084 for (auto&& evicted_tx : disconnectpool->AddTransactionsFromBlock(block.vtx)) {
3086 }
3087 }
3088
3089 m_chain.SetTip(*pindexDelete->pprev);
3090
3091 UpdateTip(pindexDelete->pprev);
3092 // Let wallets know transactions went from 1-confirmed to
3093 // 0-confirmed or conflicted:
3095 m_chainman.m_options.signals->BlockDisconnected(pblock, pindexDelete);
3096 }
3097 return true;
3098}
3099
3102 std::shared_ptr<const CBlock> pblock;
3104};
3113private:
3114 std::vector<PerBlockConnectTrace> blocksConnected;
3115
3116public:
3118
3119 void BlockConnected(CBlockIndex* pindex, std::shared_ptr<const CBlock> pblock) {
3120 assert(!blocksConnected.back().pindex);
3121 assert(pindex);
3122 assert(pblock);
3123 blocksConnected.back().pindex = pindex;
3124 blocksConnected.back().pblock = std::move(pblock);
3125 blocksConnected.emplace_back();
3126 }
3127
3128 std::vector<PerBlockConnectTrace>& GetBlocksConnected() {
3129 // We always keep one extra block at the end of our list because
3130 // blocks are added after all the conflicted transactions have
3131 // been filled in. Thus, the last entry should always be an empty
3132 // one waiting for the transactions from the next block. We pop
3133 // the last entry here to make sure the list we return is sane.
3134 assert(!blocksConnected.back().pindex);
3135 blocksConnected.pop_back();
3136 return blocksConnected;
3137 }
3138};
3139
3146bool Chainstate::ConnectTip(BlockValidationState& state, CBlockIndex* pindexNew, const std::shared_ptr<const CBlock>& pblock, ConnectTrace& connectTrace, DisconnectedBlockTransactions& disconnectpool)
3147{
3150
3151 assert(pindexNew->pprev == m_chain.Tip());
3152 // Read block from disk.
3153 const auto time_1{SteadyClock::now()};
3154 std::shared_ptr<const CBlock> pthisBlock;
3155 if (!pblock) {
3156 std::shared_ptr<CBlock> pblockNew = std::make_shared<CBlock>();
3157 if (!m_blockman.ReadBlock(*pblockNew, *pindexNew)) {
3158 return FatalError(m_chainman.GetNotifications(), state, _("Failed to read block."));
3159 }
3160 pthisBlock = pblockNew;
3161 } else {
3162 LogDebug(BCLog::BENCH, " - Using cached block\n");
3163 pthisBlock = pblock;
3164 }
3165 const CBlock& blockConnecting = *pthisBlock;
3166 // Apply the block atomically to the chain state.
3167 const auto time_2{SteadyClock::now()};
3168 SteadyClock::time_point time_3;
3169 // When adding aggregate statistics in the future, keep in mind that
3170 // num_blocks_total may be zero until the ConnectBlock() call below.
3171 LogDebug(BCLog::BENCH, " - Load block from disk: %.2fms\n",
3172 Ticks<MillisecondsDouble>(time_2 - time_1));
3173 {
3174 CCoinsViewCache view(&CoinsTip());
3175 bool rv = ConnectBlock(blockConnecting, state, pindexNew, view);
3177 m_chainman.m_options.signals->BlockChecked(blockConnecting, state);
3178 }
3179 if (!rv) {
3180 if (state.IsInvalid())
3181 InvalidBlockFound(pindexNew, state);
3182 LogError("%s: ConnectBlock %s failed, %s\n", __func__, pindexNew->GetBlockHash().ToString(), state.ToString());
3183 return false;
3184 }
3185 time_3 = SteadyClock::now();
3186 m_chainman.time_connect_total += time_3 - time_2;
3187 assert(m_chainman.num_blocks_total > 0);
3188 LogDebug(BCLog::BENCH, " - Connect total: %.2fms [%.2fs (%.2fms/blk)]\n",
3189 Ticks<MillisecondsDouble>(time_3 - time_2),
3190 Ticks<SecondsDouble>(m_chainman.time_connect_total),
3191 Ticks<MillisecondsDouble>(m_chainman.time_connect_total) / m_chainman.num_blocks_total);
3192 bool flushed = view.Flush();
3193 assert(flushed);
3194 }
3195 const auto time_4{SteadyClock::now()};
3196 m_chainman.time_flush += time_4 - time_3;
3197 LogDebug(BCLog::BENCH, " - Flush: %.2fms [%.2fs (%.2fms/blk)]\n",
3198 Ticks<MillisecondsDouble>(time_4 - time_3),
3199 Ticks<SecondsDouble>(m_chainman.time_flush),
3200 Ticks<MillisecondsDouble>(m_chainman.time_flush) / m_chainman.num_blocks_total);
3201 // Write the chain state to disk, if necessary.
3203 return false;
3204 }
3205 const auto time_5{SteadyClock::now()};
3206 m_chainman.time_chainstate += time_5 - time_4;
3207 LogDebug(BCLog::BENCH, " - Writing chainstate: %.2fms [%.2fs (%.2fms/blk)]\n",
3208 Ticks<MillisecondsDouble>(time_5 - time_4),
3209 Ticks<SecondsDouble>(m_chainman.time_chainstate),
3210 Ticks<MillisecondsDouble>(m_chainman.time_chainstate) / m_chainman.num_blocks_total);
3211 // Remove conflicting transactions from the mempool.;
3212 if (m_mempool) {
3213 m_mempool->removeForBlock(blockConnecting.vtx, pindexNew->nHeight);
3214 disconnectpool.removeForBlock(blockConnecting.vtx);
3215 }
3216 // Update m_chain & related variables.
3217 m_chain.SetTip(*pindexNew);
3218 UpdateTip(pindexNew);
3219
3220 const auto time_6{SteadyClock::now()};
3221 m_chainman.time_post_connect += time_6 - time_5;
3222 m_chainman.time_total += time_6 - time_1;
3223 LogDebug(BCLog::BENCH, " - Connect postprocess: %.2fms [%.2fs (%.2fms/blk)]\n",
3224 Ticks<MillisecondsDouble>(time_6 - time_5),
3225 Ticks<SecondsDouble>(m_chainman.time_post_connect),
3226 Ticks<MillisecondsDouble>(m_chainman.time_post_connect) / m_chainman.num_blocks_total);
3227 LogDebug(BCLog::BENCH, "- Connect block: %.2fms [%.2fs (%.2fms/blk)]\n",
3228 Ticks<MillisecondsDouble>(time_6 - time_1),
3229 Ticks<SecondsDouble>(m_chainman.time_total),
3230 Ticks<MillisecondsDouble>(m_chainman.time_total) / m_chainman.num_blocks_total);
3231
3232 // If we are the background validation chainstate, check to see if we are done
3233 // validating the snapshot (i.e. our tip has reached the snapshot's base block).
3234 if (this != &m_chainman.ActiveChainstate()) {
3235 // This call may set `m_disabled`, which is referenced immediately afterwards in
3236 // ActivateBestChain, so that we stop connecting blocks past the snapshot base.
3237 m_chainman.MaybeCompleteSnapshotValidation();
3238 }
3239
3240 connectTrace.BlockConnected(pindexNew, std::move(pthisBlock));
3241 return true;
3242}
3243
3249{
3251 do {
3252 CBlockIndex *pindexNew = nullptr;
3253
3254 // Find the best candidate header.
3255 {
3256 std::set<CBlockIndex*, CBlockIndexWorkComparator>::reverse_iterator it = setBlockIndexCandidates.rbegin();
3257 if (it == setBlockIndexCandidates.rend())
3258 return nullptr;
3259 pindexNew = *it;
3260 }
3261
3262 // Check whether all blocks on the path between the currently active chain and the candidate are valid.
3263 // Just going until the active chain is an optimization, as we know all blocks in it are valid already.
3264 CBlockIndex *pindexTest = pindexNew;
3265 bool fInvalidAncestor = false;
3266 while (pindexTest && !m_chain.Contains(pindexTest)) {
3267 assert(pindexTest->HaveNumChainTxs() || pindexTest->nHeight == 0);
3268
3269 // Pruned nodes may have entries in setBlockIndexCandidates for
3270 // which block files have been deleted. Remove those as candidates
3271 // for the most work chain if we come across them; we can't switch
3272 // to a chain unless we have all the non-active-chain parent blocks.
3273 bool fFailedChain = pindexTest->nStatus & BLOCK_FAILED_MASK;
3274 bool fMissingData = !(pindexTest->nStatus & BLOCK_HAVE_DATA);
3275 if (fFailedChain || fMissingData) {
3276 // Candidate chain is not usable (either invalid or missing data)
3277 if (fFailedChain && (m_chainman.m_best_invalid == nullptr || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork)) {
3278 m_chainman.m_best_invalid = pindexNew;
3279 }
3280 CBlockIndex *pindexFailed = pindexNew;
3281 // Remove the entire chain from the set.
3282 while (pindexTest != pindexFailed) {
3283 if (fFailedChain) {
3284 pindexFailed->nStatus |= BLOCK_FAILED_CHILD;
3285 m_blockman.m_dirty_blockindex.insert(pindexFailed);
3286 } else if (fMissingData) {
3287 // If we're missing data, then add back to m_blocks_unlinked,
3288 // so that if the block arrives in the future we can try adding
3289 // to setBlockIndexCandidates again.
3291 std::make_pair(pindexFailed->pprev, pindexFailed));
3292 }
3293 setBlockIndexCandidates.erase(pindexFailed);
3294 pindexFailed = pindexFailed->pprev;
3295 }
3296 setBlockIndexCandidates.erase(pindexTest);
3297 fInvalidAncestor = true;
3298 break;
3299 }
3300 pindexTest = pindexTest->pprev;
3301 }
3302 if (!fInvalidAncestor)
3303 return pindexNew;
3304 } while(true);
3305}
3306
3309 // Note that we can't delete the current block itself, as we may need to return to it later in case a
3310 // reorganization to a better block fails.
3311 std::set<CBlockIndex*, CBlockIndexWorkComparator>::iterator it = setBlockIndexCandidates.begin();
3312 while (it != setBlockIndexCandidates.end() && setBlockIndexCandidates.value_comp()(*it, m_chain.Tip())) {
3313 setBlockIndexCandidates.erase(it++);
3314 }
3315 // Either the current tip or a successor of it we're working towards is left in setBlockIndexCandidates.
3317}
3318
3325bool Chainstate::ActivateBestChainStep(BlockValidationState& state, CBlockIndex* pindexMostWork, const std::shared_ptr<const CBlock>& pblock, bool& fInvalidFound, ConnectTrace& connectTrace)
3326{
3329
3330 const CBlockIndex* pindexOldTip = m_chain.Tip();
3331 const CBlockIndex* pindexFork = m_chain.FindFork(pindexMostWork);
3332
3333 // Disconnect active blocks which are no longer in the best chain.
3334 bool fBlocksDisconnected = false;
3336 while (m_chain.Tip() && m_chain.Tip() != pindexFork) {
3337 if (!DisconnectTip(state, &disconnectpool)) {
3338 // This is likely a fatal error, but keep the mempool consistent,
3339 // just in case. Only remove from the mempool in this case.
3340 MaybeUpdateMempoolForReorg(disconnectpool, false);
3341
3342 // If we're unable to disconnect a block during normal operation,
3343 // then that is a failure of our local system -- we should abort
3344 // rather than stay on a less work chain.
3345 FatalError(m_chainman.GetNotifications(), state, _("Failed to disconnect block."));
3346 return false;
3347 }
3348 fBlocksDisconnected = true;
3349 }
3350
3351 // Build list of new blocks to connect (in descending height order).
3352 std::vector<CBlockIndex*> vpindexToConnect;
3353 bool fContinue = true;
3354 int nHeight = pindexFork ? pindexFork->nHeight : -1;
3355 while (fContinue && nHeight != pindexMostWork->nHeight) {
3356 // Don't iterate the entire list of potential improvements toward the best tip, as we likely only need
3357 // a few blocks along the way.
3358 int nTargetHeight = std::min(nHeight + 32, pindexMostWork->nHeight);
3359 vpindexToConnect.clear();
3360 vpindexToConnect.reserve(nTargetHeight - nHeight);
3361 CBlockIndex* pindexIter = pindexMostWork->GetAncestor(nTargetHeight);
3362 while (pindexIter && pindexIter->nHeight != nHeight) {
3363 vpindexToConnect.push_back(pindexIter);
3364 pindexIter = pindexIter->pprev;
3365 }
3366 nHeight = nTargetHeight;
3367
3368 // Connect new blocks.
3369 for (CBlockIndex* pindexConnect : vpindexToConnect | std::views::reverse) {
3370 if (!ConnectTip(state, pindexConnect, pindexConnect == pindexMostWork ? pblock : std::shared_ptr<const CBlock>(), connectTrace, disconnectpool)) {
3371 if (state.IsInvalid()) {
3372 // The block violates a consensus rule.
3374 InvalidChainFound(vpindexToConnect.front());
3375 }
3376 state = BlockValidationState();
3377 fInvalidFound = true;
3378 fContinue = false;
3379 break;
3380 } else {
3381 // A system error occurred (disk space, database error, ...).
3382 // Make the mempool consistent with the current tip, just in case
3383 // any observers try to use it before shutdown.
3384 MaybeUpdateMempoolForReorg(disconnectpool, false);
3385 return false;
3386 }
3387 } else {
3389 if (!pindexOldTip || m_chain.Tip()->nChainWork > pindexOldTip->nChainWork) {
3390 // We're in a better position than we were. Return temporarily to release the lock.
3391 fContinue = false;
3392 break;
3393 }
3394 }
3395 }
3396 }
3397
3398 if (fBlocksDisconnected) {
3399 // If any blocks were disconnected, disconnectpool may be non empty. Add
3400 // any disconnected transactions back to the mempool.
3401 MaybeUpdateMempoolForReorg(disconnectpool, true);
3402 }
3403 if (m_mempool) m_mempool->check(this->CoinsTip(), this->m_chain.Height() + 1);
3404
3406
3407 return true;
3408}
3409
3410static SynchronizationState GetSynchronizationState(bool init, bool blockfiles_indexed)
3411{
3413 if (!blockfiles_indexed) return SynchronizationState::INIT_REINDEX;
3415}
3416
3418{
3419 bool fNotify = false;
3420 bool fInitialBlockDownload = false;
3421 CBlockIndex* pindexHeader = nullptr;
3422 {
3423 LOCK(GetMutex());
3424 pindexHeader = m_best_header;
3425
3426 if (pindexHeader != m_last_notified_header) {
3427 fNotify = true;
3428 fInitialBlockDownload = IsInitialBlockDownload();
3429 m_last_notified_header = pindexHeader;
3430 }
3431 }
3432 // Send block tip changed notifications without the lock held
3433 if (fNotify) {
3434 GetNotifications().headerTip(GetSynchronizationState(fInitialBlockDownload, m_blockman.m_blockfiles_indexed), pindexHeader->nHeight, pindexHeader->nTime, false);
3435 }
3436 return fNotify;
3437}
3438
3441
3442 if (signals.CallbacksPending() > 10) {
3443 signals.SyncWithValidationInterfaceQueue();
3444 }
3445}
3446
3447bool Chainstate::ActivateBestChain(BlockValidationState& state, std::shared_ptr<const CBlock> pblock)
3448{
3450
3451 // Note that while we're often called here from ProcessNewBlock, this is
3452 // far from a guarantee. Things in the P2P/RPC will often end up calling
3453 // us in the middle of ProcessNewBlock - do not assume pblock is set
3454 // sanely for performance or correctness!
3456
3457 // ABC maintains a fair degree of expensive-to-calculate internal state
3458 // because this function periodically releases cs_main so that it does not lock up other threads for too long
3459 // during large connects - and to allow for e.g. the callback queue to drain
3460 // we use m_chainstate_mutex to enforce mutual exclusion so that only one caller may execute this function at a time
3462
3463 // Belt-and-suspenders check that we aren't attempting to advance the background
3464 // chainstate past the snapshot base block.
3465 if (WITH_LOCK(::cs_main, return m_disabled)) {
3466 LogPrintf("m_disabled is set - this chainstate should not be in operation. "
3467 "Please report this as a bug. %s\n", CLIENT_BUGREPORT);
3468 return false;
3469 }
3470
3471 CBlockIndex *pindexMostWork = nullptr;
3472 CBlockIndex *pindexNewTip = nullptr;
3473 bool exited_ibd{false};
3474 do {
3475 // Block until the validation queue drains. This should largely
3476 // never happen in normal operation, however may happen during
3477 // reindex, causing memory blowup if we run too far ahead.
3478 // Note that if a validationinterface callback ends up calling
3479 // ActivateBestChain this may lead to a deadlock! We should
3480 // probably have a DEBUG_LOCKORDER test for this in the future.
3482
3483 {
3484 LOCK(cs_main);
3485 {
3486 // Lock transaction pool for at least as long as it takes for connectTrace to be consumed
3487 LOCK(MempoolMutex());
3488 const bool was_in_ibd = m_chainman.IsInitialBlockDownload();
3489 CBlockIndex* starting_tip = m_chain.Tip();
3490 bool blocks_connected = false;
3491 do {
3492 // We absolutely may not unlock cs_main until we've made forward progress
3493 // (with the exception of shutdown due to hardware issues, low disk space, etc).
3494 ConnectTrace connectTrace; // Destructed before cs_main is unlocked
3495
3496 if (pindexMostWork == nullptr) {
3497 pindexMostWork = FindMostWorkChain();
3498 }
3499
3500 // Whether we have anything to do at all.
3501 if (pindexMostWork == nullptr || pindexMostWork == m_chain.Tip()) {
3502 break;
3503 }
3504
3505 bool fInvalidFound = false;
3506 std::shared_ptr<const CBlock> nullBlockPtr;
3507 // BlockConnected signals must be sent for the original role;
3508 // in case snapshot validation is completed during ActivateBestChainStep, the
3509 // result of GetRole() changes from BACKGROUND to NORMAL.
3510 const ChainstateRole chainstate_role{this->GetRole()};
3511 if (!ActivateBestChainStep(state, pindexMostWork, pblock && pblock->GetHash() == pindexMostWork->GetBlockHash() ? pblock : nullBlockPtr, fInvalidFound, connectTrace)) {
3512 // A system error occurred
3513 return false;
3514 }
3515 blocks_connected = true;
3516
3517 if (fInvalidFound) {
3518 // Wipe cache, we may need another branch now.
3519 pindexMostWork = nullptr;
3520 }
3521 pindexNewTip = m_chain.Tip();
3522
3523 for (const PerBlockConnectTrace& trace : connectTrace.GetBlocksConnected()) {
3524 assert(trace.pblock && trace.pindex);
3526 m_chainman.m_options.signals->BlockConnected(chainstate_role, trace.pblock, trace.pindex);
3527 }
3528 }
3529
3530 // This will have been toggled in
3531 // ActivateBestChainStep -> ConnectTip -> MaybeCompleteSnapshotValidation,
3532 // if at all, so we should catch it here.
3533 //
3534 // Break this do-while to ensure we don't advance past the base snapshot.
3535 if (m_disabled) {
3536 break;
3537 }
3538 } while (!m_chain.Tip() || (starting_tip && CBlockIndexWorkComparator()(m_chain.Tip(), starting_tip)));
3539 if (!blocks_connected) return true;
3540
3541 const CBlockIndex* pindexFork = m_chain.FindFork(starting_tip);
3542 bool still_in_ibd = m_chainman.IsInitialBlockDownload();
3543
3544 if (was_in_ibd && !still_in_ibd) {
3545 // Active chainstate has exited IBD.
3546 exited_ibd = true;
3547 }
3548
3549 // Notify external listeners about the new tip.
3550 // Enqueue while holding cs_main to ensure that UpdatedBlockTip is called in the order in which blocks are connected
3551 if (this == &m_chainman.ActiveChainstate() && pindexFork != pindexNewTip) {
3552 // Notify ValidationInterface subscribers
3554 m_chainman.m_options.signals->UpdatedBlockTip(pindexNewTip, pindexFork, still_in_ibd);
3555 }
3556
3558 // Just breaking and returning success for now. This could
3559 // be changed to bubble up the kernel::Interrupted value to
3560 // the caller so the caller could distinguish between
3561 // completed and interrupted operations.
3562 break;
3563 }
3564 }
3565 } // release MempoolMutex
3566 // Notify external listeners about the new tip, even if pindexFork == pindexNewTip.
3569 }
3570 } // release cs_main
3571 // When we reach this point, we switched to a new tip (stored in pindexNewTip).
3572
3573 if (exited_ibd) {
3574 // If a background chainstate is in use, we may need to rebalance our
3575 // allocation of caches once a chainstate exits initial block download.
3576 LOCK(::cs_main);
3577 m_chainman.MaybeRebalanceCaches();
3578 }
3579
3580 if (WITH_LOCK(::cs_main, return m_disabled)) {
3581 // Background chainstate has reached the snapshot base block, so exit.
3582
3583 // Restart indexes to resume indexing for all blocks unique to the snapshot
3584 // chain. This resumes indexing "in order" from where the indexing on the
3585 // background validation chain left off.
3586 //
3587 // This cannot be done while holding cs_main (within
3588 // MaybeCompleteSnapshotValidation) or a cs_main deadlock will occur.
3591 }
3592 break;
3593 }
3594
3595 // We check interrupt only after giving ActivateBestChainStep a chance to run once so that we
3596 // never interrupt before connecting the genesis block during LoadChainTip(). Previously this
3597 // caused an assert() failure during interrupt in such cases as the UTXO DB flushing checks
3598 // that the best block hash is non-null.
3599 if (m_chainman.m_interrupt) break;
3600 } while (pindexNewTip != pindexMostWork);
3601
3603
3604 // Write changes periodically to disk, after relay.
3606 return false;
3607 }
3608
3609 return true;
3610}
3611
3612bool Chainstate::PreciousBlock(BlockValidationState& state, CBlockIndex* pindex)
3613{
3616 {
3617 LOCK(cs_main);
3618 if (pindex->nChainWork < m_chain.Tip()->nChainWork) {
3619 // Nothing to do, this block is not at the tip.
3620 return true;
3621 }
3623 // The chain has been extended since the last call, reset the counter.
3625 }
3627 setBlockIndexCandidates.erase(pindex);
3629 if (m_chainman.nBlockReverseSequenceId > std::numeric_limits<int32_t>::min()) {
3630 // We can't keep reducing the counter if somebody really wants to
3631 // call preciousblock 2**31-1 times on the same set of tips...
3633 }
3634 if (pindex->IsValid(BLOCK_VALID_TRANSACTIONS) && pindex->HaveNumChainTxs()) {
3635 setBlockIndexCandidates.insert(pindex);
3637 }
3638 }
3639
3640 return ActivateBestChain(state, std::shared_ptr<const CBlock>());
3641}
3642
3644{
3647
3648 // Genesis block can't be invalidated
3649 assert(pindex);
3650 if (pindex->nHeight == 0) return false;
3651
3652 CBlockIndex* to_mark_failed = pindex;
3653 bool pindex_was_in_chain = false;
3654 int disconnected = 0;
3655
3656 // We do not allow ActivateBestChain() to run while InvalidateBlock() is
3657 // running, as that could cause the tip to change while we disconnect
3658 // blocks.
3660
3661 // We'll be acquiring and releasing cs_main below, to allow the validation
3662 // callbacks to run. However, we should keep the block index in a
3663 // consistent state as we disconnect blocks -- in particular we need to
3664 // add equal-work blocks to setBlockIndexCandidates as we disconnect.
3665 // To avoid walking the block index repeatedly in search of candidates,
3666 // build a map once so that we can look up candidate blocks by chain
3667 // work as we go.
3668 std::multimap<const arith_uint256, CBlockIndex *> candidate_blocks_by_work;
3669
3670 {
3671 LOCK(cs_main);
3672 for (auto& entry : m_blockman.m_block_index) {
3673 CBlockIndex* candidate = &entry.second;
3674 // We don't need to put anything in our active chain into the
3675 // multimap, because those candidates will be found and considered
3676 // as we disconnect.
3677 // Instead, consider only non-active-chain blocks that have at
3678 // least as much work as where we expect the new tip to end up.
3679 if (!m_chain.Contains(candidate) &&
3680 !CBlockIndexWorkComparator()(candidate, pindex->pprev) &&
3681 candidate->IsValid(BLOCK_VALID_TRANSACTIONS) &&
3682 candidate->HaveNumChainTxs()) {
3683 candidate_blocks_by_work.insert(std::make_pair(candidate->nChainWork, candidate));
3684 }
3685 }
3686 }
3687
3688 // Disconnect (descendants of) pindex, and mark them invalid.
3689 while (true) {
3690 if (m_chainman.m_interrupt) break;
3691
3692 // Make sure the queue of validation callbacks doesn't grow unboundedly.
3694
3695 LOCK(cs_main);
3696 // Lock for as long as disconnectpool is in scope to make sure MaybeUpdateMempoolForReorg is
3697 // called after DisconnectTip without unlocking in between
3698 LOCK(MempoolMutex());
3699 if (!m_chain.Contains(pindex)) break;
3700 pindex_was_in_chain = true;
3701 CBlockIndex *invalid_walk_tip = m_chain.Tip();
3702
3703 // ActivateBestChain considers blocks already in m_chain
3704 // unconditionally valid already, so force disconnect away from it.
3706 bool ret = DisconnectTip(state, &disconnectpool);
3707 // DisconnectTip will add transactions to disconnectpool.
3708 // Adjust the mempool to be consistent with the new tip, adding
3709 // transactions back to the mempool if disconnecting was successful,
3710 // and we're not doing a very deep invalidation (in which case
3711 // keeping the mempool up to date is probably futile anyway).
3712 MaybeUpdateMempoolForReorg(disconnectpool, /* fAddToMempool = */ (++disconnected <= 10) && ret);
3713 if (!ret) return false;
3714 assert(invalid_walk_tip->pprev == m_chain.Tip());
3715
3716 // We immediately mark the disconnected blocks as invalid.
3717 // This prevents a case where pruned nodes may fail to invalidateblock
3718 // and be left unable to start as they have no tip candidates (as there
3719 // are no blocks that meet the "have data and are not invalid per
3720 // nStatus" criteria for inclusion in setBlockIndexCandidates).
3721 invalid_walk_tip->nStatus |= BLOCK_FAILED_VALID;
3722 m_blockman.m_dirty_blockindex.insert(invalid_walk_tip);
3723 setBlockIndexCandidates.erase(invalid_walk_tip);
3724 setBlockIndexCandidates.insert(invalid_walk_tip->pprev);
3725 if (invalid_walk_tip == to_mark_failed->pprev && (to_mark_failed->nStatus & BLOCK_FAILED_VALID)) {
3726 // We only want to mark the last disconnected block as BLOCK_FAILED_VALID; its children
3727 // need to be BLOCK_FAILED_CHILD instead.
3728 to_mark_failed->nStatus = (to_mark_failed->nStatus ^ BLOCK_FAILED_VALID) | BLOCK_FAILED_CHILD;
3729 m_blockman.m_dirty_blockindex.insert(to_mark_failed);
3730 }
3731
3732 // Add any equal or more work headers to setBlockIndexCandidates
3733 auto candidate_it = candidate_blocks_by_work.lower_bound(invalid_walk_tip->pprev->nChainWork);
3734 while (candidate_it != candidate_blocks_by_work.end()) {
3735 if (!CBlockIndexWorkComparator()(candidate_it->second, invalid_walk_tip->pprev)) {
3736 setBlockIndexCandidates.insert(candidate_it->second);
3737 candidate_it = candidate_blocks_by_work.erase(candidate_it);
3738 } else {
3739 ++candidate_it;
3740 }
3741 }
3742
3743 // Track the last disconnected block, so we can correct its BLOCK_FAILED_CHILD status in future
3744 // iterations, or, if it's the last one, call InvalidChainFound on it.
3745 to_mark_failed = invalid_walk_tip;
3746 }
3747
3749
3750 {
3751 LOCK(cs_main);
3752 if (m_chain.Contains(to_mark_failed)) {
3753 // If the to-be-marked invalid block is in the active chain, something is interfering and we can't proceed.
3754 return false;
3755 }
3756
3757 // Mark pindex as invalid if it never was in the main chain
3758 if (!pindex_was_in_chain && !(pindex->nStatus & BLOCK_FAILED_MASK)) {
3759 pindex->nStatus |= BLOCK_FAILED_VALID;
3760 m_blockman.m_dirty_blockindex.insert(pindex);
3761 setBlockIndexCandidates.erase(pindex);
3762 m_chainman.m_failed_blocks.insert(pindex);
3763 }
3764
3765 // If any new blocks somehow arrived while we were disconnecting
3766 // (above), then the pre-calculation of what should go into
3767 // setBlockIndexCandidates may have missed entries. This would
3768 // technically be an inconsistency in the block index, but if we clean
3769 // it up here, this should be an essentially unobservable error.
3770 // Loop back over all block index entries and add any missing entries
3771 // to setBlockIndexCandidates.
3772 for (auto& [_, block_index] : m_blockman.m_block_index) {
3773 if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && !setBlockIndexCandidates.value_comp()(&block_index, m_chain.Tip())) {
3774 setBlockIndexCandidates.insert(&block_index);
3775 }
3776 }
3777
3778 InvalidChainFound(to_mark_failed);
3779 }
3780
3781 // Only notify about a new block tip if the active chain was modified.
3782 if (pindex_was_in_chain) {
3783 // Ignoring return value for now, this could be changed to bubble up
3784 // kernel::Interrupted value to the caller so the caller could
3785 // distinguish between completed and interrupted operations. It might
3786 // also make sense for the blockTip notification to have an enum
3787 // parameter indicating the source of the tip change so hooks can
3788 // distinguish user-initiated invalidateblock changes from other
3789 // changes.
3791
3792 // Fire ActiveTipChange now for the current chain tip to make sure clients are notified.
3793 // ActivateBestChain may call this as well, but not necessarily.
3796 }
3797 }
3798 return true;
3799}
3800
3801void Chainstate::SetBlockFailureFlags(CBlockIndex* invalid_block)
3802{
3804
3805 for (auto& [_, block_index] : m_blockman.m_block_index) {
3806 if (invalid_block != &block_index && block_index.GetAncestor(invalid_block->nHeight) == invalid_block) {
3807 block_index.nStatus = (block_index.nStatus & ~BLOCK_FAILED_VALID) | BLOCK_FAILED_CHILD;
3808 m_blockman.m_dirty_blockindex.insert(&block_index);
3809 }
3810 }
3811}
3812
3815
3816 int nHeight = pindex->nHeight;
3817
3818 // Remove the invalidity flag from this block and all its descendants.
3819 for (auto& [_, block_index] : m_blockman.m_block_index) {
3820 if (!block_index.IsValid() && block_index.GetAncestor(nHeight) == pindex) {
3821 block_index.nStatus &= ~BLOCK_FAILED_MASK;
3822 m_blockman.m_dirty_blockindex.insert(&block_index);
3823 if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && setBlockIndexCandidates.value_comp()(m_chain.Tip(), &block_index)) {
3824 setBlockIndexCandidates.insert(&block_index);
3825 }
3826 if (&block_index == m_chainman.m_best_invalid) {
3827 // Reset invalid block marker if it was pointing to one of those.
3828 m_chainman.m_best_invalid = nullptr;
3829 }
3830 m_chainman.m_failed_blocks.erase(&block_index);
3831 }
3832 }
3833
3834 // Remove the invalidity flag from all ancestors too.
3835 while (pindex != nullptr) {
3836 if (pindex->nStatus & BLOCK_FAILED_MASK) {
3837 pindex->nStatus &= ~BLOCK_FAILED_MASK;
3838 m_blockman.m_dirty_blockindex.insert(pindex);
3839 m_chainman.m_failed_blocks.erase(pindex);
3840 }
3841 pindex = pindex->pprev;
3842 }
3843}
3844
3846{
3848 // The block only is a candidate for the most-work-chain if it has the same
3849 // or more work than our current tip.
3850 if (m_chain.Tip() != nullptr && setBlockIndexCandidates.value_comp()(pindex, m_chain.Tip())) {
3851 return;
3852 }
3853
3854 bool is_active_chainstate = this == &m_chainman.ActiveChainstate();
3855 if (is_active_chainstate) {
3856 // The active chainstate should always add entries that have more
3857 // work than the tip.
3858 setBlockIndexCandidates.insert(pindex);
3859 } else if (!m_disabled) {
3860 // For the background chainstate, we only consider connecting blocks
3861 // towards the snapshot base (which can't be nullptr or else we'll
3862 // never make progress).
3863 const CBlockIndex* snapshot_base{Assert(m_chainman.GetSnapshotBaseBlock())};
3864 if (snapshot_base->GetAncestor(pindex->nHeight) == pindex) {
3865 setBlockIndexCandidates.insert(pindex);
3866 }
3867 }
3868}
3869
3872{
3874 pindexNew->nTx = block.vtx.size();
3875 // Typically m_chain_tx_count will be 0 at this point, but it can be nonzero if this
3876 // is a pruned block which is being downloaded again, or if this is an
3877 // assumeutxo snapshot block which has a hardcoded m_chain_tx_count value from the
3878 // snapshot metadata. If the pindex is not the snapshot block and the
3879 // m_chain_tx_count value is not zero, assert that value is actually correct.
3880 auto prev_tx_sum = [](CBlockIndex& block) { return block.nTx + (block.pprev ? block.pprev->m_chain_tx_count : 0); };
3881 if (!Assume(pindexNew->m_chain_tx_count == 0 || pindexNew->m_chain_tx_count == prev_tx_sum(*pindexNew) ||
3882 pindexNew == GetSnapshotBaseBlock())) {
3883 LogWarning("Internal bug detected: block %d has unexpected m_chain_tx_count %i that should be %i (%s %s). Please report this issue here: %s\n",
3884 pindexNew->nHeight, pindexNew->m_chain_tx_count, prev_tx_sum(*pindexNew), CLIENT_NAME, FormatFullVersion(), CLIENT_BUGREPORT);
3885 pindexNew->m_chain_tx_count = 0;
3886 }
3887 pindexNew->nFile = pos.nFile;
3888 pindexNew->nDataPos = pos.nPos;
3889 pindexNew->nUndoPos = 0;
3890 pindexNew->nStatus |= BLOCK_HAVE_DATA;
3891 if (DeploymentActiveAt(*pindexNew, *this, Consensus::DEPLOYMENT_SEGWIT)) {
3892 pindexNew->nStatus |= BLOCK_OPT_WITNESS;
3893 }
3895 m_blockman.m_dirty_blockindex.insert(pindexNew);
3896
3897 if (pindexNew->pprev == nullptr || pindexNew->pprev->HaveNumChainTxs()) {
3898 // If pindexNew is the genesis block or all parents are BLOCK_VALID_TRANSACTIONS.
3899 std::deque<CBlockIndex*> queue;
3900 queue.push_back(pindexNew);
3901
3902 // Recursively process any descendant blocks that now may be eligible to be connected.
3903 while (!queue.empty()) {
3904 CBlockIndex *pindex = queue.front();
3905 queue.pop_front();
3906 // Before setting m_chain_tx_count, assert that it is 0 or already set to
3907 // the correct value. This assert will fail after receiving the
3908 // assumeutxo snapshot block if assumeutxo snapshot metadata has an
3909 // incorrect hardcoded AssumeutxoData::m_chain_tx_count value.
3910 if (!Assume(pindex->m_chain_tx_count == 0 || pindex->m_chain_tx_count == prev_tx_sum(*pindex))) {
3911 LogWarning("Internal bug detected: block %d has unexpected m_chain_tx_count %i that should be %i (%s %s). Please report this issue here: %s\n",
3912 pindex->nHeight, pindex->m_chain_tx_count, prev_tx_sum(*pindex), CLIENT_NAME, FormatFullVersion(), CLIENT_BUGREPORT);
3913 }
3914 pindex->m_chain_tx_count = prev_tx_sum(*pindex);
3915 pindex->nSequenceId = nBlockSequenceId++;
3916 for (Chainstate *c : GetAll()) {
3917 c->TryAddBlockIndexCandidate(pindex);
3918 }
3919 std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> range = m_blockman.m_blocks_unlinked.equal_range(pindex);
3920 while (range.first != range.second) {
3921 std::multimap<CBlockIndex*, CBlockIndex*>::iterator it = range.first;
3922 queue.push_back(it->second);
3923 range.first++;
3924 m_blockman.m_blocks_unlinked.erase(it);
3925 }
3926 }
3927 } else {
3928 if (pindexNew->pprev && pindexNew->pprev->IsValid(BLOCK_VALID_TREE)) {
3929 m_blockman.m_blocks_unlinked.insert(std::make_pair(pindexNew->pprev, pindexNew));
3930 }
3931 }
3932}
3933
3934static bool CheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true)
3935{
3936 // Check proof of work matches claimed amount
3937 if (fCheckPOW && !CheckProofOfWork(block.GetHash(), block.nBits, consensusParams))
3938 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "high-hash", "proof of work failed");
3939
3940 return true;
3941}
3942
3943static bool CheckMerkleRoot(const CBlock& block, BlockValidationState& state)
3944{
3945 if (block.m_checked_merkle_root) return true;
3946
3947 bool mutated;
3948 uint256 merkle_root = BlockMerkleRoot(block, &mutated);
3949 if (block.hashMerkleRoot != merkle_root) {
3950 return state.Invalid(
3952 /*reject_reason=*/"bad-txnmrklroot",
3953 /*debug_message=*/"hashMerkleRoot mismatch");
3954 }
3955
3956 // Check for merkle tree malleability (CVE-2012-2459): repeating sequences
3957 // of transactions in a block without affecting the merkle root of a block,
3958 // while still invalidating it.
3959 if (mutated) {
3960 return state.Invalid(
3962 /*reject_reason=*/"bad-txns-duplicate",
3963 /*debug_message=*/"duplicate transaction");
3964 }
3965
3966 block.m_checked_merkle_root = true;
3967 return true;
3968}
3969
3976static bool CheckWitnessMalleation(const CBlock& block, bool expect_witness_commitment, BlockValidationState& state)
3977{
3978 if (expect_witness_commitment) {
3979 if (block.m_checked_witness_commitment) return true;
3980
3981 int commitpos = GetWitnessCommitmentIndex(block);
3982 if (commitpos != NO_WITNESS_COMMITMENT) {
3983 assert(!block.vtx.empty() && !block.vtx[0]->vin.empty());
3984 const auto& witness_stack{block.vtx[0]->vin[0].scriptWitness.stack};
3985
3986 if (witness_stack.size() != 1 || witness_stack[0].size() != 32) {
3987 return state.Invalid(
3989 /*reject_reason=*/"bad-witness-nonce-size",
3990 /*debug_message=*/strprintf("%s : invalid witness reserved value size", __func__));
3991 }
3992
3993 // The malleation check is ignored; as the transaction tree itself
3994 // already does not permit it, it is impossible to trigger in the
3995 // witness tree.
3996 uint256 hash_witness = BlockWitnessMerkleRoot(block, /*mutated=*/nullptr);
3997
3998 CHash256().Write(hash_witness).Write(witness_stack[0]).Finalize(hash_witness);
3999 if (memcmp(hash_witness.begin(), &block.vtx[0]->vout[commitpos].scriptPubKey[6], 32)) {
4000 return state.Invalid(
4002 /*reject_reason=*/"bad-witness-merkle-match",
4003 /*debug_message=*/strprintf("%s : witness merkle commitment mismatch", __func__));
4004 }
4005
4006 block.m_checked_witness_commitment = true;
4007 return true;
4008 }
4009 }
4010
4011 // No witness data is allowed in blocks that don't commit to witness data, as this would otherwise leave room for spam
4012 for (const auto& tx : block.vtx) {
4013 if (tx->HasWitness()) {
4014 return state.Invalid(
4016 /*reject_reason=*/"unexpected-witness",
4017 /*debug_message=*/strprintf("%s : unexpected witness data found", __func__));
4018 }
4019 }
4020
4021 return true;
4022}
4023
4024bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
4025{
4026 // These are checks that are independent of context.
4027
4028 if (block.fChecked)
4029 return true;
4030
4031 // Check that the header is valid (particularly PoW). This is mostly
4032 // redundant with the call in AcceptBlockHeader.
4033 if (!CheckBlockHeader(block, state, consensusParams, fCheckPOW))
4034 return false;
4035
4036 // Signet only: check block solution
4037 if (consensusParams.signet_blocks && fCheckPOW && !CheckSignetBlockSolution(block, consensusParams)) {
4038 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-signet-blksig", "signet block signature validation failure");
4039 }
4040
4041 // Check the merkle root.
4042 if (fCheckMerkleRoot && !CheckMerkleRoot(block, state)) {
4043 return false;
4044 }
4045
4046 // All potential-corruption validation must be done before we do any
4047 // transaction validation, as otherwise we may mark the header as invalid
4048 // because we receive the wrong transactions for it.
4049 // Note that witness malleability is checked in ContextualCheckBlock, so no
4050 // checks that use witness data may be performed here.
4051
4052 // Size limits
4054 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-length", "size limits failed");
4055
4056 // First transaction must be coinbase, the rest must not be
4057 if (block.vtx.empty() || !block.vtx[0]->IsCoinBase())
4058 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-missing", "first tx is not coinbase");
4059 for (unsigned int i = 1; i < block.vtx.size(); i++)
4060 if (block.vtx[i]->IsCoinBase())
4061 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-multiple", "more than one coinbase");
4062
4063 // Check transactions
4064 // Must check for duplicate inputs (see CVE-2018-17144)
4065 for (const auto& tx : block.vtx) {
4066 TxValidationState tx_state;
4067 if (!CheckTransaction(*tx, tx_state)) {
4068 // CheckBlock() does context-free validation checks. The only
4069 // possible failures are consensus failures.
4072 strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), tx_state.GetDebugMessage()));
4073 }
4074 }
4075 // This underestimates the number of sigops, because unlike ConnectBlock it
4076 // does not count witness and p2sh sigops.
4077 unsigned int nSigOps = 0;
4078 for (const auto& tx : block.vtx)
4079 {
4080 nSigOps += GetLegacySigOpCount(*tx);
4081 }
4083 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "out-of-bounds SigOpCount");
4084
4085 if (fCheckPOW && fCheckMerkleRoot)
4086 block.fChecked = true;
4087
4088 return true;
4089}
4090
4092{
4093 int commitpos = GetWitnessCommitmentIndex(block);
4094 static const std::vector<unsigned char> nonce(32, 0x00);
4095 if (commitpos != NO_WITNESS_COMMITMENT && DeploymentActiveAfter(pindexPrev, *this, Consensus::DEPLOYMENT_SEGWIT) && !block.vtx[0]->HasWitness()) {
4096 CMutableTransaction tx(*block.vtx[0]);
4097 tx.vin[0].scriptWitness.stack.resize(1);
4098 tx.vin[0].scriptWitness.stack[0] = nonce;
4099 block.vtx[0] = MakeTransactionRef(std::move(tx));
4100 }
4101}
4102
4103std::vector<unsigned char> ChainstateManager::GenerateCoinbaseCommitment(CBlock& block, const CBlockIndex* pindexPrev) const
4104{
4105 std::vector<unsigned char> commitment;
4106 int commitpos = GetWitnessCommitmentIndex(block);
4107 std::vector<unsigned char> ret(32, 0x00);
4108 if (commitpos == NO_WITNESS_COMMITMENT) {
4109 uint256 witnessroot = BlockWitnessMerkleRoot(block, nullptr);
4110 CHash256().Write(witnessroot).Write(ret).Finalize(witnessroot);
4111 CTxOut out;
4112 out.nValue = 0;
4113 out.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
4114 out.scriptPubKey[0] = OP_RETURN;
4115 out.scriptPubKey[1] = 0x24;
4116 out.scriptPubKey[2] = 0xaa;
4117 out.scriptPubKey[3] = 0x21;
4118 out.scriptPubKey[4] = 0xa9;
4119 out.scriptPubKey[5] = 0xed;
4120 memcpy(&out.scriptPubKey[6], witnessroot.begin(), 32);
4121 commitment = std::vector<unsigned char>(out.scriptPubKey.begin(), out.scriptPubKey.end());
4122 CMutableTransaction tx(*block.vtx[0]);
4123 tx.vout.push_back(out);
4124 block.vtx[0] = MakeTransactionRef(std::move(tx));
4125 }
4126 UpdateUncommittedBlockStructures(block, pindexPrev);
4127 return commitment;
4128}
4129
4130bool HasValidProofOfWork(const std::vector<CBlockHeader>& headers, const Consensus::Params& consensusParams)
4131{
4132 return std::all_of(headers.cbegin(), headers.cend(),
4133 [&](const auto& header) { return CheckProofOfWork(header.GetHash(), header.nBits, consensusParams);});
4134}
4135
4136bool IsBlockMutated(const CBlock& block, bool check_witness_root)
4137{
4139 if (!CheckMerkleRoot(block, state)) {
4140 LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4141 return true;
4142 }
4143
4144 if (block.vtx.empty() || !block.vtx[0]->IsCoinBase()) {
4145 // Consider the block mutated if any transaction is 64 bytes in size (see 3.1
4146 // in "Weaknesses in Bitcoin’s Merkle Root Construction":
4147 // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190225/a27d8837/attachment-0001.pdf).
4148 //
4149 // Note: This is not a consensus change as this only applies to blocks that
4150 // don't have a coinbase transaction and would therefore already be invalid.
4151 return std::any_of(block.vtx.begin(), block.vtx.end(),
4152 [](auto& tx) { return GetSerializeSize(TX_NO_WITNESS(tx)) == 64; });
4153 } else {
4154 // Theoretically it is still possible for a block with a 64 byte
4155 // coinbase transaction to be mutated but we neglect that possibility
4156 // here as it requires at least 224 bits of work.
4157 }
4158
4159 if (!CheckWitnessMalleation(block, check_witness_root, state)) {
4160 LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4161 return true;
4162 }
4163
4164 return false;
4165}
4166
4167arith_uint256 CalculateClaimedHeadersWork(std::span<const CBlockHeader> headers)
4168{
4169 arith_uint256 total_work{0};
4170 for (const CBlockHeader& header : headers) {
4171 CBlockIndex dummy(header);
4172 total_work += GetBlockProof(dummy);
4173 }
4174 return total_work;
4175}
4176
4191{
4193 assert(pindexPrev != nullptr);
4194 const int nHeight = pindexPrev->nHeight + 1;
4195
4196 // Check proof of work
4197 const Consensus::Params& consensusParams = chainman.GetConsensus();
4198 if (block.nBits != GetNextWorkRequired(pindexPrev, &block, consensusParams))
4199 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "bad-diffbits", "incorrect proof of work");
4200
4201 // Check timestamp against prev
4202 if (block.GetBlockTime() <= pindexPrev->GetMedianTimePast())
4203 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-too-old", "block's timestamp is too early");
4204
4205 // Testnet4 and regtest only: Check timestamp against prev for difficulty-adjustment
4206 // blocks to prevent timewarp attacks (see https://github.com/bitcoin/bitcoin/pull/15482).
4207 if (consensusParams.enforce_BIP94) {
4208 // Check timestamp for the first block of each difficulty adjustment
4209 // interval, except the genesis block.
4210 if (nHeight % consensusParams.DifficultyAdjustmentInterval() == 0) {
4211 if (block.GetBlockTime() < pindexPrev->GetBlockTime() - MAX_TIMEWARP) {
4212 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-timewarp-attack", "block's timestamp is too early on diff adjustment block");
4213 }
4214 }
4215 }
4216
4217 // Check timestamp
4218 if (block.Time() > NodeClock::now() + std::chrono::seconds{MAX_FUTURE_BLOCK_TIME}) {
4219 return state.Invalid(BlockValidationResult::BLOCK_TIME_FUTURE, "time-too-new", "block timestamp too far in the future");
4220 }
4221
4222 // Reject blocks with outdated version
4223 if ((block.nVersion < 2 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB)) ||
4224 (block.nVersion < 3 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_DERSIG)) ||
4225 (block.nVersion < 4 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CLTV))) {
4226 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, strprintf("bad-version(0x%08x)", block.nVersion),
4227 strprintf("rejected nVersion=0x%08x block", block.nVersion));
4228 }
4229
4230 return true;
4231}
4232
4239static bool ContextualCheckBlock(const CBlock& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev)
4240{
4241 const int nHeight = pindexPrev == nullptr ? 0 : pindexPrev->nHeight + 1;
4242
4243 // Enforce BIP113 (Median Time Past).
4244 bool enforce_locktime_median_time_past{false};
4245 if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CSV)) {
4246 assert(pindexPrev != nullptr);
4247 enforce_locktime_median_time_past = true;
4248 }
4249
4250 const int64_t nLockTimeCutoff{enforce_locktime_median_time_past ?
4251 pindexPrev->GetMedianTimePast() :
4252 block.GetBlockTime()};
4253
4254 // Check that all transactions are finalized
4255 for (const auto& tx : block.vtx) {
4256 if (!IsFinalTx(*tx, nHeight, nLockTimeCutoff)) {
4257 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal", "non-final transaction");
4258 }
4259 }
4260
4261 // Enforce rule that the coinbase starts with serialized block height
4263 {
4265 if (block.vtx[0]->vin[0].scriptSig.size() < expect.size() ||
4266 !std::equal(expect.begin(), expect.end(), block.vtx[0]->vin[0].scriptSig.begin())) {
4267 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-height", "block height mismatch in coinbase");
4268 }
4269 }
4270
4271 // Validation for witness commitments.
4272 // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the
4273 // coinbase (where 0x0000....0000 is used instead).
4274 // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness reserved value (unconstrained).
4275 // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header).
4276 // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are
4277 // {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness reserved value). In case there are
4278 // multiple, the last one is used.
4279 if (!CheckWitnessMalleation(block, DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_SEGWIT), state)) {
4280 return false;
4281 }
4282
4283 // After the coinbase witness reserved value and commitment are verified,
4284 // we can check if the block weight passes (before we've checked the
4285 // coinbase witness, it would be possible for the weight to be too
4286 // large by filling up the coinbase witness, which doesn't change
4287 // the block hash, so we couldn't mark the block as permanently
4288 // failed).
4289 if (GetBlockWeight(block) > MAX_BLOCK_WEIGHT) {
4290 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-weight", strprintf("%s : weight limit failed", __func__));
4291 }
4292
4293 return true;
4294}
4295
4296bool ChainstateManager::AcceptBlockHeader(const CBlockHeader& block, BlockValidationState& state, CBlockIndex** ppindex, bool min_pow_checked)
4297{
4299
4300 // Check for duplicate
4301 uint256 hash = block.GetHash();
4302 BlockMap::iterator miSelf{m_blockman.m_block_index.find(hash)};
4303 if (hash != GetConsensus().hashGenesisBlock) {
4304 if (miSelf != m_blockman.m_block_index.end()) {
4305 // Block header is already known.
4306 CBlockIndex* pindex = &(miSelf->second);
4307 if (ppindex)
4308 *ppindex = pindex;
4309 if (pindex->nStatus & BLOCK_FAILED_MASK) {
4310 LogDebug(BCLog::VALIDATION, "%s: block %s is marked invalid\n", __func__, hash.ToString());
4311 return state.Invalid(BlockValidationResult::BLOCK_CACHED_INVALID, "duplicate-invalid");
4312 }
4313 return true;
4314 }
4315
4316 if (!CheckBlockHeader(block, state, GetConsensus())) {
4317 LogDebug(BCLog::VALIDATION, "%s: Consensus::CheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4318 return false;
4319 }
4320
4321 // Get prev block index
4322 CBlockIndex* pindexPrev = nullptr;
4323 BlockMap::iterator mi{m_blockman.m_block_index.find(block.hashPrevBlock)};
4324 if (mi == m_blockman.m_block_index.end()) {
4325 LogDebug(BCLog::VALIDATION, "header %s has prev block not found: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4326 return state.Invalid(BlockValidationResult::BLOCK_MISSING_PREV, "prev-blk-not-found");
4327 }
4328 pindexPrev = &((*mi).second);
4329 if (pindexPrev->nStatus & BLOCK_FAILED_MASK) {
4330 LogDebug(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4331 return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
4332 }
4333 if (!ContextualCheckBlockHeader(block, state, m_blockman, *this, pindexPrev)) {
4334 LogDebug(BCLog::VALIDATION, "%s: Consensus::ContextualCheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4335 return false;
4336 }
4337
4338 /* Determine if this block descends from any block which has been found
4339 * invalid (m_failed_blocks), then mark pindexPrev and any blocks between
4340 * them as failed. For example:
4341 *
4342 * D3
4343 * /
4344 * B2 - C2
4345 * / \
4346 * A D2 - E2 - F2
4347 * \
4348 * B1 - C1 - D1 - E1
4349 *
4350 * In the case that we attempted to reorg from E1 to F2, only to find
4351 * C2 to be invalid, we would mark D2, E2, and F2 as BLOCK_FAILED_CHILD
4352 * but NOT D3 (it was not in any of our candidate sets at the time).
4353 *
4354 * In any case D3 will also be marked as BLOCK_FAILED_CHILD at restart
4355 * in LoadBlockIndex.
4356 */
4357 if (!pindexPrev->IsValid(BLOCK_VALID_SCRIPTS)) {
4358 // The above does not mean "invalid": it checks if the previous block
4359 // hasn't been validated up to BLOCK_VALID_SCRIPTS. This is a performance
4360 // optimization, in the common case of adding a new block to the tip,
4361 // we don't need to iterate over the failed blocks list.
4362 for (const CBlockIndex* failedit : m_failed_blocks) {
4363 if (pindexPrev->GetAncestor(failedit->nHeight) == failedit) {
4364 assert(failedit->nStatus & BLOCK_FAILED_VALID);
4365 CBlockIndex* invalid_walk = pindexPrev;
4366 while (invalid_walk != failedit) {
4367 invalid_walk->nStatus |= BLOCK_FAILED_CHILD;
4368 m_blockman.m_dirty_blockindex.insert(invalid_walk);
4369 invalid_walk = invalid_walk->pprev;
4370 }
4371 LogDebug(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4372 return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
4373 }
4374 }
4375 }
4376 }
4377 if (!min_pow_checked) {
4378 LogDebug(BCLog::VALIDATION, "%s: not adding new block header %s, missing anti-dos proof-of-work validation\n", __func__, hash.ToString());
4379 return state.Invalid(BlockValidationResult::BLOCK_HEADER_LOW_WORK, "too-little-chainwork");
4380 }
4381 CBlockIndex* pindex{m_blockman.AddToBlockIndex(block, m_best_header)};
4382
4383 if (ppindex)
4384 *ppindex = pindex;
4385
4386 return true;
4387}
4388
4389// Exposed wrapper for AcceptBlockHeader
4390bool ChainstateManager::ProcessNewBlockHeaders(std::span<const CBlockHeader> headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex)
4391{
4393 {
4394 LOCK(cs_main);
4395 for (const CBlockHeader& header : headers) {
4396 CBlockIndex *pindex = nullptr; // Use a temp pindex instead of ppindex to avoid a const_cast
4397 bool accepted{AcceptBlockHeader(header, state, &pindex, min_pow_checked)};
4399
4400 if (!accepted) {
4401 return false;
4402 }
4403 if (ppindex) {
4404 *ppindex = pindex;
4405 }
4406 }
4407 }
4408 if (NotifyHeaderTip()) {
4409 if (IsInitialBlockDownload() && ppindex && *ppindex) {
4410 const CBlockIndex& last_accepted{**ppindex};
4411 int64_t blocks_left{(NodeClock::now() - last_accepted.Time()) / GetConsensus().PowTargetSpacing()};
4412 blocks_left = std::max<int64_t>(0, blocks_left);
4413 const double progress{100.0 * last_accepted.nHeight / (last_accepted.nHeight + blocks_left)};
4414 LogInfo("Synchronizing blockheaders, height: %d (~%.2f%%)\n", last_accepted.nHeight, progress);
4415 }
4416 }
4417 return true;
4418}
4419
4420void ChainstateManager::ReportHeadersPresync(const arith_uint256& work, int64_t height, int64_t timestamp)
4421{
4423 {
4424 LOCK(GetMutex());
4425 // Don't report headers presync progress if we already have a post-minchainwork header chain.
4426 // This means we lose reporting for potentially legitimate, but unlikely, deep reorgs, but
4427 // prevent attackers that spam low-work headers from filling our logs.
4428 if (m_best_header->nChainWork >= UintToArith256(GetConsensus().nMinimumChainWork)) return;
4429 // Rate limit headers presync updates to 4 per second, as these are not subject to DoS
4430 // protection.
4431 auto now = MockableSteadyClock::now();
4432 if (now < m_last_presync_update + std::chrono::milliseconds{250}) return;
4433 m_last_presync_update = now;
4434 }
4435 bool initial_download = IsInitialBlockDownload();
4436 GetNotifications().headerTip(GetSynchronizationState(initial_download, m_blockman.m_blockfiles_indexed), height, timestamp, /*presync=*/true);
4437 if (initial_download) {
4438 int64_t blocks_left{(NodeClock::now() - NodeSeconds{std::chrono::seconds{timestamp}}) / GetConsensus().PowTargetSpacing()};
4439 blocks_left = std::max<int64_t>(0, blocks_left);
4440 const double progress{100.0 * height / (height + blocks_left)};
4441 LogInfo("Pre-synchronizing blockheaders, height: %d (~%.2f%%)\n", height, progress);
4442 }
4443}
4444
4446bool ChainstateManager::AcceptBlock(const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked)
4447{
4448 const CBlock& block = *pblock;
4449
4450 if (fNewBlock) *fNewBlock = false;
4452
4453 CBlockIndex *pindexDummy = nullptr;
4454 CBlockIndex *&pindex = ppindex ? *ppindex : pindexDummy;
4455
4456 bool accepted_header{AcceptBlockHeader(block, state, &pindex, min_pow_checked)};
4458
4459 if (!accepted_header)
4460 return false;
4461
4462 // Check all requested blocks that we do not already have for validity and
4463 // save them to disk. Skip processing of unrequested blocks as an anti-DoS
4464 // measure, unless the blocks have more work than the active chain tip, and
4465 // aren't too far ahead of it, so are likely to be attached soon.
4466 bool fAlreadyHave = pindex->nStatus & BLOCK_HAVE_DATA;
4467 bool fHasMoreOrSameWork = (ActiveTip() ? pindex->nChainWork >= ActiveTip()->nChainWork : true);
4468 // Blocks that are too out-of-order needlessly limit the effectiveness of
4469 // pruning, because pruning will not delete block files that contain any
4470 // blocks which are too close in height to the tip. Apply this test
4471 // regardless of whether pruning is enabled; it should generally be safe to
4472 // not process unrequested blocks.
4473 bool fTooFarAhead{pindex->nHeight > ActiveHeight() + int(MIN_BLOCKS_TO_KEEP)};
4474
4475 // TODO: Decouple this function from the block download logic by removing fRequested
4476 // This requires some new chain data structure to efficiently look up if a
4477 // block is in a chain leading to a candidate for best tip, despite not
4478 // being such a candidate itself.
4479 // Note that this would break the getblockfrompeer RPC
4480
4481 // TODO: deal better with return value and error conditions for duplicate
4482 // and unrequested blocks.
4483 if (fAlreadyHave) return true;
4484 if (!fRequested) { // If we didn't ask for it:
4485 if (pindex->nTx != 0) return true; // This is a previously-processed block that was pruned
4486 if (!fHasMoreOrSameWork) return true; // Don't process less-work chains
4487 if (fTooFarAhead) return true; // Block height is too high
4488
4489 // Protect against DoS attacks from low-work chains.
4490 // If our tip is behind, a peer could try to send us
4491 // low-work blocks on a fake chain that we would never
4492 // request; don't process these.
4493 if (pindex->nChainWork < MinimumChainWork()) return true;
4494 }
4495
4496 const CChainParams& params{GetParams()};
4497
4498 if (!CheckBlock(block, state, params.GetConsensus()) ||
4499 !ContextualCheckBlock(block, state, *this, pindex->pprev)) {
4500 if (state.IsInvalid() && state.GetResult() != BlockValidationResult::BLOCK_MUTATED) {
4501 pindex->nStatus |= BLOCK_FAILED_VALID;
4502 m_blockman.m_dirty_blockindex.insert(pindex);
4503 }
4504 LogError("%s: %s\n", __func__, state.ToString());
4505 return false;
4506 }
4507
4508 // Header is valid/has work, merkle tree and segwit merkle tree are good...RELAY NOW
4509 // (but if it does not build on our best tip, let the SendMessages loop relay it)
4510 if (!IsInitialBlockDownload() && ActiveTip() == pindex->pprev && m_options.signals) {
4511 m_options.signals->NewPoWValidBlock(pindex, pblock);
4512 }
4513
4514 // Write block to history file
4515 if (fNewBlock) *fNewBlock = true;
4516 try {
4517 FlatFilePos blockPos{};
4518 if (dbp) {
4519 blockPos = *dbp;
4520 m_blockman.UpdateBlockInfo(block, pindex->nHeight, blockPos);
4521 } else {
4522 blockPos = m_blockman.WriteBlock(block, pindex->nHeight);
4523 if (blockPos.IsNull()) {
4524 state.Error(strprintf("%s: Failed to find position to write new block to disk", __func__));
4525 return false;
4526 }
4527 }
4528 ReceivedBlockTransactions(block, pindex, blockPos);
4529 } catch (const std::runtime_error& e) {
4530 return FatalError(GetNotifications(), state, strprintf(_("System error while saving block to disk: %s"), e.what()));
4531 }
4532
4533 // TODO: FlushStateToDisk() handles flushing of both block and chainstate
4534 // data, so we should move this to ChainstateManager so that we can be more
4535 // intelligent about how we flush.
4536 // For now, since FlushStateMode::NONE is used, all that can happen is that
4537 // the block files may be pruned, so we can just call this on one
4538 // chainstate (particularly if we haven't implemented pruning with
4539 // background validation yet).
4540 ActiveChainstate().FlushStateToDisk(state, FlushStateMode::NONE);
4541
4543
4544 return true;
4545}
4546
4547bool ChainstateManager::ProcessNewBlock(const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block)
4548{
4550
4551 {
4552 CBlockIndex *pindex = nullptr;
4553 if (new_block) *new_block = false;
4555
4556 // CheckBlock() does not support multi-threaded block validation because CBlock::fChecked can cause data race.
4557 // Therefore, the following critical section must include the CheckBlock() call as well.
4558 LOCK(cs_main);
4559
4560 // Skipping AcceptBlock() for CheckBlock() failures means that we will never mark a block as invalid if
4561 // CheckBlock() fails. This is protective against consensus failure if there are any unknown forms of block
4562 // malleability that cause CheckBlock() to fail; see e.g. CVE-2012-2459 and
4563 // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html. Because CheckBlock() is
4564 // not very expensive, the anti-DoS benefits of caching failure (of a definitely-invalid block) are not substantial.
4565 bool ret = CheckBlock(*block, state, GetConsensus());
4566 if (ret) {
4567 // Store to disk
4568 ret = AcceptBlock(block, state, &pindex, force_processing, nullptr, new_block, min_pow_checked);
4569 }
4570 if (!ret) {
4571 if (m_options.signals) {
4572 m_options.signals->BlockChecked(*block, state);
4573 }
4574 LogError("%s: AcceptBlock FAILED (%s)\n", __func__, state.ToString());
4575 return false;
4576 }
4577 }
4578
4580
4581 BlockValidationState state; // Only used to report errors, not invalidity - ignore it
4582 if (!ActiveChainstate().ActivateBestChain(state, block)) {
4583 LogError("%s: ActivateBestChain failed (%s)\n", __func__, state.ToString());
4584 return false;
4585 }
4586
4587 Chainstate* bg_chain{WITH_LOCK(cs_main, return BackgroundSyncInProgress() ? m_ibd_chainstate.get() : nullptr)};
4588 BlockValidationState bg_state;
4589 if (bg_chain && !bg_chain->ActivateBestChain(bg_state, block)) {
4590 LogError("%s: [background] ActivateBestChain failed (%s)\n", __func__, bg_state.ToString());
4591 return false;
4592 }
4593
4594 return true;
4595}
4596
4598{
4600 Chainstate& active_chainstate = ActiveChainstate();
4601 if (!active_chainstate.GetMempool()) {
4602 TxValidationState state;
4603 state.Invalid(TxValidationResult::TX_NO_MEMPOOL, "no-mempool");
4604 return MempoolAcceptResult::Failure(state);
4605 }
4606 auto result = AcceptToMemoryPool(active_chainstate, tx, GetTime(), /*bypass_limits=*/ false, test_accept);
4607 active_chainstate.GetMempool()->check(active_chainstate.CoinsTip(), active_chainstate.m_chain.Height() + 1);
4608 return result;
4609}
4610
4612 const CChainParams& chainparams,
4613 Chainstate& chainstate,
4614 const CBlock& block,
4615 CBlockIndex* pindexPrev,
4616 bool fCheckPOW,
4617 bool fCheckMerkleRoot)
4618{
4620 assert(pindexPrev && pindexPrev == chainstate.m_chain.Tip());
4621 CCoinsViewCache viewNew(&chainstate.CoinsTip());
4622 uint256 block_hash(block.GetHash());
4623 CBlockIndex indexDummy(block);
4624 indexDummy.pprev = pindexPrev;
4625 indexDummy.nHeight = pindexPrev->nHeight + 1;
4626 indexDummy.phashBlock = &block_hash;
4627
4628 // NOTE: CheckBlockHeader is called by CheckBlock
4629 if (!ContextualCheckBlockHeader(block, state, chainstate.m_blockman, chainstate.m_chainman, pindexPrev)) {
4630 LogError("%s: Consensus::ContextualCheckBlockHeader: %s\n", __func__, state.ToString());
4631 return false;
4632 }
4633 if (!CheckBlock(block, state, chainparams.GetConsensus(), fCheckPOW, fCheckMerkleRoot)) {
4634 LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
4635 return false;
4636 }
4637 if (!ContextualCheckBlock(block, state, chainstate.m_chainman, pindexPrev)) {
4638 LogError("%s: Consensus::ContextualCheckBlock: %s\n", __func__, state.ToString());
4639 return false;
4640 }
4641 if (!chainstate.ConnectBlock(block, state, &indexDummy, viewNew, true)) {
4642 return false;
4643 }
4644 assert(state.IsValid());
4645
4646 return true;
4647}
4648
4649/* This function is called from the RPC code for pruneblockchain */
4650void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight)
4651{
4653 if (!active_chainstate.FlushStateToDisk(
4654 state, FlushStateMode::NONE, nManualPruneHeight)) {
4655 LogPrintf("%s: failed to flush state (%s)\n", __func__, state.ToString());
4656 }
4657}
4658
4660{
4662 const CCoinsViewCache& coins_cache = CoinsTip();
4663 assert(!coins_cache.GetBestBlock().IsNull()); // Never called when the coins view is empty
4664 const CBlockIndex* tip = m_chain.Tip();
4665
4666 if (tip && tip->GetBlockHash() == coins_cache.GetBestBlock()) {
4667 return true;
4668 }
4669
4670 // Load pointer to end of best chain
4671 CBlockIndex* pindex = m_blockman.LookupBlockIndex(coins_cache.GetBestBlock());
4672 if (!pindex) {
4673 return false;
4674 }
4675 m_chain.SetTip(*pindex);
4677
4678 tip = m_chain.Tip();
4679 LogPrintf("Loaded best chain: hashBestChain=%s height=%d date=%s progress=%f\n",
4680 tip->GetBlockHash().ToString(),
4681 m_chain.Height(),
4684
4685 // Ensure KernelNotifications m_tip_block is set even if no new block arrives.
4686 if (this->GetRole() != ChainstateRole::BACKGROUND) {
4687 // Ignoring return value for now.
4689 }
4690
4691 return true;
4692}
4693
4695 : m_notifications{notifications}
4696{
4697 m_notifications.progress(_("Verifying blocks…"), 0, false);
4698}
4699
4701{
4702 m_notifications.progress(bilingual_str{}, 100, false);
4703}
4704
4706 Chainstate& chainstate,
4707 const Consensus::Params& consensus_params,
4708 CCoinsView& coinsview,
4709 int nCheckLevel, int nCheckDepth)
4710{
4712
4713 if (chainstate.m_chain.Tip() == nullptr || chainstate.m_chain.Tip()->pprev == nullptr) {
4715 }
4716
4717 // Verify blocks in the best chain
4718 if (nCheckDepth <= 0 || nCheckDepth > chainstate.m_chain.Height()) {
4719 nCheckDepth = chainstate.m_chain.Height();
4720 }
4721 nCheckLevel = std::max(0, std::min(4, nCheckLevel));
4722 LogPrintf("Verifying last %i blocks at level %i\n", nCheckDepth, nCheckLevel);
4723 CCoinsViewCache coins(&coinsview);
4724 CBlockIndex* pindex;
4725 CBlockIndex* pindexFailure = nullptr;
4726 int nGoodTransactions = 0;
4728 int reportDone = 0;
4729 bool skipped_no_block_data{false};
4730 bool skipped_l3_checks{false};
4731 LogPrintf("Verification progress: 0%%\n");
4732
4733 const bool is_snapshot_cs{chainstate.m_from_snapshot_blockhash};
4734
4735 for (pindex = chainstate.m_chain.Tip(); pindex && pindex->pprev; pindex = pindex->pprev) {
4736 const int percentageDone = std::max(1, std::min(99, (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * (nCheckLevel >= 4 ? 50 : 100))));
4737 if (reportDone < percentageDone / 10) {
4738 // report every 10% step
4739 LogPrintf("Verification progress: %d%%\n", percentageDone);
4740 reportDone = percentageDone / 10;
4741 }
4742 m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4743 if (pindex->nHeight <= chainstate.m_chain.Height() - nCheckDepth) {
4744 break;
4745 }
4746 if ((chainstate.m_blockman.IsPruneMode() || is_snapshot_cs) && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
4747 // If pruning or running under an assumeutxo snapshot, only go
4748 // back as far as we have data.
4749 LogPrintf("VerifyDB(): block verification stopping at height %d (no data). This could be due to pruning or use of an assumeutxo snapshot.\n", pindex->nHeight);
4750 skipped_no_block_data = true;
4751 break;
4752 }
4753 CBlock block;
4754 // check level 0: read from disk
4755 if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
4756 LogPrintf("Verification error: ReadBlock failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4758 }
4759 // check level 1: verify block validity
4760 if (nCheckLevel >= 1 && !CheckBlock(block, state, consensus_params)) {
4761 LogPrintf("Verification error: found bad block at %d, hash=%s (%s)\n",
4762 pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4764 }
4765 // check level 2: verify undo validity
4766 if (nCheckLevel >= 2 && pindex) {
4767 CBlockUndo undo;
4768 if (!pindex->GetUndoPos().IsNull()) {
4769 if (!chainstate.m_blockman.ReadBlockUndo(undo, *pindex)) {
4770 LogPrintf("Verification error: found bad undo data at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4772 }
4773 }
4774 }
4775 // check level 3: check for inconsistencies during memory-only disconnect of tip blocks
4776 size_t curr_coins_usage = coins.DynamicMemoryUsage() + chainstate.CoinsTip().DynamicMemoryUsage();
4777
4778 if (nCheckLevel >= 3) {
4779 if (curr_coins_usage <= chainstate.m_coinstip_cache_size_bytes) {
4780 assert(coins.GetBestBlock() == pindex->GetBlockHash());
4781 DisconnectResult res = chainstate.DisconnectBlock(block, pindex, coins);
4782 if (res == DISCONNECT_FAILED) {
4783 LogPrintf("Verification error: irrecoverable inconsistency in block data at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4785 }
4786 if (res == DISCONNECT_UNCLEAN) {
4787 nGoodTransactions = 0;
4788 pindexFailure = pindex;
4789 } else {
4790 nGoodTransactions += block.vtx.size();
4791 }
4792 } else {
4793 skipped_l3_checks = true;
4794 }
4795 }
4796 if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4797 }
4798 if (pindexFailure) {
4799 LogPrintf("Verification error: coin database inconsistencies found (last %i blocks, %i good transactions before that)\n", chainstate.m_chain.Height() - pindexFailure->nHeight + 1, nGoodTransactions);
4801 }
4802 if (skipped_l3_checks) {
4803 LogPrintf("Skipped verification of level >=3 (insufficient database cache size). Consider increasing -dbcache.\n");
4804 }
4805
4806 // store block count as we move pindex at check level >= 4
4807 int block_count = chainstate.m_chain.Height() - pindex->nHeight;
4808
4809 // check level 4: try reconnecting blocks
4810 if (nCheckLevel >= 4 && !skipped_l3_checks) {
4811 while (pindex != chainstate.m_chain.Tip()) {
4812 const int percentageDone = std::max(1, std::min(99, 100 - (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * 50)));
4813 if (reportDone < percentageDone / 10) {
4814 // report every 10% step
4815 LogPrintf("Verification progress: %d%%\n", percentageDone);
4816 reportDone = percentageDone / 10;
4817 }
4818 m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4819 pindex = chainstate.m_chain.Next(pindex);
4820 CBlock block;
4821 if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
4822 LogPrintf("Verification error: ReadBlock failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4824 }
4825 if (!chainstate.ConnectBlock(block, state, pindex, coins)) {
4826 LogPrintf("Verification error: found unconnectable block at %d, hash=%s (%s)\n", pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4828 }
4829 if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4830 }
4831 }
4832
4833 LogPrintf("Verification: No coin database inconsistencies in last %i blocks (%i transactions)\n", block_count, nGoodTransactions);
4834
4835 if (skipped_l3_checks) {
4837 }
4838 if (skipped_no_block_data) {
4840 }
4842}
4843
4846{
4848 // TODO: merge with ConnectBlock
4849 CBlock block;
4850 if (!m_blockman.ReadBlock(block, *pindex)) {
4851 LogError("ReplayBlock(): ReadBlock failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4852 return false;
4853 }
4854
4855 for (const CTransactionRef& tx : block.vtx) {
4856 if (!tx->IsCoinBase()) {
4857 for (const CTxIn &txin : tx->vin) {
4858 inputs.SpendCoin(txin.prevout);
4859 }
4860 }
4861 // Pass check = true as every addition may be an overwrite.
4862 AddCoins(inputs, *tx, pindex->nHeight, true);
4863 }
4864 return true;
4865}
4866
4868{
4869 LOCK(cs_main);
4870
4871 CCoinsView& db = this->CoinsDB();
4872 CCoinsViewCache cache(&db);
4873
4874 std::vector<uint256> hashHeads = db.GetHeadBlocks();
4875 if (hashHeads.empty()) return true; // We're already in a consistent state.
4876 if (hashHeads.size() != 2) {
4877 LogError("ReplayBlocks(): unknown inconsistent state\n");
4878 return false;
4879 }
4880
4881 m_chainman.GetNotifications().progress(_("Replaying blocks…"), 0, false);
4882 LogPrintf("Replaying blocks\n");
4883
4884 const CBlockIndex* pindexOld = nullptr; // Old tip during the interrupted flush.
4885 const CBlockIndex* pindexNew; // New tip during the interrupted flush.
4886 const CBlockIndex* pindexFork = nullptr; // Latest block common to both the old and the new tip.
4887
4888 if (m_blockman.m_block_index.count(hashHeads[0]) == 0) {
4889 LogError("ReplayBlocks(): reorganization to unknown block requested\n");
4890 return false;
4891 }
4892 pindexNew = &(m_blockman.m_block_index[hashHeads[0]]);
4893
4894 if (!hashHeads[1].IsNull()) { // The old tip is allowed to be 0, indicating it's the first flush.
4895 if (m_blockman.m_block_index.count(hashHeads[1]) == 0) {
4896 LogError("ReplayBlocks(): reorganization from unknown block requested\n");
4897 return false;
4898 }
4899 pindexOld = &(m_blockman.m_block_index[hashHeads[1]]);
4900 pindexFork = LastCommonAncestor(pindexOld, pindexNew);
4901 assert(pindexFork != nullptr);
4902 }
4903
4904 // Rollback along the old branch.
4905 while (pindexOld != pindexFork) {
4906 if (pindexOld->nHeight > 0) { // Never disconnect the genesis block.
4907 CBlock block;
4908 if (!m_blockman.ReadBlock(block, *pindexOld)) {
4909 LogError("RollbackBlock(): ReadBlock() failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4910 return false;
4911 }
4912 LogPrintf("Rolling back %s (%i)\n", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight);
4913 DisconnectResult res = DisconnectBlock(block, pindexOld, cache);
4914 if (res == DISCONNECT_FAILED) {
4915 LogError("RollbackBlock(): DisconnectBlock failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4916 return false;
4917 }
4918 // If DISCONNECT_UNCLEAN is returned, it means a non-existing UTXO was deleted, or an existing UTXO was
4919 // overwritten. It corresponds to cases where the block-to-be-disconnect never had all its operations
4920 // applied to the UTXO set. However, as both writing a UTXO and deleting a UTXO are idempotent operations,
4921 // the result is still a version of the UTXO set with the effects of that block undone.
4922 }
4923 pindexOld = pindexOld->pprev;
4924 }
4925
4926 // Roll forward from the forking point to the new tip.
4927 int nForkHeight = pindexFork ? pindexFork->nHeight : 0;
4928 for (int nHeight = nForkHeight + 1; nHeight <= pindexNew->nHeight; ++nHeight) {
4929 const CBlockIndex& pindex{*Assert(pindexNew->GetAncestor(nHeight))};
4930
4931 LogPrintf("Rolling forward %s (%i)\n", pindex.GetBlockHash().ToString(), nHeight);
4932 m_chainman.GetNotifications().progress(_("Replaying blocks…"), (int)((nHeight - nForkHeight) * 100.0 / (pindexNew->nHeight - nForkHeight)), false);
4933 if (!RollforwardBlock(&pindex, cache)) return false;
4934 }
4935
4936 cache.SetBestBlock(pindexNew->GetBlockHash());
4937 cache.Flush();
4939 return true;
4940}
4941
4943{
4945
4946 // At and above m_params.SegwitHeight, segwit consensus rules must be validated
4947 CBlockIndex* block{m_chain.Tip()};
4948
4949 while (block != nullptr && DeploymentActiveAt(*block, m_chainman, Consensus::DEPLOYMENT_SEGWIT)) {
4950 if (!(block->nStatus & BLOCK_OPT_WITNESS)) {
4951 // block is insufficiently validated for a segwit client
4952 return true;
4953 }
4954 block = block->pprev;
4955 }
4956
4957 return false;
4958}
4959
4960void Chainstate::ClearBlockIndexCandidates()
4961{
4964}
4965
4967{
4969 // Load block index from databases
4971 bool ret{m_blockman.LoadBlockIndexDB(SnapshotBlockhash())};
4972 if (!ret) return false;
4973
4974 m_blockman.ScanAndUnlinkAlreadyPrunedFiles();
4975
4976 std::vector<CBlockIndex*> vSortedByHeight{m_blockman.GetAllBlockIndices()};
4977 std::sort(vSortedByHeight.begin(), vSortedByHeight.end(),
4979
4980 for (CBlockIndex* pindex : vSortedByHeight) {
4981 if (m_interrupt) return false;
4982 // If we have an assumeutxo-based chainstate, then the snapshot
4983 // block will be a candidate for the tip, but it may not be
4984 // VALID_TRANSACTIONS (eg if we haven't yet downloaded the block),
4985 // so we special-case the snapshot block as a potential candidate
4986 // here.
4987 if (pindex == GetSnapshotBaseBlock() ||
4989 (pindex->HaveNumChainTxs() || pindex->pprev == nullptr))) {
4990
4991 for (Chainstate* chainstate : GetAll()) {
4992 chainstate->TryAddBlockIndexCandidate(pindex);
4993 }
4994 }
4995 if (pindex->nStatus & BLOCK_FAILED_MASK && (!m_best_invalid || pindex->nChainWork > m_best_invalid->nChainWork)) {
4996 m_best_invalid = pindex;
4997 }
4998 if (pindex->IsValid(BLOCK_VALID_TREE) && (m_best_header == nullptr || CBlockIndexWorkComparator()(m_best_header, pindex)))
4999 m_best_header = pindex;
5000 }
5001 }
5002 return true;
5003}
5004
5006{
5007 LOCK(cs_main);
5008
5009 const CChainParams& params{m_chainman.GetParams()};
5010
5011 // Check whether we're already initialized by checking for genesis in
5012 // m_blockman.m_block_index. Note that we can't use m_chain here, since it is
5013 // set based on the coins db, not the block index db, which is the only
5014 // thing loaded at this point.
5015 if (m_blockman.m_block_index.count(params.GenesisBlock().GetHash()))
5016 return true;
5017
5018 try {
5019 const CBlock& block = params.GenesisBlock();
5020 FlatFilePos blockPos{m_blockman.WriteBlock(block, 0)};
5021 if (blockPos.IsNull()) {
5022 LogError("%s: writing genesis block to disk failed\n", __func__);
5023 return false;
5024 }
5025 CBlockIndex* pindex = m_blockman.AddToBlockIndex(block, m_chainman.m_best_header);
5026 m_chainman.ReceivedBlockTransactions(block, pindex, blockPos);
5027 } catch (const std::runtime_error& e) {
5028 LogError("%s: failed to write genesis block: %s\n", __func__, e.what());
5029 return false;
5030 }
5031
5032 return true;
5033}
5034
5036 AutoFile& file_in,
5037 FlatFilePos* dbp,
5038 std::multimap<uint256, FlatFilePos>* blocks_with_unknown_parent)
5039{
5040 // Either both should be specified (-reindex), or neither (-loadblock).
5041 assert(!dbp == !blocks_with_unknown_parent);
5042
5043 const auto start{SteadyClock::now()};
5044 const CChainParams& params{GetParams()};
5045
5046 int nLoaded = 0;
5047 try {
5049 // nRewind indicates where to resume scanning in case something goes wrong,
5050 // such as a block fails to deserialize.
5051 uint64_t nRewind = blkdat.GetPos();
5052 while (!blkdat.eof()) {
5053 if (m_interrupt) return;
5054
5055 blkdat.SetPos(nRewind);
5056 nRewind++; // start one byte further next time, in case of failure
5057 blkdat.SetLimit(); // remove former limit
5058 unsigned int nSize = 0;
5059 try {
5060 // locate a header
5062 blkdat.FindByte(std::byte(params.MessageStart()[0]));
5063 nRewind = blkdat.GetPos() + 1;
5064 blkdat >> buf;
5065 if (buf != params.MessageStart()) {
5066 continue;
5067 }
5068 // read size
5069 blkdat >> nSize;
5070 if (nSize < 80 || nSize > MAX_BLOCK_SERIALIZED_SIZE)
5071 continue;
5072 } catch (const std::exception&) {
5073 // no valid block header found; don't complain
5074 // (this happens at the end of every blk.dat file)
5075 break;
5076 }
5077 try {
5078 // read block header
5079 const uint64_t nBlockPos{blkdat.GetPos()};
5080 if (dbp)
5081 dbp->nPos = nBlockPos;
5082 blkdat.SetLimit(nBlockPos + nSize);
5083 CBlockHeader header;
5084 blkdat >> header;
5085 const uint256 hash{header.GetHash()};
5086 // Skip the rest of this block (this may read from disk into memory); position to the marker before the
5087 // next block, but it's still possible to rewind to the start of the current block (without a disk read).
5088 nRewind = nBlockPos + nSize;
5089 blkdat.SkipTo(nRewind);
5090
5091 std::shared_ptr<CBlock> pblock{}; // needs to remain available after the cs_main lock is released to avoid duplicate reads from disk
5092
5093 {
5094 LOCK(cs_main);
5095 // detect out of order blocks, and store them for later
5096 if (hash != params.GetConsensus().hashGenesisBlock && !m_blockman.LookupBlockIndex(header.hashPrevBlock)) {
5097 LogDebug(BCLog::REINDEX, "%s: Out of order block %s, parent %s not known\n", __func__, hash.ToString(),
5098 header.hashPrevBlock.ToString());
5099 if (dbp && blocks_with_unknown_parent) {
5100 blocks_with_unknown_parent->emplace(header.hashPrevBlock, *dbp);
5101 }
5102 continue;
5103 }
5104
5105 // process in case the block isn't known yet
5106 const CBlockIndex* pindex = m_blockman.LookupBlockIndex(hash);
5107 if (!pindex || (pindex->nStatus & BLOCK_HAVE_DATA) == 0) {
5108 // This block can be processed immediately; rewind to its start, read and deserialize it.
5109 blkdat.SetPos(nBlockPos);
5110 pblock = std::make_shared<CBlock>();
5111 blkdat >> TX_WITH_WITNESS(*pblock);
5112 nRewind = blkdat.GetPos();
5113
5115 if (AcceptBlock(pblock, state, nullptr, true, dbp, nullptr, true)) {
5116 nLoaded++;
5117 }
5118 if (state.IsError()) {
5119 break;
5120 }
5121 } else if (hash != params.GetConsensus().hashGenesisBlock && pindex->nHeight % 1000 == 0) {
5122 LogDebug(BCLog::REINDEX, "Block Import: already had block %s at height %d\n", hash.ToString(), pindex->nHeight);
5123 }
5124 }
5125
5126 // Activate the genesis block so normal node progress can continue
5127 // During first -reindex, this will only connect Genesis since
5128 // ActivateBestChain only connects blocks which are in the block tree db,
5129 // which only contains blocks whose parents are in it.
5130 // But do this only if genesis isn't activated yet, to avoid connecting many blocks
5131 // without assumevalid in the case of a continuation of a reindex that
5132 // was interrupted by the user.
5133 if (hash == params.GetConsensus().hashGenesisBlock && WITH_LOCK(::cs_main, return ActiveHeight()) == -1) {
5135 if (!ActiveChainstate().ActivateBestChain(state, nullptr)) {
5136 break;
5137 }
5138 }
5139
5141 // must update the tip for pruning to work while importing with -loadblock.
5142 // this is a tradeoff to conserve disk space at the expense of time
5143 // spent updating the tip to be able to prune.
5144 // otherwise, ActivateBestChain won't be called by the import process
5145 // until after all of the block files are loaded. ActivateBestChain can be
5146 // called by concurrent network message processing. but, that is not
5147 // reliable for the purpose of pruning while importing.
5148 bool activation_failure = false;
5149 for (auto c : GetAll()) {
5151 if (!c->ActivateBestChain(state, pblock)) {
5152 LogDebug(BCLog::REINDEX, "failed to activate chain (%s)\n", state.ToString());
5153 activation_failure = true;
5154 break;
5155 }
5156 }
5157 if (activation_failure) {
5158 break;
5159 }
5160 }
5161
5163
5164 if (!blocks_with_unknown_parent) continue;
5165
5166 // Recursively process earlier encountered successors of this block
5167 std::deque<uint256> queue;
5168 queue.push_back(hash);
5169 while (!queue.empty()) {
5170 uint256 head = queue.front();
5171 queue.pop_front();
5172 auto range = blocks_with_unknown_parent->equal_range(head);
5173 while (range.first != range.second) {
5174 std::multimap<uint256, FlatFilePos>::iterator it = range.first;
5175 std::shared_ptr<CBlock> pblockrecursive = std::make_shared<CBlock>();
5176 if (m_blockman.ReadBlock(*pblockrecursive, it->second)) {
5177 LogDebug(BCLog::REINDEX, "%s: Processing out of order child %s of %s\n", __func__, pblockrecursive->GetHash().ToString(),
5178 head.ToString());
5179 LOCK(cs_main);
5181 if (AcceptBlock(pblockrecursive, dummy, nullptr, true, &it->second, nullptr, true)) {
5182 nLoaded++;
5183 queue.push_back(pblockrecursive->GetHash());
5184 }
5185 }
5186 range.first++;
5187 blocks_with_unknown_parent->erase(it);
5189 }
5190 }
5191 } catch (const std::exception& e) {
5192 // historical bugs added extra data to the block files that does not deserialize cleanly.
5193 // commonly this data is between readable blocks, but it does not really matter. such data is not fatal to the import process.
5194 // the code that reads the block files deals with invalid data by simply ignoring it.
5195 // it continues to search for the next {4 byte magic message start bytes + 4 byte length + block} that does deserialize cleanly
5196 // and passes all of the other block validation checks dealing with POW and the merkle root, etc...
5197 // we merely note with this informational log message when unexpected data is encountered.
5198 // we could also be experiencing a storage system read error, or a read of a previous bad write. these are possible, but
5199 // less likely scenarios. we don't have enough information to tell a difference here.
5200 // the reindex process is not the place to attempt to clean and/or compact the block files. if so desired, a studious node operator
5201 // may use knowledge of the fact that the block files are not entirely pristine in order to prepare a set of pristine, and
5202 // perhaps ordered, block files for later reindexing.
5203 LogDebug(BCLog::REINDEX, "%s: unexpected data at file offset 0x%x - %s. continuing\n", __func__, (nRewind - 1), e.what());
5204 }
5205 }
5206 } catch (const std::runtime_error& e) {
5207 GetNotifications().fatalError(strprintf(_("System error while loading external block file: %s"), e.what()));
5208 }
5209 LogPrintf("Loaded %i blocks from external file in %dms\n", nLoaded, Ticks<std::chrono::milliseconds>(SteadyClock::now() - start));
5210}
5211
5213{
5214 // Assert to verify Flatten() has been called.
5215 if (!*Assert(m_options.check_block_index)) return false;
5216 if (FastRandomContext().randrange(*m_options.check_block_index) >= 1) return false;
5217 return true;
5218}
5219
5221{
5222 if (!ShouldCheckBlockIndex()) {
5223 return;
5224 }
5225
5226 LOCK(cs_main);
5227
5228 // During a reindex, we read the genesis block and call CheckBlockIndex before ActivateBestChain,
5229 // so we have the genesis block in m_blockman.m_block_index but no active chain. (A few of the
5230 // tests when iterating the block tree require that m_chain has been initialized.)
5231 if (ActiveChain().Height() < 0) {
5232 assert(m_blockman.m_block_index.size() <= 1);
5233 return;
5234 }
5235
5236 // Build forward-pointing data structure for the entire block tree.
5237 // For performance reasons, indexes of the best header chain are stored in a vector (within CChain).
5238 // All remaining blocks are stored in a multimap.
5239 // The best header chain can differ from the active chain: E.g. its entries may belong to blocks that
5240 // are not yet validated.
5241 CChain best_hdr_chain;
5242 assert(m_best_header);
5243 best_hdr_chain.SetTip(*m_best_header);
5244
5245 std::multimap<CBlockIndex*,CBlockIndex*> forward;
5246 for (auto& [_, block_index] : m_blockman.m_block_index) {
5247 // Only save indexes in forward that are not part of the best header chain.
5248 if (!best_hdr_chain.Contains(&block_index)) {
5249 // Only genesis, which must be part of the best header chain, can have a nullptr parent.
5250 assert(block_index.pprev);
5251 forward.emplace(block_index.pprev, &block_index);
5252 }
5253 }
5254 assert(forward.size() + best_hdr_chain.Height() + 1 == m_blockman.m_block_index.size());
5255
5256 CBlockIndex* pindex = best_hdr_chain[0];
5257 assert(pindex);
5258 // Iterate over the entire block tree, using depth-first search.
5259 // Along the way, remember whether there are blocks on the path from genesis
5260 // block being explored which are the first to have certain properties.
5261 size_t nNodes = 0;
5262 int nHeight = 0;
5263 CBlockIndex* pindexFirstInvalid = nullptr; // Oldest ancestor of pindex which is invalid.
5264 CBlockIndex* pindexFirstMissing = nullptr; // Oldest ancestor of pindex which does not have BLOCK_HAVE_DATA, since assumeutxo snapshot if used.
5265 CBlockIndex* pindexFirstNeverProcessed = nullptr; // Oldest ancestor of pindex for which nTx == 0, since assumeutxo snapshot if used.
5266 CBlockIndex* pindexFirstNotTreeValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_TREE (regardless of being valid or not).
5267 CBlockIndex* pindexFirstNotTransactionsValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_TRANSACTIONS (regardless of being valid or not), since assumeutxo snapshot if used.
5268 CBlockIndex* pindexFirstNotChainValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_CHAIN (regardless of being valid or not), since assumeutxo snapshot if used.
5269 CBlockIndex* pindexFirstNotScriptsValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_SCRIPTS (regardless of being valid or not), since assumeutxo snapshot if used.
5270
5271 // After checking an assumeutxo snapshot block, reset pindexFirst pointers
5272 // to earlier blocks that have not been downloaded or validated yet, so
5273 // checks for later blocks can assume the earlier blocks were validated and
5274 // be stricter, testing for more requirements.
5275 const CBlockIndex* snap_base{GetSnapshotBaseBlock()};
5276 CBlockIndex *snap_first_missing{}, *snap_first_notx{}, *snap_first_notv{}, *snap_first_nocv{}, *snap_first_nosv{};
5277 auto snap_update_firsts = [&] {
5278 if (pindex == snap_base) {
5279 std::swap(snap_first_missing, pindexFirstMissing);
5280 std::swap(snap_first_notx, pindexFirstNeverProcessed);
5281 std::swap(snap_first_notv, pindexFirstNotTransactionsValid);
5282 std::swap(snap_first_nocv, pindexFirstNotChainValid);
5283 std::swap(snap_first_nosv, pindexFirstNotScriptsValid);
5284 }
5285 };
5286
5287 while (pindex != nullptr) {
5288 nNodes++;
5289 if (pindexFirstInvalid == nullptr && pindex->nStatus & BLOCK_FAILED_VALID) pindexFirstInvalid = pindex;
5290 if (pindexFirstMissing == nullptr && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
5291 pindexFirstMissing = pindex;
5292 }
5293 if (pindexFirstNeverProcessed == nullptr && pindex->nTx == 0) pindexFirstNeverProcessed = pindex;
5294 if (pindex->pprev != nullptr && pindexFirstNotTreeValid == nullptr && (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TREE) pindexFirstNotTreeValid = pindex;
5295
5296 if (pindex->pprev != nullptr) {
5297 if (pindexFirstNotTransactionsValid == nullptr &&
5298 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TRANSACTIONS) {
5299 pindexFirstNotTransactionsValid = pindex;
5300 }
5301
5302 if (pindexFirstNotChainValid == nullptr &&
5303 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_CHAIN) {
5304 pindexFirstNotChainValid = pindex;
5305 }
5306
5307 if (pindexFirstNotScriptsValid == nullptr &&
5308 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_SCRIPTS) {
5309 pindexFirstNotScriptsValid = pindex;
5310 }
5311 }
5312
5313 // Begin: actual consistency checks.
5314 if (pindex->pprev == nullptr) {
5315 // Genesis block checks.
5316 assert(pindex->GetBlockHash() == GetConsensus().hashGenesisBlock); // Genesis block's hash must match.
5317 for (auto c : GetAll()) {
5318 if (c->m_chain.Genesis() != nullptr) {
5319 assert(pindex == c->m_chain.Genesis()); // The chain's genesis block must be this block.
5320 }
5321 }
5322 }
5323 if (!pindex->HaveNumChainTxs()) assert(pindex->nSequenceId <= 0); // nSequenceId can't be set positive for blocks that aren't linked (negative is used for preciousblock)
5324 // VALID_TRANSACTIONS is equivalent to nTx > 0 for all nodes (whether or not pruning has occurred).
5325 // HAVE_DATA is only equivalent to nTx > 0 (or VALID_TRANSACTIONS) if no pruning has occurred.
5327 // If we've never pruned, then HAVE_DATA should be equivalent to nTx > 0
5328 assert(!(pindex->nStatus & BLOCK_HAVE_DATA) == (pindex->nTx == 0));
5329 assert(pindexFirstMissing == pindexFirstNeverProcessed);
5330 } else {
5331 // If we have pruned, then we can only say that HAVE_DATA implies nTx > 0
5332 if (pindex->nStatus & BLOCK_HAVE_DATA) assert(pindex->nTx > 0);
5333 }
5334 if (pindex->nStatus & BLOCK_HAVE_UNDO) assert(pindex->nStatus & BLOCK_HAVE_DATA);
5335 if (snap_base && snap_base->GetAncestor(pindex->nHeight) == pindex) {
5336 // Assumed-valid blocks should connect to the main chain.
5337 assert((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TREE);
5338 }
5339 // There should only be an nTx value if we have
5340 // actually seen a block's transactions.
5341 assert(((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TRANSACTIONS) == (pindex->nTx > 0)); // This is pruning-independent.
5342 // All parents having had data (at some point) is equivalent to all parents being VALID_TRANSACTIONS, which is equivalent to HaveNumChainTxs().
5343 // HaveNumChainTxs will also be set in the assumeutxo snapshot block from snapshot metadata.
5344 assert((pindexFirstNeverProcessed == nullptr || pindex == snap_base) == pindex->HaveNumChainTxs());
5345 assert((pindexFirstNotTransactionsValid == nullptr || pindex == snap_base) == pindex->HaveNumChainTxs());
5346 assert(pindex->nHeight == nHeight); // nHeight must be consistent.
5347 assert(pindex->pprev == nullptr || pindex->nChainWork >= pindex->pprev->nChainWork); // For every block except the genesis block, the chainwork must be larger than the parent's.
5348 assert(nHeight < 2 || (pindex->pskip && (pindex->pskip->nHeight < nHeight))); // The pskip pointer must point back for all but the first 2 blocks.
5349 assert(pindexFirstNotTreeValid == nullptr); // All m_blockman.m_block_index entries must at least be TREE valid
5350 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TREE) assert(pindexFirstNotTreeValid == nullptr); // TREE valid implies all parents are TREE valid
5351 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_CHAIN) assert(pindexFirstNotChainValid == nullptr); // CHAIN valid implies all parents are CHAIN valid
5352 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_SCRIPTS) assert(pindexFirstNotScriptsValid == nullptr); // SCRIPTS valid implies all parents are SCRIPTS valid
5353 if (pindexFirstInvalid == nullptr) {
5354 // Checks for not-invalid blocks.
5355 assert((pindex->nStatus & BLOCK_FAILED_MASK) == 0); // The failed mask cannot be set for blocks without invalid parents.
5356 }
5357 // Make sure m_chain_tx_count sum is correctly computed.
5358 if (!pindex->pprev) {
5359 // If no previous block, nTx and m_chain_tx_count must be the same.
5360 assert(pindex->m_chain_tx_count == pindex->nTx);
5361 } else if (pindex->pprev->m_chain_tx_count > 0 && pindex->nTx > 0) {
5362 // If previous m_chain_tx_count is set and number of transactions in block is known, sum must be set.
5363 assert(pindex->m_chain_tx_count == pindex->nTx + pindex->pprev->m_chain_tx_count);
5364 } else {
5365 // Otherwise m_chain_tx_count should only be set if this is a snapshot
5366 // block, and must be set if it is.
5367 assert((pindex->m_chain_tx_count != 0) == (pindex == snap_base));
5368 }
5369
5370 // Chainstate-specific checks on setBlockIndexCandidates
5371 for (auto c : GetAll()) {
5372 if (c->m_chain.Tip() == nullptr) continue;
5373 // Two main factors determine whether pindex is a candidate in
5374 // setBlockIndexCandidates:
5375 //
5376 // - If pindex has less work than the chain tip, it should not be a
5377 // candidate, and this will be asserted below. Otherwise it is a
5378 // potential candidate.
5379 //
5380 // - If pindex or one of its parent blocks back to the genesis block
5381 // or an assumeutxo snapshot never downloaded transactions
5382 // (pindexFirstNeverProcessed is non-null), it should not be a
5383 // candidate, and this will be asserted below. The only exception
5384 // is if pindex itself is an assumeutxo snapshot block. Then it is
5385 // also a potential candidate.
5386 if (!CBlockIndexWorkComparator()(pindex, c->m_chain.Tip()) && (pindexFirstNeverProcessed == nullptr || pindex == snap_base)) {
5387 // If pindex was detected as invalid (pindexFirstInvalid is
5388 // non-null), it is not required to be in
5389 // setBlockIndexCandidates.
5390 if (pindexFirstInvalid == nullptr) {
5391 // If pindex and all its parents back to the genesis block
5392 // or an assumeutxo snapshot block downloaded transactions,
5393 // and the transactions were not pruned (pindexFirstMissing
5394 // is null), it is a potential candidate. The check
5395 // excludes pruned blocks, because if any blocks were
5396 // pruned between pindex and the current chain tip, pindex will
5397 // only temporarily be added to setBlockIndexCandidates,
5398 // before being moved to m_blocks_unlinked. This check
5399 // could be improved to verify that if all blocks between
5400 // the chain tip and pindex have data, pindex must be a
5401 // candidate.
5402 //
5403 // If pindex is the chain tip, it also is a potential
5404 // candidate.
5405 //
5406 // If the chainstate was loaded from a snapshot and pindex
5407 // is the base of the snapshot, pindex is also a potential
5408 // candidate.
5409 if (pindexFirstMissing == nullptr || pindex == c->m_chain.Tip() || pindex == c->SnapshotBase()) {
5410 // If this chainstate is the active chainstate, pindex
5411 // must be in setBlockIndexCandidates. Otherwise, this
5412 // chainstate is a background validation chainstate, and
5413 // pindex only needs to be added if it is an ancestor of
5414 // the snapshot that is being validated.
5415 if (c == &ActiveChainstate() || snap_base->GetAncestor(pindex->nHeight) == pindex) {
5416 assert(c->setBlockIndexCandidates.count(pindex));
5417 }
5418 }
5419 // If some parent is missing, then it could be that this block was in
5420 // setBlockIndexCandidates but had to be removed because of the missing data.
5421 // In this case it must be in m_blocks_unlinked -- see test below.
5422 }
5423 } else { // If this block sorts worse than the current tip or some ancestor's block has never been seen, it cannot be in setBlockIndexCandidates.
5424 assert(c->setBlockIndexCandidates.count(pindex) == 0);
5425 }
5426 }
5427 // Check whether this block is in m_blocks_unlinked.
5428 std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> rangeUnlinked = m_blockman.m_blocks_unlinked.equal_range(pindex->pprev);
5429 bool foundInUnlinked = false;
5430 while (rangeUnlinked.first != rangeUnlinked.second) {
5431 assert(rangeUnlinked.first->first == pindex->pprev);
5432 if (rangeUnlinked.first->second == pindex) {
5433 foundInUnlinked = true;
5434 break;
5435 }
5436 rangeUnlinked.first++;
5437 }
5438 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed != nullptr && pindexFirstInvalid == nullptr) {
5439 // If this block has block data available, some parent was never received, and has no invalid parents, it must be in m_blocks_unlinked.
5440 assert(foundInUnlinked);
5441 }
5442 if (!(pindex->nStatus & BLOCK_HAVE_DATA)) assert(!foundInUnlinked); // Can't be in m_blocks_unlinked if we don't HAVE_DATA
5443 if (pindexFirstMissing == nullptr) assert(!foundInUnlinked); // We aren't missing data for any parent -- cannot be in m_blocks_unlinked.
5444 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed == nullptr && pindexFirstMissing != nullptr) {
5445 // We HAVE_DATA for this block, have received data for all parents at some point, but we're currently missing data for some parent.
5447 // This block may have entered m_blocks_unlinked if:
5448 // - it has a descendant that at some point had more work than the
5449 // tip, and
5450 // - we tried switching to that descendant but were missing
5451 // data for some intermediate block between m_chain and the
5452 // tip.
5453 // So if this block is itself better than any m_chain.Tip() and it wasn't in
5454 // setBlockIndexCandidates, then it must be in m_blocks_unlinked.
5455 for (auto c : GetAll()) {
5456 const bool is_active = c == &ActiveChainstate();
5457 if (!CBlockIndexWorkComparator()(pindex, c->m_chain.Tip()) && c->setBlockIndexCandidates.count(pindex) == 0) {
5458 if (pindexFirstInvalid == nullptr) {
5459 if (is_active || snap_base->GetAncestor(pindex->nHeight) == pindex) {
5460 assert(foundInUnlinked);
5461 }
5462 }
5463 }
5464 }
5465 }
5466 // assert(pindex->GetBlockHash() == pindex->GetBlockHeader().GetHash()); // Perhaps too slow
5467 // End: actual consistency checks.
5468
5469
5470 // Try descending into the first subnode. Always process forks first and the best header chain after.
5471 snap_update_firsts();
5472 std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> range = forward.equal_range(pindex);
5473 if (range.first != range.second) {
5474 // A subnode not part of the best header chain was found.
5475 pindex = range.first->second;
5476 nHeight++;
5477 continue;
5478 } else if (best_hdr_chain.Contains(pindex)) {
5479 // Descend further into best header chain.
5480 nHeight++;
5481 pindex = best_hdr_chain[nHeight];
5482 if (!pindex) break; // we are finished, since the best header chain is always processed last
5483 continue;
5484 }
5485 // This is a leaf node.
5486 // Move upwards until we reach a node of which we have not yet visited the last child.
5487 while (pindex) {
5488 // We are going to either move to a parent or a sibling of pindex.
5489 snap_update_firsts();
5490 // If pindex was the first with a certain property, unset the corresponding variable.
5491 if (pindex == pindexFirstInvalid) pindexFirstInvalid = nullptr;
5492 if (pindex == pindexFirstMissing) pindexFirstMissing = nullptr;
5493 if (pindex == pindexFirstNeverProcessed) pindexFirstNeverProcessed = nullptr;
5494 if (pindex == pindexFirstNotTreeValid) pindexFirstNotTreeValid = nullptr;
5495 if (pindex == pindexFirstNotTransactionsValid) pindexFirstNotTransactionsValid = nullptr;
5496 if (pindex == pindexFirstNotChainValid) pindexFirstNotChainValid = nullptr;
5497 if (pindex == pindexFirstNotScriptsValid) pindexFirstNotScriptsValid = nullptr;
5498 // Find our parent.
5499 CBlockIndex* pindexPar = pindex->pprev;
5500 // Find which child we just visited.
5501 std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> rangePar = forward.equal_range(pindexPar);
5502 while (rangePar.first->second != pindex) {
5503 assert(rangePar.first != rangePar.second); // Our parent must have at least the node we're coming from as child.
5504 rangePar.first++;
5505 }
5506 // Proceed to the next one.
5507 rangePar.first++;
5508 if (rangePar.first != rangePar.second) {
5509 // Move to a sibling not part of the best header chain.
5510 pindex = rangePar.first->second;
5511 break;
5512 } else if (pindexPar == best_hdr_chain[nHeight - 1]) {
5513 // Move to pindex's sibling on the best-chain, if it has one.
5514 pindex = best_hdr_chain[nHeight];
5515 // There will not be a next block if (and only if) parent block is the best header.
5516 assert((pindex == nullptr) == (pindexPar == best_hdr_chain.Tip()));
5517 break;
5518 } else {
5519 // Move up further.
5520 pindex = pindexPar;
5521 nHeight--;
5522 continue;
5523 }
5524 }
5525 }
5526
5527 // Check that we actually traversed the entire block index.
5528 assert(nNodes == forward.size() + best_hdr_chain.Height() + 1);
5529}
5530
5531std::string Chainstate::ToString()
5532{
5534 CBlockIndex* tip = m_chain.Tip();
5535 return strprintf("Chainstate [%s] @ height %d (%s)",
5536 m_from_snapshot_blockhash ? "snapshot" : "ibd",
5537 tip ? tip->nHeight : -1, tip ? tip->GetBlockHash().ToString() : "null");
5538}
5539
5540bool Chainstate::ResizeCoinsCaches(size_t coinstip_size, size_t coinsdb_size)
5541{
5543 if (coinstip_size == m_coinstip_cache_size_bytes &&
5544 coinsdb_size == m_coinsdb_cache_size_bytes) {
5545 // Cache sizes are unchanged, no need to continue.
5546 return true;
5547 }
5548 size_t old_coinstip_size = m_coinstip_cache_size_bytes;
5549 m_coinstip_cache_size_bytes = coinstip_size;
5550 m_coinsdb_cache_size_bytes = coinsdb_size;
5551 CoinsDB().ResizeCache(coinsdb_size);
5552
5553 LogPrintf("[%s] resized coinsdb cache to %.1f MiB\n",
5554 this->ToString(), coinsdb_size * (1.0 / 1024 / 1024));
5555 LogPrintf("[%s] resized coinstip cache to %.1f MiB\n",
5556 this->ToString(), coinstip_size * (1.0 / 1024 / 1024));
5557
5559 bool ret;
5560
5561 if (coinstip_size > old_coinstip_size) {
5562 // Likely no need to flush if cache sizes have grown.
5564 } else {
5565 // Otherwise, flush state to disk and deallocate the in-memory coins map.
5567 }
5568 return ret;
5569}
5570
5574{
5575 const ChainTxData& data{GetParams().TxData()};
5576 if (pindex == nullptr) {
5577 return 0.0;
5578 }
5579
5580 if (pindex->m_chain_tx_count == 0) {
5581 LogDebug(BCLog::VALIDATION, "Block %d has unset m_chain_tx_count. Unable to estimate verification progress.\n", pindex->nHeight);
5582 return 0.0;
5583 }
5584
5585 int64_t nNow = time(nullptr);
5586
5587 double fTxTotal;
5588
5589 if (pindex->m_chain_tx_count <= data.tx_count) {
5590 fTxTotal = data.tx_count + (nNow - data.nTime) * data.dTxRate;
5591 } else {
5592 fTxTotal = pindex->m_chain_tx_count + (nNow - pindex->GetBlockTime()) * data.dTxRate;
5593 }
5594
5595 return std::min<double>(pindex->m_chain_tx_count / fTxTotal, 1.0);
5596}
5597
5598std::optional<uint256> ChainstateManager::SnapshotBlockhash() const
5599{
5600 LOCK(::cs_main);
5601 if (m_active_chainstate && m_active_chainstate->m_from_snapshot_blockhash) {
5602 // If a snapshot chainstate exists, it will always be our active.
5603 return m_active_chainstate->m_from_snapshot_blockhash;
5604 }
5605 return std::nullopt;
5606}
5607
5608std::vector<Chainstate*> ChainstateManager::GetAll()
5609{
5610 LOCK(::cs_main);
5611 std::vector<Chainstate*> out;
5612
5613 for (Chainstate* cs : {m_ibd_chainstate.get(), m_snapshot_chainstate.get()}) {
5614 if (this->IsUsable(cs)) out.push_back(cs);
5615 }
5616
5617 return out;
5618}
5619
5620Chainstate& ChainstateManager::InitializeChainstate(CTxMemPool* mempool)
5621{
5623 assert(!m_ibd_chainstate);
5624 assert(!m_active_chainstate);
5625
5626 m_ibd_chainstate = std::make_unique<Chainstate>(mempool, m_blockman, *this);
5627 m_active_chainstate = m_ibd_chainstate.get();
5628 return *m_active_chainstate;
5629}
5630
5631[[nodiscard]] static bool DeleteCoinsDBFromDisk(const fs::path db_path, bool is_snapshot)
5633{
5635
5636 if (is_snapshot) {
5637 fs::path base_blockhash_path = db_path / node::SNAPSHOT_BLOCKHASH_FILENAME;
5638
5639 try {
5640 bool existed = fs::remove(base_blockhash_path);
5641 if (!existed) {
5642 LogPrintf("[snapshot] snapshot chainstate dir being removed lacks %s file\n",
5644 }
5645 } catch (const fs::filesystem_error& e) {
5646 LogWarning("[snapshot] failed to remove file %s: %s\n",
5647 fs::PathToString(base_blockhash_path), e.code().message());
5648 }
5649 }
5650
5651 std::string path_str = fs::PathToString(db_path);
5652 LogPrintf("Removing leveldb dir at %s\n", path_str);
5653
5654 // We have to destruct before this call leveldb::DB in order to release the db
5655 // lock, otherwise `DestroyDB` will fail. See `leveldb::~DBImpl()`.
5656 const bool destroyed = DestroyDB(path_str);
5657
5658 if (!destroyed) {
5659 LogPrintf("error: leveldb DestroyDB call failed on %s\n", path_str);
5660 }
5661
5662 // Datadir should be removed from filesystem; otherwise initialization may detect
5663 // it on subsequent statups and get confused.
5664 //
5665 // If the base_blockhash_path removal above fails in the case of snapshot
5666 // chainstates, this will return false since leveldb won't remove a non-empty
5667 // directory.
5668 return destroyed && !fs::exists(db_path);
5669}
5670
5672 AutoFile& coins_file,
5673 const SnapshotMetadata& metadata,
5674 bool in_memory)
5675{
5676 uint256 base_blockhash = metadata.m_base_blockhash;
5677
5678 if (this->SnapshotBlockhash()) {
5679 return util::Error{Untranslated("Can't activate a snapshot-based chainstate more than once")};
5680 }
5681
5682 CBlockIndex* snapshot_start_block{};
5683
5684 {
5685 LOCK(::cs_main);
5686
5687 if (!GetParams().AssumeutxoForBlockhash(base_blockhash).has_value()) {
5688 auto available_heights = GetParams().GetAvailableSnapshotHeights();
5689 std::string heights_formatted = util::Join(available_heights, ", ", [&](const auto& i) { return util::ToString(i); });
5690 return util::Error{Untranslated(strprintf("assumeutxo block hash in snapshot metadata not recognized (hash: %s). The following snapshot heights are available: %s",
5691 base_blockhash.ToString(),
5692 heights_formatted))};
5693 }
5694
5695 snapshot_start_block = m_blockman.LookupBlockIndex(base_blockhash);
5696 if (!snapshot_start_block) {
5697 return util::Error{Untranslated(strprintf("The base block header (%s) must appear in the headers chain. Make sure all headers are syncing, and call loadtxoutset again",
5698 base_blockhash.ToString()))};
5699 }
5700
5701 bool start_block_invalid = snapshot_start_block->nStatus & BLOCK_FAILED_MASK;
5702 if (start_block_invalid) {
5703 return util::Error{Untranslated(strprintf("The base block header (%s) is part of an invalid chain", base_blockhash.ToString()))};
5704 }
5705
5706 if (!m_best_header || m_best_header->GetAncestor(snapshot_start_block->nHeight) != snapshot_start_block) {
5707 return util::Error{Untranslated("A forked headers-chain with more work than the chain with the snapshot base block header exists. Please proceed to sync without AssumeUtxo.")};
5708 }
5709
5710 auto mempool{m_active_chainstate->GetMempool()};
5711 if (mempool && mempool->size() > 0) {
5712 return util::Error{Untranslated("Can't activate a snapshot when mempool not empty")};
5713 }
5714 }
5715
5716 int64_t current_coinsdb_cache_size{0};
5717 int64_t current_coinstip_cache_size{0};
5718
5719 // Cache percentages to allocate to each chainstate.
5720 //
5721 // These particular percentages don't matter so much since they will only be
5722 // relevant during snapshot activation; caches are rebalanced at the conclusion of
5723 // this function. We want to give (essentially) all available cache capacity to the
5724 // snapshot to aid the bulk load later in this function.
5725 static constexpr double IBD_CACHE_PERC = 0.01;
5726 static constexpr double SNAPSHOT_CACHE_PERC = 0.99;
5727
5728 {
5729 LOCK(::cs_main);
5730 // Resize the coins caches to ensure we're not exceeding memory limits.
5731 //
5732 // Allocate the majority of the cache to the incoming snapshot chainstate, since
5733 // (optimistically) getting to its tip will be the top priority. We'll need to call
5734 // `MaybeRebalanceCaches()` once we're done with this function to ensure
5735 // the right allocation (including the possibility that no snapshot was activated
5736 // and that we should restore the active chainstate caches to their original size).
5737 //
5738 current_coinsdb_cache_size = this->ActiveChainstate().m_coinsdb_cache_size_bytes;
5739 current_coinstip_cache_size = this->ActiveChainstate().m_coinstip_cache_size_bytes;
5740
5741 // Temporarily resize the active coins cache to make room for the newly-created
5742 // snapshot chain.
5743 this->ActiveChainstate().ResizeCoinsCaches(
5744 static_cast<size_t>(current_coinstip_cache_size * IBD_CACHE_PERC),
5745 static_cast<size_t>(current_coinsdb_cache_size * IBD_CACHE_PERC));
5746 }
5747
5748 auto snapshot_chainstate = WITH_LOCK(::cs_main,
5749 return std::make_unique<Chainstate>(
5750 /*mempool=*/nullptr, m_blockman, *this, base_blockhash));
5751
5752 {
5753 LOCK(::cs_main);
5754 snapshot_chainstate->InitCoinsDB(
5755 static_cast<size_t>(current_coinsdb_cache_size * SNAPSHOT_CACHE_PERC),
5756 in_memory, false, "chainstate");
5757 snapshot_chainstate->InitCoinsCache(
5758 static_cast<size_t>(current_coinstip_cache_size * SNAPSHOT_CACHE_PERC));
5759 }
5760
5761 auto cleanup_bad_snapshot = [&](bilingual_str reason) EXCLUSIVE_LOCKS_REQUIRED(::cs_main) {
5762 this->MaybeRebalanceCaches();
5763
5764 // PopulateAndValidateSnapshot can return (in error) before the leveldb datadir
5765 // has been created, so only attempt removal if we got that far.
5766 if (auto snapshot_datadir = node::FindSnapshotChainstateDir(m_options.datadir)) {
5767 // We have to destruct leveldb::DB in order to release the db lock, otherwise
5768 // DestroyDB() (in DeleteCoinsDBFromDisk()) will fail. See `leveldb::~DBImpl()`.
5769 // Destructing the chainstate (and so resetting the coinsviews object) does this.
5770 snapshot_chainstate.reset();
5771 bool removed = DeleteCoinsDBFromDisk(*snapshot_datadir, /*is_snapshot=*/true);
5772 if (!removed) {
5773 GetNotifications().fatalError(strprintf(_("Failed to remove snapshot chainstate dir (%s). "
5774 "Manually remove it before restarting.\n"), fs::PathToString(*snapshot_datadir)));
5775 }
5776 }
5777 return util::Error{std::move(reason)};
5778 };
5779
5780 if (auto res{this->PopulateAndValidateSnapshot(*snapshot_chainstate, coins_file, metadata)}; !res) {
5781 LOCK(::cs_main);
5782 return cleanup_bad_snapshot(Untranslated(strprintf("Population failed: %s", util::ErrorString(res).original)));
5783 }
5784
5785 LOCK(::cs_main); // cs_main required for rest of snapshot activation.
5786
5787 // Do a final check to ensure that the snapshot chainstate is actually a more
5788 // work chain than the active chainstate; a user could have loaded a snapshot
5789 // very late in the IBD process, and we wouldn't want to load a useless chainstate.
5790 if (!CBlockIndexWorkComparator()(ActiveTip(), snapshot_chainstate->m_chain.Tip())) {
5791 return cleanup_bad_snapshot(Untranslated("work does not exceed active chainstate"));
5792 }
5793 // If not in-memory, persist the base blockhash for use during subsequent
5794 // initialization.
5795 if (!in_memory) {
5796 if (!node::WriteSnapshotBaseBlockhash(*snapshot_chainstate)) {
5797 return cleanup_bad_snapshot(Untranslated("could not write base blockhash"));
5798 }
5799 }
5800
5801 assert(!m_snapshot_chainstate);
5802 m_snapshot_chainstate.swap(snapshot_chainstate);
5803 const bool chaintip_loaded = m_snapshot_chainstate->LoadChainTip();
5804 assert(chaintip_loaded);
5805
5806 // Transfer possession of the mempool to the snapshot chainstate.
5807 // Mempool is empty at this point because we're still in IBD.
5808 Assert(m_active_chainstate->m_mempool->size() == 0);
5809 Assert(!m_snapshot_chainstate->m_mempool);
5810 m_snapshot_chainstate->m_mempool = m_active_chainstate->m_mempool;
5811 m_active_chainstate->m_mempool = nullptr;
5812 m_active_chainstate = m_snapshot_chainstate.get();
5813 m_blockman.m_snapshot_height = this->GetSnapshotBaseHeight();
5814
5815 LogPrintf("[snapshot] successfully activated snapshot %s\n", base_blockhash.ToString());
5816 LogPrintf("[snapshot] (%.2f MB)\n",
5817 m_snapshot_chainstate->CoinsTip().DynamicMemoryUsage() / (1000 * 1000));
5818
5819 this->MaybeRebalanceCaches();
5820 return snapshot_start_block;
5821}
5822
5823static void FlushSnapshotToDisk(CCoinsViewCache& coins_cache, bool snapshot_loaded)
5824{
5826 strprintf("%s (%.2f MB)",
5827 snapshot_loaded ? "saving snapshot chainstate" : "flushing coins cache",
5828 coins_cache.DynamicMemoryUsage() / (1000 * 1000)),
5830
5831 coins_cache.Flush();
5832}
5833
5834struct StopHashingException : public std::exception
5835{
5836 const char* what() const noexcept override
5837 {
5838 return "ComputeUTXOStats interrupted.";
5839 }
5840};
5841
5843{
5844 if (interrupt) throw StopHashingException();
5845}
5846
5848 Chainstate& snapshot_chainstate,
5849 AutoFile& coins_file,
5850 const SnapshotMetadata& metadata)
5851{
5852 // It's okay to release cs_main before we're done using `coins_cache` because we know
5853 // that nothing else will be referencing the newly created snapshot_chainstate yet.
5854 CCoinsViewCache& coins_cache = *WITH_LOCK(::cs_main, return &snapshot_chainstate.CoinsTip());
5855
5856 uint256 base_blockhash = metadata.m_base_blockhash;
5857
5858 CBlockIndex* snapshot_start_block = WITH_LOCK(::cs_main, return m_blockman.LookupBlockIndex(base_blockhash));
5859
5860 if (!snapshot_start_block) {
5861 // Needed for ComputeUTXOStats to determine the
5862 // height and to avoid a crash when base_blockhash.IsNull()
5863 return util::Error{Untranslated(strprintf("Did not find snapshot start blockheader %s",
5864 base_blockhash.ToString()))};
5865 }
5866
5867 int base_height = snapshot_start_block->nHeight;
5868 const auto& maybe_au_data = GetParams().AssumeutxoForHeight(base_height);
5869
5870 if (!maybe_au_data) {
5871 return util::Error{Untranslated(strprintf("Assumeutxo height in snapshot metadata not recognized "
5872 "(%d) - refusing to load snapshot", base_height))};
5873 }
5874
5875 const AssumeutxoData& au_data = *maybe_au_data;
5876
5877 // This work comparison is a duplicate check with the one performed later in
5878 // ActivateSnapshot(), but is done so that we avoid doing the long work of staging
5879 // a snapshot that isn't actually usable.
5880 if (WITH_LOCK(::cs_main, return !CBlockIndexWorkComparator()(ActiveTip(), snapshot_start_block))) {
5881 return util::Error{Untranslated("Work does not exceed active chainstate")};
5882 }
5883
5884 const uint64_t coins_count = metadata.m_coins_count;
5885 uint64_t coins_left = metadata.m_coins_count;
5886
5887 LogPrintf("[snapshot] loading %d coins from snapshot %s\n", coins_left, base_blockhash.ToString());
5888 int64_t coins_processed{0};
5889
5890 while (coins_left > 0) {
5891 try {
5892 Txid txid;
5893 coins_file >> txid;
5894 size_t coins_per_txid{0};
5895 coins_per_txid = ReadCompactSize(coins_file);
5896
5897 if (coins_per_txid > coins_left) {
5898 return util::Error{Untranslated("Mismatch in coins count in snapshot metadata and actual snapshot data")};
5899 }
5900
5901 for (size_t i = 0; i < coins_per_txid; i++) {
5902 COutPoint outpoint;
5903 Coin coin;
5904 outpoint.n = static_cast<uint32_t>(ReadCompactSize(coins_file));
5905 outpoint.hash = txid;
5906 coins_file >> coin;
5907 if (coin.nHeight > base_height ||
5908 outpoint.n >= std::numeric_limits<decltype(outpoint.n)>::max() // Avoid integer wrap-around in coinstats.cpp:ApplyHash
5909 ) {
5910 return util::Error{Untranslated(strprintf("Bad snapshot data after deserializing %d coins",
5911 coins_count - coins_left))};
5912 }
5913 if (!MoneyRange(coin.out.nValue)) {
5914 return util::Error{Untranslated(strprintf("Bad snapshot data after deserializing %d coins - bad tx out value",
5915 coins_count - coins_left))};
5916 }
5917 coins_cache.EmplaceCoinInternalDANGER(std::move(outpoint), std::move(coin));
5918
5919 --coins_left;
5920 ++coins_processed;
5921
5922 if (coins_processed % 1000000 == 0) {
5923 LogPrintf("[snapshot] %d coins loaded (%.2f%%, %.2f MB)\n",
5924 coins_processed,
5925 static_cast<float>(coins_processed) * 100 / static_cast<float>(coins_count),
5926 coins_cache.DynamicMemoryUsage() / (1000 * 1000));
5927 }
5928
5929 // Batch write and flush (if we need to) every so often.
5930 //
5931 // If our average Coin size is roughly 41 bytes, checking every 120,000 coins
5932 // means <5MB of memory imprecision.
5933 if (coins_processed % 120000 == 0) {
5934 if (m_interrupt) {
5935 return util::Error{Untranslated("Aborting after an interrupt was requested")};
5936 }
5937
5938 const auto snapshot_cache_state = WITH_LOCK(::cs_main,
5939 return snapshot_chainstate.GetCoinsCacheSizeState());
5940
5941 if (snapshot_cache_state >= CoinsCacheSizeState::CRITICAL) {
5942 // This is a hack - we don't know what the actual best block is, but that
5943 // doesn't matter for the purposes of flushing the cache here. We'll set this
5944 // to its correct value (`base_blockhash`) below after the coins are loaded.
5945 coins_cache.SetBestBlock(GetRandHash());
5946
5947 // No need to acquire cs_main since this chainstate isn't being used yet.
5948 FlushSnapshotToDisk(coins_cache, /*snapshot_loaded=*/false);
5949 }
5950 }
5951 }
5952 } catch (const std::ios_base::failure&) {
5953 return util::Error{Untranslated(strprintf("Bad snapshot format or truncated snapshot after deserializing %d coins",
5954 coins_processed))};
5955 }
5956 }
5957
5958 // Important that we set this. This and the coins_cache accesses above are
5959 // sort of a layer violation, but either we reach into the innards of
5960 // CCoinsViewCache here or we have to invert some of the Chainstate to
5961 // embed them in a snapshot-activation-specific CCoinsViewCache bulk load
5962 // method.
5963 coins_cache.SetBestBlock(base_blockhash);
5964
5965 bool out_of_coins{false};
5966 try {
5967 std::byte left_over_byte;
5968 coins_file >> left_over_byte;
5969 } catch (const std::ios_base::failure&) {
5970 // We expect an exception since we should be out of coins.
5971 out_of_coins = true;
5972 }
5973 if (!out_of_coins) {
5974 return util::Error{Untranslated(strprintf("Bad snapshot - coins left over after deserializing %d coins",
5975 coins_count))};
5976 }
5977
5978 LogPrintf("[snapshot] loaded %d (%.2f MB) coins from snapshot %s\n",
5979 coins_count,
5980 coins_cache.DynamicMemoryUsage() / (1000 * 1000),
5981 base_blockhash.ToString());
5982
5983 // No need to acquire cs_main since this chainstate isn't being used yet.
5984 FlushSnapshotToDisk(coins_cache, /*snapshot_loaded=*/true);
5985
5986 assert(coins_cache.GetBestBlock() == base_blockhash);
5987
5988 // As above, okay to immediately release cs_main here since no other context knows
5989 // about the snapshot_chainstate.
5990 CCoinsViewDB* snapshot_coinsdb = WITH_LOCK(::cs_main, return &snapshot_chainstate.CoinsDB());
5991
5992 std::optional<CCoinsStats> maybe_stats;
5993
5994 try {
5995 maybe_stats = ComputeUTXOStats(
5996 CoinStatsHashType::HASH_SERIALIZED, snapshot_coinsdb, m_blockman, [&interrupt = m_interrupt] { SnapshotUTXOHashBreakpoint(interrupt); });
5997 } catch (StopHashingException const&) {
5998 return util::Error{Untranslated("Aborting after an interrupt was requested")};
5999 }
6000 if (!maybe_stats.has_value()) {
6001 return util::Error{Untranslated("Failed to generate coins stats")};
6002 }
6003
6004 // Assert that the deserialized chainstate contents match the expected assumeutxo value.
6005 if (AssumeutxoHash{maybe_stats->hashSerialized} != au_data.hash_serialized) {
6006 return util::Error{Untranslated(strprintf("Bad snapshot content hash: expected %s, got %s",
6007 au_data.hash_serialized.ToString(), maybe_stats->hashSerialized.ToString()))};
6008 }
6009
6010 snapshot_chainstate.m_chain.SetTip(*snapshot_start_block);
6011
6012 // The remainder of this function requires modifying data protected by cs_main.
6013 LOCK(::cs_main);
6014
6015 // Fake various pieces of CBlockIndex state:
6016 CBlockIndex* index = nullptr;
6017
6018 // Don't make any modifications to the genesis block since it shouldn't be
6019 // necessary, and since the genesis block doesn't have normal flags like
6020 // BLOCK_VALID_SCRIPTS set.
6021 constexpr int AFTER_GENESIS_START{1};
6022
6023 for (int i = AFTER_GENESIS_START; i <= snapshot_chainstate.m_chain.Height(); ++i) {
6024 index = snapshot_chainstate.m_chain[i];
6025
6026 // Fake BLOCK_OPT_WITNESS so that Chainstate::NeedsRedownload()
6027 // won't ask for -reindex on startup.
6029 index->nStatus |= BLOCK_OPT_WITNESS;
6030 }
6031
6032 m_blockman.m_dirty_blockindex.insert(index);
6033 // Changes to the block index will be flushed to disk after this call
6034 // returns in `ActivateSnapshot()`, when `MaybeRebalanceCaches()` is
6035 // called, since we've added a snapshot chainstate and therefore will
6036 // have to downsize the IBD chainstate, which will result in a call to
6037 // `FlushStateToDisk(ALWAYS)`.
6038 }
6039
6040 assert(index);
6041 assert(index == snapshot_start_block);
6042 index->m_chain_tx_count = au_data.m_chain_tx_count;
6043 snapshot_chainstate.setBlockIndexCandidates.insert(snapshot_start_block);
6044
6045 LogPrintf("[snapshot] validated snapshot (%.2f MB)\n",
6046 coins_cache.DynamicMemoryUsage() / (1000 * 1000));
6047 return {};
6048}
6049
6050// Currently, this function holds cs_main for its duration, which could be for
6051// multiple minutes due to the ComputeUTXOStats call. This hold is necessary
6052// because we need to avoid advancing the background validation chainstate
6053// farther than the snapshot base block - and this function is also invoked
6054// from within ConnectTip, i.e. from within ActivateBestChain, so cs_main is
6055// held anyway.
6056//
6057// Eventually (TODO), we could somehow separate this function's runtime from
6058// maintenance of the active chain, but that will either require
6059//
6060// (i) setting `m_disabled` immediately and ensuring all chainstate accesses go
6061// through IsUsable() checks, or
6062//
6063// (ii) giving each chainstate its own lock instead of using cs_main for everything.
6064SnapshotCompletionResult ChainstateManager::MaybeCompleteSnapshotValidation()
6065{
6067 if (m_ibd_chainstate.get() == &this->ActiveChainstate() ||
6068 !this->IsUsable(m_snapshot_chainstate.get()) ||
6069 !this->IsUsable(m_ibd_chainstate.get()) ||
6070 !m_ibd_chainstate->m_chain.Tip()) {
6071 // Nothing to do - this function only applies to the background
6072 // validation chainstate.
6074 }
6075 const int snapshot_tip_height = this->ActiveHeight();
6076 const int snapshot_base_height = *Assert(this->GetSnapshotBaseHeight());
6077 const CBlockIndex& index_new = *Assert(m_ibd_chainstate->m_chain.Tip());
6078
6079 if (index_new.nHeight < snapshot_base_height) {
6080 // Background IBD not complete yet.
6082 }
6083
6085 uint256 snapshot_blockhash = *Assert(SnapshotBlockhash());
6086
6087 auto handle_invalid_snapshot = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) {
6088 bilingual_str user_error = strprintf(_(
6089 "%s failed to validate the -assumeutxo snapshot state. "
6090 "This indicates a hardware problem, or a bug in the software, or a "
6091 "bad software modification that allowed an invalid snapshot to be "
6092 "loaded. As a result of this, the node will shut down and stop using any "
6093 "state that was built on the snapshot, resetting the chain height "
6094 "from %d to %d. On the next "
6095 "restart, the node will resume syncing from %d "
6096 "without using any snapshot data. "
6097 "Please report this incident to %s, including how you obtained the snapshot. "
6098 "The invalid snapshot chainstate will be left on disk in case it is "
6099 "helpful in diagnosing the issue that caused this error."),
6100 CLIENT_NAME, snapshot_tip_height, snapshot_base_height, snapshot_base_height, CLIENT_BUGREPORT
6101 );
6102
6103 LogError("[snapshot] !!! %s\n", user_error.original);
6104 LogError("[snapshot] deleting snapshot, reverting to validated chain, and stopping node\n");
6105
6106 m_active_chainstate = m_ibd_chainstate.get();
6107 m_snapshot_chainstate->m_disabled = true;
6108 assert(!this->IsUsable(m_snapshot_chainstate.get()));
6109 assert(this->IsUsable(m_ibd_chainstate.get()));
6110
6111 auto rename_result = m_snapshot_chainstate->InvalidateCoinsDBOnDisk();
6112 if (!rename_result) {
6113 user_error += Untranslated("\n") + util::ErrorString(rename_result);
6114 }
6115
6116 GetNotifications().fatalError(user_error);
6117 };
6118
6119 if (index_new.GetBlockHash() != snapshot_blockhash) {
6120 LogPrintf("[snapshot] supposed base block %s does not match the "
6121 "snapshot base block %s (height %d). Snapshot is not valid.\n",
6122 index_new.ToString(), snapshot_blockhash.ToString(), snapshot_base_height);
6123 handle_invalid_snapshot();
6125 }
6126
6127 assert(index_new.nHeight == snapshot_base_height);
6128
6129 int curr_height = m_ibd_chainstate->m_chain.Height();
6130
6131 assert(snapshot_base_height == curr_height);
6132 assert(snapshot_base_height == index_new.nHeight);
6133 assert(this->IsUsable(m_snapshot_chainstate.get()));
6134 assert(this->GetAll().size() == 2);
6135
6136 CCoinsViewDB& ibd_coins_db = m_ibd_chainstate->CoinsDB();
6137 m_ibd_chainstate->ForceFlushStateToDisk();
6138
6139 const auto& maybe_au_data = m_options.chainparams.AssumeutxoForHeight(curr_height);
6140 if (!maybe_au_data) {
6141 LogPrintf("[snapshot] assumeutxo data not found for height "
6142 "(%d) - refusing to validate snapshot\n", curr_height);
6143 handle_invalid_snapshot();
6145 }
6146
6147 const AssumeutxoData& au_data = *maybe_au_data;
6148 std::optional<CCoinsStats> maybe_ibd_stats;
6149 LogPrintf("[snapshot] computing UTXO stats for background chainstate to validate "
6150 "snapshot - this could take a few minutes\n");
6151 try {
6152 maybe_ibd_stats = ComputeUTXOStats(
6153 CoinStatsHashType::HASH_SERIALIZED,
6154 &ibd_coins_db,
6155 m_blockman,
6156 [&interrupt = m_interrupt] { SnapshotUTXOHashBreakpoint(interrupt); });
6157 } catch (StopHashingException const&) {
6159 }
6160
6161 // XXX note that this function is slow and will hold cs_main for potentially minutes.
6162 if (!maybe_ibd_stats) {
6163 LogPrintf("[snapshot] failed to generate stats for validation coins db\n");
6164 // While this isn't a problem with the snapshot per se, this condition
6165 // prevents us from validating the snapshot, so we should shut down and let the
6166 // user handle the issue manually.
6167 handle_invalid_snapshot();
6169 }
6170 const auto& ibd_stats = *maybe_ibd_stats;
6171
6172 // Compare the background validation chainstate's UTXO set hash against the hard-coded
6173 // assumeutxo hash we expect.
6174 //
6175 // TODO: For belt-and-suspenders, we could cache the UTXO set
6176 // hash for the snapshot when it's loaded in its chainstate's leveldb. We could then
6177 // reference that here for an additional check.
6178 if (AssumeutxoHash{ibd_stats.hashSerialized} != au_data.hash_serialized) {
6179 LogPrintf("[snapshot] hash mismatch: actual=%s, expected=%s\n",
6180 ibd_stats.hashSerialized.ToString(),
6181 au_data.hash_serialized.ToString());
6182 handle_invalid_snapshot();
6184 }
6185
6186 LogPrintf("[snapshot] snapshot beginning at %s has been fully validated\n",
6187 snapshot_blockhash.ToString());
6188
6189 m_ibd_chainstate->m_disabled = true;
6190 this->MaybeRebalanceCaches();
6191
6193}
6194
6196{
6197 LOCK(::cs_main);
6198 assert(m_active_chainstate);
6199 return *m_active_chainstate;
6200}
6201
6203{
6204 LOCK(::cs_main);
6205 return m_snapshot_chainstate && m_active_chainstate == m_snapshot_chainstate.get();
6206}
6207
6208void ChainstateManager::MaybeRebalanceCaches()
6209{
6211 bool ibd_usable = this->IsUsable(m_ibd_chainstate.get());
6212 bool snapshot_usable = this->IsUsable(m_snapshot_chainstate.get());
6213 assert(ibd_usable || snapshot_usable);
6214
6215 if (ibd_usable && !snapshot_usable) {
6216 // Allocate everything to the IBD chainstate. This will always happen
6217 // when we are not using a snapshot.
6218 m_ibd_chainstate->ResizeCoinsCaches(m_total_coinstip_cache, m_total_coinsdb_cache);
6219 }
6220 else if (snapshot_usable && !ibd_usable) {
6221 // If background validation has completed and snapshot is our active chain...
6222 LogPrintf("[snapshot] allocating all cache to the snapshot chainstate\n");
6223 // Allocate everything to the snapshot chainstate.
6224 m_snapshot_chainstate->ResizeCoinsCaches(m_total_coinstip_cache, m_total_coinsdb_cache);
6225 }
6226 else if (ibd_usable && snapshot_usable) {
6227 // If both chainstates exist, determine who needs more cache based on IBD status.
6228 //
6229 // Note: shrink caches first so that we don't inadvertently overwhelm available memory.
6230 if (IsInitialBlockDownload()) {
6231 m_ibd_chainstate->ResizeCoinsCaches(
6233 m_snapshot_chainstate->ResizeCoinsCaches(
6235 } else {
6236 m_snapshot_chainstate->ResizeCoinsCaches(
6238 m_ibd_chainstate->ResizeCoinsCaches(
6240 }
6241 }
6242}
6243
6244void ChainstateManager::ResetChainstates()
6245{
6246 m_ibd_chainstate.reset();
6247 m_snapshot_chainstate.reset();
6248 m_active_chainstate = nullptr;
6249}
6250
6257{
6258 if (!opts.check_block_index.has_value()) opts.check_block_index = opts.chainparams.DefaultConsistencyChecks();
6259 if (!opts.minimum_chain_work.has_value()) opts.minimum_chain_work = UintToArith256(opts.chainparams.GetConsensus().nMinimumChainWork);
6260 if (!opts.assumed_valid_block.has_value()) opts.assumed_valid_block = opts.chainparams.GetConsensus().defaultAssumeValid;
6261 return std::move(opts);
6262}
6263
6265 : m_script_check_queue{/*batch_size=*/128, std::clamp(options.worker_threads_num, 0, MAX_SCRIPTCHECK_THREADS)},
6266 m_interrupt{interrupt},
6267 m_options{Flatten(std::move(options))},
6268 m_blockman{interrupt, std::move(blockman_options)},
6269 m_validation_cache{m_options.script_execution_cache_bytes, m_options.signature_cache_bytes}
6270{
6271}
6272
6274{
6275 LOCK(::cs_main);
6276
6278}
6279
6280bool ChainstateManager::DetectSnapshotChainstate()
6281{
6282 assert(!m_snapshot_chainstate);
6283 std::optional<fs::path> path = node::FindSnapshotChainstateDir(m_options.datadir);
6284 if (!path) {
6285 return false;
6286 }
6287 std::optional<uint256> base_blockhash = node::ReadSnapshotBaseBlockhash(*path);
6288 if (!base_blockhash) {
6289 return false;
6290 }
6291 LogPrintf("[snapshot] detected active snapshot chainstate (%s) - loading\n",
6292 fs::PathToString(*path));
6293
6294 this->ActivateExistingSnapshot(*base_blockhash);
6295 return true;
6296}
6297
6298Chainstate& ChainstateManager::ActivateExistingSnapshot(uint256 base_blockhash)
6299{
6300 assert(!m_snapshot_chainstate);
6301 m_snapshot_chainstate =
6302 std::make_unique<Chainstate>(nullptr, m_blockman, *this, base_blockhash);
6303 LogPrintf("[snapshot] switching active chainstate to %s\n", m_snapshot_chainstate->ToString());
6304
6305 // Mempool is empty at this point because we're still in IBD.
6306 Assert(m_active_chainstate->m_mempool->size() == 0);
6307 Assert(!m_snapshot_chainstate->m_mempool);
6308 m_snapshot_chainstate->m_mempool = m_active_chainstate->m_mempool;
6309 m_active_chainstate->m_mempool = nullptr;
6310 m_active_chainstate = m_snapshot_chainstate.get();
6311 return *m_snapshot_chainstate;
6312}
6313
6314bool IsBIP30Repeat(const CBlockIndex& block_index)
6315{
6316 return (block_index.nHeight==91842 && block_index.GetBlockHash() == uint256{"00000000000a4d0a398161ffc163c503763b1f4360639393e0e4c8e300e0caec"}) ||
6317 (block_index.nHeight==91880 && block_index.GetBlockHash() == uint256{"00000000000743f190a18c5577a3c2d2a1f610ae9601ac046a38084ccb7cd721"});
6318}
6319
6320bool IsBIP30Unspendable(const CBlockIndex& block_index)
6321{
6322 return (block_index.nHeight==91722 && block_index.GetBlockHash() == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
6323 (block_index.nHeight==91812 && block_index.GetBlockHash() == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"});
6324}
6325
6327{
6329 // Should never be called on a non-snapshot chainstate.
6330 assert(cs.m_from_snapshot_blockhash);
6331 auto storage_path_maybe = cs.CoinsDB().StoragePath();
6332 // Should never be called with a non-existent storage path.
6333 assert(storage_path_maybe);
6334 return *storage_path_maybe;
6335}
6336
6337util::Result<void> Chainstate::InvalidateCoinsDBOnDisk()
6338{
6339 fs::path snapshot_datadir = GetSnapshotCoinsDBPath(*this);
6340
6341 // Coins views no longer usable.
6342 m_coins_views.reset();
6343
6344 auto invalid_path = snapshot_datadir + "_INVALID";
6345 std::string dbpath = fs::PathToString(snapshot_datadir);
6346 std::string target = fs::PathToString(invalid_path);
6347 LogPrintf("[snapshot] renaming snapshot datadir %s to %s\n", dbpath, target);
6348
6349 // The invalid snapshot datadir is simply moved and not deleted because we may
6350 // want to do forensics later during issue investigation. The user is instructed
6351 // accordingly in MaybeCompleteSnapshotValidation().
6352 try {
6353 fs::rename(snapshot_datadir, invalid_path);
6354 } catch (const fs::filesystem_error& e) {
6355 auto src_str = fs::PathToString(snapshot_datadir);
6356 auto dest_str = fs::PathToString(invalid_path);
6357
6358 LogPrintf("%s: error renaming file '%s' -> '%s': %s\n",
6359 __func__, src_str, dest_str, e.what());
6360 return util::Error{strprintf(_(
6361 "Rename of '%s' -> '%s' failed. "
6362 "You should resolve this by manually moving or deleting the invalid "
6363 "snapshot directory %s, otherwise you will encounter the same error again "
6364 "on the next startup."),
6365 src_str, dest_str, src_str)};
6366 }
6367 return {};
6368}
6369
6370bool ChainstateManager::DeleteSnapshotChainstate()
6371{
6373 Assert(m_snapshot_chainstate);
6374 Assert(m_ibd_chainstate);
6375
6376 fs::path snapshot_datadir = Assert(node::FindSnapshotChainstateDir(m_options.datadir)).value();
6377 if (!DeleteCoinsDBFromDisk(snapshot_datadir, /*is_snapshot=*/ true)) {
6378 LogPrintf("Deletion of %s failed. Please remove it manually to continue reindexing.\n",
6379 fs::PathToString(snapshot_datadir));
6380 return false;
6381 }
6382 m_active_chainstate = m_ibd_chainstate.get();
6383 m_active_chainstate->m_mempool = m_snapshot_chainstate->m_mempool;
6384 m_snapshot_chainstate.reset();
6385 return true;
6386}
6387
6388ChainstateRole Chainstate::GetRole() const
6389{
6390 if (m_chainman.GetAll().size() <= 1) {
6392 }
6393 return (this != &m_chainman.ActiveChainstate()) ?
6396}
6397
6398const CBlockIndex* ChainstateManager::GetSnapshotBaseBlock() const
6399{
6400 return m_active_chainstate ? m_active_chainstate->SnapshotBase() : nullptr;
6401}
6402
6403std::optional<int> ChainstateManager::GetSnapshotBaseHeight() const
6404{
6405 const CBlockIndex* base = this->GetSnapshotBaseBlock();
6406 return base ? std::make_optional(base->nHeight) : std::nullopt;
6407}
6408
6409void ChainstateManager::RecalculateBestHeader()
6410{
6412 m_best_header = ActiveChain().Tip();
6413 for (auto& entry : m_blockman.m_block_index) {
6414 if (!(entry.second.nStatus & BLOCK_FAILED_MASK) && m_best_header->nChainWork < entry.second.nChainWork) {
6415 m_best_header = &entry.second;
6416 }
6417 }
6418}
6419
6420bool ChainstateManager::ValidatedSnapshotCleanup()
6421{
6423 auto get_storage_path = [](auto& chainstate) EXCLUSIVE_LOCKS_REQUIRED(::cs_main) -> std::optional<fs::path> {
6424 if (!(chainstate && chainstate->HasCoinsViews())) {
6425 return {};
6426 }
6427 return chainstate->CoinsDB().StoragePath();
6428 };
6429 std::optional<fs::path> ibd_chainstate_path_maybe = get_storage_path(m_ibd_chainstate);
6430 std::optional<fs::path> snapshot_chainstate_path_maybe = get_storage_path(m_snapshot_chainstate);
6431
6432 if (!this->IsSnapshotValidated()) {
6433 // No need to clean up.
6434 return false;
6435 }
6436 // If either path doesn't exist, that means at least one of the chainstates
6437 // is in-memory, in which case we can't do on-disk cleanup. You'd better be
6438 // in a unittest!
6439 if (!ibd_chainstate_path_maybe || !snapshot_chainstate_path_maybe) {
6440 LogPrintf("[snapshot] snapshot chainstate cleanup cannot happen with "
6441 "in-memory chainstates. You are testing, right?\n");
6442 return false;
6443 }
6444
6445 const auto& snapshot_chainstate_path = *snapshot_chainstate_path_maybe;
6446 const auto& ibd_chainstate_path = *ibd_chainstate_path_maybe;
6447
6448 // Since we're going to be moving around the underlying leveldb filesystem content
6449 // for each chainstate, make sure that the chainstates (and their constituent
6450 // CoinsViews members) have been destructed first.
6451 //
6452 // The caller of this method will be responsible for reinitializing chainstates
6453 // if they want to continue operation.
6454 this->ResetChainstates();
6455
6456 // No chainstates should be considered usable.
6457 assert(this->GetAll().size() == 0);
6458
6459 LogPrintf("[snapshot] deleting background chainstate directory (now unnecessary) (%s)\n",
6460 fs::PathToString(ibd_chainstate_path));
6461
6462 fs::path tmp_old{ibd_chainstate_path + "_todelete"};
6463
6464 auto rename_failed_abort = [this](
6465 fs::path p_old,
6466 fs::path p_new,
6467 const fs::filesystem_error& err) {
6468 LogError("[snapshot] Error renaming path (%s) -> (%s): %s\n",
6469 fs::PathToString(p_old), fs::PathToString(p_new), err.what());
6471 "Rename of '%s' -> '%s' failed. "
6472 "Cannot clean up the background chainstate leveldb directory."),
6473 fs::PathToString(p_old), fs::PathToString(p_new)));
6474 };
6475
6476 try {
6477 fs::rename(ibd_chainstate_path, tmp_old);
6478 } catch (const fs::filesystem_error& e) {
6479 rename_failed_abort(ibd_chainstate_path, tmp_old, e);
6480 throw;
6481 }
6482
6483 LogPrintf("[snapshot] moving snapshot chainstate (%s) to "
6484 "default chainstate directory (%s)\n",
6485 fs::PathToString(snapshot_chainstate_path), fs::PathToString(ibd_chainstate_path));
6486
6487 try {
6488 fs::rename(snapshot_chainstate_path, ibd_chainstate_path);
6489 } catch (const fs::filesystem_error& e) {
6490 rename_failed_abort(snapshot_chainstate_path, ibd_chainstate_path, e);
6491 throw;
6492 }
6493
6494 if (!DeleteCoinsDBFromDisk(tmp_old, /*is_snapshot=*/false)) {
6495 // No need to FatalError because once the unneeded bg chainstate data is
6496 // moved, it will not interfere with subsequent initialization.
6497 LogPrintf("Deletion of %s failed. Please remove it manually, as the "
6498 "directory is now unnecessary.\n",
6499 fs::PathToString(tmp_old));
6500 } else {
6501 LogPrintf("[snapshot] deleted background chainstate directory (%s)\n",
6502 fs::PathToString(ibd_chainstate_path));
6503 }
6504 return true;
6505}
6506
6507Chainstate& ChainstateManager::GetChainstateForIndexing()
6508{
6509 // We can't always return `m_ibd_chainstate` because after background validation
6510 // has completed, `m_snapshot_chainstate == m_active_chainstate`, but it can be
6511 // indexed.
6512 return (this->GetAll().size() > 1) ? *m_ibd_chainstate : *m_active_chainstate;
6513}
6514
6515std::pair<int, int> ChainstateManager::GetPruneRange(const Chainstate& chainstate, int last_height_can_prune)
6516{
6517 if (chainstate.m_chain.Height() <= 0) {
6518 return {0, 0};
6519 }
6520 int prune_start{0};
6521
6522 if (this->GetAll().size() > 1 && m_snapshot_chainstate.get() == &chainstate) {
6523 // Leave the blocks in the background IBD chain alone if we're pruning
6524 // the snapshot chain.
6525 prune_start = *Assert(GetSnapshotBaseHeight()) + 1;
6526 }
6527
6528 int max_prune = std::max<int>(
6529 0, chainstate.m_chain.Height() - static_cast<int>(MIN_BLOCKS_TO_KEEP));
6530
6531 // last block to prune is the lesser of (caller-specified height, MIN_BLOCKS_TO_KEEP from the tip)
6532 //
6533 // While you might be tempted to prune the background chainstate more
6534 // aggressively (i.e. fewer MIN_BLOCKS_TO_KEEP), this won't work with index
6535 // building - specifically blockfilterindex requires undo data, and if
6536 // we don't maintain this trailing window, we hit indexing failures.
6537 int prune_end = std::min(last_height_can_prune, max_prune);
6538
6539 return {prune_start, prune_end};
6540}
bool MoneyRange(const CAmount &nValue)
Definition: amount.h:27
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12
static constexpr CAmount COIN
The amount of satoshis in one BTC.
Definition: amount.h:15
arith_uint256 UintToArith256(const uint256 &a)
int ret
int flags
Definition: bitcoin-tx.cpp:529
ArgsManager & args
Definition: bitcoind.cpp:277
void InvalidateBlock(ChainstateManager &chainman, const uint256 block_hash)
arith_uint256 GetBlockProof(const CBlockIndex &block)
Definition: chain.cpp:131
int64_t GetBlockProofEquivalentTime(const CBlockIndex &to, const CBlockIndex &from, const CBlockIndex &tip, const Consensus::Params &params)
Return the time it would take to redo the work difference between from and to, assuming the current h...
Definition: chain.cpp:146
const CBlockIndex * LastCommonAncestor(const CBlockIndex *pa, const CBlockIndex *pb)
Find the last common ancestor two blocks have.
Definition: chain.cpp:165
@ BLOCK_VALID_CHAIN
Outputs do not overspend inputs, no double spends, coinbase output ok, no immature coinbase spends,...
Definition: chain.h:111
@ BLOCK_VALID_MASK
All validity bits.
Definition: chain.h:118
@ BLOCK_VALID_TRANSACTIONS
Only first tx is coinbase, 2 <= coinbase input script length <= 100, transactions valid,...
Definition: chain.h:107
@ BLOCK_VALID_SCRIPTS
Scripts & signatures ok.
Definition: chain.h:115
@ BLOCK_VALID_TREE
All parent headers found, difficulty matches, timestamp >= median previous.
Definition: chain.h:97
@ BLOCK_HAVE_UNDO
undo data available in rev*.dat
Definition: chain.h:122
@ BLOCK_HAVE_DATA
full block available in blk*.dat
Definition: chain.h:121
@ BLOCK_FAILED_CHILD
descends from failed block
Definition: chain.h:126
@ BLOCK_FAILED_MASK
Definition: chain.h:127
@ BLOCK_FAILED_VALID
stage after last reached validness failed
Definition: chain.h:125
@ BLOCK_OPT_WITNESS
block data in blk*.dat was received with a witness-enforcing client
Definition: chain.h:129
#define Assert(val)
Identity function.
Definition: check.h:106
#define Assume(val)
Assume is the identity function.
Definition: check.h:118
Non-refcounted RAII wrapper for FILE*.
Definition: streams.h:392
std::string ToString() const
Definition: hash_type.h:43
Wrapper around an AutoFile& that implements a ring buffer to deserialize from.
Definition: streams.h:482
Nodes collect new transactions into a block, hash them into a hash tree, and scan through nonce value...
Definition: block.h:22
NodeSeconds Time() const
Definition: block.h:56
uint32_t nBits
Definition: block.h:29
int64_t GetBlockTime() const
Definition: block.h:61
int32_t nVersion
Definition: block.h:25
uint256 hashPrevBlock
Definition: block.h:26
uint256 hashMerkleRoot
Definition: block.h:27
uint256 GetHash() const
Definition: block.cpp:11
Definition: block.h:69
bool m_checked_merkle_root
Definition: block.h:77
std::vector< CTransactionRef > vtx
Definition: block.h:72
bool m_checked_witness_commitment
Definition: block.h:76
bool fChecked
Definition: block.h:75
The block chain is a tree shaped structure starting with the genesis block at the root,...
Definition: chain.h:141
std::string ToString() const
Definition: chain.cpp:15
CBlockIndex * pprev
pointer to the index of the predecessor of this block
Definition: chain.h:147
uint64_t m_chain_tx_count
(memory only) Number of transactions in the chain up to and including this block.
Definition: chain.h:176
arith_uint256 nChainWork
(memory only) Total amount of work (expected number of hashes) in the chain up to and including this ...
Definition: chain.h:165
bool HaveNumChainTxs() const
Check whether this block and all previous blocks back to the genesis block or an assumeutxo snapshot ...
Definition: chain.h:259
uint32_t nTime
Definition: chain.h:189
int32_t nSequenceId
(memory only) Sequential id assigned to distinguish order in which blocks are received.
Definition: chain.h:194
uint256 GetBlockHash() const
Definition: chain.h:243
int64_t GetBlockTime() const
Definition: chain.h:266
int64_t GetMedianTimePast() const
Definition: chain.h:278
FlatFilePos GetUndoPos() const EXCLUSIVE_LOCKS_REQUIRED(
Definition: chain.h:219
bool RaiseValidity(enum BlockStatus nUpTo) EXCLUSIVE_LOCKS_REQUIRED(
Raise the validity level of this block index entry.
Definition: chain.h:307
CBlockIndex * pskip
pointer to the index of some further predecessor of this block
Definition: chain.h:150
unsigned int nTx
Number of transactions in this block.
Definition: chain.h:170
bool IsValid(enum BlockStatus nUpTo=BLOCK_VALID_TRANSACTIONS) const EXCLUSIVE_LOCKS_REQUIRED(
Check whether this block index entry is valid up to the passed validity level.
Definition: chain.h:295
int32_t nVersion
block header
Definition: chain.h:187
CBlockIndex * GetAncestor(int height)
Efficiently find an ancestor of this block.
Definition: chain.cpp:120
int nHeight
height of the entry in the chain. The genesis block has height 0
Definition: chain.h:153
const uint256 * phashBlock
pointer to the hash of the block, if any. Memory is owned by this CBlockIndex
Definition: chain.h:144
Undo information for a CBlock.
Definition: undo.h:63
std::vector< CTxUndo > vtxundo
Definition: undo.h:65
An in-memory indexed chain of blocks.
Definition: chain.h:417
CBlockIndex * Tip() const
Returns the index entry for the tip of this chain, or nullptr if none.
Definition: chain.h:433
void SetTip(CBlockIndex &block)
Set/initialize a chain with a given tip.
Definition: chain.cpp:21
CBlockIndex * Genesis() const
Returns the index entry for the genesis block of this chain, or nullptr if none.
Definition: chain.h:427
CBlockIndex * Next(const CBlockIndex *pindex) const
Find the successor of a block in this chain, or nullptr if the given index is not found or is the tip...
Definition: chain.h:453
int Height() const
Return the maximal height in the chain.
Definition: chain.h:462
const CBlockIndex * FindFork(const CBlockIndex *pindex) const
Find the last common block between this chain and a block index entry.
Definition: chain.cpp:60
bool Contains(const CBlockIndex *pindex) const
Efficiently check whether a block is present in this chain.
Definition: chain.h:447
CBlockLocator GetLocator() const
Return a CBlockLocator that refers to the tip in of this chain.
Definition: chain.cpp:55
CChainParams defines various tweakable parameters of a given instance of the Bitcoin system.
Definition: chainparams.h:69
std::vector< int > GetAvailableSnapshotHeights() const
const ChainTxData & TxData() const
Definition: chainparams.h:119
const Consensus::Params & GetConsensus() const
Definition: chainparams.h:81
std::optional< AssumeutxoData > AssumeutxoForHeight(int height) const
Definition: chainparams.h:110
CCoinsView that adds a memory cache for transactions to another CCoinsView.
Definition: coins.h:363
bool SpendCoin(const COutPoint &outpoint, Coin *moveto=nullptr)
Spend a coin.
Definition: coins.cpp:130
void Uncache(const COutPoint &outpoint)
Removes the UTXO with the given outpoint from the cache, if it is not modified.
Definition: coins.cpp:274
void AddCoin(const COutPoint &outpoint, Coin &&coin, bool possible_overwrite)
Add a coin.
Definition: coins.cpp:72
unsigned int GetCacheSize() const
Calculate the size of the cache (in number of transaction outputs)
Definition: coins.cpp:289
uint256 GetBestBlock() const override
Retrieve the block hash whose state this CCoinsView currently represents.
Definition: coins.cpp:173
void SetBestBlock(const uint256 &hashBlock)
Definition: coins.cpp:179
bool HaveCoinInCache(const COutPoint &outpoint) const
Check if we have the given utxo already loaded in this cache.
Definition: coins.cpp:168
bool Flush()
Push the modifications applied to this cache to its base and wipe local state.
Definition: coins.cpp:250
size_t DynamicMemoryUsage() const
Calculate the size of the cache (in bytes)
Definition: coins.cpp:44
bool Sync()
Push the modifications applied to this cache to its base while retaining the contents of this cache (...
Definition: coins.cpp:261
void EmplaceCoinInternalDANGER(COutPoint &&outpoint, Coin &&coin)
Emplace a coin into cacheCoins without performing any checks, marking the emplaced coin as dirty.
Definition: coins.cpp:113
bool HaveCoin(const COutPoint &outpoint) const override
Just check whether a given outpoint is unspent.
Definition: coins.cpp:163
const Coin & AccessCoin(const COutPoint &output) const
Return a reference to Coin in the cache, or coinEmpty if not found.
Definition: coins.cpp:154
CCoinsView backed by the coin database (chainstate/)
Definition: txdb.h:38
void ResizeCache(size_t new_cache_size) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Dynamically alter the underlying leveldb cache size.
Definition: txdb.cpp:54
Abstract view on the open txout dataset.
Definition: coins.h:310
virtual std::optional< Coin > GetCoin(const COutPoint &outpoint) const
Retrieve the Coin (unspent transaction output) for a given outpoint.
Definition: coins.cpp:16
virtual std::vector< uint256 > GetHeadBlocks() const
Retrieve the range of blocks that may have been only partially written.
Definition: coins.cpp:18
CCoinsView that brings transactions from a mempool into view.
Definition: txmempool.h:925
Fee rate in satoshis per kilovirtualbyte: CAmount / kvB.
Definition: feerate.h:33
A hasher class for Bitcoin's 256-bit hash (double SHA-256).
Definition: hash.h:24
void Finalize(std::span< unsigned char > output)
Definition: hash.h:30
CHash256 & Write(std::span< const unsigned char > input)
Definition: hash.h:37
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
uint32_t n
Definition: transaction.h:32
Txid hash
Definition: transaction.h:31
A hasher class for SHA-256.
Definition: sha256.h:14
void Finalize(unsigned char hash[OUTPUT_SIZE])
Definition: sha256.cpp:725
CSHA256 & Write(const unsigned char *data, size_t len)
Definition: sha256.cpp:699
Closure representing one script verification Note that this stores references to the spending transac...
Definition: validation.h:332
SignatureCache * m_signature_cache
Definition: validation.h:340
PrecomputedTransactionData * txdata
Definition: validation.h:339
CTxOut m_tx_out
Definition: validation.h:334
bool cacheStore
Definition: validation.h:338
std::optional< std::pair< ScriptError, std::string > > operator()()
unsigned int nFlags
Definition: validation.h:337
const CTransaction * ptxTo
Definition: validation.h:335
unsigned int nIn
Definition: validation.h:336
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:415
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:296
bool HasWitness() const
Definition: transaction.h:373
const std::vector< CTxOut > vout
Definition: transaction.h:307
const Wtxid & GetWitnessHash() const LIFETIMEBOUND
Definition: transaction.h:344
bool IsCoinBase() const
Definition: transaction.h:356
const Txid & GetHash() const LIFETIMEBOUND
Definition: transaction.h:343
const std::vector< CTxIn > vin
Definition: transaction.h:306
An input of a transaction.
Definition: transaction.h:67
COutPoint prevout
Definition: transaction.h:69
CTxMemPool::txiter TxHandle
Definition: txmempool.h:830
CTxMemPool stores valid-according-to-the-current-best-chain transactions that may be included in the ...
Definition: txmempool.h:304
RecursiveMutex cs
This mutex needs to be locked when accessing mapTx or other members that are guarded by it.
Definition: txmempool.h:390
void check(const CCoinsViewCache &active_coins_tip, int64_t spendheight) const EXCLUSIVE_LOCKS_REQUIRED(void removeRecursive(const CTransaction &tx, MemPoolRemovalReason reason) EXCLUSIVE_LOCKS_REQUIRED(cs)
If sanity-checking is turned on, check makes sure the pool is consistent (does not contain two transa...
Definition: txmempool.h:457
void UpdateTransactionsFromBlock(const std::vector< uint256 > &vHashesToUpdate) EXCLUSIVE_LOCKS_REQUIRED(cs
UpdateTransactionsFromBlock is called when adding transactions from a disconnected block back to the ...
Definition: txmempool.cpp:108
void AddTransactionsUpdated(unsigned int n)
Definition: txmempool.cpp:430
CTransactionRef get(const uint256 &hash) const
Definition: txmempool.cpp:884
size_t DynamicMemoryUsage() const
Definition: txmempool.cpp:1063
const Options m_opts
Definition: txmempool.h:439
void removeForReorg(CChain &chain, std::function< bool(txiter)> filter_final_and_mature) EXCLUSIVE_LOCKS_REQUIRED(cs
After reorg, filter the entries that would no longer be valid in the next block, and update the entri...
Definition: txmempool.cpp:626
std::set< txiter, CompareIteratorByHash > setEntries
Definition: txmempool.h:396
void removeForBlock(const std::vector< CTransactionRef > &vtx, unsigned int nBlockHeight) EXCLUSIVE_LOCKS_REQUIRED(cs)
Called when a block is connected.
Definition: txmempool.cpp:667
indexed_transaction_set::nth_index< 0 >::type::const_iterator txiter
Definition: txmempool.h:393
bool exists(const GenTxid &gtxid) const
Definition: txmempool.h:647
unsigned long size() const
Definition: txmempool.h:629
An output of a transaction.
Definition: transaction.h:150
CScript scriptPubKey
Definition: transaction.h:153
CAmount nValue
Definition: transaction.h:152
Undo information for a CTransaction.
Definition: undo.h:53
std::vector< Coin > vprevout
Definition: undo.h:56
VerifyDBResult VerifyDB(Chainstate &chainstate, const Consensus::Params &consensus_params, CCoinsView &coinsview, int nCheckLevel, int nCheckDepth) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
kernel::Notifications & m_notifications
Definition: validation.h:417
CVerifyDB(kernel::Notifications &notifications)
Chainstate stores and provides an API to update our local knowledge of the current best chain.
Definition: validation.h:506
const CBlockIndex *SnapshotBase() EXCLUSIVE_LOCKS_REQUIRED(std::set< CBlockIndex *, node::CBlockIndexWorkComparator > setBlockIndexCandidates
The base of the snapshot this chainstate was created from.
Definition: validation.h:600
void InitCoinsCache(size_t cache_size_bytes) EXCLUSIVE_LOCKS_REQUIRED(bool CanFlushToDisk() const EXCLUSIVE_LOCKS_REQUIRED(
Initialize the in-memory coins cache (to be done after the health of the on-disk database is verified...
Definition: validation.h:578
Mutex m_chainstate_mutex
The ChainState Mutex A lock that must be held when modifying this ChainState - held in ActivateBestCh...
Definition: validation.h:513
CChain m_chain
The current chain of blockheaders we consult and build on.
Definition: validation.h:586
CTxMemPool * GetMempool()
Definition: validation.h:627
bool RollforwardBlock(const CBlockIndex *pindex, CCoinsViewCache &inputs) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Apply the effects of a block on the utxo cache, ignoring that it may already have been applied.
size_t m_coinstip_cache_size_bytes
The cache size of the in-memory coins view.
Definition: validation.h:650
bool ConnectTip(BlockValidationState &state, CBlockIndex *pindexNew, const std::shared_ptr< const CBlock > &pblock, ConnectTrace &connectTrace, DisconnectedBlockTransactions &disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Connect a new block to m_chain.
void UpdateTip(const CBlockIndex *pindexNew) EXCLUSIVE_LOCKS_REQUIRED(NodeClock::time_poin m_next_write)
Check warning conditions and do some notifications on new chain tip set.
Definition: validation.h:806
CCoinsViewCache & CoinsTip() EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.h:612
bool LoadChainTip() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Update the chain tip based on database information, i.e.
size_t m_coinsdb_cache_size_bytes
The cache size of the on-disk coins view.
Definition: validation.h:647
bool PreciousBlock(BlockValidationState &state, CBlockIndex *pindex) LOCKS_EXCLUDED(bool InvalidateBlock(BlockValidationState &state, CBlockIndex *pindex) LOCKS_EXCLUDED(void SetBlockFailureFlags(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(voi ResetBlockFailureFlags)(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Mark a block as precious and reorganize.
Definition: validation.h:734
void InvalidBlockFound(CBlockIndex *pindex, const BlockValidationState &state) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
void CheckForkWarningConditions() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
void ForceFlushStateToDisk()
Unconditionally flush all changes to disk.
bool LoadGenesisBlock()
Ensures we have a genesis block in the block tree, possibly writing one to disk.
const std::optional< uint256 > m_from_snapshot_blockhash
The blockhash which is the base of the snapshot this chainstate was created from.
Definition: validation.h:593
bool ActivateBestChain(BlockValidationState &state, std::shared_ptr< const CBlock > pblock=nullptr) LOCKS_EXCLUDED(DisconnectResult DisconnectBlock(const CBlock &block, const CBlockIndex *pindex, CCoinsViewCache &view) EXCLUSIVE_LOCKS_REQUIRED(boo ConnectBlock)(const CBlock &block, BlockValidationState &state, CBlockIndex *pindex, CCoinsViewCache &view, bool fJustCheck=false) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Find the best known block, and make it the tip of the block chain.
Definition: validation.h:710
CTxMemPool * m_mempool
Optional mempool that is kept in sync with the chain.
Definition: validation.h:517
CCoinsViewDB & CoinsDB() EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.h:620
bool DisconnectTip(BlockValidationState &state, DisconnectedBlockTransactions *disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Disconnect m_chain's tip.
CBlockIndex * FindMostWorkChain() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Return the tip of the chain with the most work in it, that isn't known to be invalid (it's however fa...
ChainstateRole GetRole() const EXCLUSIVE_LOCKS_REQUIRED(void InitCoinsDB(size_t cache_size_bytes, bool in_memory, bool should_wipe, fs::path leveldb_name="chainstate")
Return the current role of the chainstate.
ChainstateManager & m_chainman
The chainstate manager that owns this chainstate.
Definition: validation.h:546
std::unique_ptr< CoinsViews > m_coins_views
Manages the UTXO set, which is a reflection of the contents of m_chain.
Definition: validation.h:520
bool ReplayBlocks()
Replay blocks that aren't fully applied to the database.
void PruneBlockIndexCandidates()
Delete all entries in setBlockIndexCandidates that are worse than the current tip.
void TryAddBlockIndexCandidate(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
void PruneAndFlush()
Prune blockfiles from the disk if necessary and then flush chainstate changes if we pruned.
bool ResizeCoinsCaches(size_t coinstip_size, size_t coinsdb_size) EXCLUSIVE_LOCKS_REQUIRED(bool FlushStateToDisk(BlockValidationState &state, FlushStateMode mode, int nManualPruneHeight=0)
Resize the CoinsViews caches dynamically and flush state to disk.
node::BlockManager & m_blockman
Reference to a BlockManager instance which itself is shared across all Chainstate instances.
Definition: validation.h:541
void MaybeUpdateMempoolForReorg(DisconnectedBlockTransactions &disconnectpool, bool fAddToMempool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Make mempool consistent after a reorg, by re-adding or recursively erasing disconnected block transac...
Definition: validation.cpp:298
bool ActivateBestChainStep(BlockValidationState &state, CBlockIndex *pindexMostWork, const std::shared_ptr< const CBlock > &pblock, bool &fInvalidFound, ConnectTrace &connectTrace) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Try to make some progress towards making pindexMostWork the active block.
void ClearBlockIndexCandidates() EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex * FindForkInGlobalIndex(const CBlockLocator &locator) const EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Find the last common block of this chain and a locator.
Definition: validation.cpp:121
void InvalidChainFound(CBlockIndex *pindexNew) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Chainstate(CTxMemPool *mempool, node::BlockManager &blockman, ChainstateManager &chainman, std::optional< uint256 > from_snapshot_blockhash=std::nullopt)
bool NeedsRedownload() const EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Whether the chain state needs to be redownloaded due to lack of witness data.
CoinsCacheSizeState GetCoinsCacheSizeState() EXCLUSIVE_LOCKS_REQUIRED(CoinsCacheSizeState GetCoinsCacheSizeState(size_t max_coins_cache_size_bytes, size_t max_mempool_size_bytes) EXCLUSIVE_LOCKS_REQUIRED(std::string ToString() EXCLUSIVE_LOCKS_REQUIRED(RecursiveMutex * MempoolMutex() const LOCK_RETURNED(m_mempool -> cs)
Dictates whether we need to flush the cache to disk or not.
Definition: validation.h:768
Provides an interface for creating and interacting with one or two chainstates: an IBD chainstate gen...
Definition: validation.h:866
util::Result< void > PopulateAndValidateSnapshot(Chainstate &snapshot_chainstate, AutoFile &coins_file, const node::SnapshotMetadata &metadata)
Internal helper for ActivateSnapshot().
const uint256 & AssumedValidBlock() const
Definition: validation.h:978
SnapshotCompletionResult MaybeCompleteSnapshotValidation() EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex *GetSnapshotBaseBlock() const EXCLUSIVE_LOCKS_REQUIRED(Chainstate ActiveChainstate)() const
Once the background validation chainstate has reached the height which is the base of the UTXO snapsh...
Definition: validation.h:1108
ValidationCache m_validation_cache
Definition: validation.h:1007
double GuessVerificationProgress(const CBlockIndex *pindex) const
Guess verification progress (as a fraction between 0.0=genesis and 1.0=current tip).
size_t m_total_coinstip_cache
The total number of bytes available for us to use across all in-memory coins caches.
Definition: validation.h:1065
std::vector< unsigned char > GenerateCoinbaseCommitment(CBlock &block, const CBlockIndex *pindexPrev) const
Produce the necessary coinbase commitment for a block (modifies the hash, don't call for mined blocks...
MempoolAcceptResult ProcessTransaction(const CTransactionRef &tx, bool test_accept=false) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Try to add a transaction to the memory pool.
kernel::Notifications & GetNotifications() const
Definition: validation.h:979
bool IsInitialBlockDownload() const
Check whether we are doing an initial block download (synchronizing from disk or network)
void ReceivedBlockTransactions(const CBlock &block, CBlockIndex *pindexNew, const FlatFilePos &pos) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Mark a block as having its data received and checked (up to BLOCK_VALID_TRANSACTIONS).
bool ShouldCheckBlockIndex() const
RecursiveMutex & GetMutex() const LOCK_RETURNED(
Alias for cs_main.
Definition: validation.h:999
bool IsSnapshotValidated() const EXCLUSIVE_LOCKS_REQUIRED(
Is there a snapshot in use and has it been fully validated?
Definition: validation.h:1141
CBlockIndex * ActiveTip() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1111
bool ProcessNewBlock(const std::shared_ptr< const CBlock > &block, bool force_processing, bool min_pow_checked, bool *new_block) LOCKS_EXCLUDED(cs_main)
Process an incoming block.
bool BackgroundSyncInProgress() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
The state of a background sync (for net processing)
Definition: validation.h:1114
size_t m_total_coinsdb_cache
The total number of bytes available for us to use across all leveldb coins databases.
Definition: validation.h:1069
std::atomic< bool > m_cached_finished_ibd
Whether initial block download has ended and IsInitialBlockDownload should return false from now on.
Definition: validation.h:1016
const util::SignalInterrupt & m_interrupt
Definition: validation.h:1001
void LoadExternalBlockFile(AutoFile &file_in, FlatFilePos *dbp=nullptr, std::multimap< uint256, FlatFilePos > *blocks_with_unknown_parent=nullptr)
Import blocks from an external file.
int ActiveHeight() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1110
VersionBitsCache m_versionbitscache
Track versionbit status.
Definition: validation.h:1132
bool IsSnapshotActive() const
std::function< void()> snapshot_download_completed
Function to restart active indexes; set dynamically to avoid a circular dependency on base/index....
Definition: validation.h:972
const CChainParams & GetParams() const
Definition: validation.h:974
bool ProcessNewBlockHeaders(std::span< const CBlockHeader > headers, bool min_pow_checked, BlockValidationState &state, const CBlockIndex **ppindex=nullptr) LOCKS_EXCLUDED(cs_main)
Process incoming block headers.
const Consensus::Params & GetConsensus() const
Definition: validation.h:975
ChainstateManager(const util::SignalInterrupt &interrupt, Options options, node::BlockManager::Options blockman_options)
const arith_uint256 & MinimumChainWork() const
Definition: validation.h:977
void CheckBlockIndex()
Make various assertions about the state of the block index.
util::Result< CBlockIndex * > ActivateSnapshot(AutoFile &coins_file, const node::SnapshotMetadata &metadata, bool in_memory)
Construct and activate a Chainstate on the basis of UTXO snapshot data.
const Options m_options
Definition: validation.h:1002
bool LoadBlockIndex() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Load the block tree and coins database from disk, initializing state if we're running with -reindex.
std::optional< uint256 > SnapshotBlockhash() const
CChain & ActiveChain() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1109
bool AcceptBlockHeader(const CBlockHeader &block, BlockValidationState &state, CBlockIndex **ppindex, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
If a block header hasn't already been seen, call CheckBlockHeader on it, ensure that it doesn't desce...
void ReportHeadersPresync(const arith_uint256 &work, int64_t height, int64_t timestamp)
This is used by net_processing to report pre-synchronization progress of headers, as headers are not ...
arith_uint256 nLastPreciousChainwork
chainwork for the last block that preciousblock has been applied to.
Definition: validation.h:1027
bool NotifyHeaderTip() LOCKS_EXCLUDED(GetMutex())
Chainstate &InitializeChainstate(CTxMemPool *mempool) EXCLUSIVE_LOCKS_REQUIRED(std::vector< Chainstate * GetAll)()
Instantiate a new chainstate.
Definition: validation.h:1078
void MaybeRebalanceCaches() EXCLUSIVE_LOCKS_REQUIRED(void UpdateUncommittedBlockStructures(CBlock &block, const CBlockIndex *pindexPrev) const
Check to see if caches are out of balance and if so, call ResizeCoinsCaches() as needed.
bool DetectSnapshotChainstate() EXCLUSIVE_LOCKS_REQUIRED(void ResetChainstates() EXCLUSIVE_LOCKS_REQUIRED(bool DeleteSnapshotChainstate() EXCLUSIVE_LOCKS_REQUIRED(Chainstate &ActivateExistingSnapshot(uint256 base_blockhash) EXCLUSIVE_LOCKS_REQUIRED(bool ValidatedSnapshotCleanup() EXCLUSIVE_LOCKS_REQUIRED(Chainstate &GetChainstateForIndexing() EXCLUSIVE_LOCKS_REQUIRED(std::pair< int, int > GetPruneRange(const Chainstate &chainstate, int last_height_can_prune) EXCLUSIVE_LOCKS_REQUIRED(std::optional< int > GetSnapshotBaseHeight() const EXCLUSIVE_LOCKS_REQUIRED(void RecalculateBestHeader() EXCLUSIVE_LOCKS_REQUIRED(CCheckQueue< CScriptCheck > & GetCheckQueue()
When starting up, search the datadir for a chainstate based on a UTXO snapshot that is in the process...
Definition: validation.h:1324
std::set< CBlockIndex * > m_failed_blocks
In order to efficiently track invalidity of headers, we keep the set of blocks which we tried to conn...
Definition: validation.h:1058
bool IsUsable(const Chainstate *const cs) const EXCLUSIVE_LOCKS_REQUIRED(
Return true if a chainstate is considered usable.
Definition: validation.h:943
int32_t nBlockReverseSequenceId
Decreasing counter (used by subsequent preciousblock calls).
Definition: validation.h:1025
node::BlockManager m_blockman
A single BlockManager instance is shared across each constructed chainstate to avoid duplicating bloc...
Definition: validation.h:1005
bool AcceptBlock(const std::shared_ptr< const CBlock > &pblock, BlockValidationState &state, CBlockIndex **ppindex, bool fRequested, const FlatFilePos *dbp, bool *fNewBlock, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Sufficiently validate a block for disk storage (and store on disk).
A UTXO entry.
Definition: coins.h:33
bool IsCoinBase() const
Definition: coins.h:57
CTxOut out
unspent transaction output
Definition: coins.h:36
bool IsSpent() const
Either this coin never existed (see e.g.
Definition: coins.h:81
uint32_t nHeight
at which height this containing transaction was included in the active block chain
Definition: coins.h:42
unsigned int fCoinBase
whether containing transaction was a coinbase
Definition: coins.h:39
CoinsViews(DBParams db_params, CoinsViewOptions options)
This constructor initializes CCoinsViewDB and CCoinsViewErrorCatcher instances, but it does not creat...
Used to track blocks whose transactions were applied to the UTXO state as a part of a single Activate...
std::vector< PerBlockConnectTrace > & GetBlocksConnected()
std::vector< PerBlockConnectTrace > blocksConnected
void BlockConnected(CBlockIndex *pindex, std::shared_ptr< const CBlock > pblock)
std::pair< uint32_t, size_t > setup_bytes(size_t bytes)
setup_bytes is a convenience function which accounts for internal memory usage when deciding how many...
Definition: cuckoocache.h:364
void insert(Element e)
insert loops at most depth_limit times trying to insert a hash at various locations in the table via ...
Definition: cuckoocache.h:397
bool contains(const Element &e, const bool erase) const
contains iterates through the hash locations for a given element and checks to see if it is present.
Definition: cuckoocache.h:474
DisconnectedBlockTransactions.
std::list< CTransactionRef > take()
Clear all data structures and return the list of transactions.
void removeForBlock(const std::vector< CTransactionRef > &vtx)
Remove any entries that are in this block.
std::vector< CTransactionRef > AddTransactionsFromBlock(const std::vector< CTransactionRef > &vtx)
Add transactions from the block, iterating through vtx in reverse order.
Fast randomness source.
Definition: random.h:377
static GenTxid Wtxid(const uint256 &hash)
Definition: transaction.h:435
static GenTxid Txid(const uint256 &hash)
Definition: transaction.h:434
Tp rand_uniform_delay(const Tp &time, typename Tp::duration range) noexcept
Return the time point advanced by a uniform random duration.
Definition: random.h:320
Convenience class for initializing and passing the script execution cache and signature cache.
Definition: validation.h:364
ValidationCache(size_t script_execution_cache_bytes, size_t signature_cache_bytes)
CuckooCache::cache< uint256, SignatureCacheHasher > m_script_execution_cache
Definition: validation.h:370
CSHA256 ScriptExecutionCacheHasher() const
Return a copy of the pre-initialized hasher.
Definition: validation.h:379
CSHA256 m_script_execution_cache_hasher
Pre-initialized hasher to avoid having to recreate it for every hash calculation.
Definition: validation.h:367
SignatureCache m_signature_cache
Definition: validation.h:371
void BlockDisconnected(const std::shared_ptr< const CBlock > &, const CBlockIndex *pindex)
void NewPoWValidBlock(const CBlockIndex *, const std::shared_ptr< const CBlock > &)
void UpdatedBlockTip(const CBlockIndex *, const CBlockIndex *, bool fInitialDownload)
void ChainStateFlushed(ChainstateRole, const CBlockLocator &)
void ActiveTipChange(const CBlockIndex &, bool)
void BlockChecked(const CBlock &, const BlockValidationState &)
void BlockConnected(ChainstateRole, const std::shared_ptr< const CBlock > &, const CBlockIndex *pindex)
bool IsValid() const
Definition: validation.h:105
std::string GetRejectReason() const
Definition: validation.h:109
std::string GetDebugMessage() const
Definition: validation.h:110
bool Error(const std::string &reject_reason)
Definition: validation.h:98
bool Invalid(Result result, const std::string &reject_reason="", const std::string &debug_message="")
Definition: validation.h:88
bool IsError() const
Definition: validation.h:107
Result GetResult() const
Definition: validation.h:108
std::string ToString() const
Definition: validation.h:111
bool IsInvalid() const
Definition: validation.h:106
std::vector< std::pair< int, bool > > CheckUnknownActivations(const CBlockIndex *pindex, const CChainParams &chainparams) EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
Check for unknown activations Returns a vector containing the bit number used for signalling and a bo...
void Clear() EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
256-bit unsigned big integer.
constexpr bool IsNull() const
Definition: uint256.h:48
std::string ToString() const
Definition: uint256.cpp:21
constexpr unsigned char * begin()
Definition: uint256.h:101
double getdouble() const
A base class defining functions for notifying about certain kernel events.
virtual void headerTip(SynchronizationState state, int64_t height, int64_t timestamp, bool presync)
virtual void fatalError(const bilingual_str &message)
The fatal error notification is sent to notify the user when an error occurs in kernel code that can'...
virtual void warningSet(Warning id, const bilingual_str &message)
virtual void progress(const bilingual_str &title, int progress_percent, bool resume_possible)
virtual InterruptResult blockTip(SynchronizationState state, CBlockIndex &index)
virtual void warningUnset(Warning id)
Maintains a tree of blocks (stored in m_block_index) which is consulted to determine where the most-w...
Definition: blockstorage.h:139
const kernel::BlockManagerOpts m_opts
Definition: blockstorage.h:256
RecursiveMutex cs_LastBlockFile
Definition: blockstorage.h:204
bool FlushChainstateBlockFile(int tip_height)
void FindFilesToPrune(std::set< int > &setFilesToPrune, int last_prune, const Chainstate &chain, ChainstateManager &chainman)
Prune block and undo files (blk???.dat and rev???.dat) so that the disk space used is less than a use...
void UpdateBlockInfo(const CBlock &block, unsigned int nHeight, const FlatFilePos &pos)
Update blockfile info while processing a block during reindex.
CBlockIndex * LookupBlockIndex(const uint256 &hash) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
bool ReadBlockUndo(CBlockUndo &blockundo, const CBlockIndex &index) const
std::atomic_bool m_blockfiles_indexed
Whether all blockfiles have been added to the block tree database.
Definition: blockstorage.h:275
std::vector< CBlockIndex * > GetAllBlockIndices() EXCLUSIVE_LOCKS_REQUIRED(std::multimap< CBlockIndex *, CBlockIndex * > m_blocks_unlinked
All pairs A->B, where A (or one of its ancestors) misses transactions, but B has transactions.
Definition: blockstorage.h:293
std::set< CBlockIndex * > m_dirty_blockindex
Dirty block index entries.
Definition: blockstorage.h:241
bool LoadingBlocks() const
Definition: blockstorage.h:355
void UnlinkPrunedFiles(const std::set< int > &setFilesToPrune) const
Actually unlink the specified files.
bool WriteBlockIndexDB() EXCLUSIVE_LOCKS_REQUIRED(bool LoadBlockIndexDB(const std::optional< uint256 > &snapshot_blockhash) EXCLUSIVE_LOCKS_REQUIRED(void ScanAndUnlinkAlreadyPrunedFiles() EXCLUSIVE_LOCKS_REQUIRED(CBlockIndex * AddToBlockIndex(const CBlockHeader &block, CBlockIndex *&best_header) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Remove any pruned block & undo files that are still on disk.
Definition: blockstorage.h:314
bool CheckBlockDataAvailability(const CBlockIndex &upper_block LIFETIMEBOUND, const CBlockIndex &lower_block LIFETIMEBOUND) EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex *GetFirstBlock(const CBlockIndex &upper_block LIFETIMEBOUND, uint32_t status_mask, const CBlockIndex *lower_block=nullptr) const EXCLUSIVE_LOCKS_REQUIRED(boo m_have_pruned)
Check if all blocks in the [upper_block, lower_block] range have data available.
Definition: blockstorage.h:394
bool m_check_for_pruning
Global flag to indicate we should check to see if there are block/undo files that should be deleted.
Definition: blockstorage.h:234
bool IsPruneMode() const
Whether running in -prune mode.
Definition: blockstorage.h:349
void FindFilesToPruneManual(std::set< int > &setFilesToPrune, int nManualPruneHeight, const Chainstate &chain, ChainstateManager &chainman)
bool WriteBlockUndo(const CBlockUndo &blockundo, BlockValidationState &state, CBlockIndex &block) EXCLUSIVE_LOCKS_REQUIRED(FlatFilePos WriteBlock(const CBlock &block, int nHeight)
Store block on disk and update block file statistics.
Definition: blockstorage.h:338
bool ReadBlock(CBlock &block, const FlatFilePos &pos) const
Functions for disk access for blocks.
std::optional< int > m_snapshot_height
The height of the base block of an assumeutxo snapshot, if one is in use.
Definition: blockstorage.h:291
Metadata describing a serialized version of a UTXO set from which an assumeutxo Chainstate can be con...
Definition: utxo_snapshot.h:34
uint256 m_base_blockhash
The hash of the block that reflects the tip of the chain for the UTXO set contained in this snapshot.
Definition: utxo_snapshot.h:41
uint64_t m_coins_count
The number of coins in the UTXO set contained in this snapshot.
Definition: utxo_snapshot.h:46
std::string ToString() const
constexpr const std::byte * begin() const
std::string GetHex() const
256-bit opaque blob.
Definition: uint256.h:196
Helper class that manages an interrupt flag, and allows a thread or signal to interrupt another threa...
std::string FormatFullVersion()
const Coin & AccessByTxid(const CCoinsViewCache &view, const Txid &txid)
Utility function to find any unspent output with a given txid.
Definition: coins.cpp:351
void AddCoins(CCoinsViewCache &cache, const CTransaction &tx, int nHeight, bool check_for_overwrite)
Utility function to add all of a transaction's outputs to a cache.
Definition: coins.cpp:119
static constexpr int NO_WITNESS_COMMITMENT
Index marker for when no witness commitment is present in a coinbase transaction.
Definition: validation.h:15
static constexpr size_t MINIMUM_WITNESS_COMMITMENT
Minimum size of a witness commitment structure.
Definition: validation.h:18
static int64_t GetBlockWeight(const CBlock &block)
Definition: validation.h:136
@ BLOCK_HEADER_LOW_WORK
the block header may be on a too-little-work chain
@ BLOCK_INVALID_HEADER
invalid proof of work or time too old
@ BLOCK_CACHED_INVALID
this block was cached as being invalid and we didn't store the reason why
@ BLOCK_CONSENSUS
invalid by consensus rules (excluding any below reasons)
@ BLOCK_MISSING_PREV
We don't have the previous block the checked one is built on.
@ BLOCK_INVALID_PREV
A block this one builds on is invalid.
@ BLOCK_MUTATED
the block's data didn't match the data committed to by the PoW
@ BLOCK_TIME_FUTURE
block timestamp was > 2 hours in the future (or our clock is bad)
int GetWitnessCommitmentIndex(const CBlock &block)
Compute at which vout of the block's coinbase transaction the witness commitment occurs,...
Definition: validation.h:147
@ TX_MISSING_INPUTS
transaction was missing some of its inputs
@ TX_MEMPOOL_POLICY
violated mempool's fee/size/descendant/RBF/etc limits
@ TX_PREMATURE_SPEND
transaction spends a coinbase too early, or violates locktime/sequence locks
@ TX_INPUTS_NOT_STANDARD
inputs (covered by txid) failed policy rules
@ TX_WITNESS_STRIPPED
Transaction is missing a witness.
@ TX_CONFLICT
Tx already in mempool or conflicts with a tx in the chain (if it conflicts with another tx in mempool...
@ TX_NOT_STANDARD
otherwise didn't meet our local policy rules
@ TX_WITNESS_MUTATED
Transaction might have a witness prior to SegWit activation, or witness may have been malleated (whic...
@ TX_NO_MEMPOOL
this node does not have a mempool so can't validate the transaction
@ TX_CONSENSUS
invalid by consensus rules
@ TX_RECONSIDERABLE
fails some policy, but might be acceptable if submitted in a (different) package
static constexpr unsigned int LOCKTIME_VERIFY_SEQUENCE
Flags for nSequence and nLockTime locks.
Definition: consensus.h:28
static constexpr int64_t MAX_TIMEWARP
Maximum number of seconds that the timestamp of the first block of a difficulty adjustment period is ...
Definition: consensus.h:35
static const unsigned int MAX_BLOCK_WEIGHT
The maximum allowed weight for a block, see BIP 141 (network rule)
Definition: consensus.h:15
static const unsigned int MAX_BLOCK_SERIALIZED_SIZE
The maximum allowed size for a serialized block, in bytes (only for buffer size limits)
Definition: consensus.h:13
static const int64_t MAX_BLOCK_SIGOPS_COST
The maximum allowed number of signature check operations in a block (network rule)
Definition: consensus.h:17
static const int COINBASE_MATURITY
Coinbase transaction outputs can only be spent after this number of new blocks (network rule)
Definition: consensus.h:19
static const int WITNESS_SCALE_FACTOR
Definition: consensus.h:21
RecursiveMutex cs_main
Mutex to guard access to validation specific variables, such as reading or changing the chainstate.
Definition: cs_main.cpp:8
bool DestroyDB(const std::string &path_str)
Definition: dbwrapper.cpp:37
bool DeploymentActiveAfter(const CBlockIndex *pindexPrev, const Consensus::Params &params, Consensus::BuriedDeployment dep, VersionBitsCache &versionbitscache)
Determine if a deployment is active for the next block.
bool DeploymentActiveAt(const CBlockIndex &index, const Consensus::Params &params, Consensus::BuriedDeployment dep, VersionBitsCache &versionbitscache)
Determine if a deployment is active for this block.
static const unsigned int MAX_DISCONNECTED_TX_POOL_BYTES
Maximum bytes for transactions to store for processing during reorg.
bool CheckEphemeralSpends(const Package &package, CFeeRate dust_relay_rate, const CTxMemPool &tx_pool, TxValidationState &out_child_state, Wtxid &out_child_wtxid)
Must be called for each transaction(package) if any dust is in the package.
bool PreCheckEphemeralTx(const CTransaction &tx, CFeeRate dust_relay_rate, CAmount base_fee, CAmount mod_fee, TxValidationState &state)
These utility functions ensure that ephemeral dust is safely created and spent without unduly risking...
volatile double sum
Definition: examples.cpp:10
static bool exists(const path &p)
Definition: fs.h:89
static std::string PathToString(const path &path)
Convert path object to a byte string.
Definition: fs.h:151
bool CheckDiskSpace(const fs::path &dir, uint64_t additional_bytes)
Definition: fs_helpers.cpp:93
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
@ SCRIPT_VERIFY_NULLDUMMY
Definition: interpreter.h:64
@ SCRIPT_VERIFY_P2SH
Definition: interpreter.h:49
@ SCRIPT_VERIFY_WITNESS
Definition: interpreter.h:108
@ SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY
Definition: interpreter.h:99
@ SCRIPT_VERIFY_TAPROOT
Definition: interpreter.h:134
@ SCRIPT_VERIFY_DERSIG
Definition: interpreter.h:57
@ SCRIPT_VERIFY_CLEANSTACK
Definition: interpreter.h:94
@ SCRIPT_VERIFY_CHECKSEQUENCEVERIFY
Definition: interpreter.h:104
ChainstateRole
This enum describes the various roles a specific Chainstate instance can take.
Definition: chain.h:25
#define LogPrintLevel(category, level,...)
Definition: logging.h:272
#define LogWarning(...)
Definition: logging.h:262
#define LogInfo(...)
Definition: logging.h:261
#define LogError(...)
Definition: logging.h:263
#define LogDebug(category,...)
Definition: logging.h:280
#define LogPrintf(...)
Definition: logging.h:266
unsigned int nHeight
LockPoints lp
@ REORG
Removed for reorganization.
uint256 BlockMerkleRoot(const CBlock &block, bool *mutated)
Definition: merkle.cpp:66
uint256 BlockWitnessMerkleRoot(const CBlock &block, bool *mutated)
Definition: merkle.cpp:76
std::array< uint8_t, 4 > MessageStartChars
unsigned int nonce
Definition: miner_tests.cpp:74
@ REINDEX
Definition: logging.h:54
@ TXPACKAGES
Definition: logging.h:73
@ ALL
Definition: logging.h:74
@ VALIDATION
Definition: logging.h:64
@ PRUNE
Definition: logging.h:57
@ MEMPOOL
Definition: logging.h:45
@ BENCH
Definition: logging.h:47
bool CheckTxInputs(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &inputs, int nSpendHeight, CAmount &txfee)
Check whether all inputs of this transaction are valid (no double spends and amounts) This does not m...
Definition: tx_verify.cpp:164
@ DEPLOYMENT_DERSIG
Definition: params.h:27
@ DEPLOYMENT_CSV
Definition: params.h:28
@ DEPLOYMENT_SEGWIT
Definition: params.h:29
@ DEPLOYMENT_HEIGHTINCB
Definition: params.h:25
@ DEPLOYMENT_CLTV
Definition: params.h:26
std::function< FILE *(const fs::path &, const char *)> FopenFn
Definition: fs.h:209
bool IsInterrupted(const T &result)
static bool ComputeUTXOStats(CCoinsView *view, CCoinsStats &stats, T hash_obj, const std::function< void()> &interruption_point)
Calculate statistics about the unspent transaction output set.
Definition: coinstats.cpp:116
CoinStatsHashType
Definition: coinstats.h:26
const fs::path SNAPSHOT_BLOCKHASH_FILENAME
The file in the snapshot chainstate dir which stores the base blockhash.
bool WriteSnapshotBaseBlockhash(Chainstate &snapshot_chainstate)
bool WriteSnapshotBaseBlockhash(Chainstate &snapshot_chainstate) EXCLUSIVE_LOCKS_REQUIRED(std::optional< uint256 > ReadSnapshotBaseBlockhash(fs::path chaindir) EXCLUSIVE_LOCKS_REQUIRED(constexpr std::string_view SNAPSHOT_CHAINSTATE_SUFFIX
Write out the blockhash of the snapshot base block that was used to construct this chainstate.
std::unordered_map< uint256, CBlockIndex, BlockHasher > BlockMap
Definition: blockstorage.h:87
std::optional< uint256 > ReadSnapshotBaseBlockhash(fs::path chaindir)
std::optional< fs::path > FindSnapshotChainstateDir(const fs::path &data_dir)
Return a path to the snapshot-based chainstate dir, if one exists.
bilingual_str ErrorString(const Result< T > &result)
Definition: result.h:93
std::string ToString(const T &t)
Locale-independent version of std::to_string.
Definition: string.h:233
auto Join(const C &container, const S &separator, UnaryOp unary_op)
Join all container items.
Definition: string.h:192
static feebumper::Result CheckFeeRate(const CWallet &wallet, const CMutableTransaction &mtx, const CFeeRate &newFeerate, const int64_t maxTxSize, CAmount old_fee, std::vector< bilingual_str > &errors)
Check if the user provided a valid feeRate.
Definition: feebumper.cpp:62
std::shared_ptr< Chain::Notifications > m_notifications
Definition: interfaces.cpp:482
bool IsChildWithParents(const Package &package)
Context-free check that a package is exactly one child and its parents; not all parents need to be pr...
Definition: packages.cpp:119
bool IsWellFormedPackage(const Package &txns, PackageValidationState &state, bool require_sorted)
Context-free package policy checks:
Definition: packages.cpp:79
uint256 GetPackageHash(const std::vector< CTransactionRef > &transactions)
Get the hash of the concatenated wtxids of transactions, with wtxids treated as a little-endian numbe...
Definition: packages.cpp:151
std::vector< CTransactionRef > Package
A package is an ordered list of transactions.
Definition: packages.h:50
@ PCKG_POLICY
The package itself is invalid (e.g. too many transactions).
@ PCKG_MEMPOOL_ERROR
Mempool logic error.
@ PCKG_TX
At least one tx is invalid.
std::optional< std::string > HasNoNewUnconfirmed(const CTransaction &tx, const CTxMemPool &pool, const CTxMemPool::setEntries &iters_conflicting)
The replacement transaction may only include an unconfirmed input if that input was included in one o...
Definition: rbf.cpp:87
std::optional< std::pair< DiagramCheckError, std::string > > ImprovesFeerateDiagram(CTxMemPool::ChangeSet &changeset)
The replacement transaction must improve the feerate diagram of the mempool.
Definition: rbf.cpp:187
std::optional< std::string > PaysForRBF(CAmount original_fees, CAmount replacement_fees, size_t replacement_vsize, CFeeRate relay_fee, const uint256 &txid)
The replacement transaction must pay more fees than the original transactions.
Definition: rbf.cpp:160
std::optional< std::string > EntriesAndTxidsDisjoint(const CTxMemPool::setEntries &ancestors, const std::set< Txid > &direct_conflicts, const uint256 &txid)
Check the intersection between two sets of transactions (a set of mempool entries and a set of txids)...
Definition: rbf.cpp:119
std::optional< std::string > PaysMoreThanConflicts(const CTxMemPool::setEntries &iters_conflicting, CFeeRate replacement_feerate, const uint256 &txid)
Check that the feerate of the replacement transaction(s) is higher than the feerate of each of the tr...
Definition: rbf.cpp:134
std::optional< std::string > GetEntriesForConflicts(const CTransaction &tx, CTxMemPool &pool, const CTxMemPool::setEntries &iters_conflicting, CTxMemPool::setEntries &all_conflicts)
Get all descendants of iters_conflicting.
Definition: rbf.cpp:59
bool AreInputsStandard(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check transaction inputs.
Definition: policy.cpp:187
bool IsWitnessStandard(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check if the transaction is over standard P2WSH resources limit: 3600bytes witnessScript size,...
Definition: policy.cpp:221
bool IsStandardTx(const CTransaction &tx, const std::optional< unsigned > &max_datacarrier_bytes, bool permit_bare_multisig, const CFeeRate &dust_relay_fee, std::string &reason)
Check for standard transaction types.
Definition: policy.cpp:103
static constexpr unsigned int EXTRA_DESCENDANT_TX_SIZE_LIMIT
An extra transaction can be added to a package, as long as it only has one ancestor and is no larger ...
Definition: policy.h:85
static constexpr unsigned int STANDARD_LOCKTIME_VERIFY_FLAGS
Used as the flags parameter to sequence and nLocktime checks in non-consensus code.
Definition: policy.h:133
static constexpr unsigned int MAX_STANDARD_TX_SIGOPS_COST
The maximum number of sigops we're willing to relay/mine in a single tx.
Definition: policy.h:40
static constexpr unsigned int MIN_STANDARD_TX_NONWITNESS_SIZE
The minimum non-witness size for transactions we're willing to relay/mine: one larger than 64
Definition: policy.h:36
static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS
Standard script verification flags that standard transactions will comply with.
Definition: policy.h:114
static constexpr unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS
For convenience, standard but not mandatory verify flags.
Definition: policy.h:130
unsigned int GetNextWorkRequired(const CBlockIndex *pindexLast, const CBlockHeader *pblock, const Consensus::Params &params)
Definition: pow.cpp:14
bool CheckProofOfWork(uint256 hash, unsigned int nBits, const Consensus::Params &params)
Check whether a block hash satisfies the proof-of-work requirement specified by nBits.
Definition: pow.cpp:140
static constexpr TransactionSerParams TX_NO_WITNESS
Definition: transaction.h:196
static constexpr TransactionSerParams TX_WITH_WITNESS
Definition: transaction.h:195
static CTransactionRef MakeTransactionRef(Tx &&txIn)
Definition: transaction.h:424
std::shared_ptr< const CTransaction > CTransactionRef
Definition: transaction.h:423
uint256 GetRandHash() noexcept
Generate a random uint256.
Definition: random.h:454
const char * prefix
Definition: rest.cpp:1009
@ OP_RETURN
Definition: script.h:111
std::string ScriptErrorString(const ScriptError serror)
enum ScriptError_t ScriptError
@ SCRIPT_ERR_UNKNOWN_ERROR
Definition: script_error.h:14
size_t GetSerializeSize(const T &t)
Definition: serialize.h:1105
uint64_t ReadCompactSize(Stream &is, bool range_check=true)
Decode a CompactSize-encoded variable-length integer.
Definition: serialize.h:341
bool CheckSignetBlockSolution(const CBlock &block, const Consensus::Params &consensusParams)
Extract signature and check whether a block has a valid solution.
Definition: signet.cpp:125
unsigned char * UCharCast(char *c)
Definition: span.h:95
Holds configuration for use during UTXO snapshot load and validation.
Definition: chainparams.h:35
AssumeutxoHash hash_serialized
The expected hash of the deserialized UTXO set.
Definition: chainparams.h:39
uint64_t m_chain_tx_count
Used to populate the m_chain_tx_count value, which is used during BlockManager::LoadBlockIndex().
Definition: chainparams.h:45
Describes a place in the block chain to another node such that if the other node doesn't have the sam...
Definition: block.h:124
std::vector< uint256 > vHave
Definition: block.h:134
A mutable version of CTransaction.
Definition: transaction.h:378
std::vector< CTxOut > vout
Definition: transaction.h:380
std::vector< CTxIn > vin
Definition: transaction.h:379
Holds various statistics on transactions within a chain.
Definition: chainparams.h:58
User-controlled performance and debug options.
Definition: txdb.h:28
Parameters that influence chain consensus.
Definition: params.h:83
bool enforce_BIP94
Enforce BIP94 timewarp attack mitigation.
Definition: params.h:117
std::map< uint256, uint32_t > script_flag_exceptions
Hashes of blocks that.
Definition: params.h:92
int64_t DifficultyAdjustmentInterval() const
Definition: params.h:125
bool signet_blocks
If true, witness commitments contain a payload equal to a Bitcoin Script solution to the signet chall...
Definition: params.h:135
int nSubsidyHalvingInterval
Definition: params.h:85
std::chrono::seconds PowTargetSpacing() const
Definition: params.h:121
Application-specific storage settings.
Definition: dbwrapper.h:34
fs::path path
Location in the filesystem where leveldb data will be stored.
Definition: dbwrapper.h:36
Data structure storing a fee and size, ordered by increasing fee/size.
Definition: feefrac.h:39
int nFile
Definition: flatfile.h:16
unsigned int nPos
Definition: flatfile.h:17
bool IsNull() const
Definition: flatfile.h:36
int64_t time
Definition: mempool_entry.h:31
Validation result for a transaction evaluated by MemPoolAccept (single or package).
Definition: validation.h:124
const ResultType m_result_type
Result type.
Definition: validation.h:133
const TxValidationState m_state
Contains information about why the transaction failed.
Definition: validation.h:136
@ INVALID
‍Fully validated, valid.
static MempoolAcceptResult Failure(TxValidationState state)
Definition: validation.h:160
static MempoolAcceptResult FeeFailure(TxValidationState state, CFeeRate effective_feerate, const std::vector< Wtxid > &wtxids_fee_calculations)
Definition: validation.h:164
static MempoolAcceptResult MempoolTxDifferentWitness(const Wtxid &other_wtxid)
Definition: validation.h:183
static MempoolAcceptResult MempoolTx(int64_t vsize, CAmount fees)
Definition: validation.h:179
static MempoolAcceptResult Success(std::list< CTransactionRef > &&replaced_txns, int64_t vsize, CAmount fees, CFeeRate effective_feerate, const std::vector< Wtxid > &wtxids_fee_calculations)
Definition: validation.h:170
static time_point now() noexcept
Return current system time or mocked time, if set.
Definition: time.cpp:52
static time_point now() noexcept
Return current system time or mocked time, if set.
Definition: time.cpp:26
Validation result for package mempool acceptance.
Definition: validation.h:230
std::shared_ptr< const CBlock > pblock
PerBlockConnectTrace()=default
CBlockIndex * pindex
void Init(const T &tx, std::vector< CTxOut > &&spent_outputs, bool force=false)
Initialize this PrecomputedTransactionData with transaction data.
bool m_spent_outputs_ready
Whether m_spent_outputs is initialized.
Definition: interpreter.h:172
std::vector< CTxOut > m_spent_outputs
Definition: interpreter.h:170
const char * what() const noexcept override
Bilingual messages:
Definition: translation.h:24
std::string original
Definition: translation.h:25
An options struct for BlockManager, more ergonomically referred to as BlockManager::Options due to th...
An options struct for ChainstateManager, more ergonomically referred to as ChainstateManager::Options...
std::optional< int32_t > check_block_index
std::chrono::seconds max_tip_age
If the tip is older than this, the node is considered to be in initial block download.
Options struct containing limit options for a CTxMemPool.
int64_t descendant_count
The maximum allowed number of transactions in a package including the entry and its descendants.
int64_t descendant_size_vbytes
The maximum allowed size in virtual bytes of an entry and its descendants within a package.
int64_t ancestor_count
The maximum allowed number of transactions in a package including the entry and its ancestors.
int64_t ancestor_size_vbytes
The maximum allowed size in virtual bytes of an entry and its ancestors within a package.
#define AssertLockNotHeld(cs)
Definition: sync.h:147
#define LOCK(cs)
Definition: sync.h:257
#define WITH_LOCK(cs, code)
Run code while locking a mutex.
Definition: sync.h:302
#define EXCLUSIVE_LOCKS_REQUIRED(...)
Definition: threadsafety.h:49
#define LOCKS_EXCLUDED(...)
Definition: threadsafety.h:48
#define LOG_TIME_MILLIS_WITH_CATEGORY(end_msg, log_category)
Definition: timer.h:103
#define LOG_TIME_MILLIS_WITH_CATEGORY_MSG_ONCE(end_msg, log_category)
Definition: timer.h:105
#define strprintf
Format arguments and return the string or write to given std::ostream (see tinyformat::format doc for...
Definition: tinyformat.h:1172
#define TRACEPOINT(context,...)
Definition: trace.h:49
consteval auto _(util::TranslatedLiteral str)
Definition: translation.h:79
bilingual_str Untranslated(std::string original)
Mark a bilingual_str as untranslated.
Definition: translation.h:82
std::optional< std::string > PackageTRUCChecks(const CTransactionRef &ptx, int64_t vsize, const Package &package, const CTxMemPool::setEntries &mempool_ancestors)
Must be called for every transaction that is submitted within a package, even if not TRUC.
Definition: truc_policy.cpp:58
std::optional< std::pair< std::string, CTransactionRef > > SingleTRUCChecks(const CTransactionRef &ptx, const CTxMemPool::setEntries &mempool_ancestors, const std::set< Txid > &direct_conflicts, int64_t vsize)
Must be called for every transaction, even if not TRUC.
static constexpr decltype(CTransaction::version) TRUC_VERSION
Definition: truc_policy.h:20
bool CheckTransaction(const CTransaction &tx, TxValidationState &state)
Definition: tx_check.cpp:11
bool EvaluateSequenceLocks(const CBlockIndex &block, std::pair< int, int64_t > lockPair)
Definition: tx_verify.cpp:97
std::pair< int, int64_t > CalculateSequenceLocks(const CTransaction &tx, int flags, std::vector< int > &prevHeights, const CBlockIndex &block)
Calculates the block height and previous block's median time past at which the transaction will be co...
Definition: tx_verify.cpp:39
int64_t GetTransactionSigOpCost(const CTransaction &tx, const CCoinsViewCache &inputs, uint32_t flags)
Compute total signature operation cost of a transaction.
Definition: tx_verify.cpp:143
unsigned int GetLegacySigOpCount(const CTransaction &tx)
Auxiliary functions for transaction validation (ideally should not be exposed)
Definition: tx_verify.cpp:112
bool SequenceLocks(const CTransaction &tx, int flags, std::vector< int > &prevHeights, const CBlockIndex &block)
Check if transaction is final per BIP 68 sequence numbers and can be included in a block.
Definition: tx_verify.cpp:107
bool IsFinalTx(const CTransaction &tx, int nBlockHeight, int64_t nBlockTime)
Check if transaction is final and can be included in a block with the specified height and time.
Definition: tx_verify.cpp:17
bool TestLockPointValidity(CChain &active_chain, const LockPoints &lp)
Test whether the LockPoints height and time are still valid on the current chain.
Definition: txmempool.cpp:40
static const uint32_t MEMPOOL_HEIGHT
Fake height value used in Coin to signify they are only in the memory pool (since 0....
Definition: txmempool.h:49
#define expect(bit)
int64_t GetTime()
DEPRECATED Use either ClockType::now() or Now<TimePointType>() if a cast is needed.
Definition: time.cpp:76
std::string FormatISO8601DateTime(int64_t nTime)
ISO 8601 formatting is preferred.
Definition: time.cpp:78
constexpr int64_t count_seconds(std::chrono::seconds t)
Definition: time.h:82
std::chrono::time_point< NodeClock, std::chrono::seconds > NodeSeconds
Definition: time.h:25
PackageMempoolAcceptResult ProcessNewPackage(Chainstate &active_chainstate, CTxMemPool &pool, const Package &package, bool test_accept, const std::optional< CFeeRate > &client_maxfeerate)
Validate (and maybe submit) a package to the mempool.
bool CheckInputScripts(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &inputs, unsigned int flags, bool cacheSigStore, bool cacheFullScriptStore, PrecomputedTransactionData &txdata, ValidationCache &validation_cache, std::vector< CScriptCheck > *pvChecks=nullptr) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Check whether all of this transaction's input scripts succeed.
static void LimitMempoolSize(CTxMemPool &pool, CCoinsViewCache &coins_cache) EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.cpp:268
bool IsBlockMutated(const CBlock &block, bool check_witness_root)
Check if a block has been mutated (with respect to its merkle root and witness commitments).
static unsigned int GetBlockScriptFlags(const CBlockIndex &block_index, const ChainstateManager &chainman)
std::optional< LockPoints > CalculateLockPointsAtTip(CBlockIndex *tip, const CCoinsView &coins_view, const CTransaction &tx)
Definition: validation.cpp:202
static bool pool cs
Definition: validation.cpp:404
static constexpr size_t WARN_FLUSH_COINS_SIZE
Size threshold for warning about slow UTXO set flush to disk.
Definition: validation.cpp:92
bool CheckFinalTxAtTip(const CBlockIndex &active_chain_tip, const CTransaction &tx)
Definition: validation.cpp:148
CAmount GetBlockSubsidy(int nHeight, const Consensus::Params &consensusParams)
MempoolAcceptResult AcceptToMemoryPool(Chainstate &active_chainstate, const CTransactionRef &tx, int64_t accept_time, bool bypass_limits, bool test_accept)
Try to add a transaction to the mempool.
int ApplyTxInUndo(Coin &&undo, CCoinsViewCache &view, const COutPoint &out)
Restore the UTXO in a Coin at a given COutPoint.
static bool ContextualCheckBlock(const CBlock &block, BlockValidationState &state, const ChainstateManager &chainman, const CBlockIndex *pindexPrev)
NOTE: This function is not currently invoked by ConnectBlock(), so we should consider upgrade issues ...
bool FatalError(Notifications &notifications, BlockValidationState &state, const bilingual_str &message)
bool CheckSequenceLocksAtTip(CBlockIndex *tip, const LockPoints &lock_points)
Check if transaction will be BIP68 final in the next block to be created on top of tip.
Definition: validation.cpp:247
static bool CheckInputsFromMempoolAndCache(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &view, const CTxMemPool &pool, unsigned int flags, PrecomputedTransactionData &txdata, CCoinsViewCache &coins_tip, ValidationCache &validation_cache) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Checks to avoid mempool polluting consensus critical paths since cached signature and script validity...
static void UpdateTipLog(const ChainstateManager &chainman, const CCoinsViewCache &coins_tip, const CBlockIndex *tip, const std::string &func_name, const std::string &prefix, const std::string &warning_messages) EXCLUSIVE_LOCKS_REQUIRED(
bool HasValidProofOfWork(const std::vector< CBlockHeader > &headers, const Consensus::Params &consensusParams)
Check with the proof of work on each blockheader matches the value in nBits.
static ChainstateManager::Options && Flatten(ChainstateManager::Options &&opts)
Apply default chain params to nullopt members.
static constexpr auto DATABASE_WRITE_INTERVAL_MAX
Definition: validation.cpp:98
static bool CheckWitnessMalleation(const CBlock &block, bool expect_witness_commitment, BlockValidationState &state)
CheckWitnessMalleation performs checks for block malleation with regard to its witnesses.
void UpdateCoins(const CTransaction &tx, CCoinsViewCache &inputs, CTxUndo &txundo, int nHeight)
static bool DeleteCoinsDBFromDisk(const fs::path db_path, bool is_snapshot) EXCLUSIVE_LOCKS_REQUIRED(
static bool CheckMerkleRoot(const CBlock &block, BlockValidationState &state)
static constexpr int PRUNE_LOCK_BUFFER
The number of blocks to keep below the deepest prune lock.
Definition: validation.cpp:114
arith_uint256 CalculateClaimedHeadersWork(std::span< const CBlockHeader > headers)
Return the sum of the claimed work on a given set of headers.
bool IsBIP30Unspendable(const CBlockIndex &block_index)
Identifies blocks which coinbase output was subsequently overwritten in the UTXO set (see BIP30)
const std::vector< std::string > CHECKLEVEL_DOC
Documentation for argument 'checklevel'.
Definition: validation.cpp:101
bool CheckBlock(const CBlock &block, BlockValidationState &state, const Consensus::Params &consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
Functions for validating blocks and updating the block tree.
static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE
Maximum age of our tip for us to be considered current for fee estimation.
Definition: validation.cpp:100
void PruneBlockFilesManual(Chainstate &active_chainstate, int nManualPruneHeight)
Prune block files up to a given height.
static void FlushSnapshotToDisk(CCoinsViewCache &coins_cache, bool snapshot_loaded)
bool TestBlockValidity(BlockValidationState &state, const CChainParams &chainparams, Chainstate &chainstate, const CBlock &block, CBlockIndex *pindexPrev, bool fCheckPOW, bool fCheckMerkleRoot)
Check a block is completely valid from start to finish (only works on top of our current best block)
static bool IsCurrentForFeeEstimation(Chainstate &active_chainstate) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Definition: validation.cpp:284
static constexpr auto DATABASE_WRITE_INTERVAL_MIN
Time window to wait between writing blocks/block index and chainstate to disk.
Definition: validation.cpp:97
AssertLockHeld(pool.cs)
static bool CheckBlockHeader(const CBlockHeader &block, BlockValidationState &state, const Consensus::Params &consensusParams, bool fCheckPOW=true)
bool IsBIP30Repeat(const CBlockIndex &block_index)
Identifies blocks that overwrote an existing coinbase output in the UTXO set (see BIP30)
static void SnapshotUTXOHashBreakpoint(const util::SignalInterrupt &interrupt)
static fs::path GetSnapshotCoinsDBPath(Chainstate &cs) EXCLUSIVE_LOCKS_REQUIRED(
static SynchronizationState GetSynchronizationState(bool init, bool blockfiles_indexed)
static bool ContextualCheckBlockHeader(const CBlockHeader &block, BlockValidationState &state, BlockManager &blockman, const ChainstateManager &chainman, const CBlockIndex *pindexPrev) EXCLUSIVE_LOCKS_REQUIRED(
Context-dependent validity checks.
TRACEPOINT_SEMAPHORE(validation, block_connected)
static void LimitValidationInterfaceQueue(ValidationSignals &signals) LOCKS_EXCLUDED(cs_main)
assert(!tx.IsCoinBase())
static constexpr int MAX_SCRIPTCHECK_THREADS
Maximum number of dedicated script-checking threads allowed.
Definition: validation.h:83
static const unsigned int MIN_BLOCKS_TO_KEEP
Block files containing a block-height within MIN_BLOCKS_TO_KEEP of ActiveChain().Tip() will not be pr...
Definition: validation.h:69
SnapshotCompletionResult
Definition: validation.h:817
SynchronizationState
Current sync state passed to tip changed callbacks.
Definition: validation.h:86
VerifyDBResult
Definition: validation.h:405
CoinsCacheSizeState
Definition: validation.h:483
@ LARGE
The cache is at >= 90% capacity.
@ CRITICAL
The coins cache is in immediate need of a flush.
FlushStateMode
Definition: validation.h:440
DisconnectResult
Definition: validation.h:431
@ DISCONNECT_FAILED
Definition: validation.h:434
@ DISCONNECT_UNCLEAN
Definition: validation.h:433
@ DISCONNECT_OK
Definition: validation.h:432