Bitcoin Core 31.99.0
P2P Digital Currency
validation.cpp
Go to the documentation of this file.
1// Copyright (c) 2009-2010 Satoshi Nakamoto
2// Copyright (c) 2009-present The Bitcoin Core developers
3// Distributed under the MIT software license, see the accompanying
4// file COPYING or http://www.opensource.org/licenses/mit-license.php.
5
6#include <bitcoin-build-config.h> // IWYU pragma: keep
7
8#include <validation.h>
9
10#include <arith_uint256.h>
11#include <chain.h>
12#include <checkqueue.h>
13#include <clientversion.h>
14#include <consensus/amount.h>
15#include <consensus/consensus.h>
16#include <consensus/merkle.h>
17#include <consensus/tx_check.h>
18#include <consensus/tx_verify.h>
20#include <cuckoocache.h>
21#include <flatfile.h>
22#include <hash.h>
23#include <kernel/chainparams.h>
24#include <kernel/coinstats.h>
29#include <kernel/types.h>
30#include <kernel/warning.h>
31#include <logging/timer.h>
32#include <node/blockstorage.h>
33#include <node/utxo_snapshot.h>
35#include <policy/policy.h>
36#include <policy/rbf.h>
37#include <policy/settings.h>
38#include <policy/truc_policy.h>
39#include <pow.h>
40#include <primitives/block.h>
42#include <random.h>
43#include <script/script.h>
44#include <script/sigcache.h>
45#include <signet.h>
46#include <tinyformat.h>
47#include <txdb.h>
48#include <txmempool.h>
49#include <uint256.h>
50#include <undo.h>
51#include <util/byte_units.h>
52#include <util/check.h>
53#include <util/fs.h>
54#include <util/fs_helpers.h>
55#include <util/hasher.h>
56#include <util/log.h>
57#include <util/moneystr.h>
58#include <util/rbf.h>
59#include <util/result.h>
61#include <util/strencodings.h>
62#include <util/string.h>
63#include <util/time.h>
64#include <util/trace.h>
65#include <util/translation.h>
66#include <validationinterface.h>
67
68#include <algorithm>
69#include <cassert>
70#include <chrono>
71#include <deque>
72#include <numeric>
73#include <optional>
74#include <ranges>
75#include <span>
76#include <string>
77#include <tuple>
78#include <utility>
79
85
88using node::BlockMap;
92
97static constexpr auto DATABASE_WRITE_INTERVAL_MIN{50min};
98static constexpr auto DATABASE_WRITE_INTERVAL_MAX{70min};
100static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE{3};
101const std::vector<std::string> CHECKLEVEL_DOC {
102 "level 0 reads the blocks from disk",
103 "level 1 verifies block validity",
104 "level 2 verifies undo data",
105 "level 3 checks disconnection of tip blocks",
106 "level 4 tries to reconnect the blocks",
107 "each level includes the checks of the previous levels",
108};
114static constexpr int PRUNE_LOCK_BUFFER{10};
115
116// Return whether the completed full flush should compact chainstate
117static bool ShouldCompactChainstate(bool in_ibd)
118{
119 static constexpr uint32_t flush_ratio{320}; // Roughly every 2 weeks with hourly flushes
120 return !in_ibd && FastRandomContext().randrange(flush_ratio) == 0;
121}
122
123TRACEPOINT_SEMAPHORE(validation, block_connected);
124TRACEPOINT_SEMAPHORE(utxocache, flush);
125TRACEPOINT_SEMAPHORE(mempool, replaced);
126TRACEPOINT_SEMAPHORE(mempool, rejected);
127
129{
131
132 // Find the latest block common to locator and chain - we expect that
133 // locator.vHave is sorted descending by height.
134 for (const uint256& hash : locator.vHave) {
135 const CBlockIndex* pindex{m_blockman.LookupBlockIndex(hash)};
136 if (pindex) {
137 if (m_chain.Contains(*pindex)) {
138 return pindex;
139 }
140 if (pindex->GetAncestor(m_chain.Height()) == m_chain.Tip()) {
141 return m_chain.Tip();
142 }
143 }
144 }
145 return m_chain.Genesis();
146}
147
149 const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
150 bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
151 ValidationCache& validation_cache,
152 std::vector<CScriptCheck>* pvChecks = nullptr)
154
155bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx)
156{
158
159 // CheckFinalTxAtTip() uses active_chain_tip.Height()+1 to evaluate
160 // nLockTime because when IsFinalTx() is called within
161 // AcceptBlock(), the height of the block *being*
162 // evaluated is what is used. Thus if we want to know if a
163 // transaction can be part of the *next* block, we need to call
164 // IsFinalTx() with one more than active_chain_tip.Height().
165 const int nBlockHeight = active_chain_tip.nHeight + 1;
166
167 // BIP113 requires that time-locked transactions have nLockTime set to
168 // less than the median time of the previous block they're contained in.
169 // When the next block is created its previous block will be the current
170 // chain tip, so we use that to calculate the median time passed to
171 // IsFinalTx().
172 const int64_t nBlockTime{active_chain_tip.GetMedianTimePast()};
173
174 return IsFinalTx(tx, nBlockHeight, nBlockTime);
175}
176
177namespace {
188std::optional<std::vector<int>> CalculatePrevHeights(
189 const CBlockIndex& tip,
190 const CCoinsView& coins,
191 const CTransaction& tx)
192{
193 std::vector<int> prev_heights;
194 prev_heights.resize(tx.vin.size());
195 for (size_t i = 0; i < tx.vin.size(); ++i) {
196 if (auto coin{coins.GetCoin(tx.vin[i].prevout)}) {
197 prev_heights[i] = coin->nHeight == MEMPOOL_HEIGHT
198 ? tip.nHeight + 1 // Assume all mempool transaction confirm in the next block.
199 : coin->nHeight;
200 } else {
201 LogInfo("ERROR: %s: Missing input %d in transaction \'%s\'\n", __func__, i, tx.GetHash().GetHex());
202 return std::nullopt;
203 }
204 }
205 return prev_heights;
206}
207} // namespace
208
209std::optional<LockPoints> CalculateLockPointsAtTip(
210 CBlockIndex* tip,
211 const CCoinsView& coins_view,
212 const CTransaction& tx)
213{
214 assert(tip);
215
216 auto prev_heights{CalculatePrevHeights(*tip, coins_view, tx)};
217 if (!prev_heights.has_value()) return std::nullopt;
218
219 CBlockIndex next_tip;
220 next_tip.pprev = tip;
221 // When SequenceLocks() is called within ConnectBlock(), the height
222 // of the block *being* evaluated is what is used.
223 // Thus if we want to know if a transaction can be part of the
224 // *next* block, we need to use one more than active_chainstate.m_chain.Height()
225 next_tip.nHeight = tip->nHeight + 1;
226 const auto [min_height, min_time] = CalculateSequenceLocks(tx, STANDARD_LOCKTIME_VERIFY_FLAGS, prev_heights.value(), next_tip);
227
228 // Also store the hash of the block with the highest height of
229 // all the blocks which have sequence locked prevouts.
230 // This hash needs to still be on the chain
231 // for these LockPoint calculations to be valid
232 // Note: It is impossible to correctly calculate a maxInputBlock
233 // if any of the sequence locked inputs depend on unconfirmed txs,
234 // except in the special case where the relative lock time/height
235 // is 0, which is equivalent to no sequence lock. Since we assume
236 // input height of tip+1 for mempool txs and test the resulting
237 // min_height and min_time from CalculateSequenceLocks against tip+1.
238 int max_input_height{0};
239 for (const int height : prev_heights.value()) {
240 // Can ignore mempool inputs since we'll fail if they had non-zero locks
241 if (height != next_tip.nHeight) {
242 max_input_height = std::max(max_input_height, height);
243 }
244 }
245
246 // tip->GetAncestor(max_input_height) should never return a nullptr
247 // because max_input_height is always less than the tip height.
248 // It would, however, be a bad bug to continue execution, since a
249 // LockPoints object with the maxInputBlock member set to nullptr
250 // signifies no relative lock time.
251 return LockPoints{min_height, min_time, Assert(tip->GetAncestor(max_input_height))};
252}
253
255 const LockPoints& lock_points)
256{
257 assert(tip != nullptr);
258
259 CBlockIndex index;
260 index.pprev = tip;
261 // CheckSequenceLocksAtTip() uses active_chainstate.m_chain.Height()+1 to evaluate
262 // height based locks because when SequenceLocks() is called within
263 // ConnectBlock(), the height of the block *being*
264 // evaluated is what is used.
265 // Thus if we want to know if a transaction can be part of the
266 // *next* block, we need to use one more than active_chainstate.m_chain.Height()
267 index.nHeight = tip->nHeight + 1;
268
269 return EvaluateSequenceLocks(index, {lock_points.height, lock_points.time});
270}
271
272static void LimitMempoolSize(CTxMemPool& pool, CCoinsViewCache& coins_cache)
274{
276 AssertLockHeld(pool.cs);
277 int expired = pool.Expire(GetTime<std::chrono::seconds>() - pool.m_opts.expiry);
278 if (expired != 0) {
279 LogDebug(BCLog::MEMPOOL, "Expired %i transactions from the memory pool\n", expired);
280 }
281
282 std::vector<COutPoint> vNoSpendsRemaining;
283 pool.TrimToSize(pool.m_opts.max_size_bytes, &vNoSpendsRemaining);
284 for (const COutPoint& removed : vNoSpendsRemaining)
285 coins_cache.Uncache(removed);
286}
287
289{
291 if (active_chainstate.m_chainman.IsInitialBlockDownload()) {
292 return false;
293 }
294 if (active_chainstate.m_chain.Tip()->GetBlockTime() < count_seconds(GetTime<std::chrono::seconds>() - MAX_FEE_ESTIMATION_TIP_AGE))
295 return false;
296 if (active_chainstate.m_chain.Height() < active_chainstate.m_chainman.m_best_header->nHeight - 1) {
297 return false;
298 }
299 return true;
300}
301
303 DisconnectedBlockTransactions& disconnectpool,
304 bool fAddToMempool)
305{
306 if (!m_mempool) return;
307
310 std::vector<Txid> vHashUpdate;
311 {
312 // disconnectpool is ordered so that the front is the most recently-confirmed
313 // transaction (the last tx of the block at the tip) in the disconnected chain.
314 // Iterate disconnectpool in reverse, so that we add transactions
315 // back to the mempool starting with the earliest transaction that had
316 // been previously seen in a block.
317 const auto queuedTx = disconnectpool.take();
318 auto it = queuedTx.rbegin();
319 while (it != queuedTx.rend()) {
320 // ignore validation errors in resurrected transactions
321 if (!fAddToMempool || (*it)->IsCoinBase() ||
322 AcceptToMemoryPool(*this, *it, GetTime(),
323 /*bypass_limits=*/true, /*test_accept=*/false).m_result_type !=
325 // If the transaction doesn't make it in to the mempool, remove any
326 // transactions that depend on it (which would now be orphans).
328 } else if (m_mempool->exists((*it)->GetHash())) {
329 vHashUpdate.push_back((*it)->GetHash());
330 }
331 ++it;
332 }
333 }
334
335 // AcceptToMemoryPool/addNewTransaction all assume that new mempool entries have
336 // no in-mempool children, which is generally not true when adding
337 // previously-confirmed transactions back to the mempool.
338 // UpdateTransactionsFromBlock finds descendants of any transactions in
339 // the disconnectpool that were added back and cleans up the mempool state.
341
342 // Predicate to use for filtering transactions in removeForReorg.
343 // Checks whether the transaction is still final and, if it spends a coinbase output, mature.
344 // Also updates valid entries' cached LockPoints if needed.
345 // If false, the tx is still valid and its lockpoints are updated.
346 // If true, the tx would be invalid in the next block; remove this entry and all of its descendants.
347 // Note that TRUC rules are not applied here, so reorgs may cause violations of TRUC inheritance or
348 // topology restrictions.
349 const auto filter_final_and_mature = [&](CTxMemPool::txiter it)
353 const CTransaction& tx = it->GetTx();
354
355 // The transaction must be final.
356 if (!CheckFinalTxAtTip(*Assert(m_chain.Tip()), tx)) return true;
357
358 const LockPoints& lp = it->GetLockPoints();
359 // CheckSequenceLocksAtTip checks if the transaction will be final in the next block to be
360 // created on top of the new chain.
363 return true;
364 }
365 } else {
366 const CCoinsViewMemPool view_mempool{&CoinsTip(), *m_mempool};
367 const std::optional<LockPoints> new_lock_points{CalculateLockPointsAtTip(m_chain.Tip(), view_mempool, tx)};
368 if (new_lock_points.has_value() && CheckSequenceLocksAtTip(m_chain.Tip(), *new_lock_points)) {
369 // Now update the mempool entry lockpoints as well.
370 it->UpdateLockPoints(*new_lock_points);
371 } else {
372 return true;
373 }
374 }
375
376 // If the transaction spends any coinbase outputs, it must be mature.
377 if (it->GetSpendsCoinbase()) {
378 for (const CTxIn& txin : tx.vin) {
379 if (m_mempool->exists(txin.prevout.hash)) continue;
380 const Coin& coin{CoinsTip().AccessCoin(txin.prevout)};
381 assert(!coin.IsSpent());
382 const auto mempool_spend_height{m_chain.Tip()->nHeight + 1};
383 if (coin.IsCoinBase() && mempool_spend_height - coin.nHeight < COINBASE_MATURITY) {
384 return true;
385 }
386 }
387 }
388 // Transaction is still valid and cached LockPoints are updated.
389 return false;
390 };
391
392 // We also need to remove any now-immature transactions
393 m_mempool->removeForReorg(m_chain, filter_final_and_mature);
394 // Re-limit mempool size, in case we added any transactions
396}
397
404 const CCoinsViewCache& view, const CTxMemPool& pool,
406 ValidationCache& validation_cache)
408{
411
413 for (const CTxIn& txin : tx.vin) {
414 const Coin& coin = view.AccessCoin(txin.prevout);
415
416 // This coin was checked in PreChecks and MemPoolAccept
417 // has been holding cs_main since then.
418 Assume(!coin.IsSpent());
419 if (coin.IsSpent()) return false;
420
421 // If the Coin is available, there are 2 possibilities:
422 // it is available in our current ChainstateActive UTXO set,
423 // or it's a UTXO provided by a transaction in our mempool.
424 // Ensure the scriptPubKeys in Coins from CoinsView are correct.
425 const CTransactionRef& txFrom = pool.get(txin.prevout.hash);
426 if (txFrom) {
427 assert(txFrom->GetHash() == txin.prevout.hash);
428 assert(txFrom->vout.size() > txin.prevout.n);
429 assert(txFrom->vout[txin.prevout.n] == coin.out);
430 } else {
431 const Coin& coinFromUTXOSet = coins_tip.AccessCoin(txin.prevout);
432 assert(!coinFromUTXOSet.IsSpent());
433 assert(coinFromUTXOSet.out == coin.out);
434 }
435 }
436
437 // Call CheckInputScripts() to cache signature and script validity against current tip consensus rules.
438 return CheckInputScripts(tx, state, view, flags, /* cacheSigStore= */ true, /* cacheFullScriptStore= */ true, txdata, validation_cache);
439}
440
441namespace {
442
443class MemPoolAccept
444{
445public:
446 explicit MemPoolAccept(CTxMemPool& mempool, Chainstate& active_chainstate) :
447 m_pool(mempool),
448 m_view(&CoinsViewEmpty::Get()),
449 m_viewmempool(&active_chainstate.CoinsTip(), m_pool),
450 m_active_chainstate(active_chainstate)
451 {
452 }
453
454 // We put the arguments we're handed into a struct, so we can pass them
455 // around easier.
456 struct ATMPArgs {
457 const CChainParams& m_chainparams;
458 const int64_t m_accept_time;
459 const bool m_bypass_limits;
460 /*
461 * Return any outpoints which were not previously present in the coins
462 * cache, but were added as a result of validating the tx for mempool
463 * acceptance. This allows the caller to optionally remove the cache
464 * additions if the associated transaction ends up being rejected by
465 * the mempool.
466 */
467 std::vector<COutPoint>& m_coins_to_uncache;
469 const bool m_test_accept;
473 const bool m_allow_replacement;
475 const bool m_allow_sibling_eviction;
478 const bool m_package_submission;
482 const bool m_package_feerates;
487 const std::optional<CFeeRate> m_client_maxfeerate;
488
490 static ATMPArgs SingleAccept(const CChainParams& chainparams, int64_t accept_time,
491 bool bypass_limits, std::vector<COutPoint>& coins_to_uncache,
492 bool test_accept) {
493 return ATMPArgs{/*chainparams=*/ chainparams,
494 /*accept_time=*/ accept_time,
495 /*bypass_limits=*/ bypass_limits,
496 /*coins_to_uncache=*/ coins_to_uncache,
497 /*test_accept=*/ test_accept,
498 /*allow_replacement=*/ true,
499 /*allow_sibling_eviction=*/ true,
500 /*package_submission=*/ false,
501 /*package_feerates=*/ false,
502 /*client_maxfeerate=*/ {}, // checked by caller
503 };
504 }
505
507 static ATMPArgs PackageTestAccept(const CChainParams& chainparams, int64_t accept_time,
508 std::vector<COutPoint>& coins_to_uncache) {
509 return ATMPArgs{/*chainparams=*/ chainparams,
510 /*accept_time=*/ accept_time,
511 /*bypass_limits=*/ false,
512 /*coins_to_uncache=*/ coins_to_uncache,
513 /*test_accept=*/ true,
514 /*allow_replacement=*/ false,
515 /*allow_sibling_eviction=*/ false,
516 /*package_submission=*/ false, // not submitting to mempool
517 /*package_feerates=*/ false,
518 /*client_maxfeerate=*/ {}, // checked by caller
519 };
520 }
521
523 static ATMPArgs PackageChildWithParents(const CChainParams& chainparams, int64_t accept_time,
524 std::vector<COutPoint>& coins_to_uncache, const std::optional<CFeeRate>& client_maxfeerate) {
525 return ATMPArgs{/*chainparams=*/ chainparams,
526 /*accept_time=*/ accept_time,
527 /*bypass_limits=*/ false,
528 /*coins_to_uncache=*/ coins_to_uncache,
529 /*test_accept=*/ false,
530 /*allow_replacement=*/ true,
531 /*allow_sibling_eviction=*/ false,
532 /*package_submission=*/ true,
533 /*package_feerates=*/ true,
534 /*client_maxfeerate=*/ client_maxfeerate,
535 };
536 }
537
539 static ATMPArgs SingleInPackageAccept(const ATMPArgs& package_args) {
540 return ATMPArgs{/*chainparams=*/ package_args.m_chainparams,
541 /*accept_time=*/ package_args.m_accept_time,
542 /*bypass_limits=*/ false,
543 /*coins_to_uncache=*/ package_args.m_coins_to_uncache,
544 /*test_accept=*/ package_args.m_test_accept,
545 /*allow_replacement=*/ true,
546 /*allow_sibling_eviction=*/ true,
547 /*package_submission=*/ true, // trim at the end of AcceptPackage()
548 /*package_feerates=*/ false, // only 1 transaction
549 /*client_maxfeerate=*/ package_args.m_client_maxfeerate,
550 };
551 }
552
553 private:
554 // Private ctor to avoid exposing details to clients and allowing the possibility of
555 // mixing up the order of the arguments. Use static functions above instead.
556 ATMPArgs(const CChainParams& chainparams,
557 int64_t accept_time,
558 bool bypass_limits,
559 std::vector<COutPoint>& coins_to_uncache,
560 bool test_accept,
561 bool allow_replacement,
562 bool allow_sibling_eviction,
563 bool package_submission,
564 bool package_feerates,
565 std::optional<CFeeRate> client_maxfeerate)
566 : m_chainparams{chainparams},
567 m_accept_time{accept_time},
568 m_bypass_limits{bypass_limits},
569 m_coins_to_uncache{coins_to_uncache},
570 m_test_accept{test_accept},
571 m_allow_replacement{allow_replacement},
572 m_allow_sibling_eviction{allow_sibling_eviction},
573 m_package_submission{package_submission},
574 m_package_feerates{package_feerates},
575 m_client_maxfeerate{client_maxfeerate}
576 {
577 // If we are using package feerates, we must be doing package submission.
578 // It also means sibling eviction is not permitted.
579 if (m_package_feerates) {
580 Assume(m_package_submission);
581 Assume(!m_allow_sibling_eviction);
582 }
583 if (m_allow_sibling_eviction) Assume(m_allow_replacement);
584 }
585 };
586
588 void CleanupTemporaryCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
589
590 // Single transaction acceptance
591 MempoolAcceptResult AcceptSingleTransactionAndCleanup(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
592 LOCK(m_pool.cs);
593 MempoolAcceptResult result = AcceptSingleTransactionInternal(ptx, args);
594 ClearSubPackageState();
595 return result;
596 }
597 MempoolAcceptResult AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
598
604 PackageMempoolAcceptResult AcceptMultipleTransactionsAndCleanup(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
605 LOCK(m_pool.cs);
606 PackageMempoolAcceptResult result = AcceptMultipleTransactionsInternal(txns, args);
607 ClearSubPackageState();
608 return result;
609 }
610 PackageMempoolAcceptResult AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
611
622 PackageMempoolAcceptResult AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
624
629 PackageMempoolAcceptResult AcceptPackage(const Package& package, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
630
631private:
632 // All the intermediate state that gets passed between the various levels
633 // of checking a given transaction.
634 struct Workspace {
635 explicit Workspace(const CTransactionRef& ptx) : m_ptx(ptx), m_hash(ptx->GetHash()) {}
638 std::set<Txid> m_conflicts;
641 CTxMemPool::setEntries m_iters_conflicting;
643 std::vector<CTxMemPoolEntry::CTxMemPoolEntryRef> m_parents;
644 /* Handle to the tx in the changeset */
648 bool m_sibling_eviction{false};
649
652 int64_t m_vsize;
654 CAmount m_base_fees;
656 CAmount m_modified_fees;
657
661 CFeeRate m_package_feerate{0};
662
663 const CTransactionRef& m_ptx;
665 const Txid& m_hash;
669 PrecomputedTransactionData m_precomputed_txdata;
670 };
671
672 // Run the policy checks on a given transaction, excluding any script checks.
673 // Looks up inputs, calculates feerate, considers replacement, evaluates
674 // package limits, etc. As this function can be invoked for "free" by a peer,
675 // only tests that are fast should be done here (to avoid CPU DoS).
676 bool PreChecks(ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
677
678 // Run checks for mempool replace-by-fee, only used in AcceptSingleTransaction.
679 bool ReplacementChecks(Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
680
681 bool PackageRBFChecks(const std::vector<CTransactionRef>& txns,
682 std::vector<Workspace>& workspaces,
683 int64_t total_vsize,
684 PackageValidationState& package_state) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
685
686 // Run the script checks using our policy flags. As this can be slow, we should
687 // only invoke this on transactions that have otherwise passed policy checks.
688 bool PolicyScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
689
690 // Re-run the script checks, using consensus flags, and try to cache the
691 // result in the scriptcache. This should be done after
692 // PolicyScriptChecks(). This requires that all inputs either be in our
693 // utxo set or in the mempool.
694 bool ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
695
696 // Try to add the transaction to the mempool, removing any conflicts first.
697 void FinalizeSubpackage(const ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
698
699 // Submit all transactions to the mempool and call ConsensusScriptChecks to add to the script
700 // cache - should only be called after successful validation of all transactions in the package.
701 // Does not call LimitMempoolSize(), so mempool max_size_bytes may be temporarily exceeded.
702 bool SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces, PackageValidationState& package_state,
703 std::map<Wtxid, MempoolAcceptResult>& results)
705
706 // Compare a package's feerate against minimum allowed.
707 bool CheckFeeRate(size_t package_size, CAmount package_fee, TxValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs)
708 {
710 AssertLockHeld(m_pool.cs);
711 CAmount mempoolRejectFee = m_pool.GetMinFee().GetFee(package_size);
712 if (mempoolRejectFee > 0 && package_fee < mempoolRejectFee) {
713 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool min fee not met", strprintf("%d < %d", package_fee, mempoolRejectFee));
714 }
715
716 if (package_fee < m_pool.m_opts.min_relay_feerate.GetFee(package_size)) {
717 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "min relay fee not met",
718 strprintf("%d < %d", package_fee, m_pool.m_opts.min_relay_feerate.GetFee(package_size)));
719 }
720 return true;
721 }
722
723 ValidationCache& GetValidationCache()
724 {
725 return m_active_chainstate.m_chainman.m_validation_cache;
726 }
727
728private:
729 CTxMemPool& m_pool;
730
742 CCoinsViewCache m_view;
743
744 // These are the two possible backends for m_view.
747 CCoinsViewMemPool m_viewmempool;
748
749 Chainstate& m_active_chainstate;
750
751 // Fields below are per *sub*package state and must be reset prior to subsequent
752 // AcceptSingleTransaction and AcceptMultipleTransactions invocations
753 struct SubPackageState {
755 CAmount m_total_modified_fees{0};
757 int64_t m_total_vsize{0};
758
759 // RBF-related members
762 bool m_rbf{false};
764 std::list<CTransactionRef> m_replaced_transactions;
765 /* Changeset representing adding transactions and removing their conflicts. */
766 std::unique_ptr<CTxMemPool::ChangeSet> m_changeset;
767
769 CAmount m_conflicting_fees{0};
771 size_t m_conflicting_size{0};
772 };
773
774 struct SubPackageState m_subpackage;
775
777 void ClearSubPackageState() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs)
778 {
779 m_subpackage = SubPackageState{};
780
781 // And clean coins while at it
782 CleanupTemporaryCoins();
783 }
784};
785
786bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
787{
789 AssertLockHeld(m_pool.cs);
790 const CTransactionRef& ptx = ws.m_ptx;
791 const CTransaction& tx = *ws.m_ptx;
792 const Txid& hash = ws.m_hash;
793
794 // Copy/alias what we need out of args
795 const int64_t nAcceptTime = args.m_accept_time;
796 const bool bypass_limits = args.m_bypass_limits;
797 std::vector<COutPoint>& coins_to_uncache = args.m_coins_to_uncache;
798
799 // Alias what we need out of ws
800 TxValidationState& state = ws.m_state;
801
802 if (!CheckTransaction(tx, state)) {
803 return false; // state filled in by CheckTransaction
804 }
805
806 // Coinbase is only valid in a block, not as a loose transaction
807 if (tx.IsCoinBase())
808 return state.Invalid(TxValidationResult::TX_CONSENSUS, "coinbase");
809
810 // Rather not work on nonstandard transactions (unless -testnet/-regtest)
811 std::string reason;
812 if (m_pool.m_opts.require_standard && !IsStandardTx(tx, m_pool.m_opts.max_datacarrier_bytes, m_pool.m_opts.permit_bare_multisig, m_pool.m_opts.dust_relay_feerate, reason)) {
813 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, reason);
814 }
815
816 // Transactions smaller than 65 non-witness bytes are not relayed to mitigate CVE-2017-12842.
818 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "tx-size-small");
819
820 // Only accept nLockTime-using transactions that can be mined in the next
821 // block; we don't want our mempool filled up with transactions that can't
822 // be mined yet.
823 if (!CheckFinalTxAtTip(*Assert(m_active_chainstate.m_chain.Tip()), tx)) {
824 return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-final");
825 }
826
827 if (m_pool.exists(tx.GetWitnessHash())) {
828 // Exact transaction already exists in the mempool.
829 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-in-mempool");
830 } else if (m_pool.exists(tx.GetHash())) {
831 // Transaction with the same non-witness data but different witness (same txid, different
832 // wtxid) already exists in the mempool.
833 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-same-nonwitness-data-in-mempool");
834 }
835
836 // Check for conflicts with in-memory transactions
837 for (const CTxIn &txin : tx.vin)
838 {
839 const CTransaction* ptxConflicting = m_pool.GetConflictTx(txin.prevout);
840 if (ptxConflicting) {
841 if (!args.m_allow_replacement) {
842 // Transaction conflicts with a mempool tx, but we're not allowing replacements in this context.
843 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "bip125-replacement-disallowed");
844 }
845 ws.m_conflicts.insert(ptxConflicting->GetHash());
846 }
847 }
848
849 m_view.SetBackend(m_viewmempool);
850
851 const CCoinsViewCache& coins_cache = m_active_chainstate.CoinsTip();
852 // do all inputs exist?
853 for (const CTxIn& txin : tx.vin) {
854 if (!coins_cache.HaveCoinInCache(txin.prevout)) {
855 coins_to_uncache.push_back(txin.prevout);
856 }
857
858 // Note: this call may add txin.prevout to the coins cache
859 // (coins_cache.cacheCoins) by way of FetchCoin(). It should be removed
860 // later (via coins_to_uncache) if this tx turns out to be invalid.
861 if (!m_view.HaveCoin(txin.prevout)) {
862 // Are inputs missing because we already have the tx?
863 for (size_t out = 0; out < tx.vout.size(); out++) {
864 // Optimistically just do efficient check of cache for outputs
865 if (coins_cache.HaveCoinInCache(COutPoint(hash, out))) {
866 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-known");
867 }
868 }
869 // Otherwise assume this might be an orphan tx for which we just haven't seen parents yet
870 return state.Invalid(TxValidationResult::TX_MISSING_INPUTS, "bad-txns-inputs-missingorspent");
871 }
872 }
873
874 // This is const, but calls into `CCoinsViewCache::GetBestBlock()` to refresh
875 // the cached best block through `m_viewmempool` after caching inputs.
876 (void)m_view.GetBestBlock();
877
878 // All required inputs are cached now, so switch m_view to the empty backend.
879 // This keeps already-fetched cache entries for later checks and prevents new
880 // backend lookups (which would avoid coins_to_uncache tracking).
881 m_view.SetBackend(CoinsViewEmpty::Get());
882
883 assert(m_active_chainstate.m_blockman.LookupBlockIndex(m_view.GetBestBlock()) == m_active_chainstate.m_chain.Tip());
884
885 // Only accept BIP68 sequence locked transactions that can be mined in the next
886 // block; we don't want our mempool filled up with transactions that can't
887 // be mined yet.
888 // Pass in m_view which has all of the relevant inputs cached. Note that, since m_view's
889 // backend was removed, it no longer pulls coins from the mempool.
890 const std::optional<LockPoints> lock_points{CalculateLockPointsAtTip(m_active_chainstate.m_chain.Tip(), m_view, tx)};
891 if (!lock_points.has_value() || !CheckSequenceLocksAtTip(m_active_chainstate.m_chain.Tip(), *lock_points)) {
892 return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-BIP68-final");
893 }
894
895 // The mempool holds txs for the next block, so pass height+1 to CheckTxInputs
896 if (!Consensus::CheckTxInputs(tx, state, m_view, m_active_chainstate.m_chain.Height() + 1, ws.m_base_fees)) {
897 return false; // state filled in by CheckTxInputs
898 }
899
900 if (m_pool.m_opts.require_standard) {
901 state = ValidateInputsStandardness(tx, m_view);
902 if (state.IsInvalid()) {
903 return false;
904 }
905 }
906
907 // Check for non-standard witnesses.
908 if (tx.HasWitness() && m_pool.m_opts.require_standard && !IsWitnessStandard(tx, m_view)) {
909 return state.Invalid(TxValidationResult::TX_WITNESS_MUTATED, "bad-witness-nonstandard");
910 }
911
912 int64_t nSigOpsCost = GetTransactionSigOpCost(tx, m_view, STANDARD_SCRIPT_VERIFY_FLAGS);
913
914 // Keep track of transactions that spend a coinbase, which we re-scan
915 // during reorgs to ensure COINBASE_MATURITY is still met.
916 bool fSpendsCoinbase = false;
917 for (const CTxIn &txin : tx.vin) {
918 const Coin &coin = m_view.AccessCoin(txin.prevout);
919 if (coin.IsCoinBase()) {
920 fSpendsCoinbase = true;
921 break;
922 }
923 }
924
925 // Set entry_sequence to 0 when bypass_limits is used; this allows txs from a block
926 // reorg to be marked earlier than any child txs that were already in the mempool.
927 const uint64_t entry_sequence = bypass_limits ? 0 : m_pool.GetSequence();
928 if (!m_subpackage.m_changeset) {
929 m_subpackage.m_changeset = m_pool.GetChangeSet();
930 }
931 ws.m_tx_handle = m_subpackage.m_changeset->StageAddition(ptx, ws.m_base_fees, nAcceptTime, m_active_chainstate.m_chain.Height(), entry_sequence, fSpendsCoinbase, nSigOpsCost, lock_points.value());
932
933 // ws.m_modified_fees includes any fee deltas from PrioritiseTransaction
934 ws.m_modified_fees = ws.m_tx_handle->GetModifiedFee();
935
936 ws.m_vsize = ws.m_tx_handle->GetTxSize();
937
938 // Enforces 0-fee for dust transactions, no incentive to be mined alone
939 if (m_pool.m_opts.require_standard) {
940 if (!PreCheckEphemeralTx(*ptx, m_pool.m_opts.dust_relay_feerate, ws.m_base_fees, ws.m_modified_fees, state)) {
941 return false; // state filled in by PreCheckEphemeralTx
942 }
943 }
944
945 if (nSigOpsCost > MAX_STANDARD_TX_SIGOPS_COST)
946 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "bad-txns-too-many-sigops",
947 strprintf("%d", nSigOpsCost));
948
949 // No individual transactions are allowed below the mempool min feerate except from disconnected
950 // blocks and transactions in a package. Package transactions will be checked using package
951 // feerate later.
952 if (!bypass_limits && !args.m_package_feerates && !CheckFeeRate(ws.m_vsize, ws.m_modified_fees, state)) return false;
953
954 ws.m_iters_conflicting = m_pool.GetIterSet(ws.m_conflicts);
955
956 ws.m_parents = m_pool.GetParents(*ws.m_tx_handle);
957
958 if (!args.m_bypass_limits) {
959 // Perform the TRUC checks, using the in-mempool parents.
960 if (const auto err{SingleTRUCChecks(m_pool, ws.m_ptx, ws.m_parents, ws.m_conflicts, ws.m_vsize)}) {
961 // Single transaction contexts only.
962 if (args.m_allow_sibling_eviction && err->second != nullptr) {
963 // We should only be considering where replacement is considered valid as well.
964 Assume(args.m_allow_replacement);
965 // Potential sibling eviction. Add the sibling to our list of mempool conflicts to be
966 // included in RBF checks.
967 ws.m_conflicts.insert(err->second->GetHash());
968 // Adding the sibling to m_iters_conflicting here means that it doesn't count towards
969 // RBF Carve Out above. This is correct, since removing to-be-replaced transactions from
970 // the descendant count is done separately in SingleTRUCChecks for TRUC transactions.
971 ws.m_iters_conflicting.insert(m_pool.GetIter(err->second->GetHash()).value());
972 ws.m_sibling_eviction = true;
973 // The sibling will be treated as part of the to-be-replaced set in ReplacementChecks.
974 // Note that we are not checking whether it opts in to replaceability via BIP125 or TRUC
975 // (which is normally done in PreChecks). However, the only way a TRUC transaction can
976 // have a non-TRUC and non-BIP125 descendant is due to a reorg.
977 } else {
978 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "TRUC-violation", err->first);
979 }
980 }
981 }
982
983 // We want to detect conflicts in any tx in a package to trigger package RBF logic
984 m_subpackage.m_rbf |= !ws.m_conflicts.empty();
985 return true;
986}
987
988bool MemPoolAccept::ReplacementChecks(Workspace& ws)
989{
991 AssertLockHeld(m_pool.cs);
992
993 const CTransaction& tx = *ws.m_ptx;
994 const Txid& hash = ws.m_hash;
995 TxValidationState& state = ws.m_state;
996
997 CFeeRate newFeeRate(ws.m_modified_fees, ws.m_vsize);
998
999 CTxMemPool::setEntries all_conflicts;
1000
1001 // Calculate all conflicting entries and enforce Rule #5.
1002 if (const auto err_string{GetEntriesForConflicts(tx, m_pool, ws.m_iters_conflicting, all_conflicts)}) {
1004 strprintf("too many potential replacements%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1005 }
1006
1007 // Check if it's economically rational to mine this transaction rather than the ones it
1008 // replaces and pays for its own relay fees. Enforce Rules #3 and #4.
1009 for (CTxMemPool::txiter it : all_conflicts) {
1010 m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1011 m_subpackage.m_conflicting_size += it->GetTxSize();
1012 }
1013
1014 if (const auto err_string{PaysForRBF(m_subpackage.m_conflicting_fees, ws.m_modified_fees, ws.m_vsize,
1015 m_pool.m_opts.incremental_relay_feerate, hash)}) {
1016 // Result may change in a package context
1018 strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1019 }
1020
1021 // Add all the to-be-removed transactions to the changeset.
1022 for (auto it : all_conflicts) {
1023 m_subpackage.m_changeset->StageRemoval(it);
1024 }
1025
1026 // Run cluster size limit checks and fail if we exceed them.
1027 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1028 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
1029 }
1030
1031 if (const auto err_string{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
1032 // We checked above for the cluster size limits being respected, so a
1033 // failure here can only be due to an insufficient fee.
1034 Assume(err_string->first == DiagramCheckError::FAILURE);
1035 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "replacement-failed", err_string->second);
1036 }
1037
1038 return true;
1039}
1040
1041bool MemPoolAccept::PackageRBFChecks(const std::vector<CTransactionRef>& txns,
1042 std::vector<Workspace>& workspaces,
1043 const int64_t total_vsize,
1044 PackageValidationState& package_state)
1045{
1047 AssertLockHeld(m_pool.cs);
1048
1049 assert(std::all_of(txns.cbegin(), txns.cend(), [this](const auto& tx)
1050 { return !m_pool.exists(tx->GetHash());}));
1051
1052 assert(txns.size() == workspaces.size());
1053
1054 // We're in package RBF context; replacement proposal must be size 2
1055 if (workspaces.size() != 2 || !Assume(IsChildWithParents(txns))) {
1056 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: package must be 1-parent-1-child");
1057 }
1058
1059 // If the package has in-mempool parents, we won't consider a package RBF
1060 // since it would result in a cluster larger than 2.
1061 // N.B. To relax this constraint we will need to revisit how CCoinsViewMemPool::PackageAddTransaction
1062 // is being used inside AcceptMultipleTransactions to track available inputs while processing a package.
1063 // Specifically we would need to check that the ancestors of the new
1064 // transactions don't intersect with the set of transactions to be removed
1065 // due to RBF, which is not checked at all in the package acceptance
1066 // context.
1067 for (const auto& ws : workspaces) {
1068 if (!ws.m_parents.empty()) {
1069 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: new transaction cannot have mempool ancestors");
1070 }
1071 }
1072
1073 // Aggregate all conflicts into one set.
1074 CTxMemPool::setEntries direct_conflict_iters;
1075 for (Workspace& ws : workspaces) {
1076 // Aggregate all conflicts into one set.
1077 direct_conflict_iters.merge(ws.m_iters_conflicting);
1078 }
1079
1080 const auto& parent_ws = workspaces[0];
1081 const auto& child_ws = workspaces[1];
1082
1083 // Don't consider replacements that would cause us to remove a large number of mempool entries.
1084 // This limit is not increased in a package RBF. Use the aggregate number of transactions.
1085 CTxMemPool::setEntries all_conflicts;
1086 if (const auto err_string{GetEntriesForConflicts(*child_ws.m_ptx, m_pool, direct_conflict_iters,
1087 all_conflicts)}) {
1088 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1089 "package RBF failed: too many potential replacements", *err_string);
1090 }
1091
1092 for (CTxMemPool::txiter it : all_conflicts) {
1093 m_subpackage.m_changeset->StageRemoval(it);
1094 m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1095 m_subpackage.m_conflicting_size += it->GetTxSize();
1096 }
1097
1098 // Use the child as the transaction for attributing errors to.
1099 const Txid& child_hash = child_ws.m_ptx->GetHash();
1100 if (const auto err_string{PaysForRBF(/*original_fees=*/m_subpackage.m_conflicting_fees,
1101 /*replacement_fees=*/m_subpackage.m_total_modified_fees,
1102 /*replacement_vsize=*/m_subpackage.m_total_vsize,
1103 m_pool.m_opts.incremental_relay_feerate, child_hash)}) {
1104 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1105 "package RBF failed: insufficient anti-DoS fees", *err_string);
1106 }
1107
1108 // Ensure this two transaction package is a "chunk" on its own; we don't want the child
1109 // to be only paying anti-DoS fees
1110 const CFeeRate parent_feerate(parent_ws.m_modified_fees, parent_ws.m_vsize);
1111 const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1112 if (package_feerate <= parent_feerate) {
1113 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1114 "package RBF failed: package feerate is less than or equal to parent feerate",
1115 strprintf("package feerate %s <= parent feerate is %s", package_feerate.ToString(), parent_feerate.ToString()));
1116 }
1117
1118 // Run cluster size limit checks and fail if we exceed them.
1119 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1120 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
1121 }
1122
1123 // Check if it's economically rational to mine this package rather than the ones it replaces.
1124 if (const auto err_tup{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
1125 Assume(err_tup->first == DiagramCheckError::FAILURE);
1126 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1127 "package RBF failed: " + err_tup.value().second, "");
1128 }
1129
1130 LogDebug(BCLog::TXPACKAGES, "package RBF checks passed: parent %s (wtxid=%s), child %s (wtxid=%s), package hash (%s)\n",
1131 txns.front()->GetHash().ToString(), txns.front()->GetWitnessHash().ToString(),
1132 txns.back()->GetHash().ToString(), txns.back()->GetWitnessHash().ToString(),
1133 GetPackageHash(txns).ToString());
1134
1135
1136 return true;
1137}
1138
1139bool MemPoolAccept::PolicyScriptChecks(const ATMPArgs& args, Workspace& ws)
1140{
1142 AssertLockHeld(m_pool.cs);
1143 const CTransaction& tx = *ws.m_ptx;
1144 TxValidationState& state = ws.m_state;
1145
1146 constexpr script_verify_flags scriptVerifyFlags = STANDARD_SCRIPT_VERIFY_FLAGS;
1147
1148 // Check input scripts and signatures.
1149 // This is done last to help prevent CPU exhaustion denial-of-service attacks.
1150 if (!CheckInputScripts(tx, state, m_view, scriptVerifyFlags, true, false, ws.m_precomputed_txdata, GetValidationCache())) {
1151 // Detect a failure due to a missing witness so that p2p code can handle rejection caching appropriately.
1152 if (!tx.HasWitness() && SpendsNonAnchorWitnessProg(tx, m_view)) {
1154 state.GetRejectReason(), state.GetDebugMessage());
1155 }
1156 return false; // state filled in by CheckInputScripts
1157 }
1158
1159 return true;
1160}
1161
1162bool MemPoolAccept::ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws)
1163{
1165 AssertLockHeld(m_pool.cs);
1166 const CTransaction& tx = *ws.m_ptx;
1167 const Txid& hash = ws.m_hash;
1168 TxValidationState& state = ws.m_state;
1169
1170 // Check again against the current block tip's script verification
1171 // flags to cache our script execution flags. This is, of course,
1172 // useless if the next block has different script flags from the
1173 // previous one, but because the cache tracks script flags for us it
1174 // will auto-invalidate and we'll just have a few blocks of extra
1175 // misses on soft-fork activation.
1176 //
1177 // This is also useful in case of bugs in the standard flags that cause
1178 // transactions to pass as valid when they're actually invalid. For
1179 // instance the STRICTENC flag was incorrectly allowing certain
1180 // CHECKSIG NOT scripts to pass, even though they were invalid.
1181 //
1182 // There is a similar check in CreateNewBlock() to prevent creating
1183 // invalid blocks (using TestBlockValidity), however allowing such
1184 // transactions into the mempool can be exploited as a DoS attack.
1185 script_verify_flags currentBlockScriptVerifyFlags{GetBlockScriptFlags(*m_active_chainstate.m_chain.Tip(), m_active_chainstate.m_chainman)};
1186 if (!CheckInputsFromMempoolAndCache(tx, state, m_view, m_pool, currentBlockScriptVerifyFlags,
1187 ws.m_precomputed_txdata, m_active_chainstate.CoinsTip(), GetValidationCache())) {
1188 LogError("BUG! PLEASE REPORT THIS! CheckInputScripts failed against latest-block but not STANDARD flags %s, %s", hash.ToString(), state.ToString());
1189 return Assume(false);
1190 }
1191
1192 return true;
1193}
1194
1195void MemPoolAccept::FinalizeSubpackage(const ATMPArgs& args)
1196{
1198 AssertLockHeld(m_pool.cs);
1199
1200 if (!m_subpackage.m_changeset->GetRemovals().empty()) Assume(args.m_allow_replacement);
1201 // Remove conflicting transactions from the mempool
1202 for (CTxMemPool::txiter it : m_subpackage.m_changeset->GetRemovals())
1203 {
1204 std::string log_string = strprintf("replacing mempool tx %s (wtxid=%s, fees=%s, vsize=%s). ",
1205 it->GetTx().GetHash().ToString(),
1206 it->GetTx().GetWitnessHash().ToString(),
1207 it->GetFee(),
1208 it->GetTxSize());
1209 FeeFrac feerate{m_subpackage.m_total_modified_fees, int32_t(m_subpackage.m_total_vsize)};
1210 uint256 tx_or_package_hash{};
1211 const bool replaced_with_tx{m_subpackage.m_changeset->GetTxCount() == 1};
1212 if (replaced_with_tx) {
1213 const CTransaction& tx = m_subpackage.m_changeset->GetAddedTxn(0);
1214 tx_or_package_hash = tx.GetHash().ToUint256();
1215 log_string += strprintf("New tx %s (wtxid=%s, fees=%s, vsize=%s)",
1216 tx.GetHash().ToString(),
1217 tx.GetWitnessHash().ToString(),
1218 feerate.fee,
1219 feerate.size);
1220 } else {
1221 tx_or_package_hash = GetPackageHash(m_subpackage.m_changeset->GetAddedTxns());
1222 log_string += strprintf("New package %s with %lu txs, fees=%s, vsize=%s",
1223 tx_or_package_hash.ToString(),
1224 m_subpackage.m_changeset->GetTxCount(),
1225 feerate.fee,
1226 feerate.size);
1227
1228 }
1229 LogDebug(BCLog::MEMPOOL, "%s\n", log_string);
1230 TRACEPOINT(mempool, replaced,
1231 it->GetTx().GetHash().data(),
1232 it->GetTxSize(),
1233 it->GetFee(),
1234 std::chrono::duration_cast<std::chrono::duration<std::uint64_t>>(it->GetTime()).count(),
1235 tx_or_package_hash.data(),
1236 feerate.size,
1237 feerate.fee,
1238 replaced_with_tx
1239 );
1240 m_subpackage.m_replaced_transactions.push_back(it->GetSharedTx());
1241 }
1242 m_subpackage.m_changeset->Apply();
1243 m_subpackage.m_changeset.reset();
1244}
1245
1246bool MemPoolAccept::SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces,
1247 PackageValidationState& package_state,
1248 std::map<Wtxid, MempoolAcceptResult>& results)
1249{
1251 AssertLockHeld(m_pool.cs);
1252 // Sanity check: none of the transactions should be in the mempool, and none of the transactions
1253 // should have a same-txid-different-witness equivalent in the mempool.
1254 assert(std::all_of(workspaces.cbegin(), workspaces.cend(), [this](const auto& ws) { return !m_pool.exists(ws.m_ptx->GetHash()); }));
1255
1256 bool all_submitted = true;
1257 FinalizeSubpackage(args);
1258 // ConsensusScriptChecks adds to the script cache and is therefore consensus-critical;
1259 // CheckInputsFromMempoolAndCache asserts that transactions only spend coins available from the
1260 // mempool or UTXO set. Submit each transaction to the mempool immediately after calling
1261 // ConsensusScriptChecks to make the outputs available for subsequent transactions.
1262 for (Workspace& ws : workspaces) {
1263 if (!ConsensusScriptChecks(args, ws)) {
1264 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1265 // Since PolicyScriptChecks() passed, this should never fail.
1266 Assume(false);
1267 all_submitted = false;
1269 strprintf("BUG! PolicyScriptChecks succeeded but ConsensusScriptChecks failed: %s",
1270 ws.m_ptx->GetHash().ToString()));
1271 }
1272 // Remove first failing tx and all subsequent in package
1273 if (!all_submitted) {
1274 if (!m_subpackage.m_changeset) m_subpackage.m_changeset = m_pool.GetChangeSet();
1275 m_subpackage.m_changeset->StageRemoval(m_pool.GetIter(ws.m_ptx->GetHash()).value());
1276 }
1277 }
1278 if (!all_submitted) {
1279 Assume(m_subpackage.m_changeset);
1280 // This code should be unreachable; it's here as belt-and-suspenders
1281 // to try to ensure we have no consensus-invalid transactions in the
1282 // mempool.
1283 m_subpackage.m_changeset->Apply();
1284 m_subpackage.m_changeset.reset();
1285 return false;
1286 }
1287
1288 std::vector<Wtxid> all_package_wtxids;
1289 all_package_wtxids.reserve(workspaces.size());
1290 std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1291 [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1292
1293 if (!m_subpackage.m_replaced_transactions.empty()) {
1294 LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with %u new one(s) for %s additional fees, %d delta bytes\n",
1295 m_subpackage.m_replaced_transactions.size(), workspaces.size(),
1296 m_subpackage.m_total_modified_fees - m_subpackage.m_conflicting_fees,
1297 m_subpackage.m_total_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1298 }
1299
1300 // Add successful results. The returned results may change later if LimitMempoolSize() evicts them.
1301 for (Workspace& ws : workspaces) {
1302 auto iter = m_pool.GetIter(ws.m_ptx->GetHash());
1303 Assume(iter.has_value());
1304 const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1305 CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
1306 const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1307 std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1308 results.emplace(ws.m_ptx->GetWitnessHash(),
1309 MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1310 ws.m_base_fees, effective_feerate, effective_feerate_wtxids));
1311 if (!m_pool.m_opts.signals) continue;
1312 const CTransaction& tx = *ws.m_ptx;
1313 const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1314 ws.m_vsize, (*iter)->GetHeight(),
1315 args.m_bypass_limits, args.m_package_submission,
1316 IsCurrentForFeeEstimation(m_active_chainstate),
1317 m_pool.HasNoInputsOf(tx));
1318 m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1319 }
1320 return all_submitted;
1321}
1322
1323MempoolAcceptResult MemPoolAccept::AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args)
1324{
1326 AssertLockHeld(m_pool.cs);
1327
1328 Workspace ws(ptx);
1329 const std::vector<Wtxid> single_wtxid{ws.m_ptx->GetWitnessHash()};
1330
1331 if (!PreChecks(args, ws)) {
1332 if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1333 // Failed for fee reasons. Provide the effective feerate and which tx was included.
1334 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1335 }
1336 return MempoolAcceptResult::Failure(ws.m_state);
1337 }
1338
1339 if (m_subpackage.m_rbf && !ReplacementChecks(ws)) {
1340 if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1341 // Failed for incentives-based fee reasons. Provide the effective feerate and which tx was included.
1342 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1343 }
1344 return MempoolAcceptResult::Failure(ws.m_state);
1345 }
1346
1347 // Check if the transaction would exceed the cluster size limit.
1348 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1349 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
1350 return MempoolAcceptResult::Failure(ws.m_state);
1351 }
1352
1353 // Now that we've verified the cluster limit is respected, we can perform
1354 // calculations involving the full ancestors of the tx.
1355 if (ws.m_conflicts.size()) {
1356 auto ancestors = m_subpackage.m_changeset->CalculateMemPoolAncestors(ws.m_tx_handle);
1357
1358 // A transaction that spends outputs that would be replaced by it is invalid. Now
1359 // that we have the set of all ancestors we can detect this
1360 // pathological case by making sure ws.m_conflicts and this tx's ancestors don't
1361 // intersect.
1362 if (const auto err_string{EntriesAndTxidsDisjoint(ancestors, ws.m_conflicts, ptx->GetHash())}) {
1363 // We classify this as a consensus error because a transaction depending on something it
1364 // conflicts with would be inconsistent.
1365 ws.m_state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-spends-conflicting-tx", *err_string);
1366 return MempoolAcceptResult::Failure(ws.m_state);
1367 }
1368 }
1369
1370 m_subpackage.m_total_vsize = ws.m_vsize;
1371 m_subpackage.m_total_modified_fees = ws.m_modified_fees;
1372
1373 // Individual modified feerate exceeded caller-defined max; abort
1374 if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1375 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1376 return MempoolAcceptResult::Failure(ws.m_state);
1377 }
1378
1379 if (!args.m_bypass_limits && m_pool.m_opts.require_standard) {
1380 Wtxid dummy_wtxid;
1381 if (!CheckEphemeralSpends(/*package=*/{ptx}, m_pool.m_opts.dust_relay_feerate, m_pool, ws.m_state, dummy_wtxid)) {
1382 return MempoolAcceptResult::Failure(ws.m_state);
1383 }
1384 }
1385
1386 // Perform the inexpensive checks first and avoid hashing and signature verification unless
1387 // those checks pass, to mitigate CPU exhaustion denial-of-service attacks.
1388 if (!PolicyScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1389
1390 if (!ConsensusScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1391
1392 const CFeeRate effective_feerate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
1393 // Tx was accepted, but not added
1394 if (args.m_test_accept) {
1395 return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1396 ws.m_base_fees, effective_feerate, single_wtxid);
1397 }
1398
1399 FinalizeSubpackage(args);
1400
1401 // Limit the mempool, if appropriate.
1402 if (!args.m_package_submission && !args.m_bypass_limits) {
1403 LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1404 // If mempool contents change, then the m_view cache is dirty. Given this isn't a package
1405 // submission, we won't be using the cache anymore, but clear it anyway for clarity.
1406 CleanupTemporaryCoins();
1407
1408 if (!m_pool.exists(ws.m_hash)) {
1409 // The tx no longer meets our (new) mempool minimum feerate but could be reconsidered in a package.
1410 ws.m_state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool full");
1411 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), {ws.m_ptx->GetWitnessHash()});
1412 }
1413 }
1414
1415 if (m_pool.m_opts.signals) {
1416 const CTransaction& tx = *ws.m_ptx;
1417 auto iter = m_pool.GetIter(tx.GetHash());
1418 Assume(iter.has_value());
1419 const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1420 ws.m_vsize, (*iter)->GetHeight(),
1421 args.m_bypass_limits, args.m_package_submission,
1422 IsCurrentForFeeEstimation(m_active_chainstate),
1423 m_pool.HasNoInputsOf(tx));
1424 m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1425 }
1426
1427 if (!m_subpackage.m_replaced_transactions.empty()) {
1428 LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with 1 new transaction for %s additional fees, %d delta bytes\n",
1429 m_subpackage.m_replaced_transactions.size(),
1430 ws.m_modified_fees - m_subpackage.m_conflicting_fees,
1431 ws.m_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1432 }
1433
1434 return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize, ws.m_base_fees,
1435 effective_feerate, single_wtxid);
1436}
1437
1438PackageMempoolAcceptResult MemPoolAccept::AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args)
1439{
1441 AssertLockHeld(m_pool.cs);
1442
1443 // These context-free package limits can be done before taking the mempool lock.
1444 PackageValidationState package_state;
1445 if (!IsWellFormedPackage(txns, package_state)) return PackageMempoolAcceptResult(package_state, {});
1446
1447 std::vector<Workspace> workspaces{};
1448 workspaces.reserve(txns.size());
1449 std::transform(txns.cbegin(), txns.cend(), std::back_inserter(workspaces),
1450 [](const auto& tx) { return Workspace(tx); });
1451 std::map<Wtxid, MempoolAcceptResult> results;
1452
1453 // Do all PreChecks first and fail fast to avoid running expensive script checks when unnecessary.
1454 for (Workspace& ws : workspaces) {
1455 if (!PreChecks(args, ws)) {
1456 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1457 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1458 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1459 return PackageMempoolAcceptResult(package_state, std::move(results));
1460 }
1461
1462 // Individual modified feerate exceeded caller-defined max; abort
1463 // N.B. this doesn't take into account CPFPs. Chunk-aware validation may be more robust.
1464 if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1465 // Need to set failure here both individually and at package level
1466 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1467 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1468 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1469 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1470 return PackageMempoolAcceptResult(package_state, std::move(results));
1471 }
1472
1473 // Make the coins created by this transaction available for subsequent transactions in the
1474 // package to spend. If there are no conflicts within the package, no transaction can spend a coin
1475 // needed by another transaction in the package. We also need to make sure that no package
1476 // tx replaces (or replaces the ancestor of) the parent of another package tx. As long as we
1477 // check these two things, we don't need to track the coins spent.
1478 // If a package tx conflicts with a mempool tx, PackageRBFChecks() ensures later that any package RBF attempt
1479 // has *no* in-mempool ancestors, so we don't have to worry about subsequent transactions in
1480 // same package spending the same in-mempool outpoints. This needs to be revisited for general
1481 // package RBF.
1482 m_viewmempool.PackageAddTransaction(ws.m_ptx);
1483 }
1484
1485 // At this point we have all in-mempool parents, and we know every transaction's vsize.
1486 // Run the TRUC checks on the package.
1487 for (Workspace& ws : workspaces) {
1488 if (auto err{PackageTRUCChecks(m_pool, ws.m_ptx, ws.m_vsize, txns, ws.m_parents)}) {
1489 package_state.Invalid(PackageValidationResult::PCKG_POLICY, "TRUC-violation", err.value());
1490 return PackageMempoolAcceptResult(package_state, {});
1491 }
1492 }
1493
1494 // Transactions must meet two minimum feerates: the mempool minimum fee and min relay fee.
1495 // For transactions consisting of exactly one child and its parents, it suffices to use the
1496 // package feerate (total modified fees / total virtual size) to check this requirement.
1497 // Note that this is an aggregate feerate; this function has not checked that there are transactions
1498 // too low feerate to pay for themselves, or that the child transactions are higher feerate than
1499 // their parents. Using aggregate feerate may allow "parents pay for child" behavior and permit
1500 // a child that is below mempool minimum feerate. To avoid these behaviors, callers of
1501 // AcceptMultipleTransactions need to restrict txns topology (e.g. to ancestor sets) and check
1502 // the feerates of individuals and subsets.
1503 m_subpackage.m_total_vsize = std::accumulate(workspaces.cbegin(), workspaces.cend(), int64_t{0},
1504 [](int64_t sum, auto& ws) { return sum + ws.m_vsize; });
1505 m_subpackage.m_total_modified_fees = std::accumulate(workspaces.cbegin(), workspaces.cend(), CAmount{0},
1506 [](CAmount sum, auto& ws) { return sum + ws.m_modified_fees; });
1507 const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1508 std::vector<Wtxid> all_package_wtxids;
1509 all_package_wtxids.reserve(workspaces.size());
1510 std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1511 [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1512 TxValidationState placeholder_state;
1513 if (args.m_package_feerates &&
1514 !CheckFeeRate(m_subpackage.m_total_vsize, m_subpackage.m_total_modified_fees, placeholder_state)) {
1515 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1516 return PackageMempoolAcceptResult(package_state, {{workspaces.back().m_ptx->GetWitnessHash(),
1517 MempoolAcceptResult::FeeFailure(placeholder_state, CFeeRate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize), all_package_wtxids)}});
1518 }
1519
1520 // Apply package mempool RBF checks.
1521 if (m_subpackage.m_rbf && !PackageRBFChecks(txns, workspaces, m_subpackage.m_total_vsize, package_state)) {
1522 return PackageMempoolAcceptResult(package_state, std::move(results));
1523 }
1524
1525 // Check if the transactions would exceed the cluster size limit.
1526 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1527 package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
1528 return PackageMempoolAcceptResult(package_state, std::move(results));
1529 }
1530
1531 // Now that we've bounded the resulting possible ancestry count, check package for dust spends
1532 if (m_pool.m_opts.require_standard) {
1533 TxValidationState child_state;
1534 Wtxid child_wtxid;
1535 if (!CheckEphemeralSpends(txns, m_pool.m_opts.dust_relay_feerate, m_pool, child_state, child_wtxid)) {
1536 package_state.Invalid(PackageValidationResult::PCKG_TX, "unspent-dust");
1537 results.emplace(child_wtxid, MempoolAcceptResult::Failure(child_state));
1538 return PackageMempoolAcceptResult(package_state, std::move(results));
1539 }
1540 }
1541
1542 for (Workspace& ws : workspaces) {
1543 ws.m_package_feerate = package_feerate;
1544 if (!PolicyScriptChecks(args, ws)) {
1545 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1546 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1547 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1548 return PackageMempoolAcceptResult(package_state, std::move(results));
1549 }
1550 if (args.m_test_accept) {
1551 const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1552 CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
1553 const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1554 std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1555 results.emplace(ws.m_ptx->GetWitnessHash(),
1556 MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions),
1557 ws.m_vsize, ws.m_base_fees, effective_feerate,
1558 effective_feerate_wtxids));
1559 }
1560 }
1561
1562 if (args.m_test_accept) return PackageMempoolAcceptResult(package_state, std::move(results));
1563
1564 if (!SubmitPackage(args, workspaces, package_state, results)) {
1565 // PackageValidationState filled in by SubmitPackage().
1566 return PackageMempoolAcceptResult(package_state, std::move(results));
1567 }
1568
1569 return PackageMempoolAcceptResult(package_state, std::move(results));
1570}
1571
1572void MemPoolAccept::CleanupTemporaryCoins()
1573{
1574 // There are 3 kinds of coins in m_view:
1575 // (1) Temporary coins from the transactions in subpackage, constructed by m_viewmempool.
1576 // (2) Mempool coins from transactions in the mempool, constructed by m_viewmempool.
1577 // (3) Confirmed coins fetched from our current UTXO set.
1578 //
1579 // (1) Temporary coins need to be removed, regardless of whether the transaction was submitted.
1580 // If the transaction was submitted to the mempool, m_viewmempool will be able to fetch them from
1581 // there. If it wasn't submitted to mempool, it is incorrect to keep them - future calls may try
1582 // to spend those coins that don't actually exist.
1583 // (2) Mempool coins also need to be removed. If the mempool contents have changed as a result
1584 // of submitting or replacing transactions, coins previously fetched from mempool may now be
1585 // spent or nonexistent. Those coins need to be deleted from m_view.
1586 // (3) Confirmed coins don't need to be removed. The chainstate has not changed (we are
1587 // holding cs_main and no blocks have been processed) so the confirmed tx cannot disappear like
1588 // a mempool tx can. The coin may now be spent after we submitted a tx to mempool, but
1589 // we have already checked that the package does not have 2 transactions spending the same coin
1590 // and we check whether a mempool transaction spends conflicting coins (CTxMemPool::GetConflictTx).
1591 // Keeping them in m_view is an optimization to not re-fetch confirmed coins if we later look up
1592 // inputs for this transaction again.
1593 for (const auto& outpoint : m_viewmempool.GetNonBaseCoins()) {
1594 // In addition to resetting m_viewmempool, we also need to manually delete these coins from
1595 // m_view because it caches copies of the coins it fetched from m_viewmempool previously.
1596 m_view.Uncache(outpoint);
1597 }
1598 // This deletes the temporary and mempool coins.
1599 m_viewmempool.Reset();
1600}
1601
1602PackageMempoolAcceptResult MemPoolAccept::AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
1603{
1605 AssertLockHeld(m_pool.cs);
1606 auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs) {
1607 if (subpackage.size() > 1) {
1608 return AcceptMultipleTransactionsInternal(subpackage, args);
1609 }
1610 const auto& tx = subpackage.front();
1611 ATMPArgs single_args = ATMPArgs::SingleInPackageAccept(args);
1612 const auto single_res = AcceptSingleTransactionInternal(tx, single_args);
1613 PackageValidationState package_state_wrapped;
1614 if (single_res.m_result_type != MempoolAcceptResult::ResultType::VALID) {
1615 package_state_wrapped.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1616 }
1617 return PackageMempoolAcceptResult(package_state_wrapped, {{tx->GetWitnessHash(), single_res}});
1618 }();
1619
1620 // Clean up m_view and m_viewmempool so that other subpackage evaluations don't have access to
1621 // coins they shouldn't. Keep some coins in order to minimize re-fetching coins from the UTXO set.
1622 // Clean up package feerate and rbf calculations
1623 ClearSubPackageState();
1624
1625 return result;
1626}
1627
1628PackageMempoolAcceptResult MemPoolAccept::AcceptPackage(const Package& package, ATMPArgs& args)
1629{
1630 Assert(!package.empty());
1632 // Used if returning a PackageMempoolAcceptResult directly from this function.
1633 PackageValidationState package_state_quit_early;
1634
1635 // There are two topologies we are able to handle through this function:
1636 // (1) A single transaction
1637 // (2) A child-with-parents package.
1638 // Check that the package is well-formed. If it isn't, we won't try to validate any of the
1639 // transactions and thus won't return any MempoolAcceptResults, just a package-wide error.
1640
1641 // Context-free package checks.
1642 if (!IsWellFormedPackage(package, package_state_quit_early)) {
1643 return PackageMempoolAcceptResult(package_state_quit_early, {});
1644 }
1645
1646 if (package.size() > 1 && !IsChildWithParents(package)) {
1647 // All transactions in the package must be a parent of the last transaction. This is just an
1648 // opportunity for us to fail fast on a context-free check without taking the mempool lock.
1649 package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-parents");
1650 return PackageMempoolAcceptResult(package_state_quit_early, {});
1651 }
1652
1653 LOCK(m_pool.cs);
1654 // Stores results from which we will create the returned PackageMempoolAcceptResult.
1655 // A result may be changed if a mempool transaction is evicted later due to LimitMempoolSize().
1656 std::map<Wtxid, MempoolAcceptResult> results_final;
1657 // Results from individual validation which will be returned if no other result is available for
1658 // this transaction. "Nonfinal" because if a transaction fails by itself but succeeds later
1659 // (i.e. when evaluated with a fee-bumping child), the result in this map may be discarded.
1660 std::map<Wtxid, MempoolAcceptResult> individual_results_nonfinal;
1661 // Tracks whether we think package submission could result in successful entry to the mempool
1662 bool quit_early{false};
1663 std::vector<CTransactionRef> txns_package_eval;
1664 for (const auto& tx : package) {
1665 const auto& wtxid = tx->GetWitnessHash();
1666 const auto& txid = tx->GetHash();
1667 // There are 3 possibilities: already in mempool, same-txid-diff-wtxid already in mempool,
1668 // or not in mempool. An already confirmed tx is treated as one not in mempool, because all
1669 // we know is that the inputs aren't available.
1670 if (m_pool.exists(wtxid)) {
1671 // Exact transaction already exists in the mempool.
1672 // Node operators are free to set their mempool policies however they please, nodes may receive
1673 // transactions in different orders, and malicious counterparties may try to take advantage of
1674 // policy differences to pin or delay propagation of transactions. As such, it's possible for
1675 // some package transaction(s) to already be in the mempool, and we don't want to reject the
1676 // entire package in that case (as that could be a censorship vector). De-duplicate the
1677 // transactions that are already in the mempool, and only call AcceptMultipleTransactions() with
1678 // the new transactions. This ensures we don't double-count transaction counts and sizes when
1679 // checking ancestor/descendant limits, or double-count transaction fees for fee-related policy.
1680 const auto& entry{*Assert(m_pool.GetEntry(txid))};
1681 results_final.emplace(wtxid, MempoolAcceptResult::MempoolTx(entry.GetTxSize(), entry.GetFee()));
1682 } else if (m_pool.exists(txid)) {
1683 // Transaction with the same non-witness data but different witness (same txid,
1684 // different wtxid) already exists in the mempool.
1685 //
1686 // We don't allow replacement transactions right now, so just swap the package
1687 // transaction for the mempool one. Note that we are ignoring the validity of the
1688 // package transaction passed in.
1689 // TODO: allow witness replacement in packages.
1690 const auto& entry{*Assert(m_pool.GetEntry(txid))};
1691 // Provide the wtxid of the mempool tx so that the caller can look it up in the mempool.
1692 results_final.emplace(wtxid, MempoolAcceptResult::MempoolTxDifferentWitness(entry.GetTx().GetWitnessHash()));
1693 } else {
1694 // Transaction does not already exist in the mempool.
1695 // Try submitting the transaction on its own.
1696 const auto single_package_res = AcceptSubPackage({tx}, args);
1697 const auto& single_res = single_package_res.m_tx_results.at(wtxid);
1698 if (single_res.m_result_type == MempoolAcceptResult::ResultType::VALID) {
1699 // The transaction succeeded on its own and is now in the mempool. Don't include it
1700 // in package validation, because its fees should only be "used" once.
1701 assert(m_pool.exists(wtxid));
1702 results_final.emplace(wtxid, single_res);
1703 } else if (package.size() == 1 || // If there is only one transaction, no need to retry it "as a package"
1704 (single_res.m_state.GetResult() != TxValidationResult::TX_RECONSIDERABLE &&
1705 single_res.m_state.GetResult() != TxValidationResult::TX_MISSING_INPUTS)) {
1706 // Package validation policy only differs from individual policy in its evaluation
1707 // of feerate. For example, if a transaction fails here due to violation of a
1708 // consensus rule, the result will not change when it is submitted as part of a
1709 // package. To minimize the amount of repeated work, unless the transaction fails
1710 // due to feerate or missing inputs (its parent is a previous transaction in the
1711 // package that failed due to feerate), don't run package validation. Note that this
1712 // decision might not make sense if different types of packages are allowed in the
1713 // future. Continue individually validating the rest of the transactions, because
1714 // some of them may still be valid.
1715 quit_early = true;
1716 package_state_quit_early.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1717 individual_results_nonfinal.emplace(wtxid, single_res);
1718 } else {
1719 individual_results_nonfinal.emplace(wtxid, single_res);
1720 txns_package_eval.push_back(tx);
1721 }
1722 }
1723 }
1724
1725 auto multi_submission_result = quit_early || txns_package_eval.empty() ? PackageMempoolAcceptResult(package_state_quit_early, {}) :
1726 AcceptSubPackage(txns_package_eval, args);
1727 PackageValidationState& package_state_final = multi_submission_result.m_state;
1728
1729 // This is invoked by AcceptSubPackage() already, so this is just here for
1730 // clarity (since it's not permitted to invoke LimitMempoolSize() while a
1731 // changeset is outstanding).
1732 ClearSubPackageState();
1733
1734 // Make sure we haven't exceeded max mempool size.
1735 // Package transactions that were submitted to mempool or already in mempool may be evicted.
1736 // If mempool contents change, then the m_view cache is dirty. It has already been cleared above.
1737 LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1738
1739 for (const auto& tx : package) {
1740 const auto& wtxid = tx->GetWitnessHash();
1741 if (multi_submission_result.m_tx_results.contains(wtxid)) {
1742 // We shouldn't have re-submitted if the tx result was already in results_final.
1743 Assume(!results_final.contains(wtxid));
1744 // If it was submitted, check to see if the tx is still in the mempool. It could have
1745 // been evicted due to LimitMempoolSize() above.
1746 const auto& txresult = multi_submission_result.m_tx_results.at(wtxid);
1747 if (txresult.m_result_type == MempoolAcceptResult::ResultType::VALID && !m_pool.exists(wtxid)) {
1748 package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1749 TxValidationState mempool_full_state;
1750 mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1751 results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1752 } else {
1753 results_final.emplace(wtxid, txresult);
1754 }
1755 } else if (const auto it{results_final.find(wtxid)}; it != results_final.end()) {
1756 // Already-in-mempool transaction. Check to see if it's still there, as it could have
1757 // been evicted when LimitMempoolSize() was called.
1758 Assume(it->second.m_result_type != MempoolAcceptResult::ResultType::INVALID);
1759 Assume(!individual_results_nonfinal.contains(wtxid));
1760 // Query by txid to include the same-txid-different-witness ones.
1761 if (!m_pool.exists(tx->GetHash())) {
1762 package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1763 TxValidationState mempool_full_state;
1764 mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1765 // Replace the previous result.
1766 results_final.erase(wtxid);
1767 results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1768 }
1769 } else if (const auto it{individual_results_nonfinal.find(wtxid)}; it != individual_results_nonfinal.end()) {
1770 Assume(it->second.m_result_type == MempoolAcceptResult::ResultType::INVALID);
1771 // Interesting result from previous processing.
1772 results_final.emplace(wtxid, it->second);
1773 }
1774 }
1775 Assume(results_final.size() == package.size());
1776 return PackageMempoolAcceptResult(package_state_final, std::move(results_final));
1777}
1778
1779} // anon namespace
1780
1782 int64_t accept_time, bool bypass_limits, bool test_accept)
1783{
1785 const CChainParams& chainparams{active_chainstate.m_chainman.GetParams()};
1786 assert(active_chainstate.GetMempool() != nullptr);
1787 CTxMemPool& pool{*active_chainstate.GetMempool()};
1788
1789 std::vector<COutPoint> coins_to_uncache;
1790
1791 auto args = MemPoolAccept::ATMPArgs::SingleAccept(chainparams, accept_time, bypass_limits, coins_to_uncache, test_accept);
1792 MempoolAcceptResult result = MemPoolAccept(pool, active_chainstate).AcceptSingleTransactionAndCleanup(tx, args);
1793
1795 // Remove coins that were not present in the coins cache before calling
1796 // AcceptSingleTransaction(); this is to prevent memory DoS in case we receive a large
1797 // number of invalid transactions that attempt to overrun the in-memory coins cache
1798 // (`CCoinsViewCache::cacheCoins`).
1799
1800 for (const COutPoint& hashTx : coins_to_uncache)
1801 active_chainstate.CoinsTip().Uncache(hashTx);
1802 TRACEPOINT(mempool, rejected,
1803 tx->GetHash().data(),
1804 result.m_state.GetRejectReason().c_str()
1805 );
1806 }
1807 // After we've (potentially) uncached entries, ensure our coins cache is still within its size limits
1808 BlockValidationState state_dummy;
1809 active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1810 return result;
1811}
1812
1814 const Package& package, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
1815{
1817 assert(!package.empty());
1818 assert(std::all_of(package.cbegin(), package.cend(), [](const auto& tx){return tx != nullptr;}));
1819
1820 std::vector<COutPoint> coins_to_uncache;
1821 const CChainParams& chainparams = active_chainstate.m_chainman.GetParams();
1822 auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
1824 if (test_accept) {
1825 auto args = MemPoolAccept::ATMPArgs::PackageTestAccept(chainparams, GetTime(), coins_to_uncache);
1826 return MemPoolAccept(pool, active_chainstate).AcceptMultipleTransactionsAndCleanup(package, args);
1827 } else {
1828 auto args = MemPoolAccept::ATMPArgs::PackageChildWithParents(chainparams, GetTime(), coins_to_uncache, client_maxfeerate);
1829 return MemPoolAccept(pool, active_chainstate).AcceptPackage(package, args);
1830 }
1831 }();
1832
1833 // Uncache coins pertaining to transactions that were not submitted to the mempool.
1834 if (test_accept || result.m_state.IsInvalid()) {
1835 for (const COutPoint& hashTx : coins_to_uncache) {
1836 active_chainstate.CoinsTip().Uncache(hashTx);
1837 }
1838 }
1839 // Ensure the coins cache is still within limits.
1840 BlockValidationState state_dummy;
1841 active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1842 return result;
1843}
1844
1846{
1847 int halvings = nHeight / consensusParams.nSubsidyHalvingInterval;
1848 // Force block reward to zero when right shift is undefined.
1849 if (halvings >= 64)
1850 return 0;
1851
1852 CAmount nSubsidy = 50 * COIN;
1853 // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years.
1854 nSubsidy >>= halvings;
1855 return nSubsidy;
1856}
1857
1859 : m_dbview{std::move(db_params), std::move(options)},
1860 m_catcherview(&m_dbview) {}
1861
1862void CoinsViews::InitCache()
1863{
1865 m_cacheview = std::make_unique<CCoinsViewCache>(&m_catcherview);
1866 m_connect_block_view = std::make_unique<CoinsViewOverlay>(&*m_cacheview);
1867}
1868
1870 CTxMemPool* mempool,
1871 BlockManager& blockman,
1872 ChainstateManager& chainman,
1873 std::optional<uint256> from_snapshot_blockhash)
1874 : m_mempool(mempool),
1875 m_blockman(blockman),
1876 m_chainman(chainman),
1877 m_assumeutxo(from_snapshot_blockhash ? Assumeutxo::UNVALIDATED : Assumeutxo::VALIDATED),
1878 m_from_snapshot_blockhash(from_snapshot_blockhash) {}
1879
1881{
1882 fs::path path{m_chainman.m_options.datadir / "chainstate"};
1885 }
1886 return path;
1887}
1888
1889const CBlockIndex* Chainstate::SnapshotBase() const
1890{
1891 if (!m_from_snapshot_blockhash) return nullptr;
1892 if (!m_cached_snapshot_base) m_cached_snapshot_base = Assert(m_chainman.m_blockman.LookupBlockIndex(*m_from_snapshot_blockhash));
1893 return m_cached_snapshot_base;
1894}
1895
1896const CBlockIndex* Chainstate::TargetBlock() const
1897{
1898 if (!m_target_blockhash) return nullptr;
1899 if (!m_cached_target_block) m_cached_target_block = Assert(m_chainman.m_blockman.LookupBlockIndex(*m_target_blockhash));
1900 return m_cached_target_block;
1901}
1902
1903void Chainstate::SetTargetBlock(CBlockIndex* block)
1904{
1905 if (block) {
1906 m_target_blockhash = block->GetBlockHash();
1907 } else {
1908 m_target_blockhash.reset();
1909 }
1910 m_cached_target_block = block;
1911}
1912
1913void Chainstate::SetTargetBlockHash(uint256 block_hash)
1914{
1915 m_target_blockhash = block_hash;
1916 m_cached_target_block = nullptr;
1917}
1918
1920 size_t cache_size_bytes,
1921 bool in_memory,
1922 bool should_wipe)
1923{
1924 m_coins_views = std::make_unique<CoinsViews>(
1925 DBParams{
1926 .path = StoragePath(),
1927 .cache_bytes = cache_size_bytes,
1928 .memory_only = in_memory,
1929 .wipe_data = should_wipe,
1930 .obfuscate = true,
1931 .options = m_chainman.m_options.coins_db},
1933
1934 m_coinsdb_cache_size_bytes = cache_size_bytes;
1935}
1936
1937void Chainstate::InitCoinsCache(size_t cache_size_bytes)
1938{
1940 assert(m_coins_views != nullptr);
1941 m_coinstip_cache_size_bytes = cache_size_bytes;
1942 m_coins_views->InitCache();
1943}
1944
1945// Lock-free: depends on `m_cached_is_ibd`, which is latched by `UpdateIBDStatus()`.
1947{
1948 return m_cached_is_ibd.load(std::memory_order_relaxed);
1949}
1950
1952{
1954
1955 if (this->GetRole().historical) {
1956 return;
1957 }
1958
1959 if (m_chainman.m_best_invalid && m_chainman.m_best_invalid->nChainWork > m_chain.Tip()->nChainWork + (GetBlockProof(*m_chain.Tip()) * 6)) {
1960 LogWarning("Found invalid chain more than 6 blocks longer than our best chain. This could be due to database corruption or consensus incompatibility with peers.");
1963 _("Warning: Found invalid chain more than 6 blocks longer than our best chain. This could be due to database corruption or consensus incompatibility with peers."));
1964 } else {
1966 }
1967}
1968
1969// Called both upon regular invalid block discovery *and* InvalidateBlock
1971{
1973 if (!m_chainman.m_best_invalid || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork) {
1974 m_chainman.m_best_invalid = pindexNew;
1975 }
1976 SetBlockFailureFlags(pindexNew);
1977 if (m_chainman.m_best_header != nullptr && m_chainman.m_best_header->GetAncestor(pindexNew->nHeight) == pindexNew) {
1978 m_chainman.RecalculateBestHeader();
1979 }
1980
1981 LogInfo("%s: invalid block=%s height=%d log2_work=%f date=%s", __func__,
1982 pindexNew->GetBlockHash().ToString(), pindexNew->nHeight,
1983 log(pindexNew->nChainWork.getdouble())/log(2.0), FormatISO8601DateTime(pindexNew->GetBlockTime()));
1984 CBlockIndex *tip = m_chain.Tip();
1985 assert (tip);
1986 LogInfo("%s: current best=%s height=%d log2_work=%f date=%s", __func__,
1987 tip->GetBlockHash().ToString(), m_chain.Height(), log(tip->nChainWork.getdouble())/log(2.0),
1990}
1991
1992// Same as InvalidChainFound, above, except not called directly from InvalidateBlock,
1993// which does its own setBlockIndexCandidates management.
1995{
1998 pindex->nStatus |= BLOCK_FAILED_VALID;
1999 m_blockman.m_dirty_blockindex.insert(pindex);
2000 setBlockIndexCandidates.erase(pindex);
2001 InvalidChainFound(pindex);
2002 }
2003}
2004
2005void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo &txundo, int nHeight)
2006{
2007 // mark inputs spent
2008 if (!tx.IsCoinBase()) {
2009 txundo.vprevout.reserve(tx.vin.size());
2010 for (const CTxIn &txin : tx.vin) {
2011 txundo.vprevout.emplace_back();
2012 bool is_spent = inputs.SpendCoin(txin.prevout, &txundo.vprevout.back());
2013 assert(is_spent);
2014 }
2015 }
2016 // add outputs
2017 AddCoins(inputs, tx, nHeight);
2018}
2019
2020std::optional<std::pair<ScriptError, std::string>> CScriptCheck::operator()() {
2021 const CScript &scriptSig = ptxTo->vin[nIn].scriptSig;
2022 const CScriptWitness *witness = &ptxTo->vin[nIn].scriptWitness;
2025 return std::nullopt;
2026 } else {
2027 auto debug_str = strprintf("input %i of %s (wtxid %s), spending %s:%i", nIn, ptxTo->GetHash().ToString(), ptxTo->GetWitnessHash().ToString(), ptxTo->vin[nIn].prevout.hash.ToString(), ptxTo->vin[nIn].prevout.n);
2028 return std::make_pair(error, std::move(debug_str));
2029 }
2030}
2031
2032ValidationCache::ValidationCache(const size_t script_execution_cache_bytes, const size_t signature_cache_bytes)
2033 : m_signature_cache{signature_cache_bytes}
2034{
2035 // Setup the salted hasher
2037 // We want the nonce to be 64 bytes long to force the hasher to process
2038 // this chunk, which makes later hash computations more efficient. We
2039 // just write our 32-byte entropy twice to fill the 64 bytes.
2042
2043 const auto [num_elems, approx_size_bytes] = m_script_execution_cache.setup_bytes(script_execution_cache_bytes);
2044 LogInfo("Using %zu MiB out of %zu MiB requested for script execution cache, able to store %zu elements",
2045 approx_size_bytes >> 20, script_execution_cache_bytes >> 20, num_elems);
2046}
2047
2068 const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
2069 bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
2070 ValidationCache& validation_cache,
2071 std::vector<CScriptCheck>* pvChecks)
2072{
2073 if (tx.IsCoinBase()) return true;
2074
2075 if (pvChecks) {
2076 pvChecks->reserve(tx.vin.size());
2077 }
2078
2079 // First check if script executions have been cached with the same
2080 // flags. Note that this assumes that the inputs provided are
2081 // correct (ie that the transaction hash which is in tx's prevouts
2082 // properly commits to the scriptPubKey in the inputs view of that
2083 // transaction).
2084 uint256 hashCacheEntry;
2085 CSHA256 hasher = validation_cache.ScriptExecutionCacheHasher();
2086 hasher.Write(UCharCast(tx.GetWitnessHash().begin()), 32).Write((unsigned char*)&flags, sizeof(flags)).Finalize(hashCacheEntry.begin());
2087 AssertLockHeld(cs_main); //TODO: Remove this requirement by making CuckooCache not require external locks
2088 if (validation_cache.m_script_execution_cache.contains(hashCacheEntry, !cacheFullScriptStore)) {
2089 return true;
2090 }
2091
2092 if (!txdata.m_spent_outputs_ready) {
2093 std::vector<CTxOut> spent_outputs;
2094 spent_outputs.reserve(tx.vin.size());
2095
2096 for (const auto& txin : tx.vin) {
2097 const COutPoint& prevout = txin.prevout;
2098 const Coin& coin = inputs.AccessCoin(prevout);
2099 assert(!coin.IsSpent());
2100 spent_outputs.emplace_back(coin.out);
2101 }
2102 txdata.Init(tx, std::move(spent_outputs));
2103 }
2104 assert(txdata.m_spent_outputs.size() == tx.vin.size());
2105
2106 for (unsigned int i = 0; i < tx.vin.size(); i++) {
2107
2108 // We very carefully only pass in things to CScriptCheck which
2109 // are clearly committed to by tx' witness hash. This provides
2110 // a sanity check that our caching is not introducing consensus
2111 // failures through additional data in, eg, the coins being
2112 // spent being checked as a part of CScriptCheck.
2113
2114 // Verify signature
2115 CScriptCheck check(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i, flags, cacheSigStore, &txdata);
2116 if (pvChecks) {
2117 pvChecks->emplace_back(std::move(check));
2118 } else if (auto result = check(); result.has_value()) {
2119 // Tx failures never trigger disconnections/bans.
2120 // This is so that network splits aren't triggered
2121 // either due to non-consensus relay policies (such as
2122 // non-standard DER encodings or non-null dummy
2123 // arguments) or due to new consensus rules introduced in
2124 // soft forks.
2126 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("mempool-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
2127 } else {
2128 return state.Invalid(TxValidationResult::TX_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
2129 }
2130 }
2131 }
2132
2133 if (cacheFullScriptStore && !pvChecks) {
2134 // We executed all of the provided scripts, and were told to
2135 // cache the result. Do so now.
2136 validation_cache.m_script_execution_cache.insert(hashCacheEntry);
2137 }
2138
2139 return true;
2140}
2141
2142bool FatalError(Notifications& notifications, BlockValidationState& state, const bilingual_str& message)
2143{
2144 notifications.fatalError(message);
2145 return state.Error(message.original);
2146}
2147
2156{
2157 bool fClean = true;
2158
2159 if (view.HaveCoin(out)) fClean = false; // overwriting transaction output
2160
2161 if (undo.nHeight == 0) {
2162 // Missing undo metadata (height and coinbase). Older versions included this
2163 // information only in undo records for the last spend of a transactions'
2164 // outputs. This implies that it must be present for some other output of the same tx.
2165 const Coin& alternate = AccessByTxid(view, out.hash);
2166 if (!alternate.IsSpent()) {
2167 undo.nHeight = alternate.nHeight;
2168 undo.fCoinBase = alternate.fCoinBase;
2169 } else {
2170 return DISCONNECT_FAILED; // adding output for transaction without known metadata
2171 }
2172 }
2173 // If the coin already exists as an unspent coin in the cache, then the
2174 // possible_overwrite parameter to AddCoin must be set to true. We have
2175 // already checked whether an unspent coin exists above using HaveCoin, so
2176 // we don't need to guess. When fClean is false, an unspent coin already
2177 // existed and it is an overwrite.
2178 view.AddCoin(out, std::move(undo), !fClean);
2179
2180 return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2181}
2182
2185DisconnectResult Chainstate::DisconnectBlock(const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
2186{
2188 bool fClean = true;
2189
2190 CBlockUndo blockUndo;
2191 if (!m_blockman.ReadBlockUndo(blockUndo, *pindex)) {
2192 LogError("DisconnectBlock(): failure reading undo data\n");
2193 return DISCONNECT_FAILED;
2194 }
2195
2196 if (blockUndo.vtxundo.size() + 1 != block.vtx.size()) {
2197 LogError("DisconnectBlock(): block and undo data inconsistent\n");
2198 return DISCONNECT_FAILED;
2199 }
2200
2201 // Ignore blocks that contain transactions which are 'overwritten' by later transactions,
2202 // unless those are already completely spent.
2203 // See https://github.com/bitcoin/bitcoin/issues/22596 for additional information.
2204 // Note: the blocks specified here are different than the ones used in ConnectBlock because DisconnectBlock
2205 // unwinds the blocks in reverse. As a result, the inconsistency is not discovered until the earlier
2206 // blocks with the duplicate coinbase transactions are disconnected.
2207 bool fEnforceBIP30 = !((pindex->nHeight==91722 && pindex->GetBlockHash() == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
2208 (pindex->nHeight==91812 && pindex->GetBlockHash() == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"}));
2209
2210 // undo transactions in reverse order
2211 for (int i = block.vtx.size() - 1; i >= 0; i--) {
2212 const CTransaction &tx = *(block.vtx[i]);
2213 Txid hash = tx.GetHash();
2214 bool is_coinbase = tx.IsCoinBase();
2215 bool is_bip30_exception = (is_coinbase && !fEnforceBIP30);
2216
2217 // Check that all outputs are available and match the outputs in the block itself
2218 // exactly.
2219 for (size_t o = 0; o < tx.vout.size(); o++) {
2220 if (!tx.vout[o].scriptPubKey.IsUnspendable()) {
2221 COutPoint out(hash, o);
2222 Coin coin;
2223 bool is_spent = view.SpendCoin(out, &coin);
2224 if (!is_spent || tx.vout[o] != coin.out || pindex->nHeight != coin.nHeight || is_coinbase != coin.IsCoinBase()) {
2225 if (!is_bip30_exception) {
2226 fClean = false; // transaction output mismatch
2227 }
2228 }
2229 }
2230 }
2231
2232 // restore inputs
2233 if (i > 0) { // not coinbases
2234 CTxUndo &txundo = blockUndo.vtxundo[i-1];
2235 if (txundo.vprevout.size() != tx.vin.size()) {
2236 LogError("DisconnectBlock(): transaction and undo data inconsistent\n");
2237 return DISCONNECT_FAILED;
2238 }
2239 for (unsigned int j = tx.vin.size(); j > 0;) {
2240 --j;
2241 const COutPoint& out = tx.vin[j].prevout;
2242 int res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
2243 if (res == DISCONNECT_FAILED) return DISCONNECT_FAILED;
2244 fClean = fClean && res != DISCONNECT_UNCLEAN;
2245 }
2246 // At this point, all of txundo.vprevout should have been moved out.
2247 }
2248 }
2249
2250 // move best block pointer to prevout block
2251 view.SetBestBlock(pindex->pprev->GetBlockHash());
2252
2253 return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2254}
2255
2257{
2258 const Consensus::Params& consensusparams = chainman.GetConsensus();
2259
2260 // BIP16 didn't become active until Apr 1 2012 (on mainnet, and
2261 // retroactively applied to testnet)
2262 // However, only one historical block violated the P2SH rules (on both
2263 // mainnet and testnet).
2264 // Similarly, only one historical block violated the TAPROOT rules on
2265 // mainnet.
2266 // For simplicity, always leave P2SH+WITNESS+TAPROOT on except for the two
2267 // violating blocks.
2269 const auto it{consensusparams.script_flag_exceptions.find(*Assert(block_index.phashBlock))};
2270 if (it != consensusparams.script_flag_exceptions.end()) {
2271 flags = it->second;
2272 }
2273
2274 // Enforce the DERSIG (BIP66) rule
2275 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_DERSIG)) {
2277 }
2278
2279 // Enforce CHECKLOCKTIMEVERIFY (BIP65)
2280 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CLTV)) {
2282 }
2283
2284 // Enforce CHECKSEQUENCEVERIFY (BIP112)
2285 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CSV)) {
2287 }
2288
2289 // Enforce BIP147 NULLDUMMY (activated simultaneously with segwit)
2290 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_SEGWIT)) {
2292 }
2293
2294 return flags;
2295}
2296
2297
2301bool Chainstate::ConnectBlock(const CBlock& block, BlockValidationState& state, CBlockIndex* pindex,
2302 CCoinsViewCache& view, bool fJustCheck)
2303{
2305 assert(pindex);
2306
2307 uint256 block_hash{block.GetHash()};
2308 assert(*pindex->phashBlock == block_hash);
2309
2310 const auto time_start{SteadyClock::now()};
2311 const CChainParams& params{m_chainman.GetParams()};
2312
2313 // Check it again in case a previous version let a bad block in
2314 // NOTE: We don't currently (re-)invoke ContextualCheckBlock() or
2315 // ContextualCheckBlockHeader() here. This means that if we add a new
2316 // consensus rule that is enforced in one of those two functions, then we
2317 // may have let in a block that violates the rule prior to updating the
2318 // software, and we would NOT be enforcing the rule here. Fully solving
2319 // upgrade from one software version to the next after a consensus rule
2320 // change is potentially tricky and issue-specific (see NeedsRedownload()
2321 // for one approach that was used for BIP 141 deployment).
2322 // Also, currently the rule against blocks more than 2 hours in the future
2323 // is enforced in ContextualCheckBlockHeader(); we wouldn't want to
2324 // re-enforce that rule here (at least until we make it impossible for
2325 // the clock to go backward).
2326 if (!CheckBlock(block, state, params.GetConsensus(), !fJustCheck, !fJustCheck)) {
2328 // We don't write down blocks to disk if they may have been
2329 // corrupted, so this should be impossible unless we're having hardware
2330 // problems.
2331 return FatalError(m_chainman.GetNotifications(), state, _("Corrupt block found indicating potential hardware failure."));
2332 }
2333 LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
2334 return false;
2335 }
2336
2337 // verify that the view's current state corresponds to the previous block
2338 uint256 hashPrevBlock = pindex->pprev == nullptr ? uint256() : pindex->pprev->GetBlockHash();
2339 assert(hashPrevBlock == view.GetBestBlock());
2340
2341 m_chainman.num_blocks_total++;
2342
2343 // Special case for the genesis block, skipping connection of its transactions
2344 // (its coinbase is unspendable)
2345 if (block_hash == params.GetConsensus().hashGenesisBlock) {
2346 if (!fJustCheck)
2347 view.SetBestBlock(pindex->GetBlockHash());
2348 return true;
2349 }
2350
2351 const char* script_check_reason;
2353 script_check_reason = "assumevalid=0 (always verify)";
2354 } else {
2355 constexpr int64_t TWO_WEEKS_IN_SECONDS{60 * 60 * 24 * 7 * 2};
2356 // We've been configured with the hash of a block which has been externally verified to have a valid history.
2357 // A suitable default value is included with the software and updated from time to time. Because validity
2358 // relative to a piece of software is an objective fact these defaults can be easily reviewed.
2359 // This setting doesn't force the selection of any particular chain but makes validating some faster by
2360 // effectively caching the result of part of the verification.
2361 BlockMap::const_iterator it{m_blockman.m_block_index.find(m_chainman.AssumedValidBlock())};
2362 if (it == m_blockman.m_block_index.end()) {
2363 script_check_reason = "assumevalid hash not in headers";
2364 } else if (it->second.GetAncestor(pindex->nHeight) != pindex) {
2365 script_check_reason = (pindex->nHeight > it->second.nHeight) ? "block height above assumevalid height" : "block not in assumevalid chain";
2366 } else if (m_chainman.m_best_header->GetAncestor(pindex->nHeight) != pindex) {
2367 script_check_reason = "block not in best header chain";
2368 } else if (m_chainman.m_best_header->nChainWork < m_chainman.MinimumChainWork()) {
2369 script_check_reason = "best header chainwork below minimumchainwork";
2370 } else if (GetBlockProofEquivalentTime(*m_chainman.m_best_header, *pindex, *m_chainman.m_best_header, params.GetConsensus()) <= TWO_WEEKS_IN_SECONDS) {
2371 script_check_reason = "block too recent relative to best header";
2372 } else {
2373 // This block is a member of the assumed verified chain and an ancestor of the best header.
2374 // Script verification is skipped when connecting blocks under the
2375 // assumevalid block. Assuming the assumevalid block is valid this
2376 // is safe because block merkle hashes are still computed and checked,
2377 // Of course, if an assumed valid block is invalid due to false scriptSigs
2378 // this optimization would allow an invalid chain to be accepted.
2379 // The equivalent time check discourages hash power from extorting the network via DOS attack
2380 // into accepting an invalid block through telling users they must manually set assumevalid.
2381 // Requiring a software change or burying the invalid block, regardless of the setting, makes
2382 // it hard to hide the implication of the demand. This also avoids having release candidates
2383 // that are hardly doing any signature verification at all in testing without having to
2384 // artificially set the default assumed verified block further back.
2385 // The test against the minimum chain work prevents the skipping when denied access to any chain at
2386 // least as good as the expected chain.
2387 script_check_reason = nullptr;
2388 }
2389 }
2390
2391 const auto time_1{SteadyClock::now()};
2392 m_chainman.time_check += time_1 - time_start;
2393 LogDebug(BCLog::BENCH, " - Sanity checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2394 Ticks<MillisecondsDouble>(time_1 - time_start),
2395 Ticks<SecondsDouble>(m_chainman.time_check),
2396 Ticks<MillisecondsDouble>(m_chainman.time_check) / m_chainman.num_blocks_total);
2397
2398 // Do not allow blocks that contain transactions which 'overwrite' older transactions,
2399 // unless those are already completely spent.
2400 // If such overwrites are allowed, coinbases and transactions depending upon those
2401 // can be duplicated to remove the ability to spend the first instance -- even after
2402 // being sent to another address.
2403 // See BIP30, CVE-2012-1909, and https://r6.ca/blog/20120206T005236Z.html for more information.
2404 // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC.
2405 // Now that the whole chain is irreversibly beyond that time it is applied to all blocks except the
2406 // two in the chain that violate it. This prevents exploiting the issue against nodes during their
2407 // initial block download.
2408 bool fEnforceBIP30 = !IsBIP30Repeat(*pindex);
2409
2410 // Once BIP34 activated it was not possible to create new duplicate coinbases and thus other than starting
2411 // with the 2 existing duplicate coinbase pairs, not possible to create overwriting txs. But by the
2412 // time BIP34 activated, in each of the existing pairs the duplicate coinbase had overwritten the first
2413 // before the first had been spent. Since those coinbases are sufficiently buried it's no longer possible to create further
2414 // duplicate transactions descending from the known pairs either.
2415 // If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
2416
2417 // BIP34 requires that a block at height X (block X) has its coinbase
2418 // scriptSig start with a CScriptNum of X (indicated height X). The above
2419 // logic of no longer requiring BIP30 once BIP34 activates is flawed in the
2420 // case that there is a block X before the BIP34 height of 227,931 which has
2421 // an indicated height Y where Y is greater than X. The coinbase for block
2422 // X would also be a valid coinbase for block Y, which could be a BIP30
2423 // violation. An exhaustive search of all mainnet coinbases before the
2424 // BIP34 height which have an indicated height greater than the block height
2425 // reveals many occurrences. The 3 lowest indicated heights found are
2426 // 209,921, 490,897, and 1,983,702 and thus coinbases for blocks at these 3
2427 // heights would be the first opportunity for BIP30 to be violated.
2428
2429 // The search reveals a great many blocks which have an indicated height
2430 // greater than 1,983,702, so we simply remove the optimization to skip
2431 // BIP30 checking for blocks at height 1,983,702 or higher. Before we reach
2432 // that block in another 25 years or so, we should take advantage of a
2433 // future consensus change to do a new and improved version of BIP34 that
2434 // will actually prevent ever creating any duplicate coinbases in the
2435 // future.
2436 static constexpr int BIP34_IMPLIES_BIP30_LIMIT = 1983702;
2437
2438 // There is no potential to create a duplicate coinbase at block 209,921
2439 // because this is still before the BIP34 height and so explicit BIP30
2440 // checking is still active.
2441
2442 // The final case is block 176,684 which has an indicated height of
2443 // 490,897. Unfortunately, this issue was not discovered until about 2 weeks
2444 // before block 490,897 so there was not much opportunity to address this
2445 // case other than to carefully analyze it and determine it would not be a
2446 // problem. Block 490,897 was, in fact, mined with a different coinbase than
2447 // block 176,684, but it is important to note that even if it hadn't been or
2448 // is remined on an alternate fork with a duplicate coinbase, we would still
2449 // not run into a BIP30 violation. This is because the coinbase for 176,684
2450 // is spent in block 185,956 in transaction
2451 // d4f7fbbf92f4a3014a230b2dc70b8058d02eb36ac06b4a0736d9d60eaa9e8781. This
2452 // spending transaction can't be duplicated because it also spends coinbase
2453 // 0328dd85c331237f18e781d692c92de57649529bd5edf1d01036daea32ffde29. This
2454 // coinbase has an indicated height of over 4.2 billion, and wouldn't be
2455 // duplicatable until that height, and it's currently impossible to create a
2456 // chain that long. Nevertheless we may wish to consider a future soft fork
2457 // which retroactively prevents block 490,897 from creating a duplicate
2458 // coinbase. The two historical BIP30 violations often provide a confusing
2459 // edge case when manipulating the UTXO and it would be simpler not to have
2460 // another edge case to deal with.
2461
2462 // testnet3 has no blocks before the BIP34 height with indicated heights
2463 // post BIP34 before approximately height 486,000,000. After block
2464 // 1,983,702 testnet3 starts doing unnecessary BIP30 checking again.
2465 assert(pindex->pprev);
2466 CBlockIndex* pindexBIP34height = pindex->pprev->GetAncestor(params.GetConsensus().BIP34Height);
2467 //Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
2468 fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == params.GetConsensus().BIP34Hash));
2469
2470 // TODO: Remove BIP30 checking from block height 1,983,702 on, once we have a
2471 // consensus change that ensures coinbases at those heights cannot
2472 // duplicate earlier coinbases.
2473 if (fEnforceBIP30 || pindex->nHeight >= BIP34_IMPLIES_BIP30_LIMIT) {
2474 for (const auto& tx : block.vtx) {
2475 for (size_t o = 0; o < tx->vout.size(); o++) {
2476 if (view.HaveCoin(COutPoint(tx->GetHash(), o))) {
2477 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-BIP30",
2478 "tried to overwrite transaction");
2479 }
2480 }
2481 }
2482 }
2483
2484 // Enforce BIP68 (sequence locks)
2485 int nLockTimeFlags = 0;
2487 nLockTimeFlags |= LOCKTIME_VERIFY_SEQUENCE;
2488 }
2489
2490 // Get the script flags for this block
2492
2493 const auto time_2{SteadyClock::now()};
2494 m_chainman.time_forks += time_2 - time_1;
2495 LogDebug(BCLog::BENCH, " - Fork checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2496 Ticks<MillisecondsDouble>(time_2 - time_1),
2497 Ticks<SecondsDouble>(m_chainman.time_forks),
2498 Ticks<MillisecondsDouble>(m_chainman.time_forks) / m_chainman.num_blocks_total);
2499
2500 const bool fScriptChecks{!!script_check_reason};
2501 const kernel::ChainstateRole role{GetRole()};
2502 if (script_check_reason != m_last_script_check_reason_logged && role.validated && !role.historical) {
2503 if (fScriptChecks) {
2504 LogInfo("Enabling script verification at block #%d (%s): %s.",
2505 pindex->nHeight, block_hash.ToString(), script_check_reason);
2506 } else {
2507 LogInfo("Disabling script verification at block #%d (%s).",
2508 pindex->nHeight, block_hash.ToString());
2509 }
2510 m_last_script_check_reason_logged = script_check_reason;
2511 }
2512
2513 CBlockUndo blockundo;
2514
2515 // Precomputed transaction data pointers must not be invalidated
2516 // until after `control` has run the script checks (potentially
2517 // in multiple threads). Preallocate the vector size so a new allocation
2518 // doesn't invalidate pointers into the vector, and keep txsdata in scope
2519 // for as long as `control`.
2520 std::vector<PrecomputedTransactionData> txsdata(block.vtx.size());
2521 std::optional<CCheckQueueControl<CScriptCheck>> control;
2522 if (auto& queue = m_chainman.GetCheckQueue(); queue.HasThreads() && fScriptChecks) control.emplace(queue);
2523
2524 std::vector<int> prevheights;
2525 CAmount nFees = 0;
2526 int nInputs = 0;
2527 int64_t nSigOpsCost = 0;
2528 blockundo.vtxundo.reserve(block.vtx.size() - 1);
2529 for (unsigned int i = 0; i < block.vtx.size(); i++)
2530 {
2531 if (!state.IsValid()) break;
2532 const CTransaction &tx = *(block.vtx[i]);
2533
2534 nInputs += tx.vin.size();
2535
2536 if (!tx.IsCoinBase())
2537 {
2538 CAmount txfee = 0;
2539 TxValidationState tx_state;
2540 if (!Consensus::CheckTxInputs(tx, tx_state, view, pindex->nHeight, txfee)) {
2541 // Any transaction validation failure in ConnectBlock is a block consensus failure
2543 tx_state.GetRejectReason(),
2544 tx_state.GetDebugMessage() + " in transaction " + tx.GetHash().ToString());
2545 break;
2546 }
2547 nFees += txfee;
2548 if (!MoneyRange(nFees)) {
2549 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-accumulated-fee-outofrange",
2550 "accumulated fee in the block out of range");
2551 break;
2552 }
2553
2554 // Check that transaction is BIP68 final
2555 // BIP68 lock checks (as opposed to nLockTime checks) must
2556 // be in ConnectBlock because they require the UTXO set
2557 prevheights.resize(tx.vin.size());
2558 for (size_t j = 0; j < tx.vin.size(); j++) {
2559 prevheights[j] = view.AccessCoin(tx.vin[j].prevout).nHeight;
2560 }
2561
2562 if (!SequenceLocks(tx, nLockTimeFlags, prevheights, *pindex)) {
2563 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal",
2564 "contains a non-BIP68-final transaction " + tx.GetHash().ToString());
2565 break;
2566 }
2567 }
2568
2569 // GetTransactionSigOpCost counts 3 types of sigops:
2570 // * legacy (always)
2571 // * p2sh (when P2SH enabled in flags and excludes coinbase)
2572 // * witness (when witness enabled in flags and excludes coinbase)
2573 nSigOpsCost += GetTransactionSigOpCost(tx, view, flags);
2574 if (nSigOpsCost > MAX_BLOCK_SIGOPS_COST) {
2575 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "too many sigops");
2576 break;
2577 }
2578
2579 if (!tx.IsCoinBase() && fScriptChecks)
2580 {
2581 bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
2582 bool tx_ok;
2583 TxValidationState tx_state;
2584 // If CheckInputScripts is called with a pointer to a checks vector, the resulting checks are appended to it. In that case
2585 // they need to be added to control which runs them asynchronously. Otherwise, CheckInputScripts runs the checks before returning.
2586 if (control) {
2587 std::vector<CScriptCheck> vChecks;
2588 tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache, &vChecks);
2589 if (tx_ok) control->Add(std::move(vChecks));
2590 } else {
2591 tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache);
2592 }
2593 if (!tx_ok) {
2594 // Any transaction validation failure in ConnectBlock is a block consensus failure
2596 tx_state.GetRejectReason(), tx_state.GetDebugMessage());
2597 break;
2598 }
2599 }
2600
2601 CTxUndo undoDummy;
2602 if (i > 0) {
2603 blockundo.vtxundo.emplace_back();
2604 }
2605 UpdateCoins(tx, view, i == 0 ? undoDummy : blockundo.vtxundo.back(), pindex->nHeight);
2606 }
2607 const auto time_3{SteadyClock::now()};
2608 m_chainman.time_connect += time_3 - time_2;
2609 LogDebug(BCLog::BENCH, " - Connect %u transactions: %.2fms (%.3fms/tx, %.3fms/txin) [%.2fs (%.2fms/blk)]\n", (unsigned)block.vtx.size(),
2610 Ticks<MillisecondsDouble>(time_3 - time_2), Ticks<MillisecondsDouble>(time_3 - time_2) / block.vtx.size(),
2611 nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_3 - time_2) / (nInputs - 1),
2612 Ticks<SecondsDouble>(m_chainman.time_connect),
2613 Ticks<MillisecondsDouble>(m_chainman.time_connect) / m_chainman.num_blocks_total);
2614
2615 CAmount blockReward = nFees + GetBlockSubsidy(pindex->nHeight, params.GetConsensus());
2616 if (block.vtx[0]->GetValueOut() > blockReward && state.IsValid()) {
2617 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-amount",
2618 strprintf("coinbase pays too much (actual=%d vs limit=%d)", block.vtx[0]->GetValueOut(), blockReward));
2619 }
2620 if (control) {
2621 auto parallel_result = control->Complete();
2622 if (parallel_result.has_value() && state.IsValid()) {
2623 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(parallel_result->first)), parallel_result->second);
2624 }
2625 }
2626 if (!state.IsValid()) {
2627 LogInfo("Block validation error: %s", state.ToString());
2628 return false;
2629 }
2630 const auto time_4{SteadyClock::now()};
2631 m_chainman.time_verify += time_4 - time_2;
2632 LogDebug(BCLog::BENCH, " - Verify %u txins: %.2fms (%.3fms/txin) [%.2fs (%.2fms/blk)]\n", nInputs - 1,
2633 Ticks<MillisecondsDouble>(time_4 - time_2),
2634 nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_4 - time_2) / (nInputs - 1),
2635 Ticks<SecondsDouble>(m_chainman.time_verify),
2636 Ticks<MillisecondsDouble>(m_chainman.time_verify) / m_chainman.num_blocks_total);
2637
2638 if (fJustCheck) {
2639 return true;
2640 }
2641
2642 if (!m_blockman.WriteBlockUndo(blockundo, state, *pindex)) {
2643 return false;
2644 }
2645
2646 const auto time_5{SteadyClock::now()};
2647 m_chainman.time_undo += time_5 - time_4;
2648 LogDebug(BCLog::BENCH, " - Write undo data: %.2fms [%.2fs (%.2fms/blk)]\n",
2649 Ticks<MillisecondsDouble>(time_5 - time_4),
2650 Ticks<SecondsDouble>(m_chainman.time_undo),
2651 Ticks<MillisecondsDouble>(m_chainman.time_undo) / m_chainman.num_blocks_total);
2652
2653 if (!pindex->IsValid(BLOCK_VALID_SCRIPTS)) {
2655 m_blockman.m_dirty_blockindex.insert(pindex);
2656 }
2657
2658 // add this block to the view's block chain
2659 view.SetBestBlock(pindex->GetBlockHash());
2660
2661 const auto time_6{SteadyClock::now()};
2662 m_chainman.time_index += time_6 - time_5;
2663 LogDebug(BCLog::BENCH, " - Index writing: %.2fms [%.2fs (%.2fms/blk)]\n",
2664 Ticks<MillisecondsDouble>(time_6 - time_5),
2665 Ticks<SecondsDouble>(m_chainman.time_index),
2666 Ticks<MillisecondsDouble>(m_chainman.time_index) / m_chainman.num_blocks_total);
2667
2668 TRACEPOINT(validation, block_connected,
2669 block_hash.data(),
2670 pindex->nHeight,
2671 block.vtx.size(),
2672 nInputs,
2673 nSigOpsCost,
2674 Ticks<std::chrono::nanoseconds>(time_5 - time_start)
2675 );
2676
2677 return true;
2678}
2679
2680CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState()
2681{
2683 return this->GetCoinsCacheSizeState(
2686}
2687
2688CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState(
2689 size_t max_coins_cache_size_bytes,
2690 size_t max_mempool_size_bytes)
2691{
2693 const int64_t nMempoolUsage = m_mempool ? m_mempool->DynamicMemoryUsage() : 0;
2694 int64_t cacheSize = CoinsTip().DynamicMemoryUsage();
2695 int64_t nTotalSpace =
2696 max_coins_cache_size_bytes + std::max<int64_t>(int64_t(max_mempool_size_bytes) - nMempoolUsage, 0);
2697
2698 if (cacheSize > nTotalSpace) {
2699 LogInfo("Cache size (%s) exceeds total space (%s)\n", cacheSize, nTotalSpace);
2701 } else if (cacheSize > LargeCoinsCacheThreshold(nTotalSpace)) {
2703 }
2705}
2706
2708 BlockValidationState &state,
2709 FlushStateMode mode,
2710 int nManualPruneHeight)
2711{
2712 LOCK(cs_main);
2713 assert(this->CanFlushToDisk());
2714 std::set<int> setFilesToPrune;
2715 bool full_flush_completed = false;
2716
2717 [[maybe_unused]] const size_t coins_count{CoinsTip().GetCacheSize()};
2718 [[maybe_unused]] const size_t coins_mem_usage{CoinsTip().DynamicMemoryUsage()};
2719
2720 try {
2721 {
2722 bool fFlushForPrune = false;
2723
2724 CoinsCacheSizeState cache_state = GetCoinsCacheSizeState();
2726 // make sure we don't prune above any of the prune locks bestblocks
2727 // pruning is height-based
2728 int last_prune{m_chain.Height()}; // last height we can prune
2729 std::optional<std::string> limiting_lock; // prune lock that actually was the limiting factor, only used for logging
2730
2731 for (const auto& prune_lock : m_blockman.m_prune_locks) {
2732 if (prune_lock.second.height_first == std::numeric_limits<int>::max()) continue;
2733 // Remove the buffer and one additional block here to get actual height that is outside of the buffer
2734 const int lock_height{prune_lock.second.height_first - PRUNE_LOCK_BUFFER - 1};
2735 last_prune = std::max(1, std::min(last_prune, lock_height));
2736 if (last_prune == lock_height) {
2737 limiting_lock = prune_lock.first;
2738 }
2739 }
2740
2741 if (limiting_lock) {
2742 LogDebug(BCLog::PRUNE, "%s limited pruning to height %d\n", limiting_lock.value(), last_prune);
2743 }
2744
2745 if (nManualPruneHeight > 0) {
2746 LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune (manual)", BCLog::BENCH);
2747
2749 setFilesToPrune,
2750 std::min(last_prune, nManualPruneHeight),
2751 *this);
2752 } else {
2753 LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune", BCLog::BENCH);
2754
2755 m_blockman.FindFilesToPrune(setFilesToPrune, last_prune, *this, m_chainman);
2757 }
2758 if (!setFilesToPrune.empty()) {
2759 fFlushForPrune = true;
2761 m_blockman.m_block_tree_db->WriteFlag("prunedblockfiles", true);
2763 }
2764 }
2765 }
2766 const auto nNow{NodeClock::now()};
2767 // The cache is large and we're within 10% and 10 MiB of the limit, but we have time now (not in the middle of a block processing).
2768 bool fCacheLarge = mode == FlushStateMode::PERIODIC && cache_state >= CoinsCacheSizeState::LARGE;
2769 // The cache is over the limit, we have to write now.
2770 bool fCacheCritical = mode == FlushStateMode::IF_NEEDED && cache_state >= CoinsCacheSizeState::CRITICAL;
2771 // It's been a while since we wrote the block index and chain state to disk. Do this frequently, so we don't need to redownload or reindex after a crash.
2772 bool fPeriodicWrite = mode == FlushStateMode::PERIODIC && nNow >= m_next_write;
2773 const auto empty_cache{(mode == FlushStateMode::FORCE_FLUSH) || fCacheLarge || fCacheCritical};
2774 // Combine all conditions that result in a write to disk.
2775 bool should_write = (mode == FlushStateMode::FORCE_SYNC) || empty_cache || fPeriodicWrite || fFlushForPrune;
2776 // Write blocks, block index and best chain related state to disk.
2777 if (should_write) {
2778 LogDebug(BCLog::COINDB, "Writing chainstate to disk: flush mode=%s, prune=%d, large=%d, critical=%d, periodic=%d",
2779 FlushStateModeNames[size_t(mode)], fFlushForPrune, fCacheLarge, fCacheCritical, fPeriodicWrite);
2780
2781 // Ensure we can write block index
2783 return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2784 }
2785 {
2786 LOG_TIME_MILLIS_WITH_CATEGORY("write block and undo data to disk", BCLog::BENCH);
2787
2788 // First make sure all block and undo data is flushed to disk.
2789 // TODO: Handle return error, or add detailed comment why it is
2790 // safe to not return an error upon failure.
2791 if (!m_blockman.FlushChainstateBlockFile(m_chain.Height())) {
2792 LogWarning("%s: Failed to flush block file.\n", __func__);
2793 }
2794 }
2795
2796 // Then update all block file information (which may refer to block and undo files).
2797 {
2798 LOG_TIME_MILLIS_WITH_CATEGORY("write block index to disk", BCLog::BENCH);
2799
2800 m_blockman.WriteBlockIndexDB();
2801 }
2802 // Finally remove any pruned files
2803 if (fFlushForPrune) {
2804 LOG_TIME_MILLIS_WITH_CATEGORY("unlink pruned files", BCLog::BENCH);
2805
2806 m_blockman.UnlinkPrunedFiles(setFilesToPrune);
2807 }
2808
2809 if (!CoinsTip().GetBestBlock().IsNull()) {
2810 // Typical Coin structures on disk are around 48 bytes in size.
2811 // Pushing a new one to the database can cause it to be written
2812 // twice (once in the log, and once in the tables). This is already
2813 // an overestimation, as most will delete an existing entry or
2814 // overwrite one. Still, use a conservative safety factor of 2.
2815 if (!CheckDiskSpace(m_chainman.m_options.datadir, 48 * 2 * 2 * CoinsTip().GetDirtyCount())) {
2816 return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2817 }
2818 // Flush the chainstate (which may refer to block index entries).
2819 empty_cache ? CoinsTip().Flush() : CoinsTip().Sync();
2820 full_flush_completed = true;
2821 TRACEPOINT(utxocache, flush,
2822 int64_t{Ticks<std::chrono::microseconds>(NodeClock::now() - nNow)},
2823 (uint32_t)mode,
2824 (uint64_t)coins_count,
2825 (uint64_t)coins_mem_usage,
2826 (bool)fFlushForPrune);
2827 }
2828 }
2829
2830 if (should_write || m_next_write == NodeClock::time_point::max()) {
2833 }
2834 }
2835 if (full_flush_completed) {
2837 // Update best block in wallet (so we can detect restored wallets).
2839 }
2840
2842 try {
2844 } catch (const std::exception& e) {
2845 LogWarning("Failed to start chainstate compaction (%s)", e.what());
2846 }
2847 }
2848 }
2849 } catch (const std::runtime_error& e) {
2850 return FatalError(m_chainman.GetNotifications(), state, strprintf(_("System error while flushing: %s"), e.what()));
2851 }
2852 return true;
2853}
2854
2856{
2859 LogWarning("Failed to force flush state (%s)", state.ToString());
2860 }
2861}
2862
2864{
2867 if (!this->FlushStateToDisk(state, FlushStateMode::NONE)) {
2868 LogWarning("Failed to flush state (%s)", state.ToString());
2869 }
2870}
2871
2872static void UpdateTipLog(
2873 const ChainstateManager& chainman,
2874 const CCoinsViewCache& coins_tip,
2875 const CBlockIndex* tip,
2876 const std::string& func_name,
2877 const std::string& prefix,
2878 const std::string& warning_messages,
2879 const bool background_validation) EXCLUSIVE_LOCKS_REQUIRED(::cs_main)
2880{
2881
2883
2884 // Disable rate limiting as this may log frequently during IBD.
2885 LogInfo(util::log::NO_RATE_LIMIT, "%s%s: new best=%s height=%d version=0x%08x log2_work=%f tx=%lu date='%s' progress=%f cache=%.1fMiB(%utxo)%s\n",
2886 prefix, func_name,
2887 tip->GetBlockHash().ToString(), tip->nHeight, tip->nVersion,
2888 log(tip->nChainWork.getdouble()) / log(2.0), tip->m_chain_tx_count,
2890 background_validation ? chainman.GetBackgroundVerificationProgress(*tip) : chainman.GuessVerificationProgress(tip),
2891 coins_tip.DynamicMemoryUsage() / double(1_MiB),
2892 coins_tip.GetCacheSize(),
2893 !warning_messages.empty() ? strprintf(" warning='%s'", warning_messages) : "");
2894}
2895
2896void Chainstate::UpdateTip(const CBlockIndex* pindexNew)
2897{
2899 const auto& coins_tip = this->CoinsTip();
2900
2901 // The remainder of the function isn't relevant if we are not acting on
2902 // the active chainstate, so return if need be.
2903 if (this != &m_chainman.ActiveChainstate()) {
2904 // Only log every so often so that we don't bury log messages at the tip.
2905 constexpr int BACKGROUND_LOG_INTERVAL = 2000;
2906 if (pindexNew->nHeight % BACKGROUND_LOG_INTERVAL == 0) {
2907 UpdateTipLog(m_chainman, coins_tip, pindexNew, __func__, "[background validation] ", "", /*background_validation=*/true);
2908 }
2909 return;
2910 }
2911
2912 // New best block
2913 if (m_mempool) {
2915 }
2916
2917 std::vector<bilingual_str> warning_messages;
2920 for (auto [bit, active] : bits) {
2921 const bilingual_str warning = strprintf(_("Unknown new rules activated (versionbit %i)"), bit);
2922 if (active) {
2924 } else {
2925 warning_messages.push_back(warning);
2926 }
2927 }
2928 }
2929 UpdateTipLog(m_chainman, coins_tip, pindexNew, __func__, "",
2930 util::Join(warning_messages, Untranslated(", ")).original, /*background_validation=*/false);
2931}
2932
2944{
2947
2948 CBlockIndex *pindexDelete = m_chain.Tip();
2949 assert(pindexDelete);
2950 assert(pindexDelete->pprev);
2951 // Read block from disk.
2952 std::shared_ptr<CBlock> pblock = std::make_shared<CBlock>();
2953 CBlock& block = *pblock;
2954 if (!m_blockman.ReadBlock(block, *pindexDelete)) {
2955 LogError("DisconnectTip(): Failed to read block\n");
2956 return false;
2957 }
2958 // Apply the block atomically to the chain state.
2959 const auto time_start{SteadyClock::now()};
2960 {
2961 CCoinsViewCache view(&CoinsTip());
2962 assert(view.GetBestBlock() == pindexDelete->GetBlockHash());
2963 if (DisconnectBlock(block, pindexDelete, view) != DISCONNECT_OK) {
2964 LogError("DisconnectTip(): DisconnectBlock %s failed\n", pindexDelete->GetBlockHash().ToString());
2965 return false;
2966 }
2967 view.Flush(/*reallocate_cache=*/false); // local CCoinsViewCache goes out of scope
2968 }
2969 LogDebug(BCLog::BENCH, "- Disconnect block: %.2fms\n",
2970 Ticks<MillisecondsDouble>(SteadyClock::now() - time_start));
2971
2972 {
2973 // Prune locks that began at or after the tip should be moved backward so they get a chance to reorg
2974 const int max_height_first{pindexDelete->nHeight - 1};
2975 for (auto& prune_lock : m_blockman.m_prune_locks) {
2976 if (prune_lock.second.height_first <= max_height_first) continue;
2977
2978 prune_lock.second.height_first = max_height_first;
2979 LogDebug(BCLog::PRUNE, "%s prune lock moved back to %d\n", prune_lock.first, max_height_first);
2980 }
2981 }
2982
2983 // Write the chain state to disk, if necessary.
2985 return false;
2986 }
2987
2988 if (disconnectpool && m_mempool) {
2989 // Save transactions to re-add to mempool at end of reorg. If any entries are evicted for
2990 // exceeding memory limits, remove them and their descendants from the mempool.
2991 for (auto&& evicted_tx : disconnectpool->AddTransactionsFromBlock(block.vtx)) {
2993 }
2994 }
2995
2996 m_chain.SetTip(*pindexDelete->pprev);
2998
2999 UpdateTip(pindexDelete->pprev);
3000 // Let wallets know transactions went from 1-confirmed to
3001 // 0-confirmed or conflicted:
3003 m_chainman.m_options.signals->BlockDisconnected(std::move(pblock), pindexDelete);
3004 }
3005 return true;
3006}
3007
3010 std::shared_ptr<const CBlock> pblock;
3011};
3012
3020 BlockValidationState& state,
3021 CBlockIndex* pindexNew,
3022 std::shared_ptr<const CBlock> block_to_connect,
3023 std::vector<ConnectedBlock>& connected_blocks,
3024 DisconnectedBlockTransactions& disconnectpool)
3025{
3028
3029 assert(pindexNew->pprev == m_chain.Tip());
3030 // Read block from disk.
3031 const auto time_1{SteadyClock::now()};
3032 if (!block_to_connect) {
3033 std::shared_ptr<CBlock> pblockNew = std::make_shared<CBlock>();
3034 if (!m_blockman.ReadBlock(*pblockNew, *pindexNew)) {
3035 return FatalError(m_chainman.GetNotifications(), state, _("Failed to read block."));
3036 }
3037 block_to_connect = std::move(pblockNew);
3038 } else {
3039 LogDebug(BCLog::BENCH, " - Using cached block\n");
3040 }
3041 // Apply the block atomically to the chain state.
3042 const auto time_2{SteadyClock::now()};
3043 SteadyClock::time_point time_3;
3044 // When adding aggregate statistics in the future, keep in mind that
3045 // num_blocks_total may be zero until the ConnectBlock() call below.
3046 LogDebug(BCLog::BENCH, " - Load block from disk: %.2fms\n",
3047 Ticks<MillisecondsDouble>(time_2 - time_1));
3048 {
3049 CCoinsViewCache& view{*m_coins_views->m_connect_block_view};
3050 const auto reset_guard{view.CreateResetGuard()};
3051 bool rv = ConnectBlock(*block_to_connect, state, pindexNew, view);
3053 m_chainman.m_options.signals->BlockChecked(block_to_connect, state);
3054 }
3055 if (!rv) {
3056 if (state.IsInvalid())
3057 InvalidBlockFound(pindexNew, state);
3058 LogError("%s: ConnectBlock %s failed, %s\n", __func__, pindexNew->GetBlockHash().ToString(), state.ToString());
3059 return false;
3060 }
3061 time_3 = SteadyClock::now();
3062 m_chainman.time_connect_total += time_3 - time_2;
3063 assert(m_chainman.num_blocks_total > 0);
3064 LogDebug(BCLog::BENCH, " - Connect total: %.2fms [%.2fs (%.2fms/blk)]\n",
3065 Ticks<MillisecondsDouble>(time_3 - time_2),
3066 Ticks<SecondsDouble>(m_chainman.time_connect_total),
3067 Ticks<MillisecondsDouble>(m_chainman.time_connect_total) / m_chainman.num_blocks_total);
3068 view.Flush(/*reallocate_cache=*/false); // No need to reallocate since it only has capacity for 1 block
3069 }
3070 const auto time_4{SteadyClock::now()};
3071 m_chainman.time_flush += time_4 - time_3;
3072 LogDebug(BCLog::BENCH, " - Flush: %.2fms [%.2fs (%.2fms/blk)]\n",
3073 Ticks<MillisecondsDouble>(time_4 - time_3),
3074 Ticks<SecondsDouble>(m_chainman.time_flush),
3075 Ticks<MillisecondsDouble>(m_chainman.time_flush) / m_chainman.num_blocks_total);
3076 // Write the chain state to disk, if necessary.
3078 return false;
3079 }
3080 const auto time_5{SteadyClock::now()};
3081 m_chainman.time_chainstate += time_5 - time_4;
3082 LogDebug(BCLog::BENCH, " - Writing chainstate: %.2fms [%.2fs (%.2fms/blk)]\n",
3083 Ticks<MillisecondsDouble>(time_5 - time_4),
3084 Ticks<SecondsDouble>(m_chainman.time_chainstate),
3085 Ticks<MillisecondsDouble>(m_chainman.time_chainstate) / m_chainman.num_blocks_total);
3086 // Remove conflicting transactions from the mempool.;
3087 if (m_mempool) {
3088 m_mempool->removeForBlock(block_to_connect->vtx, pindexNew->nHeight);
3089 disconnectpool.removeForBlock(block_to_connect->vtx);
3090 }
3091 // Update m_chain & related variables.
3092 m_chain.SetTip(*pindexNew);
3094 UpdateTip(pindexNew);
3095
3096 const auto time_6{SteadyClock::now()};
3097 m_chainman.time_post_connect += time_6 - time_5;
3098 m_chainman.time_total += time_6 - time_1;
3099 LogDebug(BCLog::BENCH, " - Connect postprocess: %.2fms [%.2fs (%.2fms/blk)]\n",
3100 Ticks<MillisecondsDouble>(time_6 - time_5),
3101 Ticks<SecondsDouble>(m_chainman.time_post_connect),
3102 Ticks<MillisecondsDouble>(m_chainman.time_post_connect) / m_chainman.num_blocks_total);
3103 LogDebug(BCLog::BENCH, "- Connect block: %.2fms [%.2fs (%.2fms/blk)]\n",
3104 Ticks<MillisecondsDouble>(time_6 - time_1),
3105 Ticks<SecondsDouble>(m_chainman.time_total),
3106 Ticks<MillisecondsDouble>(m_chainman.time_total) / m_chainman.num_blocks_total);
3107
3108 // See if this chainstate has reached a target block and can be used to
3109 // validate an assumeutxo snapshot. If it can, hashing the UTXO database
3110 // will be slow, and cs_main could remain locked here for several minutes.
3111 // If the snapshot is validated, the UTXO hash will be saved to
3112 // this->m_target_utxohash, causing HistoricalChainstate() to return null
3113 // and this chainstate to no longer be used. ActivateBestChain() will also
3114 // stop connecting blocks to this chainstate because this->ReachedTarget()
3115 // will be true and this->setBlockIndexCandidates will not have additional
3116 // blocks.
3118 m_chainman.MaybeValidateSnapshot(*this, current_cs);
3119
3120 connected_blocks.emplace_back(pindexNew, std::move(block_to_connect));
3121 return true;
3122}
3123
3129{
3131 do {
3132 CBlockIndex *pindexNew = nullptr;
3133
3134 // Find the best candidate header.
3135 {
3136 std::set<CBlockIndex*, CBlockIndexWorkComparator>::reverse_iterator it = setBlockIndexCandidates.rbegin();
3137 if (it == setBlockIndexCandidates.rend())
3138 return nullptr;
3139 pindexNew = *it;
3140 }
3141
3142 // Check whether all blocks on the path between the currently active chain and the candidate are valid.
3143 // Just going until the active chain is an optimization, as we know all blocks in it are valid already.
3144 bool fInvalidAncestor = false;
3145 for (CBlockIndex *pindexTest = pindexNew; pindexTest && !m_chain.Contains(*pindexTest); pindexTest = pindexTest->pprev) {
3146 assert(pindexTest->HaveNumChainTxs() || pindexTest->nHeight == 0);
3147
3148 // Pruned nodes may have entries in setBlockIndexCandidates for
3149 // which block files have been deleted. Remove those as candidates
3150 // for the most work chain if we come across them; we can't switch
3151 // to a chain unless we have all the non-active-chain parent blocks.
3152 bool fFailedChain = pindexTest->nStatus & BLOCK_FAILED_VALID;
3153 bool fMissingData = !(pindexTest->nStatus & BLOCK_HAVE_DATA);
3154 if (fFailedChain || fMissingData) {
3155 // Candidate chain is not usable (either invalid or missing data)
3156 if (fFailedChain && (m_chainman.m_best_invalid == nullptr || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork)) {
3157 m_chainman.m_best_invalid = pindexNew;
3158 }
3159 // Remove the entire chain from the set.
3160 for (CBlockIndex *pindexFailed = pindexNew; pindexFailed != pindexTest; pindexFailed = pindexFailed->pprev) {
3161 // If we're missing data and not a descendant of an invalid block,
3162 // then add back to m_blocks_unlinked, so that if the block arrives in the future
3163 // we can try adding to setBlockIndexCandidates again.
3164 if (fMissingData && !fFailedChain) {
3165 // Avoid duplicate entries in m_blocks_unlinked. If the same entry is
3166 // processed twice in ReceivedBlockTransactions(), it may be re-added to
3167 // setBlockIndexCandidates with a modified nSequenceId, breaking ordering
3168 // guarantees and leading to undefined behavior.
3169 m_blockman.AddUnlinkedBlock(pindexFailed);
3170 }
3171 setBlockIndexCandidates.erase(pindexFailed);
3172 }
3173 setBlockIndexCandidates.erase(pindexTest);
3174 fInvalidAncestor = true;
3175 break;
3176 }
3177 }
3178 if (!fInvalidAncestor)
3179 return pindexNew;
3180 } while(true);
3181}
3182
3185 // Note that we can't delete the current block itself, as we may need to return to it later in case a
3186 // reorganization to a better block fails.
3187 std::set<CBlockIndex*, CBlockIndexWorkComparator>::iterator it = setBlockIndexCandidates.begin();
3188 while (it != setBlockIndexCandidates.end() && setBlockIndexCandidates.value_comp()(*it, m_chain.Tip())) {
3189 setBlockIndexCandidates.erase(it++);
3190 }
3191 // Either the current tip or a successor of it we're working towards is left in setBlockIndexCandidates.
3193}
3194
3201bool Chainstate::ActivateBestChainStep(BlockValidationState& state, CBlockIndex& index_most_work, const std::shared_ptr<const CBlock>& pblock, bool& fInvalidFound, std::vector<ConnectedBlock>& connected_blocks)
3202{
3205
3206 const CBlockIndex* pindexOldTip = m_chain.Tip();
3207 const CBlockIndex* pindexFork = m_chain.FindFork(index_most_work);
3208
3209 // Disconnect active blocks which are no longer in the best chain.
3210 bool fBlocksDisconnected = false;
3212 while (m_chain.Tip() && m_chain.Tip() != pindexFork) {
3213 if (!DisconnectTip(state, &disconnectpool)) {
3214 // This is likely a fatal error, but keep the mempool consistent,
3215 // just in case. Only remove from the mempool in this case.
3216 MaybeUpdateMempoolForReorg(disconnectpool, false);
3217
3218 // If we're unable to disconnect a block during normal operation,
3219 // then that is a failure of our local system -- we should abort
3220 // rather than stay on a less work chain.
3221 FatalError(m_chainman.GetNotifications(), state, _("Failed to disconnect block."));
3222 return false;
3223 }
3224 fBlocksDisconnected = true;
3225 }
3226
3227 // Build list of new blocks to connect (in descending height order).
3228 std::vector<CBlockIndex*> vpindexToConnect;
3229 bool fContinue = true;
3230 int nHeight = pindexFork ? pindexFork->nHeight : -1;
3231 while (fContinue && nHeight != index_most_work.nHeight) {
3232 // Don't iterate the entire list of potential improvements toward the best tip, as we likely only need
3233 // a few blocks along the way.
3234 int nTargetHeight = std::min(nHeight + 32, index_most_work.nHeight);
3235 vpindexToConnect.clear();
3236 vpindexToConnect.reserve(nTargetHeight - nHeight);
3237 CBlockIndex* pindexIter = index_most_work.GetAncestor(nTargetHeight);
3238 while (pindexIter && pindexIter->nHeight != nHeight) {
3239 vpindexToConnect.push_back(pindexIter);
3240 pindexIter = pindexIter->pprev;
3241 }
3242 nHeight = nTargetHeight;
3243
3244 // Connect new blocks.
3245 for (CBlockIndex* pindexConnect : vpindexToConnect | std::views::reverse) {
3246 if (!ConnectTip(state, pindexConnect, pindexConnect == &index_most_work ? pblock : std::shared_ptr<const CBlock>(), connected_blocks, disconnectpool)) {
3247 if (state.IsInvalid()) {
3248 // The block violates a consensus rule.
3250 InvalidChainFound(vpindexToConnect.front());
3251 }
3252 state = BlockValidationState();
3253 fInvalidFound = true;
3254 fContinue = false;
3255 break;
3256 } else {
3257 // A system error occurred (disk space, database error, ...).
3258 // Make the mempool consistent with the current tip, just in case
3259 // any observers try to use it before shutdown.
3260 MaybeUpdateMempoolForReorg(disconnectpool, false);
3261 return false;
3262 }
3263 } else {
3265 if (!pindexOldTip || m_chain.Tip()->nChainWork > pindexOldTip->nChainWork) {
3266 // We're in a better position than we were. Return temporarily to release the lock.
3267 fContinue = false;
3268 break;
3269 }
3270 }
3271 }
3272 }
3273
3274 if (fBlocksDisconnected) {
3275 // If any blocks were disconnected, disconnectpool may be non empty. Add
3276 // any disconnected transactions back to the mempool.
3277 MaybeUpdateMempoolForReorg(disconnectpool, true);
3278 }
3279 if (m_mempool) m_mempool->check(this->CoinsTip(), this->m_chain.Height() + 1);
3280
3282
3283 return true;
3284}
3285
3286static SynchronizationState GetSynchronizationState(bool init, bool blockfiles_indexed)
3287{
3289 if (!blockfiles_indexed) return SynchronizationState::INIT_REINDEX;
3291}
3292
3294{
3296 if (!m_cached_is_ibd.load(std::memory_order_relaxed)) return;
3297 if (m_blockman.LoadingBlocks()) return;
3298 if (!CurrentChainstate().m_chain.IsTipRecent(MinimumChainWork(), m_options.max_tip_age)) return;
3299 LogInfo("Leaving InitialBlockDownload (latching to false)");
3300 m_cached_is_ibd.store(false, std::memory_order_relaxed);
3301}
3302
3304{
3305 bool fNotify = false;
3306 bool fInitialBlockDownload = false;
3307 CBlockIndex* pindexHeader = nullptr;
3308 {
3309 LOCK(GetMutex());
3310 pindexHeader = m_best_header;
3311
3312 if (pindexHeader != m_last_notified_header) {
3313 fNotify = true;
3314 fInitialBlockDownload = IsInitialBlockDownload();
3315 m_last_notified_header = pindexHeader;
3316 }
3317 }
3318 // Send block tip changed notifications without the lock held
3319 if (fNotify) {
3320 GetNotifications().headerTip(GetSynchronizationState(fInitialBlockDownload, m_blockman.m_blockfiles_indexed), pindexHeader->nHeight, pindexHeader->nTime, false);
3321 }
3322 return fNotify;
3323}
3324
3327
3328 if (signals.CallbacksPending() > 10) {
3329 signals.SyncWithValidationInterfaceQueue();
3330 }
3331}
3332
3333bool Chainstate::ActivateBestChain(BlockValidationState& state, std::shared_ptr<const CBlock> pblock)
3334{
3336
3337 // Note that while we're often called here from ProcessNewBlock, this is
3338 // far from a guarantee. Things in the P2P/RPC will often end up calling
3339 // us in the middle of ProcessNewBlock - do not assume pblock is set
3340 // sanely for performance or correctness!
3342
3343 // ABC maintains a fair degree of expensive-to-calculate internal state
3344 // because this function periodically releases cs_main so that it does not lock up other threads for too long
3345 // during large connects - and to allow for e.g. the callback queue to drain
3346 // we use m_chainstate_mutex to enforce mutual exclusion so that only one caller may execute this function at a time
3348
3349 // Belt-and-suspenders check that we aren't attempting to advance the
3350 // chainstate past the target block.
3351 if (WITH_LOCK(::cs_main, return m_target_utxohash)) {
3352 LogError("%s", STR_INTERNAL_BUG("m_target_utxohash is set - this chainstate should not be in operation."));
3353 return Assume(false);
3354 }
3355
3356 CBlockIndex *pindexMostWork = nullptr;
3357 CBlockIndex *pindexNewTip = nullptr;
3358 bool exited_ibd{false};
3359 do {
3360 // Block until the validation queue drains. This should largely
3361 // never happen in normal operation, however may happen during
3362 // reindex, causing memory blowup if we run too far ahead.
3363 // Note that if a validationinterface callback ends up calling
3364 // ActivateBestChain this may lead to a deadlock! We should
3365 // probably have a DEBUG_LOCKORDER test for this in the future.
3367
3368 {
3369 LOCK(cs_main);
3370 {
3371 // Lock transaction pool for at least as long as it takes for connected_blocks to be consumed
3372 LOCK(MempoolMutex());
3373 const bool was_in_ibd = m_chainman.IsInitialBlockDownload();
3374 CBlockIndex* starting_tip = m_chain.Tip();
3375 bool blocks_connected = false;
3376 do {
3377 // We absolutely may not unlock cs_main until we've made forward progress
3378 // (with the exception of shutdown due to hardware issues, low disk space, etc).
3379 std::vector<ConnectedBlock> connected_blocks; // Destructed before cs_main is unlocked
3380
3381 if (pindexMostWork == nullptr) {
3382 pindexMostWork = FindMostWorkChain();
3383 }
3384
3385 // Whether we have anything to do at all.
3386 if (pindexMostWork == nullptr || pindexMostWork == m_chain.Tip()) {
3387 break;
3388 }
3389
3390 bool fInvalidFound = false;
3391 std::shared_ptr<const CBlock> nullBlockPtr;
3392 // BlockConnected signals must be sent for the original role;
3393 // in case snapshot validation is completed during ActivateBestChainStep, the
3394 // result of GetRole() changes from BACKGROUND to NORMAL.
3395 const ChainstateRole chainstate_role{this->GetRole()};
3396 if (!ActivateBestChainStep(state, *pindexMostWork, pblock && pblock->GetHash() == pindexMostWork->GetBlockHash() ? pblock : nullBlockPtr, fInvalidFound, connected_blocks)) {
3397 // A system error occurred
3398 return false;
3399 }
3400 blocks_connected = true;
3401
3402 if (fInvalidFound) {
3403 // Wipe cache, we may need another branch now.
3404 pindexMostWork = nullptr;
3405 }
3406 pindexNewTip = m_chain.Tip();
3407
3408 for (auto& [index, block] : std::move(connected_blocks)) {
3410 m_chainman.m_options.signals->BlockConnected(chainstate_role, std::move(Assert(block)), Assert(index));
3411 }
3412 }
3413
3414 // Break this do-while to ensure we don't advance past the target block.
3415 if (ReachedTarget()) {
3416 break;
3417 }
3418 } while (!m_chain.Tip() || (starting_tip && CBlockIndexWorkComparator()(m_chain.Tip(), starting_tip)));
3419 if (!blocks_connected) return true;
3420
3421 const CBlockIndex* pindexFork = starting_tip ? m_chain.FindFork(*starting_tip) : nullptr;
3422 bool still_in_ibd = m_chainman.IsInitialBlockDownload();
3423
3424 if (was_in_ibd && !still_in_ibd) {
3425 // Active chainstate has exited IBD.
3426 exited_ibd = true;
3427 }
3428
3429 // Notify external listeners about the new tip.
3430 // Enqueue while holding cs_main to ensure that UpdatedBlockTip is called in the order in which blocks are connected
3431 if (this == &m_chainman.ActiveChainstate() && pindexFork != pindexNewTip) {
3432 // Notify ValidationInterface subscribers
3434 m_chainman.m_options.signals->UpdatedBlockTip(pindexNewTip, pindexFork, still_in_ibd);
3435 }
3436
3439 /*index=*/*pindexNewTip,
3440 /*verification_progress=*/m_chainman.GuessVerificationProgress(pindexNewTip))))
3441 {
3442 // Just breaking and returning success for now. This could
3443 // be changed to bubble up the kernel::Interrupted value to
3444 // the caller so the caller could distinguish between
3445 // completed and interrupted operations.
3446 break;
3447 }
3448 }
3449 } // release MempoolMutex
3450 // Notify external listeners about the new tip, even if pindexFork == pindexNewTip.
3453 }
3454 } // release cs_main
3455 // When we reach this point, we switched to a new tip (stored in pindexNewTip).
3456
3457 bool reached_target;
3458 {
3460 if (exited_ibd) {
3461 // If a background chainstate is in use, we may need to rebalance our
3462 // allocation of caches once a chainstate exits initial block download.
3463 m_chainman.MaybeRebalanceCaches();
3464 }
3465
3466 // Write changes periodically to disk, after relay.
3468 return false;
3469 }
3470
3471 reached_target = ReachedTarget();
3472 }
3473
3474 if (reached_target) {
3475 // Chainstate has reached the target block, so exit.
3476 //
3477 // Restart indexes so indexes can resync and index new blocks after
3478 // the target block.
3479 //
3480 // This cannot be done while holding cs_main (within
3481 // MaybeValidateSnapshot) or a cs_main deadlock will occur.
3484 }
3485 break;
3486 }
3487
3488 // We check interrupt only after giving ActivateBestChainStep a chance to run once so that we
3489 // never interrupt before connecting the genesis block during LoadChainTip(). Previously this
3490 // caused an assert() failure during interrupt in such cases as the UTXO DB flushing checks
3491 // that the best block hash is non-null.
3492 if (m_chainman.m_interrupt) break;
3493 } while (pindexNewTip != pindexMostWork);
3494
3496
3497 return true;
3498}
3499
3500bool Chainstate::PreciousBlock(BlockValidationState& state, CBlockIndex* pindex)
3501{
3504 {
3505 LOCK(cs_main);
3506 if (pindex->nChainWork < m_chain.Tip()->nChainWork) {
3507 // Nothing to do, this block is not at the tip.
3508 return true;
3509 }
3511 // The chain has been extended since the last call, reset the counter.
3513 }
3515 setBlockIndexCandidates.erase(pindex);
3517 if (m_chainman.nBlockReverseSequenceId > std::numeric_limits<int32_t>::min()) {
3518 // We can't keep reducing the counter if somebody really wants to
3519 // call preciousblock 2**31-1 times on the same set of tips...
3521 }
3522 if (pindex->IsValid(BLOCK_VALID_TRANSACTIONS) && pindex->HaveNumChainTxs()) {
3523 setBlockIndexCandidates.insert(pindex);
3525 }
3526 }
3527
3528 return ActivateBestChain(state, std::shared_ptr<const CBlock>());
3529}
3530
3532{
3535
3536 // Genesis block can't be invalidated
3537 assert(pindex);
3538 if (pindex->nHeight == 0) return false;
3539
3540 // We do not allow ActivateBestChain() to run while InvalidateBlock() is
3541 // running, as that could cause the tip to change while we disconnect
3542 // blocks.
3544
3545 // We'll be acquiring and releasing cs_main below, to allow the validation
3546 // callbacks to run. However, we should keep the block index in a
3547 // consistent state as we disconnect blocks -- in particular we need to
3548 // add equal-work blocks to setBlockIndexCandidates as we disconnect.
3549 // To avoid walking the block index repeatedly in search of candidates,
3550 // build a map once so that we can look up candidate blocks by chain
3551 // work as we go.
3552 std::multimap<const arith_uint256, CBlockIndex*> highpow_outofchain_headers;
3553
3554 {
3555 LOCK(cs_main);
3556 for (auto& entry : m_blockman.m_block_index) {
3557 CBlockIndex& candidate = entry.second;
3558 // We don't need to put anything in our active chain into the
3559 // multimap, because those candidates will be found and considered
3560 // as we disconnect.
3561 // Instead, consider only non-active-chain blocks that score
3562 // at least as good with CBlockIndexWorkComparator as the new tip.
3563 if (!m_chain.Contains(candidate) &&
3564 !CBlockIndexWorkComparator()(&candidate, pindex->pprev) &&
3565 !(candidate.nStatus & BLOCK_FAILED_VALID)) {
3566 highpow_outofchain_headers.insert({candidate.nChainWork, &candidate});
3567 }
3568 }
3569 }
3570
3571 CBlockIndex* to_mark_failed = pindex;
3572 bool pindex_was_in_chain = false;
3573 int disconnected = 0;
3574
3575 // Disconnect (descendants of) pindex, and mark them invalid.
3576 while (true) {
3577 if (m_chainman.m_interrupt) break;
3578
3579 // Make sure the queue of validation callbacks doesn't grow unboundedly.
3581
3582 LOCK(cs_main);
3583 // Lock for as long as disconnectpool is in scope to make sure MaybeUpdateMempoolForReorg is
3584 // called after DisconnectTip without unlocking in between
3585 LOCK(MempoolMutex());
3586 if (!m_chain.Contains(*pindex)) break;
3587 pindex_was_in_chain = true;
3588 CBlockIndex* const disconnected_tip{m_chain.Tip()};
3589
3590 // ActivateBestChain considers blocks already in m_chain
3591 // unconditionally valid already, so force disconnect away from it.
3593 bool ret = DisconnectTip(state, &disconnectpool);
3594 // DisconnectTip will add transactions to disconnectpool.
3595 // Adjust the mempool to be consistent with the new tip, adding
3596 // transactions back to the mempool if disconnecting was successful,
3597 // and we're not doing a very deep invalidation (in which case
3598 // keeping the mempool up to date is probably futile anyway).
3599 MaybeUpdateMempoolForReorg(disconnectpool, /* fAddToMempool = */ (++disconnected <= 10) && ret);
3600 if (!ret) return false;
3601 CBlockIndex* new_tip{m_chain.Tip()};
3602 assert(disconnected_tip->pprev == new_tip);
3603
3604 // We immediately mark the disconnected blocks as invalid.
3605 // This prevents a case where pruned nodes may fail to invalidateblock
3606 // and be left unable to start as they have no tip candidates (as there
3607 // are no blocks that meet the "have data and are not invalid per
3608 // nStatus" criteria for inclusion in setBlockIndexCandidates).
3609 disconnected_tip->nStatus |= BLOCK_FAILED_VALID;
3610 m_blockman.m_dirty_blockindex.insert(disconnected_tip);
3611 setBlockIndexCandidates.erase(disconnected_tip);
3612 setBlockIndexCandidates.insert(new_tip);
3613
3614 // Mark out-of-chain descendants of the invalidated block as invalid
3615 // Add any equal or more work headers that are not invalidated to setBlockIndexCandidates
3616 // Recalculate m_best_header if it became invalid.
3617 auto candidate_it = highpow_outofchain_headers.lower_bound(new_tip->nChainWork);
3618
3619 const bool best_header_needs_update{m_chainman.m_best_header->GetAncestor(disconnected_tip->nHeight) == disconnected_tip};
3620 if (best_header_needs_update) {
3621 // new_tip is definitely still valid at this point, but there may be better ones
3622 m_chainman.m_best_header = new_tip;
3623 }
3624
3625 while (candidate_it != highpow_outofchain_headers.end()) {
3626 CBlockIndex* candidate{candidate_it->second};
3627 if (candidate->GetAncestor(disconnected_tip->nHeight) == disconnected_tip) {
3628 // Children of failed blocks are marked as BLOCK_FAILED_VALID.
3629 candidate->nStatus |= BLOCK_FAILED_VALID;
3630 m_blockman.m_dirty_blockindex.insert(candidate);
3631 // If invalidated, the block is irrelevant for setBlockIndexCandidates
3632 // and for m_best_header and can be removed from the cache.
3633 candidate_it = highpow_outofchain_headers.erase(candidate_it);
3634 continue;
3635 }
3636 if (!CBlockIndexWorkComparator()(candidate, new_tip) &&
3637 candidate->IsValid(BLOCK_VALID_TRANSACTIONS) &&
3638 candidate->HaveNumChainTxs()) {
3639 setBlockIndexCandidates.insert(candidate);
3640 // Do not remove candidate from the highpow_outofchain_headers cache, because it might be a descendant of the block being invalidated
3641 // which needs to be marked failed later.
3642 }
3643 if (best_header_needs_update &&
3644 m_chainman.m_best_header->nChainWork < candidate->nChainWork) {
3645 m_chainman.m_best_header = candidate;
3646 }
3647 ++candidate_it;
3648 }
3649
3650 // Track the last disconnected block to call InvalidChainFound on it.
3651 to_mark_failed = disconnected_tip;
3652 }
3653
3655
3656 {
3657 LOCK(cs_main);
3658 if (m_chain.Contains(*to_mark_failed)) {
3659 // If the to-be-marked invalid block is in the active chain, something is interfering and we can't proceed.
3660 return false;
3661 }
3662
3663 // Mark pindex as invalid if it never was in the main chain
3664 if (!pindex_was_in_chain && !(pindex->nStatus & BLOCK_FAILED_VALID)) {
3665 pindex->nStatus |= BLOCK_FAILED_VALID;
3666 m_blockman.m_dirty_blockindex.insert(pindex);
3667 setBlockIndexCandidates.erase(pindex);
3668 }
3669
3670 // If any new blocks somehow arrived while we were disconnecting
3671 // (above), then the pre-calculation of what should go into
3672 // setBlockIndexCandidates may have missed entries. This would
3673 // technically be an inconsistency in the block index, but if we clean
3674 // it up here, this should be an essentially unobservable error.
3675 // Loop back over all block index entries and add any missing entries
3676 // to setBlockIndexCandidates.
3677 for (auto& [_, block_index] : m_blockman.m_block_index) {
3678 if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && !setBlockIndexCandidates.value_comp()(&block_index, m_chain.Tip())) {
3679 setBlockIndexCandidates.insert(&block_index);
3680 }
3681 }
3682
3683 InvalidChainFound(to_mark_failed);
3684 }
3685
3686 // Only notify about a new block tip if the active chain was modified.
3687 if (pindex_was_in_chain) {
3688 // Ignoring return value for now, this could be changed to bubble up
3689 // kernel::Interrupted value to the caller so the caller could
3690 // distinguish between completed and interrupted operations. It might
3691 // also make sense for the blockTip notification to have an enum
3692 // parameter indicating the source of the tip change so hooks can
3693 // distinguish user-initiated invalidateblock changes from other
3694 // changes.
3697 /*index=*/*to_mark_failed->pprev,
3698 /*verification_progress=*/WITH_LOCK(m_chainman.GetMutex(), return m_chainman.GuessVerificationProgress(to_mark_failed->pprev)));
3699
3700 // Fire ActiveTipChange now for the current chain tip to make sure clients are notified.
3701 // ActivateBestChain may call this as well, but not necessarily.
3704 }
3705 }
3706 return true;
3707}
3708
3709void Chainstate::SetBlockFailureFlags(CBlockIndex* invalid_block)
3710{
3712
3713 for (auto& [_, block_index] : m_blockman.m_block_index) {
3714 if (invalid_block != &block_index && block_index.GetAncestor(invalid_block->nHeight) == invalid_block) {
3715 block_index.nStatus |= BLOCK_FAILED_VALID;
3716 m_blockman.m_dirty_blockindex.insert(&block_index);
3717 }
3718 }
3719}
3720
3723
3724 int nHeight = pindex->nHeight;
3725
3726 // Remove the invalidity flag from this block and all its descendants and ancestors.
3727 for (auto& [_, block_index] : m_blockman.m_block_index) {
3728 if ((block_index.nStatus & BLOCK_FAILED_VALID) && (block_index.GetAncestor(nHeight) == pindex || pindex->GetAncestor(block_index.nHeight) == &block_index)) {
3729 block_index.nStatus &= ~BLOCK_FAILED_VALID;
3730 m_blockman.m_dirty_blockindex.insert(&block_index);
3731 if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && setBlockIndexCandidates.value_comp()(m_chain.Tip(), &block_index)) {
3732 setBlockIndexCandidates.insert(&block_index);
3733 }
3734 if (&block_index == m_chainman.m_best_invalid) {
3735 // Reset invalid block marker if it was pointing to one of those.
3736 m_chainman.m_best_invalid = nullptr;
3737 }
3738 }
3739 }
3740}
3741
3743{
3745
3746 // Do not continue building a chainstate that is based on an invalid
3747 // snapshot. This is a belt-and-suspenders type of check because if an
3748 // invalid snapshot is loaded, the node will shut down to force a manual
3749 // intervention. But it is good to handle this case correctly regardless.
3750 if (m_assumeutxo == Assumeutxo::INVALID) {
3751 return;
3752 }
3753
3754 // The block only is a candidate for the most-work-chain if it has the same
3755 // or more work than our current tip.
3756 if (m_chain.Tip() != nullptr && setBlockIndexCandidates.value_comp()(pindex, m_chain.Tip())) {
3757 return;
3758 }
3759
3760 const CBlockIndex* target_block{TargetBlock()};
3761 if (!target_block) {
3762 // If no specific target block, add all entries that have more
3763 // work than the tip.
3764 setBlockIndexCandidates.insert(pindex);
3765 } else {
3766 // If there is a target block, only consider connecting blocks
3767 // towards the target block.
3768 if (target_block->GetAncestor(pindex->nHeight) == pindex) {
3769 setBlockIndexCandidates.insert(pindex);
3770 }
3771 }
3772}
3773
3776{
3778 pindexNew->nTx = block.vtx.size();
3779 // Typically m_chain_tx_count will be 0 at this point, but it can be nonzero if this
3780 // is a pruned block which is being downloaded again, or if this is an
3781 // assumeutxo snapshot block which has a hardcoded m_chain_tx_count value from the
3782 // snapshot metadata. If the pindex is not the snapshot block and the
3783 // m_chain_tx_count value is not zero, assert that value is actually correct.
3784 auto prev_tx_sum = [](CBlockIndex& block) { return block.nTx + (block.pprev ? block.pprev->m_chain_tx_count : 0); };
3785 if (!Assume(pindexNew->m_chain_tx_count == 0 || pindexNew->m_chain_tx_count == prev_tx_sum(*pindexNew) ||
3786 std::ranges::any_of(m_chainstates, [&](const auto& cs) EXCLUSIVE_LOCKS_REQUIRED(cs_main) { return cs->SnapshotBase() == pindexNew; }))) {
3787 LogWarning("Internal bug detected: block %d has unexpected m_chain_tx_count %i that should be %i (%s %s). Please report this issue here: %s\n",
3788 pindexNew->nHeight, pindexNew->m_chain_tx_count, prev_tx_sum(*pindexNew), CLIENT_NAME, FormatFullVersion(), CLIENT_BUGREPORT);
3789 pindexNew->m_chain_tx_count = 0;
3790 }
3791 pindexNew->nFile = pos.nFile;
3792 pindexNew->nDataPos = pos.nPos;
3793 pindexNew->nUndoPos = 0;
3794 pindexNew->nStatus |= BLOCK_HAVE_DATA;
3795 if (DeploymentActiveAt(*pindexNew, *this, Consensus::DEPLOYMENT_SEGWIT)) {
3796 pindexNew->nStatus |= BLOCK_OPT_WITNESS;
3797 }
3799 m_blockman.m_dirty_blockindex.insert(pindexNew);
3800
3801 if (pindexNew->pprev == nullptr || pindexNew->pprev->HaveNumChainTxs()) {
3802 // If pindexNew is the genesis block or all parents are BLOCK_VALID_TRANSACTIONS.
3803 std::deque<CBlockIndex*> queue;
3804 queue.push_back(pindexNew);
3805
3806 // Recursively process any descendant blocks that now may be eligible to be connected.
3807 while (!queue.empty()) {
3808 CBlockIndex *pindex = queue.front();
3809 queue.pop_front();
3810 // Before setting m_chain_tx_count, assert that it is 0 or already set to
3811 // the correct value. This assert will fail after receiving the
3812 // assumeutxo snapshot block if assumeutxo snapshot metadata has an
3813 // incorrect hardcoded AssumeutxoData::m_chain_tx_count value.
3814 if (!Assume(pindex->m_chain_tx_count == 0 || pindex->m_chain_tx_count == prev_tx_sum(*pindex))) {
3815 LogWarning("Internal bug detected: block %d has unexpected m_chain_tx_count %i that should be %i (%s %s). Please report this issue here: %s\n",
3816 pindex->nHeight, pindex->m_chain_tx_count, prev_tx_sum(*pindex), CLIENT_NAME, FormatFullVersion(), CLIENT_BUGREPORT);
3817 }
3818 pindex->m_chain_tx_count = prev_tx_sum(*pindex);
3819 pindex->nSequenceId = nBlockSequenceId++;
3820 for (const auto& c : m_chainstates) {
3821 c->TryAddBlockIndexCandidate(pindex);
3822 }
3823 std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> range = m_blockman.m_blocks_unlinked.equal_range(pindex);
3824 while (range.first != range.second) {
3825 std::multimap<CBlockIndex*, CBlockIndex*>::iterator it = range.first;
3826 queue.push_back(it->second);
3827 range.first++;
3828 m_blockman.m_blocks_unlinked.erase(it);
3829 }
3830 }
3831 } else {
3832 if (pindexNew->pprev && pindexNew->pprev->IsValid(BLOCK_VALID_TREE)) {
3833 m_blockman.AddUnlinkedBlock(pindexNew);
3834 }
3835 }
3836}
3837
3838static bool CheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true)
3839{
3840 // Check proof of work matches claimed amount
3841 if (fCheckPOW && !CheckProofOfWork(block.GetHash(), block.nBits, consensusParams))
3842 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "high-hash", "proof of work failed");
3843
3844 return true;
3845}
3846
3847static bool CheckMerkleRoot(const CBlock& block, BlockValidationState& state)
3848{
3849 if (block.m_checked_merkle_root) return true;
3850
3851 bool mutated;
3852 uint256 merkle_root = BlockMerkleRoot(block, &mutated);
3853 if (block.hashMerkleRoot != merkle_root) {
3854 return state.Invalid(
3856 /*reject_reason=*/"bad-txnmrklroot",
3857 /*debug_message=*/"hashMerkleRoot mismatch");
3858 }
3859
3860 // Check for merkle tree malleability (CVE-2012-2459): repeating sequences
3861 // of transactions in a block without affecting the merkle root of a block,
3862 // while still invalidating it.
3863 if (mutated) {
3864 return state.Invalid(
3866 /*reject_reason=*/"bad-txns-duplicate",
3867 /*debug_message=*/"duplicate transaction");
3868 }
3869
3870 block.m_checked_merkle_root = true;
3871 return true;
3872}
3873
3880static bool CheckWitnessMalleation(const CBlock& block, bool expect_witness_commitment, BlockValidationState& state)
3881{
3882 if (expect_witness_commitment) {
3883 if (block.m_checked_witness_commitment) return true;
3884
3885 int commitpos = GetWitnessCommitmentIndex(block);
3886 if (commitpos != NO_WITNESS_COMMITMENT) {
3887 assert(!block.vtx.empty() && !block.vtx[0]->vin.empty());
3888 const auto& witness_stack{block.vtx[0]->vin[0].scriptWitness.stack};
3889
3890 if (witness_stack.size() != 1 || witness_stack[0].size() != 32) {
3891 return state.Invalid(
3893 /*reject_reason=*/"bad-witness-nonce-size",
3894 /*debug_message=*/strprintf("%s : invalid witness reserved value size", __func__));
3895 }
3896
3897 // The malleation check is ignored; as the transaction tree itself
3898 // already does not permit it, it is impossible to trigger in the
3899 // witness tree.
3900 uint256 hash_witness = BlockWitnessMerkleRoot(block);
3901
3902 CHash256().Write(hash_witness).Write(witness_stack[0]).Finalize(hash_witness);
3903 if (memcmp(hash_witness.begin(), &block.vtx[0]->vout[commitpos].scriptPubKey[6], 32)) {
3904 return state.Invalid(
3906 /*reject_reason=*/"bad-witness-merkle-match",
3907 /*debug_message=*/strprintf("%s : witness merkle commitment mismatch", __func__));
3908 }
3909
3910 block.m_checked_witness_commitment = true;
3911 return true;
3912 }
3913 }
3914
3915 // No witness data is allowed in blocks that don't commit to witness data, as this would otherwise leave room for spam
3916 for (const auto& tx : block.vtx) {
3917 if (tx->HasWitness()) {
3918 return state.Invalid(
3920 /*reject_reason=*/"unexpected-witness",
3921 /*debug_message=*/strprintf("%s : unexpected witness data found", __func__));
3922 }
3923 }
3924
3925 return true;
3926}
3927
3928bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
3929{
3930 // These are checks that are independent of context.
3931
3932 if (block.fChecked)
3933 return true;
3934
3935 // Check that the header is valid (particularly PoW). This is mostly
3936 // redundant with the call in AcceptBlockHeader.
3937 if (!CheckBlockHeader(block, state, consensusParams, fCheckPOW))
3938 return false;
3939
3940 // Signet only: check block solution
3941 if (consensusParams.signet_blocks && fCheckPOW && !CheckSignetBlockSolution(block, consensusParams)) {
3942 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-signet-blksig", "signet block signature validation failure");
3943 }
3944
3945 // Check the merkle root.
3946 if (fCheckMerkleRoot && !CheckMerkleRoot(block, state)) {
3947 return false;
3948 }
3949
3950 // All potential-corruption validation must be done before we do any
3951 // transaction validation, as otherwise we may mark the header as invalid
3952 // because we receive the wrong transactions for it.
3953 // Note that witness malleability is checked in ContextualCheckBlock, so no
3954 // checks that use witness data may be performed here.
3955
3956 // Size limits
3958 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-length", "size limits failed");
3959
3960 // First transaction must be coinbase, the rest must not be
3961 if (block.vtx.empty() || !block.vtx[0]->IsCoinBase())
3962 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-missing", "first tx is not coinbase");
3963 for (unsigned int i = 1; i < block.vtx.size(); i++)
3964 if (block.vtx[i]->IsCoinBase())
3965 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-multiple", "more than one coinbase");
3966
3967 // Check transactions
3968 // Must check for duplicate inputs (see CVE-2018-17144)
3969 for (const auto& tx : block.vtx) {
3970 TxValidationState tx_state;
3971 if (!CheckTransaction(*tx, tx_state)) {
3972 // CheckBlock() does context-free validation checks. The only
3973 // possible failures are consensus failures.
3976 strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), tx_state.GetDebugMessage()));
3977 }
3978 }
3979 // This underestimates the number of sigops, because unlike ConnectBlock it
3980 // does not count witness and p2sh sigops.
3981 unsigned int nSigOps = 0;
3982 for (const auto& tx : block.vtx)
3983 {
3984 nSigOps += GetLegacySigOpCount(*tx);
3985 }
3987 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "out-of-bounds SigOpCount");
3988
3989 if (fCheckPOW && fCheckMerkleRoot)
3990 block.fChecked = true;
3991
3992 return true;
3993}
3994
3996{
3997 int commitpos = GetWitnessCommitmentIndex(block);
3998 static const std::vector<unsigned char> nonce(32, 0x00);
3999 if (commitpos != NO_WITNESS_COMMITMENT && DeploymentActiveAfter(pindexPrev, *this, Consensus::DEPLOYMENT_SEGWIT) && !block.vtx[0]->HasWitness()) {
4000 CMutableTransaction tx(*block.vtx[0]);
4001 tx.vin[0].scriptWitness.stack.resize(1);
4002 tx.vin[0].scriptWitness.stack[0] = nonce;
4003 block.vtx[0] = MakeTransactionRef(std::move(tx));
4004 }
4005}
4006
4008{
4009 int commitpos = GetWitnessCommitmentIndex(block);
4010 std::vector<unsigned char> ret(32, 0x00);
4011 if (commitpos == NO_WITNESS_COMMITMENT) {
4012 uint256 witnessroot = BlockWitnessMerkleRoot(block);
4013 CHash256().Write(witnessroot).Write(ret).Finalize(witnessroot);
4014 CTxOut out;
4015 out.nValue = 0;
4016 out.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
4017 out.scriptPubKey[0] = OP_RETURN;
4018 out.scriptPubKey[1] = 0x24;
4019 out.scriptPubKey[2] = 0xaa;
4020 out.scriptPubKey[3] = 0x21;
4021 out.scriptPubKey[4] = 0xa9;
4022 out.scriptPubKey[5] = 0xed;
4023 memcpy(&out.scriptPubKey[6], witnessroot.begin(), 32);
4024 CMutableTransaction tx(*block.vtx[0]);
4025 tx.vout.push_back(out);
4026 block.vtx[0] = MakeTransactionRef(std::move(tx));
4027 }
4028 UpdateUncommittedBlockStructures(block, pindexPrev);
4029}
4030
4031bool HasValidProofOfWork(std::span<const CBlockHeader> headers, const Consensus::Params& consensusParams)
4032{
4033 return std::ranges::all_of(headers,
4034 [&](const auto& header) { return CheckProofOfWork(header.GetHash(), header.nBits, consensusParams); });
4035}
4036
4037bool IsBlockMutated(const CBlock& block, bool check_witness_root)
4038{
4040 if (!CheckMerkleRoot(block, state)) {
4041 LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4042 return true;
4043 }
4044
4045 if (block.vtx.empty() || !block.vtx[0]->IsCoinBase()) {
4046 // Consider the block mutated if any transaction is 64 bytes in size (see 3.1
4047 // in "Weaknesses in Bitcoin’s Merkle Root Construction":
4048 // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190225/a27d8837/attachment-0001.pdf).
4049 //
4050 // Note: This is not a consensus change as this only applies to blocks that
4051 // don't have a coinbase transaction and would therefore already be invalid.
4052 return std::any_of(block.vtx.begin(), block.vtx.end(),
4053 [](auto& tx) { return GetSerializeSize(TX_NO_WITNESS(tx)) == 64; });
4054 } else {
4055 // Theoretically it is still possible for a block with a 64 byte
4056 // coinbase transaction to be mutated but we neglect that possibility
4057 // here as it requires at least 224 bits of work.
4058 }
4059
4060 if (!CheckWitnessMalleation(block, check_witness_root, state)) {
4061 LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4062 return true;
4063 }
4064
4065 return false;
4066}
4067
4069{
4070 arith_uint256 total_work{0};
4071 for (const CBlockHeader& header : headers) {
4072 total_work += GetBlockProof(header);
4073 }
4074 return total_work;
4075}
4076
4091{
4093 assert(pindexPrev != nullptr);
4094 const int nHeight = pindexPrev->nHeight + 1;
4095
4096 // Check proof of work
4097 const Consensus::Params& consensusParams = chainman.GetConsensus();
4098 if (block.nBits != GetNextWorkRequired(pindexPrev, &block, consensusParams))
4099 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "bad-diffbits", "incorrect proof of work");
4100
4101 // Check timestamp against prev
4102 if (block.GetBlockTime() <= pindexPrev->GetMedianTimePast())
4103 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-too-old", "block's timestamp is too early");
4104
4105 // Testnet4 and regtest only: Check timestamp against prev for difficulty-adjustment
4106 // blocks to prevent timewarp attacks (see https://github.com/bitcoin/bitcoin/pull/15482).
4107 if (consensusParams.enforce_BIP94) {
4108 // Check timestamp for the first block of each difficulty adjustment
4109 // interval, except the genesis block.
4110 if (nHeight % consensusParams.DifficultyAdjustmentInterval() == 0) {
4111 if (block.GetBlockTime() < pindexPrev->GetBlockTime() - MAX_TIMEWARP) {
4112 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-timewarp-attack", "block's timestamp is too early on diff adjustment block");
4113 }
4114 }
4115 }
4116
4117 // Check timestamp
4118 if (block.Time() > NodeClock::now() + std::chrono::seconds{MAX_FUTURE_BLOCK_TIME}) {
4119 return state.Invalid(BlockValidationResult::BLOCK_TIME_FUTURE, "time-too-new", "block timestamp too far in the future");
4120 }
4121
4122 // Reject blocks with outdated version
4123 if ((block.nVersion < 2 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB)) ||
4124 (block.nVersion < 3 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_DERSIG)) ||
4125 (block.nVersion < 4 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CLTV))) {
4126 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, strprintf("bad-version(0x%08x)", block.nVersion),
4127 strprintf("rejected nVersion=0x%08x block", block.nVersion));
4128 }
4129
4130 return true;
4131}
4132
4139static bool ContextualCheckBlock(const CBlock& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev)
4140{
4141 const int nHeight = pindexPrev == nullptr ? 0 : pindexPrev->nHeight + 1;
4142
4143 // Enforce BIP113 (Median Time Past).
4144 bool enforce_locktime_median_time_past{false};
4145 if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CSV)) {
4146 assert(pindexPrev != nullptr);
4147 enforce_locktime_median_time_past = true;
4148 }
4149
4150 const int64_t nLockTimeCutoff{enforce_locktime_median_time_past ?
4151 pindexPrev->GetMedianTimePast() :
4152 block.GetBlockTime()};
4153
4154 // Check that all transactions are finalized
4155 for (const auto& tx : block.vtx) {
4156 if (!IsFinalTx(*tx, nHeight, nLockTimeCutoff)) {
4157 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal", "non-final transaction");
4158 }
4159 }
4160
4161 // Enforce rule that the coinbase starts with serialized block height
4163 {
4165 if (block.vtx[0]->vin[0].scriptSig.size() < expect.size() ||
4166 !std::equal(expect.begin(), expect.end(), block.vtx[0]->vin[0].scriptSig.begin())) {
4167 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-height", "block height mismatch in coinbase");
4168 }
4169 }
4170
4171 // Validation for witness commitments.
4172 // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the
4173 // coinbase (where 0x0000....0000 is used instead).
4174 // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness reserved value (unconstrained).
4175 // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header).
4176 // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are
4177 // {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness reserved value). In case there are
4178 // multiple, the last one is used.
4179 if (!CheckWitnessMalleation(block, DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_SEGWIT), state)) {
4180 return false;
4181 }
4182
4183 // After the coinbase witness reserved value and commitment are verified,
4184 // we can check if the block weight passes (before we've checked the
4185 // coinbase witness, it would be possible for the weight to be too
4186 // large by filling up the coinbase witness, which doesn't change
4187 // the block hash, so we couldn't mark the block as permanently
4188 // failed).
4189 if (GetBlockWeight(block) > MAX_BLOCK_WEIGHT) {
4190 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-weight", strprintf("%s : weight limit failed", __func__));
4191 }
4192
4193 return true;
4194}
4195
4196bool ChainstateManager::AcceptBlockHeader(const CBlockHeader& block, BlockValidationState& state, CBlockIndex** ppindex, bool min_pow_checked)
4197{
4199
4200 // Check for duplicate
4201 uint256 hash = block.GetHash();
4202 BlockMap::iterator miSelf{m_blockman.m_block_index.find(hash)};
4203 if (hash != GetConsensus().hashGenesisBlock) {
4204 if (miSelf != m_blockman.m_block_index.end()) {
4205 // Block header is already known.
4206 CBlockIndex* pindex = &(miSelf->second);
4207 if (ppindex)
4208 *ppindex = pindex;
4209 if (pindex->nStatus & BLOCK_FAILED_VALID) {
4210 LogDebug(BCLog::VALIDATION, "%s: block %s is marked invalid\n", __func__, hash.ToString());
4211 return state.Invalid(BlockValidationResult::BLOCK_CACHED_INVALID, "duplicate-invalid",
4212 strprintf("block %s was previously marked invalid", hash.ToString()));
4213 }
4214 return true;
4215 }
4216
4217 if (!CheckBlockHeader(block, state, GetConsensus())) {
4218 LogDebug(BCLog::VALIDATION, "%s: Consensus::CheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4219 return false;
4220 }
4221
4222 // Get prev block index
4223 CBlockIndex* pindexPrev = nullptr;
4224 BlockMap::iterator mi{m_blockman.m_block_index.find(block.hashPrevBlock)};
4225 if (mi == m_blockman.m_block_index.end()) {
4226 LogDebug(BCLog::VALIDATION, "header %s has prev block not found: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4227 return state.Invalid(BlockValidationResult::BLOCK_MISSING_PREV, "prev-blk-not-found");
4228 }
4229 pindexPrev = &((*mi).second);
4230 if (pindexPrev->nStatus & BLOCK_FAILED_VALID) {
4231 LogDebug(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4232 return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
4233 }
4234 if (!ContextualCheckBlockHeader(block, state, *this, pindexPrev)) {
4235 LogDebug(BCLog::VALIDATION, "%s: Consensus::ContextualCheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4236 return false;
4237 }
4238 }
4239 if (!min_pow_checked) {
4240 LogDebug(BCLog::VALIDATION, "%s: not adding new block header %s, missing anti-dos proof-of-work validation\n", __func__, hash.ToString());
4241 return state.Invalid(BlockValidationResult::BLOCK_HEADER_LOW_WORK, "too-little-chainwork");
4242 }
4243 CBlockIndex* pindex{m_blockman.AddToBlockIndex(block, m_best_header)};
4244
4245 if (ppindex)
4246 *ppindex = pindex;
4247
4248 return true;
4249}
4250
4251// Exposed wrapper for AcceptBlockHeader
4252bool ChainstateManager::ProcessNewBlockHeaders(std::span<const CBlockHeader> headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex)
4253{
4255 {
4256 LOCK(cs_main);
4257 for (const CBlockHeader& header : headers) {
4258 CBlockIndex *pindex = nullptr; // Use a temp pindex instead of ppindex to avoid a const_cast
4259 bool accepted{AcceptBlockHeader(header, state, &pindex, min_pow_checked)};
4261
4262 if (!accepted) {
4263 return false;
4264 }
4265 if (ppindex) {
4266 *ppindex = pindex;
4267 }
4268 }
4269 }
4270 if (NotifyHeaderTip()) {
4271 if (IsInitialBlockDownload() && ppindex && *ppindex) {
4272 const CBlockIndex& last_accepted{**ppindex};
4273 int64_t blocks_left{(NodeClock::now() - last_accepted.Time()) / GetConsensus().PowTargetSpacing()};
4274 blocks_left = std::max<int64_t>(0, blocks_left);
4275 const double progress{100.0 * last_accepted.nHeight / (last_accepted.nHeight + blocks_left)};
4276 LogInfo("Synchronizing blockheaders, height: %d (~%.2f%%)\n", last_accepted.nHeight, progress);
4277 }
4278 }
4279 return true;
4280}
4281
4282void ChainstateManager::ReportHeadersPresync(int64_t height, int64_t timestamp)
4283{
4285 {
4286 LOCK(GetMutex());
4287 // Don't report headers presync progress if we already have a post-minchainwork header chain.
4288 // This means we lose reporting for potentially legitimate, but unlikely, deep reorgs, but
4289 // prevent attackers that spam low-work headers from filling our logs.
4290 if (m_best_header->nChainWork >= UintToArith256(GetConsensus().nMinimumChainWork)) return;
4291 // Rate limit headers presync updates to 4 per second, as these are not subject to DoS
4292 // protection.
4293 auto now = MockableSteadyClock::now();
4294 if (now < m_last_presync_update + std::chrono::milliseconds{250}) return;
4295 m_last_presync_update = now;
4296 }
4297 bool initial_download = IsInitialBlockDownload();
4298 GetNotifications().headerTip(GetSynchronizationState(initial_download, m_blockman.m_blockfiles_indexed), height, timestamp, /*presync=*/true);
4299 if (initial_download) {
4300 int64_t blocks_left{(NodeClock::now() - NodeSeconds{std::chrono::seconds{timestamp}}) / GetConsensus().PowTargetSpacing()};
4301 blocks_left = std::max<int64_t>(0, blocks_left);
4302 const double progress{100.0 * height / (height + blocks_left)};
4303 LogInfo("Pre-synchronizing blockheaders, height: %d (~%.2f%%)\n", height, progress);
4304 }
4305}
4306
4308bool ChainstateManager::AcceptBlock(const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked)
4309{
4310 const CBlock& block = *pblock;
4311
4312 if (fNewBlock) *fNewBlock = false;
4314
4315 CBlockIndex *pindexDummy = nullptr;
4316 CBlockIndex *&pindex = ppindex ? *ppindex : pindexDummy;
4317
4318 bool accepted_header{AcceptBlockHeader(block, state, &pindex, min_pow_checked)};
4320
4321 if (!accepted_header)
4322 return false;
4323
4324 // Check all requested blocks that we do not already have for validity and
4325 // save them to disk. Skip processing of unrequested blocks as an anti-DoS
4326 // measure, unless the blocks have more work than the active chain tip, and
4327 // aren't too far ahead of it, so are likely to be attached soon.
4328 bool fAlreadyHave = pindex->nStatus & BLOCK_HAVE_DATA;
4329 bool fHasMoreOrSameWork = (ActiveTip() ? pindex->nChainWork >= ActiveTip()->nChainWork : true);
4330 // Blocks that are too out-of-order needlessly limit the effectiveness of
4331 // pruning, because pruning will not delete block files that contain any
4332 // blocks which are too close in height to the tip. Apply this test
4333 // regardless of whether pruning is enabled; it should generally be safe to
4334 // not process unrequested blocks.
4335 bool fTooFarAhead{pindex->nHeight > ActiveHeight() + int(MIN_BLOCKS_TO_KEEP)};
4336
4337 // TODO: Decouple this function from the block download logic by removing fRequested
4338 // This requires some new chain data structure to efficiently look up if a
4339 // block is in a chain leading to a candidate for best tip, despite not
4340 // being such a candidate itself.
4341 // Note that this would break the getblockfrompeer RPC
4342
4343 // TODO: deal better with return value and error conditions for duplicate
4344 // and unrequested blocks.
4345 if (fAlreadyHave) return true;
4346 if (!fRequested) { // If we didn't ask for it:
4347 if (pindex->nTx != 0) return true; // This is a previously-processed block that was pruned
4348 if (!fHasMoreOrSameWork) return true; // Don't process less-work chains
4349 if (fTooFarAhead) return true; // Block height is too high
4350
4351 // Protect against DoS attacks from low-work chains.
4352 // If our tip is behind, a peer could try to send us
4353 // low-work blocks on a fake chain that we would never
4354 // request; don't process these.
4355 if (pindex->nChainWork < MinimumChainWork()) return true;
4356 }
4357
4358 const CChainParams& params{GetParams()};
4359
4360 if (!CheckBlock(block, state, params.GetConsensus()) ||
4361 !ContextualCheckBlock(block, state, *this, pindex->pprev)) {
4362 if (Assume(state.IsInvalid())) {
4363 ActiveChainstate().InvalidBlockFound(pindex, state);
4364 }
4365 LogError("%s: %s\n", __func__, state.ToString());
4366 return false;
4367 }
4368
4369 // Header is valid/has work, merkle tree and segwit merkle tree are good...RELAY NOW
4370 // (but if it does not build on our best tip, let the SendMessages loop relay it)
4371 if (!IsInitialBlockDownload() && ActiveTip() == pindex->pprev && m_options.signals) {
4372 m_options.signals->NewPoWValidBlock(pindex, pblock);
4373 }
4374
4375 // Write block to history file
4376 if (fNewBlock) *fNewBlock = true;
4377 try {
4378 FlatFilePos blockPos{};
4379 if (dbp) {
4380 blockPos = *dbp;
4381 m_blockman.UpdateBlockInfo(block, pindex->nHeight, blockPos);
4382 } else {
4383 blockPos = m_blockman.WriteBlock(block, pindex->nHeight);
4384 if (blockPos.IsNull()) {
4385 state.Error(strprintf("%s: Failed to find position to write new block to disk", __func__));
4386 return false;
4387 }
4388 }
4389 ReceivedBlockTransactions(block, pindex, blockPos);
4390 } catch (const std::runtime_error& e) {
4391 return FatalError(GetNotifications(), state, strprintf(_("System error while saving block to disk: %s"), e.what()));
4392 }
4393
4394 // TODO: FlushStateToDisk() handles flushing of both block and chainstate
4395 // data, so we should move this to ChainstateManager so that we can be more
4396 // intelligent about how we flush.
4397 // For now, since FlushStateMode::NONE is used, all that can happen is that
4398 // the block files may be pruned, so we can just call this on one
4399 // chainstate (particularly if we haven't implemented pruning with
4400 // background validation yet).
4401 //
4402 // Flush errors (e.g. low disk space during pruning) are ignored, so that
4403 // callers can't mistreat a flush failure as a block validation failure.
4404 // The fatal error notification inside FlushStateToDisk still fires,
4405 // so the node will shut down on unrecoverable flush errors regardless.
4406 // For state a dummy value is used, and the return value is ignored.
4407 BlockValidationState flush_state_ignore;
4408 (void)ActiveChainstate().FlushStateToDisk(flush_state_ignore, FlushStateMode::NONE);
4409
4411
4412 return true;
4413}
4414
4415bool ChainstateManager::ProcessNewBlock(const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block)
4416{
4418
4419 {
4420 CBlockIndex *pindex = nullptr;
4421 if (new_block) *new_block = false;
4423
4424 // CheckBlock() does not support multi-threaded block validation because CBlock::fChecked can cause data race.
4425 // Therefore, the following critical section must include the CheckBlock() call as well.
4426 LOCK(cs_main);
4427
4428 // Skipping AcceptBlock() for CheckBlock() failures means that we will never mark a block as invalid if
4429 // CheckBlock() fails. This is protective against consensus failure if there are any unknown forms of block
4430 // malleability that cause CheckBlock() to fail; see e.g. CVE-2012-2459 and
4431 // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html. Because CheckBlock() is
4432 // not very expensive, the anti-DoS benefits of caching failure (of a definitely-invalid block) are not substantial.
4433 bool ret = CheckBlock(*block, state, GetConsensus());
4434 if (ret) {
4435 // Store to disk
4436 ret = AcceptBlock(block, state, &pindex, force_processing, nullptr, new_block, min_pow_checked);
4437 }
4438 if (!ret) {
4439 if (m_options.signals) {
4440 m_options.signals->BlockChecked(block, state);
4441 }
4442 LogError("%s: AcceptBlock FAILED (%s)\n", __func__, state.ToString());
4443 return false;
4444 }
4445 }
4446
4448
4449 BlockValidationState state; // Only used to report errors, not invalidity - ignore it
4450 if (!ActiveChainstate().ActivateBestChain(state, block)) {
4451 LogError("%s: ActivateBestChain failed (%s)\n", __func__, state.ToString());
4452 return false;
4453 }
4454
4455 Chainstate* bg_chain{WITH_LOCK(cs_main, return HistoricalChainstate())};
4456 BlockValidationState bg_state;
4457 if (bg_chain && !bg_chain->ActivateBestChain(bg_state, block)) {
4458 LogError("%s: [background] ActivateBestChain failed (%s)\n", __func__, bg_state.ToString());
4459 return false;
4460 }
4461
4462 return true;
4463}
4464
4466{
4468 Chainstate& active_chainstate = ActiveChainstate();
4469 if (!active_chainstate.GetMempool()) {
4470 TxValidationState state;
4471 state.Invalid(TxValidationResult::TX_NO_MEMPOOL, "no-mempool");
4472 return MempoolAcceptResult::Failure(state);
4473 }
4474 auto result = AcceptToMemoryPool(active_chainstate, tx, GetTime(), /*bypass_limits=*/ false, test_accept);
4475 active_chainstate.GetMempool()->check(active_chainstate.CoinsTip(), active_chainstate.m_chain.Height() + 1);
4476 return result;
4477}
4478
4479
4481 Chainstate& chainstate,
4482 const CBlock& block,
4483 const bool check_pow,
4484 const bool check_merkle_root)
4485{
4486 // Lock must be held throughout this function for two reasons:
4487 // 1. We don't want the tip to change during several of the validation steps
4488 // 2. To prevent a CheckBlock() race condition for fChecked, see ProcessNewBlock()
4489 AssertLockHeld(chainstate.m_chainman.GetMutex());
4490
4492 CBlockIndex* tip{Assert(chainstate.m_chain.Tip())};
4493
4494 if (block.hashPrevBlock != *Assert(tip->phashBlock)) {
4495 state.Invalid({}, "inconclusive-not-best-prevblk");
4496 return state;
4497 }
4498
4499 // For signets CheckBlock() verifies the challenge iff fCheckPow is set.
4500 if (!CheckBlock(block, state, chainstate.m_chainman.GetConsensus(), /*fCheckPow=*/check_pow, /*fCheckMerkleRoot=*/check_merkle_root)) {
4501 // This should never happen, but belt-and-suspenders don't approve the
4502 // block if it does.
4503 if (state.IsValid()) NONFATAL_UNREACHABLE();
4504 return state;
4505 }
4506
4522 if (!ContextualCheckBlockHeader(block, state, chainstate.m_chainman, tip)) {
4523 if (state.IsValid()) NONFATAL_UNREACHABLE();
4524 return state;
4525 }
4526
4527 if (!ContextualCheckBlock(block, state, chainstate.m_chainman, tip)) {
4528 if (state.IsValid()) NONFATAL_UNREACHABLE();
4529 return state;
4530 }
4531
4532 // We don't want ConnectBlock to update the actual chainstate, so create
4533 // a cache on top of it, along with a dummy block index.
4534 CBlockIndex index_dummy{block};
4535 uint256 block_hash(block.GetHash());
4536 index_dummy.pprev = tip;
4537 index_dummy.nHeight = tip->nHeight + 1;
4538 index_dummy.phashBlock = &block_hash;
4539 CCoinsViewCache view_dummy(&chainstate.CoinsTip());
4540
4541 // Set fJustCheck to true in order to update, and not clear, validation caches.
4542 if(!chainstate.ConnectBlock(block, state, &index_dummy, view_dummy, /*fJustCheck=*/true)) {
4543 if (state.IsValid()) NONFATAL_UNREACHABLE();
4544 return state;
4545 }
4546
4547 // Ensure no check returned successfully while also setting an invalid state.
4548 if (!state.IsValid()) NONFATAL_UNREACHABLE();
4549
4550 return state;
4551}
4552
4553/* This function is called from the RPC code for pruneblockchain */
4554void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight)
4555{
4557 if (!active_chainstate.FlushStateToDisk(
4558 state, FlushStateMode::NONE, nManualPruneHeight)) {
4559 LogWarning("Failed to flush state after manual prune (%s)", state.ToString());
4560 }
4561}
4562
4564{
4566 const CCoinsViewCache& coins_cache = CoinsTip();
4567 assert(!coins_cache.GetBestBlock().IsNull()); // Never called when the coins view is empty
4568 CBlockIndex* tip = m_chain.Tip();
4569
4570 if (tip && tip->GetBlockHash() == coins_cache.GetBestBlock()) {
4571 return true;
4572 }
4573
4574 // Load pointer to end of best chain
4575 CBlockIndex* pindex = m_blockman.LookupBlockIndex(coins_cache.GetBestBlock());
4576 if (!pindex) {
4577 return false;
4578 }
4579 m_chain.SetTip(*pindex);
4581 tip = m_chain.Tip();
4582
4583 // nSequenceId is one of the keys used to sort setBlockIndexCandidates. Ensure all
4584 // candidate sets are empty to avoid UB, as nSequenceId is about to be modified.
4585 for (const auto& cs : m_chainman.m_chainstates) {
4586 assert(cs->setBlockIndexCandidates.empty());
4587 }
4588
4589 // Make sure our chain tip before shutting down scores better than any other candidate
4590 // to maintain a consistent best tip over reboots in case of a tie.
4591 auto target = tip;
4592 while (target) {
4594 target = target->pprev;
4595 }
4596
4597 LogInfo("Loaded best chain: hashBestChain=%s height=%d date=%s progress=%f",
4598 tip->GetBlockHash().ToString(),
4599 m_chain.Height(),
4602
4603 // Ensure KernelNotifications m_tip_block is set even if no new block arrives.
4604 if (!this->GetRole().historical) {
4605 // Ignoring return value for now.
4608 /*index=*/*pindex,
4609 /*verification_progress=*/m_chainman.GuessVerificationProgress(tip));
4610 }
4611
4613
4614 return true;
4615}
4616
4618 : m_notifications{notifications}
4619{
4620 m_notifications.progress(_("Verifying blocks…"), 0, false);
4621}
4622
4624{
4625 m_notifications.progress(bilingual_str{}, 100, false);
4626}
4627
4629 Chainstate& chainstate,
4630 const Consensus::Params& consensus_params,
4631 CCoinsView& coinsview,
4632 int nCheckLevel, int nCheckDepth)
4633{
4635
4636 if (chainstate.m_chain.Tip() == nullptr || chainstate.m_chain.Tip()->pprev == nullptr) {
4638 }
4639
4640 // Verify blocks in the best chain
4641 if (nCheckDepth <= 0 || nCheckDepth > chainstate.m_chain.Height()) {
4642 nCheckDepth = chainstate.m_chain.Height();
4643 }
4644 nCheckLevel = std::max(0, std::min(4, nCheckLevel));
4645 LogInfo("Verifying last %i blocks at level %i", nCheckDepth, nCheckLevel);
4646 CCoinsViewCache coins(&coinsview);
4647 CBlockIndex* pindex;
4648 CBlockIndex* pindexFailure = nullptr;
4649 int nGoodTransactions = 0;
4651 int reportDone = 0;
4652 bool skipped_no_block_data{false};
4653 bool skipped_l3_checks{false};
4654 LogInfo("Verification progress: 0%%");
4655
4656 const bool is_snapshot_cs{chainstate.m_from_snapshot_blockhash};
4657
4658 for (pindex = chainstate.m_chain.Tip(); pindex && pindex->pprev; pindex = pindex->pprev) {
4659 const int percentageDone = std::max(1, std::min(99, (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * (nCheckLevel >= 4 ? 50 : 100))));
4660 if (reportDone < percentageDone / 10) {
4661 // report every 10% step
4662 LogInfo("Verification progress: %d%%", percentageDone);
4663 reportDone = percentageDone / 10;
4664 }
4665 m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4666 if (pindex->nHeight <= chainstate.m_chain.Height() - nCheckDepth) {
4667 break;
4668 }
4669 if ((chainstate.m_blockman.IsPruneMode() || is_snapshot_cs) && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
4670 // If pruning or running under an assumeutxo snapshot, only go
4671 // back as far as we have data.
4672 LogInfo("Block verification stopping at height %d (no data). This could be due to pruning or use of an assumeutxo snapshot.", pindex->nHeight);
4673 skipped_no_block_data = true;
4674 break;
4675 }
4676 CBlock block;
4677 // check level 0: read from disk
4678 if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
4679 LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4681 }
4682 // check level 1: verify block validity
4683 if (nCheckLevel >= 1 && !CheckBlock(block, state, consensus_params)) {
4684 LogError("Verification error: found bad block at %d, hash=%s (%s)",
4685 pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4687 }
4688 // check level 2: verify undo validity
4689 if (nCheckLevel >= 2 && pindex) {
4690 CBlockUndo undo;
4691 if (!pindex->GetUndoPos().IsNull()) {
4692 if (!chainstate.m_blockman.ReadBlockUndo(undo, *pindex)) {
4693 LogError("Verification error: found bad undo data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4695 }
4696 }
4697 }
4698 // check level 3: check for inconsistencies during memory-only disconnect of tip blocks
4699 size_t curr_coins_usage = coins.DynamicMemoryUsage() + chainstate.CoinsTip().DynamicMemoryUsage();
4700
4701 if (nCheckLevel >= 3) {
4702 if (curr_coins_usage <= chainstate.m_coinstip_cache_size_bytes) {
4703 assert(coins.GetBestBlock() == pindex->GetBlockHash());
4704 DisconnectResult res = chainstate.DisconnectBlock(block, pindex, coins);
4705 if (res == DISCONNECT_FAILED) {
4706 LogError("Verification error: irrecoverable inconsistency in block data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4708 }
4709 if (res == DISCONNECT_UNCLEAN) {
4710 nGoodTransactions = 0;
4711 pindexFailure = pindex;
4712 } else {
4713 nGoodTransactions += block.vtx.size();
4714 }
4715 } else {
4716 skipped_l3_checks = true;
4717 }
4718 }
4719 if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4720 }
4721 if (pindexFailure) {
4722 LogError("Verification error: coin database inconsistencies found (last %i blocks, %i good transactions before that)", chainstate.m_chain.Height() - pindexFailure->nHeight + 1, nGoodTransactions);
4724 }
4725 if (skipped_l3_checks) {
4726 LogWarning("Skipped verification of level >=3 (insufficient database cache size). Consider increasing -dbcache.");
4727 }
4728
4729 // store block count as we move pindex at check level >= 4
4730 int block_count = chainstate.m_chain.Height() - pindex->nHeight;
4731
4732 // check level 4: try reconnecting blocks
4733 if (nCheckLevel >= 4 && !skipped_l3_checks) {
4734 while (pindex != chainstate.m_chain.Tip()) {
4735 const int percentageDone = std::max(1, std::min(99, 100 - (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * 50)));
4736 if (reportDone < percentageDone / 10) {
4737 // report every 10% step
4738 LogInfo("Verification progress: %d%%", percentageDone);
4739 reportDone = percentageDone / 10;
4740 }
4741 m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4742 pindex = chainstate.m_chain.Next(*pindex);
4743 CBlock block;
4744 if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
4745 LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4747 }
4748 if (!chainstate.ConnectBlock(block, state, pindex, coins)) {
4749 LogError("Verification error: found unconnectable block at %d, hash=%s (%s)", pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4751 }
4752 if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4753 }
4754 }
4755
4756 LogInfo("Verification: checked last %i blocks at level %i", block_count, nCheckLevel);
4757 if (nCheckLevel >= 3 && !skipped_l3_checks) {
4758 LogInfo("Verification: no coin database inconsistencies (%i transactions)", nGoodTransactions);
4759 }
4760
4761 if (skipped_l3_checks) {
4763 }
4764 if (skipped_no_block_data) {
4766 }
4768}
4769
4772{
4774 // TODO: merge with ConnectBlock
4775 CBlock block;
4776 if (!m_blockman.ReadBlock(block, *pindex)) {
4777 LogError("ReplayBlock(): ReadBlock failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4778 return false;
4779 }
4780
4781 for (const CTransactionRef& tx : block.vtx) {
4782 if (!tx->IsCoinBase()) {
4783 for (const CTxIn &txin : tx->vin) {
4784 inputs.SpendCoin(txin.prevout);
4785 }
4786 }
4787 // Pass check = true as every addition may be an overwrite.
4788 AddCoins(inputs, *tx, pindex->nHeight, true);
4789 }
4790 return true;
4791}
4792
4794{
4795 LOCK(cs_main);
4796
4797 CCoinsView& db = this->CoinsDB();
4798 CCoinsViewCache cache(&db);
4799
4800 std::vector<uint256> hashHeads = db.GetHeadBlocks();
4801 if (hashHeads.empty()) return true; // We're already in a consistent state.
4802 if (hashHeads.size() != 2) {
4803 LogError("ReplayBlocks(): unknown inconsistent state\n");
4804 return false;
4805 }
4806
4807 m_chainman.GetNotifications().progress(_("Replaying blocks…"), 0, false);
4808 LogInfo("Replaying blocks");
4809
4810 const CBlockIndex* pindexOld = nullptr; // Old tip during the interrupted flush.
4811 const CBlockIndex* pindexNew; // New tip during the interrupted flush.
4812 const CBlockIndex* pindexFork = nullptr; // Latest block common to both the old and the new tip.
4813
4814 if (!m_blockman.m_block_index.contains(hashHeads[0])) {
4815 LogError("ReplayBlocks(): reorganization to unknown block requested\n");
4816 return false;
4817 }
4818 pindexNew = &(m_blockman.m_block_index[hashHeads[0]]);
4819
4820 if (!hashHeads[1].IsNull()) { // The old tip is allowed to be 0, indicating it's the first flush.
4821 if (!m_blockman.m_block_index.contains(hashHeads[1])) {
4822 LogError("ReplayBlocks(): reorganization from unknown block requested\n");
4823 return false;
4824 }
4825 pindexOld = &(m_blockman.m_block_index[hashHeads[1]]);
4826 pindexFork = LastCommonAncestor(pindexOld, pindexNew);
4827 assert(pindexFork != nullptr);
4828 }
4829
4830 // Rollback along the old branch.
4831 const int nForkHeight{pindexFork ? pindexFork->nHeight : 0};
4832 if (pindexOld != pindexFork) {
4833 LogInfo("Rolling back from %s (%i to %i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight, nForkHeight);
4834 while (pindexOld != pindexFork) {
4835 if (pindexOld->nHeight > 0) { // Never disconnect the genesis block.
4836 CBlock block;
4837 if (!m_blockman.ReadBlock(block, *pindexOld)) {
4838 LogError("RollbackBlock(): ReadBlock() failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4839 return false;
4840 }
4841 if (pindexOld->nHeight % 10'000 == 0) {
4842 LogInfo("Rolling back %s (%i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight);
4843 }
4844 DisconnectResult res = DisconnectBlock(block, pindexOld, cache);
4845 if (res == DISCONNECT_FAILED) {
4846 LogError("RollbackBlock(): DisconnectBlock failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4847 return false;
4848 }
4849 // If DISCONNECT_UNCLEAN is returned, it means a non-existing UTXO was deleted, or an existing UTXO was
4850 // overwritten. It corresponds to cases where the block-to-be-disconnect never had all its operations
4851 // applied to the UTXO set. However, as both writing a UTXO and deleting a UTXO are idempotent operations,
4852 // the result is still a version of the UTXO set with the effects of that block undone.
4853 }
4854 pindexOld = pindexOld->pprev;
4855 }
4856 LogInfo("Rolled back to %s", pindexFork->GetBlockHash().ToString());
4857 }
4858
4859 // Roll forward from the forking point to the new tip.
4860 if (nForkHeight < pindexNew->nHeight) {
4861 LogInfo("Rolling forward to %s (%i to %i)", pindexNew->GetBlockHash().ToString(), nForkHeight, pindexNew->nHeight);
4862 for (int nHeight = nForkHeight + 1; nHeight <= pindexNew->nHeight; ++nHeight) {
4863 const CBlockIndex& pindex{*Assert(pindexNew->GetAncestor(nHeight))};
4864
4865 if (nHeight % 10'000 == 0) {
4866 LogInfo("Rolling forward %s (%i)", pindex.GetBlockHash().ToString(), nHeight);
4867 }
4868 m_chainman.GetNotifications().progress(_("Replaying blocks…"), (int)((nHeight - nForkHeight) * 100.0 / (pindexNew->nHeight - nForkHeight)), false);
4869 if (!RollforwardBlock(&pindex, cache)) return false;
4870 }
4871 LogInfo("Rolled forward to %s", pindexNew->GetBlockHash().ToString());
4872 }
4873
4874 cache.SetBestBlock(pindexNew->GetBlockHash());
4875 cache.Flush(/*reallocate_cache=*/false); // local CCoinsViewCache goes out of scope
4877 return true;
4878}
4879
4881{
4883
4884 // At and above m_params.SegwitHeight, segwit consensus rules must be validated
4885 CBlockIndex* block{m_chain.Tip()};
4886
4887 while (block != nullptr && DeploymentActiveAt(*block, m_chainman, Consensus::DEPLOYMENT_SEGWIT)) {
4888 if (!(block->nStatus & BLOCK_OPT_WITNESS)) {
4889 // block is insufficiently validated for a segwit client
4890 return true;
4891 }
4892 block = block->pprev;
4893 }
4894
4895 return false;
4896}
4897
4898void Chainstate::ClearBlockIndexCandidates()
4899{
4902}
4903
4904void Chainstate::PopulateBlockIndexCandidates()
4905{
4907
4908 for (CBlockIndex* pindex : m_blockman.GetAllBlockIndices()) {
4909 // With assumeutxo, the snapshot block is a candidate for the tip, but it
4910 // may not have BLOCK_VALID_TRANSACTIONS (e.g. if we haven't yet downloaded
4911 // the block), so we special-case it here.
4912 if (pindex == SnapshotBase() ||
4914 (pindex->HaveNumChainTxs() || pindex->pprev == nullptr))) {
4916 }
4917 }
4918}
4919
4921{
4923 // Load block index from databases
4925 bool ret{m_blockman.LoadBlockIndexDB(CurrentChainstate().m_from_snapshot_blockhash)};
4926 if (!ret) return false;
4927
4928 m_blockman.ScanAndUnlinkAlreadyPrunedFiles();
4929
4930 std::vector<CBlockIndex*> vSortedByHeight{m_blockman.GetAllBlockIndices()};
4931 std::sort(vSortedByHeight.begin(), vSortedByHeight.end(),
4933
4934 for (CBlockIndex* pindex : vSortedByHeight) {
4935 if (m_interrupt) return false;
4936 if (pindex->nStatus & BLOCK_FAILED_VALID && (!m_best_invalid || pindex->nChainWork > m_best_invalid->nChainWork)) {
4937 m_best_invalid = pindex;
4938 }
4939 if (pindex->IsValid(BLOCK_VALID_TREE) && (m_best_header == nullptr || CBlockIndexWorkComparator()(m_best_header, pindex)))
4940 m_best_header = pindex;
4941 }
4942 }
4943 return true;
4944}
4945
4947{
4948 LOCK(cs_main);
4949
4950 const CBlock& genesis_block{GetParams().GenesisBlock()};
4951
4952 // Check whether we're already initialized by checking for genesis in
4953 // m_blockman.m_block_index. Note that we can't use a chainstate's m_chain here, since it is
4954 // set based on the coins db, not the block index db, which is the only
4955 // thing loaded at this point.
4956 if (m_blockman.m_block_index.contains(genesis_block.GetHash())) {
4957 return true;
4958 }
4959
4960 try {
4961 FlatFilePos blockPos{m_blockman.WriteBlock(genesis_block, 0)};
4962 if (blockPos.IsNull()) {
4963 LogError("Writing genesis block to disk failed");
4964 return false;
4965 }
4966 CBlockIndex* pindex{m_blockman.AddToBlockIndex(genesis_block, m_best_header)};
4967 ReceivedBlockTransactions(genesis_block, pindex, blockPos);
4968 } catch (const std::runtime_error& e) {
4969 LogError("Failed to write genesis block: %s", e.what());
4970 return false;
4971 }
4972
4973 return true;
4974}
4975
4977 AutoFile& file_in,
4978 FlatFilePos* dbp,
4979 std::multimap<uint256, FlatFilePos>* blocks_with_unknown_parent)
4980{
4981 // Either both should be specified (-reindex), or neither (-loadblock).
4982 assert(!dbp == !blocks_with_unknown_parent);
4983
4984 const auto start{SteadyClock::now()};
4985 const CChainParams& params{GetParams()};
4986
4987 int nLoaded = 0;
4988 try {
4990 // nRewind indicates where to resume scanning in case something goes wrong,
4991 // such as a block fails to deserialize.
4992 uint64_t nRewind = blkdat.GetPos();
4993 while (!blkdat.eof()) {
4994 if (m_interrupt) return;
4995
4996 blkdat.SetPos(nRewind);
4997 nRewind++; // start one byte further next time, in case of failure
4998 blkdat.SetLimit(); // remove former limit
4999 unsigned int nSize = 0;
5000 try {
5001 // locate a header
5003 blkdat.FindByte(std::byte(params.MessageStart()[0]));
5004 nRewind = blkdat.GetPos() + 1;
5005 blkdat >> buf;
5006 if (buf != params.MessageStart()) {
5007 continue;
5008 }
5009 // read size
5010 blkdat >> nSize;
5011 if (nSize < 80 || nSize > MAX_BLOCK_SERIALIZED_SIZE)
5012 continue;
5013 } catch (const std::exception&) {
5014 // no valid block header found; don't complain
5015 // (this happens at the end of every blk.dat file)
5016 break;
5017 }
5018 try {
5019 // read block header
5020 const uint64_t nBlockPos{blkdat.GetPos()};
5021 if (dbp)
5022 dbp->nPos = nBlockPos;
5023 blkdat.SetLimit(nBlockPos + nSize);
5024 CBlockHeader header;
5025 blkdat >> header;
5026 const uint256 hash{header.GetHash()};
5027 // Skip the rest of this block (this may read from disk into memory); position to the marker before the
5028 // next block, but it's still possible to rewind to the start of the current block (without a disk read).
5029 nRewind = nBlockPos + nSize;
5030 blkdat.SkipTo(nRewind);
5031
5032 std::shared_ptr<CBlock> pblock{}; // needs to remain available after the cs_main lock is released to avoid duplicate reads from disk
5033
5034 {
5035 LOCK(cs_main);
5036 // detect out of order blocks, and store them for later
5037 if (hash != params.GetConsensus().hashGenesisBlock && !m_blockman.LookupBlockIndex(header.hashPrevBlock)) {
5038 LogDebug(BCLog::REINDEX, "%s: Out of order block %s, parent %s not known\n", __func__, hash.ToString(),
5039 header.hashPrevBlock.ToString());
5040 if (dbp && blocks_with_unknown_parent) {
5041 blocks_with_unknown_parent->emplace(header.hashPrevBlock, *dbp);
5042 }
5043 continue;
5044 }
5045
5046 // process in case the block isn't known yet
5047 const CBlockIndex* pindex = m_blockman.LookupBlockIndex(hash);
5048 if (!pindex || (pindex->nStatus & BLOCK_HAVE_DATA) == 0) {
5049 // This block can be processed immediately; rewind to its start, read and deserialize it.
5050 blkdat.SetPos(nBlockPos);
5051 pblock = std::make_shared<CBlock>();
5052 blkdat >> TX_WITH_WITNESS(*pblock);
5053 nRewind = blkdat.GetPos();
5054
5056 if (AcceptBlock(pblock, state, nullptr, true, dbp, nullptr, true)) {
5057 nLoaded++;
5058 }
5059 if (state.IsError()) {
5060 break;
5061 }
5062 } else if (hash != params.GetConsensus().hashGenesisBlock && pindex->nHeight % 1000 == 0) {
5063 LogDebug(BCLog::REINDEX, "Block Import: already had block %s at height %d\n", hash.ToString(), pindex->nHeight);
5064 }
5065 }
5066
5067 // Activate the genesis block so normal node progress can continue
5068 // During first -reindex, this will only connect Genesis since
5069 // ActivateBestChain only connects blocks which are in the block tree db,
5070 // which only contains blocks whose parents are in it.
5071 // But do this only if genesis isn't activated yet, to avoid connecting many blocks
5072 // without assumevalid in the case of a continuation of a reindex that
5073 // was interrupted by the user.
5074 if (hash == params.GetConsensus().hashGenesisBlock && WITH_LOCK(::cs_main, return ActiveHeight()) == -1) {
5076 if (!ActiveChainstate().ActivateBestChain(state, nullptr)) {
5077 break;
5078 }
5079 }
5080
5082 // must update the tip for pruning to work while importing with -loadblock.
5083 // this is a tradeoff to conserve disk space at the expense of time
5084 // spent updating the tip to be able to prune.
5085 // otherwise, ActivateBestChain won't be called by the import process
5086 // until after all of the block files are loaded. ActivateBestChain can be
5087 // called by concurrent network message processing. but, that is not
5088 // reliable for the purpose of pruning while importing.
5089 if (auto result{ActivateBestChains()}; !result) {
5090 LogDebug(BCLog::REINDEX, "%s\n", util::ErrorString(result).original);
5091 break;
5092 }
5093 }
5094
5096
5097 if (!blocks_with_unknown_parent) continue;
5098
5099 // Recursively process earlier encountered successors of this block
5100 std::deque<uint256> queue;
5101 queue.push_back(hash);
5102 while (!queue.empty()) {
5103 uint256 head = queue.front();
5104 queue.pop_front();
5105 auto range = blocks_with_unknown_parent->equal_range(head);
5106 while (range.first != range.second) {
5107 std::multimap<uint256, FlatFilePos>::iterator it = range.first;
5108 std::shared_ptr<CBlock> pblockrecursive = std::make_shared<CBlock>();
5109 if (m_blockman.ReadBlock(*pblockrecursive, it->second, {})) {
5110 const auto& block_hash{pblockrecursive->GetHash()};
5111 LogDebug(BCLog::REINDEX, "%s: Processing out of order child %s of %s", __func__, block_hash.ToString(), head.ToString());
5112 LOCK(cs_main);
5114 if (AcceptBlock(pblockrecursive, dummy, nullptr, true, &it->second, nullptr, true)) {
5115 nLoaded++;
5116 queue.push_back(block_hash);
5117 }
5118 }
5119 range.first++;
5120 blocks_with_unknown_parent->erase(it);
5122 }
5123 }
5124 } catch (const std::exception& e) {
5125 // historical bugs added extra data to the block files that does not deserialize cleanly.
5126 // commonly this data is between readable blocks, but it does not really matter. such data is not fatal to the import process.
5127 // the code that reads the block files deals with invalid data by simply ignoring it.
5128 // it continues to search for the next {4 byte magic message start bytes + 4 byte length + block} that does deserialize cleanly
5129 // and passes all of the other block validation checks dealing with POW and the merkle root, etc...
5130 // we merely note with this informational log message when unexpected data is encountered.
5131 // we could also be experiencing a storage system read error, or a read of a previous bad write. these are possible, but
5132 // less likely scenarios. we don't have enough information to tell a difference here.
5133 // the reindex process is not the place to attempt to clean and/or compact the block files. if so desired, a studious node operator
5134 // may use knowledge of the fact that the block files are not entirely pristine in order to prepare a set of pristine, and
5135 // perhaps ordered, block files for later reindexing.
5136 LogDebug(BCLog::REINDEX, "%s: unexpected data at file offset 0x%x - %s. continuing\n", __func__, (nRewind - 1), e.what());
5137 }
5138 }
5139 } catch (const std::runtime_error& e) {
5140 GetNotifications().fatalError(strprintf(_("System error while loading external block file: %s"), e.what()));
5141 }
5142 LogInfo("Loaded %i blocks from external file in %dms", nLoaded, Ticks<std::chrono::milliseconds>(SteadyClock::now() - start));
5143}
5144
5146{
5147 // Assert to verify Flatten() has been called.
5148 if (!*Assert(m_options.check_block_index)) return false;
5149 if (FastRandomContext().randrange(*m_options.check_block_index) >= 1) return false;
5150 return true;
5151}
5152
5154{
5155 if (!ShouldCheckBlockIndex()) {
5156 return;
5157 }
5158
5159 LOCK(cs_main);
5160
5161 // During a reindex, we read the genesis block and call CheckBlockIndex before ActivateBestChain,
5162 // so we have the genesis block in m_blockman.m_block_index but no active chain. (A few of the
5163 // tests when iterating the block tree require that m_chain has been initialized.)
5164 if (ActiveChain().Height() < 0) {
5165 assert(m_blockman.m_block_index.size() <= 1);
5166 return;
5167 }
5168
5169 // Build forward-pointing data structure for the entire block tree.
5170 // For performance reasons, indexes of the best header chain are stored in a vector (within CChain).
5171 // All remaining blocks are stored in a multimap.
5172 // The best header chain can differ from the active chain: E.g. its entries may belong to blocks that
5173 // are not yet validated.
5174 CChain best_hdr_chain;
5175 assert(m_best_header);
5176 assert(!(m_best_header->nStatus & BLOCK_FAILED_VALID));
5177 best_hdr_chain.SetTip(*m_best_header);
5178
5179 std::multimap<const CBlockIndex*, const CBlockIndex*> forward;
5180 for (auto& [_, block_index] : m_blockman.m_block_index) {
5181 // Only save indexes in forward that are not part of the best header chain.
5182 if (!best_hdr_chain.Contains(block_index)) {
5183 // Only genesis, which must be part of the best header chain, can have a nullptr parent.
5184 assert(block_index.pprev);
5185 forward.emplace(block_index.pprev, &block_index);
5186 }
5187 }
5188 assert(forward.size() + best_hdr_chain.Height() + 1 == m_blockman.m_block_index.size());
5189
5190 const CBlockIndex* pindex = best_hdr_chain[0];
5191 assert(pindex);
5192 // Iterate over the entire block tree, using depth-first search.
5193 // Along the way, remember whether there are blocks on the path from genesis
5194 // block being explored which are the first to have certain properties.
5195 size_t nNodes = 0;
5196 int nHeight = 0;
5197 const CBlockIndex* pindexFirstInvalid = nullptr; // Oldest ancestor of pindex which is invalid.
5198 const CBlockIndex* pindexFirstMissing = nullptr; // Oldest ancestor of pindex which does not have BLOCK_HAVE_DATA, since assumeutxo snapshot if used.
5199 const CBlockIndex* pindexFirstNeverProcessed = nullptr; // Oldest ancestor of pindex for which nTx == 0, since assumeutxo snapshot if used.
5200 const CBlockIndex* pindexFirstNotTreeValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_TREE (regardless of being valid or not).
5201 const CBlockIndex* pindexFirstNotTransactionsValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_TRANSACTIONS (regardless of being valid or not), since assumeutxo snapshot if used.
5202 const CBlockIndex* pindexFirstNotChainValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_CHAIN (regardless of being valid or not), since assumeutxo snapshot if used.
5203 const CBlockIndex* pindexFirstNotScriptsValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_SCRIPTS (regardless of being valid or not), since assumeutxo snapshot if used.
5204
5205 // After checking an assumeutxo snapshot block, reset pindexFirst pointers
5206 // to earlier blocks that have not been downloaded or validated yet, so
5207 // checks for later blocks can assume the earlier blocks were validated and
5208 // be stricter, testing for more requirements.
5209 const CBlockIndex* snap_base{CurrentChainstate().SnapshotBase()};
5210 const CBlockIndex *snap_first_missing{}, *snap_first_notx{}, *snap_first_notv{}, *snap_first_nocv{}, *snap_first_nosv{};
5211 auto snap_update_firsts = [&] {
5212 if (pindex == snap_base) {
5213 std::swap(snap_first_missing, pindexFirstMissing);
5214 std::swap(snap_first_notx, pindexFirstNeverProcessed);
5215 std::swap(snap_first_notv, pindexFirstNotTransactionsValid);
5216 std::swap(snap_first_nocv, pindexFirstNotChainValid);
5217 std::swap(snap_first_nosv, pindexFirstNotScriptsValid);
5218 }
5219 };
5220
5221 while (pindex != nullptr) {
5222 nNodes++;
5223 if (pindexFirstInvalid == nullptr && pindex->nStatus & BLOCK_FAILED_VALID) pindexFirstInvalid = pindex;
5224 if (pindexFirstMissing == nullptr && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
5225 pindexFirstMissing = pindex;
5226 }
5227 if (pindexFirstNeverProcessed == nullptr && pindex->nTx == 0) pindexFirstNeverProcessed = pindex;
5228 if (pindex->pprev != nullptr && pindexFirstNotTreeValid == nullptr && (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TREE) pindexFirstNotTreeValid = pindex;
5229
5230 if (pindex->pprev != nullptr) {
5231 if (pindexFirstNotTransactionsValid == nullptr &&
5232 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TRANSACTIONS) {
5233 pindexFirstNotTransactionsValid = pindex;
5234 }
5235
5236 if (pindexFirstNotChainValid == nullptr &&
5237 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_CHAIN) {
5238 pindexFirstNotChainValid = pindex;
5239 }
5240
5241 if (pindexFirstNotScriptsValid == nullptr &&
5242 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_SCRIPTS) {
5243 pindexFirstNotScriptsValid = pindex;
5244 }
5245 }
5246
5247 // Begin: actual consistency checks.
5248 if (pindex->pprev == nullptr) {
5249 // Genesis block checks.
5250 assert(pindex->GetBlockHash() == GetConsensus().hashGenesisBlock); // Genesis block's hash must match.
5251 for (const auto& c : m_chainstates) {
5252 if (c->m_chain.Genesis() != nullptr) {
5253 assert(pindex == c->m_chain.Genesis()); // The chain's genesis block must be this block.
5254 }
5255 }
5256 }
5257 // nSequenceId can't be set higher than SEQ_ID_INIT_FROM_DISK{1} for blocks that aren't linked
5258 // (negative is used for preciousblock, SEQ_ID_BEST_CHAIN_FROM_DISK{0} for active chain when loaded from disk)
5259 if (!pindex->HaveNumChainTxs()) assert(pindex->nSequenceId <= SEQ_ID_INIT_FROM_DISK);
5260 // VALID_TRANSACTIONS is equivalent to nTx > 0 for all nodes (whether or not pruning has occurred).
5261 // HAVE_DATA is only equivalent to nTx > 0 (or VALID_TRANSACTIONS) if no pruning has occurred.
5263 // If we've never pruned, then HAVE_DATA should be equivalent to nTx > 0
5264 assert(!(pindex->nStatus & BLOCK_HAVE_DATA) == (pindex->nTx == 0));
5265 assert(pindexFirstMissing == pindexFirstNeverProcessed);
5266 } else {
5267 // If we have pruned, then we can only say that HAVE_DATA implies nTx > 0
5268 if (pindex->nStatus & BLOCK_HAVE_DATA) assert(pindex->nTx > 0);
5269 }
5270 if (pindex->nStatus & BLOCK_HAVE_UNDO) assert(pindex->nStatus & BLOCK_HAVE_DATA);
5271 if (snap_base && snap_base->GetAncestor(pindex->nHeight) == pindex) {
5272 // Assumed-valid blocks should connect to the main chain.
5273 assert((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TREE);
5274 }
5275 // There should only be an nTx value if we have
5276 // actually seen a block's transactions.
5277 assert(((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TRANSACTIONS) == (pindex->nTx > 0)); // This is pruning-independent.
5278 // All parents having had data (at some point) is equivalent to all parents being VALID_TRANSACTIONS, which is equivalent to HaveNumChainTxs().
5279 // HaveNumChainTxs will also be set in the assumeutxo snapshot block from snapshot metadata.
5280 assert((pindexFirstNeverProcessed == nullptr || pindex == snap_base) == pindex->HaveNumChainTxs());
5281 assert((pindexFirstNotTransactionsValid == nullptr || pindex == snap_base) == pindex->HaveNumChainTxs());
5282 assert(pindex->nHeight == nHeight); // nHeight must be consistent.
5283 assert(pindex->pprev == nullptr || pindex->nChainWork >= pindex->pprev->nChainWork); // For every block except the genesis block, the chainwork must be larger than the parent's.
5284 assert(nHeight < 2 || (pindex->pskip && (pindex->pskip->nHeight < nHeight))); // The pskip pointer must point back for all but the first 2 blocks.
5285 assert(pindexFirstNotTreeValid == nullptr); // All m_blockman.m_block_index entries must at least be TREE valid
5286 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TREE) assert(pindexFirstNotTreeValid == nullptr); // TREE valid implies all parents are TREE valid
5287 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_CHAIN) assert(pindexFirstNotChainValid == nullptr); // CHAIN valid implies all parents are CHAIN valid
5288 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_SCRIPTS) assert(pindexFirstNotScriptsValid == nullptr); // SCRIPTS valid implies all parents are SCRIPTS valid
5289 if (pindexFirstInvalid == nullptr) {
5290 // Checks for not-invalid blocks.
5291 assert((pindex->nStatus & BLOCK_FAILED_VALID) == 0); // The failed flag cannot be set for blocks without invalid parents.
5292 } else {
5293 assert(pindex->nStatus & BLOCK_FAILED_VALID); // Invalid blocks and their descendants must be marked as invalid
5294 }
5295 // Make sure m_chain_tx_count sum is correctly computed.
5296 if (!pindex->pprev) {
5297 // If no previous block, nTx and m_chain_tx_count must be the same.
5298 assert(pindex->m_chain_tx_count == pindex->nTx);
5299 } else if (pindex->pprev->m_chain_tx_count > 0 && pindex->nTx > 0) {
5300 // If previous m_chain_tx_count is set and number of transactions in block is known, sum must be set.
5301 assert(pindex->m_chain_tx_count == pindex->nTx + pindex->pprev->m_chain_tx_count);
5302 } else {
5303 // Otherwise m_chain_tx_count should only be set if this is a snapshot
5304 // block, and must be set if it is.
5305 assert((pindex->m_chain_tx_count != 0) == (pindex == snap_base));
5306 }
5307 // There should be no block with more work than m_best_header, unless it's known to be invalid
5308 assert((pindex->nStatus & BLOCK_FAILED_VALID) || pindex->nChainWork <= m_best_header->nChainWork);
5309
5310 // Chainstate-specific checks on setBlockIndexCandidates
5311 for (const auto& c : m_chainstates) {
5312 if (c->m_chain.Tip() == nullptr) continue;
5313 // Two main factors determine whether pindex is a candidate in
5314 // setBlockIndexCandidates:
5315 //
5316 // - If pindex has less work than the chain tip, it should not be a
5317 // candidate, and this will be asserted below. Otherwise it is a
5318 // potential candidate.
5319 //
5320 // - If pindex or one of its parent blocks back to the genesis block
5321 // or an assumeutxo snapshot never downloaded transactions
5322 // (pindexFirstNeverProcessed is non-null), it should not be a
5323 // candidate, and this will be asserted below. The only exception
5324 // is if pindex itself is an assumeutxo snapshot block. Then it is
5325 // also a potential candidate.
5326 if (!CBlockIndexWorkComparator()(pindex, c->m_chain.Tip()) && (pindexFirstNeverProcessed == nullptr || pindex == snap_base)) {
5327 // If pindex was detected as invalid (pindexFirstInvalid is
5328 // non-null), it is not required to be in
5329 // setBlockIndexCandidates.
5330 if (pindexFirstInvalid == nullptr) {
5331 // If pindex and all its parents back to the genesis block
5332 // or an assumeutxo snapshot block downloaded transactions,
5333 // and the transactions were not pruned (pindexFirstMissing
5334 // is null), it is a potential candidate. The check
5335 // excludes pruned blocks, because if any blocks were
5336 // pruned between pindex and the current chain tip, pindex will
5337 // only temporarily be added to setBlockIndexCandidates,
5338 // before being moved to m_blocks_unlinked. This check
5339 // could be improved to verify that if all blocks between
5340 // the chain tip and pindex have data, pindex must be a
5341 // candidate.
5342 //
5343 // If pindex is the chain tip, it also is a potential
5344 // candidate.
5345 //
5346 // If the chainstate was loaded from a snapshot and pindex
5347 // is the base of the snapshot, pindex is also a potential
5348 // candidate.
5349 if (pindexFirstMissing == nullptr || pindex == c->m_chain.Tip() || pindex == c->SnapshotBase()) {
5350 // If this chainstate is not a historical chainstate
5351 // targeting a specific block, pindex must be in
5352 // setBlockIndexCandidates. Otherwise, pindex only
5353 // needs to be added if it is an ancestor of the target
5354 // block.
5355 if (!c->TargetBlock() || c->TargetBlock()->GetAncestor(pindex->nHeight) == pindex) {
5356 assert(c->setBlockIndexCandidates.contains(pindex));
5357 }
5358 }
5359 // If some parent is missing, then it could be that this block was in
5360 // setBlockIndexCandidates but had to be removed because of the missing data.
5361 // In this case it must be in m_blocks_unlinked -- see test below.
5362 }
5363 } else { // If this block sorts worse than the current tip or some ancestor's block has never been seen, it cannot be in setBlockIndexCandidates.
5364 assert(!c->setBlockIndexCandidates.contains(pindex));
5365 }
5366 }
5367 // Check whether this block is in m_blocks_unlinked.
5368 auto rangeUnlinked{m_blockman.m_blocks_unlinked.equal_range(pindex->pprev)};
5369 bool foundInUnlinked = false;
5370 for (auto it = rangeUnlinked.first; it != rangeUnlinked.second; ++it) {
5371 assert(it->first == pindex->pprev);
5372 if (it->second == pindex) {
5373 assert(!foundInUnlinked); // No duplicates in m_blocks_unlinked
5374 foundInUnlinked = true;
5375 }
5376 }
5377 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed != nullptr && pindexFirstInvalid == nullptr) {
5378 // If this block has block data available, some parent was never received, and has no invalid parents, it must be in m_blocks_unlinked.
5379 assert(foundInUnlinked);
5380 }
5381 if (!(pindex->nStatus & BLOCK_HAVE_DATA)) assert(!foundInUnlinked); // Can't be in m_blocks_unlinked if we don't HAVE_DATA
5382 if (pindexFirstMissing == nullptr) assert(!foundInUnlinked); // We aren't missing data for any parent -- cannot be in m_blocks_unlinked.
5383 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed == nullptr && pindexFirstMissing != nullptr) {
5384 // We HAVE_DATA for this block, have received data for all parents at some point, but we're currently missing data for some parent.
5386 // This block may have entered m_blocks_unlinked if:
5387 // - it has a descendant that at some point had more work than the
5388 // tip, and
5389 // - we tried switching to that descendant but were missing
5390 // data for some intermediate block between m_chain and the
5391 // tip.
5392 // So if this block is itself better than any m_chain.Tip() and it wasn't in
5393 // setBlockIndexCandidates, then it must be in m_blocks_unlinked.
5394 for (const auto& c : m_chainstates) {
5395 if (!CBlockIndexWorkComparator()(pindex, c->m_chain.Tip()) && !c->setBlockIndexCandidates.contains(pindex)) {
5396 if (pindexFirstInvalid == nullptr) {
5397 if (!c->TargetBlock() || c->TargetBlock()->GetAncestor(pindex->nHeight) == pindex) {
5398 assert(foundInUnlinked);
5399 }
5400 }
5401 }
5402 }
5403 }
5404 // assert(pindex->GetBlockHash() == pindex->GetBlockHeader().GetHash()); // Perhaps too slow
5405 // End: actual consistency checks.
5406
5407
5408 // Try descending into the first subnode. Always process forks first and the best header chain after.
5409 snap_update_firsts();
5410 auto range{forward.equal_range(pindex)};
5411 if (range.first != range.second) {
5412 // A subnode not part of the best header chain was found.
5413 pindex = range.first->second;
5414 nHeight++;
5415 continue;
5416 } else if (best_hdr_chain.Contains(*pindex)) {
5417 // Descend further into best header chain.
5418 nHeight++;
5419 pindex = best_hdr_chain[nHeight];
5420 if (!pindex) break; // we are finished, since the best header chain is always processed last
5421 continue;
5422 }
5423 // This is a leaf node.
5424 // Move upwards until we reach a node of which we have not yet visited the last child.
5425 while (pindex) {
5426 // We are going to either move to a parent or a sibling of pindex.
5427 snap_update_firsts();
5428 // If pindex was the first with a certain property, unset the corresponding variable.
5429 if (pindex == pindexFirstInvalid) pindexFirstInvalid = nullptr;
5430 if (pindex == pindexFirstMissing) pindexFirstMissing = nullptr;
5431 if (pindex == pindexFirstNeverProcessed) pindexFirstNeverProcessed = nullptr;
5432 if (pindex == pindexFirstNotTreeValid) pindexFirstNotTreeValid = nullptr;
5433 if (pindex == pindexFirstNotTransactionsValid) pindexFirstNotTransactionsValid = nullptr;
5434 if (pindex == pindexFirstNotChainValid) pindexFirstNotChainValid = nullptr;
5435 if (pindex == pindexFirstNotScriptsValid) pindexFirstNotScriptsValid = nullptr;
5436 // Find our parent.
5437 CBlockIndex* pindexPar = pindex->pprev;
5438 // Find which child we just visited.
5439 auto rangePar{forward.equal_range(pindexPar)};
5440 while (rangePar.first->second != pindex) {
5441 assert(rangePar.first != rangePar.second); // Our parent must have at least the node we're coming from as child.
5442 rangePar.first++;
5443 }
5444 // Proceed to the next one.
5445 rangePar.first++;
5446 if (rangePar.first != rangePar.second) {
5447 // Move to a sibling not part of the best header chain.
5448 pindex = rangePar.first->second;
5449 break;
5450 } else if (pindexPar == best_hdr_chain[nHeight - 1]) {
5451 // Move to pindex's sibling on the best-chain, if it has one.
5452 pindex = best_hdr_chain[nHeight];
5453 // There will not be a next block if (and only if) parent block is the best header.
5454 assert((pindex == nullptr) == (pindexPar == best_hdr_chain.Tip()));
5455 break;
5456 } else {
5457 // Move up further.
5458 pindex = pindexPar;
5459 nHeight--;
5460 continue;
5461 }
5462 }
5463 }
5464
5465 // Check that we actually traversed the entire block index.
5466 assert(nNodes == forward.size() + best_hdr_chain.Height() + 1);
5467}
5468
5469std::string Chainstate::ToString()
5470{
5472 CBlockIndex* tip = m_chain.Tip();
5473 return strprintf("Chainstate [%s] @ height %d (%s)",
5474 m_from_snapshot_blockhash ? "snapshot" : "ibd",
5475 tip ? tip->nHeight : -1, tip ? tip->GetBlockHash().ToString() : "null");
5476}
5477
5478bool Chainstate::ResizeCoinsCaches(size_t coinstip_size, size_t coinsdb_size)
5479{
5481 if (coinstip_size == m_coinstip_cache_size_bytes &&
5482 coinsdb_size == m_coinsdb_cache_size_bytes) {
5483 // Cache sizes are unchanged, no need to continue.
5484 return true;
5485 }
5486 size_t old_coinstip_size = m_coinstip_cache_size_bytes;
5487 m_coinstip_cache_size_bytes = coinstip_size;
5488 m_coinsdb_cache_size_bytes = coinsdb_size;
5489 CoinsDB().ResizeCache(coinsdb_size);
5490
5491 LogInfo("[%s] resized coinsdb cache to %.1f MiB",
5492 this->ToString(), coinsdb_size / double(1_MiB));
5493 LogInfo("[%s] resized coinstip cache to %.1f MiB",
5494 this->ToString(), coinstip_size / double(1_MiB));
5495
5497 bool ret;
5498
5499 if (coinstip_size > old_coinstip_size) {
5500 // Likely no need to flush if cache sizes have grown.
5502 } else {
5503 // Otherwise, flush state to disk and deallocate the in-memory coins map.
5505 }
5506 return ret;
5507}
5508
5510{
5512 const ChainTxData& data{GetParams().TxData()};
5513 if (pindex == nullptr) {
5514 return 0.0;
5515 }
5516
5517 if (pindex->m_chain_tx_count == 0) {
5518 LogDebug(BCLog::VALIDATION, "Block %d has unset m_chain_tx_count. Unable to estimate verification progress.\n", pindex->nHeight);
5519 return 0.0;
5520 }
5521
5522 const int64_t nNow{TicksSinceEpoch<std::chrono::seconds>(NodeClock::now())};
5523 const auto block_time{
5524 (Assume(m_best_header) && std::abs(nNow - pindex->GetBlockTime()) <= Ticks<std::chrono::seconds>(2h) &&
5525 Assume(m_best_header->nHeight >= pindex->nHeight)) ?
5526 // When the header is known to be recent, switch to a height-based
5527 // approach. This ensures the returned value is quantized when
5528 // close to "1.0", because some users expect it to be. This also
5529 // avoids relying too much on the exact miner-set timestamp, which
5530 // may be off.
5531 nNow - (m_best_header->nHeight - pindex->nHeight) * GetConsensus().nPowTargetSpacing :
5532 pindex->GetBlockTime(),
5533 };
5534
5535 double fTxTotal;
5536
5537 if (pindex->m_chain_tx_count <= data.tx_count) {
5538 fTxTotal = data.tx_count + (nNow - data.nTime) * data.dTxRate;
5539 } else {
5540 fTxTotal = pindex->m_chain_tx_count + (nNow - block_time) * data.dTxRate;
5541 }
5542
5543 return std::min<double>(pindex->m_chain_tx_count / fTxTotal, 1.0);
5544}
5545
5547{
5550 auto target_block = HistoricalChainstate()->TargetBlock();
5551
5552 if (pindex.m_chain_tx_count == 0 || target_block->m_chain_tx_count == 0) {
5553 LogDebug(BCLog::VALIDATION, "[background validation] Block %d has unset m_chain_tx_count. Unable to estimate verification progress.", pindex.nHeight);
5554 return 0.0;
5555 }
5556 return static_cast<double>(pindex.m_chain_tx_count) / static_cast<double>(target_block->m_chain_tx_count);
5557}
5558
5559Chainstate& ChainstateManager::InitializeChainstate(CTxMemPool* mempool)
5560{
5562 assert(m_chainstates.empty());
5563 m_chainstates.emplace_back(std::make_unique<Chainstate>(mempool, m_blockman, *this));
5564 return *m_chainstates.back();
5565}
5566
5567[[nodiscard]] static bool DeleteCoinsDBFromDisk(const fs::path db_path, bool is_snapshot)
5569{
5571
5572 if (is_snapshot) {
5573 fs::path base_blockhash_path = db_path / node::SNAPSHOT_BLOCKHASH_FILENAME;
5574
5575 try {
5576 bool existed = fs::remove(base_blockhash_path);
5577 if (!existed) {
5578 LogWarning("[snapshot] snapshot chainstate dir being removed lacks %s file",
5580 }
5581 } catch (const fs::filesystem_error& e) {
5582 LogWarning("[snapshot] failed to remove file %s: %s\n",
5583 fs::PathToString(base_blockhash_path), e.code().message());
5584 }
5585 }
5586
5587 std::string path_str = fs::PathToString(db_path);
5588 LogInfo("Removing leveldb dir at %s\n", path_str);
5589
5590 // We have to destruct before this call leveldb::DB in order to release the db
5591 // lock, otherwise `DestroyDB` will fail. See `leveldb::~DBImpl()`.
5592 const bool destroyed = DestroyDB(path_str);
5593
5594 if (!destroyed) {
5595 LogError("leveldb DestroyDB call failed on %s", path_str);
5596 }
5597
5598 // Datadir should be removed from filesystem; otherwise initialization may detect
5599 // it on subsequent statups and get confused.
5600 //
5601 // If the base_blockhash_path removal above fails in the case of snapshot
5602 // chainstates, this will return false since leveldb won't remove a non-empty
5603 // directory.
5604 return destroyed && !fs::exists(db_path);
5605}
5606
5608 AutoFile& coins_file,
5609 const SnapshotMetadata& metadata,
5610 bool in_memory)
5611{
5612 uint256 base_blockhash = metadata.m_base_blockhash;
5613
5614 CBlockIndex* snapshot_start_block{};
5615
5616 {
5617 LOCK(::cs_main);
5618
5619 if (this->CurrentChainstate().m_from_snapshot_blockhash) {
5620 return util::Error{Untranslated("Can't activate a snapshot-based chainstate more than once")};
5621 }
5622 if (!GetParams().AssumeutxoForBlockhash(base_blockhash).has_value()) {
5623 auto available_heights = GetParams().GetAvailableSnapshotHeights();
5624 std::string heights_formatted = util::Join(available_heights, ", ", [&](const auto& i) { return util::ToString(i); });
5625 return util::Error{Untranslated(strprintf("assumeutxo block hash in snapshot metadata not recognized (hash: %s). The following snapshot heights are available: %s",
5626 base_blockhash.ToString(),
5627 heights_formatted))};
5628 }
5629
5630 snapshot_start_block = m_blockman.LookupBlockIndex(base_blockhash);
5631 if (!snapshot_start_block) {
5632 return util::Error{Untranslated(strprintf("The base block header (%s) must appear in the headers chain. Make sure all headers are syncing, and call loadtxoutset again",
5633 base_blockhash.ToString()))};
5634 }
5635
5636 bool start_block_invalid = snapshot_start_block->nStatus & BLOCK_FAILED_VALID;
5637 if (start_block_invalid) {
5638 return util::Error{Untranslated(strprintf("The base block header (%s) is part of an invalid chain", base_blockhash.ToString()))};
5639 }
5640
5641 if (!m_best_header || m_best_header->GetAncestor(snapshot_start_block->nHeight) != snapshot_start_block) {
5642 return util::Error{Untranslated("A forked headers-chain with more work than the chain with the snapshot base block header exists. Please proceed to sync without AssumeUtxo.")};
5643 }
5644
5645 auto mempool{CurrentChainstate().GetMempool()};
5646 if (mempool && mempool->size() > 0) {
5647 return util::Error{Untranslated("Can't activate a snapshot when mempool not empty")};
5648 }
5649 }
5650
5651 int64_t current_coinsdb_cache_size{0};
5652 int64_t current_coinstip_cache_size{0};
5653
5654 // Cache percentages to allocate to each chainstate.
5655 //
5656 // These particular percentages don't matter so much since they will only be
5657 // relevant during snapshot activation; caches are rebalanced at the conclusion of
5658 // this function. We want to give (essentially) all available cache capacity to the
5659 // snapshot to aid the bulk load later in this function.
5660 static constexpr double IBD_CACHE_PERC = 0.01;
5661 static constexpr double SNAPSHOT_CACHE_PERC = 0.99;
5662
5663 {
5664 LOCK(::cs_main);
5665 // Resize the coins caches to ensure we're not exceeding memory limits.
5666 //
5667 // Allocate the majority of the cache to the incoming snapshot chainstate, since
5668 // (optimistically) getting to its tip will be the top priority. We'll need to call
5669 // `MaybeRebalanceCaches()` once we're done with this function to ensure
5670 // the right allocation (including the possibility that no snapshot was activated
5671 // and that we should restore the active chainstate caches to their original size).
5672 //
5673 current_coinsdb_cache_size = this->ActiveChainstate().m_coinsdb_cache_size_bytes;
5674 current_coinstip_cache_size = this->ActiveChainstate().m_coinstip_cache_size_bytes;
5675
5676 // Temporarily resize the active coins cache to make room for the newly-created
5677 // snapshot chain.
5678 this->ActiveChainstate().ResizeCoinsCaches(
5679 static_cast<size_t>(current_coinstip_cache_size * IBD_CACHE_PERC),
5680 static_cast<size_t>(current_coinsdb_cache_size * IBD_CACHE_PERC));
5681 }
5682
5683 auto snapshot_chainstate = WITH_LOCK(::cs_main,
5684 return std::make_unique<Chainstate>(
5685 /*mempool=*/nullptr, m_blockman, *this, base_blockhash));
5686
5687 {
5688 LOCK(::cs_main);
5689 snapshot_chainstate->InitCoinsDB(
5690 static_cast<size_t>(current_coinsdb_cache_size * SNAPSHOT_CACHE_PERC),
5691 in_memory, /*should_wipe=*/false);
5692 snapshot_chainstate->InitCoinsCache(
5693 static_cast<size_t>(current_coinstip_cache_size * SNAPSHOT_CACHE_PERC));
5694 }
5695
5696 auto cleanup_bad_snapshot = [&](bilingual_str reason) EXCLUSIVE_LOCKS_REQUIRED(::cs_main) {
5697 this->MaybeRebalanceCaches();
5698
5699 // PopulateAndValidateSnapshot can return (in error) before the leveldb datadir
5700 // has been created, so only attempt removal if we got that far.
5701 if (auto snapshot_datadir = node::FindAssumeutxoChainstateDir(m_options.datadir)) {
5702 // We have to destruct leveldb::DB in order to release the db lock, otherwise
5703 // DestroyDB() (in DeleteCoinsDBFromDisk()) will fail. See `leveldb::~DBImpl()`.
5704 // Destructing the chainstate (and so resetting the coinsviews object) does this.
5705 snapshot_chainstate.reset();
5706 bool removed = DeleteCoinsDBFromDisk(*snapshot_datadir, /*is_snapshot=*/true);
5707 if (!removed) {
5708 GetNotifications().fatalError(strprintf(_("Failed to remove snapshot chainstate dir (%s). "
5709 "Manually remove it before restarting.\n"), fs::PathToString(*snapshot_datadir)));
5710 }
5711 }
5712 return util::Error{std::move(reason)};
5713 };
5714
5715 if (auto res{this->PopulateAndValidateSnapshot(*snapshot_chainstate, coins_file, metadata)}; !res) {
5716 LOCK(::cs_main);
5717 return cleanup_bad_snapshot(Untranslated(strprintf("Population failed: %s", util::ErrorString(res).original)));
5718 }
5719
5720 LOCK(::cs_main); // cs_main required for rest of snapshot activation.
5721
5722 // Do a final check to ensure that the snapshot chainstate is actually a more
5723 // work chain than the active chainstate; a user could have loaded a snapshot
5724 // very late in the IBD process, and we wouldn't want to load a useless chainstate.
5725 if (!CBlockIndexWorkComparator()(ActiveTip(), snapshot_chainstate->m_chain.Tip())) {
5726 return cleanup_bad_snapshot(Untranslated("work does not exceed active chainstate"));
5727 }
5728 // If not in-memory, persist the base blockhash for use during subsequent
5729 // initialization.
5730 if (!in_memory) {
5731 if (!node::WriteSnapshotBaseBlockhash(*snapshot_chainstate)) {
5732 return cleanup_bad_snapshot(Untranslated("could not write base blockhash"));
5733 }
5734 }
5735
5736 Chainstate& chainstate{AddChainstate(std::move(snapshot_chainstate))};
5737 m_blockman.m_snapshot_height = Assert(chainstate.SnapshotBase())->nHeight;
5738
5739 chainstate.PopulateBlockIndexCandidates();
5740
5741 LogInfo("[snapshot] successfully activated snapshot %s", base_blockhash.ToString());
5742 LogInfo("[snapshot] (%.2f MB)",
5743 chainstate.CoinsTip().DynamicMemoryUsage() / (1000 * 1000));
5744
5745 this->MaybeRebalanceCaches();
5746 return snapshot_start_block;
5747}
5748
5749static void FlushSnapshotToDisk(CCoinsViewCache& coins_cache, bool snapshot_loaded)
5750{
5752 strprintf("%s (%.2f MB)",
5753 snapshot_loaded ? "saving snapshot chainstate" : "flushing coins cache",
5754 coins_cache.DynamicMemoryUsage() / (1000 * 1000)),
5756
5757 coins_cache.Flush();
5758}
5759
5760struct StopHashingException : public std::exception
5761{
5762 const char* what() const noexcept override
5763 {
5764 return "ComputeUTXOStats interrupted.";
5765 }
5766};
5767
5769{
5770 if (interrupt) throw StopHashingException();
5771}
5772
5774 Chainstate& snapshot_chainstate,
5775 AutoFile& coins_file,
5776 const SnapshotMetadata& metadata)
5777{
5778 // It's okay to release cs_main before we're done using `coins_cache` because we know
5779 // that nothing else will be referencing the newly created snapshot_chainstate yet.
5780 CCoinsViewCache& coins_cache = *WITH_LOCK(::cs_main, return &snapshot_chainstate.CoinsTip());
5781
5782 uint256 base_blockhash = metadata.m_base_blockhash;
5783
5784 CBlockIndex* snapshot_start_block = WITH_LOCK(::cs_main, return m_blockman.LookupBlockIndex(base_blockhash));
5785
5786 if (!snapshot_start_block) {
5787 // Needed for ComputeUTXOStats to determine the
5788 // height and to avoid a crash when base_blockhash.IsNull()
5789 return util::Error{Untranslated(strprintf("Did not find snapshot start blockheader %s",
5790 base_blockhash.ToString()))};
5791 }
5792
5793 int base_height = snapshot_start_block->nHeight;
5794 const auto& maybe_au_data = GetParams().AssumeutxoForHeight(base_height);
5795
5796 if (!maybe_au_data) {
5797 return util::Error{Untranslated(strprintf("Assumeutxo height in snapshot metadata not recognized "
5798 "(%d) - refusing to load snapshot", base_height))};
5799 }
5800
5801 const AssumeutxoData& au_data = *maybe_au_data;
5802
5803 // This work comparison is a duplicate check with the one performed later in
5804 // ActivateSnapshot(), but is done so that we avoid doing the long work of staging
5805 // a snapshot that isn't actually usable.
5806 if (WITH_LOCK(::cs_main, return !CBlockIndexWorkComparator()(ActiveTip(), snapshot_start_block))) {
5807 return util::Error{Untranslated("Work does not exceed active chainstate")};
5808 }
5809
5810 const uint64_t coins_count = metadata.m_coins_count;
5811 uint64_t coins_left = metadata.m_coins_count;
5812
5813 LogInfo("[snapshot] loading %d coins from snapshot %s", coins_left, base_blockhash.ToString());
5814 int64_t coins_processed{0};
5815
5816 while (coins_left > 0) {
5817 try {
5818 Txid txid;
5819 coins_file >> txid;
5820 size_t coins_per_txid{0};
5821 coins_per_txid = ReadCompactSize(coins_file);
5822
5823 if (coins_per_txid > coins_left) {
5824 return util::Error{Untranslated("Mismatch in coins count in snapshot metadata and actual snapshot data")};
5825 }
5826
5827 for (size_t i = 0; i < coins_per_txid; i++) {
5828 COutPoint outpoint;
5829 Coin coin;
5830 outpoint.n = static_cast<uint32_t>(ReadCompactSize(coins_file));
5831 outpoint.hash = txid;
5832 coins_file >> coin;
5833 if (coin.nHeight > base_height ||
5834 outpoint.n >= std::numeric_limits<decltype(outpoint.n)>::max() // Avoid integer wrap-around in coinstats.cpp:ApplyHash
5835 ) {
5836 return util::Error{Untranslated(strprintf("Bad snapshot data after deserializing %d coins",
5837 coins_count - coins_left))};
5838 }
5839 if (!MoneyRange(coin.out.nValue)) {
5840 return util::Error{Untranslated(strprintf("Bad snapshot data after deserializing %d coins - bad tx out value",
5841 coins_count - coins_left))};
5842 }
5843 coins_cache.EmplaceCoinInternalDANGER(std::move(outpoint), std::move(coin));
5844
5845 --coins_left;
5846 ++coins_processed;
5847
5848 if (coins_processed % 1000000 == 0) {
5849 LogInfo("[snapshot] %d coins loaded (%.2f%%, %.2f MB)",
5850 coins_processed,
5851 static_cast<float>(coins_processed) * 100 / static_cast<float>(coins_count),
5852 coins_cache.DynamicMemoryUsage() / (1000 * 1000));
5853 }
5854
5855 // Batch write and flush (if we need to) every so often.
5856 //
5857 // If our average Coin size is roughly 41 bytes, checking every 120,000 coins
5858 // means <5MB of memory imprecision.
5859 if (coins_processed % 120000 == 0) {
5860 if (m_interrupt) {
5861 return util::Error{Untranslated("Aborting after an interrupt was requested")};
5862 }
5863
5864 const auto snapshot_cache_state = WITH_LOCK(::cs_main,
5865 return snapshot_chainstate.GetCoinsCacheSizeState());
5866
5867 if (snapshot_cache_state >= CoinsCacheSizeState::CRITICAL) {
5868 // This is a hack - we don't know what the actual best block is, but that
5869 // doesn't matter for the purposes of flushing the cache here. We'll set this
5870 // to its correct value (`base_blockhash`) below after the coins are loaded.
5871 coins_cache.SetBestBlock(GetRandHash());
5872
5873 // No need to acquire cs_main since this chainstate isn't being used yet.
5874 FlushSnapshotToDisk(coins_cache, /*snapshot_loaded=*/false);
5875 }
5876 }
5877 }
5878 } catch (const std::ios_base::failure&) {
5879 return util::Error{Untranslated(strprintf("Bad snapshot format or truncated snapshot after deserializing %d coins",
5880 coins_processed))};
5881 }
5882 }
5883
5884 // Important that we set this. This and the coins_cache accesses above are
5885 // sort of a layer violation, but either we reach into the innards of
5886 // CCoinsViewCache here or we have to invert some of the Chainstate to
5887 // embed them in a snapshot-activation-specific CCoinsViewCache bulk load
5888 // method.
5889 coins_cache.SetBestBlock(base_blockhash);
5890
5891 bool out_of_coins{false};
5892 try {
5893 std::byte left_over_byte;
5894 coins_file >> left_over_byte;
5895 } catch (const std::ios_base::failure&) {
5896 // We expect an exception since we should be out of coins.
5897 out_of_coins = true;
5898 }
5899 if (!out_of_coins) {
5900 return util::Error{Untranslated(strprintf("Bad snapshot - coins left over after deserializing %d coins",
5901 coins_count))};
5902 }
5903
5904 LogInfo("[snapshot] loaded %d (%.2f MB) coins from snapshot %s",
5905 coins_count,
5906 coins_cache.DynamicMemoryUsage() / (1000 * 1000),
5907 base_blockhash.ToString());
5908
5909 // No need to acquire cs_main since this chainstate isn't being used yet.
5910 FlushSnapshotToDisk(coins_cache, /*snapshot_loaded=*/true);
5911
5912 assert(coins_cache.GetBestBlock() == base_blockhash);
5913
5914 // As above, okay to immediately release cs_main here since no other context knows
5915 // about the snapshot_chainstate.
5916 CCoinsViewDB* snapshot_coinsdb = WITH_LOCK(::cs_main, return &snapshot_chainstate.CoinsDB());
5917
5918 std::optional<CCoinsStats> maybe_stats;
5919
5920 try {
5921 maybe_stats = ComputeUTXOStats(
5922 CoinStatsHashType::HASH_SERIALIZED, snapshot_coinsdb, m_blockman, [&interrupt = m_interrupt] { SnapshotUTXOHashBreakpoint(interrupt); });
5923 } catch (StopHashingException const&) {
5924 return util::Error{Untranslated("Aborting after an interrupt was requested")};
5925 }
5926 if (!maybe_stats.has_value()) {
5927 return util::Error{Untranslated("Failed to generate coins stats")};
5928 }
5929
5930 // Assert that the deserialized chainstate contents match the expected assumeutxo value.
5931 if (AssumeutxoHash{maybe_stats->hashSerialized} != au_data.hash_serialized) {
5932 return util::Error{Untranslated(strprintf("Bad snapshot content hash: expected %s, got %s",
5933 au_data.hash_serialized.ToString(), maybe_stats->hashSerialized.ToString()))};
5934 }
5935
5936 snapshot_chainstate.m_chain.SetTip(*snapshot_start_block);
5937
5938 // The remainder of this function requires modifying data protected by cs_main.
5939 LOCK(::cs_main);
5940
5941 // Fake various pieces of CBlockIndex state:
5942 CBlockIndex* index = nullptr;
5943
5944 // Don't make any modifications to the genesis block since it shouldn't be
5945 // necessary, and since the genesis block doesn't have normal flags like
5946 // BLOCK_VALID_SCRIPTS set.
5947 constexpr int AFTER_GENESIS_START{1};
5948
5949 for (int i = AFTER_GENESIS_START; i <= snapshot_chainstate.m_chain.Height(); ++i) {
5950 index = snapshot_chainstate.m_chain[i];
5951
5952 // Fake BLOCK_OPT_WITNESS so that Chainstate::NeedsRedownload()
5953 // won't ask for -reindex on startup.
5955 index->nStatus |= BLOCK_OPT_WITNESS;
5956 }
5957
5958 m_blockman.m_dirty_blockindex.insert(index);
5959 // Changes to the block index will be flushed to disk after this call
5960 // returns in `ActivateSnapshot()`, when `MaybeRebalanceCaches()` is
5961 // called, since we've added a snapshot chainstate and therefore will
5962 // have to downsize the IBD chainstate, which will result in a call to
5963 // `FlushStateToDisk(FORCE_FLUSH)`.
5964 }
5965
5966 assert(index);
5967 assert(index == snapshot_start_block);
5968 index->m_chain_tx_count = au_data.m_chain_tx_count;
5969
5970 LogInfo("[snapshot] validated snapshot (%.2f MB)",
5971 coins_cache.DynamicMemoryUsage() / (1000 * 1000));
5972 return {};
5973}
5974
5975// Currently, this function holds cs_main for its duration, which could be for
5976// multiple minutes due to the ComputeUTXOStats call. Holding cs_main used to be
5977// necessary (before d43a1f1a2fa3) to avoid advancing validated_cs farther than
5978// its target block. Now it should be possible to avoid this, but simply
5979// releasing cs_main here would not be possible because this function is invoked
5980// by ConnectTip within ActivateBestChain.
5981//
5982// Eventually (TODO) it would be better to call this function outside of
5983// ActivateBestChain, on a separate thread that should not require cs_main to
5984// hash, because the UTXO set is only hashed after the historical chainstate
5985// reaches its target block and is no longer changing.
5986SnapshotCompletionResult ChainstateManager::MaybeValidateSnapshot(Chainstate& validated_cs, Chainstate& unvalidated_cs)
5987{
5989
5990 // If the snapshot does not need to be validated...
5991 if (unvalidated_cs.m_assumeutxo != Assumeutxo::UNVALIDATED ||
5992 // Or if either chainstate is unusable...
5993 !unvalidated_cs.m_from_snapshot_blockhash ||
5994 validated_cs.m_assumeutxo != Assumeutxo::VALIDATED ||
5995 !validated_cs.m_chain.Tip() ||
5996 // Or the validated chainstate is not targeting the snapshot block...
5997 !validated_cs.m_target_blockhash ||
5998 *validated_cs.m_target_blockhash != *unvalidated_cs.m_from_snapshot_blockhash ||
5999 // Or the validated chainstate has not reached the snapshot block yet...
6000 !validated_cs.ReachedTarget()) {
6001 // Then the snapshot cannot be validated and there is nothing to do.
6003 }
6004 assert(validated_cs.TargetBlock() == validated_cs.m_chain.Tip());
6005
6006 auto handle_invalid_snapshot = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) {
6007 bilingual_str user_error = strprintf(_(
6008 "%s failed to validate the -assumeutxo snapshot state. "
6009 "This indicates a hardware problem, or a bug in the software, or a "
6010 "bad software modification that allowed an invalid snapshot to be "
6011 "loaded. As a result of this, the node will shut down and stop using any "
6012 "state that was built on the snapshot, resetting the chain height "
6013 "from %d to %d. On the next "
6014 "restart, the node will resume syncing from %d "
6015 "without using any snapshot data. "
6016 "Please report this incident to %s, including how you obtained the snapshot. "
6017 "The invalid snapshot chainstate will be left on disk in case it is "
6018 "helpful in diagnosing the issue that caused this error."),
6019 CLIENT_NAME, unvalidated_cs.m_chain.Height(),
6020 validated_cs.m_chain.Height(),
6021 validated_cs.m_chain.Height(), CLIENT_BUGREPORT);
6022
6023 LogError("[snapshot] !!! %s\n", user_error.original);
6024 LogError("[snapshot] deleting snapshot, reverting to validated chain, and stopping node\n");
6025
6026 // Reset chainstate target to network tip instead of snapshot block.
6027 validated_cs.SetTargetBlock(nullptr);
6028
6029 unvalidated_cs.m_assumeutxo = Assumeutxo::INVALID;
6030
6031 auto rename_result = unvalidated_cs.InvalidateCoinsDBOnDisk();
6032 if (!rename_result) {
6033 user_error += Untranslated("\n") + util::ErrorString(rename_result);
6034 }
6035
6036 GetNotifications().fatalError(user_error);
6037 };
6038
6039 CCoinsViewDB& validated_coins_db = validated_cs.CoinsDB();
6040 validated_cs.ForceFlushStateToDisk();
6041
6042 const auto& maybe_au_data = m_options.chainparams.AssumeutxoForHeight(validated_cs.m_chain.Height());
6043 if (!maybe_au_data) {
6044 LogWarning("[snapshot] assumeutxo data not found for height "
6045 "(%d) - refusing to validate snapshot", validated_cs.m_chain.Height());
6046 handle_invalid_snapshot();
6048 }
6049
6050 const AssumeutxoData& au_data = *maybe_au_data;
6051 std::optional<CCoinsStats> validated_cs_stats;
6052 LogInfo("[snapshot] computing UTXO stats for background chainstate to validate "
6053 "snapshot - this could take a few minutes");
6054 try {
6055 validated_cs_stats = ComputeUTXOStats(
6056 CoinStatsHashType::HASH_SERIALIZED,
6057 &validated_coins_db,
6058 m_blockman,
6059 [&interrupt = m_interrupt] { SnapshotUTXOHashBreakpoint(interrupt); });
6060 } catch (StopHashingException const&) {
6062 }
6063
6064 // XXX note that this function is slow and will hold cs_main for potentially minutes.
6065 if (!validated_cs_stats) {
6066 LogWarning("[snapshot] failed to generate stats for validation coins db");
6067 // While this isn't a problem with the snapshot per se, this condition
6068 // prevents us from validating the snapshot, so we should shut down and let the
6069 // user handle the issue manually.
6070 handle_invalid_snapshot();
6072 }
6073
6074 // Compare the validated chainstate's UTXO set hash against the hard-coded
6075 // assumeutxo hash we expect.
6076 //
6077 // TODO: For belt-and-suspenders, we could cache the UTXO set
6078 // hash for the snapshot when it's loaded in its chainstate's leveldb. We could then
6079 // reference that here for an additional check.
6080 if (AssumeutxoHash{validated_cs_stats->hashSerialized} != au_data.hash_serialized) {
6081 LogWarning("[snapshot] hash mismatch: actual=%s, expected=%s",
6082 validated_cs_stats->hashSerialized.ToString(),
6083 au_data.hash_serialized.ToString());
6084 handle_invalid_snapshot();
6086 }
6087
6088 LogInfo("[snapshot] snapshot beginning at %s has been fully validated",
6089 unvalidated_cs.m_from_snapshot_blockhash->ToString());
6090
6091 unvalidated_cs.m_assumeutxo = Assumeutxo::VALIDATED;
6092 validated_cs.m_target_utxohash = AssumeutxoHash{validated_cs_stats->hashSerialized};
6093 this->MaybeRebalanceCaches();
6094
6096}
6097
6099{
6100 LOCK(::cs_main);
6101 return CurrentChainstate();
6102}
6103
6104void ChainstateManager::MaybeRebalanceCaches()
6105{
6107 Chainstate& current_cs{CurrentChainstate()};
6108 Chainstate* historical_cs{HistoricalChainstate()};
6109 if (!historical_cs && !current_cs.m_from_snapshot_blockhash) {
6110 // Allocate everything to the IBD chainstate. This will always happen
6111 // when we are not using a snapshot.
6112 current_cs.ResizeCoinsCaches(m_total_coinstip_cache, m_total_coinsdb_cache);
6113 } else if (!historical_cs) {
6114 // If background validation has completed and snapshot is our active chain...
6115 LogInfo("[snapshot] allocating all cache to the snapshot chainstate");
6116 // Allocate everything to the snapshot chainstate.
6117 current_cs.ResizeCoinsCaches(m_total_coinstip_cache, m_total_coinsdb_cache);
6118 } else {
6119 // If both chainstates exist, determine who needs more cache based on IBD status.
6120 //
6121 // Note: shrink caches first so that we don't inadvertently overwhelm available memory.
6122 if (IsInitialBlockDownload()) {
6123 historical_cs->ResizeCoinsCaches(
6125 current_cs.ResizeCoinsCaches(
6127 } else {
6128 current_cs.ResizeCoinsCaches(
6130 historical_cs->ResizeCoinsCaches(
6132 }
6133 }
6134}
6135
6136void ChainstateManager::ResetChainstates()
6137{
6138 m_chainstates.clear();
6139}
6140
6147{
6148 if (!opts.check_block_index.has_value()) opts.check_block_index = opts.chainparams.DefaultConsistencyChecks();
6149 if (!opts.minimum_chain_work.has_value()) opts.minimum_chain_work = UintToArith256(opts.chainparams.GetConsensus().nMinimumChainWork);
6150 if (!opts.assumed_valid_block.has_value()) opts.assumed_valid_block = opts.chainparams.GetConsensus().defaultAssumeValid;
6151 return std::move(opts);
6152}
6153
6155 : m_script_check_queue{/*batch_size=*/128, std::clamp(options.worker_threads_num, 0, MAX_SCRIPTCHECK_THREADS)},
6156 m_interrupt{interrupt},
6157 m_options{Flatten(std::move(options))},
6158 m_blockman{interrupt, std::move(blockman_options)},
6159 m_validation_cache{m_options.script_execution_cache_bytes, m_options.signature_cache_bytes}
6160{
6161}
6162
6164{
6165 LOCK(::cs_main);
6166
6168}
6169
6170Chainstate* ChainstateManager::LoadAssumeutxoChainstate()
6171{
6172 assert(!CurrentChainstate().m_from_snapshot_blockhash);
6173 std::optional<fs::path> path = node::FindAssumeutxoChainstateDir(m_options.datadir);
6174 if (!path) {
6175 return nullptr;
6176 }
6177 std::optional<uint256> base_blockhash = node::ReadSnapshotBaseBlockhash(*path);
6178 if (!base_blockhash) {
6179 return nullptr;
6180 }
6181 LogInfo("[snapshot] detected active snapshot chainstate (%s) - loading",
6182 fs::PathToString(*path));
6183
6184 auto snapshot_chainstate{std::make_unique<Chainstate>(nullptr, m_blockman, *this, base_blockhash)};
6185 LogInfo("[snapshot] switching active chainstate to %s", snapshot_chainstate->ToString());
6186 return &this->AddChainstate(std::move(snapshot_chainstate));
6187}
6188
6189Chainstate& ChainstateManager::AddChainstate(std::unique_ptr<Chainstate> chainstate)
6190{
6191 Chainstate& prev_chainstate{CurrentChainstate()};
6192 assert(prev_chainstate.m_assumeutxo == Assumeutxo::VALIDATED);
6193 // Set target block for historical chainstate to snapshot block.
6194 assert(!prev_chainstate.m_target_blockhash);
6195 prev_chainstate.m_target_blockhash = chainstate->m_from_snapshot_blockhash;
6196 m_chainstates.push_back(std::move(chainstate));
6197 Chainstate& curr_chainstate{CurrentChainstate()};
6198 assert(&curr_chainstate == m_chainstates.back().get());
6199
6200 // Transfer possession of the mempool to the chainstate.
6201 // Mempool is empty at this point because we're still in IBD.
6202 assert(!prev_chainstate.m_mempool || prev_chainstate.m_mempool->size() == 0);
6203 assert(!curr_chainstate.m_mempool);
6204 std::swap(curr_chainstate.m_mempool, prev_chainstate.m_mempool);
6205 return curr_chainstate;
6206}
6207
6208bool IsBIP30Repeat(const CBlockIndex& block_index)
6209{
6210 return (block_index.nHeight==91842 && block_index.GetBlockHash() == uint256{"00000000000a4d0a398161ffc163c503763b1f4360639393e0e4c8e300e0caec"}) ||
6211 (block_index.nHeight==91880 && block_index.GetBlockHash() == uint256{"00000000000743f190a18c5577a3c2d2a1f610ae9601ac046a38084ccb7cd721"});
6212}
6213
6214bool IsBIP30Unspendable(const uint256& block_hash, int block_height)
6215{
6216 return (block_height==91722 && block_hash == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
6217 (block_height==91812 && block_hash == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"});
6218}
6219
6220util::Result<void> Chainstate::InvalidateCoinsDBOnDisk()
6221{
6222 // Should never be called on a non-snapshot chainstate.
6224
6225 // Coins views no longer usable.
6226 m_coins_views.reset();
6227
6228 const fs::path db_path{StoragePath()};
6229 const fs::path invalid_path{db_path + "_INVALID"};
6230 const std::string db_path_str{fs::PathToString(db_path)};
6231 const std::string invalid_path_str{fs::PathToString(invalid_path)};
6232 LogInfo("[snapshot] renaming snapshot datadir %s to %s", db_path_str, invalid_path_str);
6233
6234 // The invalid storage directory is simply moved and not deleted because we may
6235 // want to do forensics later during issue investigation. The user is instructed
6236 // accordingly in MaybeValidateSnapshot().
6237 try {
6238 fs::rename(db_path, invalid_path);
6239 } catch (const fs::filesystem_error& e) {
6240 LogError("While invalidating the coins db: Error renaming file '%s' -> '%s': %s",
6241 db_path_str, invalid_path_str, e.what());
6242 return util::Error{strprintf(_(
6243 "Rename of '%s' -> '%s' failed. "
6244 "You should resolve this by manually moving or deleting the invalid "
6245 "snapshot directory %s, otherwise you will encounter the same error again "
6246 "on the next startup."),
6247 db_path_str, invalid_path_str, db_path_str)};
6248 }
6249 return {};
6250}
6251
6252bool ChainstateManager::DeleteChainstate(Chainstate& chainstate)
6253{
6255 assert(!chainstate.m_coins_views);
6256 const fs::path db_path{chainstate.StoragePath()};
6257 if (!DeleteCoinsDBFromDisk(db_path, /*is_snapshot=*/bool{chainstate.m_from_snapshot_blockhash})) {
6258 LogError("Deletion of %s failed. Please remove it manually to continue reindexing.",
6259 fs::PathToString(db_path));
6260 return false;
6261 }
6262 std::unique_ptr<Chainstate> prev_chainstate{Assert(RemoveChainstate(chainstate))};
6263 Chainstate& curr_chainstate{CurrentChainstate()};
6264 assert(prev_chainstate->m_mempool->size() == 0);
6265 assert(!curr_chainstate.m_mempool);
6266 std::swap(curr_chainstate.m_mempool, prev_chainstate->m_mempool);
6267 return true;
6268}
6269
6270ChainstateRole Chainstate::GetRole() const
6271{
6272 return ChainstateRole{.validated = m_assumeutxo == Assumeutxo::VALIDATED, .historical = bool{m_target_blockhash}};
6273}
6274
6275void ChainstateManager::RecalculateBestHeader()
6276{
6278 m_best_header = ActiveChain().Tip();
6279 for (auto& entry : m_blockman.m_block_index) {
6280 if (!(entry.second.nStatus & BLOCK_FAILED_VALID) && m_best_header->nChainWork < entry.second.nChainWork) {
6281 m_best_header = &entry.second;
6282 }
6283 }
6284}
6285
6286std::optional<int> ChainstateManager::BlocksAheadOfTip() const
6287{
6288 LOCK(::cs_main);
6289 const CBlockIndex* best_header{m_best_header};
6290 const CBlockIndex* tip{ActiveChain().Tip()};
6291 // Only consider headers that extend the active tip; ignore competing branches.
6292 if (best_header && tip && best_header->nChainWork > tip->nChainWork &&
6293 best_header->GetAncestor(tip->nHeight) == tip) {
6294 return best_header->nHeight - tip->nHeight;
6295 }
6296 return std::nullopt;
6297}
6298
6299bool ChainstateManager::ValidatedSnapshotCleanup(Chainstate& validated_cs, Chainstate& unvalidated_cs)
6300{
6302 if (unvalidated_cs.m_assumeutxo != Assumeutxo::VALIDATED) {
6303 // No need to clean up.
6304 return false;
6305 }
6306
6307 const fs::path validated_path{validated_cs.StoragePath()};
6308 const fs::path assumed_valid_path{unvalidated_cs.StoragePath()};
6309 const fs::path delete_path{validated_path + "_todelete"};
6310
6311 // Since we're going to be moving around the underlying leveldb filesystem content
6312 // for each chainstate, make sure that the chainstates (and their constituent
6313 // CoinsViews members) have been destructed first.
6314 //
6315 // The caller of this method will be responsible for reinitializing chainstates
6316 // if they want to continue operation.
6317 this->ResetChainstates();
6318 assert(this->m_chainstates.size() == 0);
6319
6320 LogInfo("[snapshot] deleting background chainstate directory (now unnecessary) (%s)",
6321 fs::PathToString(validated_path));
6322
6323 auto rename_failed_abort = [this](
6324 fs::path p_old,
6325 fs::path p_new,
6326 const fs::filesystem_error& err) {
6327 LogError("[snapshot] Error renaming path (%s) -> (%s): %s\n",
6328 fs::PathToString(p_old), fs::PathToString(p_new), err.what());
6330 "Rename of '%s' -> '%s' failed. "
6331 "Cannot clean up the background chainstate leveldb directory."),
6332 fs::PathToString(p_old), fs::PathToString(p_new)));
6333 };
6334
6335 try {
6336 fs::rename(validated_path, delete_path);
6337 } catch (const fs::filesystem_error& e) {
6338 rename_failed_abort(validated_path, delete_path, e);
6339 throw;
6340 }
6341
6342 LogInfo("[snapshot] moving snapshot chainstate (%s) to "
6343 "default chainstate directory (%s)",
6344 fs::PathToString(assumed_valid_path), fs::PathToString(validated_path));
6345
6346 try {
6347 fs::rename(assumed_valid_path, validated_path);
6348 } catch (const fs::filesystem_error& e) {
6349 rename_failed_abort(assumed_valid_path, validated_path, e);
6350 throw;
6351 }
6352
6353 if (!DeleteCoinsDBFromDisk(delete_path, /*is_snapshot=*/false)) {
6354 // No need to FatalError because once the unneeded bg chainstate data is
6355 // moved, it will not interfere with subsequent initialization.
6356 LogWarning("Deletion of %s failed. Please remove it manually, as the "
6357 "directory is now unnecessary.",
6358 fs::PathToString(delete_path));
6359 } else {
6360 LogInfo("[snapshot] deleted background chainstate directory (%s)",
6361 fs::PathToString(validated_path));
6362 }
6363 return true;
6364}
6365
6366std::pair<int, int> Chainstate::GetPruneRange(int last_height_can_prune) const
6367{
6368 if (m_chain.Height() <= 0) {
6369 return {0, 0};
6370 }
6371 int prune_start{0};
6372
6373 if (m_from_snapshot_blockhash && m_assumeutxo != Assumeutxo::VALIDATED) {
6374 // Only prune blocks _after_ the snapshot if this is a snapshot chain
6375 // that has not been fully validated yet. The earlier blocks need to be
6376 // kept to validate the snapshot
6377 prune_start = Assert(SnapshotBase())->nHeight + 1;
6378 }
6379
6380 int max_prune = std::max<int>(
6381 0, m_chain.Height() - static_cast<int>(MIN_BLOCKS_TO_KEEP));
6382
6383 // last block to prune is the lesser of (caller-specified height, MIN_BLOCKS_TO_KEEP from the tip)
6384 //
6385 // While you might be tempted to prune the background chainstate more
6386 // aggressively (i.e. fewer MIN_BLOCKS_TO_KEEP), this won't work with index
6387 // building - specifically blockfilterindex requires undo data, and if
6388 // we don't maintain this trailing window, we hit indexing failures.
6389 int prune_end = std::min(last_height_can_prune, max_prune);
6390
6391 return {prune_start, prune_end};
6392}
6393
6394std::optional<std::pair<const CBlockIndex*, const CBlockIndex*>> ChainstateManager::GetHistoricalBlockRange() const
6395{
6396 const Chainstate* chainstate{HistoricalChainstate()};
6397 if (!chainstate) return {};
6398 return std::make_pair(chainstate->m_chain.Tip(), chainstate->TargetBlock());
6399}
6400
6401util::Result<void> ChainstateManager::ActivateBestChains()
6402{
6403 // We can't hold cs_main during ActivateBestChain even though we're accessing
6404 // the chainman unique_ptrs since ABC requires us not to be holding cs_main, so retrieve
6405 // the relevant pointers before the ABC call.
6407 std::vector<Chainstate*> chainstates;
6408 {
6409 LOCK(GetMutex());
6410 chainstates.reserve(m_chainstates.size());
6411 for (const auto& chainstate : m_chainstates) {
6412 if (chainstate && chainstate->m_assumeutxo != Assumeutxo::INVALID && !chainstate->m_target_utxohash) {
6413 chainstates.push_back(chainstate.get());
6414 }
6415 }
6416 }
6417 for (Chainstate* chainstate : chainstates) {
6419 if (!chainstate->ActivateBestChain(state, nullptr)) {
6420 LOCK(GetMutex());
6421 return util::Error{Untranslated(strprintf("%s Failed to connect best block (%s)", chainstate->ToString(), state.ToString()))};
6422 }
6423 }
6424 return {};
6425}
bool MoneyRange(const CAmount &nValue)
Definition: amount.h:27
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12
static constexpr CAmount COIN
The amount of satoshis in one BTC.
Definition: amount.h:15
arith_uint256 UintToArith256(const uint256 &a)
int ret
int flags
Definition: bitcoin-tx.cpp:530
ArgsManager & args
Definition: bitcoind.cpp:280
void InvalidateBlock(ChainstateManager &chainman, const uint256 block_hash)
CBlockLocator GetLocator(const CBlockIndex *index)
Get a locator for a block index entry.
Definition: chain.cpp:45
int64_t GetBlockProofEquivalentTime(const CBlockIndex &to, const CBlockIndex &from, const CBlockIndex &tip, const Consensus::Params &params)
Return the time it would take to redo the work difference between from and to, assuming the current h...
Definition: chain.cpp:135
const CBlockIndex * LastCommonAncestor(const CBlockIndex *pa, const CBlockIndex *pb)
Find the last common ancestor two blocks have.
Definition: chain.cpp:154
@ BLOCK_VALID_CHAIN
Outputs do not overspend inputs, no double spends, coinbase output ok, no immature coinbase spends,...
Definition: chain.h:65
@ BLOCK_VALID_MASK
All validity bits.
Definition: chain.h:72
@ BLOCK_VALID_TRANSACTIONS
Only first tx is coinbase, 2 <= coinbase input script length <= 100, transactions valid,...
Definition: chain.h:61
@ BLOCK_VALID_SCRIPTS
Scripts & signatures ok.
Definition: chain.h:69
@ BLOCK_VALID_TREE
All parent headers found, difficulty matches, timestamp >= median previous.
Definition: chain.h:51
@ BLOCK_HAVE_UNDO
undo data available in rev*.dat
Definition: chain.h:76
@ BLOCK_HAVE_DATA
full block available in blk*.dat
Definition: chain.h:75
@ BLOCK_FAILED_VALID
stage after last reached validness failed
Definition: chain.h:79
@ BLOCK_OPT_WITNESS
block data in blk*.dat was received with a witness-enforcing client
Definition: chain.h:82
static constexpr int32_t SEQ_ID_BEST_CHAIN_FROM_DISK
Init values for CBlockIndex nSequenceId when loaded from disk.
Definition: chain.h:39
arith_uint256 GetBlockProof(const CBlockIndex &block)
Compute how much work a block index entry corresponds to.
Definition: chain.h:305
static constexpr int32_t SEQ_ID_INIT_FROM_DISK
Definition: chain.h:40
#define NONFATAL_UNREACHABLE()
NONFATAL_UNREACHABLE() is a macro that is used to mark unreachable code.
Definition: check.h:133
#define Assert(val)
Identity function.
Definition: check.h:116
#define STR_INTERNAL_BUG(msg)
Definition: check.h:99
#define Assume(val)
Assume is the identity function.
Definition: check.h:128
Non-refcounted RAII wrapper for FILE*.
Definition: streams.h:395
std::string ToString() const
Definition: hash_type.h:43
Wrapper around an AutoFile& that implements a ring buffer to deserialize from.
Definition: streams.h:505
Nodes collect new transactions into a block, hash them into a hash tree, and scan through nonce value...
Definition: block.h:27
NodeSeconds Time() const
Definition: block.h:61
uint32_t nBits
Definition: block.h:34
int64_t GetBlockTime() const
Definition: block.h:66
int32_t nVersion
Definition: block.h:30
uint256 hashPrevBlock
Definition: block.h:31
uint256 hashMerkleRoot
Definition: block.h:32
uint256 GetHash() const
Definition: block.cpp:14
Definition: block.h:74
bool m_checked_merkle_root
Definition: block.h:82
std::vector< CTransactionRef > vtx
Definition: block.h:77
bool m_checked_witness_commitment
Definition: block.h:81
bool fChecked
Definition: block.h:80
The block chain is a tree shaped structure starting with the genesis block at the root,...
Definition: chain.h:94
bool IsValid(enum BlockStatus nUpTo) const EXCLUSIVE_LOCKS_REQUIRED(
Check whether this block index entry is valid up to the passed validity level.
Definition: chain.h:250
CBlockIndex * pprev
pointer to the index of the predecessor of this block
Definition: chain.h:100
uint64_t m_chain_tx_count
(memory only) Number of transactions in the chain up to and including this block.
Definition: chain.h:129
arith_uint256 nChainWork
(memory only) Total amount of work (expected number of hashes) in the chain up to and including this ...
Definition: chain.h:118
bool HaveNumChainTxs() const
Check whether this block and all previous blocks back to the genesis block or an assumeutxo snapshot ...
Definition: chain.h:214
uint32_t nTime
Definition: chain.h:142
int32_t nSequenceId
(memory only) Sequential id assigned to distinguish order in which blocks are received.
Definition: chain.h:149
uint256 GetBlockHash() const
Definition: chain.h:198
int64_t GetBlockTime() const
Definition: chain.h:221
int64_t GetMedianTimePast() const
Definition: chain.h:233
FlatFilePos GetUndoPos() const EXCLUSIVE_LOCKS_REQUIRED(
Definition: chain.h:174
bool RaiseValidity(enum BlockStatus nUpTo) EXCLUSIVE_LOCKS_REQUIRED(
Raise the validity level of this block index entry.
Definition: chain.h:262
CBlockIndex * pskip
pointer to the index of some further predecessor of this block
Definition: chain.h:103
unsigned int nTx
Number of transactions in this block.
Definition: chain.h:123
int32_t nVersion
block header
Definition: chain.h:140
CBlockIndex * GetAncestor(int height)
Efficiently find an ancestor of this block.
Definition: chain.cpp:109
int nHeight
height of the entry in the chain. The genesis block has height 0
Definition: chain.h:106
const uint256 * phashBlock
pointer to the hash of the block, if any. Memory is owned by this CBlockIndex
Definition: chain.h:97
Undo information for a CBlock.
Definition: undo.h:64
std::vector< CTxUndo > vtxundo
Definition: undo.h:66
An in-memory indexed chain of blocks.
Definition: chain.h:380
bool Contains(const CBlockIndex &index) const
Efficiently check whether a block is present in this chain.
Definition: chain.h:410
CBlockIndex * Tip() const
Returns the index entry for the tip of this chain, or nullptr if none.
Definition: chain.h:396
const CBlockIndex * FindFork(const CBlockIndex &index) const
Find the last common block between this chain and a block index entry.
Definition: chain.cpp:50
void SetTip(CBlockIndex &block)
Set/initialize a chain with a given tip.
Definition: chain.cpp:16
CBlockIndex * Next(const CBlockIndex &index) const
Find the successor of a block in this chain, or nullptr if the given index is not found or is the tip...
Definition: chain.h:416
CBlockIndex * Genesis() const
Returns the index entry for the genesis block of this chain, or nullptr if none.
Definition: chain.h:390
int Height() const
Return the maximal height in the chain.
Definition: chain.h:425
CChainParams defines various tweakable parameters of a given instance of the Bitcoin system.
Definition: chainparams.h:77
const CBlock & GenesisBlock() const
Definition: chainparams.h:94
std::vector< int > GetAvailableSnapshotHeights() const
const ChainTxData & TxData() const
Definition: chainparams.h:128
std::optional< AssumeutxoData > AssumeutxoForHeight(int height) const
Definition: chainparams.h:119
CCoinsView that adds a memory cache for transactions to another CCoinsView.
Definition: coins.h:394
void Sync()
Push the modifications applied to this cache to its base while retaining the contents of this cache (...
Definition: coins.cpp:272
bool SpendCoin(const COutPoint &outpoint, Coin *moveto=nullptr)
Spend a coin.
Definition: coins.cpp:132
ResetGuard CreateResetGuard() noexcept
Create a scoped guard that will call Reset() on this cache when it goes out of scope.
Definition: coins.h:545
void Uncache(const COutPoint &outpoint)
Removes the UTXO with the given outpoint from the cache, if it is not modified.
Definition: coins.cpp:291
void AddCoin(const COutPoint &outpoint, Coin &&coin, bool possible_overwrite)
Add a coin.
Definition: coins.cpp:68
void Flush(bool reallocate_cache=true)
Push the modifications applied to this cache to its base and wipe local state.
Definition: coins.cpp:260
void SetBestBlock(const uint256 &block_hash)
Definition: coins.cpp:184
unsigned int GetCacheSize() const
Size of the cache (in number of transaction outputs)
Definition: coins.cpp:306
uint256 GetBestBlock() const override
Retrieve the block hash whose state this CCoinsView currently represents.
Definition: coins.cpp:178
bool HaveCoinInCache(const COutPoint &outpoint) const
Check if we have the given utxo already loaded in this cache.
Definition: coins.cpp:173
size_t DynamicMemoryUsage() const
Calculate the size of the cache (in bytes)
Definition: coins.cpp:38
void EmplaceCoinInternalDANGER(COutPoint &&outpoint, Coin &&coin)
Emplace a coin into cacheCoins without performing any checks, marking the emplaced coin as dirty.
Definition: coins.cpp:111
bool HaveCoin(const COutPoint &outpoint) const override
Just check whether a given outpoint is unspent.
Definition: coins.cpp:167
const Coin & AccessCoin(const COutPoint &output) const
Return a reference to Coin in the cache, or coinEmpty if not found.
Definition: coins.cpp:158
CCoinsView backed by the coin database (chainstate/)
Definition: txdb.h:37
std::shared_future< void > CompactFullAsync() EXCLUSIVE_LOCKS_REQUIRED(cs_main
Perform a full compaction of the underlying LevelDB on a one-shot background thread.
Definition: txdb.cpp:198
void ResizeCache(size_t new_cache_size) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Dynamically alter the underlying leveldb cache size.
Definition: txdb.cpp:73
Pure abstract view on the open txout dataset.
Definition: coins.h:308
virtual std::optional< Coin > GetCoin(const COutPoint &outpoint) const =0
Retrieve the Coin (unspent transaction output) for a given outpoint.
CCoinsView that brings transactions from a mempool into view.
Definition: txmempool.h:765
Fee rate in satoshis per virtualbyte: CAmount / vB the feerate is represented internally as FeeFrac.
Definition: feerate.h:32
A hasher class for Bitcoin's 256-bit hash (double SHA-256).
Definition: hash.h:32
void Finalize(std::span< unsigned char > output)
Definition: hash.h:38
CHash256 & Write(std::span< const unsigned char > input)
Definition: hash.h:45
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
uint32_t n
Definition: transaction.h:32
Txid hash
Definition: transaction.h:31
A hasher class for SHA-256.
Definition: sha256.h:14
void Finalize(unsigned char hash[OUTPUT_SIZE])
Definition: sha256.cpp:725
CSHA256 & Write(const unsigned char *data, size_t len)
Definition: sha256.cpp:699
Closure representing one script verification Note that this stores references to the spending transac...
Definition: validation.h:339
SignatureCache * m_signature_cache
Definition: validation.h:347
PrecomputedTransactionData * txdata
Definition: validation.h:346
CTxOut m_tx_out
Definition: validation.h:341
script_verify_flags m_flags
Definition: validation.h:344
bool cacheStore
Definition: validation.h:345
std::optional< std::pair< ScriptError, std::string > > operator()()
const CTransaction * ptxTo
Definition: validation.h:342
unsigned int nIn
Definition: validation.h:343
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:406
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:281
bool HasWitness() const
Definition: transaction.h:353
const std::vector< CTxOut > vout
Definition: transaction.h:292
const Wtxid & GetWitnessHash() const LIFETIMEBOUND
Definition: transaction.h:329
bool IsCoinBase() const
Definition: transaction.h:341
const Txid & GetHash() const LIFETIMEBOUND
Definition: transaction.h:328
const std::vector< CTxIn > vin
Definition: transaction.h:291
An input of a transaction.
Definition: transaction.h:62
COutPoint prevout
Definition: transaction.h:64
CTxMemPool::txiter TxHandle
Definition: txmempool.h:646
CTxMemPool stores valid-according-to-the-current-best-chain transactions that may be included in the ...
Definition: txmempool.h:187
void check(const CCoinsViewCache &active_coins_tip, int64_t spendheight) const EXCLUSIVE_LOCKS_REQUIRED(void removeRecursive(const CTransaction &tx, MemPoolRemovalReason reason) EXCLUSIVE_LOCKS_REQUIRED(cs)
If sanity-checking is turned on, check makes sure the pool is consistent (does not contain two transa...
Definition: txmempool.h:323
void UpdateTransactionsFromBlock(const std::vector< Txid > &vHashesToUpdate) EXCLUSIVE_LOCKS_REQUIRED(cs
UpdateTransactionsFromBlock is called when adding transactions from a disconnected block back to the ...
Definition: txmempool.cpp:91
void AddTransactionsUpdated(unsigned int n)
Definition: txmempool.cpp:201
CTransactionRef get(const Txid &hash) const
Return a mempool transaction with a given hash.
Definition: txmempool.cpp:621
size_t DynamicMemoryUsage() const
Definition: txmempool.cpp:787
const Options m_opts
Definition: txmempool.h:301
void removeForReorg(CChain &chain, std::function< bool(txiter)> filter_final_and_mature) EXCLUSIVE_LOCKS_REQUIRED(cs
After reorg, filter the entries that would no longer be valid in the next block, and update the entri...
Definition: txmempool.cpp:360
bool exists(const Txid &txid) const
Definition: txmempool.h:501
std::set< txiter, CompareIteratorByHash > setEntries
Definition: txmempool.h:266
void removeForBlock(const std::vector< CTransactionRef > &vtx, unsigned int nBlockHeight) EXCLUSIVE_LOCKS_REQUIRED(cs)
Definition: txmempool.cpp:405
indexed_transaction_set::nth_index< 0 >::type::const_iterator txiter
Definition: txmempool.h:263
unsigned long size() const
Definition: txmempool.h:483
An output of a transaction.
Definition: transaction.h:140
CScript scriptPubKey
Definition: transaction.h:143
CAmount nValue
Definition: transaction.h:142
Undo information for a CTransaction.
Definition: undo.h:54
std::vector< Coin > vprevout
Definition: undo.h:57
VerifyDBResult VerifyDB(Chainstate &chainstate, const Consensus::Params &consensus_params, CCoinsView &coinsview, int nCheckLevel, int nCheckDepth) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
kernel::Notifications & m_notifications
Definition: validation.h:438
CVerifyDB(kernel::Notifications &notifications)
Chainstate stores and provides an API to update our local knowledge of the current best chain.
Definition: validation.h:551
void InitCoinsCache(size_t cache_size_bytes) EXCLUSIVE_LOCKS_REQUIRED(bool CanFlushToDisk() const EXCLUSIVE_LOCKS_REQUIRED(
Initialize the in-memory coins cache (to be done after the health of the on-disk database is verified...
Definition: validation.h:617
Mutex m_chainstate_mutex
The ChainState Mutex A lock that must be held when modifying this ChainState - held in ActivateBestCh...
Definition: validation.h:558
CChain m_chain
The current chain of blockheaders we consult and build on.
Definition: validation.h:625
CTxMemPool * GetMempool()
Definition: validation.h:701
bool RollforwardBlock(const CBlockIndex *pindex, CCoinsViewCache &inputs) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Apply the effects of a block on the utxo cache, ignoring that it may already have been applied.
size_t m_coinstip_cache_size_bytes
The cache size of the in-memory coins view.
Definition: validation.h:721
void UpdateTip(const CBlockIndex *pindexNew) EXCLUSIVE_LOCKS_REQUIRED(NodeClock::time_poin m_next_write)
Check warning conditions and do some notifications on new chain tip set.
Definition: validation.h:889
CCoinsViewCache & CoinsTip() EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.h:686
bool LoadChainTip() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Update the chain tip based on database information, i.e.
size_t m_coinsdb_cache_size_bytes
The cache size of the on-disk coins view.
Definition: validation.h:718
bool PreciousBlock(BlockValidationState &state, CBlockIndex *pindex) LOCKS_EXCLUDED(bool InvalidateBlock(BlockValidationState &state, CBlockIndex *pindex) LOCKS_EXCLUDED(void SetBlockFailureFlags(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(voi ResetBlockFailureFlags)(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Mark a block as precious and reorganize.
Definition: validation.h:805
void InvalidBlockFound(CBlockIndex *pindex, const BlockValidationState &state) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
bool ConnectTip(BlockValidationState &state, CBlockIndex *pindexNew, std::shared_ptr< const CBlock > block_to_connect, std::vector< ConnectedBlock > &connected_blocks, DisconnectedBlockTransactions &disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Connect a new block to m_chain.
void CheckForkWarningConditions() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
const CBlockIndex *SnapshotBase() const EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex *TargetBlock() const EXCLUSIVE_LOCKS_REQUIRED(void SetTargetBlock(CBlockIndex *block) EXCLUSIVE_LOCKS_REQUIRED(void SetTargetBlockHash(uint256 block_hash) EXCLUSIVE_LOCKS_REQUIRED(boo ReachedTarget)() const EXCLUSIVE_LOCKS_REQUIRED(
The base of the snapshot this chainstate was created from.
Definition: validation.h:669
kernel::ChainstateRole GetRole() const EXCLUSIVE_LOCKS_REQUIRED(void InitCoinsDB(size_t cache_size_bytes, bool in_memory, bool should_wipe)
Return the current role of the chainstate.
const std::optional< uint256 > m_from_snapshot_blockhash
The blockhash which is the base of the snapshot this chainstate was created from.
Definition: validation.h:637
bool ActivateBestChain(BlockValidationState &state, std::shared_ptr< const CBlock > pblock=nullptr) LOCKS_EXCLUDED(DisconnectResult DisconnectBlock(const CBlock &block, const CBlockIndex *pindex, CCoinsViewCache &view) EXCLUSIVE_LOCKS_REQUIRED(boo ConnectBlock)(const CBlock &block, BlockValidationState &state, CBlockIndex *pindex, CCoinsViewCache &view, bool fJustCheck=false) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Find the best known block, and make it the tip of the block chain.
Definition: validation.h:781
bool ActivateBestChainStep(BlockValidationState &state, CBlockIndex &index_most_work, const std::shared_ptr< const CBlock > &pblock, bool &fInvalidFound, std::vector< ConnectedBlock > &connected_blocks) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Return the [start, end] (inclusive) of block heights we can prune.
CTxMemPool * m_mempool
Optional mempool that is kept in sync with the chain.
Definition: validation.h:562
CCoinsViewDB & CoinsDB() EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.h:694
bool DisconnectTip(BlockValidationState &state, DisconnectedBlockTransactions *disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Disconnect m_chain's tip.
CBlockIndex * FindMostWorkChain() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Return the tip of the chain with the most work in it, that isn't known to be invalid (it's however fa...
std::set< CBlockIndex *, node::CBlockIndexWorkComparator > setBlockIndexCandidates
The set of all CBlockIndex entries that have as much work as our current tip or more,...
Definition: validation.h:683
ChainstateManager & m_chainman
The chainstate manager that owns this chainstate.
Definition: validation.h:583
std::unique_ptr< CoinsViews > m_coins_views
Manages the UTXO set, which is a reflection of the contents of m_chain.
Definition: validation.h:565
bool m_mempool cs
Definition: validation.h:785
bool ReplayBlocks()
Replay blocks that aren't fully applied to the database.
void PruneBlockIndexCandidates()
Delete all entries in setBlockIndexCandidates that are worse than the current tip.
void TryAddBlockIndexCandidate(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Add a block to the candidate set if it has as much work as the current tip.
void PruneAndFlush()
Prune blockfiles from the disk if necessary and then flush chainstate changes if we pruned.
bool ResizeCoinsCaches(size_t coinstip_size, size_t coinsdb_size) EXCLUSIVE_LOCKS_REQUIRED(bool FlushStateToDisk(BlockValidationState &state, FlushStateMode mode, int nManualPruneHeight=0)
Resize the CoinsViews caches dynamically and flush state to disk.
node::BlockManager & m_blockman
Reference to a BlockManager instance which itself is shared across all Chainstate instances.
Definition: validation.h:578
void ForceFlushStateToDisk(bool wipe_cache=true)
Flush all changes to disk.
void MaybeUpdateMempoolForReorg(DisconnectedBlockTransactions &disconnectpool, bool fAddToMempool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Make mempool consistent after a reorg, by re-adding or recursively erasing disconnected block transac...
Definition: validation.cpp:302
void ClearBlockIndexCandidates() EXCLUSIVE_LOCKS_REQUIRED(void PopulateBlockIndexCandidates() EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex * FindForkInGlobalIndex(const CBlockLocator &locator) const EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Populate the candidate set by calling TryAddBlockIndexCandidate on all valid block indices.
Definition: validation.cpp:128
void InvalidChainFound(CBlockIndex *pindexNew) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Chainstate(CTxMemPool *mempool, node::BlockManager &blockman, ChainstateManager &chainman, std::optional< uint256 > from_snapshot_blockhash=std::nullopt)
fs::path StoragePath() const
Return path to chainstate leveldb directory.
bool NeedsRedownload() const EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Whether the chain state needs to be redownloaded due to lack of witness data.
CoinsCacheSizeState GetCoinsCacheSizeState() EXCLUSIVE_LOCKS_REQUIRED(CoinsCacheSizeState GetCoinsCacheSizeState(size_t max_coins_cache_size_bytes, size_t max_mempool_size_bytes) EXCLUSIVE_LOCKS_REQUIRED(std::string ToString() EXCLUSIVE_LOCKS_REQUIRED(RecursiveMutex * MempoolMutex() const LOCK_RETURNED(m_mempool -> cs)
Dictates whether we need to flush the cache to disk or not.
Definition: validation.h:841
Interface for managing multiple Chainstate objects, where each chainstate is associated with chainsta...
Definition: validation.h:938
util::Result< void > PopulateAndValidateSnapshot(Chainstate &snapshot_chainstate, AutoFile &coins_file, const node::SnapshotMetadata &metadata)
Internal helper for ActivateSnapshot().
Chainstate * HistoricalChainstate() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Return historical chainstate targeting a specific block, if any.
Definition: validation.h:1129
const uint256 & AssumedValidBlock() const
Definition: validation.h:1009
ValidationCache m_validation_cache
Definition: validation.h:1038
double GetBackgroundVerificationProgress(const CBlockIndex &pindex) const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Guess background verification progress in case assume-utxo was used (as a fraction between 0....
double GuessVerificationProgress(const CBlockIndex *pindex) const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Guess verification progress (as a fraction between 0.0=genesis and 1.0=current tip).
bool IsInitialBlockDownload() const noexcept
Check whether we are doing an initial block download (synchronizing from disk or network)
size_t m_total_coinstip_cache
The total number of bytes available for us to use across all in-memory coins caches.
Definition: validation.h:1080
MempoolAcceptResult ProcessTransaction(const CTransactionRef &tx, bool test_accept=false) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Try to add a transaction to the memory pool.
std::unique_ptr< Chainstate > RemoveChainstate(Chainstate &chainstate) EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Remove a chainstate.
Definition: validation.h:1149
kernel::Notifications & GetNotifications() const
Definition: validation.h:1010
void ReceivedBlockTransactions(const CBlock &block, CBlockIndex *pindexNew, const FlatFilePos &pos) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Mark a block as having its data received and checked (up to BLOCK_VALID_TRANSACTIONS).
bool ShouldCheckBlockIndex() const
RecursiveMutex & GetMutex() const LOCK_RETURNED(
Alias for cs_main.
Definition: validation.h:1030
CBlockIndex * ActiveTip() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1168
Chainstate & ActiveChainstate() const
Alternatives to CurrentChainstate() used by older code to query latest chainstate information without...
SnapshotCompletionResult MaybeValidateSnapshot(Chainstate &validated_cs, Chainstate &unvalidated_cs) EXCLUSIVE_LOCKS_REQUIRED(Chainstate & CurrentChainstate() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Try to validate an assumeutxo snapshot by using a validated historical chainstate targeted at the sna...
Definition: validation.h:1120
bool ProcessNewBlock(const std::shared_ptr< const CBlock > &block, bool force_processing, bool min_pow_checked, bool *new_block) LOCKS_EXCLUDED(cs_main)
Process an incoming block.
size_t m_total_coinsdb_cache
The total number of bytes available for us to use across all leveldb coins databases.
Definition: validation.h:1084
void CheckBlockIndex() const
Make various assertions about the state of the block index.
const util::SignalInterrupt & m_interrupt
Definition: validation.h:1032
void LoadExternalBlockFile(AutoFile &file_in, FlatFilePos *dbp=nullptr, std::multimap< uint256, FlatFilePos > *blocks_with_unknown_parent=nullptr)
Import blocks from an external file.
int ActiveHeight() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1167
VersionBitsCache m_versionbitscache
Track versionbit status.
Definition: validation.h:1193
std::function< void()> snapshot_download_completed
Function to restart active indexes; set dynamically to avoid a circular dependency on base/index....
Definition: validation.h:1003
const CChainParams & GetParams() const
Definition: validation.h:1005
void GenerateCoinbaseCommitment(CBlock &block, const CBlockIndex *pindexPrev) const
Produce the necessary coinbase commitment for a block (modifies the hash, don't call for mined blocks...
bool ProcessNewBlockHeaders(std::span< const CBlockHeader > headers, bool min_pow_checked, BlockValidationState &state, const CBlockIndex **ppindex=nullptr) LOCKS_EXCLUDED(cs_main)
Process incoming block headers.
const Consensus::Params & GetConsensus() const
Definition: validation.h:1006
ChainstateManager(const util::SignalInterrupt &interrupt, Options options, node::BlockManager::Options blockman_options)
const arith_uint256 & MinimumChainWork() const
Definition: validation.h:1008
void UpdateIBDStatus() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Update and possibly latch the IBD status.
bool LoadGenesisBlock()
Ensures a genesis block is in the block tree, possibly writing one to disk.
const Options m_options
Definition: validation.h:1033
bool LoadBlockIndex() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Load the block tree and coins database from disk, initializing state if we're running with -reindex.
Chainstate &InitializeChainstate(CTxMemPool *mempool) EXCLUSIVE_LOCKS_REQUIRED(util::Result< CBlockIndex * ActivateSnapshot)(AutoFile &coins_file, const node::SnapshotMetadata &metadata, bool in_memory)
Instantiate a new chainstate.
Definition: validation.h:1106
CChain & ActiveChain() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1166
bool AcceptBlockHeader(const CBlockHeader &block, BlockValidationState &state, CBlockIndex **ppindex, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
If a block header hasn't already been seen, call CheckBlockHeader on it, ensure that it doesn't desce...
arith_uint256 nLastPreciousChainwork
chainwork for the last block that preciousblock has been applied to.
Definition: validation.h:1060
void ReportHeadersPresync(int64_t height, int64_t timestamp)
This is used by net_processing to report pre-synchronization progress of headers, as headers are not ...
std::atomic_bool m_cached_is_ibd
Whether initial block download (IBD) is ongoing.
Definition: validation.h:1047
bool NotifyHeaderTip() LOCKS_EXCLUDED(GetMutex())
void MaybeRebalanceCaches() EXCLUSIVE_LOCKS_REQUIRED(void UpdateUncommittedBlockStructures(CBlock &block, const CBlockIndex *pindexPrev) const
Check to see if caches are out of balance and if so, call ResizeCoinsCaches() as needed.
Chainstate *LoadAssumeutxoChainstate() EXCLUSIVE_LOCKS_REQUIRED(Chainstate &AddChainstate(std::unique_ptr< Chainstate > chainstate) EXCLUSIVE_LOCKS_REQUIRED(void ResetChainstates() EXCLUSIVE_LOCKS_REQUIRED(bool DeleteChainstate(Chainstate &chainstate) EXCLUSIVE_LOCKS_REQUIRED(bool ValidatedSnapshotCleanup(Chainstate &validated_cs, Chainstate &unvalidated_cs) EXCLUSIVE_LOCKS_REQUIRED(std::optional< std::pair< const CBlockIndex *, const CBlockIndex * > > GetHistoricalBlockRange() const EXCLUSIVE_LOCKS_REQUIRED(util::Result< void > ActivateBestChains() LOCKS_EXCLUDED(void RecalculateBestHeader() EXCLUSIVE_LOCKS_REQUIRED(std::optional< int > BlocksAheadOfTip() const LOCKS_EXCLUDED(CCheckQueue< CScriptCheck > & GetCheckQueue()
When starting up, search the datadir for a chainstate based on a UTXO snapshot that is in the process...
Definition: validation.h:1373
int32_t nBlockReverseSequenceId
Decreasing counter (used by subsequent preciousblock calls).
Definition: validation.h:1058
node::BlockManager m_blockman
A single BlockManager instance is shared across each constructed chainstate to avoid duplicating bloc...
Definition: validation.h:1036
bool AcceptBlock(const std::shared_ptr< const CBlock > &pblock, BlockValidationState &state, CBlockIndex **ppindex, bool fRequested, const FlatFilePos *dbp, bool *fNewBlock, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Sufficiently validate a block for disk storage (and store on disk).
A UTXO entry.
Definition: coins.h:35
bool IsCoinBase() const
Definition: coins.h:59
CTxOut out
unspent transaction output
Definition: coins.h:38
bool IsSpent() const
Either this coin never existed (see e.g.
Definition: coins.h:83
bool fCoinBase
whether containing transaction was a coinbase
Definition: coins.h:41
uint32_t nHeight
at which height this containing transaction was included in the active block chain
Definition: coins.h:44
Noop coins view.
Definition: coins.h:347
static CoinsViewEmpty & Get()
Definition: coins.cpp:17
CoinsViews(DBParams db_params, CoinsViewOptions options)
This constructor initializes CCoinsViewDB and CCoinsViewErrorCatcher instances, but it does not creat...
std::pair< uint32_t, size_t > setup_bytes(size_t bytes)
setup_bytes is a convenience function which accounts for internal memory usage when deciding how many...
Definition: cuckoocache.h:365
void insert(Element e)
insert loops at most depth_limit times trying to insert a hash at various locations in the table via ...
Definition: cuckoocache.h:398
bool contains(const Element &e, const bool erase) const
contains iterates through the hash locations for a given element and checks to see if it is present.
Definition: cuckoocache.h:475
DisconnectedBlockTransactions.
std::list< CTransactionRef > take()
Clear all data structures and return the list of transactions.
void removeForBlock(const std::vector< CTransactionRef > &vtx)
Remove any entries that are in this block.
std::vector< CTransactionRef > AddTransactionsFromBlock(const std::vector< CTransactionRef > &vtx)
Add transactions from the block, iterating through vtx in reverse order.
Fast randomness source.
Definition: random.h:386
Tp rand_uniform_delay(const Tp &time, typename Tp::duration range) noexcept
Return the time point advanced by a uniform random duration.
Definition: random.h:329
I randrange(I range) noexcept
Generate a random integer in the range [0..range), with range > 0.
Definition: random.h:254
Convenience class for initializing and passing the script execution cache and signature cache.
Definition: validation.h:371
ValidationCache(size_t script_execution_cache_bytes, size_t signature_cache_bytes)
CuckooCache::cache< uint256, SignatureCacheHasher > m_script_execution_cache
Definition: validation.h:377
CSHA256 ScriptExecutionCacheHasher() const
Return a copy of the pre-initialized hasher.
Definition: validation.h:386
CSHA256 m_script_execution_cache_hasher
Pre-initialized hasher to avoid having to recreate it for every hash calculation.
Definition: validation.h:374
SignatureCache m_signature_cache
Definition: validation.h:378
void BlockConnected(const kernel::ChainstateRole &, std::shared_ptr< const CBlock >, const CBlockIndex *pindex)
void BlockChecked(const std::shared_ptr< const CBlock > &, const BlockValidationState &)
void ChainStateFlushed(const kernel::ChainstateRole &, const CBlockLocator &)
void NewPoWValidBlock(const CBlockIndex *, const std::shared_ptr< const CBlock > &)
void UpdatedBlockTip(const CBlockIndex *, const CBlockIndex *, bool fInitialDownload)
void ActiveTipChange(const CBlockIndex &, bool)
void BlockDisconnected(std::shared_ptr< const CBlock >, const CBlockIndex *pindex)
bool IsValid() const
Definition: validation.h:105
std::string GetRejectReason() const
Definition: validation.h:109
std::string GetDebugMessage() const
Definition: validation.h:110
bool Error(const std::string &reject_reason)
Definition: validation.h:98
bool Invalid(Result result, const std::string &reject_reason="", const std::string &debug_message="")
Definition: validation.h:88
bool IsError() const
Definition: validation.h:107
Result GetResult() const
Definition: validation.h:108
std::string ToString() const
Definition: validation.h:111
bool IsInvalid() const
Definition: validation.h:106
std::vector< std::pair< int, bool > > CheckUnknownActivations(const CBlockIndex *pindex, const CChainParams &chainparams) EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
Check for unknown activations Returns a vector containing the bit number used for signalling and a bo...
void Clear() EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
256-bit unsigned big integer.
constexpr bool IsNull() const
Definition: uint256.h:49
std::string ToString() const
Definition: uint256.cpp:21
constexpr unsigned char * begin()
Definition: uint256.h:101
double getdouble() const
A base class defining functions for notifying about certain kernel events.
virtual void headerTip(SynchronizationState state, int64_t height, int64_t timestamp, bool presync)
virtual void fatalError(const bilingual_str &message)
The fatal error notification is sent to notify the user when an error occurs in kernel code that can'...
virtual void warningSet(Warning id, const bilingual_str &message)
virtual void progress(const bilingual_str &title, int progress_percent, bool resume_possible)
virtual InterruptResult blockTip(SynchronizationState state, const CBlockIndex &index, double verification_progress)
virtual void warningUnset(Warning id)
Maintains a tree of blocks (stored in m_block_index) which is consulted to determine where the most-w...
Definition: blockstorage.h:196
const kernel::BlockManagerOpts m_opts
Definition: blockstorage.h:304
void FindFilesToPrune(std::set< int > &setFilesToPrune, int last_prune, const Chainstate &chain, ChainstateManager &chainman)
Prune block and undo files (blk???.dat and rev???.dat) so that the disk space used is less than a use...
CBlockIndex * LookupBlockIndex(const uint256 &hash) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
bool ReadBlockUndo(CBlockUndo &blockundo, const CBlockIndex &index) const
CBlockFileInfo *GetBlockFileInfo(size_t n) EXCLUSIVE_LOCKS_REQUIRED(bool WriteBlockUndo(const CBlockUndo &blockundo, BlockValidationState &state, CBlockIndex &block) EXCLUSIVE_LOCKS_REQUIRED(FlatFilePos WriteBlock(const CBlock &block, int nHeight) EXCLUSIVE_LOCKS_REQUIRED(void UpdateBlockInfo(const CBlock &block, unsigned int nHeight, const FlatFilePos &pos) EXCLUSIVE_LOCKS_REQUIRED(bool IsPruneMode() const
Get block file info entry for one block file.
Definition: blockstorage.h:407
std::atomic_bool m_blockfiles_indexed
Whether all blockfiles have been added to the block tree database.
Definition: blockstorage.h:333
std::vector< CBlockIndex * > GetAllBlockIndices() EXCLUSIVE_LOCKS_REQUIRED(std::multimap< CBlockIndex *, CBlockIndex * > m_blocks_unlinked
All pairs A->B, where A (or one of its ancestors) misses transactions, but B has transactions.
Definition: blockstorage.h:351
std::set< CBlockIndex * > m_dirty_blockindex
Dirty block index entries.
Definition: blockstorage.h:313
bool LoadingBlocks() const
Definition: blockstorage.h:413
void UnlinkPrunedFiles(const std::set< int > &setFilesToPrune) const
Actually unlink the specified files.
void WriteBlockIndexDB() EXCLUSIVE_LOCKS_REQUIRED(bool LoadBlockIndexDB(const std::optional< uint256 > &snapshot_blockhash) EXCLUSIVE_LOCKS_REQUIRED(void ScanAndUnlinkAlreadyPrunedFiles() EXCLUSIVE_LOCKS_REQUIRED(CBlockIndex * AddToBlockIndex(const CBlockHeader &block, CBlockIndex *&best_header) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Remove any pruned block & undo files that are still on disk.
Definition: blockstorage.h:372
void AddUnlinkedBlock(CBlockIndex *block) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
bool ReadBlock(CBlock &block, const FlatFilePos &pos, const std::optional< uint256 > &expected_hash) const
Functions for disk access for blocks.
bool m_check_for_pruning
Global flag to indicate we should check to see if there are block/undo files that should be deleted.
Definition: blockstorage.h:288
void FindFilesToPruneManual(std::set< int > &setFilesToPrune, int nManualPruneHeight, const Chainstate &chain)
std::optional< int > m_snapshot_height
The height of the base block of an assumeutxo snapshot, if one is in use.
Definition: blockstorage.h:349
uint64_t CalculateCurrentUsage() EXCLUSIVE_LOCKS_REQUIRED(bool CheckBlockDataAvailability(const CBlockIndex &upper_block, const CBlockIndex &lower_block, BlockStatus block_status=BLOCK_HAVE_DATA) EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex &GetFirstBlock(const CBlockIndex &upper_block LIFETIMEBOUND, uint32_t status_mask, const CBlockIndex *lower_block LIFETIMEBOUND=nullptr) const EXCLUSIVE_LOCKS_REQUIRED(boo m_have_pruned)
Calculate the amount of disk space the block & undo files currently use.
Definition: blockstorage.h:453
Metadata describing a serialized version of a UTXO set from which an assumeutxo Chainstate can be con...
Definition: utxo_snapshot.h:38
uint256 m_base_blockhash
The hash of the block that reflects the tip of the chain for the UTXO set contained in this snapshot.
Definition: utxo_snapshot.h:45
uint64_t m_coins_count
The number of coins in the UTXO set contained in this snapshot.
Definition: utxo_snapshot.h:50
std::string ToString() const
constexpr const std::byte * begin() const
const uint256 & ToUint256() const LIFETIMEBOUND
std::string GetHex() const
256-bit opaque blob.
Definition: uint256.h:196
Helper class that manages an interrupt flag, and allows a thread or signal to interrupt another threa...
std::string FormatFullVersion()
const Coin & AccessByTxid(const CCoinsViewCache &view, const Txid &txid)
Utility function to find any unspent output with a given txid.
Definition: coins.cpp:367
void AddCoins(CCoinsViewCache &cache, const CTransaction &tx, int nHeight, bool check_for_overwrite)
Utility function to add all of a transaction's outputs to a cache.
Definition: coins.cpp:121
uint256 BlockMerkleRoot(const CBlock &block, bool *mutated)
Definition: merkle.cpp:66
uint256 BlockWitnessMerkleRoot(const CBlock &block)
Definition: merkle.cpp:76
static constexpr int NO_WITNESS_COMMITMENT
Index marker for when no witness commitment is present in a coinbase transaction.
Definition: validation.h:15
static constexpr size_t MINIMUM_WITNESS_COMMITMENT
Minimum size of a witness commitment structure.
Definition: validation.h:18
static int64_t GetBlockWeight(const CBlock &block)
Definition: validation.h:136
@ BLOCK_HEADER_LOW_WORK
the block header may be on a too-little-work chain
@ BLOCK_INVALID_HEADER
invalid proof of work or time too old
@ BLOCK_CACHED_INVALID
this block was cached as being invalid and we didn't store the reason why
@ BLOCK_CONSENSUS
invalid by consensus rules (excluding any below reasons)
@ BLOCK_MISSING_PREV
We don't have the previous block the checked one is built on.
@ BLOCK_INVALID_PREV
A block this one builds on is invalid.
@ BLOCK_MUTATED
the block's data didn't match the data committed to by the PoW
@ BLOCK_TIME_FUTURE
block timestamp was > 2 hours in the future (or our clock is bad)
int GetWitnessCommitmentIndex(const CBlock &block)
Compute at which vout of the block's coinbase transaction the witness commitment occurs,...
Definition: validation.h:147
@ TX_MISSING_INPUTS
transaction was missing some of its inputs
@ TX_MEMPOOL_POLICY
violated mempool's fee/size/descendant/RBF/etc limits
@ TX_PREMATURE_SPEND
transaction spends a coinbase too early, or violates locktime/sequence locks
@ TX_WITNESS_STRIPPED
Transaction is missing a witness.
@ TX_CONFLICT
Tx already in mempool or conflicts with a tx in the chain (if it conflicts with another tx in mempool...
@ TX_NOT_STANDARD
otherwise didn't meet our local policy rules
@ TX_WITNESS_MUTATED
Transaction might have a witness prior to SegWit activation, or witness may have been malleated (whic...
@ TX_NO_MEMPOOL
this node does not have a mempool so can't validate the transaction
@ TX_CONSENSUS
invalid by consensus rules
@ TX_RECONSIDERABLE
fails some policy, but might be acceptable if submitted in a (different) package
static constexpr unsigned int LOCKTIME_VERIFY_SEQUENCE
Flags for nSequence and nLockTime locks.
Definition: consensus.h:28
static constexpr int64_t MAX_TIMEWARP
Maximum number of seconds that the timestamp of the first block of a difficulty adjustment period is ...
Definition: consensus.h:35
static const unsigned int MAX_BLOCK_WEIGHT
The maximum allowed weight for a block, see BIP 141 (network rule)
Definition: consensus.h:15
static const unsigned int MAX_BLOCK_SERIALIZED_SIZE
The maximum allowed size for a serialized block, in bytes (only for buffer size limits)
Definition: consensus.h:13
static const int64_t MAX_BLOCK_SIGOPS_COST
The maximum allowed number of signature check operations in a block (network rule)
Definition: consensus.h:17
static const int COINBASE_MATURITY
Coinbase transaction outputs can only be spent after this number of new blocks (network rule)
Definition: consensus.h:19
static const int WITNESS_SCALE_FACTOR
Definition: consensus.h:21
RecursiveMutex cs_main
Mutex to guard access to validation specific variables, such as reading or changing the chainstate.
Definition: cs_main.cpp:8
bool DestroyDB(const std::string &path_str)
Definition: dbwrapper.cpp:39
bool DeploymentActiveAfter(const CBlockIndex *pindexPrev, const Consensus::Params &params, Consensus::BuriedDeployment dep, VersionBitsCache &versionbitscache)
Determine if a deployment is active for the next block.
bool DeploymentActiveAt(const CBlockIndex &index, const Consensus::Params &params, Consensus::BuriedDeployment dep, VersionBitsCache &versionbitscache)
Determine if a deployment is active for this block.
static const unsigned int MAX_DISCONNECTED_TX_POOL_BYTES
Maximum bytes for transactions to store for processing during reorg.
bool CheckEphemeralSpends(const Package &package, CFeeRate dust_relay_rate, const CTxMemPool &tx_pool, TxValidationState &out_child_state, Wtxid &out_child_wtxid)
Called for each transaction(package) if any dust is in the package.
bool PreCheckEphemeralTx(const CTransaction &tx, CFeeRate dust_relay_rate, CAmount base_fee, CAmount mod_fee, TxValidationState &state)
These utility functions ensure that ephemeral dust is safely created and spent without unduly risking...
volatile double sum
Definition: examples.cpp:10
static bool exists(const path &p)
Definition: fs.h:96
static std::string PathToString(const path &path)
Convert path object to a byte string.
Definition: fs.h:162
bool CheckDiskSpace(const fs::path &dir, uint64_t additional_bytes)
Definition: fs_helpers.cpp:93
HTTPHeaders headers
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, script_verify_flags flags, const BaseSignatureChecker &checker, ScriptError *serror)
is a home for simple enum and struct type definitions that can be used internally by functions in the...
#define LogWarning(...)
Definition: log.h:126
#define LogInfo(...)
Definition: log.h:125
#define LogError(...)
Definition: log.h:127
#define LogDebug(category,...)
Definition: log.h:143
unsigned int nHeight
LockPoints lp
@ REORG
Removed for reorganization.
std::array< uint8_t, 4 > MessageStartChars
BlockValidationState m_state
Definition: miner.cpp:371
uint256 m_hash
Definition: miner.cpp:369
unsigned int nonce
@ COINDB
Definition: categories.h:33
@ REINDEX
Definition: categories.h:27
@ TXPACKAGES
Definition: categories.h:45
@ ALL
Definition: categories.h:48
@ VALIDATION
Definition: categories.h:36
@ PRUNE
Definition: categories.h:30
@ MEMPOOL
Definition: categories.h:18
@ BENCH
Definition: categories.h:20
bool CheckTxInputs(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &inputs, int nSpendHeight, CAmount &txfee)
Check whether all inputs of this transaction are valid (no double spends and amounts) This does not m...
Definition: tx_verify.cpp:164
@ DEPLOYMENT_DERSIG
Definition: params.h:29
@ DEPLOYMENT_CSV
Definition: params.h:30
@ DEPLOYMENT_SEGWIT
Definition: params.h:33
@ DEPLOYMENT_HEIGHTINCB
Definition: params.h:27
@ DEPLOYMENT_CLTV
Definition: params.h:28
T check(T ptr)
std::function< FILE *(const fs::path &, const char *)> FopenFn
Definition: fs.h:197
Definition: basic.cpp:8
bool IsInterrupted(const T &result)
CoinStatsHashType
Definition: coinstats.h:26
static std::optional< CCoinsStats > ComputeUTXOStats(T hash_obj, CCoinsView *view, node::BlockManager &blockman, const std::function< void()> &interruption_point)
Calculate statistics about the unspent transaction output set.
Definition: coinstats.cpp:111
const fs::path SNAPSHOT_BLOCKHASH_FILENAME
The file in the snapshot chainstate dir which stores the base blockhash.
bool WriteSnapshotBaseBlockhash(Chainstate &snapshot_chainstate)
std::optional< fs::path > FindAssumeutxoChainstateDir(const fs::path &data_dir)
Return a path to the snapshot-based chainstate dir, if one exists.
bool WriteSnapshotBaseBlockhash(Chainstate &snapshot_chainstate) EXCLUSIVE_LOCKS_REQUIRED(std::optional< uint256 > ReadSnapshotBaseBlockhash(fs::path chaindir) EXCLUSIVE_LOCKS_REQUIRED(constexpr std::string_view SNAPSHOT_CHAINSTATE_SUFFIX
Write out the blockhash of the snapshot base block that was used to construct this chainstate.
std::unordered_map< uint256, CBlockIndex, BlockHasher > BlockMap
Definition: blockstorage.h:138
std::optional< uint256 > ReadSnapshotBaseBlockhash(fs::path chaindir)
constexpr NoRateLimitTag NO_RATE_LIMIT
Definition: log.h:50
bilingual_str ErrorString(const Result< T > &result)
Definition: result.h:93
std::string ToString(const T &t)
Locale-independent version of std::to_string.
Definition: string.h:249
auto Join(const C &container, const S &separator, UnaryOp unary_op)
Join all container items.
Definition: string.h:208
static feebumper::Result CheckFeeRate(const CWallet &wallet, const CMutableTransaction &mtx, const CFeeRate &newFeerate, const int64_t maxTxSize, CAmount old_fee, std::vector< bilingual_str > &errors)
Check if the user provided a valid feeRate.
Definition: feebumper.cpp:62
std::shared_ptr< Chain::Notifications > m_notifications
Definition: interfaces.cpp:496
bool IsChildWithParents(const Package &package)
Context-free check that a package is exactly one child and its parents; not all parents need to be pr...
Definition: packages.cpp:119
bool IsWellFormedPackage(const Package &txns, PackageValidationState &state)
Context-free package policy checks:
Definition: packages.cpp:79
uint256 GetPackageHash(const std::vector< CTransactionRef > &transactions)
Get the hash of the concatenated wtxids of transactions, with wtxids treated as a little-endian numbe...
Definition: packages.cpp:151
std::vector< CTransactionRef > Package
A package is an ordered list of transactions.
Definition: packages.h:45
@ PCKG_POLICY
The package itself is invalid (e.g. too many transactions).
@ PCKG_MEMPOOL_ERROR
Mempool logic error.
@ PCKG_TX
At least one tx is invalid.
std::optional< std::pair< DiagramCheckError, std::string > > ImprovesFeerateDiagram(CTxMemPool::ChangeSet &changeset)
The replacement transaction must improve the feerate diagram of the mempool.
Definition: rbf.cpp:127
std::optional< std::string > PaysForRBF(CAmount original_fees, CAmount replacement_fees, size_t replacement_vsize, CFeeRate relay_fee, const Txid &txid)
The replacement transaction must pay more fees than the original transactions.
Definition: rbf.cpp:100
std::optional< std::string > EntriesAndTxidsDisjoint(const CTxMemPool::setEntries &ancestors, const std::set< Txid > &direct_conflicts, const Txid &txid)
Check the intersection between two sets of transactions (a set of mempool entries and a set of txids)...
Definition: rbf.cpp:85
std::optional< std::string > GetEntriesForConflicts(const CTransaction &tx, CTxMemPool &pool, const CTxMemPool::setEntries &iters_conflicting, CTxMemPool::setEntries &all_conflicts)
Get all descendants of iters_conflicting.
Definition: rbf.cpp:58
@ FAILURE
New diagram wasn't strictly superior
TxValidationState ValidateInputsStandardness(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check transaction inputs.
Definition: policy.cpp:214
bool SpendsNonAnchorWitnessProg(const CTransaction &tx, const CCoinsViewCache &prevouts)
Check whether this transaction spends any witness program but P2A, including not-yet-defined ones.
Definition: policy.cpp:354
bool IsWitnessStandard(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check if the transaction is over standard P2WSH resources limit: 3600bytes witnessScript size,...
Definition: policy.cpp:265
bool IsStandardTx(const CTransaction &tx, const std::optional< unsigned > &max_datacarrier_bytes, bool permit_bare_multisig, const CFeeRate &dust_relay_fee, std::string &reason)
Check for standard transaction types.
Definition: policy.cpp:100
static constexpr script_verify_flags STANDARD_SCRIPT_VERIFY_FLAGS
Standard script verification flags that standard transactions will comply with.
Definition: policy.h:118
static constexpr unsigned int STANDARD_LOCKTIME_VERIFY_FLAGS
Used as the flags parameter to sequence and nLocktime checks in non-consensus code.
Definition: policy.h:137
static constexpr unsigned int MAX_STANDARD_TX_SIGOPS_COST
The maximum number of sigops we're willing to relay/mine in a single tx.
Definition: policy.h:44
static constexpr unsigned int MIN_STANDARD_TX_NONWITNESS_SIZE
The minimum non-witness size for transactions we're willing to relay/mine: one larger than 64
Definition: policy.h:40
static constexpr script_verify_flags STANDARD_NOT_MANDATORY_VERIFY_FLAGS
For convenience, standard but not mandatory verify flags.
Definition: policy.h:134
unsigned int GetNextWorkRequired(const CBlockIndex *pindexLast, const CBlockHeader *pblock, const Consensus::Params &params)
Definition: pow.cpp:14
bool CheckProofOfWork(uint256 hash, unsigned int nBits, const Consensus::Params &params)
Check whether a block hash satisfies the proof-of-work requirement specified by nBits.
Definition: pow.cpp:140
static constexpr TransactionSerParams TX_NO_WITNESS
Definition: transaction.h:181
static constexpr TransactionSerParams TX_WITH_WITNESS
Definition: transaction.h:180
static CTransactionRef MakeTransactionRef(Tx &&txIn)
Definition: transaction.h:404
std::shared_ptr< const CTransaction > CTransactionRef
Definition: transaction.h:403
uint256 GetRandHash() noexcept
Generate a random uint256.
Definition: random.h:463
const char * prefix
Definition: rest.cpp:1143
@ OP_RETURN
Definition: script.h:112
std::string ScriptErrorString(const ScriptError serror)
enum ScriptError_t ScriptError
@ SCRIPT_ERR_UNKNOWN_ERROR
Definition: script_error.h:14
uint64_t ReadCompactSize(Stream &is, bool range_check=true)
Decode a CompactSize-encoded variable-length integer.
Definition: serialize.h:333
uint64_t GetSerializeSize(const T &t)
Definition: serialize.h:1157
bool CheckSignetBlockSolution(const CBlock &block, const Consensus::Params &consensusParams)
Extract signature and check whether a block has a valid solution.
Definition: signet.cpp:126
unsigned char * UCharCast(char *c)
Definition: span.h:95
Holds configuration for use during UTXO snapshot load and validation.
Definition: chainparams.h:34
AssumeutxoHash hash_serialized
The expected hash of the deserialized UTXO set.
Definition: chainparams.h:38
uint64_t m_chain_tx_count
Used to populate the m_chain_tx_count value, which is used during BlockManager::LoadBlockIndex().
Definition: chainparams.h:44
Describes a place in the block chain to another node such that if the other node doesn't have the sam...
Definition: block.h:117
std::vector< uint256 > vHave
Definition: block.h:127
A mutable version of CTransaction.
Definition: transaction.h:358
std::vector< CTxOut > vout
Definition: transaction.h:360
std::vector< CTxIn > vin
Definition: transaction.h:359
Holds various statistics on transactions within a chain.
Definition: chainparams.h:57
User-controlled performance and debug options.
Definition: txdb.h:28
std::shared_ptr< const CBlock > pblock
const CBlockIndex * pindex
Parameters that influence chain consensus.
Definition: params.h:87
bool enforce_BIP94
Enforce BIP94 timewarp attack mitigation.
Definition: params.h:121
int64_t DifficultyAdjustmentInterval() const
Definition: params.h:129
bool signet_blocks
If true, witness commitments contain a payload equal to a Bitcoin Script solution to the signet chall...
Definition: params.h:139
int nSubsidyHalvingInterval
Definition: params.h:89
std::map< uint256, script_verify_flags > script_flag_exceptions
Hashes of blocks that.
Definition: params.h:96
int64_t nPowTargetSpacing
Definition: params.h:123
std::chrono::seconds PowTargetSpacing() const
Definition: params.h:125
Application-specific storage settings.
Definition: dbwrapper.h:38
fs::path path
Location in the filesystem where leveldb data will be stored.
Definition: dbwrapper.h:40
Data structure storing a fee and size.
Definition: feefrac.h:22
uint32_t nPos
Definition: flatfile.h:17
bool IsNull() const
Definition: flatfile.h:32
int32_t nFile
Definition: flatfile.h:16
int64_t time
Definition: mempool_entry.h:31
Validation result for a transaction evaluated by MemPoolAccept (single or package).
Definition: validation.h:131
const ResultType m_result_type
Result type.
Definition: validation.h:140
const TxValidationState m_state
Contains information about why the transaction failed.
Definition: validation.h:143
@ INVALID
‍Fully validated, valid.
static MempoolAcceptResult Failure(TxValidationState state)
Definition: validation.h:167
static MempoolAcceptResult FeeFailure(TxValidationState state, CFeeRate effective_feerate, const std::vector< Wtxid > &wtxids_fee_calculations)
Definition: validation.h:171
static MempoolAcceptResult MempoolTxDifferentWitness(const Wtxid &other_wtxid)
Definition: validation.h:190
static MempoolAcceptResult MempoolTx(int64_t vsize, CAmount fees)
Definition: validation.h:186
static MempoolAcceptResult Success(std::list< CTransactionRef > &&replaced_txns, int64_t vsize, CAmount fees, CFeeRate effective_feerate, const std::vector< Wtxid > &wtxids_fee_calculations)
Definition: validation.h:177
static time_point now() noexcept
Return current system time or mocked time, if set.
Definition: time.cpp:65
static time_point now() noexcept
Return current system time or mocked time, if set.
Definition: time.cpp:38
Validation result for package mempool acceptance.
Definition: validation.h:237
void Init(const T &tx, std::vector< CTxOut > &&spent_outputs, bool force=false)
Initialize this PrecomputedTransactionData with transaction data.
bool m_spent_outputs_ready
Whether m_spent_outputs is initialized.
Definition: interpreter.h:183
std::vector< CTxOut > m_spent_outputs
Definition: interpreter.h:181
const char * what() const noexcept override
Bilingual messages:
Definition: translation.h:24
std::string original
Definition: translation.h:25
An options struct for BlockManager, more ergonomically referred to as BlockManager::Options due to th...
An options struct for ChainstateManager, more ergonomically referred to as ChainstateManager::Options...
std::optional< int32_t > check_block_index
std::chrono::seconds max_tip_age
If the tip is older than this, the node is considered to be in initial block download.
Information about chainstate that notifications are sent from.
Definition: types.h:18
bool validated
Whether this is a notification from a chainstate that's been fully validated starting from the genesi...
Definition: types.h:22
#define AssertLockNotHeld(cs)
Definition: sync.h:149
#define LOCK(cs)
Definition: sync.h:268
#define WITH_LOCK(cs, code)
Run code while locking a mutex.
Definition: sync.h:299
CDBWrapper db
Definition: dbwrapper.cpp:372
#define EXCLUSIVE_LOCKS_REQUIRED(...)
Definition: threadsafety.h:49
#define LOCKS_EXCLUDED(...)
Definition: threadsafety.h:48
#define LOG_TIME_MILLIS_WITH_CATEGORY(end_msg, log_category)
Definition: timer.h:103
#define LOG_TIME_MILLIS_WITH_CATEGORY_MSG_ONCE(end_msg, log_category)
Definition: timer.h:105
#define strprintf
Format arguments and return the string or write to given std::ostream (see tinyformat::format doc for...
Definition: tinyformat.h:1172
#define TRACEPOINT(context,...)
Definition: trace.h:56
consteval auto _(util::TranslatedLiteral str)
Definition: translation.h:79
bilingual_str Untranslated(std::string original)
Mark a bilingual_str as untranslated.
Definition: translation.h:82
std::optional< std::pair< std::string, CTransactionRef > > SingleTRUCChecks(const CTxMemPool &pool, const CTransactionRef &ptx, const std::vector< CTxMemPoolEntry::CTxMemPoolEntryRef > &mempool_parents, const std::set< Txid > &direct_conflicts, int64_t vsize)
Must be called for every transaction, even if not TRUC.
std::optional< std::string > PackageTRUCChecks(const CTxMemPool &pool, const CTransactionRef &ptx, int64_t vsize, const Package &package, const std::vector< CTxMemPoolEntry::CTxMemPoolEntryRef > &mempool_parents)
Must be called for every transaction that is submitted within a package, even if not TRUC.
Definition: truc_policy.cpp:57
bool CheckTransaction(const CTransaction &tx, TxValidationState &state)
Definition: tx_check.cpp:11
bool EvaluateSequenceLocks(const CBlockIndex &block, std::pair< int, int64_t > lockPair)
Definition: tx_verify.cpp:97
std::pair< int, int64_t > CalculateSequenceLocks(const CTransaction &tx, int flags, std::vector< int > &prevHeights, const CBlockIndex &block)
Calculates the block height and previous block's median time past at which the transaction will be co...
Definition: tx_verify.cpp:39
int64_t GetTransactionSigOpCost(const CTransaction &tx, const CCoinsViewCache &inputs, script_verify_flags flags)
Compute total signature operation cost of a transaction.
Definition: tx_verify.cpp:143
unsigned int GetLegacySigOpCount(const CTransaction &tx)
Auxiliary functions for transaction validation (ideally should not be exposed)
Definition: tx_verify.cpp:112
bool SequenceLocks(const CTransaction &tx, int flags, std::vector< int > &prevHeights, const CBlockIndex &block)
Check if transaction is final per BIP 68 sequence numbers and can be included in a block.
Definition: tx_verify.cpp:107
bool IsFinalTx(const CTransaction &tx, int nBlockHeight, int64_t nBlockTime)
Check if transaction is final and can be included in a block with the specified height and time.
Definition: tx_verify.cpp:17
bool TestLockPointValidity(CChain &active_chain, const LockPoints &lp)
Test whether the LockPoints height and time are still valid on the current chain.
Definition: txmempool.cpp:40
static const uint32_t MEMPOOL_HEIGHT
Fake height value used in Coin to signify they are only in the memory pool (since 0....
Definition: txmempool.h:50
#define expect(bit)
int64_t GetTime()
DEPRECATED Use either ClockType::now() or Now<TimePointType>() if a cast is needed.
Definition: time.cpp:89
std::string FormatISO8601DateTime(int64_t nTime)
ISO 8601 formatting is preferred.
Definition: time.cpp:91
constexpr int64_t count_seconds(std::chrono::seconds t)
Definition: time.h:97
std::chrono::time_point< NodeClock, std::chrono::seconds > NodeSeconds
Definition: time.h:35
PackageMempoolAcceptResult ProcessNewPackage(Chainstate &active_chainstate, CTxMemPool &pool, const Package &package, bool test_accept, const std::optional< CFeeRate > &client_maxfeerate)
Validate (and maybe submit) a package to the mempool.
static void LimitMempoolSize(CTxMemPool &pool, CCoinsViewCache &coins_cache) EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.cpp:272
bool IsBlockMutated(const CBlock &block, bool check_witness_root)
Check if a block has been mutated (with respect to its merkle root and witness commitments).
script_verify_flags GetBlockScriptFlags(const CBlockIndex &block_index, const ChainstateManager &chainman)
std::optional< LockPoints > CalculateLockPointsAtTip(CBlockIndex *tip, const CCoinsView &coins_view, const CTransaction &tx)
Definition: validation.cpp:209
static bool pool cs
Definition: validation.cpp:408
bool CheckInputScripts(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &inputs, script_verify_flags flags, bool cacheSigStore, bool cacheFullScriptStore, PrecomputedTransactionData &txdata, ValidationCache &validation_cache, std::vector< CScriptCheck > *pvChecks=nullptr) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Check whether all of this transaction's input scripts succeed.
bool CheckFinalTxAtTip(const CBlockIndex &active_chain_tip, const CTransaction &tx)
Definition: validation.cpp:155
CAmount GetBlockSubsidy(int nHeight, const Consensus::Params &consensusParams)
MempoolAcceptResult AcceptToMemoryPool(Chainstate &active_chainstate, const CTransactionRef &tx, int64_t accept_time, bool bypass_limits, bool test_accept)
Try to add a transaction to the mempool.
bool HasValidProofOfWork(std::span< const CBlockHeader > headers, const Consensus::Params &consensusParams)
Check that the proof of work on each blockheader matches the value in nBits.
int ApplyTxInUndo(Coin &&undo, CCoinsViewCache &view, const COutPoint &out)
Restore the UTXO in a Coin at a given COutPoint.
static bool ContextualCheckBlock(const CBlock &block, BlockValidationState &state, const ChainstateManager &chainman, const CBlockIndex *pindexPrev)
NOTE: This function is not currently invoked by ConnectBlock(), so we should consider upgrade issues ...
bool FatalError(Notifications &notifications, BlockValidationState &state, const bilingual_str &message)
bool CheckSequenceLocksAtTip(CBlockIndex *tip, const LockPoints &lock_points)
Check if transaction will be BIP68 final in the next block to be created on top of tip.
Definition: validation.cpp:254
static bool ContextualCheckBlockHeader(const CBlockHeader &block, BlockValidationState &state, const ChainstateManager &chainman, const CBlockIndex *pindexPrev) EXCLUSIVE_LOCKS_REQUIRED(
Context-dependent validity checks.
static ChainstateManager::Options && Flatten(ChainstateManager::Options &&opts)
Apply default chain params to nullopt members.
static void UpdateTipLog(const ChainstateManager &chainman, const CCoinsViewCache &coins_tip, const CBlockIndex *tip, const std::string &func_name, const std::string &prefix, const std::string &warning_messages, const bool background_validation) EXCLUSIVE_LOCKS_REQUIRED(
static bool CheckInputsFromMempoolAndCache(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &view, const CTxMemPool &pool, script_verify_flags flags, PrecomputedTransactionData &txdata, CCoinsViewCache &coins_tip, ValidationCache &validation_cache) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Checks to avoid mempool polluting consensus critical paths since cached signature and script validity...
static constexpr auto DATABASE_WRITE_INTERVAL_MAX
Definition: validation.cpp:98
static bool CheckWitnessMalleation(const CBlock &block, bool expect_witness_commitment, BlockValidationState &state)
CheckWitnessMalleation performs checks for block malleation with regard to its witnesses.
void UpdateCoins(const CTransaction &tx, CCoinsViewCache &inputs, CTxUndo &txundo, int nHeight)
static bool DeleteCoinsDBFromDisk(const fs::path db_path, bool is_snapshot) EXCLUSIVE_LOCKS_REQUIRED(
static bool CheckMerkleRoot(const CBlock &block, BlockValidationState &state)
static constexpr int PRUNE_LOCK_BUFFER
The number of blocks to keep below the deepest prune lock.
Definition: validation.cpp:114
arith_uint256 CalculateClaimedHeadersWork(std::span< const CBlockHeader > headers)
Return the sum of the claimed work on a given set of headers.
const std::vector< std::string > CHECKLEVEL_DOC
Documentation for argument 'checklevel'.
Definition: validation.cpp:101
bool CheckBlock(const CBlock &block, BlockValidationState &state, const Consensus::Params &consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
Functions for validating blocks and updating the block tree.
static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE
Maximum age of our tip for us to be considered current for fee estimation.
Definition: validation.cpp:100
void PruneBlockFilesManual(Chainstate &active_chainstate, int nManualPruneHeight)
Prune block files up to a given height.
static void FlushSnapshotToDisk(CCoinsViewCache &coins_cache, bool snapshot_loaded)
static bool IsCurrentForFeeEstimation(Chainstate &active_chainstate) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Definition: validation.cpp:288
static constexpr auto DATABASE_WRITE_INTERVAL_MIN
Time window to wait between writing blocks/block index and chainstate to disk.
Definition: validation.cpp:97
AssertLockHeld(pool.cs)
BlockValidationState TestBlockValidity(Chainstate &chainstate, const CBlock &block, const bool check_pow, const bool check_merkle_root)
Verify a block, including transactions.
static bool CheckBlockHeader(const CBlockHeader &block, BlockValidationState &state, const Consensus::Params &consensusParams, bool fCheckPOW=true)
bool IsBIP30Repeat(const CBlockIndex &block_index)
Identifies blocks that overwrote an existing coinbase output in the UTXO set (see BIP30)
static void SnapshotUTXOHashBreakpoint(const util::SignalInterrupt &interrupt)
static bool ShouldCompactChainstate(bool in_ibd)
Definition: validation.cpp:117
static SynchronizationState GetSynchronizationState(bool init, bool blockfiles_indexed)
bool IsBIP30Unspendable(const uint256 &block_hash, int block_height)
Identifies blocks which coinbase output was subsequently overwritten in the UTXO set (see BIP30)
TRACEPOINT_SEMAPHORE(validation, block_connected)
static void LimitValidationInterfaceQueue(ValidationSignals &signals) LOCKS_EXCLUDED(cs_main)
assert(!tx.IsCoinBase())
static constexpr int MAX_SCRIPTCHECK_THREADS
Maximum number of dedicated script-checking threads allowed.
Definition: validation.h:90
static const unsigned int MIN_BLOCKS_TO_KEEP
Block files containing a block-height within MIN_BLOCKS_TO_KEEP of ActiveChain().Tip() will not be pr...
Definition: validation.h:76
SnapshotCompletionResult
Definition: validation.h:900
Assumeutxo
Chainstate assumeutxo validity.
Definition: validation.h:527
@ VALIDATED
Every block in the chain has been validated.
@ UNVALIDATED
Blocks after an assumeutxo snapshot have been validated but the snapshot itself has not been validate...
@ INVALID
The assumeutxo snapshot failed validation.
SynchronizationState
Current sync state passed to tip changed callbacks.
Definition: validation.h:93
constexpr std::array FlushStateModeNames
Definition: validation.h:461
constexpr int64_t LargeCoinsCacheThreshold(int64_t total_space) noexcept
Definition: validation.h:518
VerifyDBResult
Definition: validation.h:426
FlushStateMode
Definition: validation.h:462
CoinsCacheSizeState
Definition: validation.h:510
@ LARGE
The cache is at >= 90% capacity.
@ CRITICAL
The coins cache is in immediate need of a flush.
DisconnectResult
Definition: validation.h:452
@ DISCONNECT_FAILED
Definition: validation.h:455
@ DISCONNECT_UNCLEAN
Definition: validation.h:454
@ DISCONNECT_OK
Definition: validation.h:453