Bitcoin Core 31.99.0
P2P Digital Currency
validation.cpp
Go to the documentation of this file.
1// Copyright (c) 2009-2010 Satoshi Nakamoto
2// Copyright (c) 2009-present The Bitcoin Core developers
3// Distributed under the MIT software license, see the accompanying
4// file COPYING or http://www.opensource.org/licenses/mit-license.php.
5
6#include <bitcoin-build-config.h> // IWYU pragma: keep
7
8#include <validation.h>
9
10#include <arith_uint256.h>
11#include <chain.h>
12#include <checkqueue.h>
13#include <clientversion.h>
14#include <consensus/amount.h>
15#include <consensus/consensus.h>
16#include <consensus/merkle.h>
17#include <consensus/tx_check.h>
18#include <consensus/tx_verify.h>
20#include <cuckoocache.h>
21#include <flatfile.h>
22#include <hash.h>
23#include <kernel/chainparams.h>
24#include <kernel/coinstats.h>
29#include <kernel/types.h>
30#include <kernel/warning.h>
31#include <logging/timer.h>
32#include <node/blockstorage.h>
33#include <node/utxo_snapshot.h>
35#include <policy/policy.h>
36#include <policy/rbf.h>
37#include <policy/settings.h>
38#include <policy/truc_policy.h>
39#include <pow.h>
40#include <primitives/block.h>
42#include <random.h>
43#include <script/script.h>
44#include <script/sigcache.h>
45#include <signet.h>
46#include <tinyformat.h>
47#include <txdb.h>
48#include <txmempool.h>
49#include <uint256.h>
50#include <undo.h>
51#include <util/byte_units.h>
52#include <util/check.h>
53#include <util/fs.h>
54#include <util/fs_helpers.h>
55#include <util/hasher.h>
56#include <util/log.h>
57#include <util/moneystr.h>
58#include <util/rbf.h>
59#include <util/result.h>
61#include <util/strencodings.h>
62#include <util/string.h>
63#include <util/threadpool.h>
64#include <util/time.h>
65#include <util/trace.h>
66#include <util/translation.h>
67#include <validationinterface.h>
68
69#include <algorithm>
70#include <cassert>
71#include <chrono>
72#include <deque>
73#include <numeric>
74#include <optional>
75#include <ranges>
76#include <span>
77#include <string>
78#include <tuple>
79#include <utility>
80
86
89using node::BlockMap;
93
98static constexpr auto DATABASE_WRITE_INTERVAL_MIN{50min};
99static constexpr auto DATABASE_WRITE_INTERVAL_MAX{70min};
101static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE{3};
102const std::vector<std::string> CHECKLEVEL_DOC {
103 "level 0 reads the blocks from disk",
104 "level 1 verifies block validity",
105 "level 2 verifies undo data",
106 "level 3 checks disconnection of tip blocks",
107 "level 4 tries to reconnect the blocks",
108 "each level includes the checks of the previous levels",
109};
115static constexpr int PRUNE_LOCK_BUFFER{10};
116
117// Return whether the completed full flush should compact chainstate
118static bool ShouldCompactChainstate(bool in_ibd)
119{
120 static constexpr uint32_t flush_ratio{320}; // Roughly every 2 weeks with hourly flushes
121 return !in_ibd && FastRandomContext().randrange(flush_ratio) == 0;
122}
123
124TRACEPOINT_SEMAPHORE(validation, block_connected);
126TRACEPOINT_SEMAPHORE(mempool, replaced);
127TRACEPOINT_SEMAPHORE(mempool, rejected);
128
130{
132
133 // Find the latest block common to locator and chain - we expect that
134 // locator.vHave is sorted descending by height.
135 for (const uint256& hash : locator.vHave) {
136 const CBlockIndex* pindex{m_blockman.LookupBlockIndex(hash)};
137 if (pindex) {
138 if (m_chain.Contains(*pindex)) {
139 return pindex;
140 }
141 if (pindex->GetAncestor(m_chain.Height()) == m_chain.Tip()) {
142 return m_chain.Tip();
143 }
144 }
145 }
146 return m_chain.Genesis();
147}
148
150 const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
151 bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
152 ValidationCache& validation_cache,
153 std::vector<CScriptCheck>* pvChecks = nullptr)
155
156bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx)
157{
159
160 // CheckFinalTxAtTip() uses active_chain_tip.Height()+1 to evaluate
161 // nLockTime because when IsFinalTx() is called within
162 // AcceptBlock(), the height of the block *being*
163 // evaluated is what is used. Thus if we want to know if a
164 // transaction can be part of the *next* block, we need to call
165 // IsFinalTx() with one more than active_chain_tip.Height().
166 const int nBlockHeight = active_chain_tip.nHeight + 1;
167
168 // BIP113 requires that time-locked transactions have nLockTime set to
169 // less than the median time of the previous block they're contained in.
170 // When the next block is created its previous block will be the current
171 // chain tip, so we use that to calculate the median time passed to
172 // IsFinalTx().
173 const int64_t nBlockTime{active_chain_tip.GetMedianTimePast()};
174
175 return IsFinalTx(tx, nBlockHeight, nBlockTime);
176}
177
178namespace {
189std::optional<std::vector<int>> CalculatePrevHeights(
190 const CBlockIndex& tip,
191 const CCoinsView& coins,
192 const CTransaction& tx)
193{
194 std::vector<int> prev_heights;
195 prev_heights.resize(tx.vin.size());
196 for (size_t i = 0; i < tx.vin.size(); ++i) {
197 if (auto coin{coins.GetCoin(tx.vin[i].prevout)}) {
198 prev_heights[i] = coin->nHeight == MEMPOOL_HEIGHT
199 ? tip.nHeight + 1 // Assume all mempool transaction confirm in the next block.
200 : coin->nHeight;
201 } else {
202 LogInfo("ERROR: %s: Missing input %d in transaction \'%s\'\n", __func__, i, tx.GetHash().GetHex());
203 return std::nullopt;
204 }
205 }
206 return prev_heights;
207}
208} // namespace
209
210std::optional<LockPoints> CalculateLockPointsAtTip(
211 CBlockIndex* tip,
212 const CCoinsView& coins_view,
213 const CTransaction& tx)
214{
215 assert(tip);
216
217 auto prev_heights{CalculatePrevHeights(*tip, coins_view, tx)};
218 if (!prev_heights.has_value()) return std::nullopt;
219
220 CBlockIndex next_tip;
221 next_tip.pprev = tip;
222 // When SequenceLocks() is called within ConnectBlock(), the height
223 // of the block *being* evaluated is what is used.
224 // Thus if we want to know if a transaction can be part of the
225 // *next* block, we need to use one more than active_chainstate.m_chain.Height()
226 next_tip.nHeight = tip->nHeight + 1;
227 const auto [min_height, min_time] = CalculateSequenceLocks(tx, STANDARD_LOCKTIME_VERIFY_FLAGS, prev_heights.value(), next_tip);
228
229 // Also store the hash of the block with the highest height of
230 // all the blocks which have sequence locked prevouts.
231 // This hash needs to still be on the chain
232 // for these LockPoint calculations to be valid
233 // Note: It is impossible to correctly calculate a maxInputBlock
234 // if any of the sequence locked inputs depend on unconfirmed txs,
235 // except in the special case where the relative lock time/height
236 // is 0, which is equivalent to no sequence lock. Since we assume
237 // input height of tip+1 for mempool txs and test the resulting
238 // min_height and min_time from CalculateSequenceLocks against tip+1.
239 int max_input_height{0};
240 for (const int height : prev_heights.value()) {
241 // Can ignore mempool inputs since we'll fail if they had non-zero locks
242 if (height != next_tip.nHeight) {
243 max_input_height = std::max(max_input_height, height);
244 }
245 }
246
247 // tip->GetAncestor(max_input_height) should never return a nullptr
248 // because max_input_height is always less than the tip height.
249 // It would, however, be a bad bug to continue execution, since a
250 // LockPoints object with the maxInputBlock member set to nullptr
251 // signifies no relative lock time.
252 return LockPoints{min_height, min_time, Assert(tip->GetAncestor(max_input_height))};
253}
254
256 const LockPoints& lock_points)
257{
258 assert(tip != nullptr);
259
260 CBlockIndex index;
261 index.pprev = tip;
262 // CheckSequenceLocksAtTip() uses active_chainstate.m_chain.Height()+1 to evaluate
263 // height based locks because when SequenceLocks() is called within
264 // ConnectBlock(), the height of the block *being*
265 // evaluated is what is used.
266 // Thus if we want to know if a transaction can be part of the
267 // *next* block, we need to use one more than active_chainstate.m_chain.Height()
268 index.nHeight = tip->nHeight + 1;
269
270 return EvaluateSequenceLocks(index, {lock_points.height, lock_points.time});
271}
272
273static void LimitMempoolSize(CTxMemPool& pool, CCoinsViewCache& coins_cache)
275{
277 AssertLockHeld(pool.cs);
278 int expired = pool.Expire(GetTime<std::chrono::seconds>() - pool.m_opts.expiry);
279 if (expired != 0) {
280 LogDebug(BCLog::MEMPOOL, "Expired %i transactions from the memory pool\n", expired);
281 }
282
283 std::vector<COutPoint> vNoSpendsRemaining;
284 pool.TrimToSize(pool.m_opts.max_size_bytes, &vNoSpendsRemaining);
285 for (const COutPoint& removed : vNoSpendsRemaining)
286 coins_cache.Uncache(removed);
287}
288
290{
292 if (active_chainstate.m_chainman.IsInitialBlockDownload()) {
293 return false;
294 }
295 if (active_chainstate.m_chain.Tip()->GetBlockTime() < count_seconds(GetTime<std::chrono::seconds>() - MAX_FEE_ESTIMATION_TIP_AGE))
296 return false;
297 if (active_chainstate.m_chain.Height() < active_chainstate.m_chainman.m_best_header->nHeight - 1) {
298 return false;
299 }
300 return true;
301}
302
304 DisconnectedBlockTransactions& disconnectpool,
305 bool fAddToMempool)
306{
307 if (!m_mempool) return;
308
311 std::vector<Txid> vHashUpdate;
312 {
313 // disconnectpool is ordered so that the front is the most recently-confirmed
314 // transaction (the last tx of the block at the tip) in the disconnected chain.
315 // Iterate disconnectpool in reverse, so that we add transactions
316 // back to the mempool starting with the earliest transaction that had
317 // been previously seen in a block.
318 const auto queuedTx = disconnectpool.take();
319 auto it = queuedTx.rbegin();
320 while (it != queuedTx.rend()) {
321 // ignore validation errors in resurrected transactions
322 if (!fAddToMempool || (*it)->IsCoinBase() ||
323 AcceptToMemoryPool(*this, *it, GetTime(),
324 /*bypass_limits=*/true, /*test_accept=*/false).m_result_type !=
326 // If the transaction doesn't make it in to the mempool, remove any
327 // transactions that depend on it (which would now be orphans).
329 } else if (m_mempool->exists((*it)->GetHash())) {
330 vHashUpdate.push_back((*it)->GetHash());
331 }
332 ++it;
333 }
334 }
335
336 // AcceptToMemoryPool/addNewTransaction all assume that new mempool entries have
337 // no in-mempool children, which is generally not true when adding
338 // previously-confirmed transactions back to the mempool.
339 // UpdateTransactionsFromBlock finds descendants of any transactions in
340 // the disconnectpool that were added back and cleans up the mempool state.
342
343 // Predicate to use for filtering transactions in removeForReorg.
344 // Checks whether the transaction is still final and, if it spends a coinbase output, mature.
345 // Also updates valid entries' cached LockPoints if needed.
346 // If false, the tx is still valid and its lockpoints are updated.
347 // If true, the tx would be invalid in the next block; remove this entry and all of its descendants.
348 // Note that TRUC rules are not applied here, so reorgs may cause violations of TRUC inheritance or
349 // topology restrictions.
350 const auto filter_final_and_mature = [&](CTxMemPool::txiter it)
354 const CTransaction& tx = it->GetTx();
355
356 // The transaction must be final.
357 if (!CheckFinalTxAtTip(*Assert(m_chain.Tip()), tx)) return true;
358
359 const LockPoints& lp = it->GetLockPoints();
360 // CheckSequenceLocksAtTip checks if the transaction will be final in the next block to be
361 // created on top of the new chain.
364 return true;
365 }
366 } else {
367 const CCoinsViewMemPool view_mempool{&CoinsTip(), *m_mempool};
368 const std::optional<LockPoints> new_lock_points{CalculateLockPointsAtTip(m_chain.Tip(), view_mempool, tx)};
369 if (new_lock_points.has_value() && CheckSequenceLocksAtTip(m_chain.Tip(), *new_lock_points)) {
370 // Now update the mempool entry lockpoints as well.
371 it->UpdateLockPoints(*new_lock_points);
372 } else {
373 return true;
374 }
375 }
376
377 // If the transaction spends any coinbase outputs, it must be mature.
378 if (it->GetSpendsCoinbase()) {
379 for (const CTxIn& txin : tx.vin) {
380 if (m_mempool->exists(txin.prevout.hash)) continue;
381 const Coin& coin{CoinsTip().AccessCoin(txin.prevout)};
382 assert(!coin.IsSpent());
383 const auto mempool_spend_height{m_chain.Tip()->nHeight + 1};
384 if (coin.IsCoinBase() && mempool_spend_height - coin.nHeight < COINBASE_MATURITY) {
385 return true;
386 }
387 }
388 }
389 // Transaction is still valid and cached LockPoints are updated.
390 return false;
391 };
392
393 // We also need to remove any now-immature transactions
394 m_mempool->removeForReorg(m_chain, filter_final_and_mature);
395 // Re-limit mempool size, in case we added any transactions
397}
398
405 const CCoinsViewCache& view, const CTxMemPool& pool,
407 ValidationCache& validation_cache)
409{
412
414 for (const CTxIn& txin : tx.vin) {
415 const Coin& coin = view.AccessCoin(txin.prevout);
416
417 // This coin was checked in PreChecks and MemPoolAccept
418 // has been holding cs_main since then.
419 Assume(!coin.IsSpent());
420 if (coin.IsSpent()) return false;
421
422 // If the Coin is available, there are 2 possibilities:
423 // it is available in our current ChainstateActive UTXO set,
424 // or it's a UTXO provided by a transaction in our mempool.
425 // Ensure the scriptPubKeys in Coins from CoinsView are correct.
426 const CTransactionRef& txFrom = pool.get(txin.prevout.hash);
427 if (txFrom) {
428 assert(txFrom->GetHash() == txin.prevout.hash);
429 assert(txFrom->vout.size() > txin.prevout.n);
430 assert(txFrom->vout[txin.prevout.n] == coin.out);
431 } else {
432 const Coin& coinFromUTXOSet = coins_tip.AccessCoin(txin.prevout);
433 assert(!coinFromUTXOSet.IsSpent());
434 assert(coinFromUTXOSet.out == coin.out);
435 }
436 }
437
438 // Call CheckInputScripts() to cache signature and script validity against current tip consensus rules.
439 return CheckInputScripts(tx, state, view, flags, /* cacheSigStore= */ true, /* cacheFullScriptStore= */ true, txdata, validation_cache);
440}
441
442namespace {
443
444class MemPoolAccept
445{
446public:
447 explicit MemPoolAccept(CTxMemPool& mempool, Chainstate& active_chainstate) :
448 m_pool(mempool),
449 m_view(&CoinsViewEmpty::Get()),
450 m_viewmempool(&active_chainstate.CoinsTip(), m_pool),
451 m_active_chainstate(active_chainstate)
452 {
453 }
454
455 // We put the arguments we're handed into a struct, so we can pass them
456 // around easier.
457 struct ATMPArgs {
458 const CChainParams& m_chainparams;
459 const int64_t m_accept_time;
460 const bool m_bypass_limits;
461 /*
462 * Return any outpoints which were not previously present in the coins
463 * cache, but were added as a result of validating the tx for mempool
464 * acceptance. This allows the caller to optionally remove the cache
465 * additions if the associated transaction ends up being rejected by
466 * the mempool.
467 */
468 std::vector<COutPoint>& m_coins_to_uncache;
470 const bool m_test_accept;
474 const bool m_allow_replacement;
476 const bool m_allow_sibling_eviction;
479 const bool m_package_submission;
483 const bool m_package_feerates;
488 const std::optional<CFeeRate> m_client_maxfeerate;
489
491 static ATMPArgs SingleAccept(const CChainParams& chainparams, int64_t accept_time,
492 bool bypass_limits, std::vector<COutPoint>& coins_to_uncache,
493 bool test_accept) {
494 return ATMPArgs{/*chainparams=*/ chainparams,
495 /*accept_time=*/ accept_time,
496 /*bypass_limits=*/ bypass_limits,
497 /*coins_to_uncache=*/ coins_to_uncache,
498 /*test_accept=*/ test_accept,
499 /*allow_replacement=*/ true,
500 /*allow_sibling_eviction=*/ true,
501 /*package_submission=*/ false,
502 /*package_feerates=*/ false,
503 /*client_maxfeerate=*/ {}, // checked by caller
504 };
505 }
506
508 static ATMPArgs PackageTestAccept(const CChainParams& chainparams, int64_t accept_time,
509 std::vector<COutPoint>& coins_to_uncache) {
510 return ATMPArgs{/*chainparams=*/ chainparams,
511 /*accept_time=*/ accept_time,
512 /*bypass_limits=*/ false,
513 /*coins_to_uncache=*/ coins_to_uncache,
514 /*test_accept=*/ true,
515 /*allow_replacement=*/ false,
516 /*allow_sibling_eviction=*/ false,
517 /*package_submission=*/ false, // not submitting to mempool
518 /*package_feerates=*/ false,
519 /*client_maxfeerate=*/ {}, // checked by caller
520 };
521 }
522
524 static ATMPArgs PackageChildWithParents(const CChainParams& chainparams, int64_t accept_time,
525 std::vector<COutPoint>& coins_to_uncache, const std::optional<CFeeRate>& client_maxfeerate) {
526 return ATMPArgs{/*chainparams=*/ chainparams,
527 /*accept_time=*/ accept_time,
528 /*bypass_limits=*/ false,
529 /*coins_to_uncache=*/ coins_to_uncache,
530 /*test_accept=*/ false,
531 /*allow_replacement=*/ true,
532 /*allow_sibling_eviction=*/ false,
533 /*package_submission=*/ true,
534 /*package_feerates=*/ true,
535 /*client_maxfeerate=*/ client_maxfeerate,
536 };
537 }
538
540 static ATMPArgs SingleInPackageAccept(const ATMPArgs& package_args) {
541 return ATMPArgs{/*chainparams=*/ package_args.m_chainparams,
542 /*accept_time=*/ package_args.m_accept_time,
543 /*bypass_limits=*/ false,
544 /*coins_to_uncache=*/ package_args.m_coins_to_uncache,
545 /*test_accept=*/ package_args.m_test_accept,
546 /*allow_replacement=*/ true,
547 /*allow_sibling_eviction=*/ true,
548 /*package_submission=*/ true, // trim at the end of AcceptPackage()
549 /*package_feerates=*/ false, // only 1 transaction
550 /*client_maxfeerate=*/ package_args.m_client_maxfeerate,
551 };
552 }
553
554 private:
555 // Private ctor to avoid exposing details to clients and allowing the possibility of
556 // mixing up the order of the arguments. Use static functions above instead.
557 ATMPArgs(const CChainParams& chainparams,
558 int64_t accept_time,
559 bool bypass_limits,
560 std::vector<COutPoint>& coins_to_uncache,
561 bool test_accept,
562 bool allow_replacement,
563 bool allow_sibling_eviction,
564 bool package_submission,
565 bool package_feerates,
566 std::optional<CFeeRate> client_maxfeerate)
567 : m_chainparams{chainparams},
568 m_accept_time{accept_time},
569 m_bypass_limits{bypass_limits},
570 m_coins_to_uncache{coins_to_uncache},
571 m_test_accept{test_accept},
572 m_allow_replacement{allow_replacement},
573 m_allow_sibling_eviction{allow_sibling_eviction},
574 m_package_submission{package_submission},
575 m_package_feerates{package_feerates},
576 m_client_maxfeerate{client_maxfeerate}
577 {
578 // If we are using package feerates, we must be doing package submission.
579 // It also means sibling eviction is not permitted.
580 if (m_package_feerates) {
581 Assume(m_package_submission);
582 Assume(!m_allow_sibling_eviction);
583 }
584 if (m_allow_sibling_eviction) Assume(m_allow_replacement);
585 }
586 };
587
589 void CleanupTemporaryCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
590
591 // Single transaction acceptance
592 MempoolAcceptResult AcceptSingleTransactionAndCleanup(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
593 LOCK(m_pool.cs);
594 MempoolAcceptResult result = AcceptSingleTransactionInternal(ptx, args);
595 ClearSubPackageState();
596 return result;
597 }
598 MempoolAcceptResult AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
599
605 PackageMempoolAcceptResult AcceptMultipleTransactionsAndCleanup(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
606 LOCK(m_pool.cs);
607 PackageMempoolAcceptResult result = AcceptMultipleTransactionsInternal(txns, args);
608 ClearSubPackageState();
609 return result;
610 }
611 PackageMempoolAcceptResult AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
612
623 PackageMempoolAcceptResult AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
625
630 PackageMempoolAcceptResult AcceptPackage(const Package& package, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
631
632private:
633 // All the intermediate state that gets passed between the various levels
634 // of checking a given transaction.
635 struct Workspace {
636 explicit Workspace(const CTransactionRef& ptx) : m_ptx(ptx), m_hash(ptx->GetHash()) {}
639 std::set<Txid> m_conflicts;
642 CTxMemPool::setEntries m_iters_conflicting;
644 std::vector<CTxMemPoolEntry::CTxMemPoolEntryRef> m_parents;
645 /* Handle to the tx in the changeset */
649 bool m_sibling_eviction{false};
650
653 int64_t m_vsize;
655 CAmount m_base_fees;
657 CAmount m_modified_fees;
658
662 CFeeRate m_package_feerate{0};
663
664 const CTransactionRef& m_ptx;
666 const Txid& m_hash;
670 PrecomputedTransactionData m_precomputed_txdata;
671 };
672
673 // Run the policy checks on a given transaction, excluding any script checks.
674 // Looks up inputs, calculates feerate, considers replacement, evaluates
675 // package limits, etc. As this function can be invoked for "free" by a peer,
676 // only tests that are fast should be done here (to avoid CPU DoS).
677 bool PreChecks(ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
678
679 // Run checks for mempool replace-by-fee, only used in AcceptSingleTransaction.
680 bool ReplacementChecks(Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
681
682 bool PackageRBFChecks(const std::vector<CTransactionRef>& txns,
683 std::vector<Workspace>& workspaces,
684 int64_t total_vsize,
685 PackageValidationState& package_state) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
686
687 // Run the script checks using our policy flags. As this can be slow, we should
688 // only invoke this on transactions that have otherwise passed policy checks.
689 bool PolicyScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
690
691 // Re-run the script checks, using consensus flags, and try to cache the
692 // result in the scriptcache. This should be done after
693 // PolicyScriptChecks(). This requires that all inputs either be in our
694 // utxo set or in the mempool.
695 bool ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
696
697 // Try to add the transaction to the mempool, removing any conflicts first.
698 void FinalizeSubpackage(const ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
699
700 // Submit all transactions to the mempool and call ConsensusScriptChecks to add to the script
701 // cache - should only be called after successful validation of all transactions in the package.
702 // Does not call LimitMempoolSize(), so mempool max_size_bytes may be temporarily exceeded.
703 bool SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces, PackageValidationState& package_state,
704 std::map<Wtxid, MempoolAcceptResult>& results)
706
707 // Compare a package's feerate against minimum allowed.
708 bool CheckFeeRate(size_t package_size, CAmount package_fee, TxValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs)
709 {
711 AssertLockHeld(m_pool.cs);
712 CAmount mempoolRejectFee = m_pool.GetMinFee().GetFee(package_size);
713 if (mempoolRejectFee > 0 && package_fee < mempoolRejectFee) {
714 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool min fee not met", strprintf("%d < %d", package_fee, mempoolRejectFee));
715 }
716
717 if (package_fee < m_pool.m_opts.min_relay_feerate.GetFee(package_size)) {
718 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "min relay fee not met",
719 strprintf("%d < %d", package_fee, m_pool.m_opts.min_relay_feerate.GetFee(package_size)));
720 }
721 return true;
722 }
723
724 ValidationCache& GetValidationCache()
725 {
726 return m_active_chainstate.m_chainman.m_validation_cache;
727 }
728
729private:
730 CTxMemPool& m_pool;
731
743 CCoinsViewCache m_view;
744
745 // These are the two possible backends for m_view.
748 CCoinsViewMemPool m_viewmempool;
749
750 Chainstate& m_active_chainstate;
751
752 // Fields below are per *sub*package state and must be reset prior to subsequent
753 // AcceptSingleTransaction and AcceptMultipleTransactions invocations
754 struct SubPackageState {
756 CAmount m_total_modified_fees{0};
758 int64_t m_total_vsize{0};
759
760 // RBF-related members
763 bool m_rbf{false};
765 std::list<CTransactionRef> m_replaced_transactions;
766 /* Changeset representing adding transactions and removing their conflicts. */
767 std::unique_ptr<CTxMemPool::ChangeSet> m_changeset;
768
770 CAmount m_conflicting_fees{0};
772 size_t m_conflicting_size{0};
773 };
774
775 struct SubPackageState m_subpackage;
776
778 void ClearSubPackageState() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs)
779 {
780 m_subpackage = SubPackageState{};
781
782 // And clean coins while at it
783 CleanupTemporaryCoins();
784 }
785};
786
787bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
788{
790 AssertLockHeld(m_pool.cs);
791 const CTransactionRef& ptx = ws.m_ptx;
792 const CTransaction& tx = *ws.m_ptx;
793 const Txid& hash = ws.m_hash;
794
795 // Copy/alias what we need out of args
796 const int64_t nAcceptTime = args.m_accept_time;
797 const bool bypass_limits = args.m_bypass_limits;
798 std::vector<COutPoint>& coins_to_uncache = args.m_coins_to_uncache;
799
800 // Alias what we need out of ws
801 TxValidationState& state = ws.m_state;
802
803 if (!CheckTransaction(tx, state)) {
804 return false; // state filled in by CheckTransaction
805 }
806
807 // Coinbase is only valid in a block, not as a loose transaction
808 if (tx.IsCoinBase())
809 return state.Invalid(TxValidationResult::TX_CONSENSUS, "coinbase");
810
811 // Rather not work on nonstandard transactions (unless -testnet/-regtest)
812 std::string reason;
813 if (m_pool.m_opts.require_standard && !IsStandardTx(tx, m_pool.m_opts.max_datacarrier_bytes, m_pool.m_opts.permit_bare_multisig, m_pool.m_opts.dust_relay_feerate, reason)) {
814 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, reason);
815 }
816
817 // Transactions smaller than 65 non-witness bytes are not relayed to mitigate CVE-2017-12842.
819 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "tx-size-small");
820
821 // Only accept nLockTime-using transactions that can be mined in the next
822 // block; we don't want our mempool filled up with transactions that can't
823 // be mined yet.
824 if (!CheckFinalTxAtTip(*Assert(m_active_chainstate.m_chain.Tip()), tx)) {
825 return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-final");
826 }
827
828 if (m_pool.exists(tx.GetWitnessHash())) {
829 // Exact transaction already exists in the mempool.
830 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-in-mempool");
831 } else if (m_pool.exists(tx.GetHash())) {
832 // Transaction with the same non-witness data but different witness (same txid, different
833 // wtxid) already exists in the mempool.
834 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-same-nonwitness-data-in-mempool");
835 }
836
837 // Check for conflicts with in-memory transactions
838 for (const CTxIn &txin : tx.vin)
839 {
840 const CTransaction* ptxConflicting = m_pool.GetConflictTx(txin.prevout);
841 if (ptxConflicting) {
842 if (!args.m_allow_replacement) {
843 // Transaction conflicts with a mempool tx, but we're not allowing replacements in this context.
844 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "bip125-replacement-disallowed");
845 }
846 ws.m_conflicts.insert(ptxConflicting->GetHash());
847 }
848 }
849
850 m_view.SetBackend(m_viewmempool);
851
852 const CCoinsViewCache& coins_cache = m_active_chainstate.CoinsTip();
853 // do all inputs exist?
854 for (const CTxIn& txin : tx.vin) {
855 if (!coins_cache.HaveCoinInCache(txin.prevout)) {
856 coins_to_uncache.push_back(txin.prevout);
857 }
858
859 // Note: this call may add txin.prevout to the coins cache
860 // (coins_cache.cacheCoins) by way of FetchCoin(). It should be removed
861 // later (via coins_to_uncache) if this tx turns out to be invalid.
862 if (!m_view.HaveCoin(txin.prevout)) {
863 // Are inputs missing because we already have the tx?
864 for (size_t out = 0; out < tx.vout.size(); out++) {
865 // Optimistically just do efficient check of cache for outputs
866 if (coins_cache.HaveCoinInCache(COutPoint(hash, out))) {
867 return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-known");
868 }
869 }
870 // Otherwise assume this might be an orphan tx for which we just haven't seen parents yet
871 return state.Invalid(TxValidationResult::TX_MISSING_INPUTS, "bad-txns-inputs-missingorspent");
872 }
873 }
874
875 // This is const, but calls into `CCoinsViewCache::GetBestBlock()` to refresh
876 // the cached best block through `m_viewmempool` after caching inputs.
877 (void)m_view.GetBestBlock();
878
879 // All required inputs are cached now, so switch m_view to the empty backend.
880 // This keeps already-fetched cache entries for later checks and prevents new
881 // backend lookups (which would avoid coins_to_uncache tracking).
882 m_view.SetBackend(CoinsViewEmpty::Get());
883
884 assert(m_active_chainstate.m_blockman.LookupBlockIndex(m_view.GetBestBlock()) == m_active_chainstate.m_chain.Tip());
885
886 // Only accept BIP68 sequence locked transactions that can be mined in the next
887 // block; we don't want our mempool filled up with transactions that can't
888 // be mined yet.
889 // Pass in m_view which has all of the relevant inputs cached. Note that, since m_view's
890 // backend was removed, it no longer pulls coins from the mempool.
891 const std::optional<LockPoints> lock_points{CalculateLockPointsAtTip(m_active_chainstate.m_chain.Tip(), m_view, tx)};
892 if (!lock_points.has_value() || !CheckSequenceLocksAtTip(m_active_chainstate.m_chain.Tip(), *lock_points)) {
893 return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-BIP68-final");
894 }
895
896 // The mempool holds txs for the next block, so pass height+1 to CheckTxInputs
897 if (!Consensus::CheckTxInputs(tx, state, m_view, m_active_chainstate.m_chain.Height() + 1, ws.m_base_fees)) {
898 return false; // state filled in by CheckTxInputs
899 }
900
901 if (m_pool.m_opts.require_standard) {
902 state = ValidateInputsStandardness(tx, m_view);
903 if (state.IsInvalid()) {
904 return false;
905 }
906 }
907
908 // Check for non-standard witnesses.
909 if (tx.HasWitness() && m_pool.m_opts.require_standard && !IsWitnessStandard(tx, m_view)) {
910 return state.Invalid(TxValidationResult::TX_WITNESS_MUTATED, "bad-witness-nonstandard");
911 }
912
913 int64_t nSigOpsCost = GetTransactionSigOpCost(tx, m_view, STANDARD_SCRIPT_VERIFY_FLAGS);
914
915 // Keep track of transactions that spend a coinbase, which we re-scan
916 // during reorgs to ensure COINBASE_MATURITY is still met.
917 bool fSpendsCoinbase = false;
918 for (const CTxIn &txin : tx.vin) {
919 const Coin &coin = m_view.AccessCoin(txin.prevout);
920 if (coin.IsCoinBase()) {
921 fSpendsCoinbase = true;
922 break;
923 }
924 }
925
926 // Set entry_sequence to 0 when bypass_limits is used; this allows txs from a block
927 // reorg to be marked earlier than any child txs that were already in the mempool.
928 const uint64_t entry_sequence = bypass_limits ? 0 : m_pool.GetSequence();
929 if (!m_subpackage.m_changeset) {
930 m_subpackage.m_changeset = m_pool.GetChangeSet();
931 }
932 ws.m_tx_handle = m_subpackage.m_changeset->StageAddition(ptx, ws.m_base_fees, nAcceptTime, m_active_chainstate.m_chain.Height(), entry_sequence, fSpendsCoinbase, nSigOpsCost, lock_points.value());
933
934 // ws.m_modified_fees includes any fee deltas from PrioritiseTransaction
935 ws.m_modified_fees = ws.m_tx_handle->GetModifiedFee();
936
937 ws.m_vsize = ws.m_tx_handle->GetTxSize();
938
939 // Enforces 0-fee for dust transactions, no incentive to be mined alone
940 if (m_pool.m_opts.require_standard) {
941 if (!PreCheckEphemeralTx(*ptx, m_pool.m_opts.dust_relay_feerate, ws.m_base_fees, ws.m_modified_fees, state)) {
942 return false; // state filled in by PreCheckEphemeralTx
943 }
944 }
945
946 if (nSigOpsCost > MAX_STANDARD_TX_SIGOPS_COST)
947 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "bad-txns-too-many-sigops",
948 strprintf("%d", nSigOpsCost));
949
950 // No individual transactions are allowed below the mempool min feerate except from disconnected
951 // blocks and transactions in a package. Package transactions will be checked using package
952 // feerate later.
953 if (!bypass_limits && !args.m_package_feerates && !CheckFeeRate(ws.m_vsize, ws.m_modified_fees, state)) return false;
954
955 ws.m_iters_conflicting = m_pool.GetIterSet(ws.m_conflicts);
956
957 ws.m_parents = m_pool.GetParents(*ws.m_tx_handle);
958
959 if (!args.m_bypass_limits) {
960 // Perform the TRUC checks, using the in-mempool parents.
961 if (const auto err{SingleTRUCChecks(m_pool, ws.m_ptx, ws.m_parents, ws.m_conflicts, ws.m_vsize)}) {
962 // Single transaction contexts only.
963 if (args.m_allow_sibling_eviction && err->second != nullptr) {
964 // We should only be considering where replacement is considered valid as well.
965 Assume(args.m_allow_replacement);
966 // Potential sibling eviction. Add the sibling to our list of mempool conflicts to be
967 // included in RBF checks.
968 ws.m_conflicts.insert(err->second->GetHash());
969 // Adding the sibling to m_iters_conflicting here means that it doesn't count towards
970 // RBF Carve Out above. This is correct, since removing to-be-replaced transactions from
971 // the descendant count is done separately in SingleTRUCChecks for TRUC transactions.
972 ws.m_iters_conflicting.insert(m_pool.GetIter(err->second->GetHash()).value());
973 ws.m_sibling_eviction = true;
974 // The sibling will be treated as part of the to-be-replaced set in ReplacementChecks.
975 // Note that we are not checking whether it opts in to replaceability via BIP125 or TRUC
976 // (which is normally done in PreChecks). However, the only way a TRUC transaction can
977 // have a non-TRUC and non-BIP125 descendant is due to a reorg.
978 } else {
979 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "TRUC-violation", err->first);
980 }
981 }
982 }
983
984 // We want to detect conflicts in any tx in a package to trigger package RBF logic
985 m_subpackage.m_rbf |= !ws.m_conflicts.empty();
986 return true;
987}
988
989bool MemPoolAccept::ReplacementChecks(Workspace& ws)
990{
992 AssertLockHeld(m_pool.cs);
993
994 const CTransaction& tx = *ws.m_ptx;
995 const Txid& hash = ws.m_hash;
996 TxValidationState& state = ws.m_state;
997
998 CFeeRate newFeeRate(ws.m_modified_fees, ws.m_vsize);
999
1000 CTxMemPool::setEntries all_conflicts;
1001
1002 // Calculate all conflicting entries and enforce Rule #5.
1003 if (const auto err_string{GetEntriesForConflicts(tx, m_pool, ws.m_iters_conflicting, all_conflicts)}) {
1005 strprintf("too many potential replacements%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1006 }
1007
1008 // Check if it's economically rational to mine this transaction rather than the ones it
1009 // replaces and pays for its own relay fees. Enforce Rules #3 and #4.
1010 for (CTxMemPool::txiter it : all_conflicts) {
1011 m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1012 m_subpackage.m_conflicting_size += it->GetTxSize();
1013 }
1014
1015 if (const auto err_string{PaysForRBF(m_subpackage.m_conflicting_fees, ws.m_modified_fees, ws.m_vsize,
1016 m_pool.m_opts.incremental_relay_feerate, hash)}) {
1017 // Result may change in a package context
1019 strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
1020 }
1021
1022 // Add all the to-be-removed transactions to the changeset.
1023 for (auto it : all_conflicts) {
1024 m_subpackage.m_changeset->StageRemoval(it);
1025 }
1026
1027 // Run cluster size limit checks and fail if we exceed them.
1028 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1029 return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
1030 }
1031
1032 if (const auto err_string{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
1033 // We checked above for the cluster size limits being respected, so a
1034 // failure here can only be due to an insufficient fee.
1035 Assume(err_string->first == DiagramCheckError::FAILURE);
1036 return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "replacement-failed", err_string->second);
1037 }
1038
1039 return true;
1040}
1041
1042bool MemPoolAccept::PackageRBFChecks(const std::vector<CTransactionRef>& txns,
1043 std::vector<Workspace>& workspaces,
1044 const int64_t total_vsize,
1045 PackageValidationState& package_state)
1046{
1048 AssertLockHeld(m_pool.cs);
1049
1050 assert(std::all_of(txns.cbegin(), txns.cend(), [this](const auto& tx)
1051 { return !m_pool.exists(tx->GetHash());}));
1052
1053 assert(txns.size() == workspaces.size());
1054
1055 // We're in package RBF context; replacement proposal must be size 2
1056 if (workspaces.size() != 2 || !Assume(IsChildWithParents(txns))) {
1057 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: package must be 1-parent-1-child");
1058 }
1059
1060 // If the package has in-mempool parents, we won't consider a package RBF
1061 // since it would result in a cluster larger than 2.
1062 // N.B. To relax this constraint we will need to revisit how CCoinsViewMemPool::PackageAddTransaction
1063 // is being used inside AcceptMultipleTransactions to track available inputs while processing a package.
1064 // Specifically we would need to check that the ancestors of the new
1065 // transactions don't intersect with the set of transactions to be removed
1066 // due to RBF, which is not checked at all in the package acceptance
1067 // context.
1068 for (const auto& ws : workspaces) {
1069 if (!ws.m_parents.empty()) {
1070 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: new transaction cannot have mempool ancestors");
1071 }
1072 }
1073
1074 // Aggregate all conflicts into one set.
1075 CTxMemPool::setEntries direct_conflict_iters;
1076 for (Workspace& ws : workspaces) {
1077 // Aggregate all conflicts into one set.
1078 direct_conflict_iters.merge(ws.m_iters_conflicting);
1079 }
1080
1081 const auto& parent_ws = workspaces[0];
1082 const auto& child_ws = workspaces[1];
1083
1084 // Don't consider replacements that would cause us to remove a large number of mempool entries.
1085 // This limit is not increased in a package RBF. Use the aggregate number of transactions.
1086 CTxMemPool::setEntries all_conflicts;
1087 if (const auto err_string{GetEntriesForConflicts(*child_ws.m_ptx, m_pool, direct_conflict_iters,
1088 all_conflicts)}) {
1089 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1090 "package RBF failed: too many potential replacements", *err_string);
1091 }
1092
1093 for (CTxMemPool::txiter it : all_conflicts) {
1094 m_subpackage.m_changeset->StageRemoval(it);
1095 m_subpackage.m_conflicting_fees += it->GetModifiedFee();
1096 m_subpackage.m_conflicting_size += it->GetTxSize();
1097 }
1098
1099 // Use the child as the transaction for attributing errors to.
1100 const Txid& child_hash = child_ws.m_ptx->GetHash();
1101 if (const auto err_string{PaysForRBF(/*original_fees=*/m_subpackage.m_conflicting_fees,
1102 /*replacement_fees=*/m_subpackage.m_total_modified_fees,
1103 /*replacement_vsize=*/m_subpackage.m_total_vsize,
1104 m_pool.m_opts.incremental_relay_feerate, child_hash)}) {
1105 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1106 "package RBF failed: insufficient anti-DoS fees", *err_string);
1107 }
1108
1109 // Ensure this two transaction package is a "chunk" on its own; we don't want the child
1110 // to be only paying anti-DoS fees
1111 const CFeeRate parent_feerate(parent_ws.m_modified_fees, parent_ws.m_vsize);
1112 const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1113 if (package_feerate <= parent_feerate) {
1114 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1115 "package RBF failed: package feerate is less than or equal to parent feerate",
1116 strprintf("package feerate %s <= parent feerate is %s", package_feerate.ToString(), parent_feerate.ToString()));
1117 }
1118
1119 // Run cluster size limit checks and fail if we exceed them.
1120 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1121 return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
1122 }
1123
1124 // Check if it's economically rational to mine this package rather than the ones it replaces.
1125 if (const auto err_tup{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
1126 Assume(err_tup->first == DiagramCheckError::FAILURE);
1127 return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
1128 "package RBF failed: " + err_tup.value().second, "");
1129 }
1130
1131 LogDebug(BCLog::TXPACKAGES, "package RBF checks passed: parent %s (wtxid=%s), child %s (wtxid=%s), package hash (%s)\n",
1132 txns.front()->GetHash().ToString(), txns.front()->GetWitnessHash().ToString(),
1133 txns.back()->GetHash().ToString(), txns.back()->GetWitnessHash().ToString(),
1134 GetPackageHash(txns).ToString());
1135
1136
1137 return true;
1138}
1139
1140bool MemPoolAccept::PolicyScriptChecks(const ATMPArgs& args, Workspace& ws)
1141{
1143 AssertLockHeld(m_pool.cs);
1144 const CTransaction& tx = *ws.m_ptx;
1145 TxValidationState& state = ws.m_state;
1146
1147 constexpr script_verify_flags scriptVerifyFlags = STANDARD_SCRIPT_VERIFY_FLAGS;
1148
1149 // Check input scripts and signatures.
1150 // This is done last to help prevent CPU exhaustion denial-of-service attacks.
1151 if (!CheckInputScripts(tx, state, m_view, scriptVerifyFlags, true, false, ws.m_precomputed_txdata, GetValidationCache())) {
1152 // Detect a failure due to a missing witness so that p2p code can handle rejection caching appropriately.
1153 if (!tx.HasWitness() && SpendsNonAnchorWitnessProg(tx, m_view)) {
1155 state.GetRejectReason(), state.GetDebugMessage());
1156 }
1157 return false; // state filled in by CheckInputScripts
1158 }
1159
1160 return true;
1161}
1162
1163bool MemPoolAccept::ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws)
1164{
1166 AssertLockHeld(m_pool.cs);
1167 const CTransaction& tx = *ws.m_ptx;
1168 const Txid& hash = ws.m_hash;
1169 TxValidationState& state = ws.m_state;
1170
1171 // Check again against the current block tip's script verification
1172 // flags to cache our script execution flags. This is, of course,
1173 // useless if the next block has different script flags from the
1174 // previous one, but because the cache tracks script flags for us it
1175 // will auto-invalidate and we'll just have a few blocks of extra
1176 // misses on soft-fork activation.
1177 //
1178 // This is also useful in case of bugs in the standard flags that cause
1179 // transactions to pass as valid when they're actually invalid. For
1180 // instance the STRICTENC flag was incorrectly allowing certain
1181 // CHECKSIG NOT scripts to pass, even though they were invalid.
1182 //
1183 // There is a similar check in CreateNewBlock() to prevent creating
1184 // invalid blocks (using TestBlockValidity), however allowing such
1185 // transactions into the mempool can be exploited as a DoS attack.
1186 script_verify_flags currentBlockScriptVerifyFlags{GetBlockScriptFlags(*m_active_chainstate.m_chain.Tip(), m_active_chainstate.m_chainman)};
1187 if (!CheckInputsFromMempoolAndCache(tx, state, m_view, m_pool, currentBlockScriptVerifyFlags,
1188 ws.m_precomputed_txdata, m_active_chainstate.CoinsTip(), GetValidationCache())) {
1189 LogError("BUG! PLEASE REPORT THIS! CheckInputScripts failed against latest-block but not STANDARD flags %s, %s", hash.ToString(), state.ToString());
1190 return Assume(false);
1191 }
1192
1193 return true;
1194}
1195
1196void MemPoolAccept::FinalizeSubpackage(const ATMPArgs& args)
1197{
1199 AssertLockHeld(m_pool.cs);
1200
1201 if (!m_subpackage.m_changeset->GetRemovals().empty()) Assume(args.m_allow_replacement);
1202 // Remove conflicting transactions from the mempool
1203 for (CTxMemPool::txiter it : m_subpackage.m_changeset->GetRemovals())
1204 {
1205 std::string log_string = strprintf("replacing mempool tx %s (wtxid=%s, fees=%s, vsize=%s). ",
1206 it->GetTx().GetHash().ToString(),
1207 it->GetTx().GetWitnessHash().ToString(),
1208 it->GetFee(),
1209 it->GetTxSize());
1210 FeeFrac feerate{m_subpackage.m_total_modified_fees, int32_t(m_subpackage.m_total_vsize)};
1211 uint256 tx_or_package_hash{};
1212 const bool replaced_with_tx{m_subpackage.m_changeset->GetTxCount() == 1};
1213 if (replaced_with_tx) {
1214 const CTransaction& tx = m_subpackage.m_changeset->GetAddedTxn(0);
1215 tx_or_package_hash = tx.GetHash().ToUint256();
1216 log_string += strprintf("New tx %s (wtxid=%s, fees=%s, vsize=%s)",
1217 tx.GetHash().ToString(),
1218 tx.GetWitnessHash().ToString(),
1219 feerate.fee,
1220 feerate.size);
1221 } else {
1222 tx_or_package_hash = GetPackageHash(m_subpackage.m_changeset->GetAddedTxns());
1223 log_string += strprintf("New package %s with %lu txs, fees=%s, vsize=%s",
1224 tx_or_package_hash.ToString(),
1225 m_subpackage.m_changeset->GetTxCount(),
1226 feerate.fee,
1227 feerate.size);
1228
1229 }
1230 LogDebug(BCLog::MEMPOOL, "%s\n", log_string);
1231 TRACEPOINT(mempool, replaced,
1232 it->GetTx().GetHash().data(),
1233 it->GetTxSize(),
1234 it->GetFee(),
1235 std::chrono::duration_cast<std::chrono::duration<std::uint64_t>>(it->GetTime()).count(),
1236 tx_or_package_hash.data(),
1237 feerate.size,
1238 feerate.fee,
1239 replaced_with_tx
1240 );
1241 m_subpackage.m_replaced_transactions.push_back(it->GetSharedTx());
1242 }
1243 m_subpackage.m_changeset->Apply();
1244 m_subpackage.m_changeset.reset();
1245}
1246
1247bool MemPoolAccept::SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces,
1248 PackageValidationState& package_state,
1249 std::map<Wtxid, MempoolAcceptResult>& results)
1250{
1252 AssertLockHeld(m_pool.cs);
1253 // Sanity check: none of the transactions should be in the mempool, and none of the transactions
1254 // should have a same-txid-different-witness equivalent in the mempool.
1255 assert(std::all_of(workspaces.cbegin(), workspaces.cend(), [this](const auto& ws) { return !m_pool.exists(ws.m_ptx->GetHash()); }));
1256
1257 bool all_submitted = true;
1258 FinalizeSubpackage(args);
1259 // ConsensusScriptChecks adds to the script cache and is therefore consensus-critical;
1260 // CheckInputsFromMempoolAndCache asserts that transactions only spend coins available from the
1261 // mempool or UTXO set. Submit each transaction to the mempool immediately after calling
1262 // ConsensusScriptChecks to make the outputs available for subsequent transactions.
1263 for (Workspace& ws : workspaces) {
1264 if (!ConsensusScriptChecks(args, ws)) {
1265 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1266 // Since PolicyScriptChecks() passed, this should never fail.
1267 Assume(false);
1268 all_submitted = false;
1270 strprintf("BUG! PolicyScriptChecks succeeded but ConsensusScriptChecks failed: %s",
1271 ws.m_ptx->GetHash().ToString()));
1272 }
1273 // Remove first failing tx and all subsequent in package
1274 if (!all_submitted) {
1275 if (!m_subpackage.m_changeset) m_subpackage.m_changeset = m_pool.GetChangeSet();
1276 m_subpackage.m_changeset->StageRemoval(m_pool.GetIter(ws.m_ptx->GetHash()).value());
1277 }
1278 }
1279 if (!all_submitted) {
1280 Assume(m_subpackage.m_changeset);
1281 // This code should be unreachable; it's here as belt-and-suspenders
1282 // to try to ensure we have no consensus-invalid transactions in the
1283 // mempool.
1284 m_subpackage.m_changeset->Apply();
1285 m_subpackage.m_changeset.reset();
1286 return false;
1287 }
1288
1289 std::vector<Wtxid> all_package_wtxids;
1290 all_package_wtxids.reserve(workspaces.size());
1291 std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1292 [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1293
1294 if (!m_subpackage.m_replaced_transactions.empty()) {
1295 LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with %u new one(s) for %s additional fees, %d delta bytes\n",
1296 m_subpackage.m_replaced_transactions.size(), workspaces.size(),
1297 m_subpackage.m_total_modified_fees - m_subpackage.m_conflicting_fees,
1298 m_subpackage.m_total_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1299 }
1300
1301 // Add successful results. The returned results may change later if LimitMempoolSize() evicts them.
1302 for (Workspace& ws : workspaces) {
1303 auto iter = m_pool.GetIter(ws.m_ptx->GetHash());
1304 Assume(iter.has_value());
1305 const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1306 CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
1307 const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1308 std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1309 results.emplace(ws.m_ptx->GetWitnessHash(),
1310 MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1311 ws.m_base_fees, effective_feerate, effective_feerate_wtxids));
1312 if (!m_pool.m_opts.signals) continue;
1313 const CTransaction& tx = *ws.m_ptx;
1314 const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1315 ws.m_vsize, (*iter)->GetHeight(),
1316 args.m_bypass_limits, args.m_package_submission,
1317 IsCurrentForFeeEstimation(m_active_chainstate),
1318 m_pool.HasNoInputsOf(tx));
1319 m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1320 }
1321 return all_submitted;
1322}
1323
1324MempoolAcceptResult MemPoolAccept::AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args)
1325{
1327 AssertLockHeld(m_pool.cs);
1328
1329 Workspace ws(ptx);
1330 const std::vector<Wtxid> single_wtxid{ws.m_ptx->GetWitnessHash()};
1331
1332 if (!PreChecks(args, ws)) {
1333 if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1334 // Failed for fee reasons. Provide the effective feerate and which tx was included.
1335 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1336 }
1337 return MempoolAcceptResult::Failure(ws.m_state);
1338 }
1339
1340 if (m_subpackage.m_rbf && !ReplacementChecks(ws)) {
1341 if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
1342 // Failed for incentives-based fee reasons. Provide the effective feerate and which tx was included.
1343 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
1344 }
1345 return MempoolAcceptResult::Failure(ws.m_state);
1346 }
1347
1348 // Check if the transaction would exceed the cluster size limit.
1349 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1350 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
1351 return MempoolAcceptResult::Failure(ws.m_state);
1352 }
1353
1354 // Now that we've verified the cluster limit is respected, we can perform
1355 // calculations involving the full ancestors of the tx.
1356 if (ws.m_conflicts.size()) {
1357 auto ancestors = m_subpackage.m_changeset->CalculateMemPoolAncestors(ws.m_tx_handle);
1358
1359 // A transaction that spends outputs that would be replaced by it is invalid. Now
1360 // that we have the set of all ancestors we can detect this
1361 // pathological case by making sure ws.m_conflicts and this tx's ancestors don't
1362 // intersect.
1363 if (const auto err_string{EntriesAndTxidsDisjoint(ancestors, ws.m_conflicts, ptx->GetHash())}) {
1364 // We classify this as a consensus error because a transaction depending on something it
1365 // conflicts with would be inconsistent.
1366 ws.m_state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-spends-conflicting-tx", *err_string);
1367 return MempoolAcceptResult::Failure(ws.m_state);
1368 }
1369 }
1370
1371 m_subpackage.m_total_vsize = ws.m_vsize;
1372 m_subpackage.m_total_modified_fees = ws.m_modified_fees;
1373
1374 // Individual modified feerate exceeded caller-defined max; abort
1375 if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1376 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1377 return MempoolAcceptResult::Failure(ws.m_state);
1378 }
1379
1380 if (!args.m_bypass_limits && m_pool.m_opts.require_standard) {
1381 Wtxid dummy_wtxid;
1382 if (!CheckEphemeralSpends(/*package=*/{ptx}, m_pool.m_opts.dust_relay_feerate, m_pool, ws.m_state, dummy_wtxid)) {
1383 return MempoolAcceptResult::Failure(ws.m_state);
1384 }
1385 }
1386
1387 // Perform the inexpensive checks first and avoid hashing and signature verification unless
1388 // those checks pass, to mitigate CPU exhaustion denial-of-service attacks.
1389 if (!PolicyScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1390
1391 if (!ConsensusScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
1392
1393 const CFeeRate effective_feerate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
1394 // Tx was accepted, but not added
1395 if (args.m_test_accept) {
1396 return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
1397 ws.m_base_fees, effective_feerate, single_wtxid);
1398 }
1399
1400 FinalizeSubpackage(args);
1401
1402 // Limit the mempool, if appropriate.
1403 if (!args.m_package_submission && !args.m_bypass_limits) {
1404 LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1405 // If mempool contents change, then the m_view cache is dirty. Given this isn't a package
1406 // submission, we won't be using the cache anymore, but clear it anyway for clarity.
1407 CleanupTemporaryCoins();
1408
1409 if (!m_pool.exists(ws.m_hash)) {
1410 // The tx no longer meets our (new) mempool minimum feerate but could be reconsidered in a package.
1411 ws.m_state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool full");
1412 return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), {ws.m_ptx->GetWitnessHash()});
1413 }
1414 }
1415
1416 if (m_pool.m_opts.signals) {
1417 const CTransaction& tx = *ws.m_ptx;
1418 auto iter = m_pool.GetIter(tx.GetHash());
1419 Assume(iter.has_value());
1420 const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
1421 ws.m_vsize, (*iter)->GetHeight(),
1422 args.m_bypass_limits, args.m_package_submission,
1423 IsCurrentForFeeEstimation(m_active_chainstate),
1424 m_pool.HasNoInputsOf(tx));
1425 m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
1426 }
1427
1428 if (!m_subpackage.m_replaced_transactions.empty()) {
1429 LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with 1 new transaction for %s additional fees, %d delta bytes\n",
1430 m_subpackage.m_replaced_transactions.size(),
1431 ws.m_modified_fees - m_subpackage.m_conflicting_fees,
1432 ws.m_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
1433 }
1434
1435 return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize, ws.m_base_fees,
1436 effective_feerate, single_wtxid);
1437}
1438
1439PackageMempoolAcceptResult MemPoolAccept::AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args)
1440{
1442 AssertLockHeld(m_pool.cs);
1443
1444 // These context-free package limits can be done before taking the mempool lock.
1445 PackageValidationState package_state;
1446 if (!IsWellFormedPackage(txns, package_state)) return PackageMempoolAcceptResult(package_state, {});
1447
1448 std::vector<Workspace> workspaces{};
1449 workspaces.reserve(txns.size());
1450 std::transform(txns.cbegin(), txns.cend(), std::back_inserter(workspaces),
1451 [](const auto& tx) { return Workspace(tx); });
1452 std::map<Wtxid, MempoolAcceptResult> results;
1453
1454 // Do all PreChecks first and fail fast to avoid running expensive script checks when unnecessary.
1455 for (Workspace& ws : workspaces) {
1456 if (!PreChecks(args, ws)) {
1457 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1458 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1459 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1460 return PackageMempoolAcceptResult(package_state, std::move(results));
1461 }
1462
1463 // Individual modified feerate exceeded caller-defined max; abort
1464 // N.B. this doesn't take into account CPFPs. Chunk-aware validation may be more robust.
1465 if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
1466 // Need to set failure here both individually and at package level
1467 ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
1468 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1469 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1470 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1471 return PackageMempoolAcceptResult(package_state, std::move(results));
1472 }
1473
1474 // Make the coins created by this transaction available for subsequent transactions in the
1475 // package to spend. If there are no conflicts within the package, no transaction can spend a coin
1476 // needed by another transaction in the package. We also need to make sure that no package
1477 // tx replaces (or replaces the ancestor of) the parent of another package tx. As long as we
1478 // check these two things, we don't need to track the coins spent.
1479 // If a package tx conflicts with a mempool tx, PackageRBFChecks() ensures later that any package RBF attempt
1480 // has *no* in-mempool ancestors, so we don't have to worry about subsequent transactions in
1481 // same package spending the same in-mempool outpoints. This needs to be revisited for general
1482 // package RBF.
1483 m_viewmempool.PackageAddTransaction(ws.m_ptx);
1484 }
1485
1486 // At this point we have all in-mempool parents, and we know every transaction's vsize.
1487 // Run the TRUC checks on the package.
1488 for (Workspace& ws : workspaces) {
1489 if (auto err{PackageTRUCChecks(m_pool, ws.m_ptx, ws.m_vsize, txns, ws.m_parents)}) {
1490 package_state.Invalid(PackageValidationResult::PCKG_POLICY, "TRUC-violation", err.value());
1491 return PackageMempoolAcceptResult(package_state, {});
1492 }
1493 }
1494
1495 // Transactions must meet two minimum feerates: the mempool minimum fee and min relay fee.
1496 // For transactions consisting of exactly one child and its parents, it suffices to use the
1497 // package feerate (total modified fees / total virtual size) to check this requirement.
1498 // Note that this is an aggregate feerate; this function has not checked that there are transactions
1499 // too low feerate to pay for themselves, or that the child transactions are higher feerate than
1500 // their parents. Using aggregate feerate may allow "parents pay for child" behavior and permit
1501 // a child that is below mempool minimum feerate. To avoid these behaviors, callers of
1502 // AcceptMultipleTransactions need to restrict txns topology (e.g. to ancestor sets) and check
1503 // the feerates of individuals and subsets.
1504 m_subpackage.m_total_vsize = std::accumulate(workspaces.cbegin(), workspaces.cend(), int64_t{0},
1505 [](int64_t sum, auto& ws) { return sum + ws.m_vsize; });
1506 m_subpackage.m_total_modified_fees = std::accumulate(workspaces.cbegin(), workspaces.cend(), CAmount{0},
1507 [](CAmount sum, auto& ws) { return sum + ws.m_modified_fees; });
1508 const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
1509 std::vector<Wtxid> all_package_wtxids;
1510 all_package_wtxids.reserve(workspaces.size());
1511 std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
1512 [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
1513 TxValidationState placeholder_state;
1514 if (args.m_package_feerates &&
1515 !CheckFeeRate(m_subpackage.m_total_vsize, m_subpackage.m_total_modified_fees, placeholder_state)) {
1516 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1517 return PackageMempoolAcceptResult(package_state, {{workspaces.back().m_ptx->GetWitnessHash(),
1518 MempoolAcceptResult::FeeFailure(placeholder_state, CFeeRate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize), all_package_wtxids)}});
1519 }
1520
1521 // Apply package mempool RBF checks.
1522 if (m_subpackage.m_rbf && !PackageRBFChecks(txns, workspaces, m_subpackage.m_total_vsize, package_state)) {
1523 return PackageMempoolAcceptResult(package_state, std::move(results));
1524 }
1525
1526 // Check if the transactions would exceed the cluster size limit.
1527 if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
1528 package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
1529 return PackageMempoolAcceptResult(package_state, std::move(results));
1530 }
1531
1532 // Now that we've bounded the resulting possible ancestry count, check package for dust spends
1533 if (m_pool.m_opts.require_standard) {
1534 TxValidationState child_state;
1535 Wtxid child_wtxid;
1536 if (!CheckEphemeralSpends(txns, m_pool.m_opts.dust_relay_feerate, m_pool, child_state, child_wtxid)) {
1537 package_state.Invalid(PackageValidationResult::PCKG_TX, "unspent-dust");
1538 results.emplace(child_wtxid, MempoolAcceptResult::Failure(child_state));
1539 return PackageMempoolAcceptResult(package_state, std::move(results));
1540 }
1541 }
1542
1543 for (Workspace& ws : workspaces) {
1544 ws.m_package_feerate = package_feerate;
1545 if (!PolicyScriptChecks(args, ws)) {
1546 // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
1547 package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1548 results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
1549 return PackageMempoolAcceptResult(package_state, std::move(results));
1550 }
1551 if (args.m_test_accept) {
1552 const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
1553 CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
1554 const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
1555 std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
1556 results.emplace(ws.m_ptx->GetWitnessHash(),
1557 MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions),
1558 ws.m_vsize, ws.m_base_fees, effective_feerate,
1559 effective_feerate_wtxids));
1560 }
1561 }
1562
1563 if (args.m_test_accept) return PackageMempoolAcceptResult(package_state, std::move(results));
1564
1565 if (!SubmitPackage(args, workspaces, package_state, results)) {
1566 // PackageValidationState filled in by SubmitPackage().
1567 return PackageMempoolAcceptResult(package_state, std::move(results));
1568 }
1569
1570 return PackageMempoolAcceptResult(package_state, std::move(results));
1571}
1572
1573void MemPoolAccept::CleanupTemporaryCoins()
1574{
1575 // There are 3 kinds of coins in m_view:
1576 // (1) Temporary coins from the transactions in subpackage, constructed by m_viewmempool.
1577 // (2) Mempool coins from transactions in the mempool, constructed by m_viewmempool.
1578 // (3) Confirmed coins fetched from our current UTXO set.
1579 //
1580 // (1) Temporary coins need to be removed, regardless of whether the transaction was submitted.
1581 // If the transaction was submitted to the mempool, m_viewmempool will be able to fetch them from
1582 // there. If it wasn't submitted to mempool, it is incorrect to keep them - future calls may try
1583 // to spend those coins that don't actually exist.
1584 // (2) Mempool coins also need to be removed. If the mempool contents have changed as a result
1585 // of submitting or replacing transactions, coins previously fetched from mempool may now be
1586 // spent or nonexistent. Those coins need to be deleted from m_view.
1587 // (3) Confirmed coins don't need to be removed. The chainstate has not changed (we are
1588 // holding cs_main and no blocks have been processed) so the confirmed tx cannot disappear like
1589 // a mempool tx can. The coin may now be spent after we submitted a tx to mempool, but
1590 // we have already checked that the package does not have 2 transactions spending the same coin
1591 // and we check whether a mempool transaction spends conflicting coins (CTxMemPool::GetConflictTx).
1592 // Keeping them in m_view is an optimization to not re-fetch confirmed coins if we later look up
1593 // inputs for this transaction again.
1594 for (const auto& outpoint : m_viewmempool.GetNonBaseCoins()) {
1595 // In addition to resetting m_viewmempool, we also need to manually delete these coins from
1596 // m_view because it caches copies of the coins it fetched from m_viewmempool previously.
1597 m_view.Uncache(outpoint);
1598 }
1599 // This deletes the temporary and mempool coins.
1600 m_viewmempool.Reset();
1601}
1602
1603PackageMempoolAcceptResult MemPoolAccept::AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
1604{
1606 AssertLockHeld(m_pool.cs);
1607 auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs) {
1608 if (subpackage.size() > 1) {
1609 return AcceptMultipleTransactionsInternal(subpackage, args);
1610 }
1611 const auto& tx = subpackage.front();
1612 ATMPArgs single_args = ATMPArgs::SingleInPackageAccept(args);
1613 const auto single_res = AcceptSingleTransactionInternal(tx, single_args);
1614 PackageValidationState package_state_wrapped;
1615 if (single_res.m_result_type != MempoolAcceptResult::ResultType::VALID) {
1616 package_state_wrapped.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1617 }
1618 return PackageMempoolAcceptResult(package_state_wrapped, {{tx->GetWitnessHash(), single_res}});
1619 }();
1620
1621 // Clean up m_view and m_viewmempool so that other subpackage evaluations don't have access to
1622 // coins they shouldn't. Keep some coins in order to minimize re-fetching coins from the UTXO set.
1623 // Clean up package feerate and rbf calculations
1624 ClearSubPackageState();
1625
1626 return result;
1627}
1628
1629PackageMempoolAcceptResult MemPoolAccept::AcceptPackage(const Package& package, ATMPArgs& args)
1630{
1631 Assert(!package.empty());
1633 // Used if returning a PackageMempoolAcceptResult directly from this function.
1634 PackageValidationState package_state_quit_early;
1635
1636 // There are two topologies we are able to handle through this function:
1637 // (1) A single transaction
1638 // (2) A child-with-parents package.
1639 // Check that the package is well-formed. If it isn't, we won't try to validate any of the
1640 // transactions and thus won't return any MempoolAcceptResults, just a package-wide error.
1641
1642 // Context-free package checks.
1643 if (!IsWellFormedPackage(package, package_state_quit_early)) {
1644 return PackageMempoolAcceptResult(package_state_quit_early, {});
1645 }
1646
1647 if (package.size() > 1 && !IsChildWithParents(package)) {
1648 // All transactions in the package must be a parent of the last transaction. This is just an
1649 // opportunity for us to fail fast on a context-free check without taking the mempool lock.
1650 package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-parents");
1651 return PackageMempoolAcceptResult(package_state_quit_early, {});
1652 }
1653
1654 LOCK(m_pool.cs);
1655 // Stores results from which we will create the returned PackageMempoolAcceptResult.
1656 // A result may be changed if a mempool transaction is evicted later due to LimitMempoolSize().
1657 std::map<Wtxid, MempoolAcceptResult> results_final;
1658 // Results from individual validation which will be returned if no other result is available for
1659 // this transaction. "Nonfinal" because if a transaction fails by itself but succeeds later
1660 // (i.e. when evaluated with a fee-bumping child), the result in this map may be discarded.
1661 std::map<Wtxid, MempoolAcceptResult> individual_results_nonfinal;
1662 // Tracks whether we think package submission could result in successful entry to the mempool
1663 bool quit_early{false};
1664 std::vector<CTransactionRef> txns_package_eval;
1665 for (const auto& tx : package) {
1666 const auto& wtxid = tx->GetWitnessHash();
1667 const auto& txid = tx->GetHash();
1668 // There are 3 possibilities: already in mempool, same-txid-diff-wtxid already in mempool,
1669 // or not in mempool. An already confirmed tx is treated as one not in mempool, because all
1670 // we know is that the inputs aren't available.
1671 if (m_pool.exists(wtxid)) {
1672 // Exact transaction already exists in the mempool.
1673 // Node operators are free to set their mempool policies however they please, nodes may receive
1674 // transactions in different orders, and malicious counterparties may try to take advantage of
1675 // policy differences to pin or delay propagation of transactions. As such, it's possible for
1676 // some package transaction(s) to already be in the mempool, and we don't want to reject the
1677 // entire package in that case (as that could be a censorship vector). De-duplicate the
1678 // transactions that are already in the mempool, and only call AcceptMultipleTransactions() with
1679 // the new transactions. This ensures we don't double-count transaction counts and sizes when
1680 // checking ancestor/descendant limits, or double-count transaction fees for fee-related policy.
1681 const auto& entry{*Assert(m_pool.GetEntry(txid))};
1682 results_final.emplace(wtxid, MempoolAcceptResult::MempoolTx(entry.GetTxSize(), entry.GetFee()));
1683 } else if (m_pool.exists(txid)) {
1684 // Transaction with the same non-witness data but different witness (same txid,
1685 // different wtxid) already exists in the mempool.
1686 //
1687 // We don't allow replacement transactions right now, so just swap the package
1688 // transaction for the mempool one. Note that we are ignoring the validity of the
1689 // package transaction passed in.
1690 // TODO: allow witness replacement in packages.
1691 const auto& entry{*Assert(m_pool.GetEntry(txid))};
1692 // Provide the wtxid of the mempool tx so that the caller can look it up in the mempool.
1693 results_final.emplace(wtxid, MempoolAcceptResult::MempoolTxDifferentWitness(entry.GetTx().GetWitnessHash()));
1694 } else {
1695 // Transaction does not already exist in the mempool.
1696 // Try submitting the transaction on its own.
1697 const auto single_package_res = AcceptSubPackage({tx}, args);
1698 const auto& single_res = single_package_res.m_tx_results.at(wtxid);
1699 if (single_res.m_result_type == MempoolAcceptResult::ResultType::VALID) {
1700 // The transaction succeeded on its own and is now in the mempool. Don't include it
1701 // in package validation, because its fees should only be "used" once.
1702 assert(m_pool.exists(wtxid));
1703 results_final.emplace(wtxid, single_res);
1704 } else if (package.size() == 1 || // If there is only one transaction, no need to retry it "as a package"
1705 (single_res.m_state.GetResult() != TxValidationResult::TX_RECONSIDERABLE &&
1706 single_res.m_state.GetResult() != TxValidationResult::TX_MISSING_INPUTS)) {
1707 // Package validation policy only differs from individual policy in its evaluation
1708 // of feerate. For example, if a transaction fails here due to violation of a
1709 // consensus rule, the result will not change when it is submitted as part of a
1710 // package. To minimize the amount of repeated work, unless the transaction fails
1711 // due to feerate or missing inputs (its parent is a previous transaction in the
1712 // package that failed due to feerate), don't run package validation. Note that this
1713 // decision might not make sense if different types of packages are allowed in the
1714 // future. Continue individually validating the rest of the transactions, because
1715 // some of them may still be valid.
1716 quit_early = true;
1717 package_state_quit_early.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1718 individual_results_nonfinal.emplace(wtxid, single_res);
1719 } else {
1720 individual_results_nonfinal.emplace(wtxid, single_res);
1721 txns_package_eval.push_back(tx);
1722 }
1723 }
1724 }
1725
1726 auto multi_submission_result = quit_early || txns_package_eval.empty() ? PackageMempoolAcceptResult(package_state_quit_early, {}) :
1727 AcceptSubPackage(txns_package_eval, args);
1728 PackageValidationState& package_state_final = multi_submission_result.m_state;
1729
1730 // This is invoked by AcceptSubPackage() already, so this is just here for
1731 // clarity (since it's not permitted to invoke LimitMempoolSize() while a
1732 // changeset is outstanding).
1733 ClearSubPackageState();
1734
1735 // Make sure we haven't exceeded max mempool size.
1736 // Package transactions that were submitted to mempool or already in mempool may be evicted.
1737 // If mempool contents change, then the m_view cache is dirty. It has already been cleared above.
1738 LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
1739
1740 for (const auto& tx : package) {
1741 const auto& wtxid = tx->GetWitnessHash();
1742 if (multi_submission_result.m_tx_results.contains(wtxid)) {
1743 // We shouldn't have re-submitted if the tx result was already in results_final.
1744 Assume(!results_final.contains(wtxid));
1745 // If it was submitted, check to see if the tx is still in the mempool. It could have
1746 // been evicted due to LimitMempoolSize() above.
1747 const auto& txresult = multi_submission_result.m_tx_results.at(wtxid);
1748 if (txresult.m_result_type == MempoolAcceptResult::ResultType::VALID && !m_pool.exists(wtxid)) {
1749 package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1750 TxValidationState mempool_full_state;
1751 mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1752 results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1753 } else {
1754 results_final.emplace(wtxid, txresult);
1755 }
1756 } else if (const auto it{results_final.find(wtxid)}; it != results_final.end()) {
1757 // Already-in-mempool transaction. Check to see if it's still there, as it could have
1758 // been evicted when LimitMempoolSize() was called.
1759 Assume(it->second.m_result_type != MempoolAcceptResult::ResultType::INVALID);
1760 Assume(!individual_results_nonfinal.contains(wtxid));
1761 // Query by txid to include the same-txid-different-witness ones.
1762 if (!m_pool.exists(tx->GetHash())) {
1763 package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
1764 TxValidationState mempool_full_state;
1765 mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
1766 // Replace the previous result.
1767 results_final.erase(wtxid);
1768 results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
1769 }
1770 } else if (const auto it{individual_results_nonfinal.find(wtxid)}; it != individual_results_nonfinal.end()) {
1771 Assume(it->second.m_result_type == MempoolAcceptResult::ResultType::INVALID);
1772 // Interesting result from previous processing.
1773 results_final.emplace(wtxid, it->second);
1774 }
1775 }
1776 Assume(results_final.size() == package.size());
1777 return PackageMempoolAcceptResult(package_state_final, std::move(results_final));
1778}
1779
1780} // anon namespace
1781
1783 int64_t accept_time, bool bypass_limits, bool test_accept)
1784{
1786 const CChainParams& chainparams{active_chainstate.m_chainman.GetParams()};
1787 assert(active_chainstate.GetMempool() != nullptr);
1788 CTxMemPool& pool{*active_chainstate.GetMempool()};
1789
1790 std::vector<COutPoint> coins_to_uncache;
1791
1792 auto args = MemPoolAccept::ATMPArgs::SingleAccept(chainparams, accept_time, bypass_limits, coins_to_uncache, test_accept);
1793 MempoolAcceptResult result = MemPoolAccept(pool, active_chainstate).AcceptSingleTransactionAndCleanup(tx, args);
1794
1796 // Remove coins that were not present in the coins cache before calling
1797 // AcceptSingleTransaction(); this is to prevent memory DoS in case we receive a large
1798 // number of invalid transactions that attempt to overrun the in-memory coins cache
1799 // (`CCoinsViewCache::cacheCoins`).
1800
1801 for (const COutPoint& hashTx : coins_to_uncache)
1802 active_chainstate.CoinsTip().Uncache(hashTx);
1803 TRACEPOINT(mempool, rejected,
1804 tx->GetHash().data(),
1805 result.m_state.GetRejectReason().c_str()
1806 );
1807 }
1808 // After we've (potentially) uncached entries, ensure our coins cache is still within its size limits
1809 BlockValidationState state_dummy;
1810 active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1811 return result;
1812}
1813
1815 const Package& package, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
1816{
1818 assert(!package.empty());
1819 assert(std::all_of(package.cbegin(), package.cend(), [](const auto& tx){return tx != nullptr;}));
1820
1821 std::vector<COutPoint> coins_to_uncache;
1822 const CChainParams& chainparams = active_chainstate.m_chainman.GetParams();
1823 auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
1825 if (test_accept) {
1826 auto args = MemPoolAccept::ATMPArgs::PackageTestAccept(chainparams, GetTime(), coins_to_uncache);
1827 return MemPoolAccept(pool, active_chainstate).AcceptMultipleTransactionsAndCleanup(package, args);
1828 } else {
1829 auto args = MemPoolAccept::ATMPArgs::PackageChildWithParents(chainparams, GetTime(), coins_to_uncache, client_maxfeerate);
1830 return MemPoolAccept(pool, active_chainstate).AcceptPackage(package, args);
1831 }
1832 }();
1833
1834 // Uncache coins pertaining to transactions that were not submitted to the mempool.
1835 if (test_accept || result.m_state.IsInvalid()) {
1836 for (const COutPoint& hashTx : coins_to_uncache) {
1837 active_chainstate.CoinsTip().Uncache(hashTx);
1838 }
1839 }
1840 // Ensure the coins cache is still within limits.
1841 BlockValidationState state_dummy;
1842 active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
1843 return result;
1844}
1845
1847{
1848 int halvings = nHeight / consensusParams.nSubsidyHalvingInterval;
1849 // Force block reward to zero when right shift is undefined.
1850 if (halvings >= 64)
1851 return 0;
1852
1853 CAmount nSubsidy = 50 * COIN;
1854 // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years.
1855 nSubsidy >>= halvings;
1856 return nSubsidy;
1857}
1858
1860 : m_dbview{std::move(db_params), std::move(options)},
1861 m_catcherview(&m_dbview) {}
1862
1863void CoinsViews::InitCache(int32_t prevoutfetch_threads)
1864{
1866 m_cacheview = std::make_unique<CCoinsViewCache>(&m_catcherview);
1867 auto thread_pool{std::make_shared<ThreadPool>("prevout")};
1868 if (prevoutfetch_threads > 0) {
1869 thread_pool->Start(prevoutfetch_threads);
1870 LogInfo("Block input prevout fetching uses %d additional threads", prevoutfetch_threads);
1871 }
1872 m_connect_block_view = std::make_unique<CoinsViewOverlay>(&*m_cacheview, std::move(thread_pool));
1873}
1874
1876 CTxMemPool* mempool,
1877 BlockManager& blockman,
1878 ChainstateManager& chainman,
1879 std::optional<uint256> from_snapshot_blockhash)
1880 : m_mempool(mempool),
1881 m_blockman(blockman),
1882 m_chainman(chainman),
1883 m_assumeutxo(from_snapshot_blockhash ? Assumeutxo::UNVALIDATED : Assumeutxo::VALIDATED),
1884 m_from_snapshot_blockhash(from_snapshot_blockhash) {}
1885
1887{
1888 fs::path path{m_chainman.m_options.datadir / "chainstate"};
1891 }
1892 return path;
1893}
1894
1895const CBlockIndex* Chainstate::SnapshotBase() const
1896{
1897 if (!m_from_snapshot_blockhash) return nullptr;
1898 if (!m_cached_snapshot_base) m_cached_snapshot_base = Assert(m_chainman.m_blockman.LookupBlockIndex(*m_from_snapshot_blockhash));
1899 return m_cached_snapshot_base;
1900}
1901
1902const CBlockIndex* Chainstate::TargetBlock() const
1903{
1904 if (!m_target_blockhash) return nullptr;
1905 if (!m_cached_target_block) m_cached_target_block = Assert(m_chainman.m_blockman.LookupBlockIndex(*m_target_blockhash));
1906 return m_cached_target_block;
1907}
1908
1909void Chainstate::SetTargetBlock(CBlockIndex* block)
1910{
1911 if (block) {
1912 m_target_blockhash = block->GetBlockHash();
1913 } else {
1914 m_target_blockhash.reset();
1915 }
1916 m_cached_target_block = block;
1917}
1918
1919void Chainstate::SetTargetBlockHash(uint256 block_hash)
1920{
1921 m_target_blockhash = block_hash;
1922 m_cached_target_block = nullptr;
1923}
1924
1926 size_t cache_size_bytes,
1927 bool in_memory,
1928 bool should_wipe)
1929{
1930 m_coins_views = std::make_unique<CoinsViews>(
1931 DBParams{
1932 .path = StoragePath(),
1933 .cache_bytes = cache_size_bytes,
1934 .memory_only = in_memory,
1935 .wipe_data = should_wipe,
1936 .obfuscate = true,
1937 .options = m_chainman.m_options.coins_db},
1939
1940 m_coinsdb_cache_size_bytes = cache_size_bytes;
1941}
1942
1943void Chainstate::InitCoinsCache(size_t cache_size_bytes)
1944{
1946 assert(m_coins_views != nullptr);
1947 m_coinstip_cache_size_bytes = cache_size_bytes;
1949}
1950
1951// Lock-free: depends on `m_cached_is_ibd`, which is latched by `UpdateIBDStatus()`.
1953{
1954 return m_cached_is_ibd.load(std::memory_order_relaxed);
1955}
1956
1958{
1960
1961 if (this->GetRole().historical) {
1962 return;
1963 }
1964
1965 if (m_chainman.m_best_invalid && m_chainman.m_best_invalid->nChainWork > m_chain.Tip()->nChainWork + (GetBlockProof(*m_chain.Tip()) * 6)) {
1966 LogWarning("Found invalid chain more than 6 blocks longer than our best chain. This could be due to database corruption or consensus incompatibility with peers.");
1969 _("Warning: Found invalid chain more than 6 blocks longer than our best chain. This could be due to database corruption or consensus incompatibility with peers."));
1970 } else {
1972 }
1973}
1974
1975// Called both upon regular invalid block discovery *and* InvalidateBlock
1977{
1979 if (!m_chainman.m_best_invalid || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork) {
1980 m_chainman.m_best_invalid = pindexNew;
1981 }
1982 SetBlockFailureFlags(pindexNew);
1983 if (m_chainman.m_best_header != nullptr && m_chainman.m_best_header->GetAncestor(pindexNew->nHeight) == pindexNew) {
1984 m_chainman.RecalculateBestHeader();
1985 }
1986
1987 LogInfo("%s: invalid block=%s height=%d log2_work=%f date=%s", __func__,
1988 pindexNew->GetBlockHash().ToString(), pindexNew->nHeight,
1989 log(pindexNew->nChainWork.getdouble())/log(2.0), FormatISO8601DateTime(pindexNew->GetBlockTime()));
1990 CBlockIndex *tip = m_chain.Tip();
1991 assert (tip);
1992 LogInfo("%s: current best=%s height=%d log2_work=%f date=%s", __func__,
1993 tip->GetBlockHash().ToString(), m_chain.Height(), log(tip->nChainWork.getdouble())/log(2.0),
1996}
1997
1998// Same as InvalidChainFound, above, except not called directly from InvalidateBlock,
1999// which does its own setBlockIndexCandidates management.
2001{
2004 pindex->nStatus |= BLOCK_FAILED_VALID;
2005 m_blockman.m_dirty_blockindex.insert(pindex);
2006 setBlockIndexCandidates.erase(pindex);
2007 InvalidChainFound(pindex);
2008 }
2009}
2010
2011void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo &txundo, int nHeight)
2012{
2013 // mark inputs spent
2014 if (!tx.IsCoinBase()) {
2015 txundo.vprevout.reserve(tx.vin.size());
2016 for (const CTxIn &txin : tx.vin) {
2017 txundo.vprevout.emplace_back();
2018 bool is_spent = inputs.SpendCoin(txin.prevout, &txundo.vprevout.back());
2019 assert(is_spent);
2020 }
2021 }
2022 // add outputs
2023 AddCoins(inputs, tx, nHeight);
2024}
2025
2026std::optional<std::pair<ScriptError, std::string>> CScriptCheck::operator()() {
2027 const CScript &scriptSig = ptxTo->vin[nIn].scriptSig;
2028 const CScriptWitness *witness = &ptxTo->vin[nIn].scriptWitness;
2031 return std::nullopt;
2032 } else {
2033 auto debug_str = strprintf("input %i of %s (wtxid %s), spending %s:%i", nIn, ptxTo->GetHash().ToString(), ptxTo->GetWitnessHash().ToString(), ptxTo->vin[nIn].prevout.hash.ToString(), ptxTo->vin[nIn].prevout.n);
2034 return std::make_pair(error, std::move(debug_str));
2035 }
2036}
2037
2038ValidationCache::ValidationCache(const size_t script_execution_cache_bytes, const size_t signature_cache_bytes)
2039 : m_signature_cache{signature_cache_bytes}
2040{
2041 // Setup the salted hasher
2043 // We want the nonce to be 64 bytes long to force the hasher to process
2044 // this chunk, which makes later hash computations more efficient. We
2045 // just write our 32-byte entropy twice to fill the 64 bytes.
2048
2049 const auto [num_elems, approx_size_bytes] = m_script_execution_cache.setup_bytes(script_execution_cache_bytes);
2050 LogInfo("Using %zu MiB out of %zu MiB requested for script execution cache, able to store %zu elements",
2051 approx_size_bytes >> 20, script_execution_cache_bytes >> 20, num_elems);
2052}
2053
2074 const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
2075 bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
2076 ValidationCache& validation_cache,
2077 std::vector<CScriptCheck>* pvChecks)
2078{
2079 if (tx.IsCoinBase()) return true;
2080
2081 if (pvChecks) {
2082 pvChecks->reserve(tx.vin.size());
2083 }
2084
2085 // First check if script executions have been cached with the same
2086 // flags. Note that this assumes that the inputs provided are
2087 // correct (ie that the transaction hash which is in tx's prevouts
2088 // properly commits to the scriptPubKey in the inputs view of that
2089 // transaction).
2090 uint256 hashCacheEntry;
2091 CSHA256 hasher = validation_cache.ScriptExecutionCacheHasher();
2092 hasher.Write(UCharCast(tx.GetWitnessHash().begin()), 32).Write((unsigned char*)&flags, sizeof(flags)).Finalize(hashCacheEntry.begin());
2093 AssertLockHeld(cs_main); //TODO: Remove this requirement by making CuckooCache not require external locks
2094 if (validation_cache.m_script_execution_cache.contains(hashCacheEntry, !cacheFullScriptStore)) {
2095 return true;
2096 }
2097
2098 if (!txdata.m_spent_outputs_ready) {
2099 std::vector<CTxOut> spent_outputs;
2100 spent_outputs.reserve(tx.vin.size());
2101
2102 for (const auto& txin : tx.vin) {
2103 const COutPoint& prevout = txin.prevout;
2104 const Coin& coin = inputs.AccessCoin(prevout);
2105 assert(!coin.IsSpent());
2106 spent_outputs.emplace_back(coin.out);
2107 }
2108 txdata.Init(tx, std::move(spent_outputs));
2109 }
2110 assert(txdata.m_spent_outputs.size() == tx.vin.size());
2111
2112 for (unsigned int i = 0; i < tx.vin.size(); i++) {
2113
2114 // We very carefully only pass in things to CScriptCheck which
2115 // are clearly committed to by tx' witness hash. This provides
2116 // a sanity check that our caching is not introducing consensus
2117 // failures through additional data in, eg, the coins being
2118 // spent being checked as a part of CScriptCheck.
2119
2120 // Verify signature
2121 CScriptCheck check(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i, flags, cacheSigStore, &txdata);
2122 if (pvChecks) {
2123 pvChecks->emplace_back(std::move(check));
2124 } else if (auto result = check(); result.has_value()) {
2125 // Tx failures never trigger disconnections/bans.
2126 // This is so that network splits aren't triggered
2127 // either due to non-consensus relay policies (such as
2128 // non-standard DER encodings or non-null dummy
2129 // arguments) or due to new consensus rules introduced in
2130 // soft forks.
2132 return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("mempool-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
2133 } else {
2134 return state.Invalid(TxValidationResult::TX_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
2135 }
2136 }
2137 }
2138
2139 if (cacheFullScriptStore && !pvChecks) {
2140 // We executed all of the provided scripts, and were told to
2141 // cache the result. Do so now.
2142 validation_cache.m_script_execution_cache.insert(hashCacheEntry);
2143 }
2144
2145 return true;
2146}
2147
2148bool FatalError(Notifications& notifications, BlockValidationState& state, const bilingual_str& message)
2149{
2150 notifications.fatalError(message);
2151 return state.Error(message.original);
2152}
2153
2162{
2163 bool fClean = true;
2164
2165 if (view.HaveCoin(out)) fClean = false; // overwriting transaction output
2166
2167 if (undo.nHeight == 0) {
2168 // Missing undo metadata (height and coinbase). Older versions included this
2169 // information only in undo records for the last spend of a transactions'
2170 // outputs. This implies that it must be present for some other output of the same tx.
2171 const Coin& alternate = AccessByTxid(view, out.hash);
2172 if (!alternate.IsSpent()) {
2173 undo.nHeight = alternate.nHeight;
2174 undo.fCoinBase = alternate.fCoinBase;
2175 } else {
2176 return DISCONNECT_FAILED; // adding output for transaction without known metadata
2177 }
2178 }
2179 // If the coin already exists as an unspent coin in the cache, then the
2180 // possible_overwrite parameter to AddCoin must be set to true. We have
2181 // already checked whether an unspent coin exists above using HaveCoin, so
2182 // we don't need to guess. When fClean is false, an unspent coin already
2183 // existed and it is an overwrite.
2184 view.AddCoin(out, std::move(undo), !fClean);
2185
2186 return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2187}
2188
2191DisconnectResult Chainstate::DisconnectBlock(const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
2192{
2194 bool fClean = true;
2195
2196 CBlockUndo blockUndo;
2197 if (!m_blockman.ReadBlockUndo(blockUndo, *pindex)) {
2198 LogError("DisconnectBlock(): failure reading undo data\n");
2199 return DISCONNECT_FAILED;
2200 }
2201
2202 if (blockUndo.vtxundo.size() + 1 != block.vtx.size()) {
2203 LogError("DisconnectBlock(): block and undo data inconsistent\n");
2204 return DISCONNECT_FAILED;
2205 }
2206
2207 // Ignore blocks that contain transactions which are 'overwritten' by later transactions,
2208 // unless those are already completely spent.
2209 // See https://github.com/bitcoin/bitcoin/issues/22596 for additional information.
2210 // Note: the blocks specified here are different than the ones used in ConnectBlock because DisconnectBlock
2211 // unwinds the blocks in reverse. As a result, the inconsistency is not discovered until the earlier
2212 // blocks with the duplicate coinbase transactions are disconnected.
2213 bool fEnforceBIP30 = !((pindex->nHeight==91722 && pindex->GetBlockHash() == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
2214 (pindex->nHeight==91812 && pindex->GetBlockHash() == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"}));
2215
2216 // undo transactions in reverse order
2217 for (int i = block.vtx.size() - 1; i >= 0; i--) {
2218 const CTransaction &tx = *(block.vtx[i]);
2219 Txid hash = tx.GetHash();
2220 bool is_coinbase = tx.IsCoinBase();
2221 bool is_bip30_exception = (is_coinbase && !fEnforceBIP30);
2222
2223 // Check that all outputs are available and match the outputs in the block itself
2224 // exactly.
2225 for (size_t o = 0; o < tx.vout.size(); o++) {
2226 if (!tx.vout[o].scriptPubKey.IsUnspendable()) {
2227 COutPoint out(hash, o);
2228 Coin coin;
2229 bool is_spent = view.SpendCoin(out, &coin);
2230 if (!is_spent || tx.vout[o] != coin.out || pindex->nHeight != coin.nHeight || is_coinbase != coin.IsCoinBase()) {
2231 if (!is_bip30_exception) {
2232 fClean = false; // transaction output mismatch
2233 }
2234 }
2235 }
2236 }
2237
2238 // restore inputs
2239 if (i > 0) { // not coinbases
2240 CTxUndo &txundo = blockUndo.vtxundo[i-1];
2241 if (txundo.vprevout.size() != tx.vin.size()) {
2242 LogError("DisconnectBlock(): transaction and undo data inconsistent\n");
2243 return DISCONNECT_FAILED;
2244 }
2245 for (unsigned int j = tx.vin.size(); j > 0;) {
2246 --j;
2247 const COutPoint& out = tx.vin[j].prevout;
2248 int res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
2249 if (res == DISCONNECT_FAILED) return DISCONNECT_FAILED;
2250 fClean = fClean && res != DISCONNECT_UNCLEAN;
2251 }
2252 // At this point, all of txundo.vprevout should have been moved out.
2253 }
2254 }
2255
2256 // move best block pointer to prevout block
2257 view.SetBestBlock(pindex->pprev->GetBlockHash());
2258
2259 return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
2260}
2261
2263{
2264 const Consensus::Params& consensusparams = chainman.GetConsensus();
2265
2266 // BIP16 didn't become active until Apr 1 2012 (on mainnet, and
2267 // retroactively applied to testnet)
2268 // However, only one historical block violated the P2SH rules (on both
2269 // mainnet and testnet).
2270 // Similarly, only one historical block violated the TAPROOT rules on
2271 // mainnet.
2272 // For simplicity, always leave P2SH+WITNESS+TAPROOT on except for the two
2273 // violating blocks.
2275 const auto it{consensusparams.script_flag_exceptions.find(*Assert(block_index.phashBlock))};
2276 if (it != consensusparams.script_flag_exceptions.end()) {
2277 flags = it->second;
2278 }
2279
2280 // Enforce the DERSIG (BIP66) rule
2281 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_DERSIG)) {
2283 }
2284
2285 // Enforce CHECKLOCKTIMEVERIFY (BIP65)
2286 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CLTV)) {
2288 }
2289
2290 // Enforce CHECKSEQUENCEVERIFY (BIP112)
2291 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CSV)) {
2293 }
2294
2295 // Enforce BIP147 NULLDUMMY (activated simultaneously with segwit)
2296 if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_SEGWIT)) {
2298 }
2299
2300 return flags;
2301}
2302
2303
2307bool Chainstate::ConnectBlock(const CBlock& block, BlockValidationState& state, CBlockIndex* pindex,
2308 CCoinsViewCache& view, bool fJustCheck)
2309{
2311 assert(pindex);
2312
2313 uint256 block_hash{block.GetHash()};
2314 assert(*pindex->phashBlock == block_hash);
2315
2316 const auto time_start{SteadyClock::now()};
2317 const CChainParams& params{m_chainman.GetParams()};
2318
2319 // Check it again in case a previous version let a bad block in
2320 // NOTE: We don't currently (re-)invoke ContextualCheckBlock() or
2321 // ContextualCheckBlockHeader() here. This means that if we add a new
2322 // consensus rule that is enforced in one of those two functions, then we
2323 // may have let in a block that violates the rule prior to updating the
2324 // software, and we would NOT be enforcing the rule here. Fully solving
2325 // upgrade from one software version to the next after a consensus rule
2326 // change is potentially tricky and issue-specific (see NeedsRedownload()
2327 // for one approach that was used for BIP 141 deployment).
2328 // Also, currently the rule against blocks more than 2 hours in the future
2329 // is enforced in ContextualCheckBlockHeader(); we wouldn't want to
2330 // re-enforce that rule here (at least until we make it impossible for
2331 // the clock to go backward).
2332 if (!CheckBlock(block, state, params.GetConsensus(), !fJustCheck, !fJustCheck)) {
2334 // We don't write down blocks to disk if they may have been
2335 // corrupted, so this should be impossible unless we're having hardware
2336 // problems.
2337 return FatalError(m_chainman.GetNotifications(), state, _("Corrupt block found indicating potential hardware failure."));
2338 }
2339 LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
2340 return false;
2341 }
2342
2343 // verify that the view's current state corresponds to the previous block
2344 uint256 hashPrevBlock = pindex->pprev == nullptr ? uint256() : pindex->pprev->GetBlockHash();
2345 assert(hashPrevBlock == view.GetBestBlock());
2346
2347 m_chainman.num_blocks_total++;
2348
2349 // Special case for the genesis block, skipping connection of its transactions
2350 // (its coinbase is unspendable)
2351 if (block_hash == params.GetConsensus().hashGenesisBlock) {
2352 if (!fJustCheck)
2353 view.SetBestBlock(pindex->GetBlockHash());
2354 return true;
2355 }
2356
2357 const char* script_check_reason;
2359 script_check_reason = "assumevalid=0 (always verify)";
2360 } else {
2361 constexpr int64_t TWO_WEEKS_IN_SECONDS{60 * 60 * 24 * 7 * 2};
2362 // We've been configured with the hash of a block which has been externally verified to have a valid history.
2363 // A suitable default value is included with the software and updated from time to time. Because validity
2364 // relative to a piece of software is an objective fact these defaults can be easily reviewed.
2365 // This setting doesn't force the selection of any particular chain but makes validating some faster by
2366 // effectively caching the result of part of the verification.
2367 BlockMap::const_iterator it{m_blockman.m_block_index.find(m_chainman.AssumedValidBlock())};
2368 if (it == m_blockman.m_block_index.end()) {
2369 script_check_reason = "assumevalid hash not in headers";
2370 } else if (it->second.GetAncestor(pindex->nHeight) != pindex) {
2371 script_check_reason = (pindex->nHeight > it->second.nHeight) ? "block height above assumevalid height" : "block not in assumevalid chain";
2372 } else if (m_chainman.m_best_header->GetAncestor(pindex->nHeight) != pindex) {
2373 script_check_reason = "block not in best header chain";
2374 } else if (m_chainman.m_best_header->nChainWork < m_chainman.MinimumChainWork()) {
2375 script_check_reason = "best header chainwork below minimumchainwork";
2376 } else if (GetBlockProofEquivalentTime(*m_chainman.m_best_header, *pindex, *m_chainman.m_best_header, params.GetConsensus()) <= TWO_WEEKS_IN_SECONDS) {
2377 script_check_reason = "block too recent relative to best header";
2378 } else {
2379 // This block is a member of the assumed verified chain and an ancestor of the best header.
2380 // Script verification is skipped when connecting blocks under the
2381 // assumevalid block. Assuming the assumevalid block is valid this
2382 // is safe because block merkle hashes are still computed and checked,
2383 // Of course, if an assumed valid block is invalid due to false scriptSigs
2384 // this optimization would allow an invalid chain to be accepted.
2385 // The equivalent time check discourages hash power from extorting the network via DOS attack
2386 // into accepting an invalid block through telling users they must manually set assumevalid.
2387 // Requiring a software change or burying the invalid block, regardless of the setting, makes
2388 // it hard to hide the implication of the demand. This also avoids having release candidates
2389 // that are hardly doing any signature verification at all in testing without having to
2390 // artificially set the default assumed verified block further back.
2391 // The test against the minimum chain work prevents the skipping when denied access to any chain at
2392 // least as good as the expected chain.
2393 script_check_reason = nullptr;
2394 }
2395 }
2396
2397 const auto time_1{SteadyClock::now()};
2398 m_chainman.time_check += time_1 - time_start;
2399 LogDebug(BCLog::BENCH, " - Sanity checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2400 Ticks<MillisecondsDouble>(time_1 - time_start),
2401 Ticks<SecondsDouble>(m_chainman.time_check),
2402 Ticks<MillisecondsDouble>(m_chainman.time_check) / m_chainman.num_blocks_total);
2403
2404 // Do not allow blocks that contain transactions which 'overwrite' older transactions,
2405 // unless those are already completely spent.
2406 // If such overwrites are allowed, coinbases and transactions depending upon those
2407 // can be duplicated to remove the ability to spend the first instance -- even after
2408 // being sent to another address.
2409 // See BIP30, CVE-2012-1909, and https://r6.ca/blog/20120206T005236Z.html for more information.
2410 // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC.
2411 // Now that the whole chain is irreversibly beyond that time it is applied to all blocks except the
2412 // two in the chain that violate it. This prevents exploiting the issue against nodes during their
2413 // initial block download.
2414 bool fEnforceBIP30 = !IsBIP30Repeat(*pindex);
2415
2416 // Once BIP34 activated it was not possible to create new duplicate coinbases and thus other than starting
2417 // with the 2 existing duplicate coinbase pairs, not possible to create overwriting txs. But by the
2418 // time BIP34 activated, in each of the existing pairs the duplicate coinbase had overwritten the first
2419 // before the first had been spent. Since those coinbases are sufficiently buried it's no longer possible to create further
2420 // duplicate transactions descending from the known pairs either.
2421 // If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
2422
2423 // BIP34 requires that a block at height X (block X) has its coinbase
2424 // scriptSig start with a CScriptNum of X (indicated height X). The above
2425 // logic of no longer requiring BIP30 once BIP34 activates is flawed in the
2426 // case that there is a block X before the BIP34 height of 227,931 which has
2427 // an indicated height Y where Y is greater than X. The coinbase for block
2428 // X would also be a valid coinbase for block Y, which could be a BIP30
2429 // violation. An exhaustive search of all mainnet coinbases before the
2430 // BIP34 height which have an indicated height greater than the block height
2431 // reveals many occurrences. The 3 lowest indicated heights found are
2432 // 209,921, 490,897, and 1,983,702 and thus coinbases for blocks at these 3
2433 // heights would be the first opportunity for BIP30 to be violated.
2434
2435 // The search reveals a great many blocks which have an indicated height
2436 // greater than 1,983,702, so we simply remove the optimization to skip
2437 // BIP30 checking for blocks at height 1,983,702 or higher. Before we reach
2438 // that block in another 25 years or so, we should take advantage of a
2439 // future consensus change to do a new and improved version of BIP34 that
2440 // will actually prevent ever creating any duplicate coinbases in the
2441 // future.
2442 static constexpr int BIP34_IMPLIES_BIP30_LIMIT = 1983702;
2443
2444 // There is no potential to create a duplicate coinbase at block 209,921
2445 // because this is still before the BIP34 height and so explicit BIP30
2446 // checking is still active.
2447
2448 // The final case is block 176,684 which has an indicated height of
2449 // 490,897. Unfortunately, this issue was not discovered until about 2 weeks
2450 // before block 490,897 so there was not much opportunity to address this
2451 // case other than to carefully analyze it and determine it would not be a
2452 // problem. Block 490,897 was, in fact, mined with a different coinbase than
2453 // block 176,684, but it is important to note that even if it hadn't been or
2454 // is remined on an alternate fork with a duplicate coinbase, we would still
2455 // not run into a BIP30 violation. This is because the coinbase for 176,684
2456 // is spent in block 185,956 in transaction
2457 // d4f7fbbf92f4a3014a230b2dc70b8058d02eb36ac06b4a0736d9d60eaa9e8781. This
2458 // spending transaction can't be duplicated because it also spends coinbase
2459 // 0328dd85c331237f18e781d692c92de57649529bd5edf1d01036daea32ffde29. This
2460 // coinbase has an indicated height of over 4.2 billion, and wouldn't be
2461 // duplicatable until that height, and it's currently impossible to create a
2462 // chain that long. Nevertheless we may wish to consider a future soft fork
2463 // which retroactively prevents block 490,897 from creating a duplicate
2464 // coinbase. The two historical BIP30 violations often provide a confusing
2465 // edge case when manipulating the UTXO and it would be simpler not to have
2466 // another edge case to deal with.
2467
2468 // testnet3 has no blocks before the BIP34 height with indicated heights
2469 // post BIP34 before approximately height 486,000,000. After block
2470 // 1,983,702 testnet3 starts doing unnecessary BIP30 checking again.
2471 assert(pindex->pprev);
2472 CBlockIndex* pindexBIP34height = pindex->pprev->GetAncestor(params.GetConsensus().BIP34Height);
2473 //Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
2474 fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == params.GetConsensus().BIP34Hash));
2475
2476 // TODO: Remove BIP30 checking from block height 1,983,702 on, once we have a
2477 // consensus change that ensures coinbases at those heights cannot
2478 // duplicate earlier coinbases.
2479 if (fEnforceBIP30 || pindex->nHeight >= BIP34_IMPLIES_BIP30_LIMIT) {
2480 for (const auto& tx : block.vtx) {
2481 for (size_t o = 0; o < tx->vout.size(); o++) {
2482 if (view.HaveCoin(COutPoint(tx->GetHash(), o))) {
2483 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-BIP30",
2484 "tried to overwrite transaction");
2485 }
2486 }
2487 }
2488 }
2489
2490 // Enforce BIP68 (sequence locks)
2491 int nLockTimeFlags = 0;
2493 nLockTimeFlags |= LOCKTIME_VERIFY_SEQUENCE;
2494 }
2495
2496 // Get the script flags for this block
2498
2499 const auto time_2{SteadyClock::now()};
2500 m_chainman.time_forks += time_2 - time_1;
2501 LogDebug(BCLog::BENCH, " - Fork checks: %.2fms [%.2fs (%.2fms/blk)]\n",
2502 Ticks<MillisecondsDouble>(time_2 - time_1),
2503 Ticks<SecondsDouble>(m_chainman.time_forks),
2504 Ticks<MillisecondsDouble>(m_chainman.time_forks) / m_chainman.num_blocks_total);
2505
2506 const bool fScriptChecks{!!script_check_reason};
2507 const kernel::ChainstateRole role{GetRole()};
2508 if (script_check_reason != m_last_script_check_reason_logged && role.validated && !role.historical) {
2509 if (fScriptChecks) {
2510 LogInfo("Enabling script verification at block #%d (%s): %s.",
2511 pindex->nHeight, block_hash.ToString(), script_check_reason);
2512 } else {
2513 LogInfo("Disabling script verification at block #%d (%s).",
2514 pindex->nHeight, block_hash.ToString());
2515 }
2516 m_last_script_check_reason_logged = script_check_reason;
2517 }
2518
2519 CBlockUndo blockundo;
2520
2521 // Precomputed transaction data pointers must not be invalidated
2522 // until after `control` has run the script checks (potentially
2523 // in multiple threads). Preallocate the vector size so a new allocation
2524 // doesn't invalidate pointers into the vector, and keep txsdata in scope
2525 // for as long as `control`.
2526 std::vector<PrecomputedTransactionData> txsdata(block.vtx.size());
2527 std::optional<CCheckQueueControl<CScriptCheck>> control;
2528 if (auto& queue = m_chainman.GetCheckQueue(); queue.HasThreads() && fScriptChecks) control.emplace(queue);
2529
2530 std::vector<int> prevheights;
2531 CAmount nFees = 0;
2532 int nInputs = 0;
2533 int64_t nSigOpsCost = 0;
2534 blockundo.vtxundo.reserve(block.vtx.size() - 1);
2535 for (unsigned int i = 0; i < block.vtx.size(); i++)
2536 {
2537 if (!state.IsValid()) break;
2538 const CTransaction &tx = *(block.vtx[i]);
2539
2540 nInputs += tx.vin.size();
2541
2542 if (!tx.IsCoinBase())
2543 {
2544 CAmount txfee = 0;
2545 TxValidationState tx_state;
2546 if (!Consensus::CheckTxInputs(tx, tx_state, view, pindex->nHeight, txfee)) {
2547 // Any transaction validation failure in ConnectBlock is a block consensus failure
2549 tx_state.GetRejectReason(),
2550 tx_state.GetDebugMessage() + " in transaction " + tx.GetHash().ToString());
2551 break;
2552 }
2553 nFees += txfee;
2554 if (!MoneyRange(nFees)) {
2555 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-accumulated-fee-outofrange",
2556 "accumulated fee in the block out of range");
2557 break;
2558 }
2559
2560 // Check that transaction is BIP68 final
2561 // BIP68 lock checks (as opposed to nLockTime checks) must
2562 // be in ConnectBlock because they require the UTXO set
2563 prevheights.resize(tx.vin.size());
2564 for (size_t j = 0; j < tx.vin.size(); j++) {
2565 prevheights[j] = view.AccessCoin(tx.vin[j].prevout).nHeight;
2566 }
2567
2568 if (!SequenceLocks(tx, nLockTimeFlags, prevheights, *pindex)) {
2569 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal",
2570 "contains a non-BIP68-final transaction " + tx.GetHash().ToString());
2571 break;
2572 }
2573 }
2574
2575 // GetTransactionSigOpCost counts 3 types of sigops:
2576 // * legacy (always)
2577 // * p2sh (when P2SH enabled in flags and excludes coinbase)
2578 // * witness (when witness enabled in flags and excludes coinbase)
2579 nSigOpsCost += GetTransactionSigOpCost(tx, view, flags);
2580 if (nSigOpsCost > MAX_BLOCK_SIGOPS_COST) {
2581 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "too many sigops");
2582 break;
2583 }
2584
2585 if (!tx.IsCoinBase() && fScriptChecks)
2586 {
2587 bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
2588 bool tx_ok;
2589 TxValidationState tx_state;
2590 // If CheckInputScripts is called with a pointer to a checks vector, the resulting checks are appended to it. In that case
2591 // they need to be added to control which runs them asynchronously. Otherwise, CheckInputScripts runs the checks before returning.
2592 if (control) {
2593 std::vector<CScriptCheck> vChecks;
2594 tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache, &vChecks);
2595 if (tx_ok) control->Add(std::move(vChecks));
2596 } else {
2597 tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache);
2598 }
2599 if (!tx_ok) {
2600 // Any transaction validation failure in ConnectBlock is a block consensus failure
2602 tx_state.GetRejectReason(), tx_state.GetDebugMessage());
2603 break;
2604 }
2605 }
2606
2607 CTxUndo undoDummy;
2608 if (i > 0) {
2609 blockundo.vtxundo.emplace_back();
2610 }
2611 UpdateCoins(tx, view, i == 0 ? undoDummy : blockundo.vtxundo.back(), pindex->nHeight);
2612 }
2613 const auto time_3{SteadyClock::now()};
2614 m_chainman.time_connect += time_3 - time_2;
2615 LogDebug(BCLog::BENCH, " - Connect %u transactions: %.2fms (%.3fms/tx, %.3fms/txin) [%.2fs (%.2fms/blk)]\n", (unsigned)block.vtx.size(),
2616 Ticks<MillisecondsDouble>(time_3 - time_2), Ticks<MillisecondsDouble>(time_3 - time_2) / block.vtx.size(),
2617 nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_3 - time_2) / (nInputs - 1),
2618 Ticks<SecondsDouble>(m_chainman.time_connect),
2619 Ticks<MillisecondsDouble>(m_chainman.time_connect) / m_chainman.num_blocks_total);
2620
2621 CAmount blockReward = nFees + GetBlockSubsidy(pindex->nHeight, params.GetConsensus());
2622 if (block.vtx[0]->GetValueOut() > blockReward && state.IsValid()) {
2623 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-amount",
2624 strprintf("coinbase pays too much (actual=%d vs limit=%d)", block.vtx[0]->GetValueOut(), blockReward));
2625 }
2626 if (control) {
2627 auto parallel_result = control->Complete();
2628 if (parallel_result.has_value() && state.IsValid()) {
2629 state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(parallel_result->first)), parallel_result->second);
2630 }
2631 }
2632 if (!state.IsValid()) {
2633 LogInfo("Block validation error: %s", state.ToString());
2634 return false;
2635 }
2636 const auto time_4{SteadyClock::now()};
2637 m_chainman.time_verify += time_4 - time_2;
2638 LogDebug(BCLog::BENCH, " - Verify %u txins: %.2fms (%.3fms/txin) [%.2fs (%.2fms/blk)]\n", nInputs - 1,
2639 Ticks<MillisecondsDouble>(time_4 - time_2),
2640 nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_4 - time_2) / (nInputs - 1),
2641 Ticks<SecondsDouble>(m_chainman.time_verify),
2642 Ticks<MillisecondsDouble>(m_chainman.time_verify) / m_chainman.num_blocks_total);
2643
2644 if (fJustCheck) {
2645 return true;
2646 }
2647
2648 if (!m_blockman.WriteBlockUndo(blockundo, state, *pindex)) {
2649 return false;
2650 }
2651
2652 const auto time_5{SteadyClock::now()};
2653 m_chainman.time_undo += time_5 - time_4;
2654 LogDebug(BCLog::BENCH, " - Write undo data: %.2fms [%.2fs (%.2fms/blk)]\n",
2655 Ticks<MillisecondsDouble>(time_5 - time_4),
2656 Ticks<SecondsDouble>(m_chainman.time_undo),
2657 Ticks<MillisecondsDouble>(m_chainman.time_undo) / m_chainman.num_blocks_total);
2658
2659 if (!pindex->IsValid(BLOCK_VALID_SCRIPTS)) {
2661 m_blockman.m_dirty_blockindex.insert(pindex);
2662 }
2663
2664 // add this block to the view's block chain
2665 view.SetBestBlock(pindex->GetBlockHash());
2666
2667 const auto time_6{SteadyClock::now()};
2668 m_chainman.time_index += time_6 - time_5;
2669 LogDebug(BCLog::BENCH, " - Index writing: %.2fms [%.2fs (%.2fms/blk)]\n",
2670 Ticks<MillisecondsDouble>(time_6 - time_5),
2671 Ticks<SecondsDouble>(m_chainman.time_index),
2672 Ticks<MillisecondsDouble>(m_chainman.time_index) / m_chainman.num_blocks_total);
2673
2674 TRACEPOINT(validation, block_connected,
2675 block_hash.data(),
2676 pindex->nHeight,
2677 block.vtx.size(),
2678 nInputs,
2679 nSigOpsCost,
2680 Ticks<std::chrono::nanoseconds>(time_5 - time_start)
2681 );
2682
2683 return true;
2684}
2685
2686CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState()
2687{
2689 return this->GetCoinsCacheSizeState(
2692}
2693
2694CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState(
2695 size_t max_coins_cache_size_bytes,
2696 size_t max_mempool_size_bytes)
2697{
2699 const int64_t nMempoolUsage = m_mempool ? m_mempool->DynamicMemoryUsage() : 0;
2700 int64_t cacheSize = CoinsTip().DynamicMemoryUsage();
2701 int64_t nTotalSpace =
2702 max_coins_cache_size_bytes + std::max<int64_t>(int64_t(max_mempool_size_bytes) - nMempoolUsage, 0);
2703
2704 if (cacheSize > nTotalSpace) {
2705 LogInfo("Cache size (%s) exceeds total space (%s)\n", cacheSize, nTotalSpace);
2707 } else if (cacheSize > LargeCoinsCacheThreshold(nTotalSpace)) {
2709 }
2711}
2712
2714 BlockValidationState &state,
2715 FlushStateMode mode,
2716 int nManualPruneHeight)
2717{
2718 LOCK(cs_main);
2719 assert(this->CanFlushToDisk());
2720 std::set<int> setFilesToPrune;
2721 bool full_flush_completed = false;
2722
2723 [[maybe_unused]] const size_t coins_count{CoinsTip().GetCacheSize()};
2724 [[maybe_unused]] const size_t coins_mem_usage{CoinsTip().DynamicMemoryUsage()};
2725
2726 try {
2727 {
2728 bool fFlushForPrune = false;
2729
2730 CoinsCacheSizeState cache_state = GetCoinsCacheSizeState();
2732 // make sure we don't prune above any of the prune locks bestblocks
2733 // pruning is height-based
2734 int last_prune{m_chain.Height()}; // last height we can prune
2735 std::optional<std::string> limiting_lock; // prune lock that actually was the limiting factor, only used for logging
2736
2737 for (const auto& prune_lock : m_blockman.m_prune_locks) {
2738 if (prune_lock.second.height_first == std::numeric_limits<int>::max()) continue;
2739 // Remove the buffer and one additional block here to get actual height that is outside of the buffer
2740 const int lock_height{prune_lock.second.height_first - PRUNE_LOCK_BUFFER - 1};
2741 last_prune = std::max(1, std::min(last_prune, lock_height));
2742 if (last_prune == lock_height) {
2743 limiting_lock = prune_lock.first;
2744 }
2745 }
2746
2747 if (limiting_lock) {
2748 LogDebug(BCLog::PRUNE, "%s limited pruning to height %d\n", limiting_lock.value(), last_prune);
2749 }
2750
2751 if (nManualPruneHeight > 0) {
2752 LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune (manual)", BCLog::BENCH);
2753
2755 setFilesToPrune,
2756 std::min(last_prune, nManualPruneHeight),
2757 *this);
2758 } else {
2759 LOG_TIME_MILLIS_WITH_CATEGORY("find files to prune", BCLog::BENCH);
2760
2761 m_blockman.FindFilesToPrune(setFilesToPrune, last_prune, *this, m_chainman);
2763 }
2764 if (!setFilesToPrune.empty()) {
2765 fFlushForPrune = true;
2767 m_blockman.m_block_tree_db->WriteFlag("prunedblockfiles", true);
2769 }
2770 }
2771 }
2772 const auto nNow{NodeClock::now()};
2773 // The cache is large and we're within 10% and 10 MiB of the limit, but we have time now (not in the middle of a block processing).
2774 bool fCacheLarge = mode == FlushStateMode::PERIODIC && cache_state >= CoinsCacheSizeState::LARGE;
2775 // The cache is over the limit, we have to write now.
2776 bool fCacheCritical = mode == FlushStateMode::IF_NEEDED && cache_state >= CoinsCacheSizeState::CRITICAL;
2777 // It's been a while since we wrote the block index and chain state to disk. Do this frequently, so we don't need to redownload or reindex after a crash.
2778 bool fPeriodicWrite = mode == FlushStateMode::PERIODIC && nNow >= m_next_write;
2779 const auto empty_cache{(mode == FlushStateMode::FORCE_FLUSH) || fCacheLarge || fCacheCritical};
2780 // Combine all conditions that result in a write to disk.
2781 bool should_write = (mode == FlushStateMode::FORCE_SYNC) || empty_cache || fPeriodicWrite || fFlushForPrune;
2782 // Write blocks, block index and best chain related state to disk.
2783 if (should_write) {
2784 LogDebug(BCLog::COINDB, "Writing chainstate to disk: flush mode=%s, prune=%d, large=%d, critical=%d, periodic=%d",
2785 FlushStateModeNames[size_t(mode)], fFlushForPrune, fCacheLarge, fCacheCritical, fPeriodicWrite);
2786
2787 // Ensure we can write block index
2789 return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2790 }
2791 {
2792 LOG_TIME_MILLIS_WITH_CATEGORY("write block and undo data to disk", BCLog::BENCH);
2793
2794 // First make sure all block and undo data is flushed to disk.
2795 // TODO: Handle return error, or add detailed comment why it is
2796 // safe to not return an error upon failure.
2797 if (!m_blockman.FlushChainstateBlockFile(m_chain.Height())) {
2798 LogWarning("%s: Failed to flush block file.\n", __func__);
2799 }
2800 }
2801
2802 // Then update all block file information (which may refer to block and undo files).
2803 {
2804 LOG_TIME_MILLIS_WITH_CATEGORY("write block index to disk", BCLog::BENCH);
2805
2806 m_blockman.WriteBlockIndexDB();
2807 }
2808 // Finally remove any pruned files
2809 if (fFlushForPrune) {
2810 LOG_TIME_MILLIS_WITH_CATEGORY("unlink pruned files", BCLog::BENCH);
2811
2812 m_blockman.UnlinkPrunedFiles(setFilesToPrune);
2813 }
2814
2815 if (!CoinsTip().GetBestBlock().IsNull()) {
2816 // Typical Coin structures on disk are around 48 bytes in size.
2817 // Pushing a new one to the database can cause it to be written
2818 // twice (once in the log, and once in the tables). This is already
2819 // an overestimation, as most will delete an existing entry or
2820 // overwrite one. Still, use a conservative safety factor of 2.
2821 if (!CheckDiskSpace(m_chainman.m_options.datadir, 48 * 2 * 2 * CoinsTip().GetDirtyCount())) {
2822 return FatalError(m_chainman.GetNotifications(), state, _("Disk space is too low!"));
2823 }
2824 // Flush the chainstate (which may refer to block index entries).
2825 empty_cache ? CoinsTip().Flush() : CoinsTip().Sync();
2826 m_last_flushed_block = m_blockman.LookupBlockIndex(CoinsTip().GetBestBlock());
2827 full_flush_completed = true;
2828 TRACEPOINT(utxocache, flush,
2829 int64_t{Ticks<std::chrono::microseconds>(NodeClock::now() - nNow)},
2830 (uint32_t)mode,
2831 (uint64_t)coins_count,
2832 (uint64_t)coins_mem_usage,
2833 (bool)fFlushForPrune);
2834 }
2835 }
2836
2837 if (should_write || m_next_write == NodeClock::time_point::max()) {
2840 }
2841 }
2842 if (full_flush_completed) {
2844 m_chainman.m_options.signals->ChainStateFlushed(this->GetRole(), GetLocator(m_last_flushed_block));
2845 }
2846
2848 try {
2850 } catch (const std::exception& e) {
2851 LogWarning("Failed to start chainstate compaction (%s)", e.what());
2852 }
2853 }
2854 }
2855 } catch (const std::runtime_error& e) {
2856 return FatalError(m_chainman.GetNotifications(), state, strprintf(_("System error while flushing: %s"), e.what()));
2857 }
2858 return true;
2859}
2860
2862{
2865 LogWarning("Failed to force flush state (%s)", state.ToString());
2866 }
2867}
2868
2870{
2873 if (!this->FlushStateToDisk(state, FlushStateMode::NONE)) {
2874 LogWarning("Failed to flush state (%s)", state.ToString());
2875 }
2876}
2877
2878static void UpdateTipLog(
2879 const ChainstateManager& chainman,
2880 const CCoinsViewCache& coins_tip,
2881 const CBlockIndex* tip,
2882 const std::string& func_name,
2883 const std::string& prefix,
2884 const std::string& warning_messages,
2885 const bool background_validation) EXCLUSIVE_LOCKS_REQUIRED(::cs_main)
2886{
2887
2889
2890 // Disable rate limiting as this may log frequently during IBD.
2891 LogInfo(util::log::NO_RATE_LIMIT, "%s%s: new best=%s height=%d version=0x%08x log2_work=%f tx=%lu date='%s' progress=%f cache=%.1fMiB(%utxo)%s\n",
2892 prefix, func_name,
2893 tip->GetBlockHash().ToString(), tip->nHeight, tip->nVersion,
2894 log(tip->nChainWork.getdouble()) / log(2.0), tip->m_chain_tx_count,
2896 background_validation ? chainman.GetBackgroundVerificationProgress(*tip) : chainman.GuessVerificationProgress(tip),
2897 coins_tip.DynamicMemoryUsage() / double(1_MiB),
2898 coins_tip.GetCacheSize(),
2899 !warning_messages.empty() ? strprintf(" warning='%s'", warning_messages) : "");
2900}
2901
2902void Chainstate::UpdateTip(const CBlockIndex* pindexNew)
2903{
2905 const auto& coins_tip = this->CoinsTip();
2906
2907 // The remainder of the function isn't relevant if we are not acting on
2908 // the active chainstate, so return if need be.
2909 if (this != &m_chainman.ActiveChainstate()) {
2910 // Only log every so often so that we don't bury log messages at the tip.
2911 constexpr int BACKGROUND_LOG_INTERVAL = 2000;
2912 if (pindexNew->nHeight % BACKGROUND_LOG_INTERVAL == 0) {
2913 UpdateTipLog(m_chainman, coins_tip, pindexNew, __func__, "[background validation] ", "", /*background_validation=*/true);
2914 }
2915 return;
2916 }
2917
2918 // New best block
2919 if (m_mempool) {
2921 }
2922
2923 std::vector<bilingual_str> warning_messages;
2926 for (auto [bit, active] : bits) {
2927 const bilingual_str warning = strprintf(_("Unknown new rules activated (versionbit %i)"), bit);
2928 if (active) {
2930 } else {
2931 warning_messages.push_back(warning);
2932 }
2933 }
2934 }
2935 UpdateTipLog(m_chainman, coins_tip, pindexNew, __func__, "",
2936 util::Join(warning_messages, Untranslated(", ")).original, /*background_validation=*/false);
2937}
2938
2950{
2953
2954 CBlockIndex *pindexDelete = m_chain.Tip();
2955 assert(pindexDelete);
2956 assert(pindexDelete->pprev);
2957 // Read block from disk.
2958 std::shared_ptr<CBlock> pblock = std::make_shared<CBlock>();
2959 CBlock& block = *pblock;
2960 if (!m_blockman.ReadBlock(block, *pindexDelete)) {
2961 LogError("DisconnectTip(): Failed to read block\n");
2962 return false;
2963 }
2964 // Apply the block atomically to the chain state.
2965 const auto time_start{SteadyClock::now()};
2966 {
2967 CCoinsViewCache view(&CoinsTip());
2968 assert(view.GetBestBlock() == pindexDelete->GetBlockHash());
2969 if (DisconnectBlock(block, pindexDelete, view) != DISCONNECT_OK) {
2970 LogError("DisconnectTip(): DisconnectBlock %s failed\n", pindexDelete->GetBlockHash().ToString());
2971 return false;
2972 }
2973 view.Flush(/*reallocate_cache=*/false); // local CCoinsViewCache goes out of scope
2974 }
2975 LogDebug(BCLog::BENCH, "- Disconnect block: %.2fms\n",
2976 Ticks<MillisecondsDouble>(SteadyClock::now() - time_start));
2977
2978 {
2979 // Prune locks that began at or after the tip should be moved backward so they get a chance to reorg
2980 const int max_height_first{pindexDelete->nHeight - 1};
2981 for (auto& prune_lock : m_blockman.m_prune_locks) {
2982 if (prune_lock.second.height_first <= max_height_first) continue;
2983
2984 prune_lock.second.height_first = max_height_first;
2985 LogDebug(BCLog::PRUNE, "%s prune lock moved back to %d\n", prune_lock.first, max_height_first);
2986 }
2987 }
2988
2989 // Write the chain state to disk, if necessary.
2991 return false;
2992 }
2993
2994 if (disconnectpool && m_mempool) {
2995 // Save transactions to re-add to mempool at end of reorg. If any entries are evicted for
2996 // exceeding memory limits, remove them and their descendants from the mempool.
2997 for (auto&& evicted_tx : disconnectpool->AddTransactionsFromBlock(block.vtx)) {
2999 }
3000 }
3001
3002 m_chain.SetTip(*pindexDelete->pprev);
3004
3005 UpdateTip(pindexDelete->pprev);
3006 // Let wallets know transactions went from 1-confirmed to
3007 // 0-confirmed or conflicted:
3009 m_chainman.m_options.signals->BlockDisconnected(std::move(pblock), pindexDelete);
3010 }
3011 return true;
3012}
3013
3016 std::shared_ptr<const CBlock> pblock;
3017};
3018
3026 BlockValidationState& state,
3027 CBlockIndex* pindexNew,
3028 std::shared_ptr<const CBlock> block_to_connect,
3029 std::vector<ConnectedBlock>& connected_blocks,
3030 DisconnectedBlockTransactions& disconnectpool)
3031{
3034
3035 assert(pindexNew->pprev == m_chain.Tip());
3036 // Read block from disk.
3037 const auto time_1{SteadyClock::now()};
3038 if (!block_to_connect) {
3039 std::shared_ptr<CBlock> pblockNew = std::make_shared<CBlock>();
3040 if (!m_blockman.ReadBlock(*pblockNew, *pindexNew)) {
3041 return FatalError(m_chainman.GetNotifications(), state, _("Failed to read block."));
3042 }
3043 block_to_connect = std::move(pblockNew);
3044 } else {
3045 LogDebug(BCLog::BENCH, " - Using cached block\n");
3046 }
3047 // Apply the block atomically to the chain state.
3048 const auto time_2{SteadyClock::now()};
3049 SteadyClock::time_point time_3;
3050 // When adding aggregate statistics in the future, keep in mind that
3051 // num_blocks_total may be zero until the ConnectBlock() call below.
3052 LogDebug(BCLog::BENCH, " - Load block from disk: %.2fms\n",
3053 Ticks<MillisecondsDouble>(time_2 - time_1));
3054 {
3055 CoinsViewOverlay& view{*m_coins_views->m_connect_block_view};
3056 const auto reset_guard{view.StartFetching(*block_to_connect)};
3057 bool rv = ConnectBlock(*block_to_connect, state, pindexNew, view);
3059 m_chainman.m_options.signals->BlockChecked(block_to_connect, state);
3060 }
3061 if (!rv) {
3062 if (state.IsInvalid())
3063 InvalidBlockFound(pindexNew, state);
3064 LogError("%s: ConnectBlock %s failed, %s\n", __func__, pindexNew->GetBlockHash().ToString(), state.ToString());
3065 return false;
3066 }
3067 time_3 = SteadyClock::now();
3068 m_chainman.time_connect_total += time_3 - time_2;
3069 assert(m_chainman.num_blocks_total > 0);
3070 LogDebug(BCLog::BENCH, " - Connect total: %.2fms [%.2fs (%.2fms/blk)]\n",
3071 Ticks<MillisecondsDouble>(time_3 - time_2),
3072 Ticks<SecondsDouble>(m_chainman.time_connect_total),
3073 Ticks<MillisecondsDouble>(m_chainman.time_connect_total) / m_chainman.num_blocks_total);
3074 view.Flush(/*reallocate_cache=*/false); // No need to reallocate since it only has capacity for 1 block
3075 }
3076 const auto time_4{SteadyClock::now()};
3077 m_chainman.time_flush += time_4 - time_3;
3078 LogDebug(BCLog::BENCH, " - Flush: %.2fms [%.2fs (%.2fms/blk)]\n",
3079 Ticks<MillisecondsDouble>(time_4 - time_3),
3080 Ticks<SecondsDouble>(m_chainman.time_flush),
3081 Ticks<MillisecondsDouble>(m_chainman.time_flush) / m_chainman.num_blocks_total);
3082 // Write the chain state to disk, if necessary.
3084 return false;
3085 }
3086 const auto time_5{SteadyClock::now()};
3087 m_chainman.time_chainstate += time_5 - time_4;
3088 LogDebug(BCLog::BENCH, " - Writing chainstate: %.2fms [%.2fs (%.2fms/blk)]\n",
3089 Ticks<MillisecondsDouble>(time_5 - time_4),
3090 Ticks<SecondsDouble>(m_chainman.time_chainstate),
3091 Ticks<MillisecondsDouble>(m_chainman.time_chainstate) / m_chainman.num_blocks_total);
3092 // Remove conflicting transactions from the mempool.;
3093 if (m_mempool) {
3094 m_mempool->removeForBlock(block_to_connect->vtx, pindexNew->nHeight);
3095 disconnectpool.removeForBlock(block_to_connect->vtx);
3096 }
3097 // Update m_chain & related variables.
3098 m_chain.SetTip(*pindexNew);
3100 UpdateTip(pindexNew);
3101
3102 const auto time_6{SteadyClock::now()};
3103 m_chainman.time_post_connect += time_6 - time_5;
3104 m_chainman.time_total += time_6 - time_1;
3105 LogDebug(BCLog::BENCH, " - Connect postprocess: %.2fms [%.2fs (%.2fms/blk)]\n",
3106 Ticks<MillisecondsDouble>(time_6 - time_5),
3107 Ticks<SecondsDouble>(m_chainman.time_post_connect),
3108 Ticks<MillisecondsDouble>(m_chainman.time_post_connect) / m_chainman.num_blocks_total);
3109 LogDebug(BCLog::BENCH, "- Connect block: %.2fms [%.2fs (%.2fms/blk)]\n",
3110 Ticks<MillisecondsDouble>(time_6 - time_1),
3111 Ticks<SecondsDouble>(m_chainman.time_total),
3112 Ticks<MillisecondsDouble>(m_chainman.time_total) / m_chainman.num_blocks_total);
3113
3114 // See if this chainstate has reached a target block and can be used to
3115 // validate an assumeutxo snapshot. If it can, hashing the UTXO database
3116 // will be slow, and cs_main could remain locked here for several minutes.
3117 // If the snapshot is validated, the UTXO hash will be saved to
3118 // this->m_target_utxohash, causing HistoricalChainstate() to return null
3119 // and this chainstate to no longer be used. ActivateBestChain() will also
3120 // stop connecting blocks to this chainstate because this->ReachedTarget()
3121 // will be true and this->setBlockIndexCandidates will not have additional
3122 // blocks.
3124 m_chainman.MaybeValidateSnapshot(*this, current_cs);
3125
3126 connected_blocks.emplace_back(pindexNew, std::move(block_to_connect));
3127 return true;
3128}
3129
3135{
3137 do {
3138 CBlockIndex *pindexNew = nullptr;
3139
3140 // Find the best candidate header.
3141 {
3142 std::set<CBlockIndex*, CBlockIndexWorkComparator>::reverse_iterator it = setBlockIndexCandidates.rbegin();
3143 if (it == setBlockIndexCandidates.rend())
3144 return nullptr;
3145 pindexNew = *it;
3146 }
3147
3148 // Check whether all blocks on the path between the currently active chain and the candidate are valid.
3149 // Just going until the active chain is an optimization, as we know all blocks in it are valid already.
3150 bool fInvalidAncestor = false;
3151 for (CBlockIndex *pindexTest = pindexNew; pindexTest && !m_chain.Contains(*pindexTest); pindexTest = pindexTest->pprev) {
3152 assert(pindexTest->HaveNumChainTxs() || pindexTest->nHeight == 0);
3153
3154 // Pruned nodes may have entries in setBlockIndexCandidates for
3155 // which block files have been deleted. Remove those as candidates
3156 // for the most work chain if we come across them; we can't switch
3157 // to a chain unless we have all the non-active-chain parent blocks.
3158 bool fFailedChain = pindexTest->nStatus & BLOCK_FAILED_VALID;
3159 bool fMissingData = !(pindexTest->nStatus & BLOCK_HAVE_DATA);
3160 if (fFailedChain || fMissingData) {
3161 // Candidate chain is not usable (either invalid or missing data)
3162 if (fFailedChain && (m_chainman.m_best_invalid == nullptr || pindexNew->nChainWork > m_chainman.m_best_invalid->nChainWork)) {
3163 m_chainman.m_best_invalid = pindexNew;
3164 }
3165 // Remove the entire chain from the set.
3166 for (CBlockIndex *pindexFailed = pindexNew; pindexFailed != pindexTest; pindexFailed = pindexFailed->pprev) {
3167 // If we're missing data and not a descendant of an invalid block,
3168 // then add back to m_blocks_unlinked, so that if the block arrives in the future
3169 // we can try adding to setBlockIndexCandidates again.
3170 if (fMissingData && !fFailedChain) {
3171 // Avoid duplicate entries in m_blocks_unlinked. If the same entry is
3172 // processed twice in ReceivedBlockTransactions(), it may be re-added to
3173 // setBlockIndexCandidates with a modified nSequenceId, breaking ordering
3174 // guarantees and leading to undefined behavior.
3175 m_blockman.AddUnlinkedBlock(pindexFailed);
3176 }
3177 setBlockIndexCandidates.erase(pindexFailed);
3178 }
3179 setBlockIndexCandidates.erase(pindexTest);
3180 fInvalidAncestor = true;
3181 break;
3182 }
3183 }
3184 if (!fInvalidAncestor)
3185 return pindexNew;
3186 } while(true);
3187}
3188
3191 // Note that we can't delete the current block itself, as we may need to return to it later in case a
3192 // reorganization to a better block fails.
3193 std::set<CBlockIndex*, CBlockIndexWorkComparator>::iterator it = setBlockIndexCandidates.begin();
3194 while (it != setBlockIndexCandidates.end() && setBlockIndexCandidates.value_comp()(*it, m_chain.Tip())) {
3195 setBlockIndexCandidates.erase(it++);
3196 }
3197 // Either the current tip or a successor of it we're working towards is left in setBlockIndexCandidates.
3199}
3200
3207bool Chainstate::ActivateBestChainStep(BlockValidationState& state, CBlockIndex& index_most_work, const std::shared_ptr<const CBlock>& pblock, bool& fInvalidFound, std::vector<ConnectedBlock>& connected_blocks)
3208{
3211
3212 const CBlockIndex* pindexOldTip = m_chain.Tip();
3213 const CBlockIndex* pindexFork = m_chain.FindFork(index_most_work);
3214
3215 // Disconnect active blocks which are no longer in the best chain.
3216 bool fBlocksDisconnected = false;
3218 while (m_chain.Tip() && m_chain.Tip() != pindexFork) {
3219 if (!DisconnectTip(state, &disconnectpool)) {
3220 // This is likely a fatal error, but keep the mempool consistent,
3221 // just in case. Only remove from the mempool in this case.
3222 MaybeUpdateMempoolForReorg(disconnectpool, false);
3223
3224 // If we're unable to disconnect a block during normal operation,
3225 // then that is a failure of our local system -- we should abort
3226 // rather than stay on a less work chain.
3227 FatalError(m_chainman.GetNotifications(), state, _("Failed to disconnect block."));
3228 return false;
3229 }
3230 fBlocksDisconnected = true;
3231 }
3232
3233 // Build list of new blocks to connect (in descending height order).
3234 std::vector<CBlockIndex*> vpindexToConnect;
3235 bool fContinue = true;
3236 int nHeight = pindexFork ? pindexFork->nHeight : -1;
3237 while (fContinue && nHeight != index_most_work.nHeight) {
3238 // Don't iterate the entire list of potential improvements toward the best tip, as we likely only need
3239 // a few blocks along the way.
3240 int nTargetHeight = std::min(nHeight + 32, index_most_work.nHeight);
3241 vpindexToConnect.clear();
3242 vpindexToConnect.reserve(nTargetHeight - nHeight);
3243 CBlockIndex* pindexIter = index_most_work.GetAncestor(nTargetHeight);
3244 while (pindexIter && pindexIter->nHeight != nHeight) {
3245 vpindexToConnect.push_back(pindexIter);
3246 pindexIter = pindexIter->pprev;
3247 }
3248 nHeight = nTargetHeight;
3249
3250 // Connect new blocks.
3251 for (CBlockIndex* pindexConnect : vpindexToConnect | std::views::reverse) {
3252 if (!ConnectTip(state, pindexConnect, pindexConnect == &index_most_work ? pblock : std::shared_ptr<const CBlock>(), connected_blocks, disconnectpool)) {
3253 if (state.IsInvalid()) {
3254 // The block violates a consensus rule.
3256 InvalidChainFound(vpindexToConnect.front());
3257 }
3258 state = BlockValidationState();
3259 fInvalidFound = true;
3260 fContinue = false;
3261 break;
3262 } else {
3263 // A system error occurred (disk space, database error, ...).
3264 // Make the mempool consistent with the current tip, just in case
3265 // any observers try to use it before shutdown.
3266 MaybeUpdateMempoolForReorg(disconnectpool, false);
3267 return false;
3268 }
3269 } else {
3271 if (!pindexOldTip || m_chain.Tip()->nChainWork > pindexOldTip->nChainWork) {
3272 // We're in a better position than we were. Return temporarily to release the lock.
3273 fContinue = false;
3274 break;
3275 }
3276 }
3277 }
3278 }
3279
3280 if (fBlocksDisconnected) {
3281 // If any blocks were disconnected, disconnectpool may be non empty. Add
3282 // any disconnected transactions back to the mempool.
3283 MaybeUpdateMempoolForReorg(disconnectpool, true);
3284 }
3285 if (m_mempool) m_mempool->check(this->CoinsTip(), this->m_chain.Height() + 1);
3286
3288
3289 return true;
3290}
3291
3292static SynchronizationState GetSynchronizationState(bool init, bool blockfiles_indexed)
3293{
3295 if (!blockfiles_indexed) return SynchronizationState::INIT_REINDEX;
3297}
3298
3300{
3302 if (!m_cached_is_ibd.load(std::memory_order_relaxed)) return;
3303 if (m_blockman.LoadingBlocks()) return;
3304 if (!CurrentChainstate().m_chain.IsTipRecent(MinimumChainWork(), m_options.max_tip_age)) return;
3305 LogInfo("Leaving InitialBlockDownload (latching to false)");
3306 m_cached_is_ibd.store(false, std::memory_order_relaxed);
3307}
3308
3310{
3311 bool fNotify = false;
3312 bool fInitialBlockDownload = false;
3313 CBlockIndex* pindexHeader = nullptr;
3314 {
3315 LOCK(GetMutex());
3316 pindexHeader = m_best_header;
3317
3318 if (pindexHeader != m_last_notified_header) {
3319 fNotify = true;
3320 fInitialBlockDownload = IsInitialBlockDownload();
3321 m_last_notified_header = pindexHeader;
3322 }
3323 }
3324 // Send block tip changed notifications without the lock held
3325 if (fNotify) {
3326 GetNotifications().headerTip(GetSynchronizationState(fInitialBlockDownload, m_blockman.m_blockfiles_indexed), pindexHeader->nHeight, pindexHeader->nTime, false);
3327 }
3328 return fNotify;
3329}
3330
3333
3334 if (signals.CallbacksPending() > 10) {
3335 signals.SyncWithValidationInterfaceQueue();
3336 }
3337}
3338
3339bool Chainstate::ActivateBestChain(BlockValidationState& state, std::shared_ptr<const CBlock> pblock)
3340{
3342
3343 // Note that while we're often called here from ProcessNewBlock, this is
3344 // far from a guarantee. Things in the P2P/RPC will often end up calling
3345 // us in the middle of ProcessNewBlock - do not assume pblock is set
3346 // sanely for performance or correctness!
3348
3349 // ABC maintains a fair degree of expensive-to-calculate internal state
3350 // because this function periodically releases cs_main so that it does not lock up other threads for too long
3351 // during large connects - and to allow for e.g. the callback queue to drain
3352 // we use m_chainstate_mutex to enforce mutual exclusion so that only one caller may execute this function at a time
3354
3355 // Belt-and-suspenders check that we aren't attempting to advance the
3356 // chainstate past the target block.
3357 if (WITH_LOCK(::cs_main, return m_target_utxohash)) {
3358 LogError("%s", STR_INTERNAL_BUG("m_target_utxohash is set - this chainstate should not be in operation."));
3359 return Assume(false);
3360 }
3361
3362 CBlockIndex *pindexMostWork = nullptr;
3363 CBlockIndex *pindexNewTip = nullptr;
3364 bool exited_ibd{false};
3365 do {
3366 // Block until the validation queue drains. This should largely
3367 // never happen in normal operation, however may happen during
3368 // reindex, causing memory blowup if we run too far ahead.
3369 // Note that if a validationinterface callback ends up calling
3370 // ActivateBestChain this may lead to a deadlock! We should
3371 // probably have a DEBUG_LOCKORDER test for this in the future.
3373
3374 {
3375 LOCK(cs_main);
3376 {
3377 // Lock transaction pool for at least as long as it takes for connected_blocks to be consumed
3378 LOCK(MempoolMutex());
3379 const bool was_in_ibd = m_chainman.IsInitialBlockDownload();
3380 CBlockIndex* starting_tip = m_chain.Tip();
3381 bool blocks_connected = false;
3382 do {
3383 // We absolutely may not unlock cs_main until we've made forward progress
3384 // (with the exception of shutdown due to hardware issues, low disk space, etc).
3385 std::vector<ConnectedBlock> connected_blocks; // Destructed before cs_main is unlocked
3386
3387 if (pindexMostWork == nullptr) {
3388 pindexMostWork = FindMostWorkChain();
3389 }
3390
3391 // Whether we have anything to do at all.
3392 if (pindexMostWork == nullptr || pindexMostWork == m_chain.Tip()) {
3393 break;
3394 }
3395
3396 bool fInvalidFound = false;
3397 std::shared_ptr<const CBlock> nullBlockPtr;
3398 // BlockConnected signals must be sent for the original role;
3399 // in case snapshot validation is completed during ActivateBestChainStep, the
3400 // result of GetRole() changes from BACKGROUND to NORMAL.
3401 const ChainstateRole chainstate_role{this->GetRole()};
3402 if (!ActivateBestChainStep(state, *pindexMostWork, pblock && pblock->GetHash() == pindexMostWork->GetBlockHash() ? pblock : nullBlockPtr, fInvalidFound, connected_blocks)) {
3403 // A system error occurred
3404 return false;
3405 }
3406 blocks_connected = true;
3407
3408 if (fInvalidFound) {
3409 // Wipe cache, we may need another branch now.
3410 pindexMostWork = nullptr;
3411 }
3412 pindexNewTip = m_chain.Tip();
3413
3414 for (auto& [index, block] : std::move(connected_blocks)) {
3416 m_chainman.m_options.signals->BlockConnected(chainstate_role, std::move(Assert(block)), Assert(index));
3417 }
3418 }
3419
3420 // Break this do-while to ensure we don't advance past the target block.
3421 if (ReachedTarget()) {
3422 break;
3423 }
3424 } while (!m_chain.Tip() || (starting_tip && CBlockIndexWorkComparator()(m_chain.Tip(), starting_tip)));
3425 if (!blocks_connected) return true;
3426
3427 const CBlockIndex* pindexFork = starting_tip ? m_chain.FindFork(*starting_tip) : nullptr;
3428 bool still_in_ibd = m_chainman.IsInitialBlockDownload();
3429
3430 if (was_in_ibd && !still_in_ibd) {
3431 // Active chainstate has exited IBD.
3432 exited_ibd = true;
3433 }
3434
3435 // Notify external listeners about the new tip.
3436 // Enqueue while holding cs_main to ensure that UpdatedBlockTip is called in the order in which blocks are connected
3437 if (this == &m_chainman.ActiveChainstate() && pindexFork != pindexNewTip) {
3438 // Notify ValidationInterface subscribers
3440 m_chainman.m_options.signals->UpdatedBlockTip(pindexNewTip, pindexFork, still_in_ibd);
3441 }
3442
3445 /*index=*/*pindexNewTip,
3446 /*verification_progress=*/m_chainman.GuessVerificationProgress(pindexNewTip))))
3447 {
3448 // Just breaking and returning success for now. This could
3449 // be changed to bubble up the kernel::Interrupted value to
3450 // the caller so the caller could distinguish between
3451 // completed and interrupted operations.
3452 break;
3453 }
3454 }
3455 } // release MempoolMutex
3456 // Notify external listeners about the new tip, even if pindexFork == pindexNewTip.
3459 }
3460 } // release cs_main
3461 // When we reach this point, we switched to a new tip (stored in pindexNewTip).
3462
3463 bool reached_target;
3464 {
3466 if (exited_ibd) {
3467 // If a background chainstate is in use, we may need to rebalance our
3468 // allocation of caches once a chainstate exits initial block download.
3469 m_chainman.MaybeRebalanceCaches();
3470 }
3471
3472 // Write changes periodically to disk, after relay.
3474 return false;
3475 }
3476
3477 reached_target = ReachedTarget();
3478 }
3479
3480 if (reached_target) {
3481 // Chainstate has reached the target block, so exit.
3482 //
3483 // Restart indexes so indexes can resync and index new blocks after
3484 // the target block.
3485 //
3486 // This cannot be done while holding cs_main (within
3487 // MaybeValidateSnapshot) or a cs_main deadlock will occur.
3490 }
3491 break;
3492 }
3493
3494 // We check interrupt only after giving ActivateBestChainStep a chance to run once so that we
3495 // never interrupt before connecting the genesis block during LoadChainTip(). Previously this
3496 // caused an assert() failure during interrupt in such cases as the UTXO DB flushing checks
3497 // that the best block hash is non-null.
3498 if (m_chainman.m_interrupt) break;
3499 } while (pindexNewTip != pindexMostWork);
3500
3502
3503 return true;
3504}
3505
3506bool Chainstate::PreciousBlock(BlockValidationState& state, CBlockIndex* pindex)
3507{
3510 {
3511 LOCK(cs_main);
3512 if (pindex->nChainWork < m_chain.Tip()->nChainWork) {
3513 // Nothing to do, this block is not at the tip.
3514 return true;
3515 }
3517 // The chain has been extended since the last call, reset the counter.
3519 }
3521 setBlockIndexCandidates.erase(pindex);
3523 if (m_chainman.nBlockReverseSequenceId > std::numeric_limits<int32_t>::min()) {
3524 // We can't keep reducing the counter if somebody really wants to
3525 // call preciousblock 2**31-1 times on the same set of tips...
3527 }
3528 if (pindex->IsValid(BLOCK_VALID_TRANSACTIONS) && pindex->HaveNumChainTxs()) {
3529 setBlockIndexCandidates.insert(pindex);
3531 }
3532 }
3533
3534 return ActivateBestChain(state, std::shared_ptr<const CBlock>());
3535}
3536
3538{
3541
3542 // Genesis block can't be invalidated
3543 assert(pindex);
3544 if (pindex->nHeight == 0) return false;
3545
3546 // We do not allow ActivateBestChain() to run while InvalidateBlock() is
3547 // running, as that could cause the tip to change while we disconnect
3548 // blocks.
3550
3551 // We'll be acquiring and releasing cs_main below, to allow the validation
3552 // callbacks to run. However, we should keep the block index in a
3553 // consistent state as we disconnect blocks -- in particular we need to
3554 // add equal-work blocks to setBlockIndexCandidates as we disconnect.
3555 // To avoid walking the block index repeatedly in search of candidates,
3556 // build a map once so that we can look up candidate blocks by chain
3557 // work as we go.
3558 std::multimap<const arith_uint256, CBlockIndex*> highpow_outofchain_headers;
3559
3560 {
3561 LOCK(cs_main);
3562 for (auto& entry : m_blockman.m_block_index) {
3563 CBlockIndex& candidate = entry.second;
3564 // We don't need to put anything in our active chain into the
3565 // multimap, because those candidates will be found and considered
3566 // as we disconnect.
3567 // Instead, consider only non-active-chain blocks that score
3568 // at least as good with CBlockIndexWorkComparator as the new tip.
3569 if (!m_chain.Contains(candidate) &&
3570 !CBlockIndexWorkComparator()(&candidate, pindex->pprev) &&
3571 !(candidate.nStatus & BLOCK_FAILED_VALID)) {
3572 highpow_outofchain_headers.insert({candidate.nChainWork, &candidate});
3573 }
3574 }
3575 }
3576
3577 CBlockIndex* to_mark_failed = pindex;
3578 bool pindex_was_in_chain = false;
3579 int disconnected = 0;
3580
3581 // Disconnect (descendants of) pindex, and mark them invalid.
3582 while (true) {
3583 if (m_chainman.m_interrupt) break;
3584
3585 // Make sure the queue of validation callbacks doesn't grow unboundedly.
3587
3588 LOCK(cs_main);
3589 // Lock for as long as disconnectpool is in scope to make sure MaybeUpdateMempoolForReorg is
3590 // called after DisconnectTip without unlocking in between
3591 LOCK(MempoolMutex());
3592 if (!m_chain.Contains(*pindex)) break;
3593 pindex_was_in_chain = true;
3594 CBlockIndex* const disconnected_tip{m_chain.Tip()};
3595
3596 // ActivateBestChain considers blocks already in m_chain
3597 // unconditionally valid already, so force disconnect away from it.
3599 bool ret = DisconnectTip(state, &disconnectpool);
3600 // DisconnectTip will add transactions to disconnectpool.
3601 // Adjust the mempool to be consistent with the new tip, adding
3602 // transactions back to the mempool if disconnecting was successful,
3603 // and we're not doing a very deep invalidation (in which case
3604 // keeping the mempool up to date is probably futile anyway).
3605 MaybeUpdateMempoolForReorg(disconnectpool, /* fAddToMempool = */ (++disconnected <= 10) && ret);
3606 if (!ret) return false;
3607 CBlockIndex* new_tip{m_chain.Tip()};
3608 assert(disconnected_tip->pprev == new_tip);
3609
3610 // We immediately mark the disconnected blocks as invalid.
3611 // This prevents a case where pruned nodes may fail to invalidateblock
3612 // and be left unable to start as they have no tip candidates (as there
3613 // are no blocks that meet the "have data and are not invalid per
3614 // nStatus" criteria for inclusion in setBlockIndexCandidates).
3615 disconnected_tip->nStatus |= BLOCK_FAILED_VALID;
3616 m_blockman.m_dirty_blockindex.insert(disconnected_tip);
3617 setBlockIndexCandidates.erase(disconnected_tip);
3618 setBlockIndexCandidates.insert(new_tip);
3619
3620 // Mark out-of-chain descendants of the invalidated block as invalid
3621 // Add any equal or more work headers that are not invalidated to setBlockIndexCandidates
3622 // Recalculate m_best_header if it became invalid.
3623 auto candidate_it = highpow_outofchain_headers.lower_bound(new_tip->nChainWork);
3624
3625 const bool best_header_needs_update{m_chainman.m_best_header->GetAncestor(disconnected_tip->nHeight) == disconnected_tip};
3626 if (best_header_needs_update) {
3627 // new_tip is definitely still valid at this point, but there may be better ones
3628 m_chainman.m_best_header = new_tip;
3629 }
3630
3631 while (candidate_it != highpow_outofchain_headers.end()) {
3632 CBlockIndex* candidate{candidate_it->second};
3633 if (candidate->GetAncestor(disconnected_tip->nHeight) == disconnected_tip) {
3634 // Children of failed blocks are marked as BLOCK_FAILED_VALID.
3635 candidate->nStatus |= BLOCK_FAILED_VALID;
3636 m_blockman.m_dirty_blockindex.insert(candidate);
3637 // If invalidated, the block is irrelevant for setBlockIndexCandidates
3638 // and for m_best_header and can be removed from the cache.
3639 candidate_it = highpow_outofchain_headers.erase(candidate_it);
3640 continue;
3641 }
3642 if (!CBlockIndexWorkComparator()(candidate, new_tip) &&
3643 candidate->IsValid(BLOCK_VALID_TRANSACTIONS) &&
3644 candidate->HaveNumChainTxs()) {
3645 setBlockIndexCandidates.insert(candidate);
3646 // Do not remove candidate from the highpow_outofchain_headers cache, because it might be a descendant of the block being invalidated
3647 // which needs to be marked failed later.
3648 }
3649 if (best_header_needs_update &&
3650 m_chainman.m_best_header->nChainWork < candidate->nChainWork) {
3651 m_chainman.m_best_header = candidate;
3652 }
3653 ++candidate_it;
3654 }
3655
3656 // Track the last disconnected block to call InvalidChainFound on it.
3657 to_mark_failed = disconnected_tip;
3658 }
3659
3661
3662 {
3663 LOCK(cs_main);
3664 if (m_chain.Contains(*to_mark_failed)) {
3665 // If the to-be-marked invalid block is in the active chain, something is interfering and we can't proceed.
3666 return false;
3667 }
3668
3669 // Mark pindex as invalid if it never was in the main chain
3670 if (!pindex_was_in_chain && !(pindex->nStatus & BLOCK_FAILED_VALID)) {
3671 pindex->nStatus |= BLOCK_FAILED_VALID;
3672 m_blockman.m_dirty_blockindex.insert(pindex);
3673 setBlockIndexCandidates.erase(pindex);
3674 }
3675
3676 // If any new blocks somehow arrived while we were disconnecting
3677 // (above), then the pre-calculation of what should go into
3678 // setBlockIndexCandidates may have missed entries. This would
3679 // technically be an inconsistency in the block index, but if we clean
3680 // it up here, this should be an essentially unobservable error.
3681 // Loop back over all block index entries and add any missing entries
3682 // to setBlockIndexCandidates.
3683 for (auto& [_, block_index] : m_blockman.m_block_index) {
3684 if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && !setBlockIndexCandidates.value_comp()(&block_index, m_chain.Tip())) {
3685 setBlockIndexCandidates.insert(&block_index);
3686 }
3687 }
3688
3689 InvalidChainFound(to_mark_failed);
3690 }
3691
3692 // Only notify about a new block tip if the active chain was modified.
3693 if (pindex_was_in_chain) {
3694 // Ignoring return value for now, this could be changed to bubble up
3695 // kernel::Interrupted value to the caller so the caller could
3696 // distinguish between completed and interrupted operations. It might
3697 // also make sense for the blockTip notification to have an enum
3698 // parameter indicating the source of the tip change so hooks can
3699 // distinguish user-initiated invalidateblock changes from other
3700 // changes.
3703 /*index=*/*to_mark_failed->pprev,
3704 /*verification_progress=*/WITH_LOCK(m_chainman.GetMutex(), return m_chainman.GuessVerificationProgress(to_mark_failed->pprev)));
3705
3706 // Fire ActiveTipChange now for the current chain tip to make sure clients are notified.
3707 // ActivateBestChain may call this as well, but not necessarily.
3710 }
3711 }
3712 return true;
3713}
3714
3715void Chainstate::SetBlockFailureFlags(CBlockIndex* invalid_block)
3716{
3718
3719 for (auto& [_, block_index] : m_blockman.m_block_index) {
3720 if (invalid_block != &block_index && block_index.GetAncestor(invalid_block->nHeight) == invalid_block) {
3721 block_index.nStatus |= BLOCK_FAILED_VALID;
3722 m_blockman.m_dirty_blockindex.insert(&block_index);
3723 }
3724 }
3725}
3726
3729
3730 int nHeight = pindex->nHeight;
3731
3732 // Remove the invalidity flag from this block and all its descendants and ancestors.
3733 for (auto& [_, block_index] : m_blockman.m_block_index) {
3734 if ((block_index.nStatus & BLOCK_FAILED_VALID) && (block_index.GetAncestor(nHeight) == pindex || pindex->GetAncestor(block_index.nHeight) == &block_index)) {
3735 block_index.nStatus &= ~BLOCK_FAILED_VALID;
3736 m_blockman.m_dirty_blockindex.insert(&block_index);
3737 if (block_index.IsValid(BLOCK_VALID_TRANSACTIONS) && block_index.HaveNumChainTxs() && setBlockIndexCandidates.value_comp()(m_chain.Tip(), &block_index)) {
3738 setBlockIndexCandidates.insert(&block_index);
3739 }
3740 if (&block_index == m_chainman.m_best_invalid) {
3741 // Reset invalid block marker if it was pointing to one of those.
3742 m_chainman.m_best_invalid = nullptr;
3743 }
3744 }
3745 }
3746}
3747
3749{
3751
3752 // Do not continue building a chainstate that is based on an invalid
3753 // snapshot. This is a belt-and-suspenders type of check because if an
3754 // invalid snapshot is loaded, the node will shut down to force a manual
3755 // intervention. But it is good to handle this case correctly regardless.
3756 if (m_assumeutxo == Assumeutxo::INVALID) {
3757 return;
3758 }
3759
3760 // The block only is a candidate for the most-work-chain if it has the same
3761 // or more work than our current tip.
3762 if (m_chain.Tip() != nullptr && setBlockIndexCandidates.value_comp()(pindex, m_chain.Tip())) {
3763 return;
3764 }
3765
3766 const CBlockIndex* target_block{TargetBlock()};
3767 if (!target_block) {
3768 // If no specific target block, add all entries that have more
3769 // work than the tip.
3770 setBlockIndexCandidates.insert(pindex);
3771 } else {
3772 // If there is a target block, only consider connecting blocks
3773 // towards the target block.
3774 if (target_block->GetAncestor(pindex->nHeight) == pindex) {
3775 setBlockIndexCandidates.insert(pindex);
3776 }
3777 }
3778}
3779
3782{
3784 pindexNew->nTx = block.vtx.size();
3785 // Typically m_chain_tx_count will be 0 at this point, but it can be nonzero if this
3786 // is a pruned block which is being downloaded again, or if this is an
3787 // assumeutxo snapshot block which has a hardcoded m_chain_tx_count value from the
3788 // snapshot metadata. If the pindex is not the snapshot block and the
3789 // m_chain_tx_count value is not zero, assert that value is actually correct.
3790 auto prev_tx_sum = [](CBlockIndex& block) { return block.nTx + (block.pprev ? block.pprev->m_chain_tx_count : 0); };
3791 if (!Assume(pindexNew->m_chain_tx_count == 0 || pindexNew->m_chain_tx_count == prev_tx_sum(*pindexNew) ||
3792 std::ranges::any_of(m_chainstates, [&](const auto& cs) EXCLUSIVE_LOCKS_REQUIRED(cs_main) { return cs->SnapshotBase() == pindexNew; }))) {
3793 LogWarning("Internal bug detected: block %d has unexpected m_chain_tx_count %i that should be %i (%s %s). Please report this issue here: %s\n",
3794 pindexNew->nHeight, pindexNew->m_chain_tx_count, prev_tx_sum(*pindexNew), CLIENT_NAME, FormatFullVersion(), CLIENT_BUGREPORT);
3795 pindexNew->m_chain_tx_count = 0;
3796 }
3797 pindexNew->nFile = pos.nFile;
3798 pindexNew->nDataPos = pos.nPos;
3799 pindexNew->nUndoPos = 0;
3800 pindexNew->nStatus |= BLOCK_HAVE_DATA;
3801 if (DeploymentActiveAt(*pindexNew, *this, Consensus::DEPLOYMENT_SEGWIT)) {
3802 pindexNew->nStatus |= BLOCK_OPT_WITNESS;
3803 }
3805 m_blockman.m_dirty_blockindex.insert(pindexNew);
3806
3807 if (pindexNew->pprev == nullptr || pindexNew->pprev->HaveNumChainTxs()) {
3808 // If pindexNew is the genesis block or all parents are BLOCK_VALID_TRANSACTIONS.
3809 std::deque<CBlockIndex*> queue;
3810 queue.push_back(pindexNew);
3811
3812 // Recursively process any descendant blocks that now may be eligible to be connected.
3813 while (!queue.empty()) {
3814 CBlockIndex *pindex = queue.front();
3815 queue.pop_front();
3816 // Before setting m_chain_tx_count, assert that it is 0 or already set to
3817 // the correct value. This assert will fail after receiving the
3818 // assumeutxo snapshot block if assumeutxo snapshot metadata has an
3819 // incorrect hardcoded AssumeutxoData::m_chain_tx_count value.
3820 if (!Assume(pindex->m_chain_tx_count == 0 || pindex->m_chain_tx_count == prev_tx_sum(*pindex))) {
3821 LogWarning("Internal bug detected: block %d has unexpected m_chain_tx_count %i that should be %i (%s %s). Please report this issue here: %s\n",
3822 pindex->nHeight, pindex->m_chain_tx_count, prev_tx_sum(*pindex), CLIENT_NAME, FormatFullVersion(), CLIENT_BUGREPORT);
3823 }
3824 pindex->m_chain_tx_count = prev_tx_sum(*pindex);
3825 pindex->nSequenceId = nBlockSequenceId++;
3826 for (const auto& c : m_chainstates) {
3827 c->TryAddBlockIndexCandidate(pindex);
3828 }
3829 std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> range = m_blockman.m_blocks_unlinked.equal_range(pindex);
3830 while (range.first != range.second) {
3831 std::multimap<CBlockIndex*, CBlockIndex*>::iterator it = range.first;
3832 queue.push_back(it->second);
3833 range.first++;
3834 m_blockman.m_blocks_unlinked.erase(it);
3835 }
3836 }
3837 } else {
3838 if (pindexNew->pprev && pindexNew->pprev->IsValid(BLOCK_VALID_TREE)) {
3839 m_blockman.AddUnlinkedBlock(pindexNew);
3840 }
3841 }
3842}
3843
3844static bool CheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true)
3845{
3846 // Check proof of work matches claimed amount
3847 if (fCheckPOW && !CheckProofOfWork(block.GetHash(), block.nBits, consensusParams))
3848 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "high-hash", "proof of work failed");
3849
3850 return true;
3851}
3852
3853static bool CheckMerkleRoot(const CBlock& block, BlockValidationState& state)
3854{
3855 if (block.m_checked_merkle_root) return true;
3856
3857 bool mutated;
3858 uint256 merkle_root = BlockMerkleRoot(block, &mutated);
3859 if (block.hashMerkleRoot != merkle_root) {
3860 return state.Invalid(
3862 /*reject_reason=*/"bad-txnmrklroot",
3863 /*debug_message=*/"hashMerkleRoot mismatch");
3864 }
3865
3866 // Check for merkle tree malleability (CVE-2012-2459): repeating sequences
3867 // of transactions in a block without affecting the merkle root of a block,
3868 // while still invalidating it.
3869 if (mutated) {
3870 return state.Invalid(
3872 /*reject_reason=*/"bad-txns-duplicate",
3873 /*debug_message=*/"duplicate transaction");
3874 }
3875
3876 block.m_checked_merkle_root = true;
3877 return true;
3878}
3879
3886static bool CheckWitnessMalleation(const CBlock& block, bool expect_witness_commitment, BlockValidationState& state)
3887{
3888 if (expect_witness_commitment) {
3889 if (block.m_checked_witness_commitment) return true;
3890
3891 int commitpos = GetWitnessCommitmentIndex(block);
3892 if (commitpos != NO_WITNESS_COMMITMENT) {
3893 assert(!block.vtx.empty() && !block.vtx[0]->vin.empty());
3894 const auto& witness_stack{block.vtx[0]->vin[0].scriptWitness.stack};
3895
3896 if (witness_stack.size() != 1 || witness_stack[0].size() != 32) {
3897 return state.Invalid(
3899 /*reject_reason=*/"bad-witness-nonce-size",
3900 /*debug_message=*/strprintf("%s : invalid witness reserved value size", __func__));
3901 }
3902
3903 // The malleation check is ignored; as the transaction tree itself
3904 // already does not permit it, it is impossible to trigger in the
3905 // witness tree.
3906 uint256 hash_witness = BlockWitnessMerkleRoot(block);
3907
3908 CHash256().Write(hash_witness).Write(witness_stack[0]).Finalize(hash_witness);
3909 if (memcmp(hash_witness.begin(), &block.vtx[0]->vout[commitpos].scriptPubKey[6], 32)) {
3910 return state.Invalid(
3912 /*reject_reason=*/"bad-witness-merkle-match",
3913 /*debug_message=*/strprintf("%s : witness merkle commitment mismatch", __func__));
3914 }
3915
3916 block.m_checked_witness_commitment = true;
3917 return true;
3918 }
3919 }
3920
3921 // No witness data is allowed in blocks that don't commit to witness data, as this would otherwise leave room for spam
3922 for (const auto& tx : block.vtx) {
3923 if (tx->HasWitness()) {
3924 return state.Invalid(
3926 /*reject_reason=*/"unexpected-witness",
3927 /*debug_message=*/strprintf("%s : unexpected witness data found", __func__));
3928 }
3929 }
3930
3931 return true;
3932}
3933
3934bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
3935{
3936 // These are checks that are independent of context.
3937
3938 if (block.fChecked)
3939 return true;
3940
3941 // Check that the header is valid (particularly PoW). This is mostly
3942 // redundant with the call in AcceptBlockHeader.
3943 if (!CheckBlockHeader(block, state, consensusParams, fCheckPOW))
3944 return false;
3945
3946 // Signet only: check block solution
3947 if (consensusParams.signet_blocks && fCheckPOW && !CheckSignetBlockSolution(block, consensusParams)) {
3948 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-signet-blksig", "signet block signature validation failure");
3949 }
3950
3951 // Check the merkle root.
3952 if (fCheckMerkleRoot && !CheckMerkleRoot(block, state)) {
3953 return false;
3954 }
3955
3956 // All potential-corruption validation must be done before we do any
3957 // transaction validation, as otherwise we may mark the header as invalid
3958 // because we receive the wrong transactions for it.
3959 // Note that witness malleability is checked in ContextualCheckBlock, so no
3960 // checks that use witness data may be performed here.
3961
3962 // Size limits
3964 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-length", "size limits failed");
3965
3966 // First transaction must be coinbase, the rest must not be
3967 if (block.vtx.empty() || !block.vtx[0]->IsCoinBase())
3968 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-missing", "first tx is not coinbase");
3969 for (unsigned int i = 1; i < block.vtx.size(); i++)
3970 if (block.vtx[i]->IsCoinBase())
3971 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-multiple", "more than one coinbase");
3972
3973 // Check transactions
3974 // Must check for duplicate inputs (see CVE-2018-17144)
3975 for (const auto& tx : block.vtx) {
3976 TxValidationState tx_state;
3977 if (!CheckTransaction(*tx, tx_state)) {
3978 // CheckBlock() does context-free validation checks. The only
3979 // possible failures are consensus failures.
3982 strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), tx_state.GetDebugMessage()));
3983 }
3984 }
3985 // This underestimates the number of sigops, because unlike ConnectBlock it
3986 // does not count witness and p2sh sigops.
3987 unsigned int nSigOps = 0;
3988 for (const auto& tx : block.vtx)
3989 {
3990 nSigOps += GetLegacySigOpCount(*tx);
3991 }
3993 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "out-of-bounds SigOpCount");
3994
3995 if (fCheckPOW && fCheckMerkleRoot)
3996 block.fChecked = true;
3997
3998 return true;
3999}
4000
4002{
4003 int commitpos = GetWitnessCommitmentIndex(block);
4004 static const std::vector<unsigned char> nonce(32, 0x00);
4005 if (commitpos != NO_WITNESS_COMMITMENT && DeploymentActiveAfter(pindexPrev, *this, Consensus::DEPLOYMENT_SEGWIT) && !block.vtx[0]->HasWitness()) {
4006 CMutableTransaction tx(*block.vtx[0]);
4007 tx.vin[0].scriptWitness.stack.resize(1);
4008 tx.vin[0].scriptWitness.stack[0] = nonce;
4009 block.vtx[0] = MakeTransactionRef(std::move(tx));
4010 }
4011}
4012
4014{
4015 int commitpos = GetWitnessCommitmentIndex(block);
4016 std::vector<unsigned char> ret(32, 0x00);
4017 if (commitpos == NO_WITNESS_COMMITMENT) {
4018 uint256 witnessroot = BlockWitnessMerkleRoot(block);
4019 CHash256().Write(witnessroot).Write(ret).Finalize(witnessroot);
4020 CTxOut out;
4021 out.nValue = 0;
4022 out.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
4023 out.scriptPubKey[0] = OP_RETURN;
4024 out.scriptPubKey[1] = 0x24;
4025 out.scriptPubKey[2] = 0xaa;
4026 out.scriptPubKey[3] = 0x21;
4027 out.scriptPubKey[4] = 0xa9;
4028 out.scriptPubKey[5] = 0xed;
4029 memcpy(&out.scriptPubKey[6], witnessroot.begin(), 32);
4030 CMutableTransaction tx(*block.vtx[0]);
4031 tx.vout.push_back(out);
4032 block.vtx[0] = MakeTransactionRef(std::move(tx));
4033 }
4034 UpdateUncommittedBlockStructures(block, pindexPrev);
4035}
4036
4037bool HasValidProofOfWork(std::span<const CBlockHeader> headers, const Consensus::Params& consensusParams)
4038{
4039 return std::ranges::all_of(headers,
4040 [&](const auto& header) { return CheckProofOfWork(header.GetHash(), header.nBits, consensusParams); });
4041}
4042
4043bool IsBlockMutated(const CBlock& block, bool check_witness_root)
4044{
4046 if (!CheckMerkleRoot(block, state)) {
4047 LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4048 return true;
4049 }
4050
4051 if (block.vtx.empty() || !block.vtx[0]->IsCoinBase()) {
4052 // Consider the block mutated if any transaction is 64 bytes in size (see 3.1
4053 // in "Weaknesses in Bitcoin’s Merkle Root Construction":
4054 // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190225/a27d8837/attachment-0001.pdf).
4055 //
4056 // Note: This is not a consensus change as this only applies to blocks that
4057 // don't have a coinbase transaction and would therefore already be invalid.
4058 return std::any_of(block.vtx.begin(), block.vtx.end(),
4059 [](auto& tx) { return GetSerializeSize(TX_NO_WITNESS(tx)) == 64; });
4060 } else {
4061 // Theoretically it is still possible for a block with a 64 byte
4062 // coinbase transaction to be mutated but we neglect that possibility
4063 // here as it requires at least 224 bits of work.
4064 }
4065
4066 if (!CheckWitnessMalleation(block, check_witness_root, state)) {
4067 LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
4068 return true;
4069 }
4070
4071 return false;
4072}
4073
4075{
4076 arith_uint256 total_work{0};
4077 for (const CBlockHeader& header : headers) {
4078 total_work += GetBlockProof(header);
4079 }
4080 return total_work;
4081}
4082
4097{
4099 assert(pindexPrev != nullptr);
4100 const int nHeight = pindexPrev->nHeight + 1;
4101
4102 // Check proof of work
4103 const Consensus::Params& consensusParams = chainman.GetConsensus();
4104 if (block.nBits != GetNextWorkRequired(pindexPrev, &block, consensusParams))
4105 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "bad-diffbits", "incorrect proof of work");
4106
4107 // Check timestamp against prev
4108 if (block.GetBlockTime() <= pindexPrev->GetMedianTimePast())
4109 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-too-old", "block's timestamp is too early");
4110
4111 // Testnet4 and regtest only: Check timestamp against prev for difficulty-adjustment
4112 // blocks to prevent timewarp attacks (see https://github.com/bitcoin/bitcoin/pull/15482).
4113 if (consensusParams.enforce_BIP94) {
4114 // Check timestamp for the first block of each difficulty adjustment
4115 // interval, except the genesis block.
4116 if (nHeight % consensusParams.DifficultyAdjustmentInterval() == 0) {
4117 if (block.GetBlockTime() < pindexPrev->GetBlockTime() - MAX_TIMEWARP) {
4118 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-timewarp-attack", "block's timestamp is too early on diff adjustment block");
4119 }
4120 }
4121 }
4122
4123 // Check timestamp
4124 if (block.Time() > NodeClock::now() + std::chrono::seconds{MAX_FUTURE_BLOCK_TIME}) {
4125 return state.Invalid(BlockValidationResult::BLOCK_TIME_FUTURE, "time-too-new", "block timestamp too far in the future");
4126 }
4127
4128 // Reject blocks with outdated version
4129 if ((block.nVersion < 2 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB)) ||
4130 (block.nVersion < 3 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_DERSIG)) ||
4131 (block.nVersion < 4 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CLTV))) {
4132 return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, strprintf("bad-version(0x%08x)", block.nVersion),
4133 strprintf("rejected nVersion=0x%08x block", block.nVersion));
4134 }
4135
4136 return true;
4137}
4138
4145static bool ContextualCheckBlock(const CBlock& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev)
4146{
4147 const int nHeight = pindexPrev == nullptr ? 0 : pindexPrev->nHeight + 1;
4148
4149 // Enforce BIP113 (Median Time Past).
4150 bool enforce_locktime_median_time_past{false};
4151 if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CSV)) {
4152 assert(pindexPrev != nullptr);
4153 enforce_locktime_median_time_past = true;
4154 }
4155
4156 const int64_t nLockTimeCutoff{enforce_locktime_median_time_past ?
4157 pindexPrev->GetMedianTimePast() :
4158 block.GetBlockTime()};
4159
4160 // Check that all transactions are finalized
4161 for (const auto& tx : block.vtx) {
4162 if (!IsFinalTx(*tx, nHeight, nLockTimeCutoff)) {
4163 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal", "non-final transaction");
4164 }
4165 }
4166
4167 // Enforce rule that the coinbase starts with serialized block height
4169 {
4171 if (block.vtx[0]->vin[0].scriptSig.size() < expect.size() ||
4172 !std::equal(expect.begin(), expect.end(), block.vtx[0]->vin[0].scriptSig.begin())) {
4173 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-height", "block height mismatch in coinbase");
4174 }
4175 }
4176
4177 // Validation for witness commitments.
4178 // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the
4179 // coinbase (where 0x0000....0000 is used instead).
4180 // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness reserved value (unconstrained).
4181 // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header).
4182 // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are
4183 // {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness reserved value). In case there are
4184 // multiple, the last one is used.
4185 if (!CheckWitnessMalleation(block, DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_SEGWIT), state)) {
4186 return false;
4187 }
4188
4189 // After the coinbase witness reserved value and commitment are verified,
4190 // we can check if the block weight passes (before we've checked the
4191 // coinbase witness, it would be possible for the weight to be too
4192 // large by filling up the coinbase witness, which doesn't change
4193 // the block hash, so we couldn't mark the block as permanently
4194 // failed).
4195 if (GetBlockWeight(block) > MAX_BLOCK_WEIGHT) {
4196 return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-weight", strprintf("%s : weight limit failed", __func__));
4197 }
4198
4199 return true;
4200}
4201
4202bool ChainstateManager::AcceptBlockHeader(const CBlockHeader& block, BlockValidationState& state, CBlockIndex** ppindex, bool min_pow_checked)
4203{
4205
4206 // Check for duplicate
4207 uint256 hash = block.GetHash();
4208 BlockMap::iterator miSelf{m_blockman.m_block_index.find(hash)};
4209 if (hash != GetConsensus().hashGenesisBlock) {
4210 if (miSelf != m_blockman.m_block_index.end()) {
4211 // Block header is already known.
4212 CBlockIndex* pindex = &(miSelf->second);
4213 if (ppindex)
4214 *ppindex = pindex;
4215 if (pindex->nStatus & BLOCK_FAILED_VALID) {
4216 LogDebug(BCLog::VALIDATION, "%s: block %s is marked invalid\n", __func__, hash.ToString());
4217 return state.Invalid(BlockValidationResult::BLOCK_CACHED_INVALID, "duplicate-invalid",
4218 strprintf("block %s was previously marked invalid", hash.ToString()));
4219 }
4220 return true;
4221 }
4222
4223 if (!CheckBlockHeader(block, state, GetConsensus())) {
4224 LogDebug(BCLog::VALIDATION, "%s: Consensus::CheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4225 return false;
4226 }
4227
4228 // Get prev block index
4229 CBlockIndex* pindexPrev = nullptr;
4230 BlockMap::iterator mi{m_blockman.m_block_index.find(block.hashPrevBlock)};
4231 if (mi == m_blockman.m_block_index.end()) {
4232 LogDebug(BCLog::VALIDATION, "header %s has prev block not found: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4233 return state.Invalid(BlockValidationResult::BLOCK_MISSING_PREV, "prev-blk-not-found");
4234 }
4235 pindexPrev = &((*mi).second);
4236 if (pindexPrev->nStatus & BLOCK_FAILED_VALID) {
4237 LogDebug(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
4238 return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
4239 }
4240 if (!ContextualCheckBlockHeader(block, state, *this, pindexPrev)) {
4241 LogDebug(BCLog::VALIDATION, "%s: Consensus::ContextualCheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
4242 return false;
4243 }
4244 }
4245 if (!min_pow_checked) {
4246 LogDebug(BCLog::VALIDATION, "%s: not adding new block header %s, missing anti-dos proof-of-work validation\n", __func__, hash.ToString());
4247 return state.Invalid(BlockValidationResult::BLOCK_HEADER_LOW_WORK, "too-little-chainwork");
4248 }
4249 CBlockIndex* pindex{m_blockman.AddToBlockIndex(block, m_best_header)};
4250
4251 if (ppindex)
4252 *ppindex = pindex;
4253
4254 return true;
4255}
4256
4257// Exposed wrapper for AcceptBlockHeader
4258bool ChainstateManager::ProcessNewBlockHeaders(std::span<const CBlockHeader> headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex)
4259{
4261 {
4262 LOCK(cs_main);
4263 for (const CBlockHeader& header : headers) {
4264 CBlockIndex *pindex = nullptr; // Use a temp pindex instead of ppindex to avoid a const_cast
4265 bool accepted{AcceptBlockHeader(header, state, &pindex, min_pow_checked)};
4267
4268 if (!accepted) {
4269 return false;
4270 }
4271 if (ppindex) {
4272 *ppindex = pindex;
4273 }
4274 }
4275 }
4276 if (NotifyHeaderTip()) {
4277 if (IsInitialBlockDownload() && ppindex && *ppindex) {
4278 const CBlockIndex& last_accepted{**ppindex};
4279 int64_t blocks_left{(NodeClock::now() - last_accepted.Time()) / GetConsensus().PowTargetSpacing()};
4280 blocks_left = std::max<int64_t>(0, blocks_left);
4281 const double progress{100.0 * last_accepted.nHeight / (last_accepted.nHeight + blocks_left)};
4282 LogInfo("Synchronizing blockheaders, height: %d (~%.2f%%)\n", last_accepted.nHeight, progress);
4283 }
4284 }
4285 return true;
4286}
4287
4288void ChainstateManager::ReportHeadersPresync(int64_t height, int64_t timestamp)
4289{
4291 {
4292 LOCK(GetMutex());
4293 // Don't report headers presync progress if we already have a post-minchainwork header chain.
4294 // This means we lose reporting for potentially legitimate, but unlikely, deep reorgs, but
4295 // prevent attackers that spam low-work headers from filling our logs.
4296 if (m_best_header->nChainWork >= UintToArith256(GetConsensus().nMinimumChainWork)) return;
4297 // Rate limit headers presync updates to 4 per second, as these are not subject to DoS
4298 // protection.
4299 auto now = MockableSteadyClock::now();
4300 if (now < m_last_presync_update + std::chrono::milliseconds{250}) return;
4301 m_last_presync_update = now;
4302 }
4303 bool initial_download = IsInitialBlockDownload();
4304 GetNotifications().headerTip(GetSynchronizationState(initial_download, m_blockman.m_blockfiles_indexed), height, timestamp, /*presync=*/true);
4305 if (initial_download) {
4306 int64_t blocks_left{(NodeClock::now() - NodeSeconds{std::chrono::seconds{timestamp}}) / GetConsensus().PowTargetSpacing()};
4307 blocks_left = std::max<int64_t>(0, blocks_left);
4308 const double progress{100.0 * height / (height + blocks_left)};
4309 LogInfo("Pre-synchronizing blockheaders, height: %d (~%.2f%%)\n", height, progress);
4310 }
4311}
4312
4314bool ChainstateManager::AcceptBlock(const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked)
4315{
4316 const CBlock& block = *pblock;
4317
4318 if (fNewBlock) *fNewBlock = false;
4320
4321 CBlockIndex *pindexDummy = nullptr;
4322 CBlockIndex *&pindex = ppindex ? *ppindex : pindexDummy;
4323
4324 bool accepted_header{AcceptBlockHeader(block, state, &pindex, min_pow_checked)};
4326
4327 if (!accepted_header)
4328 return false;
4329
4330 // Check all requested blocks that we do not already have for validity and
4331 // save them to disk. Skip processing of unrequested blocks as an anti-DoS
4332 // measure, unless the blocks have more work than the active chain tip, and
4333 // aren't too far ahead of it, so are likely to be attached soon.
4334 bool fAlreadyHave = pindex->nStatus & BLOCK_HAVE_DATA;
4335 bool fHasMoreOrSameWork = (ActiveTip() ? pindex->nChainWork >= ActiveTip()->nChainWork : true);
4336 // Blocks that are too out-of-order needlessly limit the effectiveness of
4337 // pruning, because pruning will not delete block files that contain any
4338 // blocks which are too close in height to the tip. Apply this test
4339 // regardless of whether pruning is enabled; it should generally be safe to
4340 // not process unrequested blocks.
4341 bool fTooFarAhead{pindex->nHeight > ActiveHeight() + int(MIN_BLOCKS_TO_KEEP)};
4342
4343 // TODO: Decouple this function from the block download logic by removing fRequested
4344 // This requires some new chain data structure to efficiently look up if a
4345 // block is in a chain leading to a candidate for best tip, despite not
4346 // being such a candidate itself.
4347 // Note that this would break the getblockfrompeer RPC
4348
4349 // TODO: deal better with return value and error conditions for duplicate
4350 // and unrequested blocks.
4351 if (fAlreadyHave) return true;
4352 if (!fRequested) { // If we didn't ask for it:
4353 if (pindex->nTx != 0) return true; // This is a previously-processed block that was pruned
4354 if (!fHasMoreOrSameWork) return true; // Don't process less-work chains
4355 if (fTooFarAhead) return true; // Block height is too high
4356
4357 // Protect against DoS attacks from low-work chains.
4358 // If our tip is behind, a peer could try to send us
4359 // low-work blocks on a fake chain that we would never
4360 // request; don't process these.
4361 if (pindex->nChainWork < MinimumChainWork()) return true;
4362 }
4363
4364 const CChainParams& params{GetParams()};
4365
4366 if (!CheckBlock(block, state, params.GetConsensus()) ||
4367 !ContextualCheckBlock(block, state, *this, pindex->pprev)) {
4368 if (Assume(state.IsInvalid())) {
4369 ActiveChainstate().InvalidBlockFound(pindex, state);
4370 }
4371 LogError("%s: %s\n", __func__, state.ToString());
4372 return false;
4373 }
4374
4375 // Header is valid/has work, merkle tree and segwit merkle tree are good...RELAY NOW
4376 // (but if it does not build on our best tip, let the SendMessages loop relay it)
4377 if (!IsInitialBlockDownload() && ActiveTip() == pindex->pprev && m_options.signals) {
4378 m_options.signals->NewPoWValidBlock(pindex, pblock);
4379 }
4380
4381 // Write block to history file
4382 if (fNewBlock) *fNewBlock = true;
4383 try {
4384 FlatFilePos blockPos{};
4385 if (dbp) {
4386 blockPos = *dbp;
4387 m_blockman.UpdateBlockInfo(block, pindex->nHeight, blockPos);
4388 } else {
4389 blockPos = m_blockman.WriteBlock(block, pindex->nHeight);
4390 if (blockPos.IsNull()) {
4391 state.Error(strprintf("%s: Failed to find position to write new block to disk", __func__));
4392 return false;
4393 }
4394 }
4395 ReceivedBlockTransactions(block, pindex, blockPos);
4396 } catch (const std::runtime_error& e) {
4397 return FatalError(GetNotifications(), state, strprintf(_("System error while saving block to disk: %s"), e.what()));
4398 }
4399
4400 // TODO: FlushStateToDisk() handles flushing of both block and chainstate
4401 // data, so we should move this to ChainstateManager so that we can be more
4402 // intelligent about how we flush.
4403 // For now, since FlushStateMode::NONE is used, all that can happen is that
4404 // the block files may be pruned, so we can just call this on one
4405 // chainstate (particularly if we haven't implemented pruning with
4406 // background validation yet).
4407 //
4408 // Flush errors (e.g. low disk space during pruning) are ignored, so that
4409 // callers can't mistreat a flush failure as a block validation failure.
4410 // The fatal error notification inside FlushStateToDisk still fires,
4411 // so the node will shut down on unrecoverable flush errors regardless.
4412 // For state a dummy value is used, and the return value is ignored.
4413 BlockValidationState flush_state_ignore;
4414 (void)ActiveChainstate().FlushStateToDisk(flush_state_ignore, FlushStateMode::NONE);
4415
4417
4418 return true;
4419}
4420
4421bool ChainstateManager::ProcessNewBlock(const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block)
4422{
4424
4425 {
4426 CBlockIndex *pindex = nullptr;
4427 if (new_block) *new_block = false;
4429
4430 // CheckBlock() does not support multi-threaded block validation because CBlock::fChecked can cause data race.
4431 // Therefore, the following critical section must include the CheckBlock() call as well.
4432 LOCK(cs_main);
4433
4434 // Skipping AcceptBlock() for CheckBlock() failures means that we will never mark a block as invalid if
4435 // CheckBlock() fails. This is protective against consensus failure if there are any unknown forms of block
4436 // malleability that cause CheckBlock() to fail; see e.g. CVE-2012-2459 and
4437 // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html. Because CheckBlock() is
4438 // not very expensive, the anti-DoS benefits of caching failure (of a definitely-invalid block) are not substantial.
4439 bool ret = CheckBlock(*block, state, GetConsensus());
4440 if (ret) {
4441 // Store to disk
4442 ret = AcceptBlock(block, state, &pindex, force_processing, nullptr, new_block, min_pow_checked);
4443 }
4444 if (!ret) {
4445 if (m_options.signals) {
4446 m_options.signals->BlockChecked(block, state);
4447 }
4448 LogError("%s: AcceptBlock FAILED (%s)\n", __func__, state.ToString());
4449 return false;
4450 }
4451 }
4452
4454
4455 BlockValidationState state; // Only used to report errors, not invalidity - ignore it
4456 if (!ActiveChainstate().ActivateBestChain(state, block)) {
4457 LogError("%s: ActivateBestChain failed (%s)\n", __func__, state.ToString());
4458 return false;
4459 }
4460
4461 Chainstate* bg_chain{WITH_LOCK(cs_main, return HistoricalChainstate())};
4462 BlockValidationState bg_state;
4463 if (bg_chain && !bg_chain->ActivateBestChain(bg_state, block)) {
4464 LogError("%s: [background] ActivateBestChain failed (%s)\n", __func__, bg_state.ToString());
4465 return false;
4466 }
4467
4468 return true;
4469}
4470
4472{
4474 Chainstate& active_chainstate = ActiveChainstate();
4475 if (!active_chainstate.GetMempool()) {
4476 TxValidationState state;
4477 state.Invalid(TxValidationResult::TX_NO_MEMPOOL, "no-mempool");
4478 return MempoolAcceptResult::Failure(state);
4479 }
4480 auto result = AcceptToMemoryPool(active_chainstate, tx, GetTime(), /*bypass_limits=*/ false, test_accept);
4481 active_chainstate.GetMempool()->check(active_chainstate.CoinsTip(), active_chainstate.m_chain.Height() + 1);
4482 return result;
4483}
4484
4485
4487 Chainstate& chainstate,
4488 const CBlock& block,
4489 const bool check_pow,
4490 const bool check_merkle_root)
4491{
4492 // Lock must be held throughout this function for two reasons:
4493 // 1. We don't want the tip to change during several of the validation steps
4494 // 2. To prevent a CheckBlock() race condition for fChecked, see ProcessNewBlock()
4495 AssertLockHeld(chainstate.m_chainman.GetMutex());
4496
4498 CBlockIndex* tip{Assert(chainstate.m_chain.Tip())};
4499
4500 if (block.hashPrevBlock != *Assert(tip->phashBlock)) {
4501 state.Invalid({}, "inconclusive-not-best-prevblk");
4502 return state;
4503 }
4504
4505 // For signets CheckBlock() verifies the challenge iff fCheckPow is set.
4506 if (!CheckBlock(block, state, chainstate.m_chainman.GetConsensus(), /*fCheckPow=*/check_pow, /*fCheckMerkleRoot=*/check_merkle_root)) {
4507 // This should never happen, but belt-and-suspenders don't approve the
4508 // block if it does.
4509 if (state.IsValid()) NONFATAL_UNREACHABLE();
4510 return state;
4511 }
4512
4528 if (!ContextualCheckBlockHeader(block, state, chainstate.m_chainman, tip)) {
4529 if (state.IsValid()) NONFATAL_UNREACHABLE();
4530 return state;
4531 }
4532
4533 if (!ContextualCheckBlock(block, state, chainstate.m_chainman, tip)) {
4534 if (state.IsValid()) NONFATAL_UNREACHABLE();
4535 return state;
4536 }
4537
4538 // We don't want ConnectBlock to update the actual chainstate, so create
4539 // a cache on top of it, along with a dummy block index.
4540 CBlockIndex index_dummy{block};
4541 uint256 block_hash(block.GetHash());
4542 index_dummy.pprev = tip;
4543 index_dummy.nHeight = tip->nHeight + 1;
4544 index_dummy.phashBlock = &block_hash;
4545 CCoinsViewCache view_dummy(&chainstate.CoinsTip());
4546
4547 // Set fJustCheck to true in order to update, and not clear, validation caches.
4548 if(!chainstate.ConnectBlock(block, state, &index_dummy, view_dummy, /*fJustCheck=*/true)) {
4549 if (state.IsValid()) NONFATAL_UNREACHABLE();
4550 return state;
4551 }
4552
4553 // Ensure no check returned successfully while also setting an invalid state.
4554 if (!state.IsValid()) NONFATAL_UNREACHABLE();
4555
4556 return state;
4557}
4558
4559/* This function is called from the RPC code for pruneblockchain */
4560void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight)
4561{
4563 if (!active_chainstate.FlushStateToDisk(
4564 state, FlushStateMode::NONE, nManualPruneHeight)) {
4565 LogWarning("Failed to flush state after manual prune (%s)", state.ToString());
4566 }
4567}
4568
4570{
4572 const CCoinsViewCache& coins_cache = CoinsTip();
4573 assert(!coins_cache.GetBestBlock().IsNull()); // Never called when the coins view is empty
4574 CBlockIndex* tip = m_chain.Tip();
4575
4576 if (tip && tip->GetBlockHash() == coins_cache.GetBestBlock()) {
4577 return true;
4578 }
4579
4580 // Load pointer to end of best chain
4581 CBlockIndex* pindex = m_blockman.LookupBlockIndex(coins_cache.GetBestBlock());
4582 if (!pindex) {
4583 return false;
4584 }
4585 m_chain.SetTip(*pindex);
4587 m_last_flushed_block = pindex;
4588 tip = m_chain.Tip();
4589
4590 // nSequenceId is one of the keys used to sort setBlockIndexCandidates. Ensure all
4591 // candidate sets are empty to avoid UB, as nSequenceId is about to be modified.
4592 for (const auto& cs : m_chainman.m_chainstates) {
4593 assert(cs->setBlockIndexCandidates.empty());
4594 }
4595
4596 // Make sure our chain tip before shutting down scores better than any other candidate
4597 // to maintain a consistent best tip over reboots in case of a tie.
4598 auto target = tip;
4599 while (target) {
4601 target = target->pprev;
4602 }
4603
4604 LogInfo("Loaded best chain: hashBestChain=%s height=%d date=%s progress=%f",
4605 tip->GetBlockHash().ToString(),
4606 m_chain.Height(),
4609
4610 // Ensure KernelNotifications m_tip_block is set even if no new block arrives.
4611 if (!this->GetRole().historical) {
4612 // Ignoring return value for now.
4615 /*index=*/*pindex,
4616 /*verification_progress=*/m_chainman.GuessVerificationProgress(tip));
4617 }
4618
4620
4621 return true;
4622}
4623
4625 : m_notifications{notifications}
4626{
4627 m_notifications.progress(_("Verifying blocks…"), 0, false);
4628}
4629
4631{
4632 m_notifications.progress(bilingual_str{}, 100, false);
4633}
4634
4636 Chainstate& chainstate,
4637 const Consensus::Params& consensus_params,
4638 CCoinsView& coinsview,
4639 int nCheckLevel, int nCheckDepth)
4640{
4642
4643 if (chainstate.m_chain.Tip() == nullptr || chainstate.m_chain.Tip()->pprev == nullptr) {
4645 }
4646
4647 // Verify blocks in the best chain
4648 if (nCheckDepth <= 0 || nCheckDepth > chainstate.m_chain.Height()) {
4649 nCheckDepth = chainstate.m_chain.Height();
4650 }
4651 nCheckLevel = std::max(0, std::min(4, nCheckLevel));
4652 LogInfo("Verifying last %i blocks at level %i", nCheckDepth, nCheckLevel);
4653 CCoinsViewCache coins(&coinsview);
4654 CBlockIndex* pindex;
4655 CBlockIndex* pindexFailure = nullptr;
4656 int nGoodTransactions = 0;
4658 int reportDone = 0;
4659 bool skipped_no_block_data{false};
4660 bool skipped_l3_checks{false};
4661 LogInfo("Verification progress: 0%%");
4662
4663 const bool is_snapshot_cs{chainstate.m_from_snapshot_blockhash};
4664
4665 for (pindex = chainstate.m_chain.Tip(); pindex && pindex->pprev; pindex = pindex->pprev) {
4666 const int percentageDone = std::max(1, std::min(99, (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * (nCheckLevel >= 4 ? 50 : 100))));
4667 if (reportDone < percentageDone / 10) {
4668 // report every 10% step
4669 LogInfo("Verification progress: %d%%", percentageDone);
4670 reportDone = percentageDone / 10;
4671 }
4672 m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4673 if (pindex->nHeight <= chainstate.m_chain.Height() - nCheckDepth) {
4674 break;
4675 }
4676 if ((chainstate.m_blockman.IsPruneMode() || is_snapshot_cs) && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
4677 // If pruning or running under an assumeutxo snapshot, only go
4678 // back as far as we have data.
4679 LogInfo("Block verification stopping at height %d (no data). This could be due to pruning or use of an assumeutxo snapshot.", pindex->nHeight);
4680 skipped_no_block_data = true;
4681 break;
4682 }
4683 CBlock block;
4684 // check level 0: read from disk
4685 if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
4686 LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4688 }
4689 // check level 1: verify block validity
4690 if (nCheckLevel >= 1 && !CheckBlock(block, state, consensus_params)) {
4691 LogError("Verification error: found bad block at %d, hash=%s (%s)",
4692 pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4694 }
4695 // check level 2: verify undo validity
4696 if (nCheckLevel >= 2 && pindex) {
4697 CBlockUndo undo;
4698 if (!pindex->GetUndoPos().IsNull()) {
4699 if (!chainstate.m_blockman.ReadBlockUndo(undo, *pindex)) {
4700 LogError("Verification error: found bad undo data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4702 }
4703 }
4704 }
4705 // check level 3: check for inconsistencies during memory-only disconnect of tip blocks
4706 size_t curr_coins_usage = coins.DynamicMemoryUsage() + chainstate.CoinsTip().DynamicMemoryUsage();
4707
4708 if (nCheckLevel >= 3) {
4709 if (curr_coins_usage <= chainstate.m_coinstip_cache_size_bytes) {
4710 assert(coins.GetBestBlock() == pindex->GetBlockHash());
4711 DisconnectResult res = chainstate.DisconnectBlock(block, pindex, coins);
4712 if (res == DISCONNECT_FAILED) {
4713 LogError("Verification error: irrecoverable inconsistency in block data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4715 }
4716 if (res == DISCONNECT_UNCLEAN) {
4717 nGoodTransactions = 0;
4718 pindexFailure = pindex;
4719 } else {
4720 nGoodTransactions += block.vtx.size();
4721 }
4722 } else {
4723 skipped_l3_checks = true;
4724 }
4725 }
4726 if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4727 }
4728 if (pindexFailure) {
4729 LogError("Verification error: coin database inconsistencies found (last %i blocks, %i good transactions before that)", chainstate.m_chain.Height() - pindexFailure->nHeight + 1, nGoodTransactions);
4731 }
4732 if (skipped_l3_checks) {
4733 LogWarning("Skipped verification of level >=3 (insufficient database cache size). Consider increasing -dbcache.");
4734 }
4735
4736 // store block count as we move pindex at check level >= 4
4737 int block_count = chainstate.m_chain.Height() - pindex->nHeight;
4738
4739 // check level 4: try reconnecting blocks
4740 if (nCheckLevel >= 4 && !skipped_l3_checks) {
4741 while (pindex != chainstate.m_chain.Tip()) {
4742 const int percentageDone = std::max(1, std::min(99, 100 - (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * 50)));
4743 if (reportDone < percentageDone / 10) {
4744 // report every 10% step
4745 LogInfo("Verification progress: %d%%", percentageDone);
4746 reportDone = percentageDone / 10;
4747 }
4748 m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
4749 pindex = chainstate.m_chain.Next(*pindex);
4750 CBlock block;
4751 if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
4752 LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
4754 }
4755 if (!chainstate.ConnectBlock(block, state, pindex, coins)) {
4756 LogError("Verification error: found unconnectable block at %d, hash=%s (%s)", pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
4758 }
4759 if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
4760 }
4761 }
4762
4763 LogInfo("Verification: checked last %i blocks at level %i", block_count, nCheckLevel);
4764 if (nCheckLevel >= 3 && !skipped_l3_checks) {
4765 LogInfo("Verification: no coin database inconsistencies (%i transactions)", nGoodTransactions);
4766 }
4767
4768 if (skipped_l3_checks) {
4770 }
4771 if (skipped_no_block_data) {
4773 }
4775}
4776
4779{
4781 // TODO: merge with ConnectBlock
4782 CBlock block;
4783 if (!m_blockman.ReadBlock(block, *pindex)) {
4784 LogError("ReplayBlock(): ReadBlock failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
4785 return false;
4786 }
4787
4788 for (const CTransactionRef& tx : block.vtx) {
4789 if (!tx->IsCoinBase()) {
4790 for (const CTxIn &txin : tx->vin) {
4791 inputs.SpendCoin(txin.prevout);
4792 }
4793 }
4794 // Pass check = true as every addition may be an overwrite.
4795 AddCoins(inputs, *tx, pindex->nHeight, true);
4796 }
4797 return true;
4798}
4799
4801{
4802 LOCK(cs_main);
4803
4804 CCoinsView& db = this->CoinsDB();
4805 CCoinsViewCache cache(&db);
4806
4807 std::vector<uint256> hashHeads = db.GetHeadBlocks();
4808 if (hashHeads.empty()) return true; // We're already in a consistent state.
4809 if (hashHeads.size() != 2) {
4810 LogError("ReplayBlocks(): unknown inconsistent state\n");
4811 return false;
4812 }
4813
4814 m_chainman.GetNotifications().progress(_("Replaying blocks…"), 0, false);
4815 LogInfo("Replaying blocks");
4816
4817 const CBlockIndex* pindexOld = nullptr; // Old tip during the interrupted flush.
4818 const CBlockIndex* pindexNew; // New tip during the interrupted flush.
4819 const CBlockIndex* pindexFork = nullptr; // Latest block common to both the old and the new tip.
4820
4821 if (!m_blockman.m_block_index.contains(hashHeads[0])) {
4822 LogError("ReplayBlocks(): reorganization to unknown block requested\n");
4823 return false;
4824 }
4825 pindexNew = &(m_blockman.m_block_index[hashHeads[0]]);
4826
4827 if (!hashHeads[1].IsNull()) { // The old tip is allowed to be 0, indicating it's the first flush.
4828 if (!m_blockman.m_block_index.contains(hashHeads[1])) {
4829 LogError("ReplayBlocks(): reorganization from unknown block requested\n");
4830 return false;
4831 }
4832 pindexOld = &(m_blockman.m_block_index[hashHeads[1]]);
4833 pindexFork = LastCommonAncestor(pindexOld, pindexNew);
4834 assert(pindexFork != nullptr);
4835 }
4836
4837 // Rollback along the old branch.
4838 const int nForkHeight{pindexFork ? pindexFork->nHeight : 0};
4839 if (pindexOld != pindexFork) {
4840 LogInfo("Rolling back from %s (%i to %i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight, nForkHeight);
4841 while (pindexOld != pindexFork) {
4842 if (pindexOld->nHeight > 0) { // Never disconnect the genesis block.
4843 CBlock block;
4844 if (!m_blockman.ReadBlock(block, *pindexOld)) {
4845 LogError("RollbackBlock(): ReadBlock() failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4846 return false;
4847 }
4848 if (pindexOld->nHeight % 10'000 == 0) {
4849 LogInfo("Rolling back %s (%i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight);
4850 }
4851 DisconnectResult res = DisconnectBlock(block, pindexOld, cache);
4852 if (res == DISCONNECT_FAILED) {
4853 LogError("RollbackBlock(): DisconnectBlock failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
4854 return false;
4855 }
4856 // If DISCONNECT_UNCLEAN is returned, it means a non-existing UTXO was deleted, or an existing UTXO was
4857 // overwritten. It corresponds to cases where the block-to-be-disconnect never had all its operations
4858 // applied to the UTXO set. However, as both writing a UTXO and deleting a UTXO are idempotent operations,
4859 // the result is still a version of the UTXO set with the effects of that block undone.
4860 }
4861 pindexOld = pindexOld->pprev;
4862 }
4863 LogInfo("Rolled back to %s", pindexFork->GetBlockHash().ToString());
4864 }
4865
4866 // Roll forward from the forking point to the new tip.
4867 if (nForkHeight < pindexNew->nHeight) {
4868 LogInfo("Rolling forward to %s (%i to %i)", pindexNew->GetBlockHash().ToString(), nForkHeight, pindexNew->nHeight);
4869 for (int nHeight = nForkHeight + 1; nHeight <= pindexNew->nHeight; ++nHeight) {
4870 const CBlockIndex& pindex{*Assert(pindexNew->GetAncestor(nHeight))};
4871
4872 if (nHeight % 10'000 == 0) {
4873 LogInfo("Rolling forward %s (%i)", pindex.GetBlockHash().ToString(), nHeight);
4874 }
4875 m_chainman.GetNotifications().progress(_("Replaying blocks…"), (int)((nHeight - nForkHeight) * 100.0 / (pindexNew->nHeight - nForkHeight)), false);
4876 if (!RollforwardBlock(&pindex, cache)) return false;
4877 }
4878 LogInfo("Rolled forward to %s", pindexNew->GetBlockHash().ToString());
4879 }
4880
4881 cache.SetBestBlock(pindexNew->GetBlockHash());
4882 cache.Flush(/*reallocate_cache=*/false); // local CCoinsViewCache goes out of scope
4884 return true;
4885}
4886
4888{
4890
4891 // At and above m_params.SegwitHeight, segwit consensus rules must be validated
4892 CBlockIndex* block{m_chain.Tip()};
4893
4894 while (block != nullptr && DeploymentActiveAt(*block, m_chainman, Consensus::DEPLOYMENT_SEGWIT)) {
4895 if (!(block->nStatus & BLOCK_OPT_WITNESS)) {
4896 // block is insufficiently validated for a segwit client
4897 return true;
4898 }
4899 block = block->pprev;
4900 }
4901
4902 return false;
4903}
4904
4905void Chainstate::ClearBlockIndexCandidates()
4906{
4909}
4910
4911void Chainstate::PopulateBlockIndexCandidates()
4912{
4914
4915 for (CBlockIndex* pindex : m_blockman.GetAllBlockIndices()) {
4916 // With assumeutxo, the snapshot block is a candidate for the tip, but it
4917 // may not have BLOCK_VALID_TRANSACTIONS (e.g. if we haven't yet downloaded
4918 // the block), so we special-case it here.
4919 if (pindex == SnapshotBase() ||
4921 (pindex->HaveNumChainTxs() || pindex->pprev == nullptr))) {
4923 }
4924 }
4925}
4926
4928{
4930 // Load block index from databases
4932 bool ret{m_blockman.LoadBlockIndexDB(CurrentChainstate().m_from_snapshot_blockhash)};
4933 if (!ret) return false;
4934
4935 m_blockman.ScanAndUnlinkAlreadyPrunedFiles();
4936
4937 std::vector<CBlockIndex*> vSortedByHeight{m_blockman.GetAllBlockIndices()};
4938 std::sort(vSortedByHeight.begin(), vSortedByHeight.end(),
4940
4941 for (CBlockIndex* pindex : vSortedByHeight) {
4942 if (m_interrupt) return false;
4943 if (pindex->nStatus & BLOCK_FAILED_VALID && (!m_best_invalid || pindex->nChainWork > m_best_invalid->nChainWork)) {
4944 m_best_invalid = pindex;
4945 }
4946 if (pindex->IsValid(BLOCK_VALID_TREE) && (m_best_header == nullptr || CBlockIndexWorkComparator()(m_best_header, pindex)))
4947 m_best_header = pindex;
4948 }
4949 }
4950 return true;
4951}
4952
4954{
4955 LOCK(cs_main);
4956
4957 const CBlock& genesis_block{GetParams().GenesisBlock()};
4958
4959 // Check whether we're already initialized by checking for genesis in
4960 // m_blockman.m_block_index. Note that we can't use a chainstate's m_chain here, since it is
4961 // set based on the coins db, not the block index db, which is the only
4962 // thing loaded at this point.
4963 if (m_blockman.m_block_index.contains(genesis_block.GetHash())) {
4964 return true;
4965 }
4966
4967 try {
4968 FlatFilePos blockPos{m_blockman.WriteBlock(genesis_block, 0)};
4969 if (blockPos.IsNull()) {
4970 LogError("Writing genesis block to disk failed");
4971 return false;
4972 }
4973 CBlockIndex* pindex{m_blockman.AddToBlockIndex(genesis_block, m_best_header)};
4974 ReceivedBlockTransactions(genesis_block, pindex, blockPos);
4975 } catch (const std::runtime_error& e) {
4976 LogError("Failed to write genesis block: %s", e.what());
4977 return false;
4978 }
4979
4980 return true;
4981}
4982
4984 AutoFile& file_in,
4985 FlatFilePos* dbp,
4986 std::multimap<uint256, FlatFilePos>* blocks_with_unknown_parent)
4987{
4988 // Either both should be specified (-reindex), or neither (-loadblock).
4989 assert(!dbp == !blocks_with_unknown_parent);
4990
4991 const auto start{SteadyClock::now()};
4992 const CChainParams& params{GetParams()};
4993
4994 int nLoaded = 0;
4995 try {
4997 // nRewind indicates where to resume scanning in case something goes wrong,
4998 // such as a block fails to deserialize.
4999 uint64_t nRewind = blkdat.GetPos();
5000 while (!blkdat.eof()) {
5001 if (m_interrupt) return;
5002
5003 blkdat.SetPos(nRewind);
5004 nRewind++; // start one byte further next time, in case of failure
5005 blkdat.SetLimit(); // remove former limit
5006 unsigned int nSize = 0;
5007 try {
5008 // locate a header
5010 blkdat.FindByte(std::byte(params.MessageStart()[0]));
5011 nRewind = blkdat.GetPos() + 1;
5012 blkdat >> buf;
5013 if (buf != params.MessageStart()) {
5014 continue;
5015 }
5016 // read size
5017 blkdat >> nSize;
5018 if (nSize < 80 || nSize > MAX_BLOCK_SERIALIZED_SIZE)
5019 continue;
5020 } catch (const std::exception&) {
5021 // no valid block header found; don't complain
5022 // (this happens at the end of every blk.dat file)
5023 break;
5024 }
5025 try {
5026 // read block header
5027 const uint64_t nBlockPos{blkdat.GetPos()};
5028 if (dbp)
5029 dbp->nPos = nBlockPos;
5030 blkdat.SetLimit(nBlockPos + nSize);
5031 CBlockHeader header;
5032 blkdat >> header;
5033 const uint256 hash{header.GetHash()};
5034 // Skip the rest of this block (this may read from disk into memory); position to the marker before the
5035 // next block, but it's still possible to rewind to the start of the current block (without a disk read).
5036 nRewind = nBlockPos + nSize;
5037 blkdat.SkipTo(nRewind);
5038
5039 std::shared_ptr<CBlock> pblock{}; // needs to remain available after the cs_main lock is released to avoid duplicate reads from disk
5040
5041 {
5042 LOCK(cs_main);
5043 // detect out of order blocks, and store them for later
5044 if (hash != params.GetConsensus().hashGenesisBlock && !m_blockman.LookupBlockIndex(header.hashPrevBlock)) {
5045 LogDebug(BCLog::REINDEX, "%s: Out of order block %s, parent %s not known\n", __func__, hash.ToString(),
5046 header.hashPrevBlock.ToString());
5047 if (dbp && blocks_with_unknown_parent) {
5048 blocks_with_unknown_parent->emplace(header.hashPrevBlock, *dbp);
5049 }
5050 continue;
5051 }
5052
5053 // process in case the block isn't known yet
5054 const CBlockIndex* pindex = m_blockman.LookupBlockIndex(hash);
5055 if (!pindex || (pindex->nStatus & BLOCK_HAVE_DATA) == 0) {
5056 // This block can be processed immediately; rewind to its start, read and deserialize it.
5057 blkdat.SetPos(nBlockPos);
5058 pblock = std::make_shared<CBlock>();
5059 blkdat >> TX_WITH_WITNESS(*pblock);
5060 nRewind = blkdat.GetPos();
5061
5063 if (AcceptBlock(pblock, state, nullptr, true, dbp, nullptr, true)) {
5064 nLoaded++;
5065 }
5066 if (state.IsError()) {
5067 break;
5068 }
5069 } else if (hash != params.GetConsensus().hashGenesisBlock && pindex->nHeight % 1000 == 0) {
5070 LogDebug(BCLog::REINDEX, "Block Import: already had block %s at height %d\n", hash.ToString(), pindex->nHeight);
5071 }
5072 }
5073
5074 // Activate the genesis block so normal node progress can continue
5075 // During first -reindex, this will only connect Genesis since
5076 // ActivateBestChain only connects blocks which are in the block tree db,
5077 // which only contains blocks whose parents are in it.
5078 // But do this only if genesis isn't activated yet, to avoid connecting many blocks
5079 // without assumevalid in the case of a continuation of a reindex that
5080 // was interrupted by the user.
5081 if (hash == params.GetConsensus().hashGenesisBlock && WITH_LOCK(::cs_main, return ActiveHeight()) == -1) {
5083 if (!ActiveChainstate().ActivateBestChain(state, nullptr)) {
5084 break;
5085 }
5086 }
5087
5089 // must update the tip for pruning to work while importing with -loadblock.
5090 // this is a tradeoff to conserve disk space at the expense of time
5091 // spent updating the tip to be able to prune.
5092 // otherwise, ActivateBestChain won't be called by the import process
5093 // until after all of the block files are loaded. ActivateBestChain can be
5094 // called by concurrent network message processing. but, that is not
5095 // reliable for the purpose of pruning while importing.
5096 if (auto result{ActivateBestChains()}; !result) {
5097 LogDebug(BCLog::REINDEX, "%s\n", util::ErrorString(result).original);
5098 break;
5099 }
5100 }
5101
5103
5104 if (!blocks_with_unknown_parent) continue;
5105
5106 // Recursively process earlier encountered successors of this block
5107 std::deque<uint256> queue;
5108 queue.push_back(hash);
5109 while (!queue.empty()) {
5110 uint256 head = queue.front();
5111 queue.pop_front();
5112 auto range = blocks_with_unknown_parent->equal_range(head);
5113 while (range.first != range.second) {
5114 std::multimap<uint256, FlatFilePos>::iterator it = range.first;
5115 std::shared_ptr<CBlock> pblockrecursive = std::make_shared<CBlock>();
5116 if (m_blockman.ReadBlock(*pblockrecursive, it->second, {})) {
5117 const auto& block_hash{pblockrecursive->GetHash()};
5118 LogDebug(BCLog::REINDEX, "%s: Processing out of order child %s of %s", __func__, block_hash.ToString(), head.ToString());
5119 LOCK(cs_main);
5121 if (AcceptBlock(pblockrecursive, dummy, nullptr, true, &it->second, nullptr, true)) {
5122 nLoaded++;
5123 queue.push_back(block_hash);
5124 }
5125 }
5126 range.first++;
5127 blocks_with_unknown_parent->erase(it);
5129 }
5130 }
5131 } catch (const std::exception& e) {
5132 // historical bugs added extra data to the block files that does not deserialize cleanly.
5133 // commonly this data is between readable blocks, but it does not really matter. such data is not fatal to the import process.
5134 // the code that reads the block files deals with invalid data by simply ignoring it.
5135 // it continues to search for the next {4 byte magic message start bytes + 4 byte length + block} that does deserialize cleanly
5136 // and passes all of the other block validation checks dealing with POW and the merkle root, etc...
5137 // we merely note with this informational log message when unexpected data is encountered.
5138 // we could also be experiencing a storage system read error, or a read of a previous bad write. these are possible, but
5139 // less likely scenarios. we don't have enough information to tell a difference here.
5140 // the reindex process is not the place to attempt to clean and/or compact the block files. if so desired, a studious node operator
5141 // may use knowledge of the fact that the block files are not entirely pristine in order to prepare a set of pristine, and
5142 // perhaps ordered, block files for later reindexing.
5143 LogDebug(BCLog::REINDEX, "%s: unexpected data at file offset 0x%x - %s. continuing\n", __func__, (nRewind - 1), e.what());
5144 }
5145 }
5146 } catch (const std::runtime_error& e) {
5147 GetNotifications().fatalError(strprintf(_("System error while loading external block file: %s"), e.what()));
5148 }
5149 LogInfo("Loaded %i blocks from external file in %dms", nLoaded, Ticks<std::chrono::milliseconds>(SteadyClock::now() - start));
5150}
5151
5153{
5154 // Assert to verify Flatten() has been called.
5155 if (!*Assert(m_options.check_block_index)) return false;
5156 if (FastRandomContext().randrange(*m_options.check_block_index) >= 1) return false;
5157 return true;
5158}
5159
5161{
5162 if (!ShouldCheckBlockIndex()) {
5163 return;
5164 }
5165
5166 LOCK(cs_main);
5167
5168 // During a reindex, we read the genesis block and call CheckBlockIndex before ActivateBestChain,
5169 // so we have the genesis block in m_blockman.m_block_index but no active chain. (A few of the
5170 // tests when iterating the block tree require that m_chain has been initialized.)
5171 if (ActiveChain().Height() < 0) {
5172 assert(m_blockman.m_block_index.size() <= 1);
5173 return;
5174 }
5175
5176 // Build forward-pointing data structure for the entire block tree.
5177 // For performance reasons, indexes of the best header chain are stored in a vector (within CChain).
5178 // All remaining blocks are stored in a multimap.
5179 // The best header chain can differ from the active chain: E.g. its entries may belong to blocks that
5180 // are not yet validated.
5181 CChain best_hdr_chain;
5182 assert(m_best_header);
5183 assert(!(m_best_header->nStatus & BLOCK_FAILED_VALID));
5184 best_hdr_chain.SetTip(*m_best_header);
5185
5186 std::multimap<const CBlockIndex*, const CBlockIndex*> forward;
5187 for (auto& [_, block_index] : m_blockman.m_block_index) {
5188 // Only save indexes in forward that are not part of the best header chain.
5189 if (!best_hdr_chain.Contains(block_index)) {
5190 // Only genesis, which must be part of the best header chain, can have a nullptr parent.
5191 assert(block_index.pprev);
5192 forward.emplace(block_index.pprev, &block_index);
5193 }
5194 }
5195 assert(forward.size() + best_hdr_chain.Height() + 1 == m_blockman.m_block_index.size());
5196
5197 const CBlockIndex* pindex = best_hdr_chain[0];
5198 assert(pindex);
5199 // Iterate over the entire block tree, using depth-first search.
5200 // Along the way, remember whether there are blocks on the path from genesis
5201 // block being explored which are the first to have certain properties.
5202 size_t nNodes = 0;
5203 int nHeight = 0;
5204 const CBlockIndex* pindexFirstInvalid = nullptr; // Oldest ancestor of pindex which is invalid.
5205 const CBlockIndex* pindexFirstMissing = nullptr; // Oldest ancestor of pindex which does not have BLOCK_HAVE_DATA, since assumeutxo snapshot if used.
5206 const CBlockIndex* pindexFirstNeverProcessed = nullptr; // Oldest ancestor of pindex for which nTx == 0, since assumeutxo snapshot if used.
5207 const CBlockIndex* pindexFirstNotTreeValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_TREE (regardless of being valid or not).
5208 const CBlockIndex* pindexFirstNotTransactionsValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_TRANSACTIONS (regardless of being valid or not), since assumeutxo snapshot if used.
5209 const CBlockIndex* pindexFirstNotChainValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_CHAIN (regardless of being valid or not), since assumeutxo snapshot if used.
5210 const CBlockIndex* pindexFirstNotScriptsValid = nullptr; // Oldest ancestor of pindex which does not have BLOCK_VALID_SCRIPTS (regardless of being valid or not), since assumeutxo snapshot if used.
5211
5212 // After checking an assumeutxo snapshot block, reset pindexFirst pointers
5213 // to earlier blocks that have not been downloaded or validated yet, so
5214 // checks for later blocks can assume the earlier blocks were validated and
5215 // be stricter, testing for more requirements.
5216 const CBlockIndex* snap_base{CurrentChainstate().SnapshotBase()};
5217 const CBlockIndex *snap_first_missing{}, *snap_first_notx{}, *snap_first_notv{}, *snap_first_nocv{}, *snap_first_nosv{};
5218 auto snap_update_firsts = [&] {
5219 if (pindex == snap_base) {
5220 std::swap(snap_first_missing, pindexFirstMissing);
5221 std::swap(snap_first_notx, pindexFirstNeverProcessed);
5222 std::swap(snap_first_notv, pindexFirstNotTransactionsValid);
5223 std::swap(snap_first_nocv, pindexFirstNotChainValid);
5224 std::swap(snap_first_nosv, pindexFirstNotScriptsValid);
5225 }
5226 };
5227
5228 while (pindex != nullptr) {
5229 nNodes++;
5230 if (pindexFirstInvalid == nullptr && pindex->nStatus & BLOCK_FAILED_VALID) pindexFirstInvalid = pindex;
5231 if (pindexFirstMissing == nullptr && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
5232 pindexFirstMissing = pindex;
5233 }
5234 if (pindexFirstNeverProcessed == nullptr && pindex->nTx == 0) pindexFirstNeverProcessed = pindex;
5235 if (pindex->pprev != nullptr && pindexFirstNotTreeValid == nullptr && (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TREE) pindexFirstNotTreeValid = pindex;
5236
5237 if (pindex->pprev != nullptr) {
5238 if (pindexFirstNotTransactionsValid == nullptr &&
5239 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TRANSACTIONS) {
5240 pindexFirstNotTransactionsValid = pindex;
5241 }
5242
5243 if (pindexFirstNotChainValid == nullptr &&
5244 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_CHAIN) {
5245 pindexFirstNotChainValid = pindex;
5246 }
5247
5248 if (pindexFirstNotScriptsValid == nullptr &&
5249 (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_SCRIPTS) {
5250 pindexFirstNotScriptsValid = pindex;
5251 }
5252 }
5253
5254 // Begin: actual consistency checks.
5255 if (pindex->pprev == nullptr) {
5256 // Genesis block checks.
5257 assert(pindex->GetBlockHash() == GetConsensus().hashGenesisBlock); // Genesis block's hash must match.
5258 for (const auto& c : m_chainstates) {
5259 if (c->m_chain.Genesis() != nullptr) {
5260 assert(pindex == c->m_chain.Genesis()); // The chain's genesis block must be this block.
5261 }
5262 }
5263 }
5264 // nSequenceId can't be set higher than SEQ_ID_INIT_FROM_DISK{1} for blocks that aren't linked
5265 // (negative is used for preciousblock, SEQ_ID_BEST_CHAIN_FROM_DISK{0} for active chain when loaded from disk)
5266 if (!pindex->HaveNumChainTxs()) assert(pindex->nSequenceId <= SEQ_ID_INIT_FROM_DISK);
5267 // VALID_TRANSACTIONS is equivalent to nTx > 0 for all nodes (whether or not pruning has occurred).
5268 // HAVE_DATA is only equivalent to nTx > 0 (or VALID_TRANSACTIONS) if no pruning has occurred.
5270 // If we've never pruned, then HAVE_DATA should be equivalent to nTx > 0
5271 assert(!(pindex->nStatus & BLOCK_HAVE_DATA) == (pindex->nTx == 0));
5272 assert(pindexFirstMissing == pindexFirstNeverProcessed);
5273 } else {
5274 // If we have pruned, then we can only say that HAVE_DATA implies nTx > 0
5275 if (pindex->nStatus & BLOCK_HAVE_DATA) assert(pindex->nTx > 0);
5276 }
5277 if (pindex->nStatus & BLOCK_HAVE_UNDO) assert(pindex->nStatus & BLOCK_HAVE_DATA);
5278 if (snap_base && snap_base->GetAncestor(pindex->nHeight) == pindex) {
5279 // Assumed-valid blocks should connect to the main chain.
5280 assert((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TREE);
5281 }
5282 // There should only be an nTx value if we have
5283 // actually seen a block's transactions.
5284 assert(((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TRANSACTIONS) == (pindex->nTx > 0)); // This is pruning-independent.
5285 // All parents having had data (at some point) is equivalent to all parents being VALID_TRANSACTIONS, which is equivalent to HaveNumChainTxs().
5286 // HaveNumChainTxs will also be set in the assumeutxo snapshot block from snapshot metadata.
5287 assert((pindexFirstNeverProcessed == nullptr || pindex == snap_base) == pindex->HaveNumChainTxs());
5288 assert((pindexFirstNotTransactionsValid == nullptr || pindex == snap_base) == pindex->HaveNumChainTxs());
5289 assert(pindex->nHeight == nHeight); // nHeight must be consistent.
5290 assert(pindex->pprev == nullptr || pindex->nChainWork >= pindex->pprev->nChainWork); // For every block except the genesis block, the chainwork must be larger than the parent's.
5291 assert(nHeight < 2 || (pindex->pskip && (pindex->pskip->nHeight < nHeight))); // The pskip pointer must point back for all but the first 2 blocks.
5292 assert(pindexFirstNotTreeValid == nullptr); // All m_blockman.m_block_index entries must at least be TREE valid
5293 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TREE) assert(pindexFirstNotTreeValid == nullptr); // TREE valid implies all parents are TREE valid
5294 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_CHAIN) assert(pindexFirstNotChainValid == nullptr); // CHAIN valid implies all parents are CHAIN valid
5295 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_SCRIPTS) assert(pindexFirstNotScriptsValid == nullptr); // SCRIPTS valid implies all parents are SCRIPTS valid
5296 if (pindexFirstInvalid == nullptr) {
5297 // Checks for not-invalid blocks.
5298 assert((pindex->nStatus & BLOCK_FAILED_VALID) == 0); // The failed flag cannot be set for blocks without invalid parents.
5299 } else {
5300 assert(pindex->nStatus & BLOCK_FAILED_VALID); // Invalid blocks and their descendants must be marked as invalid
5301 }
5302 // Make sure m_chain_tx_count sum is correctly computed.
5303 if (!pindex->pprev) {
5304 // If no previous block, nTx and m_chain_tx_count must be the same.
5305 assert(pindex->m_chain_tx_count == pindex->nTx);
5306 } else if (pindex->pprev->m_chain_tx_count > 0 && pindex->nTx > 0) {
5307 // If previous m_chain_tx_count is set and number of transactions in block is known, sum must be set.
5308 assert(pindex->m_chain_tx_count == pindex->nTx + pindex->pprev->m_chain_tx_count);
5309 } else {
5310 // Otherwise m_chain_tx_count should only be set if this is a snapshot
5311 // block, and must be set if it is.
5312 assert((pindex->m_chain_tx_count != 0) == (pindex == snap_base));
5313 }
5314 // There should be no block with more work than m_best_header, unless it's known to be invalid
5315 assert((pindex->nStatus & BLOCK_FAILED_VALID) || pindex->nChainWork <= m_best_header->nChainWork);
5316
5317 // Chainstate-specific checks on setBlockIndexCandidates
5318 for (const auto& c : m_chainstates) {
5319 if (c->m_chain.Tip() == nullptr) continue;
5320 // Two main factors determine whether pindex is a candidate in
5321 // setBlockIndexCandidates:
5322 //
5323 // - If pindex has less work than the chain tip, it should not be a
5324 // candidate, and this will be asserted below. Otherwise it is a
5325 // potential candidate.
5326 //
5327 // - If pindex or one of its parent blocks back to the genesis block
5328 // or an assumeutxo snapshot never downloaded transactions
5329 // (pindexFirstNeverProcessed is non-null), it should not be a
5330 // candidate, and this will be asserted below. The only exception
5331 // is if pindex itself is an assumeutxo snapshot block. Then it is
5332 // also a potential candidate.
5333 if (!CBlockIndexWorkComparator()(pindex, c->m_chain.Tip()) && (pindexFirstNeverProcessed == nullptr || pindex == snap_base)) {
5334 // If pindex was detected as invalid (pindexFirstInvalid is
5335 // non-null), it is not required to be in
5336 // setBlockIndexCandidates.
5337 if (pindexFirstInvalid == nullptr) {
5338 // If pindex and all its parents back to the genesis block
5339 // or an assumeutxo snapshot block downloaded transactions,
5340 // and the transactions were not pruned (pindexFirstMissing
5341 // is null), it is a potential candidate. The check
5342 // excludes pruned blocks, because if any blocks were
5343 // pruned between pindex and the current chain tip, pindex will
5344 // only temporarily be added to setBlockIndexCandidates,
5345 // before being moved to m_blocks_unlinked. This check
5346 // could be improved to verify that if all blocks between
5347 // the chain tip and pindex have data, pindex must be a
5348 // candidate.
5349 //
5350 // If pindex is the chain tip, it also is a potential
5351 // candidate.
5352 //
5353 // If the chainstate was loaded from a snapshot and pindex
5354 // is the base of the snapshot, pindex is also a potential
5355 // candidate.
5356 if (pindexFirstMissing == nullptr || pindex == c->m_chain.Tip() || pindex == c->SnapshotBase()) {
5357 // If this chainstate is not a historical chainstate
5358 // targeting a specific block, pindex must be in
5359 // setBlockIndexCandidates. Otherwise, pindex only
5360 // needs to be added if it is an ancestor of the target
5361 // block.
5362 if (!c->TargetBlock() || c->TargetBlock()->GetAncestor(pindex->nHeight) == pindex) {
5363 assert(c->setBlockIndexCandidates.contains(pindex));
5364 }
5365 }
5366 // If some parent is missing, then it could be that this block was in
5367 // setBlockIndexCandidates but had to be removed because of the missing data.
5368 // In this case it must be in m_blocks_unlinked -- see test below.
5369 }
5370 } else { // If this block sorts worse than the current tip or some ancestor's block has never been seen, it cannot be in setBlockIndexCandidates.
5371 assert(!c->setBlockIndexCandidates.contains(pindex));
5372 }
5373 }
5374 // Check whether this block is in m_blocks_unlinked.
5375 auto rangeUnlinked{m_blockman.m_blocks_unlinked.equal_range(pindex->pprev)};
5376 bool foundInUnlinked = false;
5377 for (auto it = rangeUnlinked.first; it != rangeUnlinked.second; ++it) {
5378 assert(it->first == pindex->pprev);
5379 if (it->second == pindex) {
5380 assert(!foundInUnlinked); // No duplicates in m_blocks_unlinked
5381 foundInUnlinked = true;
5382 }
5383 }
5384 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed != nullptr && pindexFirstInvalid == nullptr) {
5385 // If this block has block data available, some parent was never received, and has no invalid parents, it must be in m_blocks_unlinked.
5386 assert(foundInUnlinked);
5387 }
5388 if (!(pindex->nStatus & BLOCK_HAVE_DATA)) assert(!foundInUnlinked); // Can't be in m_blocks_unlinked if we don't HAVE_DATA
5389 if (pindexFirstMissing == nullptr) assert(!foundInUnlinked); // We aren't missing data for any parent -- cannot be in m_blocks_unlinked.
5390 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed == nullptr && pindexFirstMissing != nullptr) {
5391 // We HAVE_DATA for this block, have received data for all parents at some point, but we're currently missing data for some parent.
5393 // This block may have entered m_blocks_unlinked if:
5394 // - it has a descendant that at some point had more work than the
5395 // tip, and
5396 // - we tried switching to that descendant but were missing
5397 // data for some intermediate block between m_chain and the
5398 // tip.
5399 // So if this block is itself better than any m_chain.Tip() and it wasn't in
5400 // setBlockIndexCandidates, then it must be in m_blocks_unlinked.
5401 for (const auto& c : m_chainstates) {
5402 if (!CBlockIndexWorkComparator()(pindex, c->m_chain.Tip()) && !c->setBlockIndexCandidates.contains(pindex)) {
5403 if (pindexFirstInvalid == nullptr) {
5404 if (!c->TargetBlock() || c->TargetBlock()->GetAncestor(pindex->nHeight) == pindex) {
5405 assert(foundInUnlinked);
5406 }
5407 }
5408 }
5409 }
5410 }
5411 // assert(pindex->GetBlockHash() == pindex->GetBlockHeader().GetHash()); // Perhaps too slow
5412 // End: actual consistency checks.
5413
5414
5415 // Try descending into the first subnode. Always process forks first and the best header chain after.
5416 snap_update_firsts();
5417 auto range{forward.equal_range(pindex)};
5418 if (range.first != range.second) {
5419 // A subnode not part of the best header chain was found.
5420 pindex = range.first->second;
5421 nHeight++;
5422 continue;
5423 } else if (best_hdr_chain.Contains(*pindex)) {
5424 // Descend further into best header chain.
5425 nHeight++;
5426 pindex = best_hdr_chain[nHeight];
5427 if (!pindex) break; // we are finished, since the best header chain is always processed last
5428 continue;
5429 }
5430 // This is a leaf node.
5431 // Move upwards until we reach a node of which we have not yet visited the last child.
5432 while (pindex) {
5433 // We are going to either move to a parent or a sibling of pindex.
5434 snap_update_firsts();
5435 // If pindex was the first with a certain property, unset the corresponding variable.
5436 if (pindex == pindexFirstInvalid) pindexFirstInvalid = nullptr;
5437 if (pindex == pindexFirstMissing) pindexFirstMissing = nullptr;
5438 if (pindex == pindexFirstNeverProcessed) pindexFirstNeverProcessed = nullptr;
5439 if (pindex == pindexFirstNotTreeValid) pindexFirstNotTreeValid = nullptr;
5440 if (pindex == pindexFirstNotTransactionsValid) pindexFirstNotTransactionsValid = nullptr;
5441 if (pindex == pindexFirstNotChainValid) pindexFirstNotChainValid = nullptr;
5442 if (pindex == pindexFirstNotScriptsValid) pindexFirstNotScriptsValid = nullptr;
5443 // Find our parent.
5444 CBlockIndex* pindexPar = pindex->pprev;
5445 // Find which child we just visited.
5446 auto rangePar{forward.equal_range(pindexPar)};
5447 while (rangePar.first->second != pindex) {
5448 assert(rangePar.first != rangePar.second); // Our parent must have at least the node we're coming from as child.
5449 rangePar.first++;
5450 }
5451 // Proceed to the next one.
5452 rangePar.first++;
5453 if (rangePar.first != rangePar.second) {
5454 // Move to a sibling not part of the best header chain.
5455 pindex = rangePar.first->second;
5456 break;
5457 } else if (pindexPar == best_hdr_chain[nHeight - 1]) {
5458 // Move to pindex's sibling on the best-chain, if it has one.
5459 pindex = best_hdr_chain[nHeight];
5460 // There will not be a next block if (and only if) parent block is the best header.
5461 assert((pindex == nullptr) == (pindexPar == best_hdr_chain.Tip()));
5462 break;
5463 } else {
5464 // Move up further.
5465 pindex = pindexPar;
5466 nHeight--;
5467 continue;
5468 }
5469 }
5470 }
5471
5472 // Check that we actually traversed the entire block index.
5473 assert(nNodes == forward.size() + best_hdr_chain.Height() + 1);
5474}
5475
5476std::string Chainstate::ToString()
5477{
5479 CBlockIndex* tip = m_chain.Tip();
5480 return strprintf("Chainstate [%s] @ height %d (%s)",
5481 m_from_snapshot_blockhash ? "snapshot" : "ibd",
5482 tip ? tip->nHeight : -1, tip ? tip->GetBlockHash().ToString() : "null");
5483}
5484
5485bool Chainstate::ResizeCoinsCaches(size_t coinstip_size, size_t coinsdb_size)
5486{
5488 if (coinstip_size == m_coinstip_cache_size_bytes &&
5489 coinsdb_size == m_coinsdb_cache_size_bytes) {
5490 // Cache sizes are unchanged, no need to continue.
5491 return true;
5492 }
5493 size_t old_coinstip_size = m_coinstip_cache_size_bytes;
5494 m_coinstip_cache_size_bytes = coinstip_size;
5495 m_coinsdb_cache_size_bytes = coinsdb_size;
5496 CoinsDB().ResizeCache(coinsdb_size);
5497
5498 LogInfo("[%s] resized coinsdb cache to %.1f MiB",
5499 this->ToString(), coinsdb_size / double(1_MiB));
5500 LogInfo("[%s] resized coinstip cache to %.1f MiB",
5501 this->ToString(), coinstip_size / double(1_MiB));
5502
5504 bool ret;
5505
5506 if (coinstip_size > old_coinstip_size) {
5507 // Likely no need to flush if cache sizes have grown.
5509 } else {
5510 // Otherwise, flush state to disk and deallocate the in-memory coins map.
5512 }
5513 return ret;
5514}
5515
5517{
5519 const ChainTxData& data{GetParams().TxData()};
5520 if (pindex == nullptr) {
5521 return 0.0;
5522 }
5523
5524 if (pindex->m_chain_tx_count == 0) {
5525 LogDebug(BCLog::VALIDATION, "Block %d has unset m_chain_tx_count. Unable to estimate verification progress.\n", pindex->nHeight);
5526 return 0.0;
5527 }
5528
5529 const int64_t nNow{TicksSinceEpoch<std::chrono::seconds>(NodeClock::now())};
5530 const auto block_time{
5531 (Assume(m_best_header) && std::abs(nNow - pindex->GetBlockTime()) <= Ticks<std::chrono::seconds>(2h) &&
5532 Assume(m_best_header->nHeight >= pindex->nHeight)) ?
5533 // When the header is known to be recent, switch to a height-based
5534 // approach. This ensures the returned value is quantized when
5535 // close to "1.0", because some users expect it to be. This also
5536 // avoids relying too much on the exact miner-set timestamp, which
5537 // may be off.
5538 nNow - (m_best_header->nHeight - pindex->nHeight) * GetConsensus().nPowTargetSpacing :
5539 pindex->GetBlockTime(),
5540 };
5541
5542 double fTxTotal;
5543
5544 if (pindex->m_chain_tx_count <= data.tx_count) {
5545 fTxTotal = data.tx_count + (nNow - data.nTime) * data.dTxRate;
5546 } else {
5547 fTxTotal = pindex->m_chain_tx_count + (nNow - block_time) * data.dTxRate;
5548 }
5549
5550 return std::min<double>(pindex->m_chain_tx_count / fTxTotal, 1.0);
5551}
5552
5554{
5557 auto target_block = HistoricalChainstate()->TargetBlock();
5558
5559 if (pindex.m_chain_tx_count == 0 || target_block->m_chain_tx_count == 0) {
5560 LogDebug(BCLog::VALIDATION, "[background validation] Block %d has unset m_chain_tx_count. Unable to estimate verification progress.", pindex.nHeight);
5561 return 0.0;
5562 }
5563 return static_cast<double>(pindex.m_chain_tx_count) / static_cast<double>(target_block->m_chain_tx_count);
5564}
5565
5566Chainstate& ChainstateManager::InitializeChainstate(CTxMemPool* mempool)
5567{
5569 assert(m_chainstates.empty());
5570 m_chainstates.emplace_back(std::make_unique<Chainstate>(mempool, m_blockman, *this));
5571 return *m_chainstates.back();
5572}
5573
5574[[nodiscard]] static bool DeleteCoinsDBFromDisk(const fs::path db_path, bool is_snapshot)
5576{
5578
5579 if (is_snapshot) {
5580 fs::path base_blockhash_path = db_path / node::SNAPSHOT_BLOCKHASH_FILENAME;
5581
5582 try {
5583 bool existed = fs::remove(base_blockhash_path);
5584 if (!existed) {
5585 LogWarning("[snapshot] snapshot chainstate dir being removed lacks %s file",
5587 }
5588 } catch (const fs::filesystem_error& e) {
5589 LogWarning("[snapshot] failed to remove file %s: %s\n",
5590 fs::PathToString(base_blockhash_path), e.code().message());
5591 }
5592 }
5593
5594 std::string path_str = fs::PathToString(db_path);
5595 LogInfo("Removing leveldb dir at %s\n", path_str);
5596
5597 // We have to destruct before this call leveldb::DB in order to release the db
5598 // lock, otherwise `DestroyDB` will fail. See `leveldb::~DBImpl()`.
5599 const bool destroyed = DestroyDB(path_str);
5600
5601 if (!destroyed) {
5602 LogError("leveldb DestroyDB call failed on %s", path_str);
5603 }
5604
5605 // Datadir should be removed from filesystem; otherwise initialization may detect
5606 // it on subsequent statups and get confused.
5607 //
5608 // If the base_blockhash_path removal above fails in the case of snapshot
5609 // chainstates, this will return false since leveldb won't remove a non-empty
5610 // directory.
5611 return destroyed && !fs::exists(db_path);
5612}
5613
5615 AutoFile& coins_file,
5616 const SnapshotMetadata& metadata,
5617 bool in_memory)
5618{
5619 uint256 base_blockhash = metadata.m_base_blockhash;
5620
5621 CBlockIndex* snapshot_start_block{};
5622
5623 {
5624 LOCK(::cs_main);
5625
5626 if (this->CurrentChainstate().m_from_snapshot_blockhash) {
5627 return util::Error{Untranslated("Can't activate a snapshot-based chainstate more than once")};
5628 }
5629 if (!GetParams().AssumeutxoForBlockhash(base_blockhash).has_value()) {
5630 auto available_heights = GetParams().GetAvailableSnapshotHeights();
5631 std::string heights_formatted = util::Join(available_heights, ", ", [&](const auto& i) { return util::ToString(i); });
5632 return util::Error{Untranslated(strprintf("assumeutxo block hash in snapshot metadata not recognized (hash: %s). The following snapshot heights are available: %s",
5633 base_blockhash.ToString(),
5634 heights_formatted))};
5635 }
5636
5637 snapshot_start_block = m_blockman.LookupBlockIndex(base_blockhash);
5638 if (!snapshot_start_block) {
5639 return util::Error{Untranslated(strprintf("The base block header (%s) must appear in the headers chain. Make sure all headers are syncing, and call loadtxoutset again",
5640 base_blockhash.ToString()))};
5641 }
5642
5643 bool start_block_invalid = snapshot_start_block->nStatus & BLOCK_FAILED_VALID;
5644 if (start_block_invalid) {
5645 return util::Error{Untranslated(strprintf("The base block header (%s) is part of an invalid chain", base_blockhash.ToString()))};
5646 }
5647
5648 if (!m_best_header || m_best_header->GetAncestor(snapshot_start_block->nHeight) != snapshot_start_block) {
5649 return util::Error{Untranslated("A forked headers-chain with more work than the chain with the snapshot base block header exists. Please proceed to sync without AssumeUtxo.")};
5650 }
5651
5652 auto mempool{CurrentChainstate().GetMempool()};
5653 if (mempool && mempool->size() > 0) {
5654 return util::Error{Untranslated("Can't activate a snapshot when mempool not empty")};
5655 }
5656 }
5657
5658 int64_t current_coinsdb_cache_size{0};
5659 int64_t current_coinstip_cache_size{0};
5660
5661 // Cache percentages to allocate to each chainstate.
5662 //
5663 // These particular percentages don't matter so much since they will only be
5664 // relevant during snapshot activation; caches are rebalanced at the conclusion of
5665 // this function. We want to give (essentially) all available cache capacity to the
5666 // snapshot to aid the bulk load later in this function.
5667 static constexpr double IBD_CACHE_PERC = 0.01;
5668 static constexpr double SNAPSHOT_CACHE_PERC = 0.99;
5669
5670 {
5671 LOCK(::cs_main);
5672 // Resize the coins caches to ensure we're not exceeding memory limits.
5673 //
5674 // Allocate the majority of the cache to the incoming snapshot chainstate, since
5675 // (optimistically) getting to its tip will be the top priority. We'll need to call
5676 // `MaybeRebalanceCaches()` once we're done with this function to ensure
5677 // the right allocation (including the possibility that no snapshot was activated
5678 // and that we should restore the active chainstate caches to their original size).
5679 //
5680 current_coinsdb_cache_size = this->ActiveChainstate().m_coinsdb_cache_size_bytes;
5681 current_coinstip_cache_size = this->ActiveChainstate().m_coinstip_cache_size_bytes;
5682
5683 // Temporarily resize the active coins cache to make room for the newly-created
5684 // snapshot chain.
5685 this->ActiveChainstate().ResizeCoinsCaches(
5686 static_cast<size_t>(current_coinstip_cache_size * IBD_CACHE_PERC),
5687 static_cast<size_t>(current_coinsdb_cache_size * IBD_CACHE_PERC));
5688 }
5689
5690 auto snapshot_chainstate = WITH_LOCK(::cs_main,
5691 return std::make_unique<Chainstate>(
5692 /*mempool=*/nullptr, m_blockman, *this, base_blockhash));
5693
5694 {
5695 LOCK(::cs_main);
5696 snapshot_chainstate->InitCoinsDB(
5697 static_cast<size_t>(current_coinsdb_cache_size * SNAPSHOT_CACHE_PERC),
5698 in_memory, /*should_wipe=*/false);
5699 snapshot_chainstate->InitCoinsCache(
5700 static_cast<size_t>(current_coinstip_cache_size * SNAPSHOT_CACHE_PERC));
5701 }
5702
5703 auto cleanup_bad_snapshot = [&](bilingual_str reason) EXCLUSIVE_LOCKS_REQUIRED(::cs_main) {
5704 this->MaybeRebalanceCaches();
5705
5706 // PopulateAndValidateSnapshot can return (in error) before the leveldb datadir
5707 // has been created, so only attempt removal if we got that far.
5708 if (auto snapshot_datadir = node::FindAssumeutxoChainstateDir(m_options.datadir)) {
5709 // We have to destruct leveldb::DB in order to release the db lock, otherwise
5710 // DestroyDB() (in DeleteCoinsDBFromDisk()) will fail. See `leveldb::~DBImpl()`.
5711 // Destructing the chainstate (and so resetting the coinsviews object) does this.
5712 snapshot_chainstate.reset();
5713 bool removed = DeleteCoinsDBFromDisk(*snapshot_datadir, /*is_snapshot=*/true);
5714 if (!removed) {
5715 GetNotifications().fatalError(strprintf(_("Failed to remove snapshot chainstate dir (%s). "
5716 "Manually remove it before restarting.\n"), fs::PathToString(*snapshot_datadir)));
5717 }
5718 }
5719 return util::Error{std::move(reason)};
5720 };
5721
5722 if (auto res{this->PopulateAndValidateSnapshot(*snapshot_chainstate, coins_file, metadata)}; !res) {
5723 LOCK(::cs_main);
5724 return cleanup_bad_snapshot(Untranslated(strprintf("Population failed: %s", util::ErrorString(res).original)));
5725 }
5726
5727 LOCK(::cs_main); // cs_main required for rest of snapshot activation.
5728
5729 // Do a final check to ensure that the snapshot chainstate is actually a more
5730 // work chain than the active chainstate; a user could have loaded a snapshot
5731 // very late in the IBD process, and we wouldn't want to load a useless chainstate.
5732 if (!CBlockIndexWorkComparator()(ActiveTip(), snapshot_chainstate->m_chain.Tip())) {
5733 return cleanup_bad_snapshot(Untranslated("work does not exceed active chainstate"));
5734 }
5735 // If not in-memory, persist the base blockhash for use during subsequent
5736 // initialization.
5737 if (!in_memory) {
5738 if (!node::WriteSnapshotBaseBlockhash(*snapshot_chainstate)) {
5739 return cleanup_bad_snapshot(Untranslated("could not write base blockhash"));
5740 }
5741 }
5742
5743 Chainstate& chainstate{AddChainstate(std::move(snapshot_chainstate))};
5744 m_blockman.m_snapshot_height = Assert(chainstate.SnapshotBase())->nHeight;
5745
5746 chainstate.PopulateBlockIndexCandidates();
5747
5748 LogInfo("[snapshot] successfully activated snapshot %s", base_blockhash.ToString());
5749 LogInfo("[snapshot] (%.2f MB)",
5750 chainstate.CoinsTip().DynamicMemoryUsage() / (1000 * 1000));
5751
5752 this->MaybeRebalanceCaches();
5753 return snapshot_start_block;
5754}
5755
5756static void FlushSnapshotToDisk(CCoinsViewCache& coins_cache, bool snapshot_loaded)
5757{
5759 strprintf("%s (%.2f MB)",
5760 snapshot_loaded ? "saving snapshot chainstate" : "flushing coins cache",
5761 coins_cache.DynamicMemoryUsage() / (1000 * 1000)),
5763
5764 coins_cache.Flush();
5765}
5766
5767struct StopHashingException : public std::exception
5768{
5769 const char* what() const noexcept override
5770 {
5771 return "ComputeUTXOStats interrupted.";
5772 }
5773};
5774
5776{
5777 if (interrupt) throw StopHashingException();
5778}
5779
5781 Chainstate& snapshot_chainstate,
5782 AutoFile& coins_file,
5783 const SnapshotMetadata& metadata)
5784{
5785 // It's okay to release cs_main before we're done using `coins_cache` because we know
5786 // that nothing else will be referencing the newly created snapshot_chainstate yet.
5787 CCoinsViewCache& coins_cache = *WITH_LOCK(::cs_main, return &snapshot_chainstate.CoinsTip());
5788
5789 uint256 base_blockhash = metadata.m_base_blockhash;
5790
5791 CBlockIndex* snapshot_start_block = WITH_LOCK(::cs_main, return m_blockman.LookupBlockIndex(base_blockhash));
5792
5793 if (!snapshot_start_block) {
5794 // Needed for ComputeUTXOStats to determine the
5795 // height and to avoid a crash when base_blockhash.IsNull()
5796 return util::Error{Untranslated(strprintf("Did not find snapshot start blockheader %s",
5797 base_blockhash.ToString()))};
5798 }
5799
5800 int base_height = snapshot_start_block->nHeight;
5801 const auto& maybe_au_data = GetParams().AssumeutxoForHeight(base_height);
5802
5803 if (!maybe_au_data) {
5804 return util::Error{Untranslated(strprintf("Assumeutxo height in snapshot metadata not recognized "
5805 "(%d) - refusing to load snapshot", base_height))};
5806 }
5807
5808 const AssumeutxoData& au_data = *maybe_au_data;
5809
5810 // This work comparison is a duplicate check with the one performed later in
5811 // ActivateSnapshot(), but is done so that we avoid doing the long work of staging
5812 // a snapshot that isn't actually usable.
5813 if (WITH_LOCK(::cs_main, return !CBlockIndexWorkComparator()(ActiveTip(), snapshot_start_block))) {
5814 return util::Error{Untranslated("Work does not exceed active chainstate")};
5815 }
5816
5817 const uint64_t coins_count = metadata.m_coins_count;
5818 uint64_t coins_left = metadata.m_coins_count;
5819
5820 LogInfo("[snapshot] loading %d coins from snapshot %s", coins_left, base_blockhash.ToString());
5821 int64_t coins_processed{0};
5822
5823 while (coins_left > 0) {
5824 try {
5825 Txid txid;
5826 coins_file >> txid;
5827 size_t coins_per_txid{0};
5828 coins_per_txid = ReadCompactSize(coins_file);
5829
5830 if (coins_per_txid > coins_left) {
5831 return util::Error{Untranslated("Mismatch in coins count in snapshot metadata and actual snapshot data")};
5832 }
5833
5834 for (size_t i = 0; i < coins_per_txid; i++) {
5835 COutPoint outpoint;
5836 Coin coin;
5837 outpoint.n = static_cast<uint32_t>(ReadCompactSize(coins_file));
5838 outpoint.hash = txid;
5839 coins_file >> coin;
5840 if (coin.nHeight > base_height ||
5841 outpoint.n >= std::numeric_limits<decltype(outpoint.n)>::max() // Avoid integer wrap-around in coinstats.cpp:ApplyHash
5842 ) {
5843 return util::Error{Untranslated(strprintf("Bad snapshot data after deserializing %d coins",
5844 coins_count - coins_left))};
5845 }
5846 if (!MoneyRange(coin.out.nValue)) {
5847 return util::Error{Untranslated(strprintf("Bad snapshot data after deserializing %d coins - bad tx out value",
5848 coins_count - coins_left))};
5849 }
5850 coins_cache.EmplaceCoinInternalDANGER(std::move(outpoint), std::move(coin));
5851
5852 --coins_left;
5853 ++coins_processed;
5854
5855 if (coins_processed % 1000000 == 0) {
5856 LogInfo("[snapshot] %d coins loaded (%.2f%%, %.2f MB)",
5857 coins_processed,
5858 static_cast<float>(coins_processed) * 100 / static_cast<float>(coins_count),
5859 coins_cache.DynamicMemoryUsage() / (1000 * 1000));
5860 }
5861
5862 // Batch write and flush (if we need to) every so often.
5863 //
5864 // If our average Coin size is roughly 41 bytes, checking every 120,000 coins
5865 // means <5MB of memory imprecision.
5866 if (coins_processed % 120000 == 0) {
5867 if (m_interrupt) {
5868 return util::Error{Untranslated("Aborting after an interrupt was requested")};
5869 }
5870
5871 const auto snapshot_cache_state = WITH_LOCK(::cs_main,
5872 return snapshot_chainstate.GetCoinsCacheSizeState());
5873
5874 if (snapshot_cache_state >= CoinsCacheSizeState::CRITICAL) {
5875 // This is a hack - we don't know what the actual best block is, but that
5876 // doesn't matter for the purposes of flushing the cache here. We'll set this
5877 // to its correct value (`base_blockhash`) below after the coins are loaded.
5878 coins_cache.SetBestBlock(GetRandHash());
5879
5880 // No need to acquire cs_main since this chainstate isn't being used yet.
5881 FlushSnapshotToDisk(coins_cache, /*snapshot_loaded=*/false);
5882 }
5883 }
5884 }
5885 } catch (const std::ios_base::failure&) {
5886 return util::Error{Untranslated(strprintf("Bad snapshot format or truncated snapshot after deserializing %d coins",
5887 coins_processed))};
5888 }
5889 }
5890
5891 // Important that we set this. This and the coins_cache accesses above are
5892 // sort of a layer violation, but either we reach into the innards of
5893 // CCoinsViewCache here or we have to invert some of the Chainstate to
5894 // embed them in a snapshot-activation-specific CCoinsViewCache bulk load
5895 // method.
5896 coins_cache.SetBestBlock(base_blockhash);
5897
5898 bool out_of_coins{false};
5899 try {
5900 std::byte left_over_byte;
5901 coins_file >> left_over_byte;
5902 } catch (const std::ios_base::failure&) {
5903 // We expect an exception since we should be out of coins.
5904 out_of_coins = true;
5905 }
5906 if (!out_of_coins) {
5907 return util::Error{Untranslated(strprintf("Bad snapshot - coins left over after deserializing %d coins",
5908 coins_count))};
5909 }
5910
5911 LogInfo("[snapshot] loaded %d (%.2f MB) coins from snapshot %s",
5912 coins_count,
5913 coins_cache.DynamicMemoryUsage() / (1000 * 1000),
5914 base_blockhash.ToString());
5915
5916 // No need to acquire cs_main since this chainstate isn't being used yet.
5917 FlushSnapshotToDisk(coins_cache, /*snapshot_loaded=*/true);
5918
5919 assert(coins_cache.GetBestBlock() == base_blockhash);
5920
5921 // As above, okay to immediately release cs_main here since no other context knows
5922 // about the snapshot_chainstate.
5923 const CCoinsViewDB& snapshot_coinsdb = WITH_LOCK(::cs_main, return snapshot_chainstate.CoinsDB());
5924
5925 std::optional<CCoinsStats> maybe_stats;
5926
5927 try {
5928 maybe_stats = ComputeUTXOStats(
5929 CoinStatsHashType::HASH_SERIALIZED, snapshot_coinsdb, m_blockman, [&interrupt = m_interrupt] { SnapshotUTXOHashBreakpoint(interrupt); });
5930 } catch (StopHashingException const&) {
5931 return util::Error{Untranslated("Aborting after an interrupt was requested")};
5932 }
5933 if (!maybe_stats.has_value()) {
5934 return util::Error{Untranslated("Failed to generate coins stats")};
5935 }
5936
5937 // Assert that the deserialized chainstate contents match the expected assumeutxo value.
5938 if (AssumeutxoHash{maybe_stats->hashSerialized} != au_data.hash_serialized) {
5939 return util::Error{Untranslated(strprintf("Bad snapshot content hash: expected %s, got %s",
5940 au_data.hash_serialized.ToString(), maybe_stats->hashSerialized.ToString()))};
5941 }
5942
5943 snapshot_chainstate.m_chain.SetTip(*snapshot_start_block);
5944
5945 // The remainder of this function requires modifying data protected by cs_main.
5946 LOCK(::cs_main);
5947
5948 // Fake various pieces of CBlockIndex state:
5949 CBlockIndex* index = nullptr;
5950
5951 // Don't make any modifications to the genesis block since it shouldn't be
5952 // necessary, and since the genesis block doesn't have normal flags like
5953 // BLOCK_VALID_SCRIPTS set.
5954 constexpr int AFTER_GENESIS_START{1};
5955
5956 for (int i = AFTER_GENESIS_START; i <= snapshot_chainstate.m_chain.Height(); ++i) {
5957 index = snapshot_chainstate.m_chain[i];
5958
5959 // Fake BLOCK_OPT_WITNESS so that Chainstate::NeedsRedownload()
5960 // won't ask for -reindex on startup.
5962 index->nStatus |= BLOCK_OPT_WITNESS;
5963 }
5964
5965 m_blockman.m_dirty_blockindex.insert(index);
5966 // Changes to the block index will be flushed to disk after this call
5967 // returns in `ActivateSnapshot()`, when `MaybeRebalanceCaches()` is
5968 // called, since we've added a snapshot chainstate and therefore will
5969 // have to downsize the IBD chainstate, which will result in a call to
5970 // `FlushStateToDisk(FORCE_FLUSH)`.
5971 }
5972
5973 assert(index);
5974 assert(index == snapshot_start_block);
5975 index->m_chain_tx_count = au_data.m_chain_tx_count;
5976
5977 LogInfo("[snapshot] validated snapshot (%.2f MB)",
5978 coins_cache.DynamicMemoryUsage() / (1000 * 1000));
5979 return {};
5980}
5981
5982// Currently, this function holds cs_main for its duration, which could be for
5983// multiple minutes due to the ComputeUTXOStats call. Holding cs_main used to be
5984// necessary (before d43a1f1a2fa3) to avoid advancing validated_cs farther than
5985// its target block. Now it should be possible to avoid this, but simply
5986// releasing cs_main here would not be possible because this function is invoked
5987// by ConnectTip within ActivateBestChain.
5988//
5989// Eventually (TODO) it would be better to call this function outside of
5990// ActivateBestChain, on a separate thread that should not require cs_main to
5991// hash, because the UTXO set is only hashed after the historical chainstate
5992// reaches its target block and is no longer changing.
5993SnapshotCompletionResult ChainstateManager::MaybeValidateSnapshot(Chainstate& validated_cs, Chainstate& unvalidated_cs)
5994{
5996
5997 // If the snapshot does not need to be validated...
5998 if (unvalidated_cs.m_assumeutxo != Assumeutxo::UNVALIDATED ||
5999 // Or if either chainstate is unusable...
6000 !unvalidated_cs.m_from_snapshot_blockhash ||
6001 validated_cs.m_assumeutxo != Assumeutxo::VALIDATED ||
6002 !validated_cs.m_chain.Tip() ||
6003 // Or the validated chainstate is not targeting the snapshot block...
6004 !validated_cs.m_target_blockhash ||
6005 *validated_cs.m_target_blockhash != *unvalidated_cs.m_from_snapshot_blockhash ||
6006 // Or the validated chainstate has not reached the snapshot block yet...
6007 !validated_cs.ReachedTarget()) {
6008 // Then the snapshot cannot be validated and there is nothing to do.
6010 }
6011 assert(validated_cs.TargetBlock() == validated_cs.m_chain.Tip());
6012
6013 auto handle_invalid_snapshot = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) {
6014 bilingual_str user_error = strprintf(_(
6015 "%s failed to validate the -assumeutxo snapshot state. "
6016 "This indicates a hardware problem, or a bug in the software, or a "
6017 "bad software modification that allowed an invalid snapshot to be "
6018 "loaded. As a result of this, the node will shut down and stop using any "
6019 "state that was built on the snapshot, resetting the chain height "
6020 "from %d to %d. On the next "
6021 "restart, the node will resume syncing from %d "
6022 "without using any snapshot data. "
6023 "Please report this incident to %s, including how you obtained the snapshot. "
6024 "The invalid snapshot chainstate will be left on disk in case it is "
6025 "helpful in diagnosing the issue that caused this error."),
6026 CLIENT_NAME, unvalidated_cs.m_chain.Height(),
6027 validated_cs.m_chain.Height(),
6028 validated_cs.m_chain.Height(), CLIENT_BUGREPORT);
6029
6030 LogError("[snapshot] !!! %s\n", user_error.original);
6031 LogError("[snapshot] deleting snapshot, reverting to validated chain, and stopping node\n");
6032
6033 // Reset chainstate target to network tip instead of snapshot block.
6034 validated_cs.SetTargetBlock(nullptr);
6035
6036 unvalidated_cs.m_assumeutxo = Assumeutxo::INVALID;
6037
6038 auto rename_result = unvalidated_cs.InvalidateCoinsDBOnDisk();
6039 if (!rename_result) {
6040 user_error += Untranslated("\n") + util::ErrorString(rename_result);
6041 }
6042
6043 GetNotifications().fatalError(user_error);
6044 };
6045
6046 CCoinsViewDB& validated_coins_db = validated_cs.CoinsDB();
6047 validated_cs.ForceFlushStateToDisk();
6048
6049 const auto& maybe_au_data = m_options.chainparams.AssumeutxoForHeight(validated_cs.m_chain.Height());
6050 if (!maybe_au_data) {
6051 LogWarning("[snapshot] assumeutxo data not found for height "
6052 "(%d) - refusing to validate snapshot", validated_cs.m_chain.Height());
6053 handle_invalid_snapshot();
6055 }
6056
6057 const AssumeutxoData& au_data = *maybe_au_data;
6058 std::optional<CCoinsStats> validated_cs_stats;
6059 LogInfo("[snapshot] computing UTXO stats for background chainstate to validate "
6060 "snapshot - this could take a few minutes");
6061 try {
6062 validated_cs_stats = ComputeUTXOStats(
6063 CoinStatsHashType::HASH_SERIALIZED,
6064 validated_coins_db,
6065 m_blockman,
6066 [&interrupt = m_interrupt] { SnapshotUTXOHashBreakpoint(interrupt); });
6067 } catch (StopHashingException const&) {
6069 }
6070
6071 // XXX note that this function is slow and will hold cs_main for potentially minutes.
6072 if (!validated_cs_stats) {
6073 LogWarning("[snapshot] failed to generate stats for validation coins db");
6074 // While this isn't a problem with the snapshot per se, this condition
6075 // prevents us from validating the snapshot, so we should shut down and let the
6076 // user handle the issue manually.
6077 handle_invalid_snapshot();
6079 }
6080
6081 // Compare the validated chainstate's UTXO set hash against the hard-coded
6082 // assumeutxo hash we expect.
6083 //
6084 // TODO: For belt-and-suspenders, we could cache the UTXO set
6085 // hash for the snapshot when it's loaded in its chainstate's leveldb. We could then
6086 // reference that here for an additional check.
6087 if (AssumeutxoHash{validated_cs_stats->hashSerialized} != au_data.hash_serialized) {
6088 LogWarning("[snapshot] hash mismatch: actual=%s, expected=%s",
6089 validated_cs_stats->hashSerialized.ToString(),
6090 au_data.hash_serialized.ToString());
6091 handle_invalid_snapshot();
6093 }
6094
6095 LogInfo("[snapshot] snapshot beginning at %s has been fully validated",
6096 unvalidated_cs.m_from_snapshot_blockhash->ToString());
6097
6098 unvalidated_cs.m_assumeutxo = Assumeutxo::VALIDATED;
6099 validated_cs.m_target_utxohash = AssumeutxoHash{validated_cs_stats->hashSerialized};
6100 this->MaybeRebalanceCaches();
6101
6103}
6104
6106{
6107 LOCK(::cs_main);
6108 return CurrentChainstate();
6109}
6110
6111void ChainstateManager::MaybeRebalanceCaches()
6112{
6114 Chainstate& current_cs{CurrentChainstate()};
6115 Chainstate* historical_cs{HistoricalChainstate()};
6116 if (!historical_cs && !current_cs.m_from_snapshot_blockhash) {
6117 // Allocate everything to the IBD chainstate. This will always happen
6118 // when we are not using a snapshot.
6119 current_cs.ResizeCoinsCaches(m_total_coinstip_cache, m_total_coinsdb_cache);
6120 } else if (!historical_cs) {
6121 // If background validation has completed and snapshot is our active chain...
6122 LogInfo("[snapshot] allocating all cache to the snapshot chainstate");
6123 // Allocate everything to the snapshot chainstate.
6124 current_cs.ResizeCoinsCaches(m_total_coinstip_cache, m_total_coinsdb_cache);
6125 } else {
6126 // If both chainstates exist, determine who needs more cache based on IBD status.
6127 //
6128 // Note: shrink caches first so that we don't inadvertently overwhelm available memory.
6129 if (IsInitialBlockDownload()) {
6130 historical_cs->ResizeCoinsCaches(
6132 current_cs.ResizeCoinsCaches(
6134 } else {
6135 current_cs.ResizeCoinsCaches(
6137 historical_cs->ResizeCoinsCaches(
6139 }
6140 }
6141}
6142
6143void ChainstateManager::ResetChainstates()
6144{
6145 m_chainstates.clear();
6146}
6147
6154{
6155 if (!opts.check_block_index.has_value()) opts.check_block_index = opts.chainparams.DefaultConsistencyChecks();
6156 if (!opts.minimum_chain_work.has_value()) opts.minimum_chain_work = UintToArith256(opts.chainparams.GetConsensus().nMinimumChainWork);
6157 if (!opts.assumed_valid_block.has_value()) opts.assumed_valid_block = opts.chainparams.GetConsensus().defaultAssumeValid;
6158 return std::move(opts);
6159}
6160
6162 : m_script_check_queue{/*batch_size=*/128, std::clamp(options.worker_threads_num, 0, MAX_SCRIPTCHECK_THREADS)},
6163 m_interrupt{interrupt},
6164 m_options{Flatten(std::move(options))},
6165 m_blockman{interrupt, std::move(blockman_options)},
6166 m_validation_cache{m_options.script_execution_cache_bytes, m_options.signature_cache_bytes}
6167{
6168}
6169
6171{
6172 LOCK(::cs_main);
6173
6175}
6176
6177Chainstate* ChainstateManager::LoadAssumeutxoChainstate()
6178{
6179 assert(!CurrentChainstate().m_from_snapshot_blockhash);
6180 std::optional<fs::path> path = node::FindAssumeutxoChainstateDir(m_options.datadir);
6181 if (!path) {
6182 return nullptr;
6183 }
6184 std::optional<uint256> base_blockhash = node::ReadSnapshotBaseBlockhash(*path);
6185 if (!base_blockhash) {
6186 return nullptr;
6187 }
6188 LogInfo("[snapshot] detected active snapshot chainstate (%s) - loading",
6189 fs::PathToString(*path));
6190
6191 auto snapshot_chainstate{std::make_unique<Chainstate>(nullptr, m_blockman, *this, base_blockhash)};
6192 LogInfo("[snapshot] switching active chainstate to %s", snapshot_chainstate->ToString());
6193 return &this->AddChainstate(std::move(snapshot_chainstate));
6194}
6195
6196Chainstate& ChainstateManager::AddChainstate(std::unique_ptr<Chainstate> chainstate)
6197{
6198 Chainstate& prev_chainstate{CurrentChainstate()};
6199 assert(prev_chainstate.m_assumeutxo == Assumeutxo::VALIDATED);
6200 // Set target block for historical chainstate to snapshot block.
6201 assert(!prev_chainstate.m_target_blockhash);
6202 prev_chainstate.m_target_blockhash = chainstate->m_from_snapshot_blockhash;
6203 m_chainstates.push_back(std::move(chainstate));
6204 Chainstate& curr_chainstate{CurrentChainstate()};
6205 assert(&curr_chainstate == m_chainstates.back().get());
6206
6207 // Transfer possession of the mempool to the chainstate.
6208 // Mempool is empty at this point because we're still in IBD.
6209 assert(!prev_chainstate.m_mempool || prev_chainstate.m_mempool->size() == 0);
6210 assert(!curr_chainstate.m_mempool);
6211 std::swap(curr_chainstate.m_mempool, prev_chainstate.m_mempool);
6212 return curr_chainstate;
6213}
6214
6215bool IsBIP30Repeat(const CBlockIndex& block_index)
6216{
6217 return (block_index.nHeight==91842 && block_index.GetBlockHash() == uint256{"00000000000a4d0a398161ffc163c503763b1f4360639393e0e4c8e300e0caec"}) ||
6218 (block_index.nHeight==91880 && block_index.GetBlockHash() == uint256{"00000000000743f190a18c5577a3c2d2a1f610ae9601ac046a38084ccb7cd721"});
6219}
6220
6221bool IsBIP30Unspendable(const uint256& block_hash, int block_height)
6222{
6223 return (block_height==91722 && block_hash == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
6224 (block_height==91812 && block_hash == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"});
6225}
6226
6227util::Result<void> Chainstate::InvalidateCoinsDBOnDisk()
6228{
6229 // Should never be called on a non-snapshot chainstate.
6231
6232 // Coins views no longer usable.
6233 m_coins_views.reset();
6234
6235 const fs::path db_path{StoragePath()};
6236 const fs::path invalid_path{db_path + "_INVALID"};
6237 const std::string db_path_str{fs::PathToString(db_path)};
6238 const std::string invalid_path_str{fs::PathToString(invalid_path)};
6239 LogInfo("[snapshot] renaming snapshot datadir %s to %s", db_path_str, invalid_path_str);
6240
6241 // The invalid storage directory is simply moved and not deleted because we may
6242 // want to do forensics later during issue investigation. The user is instructed
6243 // accordingly in MaybeValidateSnapshot().
6244 try {
6245 fs::rename(db_path, invalid_path);
6246 } catch (const fs::filesystem_error& e) {
6247 LogError("While invalidating the coins db: Error renaming file '%s' -> '%s': %s",
6248 db_path_str, invalid_path_str, e.what());
6249 return util::Error{strprintf(_(
6250 "Rename of '%s' -> '%s' failed. "
6251 "You should resolve this by manually moving or deleting the invalid "
6252 "snapshot directory %s, otherwise you will encounter the same error again "
6253 "on the next startup."),
6254 db_path_str, invalid_path_str, db_path_str)};
6255 }
6256 return {};
6257}
6258
6259bool ChainstateManager::DeleteChainstate(Chainstate& chainstate)
6260{
6262 assert(!chainstate.m_coins_views);
6263 const fs::path db_path{chainstate.StoragePath()};
6264 if (!DeleteCoinsDBFromDisk(db_path, /*is_snapshot=*/bool{chainstate.m_from_snapshot_blockhash})) {
6265 LogError("Deletion of %s failed. Please remove it manually to continue reindexing.",
6266 fs::PathToString(db_path));
6267 return false;
6268 }
6269 std::unique_ptr<Chainstate> prev_chainstate{Assert(RemoveChainstate(chainstate))};
6270 Chainstate& curr_chainstate{CurrentChainstate()};
6271 assert(prev_chainstate->m_mempool->size() == 0);
6272 assert(!curr_chainstate.m_mempool);
6273 std::swap(curr_chainstate.m_mempool, prev_chainstate->m_mempool);
6274 return true;
6275}
6276
6277ChainstateRole Chainstate::GetRole() const
6278{
6279 return ChainstateRole{.validated = m_assumeutxo == Assumeutxo::VALIDATED, .historical = bool{m_target_blockhash}};
6280}
6281
6282void ChainstateManager::RecalculateBestHeader()
6283{
6285 m_best_header = ActiveChain().Tip();
6286 for (auto& entry : m_blockman.m_block_index) {
6287 if (!(entry.second.nStatus & BLOCK_FAILED_VALID) && m_best_header->nChainWork < entry.second.nChainWork) {
6288 m_best_header = &entry.second;
6289 }
6290 }
6291}
6292
6293std::optional<int> ChainstateManager::BlocksAheadOfTip() const
6294{
6295 LOCK(::cs_main);
6296 const CBlockIndex* best_header{m_best_header};
6297 const CBlockIndex* tip{ActiveChain().Tip()};
6298 // Only consider headers that extend the active tip; ignore competing branches.
6299 if (best_header && tip && best_header->nChainWork > tip->nChainWork &&
6300 best_header->GetAncestor(tip->nHeight) == tip) {
6301 return best_header->nHeight - tip->nHeight;
6302 }
6303 return std::nullopt;
6304}
6305
6306bool ChainstateManager::ValidatedSnapshotCleanup(Chainstate& validated_cs, Chainstate& unvalidated_cs)
6307{
6309 if (unvalidated_cs.m_assumeutxo != Assumeutxo::VALIDATED) {
6310 // No need to clean up.
6311 return false;
6312 }
6313
6314 const fs::path validated_path{validated_cs.StoragePath()};
6315 const fs::path assumed_valid_path{unvalidated_cs.StoragePath()};
6316 const fs::path delete_path{validated_path + "_todelete"};
6317
6318 // Since we're going to be moving around the underlying leveldb filesystem content
6319 // for each chainstate, make sure that the chainstates (and their constituent
6320 // CoinsViews members) have been destructed first.
6321 //
6322 // The caller of this method will be responsible for reinitializing chainstates
6323 // if they want to continue operation.
6324 this->ResetChainstates();
6325 assert(this->m_chainstates.size() == 0);
6326
6327 LogInfo("[snapshot] deleting background chainstate directory (now unnecessary) (%s)",
6328 fs::PathToString(validated_path));
6329
6330 auto rename_failed_abort = [this](
6331 fs::path p_old,
6332 fs::path p_new,
6333 const fs::filesystem_error& err) {
6334 LogError("[snapshot] Error renaming path (%s) -> (%s): %s\n",
6335 fs::PathToString(p_old), fs::PathToString(p_new), err.what());
6337 "Rename of '%s' -> '%s' failed. "
6338 "Cannot clean up the background chainstate leveldb directory."),
6339 fs::PathToString(p_old), fs::PathToString(p_new)));
6340 };
6341
6342 try {
6343 fs::rename(validated_path, delete_path);
6344 } catch (const fs::filesystem_error& e) {
6345 rename_failed_abort(validated_path, delete_path, e);
6346 throw;
6347 }
6348
6349 LogInfo("[snapshot] moving snapshot chainstate (%s) to "
6350 "default chainstate directory (%s)",
6351 fs::PathToString(assumed_valid_path), fs::PathToString(validated_path));
6352
6353 try {
6354 fs::rename(assumed_valid_path, validated_path);
6355 } catch (const fs::filesystem_error& e) {
6356 rename_failed_abort(assumed_valid_path, validated_path, e);
6357 throw;
6358 }
6359
6360 if (!DeleteCoinsDBFromDisk(delete_path, /*is_snapshot=*/false)) {
6361 // No need to FatalError because once the unneeded bg chainstate data is
6362 // moved, it will not interfere with subsequent initialization.
6363 LogWarning("Deletion of %s failed. Please remove it manually, as the "
6364 "directory is now unnecessary.",
6365 fs::PathToString(delete_path));
6366 } else {
6367 LogInfo("[snapshot] deleted background chainstate directory (%s)",
6368 fs::PathToString(validated_path));
6369 }
6370 return true;
6371}
6372
6373std::pair<int, int> Chainstate::GetPruneRange(int last_height_can_prune) const
6374{
6375 if (m_chain.Height() <= 0) {
6376 return {0, 0};
6377 }
6378 int prune_start{0};
6379
6380 if (m_from_snapshot_blockhash && m_assumeutxo != Assumeutxo::VALIDATED) {
6381 // Only prune blocks _after_ the snapshot if this is a snapshot chain
6382 // that has not been fully validated yet. The earlier blocks need to be
6383 // kept to validate the snapshot
6384 prune_start = Assert(SnapshotBase())->nHeight + 1;
6385 }
6386
6387 int max_prune = std::max<int>(
6388 0, m_chain.Height() - static_cast<int>(MIN_BLOCKS_TO_KEEP));
6389
6390 // last block to prune is the lesser of (caller-specified height, MIN_BLOCKS_TO_KEEP from the tip)
6391 //
6392 // While you might be tempted to prune the background chainstate more
6393 // aggressively (i.e. fewer MIN_BLOCKS_TO_KEEP), this won't work with index
6394 // building - specifically blockfilterindex requires undo data, and if
6395 // we don't maintain this trailing window, we hit indexing failures.
6396 int prune_end = std::min(last_height_can_prune, max_prune);
6397
6398 return {prune_start, prune_end};
6399}
6400
6401std::optional<std::pair<const CBlockIndex*, const CBlockIndex*>> ChainstateManager::GetHistoricalBlockRange() const
6402{
6403 const Chainstate* chainstate{HistoricalChainstate()};
6404 if (!chainstate) return {};
6405 return std::make_pair(chainstate->m_chain.Tip(), chainstate->TargetBlock());
6406}
6407
6408util::Result<void> ChainstateManager::ActivateBestChains()
6409{
6410 // We can't hold cs_main during ActivateBestChain even though we're accessing
6411 // the chainman unique_ptrs since ABC requires us not to be holding cs_main, so retrieve
6412 // the relevant pointers before the ABC call.
6414 std::vector<Chainstate*> chainstates;
6415 {
6416 LOCK(GetMutex());
6417 chainstates.reserve(m_chainstates.size());
6418 for (const auto& chainstate : m_chainstates) {
6419 if (chainstate && chainstate->m_assumeutxo != Assumeutxo::INVALID && !chainstate->m_target_utxohash) {
6420 chainstates.push_back(chainstate.get());
6421 }
6422 }
6423 }
6424 for (Chainstate* chainstate : chainstates) {
6426 if (!chainstate->ActivateBestChain(state, nullptr)) {
6427 LOCK(GetMutex());
6428 return util::Error{Untranslated(strprintf("%s Failed to connect best block (%s)", chainstate->ToString(), state.ToString()))};
6429 }
6430 }
6431 return {};
6432}
bool MoneyRange(const CAmount &nValue)
Definition: amount.h:27
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12
static constexpr CAmount COIN
The amount of satoshis in one BTC.
Definition: amount.h:15
arith_uint256 UintToArith256(const uint256 &a)
int ret
int flags
Definition: bitcoin-tx.cpp:530
ArgsManager & args
Definition: bitcoind.cpp:280
void InvalidateBlock(ChainstateManager &chainman, const uint256 block_hash)
CBlockLocator GetLocator(const CBlockIndex *index)
Get a locator for a block index entry.
Definition: chain.cpp:45
int64_t GetBlockProofEquivalentTime(const CBlockIndex &to, const CBlockIndex &from, const CBlockIndex &tip, const Consensus::Params &params)
Return the time it would take to redo the work difference between from and to, assuming the current h...
Definition: chain.cpp:135
const CBlockIndex * LastCommonAncestor(const CBlockIndex *pa, const CBlockIndex *pb)
Find the last common ancestor two blocks have.
Definition: chain.cpp:154
@ BLOCK_VALID_CHAIN
Outputs do not overspend inputs, no double spends, coinbase output ok, no immature coinbase spends,...
Definition: chain.h:65
@ BLOCK_VALID_MASK
All validity bits.
Definition: chain.h:72
@ BLOCK_VALID_TRANSACTIONS
Only first tx is coinbase, 2 <= coinbase input script length <= 100, transactions valid,...
Definition: chain.h:61
@ BLOCK_VALID_SCRIPTS
Scripts & signatures ok.
Definition: chain.h:69
@ BLOCK_VALID_TREE
All parent headers found, difficulty matches, timestamp >= median previous.
Definition: chain.h:51
@ BLOCK_HAVE_UNDO
undo data available in rev*.dat
Definition: chain.h:76
@ BLOCK_HAVE_DATA
full block available in blk*.dat
Definition: chain.h:75
@ BLOCK_FAILED_VALID
stage after last reached validness failed
Definition: chain.h:79
@ BLOCK_OPT_WITNESS
block data in blk*.dat was received with a witness-enforcing client
Definition: chain.h:82
static constexpr int32_t SEQ_ID_BEST_CHAIN_FROM_DISK
Init values for CBlockIndex nSequenceId when loaded from disk.
Definition: chain.h:39
arith_uint256 GetBlockProof(const CBlockIndex &block)
Compute how much work a block index entry corresponds to.
Definition: chain.h:305
static constexpr int32_t SEQ_ID_INIT_FROM_DISK
Definition: chain.h:40
#define NONFATAL_UNREACHABLE()
NONFATAL_UNREACHABLE() is a macro that is used to mark unreachable code.
Definition: check.h:133
#define Assert(val)
Identity function.
Definition: check.h:116
#define STR_INTERNAL_BUG(msg)
Definition: check.h:99
#define Assume(val)
Assume is the identity function.
Definition: check.h:128
Non-refcounted RAII wrapper for FILE*.
Definition: streams.h:395
std::string ToString() const
Definition: hash_type.h:43
Wrapper around an AutoFile& that implements a ring buffer to deserialize from.
Definition: streams.h:505
Nodes collect new transactions into a block, hash them into a hash tree, and scan through nonce value...
Definition: block.h:27
NodeSeconds Time() const
Definition: block.h:61
uint32_t nBits
Definition: block.h:34
int64_t GetBlockTime() const
Definition: block.h:66
int32_t nVersion
Definition: block.h:30
uint256 hashPrevBlock
Definition: block.h:31
uint256 hashMerkleRoot
Definition: block.h:32
uint256 GetHash() const
Definition: block.cpp:14
Definition: block.h:74
bool m_checked_merkle_root
Definition: block.h:82
std::vector< CTransactionRef > vtx
Definition: block.h:77
bool m_checked_witness_commitment
Definition: block.h:81
bool fChecked
Definition: block.h:80
The block chain is a tree shaped structure starting with the genesis block at the root,...
Definition: chain.h:94
bool IsValid(enum BlockStatus nUpTo) const EXCLUSIVE_LOCKS_REQUIRED(
Check whether this block index entry is valid up to the passed validity level.
Definition: chain.h:250
CBlockIndex * pprev
pointer to the index of the predecessor of this block
Definition: chain.h:100
uint64_t m_chain_tx_count
(memory only) Number of transactions in the chain up to and including this block.
Definition: chain.h:129
arith_uint256 nChainWork
(memory only) Total amount of work (expected number of hashes) in the chain up to and including this ...
Definition: chain.h:118
bool HaveNumChainTxs() const
Check whether this block and all previous blocks back to the genesis block or an assumeutxo snapshot ...
Definition: chain.h:214
uint32_t nTime
Definition: chain.h:142
int32_t nSequenceId
(memory only) Sequential id assigned to distinguish order in which blocks are received.
Definition: chain.h:149
uint256 GetBlockHash() const
Definition: chain.h:198
int64_t GetBlockTime() const
Definition: chain.h:221
int64_t GetMedianTimePast() const
Definition: chain.h:233
FlatFilePos GetUndoPos() const EXCLUSIVE_LOCKS_REQUIRED(
Definition: chain.h:174
bool RaiseValidity(enum BlockStatus nUpTo) EXCLUSIVE_LOCKS_REQUIRED(
Raise the validity level of this block index entry.
Definition: chain.h:262
CBlockIndex * pskip
pointer to the index of some further predecessor of this block
Definition: chain.h:103
unsigned int nTx
Number of transactions in this block.
Definition: chain.h:123
int32_t nVersion
block header
Definition: chain.h:140
CBlockIndex * GetAncestor(int height)
Efficiently find an ancestor of this block.
Definition: chain.cpp:109
int nHeight
height of the entry in the chain. The genesis block has height 0
Definition: chain.h:106
const uint256 * phashBlock
pointer to the hash of the block, if any. Memory is owned by this CBlockIndex
Definition: chain.h:97
Undo information for a CBlock.
Definition: undo.h:64
std::vector< CTxUndo > vtxundo
Definition: undo.h:66
An in-memory indexed chain of blocks.
Definition: chain.h:380
bool Contains(const CBlockIndex &index) const
Efficiently check whether a block is present in this chain.
Definition: chain.h:410
CBlockIndex * Tip() const
Returns the index entry for the tip of this chain, or nullptr if none.
Definition: chain.h:396
const CBlockIndex * FindFork(const CBlockIndex &index) const
Find the last common block between this chain and a block index entry.
Definition: chain.cpp:50
void SetTip(CBlockIndex &block)
Set/initialize a chain with a given tip.
Definition: chain.cpp:16
CBlockIndex * Next(const CBlockIndex &index) const
Find the successor of a block in this chain, or nullptr if the given index is not found or is the tip...
Definition: chain.h:416
CBlockIndex * Genesis() const
Returns the index entry for the genesis block of this chain, or nullptr if none.
Definition: chain.h:390
int Height() const
Return the maximal height in the chain.
Definition: chain.h:425
CChainParams defines various tweakable parameters of a given instance of the Bitcoin system.
Definition: chainparams.h:77
const CBlock & GenesisBlock() const
Definition: chainparams.h:94
std::vector< int > GetAvailableSnapshotHeights() const
const ChainTxData & TxData() const
Definition: chainparams.h:128
std::optional< AssumeutxoData > AssumeutxoForHeight(int height) const
Definition: chainparams.h:119
CCoinsView that adds a memory cache for transactions to another CCoinsView.
Definition: coins.h:400
void Sync()
Push the modifications applied to this cache to its base while retaining the contents of this cache (...
Definition: coins.cpp:277
bool SpendCoin(const COutPoint &outpoint, Coin *moveto=nullptr)
Spend a coin.
Definition: coins.cpp:137
void Uncache(const COutPoint &outpoint)
Removes the UTXO with the given outpoint from the cache, if it is not modified.
Definition: coins.cpp:296
void AddCoin(const COutPoint &outpoint, Coin &&coin, bool possible_overwrite)
Add a coin.
Definition: coins.cpp:73
virtual void Flush(bool reallocate_cache=true)
Push the modifications applied to this cache to its base and wipe local state.
Definition: coins.cpp:265
void SetBestBlock(const uint256 &block_hash)
Definition: coins.cpp:189
unsigned int GetCacheSize() const
Size of the cache (in number of transaction outputs)
Definition: coins.cpp:311
uint256 GetBestBlock() const override
Retrieve the block hash whose state this CCoinsView currently represents.
Definition: coins.cpp:183
bool HaveCoinInCache(const COutPoint &outpoint) const
Check if we have the given utxo already loaded in this cache.
Definition: coins.cpp:178
size_t DynamicMemoryUsage() const
Calculate the size of the cache (in bytes)
Definition: coins.cpp:43
void EmplaceCoinInternalDANGER(COutPoint &&outpoint, Coin &&coin)
Emplace a coin into cacheCoins without performing any checks, marking the emplaced coin as dirty.
Definition: coins.cpp:116
bool HaveCoin(const COutPoint &outpoint) const override
Just check whether a given outpoint is unspent.
Definition: coins.cpp:172
const Coin & AccessCoin(const COutPoint &output) const
Return a reference to Coin in the cache, or coinEmpty if not found.
Definition: coins.cpp:163
CCoinsView backed by the coin database (chainstate/)
Definition: txdb.h:37
std::shared_future< void > CompactFullAsync() EXCLUSIVE_LOCKS_REQUIRED(cs_main
Perform a full compaction of the underlying LevelDB on a one-shot background thread.
Definition: txdb.cpp:198
void ResizeCache(size_t new_cache_size) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Dynamically alter the underlying leveldb cache size.
Definition: txdb.cpp:73
Pure abstract view on the open txout dataset.
Definition: coins.h:319
virtual std::optional< Coin > GetCoin(const COutPoint &outpoint) const =0
Retrieve the Coin (unspent transaction output) for a given outpoint.
CCoinsView that brings transactions from a mempool into view.
Definition: txmempool.h:765
Fee rate in satoshis per virtualbyte: CAmount / vB the feerate is represented internally as FeeFrac.
Definition: feerate.h:32
A hasher class for Bitcoin's 256-bit hash (double SHA-256).
Definition: hash.h:32
void Finalize(std::span< unsigned char > output)
Definition: hash.h:38
CHash256 & Write(std::span< const unsigned char > input)
Definition: hash.h:45
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
uint32_t n
Definition: transaction.h:32
Txid hash
Definition: transaction.h:31
A hasher class for SHA-256.
Definition: sha256.h:14
void Finalize(unsigned char hash[OUTPUT_SIZE])
Definition: sha256.cpp:725
CSHA256 & Write(const unsigned char *data, size_t len)
Definition: sha256.cpp:699
Closure representing one script verification Note that this stores references to the spending transac...
Definition: validation.h:342
SignatureCache * m_signature_cache
Definition: validation.h:350
PrecomputedTransactionData * txdata
Definition: validation.h:349
CTxOut m_tx_out
Definition: validation.h:344
script_verify_flags m_flags
Definition: validation.h:347
bool cacheStore
Definition: validation.h:348
std::optional< std::pair< ScriptError, std::string > > operator()()
const CTransaction * ptxTo
Definition: validation.h:345
unsigned int nIn
Definition: validation.h:346
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:406
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:281
bool HasWitness() const
Definition: transaction.h:353
const std::vector< CTxOut > vout
Definition: transaction.h:292
const Wtxid & GetWitnessHash() const LIFETIMEBOUND
Definition: transaction.h:329
bool IsCoinBase() const
Definition: transaction.h:341
const Txid & GetHash() const LIFETIMEBOUND
Definition: transaction.h:328
const std::vector< CTxIn > vin
Definition: transaction.h:291
An input of a transaction.
Definition: transaction.h:62
COutPoint prevout
Definition: transaction.h:64
CTxMemPool::txiter TxHandle
Definition: txmempool.h:646
CTxMemPool stores valid-according-to-the-current-best-chain transactions that may be included in the ...
Definition: txmempool.h:187
void check(const CCoinsViewCache &active_coins_tip, int64_t spendheight) const EXCLUSIVE_LOCKS_REQUIRED(void removeRecursive(const CTransaction &tx, MemPoolRemovalReason reason) EXCLUSIVE_LOCKS_REQUIRED(cs)
If sanity-checking is turned on, check makes sure the pool is consistent (does not contain two transa...
Definition: txmempool.h:323
void UpdateTransactionsFromBlock(const std::vector< Txid > &vHashesToUpdate) EXCLUSIVE_LOCKS_REQUIRED(cs
UpdateTransactionsFromBlock is called when adding transactions from a disconnected block back to the ...
Definition: txmempool.cpp:91
void AddTransactionsUpdated(unsigned int n)
Definition: txmempool.cpp:201
CTransactionRef get(const Txid &hash) const
Return a mempool transaction with a given hash.
Definition: txmempool.cpp:621
size_t DynamicMemoryUsage() const
Definition: txmempool.cpp:787
const Options m_opts
Definition: txmempool.h:301
void removeForReorg(CChain &chain, std::function< bool(txiter)> filter_final_and_mature) EXCLUSIVE_LOCKS_REQUIRED(cs
After reorg, filter the entries that would no longer be valid in the next block, and update the entri...
Definition: txmempool.cpp:360
bool exists(const Txid &txid) const
Definition: txmempool.h:501
std::set< txiter, CompareIteratorByHash > setEntries
Definition: txmempool.h:266
void removeForBlock(const std::vector< CTransactionRef > &vtx, unsigned int nBlockHeight) EXCLUSIVE_LOCKS_REQUIRED(cs)
Definition: txmempool.cpp:405
indexed_transaction_set::nth_index< 0 >::type::const_iterator txiter
Definition: txmempool.h:263
unsigned long size() const
Definition: txmempool.h:483
An output of a transaction.
Definition: transaction.h:140
CScript scriptPubKey
Definition: transaction.h:143
CAmount nValue
Definition: transaction.h:142
Undo information for a CTransaction.
Definition: undo.h:54
std::vector< Coin > vprevout
Definition: undo.h:57
VerifyDBResult VerifyDB(Chainstate &chainstate, const Consensus::Params &consensus_params, CCoinsView &coinsview, int nCheckLevel, int nCheckDepth) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
kernel::Notifications & m_notifications
Definition: validation.h:441
CVerifyDB(kernel::Notifications &notifications)
Chainstate stores and provides an API to update our local knowledge of the current best chain.
Definition: validation.h:554
void InitCoinsCache(size_t cache_size_bytes) EXCLUSIVE_LOCKS_REQUIRED(bool CanFlushToDisk() const EXCLUSIVE_LOCKS_REQUIRED(
Initialize the in-memory coins cache (to be done after the health of the on-disk database is verified...
Definition: validation.h:620
Mutex m_chainstate_mutex
The ChainState Mutex A lock that must be held when modifying this ChainState - held in ActivateBestCh...
Definition: validation.h:561
CChain m_chain
The current chain of blockheaders we consult and build on.
Definition: validation.h:628
CTxMemPool * GetMempool()
Definition: validation.h:704
bool RollforwardBlock(const CBlockIndex *pindex, CCoinsViewCache &inputs) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Apply the effects of a block on the utxo cache, ignoring that it may already have been applied.
size_t m_coinstip_cache_size_bytes
The cache size of the in-memory coins view.
Definition: validation.h:724
void UpdateTip(const CBlockIndex *pindexNew) EXCLUSIVE_LOCKS_REQUIRED(NodeClock::time_poin m_next_write)
Check warning conditions and do some notifications on new chain tip set.
Definition: validation.h:895
CCoinsViewCache & CoinsTip() EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.h:689
bool LoadChainTip() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Update the chain tip based on database information, i.e.
size_t m_coinsdb_cache_size_bytes
The cache size of the on-disk coins view.
Definition: validation.h:721
bool PreciousBlock(BlockValidationState &state, CBlockIndex *pindex) LOCKS_EXCLUDED(bool InvalidateBlock(BlockValidationState &state, CBlockIndex *pindex) LOCKS_EXCLUDED(void SetBlockFailureFlags(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(voi ResetBlockFailureFlags)(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Mark a block as precious and reorganize.
Definition: validation.h:808
void InvalidBlockFound(CBlockIndex *pindex, const BlockValidationState &state) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
bool ConnectTip(BlockValidationState &state, CBlockIndex *pindexNew, std::shared_ptr< const CBlock > block_to_connect, std::vector< ConnectedBlock > &connected_blocks, DisconnectedBlockTransactions &disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Connect a new block to m_chain.
void CheckForkWarningConditions() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
const CBlockIndex *SnapshotBase() const EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex *TargetBlock() const EXCLUSIVE_LOCKS_REQUIRED(void SetTargetBlock(CBlockIndex *block) EXCLUSIVE_LOCKS_REQUIRED(void SetTargetBlockHash(uint256 block_hash) EXCLUSIVE_LOCKS_REQUIRED(boo ReachedTarget)() const EXCLUSIVE_LOCKS_REQUIRED(
The base of the snapshot this chainstate was created from.
Definition: validation.h:672
kernel::ChainstateRole GetRole() const EXCLUSIVE_LOCKS_REQUIRED(void InitCoinsDB(size_t cache_size_bytes, bool in_memory, bool should_wipe)
Return the current role of the chainstate.
const std::optional< uint256 > m_from_snapshot_blockhash
The blockhash which is the base of the snapshot this chainstate was created from.
Definition: validation.h:640
bool ActivateBestChain(BlockValidationState &state, std::shared_ptr< const CBlock > pblock=nullptr) LOCKS_EXCLUDED(DisconnectResult DisconnectBlock(const CBlock &block, const CBlockIndex *pindex, CCoinsViewCache &view) EXCLUSIVE_LOCKS_REQUIRED(boo ConnectBlock)(const CBlock &block, BlockValidationState &state, CBlockIndex *pindex, CCoinsViewCache &view, bool fJustCheck=false) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Find the best known block, and make it the tip of the block chain.
Definition: validation.h:784
bool ActivateBestChainStep(BlockValidationState &state, CBlockIndex &index_most_work, const std::shared_ptr< const CBlock > &pblock, bool &fInvalidFound, std::vector< ConnectedBlock > &connected_blocks) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Return the [start, end] (inclusive) of block heights we can prune.
CTxMemPool * m_mempool
Optional mempool that is kept in sync with the chain.
Definition: validation.h:565
CCoinsViewDB & CoinsDB() EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.h:697
bool DisconnectTip(BlockValidationState &state, DisconnectedBlockTransactions *disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Disconnect m_chain's tip.
CBlockIndex * FindMostWorkChain() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Return the tip of the chain with the most work in it, that isn't known to be invalid (it's however fa...
std::set< CBlockIndex *, node::CBlockIndexWorkComparator > setBlockIndexCandidates
The set of all CBlockIndex entries that have as much work as our current tip or more,...
Definition: validation.h:686
ChainstateManager & m_chainman
The chainstate manager that owns this chainstate.
Definition: validation.h:586
std::unique_ptr< CoinsViews > m_coins_views
Manages the UTXO set, which is a reflection of the contents of m_chain.
Definition: validation.h:568
bool m_mempool cs
Definition: validation.h:788
bool ReplayBlocks()
Replay blocks that aren't fully applied to the database.
void PruneBlockIndexCandidates()
Delete all entries in setBlockIndexCandidates that are worse than the current tip.
void TryAddBlockIndexCandidate(CBlockIndex *pindex) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Add a block to the candidate set if it has as much work as the current tip.
void PruneAndFlush()
Prune blockfiles from the disk if necessary and then flush chainstate changes if we pruned.
bool ResizeCoinsCaches(size_t coinstip_size, size_t coinsdb_size) EXCLUSIVE_LOCKS_REQUIRED(bool FlushStateToDisk(BlockValidationState &state, FlushStateMode mode, int nManualPruneHeight=0)
Resize the CoinsViews caches dynamically and flush state to disk.
node::BlockManager & m_blockman
Reference to a BlockManager instance which itself is shared across all Chainstate instances.
Definition: validation.h:581
void ForceFlushStateToDisk(bool wipe_cache=true)
Flush all changes to disk.
void MaybeUpdateMempoolForReorg(DisconnectedBlockTransactions &disconnectpool, bool fAddToMempool) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Make mempool consistent after a reorg, by re-adding or recursively erasing disconnected block transac...
Definition: validation.cpp:303
void ClearBlockIndexCandidates() EXCLUSIVE_LOCKS_REQUIRED(void PopulateBlockIndexCandidates() EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex * FindForkInGlobalIndex(const CBlockLocator &locator) const EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Populate the candidate set by calling TryAddBlockIndexCandidate on all valid block indices.
Definition: validation.cpp:129
void InvalidChainFound(CBlockIndex *pindexNew) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Chainstate(CTxMemPool *mempool, node::BlockManager &blockman, ChainstateManager &chainman, std::optional< uint256 > from_snapshot_blockhash=std::nullopt)
RecursiveMutex * MempoolMutex() const LOCK_RETURNED(m_mempool -> cs)
Indirection necessary to make lock annotations work with an optional mempool.
Definition: validation.h:847
fs::path StoragePath() const
Return path to chainstate leveldb directory.
bool NeedsRedownload() const EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Whether the chain state needs to be redownloaded due to lack of witness data.
Interface for managing multiple Chainstate objects, where each chainstate is associated with chainsta...
Definition: validation.h:945
util::Result< void > PopulateAndValidateSnapshot(Chainstate &snapshot_chainstate, AutoFile &coins_file, const node::SnapshotMetadata &metadata)
Internal helper for ActivateSnapshot().
Chainstate * HistoricalChainstate() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Return historical chainstate targeting a specific block, if any.
Definition: validation.h:1136
const uint256 & AssumedValidBlock() const
Definition: validation.h:1016
ValidationCache m_validation_cache
Definition: validation.h:1045
double GetBackgroundVerificationProgress(const CBlockIndex &pindex) const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Guess background verification progress in case assume-utxo was used (as a fraction between 0....
double GuessVerificationProgress(const CBlockIndex *pindex) const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Guess verification progress (as a fraction between 0.0=genesis and 1.0=current tip).
bool IsInitialBlockDownload() const noexcept
Check whether we are doing an initial block download (synchronizing from disk or network)
size_t m_total_coinstip_cache
The total number of bytes available for us to use across all in-memory coins caches.
Definition: validation.h:1087
MempoolAcceptResult ProcessTransaction(const CTransactionRef &tx, bool test_accept=false) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Try to add a transaction to the memory pool.
std::unique_ptr< Chainstate > RemoveChainstate(Chainstate &chainstate) EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Remove a chainstate.
Definition: validation.h:1156
kernel::Notifications & GetNotifications() const
Definition: validation.h:1017
void ReceivedBlockTransactions(const CBlock &block, CBlockIndex *pindexNew, const FlatFilePos &pos) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Mark a block as having its data received and checked (up to BLOCK_VALID_TRANSACTIONS).
bool ShouldCheckBlockIndex() const
RecursiveMutex & GetMutex() const LOCK_RETURNED(
Alias for cs_main.
Definition: validation.h:1037
CBlockIndex * ActiveTip() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1175
Chainstate & ActiveChainstate() const
Alternatives to CurrentChainstate() used by older code to query latest chainstate information without...
SnapshotCompletionResult MaybeValidateSnapshot(Chainstate &validated_cs, Chainstate &unvalidated_cs) EXCLUSIVE_LOCKS_REQUIRED(Chainstate & CurrentChainstate() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Try to validate an assumeutxo snapshot by using a validated historical chainstate targeted at the sna...
Definition: validation.h:1127
bool ProcessNewBlock(const std::shared_ptr< const CBlock > &block, bool force_processing, bool min_pow_checked, bool *new_block) LOCKS_EXCLUDED(cs_main)
Process an incoming block.
size_t m_total_coinsdb_cache
The total number of bytes available for us to use across all leveldb coins databases.
Definition: validation.h:1091
void CheckBlockIndex() const
Make various assertions about the state of the block index.
const util::SignalInterrupt & m_interrupt
Definition: validation.h:1039
void LoadExternalBlockFile(AutoFile &file_in, FlatFilePos *dbp=nullptr, std::multimap< uint256, FlatFilePos > *blocks_with_unknown_parent=nullptr)
Import blocks from an external file.
int ActiveHeight() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1174
VersionBitsCache m_versionbitscache
Track versionbit status.
Definition: validation.h:1200
std::function< void()> snapshot_download_completed
Function to restart active indexes; set dynamically to avoid a circular dependency on base/index....
Definition: validation.h:1010
const CChainParams & GetParams() const
Definition: validation.h:1012
void GenerateCoinbaseCommitment(CBlock &block, const CBlockIndex *pindexPrev) const
Produce the necessary coinbase commitment for a block (modifies the hash, don't call for mined blocks...
bool ProcessNewBlockHeaders(std::span< const CBlockHeader > headers, bool min_pow_checked, BlockValidationState &state, const CBlockIndex **ppindex=nullptr) LOCKS_EXCLUDED(cs_main)
Process incoming block headers.
const Consensus::Params & GetConsensus() const
Definition: validation.h:1013
ChainstateManager(const util::SignalInterrupt &interrupt, Options options, node::BlockManager::Options blockman_options)
const arith_uint256 & MinimumChainWork() const
Definition: validation.h:1015
void UpdateIBDStatus() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Update and possibly latch the IBD status.
bool LoadGenesisBlock()
Ensures a genesis block is in the block tree, possibly writing one to disk.
const Options m_options
Definition: validation.h:1040
bool LoadBlockIndex() EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Load the block tree and coins database from disk, initializing state if we're running with -reindex.
Chainstate &InitializeChainstate(CTxMemPool *mempool) EXCLUSIVE_LOCKS_REQUIRED(util::Result< CBlockIndex * ActivateSnapshot)(AutoFile &coins_file, const node::SnapshotMetadata &metadata, bool in_memory)
Instantiate a new chainstate.
Definition: validation.h:1113
CChain & ActiveChain() const EXCLUSIVE_LOCKS_REQUIRED(GetMutex())
Definition: validation.h:1173
bool AcceptBlockHeader(const CBlockHeader &block, BlockValidationState &state, CBlockIndex **ppindex, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
If a block header hasn't already been seen, call CheckBlockHeader on it, ensure that it doesn't desce...
arith_uint256 nLastPreciousChainwork
chainwork for the last block that preciousblock has been applied to.
Definition: validation.h:1067
void ReportHeadersPresync(int64_t height, int64_t timestamp)
This is used by net_processing to report pre-synchronization progress of headers, as headers are not ...
std::atomic_bool m_cached_is_ibd
Whether initial block download (IBD) is ongoing.
Definition: validation.h:1054
bool NotifyHeaderTip() LOCKS_EXCLUDED(GetMutex())
void MaybeRebalanceCaches() EXCLUSIVE_LOCKS_REQUIRED(void UpdateUncommittedBlockStructures(CBlock &block, const CBlockIndex *pindexPrev) const
Check to see if caches are out of balance and if so, call ResizeCoinsCaches() as needed.
Chainstate *LoadAssumeutxoChainstate() EXCLUSIVE_LOCKS_REQUIRED(Chainstate &AddChainstate(std::unique_ptr< Chainstate > chainstate) EXCLUSIVE_LOCKS_REQUIRED(void ResetChainstates() EXCLUSIVE_LOCKS_REQUIRED(bool DeleteChainstate(Chainstate &chainstate) EXCLUSIVE_LOCKS_REQUIRED(bool ValidatedSnapshotCleanup(Chainstate &validated_cs, Chainstate &unvalidated_cs) EXCLUSIVE_LOCKS_REQUIRED(std::optional< std::pair< const CBlockIndex *, const CBlockIndex * > > GetHistoricalBlockRange() const EXCLUSIVE_LOCKS_REQUIRED(util::Result< void > ActivateBestChains() LOCKS_EXCLUDED(void RecalculateBestHeader() EXCLUSIVE_LOCKS_REQUIRED(std::optional< int > BlocksAheadOfTip() const LOCKS_EXCLUDED(CCheckQueue< CScriptCheck > & GetCheckQueue()
When starting up, search the datadir for a chainstate based on a UTXO snapshot that is in the process...
Definition: validation.h:1380
int32_t nBlockReverseSequenceId
Decreasing counter (used by subsequent preciousblock calls).
Definition: validation.h:1065
node::BlockManager m_blockman
A single BlockManager instance is shared across each constructed chainstate to avoid duplicating bloc...
Definition: validation.h:1043
bool AcceptBlock(const std::shared_ptr< const CBlock > &pblock, BlockValidationState &state, CBlockIndex **ppindex, bool fRequested, const FlatFilePos *dbp, bool *fNewBlock, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Sufficiently validate a block for disk storage (and store on disk).
A UTXO entry.
Definition: coins.h:46
bool IsCoinBase() const
Definition: coins.h:70
CTxOut out
unspent transaction output
Definition: coins.h:49
bool IsSpent() const
Either this coin never existed (see e.g.
Definition: coins.h:94
bool fCoinBase
whether containing transaction was a coinbase
Definition: coins.h:52
uint32_t nHeight
at which height this containing transaction was included in the active block chain
Definition: coins.h:55
Noop coins view.
Definition: coins.h:355
static CoinsViewEmpty & Get()
Definition: coins.cpp:22
CCoinsViewCache subclass that asynchronously fetches most block input prevouts in parallel during Con...
Definition: coins.h:617
CoinsViews(DBParams db_params, CoinsViewOptions options)
This constructor initializes CCoinsViewDB and CCoinsViewErrorCatcher instances, but it does not creat...
std::pair< uint32_t, size_t > setup_bytes(size_t bytes)
setup_bytes is a convenience function which accounts for internal memory usage when deciding how many...
Definition: cuckoocache.h:365
void insert(Element e)
insert loops at most depth_limit times trying to insert a hash at various locations in the table via ...
Definition: cuckoocache.h:398
bool contains(const Element &e, const bool erase) const
contains iterates through the hash locations for a given element and checks to see if it is present.
Definition: cuckoocache.h:475
DisconnectedBlockTransactions.
std::list< CTransactionRef > take()
Clear all data structures and return the list of transactions.
void removeForBlock(const std::vector< CTransactionRef > &vtx)
Remove any entries that are in this block.
std::vector< CTransactionRef > AddTransactionsFromBlock(const std::vector< CTransactionRef > &vtx)
Add transactions from the block, iterating through vtx in reverse order.
Fast randomness source.
Definition: random.h:386
Tp rand_uniform_delay(const Tp &time, typename Tp::duration range) noexcept
Return the time point advanced by a uniform random duration.
Definition: random.h:329
I randrange(I range) noexcept
Generate a random integer in the range [0..range), with range > 0.
Definition: random.h:254
Convenience class for initializing and passing the script execution cache and signature cache.
Definition: validation.h:374
ValidationCache(size_t script_execution_cache_bytes, size_t signature_cache_bytes)
CuckooCache::cache< uint256, SignatureCacheHasher > m_script_execution_cache
Definition: validation.h:380
CSHA256 ScriptExecutionCacheHasher() const
Return a copy of the pre-initialized hasher.
Definition: validation.h:389
CSHA256 m_script_execution_cache_hasher
Pre-initialized hasher to avoid having to recreate it for every hash calculation.
Definition: validation.h:377
SignatureCache m_signature_cache
Definition: validation.h:381
void BlockConnected(const kernel::ChainstateRole &, std::shared_ptr< const CBlock >, const CBlockIndex *pindex)
void BlockChecked(const std::shared_ptr< const CBlock > &, const BlockValidationState &)
void ChainStateFlushed(const kernel::ChainstateRole &, const CBlockLocator &)
void NewPoWValidBlock(const CBlockIndex *, const std::shared_ptr< const CBlock > &)
void UpdatedBlockTip(const CBlockIndex *, const CBlockIndex *, bool fInitialDownload)
void ActiveTipChange(const CBlockIndex &, bool)
void BlockDisconnected(std::shared_ptr< const CBlock >, const CBlockIndex *pindex)
bool IsValid() const
Definition: validation.h:105
std::string GetRejectReason() const
Definition: validation.h:109
std::string GetDebugMessage() const
Definition: validation.h:110
bool Error(const std::string &reject_reason)
Definition: validation.h:98
bool Invalid(Result result, const std::string &reject_reason="", const std::string &debug_message="")
Definition: validation.h:88
bool IsError() const
Definition: validation.h:107
Result GetResult() const
Definition: validation.h:108
std::string ToString() const
Definition: validation.h:111
bool IsInvalid() const
Definition: validation.h:106
std::vector< std::pair< int, bool > > CheckUnknownActivations(const CBlockIndex *pindex, const CChainParams &chainparams) EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
Check for unknown activations Returns a vector containing the bit number used for signalling and a bo...
void Clear() EXCLUSIVE_LOCKS_REQUIRED(!m_mutex)
256-bit unsigned big integer.
constexpr bool IsNull() const
Definition: uint256.h:49
std::string ToString() const
Definition: uint256.cpp:21
constexpr unsigned char * begin()
Definition: uint256.h:101
double getdouble() const
A base class defining functions for notifying about certain kernel events.
virtual void headerTip(SynchronizationState state, int64_t height, int64_t timestamp, bool presync)
virtual void fatalError(const bilingual_str &message)
The fatal error notification is sent to notify the user when an error occurs in kernel code that can'...
virtual void warningSet(Warning id, const bilingual_str &message)
virtual void progress(const bilingual_str &title, int progress_percent, bool resume_possible)
virtual InterruptResult blockTip(SynchronizationState state, const CBlockIndex &index, double verification_progress)
virtual void warningUnset(Warning id)
Maintains a tree of blocks (stored in m_block_index) which is consulted to determine where the most-w...
Definition: blockstorage.h:196
const kernel::BlockManagerOpts m_opts
Definition: blockstorage.h:304
void FindFilesToPrune(std::set< int > &setFilesToPrune, int last_prune, const Chainstate &chain, ChainstateManager &chainman)
Prune block and undo files (blk???.dat and rev???.dat) so that the disk space used is less than a use...
CBlockIndex * LookupBlockIndex(const uint256 &hash) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
bool ReadBlockUndo(CBlockUndo &blockundo, const CBlockIndex &index) const
CBlockFileInfo *GetBlockFileInfo(size_t n) EXCLUSIVE_LOCKS_REQUIRED(bool WriteBlockUndo(const CBlockUndo &blockundo, BlockValidationState &state, CBlockIndex &block) EXCLUSIVE_LOCKS_REQUIRED(FlatFilePos WriteBlock(const CBlock &block, int nHeight) EXCLUSIVE_LOCKS_REQUIRED(void UpdateBlockInfo(const CBlock &block, unsigned int nHeight, const FlatFilePos &pos) EXCLUSIVE_LOCKS_REQUIRED(bool IsPruneMode() const
Get block file info entry for one block file.
Definition: blockstorage.h:407
std::atomic_bool m_blockfiles_indexed
Whether all blockfiles have been added to the block tree database.
Definition: blockstorage.h:333
std::vector< CBlockIndex * > GetAllBlockIndices() EXCLUSIVE_LOCKS_REQUIRED(std::multimap< CBlockIndex *, CBlockIndex * > m_blocks_unlinked
All pairs A->B, where A (or one of its ancestors) misses transactions, but B has transactions.
Definition: blockstorage.h:351
std::set< CBlockIndex * > m_dirty_blockindex
Dirty block index entries.
Definition: blockstorage.h:313
bool LoadingBlocks() const
Definition: blockstorage.h:413
void UnlinkPrunedFiles(const std::set< int > &setFilesToPrune) const
Actually unlink the specified files.
void WriteBlockIndexDB() EXCLUSIVE_LOCKS_REQUIRED(bool LoadBlockIndexDB(const std::optional< uint256 > &snapshot_blockhash) EXCLUSIVE_LOCKS_REQUIRED(void ScanAndUnlinkAlreadyPrunedFiles() EXCLUSIVE_LOCKS_REQUIRED(CBlockIndex * AddToBlockIndex(const CBlockHeader &block, CBlockIndex *&best_header) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Remove any pruned block & undo files that are still on disk.
Definition: blockstorage.h:372
void AddUnlinkedBlock(CBlockIndex *block) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
bool ReadBlock(CBlock &block, const FlatFilePos &pos, const std::optional< uint256 > &expected_hash) const
Functions for disk access for blocks.
bool m_check_for_pruning
Global flag to indicate we should check to see if there are block/undo files that should be deleted.
Definition: blockstorage.h:288
void FindFilesToPruneManual(std::set< int > &setFilesToPrune, int nManualPruneHeight, const Chainstate &chain)
std::optional< int > m_snapshot_height
The height of the base block of an assumeutxo snapshot, if one is in use.
Definition: blockstorage.h:349
uint64_t CalculateCurrentUsage() EXCLUSIVE_LOCKS_REQUIRED(bool CheckBlockDataAvailability(const CBlockIndex &upper_block, const CBlockIndex &lower_block, BlockStatus block_status=BLOCK_HAVE_DATA) EXCLUSIVE_LOCKS_REQUIRED(const CBlockIndex &GetFirstBlock(const CBlockIndex &upper_block LIFETIMEBOUND, uint32_t status_mask, const CBlockIndex *lower_block LIFETIMEBOUND=nullptr) const EXCLUSIVE_LOCKS_REQUIRED(boo m_have_pruned)
Calculate the amount of disk space the block & undo files currently use.
Definition: blockstorage.h:453
Metadata describing a serialized version of a UTXO set from which an assumeutxo Chainstate can be con...
Definition: utxo_snapshot.h:38
uint256 m_base_blockhash
The hash of the block that reflects the tip of the chain for the UTXO set contained in this snapshot.
Definition: utxo_snapshot.h:45
uint64_t m_coins_count
The number of coins in the UTXO set contained in this snapshot.
Definition: utxo_snapshot.h:50
std::string ToString() const
constexpr const std::byte * begin() const
const uint256 & ToUint256() const LIFETIMEBOUND
std::string GetHex() const
256-bit opaque blob.
Definition: uint256.h:196
Helper class that manages an interrupt flag, and allows a thread or signal to interrupt another threa...
std::string FormatFullVersion()
const Coin & AccessByTxid(const CCoinsViewCache &view, const Txid &txid)
Utility function to find any unspent output with a given txid.
Definition: coins.cpp:410
void AddCoins(CCoinsViewCache &cache, const CTransaction &tx, int nHeight, bool check_for_overwrite)
Utility function to add all of a transaction's outputs to a cache.
Definition: coins.cpp:126
static const PrecomputedData data
Precomputed COutPoint and CCoins values.
auto flush
Flush changes in top cache to the one below.
uint256 BlockMerkleRoot(const CBlock &block, bool *mutated)
Definition: merkle.cpp:66
uint256 BlockWitnessMerkleRoot(const CBlock &block)
Definition: merkle.cpp:76
static constexpr int NO_WITNESS_COMMITMENT
Index marker for when no witness commitment is present in a coinbase transaction.
Definition: validation.h:15
static constexpr size_t MINIMUM_WITNESS_COMMITMENT
Minimum size of a witness commitment structure.
Definition: validation.h:18
static int64_t GetBlockWeight(const CBlock &block)
Definition: validation.h:136
@ BLOCK_HEADER_LOW_WORK
the block header may be on a too-little-work chain
@ BLOCK_INVALID_HEADER
invalid proof of work or time too old
@ BLOCK_CACHED_INVALID
this block was cached as being invalid and we didn't store the reason why
@ BLOCK_CONSENSUS
invalid by consensus rules (excluding any below reasons)
@ BLOCK_MISSING_PREV
We don't have the previous block the checked one is built on.
@ BLOCK_INVALID_PREV
A block this one builds on is invalid.
@ BLOCK_MUTATED
the block's data didn't match the data committed to by the PoW
@ BLOCK_TIME_FUTURE
block timestamp was > 2 hours in the future (or our clock is bad)
int GetWitnessCommitmentIndex(const CBlock &block)
Compute at which vout of the block's coinbase transaction the witness commitment occurs,...
Definition: validation.h:147
@ TX_MISSING_INPUTS
transaction was missing some of its inputs
@ TX_MEMPOOL_POLICY
violated mempool's fee/size/descendant/RBF/etc limits
@ TX_PREMATURE_SPEND
transaction spends a coinbase too early, or violates locktime/sequence locks
@ TX_WITNESS_STRIPPED
Transaction is missing a witness.
@ TX_CONFLICT
Tx already in mempool or conflicts with a tx in the chain (if it conflicts with another tx in mempool...
@ TX_NOT_STANDARD
otherwise didn't meet our local policy rules
@ TX_WITNESS_MUTATED
Transaction might have a witness prior to SegWit activation, or witness may have been malleated (whic...
@ TX_NO_MEMPOOL
this node does not have a mempool so can't validate the transaction
@ TX_CONSENSUS
invalid by consensus rules
@ TX_RECONSIDERABLE
fails some policy, but might be acceptable if submitted in a (different) package
static constexpr unsigned int LOCKTIME_VERIFY_SEQUENCE
Flags for nSequence and nLockTime locks.
Definition: consensus.h:28
static constexpr int64_t MAX_TIMEWARP
Maximum number of seconds that the timestamp of the first block of a difficulty adjustment period is ...
Definition: consensus.h:35
static const unsigned int MAX_BLOCK_WEIGHT
The maximum allowed weight for a block, see BIP 141 (network rule)
Definition: consensus.h:15
static const unsigned int MAX_BLOCK_SERIALIZED_SIZE
The maximum allowed size for a serialized block, in bytes (only for buffer size limits)
Definition: consensus.h:13
static const int64_t MAX_BLOCK_SIGOPS_COST
The maximum allowed number of signature check operations in a block (network rule)
Definition: consensus.h:17
static const int COINBASE_MATURITY
Coinbase transaction outputs can only be spent after this number of new blocks (network rule)
Definition: consensus.h:19
static const int WITNESS_SCALE_FACTOR
Definition: consensus.h:21
RecursiveMutex cs_main
Mutex to guard access to validation specific variables, such as reading or changing the chainstate.
Definition: cs_main.cpp:8
bool DestroyDB(const std::string &path_str)
Definition: dbwrapper.cpp:39
bool DeploymentActiveAfter(const CBlockIndex *pindexPrev, const Consensus::Params &params, Consensus::BuriedDeployment dep, VersionBitsCache &versionbitscache)
Determine if a deployment is active for the next block.
bool DeploymentActiveAt(const CBlockIndex &index, const Consensus::Params &params, Consensus::BuriedDeployment dep, VersionBitsCache &versionbitscache)
Determine if a deployment is active for this block.
static const unsigned int MAX_DISCONNECTED_TX_POOL_BYTES
Maximum bytes for transactions to store for processing during reorg.
bool CheckEphemeralSpends(const Package &package, CFeeRate dust_relay_rate, const CTxMemPool &tx_pool, TxValidationState &out_child_state, Wtxid &out_child_wtxid)
Called for each transaction(package) if any dust is in the package.
bool PreCheckEphemeralTx(const CTransaction &tx, CFeeRate dust_relay_rate, CAmount base_fee, CAmount mod_fee, TxValidationState &state)
These utility functions ensure that ephemeral dust is safely created and spent without unduly risking...
volatile double sum
Definition: examples.cpp:10
static bool exists(const path &p)
Definition: fs.h:96
static std::string PathToString(const path &path)
Convert path object to a byte string.
Definition: fs.h:162
bool CheckDiskSpace(const fs::path &dir, uint64_t additional_bytes)
Definition: fs_helpers.cpp:93
HTTPHeaders headers
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, script_verify_flags flags, const BaseSignatureChecker &checker, ScriptError *serror)
is a home for simple enum and struct type definitions that can be used internally by functions in the...
#define LogWarning(...)
Definition: log.h:126
#define LogInfo(...)
Definition: log.h:125
#define LogError(...)
Definition: log.h:127
#define LogDebug(category,...)
Definition: log.h:143
unsigned int nHeight
LockPoints lp
@ REORG
Removed for reorganization.
std::array< uint8_t, 4 > MessageStartChars
BlockValidationState m_state
Definition: miner.cpp:371
uint256 m_hash
Definition: miner.cpp:369
unsigned int nonce
@ COINDB
Definition: categories.h:33
@ REINDEX
Definition: categories.h:27
@ TXPACKAGES
Definition: categories.h:45
@ ALL
Definition: categories.h:48
@ VALIDATION
Definition: categories.h:36
@ PRUNE
Definition: categories.h:30
@ MEMPOOL
Definition: categories.h:18
@ BENCH
Definition: categories.h:20
bool CheckTxInputs(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &inputs, int nSpendHeight, CAmount &txfee)
Check whether all inputs of this transaction are valid (no double spends and amounts) This does not m...
Definition: tx_verify.cpp:164
@ DEPLOYMENT_DERSIG
Definition: params.h:29
@ DEPLOYMENT_CSV
Definition: params.h:30
@ DEPLOYMENT_SEGWIT
Definition: params.h:33
@ DEPLOYMENT_HEIGHTINCB
Definition: params.h:27
@ DEPLOYMENT_CLTV
Definition: params.h:28
T check(T ptr)
std::function< FILE *(const fs::path &, const char *)> FopenFn
Definition: fs.h:197
Definition: basic.cpp:8
static std::optional< CCoinsStats > ComputeUTXOStats(T hash_obj, const CCoinsViewDB &view, node::BlockManager &blockman, const std::function< void()> &interruption_point)
Calculate statistics about the unspent transaction output set.
Definition: coinstats.cpp:112
bool IsInterrupted(const T &result)
CoinStatsHashType
Definition: coinstats.h:26
const fs::path SNAPSHOT_BLOCKHASH_FILENAME
The file in the snapshot chainstate dir which stores the base blockhash.
bool WriteSnapshotBaseBlockhash(Chainstate &snapshot_chainstate)
std::optional< fs::path > FindAssumeutxoChainstateDir(const fs::path &data_dir)
Return a path to the snapshot-based chainstate dir, if one exists.
bool WriteSnapshotBaseBlockhash(Chainstate &snapshot_chainstate) EXCLUSIVE_LOCKS_REQUIRED(std::optional< uint256 > ReadSnapshotBaseBlockhash(fs::path chaindir) EXCLUSIVE_LOCKS_REQUIRED(constexpr std::string_view SNAPSHOT_CHAINSTATE_SUFFIX
Write out the blockhash of the snapshot base block that was used to construct this chainstate.
std::unordered_map< uint256, CBlockIndex, BlockHasher > BlockMap
Definition: blockstorage.h:138
std::optional< uint256 > ReadSnapshotBaseBlockhash(fs::path chaindir)
constexpr NoRateLimitTag NO_RATE_LIMIT
Definition: log.h:50
bilingual_str ErrorString(const Result< T > &result)
Definition: result.h:93
std::string ToString(const T &t)
Locale-independent version of std::to_string.
Definition: string.h:249
auto Join(const C &container, const S &separator, UnaryOp unary_op)
Join all container items.
Definition: string.h:208
static feebumper::Result CheckFeeRate(const CWallet &wallet, const CMutableTransaction &mtx, const CFeeRate &newFeerate, const int64_t maxTxSize, CAmount old_fee, std::vector< bilingual_str > &errors)
Check if the user provided a valid feeRate.
Definition: feebumper.cpp:62
std::shared_ptr< Chain::Notifications > m_notifications
Definition: interfaces.cpp:496
bool IsChildWithParents(const Package &package)
Context-free check that a package is exactly one child and its parents; not all parents need to be pr...
Definition: packages.cpp:119
bool IsWellFormedPackage(const Package &txns, PackageValidationState &state)
Context-free package policy checks:
Definition: packages.cpp:79
uint256 GetPackageHash(const std::vector< CTransactionRef > &transactions)
Get the hash of the concatenated wtxids of transactions, with wtxids treated as a little-endian numbe...
Definition: packages.cpp:151
std::vector< CTransactionRef > Package
A package is an ordered list of transactions.
Definition: packages.h:45
@ PCKG_POLICY
The package itself is invalid (e.g. too many transactions).
@ PCKG_MEMPOOL_ERROR
Mempool logic error.
@ PCKG_TX
At least one tx is invalid.
std::optional< std::pair< DiagramCheckError, std::string > > ImprovesFeerateDiagram(CTxMemPool::ChangeSet &changeset)
The replacement transaction must improve the feerate diagram of the mempool.
Definition: rbf.cpp:127
std::optional< std::string > PaysForRBF(CAmount original_fees, CAmount replacement_fees, size_t replacement_vsize, CFeeRate relay_fee, const Txid &txid)
The replacement transaction must pay more fees than the original transactions.
Definition: rbf.cpp:100
std::optional< std::string > EntriesAndTxidsDisjoint(const CTxMemPool::setEntries &ancestors, const std::set< Txid > &direct_conflicts, const Txid &txid)
Check the intersection between two sets of transactions (a set of mempool entries and a set of txids)...
Definition: rbf.cpp:85
std::optional< std::string > GetEntriesForConflicts(const CTransaction &tx, CTxMemPool &pool, const CTxMemPool::setEntries &iters_conflicting, CTxMemPool::setEntries &all_conflicts)
Get all descendants of iters_conflicting.
Definition: rbf.cpp:58
@ FAILURE
New diagram wasn't strictly superior
TxValidationState ValidateInputsStandardness(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check transaction inputs.
Definition: policy.cpp:214
bool SpendsNonAnchorWitnessProg(const CTransaction &tx, const CCoinsViewCache &prevouts)
Check whether this transaction spends any witness program but P2A, including not-yet-defined ones.
Definition: policy.cpp:354
bool IsWitnessStandard(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check if the transaction is over standard P2WSH resources limit: 3600bytes witnessScript size,...
Definition: policy.cpp:265
bool IsStandardTx(const CTransaction &tx, const std::optional< unsigned > &max_datacarrier_bytes, bool permit_bare_multisig, const CFeeRate &dust_relay_fee, std::string &reason)
Check for standard transaction types.
Definition: policy.cpp:100
static constexpr script_verify_flags STANDARD_SCRIPT_VERIFY_FLAGS
Standard script verification flags that standard transactions will comply with.
Definition: policy.h:118
static constexpr unsigned int STANDARD_LOCKTIME_VERIFY_FLAGS
Used as the flags parameter to sequence and nLocktime checks in non-consensus code.
Definition: policy.h:137
static constexpr unsigned int MAX_STANDARD_TX_SIGOPS_COST
The maximum number of sigops we're willing to relay/mine in a single tx.
Definition: policy.h:44
static constexpr unsigned int MIN_STANDARD_TX_NONWITNESS_SIZE
The minimum non-witness size for transactions we're willing to relay/mine: one larger than 64
Definition: policy.h:40
static constexpr script_verify_flags STANDARD_NOT_MANDATORY_VERIFY_FLAGS
For convenience, standard but not mandatory verify flags.
Definition: policy.h:134
unsigned int GetNextWorkRequired(const CBlockIndex *pindexLast, const CBlockHeader *pblock, const Consensus::Params &params)
Definition: pow.cpp:14
bool CheckProofOfWork(uint256 hash, unsigned int nBits, const Consensus::Params &params)
Check whether a block hash satisfies the proof-of-work requirement specified by nBits.
Definition: pow.cpp:140
static constexpr TransactionSerParams TX_NO_WITNESS
Definition: transaction.h:181
static constexpr TransactionSerParams TX_WITH_WITNESS
Definition: transaction.h:180
static CTransactionRef MakeTransactionRef(Tx &&txIn)
Definition: transaction.h:404
std::shared_ptr< const CTransaction > CTransactionRef
Definition: transaction.h:403
uint256 GetRandHash() noexcept
Generate a random uint256.
Definition: random.h:463
const char * prefix
Definition: rest.cpp:1143
@ OP_RETURN
Definition: script.h:112
std::string ScriptErrorString(const ScriptError serror)
enum ScriptError_t ScriptError
@ SCRIPT_ERR_UNKNOWN_ERROR
Definition: script_error.h:14
uint64_t ReadCompactSize(Stream &is, bool range_check=true)
Decode a CompactSize-encoded variable-length integer.
Definition: serialize.h:333
uint64_t GetSerializeSize(const T &t)
Definition: serialize.h:1157
bool CheckSignetBlockSolution(const CBlock &block, const Consensus::Params &consensusParams)
Extract signature and check whether a block has a valid solution.
Definition: signet.cpp:126
unsigned char * UCharCast(char *c)
Definition: span.h:95
Holds configuration for use during UTXO snapshot load and validation.
Definition: chainparams.h:34
AssumeutxoHash hash_serialized
The expected hash of the deserialized UTXO set.
Definition: chainparams.h:38
uint64_t m_chain_tx_count
Used to populate the m_chain_tx_count value, which is used during BlockManager::LoadBlockIndex().
Definition: chainparams.h:44
Describes a place in the block chain to another node such that if the other node doesn't have the sam...
Definition: block.h:117
std::vector< uint256 > vHave
Definition: block.h:127
A mutable version of CTransaction.
Definition: transaction.h:358
std::vector< CTxOut > vout
Definition: transaction.h:360
std::vector< CTxIn > vin
Definition: transaction.h:359
Holds various statistics on transactions within a chain.
Definition: chainparams.h:57
User-controlled performance and debug options.
Definition: txdb.h:28
std::shared_ptr< const CBlock > pblock
const CBlockIndex * pindex
Parameters that influence chain consensus.
Definition: params.h:87
bool enforce_BIP94
Enforce BIP94 timewarp attack mitigation.
Definition: params.h:121
int64_t DifficultyAdjustmentInterval() const
Definition: params.h:129
bool signet_blocks
If true, witness commitments contain a payload equal to a Bitcoin Script solution to the signet chall...
Definition: params.h:139
int nSubsidyHalvingInterval
Definition: params.h:89
std::map< uint256, script_verify_flags > script_flag_exceptions
Hashes of blocks that.
Definition: params.h:96
int64_t nPowTargetSpacing
Definition: params.h:123
std::chrono::seconds PowTargetSpacing() const
Definition: params.h:125
Application-specific storage settings.
Definition: dbwrapper.h:41
fs::path path
Location in the filesystem where leveldb data will be stored.
Definition: dbwrapper.h:43
Data structure storing a fee and size.
Definition: feefrac.h:22
uint32_t nPos
Definition: flatfile.h:17
bool IsNull() const
Definition: flatfile.h:32
int32_t nFile
Definition: flatfile.h:16
int64_t time
Definition: mempool_entry.h:31
Validation result for a transaction evaluated by MemPoolAccept (single or package).
Definition: validation.h:134
const ResultType m_result_type
Result type.
Definition: validation.h:143
const TxValidationState m_state
Contains information about why the transaction failed.
Definition: validation.h:146
@ INVALID
‍Fully validated, valid.
static MempoolAcceptResult Failure(TxValidationState state)
Definition: validation.h:170
static MempoolAcceptResult FeeFailure(TxValidationState state, CFeeRate effective_feerate, const std::vector< Wtxid > &wtxids_fee_calculations)
Definition: validation.h:174
static MempoolAcceptResult MempoolTxDifferentWitness(const Wtxid &other_wtxid)
Definition: validation.h:193
static MempoolAcceptResult MempoolTx(int64_t vsize, CAmount fees)
Definition: validation.h:189
static MempoolAcceptResult Success(std::list< CTransactionRef > &&replaced_txns, int64_t vsize, CAmount fees, CFeeRate effective_feerate, const std::vector< Wtxid > &wtxids_fee_calculations)
Definition: validation.h:180
static time_point now() noexcept
Return current system time or mocked time, if set.
Definition: time.cpp:65
static time_point now() noexcept
Return current system time or mocked time, if set.
Definition: time.cpp:38
Validation result for package mempool acceptance.
Definition: validation.h:240
void Init(const T &tx, std::vector< CTxOut > &&spent_outputs, bool force=false)
Initialize this PrecomputedTransactionData with transaction data.
bool m_spent_outputs_ready
Whether m_spent_outputs is initialized.
Definition: interpreter.h:183
std::vector< CTxOut > m_spent_outputs
Definition: interpreter.h:181
const char * what() const noexcept override
Bilingual messages:
Definition: translation.h:24
std::string original
Definition: translation.h:25
An options struct for BlockManager, more ergonomically referred to as BlockManager::Options due to th...
An options struct for ChainstateManager, more ergonomically referred to as ChainstateManager::Options...
std::optional< int32_t > check_block_index
std::chrono::seconds max_tip_age
If the tip is older than this, the node is considered to be in initial block download.
int32_t prevoutfetch_threads_num
Number of worker threads used for prefetching block input prevouts. Zero means no parallel fetching.
Information about chainstate that notifications are sent from.
Definition: types.h:18
bool validated
Whether this is a notification from a chainstate that's been fully validated starting from the genesi...
Definition: types.h:22
#define AssertLockNotHeld(cs)
Definition: sync.h:149
#define LOCK(cs)
Definition: sync.h:268
#define WITH_LOCK(cs, code)
Run code while locking a mutex.
Definition: sync.h:299
CDBWrapper db
Definition: dbwrapper.cpp:371
#define EXCLUSIVE_LOCKS_REQUIRED(...)
Definition: threadsafety.h:49
#define LOCKS_EXCLUDED(...)
Definition: threadsafety.h:48
#define LOG_TIME_MILLIS_WITH_CATEGORY(end_msg, log_category)
Definition: timer.h:103
#define LOG_TIME_MILLIS_WITH_CATEGORY_MSG_ONCE(end_msg, log_category)
Definition: timer.h:105
#define strprintf
Format arguments and return the string or write to given std::ostream (see tinyformat::format doc for...
Definition: tinyformat.h:1172
#define TRACEPOINT(context,...)
Definition: trace.h:56
consteval auto _(util::TranslatedLiteral str)
Definition: translation.h:79
bilingual_str Untranslated(std::string original)
Mark a bilingual_str as untranslated.
Definition: translation.h:82
std::optional< std::pair< std::string, CTransactionRef > > SingleTRUCChecks(const CTxMemPool &pool, const CTransactionRef &ptx, const std::vector< CTxMemPoolEntry::CTxMemPoolEntryRef > &mempool_parents, const std::set< Txid > &direct_conflicts, int64_t vsize)
Must be called for every transaction, even if not TRUC.
std::optional< std::string > PackageTRUCChecks(const CTxMemPool &pool, const CTransactionRef &ptx, int64_t vsize, const Package &package, const std::vector< CTxMemPoolEntry::CTxMemPoolEntryRef > &mempool_parents)
Must be called for every transaction that is submitted within a package, even if not TRUC.
Definition: truc_policy.cpp:57
bool CheckTransaction(const CTransaction &tx, TxValidationState &state)
Definition: tx_check.cpp:11
bool EvaluateSequenceLocks(const CBlockIndex &block, std::pair< int, int64_t > lockPair)
Definition: tx_verify.cpp:97
std::pair< int, int64_t > CalculateSequenceLocks(const CTransaction &tx, int flags, std::vector< int > &prevHeights, const CBlockIndex &block)
Calculates the block height and previous block's median time past at which the transaction will be co...
Definition: tx_verify.cpp:39
int64_t GetTransactionSigOpCost(const CTransaction &tx, const CCoinsViewCache &inputs, script_verify_flags flags)
Compute total signature operation cost of a transaction.
Definition: tx_verify.cpp:143
unsigned int GetLegacySigOpCount(const CTransaction &tx)
Auxiliary functions for transaction validation (ideally should not be exposed)
Definition: tx_verify.cpp:112
bool SequenceLocks(const CTransaction &tx, int flags, std::vector< int > &prevHeights, const CBlockIndex &block)
Check if transaction is final per BIP 68 sequence numbers and can be included in a block.
Definition: tx_verify.cpp:107
bool IsFinalTx(const CTransaction &tx, int nBlockHeight, int64_t nBlockTime)
Check if transaction is final and can be included in a block with the specified height and time.
Definition: tx_verify.cpp:17
bool TestLockPointValidity(CChain &active_chain, const LockPoints &lp)
Test whether the LockPoints height and time are still valid on the current chain.
Definition: txmempool.cpp:40
static const uint32_t MEMPOOL_HEIGHT
Fake height value used in Coin to signify they are only in the memory pool (since 0....
Definition: txmempool.h:50
#define expect(bit)
int64_t GetTime()
DEPRECATED Use either ClockType::now() or Now<TimePointType>() if a cast is needed.
Definition: time.cpp:89
std::string FormatISO8601DateTime(int64_t nTime)
ISO 8601 formatting is preferred.
Definition: time.cpp:91
constexpr int64_t count_seconds(std::chrono::seconds t)
Definition: time.h:97
std::chrono::time_point< NodeClock, std::chrono::seconds > NodeSeconds
Definition: time.h:35
PackageMempoolAcceptResult ProcessNewPackage(Chainstate &active_chainstate, CTxMemPool &pool, const Package &package, bool test_accept, const std::optional< CFeeRate > &client_maxfeerate)
Validate (and maybe submit) a package to the mempool.
static void LimitMempoolSize(CTxMemPool &pool, CCoinsViewCache &coins_cache) EXCLUSIVE_LOCKS_REQUIRED(
Definition: validation.cpp:273
bool IsBlockMutated(const CBlock &block, bool check_witness_root)
Check if a block has been mutated (with respect to its merkle root and witness commitments).
script_verify_flags GetBlockScriptFlags(const CBlockIndex &block_index, const ChainstateManager &chainman)
std::optional< LockPoints > CalculateLockPointsAtTip(CBlockIndex *tip, const CCoinsView &coins_view, const CTransaction &tx)
Definition: validation.cpp:210
static bool pool cs
Definition: validation.cpp:409
bool CheckInputScripts(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &inputs, script_verify_flags flags, bool cacheSigStore, bool cacheFullScriptStore, PrecomputedTransactionData &txdata, ValidationCache &validation_cache, std::vector< CScriptCheck > *pvChecks=nullptr) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Check whether all of this transaction's input scripts succeed.
bool CheckFinalTxAtTip(const CBlockIndex &active_chain_tip, const CTransaction &tx)
Definition: validation.cpp:156
CAmount GetBlockSubsidy(int nHeight, const Consensus::Params &consensusParams)
MempoolAcceptResult AcceptToMemoryPool(Chainstate &active_chainstate, const CTransactionRef &tx, int64_t accept_time, bool bypass_limits, bool test_accept)
Try to add a transaction to the mempool.
bool HasValidProofOfWork(std::span< const CBlockHeader > headers, const Consensus::Params &consensusParams)
Check that the proof of work on each blockheader matches the value in nBits.
int ApplyTxInUndo(Coin &&undo, CCoinsViewCache &view, const COutPoint &out)
Restore the UTXO in a Coin at a given COutPoint.
static bool ContextualCheckBlock(const CBlock &block, BlockValidationState &state, const ChainstateManager &chainman, const CBlockIndex *pindexPrev)
NOTE: This function is not currently invoked by ConnectBlock(), so we should consider upgrade issues ...
bool FatalError(Notifications &notifications, BlockValidationState &state, const bilingual_str &message)
bool CheckSequenceLocksAtTip(CBlockIndex *tip, const LockPoints &lock_points)
Check if transaction will be BIP68 final in the next block to be created on top of tip.
Definition: validation.cpp:255
static bool ContextualCheckBlockHeader(const CBlockHeader &block, BlockValidationState &state, const ChainstateManager &chainman, const CBlockIndex *pindexPrev) EXCLUSIVE_LOCKS_REQUIRED(
Context-dependent validity checks.
static ChainstateManager::Options && Flatten(ChainstateManager::Options &&opts)
Apply default chain params to nullopt members.
static void UpdateTipLog(const ChainstateManager &chainman, const CCoinsViewCache &coins_tip, const CBlockIndex *tip, const std::string &func_name, const std::string &prefix, const std::string &warning_messages, const bool background_validation) EXCLUSIVE_LOCKS_REQUIRED(
static bool CheckInputsFromMempoolAndCache(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &view, const CTxMemPool &pool, script_verify_flags flags, PrecomputedTransactionData &txdata, CCoinsViewCache &coins_tip, ValidationCache &validation_cache) EXCLUSIVE_LOCKS_REQUIRED(cs_main
Checks to avoid mempool polluting consensus critical paths since cached signature and script validity...
static constexpr auto DATABASE_WRITE_INTERVAL_MAX
Definition: validation.cpp:99
static bool CheckWitnessMalleation(const CBlock &block, bool expect_witness_commitment, BlockValidationState &state)
CheckWitnessMalleation performs checks for block malleation with regard to its witnesses.
void UpdateCoins(const CTransaction &tx, CCoinsViewCache &inputs, CTxUndo &txundo, int nHeight)
static bool DeleteCoinsDBFromDisk(const fs::path db_path, bool is_snapshot) EXCLUSIVE_LOCKS_REQUIRED(
static bool CheckMerkleRoot(const CBlock &block, BlockValidationState &state)
static constexpr int PRUNE_LOCK_BUFFER
The number of blocks to keep below the deepest prune lock.
Definition: validation.cpp:115
arith_uint256 CalculateClaimedHeadersWork(std::span< const CBlockHeader > headers)
Return the sum of the claimed work on a given set of headers.
const std::vector< std::string > CHECKLEVEL_DOC
Documentation for argument 'checklevel'.
Definition: validation.cpp:102
bool CheckBlock(const CBlock &block, BlockValidationState &state, const Consensus::Params &consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
Functions for validating blocks and updating the block tree.
static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE
Maximum age of our tip for us to be considered current for fee estimation.
Definition: validation.cpp:101
void PruneBlockFilesManual(Chainstate &active_chainstate, int nManualPruneHeight)
Prune block files up to a given height.
static void FlushSnapshotToDisk(CCoinsViewCache &coins_cache, bool snapshot_loaded)
static bool IsCurrentForFeeEstimation(Chainstate &active_chainstate) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
Definition: validation.cpp:289
static constexpr auto DATABASE_WRITE_INTERVAL_MIN
Time window to wait between writing blocks/block index and chainstate to disk.
Definition: validation.cpp:98
AssertLockHeld(pool.cs)
BlockValidationState TestBlockValidity(Chainstate &chainstate, const CBlock &block, const bool check_pow, const bool check_merkle_root)
Verify a block, including transactions.
static bool CheckBlockHeader(const CBlockHeader &block, BlockValidationState &state, const Consensus::Params &consensusParams, bool fCheckPOW=true)
bool IsBIP30Repeat(const CBlockIndex &block_index)
Identifies blocks that overwrote an existing coinbase output in the UTXO set (see BIP30)
static void SnapshotUTXOHashBreakpoint(const util::SignalInterrupt &interrupt)
static bool ShouldCompactChainstate(bool in_ibd)
Definition: validation.cpp:118
static SynchronizationState GetSynchronizationState(bool init, bool blockfiles_indexed)
bool IsBIP30Unspendable(const uint256 &block_hash, int block_height)
Identifies blocks which coinbase output was subsequently overwritten in the UTXO set (see BIP30)
TRACEPOINT_SEMAPHORE(validation, block_connected)
static void LimitValidationInterfaceQueue(ValidationSignals &signals) LOCKS_EXCLUDED(cs_main)
assert(!tx.IsCoinBase())
static constexpr int MAX_SCRIPTCHECK_THREADS
Maximum number of dedicated script-checking threads allowed.
Definition: validation.h:90
static const unsigned int MIN_BLOCKS_TO_KEEP
Block files containing a block-height within MIN_BLOCKS_TO_KEEP of ActiveChain().Tip() will not be pr...
Definition: validation.h:76
SnapshotCompletionResult
Definition: validation.h:907
Assumeutxo
Chainstate assumeutxo validity.
Definition: validation.h:530
@ VALIDATED
Every block in the chain has been validated.
@ UNVALIDATED
Blocks after an assumeutxo snapshot have been validated but the snapshot itself has not been validate...
@ INVALID
The assumeutxo snapshot failed validation.
SynchronizationState
Current sync state passed to tip changed callbacks.
Definition: validation.h:96
constexpr std::array FlushStateModeNames
Definition: validation.h:464
constexpr int64_t LargeCoinsCacheThreshold(int64_t total_space) noexcept
Definition: validation.h:521
VerifyDBResult
Definition: validation.h:429
FlushStateMode
Definition: validation.h:465
CoinsCacheSizeState
Definition: validation.h:513
@ LARGE
The cache is at >= 90% capacity.
@ CRITICAL
The coins cache is in immediate need of a flush.
DisconnectResult
Definition: validation.h:455
@ DISCONNECT_FAILED
Definition: validation.h:458
@ DISCONNECT_UNCLEAN
Definition: validation.h:457
@ DISCONNECT_OK
Definition: validation.h:456