spend.cpp
1 // Copyright (c) 2021-2022 The Bitcoin Core developers 2 // Distributed under the MIT software license, see the accompanying 3 // file COPYING or http://www.opensource.org/licenses/mit-license.php. 4 5 #include <algorithm> 6 #include <common/args.h> 7 #include <common/messages.h> 8 #include <common/system.h> 9 #include <consensus/amount.h> 10 #include <consensus/validation.h> 11 #include <interfaces/chain.h> 12 #include <node/types.h> 13 #include <numeric> 14 #include <policy/policy.h> 15 #include <policy/truc_policy.h> 16 #include <primitives/transaction.h> 17 #include <primitives/transaction_identifier.h> 18 #include <script/script.h> 19 #include <script/signingprovider.h> 20 #include <script/solver.h> 21 #include <util/check.h> 22 #include <util/moneystr.h> 23 #include <util/rbf.h> 24 #include <util/trace.h> 25 #include <util/translation.h> 26 #include <wallet/coincontrol.h> 27 #include <wallet/fees.h> 28 #include <wallet/receive.h> 29 #include <wallet/spend.h> 30 #include <wallet/transaction.h> 31 #include <wallet/wallet.h> 32 33 #include <cmath> 34 35 using common::StringForFeeReason; 36 using common::TransactionErrorString; 37 using interfaces::FoundBlock; 38 using node::TransactionError; 39 40 TRACEPOINT_SEMAPHORE(coin_selection, selected_coins); 41 TRACEPOINT_SEMAPHORE(coin_selection, normal_create_tx_internal); 42 TRACEPOINT_SEMAPHORE(coin_selection, attempting_aps_create_tx); 43 TRACEPOINT_SEMAPHORE(coin_selection, aps_create_tx_internal); 44 45 namespace wallet { 46 static constexpr size_t OUTPUT_GROUP_MAX_ENTRIES{100}; 47 48 /** Whether the descriptor represents, directly or not, a witness program. */ 49 static bool IsSegwit(const Descriptor& desc) { 50 if (const auto typ = desc.GetOutputType()) return *typ != OutputType::LEGACY; 51 return false; 52 } 53 54 /** Whether to assume ECDSA signatures' will be high-r. */ 55 static bool UseMaxSig(const std::optional<CTxIn>& txin, const CCoinControl* coin_control) { 56 // Use max sig if watch only inputs were used or if this particular input is an external input 57 // to ensure a sufficient fee is attained for the requested feerate. 58 return coin_control && txin && coin_control->IsExternalSelected(txin->prevout); 59 } 60 61 /** Get the size of an input (in witness units) once it's signed. 62 * 63 * @param desc The output script descriptor of the coin spent by this input. 64 * @param txin Optionally the txin to estimate the size of. Used to determine the size of ECDSA signatures. 65 * @param coin_control Information about the context to determine the size of ECDSA signatures. 66 * @param tx_is_segwit Whether the transaction has at least a single input spending a segwit coin. 67 * @param can_grind_r Whether the signer will be able to grind the R of the signature. 68 */ 69 static std::optional<int64_t> MaxInputWeight(const Descriptor& desc, const std::optional<CTxIn>& txin, 70 const CCoinControl* coin_control, const bool tx_is_segwit, 71 const bool can_grind_r) { 72 if (const auto sat_weight = desc.MaxSatisfactionWeight(!can_grind_r || UseMaxSig(txin, coin_control))) { 73 if (const auto elems_count = desc.MaxSatisfactionElems()) { 74 const bool is_segwit = IsSegwit(desc); 75 // Account for the size of the scriptsig and the number of elements on the witness stack. Note 76 // that if any input in the transaction is spending a witness program, we need to specify the 77 // witness stack size for every input regardless of whether it is segwit itself. 78 // NOTE: this also works in case of mixed scriptsig-and-witness such as in p2sh-wrapped segwit v0 79 // outputs. In this case the size of the scriptsig length will always be one (since the redeemScript 80 // is always a push of the witness program in this case, which is smaller than 253 bytes). 81 const int64_t scriptsig_len = is_segwit ? 1 : GetSizeOfCompactSize(*sat_weight / WITNESS_SCALE_FACTOR); 82 const int64_t witstack_len = is_segwit ? GetSizeOfCompactSize(*elems_count) : (tx_is_segwit ? 1 : 0); 83 // previous txid + previous vout + sequence + scriptsig len + witstack size + scriptsig or witness 84 // NOTE: sat_weight already accounts for the witness discount accordingly. 85 return (32 + 4 + 4 + scriptsig_len) * WITNESS_SCALE_FACTOR + witstack_len + *sat_weight; 86 } 87 } 88 89 return {}; 90 } 91 92 int CalculateMaximumSignedInputSize(const CTxOut& txout, const COutPoint outpoint, const SigningProvider* provider, bool can_grind_r, const CCoinControl* coin_control) 93 { 94 if (!provider) return -1; 95 96 if (const auto desc = InferDescriptor(txout.scriptPubKey, *provider)) { 97 if (const auto weight = MaxInputWeight(*desc, {}, coin_control, true, can_grind_r)) { 98 return static_cast<int>(GetVirtualTransactionSize(*weight, 0, 0)); 99 } 100 } 101 102 return -1; 103 } 104 105 int CalculateMaximumSignedInputSize(const CTxOut& txout, const CWallet* wallet, const CCoinControl* coin_control) 106 { 107 const std::unique_ptr<SigningProvider> provider = wallet->GetSolvingProvider(txout.scriptPubKey); 108 return CalculateMaximumSignedInputSize(txout, COutPoint(), provider.get(), wallet->CanGrindR(), coin_control); 109 } 110 111 /** Infer a descriptor for the given output script. */ 112 static std::unique_ptr<Descriptor> GetDescriptor(const CWallet* wallet, const CCoinControl* coin_control, 113 const CScript script_pubkey) 114 { 115 MultiSigningProvider providers; 116 for (const auto spkman: wallet->GetScriptPubKeyMans(script_pubkey)) { 117 providers.AddProvider(spkman->GetSolvingProvider(script_pubkey)); 118 } 119 if (coin_control) { 120 providers.AddProvider(std::make_unique<FlatSigningProvider>(coin_control->m_external_provider)); 121 } 122 return InferDescriptor(script_pubkey, providers); 123 } 124 125 /** Infer the maximum size of this input after it will be signed. */ 126 static std::optional<int64_t> GetSignedTxinWeight(const CWallet* wallet, const CCoinControl* coin_control, 127 const CTxIn& txin, const CTxOut& txo, const bool tx_is_segwit, 128 const bool can_grind_r) 129 { 130 // If weight was provided, use that. 131 std::optional<int64_t> weight; 132 if (coin_control && (weight = coin_control->GetInputWeight(txin.prevout))) { 133 return weight.value(); 134 } 135 136 // Otherwise, use the maximum satisfaction size provided by the descriptor. 137 std::unique_ptr<Descriptor> desc{GetDescriptor(wallet, coin_control, txo.scriptPubKey)}; 138 if (desc) return MaxInputWeight(*desc, {txin}, coin_control, tx_is_segwit, can_grind_r); 139 140 return {}; 141 } 142 143 // txouts needs to be in the order of tx.vin 144 TxSize CalculateMaximumSignedTxSize(const CTransaction &tx, const CWallet *wallet, const std::vector<CTxOut>& txouts, const CCoinControl* coin_control) 145 { 146 // version + nLockTime + input count + output count 147 int64_t weight = (4 + 4 + GetSizeOfCompactSize(tx.vin.size()) + GetSizeOfCompactSize(tx.vout.size())) * WITNESS_SCALE_FACTOR; 148 // Whether any input spends a witness program. Necessary to run before the next loop over the 149 // inputs in order to accurately compute the compactSize length for the witness data per input. 150 bool is_segwit = std::any_of(txouts.begin(), txouts.end(), [&](const CTxOut& txo) { 151 std::unique_ptr<Descriptor> desc{GetDescriptor(wallet, coin_control, txo.scriptPubKey)}; 152 if (desc) return IsSegwit(*desc); 153 return false; 154 }); 155 // Segwit marker and flag 156 if (is_segwit) weight += 2; 157 158 // Add the size of the transaction outputs. 159 for (const auto& txo : tx.vout) weight += GetSerializeSize(txo) * WITNESS_SCALE_FACTOR; 160 161 // Add the size of the transaction inputs as if they were signed. 162 for (uint32_t i = 0; i < txouts.size(); i++) { 163 const auto txin_weight = GetSignedTxinWeight(wallet, coin_control, tx.vin[i], txouts[i], is_segwit, wallet->CanGrindR()); 164 if (!txin_weight) return TxSize{-1, -1}; 165 assert(*txin_weight > -1); 166 weight += *txin_weight; 167 } 168 169 // It's ok to use 0 as the number of sigops since we never create any pathological transaction. 170 return TxSize{GetVirtualTransactionSize(weight, 0, 0), weight}; 171 } 172 173 TxSize CalculateMaximumSignedTxSize(const CTransaction &tx, const CWallet *wallet, const CCoinControl* coin_control) 174 { 175 std::vector<CTxOut> txouts; 176 // Look up the inputs. The inputs are either in the wallet, or in coin_control. 177 for (const CTxIn& input : tx.vin) { 178 const auto mi = wallet->mapWallet.find(input.prevout.hash); 179 // Can not estimate size without knowing the input details 180 if (mi != wallet->mapWallet.end()) { 181 assert(input.prevout.n < mi->second.tx->vout.size()); 182 txouts.emplace_back(mi->second.tx->vout.at(input.prevout.n)); 183 } else if (coin_control) { 184 const auto& txout{coin_control->GetExternalOutput(input.prevout)}; 185 if (!txout) return TxSize{-1, -1}; 186 txouts.emplace_back(*txout); 187 } else { 188 return TxSize{-1, -1}; 189 } 190 } 191 return CalculateMaximumSignedTxSize(tx, wallet, txouts, coin_control); 192 } 193 194 size_t CoinsResult::Size() const 195 { 196 size_t size{0}; 197 for (const auto& it : coins) { 198 size += it.second.size(); 199 } 200 return size; 201 } 202 203 std::vector<COutput> CoinsResult::All() const 204 { 205 std::vector<COutput> all; 206 all.reserve(coins.size()); 207 for (const auto& it : coins) { 208 all.insert(all.end(), it.second.begin(), it.second.end()); 209 } 210 return all; 211 } 212 213 void CoinsResult::Clear() { 214 coins.clear(); 215 } 216 217 void CoinsResult::Erase(const std::unordered_set<COutPoint, SaltedOutpointHasher>& coins_to_remove) 218 { 219 for (auto& [type, vec] : coins) { 220 auto remove_it = std::remove_if(vec.begin(), vec.end(), [&](const COutput& coin) { 221 // remove it if it's on the set 222 if (coins_to_remove.count(coin.outpoint) == 0) return false; 223 224 // update cached amounts 225 total_amount -= coin.txout.nValue; 226 if (coin.HasEffectiveValue()) total_effective_amount = *total_effective_amount - coin.GetEffectiveValue(); 227 return true; 228 }); 229 vec.erase(remove_it, vec.end()); 230 } 231 } 232 233 void CoinsResult::Shuffle(FastRandomContext& rng_fast) 234 { 235 for (auto& it : coins) { 236 std::shuffle(it.second.begin(), it.second.end(), rng_fast); 237 } 238 } 239 240 void CoinsResult::Add(OutputType type, const COutput& out) 241 { 242 coins[type].emplace_back(out); 243 total_amount += out.txout.nValue; 244 if (out.HasEffectiveValue()) { 245 total_effective_amount = total_effective_amount.has_value() ? 246 *total_effective_amount + out.GetEffectiveValue() : out.GetEffectiveValue(); 247 } 248 } 249 250 static OutputType GetOutputType(TxoutType type, bool is_from_p2sh) 251 { 252 switch (type) { 253 case TxoutType::WITNESS_V1_TAPROOT: 254 return OutputType::BECH32M; 255 case TxoutType::WITNESS_V0_KEYHASH: 256 case TxoutType::WITNESS_V0_SCRIPTHASH: 257 if (is_from_p2sh) return OutputType::P2SH_SEGWIT; 258 else return OutputType::BECH32; 259 case TxoutType::SCRIPTHASH: 260 case TxoutType::PUBKEYHASH: 261 return OutputType::LEGACY; 262 default: 263 return OutputType::UNKNOWN; 264 } 265 } 266 267 // Fetch and validate the coin control selected inputs. 268 // Coins could be internal (from the wallet) or external. 269 util::Result<PreSelectedInputs> FetchSelectedInputs(const CWallet& wallet, const CCoinControl& coin_control, 270 const CoinSelectionParams& coin_selection_params) 271 { 272 PreSelectedInputs result; 273 const bool can_grind_r = wallet.CanGrindR(); 274 std::map<COutPoint, CAmount> map_of_bump_fees = wallet.chain().calculateIndividualBumpFees(coin_control.ListSelected(), coin_selection_params.m_effective_feerate); 275 for (const COutPoint& outpoint : coin_control.ListSelected()) { 276 int64_t input_bytes = coin_control.GetInputWeight(outpoint).value_or(-1); 277 if (input_bytes != -1) { 278 input_bytes = GetVirtualTransactionSize(input_bytes, 0, 0); 279 } 280 CTxOut txout; 281 if (auto txo = wallet.GetTXO(outpoint)) { 282 txout = txo->GetTxOut(); 283 if (input_bytes == -1) { 284 input_bytes = CalculateMaximumSignedInputSize(txout, &wallet, &coin_control); 285 } 286 const CWalletTx& parent_tx = txo->GetWalletTx(); 287 if (wallet.GetTxDepthInMainChain(parent_tx) == 0) { 288 if (parent_tx.tx->version == TRUC_VERSION && coin_control.m_version != TRUC_VERSION) { 289 return util::Error{strprintf(_("Can't spend unconfirmed version 3 pre-selected input with a version %d tx"), coin_control.m_version)}; 290 } else if (coin_control.m_version == TRUC_VERSION && parent_tx.tx->version != TRUC_VERSION) { 291 return util::Error{strprintf(_("Can't spend unconfirmed version %d pre-selected input with a version 3 tx"), parent_tx.tx->version)}; 292 } 293 } 294 } else { 295 // The input is external. We did not find the tx in mapWallet. 296 const auto out{coin_control.GetExternalOutput(outpoint)}; 297 if (!out) { 298 return util::Error{strprintf(_("Not found pre-selected input %s"), outpoint.ToString())}; 299 } 300 301 txout = *out; 302 } 303 304 if (input_bytes == -1) { 305 input_bytes = CalculateMaximumSignedInputSize(txout, outpoint, &coin_control.m_external_provider, can_grind_r, &coin_control); 306 } 307 308 if (input_bytes == -1) { 309 return util::Error{strprintf(_("Not solvable pre-selected input %s"), outpoint.ToString())}; // Not solvable, can't estimate size for fee 310 } 311 312 /* Set some defaults for depth, solvable, safe, time, and from_me as these don't matter for preset inputs since no selection is being done. */ 313 COutput output(outpoint, txout, /*depth=*/0, input_bytes, /*solvable=*/true, /*safe=*/true, /*time=*/0, /*from_me=*/false, coin_selection_params.m_effective_feerate); 314 output.ApplyBumpFee(map_of_bump_fees.at(output.outpoint)); 315 result.Insert(output, coin_selection_params.m_subtract_fee_outputs); 316 } 317 return result; 318 } 319 320 CoinsResult AvailableCoins(const CWallet& wallet, 321 const CCoinControl* coinControl, 322 std::optional<CFeeRate> feerate, 323 const CoinFilterParams& params) 324 { 325 AssertLockHeld(wallet.cs_wallet); 326 327 CoinsResult result; 328 // track unconfirmed truc outputs separately if we are tracking trucness 329 std::vector<std::pair<OutputType, COutput>> unconfirmed_truc_coins; 330 std::unordered_map<Txid, CAmount, SaltedTxidHasher> truc_txid_by_value; 331 // Either the WALLET_FLAG_AVOID_REUSE flag is not set (in which case we always allow), or we default to avoiding, and only in the case where 332 // a coin control object is provided, and has the avoid address reuse flag set to false, do we allow already used addresses 333 bool allow_used_addresses = !wallet.IsWalletFlagSet(WALLET_FLAG_AVOID_REUSE) || (coinControl && !coinControl->m_avoid_address_reuse); 334 const int min_depth = {coinControl ? coinControl->m_min_depth : DEFAULT_MIN_DEPTH}; 335 const int max_depth = {coinControl ? coinControl->m_max_depth : DEFAULT_MAX_DEPTH}; 336 const bool only_safe = {coinControl ? !coinControl->m_include_unsafe_inputs : true}; 337 const bool can_grind_r = wallet.CanGrindR(); 338 std::vector<COutPoint> outpoints; 339 340 std::set<Txid> trusted_parents; 341 // Cache for whether each tx passes the tx level checks (first bool), and whether the transaction is "safe" (second bool) 342 std::unordered_map<Txid, std::pair<bool, bool>, SaltedTxidHasher> tx_safe_cache; 343 for (const auto& [outpoint, txo] : wallet.GetTXOs()) { 344 const CWalletTx& wtx = txo.GetWalletTx(); 345 const CTxOut& output = txo.GetTxOut(); 346 347 if (tx_safe_cache.contains(outpoint.hash) && !tx_safe_cache.at(outpoint.hash).first) { 348 continue; 349 } 350 351 int nDepth = wallet.GetTxDepthInMainChain(wtx); 352 353 // Perform tx level checks if we haven't already come across outputs from this tx before. 354 if (!tx_safe_cache.contains(outpoint.hash)) { 355 tx_safe_cache[outpoint.hash] = {false, false}; 356 357 if (wallet.IsTxImmatureCoinBase(wtx) && !params.include_immature_coinbase) 358 continue; 359 360 if (nDepth < 0) 361 continue; 362 363 // We should not consider coins which aren't at least in our mempool 364 // It's possible for these to be conflicted via ancestors which we may never be able to detect 365 if (nDepth == 0 && !wtx.InMempool()) 366 continue; 367 368 bool safeTx = CachedTxIsTrusted(wallet, wtx, trusted_parents); 369 370 // We should not consider coins from transactions that are replacing 371 // other transactions. 372 // 373 // Example: There is a transaction A which is replaced by bumpfee 374 // transaction B. In this case, we want to prevent creation of 375 // a transaction B' which spends an output of B. 376 // 377 // Reason: If transaction A were initially confirmed, transactions B 378 // and B' would no longer be valid, so the user would have to create 379 // a new transaction C to replace B'. However, in the case of a 380 // one-block reorg, transactions B' and C might BOTH be accepted, 381 // when the user only wanted one of them. Specifically, there could 382 // be a 1-block reorg away from the chain where transactions A and C 383 // were accepted to another chain where B, B', and C were all 384 // accepted. 385 if (nDepth == 0 && wtx.mapValue.count("replaces_txid")) { 386 safeTx = false; 387 } 388 389 // Similarly, we should not consider coins from transactions that 390 // have been replaced. In the example above, we would want to prevent 391 // creation of a transaction A' spending an output of A, because if 392 // transaction B were initially confirmed, conflicting with A and 393 // A', we wouldn't want to the user to create a transaction D 394 // intending to replace A', but potentially resulting in a scenario 395 // where A, A', and D could all be accepted (instead of just B and 396 // D, or just A and A' like the user would want). 397 if (nDepth == 0 && wtx.mapValue.count("replaced_by_txid")) { 398 safeTx = false; 399 } 400 401 if (nDepth == 0 && params.check_version_trucness) { 402 if (coinControl->m_version == TRUC_VERSION) { 403 if (wtx.tx->version != TRUC_VERSION) continue; 404 // this unconfirmed v3 transaction already has a child 405 if (wtx.truc_child_in_mempool.has_value()) continue; 406 } else { 407 if (wtx.tx->version == TRUC_VERSION) continue; 408 Assume(!wtx.truc_child_in_mempool.has_value()); 409 } 410 } 411 412 if (only_safe && !safeTx) { 413 continue; 414 } 415 416 if (nDepth < min_depth || nDepth > max_depth) { 417 continue; 418 } 419 420 tx_safe_cache[outpoint.hash] = {true, safeTx}; 421 } 422 const auto& [tx_ok, tx_safe] = tx_safe_cache.at(outpoint.hash); 423 if (!Assume(tx_ok)) { 424 continue; 425 } 426 427 if (output.nValue < params.min_amount || output.nValue > params.max_amount) 428 continue; 429 430 // Skip manually selected coins (the caller can fetch them directly) 431 if (coinControl && coinControl->HasSelected() && coinControl->IsSelected(outpoint)) 432 continue; 433 434 if (wallet.IsLockedCoin(outpoint) && params.skip_locked) 435 continue; 436 437 if (wallet.IsSpent(outpoint)) 438 continue; 439 440 if (!allow_used_addresses && wallet.IsSpentKey(output.scriptPubKey)) { 441 continue; 442 } 443 444 bool tx_from_me = CachedTxIsFromMe(wallet, wtx); 445 446 std::unique_ptr<SigningProvider> provider = wallet.GetSolvingProvider(output.scriptPubKey); 447 448 int input_bytes = CalculateMaximumSignedInputSize(output, COutPoint(), provider.get(), can_grind_r, coinControl); 449 // Because CalculateMaximumSignedInputSize infers a solvable descriptor to get the satisfaction size, 450 // it is safe to assume that this input is solvable if input_bytes is greater than -1. 451 bool solvable = input_bytes > -1; 452 453 // Obtain script type 454 std::vector<std::vector<uint8_t>> script_solutions; 455 TxoutType type = Solver(output.scriptPubKey, script_solutions); 456 457 // If the output is P2SH and solvable, we want to know if it is 458 // a P2SH (legacy) or one of P2SH-P2WPKH, P2SH-P2WSH (P2SH-Segwit). We can determine 459 // this from the redeemScript. If the output is not solvable, it will be classified 460 // as a P2SH (legacy), since we have no way of knowing otherwise without the redeemScript 461 bool is_from_p2sh{false}; 462 if (type == TxoutType::SCRIPTHASH && solvable) { 463 CScript script; 464 if (!provider->GetCScript(CScriptID(uint160(script_solutions[0])), script)) continue; 465 type = Solver(script, script_solutions); 466 is_from_p2sh = true; 467 } 468 469 auto available_output_type = GetOutputType(type, is_from_p2sh); 470 auto available_output = COutput(outpoint, output, nDepth, input_bytes, solvable, tx_safe, wtx.GetTxTime(), tx_from_me, feerate); 471 if (wtx.tx->version == TRUC_VERSION && nDepth == 0 && params.check_version_trucness) { 472 unconfirmed_truc_coins.emplace_back(available_output_type, available_output); 473 auto [it, _] = truc_txid_by_value.try_emplace(wtx.tx->GetHash(), 0); 474 it->second += output.nValue; 475 } else { 476 result.Add(available_output_type, available_output); 477 } 478 479 outpoints.push_back(outpoint); 480 481 // Checks the sum amount of all UTXO's. 482 if (params.min_sum_amount != MAX_MONEY) { 483 if (result.GetTotalAmount() >= params.min_sum_amount) { 484 return result; 485 } 486 } 487 488 // Checks the maximum number of UTXO's. 489 if (params.max_count > 0 && result.Size() >= params.max_count) { 490 return result; 491 } 492 } 493 494 // Return all the coins from one TRUC transaction, that have the highest value. 495 // This could be improved in the future by encoding these restrictions in 496 // the coin selection itself so that we don't have to filter out 497 // other unconfirmed TRUC coins beforehand. 498 if (params.check_version_trucness && unconfirmed_truc_coins.size() > 0) { 499 auto highest_value_truc_tx = std::max_element(truc_txid_by_value.begin(), truc_txid_by_value.end(), [](const auto& tx1, const auto& tx2){ 500 return tx1.second < tx2.second; 501 }); 502 503 const Txid& truc_txid = highest_value_truc_tx->first; 504 for (const auto& [type, output] : unconfirmed_truc_coins) { 505 if (output.outpoint.hash == truc_txid) { 506 result.Add(type, output); 507 } 508 } 509 } 510 511 if (feerate.has_value()) { 512 std::map<COutPoint, CAmount> map_of_bump_fees = wallet.chain().calculateIndividualBumpFees(outpoints, feerate.value()); 513 514 for (auto& [_, outputs] : result.coins) { 515 for (auto& output : outputs) { 516 output.ApplyBumpFee(map_of_bump_fees.at(output.outpoint)); 517 } 518 } 519 } 520 521 return result; 522 } 523 524 const CTxOut& FindNonChangeParentOutput(const CWallet& wallet, const COutPoint& outpoint) 525 { 526 AssertLockHeld(wallet.cs_wallet); 527 const CWalletTx* wtx{Assert(wallet.GetWalletTx(outpoint.hash))}; 528 529 const CTransaction* ptx = wtx->tx.get(); 530 int n = outpoint.n; 531 while (OutputIsChange(wallet, ptx->vout[n]) && ptx->vin.size() > 0) { 532 const COutPoint& prevout = ptx->vin[0].prevout; 533 const CWalletTx* it = wallet.GetWalletTx(prevout.hash); 534 if (!it || it->tx->vout.size() <= prevout.n || 535 !wallet.IsMine(it->tx->vout[prevout.n])) { 536 break; 537 } 538 ptx = it->tx.get(); 539 n = prevout.n; 540 } 541 return ptx->vout[n]; 542 } 543 544 std::map<CTxDestination, std::vector<COutput>> ListCoins(const CWallet& wallet) 545 { 546 AssertLockHeld(wallet.cs_wallet); 547 548 std::map<CTxDestination, std::vector<COutput>> result; 549 550 CCoinControl coin_control; 551 CoinFilterParams coins_params; 552 coins_params.skip_locked = false; 553 for (const COutput& coin : AvailableCoins(wallet, &coin_control, /*feerate=*/std::nullopt, coins_params).All()) { 554 CTxDestination address; 555 if (!ExtractDestination(FindNonChangeParentOutput(wallet, coin.outpoint).scriptPubKey, address)) { 556 // For backwards compatibility, we convert P2PK output scripts into PKHash destinations 557 if (auto pk_dest = std::get_if<PubKeyDestination>(&address)) { 558 address = PKHash(pk_dest->GetPubKey()); 559 } else { 560 continue; 561 } 562 } 563 result[address].emplace_back(coin); 564 } 565 return result; 566 } 567 568 FilteredOutputGroups GroupOutputs(const CWallet& wallet, 569 const CoinsResult& coins, 570 const CoinSelectionParams& coin_sel_params, 571 const std::vector<SelectionFilter>& filters, 572 std::vector<OutputGroup>& ret_discarded_groups) 573 { 574 FilteredOutputGroups filtered_groups; 575 576 if (!coin_sel_params.m_avoid_partial_spends) { 577 // Allowing partial spends means no grouping. Each COutput gets its own OutputGroup 578 for (const auto& [type, outputs] : coins.coins) { 579 for (const COutput& output : outputs) { 580 // Get mempool info 581 size_t ancestors, descendants; 582 wallet.chain().getTransactionAncestry(output.outpoint.hash, ancestors, descendants); 583 584 // Create a new group per output and add it to the all groups vector 585 OutputGroup group(coin_sel_params); 586 group.Insert(std::make_shared<COutput>(output), ancestors, descendants); 587 588 // Each filter maps to a different set of groups 589 bool accepted = false; 590 for (const auto& sel_filter : filters) { 591 const auto& filter = sel_filter.filter; 592 if (!group.EligibleForSpending(filter)) continue; 593 filtered_groups[filter].Push(group, type, /*insert_positive=*/true, /*insert_mixed=*/true); 594 accepted = true; 595 } 596 if (!accepted) ret_discarded_groups.emplace_back(group); 597 } 598 } 599 return filtered_groups; 600 } 601 602 // We want to combine COutputs that have the same scriptPubKey into single OutputGroups 603 // except when there are more than OUTPUT_GROUP_MAX_ENTRIES COutputs grouped in an OutputGroup. 604 // To do this, we maintain a map where the key is the scriptPubKey and the value is a vector of OutputGroups. 605 // For each COutput, we check if the scriptPubKey is in the map, and if it is, the COutput is added 606 // to the last OutputGroup in the vector for the scriptPubKey. When the last OutputGroup has 607 // OUTPUT_GROUP_MAX_ENTRIES COutputs, a new OutputGroup is added to the end of the vector. 608 typedef std::map<std::pair<CScript, OutputType>, std::vector<OutputGroup>> ScriptPubKeyToOutgroup; 609 const auto& insert_output = [&]( 610 const std::shared_ptr<COutput>& output, OutputType type, size_t ancestors, size_t descendants, 611 ScriptPubKeyToOutgroup& groups_map) { 612 std::vector<OutputGroup>& groups = groups_map[std::make_pair(output->txout.scriptPubKey,type)]; 613 614 if (groups.size() == 0) { 615 // No OutputGroups for this scriptPubKey yet, add one 616 groups.emplace_back(coin_sel_params); 617 } 618 619 // Get the last OutputGroup in the vector so that we can add the COutput to it 620 // A pointer is used here so that group can be reassigned later if it is full. 621 OutputGroup* group = &groups.back(); 622 623 // Check if this OutputGroup is full. We limit to OUTPUT_GROUP_MAX_ENTRIES when using -avoidpartialspends 624 // to avoid surprising users with very high fees. 625 if (group->m_outputs.size() >= OUTPUT_GROUP_MAX_ENTRIES) { 626 // The last output group is full, add a new group to the vector and use that group for the insertion 627 groups.emplace_back(coin_sel_params); 628 group = &groups.back(); 629 } 630 631 group->Insert(output, ancestors, descendants); 632 }; 633 634 ScriptPubKeyToOutgroup spk_to_groups_map; 635 ScriptPubKeyToOutgroup spk_to_positive_groups_map; 636 for (const auto& [type, outs] : coins.coins) { 637 for (const COutput& output : outs) { 638 size_t ancestors, descendants; 639 wallet.chain().getTransactionAncestry(output.outpoint.hash, ancestors, descendants); 640 641 const auto& shared_output = std::make_shared<COutput>(output); 642 // Filter for positive only before adding the output 643 if (output.GetEffectiveValue() > 0) { 644 insert_output(shared_output, type, ancestors, descendants, spk_to_positive_groups_map); 645 } 646 647 // 'All' groups 648 insert_output(shared_output, type, ancestors, descendants, spk_to_groups_map); 649 } 650 } 651 652 // Now we go through the entire maps and pull out the OutputGroups 653 const auto& push_output_groups = [&](const ScriptPubKeyToOutgroup& groups_map, bool positive_only) { 654 for (const auto& [script, groups] : groups_map) { 655 // Go through the vector backwards. This allows for the first item we deal with being the partial group. 656 for (auto group_it = groups.rbegin(); group_it != groups.rend(); group_it++) { 657 const OutputGroup& group = *group_it; 658 659 // Each filter maps to a different set of groups 660 bool accepted = false; 661 for (const auto& sel_filter : filters) { 662 const auto& filter = sel_filter.filter; 663 if (!group.EligibleForSpending(filter)) continue; 664 665 // Don't include partial groups if there are full groups too and we don't want partial groups 666 if (group_it == groups.rbegin() && groups.size() > 1 && !filter.m_include_partial_groups) { 667 continue; 668 } 669 670 OutputType type = script.second; 671 // Either insert the group into the positive-only groups or the mixed ones. 672 filtered_groups[filter].Push(group, type, positive_only, /*insert_mixed=*/!positive_only); 673 accepted = true; 674 } 675 if (!accepted) ret_discarded_groups.emplace_back(group); 676 } 677 } 678 }; 679 680 push_output_groups(spk_to_groups_map, /*positive_only=*/ false); 681 push_output_groups(spk_to_positive_groups_map, /*positive_only=*/ true); 682 683 return filtered_groups; 684 } 685 686 FilteredOutputGroups GroupOutputs(const CWallet& wallet, 687 const CoinsResult& coins, 688 const CoinSelectionParams& params, 689 const std::vector<SelectionFilter>& filters) 690 { 691 std::vector<OutputGroup> unused; 692 return GroupOutputs(wallet, coins, params, filters, unused); 693 } 694 695 // Returns true if the result contains an error and the message is not empty 696 static bool HasErrorMsg(const util::Result<SelectionResult>& res) { return !util::ErrorString(res).empty(); } 697 698 util::Result<SelectionResult> AttemptSelection(interfaces::Chain& chain, const CAmount& nTargetValue, OutputGroupTypeMap& groups, 699 const CoinSelectionParams& coin_selection_params, bool allow_mixed_output_types) 700 { 701 // Run coin selection on each OutputType and compute the Waste Metric 702 std::vector<SelectionResult> results; 703 for (auto& [type, group] : groups.groups_by_type) { 704 auto result{ChooseSelectionResult(chain, nTargetValue, group, coin_selection_params)}; 705 // If any specific error message appears here, then something particularly wrong happened. 706 if (HasErrorMsg(result)) return result; // So let's return the specific error. 707 // Append the favorable result. 708 if (result) results.push_back(*result); 709 } 710 // If we have at least one solution for funding the transaction without mixing, choose the minimum one according to waste metric 711 // and return the result 712 if (results.size() > 0) return *std::min_element(results.begin(), results.end()); 713 714 // If we can't fund the transaction from any individual OutputType, run coin selection one last time 715 // over all available coins, which would allow mixing. 716 // If TypesCount() <= 1, there is nothing to mix. 717 if (allow_mixed_output_types && groups.TypesCount() > 1) { 718 return ChooseSelectionResult(chain, nTargetValue, groups.all_groups, coin_selection_params); 719 } 720 // Either mixing is not allowed and we couldn't find a solution from any single OutputType, or mixing was allowed and we still couldn't 721 // find a solution using all available coins 722 return util::Error(); 723 }; 724 725 util::Result<SelectionResult> ChooseSelectionResult(interfaces::Chain& chain, const CAmount& nTargetValue, Groups& groups, const CoinSelectionParams& coin_selection_params) 726 { 727 // Vector of results. We will choose the best one based on waste. 728 std::vector<SelectionResult> results; 729 std::vector<util::Result<SelectionResult>> errors; 730 auto append_error = [&] (util::Result<SelectionResult>&& result) { 731 // If any specific error message appears here, then something different from a simple "no selection found" happened. 732 // Let's save it, so it can be retrieved to the user if no other selection algorithm succeeded. 733 if (HasErrorMsg(result)) { 734 errors.emplace_back(std::move(result)); 735 } 736 }; 737 738 // Maximum allowed weight for selected coins. 739 int max_transaction_weight = coin_selection_params.m_max_tx_weight.value_or(MAX_STANDARD_TX_WEIGHT); 740 int tx_weight_no_input = coin_selection_params.tx_noinputs_size * WITNESS_SCALE_FACTOR; 741 int max_selection_weight = max_transaction_weight - tx_weight_no_input; 742 if (max_selection_weight <= 0) { 743 return util::Error{_("Maximum transaction weight is less than transaction weight without inputs")}; 744 } 745 746 // SFFO frequently causes issues in the context of changeless input sets: skip BnB when SFFO is active 747 if (!coin_selection_params.m_subtract_fee_outputs) { 748 if (auto bnb_result{SelectCoinsBnB(groups.positive_group, nTargetValue, coin_selection_params.m_cost_of_change, max_selection_weight)}) { 749 results.push_back(*bnb_result); 750 } else append_error(std::move(bnb_result)); 751 } 752 753 // Deduct change weight because remaining Coin Selection algorithms can create change output 754 int change_outputs_weight = coin_selection_params.change_output_size * WITNESS_SCALE_FACTOR; 755 max_selection_weight -= change_outputs_weight; 756 if (max_selection_weight < 0 && results.empty()) { 757 return util::Error{_("Maximum transaction weight is too low, can not accommodate change output")}; 758 } 759 760 // The knapsack solver has some legacy behavior where it will spend dust outputs. We retain this behavior, so don't filter for positive only here. 761 if (auto knapsack_result{KnapsackSolver(groups.mixed_group, nTargetValue, coin_selection_params.m_min_change_target, coin_selection_params.rng_fast, max_selection_weight)}) { 762 results.push_back(*knapsack_result); 763 } else append_error(std::move(knapsack_result)); 764 765 if (coin_selection_params.m_effective_feerate > CFeeRate{3 * coin_selection_params.m_long_term_feerate}) { // Minimize input set for feerates of at least 3×LTFRE (default: 30 ṩ/vB+) 766 if (auto cg_result{CoinGrinder(groups.positive_group, nTargetValue, coin_selection_params.m_min_change_target, max_selection_weight)}) { 767 cg_result->RecalculateWaste(coin_selection_params.min_viable_change, coin_selection_params.m_cost_of_change, coin_selection_params.m_change_fee); 768 results.push_back(*cg_result); 769 } else { 770 append_error(std::move(cg_result)); 771 } 772 } 773 774 if (auto srd_result{SelectCoinsSRD(groups.positive_group, nTargetValue, coin_selection_params.m_change_fee, coin_selection_params.rng_fast, max_selection_weight)}) { 775 results.push_back(*srd_result); 776 } else append_error(std::move(srd_result)); 777 778 if (results.empty()) { 779 // No solution found, retrieve the first explicit error (if any). 780 // future: add 'severity level' to errors so the worst one can be retrieved instead of the first one. 781 return errors.empty() ? util::Error() : std::move(errors.front()); 782 } 783 784 // If the chosen input set has unconfirmed inputs, check for synergies from overlapping ancestry 785 for (auto& result : results) { 786 std::vector<COutPoint> outpoints; 787 std::set<std::shared_ptr<COutput>> coins = result.GetInputSet(); 788 CAmount summed_bump_fees = 0; 789 for (auto& coin : coins) { 790 if (coin->depth > 0) continue; // Bump fees only exist for unconfirmed inputs 791 outpoints.push_back(coin->outpoint); 792 summed_bump_fees += coin->ancestor_bump_fees; 793 } 794 std::optional<CAmount> combined_bump_fee = chain.calculateCombinedBumpFee(outpoints, coin_selection_params.m_effective_feerate); 795 if (!combined_bump_fee.has_value()) { 796 return util::Error{_("Failed to calculate bump fees, because unconfirmed UTXOs depend on an enormous cluster of unconfirmed transactions.")}; 797 } 798 CAmount bump_fee_overestimate = summed_bump_fees - combined_bump_fee.value(); 799 if (bump_fee_overestimate) { 800 result.SetBumpFeeDiscount(bump_fee_overestimate); 801 } 802 result.RecalculateWaste(coin_selection_params.min_viable_change, coin_selection_params.m_cost_of_change, coin_selection_params.m_change_fee); 803 } 804 805 // Choose the result with the least waste 806 // If the waste is the same, choose the one which spends more inputs. 807 return *std::min_element(results.begin(), results.end()); 808 } 809 810 util::Result<SelectionResult> SelectCoins(const CWallet& wallet, CoinsResult& available_coins, const PreSelectedInputs& pre_set_inputs, 811 const CAmount& nTargetValue, const CCoinControl& coin_control, 812 const CoinSelectionParams& coin_selection_params) 813 { 814 // Deduct preset inputs amount from the search target 815 CAmount selection_target = nTargetValue - pre_set_inputs.total_amount; 816 817 // Return if automatic coin selection is disabled, and we don't cover the selection target 818 if (!coin_control.m_allow_other_inputs && selection_target > 0) { 819 return util::Error{_("The preselected coins total amount does not cover the transaction target. " 820 "Please allow other inputs to be automatically selected or include more coins manually")}; 821 } 822 823 // Return if we can cover the target only with the preset inputs 824 if (selection_target <= 0) { 825 SelectionResult result(nTargetValue, SelectionAlgorithm::MANUAL); 826 result.AddInputs(pre_set_inputs.coins, coin_selection_params.m_subtract_fee_outputs); 827 result.RecalculateWaste(coin_selection_params.min_viable_change, coin_selection_params.m_cost_of_change, coin_selection_params.m_change_fee); 828 return result; 829 } 830 831 // Return early if we cannot cover the target with the wallet's UTXO. 832 // We use the total effective value if we are not subtracting fee from outputs and 'available_coins' contains the data. 833 CAmount available_coins_total_amount = coin_selection_params.m_subtract_fee_outputs ? available_coins.GetTotalAmount() : 834 (available_coins.GetEffectiveTotalAmount().has_value() ? *available_coins.GetEffectiveTotalAmount() : 0); 835 if (selection_target > available_coins_total_amount) { 836 return util::Error(); // Insufficient funds 837 } 838 839 // Start wallet Coin Selection procedure 840 auto op_selection_result = AutomaticCoinSelection(wallet, available_coins, selection_target, coin_selection_params); 841 if (!op_selection_result) return op_selection_result; 842 843 // If needed, add preset inputs to the automatic coin selection result 844 if (!pre_set_inputs.coins.empty()) { 845 SelectionResult preselected(pre_set_inputs.total_amount, SelectionAlgorithm::MANUAL); 846 preselected.AddInputs(pre_set_inputs.coins, coin_selection_params.m_subtract_fee_outputs); 847 op_selection_result->Merge(preselected); 848 op_selection_result->RecalculateWaste(coin_selection_params.min_viable_change, 849 coin_selection_params.m_cost_of_change, 850 coin_selection_params.m_change_fee); 851 852 // Verify we haven't exceeded the maximum allowed weight 853 int max_inputs_weight = coin_selection_params.m_max_tx_weight.value_or(MAX_STANDARD_TX_WEIGHT) - (coin_selection_params.tx_noinputs_size * WITNESS_SCALE_FACTOR); 854 if (op_selection_result->GetWeight() > max_inputs_weight) { 855 return util::Error{_("The combination of the pre-selected inputs and the wallet automatic inputs selection exceeds the transaction maximum weight. " 856 "Please try sending a smaller amount or manually consolidating your wallet's UTXOs")}; 857 } 858 } 859 return op_selection_result; 860 } 861 862 util::Result<SelectionResult> AutomaticCoinSelection(const CWallet& wallet, CoinsResult& available_coins, const CAmount& value_to_select, const CoinSelectionParams& coin_selection_params) 863 { 864 unsigned int limit_ancestor_count = 0; 865 unsigned int limit_descendant_count = 0; 866 wallet.chain().getPackageLimits(limit_ancestor_count, limit_descendant_count); 867 const size_t max_ancestors = (size_t)std::max<int64_t>(1, limit_ancestor_count); 868 const size_t max_descendants = (size_t)std::max<int64_t>(1, limit_descendant_count); 869 const bool fRejectLongChains = gArgs.GetBoolArg("-walletrejectlongchains", DEFAULT_WALLET_REJECT_LONG_CHAINS); 870 871 // Cases where we have 101+ outputs all pointing to the same destination may result in 872 // privacy leaks as they will potentially be deterministically sorted. We solve that by 873 // explicitly shuffling the outputs before processing 874 if (coin_selection_params.m_avoid_partial_spends && available_coins.Size() > OUTPUT_GROUP_MAX_ENTRIES) { 875 available_coins.Shuffle(coin_selection_params.rng_fast); 876 } 877 878 // Coin Selection attempts to select inputs from a pool of eligible UTXOs to fund the 879 // transaction at a target feerate. If an attempt fails, more attempts may be made using a more 880 // permissive CoinEligibilityFilter. 881 { 882 // Place coins eligibility filters on a scope increasing order. 883 std::vector<SelectionFilter> ordered_filters{ 884 // If possible, fund the transaction with confirmed UTXOs only. Prefer at least six 885 // confirmations on outputs received from other wallets and only spend confirmed change. 886 {CoinEligibilityFilter(1, 6, 0), /*allow_mixed_output_types=*/false}, 887 {CoinEligibilityFilter(1, 1, 0)}, 888 }; 889 // Fall back to using zero confirmation change (but with as few ancestors in the mempool as 890 // possible) if we cannot fund the transaction otherwise. 891 if (wallet.m_spend_zero_conf_change) { 892 ordered_filters.push_back({CoinEligibilityFilter(0, 1, 2)}); 893 ordered_filters.push_back({CoinEligibilityFilter(0, 1, std::min(size_t{4}, max_ancestors/3), std::min(size_t{4}, max_descendants/3))}); 894 ordered_filters.push_back({CoinEligibilityFilter(0, 1, max_ancestors/2, max_descendants/2)}); 895 // If partial groups are allowed, relax the requirement of spending OutputGroups (groups 896 // of UTXOs sent to the same address, which are obviously controlled by a single wallet) 897 // in their entirety. 898 ordered_filters.push_back({CoinEligibilityFilter(0, 1, max_ancestors-1, max_descendants-1, /*include_partial=*/true)}); 899 // Try with unsafe inputs if they are allowed. This may spend unconfirmed outputs 900 // received from other wallets. 901 if (coin_selection_params.m_include_unsafe_inputs) { 902 ordered_filters.push_back({CoinEligibilityFilter(/*conf_mine=*/0, /*conf_theirs*/0, max_ancestors-1, max_descendants-1, /*include_partial=*/true)}); 903 } 904 // Try with unlimited ancestors/descendants. The transaction will still need to meet 905 // mempool ancestor/descendant policy to be accepted to mempool and broadcasted, but 906 // OutputGroups use heuristics that may overestimate ancestor/descendant counts. 907 if (!fRejectLongChains) { 908 ordered_filters.push_back({CoinEligibilityFilter(0, 1, std::numeric_limits<uint64_t>::max(), 909 std::numeric_limits<uint64_t>::max(), 910 /*include_partial=*/true)}); 911 } 912 } 913 914 // Group outputs and map them by coin eligibility filter 915 std::vector<OutputGroup> discarded_groups; 916 FilteredOutputGroups filtered_groups = GroupOutputs(wallet, available_coins, coin_selection_params, ordered_filters, discarded_groups); 917 918 // Check if we still have enough balance after applying filters (some coins might be discarded) 919 CAmount total_discarded = 0; 920 CAmount total_unconf_long_chain = 0; 921 for (const auto& group : discarded_groups) { 922 total_discarded += group.GetSelectionAmount(); 923 if (group.m_ancestors >= max_ancestors || group.m_descendants >= max_descendants) total_unconf_long_chain += group.GetSelectionAmount(); 924 } 925 926 if (CAmount total_amount = available_coins.GetTotalAmount() - total_discarded < value_to_select) { 927 // Special case, too-long-mempool cluster. 928 if (total_amount + total_unconf_long_chain > value_to_select) { 929 return util::Error{_("Unconfirmed UTXOs are available, but spending them creates a chain of transactions that will be rejected by the mempool")}; 930 } 931 return util::Error{}; // General "Insufficient Funds" 932 } 933 934 // Walk-through the filters until the solution gets found. 935 // If no solution is found, return the first detailed error (if any). 936 // future: add "error level" so the worst one can be picked instead. 937 std::vector<util::Result<SelectionResult>> res_detailed_errors; 938 CoinSelectionParams updated_selection_params = coin_selection_params; 939 for (const auto& select_filter : ordered_filters) { 940 auto it = filtered_groups.find(select_filter.filter); 941 if (it == filtered_groups.end()) continue; 942 if (updated_selection_params.m_version == TRUC_VERSION && (select_filter.filter.conf_mine == 0 || select_filter.filter.conf_theirs == 0)) { 943 if (updated_selection_params.m_max_tx_weight > (TRUC_CHILD_MAX_WEIGHT)) { 944 updated_selection_params.m_max_tx_weight = TRUC_CHILD_MAX_WEIGHT; 945 } 946 } 947 if (auto res{AttemptSelection(wallet.chain(), value_to_select, it->second, 948 updated_selection_params, select_filter.allow_mixed_output_types)}) { 949 return res; // result found 950 } else { 951 // If any specific error message appears here, then something particularly wrong might have happened. 952 // Save the error and continue the selection process. So if no solutions gets found, we can return 953 // the detailed error to the upper layers. 954 if (HasErrorMsg(res)) res_detailed_errors.emplace_back(std::move(res)); 955 } 956 } 957 958 // Return right away if we have a detailed error 959 if (!res_detailed_errors.empty()) return std::move(res_detailed_errors.front()); 960 961 962 // General "Insufficient Funds" 963 return util::Error{}; 964 } 965 } 966 967 static bool IsCurrentForAntiFeeSniping(interfaces::Chain& chain, const uint256& block_hash) 968 { 969 if (chain.isInitialBlockDownload()) { 970 return false; 971 } 972 constexpr int64_t MAX_ANTI_FEE_SNIPING_TIP_AGE = 8 * 60 * 60; // in seconds 973 int64_t block_time; 974 CHECK_NONFATAL(chain.findBlock(block_hash, FoundBlock().time(block_time))); 975 if (block_time < (GetTime() - MAX_ANTI_FEE_SNIPING_TIP_AGE)) { 976 return false; 977 } 978 return true; 979 } 980 981 void DiscourageFeeSniping(CMutableTransaction& tx, FastRandomContext& rng_fast, 982 interfaces::Chain& chain, const uint256& block_hash, int block_height) 983 { 984 // All inputs must be added by now 985 assert(!tx.vin.empty()); 986 // Discourage fee sniping. 987 // 988 // For a large miner the value of the transactions in the best block and 989 // the mempool can exceed the cost of deliberately attempting to mine two 990 // blocks to orphan the current best block. By setting nLockTime such that 991 // only the next block can include the transaction, we discourage this 992 // practice as the height restricted and limited blocksize gives miners 993 // considering fee sniping fewer options for pulling off this attack. 994 // 995 // A simple way to think about this is from the wallet's point of view we 996 // always want the blockchain to move forward. By setting nLockTime this 997 // way we're basically making the statement that we only want this 998 // transaction to appear in the next block; we don't want to potentially 999 // encourage reorgs by allowing transactions to appear at lower heights 1000 // than the next block in forks of the best chain. 1001 // 1002 // Of course, the subsidy is high enough, and transaction volume low 1003 // enough, that fee sniping isn't a problem yet, but by implementing a fix 1004 // now we ensure code won't be written that makes assumptions about 1005 // nLockTime that preclude a fix later. 1006 if (IsCurrentForAntiFeeSniping(chain, block_hash)) { 1007 tx.nLockTime = block_height; 1008 1009 // Secondly occasionally randomly pick a nLockTime even further back, so 1010 // that transactions that are delayed after signing for whatever reason, 1011 // e.g. high-latency mix networks and some CoinJoin implementations, have 1012 // better privacy. 1013 if (rng_fast.randrange(10) == 0) { 1014 tx.nLockTime = std::max(0, int(tx.nLockTime) - int(rng_fast.randrange(100))); 1015 } 1016 } else { 1017 // If our chain is lagging behind, we can't discourage fee sniping nor help 1018 // the privacy of high-latency transactions. To avoid leaking a potentially 1019 // unique "nLockTime fingerprint", set nLockTime to a constant. 1020 tx.nLockTime = 0; 1021 } 1022 // Sanity check all values 1023 assert(tx.nLockTime < LOCKTIME_THRESHOLD); // Type must be block height 1024 assert(tx.nLockTime <= uint64_t(block_height)); 1025 for (const auto& in : tx.vin) { 1026 // Can not be FINAL for locktime to work 1027 assert(in.nSequence != CTxIn::SEQUENCE_FINAL); 1028 // May be MAX NONFINAL to disable both BIP68 and BIP125 1029 if (in.nSequence == CTxIn::MAX_SEQUENCE_NONFINAL) continue; 1030 // May be MAX BIP125 to disable BIP68 and enable BIP125 1031 if (in.nSequence == MAX_BIP125_RBF_SEQUENCE) continue; 1032 // The wallet does not support any other sequence-use right now. 1033 assert(false); 1034 } 1035 } 1036 1037 uint64_t GetSerializeSizeForRecipient(const CRecipient& recipient) 1038 { 1039 return ::GetSerializeSize(CTxOut(recipient.nAmount, GetScriptForDestination(recipient.dest))); 1040 } 1041 1042 bool IsDust(const CRecipient& recipient, const CFeeRate& dustRelayFee) 1043 { 1044 return ::IsDust(CTxOut(recipient.nAmount, GetScriptForDestination(recipient.dest)), dustRelayFee); 1045 } 1046 1047 static util::Result<CreatedTransactionResult> CreateTransactionInternal( 1048 CWallet& wallet, 1049 const std::vector<CRecipient>& vecSend, 1050 std::optional<unsigned int> change_pos, 1051 const CCoinControl& coin_control, 1052 bool sign) EXCLUSIVE_LOCKS_REQUIRED(wallet.cs_wallet) 1053 { 1054 AssertLockHeld(wallet.cs_wallet); 1055 1056 FastRandomContext rng_fast; 1057 CMutableTransaction txNew; // The resulting transaction that we make 1058 1059 txNew.version = coin_control.m_version; 1060 1061 CoinSelectionParams coin_selection_params{rng_fast}; // Parameters for coin selection, init with dummy 1062 coin_selection_params.m_avoid_partial_spends = coin_control.m_avoid_partial_spends; 1063 coin_selection_params.m_include_unsafe_inputs = coin_control.m_include_unsafe_inputs; 1064 coin_selection_params.m_max_tx_weight = coin_control.m_max_tx_weight.value_or(MAX_STANDARD_TX_WEIGHT); 1065 coin_selection_params.m_version = coin_control.m_version; 1066 int minimum_tx_weight = MIN_STANDARD_TX_NONWITNESS_SIZE * WITNESS_SCALE_FACTOR; 1067 if (coin_selection_params.m_max_tx_weight.value() < minimum_tx_weight || coin_selection_params.m_max_tx_weight.value() > MAX_STANDARD_TX_WEIGHT) { 1068 return util::Error{strprintf(_("Maximum transaction weight must be between %d and %d"), minimum_tx_weight, MAX_STANDARD_TX_WEIGHT)}; 1069 } 1070 // Set the long term feerate estimate to the wallet's consolidate feerate 1071 coin_selection_params.m_long_term_feerate = wallet.m_consolidate_feerate; 1072 // Static vsize overhead + outputs vsize. 4 nVersion, 4 nLocktime, 1 input count, 1 witness overhead (dummy, flag, stack size) 1073 coin_selection_params.tx_noinputs_size = 10 + GetSizeOfCompactSize(vecSend.size()); // bytes for output count 1074 1075 CAmount recipients_sum = 0; 1076 const OutputType change_type = wallet.TransactionChangeType(coin_control.m_change_type ? *coin_control.m_change_type : wallet.m_default_change_type, vecSend); 1077 ReserveDestination reservedest(&wallet, change_type); 1078 unsigned int outputs_to_subtract_fee_from = 0; // The number of outputs which we are subtracting the fee from 1079 for (const auto& recipient : vecSend) { 1080 if (IsDust(recipient, wallet.chain().relayDustFee())) { 1081 return util::Error{_("Transaction amount too small")}; 1082 } 1083 1084 // Include the fee cost for outputs. 1085 coin_selection_params.tx_noinputs_size += GetSerializeSizeForRecipient(recipient); 1086 recipients_sum += recipient.nAmount; 1087 1088 if (recipient.fSubtractFeeFromAmount) { 1089 outputs_to_subtract_fee_from++; 1090 coin_selection_params.m_subtract_fee_outputs = true; 1091 } 1092 } 1093 1094 // Create change script that will be used if we need change 1095 CScript scriptChange; 1096 bilingual_str error; // possible error str 1097 1098 // coin control: send change to custom address 1099 if (!std::get_if<CNoDestination>(&coin_control.destChange)) { 1100 scriptChange = GetScriptForDestination(coin_control.destChange); 1101 } else { // no coin control: send change to newly generated address 1102 // Note: We use a new key here to keep it from being obvious which side is the change. 1103 // The drawback is that by not reusing a previous key, the change may be lost if a 1104 // backup is restored, if the backup doesn't have the new private key for the change. 1105 // If we reused the old key, it would be possible to add code to look for and 1106 // rediscover unknown transactions that were written with keys of ours to recover 1107 // post-backup change. 1108 1109 // Reserve a new key pair from key pool. If it fails, provide a dummy 1110 // destination in case we don't need change. 1111 CTxDestination dest; 1112 auto op_dest = reservedest.GetReservedDestination(true); 1113 if (!op_dest) { 1114 error = _("Transaction needs a change address, but we can't generate it.") + Untranslated(" ") + util::ErrorString(op_dest); 1115 } else { 1116 dest = *op_dest; 1117 scriptChange = GetScriptForDestination(dest); 1118 } 1119 // A valid destination implies a change script (and 1120 // vice-versa). An empty change script will abort later, if the 1121 // change keypool ran out, but change is required. 1122 CHECK_NONFATAL(IsValidDestination(dest) != scriptChange.empty()); 1123 } 1124 CTxOut change_prototype_txout(0, scriptChange); 1125 coin_selection_params.change_output_size = GetSerializeSize(change_prototype_txout); 1126 1127 // Get size of spending the change output 1128 int change_spend_size = CalculateMaximumSignedInputSize(change_prototype_txout, &wallet, /*coin_control=*/nullptr); 1129 // If the wallet doesn't know how to sign change output, assume p2sh-p2wpkh 1130 // as lower-bound to allow BnB to do its thing 1131 if (change_spend_size == -1) { 1132 coin_selection_params.change_spend_size = DUMMY_NESTED_P2WPKH_INPUT_SIZE; 1133 } else { 1134 coin_selection_params.change_spend_size = change_spend_size; 1135 } 1136 1137 // Set discard feerate 1138 coin_selection_params.m_discard_feerate = GetDiscardRate(wallet); 1139 1140 // Get the fee rate to use effective values in coin selection 1141 FeeCalculation feeCalc; 1142 coin_selection_params.m_effective_feerate = GetMinimumFeeRate(wallet, coin_control, &feeCalc); 1143 // Do not, ever, assume that it's fine to change the fee rate if the user has explicitly 1144 // provided one 1145 if (coin_control.m_feerate && coin_selection_params.m_effective_feerate > *coin_control.m_feerate) { 1146 return util::Error{strprintf(_("Fee rate (%s) is lower than the minimum fee rate setting (%s)"), coin_control.m_feerate->ToString(FeeEstimateMode::SAT_VB), coin_selection_params.m_effective_feerate.ToString(FeeEstimateMode::SAT_VB))}; 1147 } 1148 if (feeCalc.reason == FeeReason::FALLBACK && !wallet.m_allow_fallback_fee) { 1149 // eventually allow a fallback fee 1150 return util::Error{strprintf(_("Fee estimation failed. Fallbackfee is disabled. Wait a few blocks or enable %s."), "-fallbackfee")}; 1151 } 1152 1153 // Calculate the cost of change 1154 // Cost of change is the cost of creating the change output + cost of spending the change output in the future. 1155 // For creating the change output now, we use the effective feerate. 1156 // For spending the change output in the future, we use the discard feerate for now. 1157 // So cost of change = (change output size * effective feerate) + (size of spending change output * discard feerate) 1158 coin_selection_params.m_change_fee = coin_selection_params.m_effective_feerate.GetFee(coin_selection_params.change_output_size); 1159 coin_selection_params.m_cost_of_change = coin_selection_params.m_discard_feerate.GetFee(coin_selection_params.change_spend_size) + coin_selection_params.m_change_fee; 1160 1161 coin_selection_params.m_min_change_target = GenerateChangeTarget(std::floor(recipients_sum / vecSend.size()), coin_selection_params.m_change_fee, rng_fast); 1162 1163 // The smallest change amount should be: 1164 // 1. at least equal to dust threshold 1165 // 2. at least 1 sat greater than fees to spend it at m_discard_feerate 1166 const auto dust = GetDustThreshold(change_prototype_txout, coin_selection_params.m_discard_feerate); 1167 const auto change_spend_fee = coin_selection_params.m_discard_feerate.GetFee(coin_selection_params.change_spend_size); 1168 coin_selection_params.min_viable_change = std::max(change_spend_fee + 1, dust); 1169 1170 // Include the fees for things that aren't inputs, excluding the change output 1171 const CAmount not_input_fees = coin_selection_params.m_effective_feerate.GetFee(coin_selection_params.m_subtract_fee_outputs ? 0 : coin_selection_params.tx_noinputs_size); 1172 CAmount selection_target = recipients_sum + not_input_fees; 1173 1174 // This can only happen if feerate is 0, and requested destinations are value of 0 (e.g. OP_RETURN) 1175 // and no pre-selected inputs. This will result in 0-input transaction, which is consensus-invalid anyways 1176 if (selection_target == 0 && !coin_control.HasSelected()) { 1177 return util::Error{_("Transaction requires one destination of non-zero value, a non-zero feerate, or a pre-selected input")}; 1178 } 1179 1180 // Fetch manually selected coins 1181 PreSelectedInputs preset_inputs; 1182 if (coin_control.HasSelected()) { 1183 auto res_fetch_inputs = FetchSelectedInputs(wallet, coin_control, coin_selection_params); 1184 if (!res_fetch_inputs) return util::Error{util::ErrorString(res_fetch_inputs)}; 1185 preset_inputs = *res_fetch_inputs; 1186 } 1187 1188 // Fetch wallet available coins if "other inputs" are 1189 // allowed (coins automatically selected by the wallet) 1190 CoinsResult available_coins; 1191 if (coin_control.m_allow_other_inputs) { 1192 available_coins = AvailableCoins(wallet, &coin_control, coin_selection_params.m_effective_feerate); 1193 } 1194 1195 // Choose coins to use 1196 auto select_coins_res = SelectCoins(wallet, available_coins, preset_inputs, /*nTargetValue=*/selection_target, coin_control, coin_selection_params); 1197 if (!select_coins_res) { 1198 // 'SelectCoins' either returns a specific error message or, if empty, means a general "Insufficient funds". 1199 const bilingual_str& err = util::ErrorString(select_coins_res); 1200 return util::Error{err.empty() ?_("Insufficient funds") : err}; 1201 } 1202 const SelectionResult& result = *select_coins_res; 1203 TRACEPOINT(coin_selection, selected_coins, 1204 wallet.GetName().c_str(), 1205 GetAlgorithmName(result.GetAlgo()).c_str(), 1206 result.GetTarget(), 1207 result.GetWaste(), 1208 result.GetSelectedValue()); 1209 1210 // vouts to the payees 1211 txNew.vout.reserve(vecSend.size() + 1); // + 1 because of possible later insert 1212 for (const auto& recipient : vecSend) 1213 { 1214 txNew.vout.emplace_back(recipient.nAmount, GetScriptForDestination(recipient.dest)); 1215 } 1216 const CAmount change_amount = result.GetChange(coin_selection_params.min_viable_change, coin_selection_params.m_change_fee); 1217 if (change_amount > 0) { 1218 CTxOut newTxOut(change_amount, scriptChange); 1219 if (!change_pos) { 1220 // Insert change txn at random position: 1221 change_pos = rng_fast.randrange(txNew.vout.size() + 1); 1222 } else if ((unsigned int)*change_pos > txNew.vout.size()) { 1223 return util::Error{_("Transaction change output index out of range")}; 1224 } 1225 txNew.vout.insert(txNew.vout.begin() + *change_pos, newTxOut); 1226 } else { 1227 change_pos = std::nullopt; 1228 } 1229 1230 // Shuffle selected coins and fill in final vin 1231 std::vector<std::shared_ptr<COutput>> selected_coins = result.GetShuffledInputVector(); 1232 1233 if (coin_control.HasSelected() && coin_control.HasSelectedOrder()) { 1234 // When there are preselected inputs, we need to move them to be the first UTXOs 1235 // and have them be in the order selected. We can use stable_sort for this, where we 1236 // compare with the positions stored in coin_control. The COutputs that have positions 1237 // will be placed before those that don't, and those positions will be in order. 1238 std::stable_sort(selected_coins.begin(), selected_coins.end(), 1239 [&coin_control](const std::shared_ptr<COutput>& a, const std::shared_ptr<COutput>& b) { 1240 auto a_pos = coin_control.GetSelectionPos(a->outpoint); 1241 auto b_pos = coin_control.GetSelectionPos(b->outpoint); 1242 if (a_pos.has_value() && b_pos.has_value()) { 1243 return a_pos.value() < b_pos.value(); 1244 } else if (a_pos.has_value() && !b_pos.has_value()) { 1245 return true; 1246 } else { 1247 return false; 1248 } 1249 }); 1250 } 1251 1252 // The sequence number is set to non-maxint so that DiscourageFeeSniping 1253 // works. 1254 // 1255 // BIP125 defines opt-in RBF as any nSequence < maxint-1, so 1256 // we use the highest possible value in that range (maxint-2) 1257 // to avoid conflicting with other possible uses of nSequence, 1258 // and in the spirit of "smallest possible change from prior 1259 // behavior." 1260 bool use_anti_fee_sniping = true; 1261 const uint32_t default_sequence{coin_control.m_signal_bip125_rbf.value_or(wallet.m_signal_rbf) ? MAX_BIP125_RBF_SEQUENCE : CTxIn::MAX_SEQUENCE_NONFINAL}; 1262 txNew.vin.reserve(selected_coins.size()); 1263 for (const auto& coin : selected_coins) { 1264 std::optional<uint32_t> sequence = coin_control.GetSequence(coin->outpoint); 1265 if (sequence) { 1266 // If an input has a preset sequence, we can't do anti-fee-sniping 1267 use_anti_fee_sniping = false; 1268 } 1269 txNew.vin.emplace_back(coin->outpoint, CScript{}, sequence.value_or(default_sequence)); 1270 1271 auto scripts = coin_control.GetScripts(coin->outpoint); 1272 if (scripts.first) { 1273 txNew.vin.back().scriptSig = *scripts.first; 1274 } 1275 if (scripts.second) { 1276 txNew.vin.back().scriptWitness = *scripts.second; 1277 } 1278 } 1279 if (coin_control.m_locktime) { 1280 txNew.nLockTime = coin_control.m_locktime.value(); 1281 // If we have a locktime set, we can't use anti-fee-sniping 1282 use_anti_fee_sniping = false; 1283 } 1284 if (use_anti_fee_sniping) { 1285 DiscourageFeeSniping(txNew, rng_fast, wallet.chain(), wallet.GetLastBlockHash(), wallet.GetLastBlockHeight()); 1286 } 1287 1288 // Calculate the transaction fee 1289 TxSize tx_sizes = CalculateMaximumSignedTxSize(CTransaction(txNew), &wallet, &coin_control); 1290 int nBytes = tx_sizes.vsize; 1291 if (nBytes == -1) { 1292 return util::Error{_("Missing solving data for estimating transaction size")}; 1293 } 1294 CAmount fee_needed = coin_selection_params.m_effective_feerate.GetFee(nBytes) + result.GetTotalBumpFees(); 1295 const CAmount output_value = CalculateOutputValue(txNew); 1296 Assume(recipients_sum + change_amount == output_value); 1297 CAmount current_fee = result.GetSelectedValue() - output_value; 1298 1299 // Sanity check that the fee cannot be negative as that means we have more output value than input value 1300 if (current_fee < 0) { 1301 return util::Error{Untranslated(STR_INTERNAL_BUG("Fee paid < 0"))}; 1302 } 1303 1304 // If there is a change output and we overpay the fees then increase the change to match the fee needed 1305 if (change_pos && fee_needed < current_fee) { 1306 auto& change = txNew.vout.at(*change_pos); 1307 change.nValue += current_fee - fee_needed; 1308 current_fee = result.GetSelectedValue() - CalculateOutputValue(txNew); 1309 if (fee_needed != current_fee) { 1310 return util::Error{Untranslated(STR_INTERNAL_BUG("Change adjustment: Fee needed != fee paid"))}; 1311 } 1312 } 1313 1314 // Reduce output values for subtractFeeFromAmount 1315 if (coin_selection_params.m_subtract_fee_outputs) { 1316 CAmount to_reduce = fee_needed - current_fee; 1317 unsigned int i = 0; 1318 bool fFirst = true; 1319 for (const auto& recipient : vecSend) 1320 { 1321 if (change_pos && i == *change_pos) { 1322 ++i; 1323 } 1324 CTxOut& txout = txNew.vout[i]; 1325 1326 if (recipient.fSubtractFeeFromAmount) 1327 { 1328 txout.nValue -= to_reduce / outputs_to_subtract_fee_from; // Subtract fee equally from each selected recipient 1329 1330 if (fFirst) // first receiver pays the remainder not divisible by output count 1331 { 1332 fFirst = false; 1333 txout.nValue -= to_reduce % outputs_to_subtract_fee_from; 1334 } 1335 1336 // Error if this output is reduced to be below dust 1337 if (IsDust(txout, wallet.chain().relayDustFee())) { 1338 if (txout.nValue < 0) { 1339 return util::Error{_("The transaction amount is too small to pay the fee")}; 1340 } else { 1341 return util::Error{_("The transaction amount is too small to send after the fee has been deducted")}; 1342 } 1343 } 1344 } 1345 ++i; 1346 } 1347 current_fee = result.GetSelectedValue() - CalculateOutputValue(txNew); 1348 if (fee_needed != current_fee) { 1349 return util::Error{Untranslated(STR_INTERNAL_BUG("SFFO: Fee needed != fee paid"))}; 1350 } 1351 } 1352 1353 // fee_needed should now always be less than or equal to the current fees that we pay. 1354 // If it is not, it is a bug. 1355 if (fee_needed > current_fee) { 1356 return util::Error{Untranslated(STR_INTERNAL_BUG("Fee needed > fee paid"))}; 1357 } 1358 1359 // Give up if change keypool ran out and change is required 1360 if (scriptChange.empty() && change_pos) { 1361 return util::Error{error}; 1362 } 1363 1364 if (sign && !wallet.SignTransaction(txNew)) { 1365 return util::Error{_("Signing transaction failed")}; 1366 } 1367 1368 // Return the constructed transaction data. 1369 CTransactionRef tx = MakeTransactionRef(std::move(txNew)); 1370 1371 // Limit size 1372 if ((sign && GetTransactionWeight(*tx) > MAX_STANDARD_TX_WEIGHT) || 1373 (!sign && tx_sizes.weight > MAX_STANDARD_TX_WEIGHT)) 1374 { 1375 return util::Error{_("Transaction too large")}; 1376 } 1377 1378 if (current_fee > wallet.m_default_max_tx_fee) { 1379 return util::Error{TransactionErrorString(TransactionError::MAX_FEE_EXCEEDED)}; 1380 } 1381 1382 if (gArgs.GetBoolArg("-walletrejectlongchains", DEFAULT_WALLET_REJECT_LONG_CHAINS)) { 1383 // Lastly, ensure this tx will pass the mempool's chain limits 1384 auto result = wallet.chain().checkChainLimits(tx); 1385 if (!result) { 1386 return util::Error{util::ErrorString(result)}; 1387 } 1388 } 1389 1390 // Before we return success, we assume any change key will be used to prevent 1391 // accidental reuse. 1392 reservedest.KeepDestination(); 1393 1394 wallet.WalletLogPrintf("Coin Selection: Algorithm:%s, Waste Metric Score:%d\n", GetAlgorithmName(result.GetAlgo()), result.GetWaste()); 1395 wallet.WalletLogPrintf("Fee Calculation: Fee:%d Bytes:%u Tgt:%d (requested %d) Reason:\"%s\" Decay %.5f: Estimation: (%g - %g) %.2f%% %.1f/(%.1f %d mem %.1f out) Fail: (%g - %g) %.2f%% %.1f/(%.1f %d mem %.1f out)\n", 1396 current_fee, nBytes, feeCalc.returnedTarget, feeCalc.desiredTarget, StringForFeeReason(feeCalc.reason), feeCalc.est.decay, 1397 feeCalc.est.pass.start, feeCalc.est.pass.end, 1398 (feeCalc.est.pass.totalConfirmed + feeCalc.est.pass.inMempool + feeCalc.est.pass.leftMempool) > 0.0 ? 100 * feeCalc.est.pass.withinTarget / (feeCalc.est.pass.totalConfirmed + feeCalc.est.pass.inMempool + feeCalc.est.pass.leftMempool) : 0.0, 1399 feeCalc.est.pass.withinTarget, feeCalc.est.pass.totalConfirmed, feeCalc.est.pass.inMempool, feeCalc.est.pass.leftMempool, 1400 feeCalc.est.fail.start, feeCalc.est.fail.end, 1401 (feeCalc.est.fail.totalConfirmed + feeCalc.est.fail.inMempool + feeCalc.est.fail.leftMempool) > 0.0 ? 100 * feeCalc.est.fail.withinTarget / (feeCalc.est.fail.totalConfirmed + feeCalc.est.fail.inMempool + feeCalc.est.fail.leftMempool) : 0.0, 1402 feeCalc.est.fail.withinTarget, feeCalc.est.fail.totalConfirmed, feeCalc.est.fail.inMempool, feeCalc.est.fail.leftMempool); 1403 return CreatedTransactionResult(tx, current_fee, change_pos, feeCalc); 1404 } 1405 1406 util::Result<CreatedTransactionResult> CreateTransaction( 1407 CWallet& wallet, 1408 const std::vector<CRecipient>& vecSend, 1409 std::optional<unsigned int> change_pos, 1410 const CCoinControl& coin_control, 1411 bool sign) 1412 { 1413 if (vecSend.empty()) { 1414 return util::Error{_("Transaction must have at least one recipient")}; 1415 } 1416 1417 if (std::any_of(vecSend.cbegin(), vecSend.cend(), [](const auto& recipient){ return recipient.nAmount < 0; })) { 1418 return util::Error{_("Transaction amounts must not be negative")}; 1419 } 1420 1421 LOCK(wallet.cs_wallet); 1422 1423 auto res = CreateTransactionInternal(wallet, vecSend, change_pos, coin_control, sign); 1424 TRACEPOINT(coin_selection, normal_create_tx_internal, 1425 wallet.GetName().c_str(), 1426 bool(res), 1427 res ? res->fee : 0, 1428 res && res->change_pos.has_value() ? int32_t(*res->change_pos) : -1); 1429 if (!res) return res; 1430 const auto& txr_ungrouped = *res; 1431 // try with avoidpartialspends unless it's enabled already 1432 if (txr_ungrouped.fee > 0 /* 0 means non-functional fee rate estimation */ && wallet.m_max_aps_fee > -1 && !coin_control.m_avoid_partial_spends) { 1433 TRACEPOINT(coin_selection, attempting_aps_create_tx, wallet.GetName().c_str()); 1434 CCoinControl tmp_cc = coin_control; 1435 tmp_cc.m_avoid_partial_spends = true; 1436 1437 // Reuse the change destination from the first creation attempt to avoid skipping BIP44 indexes 1438 if (txr_ungrouped.change_pos) { 1439 ExtractDestination(txr_ungrouped.tx->vout[*txr_ungrouped.change_pos].scriptPubKey, tmp_cc.destChange); 1440 } 1441 1442 auto txr_grouped = CreateTransactionInternal(wallet, vecSend, change_pos, tmp_cc, sign); 1443 // if fee of this alternative one is within the range of the max fee, we use this one 1444 const bool use_aps{txr_grouped.has_value() ? (txr_grouped->fee <= txr_ungrouped.fee + wallet.m_max_aps_fee) : false}; 1445 TRACEPOINT(coin_selection, aps_create_tx_internal, 1446 wallet.GetName().c_str(), 1447 use_aps, 1448 txr_grouped.has_value(), 1449 txr_grouped.has_value() ? txr_grouped->fee : 0, 1450 txr_grouped.has_value() && txr_grouped->change_pos.has_value() ? int32_t(*txr_grouped->change_pos) : -1); 1451 if (txr_grouped) { 1452 wallet.WalletLogPrintf("Fee non-grouped = %lld, grouped = %lld, using %s\n", 1453 txr_ungrouped.fee, txr_grouped->fee, use_aps ? "grouped" : "non-grouped"); 1454 if (use_aps) return txr_grouped; 1455 } 1456 } 1457 return res; 1458 } 1459 1460 util::Result<CreatedTransactionResult> FundTransaction(CWallet& wallet, const CMutableTransaction& tx, const std::vector<CRecipient>& vecSend, std::optional<unsigned int> change_pos, bool lockUnspents, CCoinControl coinControl) 1461 { 1462 // We want to make sure tx.vout is not used now that we are passing outputs as a vector of recipients. 1463 // This sets us up to remove tx completely in a future PR in favor of passing the inputs directly. 1464 assert(tx.vout.empty()); 1465 1466 // Set the user desired locktime 1467 coinControl.m_locktime = tx.nLockTime; 1468 1469 // Set the user desired version 1470 coinControl.m_version = tx.version; 1471 1472 // Acquire the locks to prevent races to the new locked unspents between the 1473 // CreateTransaction call and LockCoin calls (when lockUnspents is true). 1474 LOCK(wallet.cs_wallet); 1475 1476 // Fetch specified UTXOs from the UTXO set to get the scriptPubKeys and values of the outputs being selected 1477 // and to match with the given solving_data. Only used for non-wallet outputs. 1478 std::map<COutPoint, Coin> coins; 1479 for (const CTxIn& txin : tx.vin) { 1480 coins[txin.prevout]; // Create empty map entry keyed by prevout. 1481 } 1482 wallet.chain().findCoins(coins); 1483 1484 for (const CTxIn& txin : tx.vin) { 1485 const auto& outPoint = txin.prevout; 1486 PreselectedInput& preset_txin = coinControl.Select(outPoint); 1487 if (!wallet.IsMine(outPoint)) { 1488 if (coins[outPoint].out.IsNull()) { 1489 return util::Error{_("Unable to find UTXO for external input")}; 1490 } 1491 1492 // The input was not in the wallet, but is in the UTXO set, so select as external 1493 preset_txin.SetTxOut(coins[outPoint].out); 1494 } 1495 preset_txin.SetSequence(txin.nSequence); 1496 preset_txin.SetScriptSig(txin.scriptSig); 1497 preset_txin.SetScriptWitness(txin.scriptWitness); 1498 } 1499 1500 auto res = CreateTransaction(wallet, vecSend, change_pos, coinControl, false); 1501 if (!res) { 1502 return res; 1503 } 1504 1505 if (lockUnspents) { 1506 for (const CTxIn& txin : res->tx->vin) { 1507 wallet.LockCoin(txin.prevout, /*persist=*/false); 1508 } 1509 } 1510 1511 return res; 1512 } 1513 } // namespace wallet