The IDE include checker got to the point where it is actually useful and
this removes a lot of unneeded includes.
Naturally, especially for headers like util.h, this may mean we need to
re-add includes in consuming cpp files that bloats the diff a bit.
Similar to the previous commit; make sure that the ValidationContext has
access to the new Tx format so new code can use it directly.
In practically all cases (outside of the unit tests) callers already had
a Tx instance. Making it just a matter of sending it with.
Notice that the Tx object is immutable and implicitly shared which makes
it cheaper to pass around.
The MutableTransaction is only for creation,
the CTransaction is basically only there for backwards compatibility and
is kind of half deprecated.
The Tx class is to be used for all new code in validation.
The reason for this is because the CTransaction and friends are terribly
expensive to create and they have horrible effects on multi-threaded
validation.
So, to help this concept along we now pass both the old and the new tx
to a method that has not been ported to use the new yet. This at
least makes available the new Tx instance so when new code is written
it is easier to do the right thing (tm).
We add a Token class to Tx, which adds an easy to use API when compared
to the plain iterator. The main point of the API chosen is to make sure
we don't do unneeded parsing or copying for tokens unless needed.
Additionally refactor the ValidationPrivate::UnspentOutput class to
inherit from the Tx::Output class in order to avoid lots of duplicated
logic on handling the data.
The new SIGHASH_UTXO has a possible attack vector where prepared huge
outputs are used and required to be hashed for the signing preimage.
At most you can force the full node to prepare 20GB of (utxo) data
_prior_ to creation of the preimage. Which is a big issue when it comes
to memory usage of the node.
What this change does is we ensure that the class used for this data is
a ConstBuf as given to us from the utxo. Which are just pointers and not
full data, the data is memory mapped.
So we ensure shallow copies to avoid actually requiring the data to be
in memory until the point where it is used. And it can get swapped out
immediately after.
This ensures we are immune to the SIGHASH_UTXO attack vector.
script.h is installed and part of the library 'flowee_utils', as such
it makes sense to move those new classes out of the ones seen by
downstream users.
The activation is past and there is no point in having a flag passed
through a dozen methods in order to detect when to enable it.
Because it is always enabled.
This removes the transaction-signing code from the hub internal codebase.
The only user for this was the API call signrawtransaction,
and a lot of unit testing code.
I'd argue that if the user needs to send a private key to the hub via
RPC for signing his transaction, then they are doing it wrong.
This also removes the duplicate test double_spend which tests
functionality also tested in the DoubleSpendProofTest.
As an aside, the flowee/utils library still has full signing capability
and we suggest using the TransactionBuilder API for that.
John Galt
tomFlowee