The new SIGHASH_UTXO has a possible attack vector where prepared huge
outputs are used and required to be hashed for the signing preimage.
At most you can force the full node to prepare 20GB of (utxo) data
_prior_ to creation of the preimage. Which is a big issue when it comes
to memory usage of the node.
What this change does is we ensure that the class used for this data is
a ConstBuf as given to us from the utxo. Which are just pointers and not
full data, the data is memory mapped.
So we ensure shallow copies to avoid actually requiring the data to be
in memory until the point where it is used. And it can get swapped out
immediately after.
This ensures we are immune to the SIGHASH_UTXO attack vector.
Modula by zero will make the CPU throw a signal at our process, as
such (just like divide by zero) we should detect it.
Boost does that just fine in newer versions, but we need to write
that line ourselves for older ones.
script.h is installed and part of the library 'flowee_utils', as such
it makes sense to move those new classes out of the ones seen by
downstream users.
The activation is past and there is no point in having a flag passed
through a dozen methods in order to detect when to enable it.
Because it is always enabled.
This removes the transaction-signing code from the hub internal codebase.
The only user for this was the API call signrawtransaction,
and a lot of unit testing code.
I'd argue that if the user needs to send a private key to the hub via
RPC for signing his transaction, then they are doing it wrong.
This also removes the duplicate test double_spend which tests
functionality also tested in the DoubleSpendProofTest.
As an aside, the flowee/utils library still has full signing capability
and we suggest using the TransactionBuilder API for that.
The mining code still called that, this replaces it with standard
log lines that cost less at runtime and keeps the code that is
rarely run away from the shared parts.
This introduces a new BlockHeader helper class which Block and
MutableBlock can both produce, which helps a lot of methods to
be ported to no longer be dependent on us using a MutableBlock
object, which is too costly to use when we have no intention
to alter the block.
For transaction::checkTransaction():
this in practice avoids lots of mallocs and overhead while doing
transaction checks.
For merkleroot, the same benefits. Avoiding copying and mallocs.
tomFlowee
John Galt