Wallet, GUI: Warn when sending to already-used Bitcoin addresses #15987
Conversation
|
Meta-concept-ack! we should absolutely do something like this (I haven't looked at the specifics of what this does yet) |
| const QString label_and_address = rcp.label.isEmpty() ? rcp.address : (rcp.label + " (" + rcp.address + ")"); | ||
| reuse_question.append("<br />"); | ||
| if (rcp_prior_usage_info.num_txs == 1) { | ||
| //: %1 is an amount (eg, "1 BTC"); %2 is a Bitcoin address and its label; %3 is a date (eg, "2019-05-08") |
There was a problem hiding this comment.
Note: //: is how Qt lets us add notes for translators. (I'm not sure if it survives to Transifex?)
There was a problem hiding this comment.
Note:
//:is how Qt lets us add notes for translators. (I'm not sure if it survives to Transifex?)
Smth like #21465 is required for that.
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
|
Concept ACK This addresses #3266 I assume |
|
It doesn't take into consideration all the ideas/advice (even my own!) on #3266, but yes, it implements the general idea I think. |
|
Concept ACK |
1 similar comment
|
Concept ACK |
|
Concept ACK, didn't see the code but maybe you could split RPC changes to other PR? |
|
Concept ACK, but agree with @promag on splitting When I enter a duplicate address the field becomes yellow as expected, but when I also enter an absurdly high amount, it no longer shows the "insufficient balance error", but instead ignores the amount I entered and falls back to the previous amount. Also |
3a6d7ce to
c37f306
Compare
|
Rebased, fixed issues, and moved RPC change to a new |
65c3c70 to
545af21
Compare
|
concept ACK |
- Dialog icon can be changed - Both buttons can be replaced with other standard buttons - "Yes" button can be renamed
545af21 to
391c5d9
Compare
There was a problem hiding this comment.
391c5d9 looks good, except the triplet of choices is confusing:
- try renaming
OKtoCanceland making that the default action Overrideshould beSendorSend anyway(I initially thought Override meant overriding the address)- Consider dropping
Show Detailsand instead putSent ... BTC to this address across 2 transactions from 15-11-2019 through 15-11-2019as a text under the address. Being able to put an error message right under the address is useful for a #16807 GUI followup too.
| @@ -841,6 +841,23 @@ void CWallet::AddToSpends(const uint256& wtxid) | |||
| AddToSpends(txin.prevout, wtxid); | |||
| } | |||
|
|
|||
| void CWallet::AddToAddressBloomFilter(const CWalletTx& wtx) | |||
| { | |||
There was a problem hiding this comment.
Assert that m_address_bloom_filter has been built?
| @@ -1019,6 +1019,8 @@ class CWallet final : public FillableSigningProvider, private interfaces::Chain: | |||
| void UnlockAllCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_wallet); | |||
| void ListLockedCoins(std::vector<COutPoint>& vOutpts) const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet); | |||
|
|
|||
| bool FindScriptPubKeyUsed(const std::set<CScript>& keys, const boost::variant<boost::blank, std::function<void(const CWalletTx&)>, std::function<void(const CWalletTx&, uint32_t)>>& callback = boost::blank()) const EXCLUSIVE_LOCKS_REQUIRED(cs_wallet); | |||
There was a problem hiding this comment.
Can you document the params here? Also maybe explicitly state that this function corrects for any false positives found with the bloom filter.
I think using std::vector<CWalletTx&>& transactions instead of a callback is more readable (and avoids Boost). Or do you need this to be asynchronous?
| if (!found_any) { | ||
| return false; | ||
| } | ||
|
|
There was a problem hiding this comment.
Suggested comment: // Bloom filters can return false positives, so iterate through all wallet addresses
There was a problem hiding this comment.
Could early return if no callback?
| @@ -30,6 +31,16 @@ | |||
| namespace interfaces { | |||
| namespace { | |||
|
|
|||
| std::set<CScript> AddressesToKeys(std::vector<std::string> addresses) | |||
| @@ -158,6 +160,8 @@ class WalletModel : public QObject | |||
|
|
|||
| // Check address for validity | |||
| bool validateAddress(const QString &address); | |||
| bool checkAddressForUsage(const std::vector<std::string>& addresses) const; | |||
| QStringList addresses; | ||
| for (const auto& recipient : recipients) { | ||
| #ifdef ENABLE_BIP70 | ||
| if (recipient.paymentRequest.IsInitialized()) continue; |
There was a problem hiding this comment.
Maybe add a comment here. Why not put ifndef ENABLE_BIP70 before the entire { block? Can users manually add destinations to a BIP70 payment?
There was a problem hiding this comment.
Can users manually add destinations to a BIP70 payment?
BIP70 is no longer supported. Looks like this needs to be rebased on master and any ENABLE_BIP70 additions needs to be removed.
| Needs rebase |
| if (!found_any) { | ||
| return false; | ||
| } | ||
|
|
There was a problem hiding this comment.
Could early return if no callback?
|
Planning to redo this as an addressbook |
|
@luke-jr re-open? |
|
Up for grabs? |
|
It's maintained. PR is pending on bitcoin-core/gui#404 |
aeb18b6 Bugfix: GUI: Check validity when QValidatedLineEdit::setText is called (Luke Dashjr) b1a544b Bugfix: GUI: Re-check validity after QValidatedLineEdit::setCheckValidator (Luke Dashjr) 2385b50 Bugfix: GUI: Only apply invalid style to QValidatedLineEdit, not its tooltip (Luke Dashjr) Pull request description: 1. Use a CSS selector to avoid changing the background colour of the tooltip. 2. Re-check validity of input when we first set the validator (probably a no-op in practice). 3. Check validity of input when it is set programmatically via `setText` (eg, via the address book). Probably no-op in practice UNTIL merging bitcoin/bitcoin#15987 or any other PR that adds a warning for valid addresses. Moved from bitcoin/bitcoin#18133 (just concept ACKs) ACKs for top commit: Sjors: tACK aeb18b6 hebasto: ACK aeb18b6, tested on Linux Mint 20.3 (Qt 5.12.8). Tree-SHA512: b6fa8ee4dec76e1c759095721240e6fa5071a02993cb28406e96a0fa2e819f5dddc03d2e7c9073354d7865c2b09eb263afaf853ecba42e9fc4f50ef4ae20bf0f
…ineEdit aeb18b6 Bugfix: GUI: Check validity when QValidatedLineEdit::setText is called (Luke Dashjr) b1a544b Bugfix: GUI: Re-check validity after QValidatedLineEdit::setCheckValidator (Luke Dashjr) 2385b50 Bugfix: GUI: Only apply invalid style to QValidatedLineEdit, not its tooltip (Luke Dashjr) Pull request description: 1. Use a CSS selector to avoid changing the background colour of the tooltip. 2. Re-check validity of input when we first set the validator (probably a no-op in practice). 3. Check validity of input when it is set programmatically via `setText` (eg, via the address book). Probably no-op in practice UNTIL merging bitcoin#15987 or any other PR that adds a warning for valid addresses. Moved from bitcoin#18133 (just concept ACKs) ACKs for top commit: Sjors: tACK aeb18b6 hebasto: ACK aeb18b6, tested on Linux Mint 20.3 (Qt 5.12.8). Tree-SHA512: b6fa8ee4dec76e1c759095721240e6fa5071a02993cb28406e96a0fa2e819f5dddc03d2e7c9073354d7865c2b09eb263afaf853ecba42e9fc4f50ef4ae20bf0f
|
Now blocking on PR #22693 for wallet changes |
GUIUtil::dateTimeStrto not overflow with 64-bit timestamps.)