X-Git-Url: https://git.novaco.in/?a=blobdiff_plain;f=src%2Fmain.cpp;h=f6adb17281915fa33f81bb4c93fdadaee6a65b72;hb=47bb141bf2d589db630ac1a917189b05b75b80d0;hp=e5fba9c0a11f7926cf246e2261db27b6bf2eed3d;hpb=198415e788fcbde13f2c3a6132e8e2a27b1a7bb8;p=novacoin.git diff --git a/src/main.cpp b/src/main.cpp index e5fba9c..f6adb17 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -42,10 +42,10 @@ uint256 nPoWBase = uint256("0x00000000ffff00000000000000000000000000000000000000 CBigNum bnProofOfWorkLimitTestNet(~uint256(0) >> 16); -unsigned int nStakeMinAge = 60 * 60 * 24 * 30; // 30 days as zero time weight -unsigned int nStakeMaxAge = 60 * 60 * 24 * 90; // 90 days as full weight +unsigned int nStakeMinAge = 30 * nOneDay; // 30 days as zero time weight +unsigned int nStakeMaxAge = 90 * nOneDay; // 90 days as full weight unsigned int nStakeTargetSpacing = 10 * 60; // 10-minute stakes spacing -unsigned int nModifierInterval = 6 * 60 * 60; // time to elapse before new modifier is computed +unsigned int nModifierInterval = 6 * nOneHour; // time to elapse before new modifier is computed int nCoinbaseMaturity = 500; @@ -81,7 +81,7 @@ int64_t nMinimumInputValue = MIN_TXOUT_AMOUNT; // Ping and address broadcast intervals int64_t nPingInterval = 30 * 60; -int64_t nBroadcastInterval = 24 * 60 * 60; +int64_t nBroadcastInterval = nOneDay; extern enum Checkpoints::CPMode CheckpointsMode; @@ -430,9 +430,14 @@ unsigned int CTransaction::GetLegacySigOpCount() const { unsigned int nSigOps = 0; - BOOST_FOREACH(const CTxIn& txin, vin) + if (!IsCoinBase() || nTime < COINBASE_SIGOPS_SWITCH_TIME) { - nSigOps += txin.scriptSig.GetSigOpCount(false); + // Coinbase scriptsigs are never executed, so there is + // no sense in calculation of sigops. + BOOST_FOREACH(const CTxIn& txin, vin) + { + nSigOps += txin.scriptSig.GetSigOpCount(false); + } } BOOST_FOREACH(const CTxOut& txout, vout) { @@ -506,6 +511,10 @@ bool CTransaction::CheckTransaction() const return DoS(10, error("CTransaction::CheckTransaction() : vin empty")); if (vout.empty()) return DoS(10, error("CTransaction::CheckTransaction() : vout empty")); + // Time (prevent mempool memory exhaustion attack) + // Comes into force since 20 December 2015. + if (nTime > 1450569600 && nTime > FutureDrift(GetAdjustedTime())) + return DoS(10, error("CTransaction::CheckTransaction() : timestamp is too far into the future")); // Size limits if (::GetSerializeSize(*this, SER_NETWORK, PROTOCOL_VERSION) > MAX_BLOCK_SIZE) return DoS(100, error("CTransaction::CheckTransaction() : size limits failed")); @@ -1119,7 +1128,7 @@ int64_t GetProofOfStakeReward(int64_t nCoinAge, unsigned int nBits, int64_t nTim return nSubsidy; } -static const int64_t nTargetTimespan = 7 * 24 * 60 * 60; // one week +static const int64_t nTargetTimespan = 7 * nOneDay; // one week // get proof of work blocks max spacing according to hard-coded conditions int64_t inline GetTargetSpacingWorkMax(int nHeight, unsigned int nTime) @@ -1145,7 +1154,7 @@ unsigned int ComputeMaxBits(CBigNum bnTargetLimit, unsigned int nBase, int64_t n { // Maximum 200% adjustment per day... bnResult *= 2; - nTime -= 24 * 60 * 60; + nTime -= nOneDay; } if (bnResult > bnTargetLimit) bnResult = bnTargetLimit; @@ -1245,7 +1254,7 @@ bool IsInitialBlockDownload() nLastUpdate = nCurrentTime; } return (nCurrentTime - nLastUpdate < 10 && - pindexBest->GetBlockTime() < nCurrentTime - 24 * 60 * 60); + pindexBest->GetBlockTime() < nCurrentTime - nOneDay); } void static InvalidChainFound(CBlockIndex* pindexNew) @@ -2092,7 +2101,7 @@ bool CTransaction::GetCoinAge(CTxDB& txdb, uint64_t& nCoinAge) const printf("coin age nValueIn=%" PRId64 " nTimeDiff=%d bnCentSecond=%s\n", nValueIn, nTime - txPrev.nTime, bnCentSecond.ToString().c_str()); } - CBigNum bnCoinDay = bnCentSecond * CENT / COIN / (24 * 60 * 60); + CBigNum bnCoinDay = bnCentSecond * CENT / COIN / nOneDay; if (fDebug && GetBoolArg("-printcoinage")) printf("coin age bnCoinDay=%s\n", bnCoinDay.ToString().c_str()); nCoinAge = bnCoinDay.getuint64(); @@ -2330,10 +2339,19 @@ bool CBlock::AcceptBlock() if (nBits != GetNextTargetRequired(pindexPrev, IsProofOfStake())) return DoS(100, error("AcceptBlock() : incorrect %s", IsProofOfWork() ? "proof-of-work" : "proof-of-stake")); + int64_t nMedianTimePast = pindexPrev->GetMedianTimePast(); + int nMaxOffset = 12 * 3600; // 12 hours + if (pindexPrev->nTime < 1450569600) + nMaxOffset = 7 * 86400; // One week until 20 Dec, 2015 + // Check timestamp against prev - if (GetBlockTime() <= pindexPrev->GetMedianTimePast() || FutureDrift(GetBlockTime()) < pindexPrev->GetBlockTime()) + if (GetBlockTime() <= nMedianTimePast || FutureDrift(GetBlockTime()) < pindexPrev->GetBlockTime()) return error("AcceptBlock() : block's timestamp is too early"); + // Don't accept blocks with future timestamps + if (pindexPrev->nHeight > 1 && nMedianTimePast + nMaxOffset < GetBlockTime()) + return error("AcceptBlock() : block's timestamp is too far in the future"); + // Check that all transactions are finalized BOOST_FOREACH(const CTransaction& tx, vtx) if (!tx.IsFinal(nHeight, GetBlockTime())) @@ -2392,21 +2410,9 @@ uint256 CBlockIndex::GetBlockTrust() const if (bnTarget <= 0) return 0; - /* Old protocol */ - if (!fTestNet && GetBlockTime() < CHAINCHECKS_SWITCH_TIME) - return (IsProofOfStake()? ((CBigNum(1)<<256) / (bnTarget+1)).getuint256() : 1); - - /* New protocol */ - - // Calculate work amount for block - uint256 nPoWTrust = (CBigNum(nPoWBase) / (bnTarget+1)).getuint256(); - - // Set nPowTrust to 1 if we are checking PoS block or PoW difficulty is too low - nPoWTrust = (IsProofOfStake() || nPoWTrust < 1) ? 1 : nPoWTrust; - - // Return nPoWTrust for the first 12 blocks + // Return 1 for the first 12 blocks if (pprev == NULL || pprev->nHeight < 12) - return nPoWTrust; + return 1; const CBlockIndex* currentIndex = pprev; @@ -2436,11 +2442,18 @@ uint256 CBlockIndex::GetBlockTrust() const } else { + // Calculate work amount for block + CBigNum bnPoWTrust = CBigNum(nPoWBase) / (bnTarget+1); + + // Set nPowTrust to 1 if PoW difficulty is too low + if (bnPoWTrust < 1) + bnPoWTrust = 1; + CBigNum bnLastBlockTrust = CBigNum(pprev->nChainTrust - pprev->pprev->nChainTrust); // Return nPoWTrust + 2/3 of previous block score if two parent blocks are not PoS blocks if (!(pprev->IsProofOfStake() && pprev->pprev->IsProofOfStake())) - return nPoWTrust + (2 * bnLastBlockTrust / 3).getuint256(); + return (bnPoWTrust + 2 * bnLastBlockTrust / 3).getuint256(); int nPoSCount = 0; @@ -2454,7 +2467,7 @@ uint256 CBlockIndex::GetBlockTrust() const // Return nPoWTrust + 2/3 of previous block score if less than 7 PoS blocks found if (nPoSCount < 7) - return nPoWTrust + (2 * bnLastBlockTrust / 3).getuint256(); + return (bnPoWTrust + 2 * bnLastBlockTrust / 3).getuint256(); bnTarget.SetCompact(pprev->nBits); @@ -2464,7 +2477,7 @@ uint256 CBlockIndex::GetBlockTrust() const CBigNum bnNewTrust = (CBigNum(1)<<256) / (bnTarget+1); // Return nPoWTrust + full trust score for previous block nBits - return nPoWTrust + bnNewTrust.getuint256(); + return (bnPoWTrust + bnNewTrust).getuint256(); } } @@ -2675,7 +2688,7 @@ static filesystem::path BlockFilePath(unsigned int nFile) FILE* OpenBlockFile(unsigned int nFile, unsigned int nBlockPos, const char* pszMode) { - if ((nFile < 1) || (nFile == (unsigned int) -1)) + if ((nFile < 1) || (nFile == std::numeric_limits::max())) return NULL; FILE* file = fopen(BlockFilePath(nFile).string().c_str(), pszMode); if (!file) @@ -2736,7 +2749,7 @@ bool LoadBlockIndex(bool fAllowNew) pchMessageStart[3] = 0xef; bnProofOfWorkLimit = bnProofOfWorkLimitTestNet; // 16 bits PoW target limit for testnet - nStakeMinAge = 2 * 60 * 60; // test net min age is 2 hours + nStakeMinAge = 2 * nOneHour; // test net min age is 2 hours nModifierInterval = 20 * 60; // test modifier interval is 20 minutes nCoinbaseMaturity = 10; // test maturity is 10 blocks nStakeTargetSpacing = 5 * 60; // test block spacing is 5 minutes @@ -2942,7 +2955,7 @@ bool LoadExternalBlockFile(FILE* fileIn) try { CAutoFile blkdat(fileIn, SER_DISK, CLIENT_VERSION); unsigned int nPos = 0; - while (nPos != (unsigned int)-1 && blkdat.good() && !fRequestShutdown) + while (nPos != std::numeric_limits::max() && blkdat.good() && !fRequestShutdown) { unsigned char pchData[65536]; do { @@ -2950,7 +2963,7 @@ bool LoadExternalBlockFile(FILE* fileIn) int nRead = fread(pchData, 1, sizeof(pchData), blkdat); if (nRead <= 8) { - nPos = (unsigned int)-1; + nPos = std::numeric_limits::max(); break; } void* nFind = memchr(pchData, pchMessageStart[0], nRead+1-sizeof(pchMessageStart)); @@ -2966,7 +2979,7 @@ bool LoadExternalBlockFile(FILE* fileIn) else nPos += sizeof(pchData) - sizeof(pchMessageStart) + 1; } while(!fRequestShutdown); - if (nPos == (unsigned int)-1) + if (nPos == std::numeric_limits::max()) break; fseek(blkdat, nPos, SEEK_SET); unsigned int nSize; @@ -3018,7 +3031,7 @@ string GetWarnings(string strFor) // if detected unmet upgrade requirement enter safe mode // Note: Modifier upgrade requires blockchain redownload if past protocol switch - if (IsFixedModifierInterval(nModifierUpgradeTime + 60*60*24)) // 1 day margin + if (IsFixedModifierInterval(nModifierUpgradeTime + nOneDay)) // 1 day margin { nPriority = 5000; strStatusBar = strRPC = "WARNING: Blockchain redownload required approaching or past v.0.4.4.6u4 upgrade deadline."; @@ -3281,7 +3294,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) if (fShutdown) return true; if (addr.nTime <= 100000000 || addr.nTime > nNow + 10 * 60) - addr.nTime = nNow - 5 * 24 * 60 * 60; + addr.nTime = nNow - 5 * nOneDay; pfrom->AddAddressKnown(addr); bool fReachable = IsReachable(addr); if (addr.nTime > nSince && !pfrom->fGetAddr && vAddr.size() <= 10 && addr.IsRoutable()) @@ -3295,7 +3308,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) if (hashSalt == 0) hashSalt = GetRandHash(); uint64_t hashAddr = addr.GetHash(); - uint256 hashRand = hashSalt ^ (hashAddr<<32) ^ ((GetTime()+hashAddr)/(24*60*60)); + uint256 hashRand = hashSalt ^ (hashAddr<<32) ^ ((GetTime()+hashAddr)/nOneDay); hashRand = Hash(BEGIN(hashRand), END(hashRand)); multimap mapMix; BOOST_FOREACH(CNode* pnode, vNodes) @@ -3317,7 +3330,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) if (fReachable) vAddrOk.push_back(addr); } - addrman.Add(vAddrOk, pfrom->addr, 2 * 60 * 60); + addrman.Add(vAddrOk, pfrom->addr, 2 * nOneHour); if (vAddr.size() < 1000) pfrom->fGetAddr = false; if (pfrom->fOneShot) @@ -3335,7 +3348,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) } // find last block in inv vector - unsigned int nLastBlock = (unsigned int)(-1); + unsigned int nLastBlock = std::numeric_limits::max(); for (unsigned int nInv = 0; nInv < vInv.size(); nInv++) { if (vInv[vInv.size() - 1 - nInv].type == MSG_BLOCK) { nLastBlock = vInv.size() - 1 - nInv; @@ -3619,10 +3632,15 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) } - else if (strCommand == "getaddr") + // This asymmetric behavior for inbound and outbound connections was introduced + // to prevent a fingerprinting attack: an attacker can send specific fake addresses + // to users' AddrMan and later request them by sending getaddr messages. + // Making users (which are behind NAT and can only make outgoing connections) ignore + // getaddr message mitigates the attack. + else if ((strCommand == "getaddr") && (pfrom->fInbound)) { // Don't return addresses older than nCutOff timestamp - int64_t nCutOff = GetTime() - (nNodeLifespan * 24 * 60 * 60); + int64_t nCutOff = GetTime() - (nNodeLifespan * nOneDay); pfrom->vAddrToSend.clear(); vector vAddr = addrman.GetAddr(); BOOST_FOREACH(const CAddress &addr, vAddr) @@ -4070,4 +4088,4 @@ public: // orphan transactions } -} instance_of_cmaincleanup; \ No newline at end of file +} instance_of_cmaincleanup;