wallet2: ignore received unencrypted payment IDs (but warn hard)

This commit is contained in:
moneromooo-monero 2019-06-17 15:39:29 +00:00
parent b295e3cff6
commit 455f9e3e9f
No known key found for this signature in database
GPG Key ID: 686F07454D6CEFC3
3 changed files with 25 additions and 13 deletions

View File

@ -137,6 +137,8 @@ using namespace cryptonote;
#define DEFAULT_INACTIVITY_LOCK_TIMEOUT 90 // a minute and a half
#define IGNORE_LONG_PAYMENT_ID_FROM_BLOCK_VERSION 12
static const std::string MULTISIG_SIGNATURE_MAGIC = "SigMultisigPkV1";
static const std::string MULTISIG_EXTRA_INFO_MAGIC = "MultisigxV1";
@ -1793,7 +1795,7 @@ void wallet2::cache_tx_data(const cryptonote::transaction& tx, const crypto::has
}
}
//----------------------------------------------------------------------------------------------------
void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen, const tx_cache_data &tx_cache_data, std::map<std::pair<uint64_t, uint64_t>, size_t> *output_tracker_cache)
void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint8_t block_version, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen, const tx_cache_data &tx_cache_data, std::map<std::pair<uint64_t, uint64_t>, size_t> *output_tracker_cache)
{
PERF_TIMER(process_new_transaction);
// In this function, tx (probably) only contains the base information
@ -2285,8 +2287,18 @@ void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote
}
else if (get_payment_id_from_tx_extra_nonce(extra_nonce.nonce, payment_id))
{
LOG_PRINT_L2("Found unencrypted payment ID: " << payment_id);
MWARNING("Found unencrypted payment ID: these are bad for privacy, consider using subaddresses instead");
bool ignore = block_version >= IGNORE_LONG_PAYMENT_ID_FROM_BLOCK_VERSION;
if (ignore)
{
LOG_PRINT_L2("Found unencrypted payment ID in tx " << txid << " (ignored)");
MWARNING("Found OBSOLETE AND IGNORED unencrypted payment ID: these are bad for privacy, use subaddresses instead");
payment_id = crypto::null_hash;
}
else
{
LOG_PRINT_L2("Found unencrypted payment ID: " << payment_id);
MWARNING("Found unencrypted payment ID: these are bad for privacy, consider using subaddresses instead");
}
}
}
@ -2422,7 +2434,7 @@ void wallet2::process_new_blockchain_entry(const cryptonote::block& b, const cry
{
TIME_MEASURE_START(miner_tx_handle_time);
if (m_refresh_type != RefreshNoCoinbase)
process_new_transaction(get_transaction_hash(b.miner_tx), b.miner_tx, parsed_block.o_indices.indices[0].indices, height, b.timestamp, true, false, false, tx_cache_data[tx_cache_data_offset], output_tracker_cache);
process_new_transaction(get_transaction_hash(b.miner_tx), b.miner_tx, parsed_block.o_indices.indices[0].indices, height, b.major_version, b.timestamp, true, false, false, tx_cache_data[tx_cache_data_offset], output_tracker_cache);
++tx_cache_data_offset;
TIME_MEASURE_FINISH(miner_tx_handle_time);
@ -2431,7 +2443,7 @@ void wallet2::process_new_blockchain_entry(const cryptonote::block& b, const cry
THROW_WALLET_EXCEPTION_IF(bche.txs.size() != parsed_block.txes.size(), error::wallet_internal_error, "Wrong amount of transactions for block");
for (size_t idx = 0; idx < b.tx_hashes.size(); ++idx)
{
process_new_transaction(b.tx_hashes[idx], parsed_block.txes[idx], parsed_block.o_indices.indices[idx+1].indices, height, b.timestamp, false, false, false, tx_cache_data[tx_cache_data_offset++], output_tracker_cache);
process_new_transaction(b.tx_hashes[idx], parsed_block.txes[idx], parsed_block.o_indices.indices[idx+1].indices, height, b.major_version, b.timestamp, false, false, false, tx_cache_data[tx_cache_data_offset++], output_tracker_cache);
}
TIME_MEASURE_FINISH(txs_handle_time);
m_last_block_reward = cryptonote::get_outs_money_amount(b.miner_tx);
@ -2962,7 +2974,7 @@ void wallet2::update_pool_state(bool refreshed)
[tx_hash](const std::pair<crypto::hash, bool> &e) { return e.first == tx_hash; });
if (i != txids.end())
{
process_new_transaction(tx_hash, tx, std::vector<uint64_t>(), 0, time(NULL), false, true, tx_entry.double_spend_seen, {});
process_new_transaction(tx_hash, tx, std::vector<uint64_t>(), 0, 0, time(NULL), false, true, tx_entry.double_spend_seen, {});
m_scanned_pool_txs[0].insert(tx_hash);
if (m_scanned_pool_txs[0].size() > 5000)
{

View File

@ -1351,7 +1351,7 @@ private:
* \param password Password of wallet file
*/
bool load_keys(const std::string& keys_file_name, const epee::wipeable_string& password);
void process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen, const tx_cache_data &tx_cache_data, std::map<std::pair<uint64_t, uint64_t>, size_t> *output_tracker_cache = NULL);
void process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint8_t block_version, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen, const tx_cache_data &tx_cache_data, std::map<std::pair<uint64_t, uint64_t>, size_t> *output_tracker_cache = NULL);
bool should_skip_block(const cryptonote::block &b, uint64_t height) const;
void process_new_blockchain_entry(const cryptonote::block& b, const cryptonote::block_complete_entry& bche, const parsed_block &parsed_block, const crypto::hash& bl_id, uint64_t height, const std::vector<tx_cache_data> &tx_cache_data, size_t tx_cache_data_offset, std::map<std::pair<uint64_t, uint64_t>, size_t> *output_tracker_cache = NULL);
void detach_blockchain(uint64_t height, std::map<std::pair<uint64_t, uint64_t>, size_t> *output_tracker_cache = NULL);

View File

@ -269,7 +269,7 @@ class TransferTest():
assert not 'failed' in res or len(res.failed) == 0
e = res.pool[0]
assert e.txid == txid
assert e.payment_id == payment_id
assert e.payment_id in ["", "0000000000000000"] # long payment IDs are now ignored
assert e.type == 'pool'
assert e.unlock_time == 0
assert e.subaddr_index.major == 0
@ -295,7 +295,7 @@ class TransferTest():
assert not 'failed' in res or len(res.failed) == 0
e = res['in'][0]
assert e.txid == txid
assert e.payment_id == payment_id
assert e.payment_id in ["", "0000000000000000"] # long payment IDs are now ignored
assert e.type == 'in'
assert e.unlock_time == 0
assert e.subaddr_index.major == 0
@ -385,7 +385,7 @@ class TransferTest():
assert len(e) == 1
e = e[0]
assert e.txid == txid
assert e.payment_id == payment_id
assert e.payment_id in ["", "0000000000000000"] # long payment IDs are now ignored
assert e.type == 'in'
assert e.unlock_time == 0
assert e.subaddr_index.major == 0
@ -412,7 +412,7 @@ class TransferTest():
assert len(e) == 1
e = e[0]
assert e.txid == txid
assert e.payment_id == payment_id
assert e.payment_id in ["", "0000000000000000"] # long payment IDs are now ignored
assert e.type == 'in'
assert e.unlock_time == 0
assert e.subaddr_index.major == 0
@ -521,7 +521,7 @@ class TransferTest():
res = self.wallet[1].get_bulk_payments()
assert len(res.payments) >= 3 # two txes to standard address were sent, plus one to integrated address
res = self.wallet[1].get_bulk_payments(payment_ids = ['1234500000012345abcde00000abcdeff1234500000012345abcde00000abcde'])
assert len(res.payments) >= 2 # two txes were sent with that payment id
assert not 'payments' in res or len(res.payments) == 0 # long payment IDs are now ignored on receipt
res = self.wallet[1].get_bulk_payments(payment_ids = ['ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff'])
assert 'payments' not in res or len(res.payments) == 0 # none with that payment id
res = self.wallet[1].get_bulk_payments(payment_ids = ['1111111122222222' + '0'*48])
@ -531,7 +531,7 @@ class TransferTest():
res = self.wallet[2].get_bulk_payments()
assert len(res.payments) >= 1 # one tx was sent
res = self.wallet[2].get_bulk_payments(payment_ids = ['1'*64, '1234500000012345abcde00000abcdeff1234500000012345abcde00000abcde', '2'*64])
assert len(res.payments) >= 1 # one tx was sent
assert not 'payments' in res or len(res.payments) == 0 # long payment IDs are now ignored
res = self.wallet[1].get_bulk_payments(["1111111122222222"])
assert len(res.payments) >= 1 # we have one of these