This is a useful and simple last-resort solution, but it may be dangerous, as it also removes (valid) unconfirmed transactions and meta-data like source account information.
Translations are very welcome, but can you do them in a separate commit?
|
|
|
Any good reason not to merge this?
|
|
|
By the way, the "full rescan" I suggested/implemented does not remove transactions from the wallet, only adds/updates them, so it's not a solution for doood's problem.
|
|
|
The coins aren't in limbo. Such a transaction would not be accepted by the network so your 12 BTC is still usable in another valid transaction.
Yes, but the client instantly deducts the 20 as soon as it says "payment sent"... long before the network has a chance to see that it's invalid. So the client says 0.00 even though only 8 out of 20 was a double spend. Maybe I do have a corrupt wallet.dat (or several). I'm not ruling that out. If you're able to build from source and trust me, you can try https://github.com/sipa/bitcoin/tree/rejectedtx. It will detect transactions that conflict with the block chain, and mark them inactive. Make sure you have a backup of wallet.dat, though.
|
|
|
Please imagine the following scenario:
I have a new wallet on device A which I receive 2 transactions:
12 BTC 8 BTC
So my balance is 20 BTC.
I then copy that wallet.dat to an installation on device B.
From device B, I spend exactly 8 BTC, leaving a balance of 12 BTC (I assume this spend should come directly from the address that received 8 BTC so 'change' will not be an issue).
Let's say this 8 BTC spend gets old and has many confirmations.
Now, I go back to device A, which still shows a total balance of 20 BTC.
It won't. It will see the spend on the network, and add a corresponding spending transaction to the wallet, bringing the balance to 12 BTC. I then 'spend' the whole 20 BTC, dropping the balance to 0.00 in the client display.
This transaction should never be confirmed as 8 of it is a double spend, so my question is:
How to get the 12 legitimate coins back from this state of limbo and back into my balance?
If you do manage to spend the 20 BTC from B, without it having noticed the spend by A, you've indeed brought you wallet in a corrupted state, since it contains a transaction that conflicts with the block chain. It's possible to detect this conflict (I wrote a patch for that), but it's not yet merged in mainline bitcoin.
|
|
|
IRC is also centralized, it just puts control of the network into the hands of the LFnet admins instead of community members who are incentivized to see Bitcoin succeed.
With DNS discovery a few well known domain names resolve to a set of listening IP addresses. The set might be fixed or it might be recalculated every so often based on addr broadcasts. No matter what happens after you bootstrap your node will have its own address list that it will use to get back onto the network, you only need DNS the first time you run it or if all the addresses you heard about previously have gone away.
Exactly, DNS seeding differs from IRC seeding, since the addresses in it can be edited by the maintainer. But the P2P protocol exchanges IP addresses internally as well, so you could say that the node(s) whose address the DNS seed resolves to plays the role of what used to be the IRC server. Maybe we could make a specialized/simplified P2P node that only tracks accessible addresses (not necessarily keeping addresses open), instances of which could populate the DNS seeds.
|
|
|
Matt, what are these DNSSeeds your talking about? Can these be implemented by resolving a DNS record?
See the -dnsseed option. It uses DNS records that resolve to many IP addresses as seed.
|
|
|
-rescan was only introduced in 0.3.20, and 0.3.21 does rescans automatically when needed (though you still need -rescan when upgrading from an older version)
Also, the fact that it wants to start wine seems to imply you downloaded the windows version.
|
|
|
You also need to delete blk0001.dat and blkindex.dat. I think this is a rescan bug.
You're right. -rescan only adds missing transactions to the wallet. It doesn't update wallet transactions with missing information from the block chain. Maybe we need a separate -rescan-full, or change the meaning of -rescan to do this anyway, as a regular rescan is now done immediately anyway?
|
|
|
Why not implement the secure IP transfers that Satoshi talked about instead of removing it? I've always thought that IP transfers would be very useful if made secure.
Care to give a pointer?
|
|
|
I have written a patch that allows extraction and insertion of bitcoin private keys in a custom base58-based format, only containing the secret parameters itself, without the field and curve parameters.
Is it on the pull list or otherwise available? Yes, here: https://github.com/bitcoin/bitcoin/pull/220Import and export of DER-encoded keys would also be useful (I have code for export laying around somewhere) for certain purposes though. You should check whether the imported key is a real bitcoin key though, as the public keys and signatures over the network do net encode the field and curve parameters, and would be invalid if the corresponding private key doesn't match.
Good points, but I do not want to lose sight of my motivating use case. For generating a key pair and receiving BTC outside of Bitcoin, obviously Bitcoin can not do the checking in advance. I agree it should check when importing, though. I'd appreciate hints at code that will do that. Just checking upon import is fine. I suppose the easiest way would be extracting the private parameters, reconstructing the full private key from that, and check whether that results in a structure identical to the one imported. The pull request above contains code in CKey for doing those.
|
|
|
I have written a patch that allows extraction and insertion of bitcoin private keys in a custom base58-based format, only containing the secret parameters itself, without the field and curve parameters.
Import and export of DER-encoded keys would also be useful (I have code for export laying around somewhere) for certain purposes though. You should check whether the imported key is a real bitcoin key though, as the public keys and signatures over the network do net encode the field and curve parameters, and would be invalid if the corresponding private key doesn't match.
|
|
|
I wonder if this could be solved by modifiying the fee system. A miner cannot take all fees for himself, only N% of it (for example, 5% of it). Miners are however allowed to also take the difference between the previous blocks' input+coinbase and outputs as additional fee. This causes the actual fee paid by someone issuing a transaction to be distributed in an exponentially decreasing way over the miners of the first many blocks to come.
I've also been thinking about that, but... - It won't completely solve the problem because people issuing many transactions still pay for the security of the whole network. It might be preferable for them to use a chain secured by inflation as they mostly don't care about inflation. As they should - they're the one who need it. - From the technical point of view, progressive dispatching of fees would add a huge amount of complexity to the current chain format.
It wasn't a serious suggestion, but just trying to find enforceable solutions to the presented problem. On the other hand, technically it's quite simple to implement actually. The difficulty would be getting the changed rule accepted by the network.
|
|
|
That's fine; I understand that. An account is just a label written against an address, and is an entirely local construct.
No that's not it. An account is almost entirely disconnected from addresses. Accounts are intended to group transactions together, and see their balance. They are in no way an indication for what address those credits are currently associated with.
|
|
|
While re-reading this thread, I realized something. I didn't read it completely, so it may already have been implied by others, though. When I pay a transaction fee, I pay for a level of security, like explained by Mike. If I don't fear reversal of my transaction, I have little incentive for getting it in the blockchain. However, security here consists of several things: - 1. Gettting your transaction included in the block chain
- 2. Getting the chain your transaction is in to be extended
- 3. Getting this chain to grow as fast as possible
Your fee goes to the one who puts your transaction in a block, so you pay for #1. However, you don't pay any reward to those who extend that chain. The miner who put your transaction is a block has all incentive to keep mining on this chain, since it gave him a reward that would be reverted by a split, but this is not true for other miners. So you only pay partly for #2. Finally, you don't pay for #3 at all - as explained here earlier, one possibility is that miners turn off their hardware if not enough fees are accumulated. However, every second that mining hardware is off, gives attackers one second's worth of catching up. I feel that this is at least part of the problem: we only pay for inclusion in a block, not for getting it buried in the block chain. The cost for burying it is carried by all who want additional transactions processed. I wonder if this could be solved by modifiying the fee system. A miner cannot take all fees for himself, only N% of it (for example, 5% of it). Miners are however allowed to also take the difference between the previous blocks' input+coinbase and outputs as additional fee. This causes the actual fee paid by someone issuing a transaction to be distributed in an exponentially decreasing way over the miners of the first many blocks to come.
|
|
|
Accounts as currently implemented are purely an accounting feature. Some addresses are linked to an account, in a way that that account is automatically credited when payment arrives to that address, but they are by no means a way for knowing which address holds what amount of coins. Change transactions are always sent to addresses not shown in the user interface, by the way.
|
|
|
just copy back and spend
might be good idea to start the bitcoin client with the -rescan switch to search for eventual transactions related to the old wallet from the time it was offline might recalculate available balance to be accurate.
This should not be necessary anymore since 0.3.21, since information about the current best chain is stored in wallet.dat, and a rescan of the unknown part is issued when this does not wallet the block chain database. If either the last version to write to wallet.dat, or the version to restore with is older, -rescan is needed.
|
|
|
A wallet dump is a JSON formatted file, with the following definition:
wallet_dump :: object { "keys" : list of key_entry // the key information itself "loc" : locator // information about the currently best known chain }
key_entry :: object { "sec" : string // private key in base58 format "addr" : string // address in base58 format (verified on input, but ignored) "label" : string // label for the address corresponding to this key "height" : int // first block height this key is known to have been used in "heightAvail" : int // first block height this key is known to have been used in // with a not-yet redeemed transaction output to this key's address "value" : string // decimal representation of total BTC sent to this key's address "valueAvail" : string // decimal representation of available BTC sent to this key's // address "tx" : tx_table // list of transactions "reserve" : int // nonzero if tx is a reserve key }
tx_table :: object { string : tx_entry // key is txid, or txid:outputid ... }
tx_entry :: object { id : string // txid in hex format height : int // height of block this tx is known to be placed in value : string // decimal representation of BTC sent to the address corresponding to // parent key_entry's private key by this tx spent : bool // whether or not this tx is known to be spent }
locator :: object { string : int // key is blockid, value is block height ... }
The "addr", "heightAvail", "value", "valueAvail" and "spent" fields are not used when importing. The "height", "tx" and "loc" fields are used to determining what to rescan. Only "sec", "label" and "reserve" contain actual data that is imported. Only 'sec" is really required.
|
|
|
|