sending combined inputs exceeding MAX_MONEY in PPC breaks wallet

[bumbacoin]

edited.

I've become aware of a bug which breaks the wallet.dat on PPC (and clones).
It's more likely to effect clones as it involves having a balance exceeding MAX_MONEY.

Basically sending any transaction with combined inputs exceeding MAX_MONEY results in failing various error checks.
and client will refuse to load the wallet.dat

brief list of experiments so far with MAX_MONEY=1000
- sending 10000 breaks wallet
- Setting the txfee to 100, then sending 9900, breaks wallet.
- setting up two inputs of 5001, then sending 5002, breaks wallet.

https://github.com/Peerunity/Peerunity/issues/199


notes: to be an issue
- it must be possible for one wallet to hold balance > max_money.
- Qt GUI limitation may help prevent issue (eg, send field limitations), but assumedly command line send may exceed the GUI limitation


..

issue revealed itself in Stronghands.
a fix to limit max spend to (MAX_MONEY / 2) is a quick answer to the problem
needs to include fees into the initial check,
https://github.com/bumbacoin/stronghands/commit/817da6efb8410579f940be4270e823463ee981b0

if MAX_MONEY is 2 billion,
adding 1 to either MAX_MONEY, or to error checks will allow neat send values of 1 billion.
..

[1714781765]

1714781765

[Limx Dev]

Do you have the problem with a new coin or peercoin directly?

[bumbacoin]

Do you have the problem with a new coin or peercoin directly?

I came across it in Stronghands,
(a clone with 90billion coinsupply, one owner having 18 billion coins, and a 2billion MAX_MONEY )

then decided to check up stream and found same problem in Peerunity.
i'm not that familiar with PPC rewards, but i doubt it will have a problem for some time.

[Limx Dev]

Do you have the problem with a new coin or peercoin directly?

I came across it in Stronghands,
(a clone with 90billion coinsupply, one owner having 18 billion coins, and a 2billion MAX_MONEY )

then decided to check up stream and found same problem in Peerunity.
i'm not that familiar with PPC rewards, but i doubt it will have a problem for some time.

Do you test with a new chain?

[bumbacoin]

Do you have the problem with a new coin or peercoin directly?

I came across it in Stronghands,
(a clone with 90billion coinsupply, one owner having 18 billion coins, and a 2billion MAX_MONEY )

then decided to check up stream and found same problem in Peerunity.
i'm not that familiar with PPC rewards, but i doubt it will have a problem for some time.

Do you test with a new chain?

i tested on teh stronghands chain (took the wallet off line)
and on peerunity testnet.

[Blockchain Mechanic]

1 COIN == 100 000 000 CENT

so 2 B coins == 200 000 000 000 000 000 CENT.

It could be a result of overflow, can you link me the source ? Or if you already have a built one, add some debug lines to print out the values.

[bumbacoin]

i'm testing using a modified peerunity copy, (but it also appears in Stronghands code)
tweaked to make it easier,
short block time, and coinbase maturity (make it easy to mine), and MAX_MONEY=10000
https://github.com/Peerunity/Peerunity


static const int64 COIN = 1000000;
static const int64 CENT = 10000;
https://github.com/Peerunity/Peerunity/blob/master/src/util.h#L42

it seems to be fee related,
error checking without passes,
then error checking with fails.


tbh, i'm not sure how to enter such debugging
the error is
https://github.com/Peerunity/Peerunity/blob/master/src/wallet.h#L206

[Blockchain Mechanic]

i'm testing using a modified peerunity copy, (but it also appears in Stronghands code)
tweaked to make it easier,
short block time, and coinbase maturity (make it easy to mine), and MAX_MONEY=10000
https://github.com/Peerunity/Peerunity


static const int64 COIN = 1000000;
static const int64 CENT = 10000;
https://github.com/Peerunity/Peerunity/blob/master/src/util.h#L42

it seems to be fee related,
error checking without passes,
then error checking with fails.


tbh, i'm not sure how to enter such debugging
the error is
https://github.com/Peerunity/Peerunity/blob/master/src/wallet.h#L206

print out the error and values either to console or debug.log

it is likely a negative value

[bumbacoin]

finally got it to do something that looks useful

using this code

Code:

    int64 GetDebit(const CTransaction& tx) const
    {
        int64 nDebit = 0;
        BOOST_FOREACH(const CTxIn& txin, tx.vin)
        {
            nDebit += GetDebit(txin);
            if (!MoneyRange(nDebit))
                {
                printf(" Value=%llu, Max Money=%llu, Coin=%llu, Cent=%llu unsigned int", nDebit, MAX_MONEY, COIN, CENT);
                throw std::runtime_error("CWallet::GetDebit() : value out of range");
                }
        } 
        return nDebit;

getting this output

Code:

Value=15721280000, Max Money=10000000000, Coin=1000000, Cent=10000

output / COIN
Value=15721.28, Max Money=10000

so the issue is not a negative value, but rather checking the combined value of all inputs?
(all mined blocks were ~8400)

[bumbacoin]

I was going to do this tomorrow but i couldnt wait


I set up a wallet with two inputs of 5001,
Then testing it by sending 5002 coins broke it.

Code:

# ./peerunityd sendtoaddress mxXeyDPTix9KQVcwDnDkSUcPvzskF5xNfS 5002
error: {"code":-1,"message":"CWallet::GetDebit() : value out of range"}

error output

Code:

nDebit Value=10002000000, Max Money=10000000000, Coin=1000000, Cent=10000

output /coin

Code:

nDebit Value=10002, Max Money=10000

[Blockchain Mechanic]

I was going to do this tomorrow but i couldnt wait


I set up a wallet with two inputs of 5001,
Then testing it by sending 5002 coins broke it.

Code:

# ./peerunityd sendtoaddress mxXeyDPTix9KQVcwDnDkSUcPvzskF5xNfS 5002
error: {"code":-1,"message":"CWallet::GetDebit() : value out of range"}

error output

Code:

nDebit Value=10002000000, Max Money=10000000000, Coin=1000000, Cent=10000

output /coin

Code:

nDebit Value=10002, Max Money=10000

code does not lie

Let's confirm some things.

1 coin == 100 cent

max money == 10000 coin

2 x Inputs of 5002 == 10004

which is greater than 10000 and hence is out of range

........?

[bumbacoin]

I was going to do this tomorrow but i couldnt wait


I set up a wallet with two inputs of 5001,
Then testing it by sending 5002 coins broke it.

Code:

# ./peerunityd sendtoaddress mxXeyDPTix9KQVcwDnDkSUcPvzskF5xNfS 5002
error: {"code":-1,"message":"CWallet::GetDebit() : value out of range"}

error output

Code:

nDebit Value=10002000000, Max Money=10000000000, Coin=1000000, Cent=10000

output /coin

Code:

nDebit Value=10002, Max Money=10000

code does not lie

Let's confirm some things.

1 coin == 100 cent

max money == 10000 coin

2 x Inputs of 5002 == 10004

which is greater than 10000 and hence is out of range

........?

i agree yes.

[bumbacoin]

with the goal of allowing tx of 2 billion coins,


i was thinking to modify vout checks to ((MAX_MONEY * 2) + 1) = 4,000,000,001
this would allow two large inputs (up to 1,999,999,999 each) plus small fee to join into a 2billion input

a fee of over 1 in the extreme instance would break it still, but pre error checks seem to catch that.
checking vin + fee > MAX_MONEY


.
this would create a couple of possible values of over 32bit integer limit of 2,147,483,647

[Blockchain Mechanic]

with the goal of allowing tx of 2 billion coins,


i was thinking to modify vout checks to ((MAX_MONEY * 2) + 1) = 4,000,000,001
this would allow two large inputs (up to 1,999,999,999 each) plus small fee to join into a 2billion input

a fee of over 1 in the extreme instance would break it still, but pre error checks seem to catch that.
checking vin + fee > MAX_MONEY


.
this would create a couple of possible values of over 32bit integer limit of 2,147,483,647

I usually just solve most large number issues by type-def-ing int64_t

But is you don't mind my asking, what is the true benefit of coins with such huge amounts of coins ?

[bumbacoin]

I usually just solve most large number issues by type-def-ing int64_t

But is you don't mind my asking, what is the true benefit of coins with such huge amounts of coins ?

well one obvious benefit is that it exposed a flaw in current coding.

as i involve myself with numerous clones with questionable heritage i occasionally ask myself something similar.

without any serious discussion on political matters, it is a political answer for me.
i have come to a personal understanding that in times of bad governance, civil disobedience is necessary.
the more alternative options the merrier, and each variation is another possible choice.

and as much as the shitcoin megasphere is full of bad ideas, the long term benefit has yet to be revealed.