Skip to content

[raw] reject insanely high fees by default in sendrawtransaction #2949

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gavinandresen merged 1 commit into from
Sep 22, 2013
Merged

[raw] reject insanely high fees by default in sendrawtransaction #2949

gavinandresen merged 1 commit into from
Sep 22, 2013

Conversation

@gmaxwell
Copy link
Contributor

@gmaxwell gmaxwell commented Aug 28, 2013

There have been several incidents where mainnet experimentation with
raw transactions resulted in insane fees. This is hard to prevent
in the raw transaction api because the inputs may not be known.
Since sending doesn't work if the inputs aren't known, we can catch
it there.

This rejects fees > than 10000 * nMinRelayTxFee or 1 BTC with the
defaults and can be overridden with a bool at the rpc.

@gmaxwell
[raw] reject insanely high fees by default in sendrawtransaction
9d14e68 
There have been several incidents where mainnet experimentation with
 raw transactions  resulted in insane fees.  This is hard to prevent
 in the raw transaction api because the inputs may not be known.
 Since sending doesn't work if the inputs aren't known, we can catch
 it there.

This rejects fees > than 10000 * nMinRelayTxFee or 1 BTC with the
 defaults and can be overridden with a bool at the rpc.
@jgarzik
Copy link
Contributor

jgarzik commented Aug 28, 2013

ACK

@luke-jr
Copy link
Member

luke-jr commented Aug 29, 2013

Instead of a bool, how about an amount of fees? If provided and the transaction fees don't match the value, fail. (This can be in addition to the default rejection, for backward compatibility)

@petertodd
Copy link
Contributor

petertodd commented Aug 29, 2013

@luke-jr Good idea, although I won't make it a <= test, not a == test.

Actually, no, I'm going to take that back: app developers are just going to call sendrawtransaction with their nFees, which is likely to be calculated wrong anyway... So stick with the hard sanity limit.

@BitcoinPullTester
Copy link

BitcoinPullTester commented Sep 1, 2013

Automatic sanity-testing: PASSED, see http://jenkins.bluematt.me/pull-tester/9d14e689c86a395c11a530767db4ddf895446ba8 for binaries and test log.
This test script verifies pulls every time they are updated. It, however, dies sometimes and fails to test properly. If you are waiting on a test, please check timestamps to verify that the test.log is moving at http://jenkins.bluematt.me/pull-tester/current/
Contact BlueMatt on freenode if something looks broken.

@DannyHamilton
Copy link

DannyHamilton commented Sep 16, 2013

Sanity testing on fees would certainly have helped me. I've been using sendrawtransaction in a variety of circumstances for 5 months now. I was pretty confident with the raw transaction tools, and (until today) had created over 200 transactions without any issues. Then while creating a raw transaction today, I accidentally included vout=0 when I intended to include vout=1 in the input. The result was accidentally paying a fee of 3.78843458 BTC. I had thought that I had calculated a fee of 0.0001 BTC (if I had used the intended vout).

Any of the following would have prevented the issue:
A hard coded sanity check of 1 BTC maxFee
A bitcoin.conf entry of maxFee set by me before I started using raw transactions (I would have set it to 0.0003 BTC)
An "intended fee" parameter in any of createrawtransaction, signrawtransaction, or sendrawtransaction that I would have set to 0.0001 BTC which can be compared to the actual fee in the transaction.

Issue reported at bitcointalk.org here: https://bitcointalk.org/index.php?topic=295101.0;topicseen

Transaction example can be seen here: https://blockchain.info/tx-index/89611419

@Diapolo
Copy link

Diapolo commented Sep 16, 2013

Any reason to merge this?

gavinandresen added a commit that referenced this pull request Sep 22, 2013
@gavinandresen
Merge pull request #2949 from gmaxwell/fewer_fee_footguns
ff4e3e6 
[raw] reject insanely high fees by default in sendrawtransaction
@gavinandresen gavinandresen merged commit ff4e3e6 into bitcoin:master Sep 22, 2013
This was referenced Sep 25, 2015
Closed
Closed
Bushstar pushed a commit to Bushstar/omnicore that referenced this pull request Apr 8, 2020
@thephez @UdjinM6
RPC docs helper updates (bitcoin#2949)
809aae7 
* RPC - Update gobject description to match other multi-command RPCs

* RPC - Update masternodelist to avoid returning dupe RPC name from help

* RPC - Make spacing consistent in gobject/masternode help
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Sep 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@gmaxwell @jgarzik @luke-jr @petertodd @BitcoinPullTester @DannyHamilton @Diapolo @gavinandresen