The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage & Benchmarks

For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/33444.

Reviews

See the guideline for information on the review process.
A summary of reviews will appear here.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #33477 (Rollback for dumptxoutset without invalidating blocks by fjahr)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

@fjahr @mzumsande Would appreciate your feedback on this implementation when you get a chance. Thanks!

This seems to implement the same logic that I used in #31117 but this turned out to be too fragile to be seriously considered for merging there. In this context it may work well enough for mainnet because there are not a lot of forks but we have been discussing an alternative approach for a while that does not rely on invalidateblock/reconsiderblock and this would solve the competing forks problem as well. I have worked on this idea for #31117 primarily but I will open a PR with that approach for dumptxoutset so it can be evaluated side-by-side since I am not sure which one is better yet.

Also, it seems like the test you added is failing.

Thanks for the review and context @fjahr . I wasn't aware of that prior work.

You're right that this approach has some fragility concerns. I'd be very interested to see your alternative approach that avoids invalidateblock/reconsiderblock altogether, as that does sound more robust.

Regarding the test failure - let me investigate and fix that. Would you prefer I:

1. Fix the test and keep this PR open for comparison with your upcoming alternative approach, or
2. Close this PR and wait for your alternative solution?

I'm happy to help review/test your approach when it's ready, and I appreciate you taking the time to work on a cleaner solution to this issue.

Regarding the test failure - let me investigate and fix that. Would you prefer I:

I have opened #33477 now, as you can see there I am describing that there are some trade-offs between the approach and master which this PR would then be applied to. Let's see what reviewers think about those trade-offs. You should keep it open and ideally fix the test. If the CI is failing that usually signals to reviewers that the PR isn't ready for consideration since the code will need to change anyway. So reviewers might hold off from taking a look at the code.

dumptxoutset rollback fails when competing forks are present at the target height, even though it should work on the active chain regardless of forks.

Couldn't this just be a contrib script or client-side bitcoin-cli feature? ie:

$ bitcoin-cli -invalidateto=00000000000000000001f3222fa4ad883d2d211443a77ecdec05604f4e253a02

which first looks up that block hash's height N, then iterates through each chain tip whose height is at least N, getting that tip's ancestor at height N+1 (optimise this using the branchlen field from getchaintips since there's no direct way to lookup a deep ancestor), B; if B->pprev is the target block, it invalidates B, otherwise it invalidates B->pprev. Make -invalidateto=0 call reconsiderblock on the genesis block to reset everything, perhaps.

Couldn't this just be a contrib script or client-side bitcoin-cli feature?

FWIW, the rollback part used to be a contrib script and I integrated it into dumptxoutset for better robustness and easier testing in #29553. But the idea of implementing it client-side in bitcoin-cli was never discussed as far as I can remember.