[RPC] Simplified bumpfee command. #8456
Conversation
|
Thanks! Looks good. |
src/wallet/rpcwallet.cpp
Outdated
There was a problem hiding this comment.
nit: Double negation makes it hards to read. I suggest to replace by
CAmount nOldFee = wtx.IsFromMe(ISMINE_SPENDABLE) ? nDebit - wtx.GetValueOut() : 0;
|
Needs rebase and reviewers... setting 0.14 milestone. |
mrbandrews
force-pushed
the
ba-rpcbumpfee
branch
from
41572b1 to
a8f28c2
Compare
|
Rebased and addressed feedback. |
Allows a user to increase the fee on a wallet transaction in the mempool. Requires user to specify which output to decrement. Includes code by @jonasschnelli Github-Pull: bitcoin#8456 Rebased-From: 41572b183d33080602b8522ff7085f472ef3e4a7
Github-Pull: bitcoin#8456 Rebased-From: a8f28c25144f07035f73d90515e8135a933fa723
Github-Pull: bitcoin#8456 Rebased-From: a5ab6421af5de2255a359bcb3d758990cca279e6
|
Needs rebase again... |
mrbandrews
force-pushed
the
ba-rpcbumpfee
branch
from
a5ab642 to
8e969e3
Compare
|
Rebased and edited to use JSONRPCRequest, consistent with #8788. |
src/wallet/rpcwallet.cpp
Outdated
|
I think it's very important for this command to actual figure out the change output on its own. I understand that it's a bit messier and more fragile doing it here -- but it actually has enough information to do this, and by avoiding it, it just pushes that mess into the caller which comes at a very significant usability issue. Compare: vs Transaction stuck? First use I think you'll find the usability problem of needing to know the index will prevent the majority of use by users and services for this =) |
|
Also ideally, I think the |
JeremyRubin
left a comment
JeremyRubin
left a comment
There was a problem hiding this comment.
Overall seems like the right behavior for bumpfee, just a few minor suggestions.
It seems that the descendants fee adds additional complexity that probably can't be addressed in the scope of this PR but at least could merit some documentation so that a stuck user can find out what's wrong.
src/wallet/rpcwallet.cpp
Outdated
There was a problem hiding this comment.
Perhaps make this fail if there are any options other than confTarget or totalFee passed in to guard against the case where a user has a typo or something.
src/wallet/rpcwallet.cpp
Outdated
There was a problem hiding this comment.
Maybe add a tighter limit to your bumpfee code, bumpfeeMaxTxFee. Set this to be an optional default parameter in options. maxTxFee is huge, so might be safer to have something smaller and not much added code. This parameter can be overridden if need be, but not to more the maxTxFee.
src/wallet/rpcwallet.cpp
Outdated
There was a problem hiding this comment.
There is kind of a weird deal here where nDelta can be <= 0 if totalFee is set, and will be accepted on a race condition with mempool, I would explicitly guard against this case by restricting nDelta > 0.
There was a problem hiding this comment.
@JeremyRubin how could nDelta be negative here?
src/wallet/rpcwallet.cpp
Outdated
There was a problem hiding this comment.
Using a nNewFee = 0 is fine here, it just slightly bothers me to use this as a null value when indeed 0 is a valid fee amount.
-1 would be an invalid fee amount (creates coins) so I have a slight preference to use this.
src/wallet/rpcwallet.cpp
Outdated
There was a problem hiding this comment.
I would suggest that this should also return in the error message the txid of the furthest child, and suggest bumping the fee on that one if possible to take advantage of ancestor fee based mining and keep txs valid?
There was a problem hiding this comment.
As far as I can tell it's a little tricky to track down the furthest child (and there could be numerous furthest children at the same level) but I edited the error message to give the user more info (number of children and size of those transactions) and explaining the situation a bit better.
src/wallet/rpcwallet.cpp
Outdated
There was a problem hiding this comment.
There is something kinda funky when a user is running in say blocksonlymode and doesn't know about any child transactions that may exist and therefore has trouble setting the fee correctly for those that they will invalidate.
This is probably a hard problem to solve; so I'm just pointing it out.
|
Addressed JeremyRubin feedback, edited the python test, and made a few other small changes I noticed with further testing. RHavar: I understand your point but I still think it's better for this command to be low-level and not fragile. A more user-friendly RPC (e.g., "bumpfeeauto" or something) could be layered on top, identifying the change output and then using this code. Then if the change-output-identifying code breaks, it might break the user-friendly version but it wouldn't dismantle RBF entirely. |
|
ACK f3833f4 |
ryanofsky
force-pushed
the
ba-rpcbumpfee
branch
3 times, most recently
from
28fd457 to
ce3a363
Compare
|
utACK ce3a363 |
|
tested previous iteration ACK ce3a363 |
| } | ||
| } | ||
|
|
||
| void RPCTypeCheckArgument(const UniValue& value, UniValue::VType typeExpected) |
There was a problem hiding this comment.
This seems redundant. Type-checking is the purpose of the .get_<type> methods on UniValue.
There was a problem hiding this comment.
We absolutely do not use .get_'s built-in type check anywhere - it throws a different type of exception which will not be correctly reported as an RPC_TYPE_ERROR.
|
utACK ce3a363 (reviewed diff from last iteration I tested and ACKed above). |
luke-jr
left a comment
luke-jr
left a comment
There was a problem hiding this comment.
Looks okay. A few suggested changes, but not a big deal if they don't go in.
| "4. include_unsafe (bool, optional, default=true) Include outputs that are not safe to spend\n" | ||
| " because they come from unconfirmed untrusted transactions or unconfirmed\n" | ||
| " replacement transactions (cases where we can't be sure a conflicting\n" | ||
| " transaction won't be mined).\n" |
There was a problem hiding this comment.
We can't be sure 1-block confirmed transactions won't have a replacement mined either...
| if (request.fHelp || request.params.size() > 4) | ||
| throw runtime_error( | ||
| "listunspent ( minconf maxconf [\"addresses\",...] )\n" | ||
| "listunspent ( minconf maxconf [\"addresses\",...] [include_unsafe] )\n" |
There was a problem hiding this comment.
Prefer to add an options Object for this.
There was a problem hiding this comment.
Interesting. I wasn't following the named argument discussion in detail, but I thought named arguments would be preferable to options because they are easier to specify on the command line. But maybe there are advantages to options objects that I'm not aware of.
Fix inaccuracy in include_unsafe description pointed out by @luke-jr in bitcoin#8456 (comment)
This command allows a user to increase the fee on a wallet transaction T, creating a "bumper" transaction B. T must signal that it is BIP-125 replaceable. T's change output is decremented to pay the additional fee. (B will not add inputs to T.) T cannot have any descendant transactions. Once B bumps T, neither T nor B's outputs can be spent until either T or (more likely) B is mined. Includes code by @jonasschnelli and @ryanofsky
ryanofsky
force-pushed
the
ba-rpcbumpfee
branch
from
4beb7c9 to
cc0243a
Compare
|
Still ACK cc0243a |
There was a problem hiding this comment.
tACK cc0243a
no need to change nit pre-merge, very minor
| } | ||
|
|
||
| if (wtx.mapValue.count("replaced_by_txid")) { | ||
| throw JSONRPCError(RPC_INVALID_REQUEST, strprintf("Cannot bump transaction %s which was already bumped by transaction %s", hash.ToString(), wtx.mapValue.at("replaced_by_txid"))); |
There was a problem hiding this comment.
ultra-nit: "bumped" is a bit confusing since it's already used in another sense(bumped fee), "replace" is likely better.
| throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Transaction has been mined, or is conflicted with a mined transaction"); | ||
| } | ||
|
|
||
| if (!SignalsOptInRBF(wtx)) { |
There was a problem hiding this comment.
Should probably have an option to override this.
There was a problem hiding this comment.
An option to create a bumpfee transaction regardless of if the original signaled RBF since some nodes may accept it.
There was a problem hiding this comment.
There was some discussion about this idea in IRC https://botbot.me/freenode/bitcoin-core-dev/msg/79836432/ (unclear what the outcome was)
Suggested by Gregory Maxwell <[email protected]> in bitcoin#8456 (comment)
Suggested by Gregory Maxwell <[email protected]> in bitcoin#8456 (comment)
28b112e Get rid of BindWallet (Russell Yanofsky) d002f9d Disable CWalletTx copy constructor (Russell Yanofsky) 65b9d8f Avoid copying CWalletTx in LoadToWallet (Russell Yanofsky) bd2fbc7 Get rid of unneeded CWalletTx::Init parameter (Russell Yanofsky) 2b9cba2 Remove CWalletTx merging logic from AddToWallet (Russell Yanofsky) Pull request description: This is a pure refactoring, no behavior is changing. Instead of AddToWallet taking a temporary CWalletTx object and then potentially merging it with a pre-existing CWalletTx, have it take a callback so callers can update the pre-existing CWalletTx directly. This makes AddToWallet simpler because now it is only has to be concerned with saving CWalletTx objects and not merging them. This makes AddToWallet calls clearer because they can now make direct updates to CWalletTx entries without having to make temporary objects and then worry about how they will be merged. Motivation for this change came from the bumpfee PR #8456 where we wanted to be able to call AddToWallet to make a simple update to an existing transaction, but were reluctant to, because the existing CWalletTx merging logic did not apply and seemed dangerous try to update as part of that PR. After this refactoring, the bumpfee PR could call AddToWallet safely instead of implementing a duplicate AddToWallet function. This also allows getting rid of the CWalletTx copy constructor to prevent unintentional copying. ACKs for top commit: MarcoFalke: Anyway, re-ACK 28b112e Tree-SHA512: 528dd088714472a237500b200f4433db850bdb7fc29c5e5d81cae48072061dfb967f7c37edd90b33f24901239f9be982988547c1f8c80abc25fb243fbf7330ef
28b112e Get rid of BindWallet (Russell Yanofsky) d002f9d Disable CWalletTx copy constructor (Russell Yanofsky) 65b9d8f Avoid copying CWalletTx in LoadToWallet (Russell Yanofsky) bd2fbc7 Get rid of unneeded CWalletTx::Init parameter (Russell Yanofsky) 2b9cba2 Remove CWalletTx merging logic from AddToWallet (Russell Yanofsky) Pull request description: This is a pure refactoring, no behavior is changing. Instead of AddToWallet taking a temporary CWalletTx object and then potentially merging it with a pre-existing CWalletTx, have it take a callback so callers can update the pre-existing CWalletTx directly. This makes AddToWallet simpler because now it is only has to be concerned with saving CWalletTx objects and not merging them. This makes AddToWallet calls clearer because they can now make direct updates to CWalletTx entries without having to make temporary objects and then worry about how they will be merged. Motivation for this change came from the bumpfee PR bitcoin#8456 where we wanted to be able to call AddToWallet to make a simple update to an existing transaction, but were reluctant to, because the existing CWalletTx merging logic did not apply and seemed dangerous try to update as part of that PR. After this refactoring, the bumpfee PR could call AddToWallet safely instead of implementing a duplicate AddToWallet function. This also allows getting rid of the CWalletTx copy constructor to prevent unintentional copying. ACKs for top commit: MarcoFalke: Anyway, re-ACK 28b112e Tree-SHA512: 528dd088714472a237500b200f4433db850bdb7fc29c5e5d81cae48072061dfb967f7c37edd90b33f24901239f9be982988547c1f8c80abc25fb243fbf7330ef
17 participants
This purports to be a simplified "bumpfee" RPC command.
This pull was motivated by the discussion in #7865, where at the end, the idea was floated of submitting a simplified version of the code. I put a little thought into how a simple "bumpfee" command should work and here is what I came up with:
The user should specify which output to decrement in order to pay increased fee. This saves us from trying to figure out which address(es) are "change" addresses. This is preferable not only because it simplifies the code, but because as far as I can tell, the code that identifies change outputs is not particularly robust and may be modified in the future. If it's desirable to have user-friendly code that figures out which output to decrement, perhaps that logic could be placed in the GUI?
The command should not add new inputs. In other words, if the user can't identify an output that can be decremented in an amount sufficient to bump the fee then the command should fail. It seems likely that the vast majority of the time, identifying such an output would not be a problem. Adding new inputs complicates the code because the size of the transaction increases, perhaps significantly, so then the user would have to pay more fee for that reason as well, as opposed to just bumping the fee on the tx as it currently exists.
If the tx has descendant transactions, the bumped tx has to pay the fees for all of the descendants since they will get evicted from the mempool, and the rule as I understand it is that replacing a tx cannot cause the total fees in the mempool to go down.
So, the required inputs are the txid and the output index.
The optional inputs are:
This pull includes a python test.