/**
* Creates the initial multisig contract and incomplete refund transaction which can be requested
* at the appropriate time using {@link PaymentChannelClientState#getIncompleteRefundTransaction}
* and {@link PaymentChannelClientState#getMultisigContract()}. The way the contract is crafted
* can be adjusted by overriding {@link
* PaymentChannelClientState#editContractSendRequest(com.google.bitcoin.core.Wallet.SendRequest)}.
* By default unconfirmed coins are allowed to be used, as for micropayments the risk should be
* relatively low.
*
* @throws ValueOutOfRangeException if the value being used is too small to be accepted by the
* network
* @throws InsufficientMoneyException if the wallet doesn't contain enough balance to initiate
*/
public synchronized void initiate() throws ValueOutOfRangeException, InsufficientMoneyException {
final NetworkParameters params = wallet.getParams();
Transaction template = new Transaction(params);
// We always place the client key before the server key because, if either side wants some
// privacy, they can
// use a fresh key for the the multisig contract and nowhere else
List<ECKey> keys = Lists.newArrayList(myKey, serverMultisigKey);
// There is also probably a change output, but we don't bother shuffling them as it's obvious
// from the
// format which one is the change. If we start obfuscating the change output better in future
// this may
// be worth revisiting.
TransactionOutput multisigOutput =
template.addOutput(totalValue, ScriptBuilder.createMultiSigOutputScript(2, keys));
if (multisigOutput.getMinNonDustValue().compareTo(totalValue) > 0)
throw new ValueOutOfRangeException("totalValue too small to use");
Wallet.SendRequest req = Wallet.SendRequest.forTx(template);
req.coinSelector = AllowUnconfirmedCoinSelector.get();
editContractSendRequest(req);
req.shuffleOutputs = false; // TODO: Fix things so shuffling is usable.
wallet.completeTx(req);
Coin multisigFee = req.tx.getFee();
multisigContract = req.tx;
// Build a refund transaction that protects us in the case of a bad server that's just trying to
// cause havoc
// by locking up peoples money (perhaps as a precursor to a ransom attempt). We time lock it so
// the server
// has an assurance that we cannot take back our money by claiming a refund before the channel
// closes - this
// relies on the fact that since Bitcoin 0.8 time locked transactions are non-final. This will
// need to change
// in future as it breaks the intended design of timelocking/tx replacement, but for now it
// simplifies this
// specific protocol somewhat.
refundTx = new Transaction(params);
refundTx
.addInput(multisigOutput)
.setSequenceNumber(0); // Allow replacement when it's eventually reactivated.
refundTx.setLockTime(expiryTime);
if (totalValue.compareTo(Coin.CENT) < 0) {
// Must pay min fee.
final Coin valueAfterFee = totalValue.subtract(Transaction.REFERENCE_DEFAULT_MIN_TX_FEE);
if (Transaction.MIN_NONDUST_OUTPUT.compareTo(valueAfterFee) > 0)
throw new ValueOutOfRangeException("totalValue too small to use");
refundTx.addOutput(valueAfterFee, myKey.toAddress(params));
refundFees = multisigFee.add(Transaction.REFERENCE_DEFAULT_MIN_TX_FEE);
} else {
refundTx.addOutput(totalValue, myKey.toAddress(params));
refundFees = multisigFee;
}
refundTx.getConfidence().setSource(TransactionConfidence.Source.SELF);
log.info(
"initiated channel with multi-sig contract {}, refund {}",
multisigContract.getHashAsString(),
refundTx.getHashAsString());
state = State.INITIATED;
// Client should now call getIncompleteRefundTransaction() and send it to the server.
}
public void timeLockedTransaction(boolean useNotFound) throws Exception {
connectWithVersion(useNotFound ? 70001 : 60001);
// Test that if we receive a relevant transaction that has a lock time, it doesn't result in a
// notification
// until we explicitly opt in to seeing those.
ECKey key = new ECKey();
Wallet wallet = new Wallet(unitTestParams);
wallet.addKey(key);
peer.addWallet(wallet);
final Transaction[] vtx = new Transaction[1];
wallet.addEventListener(
new AbstractWalletEventListener() {
@Override
public void onCoinsReceived(
Wallet wallet, Transaction tx, BigInteger prevBalance, BigInteger newBalance) {
vtx[0] = tx;
}
});
// Send a normal relevant transaction, it's received correctly.
Transaction t1 = TestUtils.createFakeTx(unitTestParams, Utils.toNanoCoins(1, 0), key);
inbound(writeTarget, t1);
GetDataMessage getdata = (GetDataMessage) outbound(writeTarget);
if (useNotFound) {
inbound(writeTarget, new NotFoundMessage(unitTestParams, getdata.getItems()));
} else {
bouncePing();
}
pingAndWait(writeTarget);
Threading.waitForUserCode();
assertNotNull(vtx[0]);
vtx[0] = null;
// Send a timelocked transaction, nothing happens.
Transaction t2 = TestUtils.createFakeTx(unitTestParams, Utils.toNanoCoins(2, 0), key);
t2.setLockTime(999999);
inbound(writeTarget, t2);
Threading.waitForUserCode();
assertNull(vtx[0]);
// Now we want to hear about them. Send another, we are told about it.
wallet.setAcceptRiskyTransactions(true);
inbound(writeTarget, t2);
getdata = (GetDataMessage) outbound(writeTarget);
if (useNotFound) {
inbound(writeTarget, new NotFoundMessage(unitTestParams, getdata.getItems()));
} else {
bouncePing();
}
pingAndWait(writeTarget);
Threading.waitForUserCode();
assertEquals(t2, vtx[0]);
}
private void readTransaction(Protos.Transaction txProto, NetworkParameters params) {
Transaction tx = new Transaction(params);
if (txProto.hasUpdatedAt()) {
tx.setUpdateTime(new Date(txProto.getUpdatedAt()));
}
for (Protos.TransactionOutput outputProto : txProto.getTransactionOutputList()) {
BigInteger value = BigInteger.valueOf(outputProto.getValue());
byte[] scriptBytes = outputProto.getScriptBytes().toByteArray();
TransactionOutput output = new TransactionOutput(params, tx, value, scriptBytes);
tx.addOutput(output);
}
for (Protos.TransactionInput transactionInput : txProto.getTransactionInputList()) {
byte[] scriptBytes = transactionInput.getScriptBytes().toByteArray();
TransactionOutPoint outpoint =
new TransactionOutPoint(
params,
transactionInput.getTransactionOutPointIndex(),
byteStringToHash(transactionInput.getTransactionOutPointHash()));
TransactionInput input = new TransactionInput(params, tx, scriptBytes, outpoint);
if (transactionInput.hasSequence()) {
input.setSequenceNumber(transactionInput.getSequence());
}
tx.addInput(input);
}
for (ByteString blockHash : txProto.getBlockHashList()) {
tx.addBlockAppearance(byteStringToHash(blockHash));
}
if (txProto.hasLockTime()) {
tx.setLockTime(0xffffffffL & txProto.getLockTime());
}
// Transaction should now be complete.
Sha256Hash protoHash = byteStringToHash(txProto.getHash());
Preconditions.checkState(
tx.getHash().equals(protoHash),
"Transaction did not deserialize completely: %s vs %s",
tx.getHash(),
protoHash);
Preconditions.checkState(
!txMap.containsKey(txProto.getHash()),
"Wallet contained duplicate transaction %s",
byteStringToHash(txProto.getHash()));
txMap.put(txProto.getHash(), tx);
}
private void readTransaction(Protos.Transaction txProto, NetworkParameters params)
throws UnreadableWalletException {
Transaction tx = new Transaction(params);
if (txProto.hasUpdatedAt()) {
tx.setUpdateTime(new Date(txProto.getUpdatedAt()));
}
for (Protos.TransactionOutput outputProto : txProto.getTransactionOutputList()) {
Coin value = Coin.valueOf(outputProto.getValue());
byte[] scriptBytes = outputProto.getScriptBytes().toByteArray();
TransactionOutput output = new TransactionOutput(params, tx, value, scriptBytes);
tx.addOutput(output);
}
for (Protos.TransactionInput inputProto : txProto.getTransactionInputList()) {
byte[] scriptBytes = inputProto.getScriptBytes().toByteArray();
TransactionOutPoint outpoint =
new TransactionOutPoint(
params,
inputProto.getTransactionOutPointIndex() & 0xFFFFFFFFL,
byteStringToHash(inputProto.getTransactionOutPointHash()));
Coin value = inputProto.hasValue() ? Coin.valueOf(inputProto.getValue()) : null;
TransactionInput input = new TransactionInput(params, tx, scriptBytes, outpoint, value);
if (inputProto.hasSequence()) {
input.setSequenceNumber(inputProto.getSequence());
}
tx.addInput(input);
}
for (int i = 0; i < txProto.getBlockHashCount(); i++) {
ByteString blockHash = txProto.getBlockHash(i);
int relativityOffset = 0;
if (txProto.getBlockRelativityOffsetsCount() > 0)
relativityOffset = txProto.getBlockRelativityOffsets(i);
tx.addBlockAppearance(byteStringToHash(blockHash), relativityOffset);
}
if (txProto.hasLockTime()) {
tx.setLockTime(0xffffffffL & txProto.getLockTime());
}
if (txProto.hasPurpose()) {
switch (txProto.getPurpose()) {
case UNKNOWN:
tx.setPurpose(Transaction.Purpose.UNKNOWN);
break;
case USER_PAYMENT:
tx.setPurpose(Transaction.Purpose.USER_PAYMENT);
break;
case KEY_ROTATION:
tx.setPurpose(Transaction.Purpose.KEY_ROTATION);
break;
case ASSURANCE_CONTRACT_CLAIM:
tx.setPurpose(Transaction.Purpose.ASSURANCE_CONTRACT_CLAIM);
break;
case ASSURANCE_CONTRACT_PLEDGE:
tx.setPurpose(Transaction.Purpose.ASSURANCE_CONTRACT_PLEDGE);
break;
case ASSURANCE_CONTRACT_STUB:
tx.setPurpose(Transaction.Purpose.ASSURANCE_CONTRACT_STUB);
break;
default:
throw new RuntimeException("New purpose serialization not implemented");
}
} else {
// Old wallet: assume a user payment as that's the only reason a new tx would have been
// created back then.
tx.setPurpose(Transaction.Purpose.USER_PAYMENT);
}
if (txProto.hasExchangeRate()) {
Protos.ExchangeRate exchangeRateProto = txProto.getExchangeRate();
tx.setExchangeRate(
new ExchangeRate(
Coin.valueOf(exchangeRateProto.getCoinValue()),
Fiat.valueOf(
exchangeRateProto.getFiatCurrencyCode(), exchangeRateProto.getFiatValue())));
}
if (txProto.hasMemo()) tx.setMemo(txProto.getMemo());
// Peercoin: Include time
tx.setTime(txProto.getTime());
// Transaction should now be complete.
Sha256Hash protoHash = byteStringToHash(txProto.getHash());
if (!tx.getHash().equals(protoHash))
throw new UnreadableWalletException(
String.format(
"Transaction did not deserialize completely: %s vs %s", tx.getHash(), protoHash));
if (txMap.containsKey(txProto.getHash()))
throw new UnreadableWalletException(
"Wallet contained duplicate transaction " + byteStringToHash(txProto.getHash()));
txMap.put(txProto.getHash(), tx);
}
private void checkTimeLockedDependency(boolean shouldAccept, boolean useNotFound)
throws Exception {
// Initial setup.
connectWithVersion(useNotFound ? 70001 : 60001);
ECKey key = new ECKey();
Wallet wallet = new Wallet(unitTestParams);
wallet.addKey(key);
wallet.setAcceptRiskyTransactions(shouldAccept);
peer.addWallet(wallet);
final Transaction[] vtx = new Transaction[1];
wallet.addEventListener(
new AbstractWalletEventListener() {
@Override
public void onCoinsReceived(
Wallet wallet, Transaction tx, BigInteger prevBalance, BigInteger newBalance) {
vtx[0] = tx;
}
});
// t1 -> t2 [locked] -> t3 (not available)
Transaction t2 = new Transaction(unitTestParams);
t2.setLockTime(999999);
// Add a fake input to t3 that goes nowhere.
Sha256Hash t3 = Sha256Hash.create("abc".getBytes(Charset.forName("UTF-8")));
t2.addInput(
new TransactionInput(
unitTestParams, t2, new byte[] {}, new TransactionOutPoint(unitTestParams, 0, t3)));
t2.getInput(0).setSequenceNumber(0xDEADBEEF);
t2.addOutput(Utils.toNanoCoins(1, 0), new ECKey());
Transaction t1 = new Transaction(unitTestParams);
t1.addInput(t2.getOutput(0));
t1.addOutput(Utils.toNanoCoins(1, 0), key); // Make it relevant.
// Announce t1.
InventoryMessage inv = new InventoryMessage(unitTestParams);
inv.addTransaction(t1);
inbound(writeTarget, inv);
// Send it.
GetDataMessage getdata = (GetDataMessage) outbound(writeTarget);
assertEquals(t1.getHash(), getdata.getItems().get(0).hash);
inbound(writeTarget, t1);
// Nothing arrived at our event listener yet.
assertNull(vtx[0]);
// We request t2.
getdata = (GetDataMessage) outbound(writeTarget);
assertEquals(t2.getHash(), getdata.getItems().get(0).hash);
inbound(writeTarget, t2);
if (!useNotFound) bouncePing();
// We request t3.
getdata = (GetDataMessage) outbound(writeTarget);
assertEquals(t3, getdata.getItems().get(0).hash);
// Can't find it: bottom of tree.
if (useNotFound) {
NotFoundMessage notFound = new NotFoundMessage(unitTestParams);
notFound.addItem(new InventoryItem(InventoryItem.Type.Transaction, t3));
inbound(writeTarget, notFound);
} else {
bouncePing();
}
pingAndWait(writeTarget);
Threading.waitForUserCode();
// We're done but still not notified because it was timelocked.
if (shouldAccept) assertNotNull(vtx[0]);
else assertNull(vtx[0]);
}
private static void send(
List<String> outputs, BigInteger fee, String lockTimeStr, boolean allowUnconfirmed)
throws VerificationException {
try {
// Convert the input strings to outputs.
Transaction t = new Transaction(params);
for (String spec : outputs) {
String[] parts = spec.split(":");
if (parts.length != 2) {
System.err.println("Malformed output specification, must have two parts separated by :");
return;
}
String destination = parts[0];
try {
BigInteger value = Utils.toNanoCoins(parts[1]);
if (destination.startsWith("0")) {
boolean compressed = destination.startsWith("02") || destination.startsWith("03");
// Treat as a raw public key.
BigInteger pubKey = new BigInteger(destination, 16);
ECKey key = new ECKey(null, pubKey.toByteArray(), compressed);
t.addOutput(value, key);
} else {
// Treat as an address.
Address addr = new Address(params, destination);
t.addOutput(value, addr);
}
} catch (WrongNetworkException e) {
System.err.println(
"Malformed output specification, address is for a different network: " + parts[0]);
return;
} catch (AddressFormatException e) {
System.err.println(
"Malformed output specification, could not parse as address: " + parts[0]);
return;
} catch (NumberFormatException e) {
System.err.println(
"Malformed output specification, could not parse as value: " + parts[1]);
}
}
Wallet.SendRequest req = Wallet.SendRequest.forTx(t);
if (t.getOutputs().size() == 1 && t.getOutput(0).getValue().equals(wallet.getBalance())) {
log.info("Emptying out wallet, recipient may get less than what you expect");
req.emptyWallet = true;
}
req.fee = fee;
if (allowUnconfirmed) {
wallet.allowSpendingUnconfirmedTransactions();
}
if (password != null) {
if (!wallet.checkPassword(password)) {
System.err.println("Password is incorrect.");
return;
}
req.aesKey = wallet.getKeyCrypter().deriveKey(password);
}
wallet.completeTx(req);
try {
if (lockTimeStr != null) {
t.setLockTime(Transaction.parseLockTimeStr(lockTimeStr));
// For lock times to take effect, at least one output must have a non-final sequence
// number.
t.getInputs().get(0).setSequenceNumber(0);
// And because we modified the transaction after it was completed, we must re-sign the
// inputs.
t.signInputs(Transaction.SigHash.ALL, wallet);
}
} catch (ParseException e) {
System.err.println("Could not understand --locktime of " + lockTimeStr);
return;
} catch (ScriptException e) {
throw new RuntimeException(e);
}
t = req.tx; // Not strictly required today.
System.out.println(t.getHashAsString());
if (options.has("offline")) {
wallet.commitTx(t);
return;
}
setup();
peers.startAndWait();
// Wait for peers to connect, the tx to be sent to one of them and for it to be propagated
// across the
// network. Once propagation is complete and we heard the transaction back from all our peers,
// it will
// be committed to the wallet.
peers.broadcastTransaction(t).get();
// Hack for regtest/single peer mode, as we're about to shut down and won't get an ACK from
// the remote end.
List<Peer> peerList = peers.getConnectedPeers();
if (peerList.size() == 1) peerList.get(0).ping().get();
} catch (BlockStoreException e) {
throw new RuntimeException(e);
} catch (KeyCrypterException e) {
throw new RuntimeException(e);
} catch (InterruptedException e) {
throw new RuntimeException(e);
} catch (ExecutionException e) {
throw new RuntimeException(e);
} catch (InsufficientMoneyException e) {
System.err.println(
"Insufficient funds: have " + Utils.bitcoinValueToFriendlyString(wallet.getBalance()));
}
}