1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2020 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5
6 #include <wallet/walletdb.h>
7
8 #include <fs.h>
9 #include <key_io.h>
10 #include <protocol.h>
11 #include <serialize.h>
12 #include <sync.h>
13 #include <util/bip32.h>
14 #include <util/system.h>
15 #include <util/time.h>
16 #include <util/translation.h>
17 #include <wallet/bdb.h>
18 #ifdef USE_SQLITE
19 #include <wallet/sqlite.h>
20 #endif
21 #include <wallet/wallet.h>
22
23 #include <atomic>
24 #include <string>
25
26 namespace DBKeys {
27 const std::string ACENTRY{"acentry"};
28 const std::string ACTIVEEXTERNALSPK{"activeexternalspk"};
29 const std::string ACTIVEINTERNALSPK{"activeinternalspk"};
30 const std::string BESTBLOCK_NOMERKLE{"bestblock_nomerkle"};
31 const std::string BESTBLOCK{"bestblock"};
32 const std::string CRYPTED_KEY{"ckey"};
33 const std::string CSCRIPT{"cscript"};
34 const std::string DEFAULTKEY{"defaultkey"};
35 const std::string DESTDATA{"destdata"};
36 const std::string FLAGS{"flags"};
37 const std::string HDCHAIN{"hdchain"};
38 const std::string KEYMETA{"keymeta"};
39 const std::string KEY{"key"};
40 const std::string MASTER_KEY{"mkey"};
41 const std::string MINVERSION{"minversion"};
42 const std::string NAME{"name"};
43 const std::string OLD_KEY{"wkey"};
44 const std::string ORDERPOSNEXT{"orderposnext"};
45 const std::string POOL{"pool"};
46 const std::string PURPOSE{"purpose"};
47 const std::string SETTINGS{"settings"};
48 const std::string TX{"tx"};
49 const std::string VERSION{"version"};
50 const std::string WALLETDESCRIPTOR{"walletdescriptor"};
51 const std::string WALLETDESCRIPTORCACHE{"walletdescriptorcache"};
52 const std::string WALLETDESCRIPTORCKEY{"walletdescriptorckey"};
53 const std::string WALLETDESCRIPTORKEY{"walletdescriptorkey"};
54 const std::string WATCHMETA{"watchmeta"};
55 const std::string WATCHS{"watchs"};
56 } // namespace DBKeys
57
58 //
59 // WalletBatch
60 //
61
WriteName(const std::string & strAddress,const std::string & strName)62 bool WalletBatch::WriteName(const std::string& strAddress, const std::string& strName)
63 {
64 return WriteIC(std::make_pair(DBKeys::NAME, strAddress), strName);
65 }
66
EraseName(const std::string & strAddress)67 bool WalletBatch::EraseName(const std::string& strAddress)
68 {
69 // This should only be used for sending addresses, never for receiving addresses,
70 // receiving addresses must always have an address book entry if they're not change return.
71 return EraseIC(std::make_pair(DBKeys::NAME, strAddress));
72 }
73
WritePurpose(const std::string & strAddress,const std::string & strPurpose)74 bool WalletBatch::WritePurpose(const std::string& strAddress, const std::string& strPurpose)
75 {
76 return WriteIC(std::make_pair(DBKeys::PURPOSE, strAddress), strPurpose);
77 }
78
ErasePurpose(const std::string & strAddress)79 bool WalletBatch::ErasePurpose(const std::string& strAddress)
80 {
81 return EraseIC(std::make_pair(DBKeys::PURPOSE, strAddress));
82 }
83
WriteTx(const CWalletTx & wtx)84 bool WalletBatch::WriteTx(const CWalletTx& wtx)
85 {
86 return WriteIC(std::make_pair(DBKeys::TX, wtx.GetHash()), wtx);
87 }
88
EraseTx(uint256 hash)89 bool WalletBatch::EraseTx(uint256 hash)
90 {
91 return EraseIC(std::make_pair(DBKeys::TX, hash));
92 }
93
WriteKeyMetadata(const CKeyMetadata & meta,const CPubKey & pubkey,const bool overwrite)94 bool WalletBatch::WriteKeyMetadata(const CKeyMetadata& meta, const CPubKey& pubkey, const bool overwrite)
95 {
96 return WriteIC(std::make_pair(DBKeys::KEYMETA, pubkey), meta, overwrite);
97 }
98
WriteKey(const CPubKey & vchPubKey,const CPrivKey & vchPrivKey,const CKeyMetadata & keyMeta)99 bool WalletBatch::WriteKey(const CPubKey& vchPubKey, const CPrivKey& vchPrivKey, const CKeyMetadata& keyMeta)
100 {
101 if (!WriteKeyMetadata(keyMeta, vchPubKey, false)) {
102 return false;
103 }
104
105 // hash pubkey/privkey to accelerate wallet load
106 std::vector<unsigned char> vchKey;
107 vchKey.reserve(vchPubKey.size() + vchPrivKey.size());
108 vchKey.insert(vchKey.end(), vchPubKey.begin(), vchPubKey.end());
109 vchKey.insert(vchKey.end(), vchPrivKey.begin(), vchPrivKey.end());
110
111 return WriteIC(std::make_pair(DBKeys::KEY, vchPubKey), std::make_pair(vchPrivKey, Hash(vchKey)), false);
112 }
113
WriteCryptedKey(const CPubKey & vchPubKey,const std::vector<unsigned char> & vchCryptedSecret,const CKeyMetadata & keyMeta)114 bool WalletBatch::WriteCryptedKey(const CPubKey& vchPubKey,
115 const std::vector<unsigned char>& vchCryptedSecret,
116 const CKeyMetadata &keyMeta)
117 {
118 if (!WriteKeyMetadata(keyMeta, vchPubKey, true)) {
119 return false;
120 }
121
122 // Compute a checksum of the encrypted key
123 uint256 checksum = Hash(vchCryptedSecret);
124
125 const auto key = std::make_pair(DBKeys::CRYPTED_KEY, vchPubKey);
126 if (!WriteIC(key, std::make_pair(vchCryptedSecret, checksum), false)) {
127 // It may already exist, so try writing just the checksum
128 std::vector<unsigned char> val;
129 if (!m_batch->Read(key, val)) {
130 return false;
131 }
132 if (!WriteIC(key, std::make_pair(val, checksum), true)) {
133 return false;
134 }
135 }
136 EraseIC(std::make_pair(DBKeys::KEY, vchPubKey));
137 return true;
138 }
139
WriteMasterKey(unsigned int nID,const CMasterKey & kMasterKey)140 bool WalletBatch::WriteMasterKey(unsigned int nID, const CMasterKey& kMasterKey)
141 {
142 return WriteIC(std::make_pair(DBKeys::MASTER_KEY, nID), kMasterKey, true);
143 }
144
WriteCScript(const uint160 & hash,const CScript & redeemScript)145 bool WalletBatch::WriteCScript(const uint160& hash, const CScript& redeemScript)
146 {
147 return WriteIC(std::make_pair(DBKeys::CSCRIPT, hash), redeemScript, false);
148 }
149
WriteWatchOnly(const CScript & dest,const CKeyMetadata & keyMeta)150 bool WalletBatch::WriteWatchOnly(const CScript &dest, const CKeyMetadata& keyMeta)
151 {
152 if (!WriteIC(std::make_pair(DBKeys::WATCHMETA, dest), keyMeta)) {
153 return false;
154 }
155 return WriteIC(std::make_pair(DBKeys::WATCHS, dest), '1');
156 }
157
EraseWatchOnly(const CScript & dest)158 bool WalletBatch::EraseWatchOnly(const CScript &dest)
159 {
160 if (!EraseIC(std::make_pair(DBKeys::WATCHMETA, dest))) {
161 return false;
162 }
163 return EraseIC(std::make_pair(DBKeys::WATCHS, dest));
164 }
165
WriteBestBlock(const CBlockLocator & locator)166 bool WalletBatch::WriteBestBlock(const CBlockLocator& locator)
167 {
168 WriteIC(DBKeys::BESTBLOCK, CBlockLocator()); // Write empty block locator so versions that require a merkle branch automatically rescan
169 return WriteIC(DBKeys::BESTBLOCK_NOMERKLE, locator);
170 }
171
ReadBestBlock(CBlockLocator & locator)172 bool WalletBatch::ReadBestBlock(CBlockLocator& locator)
173 {
174 if (m_batch->Read(DBKeys::BESTBLOCK, locator) && !locator.vHave.empty()) return true;
175 return m_batch->Read(DBKeys::BESTBLOCK_NOMERKLE, locator);
176 }
177
WriteOrderPosNext(int64_t nOrderPosNext)178 bool WalletBatch::WriteOrderPosNext(int64_t nOrderPosNext)
179 {
180 return WriteIC(DBKeys::ORDERPOSNEXT, nOrderPosNext);
181 }
182
ReadPool(int64_t nPool,CKeyPool & keypool)183 bool WalletBatch::ReadPool(int64_t nPool, CKeyPool& keypool)
184 {
185 return m_batch->Read(std::make_pair(DBKeys::POOL, nPool), keypool);
186 }
187
WritePool(int64_t nPool,const CKeyPool & keypool)188 bool WalletBatch::WritePool(int64_t nPool, const CKeyPool& keypool)
189 {
190 return WriteIC(std::make_pair(DBKeys::POOL, nPool), keypool);
191 }
192
ErasePool(int64_t nPool)193 bool WalletBatch::ErasePool(int64_t nPool)
194 {
195 return EraseIC(std::make_pair(DBKeys::POOL, nPool));
196 }
197
WriteMinVersion(int nVersion)198 bool WalletBatch::WriteMinVersion(int nVersion)
199 {
200 return WriteIC(DBKeys::MINVERSION, nVersion);
201 }
202
WriteActiveScriptPubKeyMan(uint8_t type,const uint256 & id,bool internal)203 bool WalletBatch::WriteActiveScriptPubKeyMan(uint8_t type, const uint256& id, bool internal)
204 {
205 std::string key = internal ? DBKeys::ACTIVEINTERNALSPK : DBKeys::ACTIVEEXTERNALSPK;
206 return WriteIC(make_pair(key, type), id);
207 }
208
WriteDescriptorKey(const uint256 & desc_id,const CPubKey & pubkey,const CPrivKey & privkey)209 bool WalletBatch::WriteDescriptorKey(const uint256& desc_id, const CPubKey& pubkey, const CPrivKey& privkey)
210 {
211 // hash pubkey/privkey to accelerate wallet load
212 std::vector<unsigned char> key;
213 key.reserve(pubkey.size() + privkey.size());
214 key.insert(key.end(), pubkey.begin(), pubkey.end());
215 key.insert(key.end(), privkey.begin(), privkey.end());
216
217 return WriteIC(std::make_pair(DBKeys::WALLETDESCRIPTORKEY, std::make_pair(desc_id, pubkey)), std::make_pair(privkey, Hash(key)), false);
218 }
219
WriteCryptedDescriptorKey(const uint256 & desc_id,const CPubKey & pubkey,const std::vector<unsigned char> & secret)220 bool WalletBatch::WriteCryptedDescriptorKey(const uint256& desc_id, const CPubKey& pubkey, const std::vector<unsigned char>& secret)
221 {
222 if (!WriteIC(std::make_pair(DBKeys::WALLETDESCRIPTORCKEY, std::make_pair(desc_id, pubkey)), secret, false)) {
223 return false;
224 }
225 EraseIC(std::make_pair(DBKeys::WALLETDESCRIPTORKEY, std::make_pair(desc_id, pubkey)));
226 return true;
227 }
228
WriteDescriptor(const uint256 & desc_id,const WalletDescriptor & descriptor)229 bool WalletBatch::WriteDescriptor(const uint256& desc_id, const WalletDescriptor& descriptor)
230 {
231 return WriteIC(make_pair(DBKeys::WALLETDESCRIPTOR, desc_id), descriptor);
232 }
233
WriteDescriptorDerivedCache(const CExtPubKey & xpub,const uint256 & desc_id,uint32_t key_exp_index,uint32_t der_index)234 bool WalletBatch::WriteDescriptorDerivedCache(const CExtPubKey& xpub, const uint256& desc_id, uint32_t key_exp_index, uint32_t der_index)
235 {
236 std::vector<unsigned char> ser_xpub(BIP32_EXTKEY_SIZE);
237 xpub.Encode(ser_xpub.data());
238 return WriteIC(std::make_pair(std::make_pair(DBKeys::WALLETDESCRIPTORCACHE, desc_id), std::make_pair(key_exp_index, der_index)), ser_xpub);
239 }
240
WriteDescriptorParentCache(const CExtPubKey & xpub,const uint256 & desc_id,uint32_t key_exp_index)241 bool WalletBatch::WriteDescriptorParentCache(const CExtPubKey& xpub, const uint256& desc_id, uint32_t key_exp_index)
242 {
243 std::vector<unsigned char> ser_xpub(BIP32_EXTKEY_SIZE);
244 xpub.Encode(ser_xpub.data());
245 return WriteIC(std::make_pair(std::make_pair(DBKeys::WALLETDESCRIPTORCACHE, desc_id), key_exp_index), ser_xpub);
246 }
247
248 class CWalletScanState {
249 public:
250 unsigned int nKeys{0};
251 unsigned int nCKeys{0};
252 unsigned int nWatchKeys{0};
253 unsigned int nKeyMeta{0};
254 unsigned int m_unknown_records{0};
255 bool fIsEncrypted{false};
256 bool fAnyUnordered{false};
257 std::vector<uint256> vWalletUpgrade;
258 std::map<OutputType, uint256> m_active_external_spks;
259 std::map<OutputType, uint256> m_active_internal_spks;
260 std::map<uint256, DescriptorCache> m_descriptor_caches;
261 std::map<std::pair<uint256, CKeyID>, CKey> m_descriptor_keys;
262 std::map<std::pair<uint256, CKeyID>, std::pair<CPubKey, std::vector<unsigned char>>> m_descriptor_crypt_keys;
263 std::map<uint160, CHDChain> m_hd_chains;
264
CWalletScanState()265 CWalletScanState() {
266 }
267 };
268
269 static bool
ReadKeyValue(CWallet * pwallet,CDataStream & ssKey,CDataStream & ssValue,CWalletScanState & wss,std::string & strType,std::string & strErr,const KeyFilterFn & filter_fn=nullptr)270 ReadKeyValue(CWallet* pwallet, CDataStream& ssKey, CDataStream& ssValue,
271 CWalletScanState &wss, std::string& strType, std::string& strErr, const KeyFilterFn& filter_fn = nullptr) EXCLUSIVE_LOCKS_REQUIRED(pwallet->cs_wallet)
272 {
273 try {
274 // Unserialize
275 // Taking advantage of the fact that pair serialization
276 // is just the two items serialized one after the other
277 ssKey >> strType;
278 // If we have a filter, check if this matches the filter
279 if (filter_fn && !filter_fn(strType)) {
280 return true;
281 }
282 if (strType == DBKeys::NAME) {
283 std::string strAddress;
284 ssKey >> strAddress;
285 std::string label;
286 ssValue >> label;
287 pwallet->m_address_book[DecodeDestination(strAddress)].SetLabel(label);
288 } else if (strType == DBKeys::PURPOSE) {
289 std::string strAddress;
290 ssKey >> strAddress;
291 ssValue >> pwallet->m_address_book[DecodeDestination(strAddress)].purpose;
292 } else if (strType == DBKeys::TX) {
293 uint256 hash;
294 ssKey >> hash;
295 // LoadToWallet call below creates a new CWalletTx that fill_wtx
296 // callback fills with transaction metadata.
297 auto fill_wtx = [&](CWalletTx& wtx, bool new_tx) {
298 assert(new_tx);
299 ssValue >> wtx;
300 if (wtx.GetHash() != hash)
301 return false;
302
303 // Undo serialize changes in 31600
304 if (31404 <= wtx.fTimeReceivedIsTxTime && wtx.fTimeReceivedIsTxTime <= 31703)
305 {
306 if (!ssValue.empty())
307 {
308 char fTmp;
309 char fUnused;
310 std::string unused_string;
311 ssValue >> fTmp >> fUnused >> unused_string;
312 strErr = strprintf("LoadWallet() upgrading tx ver=%d %d %s",
313 wtx.fTimeReceivedIsTxTime, fTmp, hash.ToString());
314 wtx.fTimeReceivedIsTxTime = fTmp;
315 }
316 else
317 {
318 strErr = strprintf("LoadWallet() repairing tx ver=%d %s", wtx.fTimeReceivedIsTxTime, hash.ToString());
319 wtx.fTimeReceivedIsTxTime = 0;
320 }
321 wss.vWalletUpgrade.push_back(hash);
322 }
323
324 if (wtx.nOrderPos == -1)
325 wss.fAnyUnordered = true;
326
327 return true;
328 };
329 if (!pwallet->LoadToWallet(hash, fill_wtx)) {
330 return false;
331 }
332 } else if (strType == DBKeys::WATCHS) {
333 wss.nWatchKeys++;
334 CScript script;
335 ssKey >> script;
336 char fYes;
337 ssValue >> fYes;
338 if (fYes == '1') {
339 pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadWatchOnly(script);
340 }
341 } else if (strType == DBKeys::KEY) {
342 CPubKey vchPubKey;
343 ssKey >> vchPubKey;
344 if (!vchPubKey.IsValid())
345 {
346 strErr = "Error reading wallet database: CPubKey corrupt";
347 return false;
348 }
349 CKey key;
350 CPrivKey pkey;
351 uint256 hash;
352
353 wss.nKeys++;
354 ssValue >> pkey;
355
356 // Old wallets store keys as DBKeys::KEY [pubkey] => [privkey]
357 // ... which was slow for wallets with lots of keys, because the public key is re-derived from the private key
358 // using EC operations as a checksum.
359 // Newer wallets store keys as DBKeys::KEY [pubkey] => [privkey][hash(pubkey,privkey)], which is much faster while
360 // remaining backwards-compatible.
361 try
362 {
363 ssValue >> hash;
364 }
365 catch (...) {}
366
367 bool fSkipCheck = false;
368
369 if (!hash.IsNull())
370 {
371 // hash pubkey/privkey to accelerate wallet load
372 std::vector<unsigned char> vchKey;
373 vchKey.reserve(vchPubKey.size() + pkey.size());
374 vchKey.insert(vchKey.end(), vchPubKey.begin(), vchPubKey.end());
375 vchKey.insert(vchKey.end(), pkey.begin(), pkey.end());
376
377 if (Hash(vchKey) != hash)
378 {
379 strErr = "Error reading wallet database: CPubKey/CPrivKey corrupt";
380 return false;
381 }
382
383 fSkipCheck = true;
384 }
385
386 if (!key.Load(pkey, vchPubKey, fSkipCheck))
387 {
388 strErr = "Error reading wallet database: CPrivKey corrupt";
389 return false;
390 }
391 if (!pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadKey(key, vchPubKey))
392 {
393 strErr = "Error reading wallet database: LegacyScriptPubKeyMan::LoadKey failed";
394 return false;
395 }
396 } else if (strType == DBKeys::MASTER_KEY) {
397 // Master encryption key is loaded into only the wallet and not any of the ScriptPubKeyMans.
398 unsigned int nID;
399 ssKey >> nID;
400 CMasterKey kMasterKey;
401 ssValue >> kMasterKey;
402 if(pwallet->mapMasterKeys.count(nID) != 0)
403 {
404 strErr = strprintf("Error reading wallet database: duplicate CMasterKey id %u", nID);
405 return false;
406 }
407 pwallet->mapMasterKeys[nID] = kMasterKey;
408 if (pwallet->nMasterKeyMaxID < nID)
409 pwallet->nMasterKeyMaxID = nID;
410 } else if (strType == DBKeys::CRYPTED_KEY) {
411 CPubKey vchPubKey;
412 ssKey >> vchPubKey;
413 if (!vchPubKey.IsValid())
414 {
415 strErr = "Error reading wallet database: CPubKey corrupt";
416 return false;
417 }
418 std::vector<unsigned char> vchPrivKey;
419 ssValue >> vchPrivKey;
420
421 // Get the checksum and check it
422 bool checksum_valid = false;
423 if (!ssValue.eof()) {
424 uint256 checksum;
425 ssValue >> checksum;
426 if ((checksum_valid = Hash(vchPrivKey) != checksum)) {
427 strErr = "Error reading wallet database: Crypted key corrupt";
428 return false;
429 }
430 }
431
432 wss.nCKeys++;
433
434 if (!pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadCryptedKey(vchPubKey, vchPrivKey, checksum_valid))
435 {
436 strErr = "Error reading wallet database: LegacyScriptPubKeyMan::LoadCryptedKey failed";
437 return false;
438 }
439 wss.fIsEncrypted = true;
440 } else if (strType == DBKeys::KEYMETA) {
441 CPubKey vchPubKey;
442 ssKey >> vchPubKey;
443 CKeyMetadata keyMeta;
444 ssValue >> keyMeta;
445 wss.nKeyMeta++;
446 pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadKeyMetadata(vchPubKey.GetID(), keyMeta);
447
448 // Extract some CHDChain info from this metadata if it has any
449 if (keyMeta.nVersion >= CKeyMetadata::VERSION_WITH_HDDATA && !keyMeta.hd_seed_id.IsNull() && keyMeta.hdKeypath.size() > 0) {
450 // Get the path from the key origin or from the path string
451 // Not applicable when path is "s" or "m" as those indicate a seed
452 // See https://github.com/bitcoin/bitcoin/pull/12924
453 bool internal = false;
454 uint32_t index = 0;
455 if (keyMeta.hdKeypath != "s" && keyMeta.hdKeypath != "m") {
456 std::vector<uint32_t> path;
457 if (keyMeta.has_key_origin) {
458 // We have a key origin, so pull it from its path vector
459 path = keyMeta.key_origin.path;
460 } else {
461 // No key origin, have to parse the string
462 if (!ParseHDKeypath(keyMeta.hdKeypath, path)) {
463 strErr = "Error reading wallet database: keymeta with invalid HD keypath";
464 return false;
465 }
466 }
467
468 // Extract the index and internal from the path
469 // Path string is m/0'/k'/i'
470 // Path vector is [0', k', i'] (but as ints OR'd with the hardened bit
471 // k == 0 for external, 1 for internal. i is the index
472 if (path.size() != 3) {
473 strErr = "Error reading wallet database: keymeta found with unexpected path";
474 return false;
475 }
476 if (path[0] != 0x80000000) {
477 strErr = strprintf("Unexpected path index of 0x%08x (expected 0x80000000) for the element at index 0", path[0]);
478 return false;
479 }
480 if (path[1] != 0x80000000 && path[1] != (1 | 0x80000000)) {
481 strErr = strprintf("Unexpected path index of 0x%08x (expected 0x80000000 or 0x80000001) for the element at index 1", path[1]);
482 return false;
483 }
484 if ((path[2] & 0x80000000) == 0) {
485 strErr = strprintf("Unexpected path index of 0x%08x (expected to be greater than or equal to 0x80000000)", path[2]);
486 return false;
487 }
488 internal = path[1] == (1 | 0x80000000);
489 index = path[2] & ~0x80000000;
490 }
491
492 // Insert a new CHDChain, or get the one that already exists
493 auto ins = wss.m_hd_chains.emplace(keyMeta.hd_seed_id, CHDChain());
494 CHDChain& chain = ins.first->second;
495 if (ins.second) {
496 // For new chains, we want to default to VERSION_HD_BASE until we see an internal
497 chain.nVersion = CHDChain::VERSION_HD_BASE;
498 chain.seed_id = keyMeta.hd_seed_id;
499 }
500 if (internal) {
501 chain.nVersion = CHDChain::VERSION_HD_CHAIN_SPLIT;
502 chain.nInternalChainCounter = std::max(chain.nInternalChainCounter, index);
503 } else {
504 chain.nExternalChainCounter = std::max(chain.nExternalChainCounter, index);
505 }
506 }
507 } else if (strType == DBKeys::WATCHMETA) {
508 CScript script;
509 ssKey >> script;
510 CKeyMetadata keyMeta;
511 ssValue >> keyMeta;
512 wss.nKeyMeta++;
513 pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadScriptMetadata(CScriptID(script), keyMeta);
514 } else if (strType == DBKeys::DEFAULTKEY) {
515 // We don't want or need the default key, but if there is one set,
516 // we want to make sure that it is valid so that we can detect corruption
517 CPubKey vchPubKey;
518 ssValue >> vchPubKey;
519 if (!vchPubKey.IsValid()) {
520 strErr = "Error reading wallet database: Default Key corrupt";
521 return false;
522 }
523 } else if (strType == DBKeys::POOL) {
524 int64_t nIndex;
525 ssKey >> nIndex;
526 CKeyPool keypool;
527 ssValue >> keypool;
528
529 pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadKeyPool(nIndex, keypool);
530 } else if (strType == DBKeys::CSCRIPT) {
531 uint160 hash;
532 ssKey >> hash;
533 CScript script;
534 ssValue >> script;
535 if (!pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadCScript(script))
536 {
537 strErr = "Error reading wallet database: LegacyScriptPubKeyMan::LoadCScript failed";
538 return false;
539 }
540 } else if (strType == DBKeys::ORDERPOSNEXT) {
541 ssValue >> pwallet->nOrderPosNext;
542 } else if (strType == DBKeys::DESTDATA) {
543 std::string strAddress, strKey, strValue;
544 ssKey >> strAddress;
545 ssKey >> strKey;
546 ssValue >> strValue;
547 pwallet->LoadDestData(DecodeDestination(strAddress), strKey, strValue);
548 } else if (strType == DBKeys::HDCHAIN) {
549 CHDChain chain;
550 ssValue >> chain;
551 pwallet->GetOrCreateLegacyScriptPubKeyMan()->LoadHDChain(chain);
552 } else if (strType == DBKeys::FLAGS) {
553 uint64_t flags;
554 ssValue >> flags;
555 if (!pwallet->LoadWalletFlags(flags)) {
556 strErr = "Error reading wallet database: Unknown non-tolerable wallet flags found";
557 return false;
558 }
559 } else if (strType == DBKeys::OLD_KEY) {
560 strErr = "Found unsupported 'wkey' record, try loading with version 0.18";
561 return false;
562 } else if (strType == DBKeys::ACTIVEEXTERNALSPK || strType == DBKeys::ACTIVEINTERNALSPK) {
563 uint8_t type;
564 ssKey >> type;
565 uint256 id;
566 ssValue >> id;
567
568 bool internal = strType == DBKeys::ACTIVEINTERNALSPK;
569 auto& spk_mans = internal ? wss.m_active_internal_spks : wss.m_active_external_spks;
570 if (spk_mans.count(static_cast<OutputType>(type)) > 0) {
571 strErr = "Multiple ScriptPubKeyMans specified for a single type";
572 return false;
573 }
574 spk_mans[static_cast<OutputType>(type)] = id;
575 } else if (strType == DBKeys::WALLETDESCRIPTOR) {
576 uint256 id;
577 ssKey >> id;
578 WalletDescriptor desc;
579 ssValue >> desc;
580 if (wss.m_descriptor_caches.count(id) == 0) {
581 wss.m_descriptor_caches[id] = DescriptorCache();
582 }
583 pwallet->LoadDescriptorScriptPubKeyMan(id, desc);
584 } else if (strType == DBKeys::WALLETDESCRIPTORCACHE) {
585 bool parent = true;
586 uint256 desc_id;
587 uint32_t key_exp_index;
588 uint32_t der_index;
589 ssKey >> desc_id;
590 ssKey >> key_exp_index;
591
592 // if the der_index exists, it's a derived xpub
593 try
594 {
595 ssKey >> der_index;
596 parent = false;
597 }
598 catch (...) {}
599
600 std::vector<unsigned char> ser_xpub(BIP32_EXTKEY_SIZE);
601 ssValue >> ser_xpub;
602 CExtPubKey xpub;
603 xpub.Decode(ser_xpub.data());
604 if (parent) {
605 wss.m_descriptor_caches[desc_id].CacheParentExtPubKey(key_exp_index, xpub);
606 } else {
607 wss.m_descriptor_caches[desc_id].CacheDerivedExtPubKey(key_exp_index, der_index, xpub);
608 }
609 } else if (strType == DBKeys::WALLETDESCRIPTORKEY) {
610 uint256 desc_id;
611 CPubKey pubkey;
612 ssKey >> desc_id;
613 ssKey >> pubkey;
614 if (!pubkey.IsValid())
615 {
616 strErr = "Error reading wallet database: CPubKey corrupt";
617 return false;
618 }
619 CKey key;
620 CPrivKey pkey;
621 uint256 hash;
622
623 wss.nKeys++;
624 ssValue >> pkey;
625 ssValue >> hash;
626
627 // hash pubkey/privkey to accelerate wallet load
628 std::vector<unsigned char> to_hash;
629 to_hash.reserve(pubkey.size() + pkey.size());
630 to_hash.insert(to_hash.end(), pubkey.begin(), pubkey.end());
631 to_hash.insert(to_hash.end(), pkey.begin(), pkey.end());
632
633 if (Hash(to_hash) != hash)
634 {
635 strErr = "Error reading wallet database: CPubKey/CPrivKey corrupt";
636 return false;
637 }
638
639 if (!key.Load(pkey, pubkey, true))
640 {
641 strErr = "Error reading wallet database: CPrivKey corrupt";
642 return false;
643 }
644 wss.m_descriptor_keys.insert(std::make_pair(std::make_pair(desc_id, pubkey.GetID()), key));
645 } else if (strType == DBKeys::WALLETDESCRIPTORCKEY) {
646 uint256 desc_id;
647 CPubKey pubkey;
648 ssKey >> desc_id;
649 ssKey >> pubkey;
650 if (!pubkey.IsValid())
651 {
652 strErr = "Error reading wallet database: CPubKey corrupt";
653 return false;
654 }
655 std::vector<unsigned char> privkey;
656 ssValue >> privkey;
657 wss.nCKeys++;
658
659 wss.m_descriptor_crypt_keys.insert(std::make_pair(std::make_pair(desc_id, pubkey.GetID()), std::make_pair(pubkey, privkey)));
660 wss.fIsEncrypted = true;
661 } else if (strType != DBKeys::BESTBLOCK && strType != DBKeys::BESTBLOCK_NOMERKLE &&
662 strType != DBKeys::MINVERSION && strType != DBKeys::ACENTRY &&
663 strType != DBKeys::VERSION && strType != DBKeys::SETTINGS) {
664 wss.m_unknown_records++;
665 }
666 } catch (const std::exception& e) {
667 if (strErr.empty()) {
668 strErr = e.what();
669 }
670 return false;
671 } catch (...) {
672 if (strErr.empty()) {
673 strErr = "Caught unknown exception in ReadKeyValue";
674 }
675 return false;
676 }
677 return true;
678 }
679
ReadKeyValue(CWallet * pwallet,CDataStream & ssKey,CDataStream & ssValue,std::string & strType,std::string & strErr,const KeyFilterFn & filter_fn)680 bool ReadKeyValue(CWallet* pwallet, CDataStream& ssKey, CDataStream& ssValue, std::string& strType, std::string& strErr, const KeyFilterFn& filter_fn)
681 {
682 CWalletScanState dummy_wss;
683 LOCK(pwallet->cs_wallet);
684 return ReadKeyValue(pwallet, ssKey, ssValue, dummy_wss, strType, strErr, filter_fn);
685 }
686
IsKeyType(const std::string & strType)687 bool WalletBatch::IsKeyType(const std::string& strType)
688 {
689 return (strType == DBKeys::KEY ||
690 strType == DBKeys::MASTER_KEY || strType == DBKeys::CRYPTED_KEY);
691 }
692
LoadWallet(CWallet * pwallet)693 DBErrors WalletBatch::LoadWallet(CWallet* pwallet)
694 {
695 CWalletScanState wss;
696 bool fNoncriticalErrors = false;
697 DBErrors result = DBErrors::LOAD_OK;
698
699 LOCK(pwallet->cs_wallet);
700 try {
701 int nMinVersion = 0;
702 if (m_batch->Read(DBKeys::MINVERSION, nMinVersion)) {
703 if (nMinVersion > FEATURE_LATEST)
704 return DBErrors::TOO_NEW;
705 pwallet->LoadMinVersion(nMinVersion);
706 }
707
708 // Get cursor
709 if (!m_batch->StartCursor())
710 {
711 pwallet->WalletLogPrintf("Error getting wallet database cursor\n");
712 return DBErrors::CORRUPT;
713 }
714
715 while (true)
716 {
717 // Read next record
718 CDataStream ssKey(SER_DISK, CLIENT_VERSION);
719 CDataStream ssValue(SER_DISK, CLIENT_VERSION);
720 bool complete;
721 bool ret = m_batch->ReadAtCursor(ssKey, ssValue, complete);
722 if (complete) {
723 break;
724 }
725 else if (!ret)
726 {
727 m_batch->CloseCursor();
728 pwallet->WalletLogPrintf("Error reading next record from wallet database\n");
729 return DBErrors::CORRUPT;
730 }
731
732 // Try to be tolerant of single corrupt records:
733 std::string strType, strErr;
734 if (!ReadKeyValue(pwallet, ssKey, ssValue, wss, strType, strErr))
735 {
736 // losing keys is considered a catastrophic error, anything else
737 // we assume the user can live with:
738 if (IsKeyType(strType) || strType == DBKeys::DEFAULTKEY) {
739 result = DBErrors::CORRUPT;
740 } else if (strType == DBKeys::FLAGS) {
741 // reading the wallet flags can only fail if unknown flags are present
742 result = DBErrors::TOO_NEW;
743 } else {
744 // Leave other errors alone, if we try to fix them we might make things worse.
745 fNoncriticalErrors = true; // ... but do warn the user there is something wrong.
746 if (strType == DBKeys::TX)
747 // Rescan if there is a bad transaction record:
748 gArgs.SoftSetBoolArg("-rescan", true);
749 }
750 }
751 if (!strErr.empty())
752 pwallet->WalletLogPrintf("%s\n", strErr);
753 }
754 } catch (...) {
755 result = DBErrors::CORRUPT;
756 }
757 m_batch->CloseCursor();
758
759 // Set the active ScriptPubKeyMans
760 for (auto spk_man_pair : wss.m_active_external_spks) {
761 pwallet->LoadActiveScriptPubKeyMan(spk_man_pair.second, spk_man_pair.first, /* internal */ false);
762 }
763 for (auto spk_man_pair : wss.m_active_internal_spks) {
764 pwallet->LoadActiveScriptPubKeyMan(spk_man_pair.second, spk_man_pair.first, /* internal */ true);
765 }
766
767 // Set the descriptor caches
768 for (auto desc_cache_pair : wss.m_descriptor_caches) {
769 auto spk_man = pwallet->GetScriptPubKeyMan(desc_cache_pair.first);
770 assert(spk_man);
771 ((DescriptorScriptPubKeyMan*)spk_man)->SetCache(desc_cache_pair.second);
772 }
773
774 // Set the descriptor keys
775 for (auto desc_key_pair : wss.m_descriptor_keys) {
776 auto spk_man = pwallet->GetScriptPubKeyMan(desc_key_pair.first.first);
777 ((DescriptorScriptPubKeyMan*)spk_man)->AddKey(desc_key_pair.first.second, desc_key_pair.second);
778 }
779 for (auto desc_key_pair : wss.m_descriptor_crypt_keys) {
780 auto spk_man = pwallet->GetScriptPubKeyMan(desc_key_pair.first.first);
781 ((DescriptorScriptPubKeyMan*)spk_man)->AddCryptedKey(desc_key_pair.first.second, desc_key_pair.second.first, desc_key_pair.second.second);
782 }
783
784 if (fNoncriticalErrors && result == DBErrors::LOAD_OK)
785 result = DBErrors::NONCRITICAL_ERROR;
786
787 // Any wallet corruption at all: skip any rewriting or
788 // upgrading, we don't want to make it worse.
789 if (result != DBErrors::LOAD_OK)
790 return result;
791
792 // Last client version to open this wallet, was previously the file version number
793 int last_client = CLIENT_VERSION;
794 m_batch->Read(DBKeys::VERSION, last_client);
795
796 int wallet_version = pwallet->GetVersion();
797 pwallet->WalletLogPrintf("Wallet File Version = %d\n", wallet_version > 0 ? wallet_version : last_client);
798
799 pwallet->WalletLogPrintf("Keys: %u plaintext, %u encrypted, %u w/ metadata, %u total. Unknown wallet records: %u\n",
800 wss.nKeys, wss.nCKeys, wss.nKeyMeta, wss.nKeys + wss.nCKeys, wss.m_unknown_records);
801
802 // nTimeFirstKey is only reliable if all keys have metadata
803 if (pwallet->IsLegacy() && (wss.nKeys + wss.nCKeys + wss.nWatchKeys) != wss.nKeyMeta) {
804 auto spk_man = pwallet->GetOrCreateLegacyScriptPubKeyMan();
805 if (spk_man) {
806 LOCK(spk_man->cs_KeyStore);
807 spk_man->UpdateTimeFirstKey(1);
808 }
809 }
810
811 for (const uint256& hash : wss.vWalletUpgrade)
812 WriteTx(pwallet->mapWallet.at(hash));
813
814 // Rewrite encrypted wallets of versions 0.4.0 and 0.5.0rc:
815 if (wss.fIsEncrypted && (last_client == 40000 || last_client == 50000))
816 return DBErrors::NEED_REWRITE;
817
818 if (last_client < CLIENT_VERSION) // Update
819 m_batch->Write(DBKeys::VERSION, CLIENT_VERSION);
820
821 if (wss.fAnyUnordered)
822 result = pwallet->ReorderTransactions();
823
824 // Upgrade all of the wallet keymetadata to have the hd master key id
825 // This operation is not atomic, but if it fails, updated entries are still backwards compatible with older software
826 try {
827 pwallet->UpgradeKeyMetadata();
828 } catch (...) {
829 result = DBErrors::CORRUPT;
830 }
831
832 // Set the inactive chain
833 if (wss.m_hd_chains.size() > 0) {
834 LegacyScriptPubKeyMan* legacy_spkm = pwallet->GetLegacyScriptPubKeyMan();
835 if (!legacy_spkm) {
836 pwallet->WalletLogPrintf("Inactive HD Chains found but no Legacy ScriptPubKeyMan\n");
837 return DBErrors::CORRUPT;
838 }
839 for (const auto& chain_pair : wss.m_hd_chains) {
840 if (chain_pair.first != pwallet->GetLegacyScriptPubKeyMan()->GetHDChain().seed_id) {
841 pwallet->GetLegacyScriptPubKeyMan()->AddInactiveHDChain(chain_pair.second);
842 }
843 }
844 }
845
846 return result;
847 }
848
FindWalletTx(std::vector<uint256> & vTxHash,std::list<CWalletTx> & vWtx)849 DBErrors WalletBatch::FindWalletTx(std::vector<uint256>& vTxHash, std::list<CWalletTx>& vWtx)
850 {
851 DBErrors result = DBErrors::LOAD_OK;
852
853 try {
854 int nMinVersion = 0;
855 if (m_batch->Read(DBKeys::MINVERSION, nMinVersion)) {
856 if (nMinVersion > FEATURE_LATEST)
857 return DBErrors::TOO_NEW;
858 }
859
860 // Get cursor
861 if (!m_batch->StartCursor())
862 {
863 LogPrintf("Error getting wallet database cursor\n");
864 return DBErrors::CORRUPT;
865 }
866
867 while (true)
868 {
869 // Read next record
870 CDataStream ssKey(SER_DISK, CLIENT_VERSION);
871 CDataStream ssValue(SER_DISK, CLIENT_VERSION);
872 bool complete;
873 bool ret = m_batch->ReadAtCursor(ssKey, ssValue, complete);
874 if (complete) {
875 break;
876 } else if (!ret) {
877 m_batch->CloseCursor();
878 LogPrintf("Error reading next record from wallet database\n");
879 return DBErrors::CORRUPT;
880 }
881
882 std::string strType;
883 ssKey >> strType;
884 if (strType == DBKeys::TX) {
885 uint256 hash;
886 ssKey >> hash;
887 vTxHash.push_back(hash);
888 vWtx.emplace_back(nullptr /* wallet */, nullptr /* tx */);
889 ssValue >> vWtx.back();
890 }
891 }
892 } catch (...) {
893 result = DBErrors::CORRUPT;
894 }
895 m_batch->CloseCursor();
896
897 return result;
898 }
899
ZapSelectTx(std::vector<uint256> & vTxHashIn,std::vector<uint256> & vTxHashOut)900 DBErrors WalletBatch::ZapSelectTx(std::vector<uint256>& vTxHashIn, std::vector<uint256>& vTxHashOut)
901 {
902 // build list of wallet TXs and hashes
903 std::vector<uint256> vTxHash;
904 std::list<CWalletTx> vWtx;
905 DBErrors err = FindWalletTx(vTxHash, vWtx);
906 if (err != DBErrors::LOAD_OK) {
907 return err;
908 }
909
910 std::sort(vTxHash.begin(), vTxHash.end());
911 std::sort(vTxHashIn.begin(), vTxHashIn.end());
912
913 // erase each matching wallet TX
914 bool delerror = false;
915 std::vector<uint256>::iterator it = vTxHashIn.begin();
916 for (const uint256& hash : vTxHash) {
917 while (it < vTxHashIn.end() && (*it) < hash) {
918 it++;
919 }
920 if (it == vTxHashIn.end()) {
921 break;
922 }
923 else if ((*it) == hash) {
924 if(!EraseTx(hash)) {
925 LogPrint(BCLog::WALLETDB, "Transaction was found for deletion but returned database error: %s\n", hash.GetHex());
926 delerror = true;
927 }
928 vTxHashOut.push_back(hash);
929 }
930 }
931
932 if (delerror) {
933 return DBErrors::CORRUPT;
934 }
935 return DBErrors::LOAD_OK;
936 }
937
MaybeCompactWalletDB()938 void MaybeCompactWalletDB()
939 {
940 static std::atomic<bool> fOneThread(false);
941 if (fOneThread.exchange(true)) {
942 return;
943 }
944
945 for (const std::shared_ptr<CWallet>& pwallet : GetWallets()) {
946 WalletDatabase& dbh = pwallet->GetDBHandle();
947
948 unsigned int nUpdateCounter = dbh.nUpdateCounter;
949
950 if (dbh.nLastSeen != nUpdateCounter) {
951 dbh.nLastSeen = nUpdateCounter;
952 dbh.nLastWalletUpdate = GetTime();
953 }
954
955 if (dbh.nLastFlushed != nUpdateCounter && GetTime() - dbh.nLastWalletUpdate >= 2) {
956 if (dbh.PeriodicFlush()) {
957 dbh.nLastFlushed = nUpdateCounter;
958 }
959 }
960 }
961
962 fOneThread = false;
963 }
964
WriteDestData(const std::string & address,const std::string & key,const std::string & value)965 bool WalletBatch::WriteDestData(const std::string &address, const std::string &key, const std::string &value)
966 {
967 return WriteIC(std::make_pair(DBKeys::DESTDATA, std::make_pair(address, key)), value);
968 }
969
EraseDestData(const std::string & address,const std::string & key)970 bool WalletBatch::EraseDestData(const std::string &address, const std::string &key)
971 {
972 return EraseIC(std::make_pair(DBKeys::DESTDATA, std::make_pair(address, key)));
973 }
974
975
WriteHDChain(const CHDChain & chain)976 bool WalletBatch::WriteHDChain(const CHDChain& chain)
977 {
978 return WriteIC(DBKeys::HDCHAIN, chain);
979 }
980
WriteWalletFlags(const uint64_t flags)981 bool WalletBatch::WriteWalletFlags(const uint64_t flags)
982 {
983 return WriteIC(DBKeys::FLAGS, flags);
984 }
985
TxnBegin()986 bool WalletBatch::TxnBegin()
987 {
988 return m_batch->TxnBegin();
989 }
990
TxnCommit()991 bool WalletBatch::TxnCommit()
992 {
993 return m_batch->TxnCommit();
994 }
995
TxnAbort()996 bool WalletBatch::TxnAbort()
997 {
998 return m_batch->TxnAbort();
999 }
1000
MakeDatabase(const fs::path & path,const DatabaseOptions & options,DatabaseStatus & status,bilingual_str & error)1001 std::unique_ptr<WalletDatabase> MakeDatabase(const fs::path& path, const DatabaseOptions& options, DatabaseStatus& status, bilingual_str& error)
1002 {
1003 bool exists;
1004 try {
1005 exists = fs::symlink_status(path).type() != fs::file_not_found;
1006 } catch (const fs::filesystem_error& e) {
1007 error = Untranslated(strprintf("Failed to access database path '%s': %s", path.string(), fsbridge::get_filesystem_error_message(e)));
1008 status = DatabaseStatus::FAILED_BAD_PATH;
1009 return nullptr;
1010 }
1011
1012 Optional<DatabaseFormat> format;
1013 if (exists) {
1014 if (ExistsBerkeleyDatabase(path)) {
1015 format = DatabaseFormat::BERKELEY;
1016 }
1017 #ifdef USE_SQLITE
1018 if (ExistsSQLiteDatabase(path)) {
1019 if (format) {
1020 error = Untranslated(strprintf("Failed to load database path '%s'. Data is in ambiguous format.", path.string()));
1021 status = DatabaseStatus::FAILED_BAD_FORMAT;
1022 return nullptr;
1023 }
1024 format = DatabaseFormat::SQLITE;
1025 }
1026 #endif
1027 } else if (options.require_existing) {
1028 error = Untranslated(strprintf("Failed to load database path '%s'. Path does not exist.", path.string()));
1029 status = DatabaseStatus::FAILED_NOT_FOUND;
1030 return nullptr;
1031 }
1032
1033 if (!format && options.require_existing) {
1034 error = Untranslated(strprintf("Failed to load database path '%s'. Data is not in recognized format.", path.string()));
1035 status = DatabaseStatus::FAILED_BAD_FORMAT;
1036 return nullptr;
1037 }
1038
1039 if (format && options.require_create) {
1040 error = Untranslated(strprintf("Failed to create database path '%s'. Database already exists.", path.string()));
1041 status = DatabaseStatus::FAILED_ALREADY_EXISTS;
1042 return nullptr;
1043 }
1044
1045 // A db already exists so format is set, but options also specifies the format, so make sure they agree
1046 if (format && options.require_format && format != options.require_format) {
1047 error = Untranslated(strprintf("Failed to load database path '%s'. Data is not in required format.", path.string()));
1048 status = DatabaseStatus::FAILED_BAD_FORMAT;
1049 return nullptr;
1050 }
1051
1052 // Format is not set when a db doesn't already exist, so use the format specified by the options if it is set.
1053 if (!format && options.require_format) format = options.require_format;
1054
1055 #ifdef USE_SQLITE
1056 if (format && format == DatabaseFormat::SQLITE) {
1057 return MakeSQLiteDatabase(path, options, status, error);
1058 }
1059 #else
1060 assert(format != DatabaseFormat::SQLITE);
1061 #endif
1062
1063 return MakeBerkeleyDatabase(path, options, status, error);
1064 }
1065
1066 /** Return object for accessing dummy database with no read/write capabilities. */
CreateDummyWalletDatabase()1067 std::unique_ptr<WalletDatabase> CreateDummyWalletDatabase()
1068 {
1069 return MakeUnique<DummyDatabase>();
1070 }
1071
1072 /** Return object for accessing temporary in-memory database. */
CreateMockWalletDatabase()1073 std::unique_ptr<WalletDatabase> CreateMockWalletDatabase()
1074 {
1075 return MakeUnique<BerkeleyDatabase>(std::make_shared<BerkeleyEnvironment>(), "");
1076 }
1077