Undetected double-spent #1740
Comments
|
|
|
I've edited the script and applied Using Is there any method to remove PS: This is related to bitcoindevkit/bdk_wallet#41. I tried to explicitly cancel the transaction as a work-around |
|
Thanks for sharing the example code. You're right that |
|
I'm not sure if that's the ideal solution long term, depending on the use case. One thing that's unclear from the example is whether alice and Bitcoin Core represent distinct entities or if there's reason to think alice should be aware of the other wallet. If so, I can imagine a feature that would let you add extra keychains to the wallet for the purpose of watching other transactions. I agree that Also I seem to recall that doing a sync via electrum or esplora would allow you to watch for the status of a txid of interest, in this case the unconfirmed *digging deeper it appears for esplora you would actually watch for the spend status of an outpoint of interest, in this case |
|
I discovered the issue when testing the unilateral exit procedure of our Ark implementation. This issue contains a write-up of what the issue is and how it affects us. However, to my understanding the issue is broader.
|
|
It seems we may need to monitor during a sync/scan not just the histories of our wallet's descriptors SPKs but also the UTXOs that are used as inputs to one of our unconfirmed transactions. If we knew that a UTXO was now invalid (ie. spent and confirmed in a different TX) then we could mark our TX as "double spent" or something like that so they could be filtered out. Have you seen bitcoindevkit/bdk_wallet#40? the redesign that @LLFourn has in mind should probably take into account this situation from also. One question, do you know how other wallets handle this situation? If you setup the same situation in Core's wallet or in Sparrow do you know how they handle it? |
|
I have no idea what other wallets do, I'm sorry. I'm not sure many wallets allow foreign inputs. (And we are eternally grateful that BDK does!) |
|
Thanks for taking the time to report this. This is a big problem (and I'm also not sure if other wallets/libraries would handle this properly). @LLFourn talked to me briefly this morning about how to fix this. This is my recollection + some of my own thoughts thrown in. To fix this problem, we need to redefine what is considered relevant by our receiving structures, and make sure our chain sources emit the replacing tx. Step 1: Redefine what is considered "relevant" in
|
|
@LagginTimes agreed to help out on this. He will implement the |
|
idea: #1764 |
…d_at` 8513d83 feat(bitcoind_rpc)!: Reduce friction of `Emitter` API. (志宇) 0a02d26 feat(chain): Add convenience conversions for `CanonicalTx` (志宇) d11f6ef feat(graph): add convenience function for inserting relevant `evicted_at`s (Wei Chen) 28ef7c9 refactor(rpc)!: update `mempool` interface and test code (valued mammal) Pull request description: Fixes #1740 ### Description Work for this began as part of #1811, based on this [comment](#1811 (comment)). `Emitter::mempool` now returns a `MempoolEvent` which provides the data for tracking `evicted_at`: ``` pub struct MempoolEvent { /// Unemitted transactions or transactions with ancestors that are unseen by the receiver. /// /// To understand the second condition, consider a receiver which filters transactions based on /// whether it alters the UTXO set of tracked script pubkeys. If an emitted mempool transaction /// spends a tracked UTXO which is confirmed at height `h`, but the receiver has only seen up to /// block of height `h-1`, we want to re-emit this transaction until the receiver has seen the /// block at height `h`. pub new_txs: Vec<(Transaction, u64)>, /// [`Txid`]s of all transactions that have been evicted from mempool. pub evicted_txids: HashSet<Txid>, /// The latest timestamp of when a transaction entered the mempool. /// /// This is useful for setting the timestamp for evicted transactions. pub latest_update_time: u64, } ``` ### Changelog notice * Change `Emitter::mempool` to return `MempoolEvent`s which contain mempool-eviction data. * Change `Emitter::client` to have more relaxed generic bounds. `C: Deref, C::Target: RpcApi` are the new bounds. * Add conversion impls for `CanonicalTx` to `Txid`/`Arc<Transaction>`. * Add `ChainPosition::is_unconfirmed` method. ### Checklists #### All Submissions: * [x] I've signed all my commits * [x] I followed the [contribution guidelines](https://github.com/bitcoindevkit/bdk/blob/master/CONTRIBUTING.md) * [x] I ran `cargo fmt` and `cargo clippy` before committing #### New Features: * [x] I've added tests for the new feature * [x] I've added docs for the new feature #### Bugfixes: * [x] This pull request breaks the existing API * [x] I've added tests to reproduce the issue which are now passing * [x] I'm linking the issue being fixed by this PR ACKs for top commit: ValuedMammal: ACK 8513d83 Tree-SHA512: 28149458085dc4cefefe06656769d701b53f891c1ecb5d400aba8b23d63c026d6e4db1c9e6f47c8ad167edc1559d897d28e9bb71e7bd144792b5cecc0bcd31ce
Describe the bug
tx1a) from Bob and observes it in the mempool.tx1acreatingtx1btx1btx1bin a block.Alice will still consider
tx1aas a pending transaction.To Reproduce
See this https://github.com/ErikDeSmedt/bdk-gists/blob/master/tests/wallet.rs
Expected behavior
I would expect that Alice her wallet wouldn't use
tx1aanymore. The outputBuild environment
1.0.0-beta.5Additional context
I discovered this bug in a test-case where the entire wallet was unusable.
The text was updated successfully, but these errors were encountered: