diff options
| author | MarcoFalke <[email protected]> | 2018-03-23 19:03:31 -0400 |
|---|---|---|
| committer | MarcoFalke <[email protected]> | 2018-03-23 19:03:34 -0400 |
| commit | 02b7e8319aef2a870264ad4fa2e3bb18664dcc36 (patch) | |
| tree | b1d7db94942824695c7e136f4b4719e8724ef924 | |
| parent | Merge #11536: Rename account to label where appropriate (diff) | |
| parent | add release note for sendmany output shuffling (diff) | |
| download | discoin-02b7e8319aef2a870264ad4fa2e3bb18664dcc36.tar.xz discoin-02b7e8319aef2a870264ad4fa2e3bb18664dcc36.zip | |
Merge #12709: [wallet] shuffle sendmany recipients ordering
6acb02d635 add release note for sendmany output shuffling (Gregory Sanders)
cf6ef3c139 shuffle sendmany recipients ordering to shuffle tx outputs (Gregory Sanders)
Pull request description:
Unless there is something important I'm missing, we're just possible leaking information by preserving whatever ordering json object ordering is giving us (no guarantees at all).
This is unneeded for `sendtoaddress` since there is only 1 or 2 outputs, and the change output is shuffled in.
This will not effect `*raw` behavior by design, since users generally want full control using those apis. Further PRs could add optional args to over-ride that behavior.
Alternative ideas would be to sort the outputs by some deterministic ordering. (this would require more refactoring since change outputs are created and handled by caller)
related: https://github.com/bitcoin/bitcoin/pull/12699
Tree-SHA512: afdd990dde6a4a9e7eef7bb2e3342a46d11900d7fe6e6e4eb0cc6b5deed89df989fa7931a4bdcbf49b7c2d7a13c90169af3a166466e5760948bacabe3490f572
| -rw-r--r-- | doc/release-notes.md | 1 | ||||
| -rw-r--r-- | src/wallet/rpcwallet.cpp | 3 |
2 files changed, 4 insertions, 0 deletions
diff --git a/doc/release-notes.md b/doc/release-notes.md index b183ee0a5..973fd3c84 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -73,6 +73,7 @@ RPC changes - Wallet `listreceivedbylabel`, `listreceivedbyaccount` and `listunspent` RPCs add `label` fields to returned JSON objects that previously only had `account` fields. +- `sendmany` now shuffles outputs to improve privacy, so any previously expected behavior with regards to output ordering can no longer be relied upon. External wallet files --------------------- diff --git a/src/wallet/rpcwallet.cpp b/src/wallet/rpcwallet.cpp index dbc48834f..365dedfce 100644 --- a/src/wallet/rpcwallet.cpp +++ b/src/wallet/rpcwallet.cpp @@ -1145,6 +1145,9 @@ UniValue sendmany(const JSONRPCRequest& request) if (totalAmount > nBalance) throw JSONRPCError(RPC_WALLET_INSUFFICIENT_FUNDS, "Account has insufficient funds"); + // Shuffle recipient list + std::shuffle(vecSend.begin(), vecSend.end(), FastRandomContext()); + // Send CReserveKey keyChange(pwallet); CAmount nFeeRequired = 0; |