From ce99358f4aa4182d6983fde3e33a8fdbe1dfe4c3 Mon Sep 17 00:00:00 2001
From: Gavin Andresen <gavinandresen@gmail.com>
Date: Mon, 14 Jan 2013 16:52:33 -0500
Subject: Remove IsFromMe() check in CTxMemPool::accept()

Fixes issue #2178 : attacker could penny-flood with invalid-signature
transactions to deduce which addresses belonged to your node.

I'm committing this early for code review; I still need to write up
a test plan.

Executive summary of fix: check all transactions received from the network
for penny-flood rate-limiting before adding to the memory pool. But do NOT
ratelimit transactions added to the memory pool:
  - because of blockchain reorgs
  - stored in the wallet and added at startup
  - sent from the GUI or one of the send* RPC commands (CWallet::CommitTransaction)

The limit-free-transactions code really should be a method on CNode, with
counters per-peer. But that is a bigger change for another day.
---
 src/wallet.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/wallet.cpp')

diff --git a/src/wallet.cpp b/src/wallet.cpp
index 37b86c35b..0a320b6f8 100644
--- a/src/wallet.cpp
+++ b/src/wallet.cpp
@@ -1279,7 +1279,7 @@ bool CWallet::CommitTransaction(CWalletTx& wtxNew, CReserveKey& reservekey)
         mapRequestCount[wtxNew.GetHash()] = 0;
 
         // Broadcast
-        if (!wtxNew.AcceptToMemoryPool())
+        if (!wtxNew.AcceptToMemoryPool(true, false))
         {
             // This must not fail. The transaction has already been signed and recorded.
             printf("CommitTransaction() : Error: Transaction not valid");
-- 
cgit v1.2.3