merge bitcoin#24225: Add sanity checks to DiscourageFeeSniping

kwvg · kwvg · commit 6958a5b282a6 · 2025-04-30T10:59:57.000Z
diff --git a/src/wallet/spend.cpp b/src/wallet/spend.cpp
@@ -581,12 +581,13 @@ static bool IsCurrentForAntiFeeSniping(interfaces::Chain& chain, const uint256&
 }
 
 /**
- * Return a height-based locktime for new transactions (uses the height of the
+ * Set a height-based locktime for new transactions (uses the height of the
  * current chain tip unless we are not synced with the current chain
  */
-static uint32_t GetLocktimeForNewTransaction(interfaces::Chain& chain, const uint256& block_hash, int block_height)
+static void DiscourageFeeSniping(CMutableTransaction& tx, interfaces::Chain& chain, const uint256& block_hash, int block_height)
 {
-    uint32_t locktime;
+    // All inputs must be added by now
+    assert(!tx.vin.empty());
     // Discourage fee sniping.
     //
     // For a large miner the value of the transactions in the best block and
@@ -608,22 +609,32 @@ static uint32_t GetLocktimeForNewTransaction(interfaces::Chain& chain, const uin
     // now we ensure code won't be written that makes assumptions about
     // nLockTime that preclude a fix later.
     if (IsCurrentForAntiFeeSniping(chain, block_hash)) {
-        locktime = block_height;
+        tx.nLockTime = block_height;
 
         // Secondly occasionally randomly pick a nLockTime even further back, so
         // that transactions that are delayed after signing for whatever reason,
         // e.g. high-latency mix networks and some CoinJoin implementations, have
         // better privacy.
-        if (GetRandInt(10) == 0)
-            locktime = std::max(0, (int)locktime - GetRandInt(100));
+        if (GetRandInt(10) == 0) {
+            tx.nLockTime = std::max(0, int(tx.nLockTime) - GetRandInt(100));
+        }
     } else {
         // If our chain is lagging behind, we can't discourage fee sniping nor help
         // the privacy of high-latency transactions. To avoid leaking a potentially
         // unique "nLockTime fingerprint", set nLockTime to a constant.
-        locktime = 0;
+        tx.nLockTime = 0;
+    }
+    // Sanity check all values
+    assert(tx.nLockTime < LOCKTIME_THRESHOLD); // Type must be block height
+    assert(tx.nLockTime <= uint64_t(block_height));
+    for (const auto& in : tx.vin) {
+        // Can not be FINAL for locktime to work
+        assert(in.nSequence != CTxIn::SEQUENCE_FINAL);
+        // May be MAX NONFINAL to disable BIP68
+        if (in.nSequence == CTxIn::MAX_SEQUENCE_NONFINAL) continue;
+        // The wallet does not support any other sequence-use right now.
+        assert(false);
     }
-    assert(locktime < LOCKTIME_THRESHOLD);
-    return locktime;
 }
 
 static bool CreateTransactionInternal(
@@ -641,7 +652,6 @@ static bool CreateTransactionInternal(
     AssertLockHeld(wallet.cs_wallet);
 
     CMutableTransaction txNew; // The resulting transaction that we make
-    txNew.nLockTime = GetLocktimeForNewTransaction(wallet.chain(), wallet.GetLastBlockHash(), wallet.GetLastBlockHeight());
 
     CoinSelectionParams coin_selection_params; // Parameters for coin selection, init with dummy
     coin_selection_params.m_avoid_partial_spends = coin_control.m_avoid_partial_spends;
@@ -811,12 +821,13 @@ static bool CreateTransactionInternal(
         }
     };
 
-    // Note how the sequence number is set to non-maxint so that
-    // the nLockTime set above actually works.
-    const uint32_t nSequence = CTxIn::SEQUENCE_FINAL - 1;
+    // The sequence number is set to non-maxint so that DiscourageFeeSniping
+    // works.
+    const uint32_t nSequence{CTxIn::SEQUENCE_FINAL - 1};
     for (const auto& coin : setCoins) {
         txNew.vin.push_back(CTxIn(coin.outpoint, CScript(), nSequence));
     }
+    DiscourageFeeSniping(txNew, wallet.chain(), wallet.GetLastBlockHash(), wallet.GetLastBlockHeight());
 
     // Fill in final vin and shuffle/sort it
     if (sort_bip69) { std::sort(txNew.vin.begin(), txNew.vin.end(), CompareInputBIP69()); }
