-
Notifications
You must be signed in to change notification settings - Fork 248
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add get_wallet_summary
to WalletRead
#914
Merged
Merged
Changes from all commits
Commits
Show all changes
4 commits
Select commit
Hold shift + click to select a range
f53ea2d
Add `get_wallet_summary` to `WalletRead`
nuttycom 7abd132
Apply suggestions from code review
nuttycom 6cbb107
zcash_client_sqlite: allow zero-conf transactions in unshielded balance.
nuttycom 1e12e9d
Clarify zero-conf shielded note behaviour for `get_wallet_summary`
str4d File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Defining this to include all zero-conf funds means that an adversary will be able to arbitrarily inflate it above the realistic balance, as soon as we implement detection of zero-conf funds.
If I send you funds in a bunch of transactions that each have 50 unpaid actions and expire at the next block, I can be pretty confident that at most one (probably zero) of them will be mined. So, using this value as defined for anything opens the wallet up to the transparent equivalent of a Faerie Gold attack (and to various social engineering attacks, such as refund scams, if it is ever shown to a user). This is also a potential DoS attack on auto-shielding.
I agree that we haven't yet implemented the things that would enable these attacks, but still, it should not be defined that way.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Zero-conf balances have essentially become the standard among zcash (and Bitcoin and Ethereum) wallets, and the functionality to provide zero-conf balance is highly in demand. I don't know how we get around that; users in general would prefer to immediately see incoming funds as being recognized, at the cost of having to be diligent about waiting for important transactions to be mined.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We spent a huge amount of time, effort, and protocol complexity preventing Faerie Gold attacks. I don't see why we would just throw up our hands and accept a transparent attack with similar impact because not caring about it is "the standard".
What do Bitcoin and Ethereum wallets do these days about minimum-relay-fee transactions that definitely won't get mined? Are you really saying they just show them as balance anyway?