Disable default fallbackfee on mainnet #11882

pull jonasschnelli wants to merge 2 commits into bitcoin:master from jonasschnelli:2017/12/feeest_readyness changing 10 files +58 −0
  1. jonasschnelli commented at 10:40 pm on December 12, 2017: contributor

    Removes the default fallback fee on mainnet (but keeps it on testnet/regtest).

    Transactions using the fallbackfee in case the fallback fee has not been set are getting rejected.

  2. jonasschnelli added the label Wallet on Dec 12, 2017
  3. jonasschnelli force-pushed on Dec 12, 2017
  4. jonasschnelli force-pushed on Dec 12, 2017
  5. MarcoFalke commented at 11:14 pm on December 12, 2017: member
    Concept ACK on setting the rbf flag on transactions where it is unclear if they confirm with the default fallback fee fee. Not yet sure about adding a command line arg just to disable and disallow fallbackfee.
  6. jonasschnelli commented at 6:24 am on December 13, 2017: contributor

    Not yet sure about adding a command line arg just to disable and disallow fallbackfee.

    Using a static (!) fallback fee seems an incorrect concept. It will very likely result in significant overpay or significant underpay (==stuck transaction). I would strongly recommend to either reject during the time when no estimations are available or to collect fee estimations from somewhere else (probably controversial).

    I would even vote for defaulting walletallowfallbackfee to true (which this PR does not, it just offers the option to disable it).

  7. NicolasDorier commented at 6:44 am on December 13, 2017: contributor
    I think walletallowfallbackfee should be disabled by default.
  8. jonasschnelli force-pushed on Dec 13, 2017
  9. greenaddress commented at 10:57 am on December 14, 2017: contributor
    If fee estimates are not available perhaps is best to ask the user to wait or to manually set a fee rate (if they are a sufficiently advanced user, maybe even behind a config flag to reduce mistakes). BIP125 replacement enabled helps only the case when you underpay and does nothing for overpaying.
  10. MarcoFalke commented at 6:12 pm on December 14, 2017: member
    Well, instead of adding a command line arg to disable fallbackfee, why not remove the default value for fallbackfee and require that it is set whenever it is used?
  11. jonasschnelli commented at 6:58 pm on December 14, 2017: contributor

    Removing the fallback fee entirely would be an abrupt task and it would probably make regression tests more difficult. Reasonable steps are:

    1. Allow to disable (but enable by default)
    2. Disable by default
    3. Eventually remove
  12. MarcoFalke commented at 11:04 pm on December 14, 2017: member

    I think I am bad at choosing words. Let me explain by example:

    • fallbackfee not set in conf or on command line -> Consider as fallbackfee disabled
    • fallbackfee set in conf or on command line -> Consider fallbackfee enabled
  13. jonasschnelli commented at 6:04 am on December 15, 2017: contributor

    fallbackfee not set in conf or on command line -> Consider as fallbackfee disabled

    That would disable the fallback fee by default. Right?

  14. MarcoFalke commented at 7:16 pm on December 15, 2017: member
    Jup, if we want to disable by default, I’d prefer that way.
  15. morcos commented at 7:47 pm on December 15, 2017: member

    Agree with @MarcoFalke

    we already have too many configuration options if you want to use fallbackfee, then set one, otherwise you don’t get one.

    Sometimes we err too much on maintaining every aspect of backwards compatibility.
    Just tell people in the release notes that RPC and GUI will now refuse to send when fee estimates are not initialized UNLESS you specifically instruct what feerate to fallback to.

    We also already have the option to include the fee on a per transaction basis .

  16. jonasschnelli commented at 7:48 pm on December 15, 2017: contributor
    How would we handle regression tests (enable fallbackfee by default there)?
  17. jonasschnelli commented at 7:50 pm on December 15, 2017: contributor
    However, I’m fine with skipping step 1) (allow to disable) and directly disable it by default (with allow to enable).
  18. morcos commented at 7:53 pm on December 15, 2017: member
    Thats a good question. Maybe for testnet and regtest we have fallbackfee enabled by default? I’m not sure.. It does seem we’re prone to errors that aren’t caught by testing that way, but fundamentally testing fee estimation is hard. Another option is to just hard code in a fee estimate file for the functional tests that use the cached directory. But you’d still have the problem for all the others…
  19. MarcoFalke commented at 8:07 pm on December 15, 2017: member

    How would we handle regression tests (enable fallbackfee by default there)?

    Jup, that makes sense to me. Don’t worry too much about the tests for now, you can ignore the travis result and then later push a test-fix commit that follows your implementation and is acceptable to everyone.

  20. jonasschnelli force-pushed on Dec 16, 2017
  21. jonasschnelli commented at 6:48 am on December 16, 2017: contributor
    • Changes this PR so it disables the fallback fee on mainnet, but keeps it enabled on testnet/regtest. Kept the option to change the state (renamed to enablefallbackfee=<state>).
    • Renamed the -walletfallbackfeerbf125 to fallbackfeerbf125.
  22. morcos commented at 1:01 pm on December 16, 2017: member

    @jonasschnelli Can we please get rid of both of the new options?

    I haven’t understood why they are necessary.

    We already have -fallbackfee, it seems to me if you set that then you pretty clearly want to enable it and it doesn’t make sense to have an option to enable fallbackfee without explicitly specifying what you want it to be.

    -fallbackfeerbf125 also seems unnecessary. In the GUI, we’ll already have the warning and can set rbf on a per transaction basis. I think we can just warn people using RPC that if they set a fallbackfee and don’t have rbf set, then they are taking some risk. Unlike the prior option, this at least serves some purpose, but its just so esoteric that I think it’s essentially clutter.

  23. jonasschnelli force-pushed on Dec 19, 2017
  24. jonasschnelli renamed this:
    Improve fallback fee situations
    Disable default fallbackfee on mainnet
    on Dec 19, 2017
  25. jonasschnelli commented at 11:25 pm on December 19, 2017: contributor
    Followed @morcos advice. This does now simply disable the default fallback fee on mainnet (keeps it on testnet/regtest). Transactions using the fallbackfee in case the fallback fee has not been set are getting rejected (on mainnet).
  26. jonasschnelli force-pushed on Dec 20, 2017
  27. MarcoFalke commented at 3:26 pm on December 20, 2017: member
    @jonasschnelli Needs rebase if still relevant. Also see #11918
  28. jonasschnelli force-pushed on Dec 20, 2017
  29. in src/wallet/fees.cpp:58 in edcc468550 outdated 
    52@@ -53,6 +53,9 @@ CAmount GetMinimumFee(unsigned int nTxBytes, const CCoinControl& coin_control, c
53             // if we don't have enough data for estimateSmartFee, then use fallbackFee
54             fee_needed = CWallet::fallbackFee.GetFee(nTxBytes);
55             if (feeCalc) feeCalc->reason = FeeReason::FALLBACK;
56+
57+            // directly return if fallback fee is disabled (feerate 0 == disabled)
58+            if (CWallet::fallbackFee.GetFee(1000) == 0) return fee_needed;
    MarcoFalke commented at 8:26 pm on December 20, 2017:

    shorter, faster and clearer:

    0if (fee_needed == 0)
    jonasschnelli commented at 6:41 am on December 22, 2017:
    fee_needed == 0 seems the wrong check, it could be 0 in case you would run through with nTxBytes=0, very unlikely, but testing the fallbackfee instead the current fee_needed seems correct.
    MarcoFalke commented at 9:11 am on December 22, 2017:
    Right, should only matter for unit tests, but makes sense to keep it that way.
  30. in src/wallet/fees.cpp:72 in edcc468550 outdated 
    68@@ -66,7 +69,7 @@ CAmount GetMinimumFee(unsigned int nTxBytes, const CCoinControl& coin_control, c
69     CAmount required_fee = GetRequiredFee(nTxBytes);
70     if (required_fee > fee_needed) {
71         fee_needed = required_fee;
72-        if (feeCalc) feeCalc->reason = FeeReason::REQUIRED;
73+        if (feeCalc && feeCalc->reason != FeeReason::FALLBACK) feeCalc->reason = FeeReason::REQUIRED;
    MarcoFalke commented at 8:26 pm on December 20, 2017:
    How is this not dead code?
    jonasschnelli commented at 7:03 am on December 22, 2017:
    Why would that be dead code?
    MarcoFalke commented at 9:11 am on December 22, 2017:

    Excuse my brevity, but I fail to see why fallbackfee is special cased here.

    Let’s assume the user sets paytxfee to one satoshi per byte, but the required fee is higher. It will correctly report that the required fee rate was used. Let’s assume the user sets fallbackfee to something very low and the required fee is higher. It will incorrectly report in the debug.log that the fallbackfee was used, no? Since in this case g_wallet_allow_fallback_fee will be true, it won’t incorrectly hit the check in wallet.cpp.

    So if there is a reason to add this piece of code, please explain and/or add a comment.

    jonasschnelli commented at 7:08 pm on December 22, 2017:

    You right. It’s no longer in use. The question here is, that we return a single flag where a bitset would be required. Reason can be FeeReason::REQUIRED but also (AND) FeeReason::FALLBACK.

    This code part was required to enable RBF125 in case a fallback fee has been used regardless of the mintxrelayfee. But no longer relevant, will remove.

    jonasschnelli commented at 7:36 pm on December 22, 2017:
    Fixed.
  31. in test/functional/wallet-fallbackfee.py:2 in edcc468550 outdated 
    0@@ -0,0 +1,27 @@
1+#!/usr/bin/env python3
2+# Copyright (c) 2014-2016 The Bitcoin Core developers
    MarcoFalke commented at 8:27 pm on December 20, 2017:
    nit: off by two years, almost
    jonasschnelli commented at 7:04 am on December 22, 2017:
    Oh. Yes. Fixed.
  32. in test/functional/test_runner.py:129 in edcc468550 outdated 
    129@@ -130,6 +130,7 @@
130     'feature_logging.py',
131     'node_network_limited.py',
132     'conf_args.py',
133+    'wallet-fallbackfee.py',
    MarcoFalke commented at 8:28 pm on December 20, 2017:
    Could move up by a few lines to avoid merge conflicts
    jonasschnelli commented at 7:04 am on December 22, 2017:
    Fixed.
  33. MarcoFalke commented at 8:28 pm on December 20, 2017: member
    Just some style nits inline
  34. laanwj commented at 11:23 am on December 21, 2017: member
    Concept ACK
  35. jonasschnelli force-pushed on Dec 22, 2017
  36. in test/functional/wallet-fallbackfee.py:25 in 8ba3ffba3c outdated 
    20+        # test sending a tx with disabled fallback fee (must fail)
21+        self.stop_nodes()
22+        self.start_node(0, extra_args=["-fallbackfee=0"])
23+        addr = self.nodes[0].getnewaddress()
24+        assert_raises_rpc_error(-4, "Fee estimation failed", self.nodes[0].sendtoaddress, addr, 1)
25+
    MarcoFalke commented at 9:15 am on December 22, 2017:

    Could also add tests for the other rpc that potentially hit this error:

    E.g.

    0        assert_raises_rpc_error(-4, "Fee estimation failed. Fallbackfee is disabled", lambda: self.nodes[0].fundrawtransaction(self.nodes[0].createrawtransaction([], {self.nodes[0].getnewaddress(): 1})))
1        assert_raises_rpc_error(-4, "Fee estimation failed. Fallbackfee is disabled", lambda: self.nodes[0].sendfrom("", self.nodes[0].getnewaddress(), 1))
2        assert_raises_rpc_error(-6, "Fee estimation failed. Fallbackfee is disabled", lambda: self.nodes[0].sendmany("", {self.nodes[0].getnewaddress(): 1}))
    jonasschnelli commented at 7:36 pm on December 22, 2017:
    Thanks. Added those tests.
  37. jonasschnelli force-pushed on Dec 22, 2017
  38. MarcoFalke commented at 3:43 pm on December 25, 2017: member

    Thanks for adding the tests. I also slightly tested a previous version in the gui.

     0-----BEGIN PGP SIGNED MESSAGE-----
 1Hash: SHA512
 2
 3utACK 93ba98a6dcab49965e9080adeaf84984b3677e29
 4-----BEGIN PGP SIGNATURE-----
 5
 6iQIcBAEBCgAGBQJaQRwAAAoJENLqSFDnUoslcdsP/241UP7KxSViikJmkv0XHYvx
 7CKgsTPCnDBudbJoNYQ/dJ6pVuTcVUFUpJroOlsksUTX4SX1iz0t9zpXOqo1x+fQy
 8VOD6vNqgOIHuhbbaDgc2kjeEcMLYTnLTLc+mQdEo2/2xlIWRfKKXhTyb5gCelAP+
 9MykMhfXqM4Rrfnf/m+9eqP+ciMlxZlYUfKxFK4ZzijGw8tgTpXoVTVMR8cTtKFHw
101tqEXObZ8R3vMH+7JL3V2iriR9TuiWuKV7ZrHTvdpLYGw2XhkZe7RiL12WpiRjE6
11WT71333lg+HupGThjOKWtdEJo/oOt7ttatx8m/298Gp4Zw5auJh1Ij3u683/VR5I
12JdqHdm2J3GPzZ02zz34NR/IKpeX270z0R28nlJ/vHTeYOt3Z1v/CRqxeezzh1Go/
13hDcm/xQIbtXuELeayBg1wHthfPZpga9RsCKHkSR0hrl717ocDUIt6XvJBAFyquf1
14UhdR47Y9z2YUNjr/Gb4jRQjF8FvEpkEKIKdcsbCNbbhFpMnr0lE3VqRWEIsbPdcv
15daIJsqm7lnPP2Zy7mmE3QAK9I0nfOjaKi3SciSYpHJB7cGaXY+dlOtGkh66iE+YP
16xuVAxRrjbTDEwXmCF0rPCVThFZOWsqfUYhU8VtgE2FydGnKZXkGFPhJY4aXCIyDV
17cumCc/4r3Mf4LxPqIKRU
18=TzpY
19-----END PGP SIGNATURE-----
  39. MarcoFalke added the label Needs release notes on Dec 25, 2017
  40. in test/functional/wallet-fallbackfee.py:22 in 93ba98a6dc outdated 
    17+        # sending a transaction without fee estimations must be possible by default on regtest
18+        self.nodes[0].sendtoaddress(self.nodes[0].getnewaddress(), 1)
19+
20+        # test sending a tx with disabled fallback fee (must fail)
21+        self.stop_nodes()
22+        self.start_node(0, extra_args=["-fallbackfee=0"])
    promag commented at 2:09 pm on February 5, 2018:
    Remove stop above and change here to restart.
  41. promag commented at 2:23 pm on February 5, 2018: member

    Needs rebase.

    Concept ACK on setting the rbf flag on transactions where it is unclear if they confirm with the default fallback fee

    I see 2 distinct options here: 1) automatically set RBF; 2) give error if coin control RBF is not set. From the UI point of view, being “preventive” is not that bad, I would go for option 2).

    I think we can just warn people using RPC that if they set a fallbackfee and don’t have rbf set, then they are taking some risk

    Should update descriptions of send/fund RPC?

  42. laanwj added this to the "Blockers" column in a project
  43. jonasschnelli force-pushed on Feb 9, 2018
  44. jonasschnelli commented at 7:09 am on February 9, 2018: contributor

    Rebased and fixed the test nit reported by @promag.

    Concept ACK on setting the rbf flag on transactions where it is unclear if they confirm with the default fallback fee

    I see 2 distinct options here: 1) automatically set RBF; 2) give error if coin control RBF is not set. From the UI point of view, being “preventive” is not that bad, I would go for option 2).

    The idea 1) has been removed (was there in a previous version of Core): #11882 (comment) For 2) / GUI UX optimization, see #11892.

  45. MarcoFalke commented at 7:56 pm on February 10, 2018: member
    Should probably use underscore for the test name (see other test script names)
  46. jonasschnelli force-pushed on Feb 12, 2018
  47. jonasschnelli commented at 10:19 am on February 12, 2018: contributor
    Fixed the test name (uses now underscore).
  48. in src/wallet/init.cpp:19 in 0d51422439 outdated 
    15@@ -15,6 +16,9 @@
16 
17 std::string GetWalletHelpString(bool showDebug)
18 {
19+    const auto defaultChainParams = CreateChainParams(CBaseChainParams::MAIN);
    promag commented at 11:33 am on February 12, 2018:
    Unused, remove? same below.
  49. in src/wallet/init.cpp:142 in 0d51422439 outdated 
    138@@ -132,6 +139,7 @@ bool WalletParameterInteraction()
139             InitWarning(AmountHighWarn("-fallbackfee") + " " +
140                         _("This is the transaction fee you may pay when fee estimates are not available."));
141         CWallet::fallbackFee = CFeeRate(nFeePerK);
142+        g_wallet_allow_fallback_fee = (nFeePerK == 0 ? false : true); //disable fallback fee in case value was set to 0, enable if non-null value
    promag commented at 11:34 am on February 12, 2018:

    Nit

    0g_wallet_allow_fallback_fee = nFeePerK != 0;
  50. in test/functional/wallet_fallbackfee.py:27 in 0d51422439 outdated 
    21+        self.restart_node(0, extra_args=["-fallbackfee=0"])
22+        assert_raises_rpc_error(-4, "Fee estimation failed", lambda: self.nodes[0].sendtoaddress(self.nodes[0].getnewaddress(), 1))
23+        assert_raises_rpc_error(-4, "Fee estimation failed", lambda: self.nodes[0].fundrawtransaction(self.nodes[0].createrawtransaction([], {self.nodes[0].getnewaddress(): 1})))
24+        assert_raises_rpc_error(-4, "Fee estimation failed", lambda: self.nodes[0].sendfrom("", self.nodes[0].getnewaddress(), 1))
25+        assert_raises_rpc_error(-6, "Fee estimation failed", lambda: self.nodes[0].sendmany("", {self.nodes[0].getnewaddress(): 1}))
26+if __name__ == '__main__':
    promag commented at 11:35 am on February 12, 2018:
    Missing newline before.
  51. in src/chainparams.h:96 in 0d51422439 outdated 
    92@@ -91,6 +93,7 @@ class CChainParams
93     bool fMineBlocksOnDemand;
94     CCheckpointData checkpointData;
95     ChainTxData chainTxData;
96+    bool m_fallback_fee_enabled;
    promag commented at 11:38 am on February 12, 2018:
    Nit, could be after fMineBlocksOnDemand above.
    jonasschnelli commented at 1:33 am on February 25, 2018:
    Can you explain why?
    promag commented at 9:21 pm on February 25, 2018:

    Take the following example:

     0#include <iostream>
 1using namespace std;
 2
 3struct s1 {
 4  char a;
 5  int b;
 6};
 7
 8struct s2 {
 9  char a;
10  int b;
11  char c;
12};
13
14struct s3 {
15  char a;
16  char c;
17  int b;
18};
19
20int main() {
21  cout << sizeof(s1) << endl;
22  cout << sizeof(s2) << endl;
23  cout << sizeof(s3) << endl;
24  return 0;
25}

    on my system the output is

    08
112
28

    See http://www.catb.org/esr/structure-packing/#_structure_alignment_and_padding

    But it’s no big deal in this case, but should be taken into account when it’s instanced a lot.

  52. in src/wallet/init.cpp:132 in 0d51422439 outdated 
    126@@ -123,6 +127,9 @@ bool WalletParameterInteraction()
127                         _("This is the minimum transaction fee you pay on every transaction."));
128         CWallet::minTxFee = CFeeRate(n);
129     }
130+
131+    const CChainParams& chainParams = Params();
132+    g_wallet_allow_fallback_fee = chainParams.IsFallbackFeeEnabled();
    promag commented at 11:39 am on February 12, 2018:

    Nit, shorter:

    0g_wallet_allow_fallback_fee = Params().IsFallbackFeeEnabled();
  53. in src/wallet/wallet.cpp:47 in 0d51422439 outdated 
    43@@ -44,6 +44,7 @@ bool bSpendZeroConfChange = DEFAULT_SPEND_ZEROCONF_CHANGE;
44 bool fWalletRbf = DEFAULT_WALLET_RBF;
45 OutputType g_address_type = OUTPUT_TYPE_NONE;
46 OutputType g_change_type = OUTPUT_TYPE_NONE;
47+bool g_wallet_allow_fallback_fee = false; //<! will be defined via chainparams
    promag commented at 11:41 am on February 12, 2018:
    Following the same concept of #12408, move to wallet member?
    jonasschnelli commented at 1:36 am on February 25, 2018:
    Fallback fee yes or now seems to me after a global setting (not per wallet).
    promag commented at 9:23 pm on February 25, 2018:
    Ok then.
    MarcoFalke commented at 3:33 pm on March 3, 2018:
    In which case it could be a static member, just saying
  54. jonasschnelli force-pushed on Feb 25, 2018
  55. Disable wallet fallbackfee by default on mainnet 8222e057fe
  56. jonasschnelli force-pushed on Feb 25, 2018
  57. [QA] add wallet-rbf test 3f592b81dc
  58. jonasschnelli commented at 1:39 am on February 25, 2018: contributor
    Fixed points reported by @promag
  59. jonasschnelli force-pushed on Feb 25, 2018
  60. MarcoFalke commented at 4:14 pm on February 25, 2018: member

    Only changes were feedback addressed by promag.

     0-----BEGIN PGP SIGNED MESSAGE-----
 1Hash: SHA512
 2
 3re-ACK 3f592b81dcca3d2ef11403a623a6ba5b017567d7
 4-----BEGIN PGP SIGNATURE-----
 5
 6iQIcBAEBCgAGBQJakuCeAAoJENLqSFDnUosl6WYP/AzLIKmB1aPMbpjXekqbBnqO
 7jVzOfPXN2GIxGqbynZHKvof6EYYAwVG47hNVWy9wO6+vGiZtmAC/qlQnorb9pfZb
 8oKNv1CDqK8dk8+LqHMSKggqAUHiJd0cP4mm8/GhySgewFCmjDVnYuHrpRNilsdHd
 9Zk46bEgiSpAbAM6OtY/55CvCEMS0w6/Vn2CU8g5EAagoNIkJPhsaWS+Vq3wZJLlV
10MPrf+waPLGDykXionlbxEz4HZ37z3hSOkvB9wG/+L6j/kTyqnvUJS9haJaJ/4L7q
11VEKJd+zAcqshDnoIyQD7L8+5v4rKcr75MNHVzKUtFWeVJc/ouF5HgCdyGdjAQgrk
12FUZoaxrz6JYdbR7phfHtHzIcHtX5CipmgcS0JXdmVDxcY7iIsC8NVPRCfWm5kdTD
13HNN+cBLd7i0oEuWqFJN03zMZ6rE4iy9MsQ3nL2BbPU5fd3OXnZWWL4ARBGv5l1Fj
14qxNOenn4S21nvUOya6EOe7dcC36wRnv3asLUrCoJxLLJZKpqHsEBabRTDgSCcPoV
15DzCIr5igtaHwOYCnU/OxL5cK3xUrnqJ2vs71F1xkCKWZMb1MCpNs5DhX1GWdITRA
16T5XuEdJXsf7jVBoyZxCwwGJ40YVSiY9R0TkjQZ7sXJFOI440C5Q1GdzPCSrJRLAM
17htpBKa4NdBb6Q6x/meTx
18=Iq6n
19-----END PGP SIGNATURE-----
  61. promag commented at 9:24 pm on February 25, 2018: member
    utACK 3f592b8.
  62. laanwj merged this on Mar 1, 2018
  63. laanwj closed this on Mar 1, 2018
  64. laanwj referenced this in commit 987a80995a on Mar 1, 2018
  65. laanwj removed this from the "Blockers" column in a project
  66. ryanofsky referenced this in commit 7ba2d57852 on Mar 2, 2018
  67. MarcoFalke referenced this in commit 6012f1caf7 on Mar 3, 2018
  68. CyrusZhou-CN referenced this in commit b920af6e80 on Mar 3, 2018
  69. HashUnlimited referenced this in commit ccc7d5defa on Jul 31, 2018
  70. lionello referenced this in commit de4a0cb52d on Nov 7, 2018
  71. fanquake removed the label Needs release note on Mar 20, 2019
  72. Munkybooty referenced this in commit d05dbb5e2f on Nov 30, 2021
  73. DrahtBot locked this on Dec 16, 2021


jonasschnelli MarcoFalke NicolasDorier greenaddress morcos laanwj promag

Labels
Wallet

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-09-29 04:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me