[QT] Don't ask for a passphrase to getnewaddress. #2904

pull gmaxwell wants to merge 2 commits into bitcoin:master from gmaxwell:newaddr-no-passphrase changing 6 files +20 −22
  1. gmaxwell commented at 4:58 AM on August 16, 2013: contributor

    With an encrypted wallet the GUI was prompting for a passphrase every time the user requested a new address. This is unnecessary, increases the exposure to keyboard sniffers, and discourages using fresh addresses for every transaction.

    Instead only prompt for a passphrase when the keypool runs out, also call the new address function with the flag that prevents reuse.

  2. gmaxwell commented at 5:03 AM on August 16, 2013: contributor

    So, the design choices here were to reuse or prompt when the keypool ran dry. Reuse has the advantage that the behavior would never change even when the pool empties, but it would reuse a previously assigned address, which is really surprising. There would also be an option to reuse after prompting if the wallet didn't unlock.

    Codeshark, said prompt on empty. I agree. If someone wants to reuse when they don't have the key— the list is there.

    I tested this by starting up with an encrypted wallet and hitting new address until the keypool ran out and it promoted me. I dismissed the dialog and retried a few times before finally letting it unlock and confirming it worked as expected.

  3. BitcoinPullTester commented at 5:39 AM on August 16, 2013: none

    Automatic sanity-testing: PASSED, see http://jenkins.bluematt.me/pull-tester/0eb506a01a32cc78609ee9071b0d5302488496ec for binaries and test log. This test script verifies pulls every time they are updated. It, however, dies sometimes and fails to test properly. If you are waiting on a test, please check timestamps to verify that the test.log is moving at http://jenkins.bluematt.me/pull-tester/current/ Contact BlueMatt on freenode if something looks broken.

  4. gmaxwell commented at 11:33 AM on August 17, 2013: contributor

    @wumpus @diapolo Any comments? I don't normally change GUI code.

  5. Diapolo commented at 12:00 PM on August 17, 2013: none

    I took a quick look at GetKeyFromPool() and AFAIK we want to get rid of that default address/kay anyway, right? That pull could also remove the fAllowReuse parameter from that function, as it's false after this pull everywhere in the code.

    Code looks good and does what it sais, no need to enter the passphrase when requesting a new receiving address.

  6. gmaxwell commented at 12:28 PM on August 17, 2013: contributor

    @Diapolo Good observation on default, I hadn't thought to check to find out if that were the last user of it.

  7. laanwj commented at 5:48 AM on August 22, 2013: member

    Good change.

    Agree with @diapolo with regard to default key and allow reuse.

  8. Diapolo commented at 11:13 AM on August 23, 2013: none

    AFAIK GetKeyFromPool() is now true at least once after paymentrequest pull was merged. Can you guys have a look into if this makes sense.

  9. [QT] Don't ask for a passphrase to getnewaddress.
    With an encrypted wallet the GUI was prompting for a passphrase every time
 the user requested a new address.  This is unnecessary, increases the
 exposure to keyboard sniffers, and discourages using fresh addresses for
 every transaction.

Instead only prompt for a passphrase when the keypool runs out, also call
 the new address function with the flag that prevents reuse.

Thanks to AlexNagy on IRC for pointing this out and who wouldn't take any
 lip from a curmudgeonly developer and insisted on what he knew to be true.
    20469d83dd
  10. Remove fAllowReuse from GetKeyFromPool.
    With the GUI password fix this was always false.
    71ac5052d8
  11. gmaxwell commented at 7:56 PM on August 23, 2013: contributor

    fAllowReuse gone and rebased post paymentrequests so I could remove the flag there too.

  12. BitcoinPullTester commented at 8:54 PM on August 23, 2013: none

    Automatic sanity-testing: PASSED, see http://jenkins.bluematt.me/pull-tester/71ac5052d83fcba21a09e5e2b7ad66faea6bd42a for binaries and test log. This test script verifies pulls every time they are updated. It, however, dies sometimes and fails to test properly. If you are waiting on a test, please check timestamps to verify that the test.log is moving at http://jenkins.bluematt.me/pull-tester/current/ Contact BlueMatt on freenode if something looks broken.

  13. laanwj commented at 5:32 AM on August 24, 2013: member

    ACK

  14. sipa commented at 4:01 PM on August 25, 2013: member

    ACK core changes.

  15. gmaxwell referenced this in commit 1ef0067eab on Aug 28, 2013
  16. gmaxwell merged this on Aug 28, 2013
  17. gmaxwell closed this on Aug 28, 2013
  18. IntegralTeam referenced this in commit 66a2cdeafc on Jun 4, 2019
  19. DrahtBot locked this on Sep 8, 2021
Contributors
gmaxwellBitcoinPullTesterDiapololaanwjsipa
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-18 21:16 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me