In testing, ASB panicked in `max_bitcoin_for_price` when the Monero
balance x Bitcoin price was enough to overflow `u64`.
This commit changes the function to do the piconero offset division
first, and then to use `checked_mul` to return None if the calculation
would overflow. This required changing the function return
signature to an `Option`. Additional tests for the function were also added.
MONERO_FEE was changed from 0.000030 to 0.000016, which is still
double the current median transaction fee listed at
https://www.monero.how/monero-transaction-fees as of 2022-07-28.
On Linux and macOS, no program output was being observed.
This is referenced in the [LocalTime] docs for `tracing-subscriber`,
which links to this [unsoundness issue] in the time crate.
Rather than introducing a possible vector for undefined behaviour and
segfaults, I have just changed the logging to use UTC time instead.
When running the ASB as a systemd service, one would generally use the
`--disable-timestamps` flag anyway as systemd adds its own timestamps
which can be local to the server.
If the situation with `tracing-subscriber` and the time crate is fixed
then this can be updated.
This commit also updates the `tracing-subscriber` and `tracing-appender`
dependencies, closing #987.
[LocalTime]: https://docs.rs/tracing-subscriber/latest/tracing_subscriber/fmt/time/struct.LocalTime.html
[unsoundness issue]: https://github.com/time-rs/time/issues/293#issuecomment-748151025
975: change to rino docker containers r=lescuer97 a=lescuer97
this is for updating from the melo tools dockers to the rino ones
Fixes#969
Co-authored-by: leonardo <leoescuer@protonmail.com>
881: Record the monero-wallet-restore blockcheight before locking BTC r=da-kami a=da-kami
This solves issues where the CLI went offline after sending the BTC transaction, and the monero wallet restore blockheight being recorded after Alice locked the Monero, resulting in the generated XMR redeem wallet not detecting the transaction and reporting `No unlocked balance in the specified account`.
Co-authored-by: Daniel Karzel <daniel@comit.network>
This solves issues where the CLI went offline after sending the BTC transaction, and the monero wallet restore blockheight being recorded after Alice locked the Monero, resulting in the generated XMR redeem wallet not detecting the transaction and reporting `No unlocked balance in the specified account`.
841: Bump actions/checkout from 2.3.4 to 2.4.0 r=rishflab a=dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<ul>
<li>Convert SSH URLs like <code>org-<ORG_ID>`@github.com:</code>` to <code>https://github.com/</code> - <a href="https://github-redirect.dependabot.com/actions/checkout/pull/621">pr</a></li>
</ul>
<h2>v2.3.5</h2>
<p>Update dependencies</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ec3a7ce113"><code>ec3a7ce</code></a> set insteadOf url for org-id (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/621">#621</a>)</li>
<li><a href="fd47087372"><code>fd47087</code></a> codeql should analyze lib not dist (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/620">#620</a>)</li>
<li><a href="3d677ac575"><code>3d677ac</code></a> script to generate license info (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/614">#614</a>)</li>
<li><a href="826ba42d6c"><code>826ba42</code></a> npm audit fix (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/612">#612</a>)</li>
<li><a href="eb8a193c1d"><code>eb8a193</code></a> update dev dependencies and react to new linting rules (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/611">#611</a>)</li>
<li><a href="c49af7ca1f"><code>c49af7c</code></a> Create codeql-analysis.yml (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/602">#602</a>)</li>
<li><a href="1e204e9a92"><code>1e204e9</code></a> update licensed check (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/606">#606</a>)</li>
<li><a href="0299a0d2b6"><code>0299a0d</code></a> update dist (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/605">#605</a>)</li>
<li><a href="be0f448456"><code>be0f448</code></a> Bump ws from 5.2.2 to 5.2.3 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/604">#604</a>)</li>
<li><a href="56c00a7b1f"><code>56c00a7</code></a> Bump tmpl from 1.0.4 to 1.0.5 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/588">#588</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/actions/checkout/compare/v2.3.4...v2.4.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
846: Bump strum from 0.21.0 to 0.23.0 r=rishflab a=dependabot[bot]
Bumps [strum](https://github.com/Peternator7/strum) from 0.21.0 to 0.23.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum's changelog</a>.</em></p>
<blockquote>
<h2>0.23.0</h2>
<ul>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/185">#185</a> Adds the <code>FromRepr</code> derive that adds a <code>from_repr(x: usize) -> Option<Self></code>
method to your enum. This lets you convert integer values to your enum. If you specify a #[repr(..)] attribute on your enum, or use
an explicit discriminant, this will be incorporated into the derive.</p>
<ul>
<li><code>from_repr</code> will be <code>const</code> if you use a recent rust version.</li>
<li>This cannot be a trait method currently because only inherent methods support <code>const</code>.</li>
</ul>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/186">#186</a> Automatically implement <code>TryFrom<str></code> for enums that implement <code>EnumString</code>.
This is only enabled for rustc >= 1.34 which is when `TryFrom was stabilized.</p>
<ul>
<li>This is a small breaking change. If you had manually implemented <code>TryFrom<str></code> for your enum, this will cause a conflict. You
can probably remove your manual implementation.</li>
</ul>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/189">#189</a> Use <code>core::result::Result</code> instead of <code>std::result::Result</code>. This should be
more portable in no-std environments.</p>
</li>
</ul>
<h2>0.22.0</h2>
<ul>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/180">#180</a>: Deprecates <code>ToString</code> derive. You should use <code>Display</code>
instead.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/178">#178</a>: Deprecates AsStaticStr. This has been undocumented for a while.
The recommended method is to derive <code>IntoStaticStr</code> instead.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/171">#171</a>: Improve <code>no-std</code> support.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/170">#170</a>: enable changing the path to strum traits. This is necessary
if you re-export strum as a submodule in another crate.</p>
</li>
</ul>
<h2>0.21.1</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/Peternator7/strum/pull/164">#164</a> Improve compatibility with older versions of <code>syn</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/Peternator7/strum/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
851: Bump actions/setup-python from 2.2.2 to 2.3.1 r=rishflab a=dependabot[bot]
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.2.2 to 2.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p>
<blockquote>
<h2>Update actions/cache version to 1.0.8</h2>
<p>We have updated <a href="https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md#108">actions/cache</a> dependency version to 1.0.8 to support 10GB cache upload</p>
<h2>Support caching dependencies</h2>
<p>This release introduces dependency caching support (<a href="https://github-redirect.dependabot.com/actions/setup-python/pull/266">actions/setup-python#266</a>)</p>
<h2>Caching dependencies.</h2>
<p>The action has a built-in functionality for caching and restoring pip/pipenv dependencies. The <code>cache</code> input is optional, and caching is turned off by default.</p>
<p>Besides, this release introduces dependency caching support for mono repos and repositories with complex structure.</p>
<p>By default, the action searches for the dependency file (requirements.txt for pip or Pipfile.lock for pipenv) in the whole repository. Use the <code>cache-dependency-path</code> input for cases when you want to override current behaviour and use different file for hash generation (for example requirements-dev.txt). This input supports wildcards or a list of file names for caching multiple dependencies.</p>
<h3>Caching pip dependencies:</h3>
<pre><code>steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: '3.9'
cache: 'pip'
- run: pip install -r requirements.txt
- run: pip test
</code></pre>
<h3>Caching pipenv dependencies:</h3>
<pre><code>steps:
- uses: actions/checkout@v2
- name: Install pipenv
run: pipx install pipenv
- uses: actions/setup-python@v2
with:
python-version: '3.9'
cache: 'pipenv'
- run: pipenv install
- run: pipenv test
</code></pre>
<h3>Change dependency file:</h3>
<pre><code>steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: '3.9'
cache: 'pip'
cache-dependency-path: '**/requirements-dev.txt'
- run: pip install -r subdirectory/requirements-dev.txt
- run: pip test
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f382193329"><code>f382193</code></a> Update <code>`@actions/cache</code>` version to 1.0.8 (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/283">#283</a>)</li>
<li><a href="3ef38b826b"><code>3ef38b8</code></a> Create ADR for integrating cache functionality to setup-python action (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/247">#247</a>)</li>
<li><a href="0066b88440"><code>0066b88</code></a> Add a workflow to release a new version of the action (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/274">#274</a>)</li>
<li><a href="280924fbef"><code>280924f</code></a> Implementation of python's caching (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/266">#266</a>)</li>
<li><a href="52636cf49a"><code>52636cf</code></a> Fix consistency in README (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/250">#250</a>)</li>
<li><a href="ca5c59064f"><code>ca5c590</code></a> Update version for setup-python in package.json (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/264">#264</a>)</li>
<li><a href="feeaa3ba49"><code>feeaa3b</code></a> Add issue and pull request templates (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/258">#258</a>)</li>
<li><a href="002b1e4044"><code>002b1e4</code></a> Change python version for pypy in workflow files (<a href="https://github-redirect.dependabot.com/actions/setup-python/issues/259">#259</a>)</li>
<li><a href="d12543aa2a"><code>d12543a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-python/issues/252">#252</a> from dmitry-shibanov/v-dmshib/update-dependencies</li>
<li><a href="4aa563ba8c"><code>4aa563b</code></a> update dependencies</li>
<li>Additional commits viewable in <a href="https://github.com/actions/setup-python/compare/v2.2.2...v2.3.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
880: Add `monero-recovery` command to print address + view/spend keys r=rishflab a=da-kami
This allows manual recovery of problems like https://github.com/comit-network/xmr-btc-swap/issues/537
Since we could not figure out what causes this issue, and it is most likely an upstream problem this is the best we can do so far to allow the user to manually interact with `monero-wallet-cli` or `monero-wallet-rpc`.
884: Bump pem from 1.0.0 to 1.0.1 r=rishflab a=dependabot[bot]
Bumps [pem](https://github.com/jcreekmore/pem-rs) from 1.0.0 to 1.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/jcreekmore/pem-rs/blob/master/CHANGELOG.md">pem's changelog</a>.</em></p>
<blockquote>
<h1>1.0.1</h1>
<ul>
<li>hide the ASCII_ARMOR symbol to work around a linking issue with 32-bit windows builds</li>
</ul>
<h1>1.0</h1>
<ul>
<li><code>pem::parse_many</code> now returns a <code>Result<Vec<Pem>></code> instead of a <code>Vec<Pem></code> that silently discarded invalid sections.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="20e9699def"><code>20e9699</code></a> (cargo-release) version 1.0.1</li>
<li><a href="5fa4dbdffb"><code>5fa4dbd</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/jcreekmore/pem-rs/issues/30">#30</a> from jcreekmore/refactor-ascii-armor</li>
<li><a href="fb15d5c679"><code>fb15d5c</code></a> hide the ASCII_ARMOR symbol</li>
<li><a href="4137641d44"><code>4137641</code></a> (cargo-release) start next development iteration 1.0.1-alpha.0</li>
<li>See full diff in <a href="https://github.com/jcreekmore/pem-rs/compare/v1.0.0...v1.0.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
885: Bump hyper from 0.14.13 to 0.14.16 r=rishflab a=dependabot[bot]
Bumps [hyper](https://github.com/hyperium/hyper) from 0.14.13 to 0.14.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/hyperium/hyper/releases">hyper's releases</a>.</em></p>
<blockquote>
<h2>v0.14.16</h2>
<h2>Features</h2>
<ul>
<li><strong>http2:</strong> add <code>http2_max_send_buf_size</code> option to client and server (<a href="bff977b73c">bff977b7</a>)</li>
<li><strong>server:</strong> add HTTP/1 header read timeout option (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2675">#2675</a>) (<a href="842c6553a5">842c6553</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2457">#2457</a>)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><strong>http1:</strong> return 414 when URI contains more than 65534 characters (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2706">#2706</a>) (<a href="5f938fffa6">5f938fff</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2701">#2701</a>)</li>
<li><strong>http2:</strong> received <code>Body::size_hint()</code> now return 0 if implicitly empty (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2715">#2715</a>) (<a href="84b78b6c87">84b78b6c</a>)</li>
<li><strong>server:</strong> use case-insensitive comparison for Expect: 100-continue (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2709">#2709</a>) (<a href="7435cc3399">7435cc33</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2708">#2708</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/rajing"><code>`@rajing</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2706">hyperium/hyper#2706</a></li>
<li><a href="https://github.com/JonathanMurray"><code>`@JonathanMurray</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2709">hyperium/hyper#2709</a></li>
</ul>
<h2>v0.14.15</h2>
<h2>Bug Fixes</h2>
<ul>
<li><strong>client:</strong> cancel blocking DNS lookup if <code>GaiFuture</code> is dropped (<a href="https://github.com/hyperium/hyper/commit/174b553d">174b553d</a>)</li>
</ul>
<h2>Features</h2>
<ul>
<li><strong>http1:</strong> add <code>http1_writev(bool)</code> options to Client and Server builders, to allow forcing vectored writes (<a href="https://github.com/hyperium/hyper/commit/80627141">80627141</a>)</li>
<li><strong>upgrade:</strong> allow http upgrades with any body type (<a href="ab469eb3c6">ab469eb3</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/luqmana"><code>`@luqmana</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2680">hyperium/hyper#2680</a></li>
<li><a href="https://github.com/whentze"><code>`@whentze</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2688">hyperium/hyper#2688</a></li>
<li><a href="https://github.com/ahmedsobeh"><code>`@ahmedsobeh</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/2689">hyperium/hyper#2689</a></li>
</ul>
<h2>v0.14.14</h2>
<h2>Bug Fixes</h2>
<ul>
<li><strong>client:</strong>
<ul>
<li>make ResponseFuture implement Sync (<a href="bd6c35b98f">bd6c35b9</a>)</li>
<li>remove ipv6 square brackets before resolving (<a href="910e02687d">910e0268</a>)</li>
</ul>
</li>
</ul>
<h2>Features</h2>
<ul>
<li><strong>http2:</strong> always include original h2 error on broken pipe (<a href="6169db250c">6169db25</a>)</li>
<li><strong>server:</strong> Remove Send + Sync requirement for Body in with_graceful_shutdown (<a href="1d553e52c6">1d553e52</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/hyperium/hyper/blob/master/CHANGELOG.md">hyper's changelog</a>.</em></p>
<blockquote>
<h3>v0.14.16 (2021-12-09)</h3>
<h4>Bug Fixes</h4>
<ul>
<li><strong>http1:</strong> return 414 when URI contains more than 65534 characters (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2706">#2706</a>) (<a href="5f938fffa6">5f938fff</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2701">#2701</a>)</li>
<li><strong>http2:</strong> received <code>Body::size_hint()</code> now return 0 if implicitly empty (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2715">#2715</a>) (<a href="84b78b6c87">84b78b6c</a>)</li>
<li><strong>server:</strong> use case-insensitive comparison for Expect: 100-continue (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2709">#2709</a>) (<a href="7435cc3399">7435cc33</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2708">#2708</a>)</li>
</ul>
<h4>Features</h4>
<ul>
<li><strong>http2:</strong> add <code>http2_max_send_buf_size</code> option to client and server (<a href="bff977b73c">bff977b7</a>)</li>
<li><strong>server:</strong> add HTTP/1 header read timeout option (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2675">#2675</a>) (<a href="842c6553a5">842c6553</a>, closes <a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2457">#2457</a>)</li>
</ul>
<h3>v0.14.15 (2021-11-16)</h3>
<h4>Bug Fixes</h4>
<ul>
<li><strong>client:</strong> cancel blocking DNS lookup if <code>GaiFuture</code> is dropped (<a href="https://github.com/hyperium/hyper/commit/174b553d">174b553d</a></li>
</ul>
<h4>Features</h4>
<ul>
<li><strong>http1:</strong> add <code>http1_writev(bool)</code> options to Client and Server builders, to allow forcing vectored writes (<a href="https://github.com/hyperium/hyper/commit/80627141">80627141</a>)</li>
<li><strong>upgrade:</strong> allow http upgrades with any body type (<a href="ab469eb3c6">ab469eb3</a>)</li>
</ul>
<h3>v0.14.14 (2021-10-22)</h3>
<h4>Bug Fixes</h4>
<ul>
<li><strong>client:</strong>
<ul>
<li>make ResponseFuture implement Sync (<a href="bd6c35b98f">bd6c35b9</a>)</li>
<li>remove ipv6 square brackets before resolving (<a href="910e02687d">910e0268</a>)</li>
</ul>
</li>
</ul>
<h4>Features</h4>
<ul>
<li><strong>h2:</strong> always include original h2 error on broken pipe (<a href="6169db250c">6169db25</a>)</li>
<li><strong>server:</strong> Remove Send + Sync requirement for Body in with_graceful_shutdown (<a href="1d553e52c6">1d553e52</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="41dee4a79b"><code>41dee4a</code></a> v0.14.16</li>
<li><a href="bff977b73c"><code>bff977b</code></a> feat(http2): add <code>http2_max_send_buf_size</code> option to client and server</li>
<li><a href="84b78b6c87"><code>84b78b6</code></a> fix(http2): received <code>Body::size_hint()</code> now return 0 if implicitly empty (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2">#2</a>...</li>
<li><a href="ce8242571f"><code>ce82425</code></a> refactor(lib): resolve unused warnings from server-specific code (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2710">#2710</a>)</li>
<li><a href="7435cc3399"><code>7435cc3</code></a> fix(server): use case-insensitive comparison for Expect: 100-continue (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2709">#2709</a>)</li>
<li><a href="5f938fffa6"><code>5f938ff</code></a> fix(http1): return 414 when URI contains more than 65534 characters (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2706">#2706</a>)</li>
<li><a href="1010614a0d"><code>1010614</code></a> test(client): refactor client helper macro to handle options better</li>
<li><a href="842c6553a5"><code>842c655</code></a> feat(server): add HTTP/1 header read timeout option (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/2675">#2675</a>)</li>
<li><a href="d0b1d9ed3a"><code>d0b1d9e</code></a> v0.14.15</li>
<li><a href="a1502e1067"><code>a1502e1</code></a> docs(http1): clarify HTTP1 preserve case option</li>
<li>Additional commits viewable in <a href="https://github.com/hyperium/hyper/compare/v0.14.13...v0.14.16">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daniel Karzel <daniel@comit.network>
This allows manual recovery of problems like https://github.com/comit-network/xmr-btc-swap/issues/537
Since we could not figure out what causes this issue, and it is most likely an upstream problem this is the best we can do so far to allow the user to manually interact with `monero-wallet-cli` or `monero-wallet-rpc`.
805: Remove unused command line argument from the balance command r=rishflab a=rishflab
The target block is irrelevant when calculating the balance.
Closes#793
Co-authored-by: rishflab <rishflab@hotmail.com>
This subcommand has been introduced to make it easy for users to find
the location of the deprecated sled database in case they wish to delete
it. This feature should also resolve difficulties users were facing when
trying to find where xmr-btc-swap was storing their data.
769: Change message log level to debug to allow enabling through flag r=rishflab a=rishflab
We do not have a way to enable tracing through a command line
argument so it did not make sense to have these messages set to
trace. Ideally a trace flag should be added but it is not that
straightforward with structopt. We could add a --log-level arg
that allows you select a log level but this is verbose.
Closes#759
Co-authored-by: rishflab <rishflab@hotmail.com>
We do not have a way to enable tracing through a command line
argument so it did not make sense to have these messages set to
trace. Ideally a trace flag should be added but it is not that
straightforward with structopt. We could add a --log-level arg
that allows you select a log level but this is verbose.
Previously logs were only timestamped when the ASB was run in an
interactive terminal or if the logs were output as JSON. JSON logs and
ASB output in an interactive terminal are no longer timestamped by
default.
Remove the force flag. There is a resume command that tries to
gracefully restarts the protocol and tries to execute the happy path.
Remove e2e tests which test the --force flag.
724: Handle errors when waiting for subscriptions r=rishflab a=rishflab
We were not thorough enough in PR #705 and there were some remaining
unhandled errors.
Co-authored-by: rishflab <rishflab@hotmail.com>
704: Allow withdrawing and viewing of the bitcoin balance on swap-cli r=rishflab a=devbordecraft
Same mechanics of the ASB but on swap-cli as discussed in #694
Co-authored-by: devbordecraft <devbordecraft>
Previously, we relied on the wallet in the `monero-wallet-rpc` daemon
to be loaded as we do on startup. As a consequence of this expectation,
restarting `monero-wallet-rpc` to fix bugs like #652 resulted in the
ASB no longer operating correctly.
To fix this, we now load the wallet on-demand in case the daemon responds
with the error code -13.
Ideally, we would implement this behaviour generically using the proxy
pattern on the `MoneroWalletRpc` trait. Unfortunately, when attempting
to do so we uncover a limitation in the design of `jsonrpc_client`.
This limitation is tracked in https://github.com/thomaseizinger/rust-jsonrpc-client/issues/47.
Once fixed, we can implement this logic in a more robust way that is not
tied to the `check_tx_key` RPC call but applies to any RPC call automatically.
Instead of splitting up the transports into capabilities, we compose
them directly for each application. This allows us to remove the
websocket transport for the CLI which is really only needed for the
ASB to allow retrieval of quotes via the browser.
Adds the ping behaviour to both ASB and CLI behaviour that periodically pings a connected party to ensure that the underlying network connection is still alive.
This fixes problems with long-running connections that become dead without a connection closure being reported back to the swarm.
This improves the error handling on the ASB.
Once the Bitcoin redeem transaction is seen in mempool, the state machine cannot transition to a cancel scenario anymore because at that point the CLI will have redeemed the Monero.
The additional state then waits for transaction finality.
In order to allow people to plug into public nodes / be more flexible with their own setup we now enforce specifying the monero daemon port to be used by the `monero-wallet-rpc`.
Introduces a minimum buy Bitcoin amount similar to the maximum amount already present.
For the CLI the minimum amount is enforced by waiting until at least the minimum is available as max-giveable amount.
Max-buy and spread is not something that one would configure on every run.
More convenient to keep this in the config.
The max-buy Bitcoin value was adapted to `0.02` which is more reasonable for mainnet.
Activated feature `serde-float` to serialize the spread (Decimal) as float instead of string.
```
...
[maker]
max_buy_btc = 0.02
ask_spread = 0.02
```
Adds `cancel`, `refund`, `punish`, `redeem` and `safely-abort` commands to the ASB that can be used to trigger the specific scenario for the swap by ID.
When a CLI requests a spot price have some errors that are expected, where we can provide a proper error message for the CLI:
- Balance of ASB too low
- Buy amount sent by CLI exceeds maximum buy amount accepted by ASB
- ASB is running in maintenance mode and does not accept incoming swap requests
All of these errors returns a proper error to the CLI and prints a warning in the ASB logs.
Any other unexpected error will result in closing the channel with the CLI and printing an error in the ASB logs.
Resume-only is a maintenance mode where no swaps are accepted but unfinished swaps are resumed.
This is achieve by ignoring incoming spot-price requests (that would lead to execution setup) in the event-loop.
Using the same default directory as data-/config-dir has caused unwanted side effects when running both applications on the same machine.
Use these directory names:
- ASB: xmr-btc-swap/asb
- CLI: xmr-btc-swap/cli
Since the functionality is now application specific the respective functions were moved into the appropriate module of the application.
Using the same default directory as data-/config-dir has caused unwanted side effects when running both applications on the same machine.
Use these directory names:
- ASB: xmr-btc-swap-asb
- CLI: xmr-btc-swap-cli
Since the functionality is now application specific the respective functions were moved into the appropriate module of the application.
This PR does a few things.
* It adds a TorTransport which either dials through Tor's socks5 proxy or via clearnet.
* It enables ASB to register hidden services for each network it is listening on. We assume that we only care about different ports and re-use the same onion-address for all of them. The ASB requires to have access to Tor's control port.
* It adds support to dial through a local Tor socks5 proxy. We assume that Tor is always available on localhost. Swap cli only requires Tor to be running so that it can send messages via Tor's socks5 proxy.
* It adds a new e2e test which swaps through Tor. For this we assume that Tor is currently running on localhost. All other tests are running via clear net.
A `RequestResponseCodec` for pull-based protocols where the response is encoded using JSON.
This was added to more properly express the behavior of the quote protocol, where the dialer
doesn't send any message and expects the listener to directly send the response.
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
- Listen on both tcp and websockets as default
- Listening addresses in config as array
- Configure fallback transport using `or_transport` - if listening on a given address fails on WS, we fall back to TCP.
- Swap-id is exchanged during execution setup. CLI (Bob) sends the swap-id to be used in his first message.
- Transfer poof and encryption signature messages include the swap-id so it can be properly associated with the correct swap.
- ASB: Encryption signatures are associated with swaps by swap-id, not peer-id.
- ASB: Transfer proofs are still associated to peer-ids (because they have to be sent to the respective peer), but the ASB can buffer multiple
- CLI: Incoming transfer proofs are checked for matching swap-id. If a transfer proof with a different swap-id than the current executing swap is received it will be ignored. We can change this to saving into the database.
Includes concurrent swap tests with the same Bob.
- One test that pauses and starts an additional swap after the transfer proof was received. Results in both swaps being redeemed after resuming the first swap.
- One test that pauses and starts an additional swap before the transfer proof is sent (just after BTC locked). Results in the second swap redeeming and the first swap being refunded (because the transfer proof on Bob's side is lost). Once we store transfer proofs that we receive during executing a different swap into the database both swaps should redeem.
Note that the monero harness was adapted to allow creating wallets with multiple outputs, which is needed for Alice.
