Sorting `psbt.output` by `witness_script` is at times pointless
because it might be set to `None`. To be more robust, we pattern
match against the produced transaction.
The CLI's transport doesn't support memory addresses and it also shouldn't support those by default. To be able to use it in tests, we extend the `SwarmExt` trait with the ability to listen on local TCP addresses with a random port.
The rendezvous protocol allows us to register all of our external
addresses. Hence, the first step is to allow the user to configure
external addresses as part of the config. In the future, there might
be an automated way of determining these.
To register with a rendezvous node, the user needs to configure which
one. CoBloX is running a rendezvous node that acts as the default by
every spec-compliant node will do the job just fine. This behaviour
is optional which is why our custom behaviour is wrapped in a `Toggle`.
We also want our node to re-register after half the time of the
registration has passed. To make this simpler and allow for testing in
isolation, we create a custom behaviour that wraps the libp2p rendezvous
behaviour.
This command uses a rendezvous node to find sellers (i.e. ASBs) and query them for quotes.
Sellers, that can be dialed and queried for a quote will be listed.
604: Bump torut from 0.1.9 to 0.1.10 r=thomaseizinger a=dependabot[bot]
Bumps [torut](https://github.com/teawithsand/torut) from 0.1.9 to 0.1.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/teawithsand/torut/releases">torut's releases</a>.</em></p>
<blockquote>
<h2>Release 0.1.10</h2>
<p>Deprecated onion services V2 and all stuff associated with it.
Updated tokio version.
Implemented std::error::Error for error types in this crate, support for these errors is very basic and all that was done was implementing Error trait for existing error types. No error structure refactoring was done.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8a26ddde79"><code>8a26ddd</code></a> Implemented std::error::Error for error types</li>
<li><a href="c5cee8a369"><code>c5cee8a</code></a> Implemented std::error::Error for error types</li>
<li><a href="caed51d697"><code>caed51d</code></a> Deprecated v2 onion service stuff</li>
<li><a href="87bcde20bb"><code>87bcde2</code></a> Updated tokio version</li>
<li>See full diff in <a href="https://github.com/teawithsand/torut/compare/v0.1.9...v0.1.10">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=torut&package-manager=cargo&previous-version=0.1.9&new-version=0.1.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
605: Merge `--seller-addr` and `--seller-peer-id` into `--seller` parameter r=thomaseizinger a=thomaseizinger
This simplifies the CLI's interface.
It wills also play nicely with https://github.com/comit-network/xmr-btc-swap/pull/593.
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Instead of formatting to a string right away, we parse the multiaddress
into a stricter data structure that only allows the kind of addresses
we can dial through Tor.
This will allow us to perform further checks on the parsed address.
585: Configurable kraken websocket url via the ASB config r=thomaseizinger a=cimble-code
- Allows the ASB operator to configure a custom kraken websocket url via the ASB config.
- Addresses the issue of price control first brought up [here](https://github.com/comit-network/xmr-btc-swap/discussions/571)
> Gotya.
There is a relatively easy to implement (but temporary) solution for that. We could let the user configure the kraken websocket url via the ASB config. That way you can plug in your own service. The only requirement is that your service publishes prices updates in the same format as [kraken](https://docs.kraken.com/websockets/), e.g. :
_Originally posted by @bonomat in https://github.com/comit-network/xmr-btc-swap/discussions/571#discussioncomment-885535_
Co-authored-by: Your Name <you@example.com>
Closing the connection upon completing the `swap_setup` protocol caused problems on the ASB side, because the CLI would close the connection before the last message was properly processed. This would result in swaps going into execution on the CLI side, but not on the ASB side.
The CLI ensures an open connection to the ASB over the complete course of a swap. So it does not make much sense to allow a protocol to close the connection (the CLI would immediately redial).
For the Alice we set the initial `KeepAlive` to `10` seconds because Bob is expected to request a spot price in reasonable time after opening a connection on the protocol. Since Tor connections can take some time we set 10 seconds fow now for resilience.
Given that we combined the `spot_price` and the `execution_setup` messaging into one protocol we should allow the protocol to take longer than 60 seconds to complete.
This is especially important for connections over Tor, where messaging can take significantly longer than over clearnet.
I ran some tests with Tor and did not run into issues with the 60 seconds, but we get very close to the timeout, so we better make it more resilient by adding more time.
When swapping on testnet we ran into a problem where the CLI started the swap after sending all messages successfully, but the ASB ran into a `connection closed` error at the end of the `swap_setup` and the swap state machine was never actually triggered.
Flushing and closing the stream on both sides should ensure that we don't run into this problem and both parties gracefully exit the protocol.
Some network and application specific code does not belong in the protocol module and was moved.
Eventloop, recovery and the outside behaviour were moved to the respective application module because they are application specific.
The `swap_setup` was moved into the network module because upon change both sides will have to be changed and should thus stay close together.
Having `spot_price` and `execution_setup` as separate protocols did not bring any advantages, but was problematic because we had to ensure that `execution_setup` would be triggered after `spot_price`. Because of this dependency it is better to combine the protocols into one.
Combining the protocols also allows a refactoring to get rid of the `libp2p-async-await` dependency.
Alice always listens for the `swap_setup` protocol. When Bob opens a substream on that protocol the spot price is communicated, and then all execution setup messages (swap-id and signature exchange).
Includes a new state that is used to await BTC lock tx finality. Upon starting the swap we initially only wait for the BTC lock tx to be seen in the mempool.
This is guarded by a short timeout (3 mins), because it is assumed that in the current setup (sport_price + execution_setup only triggered upon funds being available already) the lock transaction should be picked up almost instanly after the execution setup succeeded.
Similar to the CLI the ASB has to ensure that the execution_setup is executed within a certain time.
Without a timeout the price (returned by `spot_price` would be guaranteed with the CLI indefinitely.
It seems the current chosen channel timeouts are still not optimal.
I ran into issues with swapping over Tor and traced them down to the CLI timeout of the bmrng channel.
It appears that the ASB was not running as quick as the CLI, which caused a timeout on the CLI side (in addition to the delay when sending messages over Tor).
Only `execution_setup` caused the problem so far, but I would recommend changing all the channel timeouts to one minute to avoid this problem.
581: Remove dead code r=thomaseizinger a=da-kami
583: Bump reqwest from 0.11.3 to 0.11.4 r=thomaseizinger a=dependabot[bot]
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.3 to 0.11.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p>
<blockquote>
<h2>v0.11.4</h2>
<ul>
<li>Add <code>ClientBuilder::resolve()</code> option to override DNS resolution for specific domains.</li>
<li>Add <code>native-tls-alpn</code> Cargo feature to use ALPN with the native-tls backend.</li>
<li>Add <code>ClientBuilder::deflate()</code> option and <code>deflate</code> Cargo feature to support decoding response bodies using deflate.</li>
<li>Add <code>RequestBuilder::version()</code> to allow setting the HTTP version of a request.</li>
<li>Fix allowing "invalid" certificates with the <code>rustls-tls</code> backend, when the server uses TLS v1.2 or v1.3.</li>
<li>(wasm) Add <code>try_clone</code> to <code>Request</code> and <code>RequestBuilder</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p>
<blockquote>
<h2>v0.11.4</h2>
<ul>
<li>Add <code>ClientBuilder::resolve()</code> option to override DNS resolution for specific domains.</li>
<li>Add <code>native-tls-alpn</code> Cargo feature to use ALPN with the native-tls backend.</li>
<li>Add <code>ClientBuilder::deflate()</code> option and <code>deflate</code> Cargo feature to support decoding response bodies using deflate.</li>
<li>Add <code>RequestBuilder::version()</code> to allow setting the HTTP version of a request.</li>
<li>Fix allowing "invalid" certificates with the <code>rustls-tls</code> backend, when the server uses TLS v1.2 or v1.3.</li>
<li>(wasm) Add <code>try_clone</code> to <code>Request</code> and <code>RequestBuilder</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f5fe17876a"><code>f5fe178</code></a> v0.11.4</li>
<li><a href="8e5af459e5"><code>8e5af45</code></a> Allow overriding of DNS resolution to specified IP addresses(<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/561">#561</a>) (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1277">#1277</a>)</li>
<li><a href="c4388fcff9"><code>c4388fc</code></a> WASM: Add <code>try_clone</code> implementations to <code>Request</code> and <code>RequestBuilder</code> (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1286">#1286</a>)</li>
<li><a href="b48cb4a5aa"><code>b48cb4a</code></a> Add native-tls-alpn feature (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1283">#1283</a>)</li>
<li><a href="bbeb1ede4e"><code>bbeb1ed</code></a> Bump ssri from 6.0.1 to 6.0.2 in /examples/wasm_github_fetch (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1262">#1262</a>)</li>
<li><a href="841d47c6a2"><code>841d47c</code></a> Bump url-parse from 1.4.7 to 1.5.1 in /examples/wasm_github_fetch (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1267">#1267</a>)</li>
<li><a href="33bc7939b4"><code>33bc793</code></a> Bump lodash from 4.17.19 to 4.17.21 in /examples/wasm_github_fetch (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1269">#1269</a>)</li>
<li><a href="b0af278f78"><code>b0af278</code></a> Implement "default" functions of the trait to fix "insecure" mode (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1259">#1259</a>)</li>
<li><a href="8d3e27966c"><code>8d3e279</code></a> use ZlibDecoder for deflate responses (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1257">#1257</a>)</li>
<li><a href="b88f309339"><code>b88f309</code></a> Fix small typos in <code>Client</code> docs (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1253">#1253</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.11.3...v0.11.4">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reqwest&package-manager=cargo&previous-version=0.11.3&new-version=0.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: Daniel Karzel <daniel@comit.network>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
566: Bump rand_chacha from 0.3.0 to 0.3.1 r=thomaseizinger a=dependabot[bot]
Bumps [rand_chacha](https://github.com/rust-random/rand) from 0.3.0 to 0.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md">rand_chacha's changelog</a>.</em></p>
<blockquote>
<h2>[0.3.19] - 2017-12-27</h2>
<h3>Changed</h3>
<ul>
<li>Require <code>log <= 0.3.8</code> for dev builds</li>
<li>Update <code>fuchsia-zircon</code> dependency to 0.3</li>
<li>Fix broken links in docs (to unblock compiler docs testing CI)</li>
</ul>
<h2>[0.3.18] - 2017-11-06</h2>
<h3>Changed</h3>
<ul>
<li><code>thread_rng</code> is seeded from the system time if <code>OsRng</code> fails</li>
<li><code>weak_rng</code> now uses <code>thread_rng</code> internally</li>
</ul>
<h2>[0.3.17] - 2017-10-07</h2>
<h3>Changed</h3>
<ul>
<li>Fuchsia: Magenta was renamed Zircon</li>
</ul>
<h2>[0.3.16] - 2017-07-27</h2>
<h3>Added</h3>
<ul>
<li>Implement Debug for mote non-public types</li>
<li>implement <code>Rand</code> for (i|u)i128</li>
<li>Support for Fuchsia</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Add inline attribute to SampleRange::construct_range.
This improves the benchmark for sample in 11% and for shuffle in 16%.</li>
<li>Use <code>RtlGenRandom</code> instead of <code>CryptGenRandom</code></li>
</ul>
<h2>[0.3.15] - 2016-11-26</h2>
<h3>Added</h3>
<ul>
<li>Add <code>Rng</code> trait method <code>choose_mut</code></li>
<li>Redox support</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Use <code>arc4rand</code> for <code>OsRng</code> on FreeBSD.</li>
<li>Use <code>arc4random(3)</code> for <code>OsRng</code> on OpenBSD.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix filling buffers 4 GiB or larger with <code>OsRng::fill_bytes</code> on Windows</li>
</ul>
<h2>[0.3.14] - 2016-02-13</h2>
<h3>Fixed</h3>
<ul>
<li>Inline definitions from winapi/advapi32, which decreases build times</li>
</ul>
<h2>[0.3.13] - 2016-01-09</h2>
<h3>Fixed</h3>
<ul>
<li>Compatible with Rust 1.7.0-nightly (needed some extra type annotations)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="98a0339f99"><code>98a0339</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1135">#1135</a> from dhardy/work</li>
<li><a href="a7f8fb72d7"><code>a7f8fb7</code></a> Prepare rand_chacha v0.3.1 release</li>
<li><a href="09d3df3119"><code>09d3df3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1130">#1130</a> from dhardy/work</li>
<li><a href="d167dd25d2"><code>d167dd2</code></a> Deprecate ReadRng</li>
<li><a href="e3bc4a1357"><code>e3bc4a1</code></a> Do not impl serde for ReadRng or ReseedingRng</li>
<li><a href="66b163632e"><code>66b1636</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1132">#1132</a> from rust-random/readme-wasm-note</li>
<li><a href="d9c6a76048"><code>d9c6a76</code></a> README: add note regarding wasm32-unknown-unknown</li>
<li><a href="4726d328d6"><code>4726d32</code></a> Update minimum version of packed_simd_2</li>
<li><a href="f6bbfcfa89"><code>f6bbfcf</code></a> serde for BlockRng, ReseedingRng and ReadRng</li>
<li><a href="2732f2d6a8"><code>2732f2d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1116">#1116</a> from vks/criterion</li>
<li>Additional commits viewable in <a href="https://github.com/rust-random/rand/compare/rand_chacha-0.3.0...rand_chacha-0.3.1">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rand_chacha&package-manager=cargo&previous-version=0.3.0&new-version=0.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
568: Bump bdk from 0.7.0 to 0.8.0 r=thomaseizinger a=dependabot[bot]
Bumps [bdk](https://github.com/bitcoindevkit/bdk) from 0.7.0 to 0.8.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/bitcoindevkit/bdk/blob/master/CHANGELOG.md">bdk's changelog</a>.</em></p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="33b45ebe82"><code>33b45eb</code></a> Bump version to 0.8.0</li>
<li><a href="2faed425ed"><code>2faed42</code></a> Update CHANGELOG</li>
<li><a href="2cc05c07a5"><code>2cc05c0</code></a> Bump version in <code>src/lib.rs</code></li>
<li><a href="9205295332"><code>9205295</code></a> Merge commit 'refs/pull/365/head' of github.com:bitcoindevkit/bdk into releas...</li>
<li><a href="3b446c9e14"><code>3b446c9</code></a> Use no_run instead of ignore</li>
<li><a href="378167efca"><code>378167e</code></a> Remove explicit <code>feature(external_doc)</code></li>
<li><a href="224be27aa8"><code>224be27</code></a> Fix example/doctests format</li>
<li><a href="4a23070cc8"><code>4a23070</code></a> [ci] Check fmt for examples/doctests</li>
<li><a href="f8117c0f9f"><code>f8117c0</code></a> Bump version to 0.8.0-rc.1</li>
<li><a href="0ec064ef13"><code>0ec064e</code></a> Use AddressInfo in private methods</li>
<li>Additional commits viewable in <a href="https://github.com/bitcoindevkit/bdk/compare/v0.7.0...v0.8.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bdk&package-manager=cargo&previous-version=0.7.0&new-version=0.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Instead of splitting up the transports into capabilities, we compose
them directly for each application. This allows us to remove the
websocket transport for the CLI which is really only needed for the
ASB to allow retrieval of quotes via the browser.
Libp2p's transports are meant to be composed. Hence, any form of
fallback should be implemented by emitting `MultiaddrNotSupported`
from the `listen` and `dial` functions.
This allows us to completely remove the tcp transport from the tor
transport.