609: Replace xmr.to stagenet node with melo.tools node r=thomaseizinger a=binarybaron
XMR.to has abandoned their community services.
Co-authored-by: binarybaron <86064887+binarybaron@users.noreply.github.com>
593: Integrate rendezvous protocol r=thomaseizinger a=rishflab
Open things:
- [x] Default parameters for CLI
- [x] Print a human-readable table of sellers if `--json` is not passed
- [x] Unresolved comments of review
Co-authored-by: Daniel Karzel <daniel@comit.network>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: rishflab <rishflab@hotmail.com>
Sorting `psbt.output` by `witness_script` is at times pointless
because it might be set to `None`. To be more robust, we pattern
match against the produced transaction.
The CLI's transport doesn't support memory addresses and it also shouldn't support those by default. To be able to use it in tests, we extend the `SwarmExt` trait with the ability to listen on local TCP addresses with a random port.
The rendezvous protocol allows us to register all of our external
addresses. Hence, the first step is to allow the user to configure
external addresses as part of the config. In the future, there might
be an automated way of determining these.
To register with a rendezvous node, the user needs to configure which
one. CoBloX is running a rendezvous node that acts as the default by
every spec-compliant node will do the job just fine. This behaviour
is optional which is why our custom behaviour is wrapped in a `Toggle`.
We also want our node to re-register after half the time of the
registration has passed. To make this simpler and allow for testing in
isolation, we create a custom behaviour that wraps the libp2p rendezvous
behaviour.
This command uses a rendezvous node to find sellers (i.e. ASBs) and query them for quotes.
Sellers, that can be dialed and queried for a quote will be listed.
604: Bump torut from 0.1.9 to 0.1.10 r=thomaseizinger a=dependabot[bot]
Bumps [torut](https://github.com/teawithsand/torut) from 0.1.9 to 0.1.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/teawithsand/torut/releases">torut's releases</a>.</em></p>
<blockquote>
<h2>Release 0.1.10</h2>
<p>Deprecated onion services V2 and all stuff associated with it.
Updated tokio version.
Implemented std::error::Error for error types in this crate, support for these errors is very basic and all that was done was implementing Error trait for existing error types. No error structure refactoring was done.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8a26ddde79"><code>8a26ddd</code></a> Implemented std::error::Error for error types</li>
<li><a href="c5cee8a369"><code>c5cee8a</code></a> Implemented std::error::Error for error types</li>
<li><a href="caed51d697"><code>caed51d</code></a> Deprecated v2 onion service stuff</li>
<li><a href="87bcde20bb"><code>87bcde2</code></a> Updated tokio version</li>
<li>See full diff in <a href="https://github.com/teawithsand/torut/compare/v0.1.9...v0.1.10">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
605: Merge `--seller-addr` and `--seller-peer-id` into `--seller` parameter r=thomaseizinger a=thomaseizinger
This simplifies the CLI's interface.
It wills also play nicely with https://github.com/comit-network/xmr-btc-swap/pull/593.
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
594: Refuse to dial addresses via Tor that are almost certainly not reachable r=thomaseizinger a=thomaseizinger
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
602: Bump thiserror from 1.0.25 to 1.0.26 r=thomaseizinger a=dependabot[bot]
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.25 to 1.0.26.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p>
<blockquote>
<h2>1.0.26</h2>
<ul>
<li>Work around bug in Clippy nonstandard_macro_braces lint (<a href="https://github-redirect.dependabot.com/rust-lang/rust-clippy/issues/7422">rust-lang/rust-clippy#7422</a>, 245e7cfd149140806ecef89d44b14e9557b297b1)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="031fea6f3b"><code>031fea6</code></a> Release 1.0.26</li>
<li><a href="245e7cfd14"><code>245e7cf</code></a> Suppress nonstandard_macro_braces in generated code</li>
<li><a href="4bbe3ece51"><code>4bbe3ec</code></a> Ignore buggy nonstandard_macro_braces clippy lint</li>
<li><a href="e0628be8ed"><code>e0628be</code></a> Ignore doc_markdown clippy false positive</li>
<li><a href="a37b5ab11f"><code>a37b5ab</code></a> Resolve needless_borrow clippy lints</li>
<li><a href="8862629bcc"><code>8862629</code></a> Delete broken #[deprecated] test</li>
<li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/1.0.25...1.0.26">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
603: Bump structopt from 0.3.21 to 0.3.22 r=thomaseizinger a=dependabot[bot]
Bumps [structopt](https://github.com/TeXitoi/structopt) from 0.3.21 to 0.3.22.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/TeXitoi/structopt/blob/master/CHANGELOG.md">structopt's changelog</a>.</em></p>
<blockquote>
<h1>v0.3.22 (2021-07-04)</h1>
<ul>
<li>Add support for <a href="https://github-redirect.dependabot.com/TeXitoi/structopt/issues/128">generics in derive</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="004cfc218e"><code>004cfc2</code></a> v0.3.22</li>
<li><a href="4bdde69b60"><code>4bdde69</code></a> add basic support for generic structs and enums (<a href="https://github-redirect.dependabot.com/TeXitoi/structopt/issues/483">#483</a>)</li>
<li><a href="d16cfd264d"><code>d16cfd2</code></a> fix clippy</li>
<li><a href="8161b1522c"><code>8161b15</code></a> Add an example using strum</li>
<li><a href="3848d5b55b"><code>3848d5b</code></a> Fix explanation on optional string list argument</li>
<li>See full diff in <a href="https://github.com/TeXitoi/structopt/compare/v0.3.21...v0.3.22">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Instead of formatting to a string right away, we parse the multiaddress
into a stricter data structure that only allows the kind of addresses
we can dial through Tor.
This will allow us to perform further checks on the parsed address.
585: Configurable kraken websocket url via the ASB config r=thomaseizinger a=cimble-code
- Allows the ASB operator to configure a custom kraken websocket url via the ASB config.
- Addresses the issue of price control first brought up [here](https://github.com/comit-network/xmr-btc-swap/discussions/571)
> Gotya.
There is a relatively easy to implement (but temporary) solution for that. We could let the user configure the kraken websocket url via the ASB config. That way you can plug in your own service. The only requirement is that your service publishes prices updates in the same format as [kraken](https://docs.kraken.com/websockets/), e.g. :
_Originally posted by @bonomat in https://github.com/comit-network/xmr-btc-swap/discussions/571#discussioncomment-885535_
Co-authored-by: Your Name <you@example.com>
586: `swap_setup` instead of `spot_price` and `execution_setup` r=da-kami a=da-kami
Having `spot_price` and `execution_setup` as separate protocols did not bring any advantages, but was problematic because we had to ensure that `execution_setup` would be triggered after `spot_price`. Because of this dependency it is better to combine the protocols into one.
Combining the protocols also allows a refactoring to get rid of the `libp2p-async-await` dependency.
Alice always listens for the `swap_setup` protocol. When Bob opens a substream on that protocol the spot price is communicated, and then all execution setup messages (swap-id and signature exchange).
Co-authored-by: Daniel Karzel <daniel@comit.network>
Closing the connection upon completing the `swap_setup` protocol caused problems on the ASB side, because the CLI would close the connection before the last message was properly processed. This would result in swaps going into execution on the CLI side, but not on the ASB side.
The CLI ensures an open connection to the ASB over the complete course of a swap. So it does not make much sense to allow a protocol to close the connection (the CLI would immediately redial).
For the Alice we set the initial `KeepAlive` to `10` seconds because Bob is expected to request a spot price in reasonable time after opening a connection on the protocol. Since Tor connections can take some time we set 10 seconds fow now for resilience.
Given that we combined the `spot_price` and the `execution_setup` messaging into one protocol we should allow the protocol to take longer than 60 seconds to complete.
This is especially important for connections over Tor, where messaging can take significantly longer than over clearnet.
I ran some tests with Tor and did not run into issues with the 60 seconds, but we get very close to the timeout, so we better make it more resilient by adding more time.
When swapping on testnet we ran into a problem where the CLI started the swap after sending all messages successfully, but the ASB ran into a `connection closed` error at the end of the `swap_setup` and the swap state machine was never actually triggered.
Flushing and closing the stream on both sides should ensure that we don't run into this problem and both parties gracefully exit the protocol.
Some network and application specific code does not belong in the protocol module and was moved.
Eventloop, recovery and the outside behaviour were moved to the respective application module because they are application specific.
The `swap_setup` was moved into the network module because upon change both sides will have to be changed and should thus stay close together.
Having `spot_price` and `execution_setup` as separate protocols did not bring any advantages, but was problematic because we had to ensure that `execution_setup` would be triggered after `spot_price`. Because of this dependency it is better to combine the protocols into one.
Combining the protocols also allows a refactoring to get rid of the `libp2p-async-await` dependency.
Alice always listens for the `swap_setup` protocol. When Bob opens a substream on that protocol the spot price is communicated, and then all execution setup messages (swap-id and signature exchange).
578: Bump rust_decimal_macros from 1.14.1 to 1.14.3 r=thomaseizinger a=dependabot[bot]
Bumps [rust_decimal_macros](https://github.com/paupino/rust-decimal) from 1.14.1 to 1.14.3.
<details>
<summary>Commits</summary>
<ul>
<li><a href="b7cf68ed01"><code>b7cf68e</code></a> Merge branch 'SebRollen-SR/fix_ln_panic'</li>
<li><a href="8d2829b918"><code>8d2829b</code></a> Minor doc updates for version release</li>
<li><a href="092fdf8c8d"><code>092fdf8</code></a> fix panic in call to Decimal::ZERO.ln()</li>
<li><a href="3482ce1d23"><code>3482ce1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/paupino/rust-decimal/issues/396">#396</a> from c410-f3r/patch-3</li>
<li><a href="9365805c5f"><code>9365805</code></a> Update arithmetic.rs</li>
<li><a href="23750d8bd0"><code>23750d8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/paupino/rust-decimal/issues/383">#383</a> from c410-f3r/fuzz</li>
<li><a href="ab3bec8958"><code>ab3bec8</code></a> Merge branch 'master' into fuzz</li>
<li><a href="16b41cc58c"><code>16b41cc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/paupino/rust-decimal/issues/394">#394</a> from paupino/version/1.14.2</li>
<li><a href="c7bd3bf987"><code>c7bd3bf</code></a> Version 1.14.2</li>
<li><a href="f7f058312d"><code>f7f0583</code></a> Merge branch 'master' into fuzz</li>
<li>Additional commits viewable in <a href="https://github.com/paupino/rust-decimal/compare/1.14.1...1.14.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
579: Bump rust_decimal from 1.14.2 to 1.14.3 r=thomaseizinger a=dependabot[bot]
Bumps [rust_decimal](https://github.com/paupino/rust-decimal) from 1.14.2 to 1.14.3.
<details>
<summary>Commits</summary>
<ul>
<li><a href="b7cf68ed01"><code>b7cf68e</code></a> Merge branch 'SebRollen-SR/fix_ln_panic'</li>
<li><a href="8d2829b918"><code>8d2829b</code></a> Minor doc updates for version release</li>
<li><a href="092fdf8c8d"><code>092fdf8</code></a> fix panic in call to Decimal::ZERO.ln()</li>
<li><a href="3482ce1d23"><code>3482ce1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/paupino/rust-decimal/issues/396">#396</a> from c410-f3r/patch-3</li>
<li><a href="9365805c5f"><code>9365805</code></a> Update arithmetic.rs</li>
<li><a href="23750d8bd0"><code>23750d8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/paupino/rust-decimal/issues/383">#383</a> from c410-f3r/fuzz</li>
<li><a href="ab3bec8958"><code>ab3bec8</code></a> Merge branch 'master' into fuzz</li>
<li><a href="f7f058312d"><code>f7f0583</code></a> Merge branch 'master' into fuzz</li>
<li><a href="27168cbef4"><code>27168cb</code></a> Update step name</li>
<li><a href="b98bff2931"><code>b98bff2</code></a> Enable cargo-make</li>
<li>Additional commits viewable in <a href="https://github.com/paupino/rust-decimal/compare/1.14.2...1.14.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
582: Asb price guarantees r=da-kami a=da-kami
Fixes#557
Tested on test-/stagenet setup with Raspi.
The change log entry in the last commit sums up the changes.
Co-authored-by: Daniel Karzel <daniel@comit.network>
