Abandon transactions on shielded operations if they can not be broadcast immediately

Author: MarkLTZ

src/wallet/asyncrpcoperation_common.cpp

@@ -6,17 +6,29 @@
 
 #include <core_io.h>
 #include <init.h>
+#include <policy/policy.h>
 #include <rpc/protocol.h>
 #include <rpc/request.h>
+#include <consensus/validation.h>
 
 extern UniValue signrawtransactionwithwallet(const JSONRPCRequest& request);
 
 UniValue SendTransaction(CTransactionRef& tx, CWallet* const pwallet, bool testmode) {
     mapValue_t mapValue;
     UniValue o(UniValue::VOBJ);
+
+    // Extremely large transactions with lots of inputs can cost the network
+    // almost as much to process as they cost the sender in fees, because
+    // computing signature hashes is O(ninputs*txsize). Limiting transactions
+    // to MAX_STANDARD_TX_WEIGHT mitigates CPU exhaustion attacks.
+    if (GetTransactionWeight(*tx) > MAX_STANDARD_TX_WEIGHT)
+    {
+        throw JSONRPCError(RPC_WALLET_ERROR, "Transaction too large");
+    }
+
     // Send the transaction
     if (!testmode) {
-        pwallet->CommitTransaction(tx, std::move(mapValue), {} /* orderForm */);
+        pwallet->CommitTransaction(tx, std::move(mapValue), {} /* orderForm */, true);
         o.pushKV("txid", tx->GetHash().GetHex());
     } else {
         // Test mode does not send the transaction to the network.

src/wallet/wallet.cpp

@@ -5229,7 +5229,7 @@ bool CWallet::CreateTransaction(interfaces::Chain::Lock& locked_chain, const std
     return true;
 }
 
-void CWallet::CommitTransaction(CTransactionRef tx, mapValue_t mapValue, std::vector<std::pair<std::string, std::string>> orderForm)
+void CWallet::CommitTransaction(CTransactionRef tx, mapValue_t mapValue, std::vector<std::pair<std::string, std::string>> orderForm, bool forceError)
 {
     auto locked_chain = chain().lock();
     LOCK(cs_wallet);
@@ -5265,7 +5265,12 @@ void CWallet::CommitTransaction(CTransactionRef tx, mapValue_t mapValue, std::ve
     std::string err_string;
     if (!wtx.SubmitMemoryPoolAndRelay(err_string, true, *locked_chain)) {
         WalletLogPrintf("CommitTransaction(): Transaction cannot be broadcast immediately, %s\n", err_string);
-        // TODO: if we expect the failure to be long term or permanent, instead delete wtx from the wallet and return failure.
+        if (forceError) {
+            if (AbandonTransaction(*locked_chain, wtx.GetHash())) {
+                WalletLogPrintf("CommitTransaction(): Transaction %s has been abandoned\n", wtx.GetHash().ToString());
+                throw std::runtime_error(strprintf("Could not commit transaction: %s", err_string));
+            }
+        }
     }
 }
 

src/wallet/wallet.h

@@ -1502,7 +1502,7 @@ class CWallet final : public FillableSigningProvider, private interfaces::Chain:
      * @param mapValue[in] key-values to be set on the transaction.
      * @param orderForm[in] BIP 70 / BIP 21 order form details to be set on the transaction.
      */
-    void CommitTransaction(CTransactionRef tx, mapValue_t mapValue, std::vector<std::pair<std::string, std::string>> orderForm);
+    void CommitTransaction(CTransactionRef tx, mapValue_t mapValue, std::vector<std::pair<std::string, std::string>> orderForm, bool forceError = false);
 
     bool DummySignTx(CMutableTransaction &txNew, const std::set<CTxOut> &txouts, bool use_max_sig = false) const
     {