Merge bitcoin/bitcoin#34268: [29.x] backports + final changes for 29.3

b834447fb2 [doc] generate manpages 29.3rc1 (glozow)
e9c978391f [build] bump version to 29.3rc1 (glozow)
e973b61dbb [doc] update release notes for 29.3rc1 (glozow)
f4b78c42e5 test: Add a test for anchor outputs in the wallet (Ava Chow)
c6e7765c0a wallet: Throw an error in sendall if the tx size cannot be calculated (Ava Chow)
bab1ac827b wallet: Determine IsFromMe by checking for TXOs of inputs (Ava Chow)
71633a9b5c test: Test wallet 'from me' status change (Ava Chow)
daef5852f0 guix: Fix `osslsigncode` tests (Hennadii Stepanov)
7a71850a6d Remove unreliable seed from chainparams.cpp, and the associated README (SatsAndSports)
2e4688618b miner: fix `addPackageTxs` unsigned integer overflow (ismaelsadeeq)

Pull request description:

  Backports:

  - #34227
  - #33723
  - #33475
  - #33268

  And final changes for 29.3rc1

ACKs for top commit:
  achow101:
    ACK b834447fb2
  janb84:
    ACK b834447fb2
  sedited:
    ACK b834447fb2

Tree-SHA512: 68e02fbde7162f728229f4bfc803bedda6d269e54593ebe40da607f6bd25b2b10bc4297bfa0bc977ce2dc6b558efe6571a7f875090e0f916fc09e5b67432ba30

.cirrus.yml

@@ -1,214 +0,0 @@
-env:  # Global defaults
-  CIRRUS_CLONE_DEPTH: 1
-  CIRRUS_LOG_TIMESTAMP: true
-  MAKEJOBS: "-j10"
-  TEST_RUNNER_PORT_MIN: "14000"  # Must be larger than 12321, which is used for the http cache. See https://cirrus-ci.org/guide/writing-tasks/#http-cache
-  CI_FAILFAST_TEST_LEAVE_DANGLING: "1"  # Cirrus CI does not care about dangling processes and setting this variable avoids killing the CI script itself on error
-
-# A self-hosted machine(s) can be used via Cirrus CI. It can be configured with
-# multiple users to run tasks in parallel. No sudo permission is required.
-#
-# https://cirrus-ci.org/guide/persistent-workers/
-#
-# Generally, a persistent worker must run Ubuntu 23.04+ or Debian 12+.
-#
-# The following specific types should exist, with the following requirements:
-# - small: For an x86_64 machine, with at least 2 vCPUs and 8 GB of memory.
-# - medium: For an x86_64 machine, with at least 4 vCPUs and 16 GB of memory.
-# - arm64: For an aarch64 machine, with at least 2 vCPUs and 8 GB of memory.
-#
-# CI jobs for the latter configuration can be run on x86_64 hardware
-# by installing qemu-user-static, which works out of the box with
-# podman or docker. Background: https://stackoverflow.com/a/72890225/313633
-#
-# The above machine types are matched to each task by their label. Refer to the
-# Cirrus CI docs for more details.
-#
-# When a contributor maintains a fork of the repo, any pull request they make
-# to their own fork, or to the main repository, will trigger two CI runs:
-# one for the branch push and one for the pull request.
-# This can be avoided by setting SKIP_BRANCH_PUSH=true as a custom env variable
-# in Cirrus repository settings, accessible from
-# https://cirrus-ci.com/github/my-organization/my-repository
-#
-# On machines that are persisted between CI jobs, RESTART_CI_DOCKER_BEFORE_RUN=1
-# ensures that previous containers and artifacts are cleared before each run.
-# This requires installing Podman instead of Docker.
-#
-# Futhermore:
-# - podman-docker-4.1+ is required due to the bugfix in 4.1
-#   (https://github.com/bitcoin/bitcoin/pull/21652#issuecomment-1657098200)
-# - The ./ci/ dependencies (with cirrus-cli) should be installed. One-liner example
-#   for a single user setup with sudo permission:
-#
-#   ```
-#   apt update && apt install git screen python3 bash podman-docker uidmap slirp4netns curl -y && curl -L -o cirrus "https://github.com/cirruslabs/cirrus-cli/releases/latest/download/cirrus-linux-$(dpkg --print-architecture)" && mv cirrus /usr/local/bin/cirrus && chmod +x /usr/local/bin/cirrus
-#   ```
-#
-# - There are no strict requirements on the hardware. Having fewer CPU threads
-#   than recommended merely causes the CI script to run slower.
-#   To avoid rare and intermittent OOM due to short memory usage spikes,
-#   it is recommended to add (and persist) swap:
-#
-#   ```
-#   fallocate -l 16G /swapfile_ci && chmod 600 /swapfile_ci && mkswap /swapfile_ci && swapon /swapfile_ci && ( echo '/swapfile_ci none swap sw 0 0' | tee -a /etc/fstab )
-#   ```
-#
-# - To register the persistent worker, open a `screen` session and run:
-#
-#   ```
-#   RESTART_CI_DOCKER_BEFORE_RUN=1 screen cirrus worker run --labels type=todo_fill_in_type --token todo_fill_in_token
-#   ```
-
-# https://cirrus-ci.org/guide/tips-and-tricks/#sharing-configuration-between-tasks
-filter_template: &FILTER_TEMPLATE
-  # Allow forks to specify SKIP_BRANCH_PUSH=true and skip CI runs when a branch is pushed,
-  # but still run CI when a PR is created.
-  # https://cirrus-ci.org/guide/writing-tasks/#conditional-task-execution
-  skip: $SKIP_BRANCH_PUSH == "true" && $CIRRUS_PR == ""
-  stateful: false  # https://cirrus-ci.org/guide/writing-tasks/#stateful-tasks
-
-base_template: &BASE_TEMPLATE
-  << : *FILTER_TEMPLATE
-  merge_base_script:
-    # Require git (used in fingerprint_script).
-    - git --version || ( apt-get update && apt-get install -y git )
-    - if [ "$CIRRUS_PR" = "" ]; then exit 0; fi
-    - git fetch --depth=1 $CIRRUS_REPO_CLONE_URL "pull/${CIRRUS_PR}/merge"
-    - git checkout FETCH_HEAD  # Use merged changes to detect silent merge conflicts
-                               # Also, the merge commit is used to lint COMMIT_RANGE="HEAD~..HEAD"
-
-main_template: &MAIN_TEMPLATE
-  timeout_in: 120m  # https://cirrus-ci.org/faq/#instance-timed-out
-  ci_script:
-    - ./ci/test_run_all.sh
-
-global_task_template: &GLOBAL_TASK_TEMPLATE
-  << : *BASE_TEMPLATE
-  << : *MAIN_TEMPLATE
-
-compute_credits_template: &CREDITS_TEMPLATE
-  # https://cirrus-ci.org/pricing/#compute-credits
-  # Only use credits for pull requests to the main repo
-  use_compute_credits: $CIRRUS_REPO_FULL_NAME == 'bitcoin/bitcoin' && $CIRRUS_PR != ""
-
-task:
-  name: 'lint'
-  << : *BASE_TEMPLATE
-  container:
-    image: debian:bookworm
-    cpu: 1
-    memory: 1G
-  # For faster CI feedback, immediately schedule the linters
-  << : *CREDITS_TEMPLATE
-  test_runner_cache:
-    folder: "/lint_test_runner"
-    fingerprint_script: echo $CIRRUS_TASK_NAME $(git rev-parse HEAD:test/lint/test_runner)
-  python_cache:
-    folder: "/python_build"
-    fingerprint_script: cat .python-version /etc/os-release
-  unshallow_script:
-    - git fetch --unshallow --no-tags
-  lint_script:
-    - ./ci/lint_run_all.sh
-
-task:
-  name: 'tidy'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: medium
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_native_tidy.sh"
-
-task:
-  name: 'ARM, unit tests, no functional tests'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: arm64  # Use arm64 worker to sidestep qemu and avoid a slow CI: https://github.com/bitcoin/bitcoin/pull/28087#issuecomment-1649399453
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_arm.sh"
-
-task:
-  name: 'Win64-cross'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: small
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_win64.sh"
-
-task:
-  name: 'CentOS, depends, gui'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: small
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_native_centos.sh"
-
-task:
-  name: 'previous releases, depends DEBUG'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: small
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_native_previous_releases.sh"
-
-task:
-  name: 'TSan, depends, gui'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: medium
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_native_tsan.sh"
-
-task:
-  name: 'MSan, depends'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: small
-  timeout_in: 300m  # Use longer timeout for the *rare* case where a full build (llvm + msan + depends + ...) needs to be done.
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_native_msan.sh"
-
-task:
-  name: 'fuzzer,address,undefined,integer, no depends'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: medium
-  timeout_in: 240m  # larger timeout, due to the high CPU demand
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_native_fuzz.sh"
-
-task:
-  name: 'multiprocess, i686, DEBUG'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: medium
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_i686_multiprocess.sh"
-
-task:
-  name: 'no wallet, libbitcoinkernel'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: small
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_native_nowallet_libbitcoinkernel.sh"
-
-task:
-  name: 'macOS-cross, gui, no tests'
-  << : *GLOBAL_TASK_TEMPLATE
-  persistent_worker:
-    labels:
-      type: small
-  env:
-    FILE_ENV: "./ci/test/00_setup_env_mac_cross.sh"

.github/actions/configure-docker/action.yml

@@ -0,0 +1,56 @@
+name: 'Configure Docker'
+description: 'Set up Docker build driver and configure build cache args'
+inputs:
+  use-cirrus:
+    description: 'Use cirrus cache'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+      with:
+        # Use host network to allow access to cirrus gha cache running on the host
+        driver-opts: |
+          network=host
+
+    # This is required to allow buildkit to access the actions cache
+    - name: Expose actions cache variables
+      uses: actions/github-script@v6
+      with:
+        script: |
+          Object.keys(process.env).forEach(function (key) {
+            if (key.startsWith('ACTIONS_')) {
+              core.info(`Exporting ${key}`);
+              core.exportVariable(key, process.env[key]);
+            }
+          });
+
+    - name: Construct docker build cache args
+      shell: bash
+      run: |
+        # Configure docker build cache backend
+        #
+        # On forks the gha cache will work but will use Github's cache backend.
+        # Docker will check for variables $ACTIONS_CACHE_URL, $ACTIONS_RESULTS_URL and $ACTIONS_RUNTIME_TOKEN
+        # which are set automatically when running on GitHub infra: https://docs.docker.com/build/cache/backends/gha/#synopsis
+
+        # Use cirrus cache host
+        if [[ ${{ inputs.use-cirrus }} == 'true' ]]; then
+          url_args="url=${CIRRUS_CACHE_HOST},url_v2=${CIRRUS_CACHE_HOST}"
+        else
+          url_args=""
+        fi
+
+        # Always optimistically --cache‑from in case a cache blob exists
+        args=(--cache-from "type=gha${url_args:+,${url_args}},scope=${CONTAINER_NAME}")
+
+        # If this is a push to the default branch, also add --cache‑to to save the cache
+        if [[ ${{ github.event_name }} == "push" && ${{ github.ref_name }} == ${{ github.event.repository.default_branch }} ]]; then
+          args+=(--cache-to "type=gha${url_args:+,${url_args}},mode=max,ignore-error=true,scope=${CONTAINER_NAME}")
+        fi
+
+        # Always `--load` into docker images (needed when using the `docker-container` build driver).
+        args+=(--load)
+
+        echo "DOCKER_BUILD_CACHE_ARG=${args[*]}" >> $GITHUB_ENV

.github/actions/configure-environment/action.yml

@@ -0,0 +1,27 @@
+name: 'Configure environment'
+description: 'Configure CI, cache and container name environment variables'
+runs:
+  using: 'composite'
+  steps:
+    - name: Set CI and cache directories
+      shell: bash
+      run: |
+        echo "BASE_ROOT_DIR=${{ runner.temp }}" >> "$GITHUB_ENV"
+        echo "BASE_BUILD_DIR=${{ runner.temp }}/build" >> "$GITHUB_ENV"
+        echo "CCACHE_DIR=${{ runner.temp }}/ccache_dir" >> $GITHUB_ENV
+        echo "DEPENDS_DIR=${{ runner.temp }}/depends" >> "$GITHUB_ENV"
+        echo "BASE_CACHE=${{ runner.temp }}/depends/built" >> $GITHUB_ENV
+        echo "SOURCES_PATH=${{ runner.temp }}/depends/sources" >> $GITHUB_ENV
+        echo "PREVIOUS_RELEASES_DIR=${{ runner.temp }}/previous_releases" >> $GITHUB_ENV
+
+    - name: Set cache hashes
+      shell: bash
+      run: |
+        echo "DEPENDS_HASH=$(git ls-tree HEAD depends "$FILE_ENV" | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV
+        echo "PREVIOUS_RELEASES_HASH=$(git ls-tree HEAD test/get_previous_releases.py | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV
+
+    - name: Get container name
+      shell: bash
+      run: |
+        source $FILE_ENV
+        echo "CONTAINER_NAME=$CONTAINER_NAME" >> "$GITHUB_ENV"

.github/actions/restore-caches/action.yml

@@ -0,0 +1,47 @@
+name: 'Restore Caches'
+description: 'Restore ccache, depends sources, and built depends caches'
+runs:
+  using: 'composite'
+  steps:
+    - name: Restore Ccache cache
+      id: ccache-cache
+      uses: cirruslabs/cache/restore@v4
+      with:
+        path: ${{ env.CCACHE_DIR }}
+        key: ccache-${{ env.CONTAINER_NAME }}-${{ github.run_id }}
+        restore-keys: |
+          ccache-${{ env.CONTAINER_NAME }}-
+
+    - name: Restore depends sources cache
+      id: depends-sources
+      uses: cirruslabs/cache/restore@v4
+      with:
+        path: ${{ env.SOURCES_PATH }}
+        key: depends-sources-${{ env.CONTAINER_NAME }}-${{ env.DEPENDS_HASH }}
+        restore-keys: |
+          depends-sources-${{ env.CONTAINER_NAME }}-
+
+    - name: Restore built depends cache
+      id: depends-built
+      uses: cirruslabs/cache/restore@v4
+      with:
+        path: ${{ env.BASE_CACHE }}
+        key: depends-built-${{ env.CONTAINER_NAME }}-${{ env.DEPENDS_HASH }}
+        restore-keys: |
+          depends-built-${{ env.CONTAINER_NAME }}-
+
+    - name: Restore previous releases cache
+      id: previous-releases
+      uses: cirruslabs/cache/restore@v4
+      with:
+        path: ${{ env.PREVIOUS_RELEASES_DIR }}
+        key: previous-releases-${{ env.CONTAINER_NAME }}-${{ env.PREVIOUS_RELEASES_HASH }}
+        restore-keys: |
+          previous-releases-${{ env.CONTAINER_NAME }}-
+
+    - name: export cache hits
+      shell: bash
+      run: |
+        echo "depends-sources-cache-hit=${{ steps.depends-sources.outputs.cache-hit }}" >> $GITHUB_ENV
+        echo "depends-built-cache-hit=${{ steps.depends-built.outputs.cache-hit }}" >> $GITHUB_ENV
+        echo "previous-releases-cache-hit=${{ steps.previous-releases.outputs.cache-hit }}" >> $GITHUB_ENV

.github/actions/save-caches/action.yml

@@ -0,0 +1,39 @@
+name: 'Save Caches'
+description: 'Save ccache, depends sources, and built depends caches'
+runs:
+  using: 'composite'
+  steps:
+    - name: debug cache hit inputs
+      shell: bash
+      run: |
+        echo "depends sources direct cache hit to primary key: ${{ env.depends-sources-cache-hit }}"
+        echo "depends built direct cache hit to primary key: ${{ env.depends-built-cache-hit }}"
+        echo "previous releases direct cache hit to primary key: ${{ env.previous-releases-cache-hit }}"
+
+    - name: Save Ccache cache
+      uses: cirruslabs/cache/save@v4
+      if: ${{ (github.event_name == 'push') && (github.ref_name == github.event.repository.default_branch) }}
+      with:
+        path: ${{ env.CCACHE_DIR }}
+        key: ccache-${{ env.CONTAINER_NAME }}-${{ github.run_id }}
+
+    - name: Save depends sources cache
+      uses: cirruslabs/cache/save@v4
+      if: ${{ (github.event_name == 'push') && (github.ref_name == github.event.repository.default_branch) && (env.depends-sources-cache-hit != 'true') }}
+      with:
+        path: ${{ env.SOURCES_PATH }}
+        key: depends-sources-${{ env.CONTAINER_NAME }}-${{ env.DEPENDS_HASH }}
+
+    - name: Save built depends cache
+      uses: cirruslabs/cache/save@v4
+      if: ${{ (github.event_name == 'push') && (github.ref_name == github.event.repository.default_branch) && (env.depends-built-cache-hit != 'true' )}}
+      with:
+        path: ${{ env.BASE_CACHE }}
+        key: depends-built-${{ env.CONTAINER_NAME }}-${{ env.DEPENDS_HASH }}
+
+    - name: Save previous releases cache
+      uses: cirruslabs/cache/save@v4
+      if: ${{ (github.event_name == 'push') && (github.ref_name == github.event.repository.default_branch) && (env.previous-releases-cache-hit != 'true' )}}
+      with:
+        path: ${{ env.PREVIOUS_RELEASES_DIR }}
+        key: previous-releases-${{ env.CONTAINER_NAME }}-${{ env.PREVIOUS_RELEASES_HASH }}

.github/workflows/ci.yml

@@ -19,9 +19,26 @@ concurrency:
 
 env:
   CI_FAILFAST_TEST_LEAVE_DANGLING: 1  # GHA does not care about dangling processes and setting this variable avoids killing the CI script itself on error
-  MAKEJOBS: '-j10'
+  CIRRUS_CACHE_HOST: http://127.0.0.1:12321/ # When using Cirrus Runners this host can be used by the docker `gha` build cache type.
+  REPO_USE_CIRRUS_RUNNERS: 'bitcoin/bitcoin' # Use cirrus runners and cache for this repo, instead of falling back to the slow GHA runners
 
 jobs:
+  runners:
+    name: 'determine runners'
+    runs-on: ubuntu-latest
+    outputs:
+      use-cirrus-runners: ${{ steps.runners.outputs.use-cirrus-runners }}
+    steps:
+      - id: runners
+        run: |
+          if [[ "${REPO_USE_CIRRUS_RUNNERS}" == "${{ github.repository }}" ]]; then
+            echo "use-cirrus-runners=true" >> "$GITHUB_OUTPUT"
+            echo "::notice title=Runner Selection::Using Cirrus Runners"
+          else
+            echo "use-cirrus-runners=false" >> "$GITHUB_OUTPUT"
+            echo "::notice title=Runner Selection::Using GitHub-hosted runners"
+          fi
+
   test-each-commit:
     name: 'test each commit'
     runs-on: ubuntu-24.04
@@ -106,8 +123,12 @@ jobs:
       BASE_ROOT_DIR: ${{ github.workspace }}
 
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
+      - &CHECKOUT
+        name: Checkout
+        uses: actions/checkout@v5
+        with:
+          # Ensure the latest merged pull request state is used, even on re-runs.
+          ref: &CHECKOUT_REF_TMPL ${{ github.event_name == 'pull_request' && github.ref || '' }}
 
       - name: Clang version
         run: |
@@ -175,8 +196,7 @@ jobs:
             job-name: 'Win64 native fuzz, VS 2022'
 
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
+      - *CHECKOUT
 
       - name: Configure Developer Command Prompt for Microsoft Visual C++
         # Using microsoft/setup-msbuild is not enough.
@@ -194,10 +214,12 @@ jobs:
           Write-Host "PowerShell version $($PSVersionTable.PSVersion.ToString())"
 
       - name: Using vcpkg with MSBuild
+        shell: bash
         run: |
-          Set-Location "$env:VCPKG_INSTALLATION_ROOT"
-          Add-Content -Path "triplets\x64-windows.cmake" -Value "set(VCPKG_BUILD_TYPE release)"
-          Add-Content -Path "triplets\x64-windows-static.cmake" -Value "set(VCPKG_BUILD_TYPE release)"
+          echo "set(VCPKG_BUILD_TYPE release)" >> "${VCPKG_INSTALLATION_ROOT}/triplets/x64-windows.cmake"
+          echo "set(VCPKG_BUILD_TYPE release)" >> "${VCPKG_INSTALLATION_ROOT}/triplets/x64-windows-static.cmake"
+          # Workaround for libevent, which requires CMake 3.1 but is incompatible with CMake >= 4.0.
+          sed -i '1s/^/set(ENV{CMAKE_POLICY_VERSION_MINIMUM} 3.5)\n/' "${VCPKG_INSTALLATION_ROOT}/scripts/ports.cmake"
 
       - name: vcpkg tools cache
         uses: actions/cache@v4
@@ -263,44 +285,151 @@ jobs:
         run: |
           py -3 test\fuzz\test_runner.py --par %NUMBER_OF_PROCESSORS% --loglevel DEBUG %RUNNER_TEMP%\qa-assets\fuzz_corpora
 
-  asan-lsan-ubsan-integer-no-depends-usdt:
-    name: 'ASan + LSan + UBSan + integer, no depends, USDT'
-    runs-on: ubuntu-24.04 # has to match container in ci/test/00_setup_env_native_asan.sh for tracing tools
+  ci-matrix:
+    name: ${{ matrix.name }}
+    needs: runners
+    runs-on: ${{ needs.runners.outputs.use-cirrus-runners == 'true' && matrix.cirrus-runner || matrix.fallback-runner }}
     if: ${{ vars.SKIP_BRANCH_PUSH != 'true' || github.event_name == 'pull_request' }}
-    timeout-minutes: 120
+    timeout-minutes: ${{ matrix.timeout-minutes }}
+
     env:
-      FILE_ENV: "./ci/test/00_setup_env_native_asan.sh"
       DANGER_CI_ON_HOST_FOLDERS: 1
+      FILE_ENV: ${{ matrix.file-env }}
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - name: '32 bit ARM, unit tests, no functional tests'
+            cirrus-runner: 'ubuntu-24.04-arm' # Cirrus' Arm runners are Apple (with virtual Linux aarch64), which doesn't support 32-bit mode
+            fallback-runner: 'ubuntu-24.04-arm'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_arm.sh'
+
+          - name: 'win64 Cross'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-sm'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_win64.sh'
+
+          - name: 'ASan + LSan + UBSan + integer, no depends, USDT'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-md' # has to match container in ci/test/00_setup_env_native_asan.sh for tracing tools
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_native_asan.sh'
+
+          - name: 'macOS-cross, gui, no tests'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-sm'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_mac_cross.sh'
+
+          - name: 'No wallet, libbitcoinkernel'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-sm'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_native_nowallet_libbitcoinkernel.sh'
+
+          - name: 'i686, multiprocess, DEBUG'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-md'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_i686_multiprocess.sh'
+
+          - name: 'fuzzer,address,undefined,integer, no depends'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-lg'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 240
+            file-env: './ci/test/00_setup_env_native_fuzz.sh'
+
+          - name: 'previous releases, depends DEBUG'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-md'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_native_previous_releases.sh'
+
+          - name: 'CentOS, depends, gui'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-lg'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_native_centos.sh'
+
+          - name: 'tidy'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-md'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_native_tidy.sh'
+
+          - name: 'TSan, depends, no gui'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-md'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_native_tsan.sh'
+
+          - name: 'MSan, depends'
+            cirrus-runner: 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-lg'
+            fallback-runner: 'ubuntu-24.04'
+            timeout-minutes: 120
+            file-env: './ci/test/00_setup_env_native_msan.sh'
+
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
+      - *CHECKOUT
 
-      - name: Set CI directories
-        run: |
-          echo "CCACHE_DIR=${{ runner.temp }}/ccache_dir" >> "$GITHUB_ENV"
-          echo "BASE_ROOT_DIR=${{ runner.temp }}" >> "$GITHUB_ENV"
-          echo "BASE_BUILD_DIR=${{ runner.temp }}/build-asan" >> "$GITHUB_ENV"
+      - name: Configure environment
+        uses: ./.github/actions/configure-environment
 
-      - name: Restore Ccache cache
-        id: ccache-cache
-        uses: actions/cache/restore@v4
+      - name: Restore caches
+        id: restore-cache
+        uses: ./.github/actions/restore-caches
+
+      - name: Configure Docker
+        uses: ./.github/actions/configure-docker
         with:
-          path: ${{ env.CCACHE_DIR }}
-          key: ${{ github.job }}-ccache-${{ github.run_id }}
-          restore-keys: ${{ github.job }}-ccache-
+          use-cirrus: ${{ needs.runners.outputs.use-cirrus-runners }}
 
       - name: Enable bpfcc script
+        if: ${{ env.CONTAINER_NAME == 'ci_native_asan' }}
         # In the image build step, no external environment variables are available,
         # so any settings will need to be written to the settings env file:
         run: sed -i "s|\${INSTALL_BCC_TRACING_TOOLS}|true|g" ./ci/test/00_setup_env_native_asan.sh
 
+      - name: Set mmap_rnd_bits
+        if: ${{ env.CONTAINER_NAME == 'ci_native_tsan' || env.CONTAINER_NAME == 'ci_native_msan' }}
+        # Prevents crashes due to high ASLR entropy
+        run: sudo sysctl -w vm.mmap_rnd_bits=28
+
       - name: CI script
         run: ./ci/test_run_all.sh
 
-      - name: Save Ccache cache
-        uses: actions/cache/save@v4
-        if: github.event_name != 'pull_request' && steps.ccache-cache.outputs.cache-hit != 'true'
+      - name: Save caches
+        uses: ./.github/actions/save-caches
+
+  lint:
+    name: 'lint'
+    needs: runners
+    runs-on: ${{ needs.runners.outputs.use-cirrus-runners == 'true' && 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-xs' || 'ubuntu-24.04' }}
+    if: ${{ vars.SKIP_BRANCH_PUSH != 'true' || github.event_name == 'pull_request' }}
+    timeout-minutes: 20
+    env:
+      CONTAINER_NAME: "bitcoin-linter"
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
         with:
-          path: ${{ env.CCACHE_DIR }}
-          # https://github.com/actions/cache/blob/main/tips-and-workarounds.md#update-a-cache
-          key: ${{ github.job }}-ccache-${{ github.run_id }}
+          ref: *CHECKOUT_REF_TMPL
+          fetch-depth: 0
+
+      - name: Configure Docker
+        uses: ./.github/actions/configure-docker
+        with:
+          use-cirrus: ${{ needs.runners.outputs.use-cirrus-runners }}
+
+      - name: CI script
+        run: |
+          set -o xtrace
+          docker buildx build -t "$CONTAINER_NAME" $DOCKER_BUILD_CACHE_ARG --file "./ci/lint_imagefile" .
+          CIRRUS_PR_FLAG=""
+          if [ "${{ github.event_name }}" = "pull_request" ]; then
+            CIRRUS_PR_FLAG="-e CIRRUS_PR=1"
+          fi
+          docker run --rm $CIRRUS_PR_FLAG -v "$(pwd)":/bitcoin "$CONTAINER_NAME"

CMakeLists.txt

@@ -19,15 +19,19 @@ if(POLICY CMP0171)
   cmake_policy(SET CMP0171 NEW)
 endif()
 
+# When adjusting CMake flag variables, we must not override those explicitly
+# set by the user. These are a subset of the CACHE_VARIABLES property.
+get_directory_property(precious_variables CACHE_VARIABLES)
+
 #=============================
 # Project / Package metadata
 #=============================
 set(CLIENT_NAME "Bitcoin Core")
-set(CLIENT_VERSION_MAJOR 28)
-set(CLIENT_VERSION_MINOR 99)
+set(CLIENT_VERSION_MAJOR 29)
+set(CLIENT_VERSION_MINOR 3)
 set(CLIENT_VERSION_BUILD 0)
-set(CLIENT_VERSION_RC 0)
-set(CLIENT_VERSION_IS_RELEASE "false")
+set(CLIENT_VERSION_RC 1)
+set(CLIENT_VERSION_IS_RELEASE "true")
 set(COPYRIGHT_YEAR "2025")
 
 # During the enabling of the CXX and CXXOBJ languages, we modify
@@ -153,7 +157,7 @@ if(WITH_QRENCODE)
   set(USE_QRCODE TRUE)
 endif()
 
-cmake_dependent_option(WITH_DBUS "Enable DBus support." ON "CMAKE_SYSTEM_NAME STREQUAL \"Linux\" AND BUILD_GUI" OFF)
+cmake_dependent_option(WITH_DBUS "Enable DBus support." ON "NOT CMAKE_SYSTEM_NAME MATCHES \"(Windows|Darwin)\" AND BUILD_GUI" OFF)
 
 option(WITH_MULTIPROCESS "Build multiprocess bitcoin-node and bitcoin-gui executables in addition to monolithic bitcoind and bitcoin-qt executables. Requires libmultiprocess library. Experimental." OFF)
 if(WITH_MULTIPROCESS)
@@ -376,6 +380,7 @@ if(SANITIZERS)
       int main() { return 0; }
     "
     RESULT_VAR linker_supports_sanitizers
+    NO_CACHE_IF_FAILED
   )
   if(NOT linker_supports_sanitizers)
     message(FATAL_ERROR "Linker did not accept requested flags, you are missing required libraries.")
@@ -659,7 +664,7 @@ message("  external signer ..................... ${ENABLE_EXTERNAL_SIGNER}")
 message("  ZeroMQ .............................. ${WITH_ZMQ}")
 message("  USDT tracing ........................ ${WITH_USDT}")
 message("  QR code (GUI) ....................... ${WITH_QRENCODE}")
-message("  DBus (GUI, Linux only) .............. ${WITH_DBUS}")
+message("  DBus (GUI) .......................... ${WITH_DBUS}")
 message("Tests:")
 message("  test_bitcoin ........................ ${BUILD_TESTS}")
 message("  test_bitcoin-qt ..................... ${BUILD_GUI_TESTS}")

CMakePresets.json

@@ -1,6 +1,5 @@
 {
   "version": 3,
-  "cmakeMinimumRequired": {"major": 3, "minor": 21, "patch": 0},
   "configurePresets": [
     {
       "name": "vs2022",

README.md

@@ -70,7 +70,7 @@ Translations
 ------------
 
 Changes to translations as well as new translations can be submitted to
-[Bitcoin Core's Transifex page](https://www.transifex.com/bitcoin/bitcoin/).
+[Bitcoin Core's Transifex page](https://explore.transifex.com/bitcoin/bitcoin/).
 
 Translations are periodically pulled from Transifex and merged into the git repository. See the
 [translation process](doc/translation_process.md) for details on how this works.

ci/README.md

@@ -1,8 +1,8 @@
-## CI Scripts
+# CI Scripts
 
 This directory contains scripts for each build step in each build stage.
 
-### Running a Stage Locally
+## Running a Stage Locally
 
 Be aware that the tests will be built and run in-place, so please run at your own risk.
 If the repository is not a fresh git clone, you might have to clean files from previous builds or test runs first.
@@ -27,7 +27,7 @@ with a specific configuration,
 env -i HOME="$HOME" PATH="$PATH" USER="$USER" bash -c 'FILE_ENV="./ci/test/00_setup_env_arm.sh" ./ci/test_run_all.sh'
 ```
 
-### Configurations
+## Configurations
 
 The test files (`FILE_ENV`) are constructed to test a wide range of
 configurations, rather than a single pass/fail. This helps to catch build
@@ -49,8 +49,32 @@ env -i HOME="$HOME" PATH="$PATH" USER="$USER" bash -c 'MAKEJOBS="-j1" FILE_ENV="
 The files starting with `0n` (`n` greater than 0) are the scripts that are run
 in order.
 
-### Cache
+## Cache
 
 In order to avoid rebuilding all dependencies for each build, the binaries are
 cached and reused when possible. Changes in the dependency-generator will
 trigger cache-invalidation and rebuilds as necessary.
+
+## Configuring a repository for CI
+
+### Primary repository
+
+To configure the primary repository, follow these steps:
+
+1. Register with [Cirrus Runners](https://cirrus-runners.app/) and purchase runners.
+2. Install the Cirrus Runners GitHub app against the GitHub organization.
+3. Enable organisation-level runners to be used in public repositories:
+   1. `Org settings -> Actions -> Runner Groups -> Default -> Allow public repos`
+4. Permit the following actions to run:
+   1. cirruslabs/cache/restore@\*
+   1. cirruslabs/cache/save@\*
+   1. docker/setup-buildx-action@\*
+   1. actions/github-script@\*
+
+### Forked repositories
+
+When used in a fork the CI will run on GitHub's free hosted runners by default.
+In this case, due to GitHub's 10GB-per-repo cache size limitations caches will be frequently evicted and missed, but the workflows will run (slowly).
+
+It is also possible to use your own Cirrus Runners in your own fork with an appropriate patch to the `REPO_USE_CIRRUS_RUNNERS` variable in ../.github/workflows/ci.yml
+NB that Cirrus Runners only work at an organisation level, therefore in order to use your own Cirrus Runners, *the fork must be within your own organisation*.

ci/lint_run_all.sh

@@ -1,17 +0,0 @@
-#!/usr/bin/env bash
-#
-# Copyright (c) 2019-present The Bitcoin Core developers
-# Distributed under the MIT software license, see the accompanying
-# file COPYING or http://www.opensource.org/licenses/mit-license.php.
-
-export LC_ALL=C.UTF-8
-
-# Only used in .cirrus.yml. Refer to test/lint/README.md on how to run locally.
-
-cp "./ci/retry/retry" "/ci_retry"
-cp "./.python-version" "/.python-version"
-mkdir --parents "/test/lint"
-cp --recursive "./test/lint/test_runner" "/test/lint/"
-set -o errexit; source ./ci/lint/04_install.sh
-set -o errexit
-./ci/lint/06_script.sh

ci/test/00_setup_env.sh

@@ -35,7 +35,7 @@ fi
 
 echo "Fallback to default values in env (if not yet set)"
 # The number of parallel jobs to pass down to make and test_runner.py
-export MAKEJOBS=${MAKEJOBS:--j4}
+export MAKEJOBS=${MAKEJOBS:--j$(if command -v nproc > /dev/null 2>&1; then nproc; else sysctl -n hw.logicalcpu; fi)}
 # Whether to prefer BusyBox over GNU utilities
 export USE_BUSY_BOX=${USE_BUSY_BOX:-false}
 

ci/test/00_setup_env_mac_native.sh

@@ -8,6 +8,7 @@ export LC_ALL=C.UTF-8
 
 # Homebrew's python@3.12 is marked as externally managed (PEP 668).
 # Therefore, `--break-system-packages` is needed.
+export CONTAINER_NAME="ci_mac_native"  # macos does not use a container, but the env var is needed for logging
 export PIP_PACKAGES="--break-system-packages zmq"
 export GOAL="install"
 export CMAKE_GENERATOR="Ninja"

ci/test/00_setup_env_mac_native_fuzz.sh

@@ -6,6 +6,7 @@
 
 export LC_ALL=C.UTF-8
 
+export CONTAINER_NAME="ci_mac_native_fuzz"  # macos does not use a container, but the env var is needed for logging
 export CMAKE_GENERATOR="Ninja"
 export BITCOIN_CONFIG="-DBUILD_FOR_FUZZING=ON"
 export CI_OS_NAME="macos"

ci/test/00_setup_env_native_asan.sh

@@ -19,15 +19,15 @@ else
 fi
 
 export CONTAINER_NAME=ci_native_asan
-export APT_LLVM_V="20"
+export APT_LLVM_V="21"
 export PACKAGES="systemtap-sdt-dev clang-${APT_LLVM_V} llvm-${APT_LLVM_V} libclang-rt-${APT_LLVM_V}-dev python3-zmq qtbase5-dev qttools5-dev qttools5-dev-tools libevent-dev libboost-dev libdb5.3++-dev libzmq3-dev libqrencode-dev libsqlite3-dev ${BPFCC_PACKAGE}"
 export NO_DEPENDS=1
 export GOAL="install"
 export BITCOIN_CONFIG="\
  -DWITH_USDT=ON -DWITH_ZMQ=ON -DWITH_BDB=ON -DWARN_INCOMPATIBLE_BDB=OFF -DBUILD_GUI=ON \
  -DSANITIZERS=address,float-divide-by-zero,integer,undefined \
- -DCMAKE_C_COMPILER=clang-${APT_LLVM_V} \
- -DCMAKE_CXX_COMPILER=clang++-${APT_LLVM_V} \
+ -DCMAKE_C_COMPILER=clang \
+ -DCMAKE_CXX_COMPILER=clang++ \
  -DCMAKE_C_FLAGS='-ftrivial-auto-var-init=pattern' \
  -DCMAKE_CXX_FLAGS='-ftrivial-auto-var-init=pattern -Wno-error=deprecated-declarations' \
  -DAPPEND_CXXFLAGS='-std=c++23' \

ci/test/00_setup_env_native_centos.sh

@@ -8,7 +8,7 @@ export LC_ALL=C.UTF-8
 
 export CONTAINER_NAME=ci_native_centos
 export CI_IMAGE_NAME_TAG="quay.io/centos/centos:stream10"
-export CI_BASE_PACKAGES="gcc-c++ glibc-devel libstdc++-devel ccache make git python3 python3-pip which patch xz procps-ng ksh rsync coreutils bison e2fsprogs cmake"
+export CI_BASE_PACKAGES="gcc-c++ glibc-devel libstdc++-devel ccache make git python3 python3-pip which patch xz procps-ng rsync coreutils bison e2fsprogs cmake dash"
 export PIP_PACKAGES="pyzmq"
 export DEP_OPTS="DEBUG=1"  # Temporarily enable a DEBUG=1 build to check for GCC-bug-117966 regressions. This can be removed once the minimum GCC version is bumped to 12 in the previous releases task, see https://github.com/bitcoin/bitcoin/issues/31436#issuecomment-2530717875
 export GOAL="install"

ci/test/00_setup_env_native_fuzz.sh

@@ -8,7 +8,7 @@ export LC_ALL=C.UTF-8
 
 export CI_IMAGE_NAME_TAG="mirror.gcr.io/ubuntu:24.04"
 export CONTAINER_NAME=ci_native_fuzz
-export APT_LLVM_V="20"
+export APT_LLVM_V="21"
 export PACKAGES="clang-${APT_LLVM_V} llvm-${APT_LLVM_V} libclang-rt-${APT_LLVM_V}-dev libevent-dev libboost-dev libsqlite3-dev"
 export NO_DEPENDS=1
 export RUN_UNIT_TESTS=false
@@ -19,9 +19,8 @@ export CI_CONTAINER_CAP="--cap-add SYS_PTRACE"  # If run with (ASan + LSan), the
 export BITCOIN_CONFIG="\
  -DBUILD_FOR_FUZZING=ON \
  -DSANITIZERS=fuzzer,address,undefined,float-divide-by-zero,integer \
- -DCMAKE_C_COMPILER=clang-${APT_LLVM_V} \
- -DCMAKE_CXX_COMPILER=clang++-${APT_LLVM_V} \
+ -DCMAKE_C_COMPILER=clang \
+ -DCMAKE_CXX_COMPILER=clang++ \
  -DCMAKE_C_FLAGS='-ftrivial-auto-var-init=pattern' \
  -DCMAKE_CXX_FLAGS='-ftrivial-auto-var-init=pattern' \
 "
-export LLVM_SYMBOLIZER_PATH="/usr/bin/llvm-symbolizer-${APT_LLVM_V}"

ci/test/00_setup_env_native_fuzz_with_msan.sh

@@ -7,14 +7,16 @@
 export LC_ALL=C.UTF-8
 
 export CI_IMAGE_NAME_TAG="mirror.gcr.io/ubuntu:24.04"
-LIBCXX_DIR="/msan/cxx_build/"
+export APT_LLVM_V="21"
+LIBCXX_DIR="/cxx_build/"
 export MSAN_FLAGS="-fsanitize=memory -fsanitize-memory-track-origins=2 -fno-omit-frame-pointer -g -O1 -fno-optimize-sibling-calls"
-LIBCXX_FLAGS="-nostdinc++ -nostdlib++ -isystem ${LIBCXX_DIR}include/c++/v1 -L${LIBCXX_DIR}lib -Wl,-rpath,${LIBCXX_DIR}lib -lc++ -lc++abi -lpthread -Wno-unused-command-line-argument"
+# -lstdc++ to resolve link issues due to upstream packaging
+LIBCXX_FLAGS="-nostdinc++ -nostdlib++ -isystem ${LIBCXX_DIR}include/c++/v1 -L${LIBCXX_DIR}lib -Wl,-rpath,${LIBCXX_DIR}lib -lc++ -lc++abi -lpthread -Wno-unused-command-line-argument -lstdc++"
 export MSAN_AND_LIBCXX_FLAGS="${MSAN_FLAGS} ${LIBCXX_FLAGS}"
 
 export CONTAINER_NAME="ci_native_fuzz_msan"
-export PACKAGES="ninja-build"
 # BDB generates false-positives and will be removed in future
+export PACKAGES="ninja-build clang-${APT_LLVM_V} llvm-${APT_LLVM_V} llvm-${APT_LLVM_V}-dev libclang-${APT_LLVM_V}-dev libclang-rt-${APT_LLVM_V}-dev"
 export DEP_OPTS="DEBUG=1 NO_BDB=1 NO_QT=1 CC=clang CXX=clang++ CFLAGS='${MSAN_FLAGS}' CXXFLAGS='${MSAN_AND_LIBCXX_FLAGS}'"
 export GOAL="all"
 # Setting CMAKE_{C,CXX}_FLAGS_DEBUG flags to an empty string ensures that the flags set in MSAN_FLAGS remain unaltered.
@@ -27,7 +29,7 @@ export BITCOIN_CONFIG="\
  -DSANITIZERS=fuzzer,memory \
  -DAPPEND_CPPFLAGS='-DBOOST_MULTI_INDEX_ENABLE_SAFE_MODE -U_FORTIFY_SOURCE' \
 "
-export USE_MEMORY_SANITIZER="true"
+export USE_INSTRUMENTED_LIBCPP="MemoryWithOrigins"
 export RUN_UNIT_TESTS="false"
 export RUN_FUNCTIONAL_TESTS="false"
 export RUN_FUZZ_TESTS=true

ci/test/00_setup_env_native_msan.sh

@@ -7,13 +7,14 @@
 export LC_ALL=C.UTF-8
 
 export CI_IMAGE_NAME_TAG="mirror.gcr.io/ubuntu:24.04"
-LIBCXX_DIR="/msan/cxx_build/"
+export APT_LLVM_V="21"
+LIBCXX_DIR="/cxx_build/"
 export MSAN_FLAGS="-fsanitize=memory -fsanitize-memory-track-origins=2 -fno-omit-frame-pointer -g -O1 -fno-optimize-sibling-calls"
 LIBCXX_FLAGS="-nostdinc++ -nostdlib++ -isystem ${LIBCXX_DIR}include/c++/v1 -L${LIBCXX_DIR}lib -Wl,-rpath,${LIBCXX_DIR}lib -lc++ -lc++abi -lpthread -Wno-unused-command-line-argument"
 export MSAN_AND_LIBCXX_FLAGS="${MSAN_FLAGS} ${LIBCXX_FLAGS}"
 
 export CONTAINER_NAME="ci_native_msan"
-export PACKAGES="ninja-build"
+export PACKAGES="clang-${APT_LLVM_V} llvm-${APT_LLVM_V} llvm-${APT_LLVM_V}-dev libclang-${APT_LLVM_V}-dev libclang-rt-${APT_LLVM_V}-dev ninja-build"
 # BDB generates false-positives and will be removed in future
 export DEP_OPTS="DEBUG=1 NO_BDB=1 NO_QT=1 CC=clang CXX=clang++ CFLAGS='${MSAN_FLAGS}' CXXFLAGS='${MSAN_AND_LIBCXX_FLAGS}'"
 export GOAL="install"
@@ -26,4 +27,4 @@ export BITCOIN_CONFIG="\
  -DSANITIZERS=memory \
  -DAPPEND_CPPFLAGS='-U_FORTIFY_SOURCE' \
 "
-export USE_MEMORY_SANITIZER="true"
+export USE_INSTRUMENTED_LIBCPP="MemoryWithOrigins"

ci/test/00_setup_env_native_tsan.sh

@@ -8,9 +8,12 @@ export LC_ALL=C.UTF-8
 
 export CONTAINER_NAME=ci_native_tsan
 export CI_IMAGE_NAME_TAG="mirror.gcr.io/ubuntu:24.04"
-export APT_LLVM_V="20"
-export PACKAGES="clang-${APT_LLVM_V} llvm-${APT_LLVM_V} libclang-rt-${APT_LLVM_V}-dev libc++abi-${APT_LLVM_V}-dev libc++-${APT_LLVM_V}-dev python3-zmq"
-export DEP_OPTS="CC=clang-${APT_LLVM_V} CXX='clang++-${APT_LLVM_V} -stdlib=libc++'"
+export APT_LLVM_V="21"
+LIBCXX_DIR="/cxx_build/"
+LIBCXX_FLAGS="-fsanitize=thread -nostdinc++ -nostdlib++ -isystem ${LIBCXX_DIR}include/c++/v1 -L${LIBCXX_DIR}lib -Wl,-rpath,${LIBCXX_DIR}lib -lc++ -lc++abi -lpthread -Wno-unused-command-line-argument"
+export PACKAGES="clang-${APT_LLVM_V} llvm-${APT_LLVM_V} llvm-${APT_LLVM_V}-dev libclang-${APT_LLVM_V}-dev libclang-rt-${APT_LLVM_V}-dev python3-zmq ninja-build"
+export DEP_OPTS="CC=clang CXX=clang++ CXXFLAGS='${LIBCXX_FLAGS}' NO_QT=1"
 export GOAL="install"
 export BITCOIN_CONFIG="-DWITH_ZMQ=ON -DSANITIZERS=thread \
--DAPPEND_CPPFLAGS='-DARENA_DEBUG -DDEBUG_LOCKORDER -DDEBUG_LOCKCONTENTION -D_LIBCPP_REMOVE_TRANSITIVE_INCLUDES'"
+-DAPPEND_CPPFLAGS='-DARENA_DEBUG -DDEBUG_LOCKCONTENTION -D_LIBCPP_REMOVE_TRANSITIVE_INCLUDES'"
+export USE_INSTRUMENTED_LIBCPP="Thread"

ci/test/01_base_install.sh

@@ -43,32 +43,24 @@ elif [ "$CI_OS_NAME" != "macos" ]; then
   ${CI_RETRY_EXE} bash -c "apt-get install --no-install-recommends --no-upgrade -y $PACKAGES $CI_BASE_PACKAGES"
 fi
 
+if [ -n "${APT_LLVM_V}" ]; then
+  update-alternatives --install /usr/bin/clang++ clang++ "/usr/bin/clang++-${APT_LLVM_V}" 100
+  update-alternatives --install /usr/bin/clang clang "/usr/bin/clang-${APT_LLVM_V}" 100
+  update-alternatives --install /usr/bin/llvm-symbolizer llvm-symbolizer "/usr/bin/llvm-symbolizer-${APT_LLVM_V}" 100
+fi
+
 if [ -n "$PIP_PACKAGES" ]; then
   # shellcheck disable=SC2086
   ${CI_RETRY_EXE} pip3 install --user $PIP_PACKAGES
 fi
 
-if [[ ${USE_MEMORY_SANITIZER} == "true" ]]; then
-  ${CI_RETRY_EXE} git clone --depth=1 https://github.com/llvm/llvm-project -b "llvmorg-20.1.0" /msan/llvm-project
+if [[ -n "${USE_INSTRUMENTED_LIBCPP}" ]]; then
+  ${CI_RETRY_EXE} git clone --depth=1 https://github.com/llvm/llvm-project -b "llvmorg-21.1.1" /llvm-project
 
-  cmake -G Ninja -B /msan/clang_build/ \
-    -DLLVM_ENABLE_PROJECTS="clang" \
-    -DCMAKE_BUILD_TYPE=Release \
-    -DLLVM_TARGETS_TO_BUILD=Native \
-    -DLLVM_ENABLE_RUNTIMES="compiler-rt;libcxx;libcxxabi;libunwind" \
-    -S /msan/llvm-project/llvm
-
-  ninja -C /msan/clang_build/ "$MAKEJOBS"
-  ninja -C /msan/clang_build/ install-runtimes
-
-  update-alternatives --install /usr/bin/clang++ clang++ /msan/clang_build/bin/clang++ 100
-  update-alternatives --install /usr/bin/clang clang /msan/clang_build/bin/clang 100
-  update-alternatives --install /usr/bin/llvm-symbolizer llvm-symbolizer /msan/clang_build/bin/llvm-symbolizer 100
-
-  cmake -G Ninja -B /msan/cxx_build/ \
+  cmake -G Ninja -B /cxx_build/ \
     -DLLVM_ENABLE_RUNTIMES="libcxx;libcxxabi;libunwind" \
     -DCMAKE_BUILD_TYPE=Release \
-    -DLLVM_USE_SANITIZER=MemoryWithOrigins \
+    -DLLVM_USE_SANITIZER="${USE_INSTRUMENTED_LIBCPP}" \
     -DCMAKE_C_COMPILER=clang \
     -DCMAKE_CXX_COMPILER=clang++ \
     -DLLVM_TARGETS_TO_BUILD=Native \
@@ -76,13 +68,13 @@ if [[ ${USE_MEMORY_SANITIZER} == "true" ]]; then
     -DLIBCXXABI_USE_LLVM_UNWINDER=OFF \
     -DLIBCXX_ABI_DEFINES="_LIBCPP_ABI_BOUNDED_ITERATORS;_LIBCPP_ABI_BOUNDED_ITERATORS_IN_STD_ARRAY;_LIBCPP_ABI_BOUNDED_ITERATORS_IN_STRING;_LIBCPP_ABI_BOUNDED_ITERATORS_IN_VECTOR;_LIBCPP_ABI_BOUNDED_UNIQUE_PTR" \
     -DLIBCXX_HARDENING_MODE=debug \
-    -S /msan/llvm-project/runtimes
+    -S /llvm-project/runtimes
 
-  ninja -C /msan/cxx_build/ "$MAKEJOBS"
+  ninja -C /cxx_build/ "$MAKEJOBS"
 
   # Clear no longer needed source folder
-  du -sh /msan/llvm-project
-  rm -rf /msan/llvm-project
+  du -sh /llvm-project
+  rm -rf /llvm-project
 fi
 
 if [[ "${RUN_TIDY}" == "true" ]]; then

ci/test/02_run_container.sh

@@ -23,34 +23,14 @@ if [ -z "$DANGER_RUN_CI_ON_HOST" ]; then
   fi
   echo "Creating $CI_IMAGE_NAME_TAG container to run in"
 
-  DOCKER_BUILD_CACHE_ARG=""
-  DOCKER_BUILD_CACHE_TEMPDIR=""
-  DOCKER_BUILD_CACHE_OLD_DIR=""
-  DOCKER_BUILD_CACHE_NEW_DIR=""
-  # If set, use an `docker build` cache directory on the CI host
-  # to cache docker image layers for the CI container image.
-  # This cache can be multiple GB in size. Prefixed with DANGER
-  # as setting it removes (old cache) files from the host.
-  if [ "$DANGER_DOCKER_BUILD_CACHE_HOST_DIR" ]; then
-    # Directory where the current cache for this run could be. If not existing
-    # or empty, "docker build" will warn, but treat it as cache-miss and continue.
-    DOCKER_BUILD_CACHE_OLD_DIR="${DANGER_DOCKER_BUILD_CACHE_HOST_DIR}/${CONTAINER_NAME}"
-    # Temporary directory for a newly created cache. We can't write the new
-    # cache into OLD_DIR directly, as old cache layers would not be removed.
-    # The NEW_DIR contents are moved to OLD_DIR after OLD_DIR has been cleared.
-    # This happens after `docker build`. If a task fails or is aborted, the
-    # DOCKER_BUILD_CACHE_TEMPDIR might be retained on the host. If the host isn't
-    # ephemeral, it has to take care of cleaning old TEMPDIR's up.
-    DOCKER_BUILD_CACHE_TEMPDIR="$(mktemp --directory ci-docker-build-cache-XXXXXXXXXX)"
-    DOCKER_BUILD_CACHE_NEW_DIR="${DOCKER_BUILD_CACHE_TEMPDIR}/${CONTAINER_NAME}"
-    DOCKER_BUILD_CACHE_ARG="--cache-from type=local,src=${DOCKER_BUILD_CACHE_OLD_DIR} --cache-to type=local,dest=${DOCKER_BUILD_CACHE_NEW_DIR},mode=max"
-  fi
-
+  # Use buildx unconditionally
+  # Using buildx is required to properly load the correct driver, for use with registry caching. Neither build, nor BUILDKIT=1 currently do this properly
   # shellcheck disable=SC2086
-  DOCKER_BUILDKIT=1 docker build \
+  docker buildx build \
       --file "${BASE_READ_ONLY_DIR}/ci/test_imagefile" \
       --build-arg "CI_IMAGE_NAME_TAG=${CI_IMAGE_NAME_TAG}" \
       --build-arg "FILE_ENV=${FILE_ENV}" \
+      --build-arg "BASE_ROOT_DIR=${BASE_ROOT_DIR}" \
       $MAYBE_CPUSET \
       --platform="${CI_IMAGE_PLATFORM}" \
       --label="${CI_IMAGE_LABEL}" \
@@ -58,15 +38,6 @@ if [ -z "$DANGER_RUN_CI_ON_HOST" ]; then
       $DOCKER_BUILD_CACHE_ARG \
       "${BASE_READ_ONLY_DIR}"
 
-  if [ "$DANGER_DOCKER_BUILD_CACHE_HOST_DIR" ]; then
-    if [ -e "${DOCKER_BUILD_CACHE_NEW_DIR}/index.json" ]; then
-      echo "Removing the existing docker build cache in ${DOCKER_BUILD_CACHE_OLD_DIR}"
-      rm -rf "${DOCKER_BUILD_CACHE_OLD_DIR}"
-      echo "Moving the contents of ${DOCKER_BUILD_CACHE_NEW_DIR} to ${DOCKER_BUILD_CACHE_OLD_DIR}"
-      mv "${DOCKER_BUILD_CACHE_NEW_DIR}" "${DOCKER_BUILD_CACHE_OLD_DIR}"
-    fi
-  fi
-
   docker volume create "${CONTAINER_NAME}_ccache" || true
   docker volume create "${CONTAINER_NAME}_depends" || true
   docker volume create "${CONTAINER_NAME}_depends_sources" || true

ci/test/03_test_script.sh

@@ -24,6 +24,14 @@ fi
 echo "Free disk space:"
 df -h
 
+# We force an install of linux-headers again here via $PACKAGES to fix any
+# kernel mismatch between a cached docker image and the underlying host.
+# This can happen occasionally on hosted runners if the runner image is updated.
+if [[ "$CONTAINER_NAME" == "ci_native_asan" ]]; then
+  $CI_RETRY_EXE apt-get update
+  ${CI_RETRY_EXE} bash -c "apt-get install --no-install-recommends --no-upgrade -y $PACKAGES"
+fi
+
 # What host to compile for. See also ./depends/README.md
 # Tests that need cross-compilation export the appropriate HOST.
 # Tests that run natively guess the host
@@ -92,7 +100,7 @@ fi
 
 if [ -z "$NO_DEPENDS" ]; then
   if [[ $CI_IMAGE_NAME_TAG == *centos* ]]; then
-    SHELL_OPTS="CONFIG_SHELL=/bin/ksh"  # Temporarily use ksh instead of dash, until https://bugzilla.redhat.com/show_bug.cgi?id=2335416 is fixed.
+    SHELL_OPTS="CONFIG_SHELL=/bin/dash"
   else
     SHELL_OPTS="CONFIG_SHELL="
   fi
@@ -129,6 +137,12 @@ bash -c "cmake -S $BASE_ROOT_DIR $BITCOIN_CONFIG_ALL $BITCOIN_CONFIG || ( (cat $
 bash -c "cmake --build . $MAKEJOBS --target all $GOAL" || ( echo "Build failure. Verbose build follows." && cmake --build . --target all "$GOAL" --verbose ; false )
 
 bash -c "${PRINT_CCACHE_STATISTICS}"
+if [ "$CI" = "true" ]; then
+  hit_rate=$(ccache -s | grep "Hits:" | head -1 | sed 's/.*(\(.*\)%).*/\1/')
+  if [ "${hit_rate%.*}" -lt 75 ]; then
+      echo "::notice title=low ccache hitrate::Ccache hit-rate in $CONTAINER_NAME was $hit_rate%"
+  fi
+fi
 du -sh "${DEPENDS_DIR}"/*/
 du -sh "${PREVIOUS_RELEASES_DIR}"
 

ci/test_imagefile

@@ -4,12 +4,16 @@
 
 # See ci/README.md for usage.
 
-ARG CI_IMAGE_NAME_TAG
+# We never want scratch, but default arg silences a Warning
+ARG CI_IMAGE_NAME_TAG=scratch
 FROM ${CI_IMAGE_NAME_TAG}
 
 ARG FILE_ENV
 ENV FILE_ENV=${FILE_ENV}
 
+ARG BASE_ROOT_DIR
+ENV BASE_ROOT_DIR=${BASE_ROOT_DIR}
+
 COPY ./ci/retry/retry /usr/bin/retry
 COPY ./ci/test/00_setup_env.sh ./${FILE_ENV} ./ci/test/01_base_install.sh /ci_container_base/ci/test/
 

cmake/module/AddBoostIfNeeded.cmake

@@ -17,6 +17,18 @@ function(add_boost_if_needed)
   directory and other added INTERFACE properties.
   ]=]
 
+  if(CMAKE_HOST_APPLE)
+    find_program(HOMEBREW_EXECUTABLE brew)
+    if(HOMEBREW_EXECUTABLE)
+      execute_process(
+        COMMAND ${HOMEBREW_EXECUTABLE} --prefix boost
+        OUTPUT_VARIABLE Boost_ROOT
+        ERROR_QUIET
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+      )
+    endif()
+  endif()
+
   # We cannot rely on find_package(Boost ...) to work properly without
   # Boost_NO_BOOST_CMAKE set until we require a more recent Boost because
   # upstream did not ship proper CMake files until 1.82.0.

cmake/module/FindQRencode.cmake

@@ -21,16 +21,16 @@ endif()
 
 find_path(QRencode_INCLUDE_DIR
   NAMES qrencode.h
-  PATHS ${PC_QRencode_INCLUDE_DIRS}
+  HINTS ${PC_QRencode_INCLUDE_DIRS}
 )
 
 find_library(QRencode_LIBRARY_RELEASE
   NAMES qrencode
-  PATHS ${PC_QRencode_LIBRARY_DIRS}
+  HINTS ${PC_QRencode_LIBRARY_DIRS}
 )
 find_library(QRencode_LIBRARY_DEBUG
   NAMES qrencoded qrencode
-  PATHS ${PC_QRencode_LIBRARY_DIRS}
+  HINTS ${PC_QRencode_LIBRARY_DIRS}
 )
 include(SelectLibraryConfigurations)
 select_library_configurations(QRencode)

cmake/module/FindUSDT.cmake

@@ -36,6 +36,10 @@ if(USDT_INCLUDE_DIR)
   include(CheckCXXSourceCompiles)
   set(CMAKE_REQUIRED_INCLUDES ${USDT_INCLUDE_DIR})
   check_cxx_source_compiles("
+    #if defined(__arm__)
+    #  define STAP_SDT_ARG_CONSTRAINT g
+    #endif
+
     // Setting SDT_USE_VARIADIC lets systemtap (sys/sdt.h) know that we want to use
     // the optional variadic macros to define tracepoints.
     #define SDT_USE_VARIADIC 1

cmake/module/Maintenance.cmake

@@ -83,6 +83,7 @@ function(add_macos_deploy_target)
       COMMAND ${CMAKE_COMMAND} --install ${PROJECT_BINARY_DIR} --config $<CONFIG> --component bitcoin-qt --prefix ${macos_app}/Contents/MacOS --strip
       COMMAND ${CMAKE_COMMAND} -E rename ${macos_app}/Contents/MacOS/bin/$<TARGET_FILE_NAME:bitcoin-qt> ${macos_app}/Contents/MacOS/Bitcoin-Qt
       COMMAND ${CMAKE_COMMAND} -E rm -rf ${macos_app}/Contents/MacOS/bin
+      COMMAND ${CMAKE_COMMAND} -E rm -rf ${macos_app}/Contents/MacOS/share
       VERBATIM
     )
 

cmake/module/ProcessConfigurations.cmake

@@ -105,14 +105,13 @@ function(remove_cxx_flag_from_all_configs flag)
 endfunction()
 
 function(replace_cxx_flag_in_config config old_flag new_flag)
-  string(TOUPPER "${config}" config_uppercase)
-  string(REGEX REPLACE "(^| )${old_flag}( |$)" "\\1${new_flag}\\2" new_flags "${CMAKE_CXX_FLAGS_${config_uppercase}}")
-  set(CMAKE_CXX_FLAGS_${config_uppercase} "${new_flags}" PARENT_SCOPE)
-  set(CMAKE_CXX_FLAGS_${config_uppercase} "${new_flags}"
-    CACHE STRING
-    "Flags used by the CXX compiler during ${config_uppercase} builds."
-    FORCE
-  )
+  string(TOUPPER "CMAKE_CXX_FLAGS_${config}" var_name)
+  if("${var_name}" IN_LIST precious_variables)
+    return()
+  endif()
+  string(REGEX REPLACE "(^| )${old_flag}( |$)" "\\1${new_flag}\\2" ${var_name} "${${var_name}}")
+  set(${var_name} "${${var_name}}" PARENT_SCOPE)
+  set_property(CACHE ${var_name} PROPERTY VALUE "${${var_name}}")
 endfunction()
 
 set_default_config(RelWithDebInfo)

cmake/module/TryAppendLinkerFlag.cmake

@@ -20,7 +20,7 @@ In configuration output, this function prints a string by the following pattern:
 function(try_append_linker_flag flag)
   cmake_parse_arguments(PARSE_ARGV 1
     TALF                              # prefix
-    ""                                # options
+    "NO_CACHE_IF_FAILED"              # options
     "TARGET;VAR;SOURCE;RESULT_VAR"    # one_value_keywords
     "IF_CHECK_PASSED"                 # multi_value_keywords
   )
@@ -68,6 +68,10 @@ function(try_append_linker_flag flag)
   if(DEFINED TALF_RESULT_VAR)
     set(${TALF_RESULT_VAR} "${${result}}" PARENT_SCOPE)
   endif()
+
+  if(NOT ${result} AND TALF_NO_CACHE_IF_FAILED)
+    unset(${result} CACHE)
+  endif()
 endfunction()
 
 if(MSVC)

contrib/devtools/gen-bitcoin-conf.sh

@@ -50,7 +50,8 @@ EOF
 # adding newlines is a bit funky to ensure portability for BSD
 # see here for more details: https://stackoverflow.com/a/24575385
 ${BITCOIND} --help \
-    | sed '1,/Print this help message and exit/d' \
+    | sed '1,/Options:/d' \
+    | sed -E '/^[[:space:]]{2}-help/,/^[[:space:]]*$/d' \
     | sed -E 's/^[[:space:]]{2}\-/#/' \
     | sed -E 's/^[[:space:]]{7}/# /' \
     | sed -E '/[=[:space:]]/!s/#.*$/&=1/' \

contrib/guix/INSTALL.md

@@ -319,7 +319,7 @@ Source: https://logs.guix.gnu.org/guix/2020-11-12.log#232527
 Start by cloning Guix:
 
 ```
-git clone https://git.savannah.gnu.org/git/guix.git
+git clone https://codeberg.org/guix/guix.git
 cd guix
 ```
 
@@ -607,7 +607,7 @@ checklist.
    ```
    Generation 38   Feb 22 2021 16:39:31    (current)
      guix f350df4
-       repository URL: https://git.savannah.gnu.org/git/guix.git
+       repository URL: https://codeberg.org/guix/guix.git
        branch: version-1.2.0
        commit: f350df405fbcd5b9e27e6b6aa500da7f101f41e7
    ```
@@ -760,8 +760,8 @@ Please see the following links for more details:
 
 - An upstream coreutils bug has been filed: [debbugs#47940](https://debbugs.gnu.org/cgi/bugreport.cgi?bug=47940)
 - A Guix bug detailing the underlying problem has been filed: [guix-issues#47935](https://issues.guix.gnu.org/47935), [guix-issues#49985](https://issues.guix.gnu.org/49985#5)
-- A commit to skip this test in Guix has been merged into the core-updates branch:
-[savannah/guix@6ba1058](https://git.savannah.gnu.org/cgit/guix.git/commit/?id=6ba1058df0c4ce5611c2367531ae5c3cdc729ab4)
+- A commit to skip this test is included since Guix 1.4.0:
+[codeberg/guix@6ba1058](https://codeberg.org/guix/guix/commit/6ba1058df0c4ce5611c2367531ae5c3cdc729ab4)
 
 
 [install-script]: #options-1-and-2-using-the-official-shell-installer-script-or-binary-tarball

contrib/guix/guix-build

@@ -69,6 +69,12 @@ fi
 
 mkdir -p "$VERSION_BASE"
 
+################
+# SOURCE_DATE_EPOCH should not unintentionally be set
+################
+
+check_source_date_epoch
+
 ################
 # Build directories should not exist
 ################

contrib/guix/guix-codesign

@@ -67,6 +67,12 @@ EOF
 exit 1
 fi
 
+################
+# SOURCE_DATE_EPOCH should not unintentionally be set
+################
+
+check_source_date_epoch
+
 ################
 # The codesignature git worktree should not be dirty
 ################

contrib/guix/libexec/prelude.bash

@@ -21,6 +21,26 @@ check_tools() {
     done
 }
 
+################
+# SOURCE_DATE_EPOCH should not unintentionally be set
+################
+
+check_source_date_epoch() {
+    if [ -n "$SOURCE_DATE_EPOCH" ] && [ -z "$FORCE_SOURCE_DATE_EPOCH" ]; then
+        cat << EOF
+ERR: Environment variable SOURCE_DATE_EPOCH is set which may break reproducibility.
+
+     Aborting...
+
+Hint: You may want to:
+      1. Unset this variable: \`unset SOURCE_DATE_EPOCH\` before rebuilding
+      2. Set the 'FORCE_SOURCE_DATE_EPOCH' environment variable if you insist on
+         using your own epoch
+EOF
+        exit 1
+    fi
+}
+
 check_tools cat env readlink dirname basename git
 
 ################
@@ -50,7 +70,7 @@ fi
 # across time.
 time-machine() {
     # shellcheck disable=SC2086
-    guix time-machine --url=https://git.savannah.gnu.org/git/guix.git \
+    guix time-machine --url=https://codeberg.org/guix/guix.git \
                       --commit=53396a22afc04536ddf75d8f82ad2eafa5082725 \
                       --cores="$JOBS" \
                       --keep-failed \

contrib/guix/manifest.scm

@@ -2,6 +2,7 @@
              ((gnu packages bash) #:select (bash-minimal))
              (gnu packages bison)
              ((gnu packages certs) #:select (nss-certs))
+             ((gnu packages check) #:select (libfaketime))
              ((gnu packages cmake) #:select (cmake-minimal))
              (gnu packages commencement)
              (gnu packages compression)
@@ -209,7 +210,17 @@ and abstract ELF, PE and MachO formats.")
                (base32
                 "1j47vwq4caxfv0xw68kw5yh00qcpbd56d7rq6c483ma3y7s96yyz"))))
     (build-system cmake-build-system)
-    (inputs (list openssl))
+    (arguments
+     (list
+      #:phases
+      #~(modify-phases %standard-phases
+          (replace 'check
+            (lambda* (#:key tests? #:allow-other-keys)
+              (if tests?
+                  (invoke "faketime" "-f" "@2025-01-01 00:00:00" ;; Tests fail after 2025.
+                          "ctest" "--output-on-failure" "--no-tests=error")
+                  (format #t "test suite not run~%")))))))
+    (inputs (list libfaketime openssl))
     (home-page "https://github.com/mtrojnar/osslsigncode")
     (synopsis "Authenticode signing and timestamping tool")
     (description "osslsigncode is a small tool that implements part of the

contrib/macdeploy/macdeployqtplus

@@ -465,18 +465,18 @@ if config.translations_dir:
         sys.stderr.write(f"Error: Could not find translation dir \"{config.translations_dir[0]}\"\n")
         sys.exit(1)
 
-print("+ Adding Qt translations +")
+    print("+ Adding Qt translations +")
 
-translations = Path(config.translations_dir[0])
+    translations = Path(config.translations_dir[0])
 
-regex = re.compile('qt_[a-z]*(.qm|_[A-Z]*.qm)')
+    regex = re.compile('qt_[a-z]*(.qm|_[A-Z]*.qm)')
 
-lang_files = [x for x in translations.iterdir() if regex.match(x.name)]
+    lang_files = [x for x in translations.iterdir() if regex.match(x.name)]
 
-for file in lang_files:
-    if verbose:
-        print(file.as_posix(), "->", os.path.join(applicationBundle.resourcesPath, file.name))
-    shutil.copy2(file.as_posix(), os.path.join(applicationBundle.resourcesPath, file.name))
+    for file in lang_files:
+        if verbose:
+            print(file.as_posix(), "->", os.path.join(applicationBundle.resourcesPath, file.name))
+        shutil.copy2(file.as_posix(), os.path.join(applicationBundle.resourcesPath, file.name))
 
 # ------------------------------------------------
 

contrib/seeds/README.md

@@ -10,14 +10,13 @@ to addrman with).
 
 Update `MIN_BLOCKS` in  `makeseeds.py` and the `-m`/`--minblocks` arguments below, as needed.
 
-The seeds compiled into the release are created from sipa's, achow101's and luke-jr's
+The seeds compiled into the release are created from sipa's and achow101's
 DNS seed, virtu's crawler, and asmap community AS map data. Run the following commands
 from the `/contrib/seeds` directory:
 
 ```
 curl https://bitcoin.sipa.be/seeds.txt.gz | gzip -dc > seeds_main.txt
 curl https://21.ninja/seeds.txt.gz | gzip -dc >> seeds_main.txt
-curl https://luke.dashjr.org/programs/bitcoin/files/charts/seeds.txt >> seeds_main.txt
 curl https://mainnet.achownodes.xyz/seeds.txt.gz | gzip -dc >> seeds_main.txt
 curl https://signet.achownodes.xyz/seeds.txt.gz | gzip -dc > seeds_signet.txt
 curl https://testnet.achownodes.xyz/seeds.txt.gz | gzip -dc > seeds_test.txt

contrib/tracing/mempool_monitor.py

@@ -66,7 +66,7 @@ BPF_PERF_OUTPUT(replaced_events);
 int trace_added(struct pt_regs *ctx) {
   struct added_event added = {};
   void *phash = NULL;
-  bpf_usdt_readarg(1, ctx, phash);
+  bpf_usdt_readarg(1, ctx, &phash);
   bpf_probe_read_user(&added.hash, sizeof(added.hash), phash);
   bpf_usdt_readarg(2, ctx, &added.vsize);
   bpf_usdt_readarg(3, ctx, &added.fee);
@@ -78,9 +78,9 @@ int trace_added(struct pt_regs *ctx) {
 int trace_removed(struct pt_regs *ctx) {
   struct removed_event removed = {};
   void *phash = NULL, *preason = NULL;
-  bpf_usdt_readarg(1, ctx, phash);
+  bpf_usdt_readarg(1, ctx, &phash);
   bpf_probe_read_user(&removed.hash, sizeof(removed.hash), phash);
-  bpf_usdt_readarg(1, ctx, preason);
+  bpf_usdt_readarg(2, ctx, &preason);
   bpf_probe_read_user_str(&removed.reason, sizeof(removed.reason), preason);
   bpf_usdt_readarg(3, ctx, &removed.vsize);
   bpf_usdt_readarg(4, ctx, &removed.fee);
@@ -93,9 +93,9 @@ int trace_removed(struct pt_regs *ctx) {
 int trace_rejected(struct pt_regs *ctx) {
   struct rejected_event rejected = {};
   void *phash = NULL, *preason = NULL;
-  bpf_usdt_readarg(1, ctx, phash);
+  bpf_usdt_readarg(1, ctx, &phash);
   bpf_probe_read_user(&rejected.hash, sizeof(rejected.hash), phash);
-  bpf_usdt_readarg(1, ctx, preason);
+  bpf_usdt_readarg(2, ctx, &preason);
   bpf_probe_read_user_str(&rejected.reason, sizeof(rejected.reason), preason);
   rejected_events.perf_submit(ctx, &rejected, sizeof(rejected));
   return 0;
@@ -104,12 +104,12 @@ int trace_rejected(struct pt_regs *ctx) {
 int trace_replaced(struct pt_regs *ctx) {
   struct replaced_event replaced = {};
   void *phash_replaced = NULL, *phash_replacement = NULL;
-  bpf_usdt_readarg(1, ctx, phash_replaced);
+  bpf_usdt_readarg(1, ctx, &phash_replaced);
   bpf_probe_read_user(&replaced.replaced_hash, sizeof(replaced.replaced_hash), phash_replaced);
   bpf_usdt_readarg(2, ctx, &replaced.replaced_vsize);
   bpf_usdt_readarg(3, ctx, &replaced.replaced_fee);
   bpf_usdt_readarg(4, ctx, &replaced.replaced_entry_time);
-  bpf_usdt_readarg(5, ctx, phash_replacement);
+  bpf_usdt_readarg(5, ctx, &phash_replacement);
   bpf_probe_read_user(&replaced.replacement_hash, sizeof(replaced.replacement_hash), phash_replacement);
   bpf_usdt_readarg(6, ctx, &replaced.replacement_vsize);
   bpf_usdt_readarg(7, ctx, &replaced.replacement_fee);

contrib/tracing/p2p_monitor.py

@@ -54,7 +54,7 @@ int trace_inbound_message(struct pt_regs *ctx) {
     bpf_probe_read_user_str(&msg.peer_addr, sizeof(msg.peer_addr), paddr);
     bpf_usdt_readarg(3, ctx, &pconn_type);
     bpf_probe_read_user_str(&msg.peer_conn_type, sizeof(msg.peer_conn_type), pconn_type);
-    bpf_usdt_readarg(4, ctx, &pconn_type);
+    bpf_usdt_readarg(4, ctx, &pmsg_type);
     bpf_probe_read_user_str(&msg.msg_type, sizeof(msg.msg_type), pmsg_type);
     bpf_usdt_readarg(5, ctx, &msg.msg_size);
 
@@ -71,7 +71,7 @@ int trace_outbound_message(struct pt_regs *ctx) {
     bpf_probe_read_user_str(&msg.peer_addr, sizeof(msg.peer_addr), paddr);
     bpf_usdt_readarg(3, ctx, &pconn_type);
     bpf_probe_read_user_str(&msg.peer_conn_type, sizeof(msg.peer_conn_type), pconn_type);
-    bpf_usdt_readarg(4, ctx, &pconn_type);
+    bpf_usdt_readarg(4, ctx, &pmsg_type);
     bpf_probe_read_user_str(&msg.msg_type, sizeof(msg.msg_type), pmsg_type);
     bpf_usdt_readarg(5, ctx, &msg.msg_size);
 

depends/Makefile

@@ -206,6 +206,7 @@ endif
 $(host_prefix)/toolchain.cmake : toolchain.cmake.in $(host_prefix)/.stamp_$(final_build_id)
 	@mkdir -p $(@D)
 	sed -e 's|@depends_crosscompiling@|$(crosscompiling)|' \
+            -e 's|@host@|$(host)|' \
             -e 's|@host_system_name@|$($(host_os)_cmake_system_name)|' \
             -e 's|@host_system_version@|$($(host_os)_cmake_system_version)|' \
             -e 's|@host_arch@|$(host_arch)|' \

depends/README.md

@@ -90,15 +90,15 @@ For linux S390X cross compilation:
 
 ### Install the required dependencies: FreeBSD
 
-    pkg install bash
+    pkg install bash cmake curl gmake
 
 ### Install the required dependencies: NetBSD
 
-    pkgin install bash gmake
+    pkgin install bash cmake curl gmake perl
 
 ### Install the required dependencies: OpenBSD
 
-    pkg_add bash gmake gtar
+    pkg_add bash cmake curl gmake gtar
 
 ### Dependency Options
 

depends/builders/freebsd.mk

@@ -3,3 +3,7 @@ build_freebsd_CXX=clang++
 
 build_freebsd_SHA256SUM = sha256sum
 build_freebsd_DOWNLOAD = curl --location --fail --connect-timeout $(DOWNLOAD_CONNECT_TIMEOUT) --retry $(DOWNLOAD_RETRIES) -o
+
+# freebsd host on freebsd builder: override freebsd host preferences.
+freebsd_CC = clang
+freebsd_CXX = clang++

depends/builders/openbsd.mk

@@ -1,9 +1,13 @@
 build_openbsd_CC = clang
 build_openbsd_CXX = clang++
 
-build_openbsd_SHA256SUM = sha256
+build_openbsd_SHA256SUM = sha256 -r
 build_openbsd_DOWNLOAD = curl --location --fail --connect-timeout $(DOWNLOAD_CONNECT_TIMEOUT) --retry $(DOWNLOAD_RETRIES) -o
 
 build_openbsd_TAR = gtar
 # openBSD touch doesn't understand -h
 build_openbsd_TOUCH = touch -m -t 200001011200
+
+# openbsd host on openbsd builder: override openbsd host preferences.
+openbsd_CC = clang
+openbsd_CXX = clang++

depends/funcs.mk

@@ -187,6 +187,7 @@ $(1)_cmake=env CC="$$($(1)_cc)" \
                -DCMAKE_INSTALL_LIBDIR=lib/ \
                -DCMAKE_POSITION_INDEPENDENT_CODE=ON \
                -DCMAKE_VERBOSE_MAKEFILE:BOOL=$(V) \
+               -DCMAKE_EXPORT_NO_PACKAGE_REGISTRY:BOOL=TRUE \
                $$($(1)_config_opts)
 ifeq ($($(1)_type),build)
 $(1)_cmake += -DCMAKE_INSTALL_RPATH:PATH="$$($($(1)_type)_prefix)/lib"

depends/packages/capnp.mk

@@ -5,7 +5,7 @@ $(package)_download_file=$(native_$(package)_download_file)
 $(package)_file_name=$(native_$(package)_file_name)
 $(package)_sha256_hash=$(native_$(package)_sha256_hash)
 
-define $(package)_set_vars :=
+define $(package)_set_vars
   $(package)_config_opts := -DBUILD_TESTING=OFF
   $(package)_config_opts += -DWITH_OPENSSL=OFF
   $(package)_config_opts += -DWITH_ZLIB=OFF

depends/packages/freetype.mk

@@ -4,6 +4,7 @@ $(package)_download_path=https://download.savannah.gnu.org/releases/$(package)
 $(package)_file_name=$(package)-$($(package)_version).tar.xz
 $(package)_sha256_hash=8bee39bd3968c4804b70614a0a3ad597299ad0e824bc8aad5ce8aaf48067bde7
 $(package)_build_subdir=build
+$(package)_patches += cmake_minimum.patch
 
 define $(package)_set_vars
   $(package)_config_opts := -DCMAKE_BUILD_TYPE=None -DBUILD_SHARED_LIBS=TRUE
@@ -12,6 +13,10 @@ define $(package)_set_vars
   $(package)_config_opts += -DCMAKE_DISABLE_FIND_PACKAGE_BrotliDec=TRUE
 endef
 
+define $(package)_preprocess_cmds
+  patch -p1 < $($(package)_patch_dir)/cmake_minimum.patch
+endef
+
 define $(package)_config_cmds
   $($(package)_cmake) -S .. -B .
 endef

depends/packages/libevent.mk

@@ -5,6 +5,7 @@ $(package)_file_name=$(package)-$($(package)_version).tar.gz
 $(package)_sha256_hash=92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb
 $(package)_patches=cmake_fixups.patch
 $(package)_patches += netbsd_fixup.patch
+$(package)_patches += winver_fixup.patch
 $(package)_build_subdir=build
 
 # When building for Windows, we set _WIN32_WINNT to target the same Windows
@@ -25,7 +26,8 @@ endef
 
 define $(package)_preprocess_cmds
   patch -p1 < $($(package)_patch_dir)/cmake_fixups.patch && \
-  patch -p1 < $($(package)_patch_dir)/netbsd_fixup.patch
+  patch -p1 < $($(package)_patch_dir)/netbsd_fixup.patch && \
+  patch -p1 < $($(package)_patch_dir)/winver_fixup.patch
 endef
 
 define $(package)_config_cmds

depends/packages/libmultiprocess.mk

@@ -8,7 +8,7 @@ ifneq ($(host),$(build))
 $(package)_dependencies += native_capnp
 endif
 
-define $(package)_set_vars :=
+define $(package)_set_vars
 ifneq ($(host),$(build))
 $(package)_config_opts := -DCAPNP_EXECUTABLE="$$(native_capnp_prefixbin)/capnp"
 $(package)_config_opts += -DCAPNPC_CXX_EXECUTABLE="$$(native_capnp_prefixbin)/capnpc-c++"

depends/packages/native_capnp.mk

@@ -1,9 +1,9 @@
 package=native_capnp
-$(package)_version=1.1.0
+$(package)_version=1.2.0
 $(package)_download_path=https://capnproto.org/
 $(package)_download_file=capnproto-c++-$($(package)_version).tar.gz
 $(package)_file_name=capnproto-cxx-$($(package)_version).tar.gz
-$(package)_sha256_hash=07167580e563f5e821e3b2af1c238c16ec7181612650c5901330fa9a0da50939
+$(package)_sha256_hash=ed00e44ecbbda5186bc78a41ba64a8dc4a861b5f8d4e822959b0144ae6fd42ef
 
 define $(package)_set_vars
   $(package)_config_opts := -DBUILD_TESTING=OFF

depends/packages/native_libmultiprocess.mk

@@ -1,8 +1,8 @@
 package=native_libmultiprocess
-$(package)_version=1954f7f65661d49e700c344eae0fc8092decf975
+$(package)_version=v5.0
 $(package)_download_path=https://github.com/bitcoin-core/libmultiprocess/archive
 $(package)_file_name=$($(package)_version).tar.gz
-$(package)_sha256_hash=fc014bd74727c1d5d30b396813685012c965d079244dd07b53bc1c75c610a2cb
+$(package)_sha256_hash=401984715b271a3446e1910f21adf048ba390d31cc93cc3073742e70d56fa3ea
 $(package)_dependencies=native_capnp
 
 define $(package)_config_cmds

depends/packages/qt.mk

@@ -1,6 +1,6 @@
 package=qt
 $(package)_version=5.15.16
-$(package)_download_path=https://download.qt.io/official_releases/qt/5.15/$($(package)_version)/submodules
+$(package)_download_path=https://download.qt.io/archive/qt/5.15/$($(package)_version)/submodules
 $(package)_suffix=everywhere-opensource-src-$($(package)_version).tar.xz
 $(package)_file_name=qtbase-$($(package)_suffix)
 $(package)_sha256_hash=b04815058c18058b6ba837206756a2c87d1391f07a0dcb0dd314f970fd041592

depends/packages/xproto.mk

@@ -21,6 +21,8 @@ define $(package)_build_cmds
   $(MAKE)
 endef
 
+# mkdir detection is broken on Alpine. Set MKDIRPROG to ensure we always
+# use "mkdir -p", and avoid parallelism issues during install.
 define $(package)_stage_cmds
-  $(MAKE) DESTDIR=$($(package)_staging_dir) install
+  $(MAKE) MKDIRPROG="mkdir -p" DESTDIR=$($(package)_staging_dir) install
 endef

depends/patches/freetype/cmake_minimum.patch

@@ -0,0 +1,13 @@
+build: set minimum required CMake to 3.12
+
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -97,7 +97,7 @@
+ # FreeType explicitly marks the API to be exported and relies on the compiler
+ # to hide all other symbols. CMake supports a C_VISBILITY_PRESET property
+ # starting with 2.8.12.
+-cmake_minimum_required(VERSION 2.8.12)
++cmake_minimum_required(VERSION 3.12)
+
+ if (NOT CMAKE_VERSION VERSION_LESS 3.3)
+   # Allow symbol visibility settings also on static libraries. CMake < 3.3

depends/patches/libevent/winver_fixup.patch

@@ -0,0 +1,122 @@
+Cherry-picked from a14ff91254f40cf36e0fee199e26fb11260fab49.
+
+move _WIN32_WINNT defintions before first #include
+
+_WIN32_WINNT and WIN32_LEAN_AND_MEAN need to be defined
+before the windows.h is included for the first time.
+Avoid the confusion of indirect #include by defining
+before any.
+
+diff --git a/event_iocp.c b/event_iocp.c
+index 6b2a2e15..4955e426 100644
+--- a/event_iocp.c
++++ b/event_iocp.c
+@@ -23,12 +23,14 @@
+  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  */
+-#include "evconfig-private.h"
+ 
+ #ifndef _WIN32_WINNT
+ /* Minimum required for InitializeCriticalSectionAndSpinCount */
+ #define _WIN32_WINNT 0x0403
+ #endif
++
++#include "evconfig-private.h"
++
+ #include <winsock2.h>
+ #include <windows.h>
+ #include <process.h>
+diff --git a/evthread_win32.c b/evthread_win32.c
+index 2ec80560..8647f72b 100644
+--- a/evthread_win32.c
++++ b/evthread_win32.c
+@@ -23,18 +23,21 @@
+  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  */
+-#include "event2/event-config.h"
+-#include "evconfig-private.h"
+ 
+ #ifdef _WIN32
+ #ifndef _WIN32_WINNT
+ /* Minimum required for InitializeCriticalSectionAndSpinCount */
+ #define _WIN32_WINNT 0x0403
+ #endif
+-#include <winsock2.h>
+ #define WIN32_LEAN_AND_MEAN
++#endif
++
++#include "event2/event-config.h"
++#include "evconfig-private.h"
++
++#ifdef _WIN32
++#include <winsock2.h>
+ #include <windows.h>
+-#undef WIN32_LEAN_AND_MEAN
+ #include <sys/locking.h>
+ #endif
+ 
+diff --git a/evutil.c b/evutil.c
+index 9817f086..8537ffe8 100644
+--- a/evutil.c
++++ b/evutil.c
+@@ -24,6 +24,14 @@
+  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  */
+ 
++#ifdef _WIN32
++#ifndef _WIN32_WINNT
++/* For structs needed by GetAdaptersAddresses */
++#define _WIN32_WINNT 0x0501
++#endif
++#define WIN32_LEAN_AND_MEAN
++#endif
++
+ #include "event2/event-config.h"
+ #include "evconfig-private.h"
+ 
+@@ -31,15 +39,10 @@
+ #include <winsock2.h>
+ #include <winerror.h>
+ #include <ws2tcpip.h>
+-#define WIN32_LEAN_AND_MEAN
+ #include <windows.h>
+-#undef WIN32_LEAN_AND_MEAN
+ #include <io.h>
+ #include <tchar.h>
+ #include <process.h>
+-#undef _WIN32_WINNT
+-/* For structs needed by GetAdaptersAddresses */
+-#define _WIN32_WINNT 0x0501
+ #include <iphlpapi.h>
+ #include <netioapi.h>
+ #endif
+diff --git a/listener.c b/listener.c
+index f5c00c9c..d1080e76 100644
+--- a/listener.c
++++ b/listener.c
+@@ -24,16 +24,19 @@
+  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  */
+ 
++#ifdef _WIN32
++#ifndef _WIN32_WINNT
++/* Minimum required for InitializeCriticalSectionAndSpinCount */
++#define _WIN32_WINNT 0x0403
++#endif
++#endif
++
+ #include "event2/event-config.h"
+ #include "evconfig-private.h"
+ 
+ #include <sys/types.h>
+ 
+ #ifdef _WIN32
+-#ifndef _WIN32_WINNT
+-/* Minimum required for InitializeCriticalSectionAndSpinCount */
+-#define _WIN32_WINNT 0x0403
+-#endif
+ #include <winsock2.h>
+ #include <winerror.h>
+ #include <ws2tcpip.h>

depends/toolchain.cmake.in

@@ -13,6 +13,10 @@ if(@depends_crosscompiling@)
   set(CMAKE_SYSTEM_NAME @host_system_name@)
   set(CMAKE_SYSTEM_VERSION @host_system_version@)
   set(CMAKE_SYSTEM_PROCESSOR @host_arch@)
+
+  set(CMAKE_C_COMPILER_TARGET @host@)
+  set(CMAKE_CXX_COMPILER_TARGET @host@)
+  set(CMAKE_OBJCXX_COMPILER_TARGET @host@)
 endif()
 
 if(NOT DEFINED CMAKE_C_FLAGS_INIT)
@@ -88,6 +92,22 @@ set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY)
 set(CMAKE_FIND_ROOT_PATH_MODE_PACKAGE ONLY)
 set(QT_TRANSLATIONS_DIR "${CMAKE_CURRENT_LIST_DIR}/translations")
 
+# The following is only necessary when using cmake from Nix or NixOS, because
+# Nix patches cmake to remove the root directory `/` from
+# CMAKE_SYSTEM_PREFIX_PATH. Adding it back is harmless on other platforms and
+# necessary on Nix because without it cmake find_path, find_package, etc
+# functions do not know where to look in CMAKE_FIND_ROOT_PATH for dependencies
+# (https://github.com/bitcoin/bitcoin/issues/32428).
+#
+# TODO: longer term, it may be possible to use a dependency provider, which
+# would bring the find_package calls completely under our control, making this
+# patch unnecessary.
+#
+# Make sure we only append once, as this file may be called repeatedly.
+if(NOT "/" IN_LIST CMAKE_PREFIX_PATH)
+  list(APPEND CMAKE_PREFIX_PATH "/")
+endif()
+
 if(CMAKE_SYSTEM_NAME STREQUAL "Darwin" AND NOT CMAKE_HOST_APPLE)
   # The find_package(Qt ...) function internally uses find_library()
   # calls for all dependencies to ensure their availability.

doc/bips.md

@@ -58,7 +58,8 @@ BIPs that are implemented by Bitcoin Core:
   Validation rules for Taproot (including Schnorr signatures and Tapscript
   leaves) are implemented as of **v0.21.0** ([PR 19953](https://github.com/bitcoin/bitcoin/pull/19953)),
   with mainnet activation as of **v0.21.1** ([PR 21377](https://github.com/bitcoin/bitcoin/pull/21377),
-  [PR 21686](https://github.com/bitcoin/bitcoin/pull/21686)).
+  [PR 21686](https://github.com/bitcoin/bitcoin/pull/21686)),
+  always active as of **v24.0** ([PR 23536](https://github.com/bitcoin/bitcoin/pull/23536)).
 * [`BIP 350`](https://github.com/bitcoin/bips/blob/master/bip-0350.mediawiki): Addresses for native v1+ segregated Witness outputs use Bech32m instead of Bech32 as of **v22.0** ([PR 20861](https://github.com/bitcoin/bitcoin/pull/20861)).
 * [`BIP 371`](https://github.com/bitcoin/bips/blob/master/bip-0371.mediawiki): Taproot fields for PSBT as of **v24.0** ([PR 22558](https://github.com/bitcoin/bitcoin/pull/22558)).
 * [`BIP 379`](https://github.com/bitcoin/bips/blob/master/bip-0379.md): Miniscript was partially implemented in **v24.0** ([PR 24148](https://github.com/bitcoin/bitcoin/pull/24148)), and fully implemented as of **v26.0** ([PR 27255](https://github.com/bitcoin/bitcoin/pull/27255)).

doc/build-freebsd.md

@@ -129,6 +129,6 @@ cmake -B build -DENABLE_WALLET=OFF
 ### 2. Compile
 
 ```bash
-cmake --build build     # Use "-j N" for N parallel jobs.
-ctest --test-dir build  # Use "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
+cmake --build build     # Append "-j N" for N parallel jobs.
+ctest --test-dir build  # Append "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
 ```

doc/build-netbsd.md

@@ -118,6 +118,6 @@ Run `cmake -B build -LH` to see the full list of available options.
 Build and run the tests:
 
 ```bash
-cmake --build build     # Use "-j N" for N parallel jobs.
-ctest --test-dir build  # Use "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
+cmake --build build     # Append "-j N" for N parallel jobs.
+ctest --test-dir build  # Append "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
 ```

doc/build-openbsd.md

@@ -118,8 +118,8 @@ cmake -B build -DBerkeleyDB_INCLUDE_DIR:PATH="${BDB_PREFIX}/include" -DWITH_BDB=
 ### 2. Compile
 
 ```bash
-cmake --build build     # Use "-j N" for N parallel jobs.
-ctest --test-dir build  # Use "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
+cmake --build build     # Append "-j N" for N parallel jobs.
+ctest --test-dir build  # Append "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
 ```
 
 ## Resource limits

doc/build-osx.md

@@ -187,8 +187,8 @@ After configuration, you are ready to compile.
 Run the following in your terminal to compile Bitcoin Core:
 
 ``` bash
-cmake --build build     # Use "-j N" here for N parallel jobs.
-ctest --test-dir build  # Use "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
+cmake --build build     # Append "-j N" here for N parallel jobs.
+ctest --test-dir build  # Append "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
 ```
 
 ### 3. Deploy (optional)

doc/build-unix.md

@@ -9,8 +9,12 @@ To Build
 
 ```bash
 cmake -B build
-cmake --build build    # use "-j N" for N parallel jobs
-cmake --install build  # optional
+```
+Run `cmake -B build -LH` to see the full list of available options.
+
+```bash
+cmake --build build    # Append "-j N" for N parallel jobs
+cmake --install build  # Optional
 ```
 
 See below for instructions on how to [install the dependencies on popular Linux
@@ -60,7 +64,7 @@ executables, which are based on BerkeleyDB 4.8. Otherwise, you can build Berkele
 
 To build Bitcoin Core without wallet, see [*Disable-wallet mode*](#disable-wallet-mode)
 
-ZMQ dependencies (provides ZMQ API):
+ZMQ-enabled binaries are compiled with `-DWITH_ZMQ=ON` and require the following dependency:
 
     sudo apt-get install libzmq3-dev
 
@@ -108,7 +112,7 @@ are based on Berkeley DB 4.8. Otherwise, you can build Berkeley DB [yourself](#b
 
 To build Bitcoin Core without wallet, see [*Disable-wallet mode*](#disable-wallet-mode)
 
-ZMQ dependencies (provides ZMQ API):
+ZMQ-enabled binaries are compiled with `-DWITH_ZMQ=ON` and require the following dependency:
 
     sudo dnf install zeromq-devel
 
@@ -171,13 +175,6 @@ In this case there is no dependency on SQLite or Berkeley DB.
 
 Mining is also possible in disable-wallet mode using the `getblocktemplate` RPC call.
 
-Additional Configure Flags
---------------------------
-A list of additional configure flags can be displayed with:
-
-    cmake -B build -LH
-
-
 Setup and Build Example: Arch Linux
 -----------------------------------
 This example lists the steps necessary to setup and build a command line only distribution of the latest changes on Arch Linux:

doc/build-windows-msvc.md

@@ -54,33 +54,43 @@ In the following instructions, the "Debug" configuration can be specified instea
 
 ```
 cmake -B build --preset vs2022-static          # It might take a while if the vcpkg binary cache is unpopulated or invalidated.
-cmake --build build --config Release           # Use "-j N" for N parallel jobs.
-ctest --test-dir build --build-config Release  # Use "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
+cmake --build build --config Release           # Append "-j N" for N parallel jobs.
+ctest --test-dir build --build-config Release  # Append "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
 cmake --install build --config Release         # Optional.
 ```
 
-If building with `BUILD_GUI=ON`, vcpkg installation during the build
-configuration step might fail because of extremely long paths required during
-vcpkg installation if your vcpkg instance is installed in the default Visual
-Studio directory. This can be avoided without modifying your vcpkg root
-directory by changing vcpkg's intermediate build directory with the
-`--x-buildtrees-root` argument to something shorter, for example:
-
-```powershell
-cmake -B build --preset vs2022-static -DVCPKG_INSTALL_OPTIONS="--x-buildtrees-root=C:\vcpkg"
-```
-
 ### 5. Building with Dynamic Linking without GUI
 
 ```
 cmake -B build --preset vs2022 -DBUILD_GUI=OFF # It might take a while if the vcpkg binary cache is unpopulated or invalidated.
-cmake --build build --config Release           # Use "-j N" for N parallel jobs.
-ctest --test-dir build --build-config Release  # Use "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
+cmake --build build --config Release           # Append "-j N" for N parallel jobs.
+ctest --test-dir build --build-config Release  # Append "-j N" for N parallel tests. Some tests are disabled if Python 3 is not available.
+```
+
+### 6. vcpkg-specific Issues and Workarounds
+
+vcpkg installation during the configuration step might fail for various reasons unrelated to Bitcoin Core.
+
+If the failure is due to a "Buildtrees path … is too long" error, which is often encountered when building
+with `BUILD_GUI=ON` and using the default vcpkg installation provided by Visual Studio, you can
+specify a shorter path to store intermediate build files by using
+the [`--x-buildtrees-root`](https://learn.microsoft.com/en-us/vcpkg/commands/common-options#buildtrees-root) option:
+
+```powershell
+cmake -B build --preset vs2022-static -DVCPKG_INSTALL_OPTIONS="--x-buildtrees-root=C:\vcpkg"
+```
+
+If vcpkg installation fails with the message "Paths with embedded space may be handled incorrectly", which
+can occur if your local Bitcoin Core repository path contains spaces, you can override the vcpkg install directory
+by setting the [`VCPKG_INSTALLED_DIR`](https://github.com/microsoft/vcpkg-docs/blob/main/vcpkg/users/buildsystems/cmake-integration.md#vcpkg_installed_dir) variable:
+
+```powershell
+cmake -B build --preset vs2022-static -DVCPKG_INSTALLED_DIR="C:\path_without_spaces"
 ```
 
 ## Performance Notes
 
-### 6. vcpkg Manifest Default Features
+### 7. vcpkg Manifest Default Features
 
 One can skip vcpkg manifest default features to speedup the configuration step.
 For example, the following invocation will skip all features except for "wallet" and "tests" and their dependencies:
@@ -90,6 +100,6 @@ cmake -B build --preset vs2022 -DVCPKG_MANIFEST_NO_DEFAULT_FEATURES=ON -DVCPKG_M
 
 Available features are listed in the [`vcpkg.json`](/vcpkg.json) file.
 
-### 7. Antivirus Software
+### 8. Antivirus Software
 
 To improve the build process performance, one might add the Bitcoin repository directory to the Microsoft Defender Antivirus exclusions.

doc/build-windows.md

@@ -47,9 +47,9 @@ This means you cannot use a directory that is located directly on the host Windo
 
 Build using:
 
-    gmake -C depends HOST=x86_64-w64-mingw32  # Use "-j N" for N parallel jobs.
+    gmake -C depends HOST=x86_64-w64-mingw32  # Append "-j N" for N parallel jobs.
     cmake -B build --toolchain depends/x86_64-w64-mingw32/toolchain.cmake
-    cmake --build build     # Use "-j N" for N parallel jobs.
+    cmake --build build     # Append "-j N" for N parallel jobs.
 
 ## Depends system
 

doc/dependencies.md

@@ -30,9 +30,13 @@ Bitcoin Core requires one of the following compilers.
 | [Fontconfig](../depends/packages/fontconfig.mk) (gui) | [link](https://www.freedesktop.org/wiki/Software/fontconfig/) | [2.12.6](https://github.com/bitcoin/bitcoin/pull/23495) | 2.6 | Yes |
 | [FreeType](../depends/packages/freetype.mk) (gui) | [link](https://freetype.org) | [2.11.0](https://github.com/bitcoin/bitcoin/commit/01544dd78ccc0b0474571da854e27adef97137fb) | 2.3.0 | Yes |
 | [qrencode](../depends/packages/qrencode.mk) (gui) | [link](https://fukuchi.org/works/qrencode/) | [4.1.1](https://github.com/bitcoin/bitcoin/pull/27312) | N/A | No |
-| [Qt](../depends/packages/qt.mk) (gui) | [link](https://download.qt.io/official_releases/qt/) | [5.15.16](https://github.com/bitcoin/bitcoin/pull/30774) | [5.11.3](https://github.com/bitcoin/bitcoin/pull/24132) | No |
+| [Qt](../depends/packages/qt.mk) (gui) | [link](https://download.qt.io/archive/qt/) | [5.15.16](https://github.com/bitcoin/bitcoin/pull/30774) | [5.11.3](https://github.com/bitcoin/bitcoin/pull/24132) | No |
 | [ZeroMQ](../depends/packages/zeromq.mk) (notifications) | [link](https://github.com/zeromq/libzmq/releases) | [4.3.4](https://github.com/bitcoin/bitcoin/pull/23956) | 4.0.0 | No |
 | [Berkeley DB](../depends/packages/bdb.mk) (legacy wallet) | [link](https://www.oracle.com/technetwork/database/database-technologies/berkeleydb/downloads/index.html) | 4.8.30 | 4.8.x | No |
 | [SQLite](../depends/packages/sqlite.mk) (wallet) | [link](https://sqlite.org) | [3.38.5](https://github.com/bitcoin/bitcoin/pull/25378) | [3.7.17](https://github.com/bitcoin/bitcoin/pull/19077) | No |
 | Python (scripts, tests) | [link](https://www.python.org) | N/A | [3.10](https://github.com/bitcoin/bitcoin/pull/30527) | No |
 | [systemtap](../depends/packages/systemtap.mk) ([tracing](tracing.md)) | [link](https://sourceware.org/systemtap/) | [4.8](https://github.com/bitcoin/bitcoin/pull/26945)| N/A | No |
+| [capnproto](../depends/packages/capnp.mk) ([multiprocess](multiprocess.md)) | [link](https://capnproto.org/) | [1.2.0](https://github.com/bitcoin/bitcoin/pull/32760)| [0.7.0](https://github.com/bitcoin-core/libmultiprocess/pull/88) | No |
+| [libmultiprocess](../depends/packages/libmultiprocess.mk) ([multiprocess](multiprocess.md)) | [link](https://github.com/bitcoin-core/libmultiprocess) | [5.0](https://github.com/bitcoin/bitcoin/pull/31945)| [v5.0-pre1](https://github.com/bitcoin/bitcoin/pull/31740)* | No |
+
+\* Libmultiprocess 5.x versions should be compatible, but 6.0 and later are not due to bitcoin-core/libmultiprocess#160.

doc/fuzzing.md

@@ -19,7 +19,7 @@ One can use `--preset=libfuzzer-nosan` to do the same without common sanitizers
 See [further](#run-without-sanitizers-for-increased-throughput) for more information.
 
 There is also a runner script to execute all fuzz targets. Refer to
-`./test/fuzz/test_runner.py --help` for more details.
+`./build_fuzz/test/fuzz/test_runner.py --help` for more details.
 
 ## Overview of Bitcoin Core fuzzing
 

doc/man/bitcoin-cli.1

@@ -1,5 +1,201 @@
-.TH BITCOIN-CLI "1"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
+.TH BITCOIN-CLI "1" "January 2026" "bitcoin-cli v29.3.0rc1" "User Commands"
 .SH NAME
-bitcoin-cli \- manual page for bitcoin-cli
+bitcoin-cli \- manual page for bitcoin-cli v29.3.0rc1
+.SH SYNOPSIS
+.B bitcoin-cli
+[\fI\,options\/\fR] \fI\,<command> \/\fR[\fI\,params\/\fR]
+.br
+.B bitcoin-cli
+[\fI\,options\/\fR] \fI\,-named <command> \/\fR[\fI\,name=value\/\fR]...
+.br
+.B bitcoin-cli
+[\fI\,options\/\fR] \fI\,help\/\fR
+.br
+.B bitcoin-cli
+[\fI\,options\/\fR] \fI\,help <command>\/\fR
+.SH DESCRIPTION
+Bitcoin Core RPC client version v29.3.0rc1
+.PP
+The bitcoin\-cli utility provides a command line interface to interact with a Bitcoin Core RPC server.
+.PP
+It can be used to query network information, manage wallets, create or broadcast transactions, and control the Bitcoin Core server.
+.PP
+Use the "help" command to list all commands. Use "help <command>" to show help for that command.
+The \fB\-named\fR option allows you to specify parameters using the key=value format, eliminating the need to pass unused positional parameters.
+.SH OPTIONS
+.HP
+\fB\-color=\fR<when>
+.IP
+Color setting for CLI output (default: auto). Valid values: always, auto
+(add color codes when standard output is connected to a terminal
+and OS is not WIN32), never. Only applies to the output of
+\fB\-getinfo\fR.
+.HP
+\fB\-conf=\fR<file>
+.IP
+Specify configuration file. Relative paths will be prefixed by datadir
+location. (default: bitcoin.conf)
+.HP
+\fB\-datadir=\fR<dir>
+.IP
+Specify data directory
+.HP
+\fB\-help\fR
+.IP
+Print this help message and exit (also \fB\-h\fR or \-?)
+.HP
+\fB\-named\fR
+.IP
+Pass named instead of positional arguments (default: false)
+.HP
+\fB\-rpcclienttimeout=\fR<n>
+.IP
+Timeout in seconds during HTTP requests, or 0 for no timeout. (default:
+900)
+.HP
+\fB\-rpcconnect=\fR<ip>
+.IP
+Send commands to node running on <ip> (default: 127.0.0.1)
+.HP
+\fB\-rpccookiefile=\fR<loc>
+.IP
+Location of the auth cookie. Relative paths will be prefixed by a
+net\-specific datadir location. (default: data dir)
+.HP
+\fB\-rpcpassword=\fR<pw>
+.IP
+Password for JSON\-RPC connections
+.HP
+\fB\-rpcport=\fR<port>
+.IP
+Connect to JSON\-RPC on <port> (default: 8332, testnet: 18332, testnet4:
+48332, signet: 38332, regtest: 18443)
+.HP
+\fB\-rpcuser=\fR<user>
+.IP
+Username for JSON\-RPC connections
+.HP
+\fB\-rpcwait\fR
+.IP
+Wait for RPC server to start
+.HP
+\fB\-rpcwaittimeout=\fR<n>
+.IP
+Timeout in seconds to wait for the RPC server to start, or 0 for no
+timeout. (default: 0)
+.HP
+\fB\-rpcwallet=\fR<walletname>
+.IP
+Send RPC for non\-default wallet on RPC server (needs to exactly match
+corresponding \fB\-wallet\fR option passed to bitcoind). This changes
+the RPC endpoint used, e.g.
+http://127.0.0.1:8332/wallet/<walletname>
+.HP
+\fB\-stdin\fR
+.IP
+Read extra arguments from standard input, one per line until EOF/Ctrl\-D
+(recommended for sensitive information such as passphrases). When
+combined with \fB\-stdinrpcpass\fR, the first line from standard input
+is used for the RPC password.
+.HP
+\fB\-stdinrpcpass\fR
+.IP
+Read RPC password from standard input as a single line. When combined
+with \fB\-stdin\fR, the first line from standard input is used for the
+RPC password. When combined with \fB\-stdinwalletpassphrase\fR,
+\fB\-stdinrpcpass\fR consumes the first line, and \fB\-stdinwalletpassphrase\fR
+consumes the second.
+.HP
+\fB\-stdinwalletpassphrase\fR
+.IP
+Read wallet passphrase from standard input as a single line. When
+combined with \fB\-stdin\fR, the first line from standard input is used
+for the wallet passphrase.
+.HP
+\fB\-version\fR
+.IP
+Print version and exit
+.PP
+Debugging/Testing options:
+.PP
+Chain selection options:
+.HP
+\fB\-chain=\fR<chain>
+.IP
+Use the chain <chain> (default: main). Allowed values: main, test,
+testnet4, signet, regtest
+.HP
+\fB\-signet\fR
+.IP
+Use the signet chain. Equivalent to \fB\-chain\fR=\fI\,signet\/\fR. Note that the network
+is defined by the \fB\-signetchallenge\fR parameter
+.HP
+\fB\-signetchallenge\fR
+.IP
+Blocks must satisfy the given script to be considered valid (only for
+signet networks; defaults to the global default signet test
+network challenge)
+.HP
+\fB\-signetseednode\fR
+.IP
+Specify a seed node for the signet network, in the hostname[:port]
+format, e.g. sig.net:1234 (may be used multiple times to specify
+multiple seed nodes; defaults to the global default signet test
+network seed node(s))
+.HP
+\fB\-testnet\fR
+.IP
+Use the testnet3 chain. Equivalent to \fB\-chain\fR=\fI\,test\/\fR. Support for testnet3
+is deprecated and will be removed in an upcoming release.
+Consider moving to testnet4 now by using \fB\-testnet4\fR.
+.HP
+\fB\-testnet4\fR
+.IP
+Use the testnet4 chain. Equivalent to \fB\-chain\fR=\fI\,testnet4\/\fR.
+.PP
+CLI Commands:
+.HP
+\fB\-addrinfo\fR
+.IP
+Get the number of addresses known to the node, per network and total,
+after filtering for quality and recency. The total number of
+addresses known to the node may be higher.
+.HP
+\fB\-generate\fR
+.IP
+Generate blocks, equivalent to RPC getnewaddress followed by RPC
+generatetoaddress. Optional positional integer arguments are
+number of blocks to generate (default: 1) and maximum iterations
+to try (default: 1000000), equivalent to RPC generatetoaddress
+nblocks and maxtries arguments. Example: bitcoin\-cli \fB\-generate\fR 4
+1000
+.HP
+\fB\-getinfo\fR
+.IP
+Get general information from the remote server. Note that unlike
+server\-side RPC calls, the output of \fB\-getinfo\fR is the result of
+multiple non\-atomic requests. Some entries in the output may
+represent results from different states (e.g. wallet balance may
+be as of a different block from the chain state reported)
+.HP
+\fB\-netinfo\fR
+.IP
+Get network peer connection information from the remote server. An
+optional argument from 0 to 4 can be passed for different peers
+listings (default: 0). If a non\-zero value is passed, an
+additional "outonly" (or "o") argument can be passed to see
+outbound peers only. Pass "help" (or "h") for detailed help
+documentation.
+.SH COPYRIGHT
+Copyright (C) 2009-2025 The Bitcoin Core developers
 
-This is a placeholder file. Please follow the instructions in \fIcontrib/devtools/README.md\fR to generate the manual pages after a release.
+Please contribute if you find Bitcoin Core useful. Visit
+<https://bitcoincore.org/> for further information about the software.
+The source code is available from <https://github.com/bitcoin/bitcoin>.
+
+This is experimental software.
+Distributed under the MIT software license, see the accompanying file COPYING
+or <https://opensource.org/licenses/MIT>
+.SH "SEE ALSO"
+bitcoind(1), bitcoin-cli(1), bitcoin-tx(1), bitcoin-wallet(1), bitcoin-util(1), bitcoin-qt(1)

doc/man/bitcoin-qt.1

@@ -1,5 +1,852 @@
-.TH BITCOIN-QT "1"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
+.TH BITCOIN-QT "1" "January 2026" "bitcoin-qt v29.3.0rc1" "User Commands"
 .SH NAME
-bitcoin-qt \- manual page for bitcoin-qt
+bitcoin-qt \- manual page for bitcoin-qt v29.3.0rc1
+.SH SYNOPSIS
+.B bitcoin-qt
+[\fI\,options\/\fR] [\fI\,URI\/\fR]
+.SH DESCRIPTION
+Bitcoin Core version v29.3.0rc1
+.PP
+The bitcoin\-qt application provides a graphical interface for interacting with Bitcoin Core.
+.PP
+It combines the core functionalities of bitcoind with a user\-friendly interface for wallet management, transaction history, and network statistics.
+.PP
+It is suitable for users who prefer a graphical over a command\-line interface.
+.PP
+You can optionally specify a payment [URI], in e.g. the BIP21 URI format.
+.SH OPTIONS
+.HP
+\fB\-alertnotify=\fR<cmd>
+.IP
+Execute command when an alert is raised (%s in cmd is replaced by
+message)
+.HP
+\fB\-allowignoredconf\fR
+.IP
+For backwards compatibility, treat an unused bitcoin.conf file in the
+datadir as a warning, not an error.
+.HP
+\fB\-assumevalid=\fR<hex>
+.IP
+If this block is in the chain assume that it and its ancestors are valid
+and potentially skip their script verification (0 to verify all,
+default:
+00000000000000000001b658dd1120e82e66d2790811f89ede9742ada3ed6d77,
+testnet3:
+00000000000003fc7967410ba2d0a8a8d50daedc318d43e8baf1a9782c236a57,
+testnet4:
+0000000000003ed4f08dbdf6f7d6b271a6bcffce25675cb40aa9fa43179a89f3,
+signet:
+000000895a110f46e59eb82bbc5bfb67fa314656009c295509c21b4999f5180a)
+.HP
+\fB\-blockfilterindex=\fR<type>
+.IP
+Maintain an index of compact filters by block (default: 0, values:
+basic). If <type> is not supplied or if <type> = 1, indexes for
+all known types are enabled.
+.HP
+\fB\-blocknotify=\fR<cmd>
+.IP
+Execute command when the best block changes (%s in cmd is replaced by
+block hash)
+.HP
+\fB\-blockreconstructionextratxn=\fR<n>
+.IP
+Extra transactions to keep in memory for compact block reconstructions
+(default: 100)
+.HP
+\fB\-blocksdir=\fR<dir>
+.IP
+Specify directory to hold blocks subdirectory for *.dat files (default:
+<datadir>)
+.HP
+\fB\-blocksonly\fR
+.IP
+Whether to reject transactions from network peers. Disables automatic
+broadcast and rebroadcast of transactions, unless the source peer
+has the 'forcerelay' permission. RPC transactions are not
+affected. (default: 0)
+.HP
+\fB\-blocksxor\fR
+.IP
+Whether an XOR\-key applies to blocksdir *.dat files. The created XOR\-key
+will be zeros for an existing blocksdir or when `\-blocksxor=0` is
+set, and random for a freshly initialized blocksdir. (default: 1)
+.HP
+\fB\-coinstatsindex\fR
+.IP
+Maintain coinstats index used by the gettxoutsetinfo RPC (default: 0)
+.HP
+\fB\-conf=\fR<file>
+.IP
+Specify path to read\-only configuration file. Relative paths will be
+prefixed by datadir location (only useable from command line, not
+configuration file) (default: bitcoin.conf)
+.HP
+\fB\-daemon\fR
+.IP
+Run in the background as a daemon and accept commands (default: 0)
+.HP
+\fB\-daemonwait\fR
+.IP
+Wait for initialization to be finished before exiting. This implies
+\fB\-daemon\fR (default: 0)
+.HP
+\fB\-datadir=\fR<dir>
+.IP
+Specify data directory
+.HP
+\fB\-dbcache=\fR<n>
+.IP
+Maximum database cache size <n> MiB (minimum 4, default: 450). Make sure
+you have enough RAM. In addition, unused memory allocated to the
+mempool is shared with this cache (see \fB\-maxmempool\fR).
+.HP
+\fB\-debuglogfile=\fR<file>
+.IP
+Specify location of debug log file (default: debug.log). Relative paths
+will be prefixed by a net\-specific datadir location. Pass
+\fB\-nodebuglogfile\fR to disable writing the log to a file.
+.HP
+\fB\-help\fR
+.IP
+Print this help message and exit (also \fB\-h\fR or \-?)
+.HP
+\fB\-includeconf=\fR<file>
+.IP
+Specify additional configuration file, relative to the \fB\-datadir\fR path
+(only useable from configuration file, not command line)
+.HP
+\fB\-loadblock=\fR<file>
+.IP
+Imports blocks from external file on startup
+.HP
+\fB\-maxmempool=\fR<n>
+.IP
+Keep the transaction memory pool below <n> megabytes (default: 300)
+.HP
+\fB\-maxorphantx=\fR<n>
+.IP
+Keep at most <n> unconnectable transactions in memory (default: 100)
+.HP
+\fB\-mempoolexpiry=\fR<n>
+.IP
+Do not keep transactions in the mempool longer than <n> hours (default:
+336)
+.HP
+\fB\-par=\fR<n>
+.IP
+Set the number of script verification threads (0 = auto, up to 15, <0 =
+leave that many cores free, default: 0)
+.HP
+\fB\-persistmempool\fR
+.IP
+Whether to save the mempool on shutdown and load on restart (default: 1)
+.HP
+\fB\-persistmempoolv1\fR
+.IP
+Whether a mempool.dat file created by \fB\-persistmempool\fR or the savemempool
+RPC will be written in the legacy format (version 1) or the
+current format (version 2). This temporary option will be removed
+in the future. (default: 0)
+.HP
+\fB\-pid=\fR<file>
+.IP
+Specify pid file. Relative paths will be prefixed by a net\-specific
+datadir location. (default: bitcoind.pid)
+.HP
+\fB\-prune=\fR<n>
+.IP
+Reduce storage requirements by enabling pruning (deleting) of old
+blocks. This allows the pruneblockchain RPC to be called to
+delete specific blocks and enables automatic pruning of old
+blocks if a target size in MiB is provided. This mode is
+incompatible with \fB\-txindex\fR. Warning: Reverting this setting
+requires re\-downloading the entire blockchain. (default: 0 =
+disable pruning blocks, 1 = allow manual pruning via RPC, >=550 =
+automatically prune block files to stay under the specified
+target size in MiB)
+.HP
+\fB\-reindex\fR
+.IP
+If enabled, wipe chain state and block index, and rebuild them from
+blk*.dat files on disk. Also wipe and rebuild other optional
+indexes that are active. If an assumeutxo snapshot was loaded,
+its chainstate will be wiped as well. The snapshot can then be
+reloaded via RPC.
+.HP
+\fB\-reindex\-chainstate\fR
+.IP
+If enabled, wipe chain state, and rebuild it from blk*.dat files on
+disk. If an assumeutxo snapshot was loaded, its chainstate will
+be wiped as well. The snapshot can then be reloaded via RPC.
+.HP
+\fB\-settings=\fR<file>
+.IP
+Specify path to dynamic settings data file. Can be disabled with
+\fB\-nosettings\fR. File is written at runtime and not meant to be
+edited by users (use bitcoin.conf instead for custom settings).
+Relative paths will be prefixed by datadir location. (default:
+settings.json)
+.HP
+\fB\-shutdownnotify=\fR<cmd>
+.IP
+Execute command immediately before beginning shutdown. The need for
+shutdown may be urgent, so be careful not to delay it long (if
+the command doesn't require interaction with the server, consider
+having it fork into the background).
+.HP
+\fB\-startupnotify=\fR<cmd>
+.IP
+Execute command on startup.
+.HP
+\fB\-txindex\fR
+.IP
+Maintain a full transaction index, used by the getrawtransaction rpc
+call (default: 0)
+.HP
+\fB\-version\fR
+.IP
+Print version and exit
+.PP
+Connection options:
+.HP
+\fB\-addnode=\fR<ip>
+.IP
+Add a node to connect to and attempt to keep the connection open (see
+the addnode RPC help for more info). This option can be specified
+multiple times to add multiple nodes; connections are limited to
+8 at a time and are counted separately from the \fB\-maxconnections\fR
+limit.
+.HP
+\fB\-asmap=\fR<file>
+.IP
+Specify asn mapping used for bucketing of the peers (default:
+ip_asn.map). Relative paths will be prefixed by the net\-specific
+datadir location.
+.HP
+\fB\-bantime=\fR<n>
+.IP
+Default duration (in seconds) of manually configured bans (default:
+86400)
+.HP
+\fB\-bind=\fR<addr>[:<port>][=onion]
+.IP
+Bind to given address and always listen on it (default: 0.0.0.0). Use
+[host]:port notation for IPv6. Append =onion to tag any incoming
+connections to that address and port as incoming Tor connections
+(default: 127.0.0.1:8334=onion, testnet3: 127.0.0.1:18334=onion,
+testnet4: 127.0.0.1:48334=onion, signet: 127.0.0.1:38334=onion,
+regtest: 127.0.0.1:18445=onion)
+.HP
+\fB\-cjdnsreachable\fR
+.IP
+If set, then this host is configured for CJDNS (connecting to fc00::/8
+addresses would lead us to the CJDNS network, see doc/cjdns.md)
+(default: 0)
+.HP
+\fB\-connect=\fR<ip>
+.IP
+Connect only to the specified node; \fB\-noconnect\fR disables automatic
+connections (the rules for this peer are the same as for
+\fB\-addnode\fR). This option can be specified multiple times to connect
+to multiple nodes.
+.HP
+\fB\-discover\fR
+.IP
+Discover own IP addresses (default: 1 when listening and no \fB\-externalip\fR
+or \fB\-proxy\fR)
+.HP
+\fB\-dns\fR
+.IP
+Allow DNS lookups for \fB\-addnode\fR, \fB\-seednode\fR and \fB\-connect\fR (default: 1)
+.HP
+\fB\-dnsseed\fR
+.IP
+Query for peer addresses via DNS lookup, if low on addresses (default: 1
+unless \fB\-connect\fR used or \fB\-maxconnections\fR=\fI\,0\/\fR)
+.HP
+\fB\-externalip=\fR<ip>
+.IP
+Specify your own public address
+.HP
+\fB\-fixedseeds\fR
+.IP
+Allow fixed seeds if DNS seeds don't provide peers (default: 1)
+.HP
+\fB\-forcednsseed\fR
+.IP
+Always query for peer addresses via DNS lookup (default: 0)
+.HP
+\fB\-i2pacceptincoming\fR
+.IP
+Whether to accept inbound I2P connections (default: 1). Ignored if
+\fB\-i2psam\fR is not set. Listening for inbound I2P connections is done
+through the SAM proxy, not by binding to a local address and
+port.
+.HP
+\fB\-i2psam=\fR<ip:port>
+.IP
+I2P SAM proxy to reach I2P peers and accept I2P connections (default:
+none)
+.HP
+\fB\-listen\fR
+.IP
+Accept connections from outside (default: 1 if no \fB\-proxy\fR, \fB\-connect\fR or
+\fB\-maxconnections\fR=\fI\,0\/\fR)
+.HP
+\fB\-listenonion\fR
+.IP
+Automatically create Tor onion service (default: 1)
+.HP
+\fB\-maxconnections=\fR<n>
+.IP
+Maintain at most <n> automatic connections to peers (default: 125). This
+limit does not apply to connections manually added via \fB\-addnode\fR
+or the addnode RPC, which have a separate limit of 8.
+.HP
+\fB\-maxreceivebuffer=\fR<n>
+.IP
+Maximum per\-connection receive buffer, <n>*1000 bytes (default: 5000)
+.HP
+\fB\-maxsendbuffer=\fR<n>
+.IP
+Maximum per\-connection memory usage for the send buffer, <n>*1000 bytes
+(default: 1000)
+.HP
+\fB\-maxuploadtarget=\fR<n>
+.IP
+Tries to keep outbound traffic under the given target per 24h. Limit
+does not apply to peers with 'download' permission or blocks
+created within past week. 0 = no limit (default: 0M). Optional
+suffix units [k|K|m|M|g|G|t|T] (default: M). Lowercase is 1000
+base while uppercase is 1024 base
+.HP
+\fB\-natpmp\fR
+.IP
+Use PCP or NAT\-PMP to map the listening port (default: 0)
+.HP
+\fB\-networkactive\fR
+.IP
+Enable all P2P network activity (default: 1). Can be changed by the
+setnetworkactive RPC command
+.HP
+\fB\-onion=\fR<ip:port|path>
+.IP
+Use separate SOCKS5 proxy to reach peers via Tor onion services, set
+\fB\-noonion\fR to disable (default: \fB\-proxy\fR). May be a local file path
+prefixed with 'unix:'.
+.HP
+\fB\-onlynet=\fR<net>
+.IP
+Make automatic outbound connections only to network <net> (ipv4, ipv6,
+onion, i2p, cjdns). Inbound and manual connections are not
+affected by this option. It can be specified multiple times to
+allow multiple networks.
+.HP
+\fB\-peerblockfilters\fR
+.IP
+Serve compact block filters to peers per BIP 157 (default: 0)
+.HP
+\fB\-peerbloomfilters\fR
+.IP
+Support filtering of blocks and transaction with bloom filters (default:
+0)
+.HP
+\fB\-port=\fR<port>
+.IP
+Listen for connections on <port> (default: 8333, testnet3: 18333,
+testnet4: 48333, signet: 38333, regtest: 18444). Not relevant for
+I2P (see doc/i2p.md). If set to a value x, the default onion
+listening port will be set to x+1.
+.HP
+\fB\-proxy=\fR<ip:port|path>
+.IP
+Connect through SOCKS5 proxy, set \fB\-noproxy\fR to disable (default:
+disabled). May be a local file path prefixed with 'unix:' if the
+proxy supports it.
+.HP
+\fB\-proxyrandomize\fR
+.IP
+Randomize credentials for every proxy connection. This enables Tor
+stream isolation (default: 1)
+.HP
+\fB\-seednode=\fR<ip>
+.IP
+Connect to a node to retrieve peer addresses, and disconnect. This
+option can be specified multiple times to connect to multiple
+nodes. During startup, seednodes will be tried before dnsseeds.
+.HP
+\fB\-timeout=\fR<n>
+.IP
+Specify socket connection timeout in milliseconds. If an initial attempt
+to connect is unsuccessful after this amount of time, drop it
+(minimum: 1, default: 5000)
+.HP
+\fB\-torcontrol=\fR<ip>:<port>
+.IP
+Tor control host and port to use if onion listening enabled (default:
+127.0.0.1:9051). If no port is specified, the default port of
+9051 will be used.
+.HP
+\fB\-torpassword=\fR<pass>
+.IP
+Tor control port password (default: empty)
+.HP
+\fB\-v2transport\fR
+.IP
+Support v2 transport (default: 1)
+.HP
+\fB\-whitebind=\fR<[permissions@]addr>
+.IP
+Bind to the given address and add permission flags to the peers
+connecting to it. Use [host]:port notation for IPv6. Allowed
+permissions: bloomfilter (allow requesting BIP37 filtered blocks
+and transactions), noban (do not ban for misbehavior; implies
+download), forcerelay (relay transactions that are already in the
+mempool; implies relay), relay (relay even in \fB\-blocksonly\fR mode,
+and unlimited transaction announcements), mempool (allow
+requesting BIP35 mempool contents), download (allow getheaders
+during IBD, no disconnect after maxuploadtarget limit), addr
+(responses to GETADDR avoid hitting the cache and contain random
+records with the most up\-to\-date info). Specify multiple
+permissions separated by commas (default:
+download,noban,mempool,relay). Can be specified multiple times.
+.HP
+\fB\-whitelist=\fR<[permissions@]IP address or network>
+.IP
+Add permission flags to the peers using the given IP address (e.g.
+1.2.3.4) or CIDR\-notated network (e.g. 1.2.3.0/24). Uses the same
+permissions as \fB\-whitebind\fR. Additional flags "in" and "out"
+control whether permissions apply to incoming connections and/or
+manual (default: incoming only). Can be specified multiple times.
+.PP
+Wallet options:
+.HP
+\fB\-addresstype\fR
+.IP
+What type of addresses to use ("legacy", "p2sh\-segwit", "bech32", or
+"bech32m", default: "bech32")
+.HP
+\fB\-avoidpartialspends\fR
+.IP
+Group outputs by address, selecting many (possibly all) or none, instead
+of selecting on a per\-output basis. Privacy is improved as
+addresses are mostly swept with fewer transactions and outputs
+are aggregated in clean change addresses. It may result in higher
+fees due to less optimal coin selection caused by this added
+limitation and possibly a larger\-than\-necessary number of inputs
+being used. Always enabled for wallets with "avoid_reuse"
+enabled, otherwise default: 0.
+.HP
+\fB\-changetype\fR
+.IP
+What type of change to use ("legacy", "p2sh\-segwit", "bech32", or
+"bech32m"). Default is "legacy" when \fB\-addresstype\fR=\fI\,legacy\/\fR, else it
+is an implementation detail.
+.HP
+\fB\-consolidatefeerate=\fR<amt>
+.IP
+The maximum feerate (in BTC/kvB) at which transaction building may use
+more inputs than strictly necessary so that the wallet's UTXO
+pool can be reduced (default: 0.0001).
+.HP
+\fB\-disablewallet\fR
+.IP
+Do not load the wallet and disable wallet RPC calls
+.HP
+\fB\-discardfee=\fR<amt>
+.IP
+The fee rate (in BTC/kvB) that indicates your tolerance for discarding
+change by adding it to the fee (default: 0.0001). Note: An output
+is discarded if it is dust at this rate, but we will always
+discard up to the dust relay fee and a discard fee above that is
+limited by the fee estimate for the longest target
+.HP
+\fB\-fallbackfee=\fR<amt>
+.IP
+A fee rate (in BTC/kvB) that will be used when fee estimation has
+insufficient data. 0 to entirely disable the fallbackfee feature.
+(default: 0.00)
+.HP
+\fB\-keypool=\fR<n>
+.IP
+Set key pool size to <n> (default: 1000). Warning: Smaller sizes may
+increase the risk of losing funds when restoring from an old
+backup, if none of the addresses in the original keypool have
+been used.
+.HP
+\fB\-maxapsfee=\fR<n>
+.IP
+Spend up to this amount in additional (absolute) fees (in BTC) if it
+allows the use of partial spend avoidance (default: 0.00)
+.HP
+\fB\-mintxfee=\fR<amt>
+.IP
+Fee rates (in BTC/kvB) smaller than this are considered zero fee for
+transaction creation (default: 0.00001)
+.HP
+\fB\-paytxfee=\fR<amt>
+.IP
+Fee rate (in BTC/kvB) to add to transactions you send (default: 0.00)
+.HP
+\fB\-signer=\fR<cmd>
+.IP
+External signing tool, see doc/external\-signer.md
+.HP
+\fB\-spendzeroconfchange\fR
+.IP
+Spend unconfirmed change when sending transactions (default: 1)
+.HP
+\fB\-txconfirmtarget=\fR<n>
+.IP
+If paytxfee is not set, include enough fee so transactions begin
+confirmation on average within n blocks (default: 6)
+.HP
+\fB\-wallet=\fR<path>
+.IP
+Specify wallet path to load at startup. Can be used multiple times to
+load multiple wallets. Path is to a directory containing wallet
+data and log files. If the path is not absolute, it is
+interpreted relative to <walletdir>. This only loads existing
+wallets and does not create new ones. For backwards compatibility
+this also accepts names of existing top\-level data files in
+<walletdir>.
+.HP
+\fB\-walletbroadcast\fR
+.IP
+Make the wallet broadcast transactions (default: 1)
+.HP
+\fB\-walletdir=\fR<dir>
+.IP
+Specify directory to hold wallets (default: <datadir>/wallets if it
+exists, otherwise <datadir>)
+.HP
+\fB\-walletnotify=\fR<cmd>
+.IP
+Execute command when a wallet transaction changes. %s in cmd is replaced
+by TxID, %w is replaced by wallet name, %b is replaced by the
+hash of the block including the transaction (set to 'unconfirmed'
+if the transaction is not included) and %h is replaced by the
+block height (\fB\-1\fR if not included). %w is not currently
+implemented on windows. On systems where %w is supported, it
+should NOT be quoted because this would break shell escaping used
+to invoke the command.
+.HP
+\fB\-walletrbf\fR
+.IP
+Send transactions with full\-RBF opt\-in enabled (RPC only, default: 1)
+.PP
+ZeroMQ notification options:
+.HP
+\fB\-zmqpubhashblock=\fR<address>
+.IP
+Enable publish hash block in <address>
+.HP
+\fB\-zmqpubhashblockhwm=\fR<n>
+.IP
+Set publish hash block outbound message high water mark (default: 1000)
+.HP
+\fB\-zmqpubhashtx=\fR<address>
+.IP
+Enable publish hash transaction in <address>
+.HP
+\fB\-zmqpubhashtxhwm=\fR<n>
+.IP
+Set publish hash transaction outbound message high water mark (default:
+1000)
+.HP
+\fB\-zmqpubrawblock=\fR<address>
+.IP
+Enable publish raw block in <address>
+.HP
+\fB\-zmqpubrawblockhwm=\fR<n>
+.IP
+Set publish raw block outbound message high water mark (default: 1000)
+.HP
+\fB\-zmqpubrawtx=\fR<address>
+.IP
+Enable publish raw transaction in <address>
+.HP
+\fB\-zmqpubrawtxhwm=\fR<n>
+.IP
+Set publish raw transaction outbound message high water mark (default:
+1000)
+.HP
+\fB\-zmqpubsequence=\fR<address>
+.IP
+Enable publish hash block and tx sequence in <address>
+.HP
+\fB\-zmqpubsequencehwm=\fR<n>
+.IP
+Set publish hash sequence message high water mark (default: 1000)
+.PP
+Debugging/Testing options:
+.HP
+\fB\-debug=\fR<category>
+.IP
+Output debug and trace logging (default: \fB\-nodebug\fR, supplying <category>
+is optional). If <category> is not supplied or if <category> is 1
+or "all", output all debug logging. If <category> is 0 or "none",
+any other categories are ignored. Other valid values for
+<category> are: addrman, bench, blockstorage, cmpctblock, coindb,
+estimatefee, http, i2p, ipc, leveldb, libevent, mempool,
+mempoolrej, net, proxy, prune, qt, rand, reindex, rpc, scan,
+selectcoins, tor, txpackages, txreconciliation, validation,
+walletdb, zmq. This option can be specified multiple times to
+output multiple categories.
+.HP
+\fB\-debugexclude=\fR<category>
+.IP
+Exclude debug and trace logging for a category. Can be used in
+conjunction with \fB\-debug\fR=\fI\,1\/\fR to output debug and trace logging for
+all categories except the specified category. This option can be
+specified multiple times to exclude multiple categories. This
+takes priority over "\-debug"
+.HP
+\fB\-help\-debug\fR
+.IP
+Print help message with debugging options and exit
+.HP
+\fB\-logips\fR
+.IP
+Include IP addresses in debug output (default: 0)
+.HP
+\fB\-loglevelalways\fR
+.IP
+Always prepend a category and level (default: 0)
+.HP
+\fB\-logsourcelocations\fR
+.IP
+Prepend debug output with name of the originating source location
+(source file, line number and function name) (default: 0)
+.HP
+\fB\-logthreadnames\fR
+.IP
+Prepend debug output with name of the originating thread (default: 0)
+.HP
+\fB\-logtimestamps\fR
+.IP
+Prepend debug output with timestamp (default: 1)
+.HP
+\fB\-maxtxfee=\fR<amt>
+.IP
+Maximum total fees (in BTC) to use in a single wallet transaction;
+setting this too low may abort large transactions (default: 0.10)
+.HP
+\fB\-printtoconsole\fR
+.IP
+Send trace/debug info to console (default: 1 when no \fB\-daemon\fR. To disable
+logging to file, set \fB\-nodebuglogfile\fR)
+.HP
+\fB\-shrinkdebugfile\fR
+.IP
+Shrink debug.log file on client startup (default: 1 when no \fB\-debug\fR)
+.HP
+\fB\-uacomment=\fR<cmt>
+.IP
+Append comment to the user agent string
+.PP
+Chain selection options:
+.HP
+\fB\-chain=\fR<chain>
+.IP
+Use the chain <chain> (default: main). Allowed values: main, test,
+testnet4, signet, regtest
+.HP
+\fB\-signet\fR
+.IP
+Use the signet chain. Equivalent to \fB\-chain\fR=\fI\,signet\/\fR. Note that the network
+is defined by the \fB\-signetchallenge\fR parameter
+.HP
+\fB\-signetchallenge\fR
+.IP
+Blocks must satisfy the given script to be considered valid (only for
+signet networks; defaults to the global default signet test
+network challenge)
+.HP
+\fB\-signetseednode\fR
+.IP
+Specify a seed node for the signet network, in the hostname[:port]
+format, e.g. sig.net:1234 (may be used multiple times to specify
+multiple seed nodes; defaults to the global default signet test
+network seed node(s))
+.HP
+\fB\-testnet\fR
+.IP
+Use the testnet3 chain. Equivalent to \fB\-chain\fR=\fI\,test\/\fR. Support for testnet3
+is deprecated and will be removed in an upcoming release.
+Consider moving to testnet4 now by using \fB\-testnet4\fR.
+.HP
+\fB\-testnet4\fR
+.IP
+Use the testnet4 chain. Equivalent to \fB\-chain\fR=\fI\,testnet4\/\fR.
+.PP
+Node relay options:
+.HP
+\fB\-bytespersigop\fR
+.IP
+Equivalent bytes per sigop in transactions for relay and mining
+(default: 20)
+.HP
+\fB\-datacarrier\fR
+.IP
+Relay and mine data carrier transactions (default: 1)
+.HP
+\fB\-datacarriersize\fR
+.IP
+Relay and mine transactions whose data\-carrying raw scriptPubKey is of
+this size or less (default: 83)
+.HP
+\fB\-minrelaytxfee=\fR<amt>
+.IP
+Fees (in BTC/kvB) smaller than this are considered zero fee for
+relaying, mining and transaction creation (default: 0.000001)
+.HP
+\fB\-permitbaremultisig\fR
+.IP
+Relay transactions creating non\-P2SH multisig outputs (default: 1)
+.HP
+\fB\-whitelistforcerelay\fR
+.IP
+Add 'forcerelay' permission to whitelisted peers with default
+permissions. This will relay transactions even if the
+transactions were already in the mempool. (default: 0)
+.HP
+\fB\-whitelistrelay\fR
+.IP
+Add 'relay' permission to whitelisted peers with default permissions.
+This will accept relayed transactions even when not relaying
+transactions (default: 1)
+.PP
+Block creation options:
+.HP
+\fB\-blockmaxweight=\fR<n>
+.IP
+Set maximum BIP141 block weight (default: 4000000)
+.HP
+\fB\-blockmintxfee=\fR<amt>
+.IP
+Set lowest fee rate (in BTC/kvB) for transactions to be included in
+block creation. (default: 0.00000001)
+.HP
+\fB\-blockreservedweight=\fR<n>
+.IP
+Reserve space for the fixed\-size block header plus the largest coinbase
+transaction the mining software may add to the block. (default:
+8000).
+.PP
+RPC server options:
+.HP
+\fB\-rest\fR
+.IP
+Accept public REST requests (default: 0)
+.HP
+\fB\-rpcallowip=\fR<ip>
+.IP
+Allow JSON\-RPC connections from specified source. Valid values for <ip>
+are a single IP (e.g. 1.2.3.4), a network/netmask (e.g.
+1.2.3.4/255.255.255.0), a network/CIDR (e.g. 1.2.3.4/24), all
+ipv4 (0.0.0.0/0), or all ipv6 (::/0). This option can be
+specified multiple times
+.HP
+\fB\-rpcauth=\fR<userpw>
+.IP
+Username and HMAC\-SHA\-256 hashed password for JSON\-RPC connections. The
+field <userpw> comes in the format: <USERNAME>:<SALT>$<HASH>. A
+canonical python script is included in share/rpcauth. The client
+then connects normally using the
+rpcuser=<USERNAME>/rpcpassword=<PASSWORD> pair of arguments. This
+option can be specified multiple times
+.HP
+\fB\-rpcbind=\fR<addr>[:port]
+.IP
+Bind to given address to listen for JSON\-RPC connections. Do not expose
+the RPC server to untrusted networks such as the public internet!
+This option is ignored unless \fB\-rpcallowip\fR is also passed. Port is
+optional and overrides \fB\-rpcport\fR. Use [host]:port notation for
+IPv6. This option can be specified multiple times (default:
+127.0.0.1 and ::1 i.e., localhost)
+.HP
+\fB\-rpccookiefile=\fR<loc>
+.IP
+Location of the auth cookie. Relative paths will be prefixed by a
+net\-specific datadir location. (default: data dir)
+.HP
+\fB\-rpccookieperms=\fR<readable\-by>
+.IP
+Set permissions on the RPC auth cookie file so that it is readable by
+[owner|group|all] (default: owner [via umask 0077])
+.HP
+\fB\-rpcpassword=\fR<pw>
+.IP
+Password for JSON\-RPC connections
+.HP
+\fB\-rpcport=\fR<port>
+.IP
+Listen for JSON\-RPC connections on <port> (default: 8332, testnet3:
+18332, testnet4: 48332, signet: 38332, regtest: 18443)
+.HP
+\fB\-rpcthreads=\fR<n>
+.IP
+Set the number of threads to service RPC calls (default: 16)
+.HP
+\fB\-rpcuser=\fR<user>
+.IP
+Username for JSON\-RPC connections
+.HP
+\fB\-rpcwhitelist=\fR<whitelist>
+.IP
+Set a whitelist to filter incoming RPC calls for a specific user. The
+field <whitelist> comes in the format: <USERNAME>:<rpc 1>,<rpc
+2>,...,<rpc n>. If multiple whitelists are set for a given user,
+they are set\-intersected. See \fB\-rpcwhitelistdefault\fR documentation
+for information on default whitelist behavior.
+.HP
+\fB\-rpcwhitelistdefault\fR
+.IP
+Sets default behavior for rpc whitelisting. Unless rpcwhitelistdefault
+is set to 0, if any \fB\-rpcwhitelist\fR is set, the rpc server acts as
+if all rpc users are subject to empty\-unless\-otherwise\-specified
+whitelists. If rpcwhitelistdefault is set to 1 and no
+\fB\-rpcwhitelist\fR is set, rpc server acts as if all rpc users are
+subject to empty whitelists.
+.HP
+\fB\-server\fR
+.IP
+Accept command line and JSON\-RPC commands
+.PP
+UI Options:
+.HP
+\fB\-choosedatadir\fR
+.IP
+Choose data directory on startup (default: 0)
+.HP
+\fB\-lang=\fR<lang>
+.IP
+Set language, for example "de_DE" (default: system locale)
+.HP
+\fB\-min\fR
+.IP
+Start minimized
+.HP
+\fB\-resetguisettings\fR
+.IP
+Reset all settings changed in the GUI
+.HP
+\fB\-splash\fR
+.IP
+Show splash screen on startup (default: 1)
+.SH COPYRIGHT
+Copyright (C) 2009-2025 The Bitcoin Core developers
 
-This is a placeholder file. Please follow the instructions in \fIcontrib/devtools/README.md\fR to generate the manual pages after a release.
+Please contribute if you find Bitcoin Core useful. Visit
+<https://bitcoincore.org/> for further information about the software.
+The source code is available from <https://github.com/bitcoin/bitcoin>.
+
+This is experimental software.
+Distributed under the MIT software license, see the accompanying file COPYING
+or <https://opensource.org/licenses/MIT>
+.SH "SEE ALSO"
+bitcoind(1), bitcoin-cli(1), bitcoin-tx(1), bitcoin-wallet(1), bitcoin-util(1), bitcoin-qt(1)

doc/man/bitcoin-tx.1

@@ -1,5 +1,159 @@
-.TH BITCOIN-TX "1"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
+.TH BITCOIN-TX "1" "January 2026" "bitcoin-tx v29.3.0rc1" "User Commands"
 .SH NAME
-bitcoin-tx \- manual page for bitcoin-tx
+bitcoin-tx \- manual page for bitcoin-tx v29.3.0rc1
+.SH SYNOPSIS
+.B bitcoin-tx
+[\fI\,options\/\fR] \fI\,<hex-tx> \/\fR[\fI\,commands\/\fR]
+.br
+.B bitcoin-tx
+[\fI\,options\/\fR] \fI\,-create \/\fR[\fI\,commands\/\fR]
+.SH DESCRIPTION
+Bitcoin Core bitcoin\-tx utility version v29.3.0rc1
+.PP
+The bitcoin\-tx tool is used for creating and modifying bitcoin transactions.
+.PP
+bitcoin\-tx can be used with "<hex\-tx> [commands]" to update a hex\-encoded bitcoin transaction, or with "\-create [commands]" to create a hex\-encoded bitcoin transaction.
+.SH OPTIONS
+.HP
+\fB\-create\fR
+.IP
+Create new, empty TX.
+.HP
+\fB\-help\fR
+.IP
+Print this help message and exit (also \fB\-h\fR or \-?)
+.HP
+\fB\-json\fR
+.IP
+Select JSON output
+.HP
+\fB\-txid\fR
+.IP
+Output only the hex\-encoded transaction id of the resultant transaction.
+.HP
+\fB\-version\fR
+.IP
+Print version and exit
+.PP
+Debugging/Testing options:
+.PP
+Chain selection options:
+.HP
+\fB\-chain=\fR<chain>
+.IP
+Use the chain <chain> (default: main). Allowed values: main, test,
+testnet4, signet, regtest
+.HP
+\fB\-signet\fR
+.IP
+Use the signet chain. Equivalent to \fB\-chain\fR=\fI\,signet\/\fR. Note that the network
+is defined by the \fB\-signetchallenge\fR parameter
+.HP
+\fB\-signetchallenge\fR
+.IP
+Blocks must satisfy the given script to be considered valid (only for
+signet networks; defaults to the global default signet test
+network challenge)
+.HP
+\fB\-signetseednode\fR
+.IP
+Specify a seed node for the signet network, in the hostname[:port]
+format, e.g. sig.net:1234 (may be used multiple times to specify
+multiple seed nodes; defaults to the global default signet test
+network seed node(s))
+.HP
+\fB\-testnet\fR
+.IP
+Use the testnet3 chain. Equivalent to \fB\-chain\fR=\fI\,test\/\fR. Support for testnet3
+is deprecated and will be removed in an upcoming release.
+Consider moving to testnet4 now by using \fB\-testnet4\fR.
+.HP
+\fB\-testnet4\fR
+.IP
+Use the testnet4 chain. Equivalent to \fB\-chain\fR=\fI\,testnet4\/\fR.
+.PP
+Commands:
+.IP
+delin=N
+.IP
+Delete input N from TX
+.IP
+delout=N
+.IP
+Delete output N from TX
+.IP
+in=TXID:VOUT(:SEQUENCE_NUMBER)
+.IP
+Add input to TX
+.IP
+locktime=N
+.IP
+Set TX lock time to N
+.IP
+nversion=N
+.IP
+Set TX version to N
+.IP
+outaddr=VALUE:ADDRESS
+.IP
+Add address\-based output to TX
+.IP
+outdata=[VALUE:]DATA
+.IP
+Add data\-based output to TX
+.IP
+outmultisig=VALUE:REQUIRED:PUBKEYS:PUBKEY1:PUBKEY2:....[:FLAGS]
+.IP
+Add Pay To n\-of\-m Multi\-sig output to TX. n = REQUIRED, m = PUBKEYS.
+Optionally add the "W" flag to produce a
+pay\-to\-witness\-script\-hash output. Optionally add the "S" flag to
+wrap the output in a pay\-to\-script\-hash.
+.IP
+outpubkey=VALUE:PUBKEY[:FLAGS]
+.IP
+Add pay\-to\-pubkey output to TX. Optionally add the "W" flag to produce a
+pay\-to\-witness\-pubkey\-hash output. Optionally add the "S" flag to
+wrap the output in a pay\-to\-script\-hash.
+.IP
+outscript=VALUE:SCRIPT[:FLAGS]
+.IP
+Add raw script output to TX. Optionally add the "W" flag to produce a
+pay\-to\-witness\-script\-hash output. Optionally add the "S" flag to
+wrap the output in a pay\-to\-script\-hash.
+.IP
+replaceable(=N)
+.IP
+Sets Replace\-By\-Fee (RBF) opt\-in sequence number for input N. If N is
+not provided, the command attempts to opt\-in all available inputs
+for RBF. If the transaction has no inputs, this option is
+ignored.
+.IP
+sign=SIGHASH\-FLAGS
+.IP
+Add zero or more signatures to transaction. This command requires JSON
+registers:prevtxs=JSON object, privatekeys=JSON object. See
+signrawtransactionwithkey docs for format of sighash flags, JSON
+objects.
+.PP
+Register Commands:
+.IP
+load=NAME:FILENAME
+.IP
+Load JSON file FILENAME into register NAME
+.IP
+set=NAME:JSON\-STRING
+.IP
+Set register NAME to given JSON\-STRING
+.SH COPYRIGHT
+Copyright (C) 2009-2025 The Bitcoin Core developers
 
-This is a placeholder file. Please follow the instructions in \fIcontrib/devtools/README.md\fR to generate the manual pages after a release.
+Please contribute if you find Bitcoin Core useful. Visit
+<https://bitcoincore.org/> for further information about the software.
+The source code is available from <https://github.com/bitcoin/bitcoin>.
+
+This is experimental software.
+Distributed under the MIT software license, see the accompanying file COPYING
+or <https://opensource.org/licenses/MIT>
+.SH "SEE ALSO"
+bitcoind(1), bitcoin-cli(1), bitcoin-tx(1), bitcoin-wallet(1), bitcoin-util(1), bitcoin-qt(1)

doc/man/bitcoin-util.1

@@ -1,5 +1,78 @@
-.TH BITCOIN-UTIL "1"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
+.TH BITCOIN-UTIL "1" "January 2026" "bitcoin-util v29.3.0rc1" "User Commands"
 .SH NAME
-bitcoin-util \- manual page for bitcoin-util
+bitcoin-util \- manual page for bitcoin-util v29.3.0rc1
+.SH SYNOPSIS
+.B bitcoin-util
+[\fI\,options\/\fR] [\fI\,command\/\fR]
+.br
+.B bitcoin-util
+[\fI\,options\/\fR] \fI\,grind <hex-block-header>\/\fR
+.SH DESCRIPTION
+Bitcoin Core bitcoin\-util utility version v29.3.0rc1
+.PP
+The bitcoin\-util tool provides bitcoin related functionality that does not rely on the ability to access a running node. Available [commands] are listed below.
+.SH OPTIONS
+.HP
+\fB\-help\fR
+.IP
+Print this help message and exit (also \fB\-h\fR or \-?)
+.HP
+\fB\-version\fR
+.IP
+Print version and exit
+.PP
+Debugging/Testing options:
+.PP
+Chain selection options:
+.HP
+\fB\-chain=\fR<chain>
+.IP
+Use the chain <chain> (default: main). Allowed values: main, test,
+testnet4, signet, regtest
+.HP
+\fB\-signet\fR
+.IP
+Use the signet chain. Equivalent to \fB\-chain\fR=\fI\,signet\/\fR. Note that the network
+is defined by the \fB\-signetchallenge\fR parameter
+.HP
+\fB\-signetchallenge\fR
+.IP
+Blocks must satisfy the given script to be considered valid (only for
+signet networks; defaults to the global default signet test
+network challenge)
+.HP
+\fB\-signetseednode\fR
+.IP
+Specify a seed node for the signet network, in the hostname[:port]
+format, e.g. sig.net:1234 (may be used multiple times to specify
+multiple seed nodes; defaults to the global default signet test
+network seed node(s))
+.HP
+\fB\-testnet\fR
+.IP
+Use the testnet3 chain. Equivalent to \fB\-chain\fR=\fI\,test\/\fR. Support for testnet3
+is deprecated and will be removed in an upcoming release.
+Consider moving to testnet4 now by using \fB\-testnet4\fR.
+.HP
+\fB\-testnet4\fR
+.IP
+Use the testnet4 chain. Equivalent to \fB\-chain\fR=\fI\,testnet4\/\fR.
+.PP
+Commands:
+.IP
+grind
+.IP
+Perform proof of work on hex header string
+.SH COPYRIGHT
+Copyright (C) 2009-2025 The Bitcoin Core developers
 
-This is a placeholder file. Please follow the instructions in \fIcontrib/devtools/README.md\fR to generate the manual pages after a release.
+Please contribute if you find Bitcoin Core useful. Visit
+<https://bitcoincore.org/> for further information about the software.
+The source code is available from <https://github.com/bitcoin/bitcoin>.
+
+This is experimental software.
+Distributed under the MIT software license, see the accompanying file COPYING
+or <https://opensource.org/licenses/MIT>
+.SH "SEE ALSO"
+bitcoind(1), bitcoin-cli(1), bitcoin-tx(1), bitcoin-wallet(1), bitcoin-util(1), bitcoin-qt(1)

doc/man/bitcoin-wallet.1

@@ -1,5 +1,136 @@
-.TH BITCOIN-WALLET "1"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
+.TH BITCOIN-WALLET "1" "January 2026" "bitcoin-wallet v29.3.0rc1" "User Commands"
 .SH NAME
-bitcoin-wallet \- manual page for bitcoin-wallet
+bitcoin-wallet \- manual page for bitcoin-wallet v29.3.0rc1
+.SH SYNOPSIS
+.B bitcoin-wallet
+[\fI\,options\/\fR] \fI\,<command>\/\fR
+.SH DESCRIPTION
+Bitcoin Core bitcoin\-wallet utility version v29.3.0rc1
+.PP
+bitcoin\-wallet is an offline tool for creating and interacting with Bitcoin Core wallet files.
+.PP
+By default bitcoin\-wallet will act on wallets in the default mainnet wallet directory in the datadir.
+.PP
+To change the target wallet, use the \fB\-datadir\fR, \fB\-wallet\fR and (test)chain selection arguments.
+.SH OPTIONS
+.HP
+\fB\-datadir=\fR<dir>
+.IP
+Specify data directory
+.HP
+\fB\-descriptors\fR
+.IP
+Create descriptors wallet. Only for 'create'
+.HP
+\fB\-dumpfile=\fR<file name>
+.IP
+When used with 'dump', writes out the records to this file. When used
+with 'createfromdump', loads the records into a new wallet.
+.HP
+\fB\-format=\fR<format>
+.IP
+The format of the wallet file to create. Either "bdb" or "sqlite". Only
+used with 'createfromdump'
+.HP
+\fB\-help\fR
+.IP
+Print this help message and exit (also \fB\-h\fR or \-?)
+.HP
+\fB\-legacy\fR
+.IP
+Create legacy wallet. Only for 'create'
+.HP
+\fB\-version\fR
+.IP
+Print version and exit
+.HP
+\fB\-wallet=\fR<wallet\-name>
+.IP
+Specify wallet name
+.PP
+Debugging/Testing options:
+.HP
+\fB\-debug=\fR<category>
+.IP
+Output debugging information (default: 0).
+.HP
+\fB\-printtoconsole\fR
+.IP
+Send trace/debug info to console (default: 1 when no \fB\-debug\fR is true, 0
+otherwise).
+.HP
+\fB\-withinternalbdb\fR
+.IP
+Use the internal Berkeley DB parser when dumping a Berkeley DB wallet
+file (default: false)
+.PP
+Chain selection options:
+.HP
+\fB\-chain=\fR<chain>
+.IP
+Use the chain <chain> (default: main). Allowed values: main, test,
+testnet4, signet, regtest
+.HP
+\fB\-signet\fR
+.IP
+Use the signet chain. Equivalent to \fB\-chain\fR=\fI\,signet\/\fR. Note that the network
+is defined by the \fB\-signetchallenge\fR parameter
+.HP
+\fB\-signetchallenge\fR
+.IP
+Blocks must satisfy the given script to be considered valid (only for
+signet networks; defaults to the global default signet test
+network challenge)
+.HP
+\fB\-signetseednode\fR
+.IP
+Specify a seed node for the signet network, in the hostname[:port]
+format, e.g. sig.net:1234 (may be used multiple times to specify
+multiple seed nodes; defaults to the global default signet test
+network seed node(s))
+.HP
+\fB\-testnet\fR
+.IP
+Use the testnet3 chain. Equivalent to \fB\-chain\fR=\fI\,test\/\fR. Support for testnet3
+is deprecated and will be removed in an upcoming release.
+Consider moving to testnet4 now by using \fB\-testnet4\fR.
+.HP
+\fB\-testnet4\fR
+.IP
+Use the testnet4 chain. Equivalent to \fB\-chain\fR=\fI\,testnet4\/\fR.
+.PP
+Commands:
+.IP
+create
+.IP
+Create new wallet file
+.IP
+createfromdump
+.IP
+Create new wallet file from dumped records
+.IP
+dump
+.IP
+Print out all of the wallet key\-value records
+.IP
+info
+.IP
+Get wallet info
+.IP
+salvage
+.IP
+Attempt to recover private keys from a corrupt wallet. Warning:
+\&'salvage' is experimental.
+.SH COPYRIGHT
+Copyright (C) 2009-2025 The Bitcoin Core developers
 
-This is a placeholder file. Please follow the instructions in \fIcontrib/devtools/README.md\fR to generate the manual pages after a release.
+Please contribute if you find Bitcoin Core useful. Visit
+<https://bitcoincore.org/> for further information about the software.
+The source code is available from <https://github.com/bitcoin/bitcoin>.
+
+This is experimental software.
+Distributed under the MIT software license, see the accompanying file COPYING
+or <https://opensource.org/licenses/MIT>
+.SH "SEE ALSO"
+bitcoind(1), bitcoin-cli(1), bitcoin-tx(1), bitcoin-wallet(1), bitcoin-util(1), bitcoin-qt(1)

doc/man/bitcoind.1

@@ -1,5 +1,830 @@
-.TH BITCOIND "1"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.3.
+.TH BITCOIND "1" "January 2026" "bitcoind v29.3.0rc1" "User Commands"
 .SH NAME
-bitcoind \- manual page for bitcoind
+bitcoind \- manual page for bitcoind v29.3.0rc1
+.SH SYNOPSIS
+.B bitcoind
+[\fI\,options\/\fR]
+.SH DESCRIPTION
+Bitcoin Core daemon version v29.3.0rc1
+.PP
+The Bitcoin Core daemon (bitcoind) is a headless program that connects to the Bitcoin network to validate and relay transactions and blocks, as well as relaying addresses.
+.PP
+It provides the backbone of the Bitcoin network and its RPC, REST and ZMQ services can provide various transaction, block and address\-related services.
+.PP
+There is an optional wallet component which provides transaction services.
+.PP
+It can be used in a headless environment or as part of a server setup.
+.SH OPTIONS
+.HP
+\fB\-alertnotify=\fR<cmd>
+.IP
+Execute command when an alert is raised (%s in cmd is replaced by
+message)
+.HP
+\fB\-allowignoredconf\fR
+.IP
+For backwards compatibility, treat an unused bitcoin.conf file in the
+datadir as a warning, not an error.
+.HP
+\fB\-assumevalid=\fR<hex>
+.IP
+If this block is in the chain assume that it and its ancestors are valid
+and potentially skip their script verification (0 to verify all,
+default:
+00000000000000000001b658dd1120e82e66d2790811f89ede9742ada3ed6d77,
+testnet3:
+00000000000003fc7967410ba2d0a8a8d50daedc318d43e8baf1a9782c236a57,
+testnet4:
+0000000000003ed4f08dbdf6f7d6b271a6bcffce25675cb40aa9fa43179a89f3,
+signet:
+000000895a110f46e59eb82bbc5bfb67fa314656009c295509c21b4999f5180a)
+.HP
+\fB\-blockfilterindex=\fR<type>
+.IP
+Maintain an index of compact filters by block (default: 0, values:
+basic). If <type> is not supplied or if <type> = 1, indexes for
+all known types are enabled.
+.HP
+\fB\-blocknotify=\fR<cmd>
+.IP
+Execute command when the best block changes (%s in cmd is replaced by
+block hash)
+.HP
+\fB\-blockreconstructionextratxn=\fR<n>
+.IP
+Extra transactions to keep in memory for compact block reconstructions
+(default: 100)
+.HP
+\fB\-blocksdir=\fR<dir>
+.IP
+Specify directory to hold blocks subdirectory for *.dat files (default:
+<datadir>)
+.HP
+\fB\-blocksonly\fR
+.IP
+Whether to reject transactions from network peers. Disables automatic
+broadcast and rebroadcast of transactions, unless the source peer
+has the 'forcerelay' permission. RPC transactions are not
+affected. (default: 0)
+.HP
+\fB\-blocksxor\fR
+.IP
+Whether an XOR\-key applies to blocksdir *.dat files. The created XOR\-key
+will be zeros for an existing blocksdir or when `\-blocksxor=0` is
+set, and random for a freshly initialized blocksdir. (default: 1)
+.HP
+\fB\-coinstatsindex\fR
+.IP
+Maintain coinstats index used by the gettxoutsetinfo RPC (default: 0)
+.HP
+\fB\-conf=\fR<file>
+.IP
+Specify path to read\-only configuration file. Relative paths will be
+prefixed by datadir location (only useable from command line, not
+configuration file) (default: bitcoin.conf)
+.HP
+\fB\-daemon\fR
+.IP
+Run in the background as a daemon and accept commands (default: 0)
+.HP
+\fB\-daemonwait\fR
+.IP
+Wait for initialization to be finished before exiting. This implies
+\fB\-daemon\fR (default: 0)
+.HP
+\fB\-datadir=\fR<dir>
+.IP
+Specify data directory
+.HP
+\fB\-dbcache=\fR<n>
+.IP
+Maximum database cache size <n> MiB (minimum 4, default: 450). Make sure
+you have enough RAM. In addition, unused memory allocated to the
+mempool is shared with this cache (see \fB\-maxmempool\fR).
+.HP
+\fB\-debuglogfile=\fR<file>
+.IP
+Specify location of debug log file (default: debug.log). Relative paths
+will be prefixed by a net\-specific datadir location. Pass
+\fB\-nodebuglogfile\fR to disable writing the log to a file.
+.HP
+\fB\-help\fR
+.IP
+Print this help message and exit (also \fB\-h\fR or \-?)
+.HP
+\fB\-includeconf=\fR<file>
+.IP
+Specify additional configuration file, relative to the \fB\-datadir\fR path
+(only useable from configuration file, not command line)
+.HP
+\fB\-loadblock=\fR<file>
+.IP
+Imports blocks from external file on startup
+.HP
+\fB\-maxmempool=\fR<n>
+.IP
+Keep the transaction memory pool below <n> megabytes (default: 300)
+.HP
+\fB\-maxorphantx=\fR<n>
+.IP
+Keep at most <n> unconnectable transactions in memory (default: 100)
+.HP
+\fB\-mempoolexpiry=\fR<n>
+.IP
+Do not keep transactions in the mempool longer than <n> hours (default:
+336)
+.HP
+\fB\-par=\fR<n>
+.IP
+Set the number of script verification threads (0 = auto, up to 15, <0 =
+leave that many cores free, default: 0)
+.HP
+\fB\-persistmempool\fR
+.IP
+Whether to save the mempool on shutdown and load on restart (default: 1)
+.HP
+\fB\-persistmempoolv1\fR
+.IP
+Whether a mempool.dat file created by \fB\-persistmempool\fR or the savemempool
+RPC will be written in the legacy format (version 1) or the
+current format (version 2). This temporary option will be removed
+in the future. (default: 0)
+.HP
+\fB\-pid=\fR<file>
+.IP
+Specify pid file. Relative paths will be prefixed by a net\-specific
+datadir location. (default: bitcoind.pid)
+.HP
+\fB\-prune=\fR<n>
+.IP
+Reduce storage requirements by enabling pruning (deleting) of old
+blocks. This allows the pruneblockchain RPC to be called to
+delete specific blocks and enables automatic pruning of old
+blocks if a target size in MiB is provided. This mode is
+incompatible with \fB\-txindex\fR. Warning: Reverting this setting
+requires re\-downloading the entire blockchain. (default: 0 =
+disable pruning blocks, 1 = allow manual pruning via RPC, >=550 =
+automatically prune block files to stay under the specified
+target size in MiB)
+.HP
+\fB\-reindex\fR
+.IP
+If enabled, wipe chain state and block index, and rebuild them from
+blk*.dat files on disk. Also wipe and rebuild other optional
+indexes that are active. If an assumeutxo snapshot was loaded,
+its chainstate will be wiped as well. The snapshot can then be
+reloaded via RPC.
+.HP
+\fB\-reindex\-chainstate\fR
+.IP
+If enabled, wipe chain state, and rebuild it from blk*.dat files on
+disk. If an assumeutxo snapshot was loaded, its chainstate will
+be wiped as well. The snapshot can then be reloaded via RPC.
+.HP
+\fB\-settings=\fR<file>
+.IP
+Specify path to dynamic settings data file. Can be disabled with
+\fB\-nosettings\fR. File is written at runtime and not meant to be
+edited by users (use bitcoin.conf instead for custom settings).
+Relative paths will be prefixed by datadir location. (default:
+settings.json)
+.HP
+\fB\-shutdownnotify=\fR<cmd>
+.IP
+Execute command immediately before beginning shutdown. The need for
+shutdown may be urgent, so be careful not to delay it long (if
+the command doesn't require interaction with the server, consider
+having it fork into the background).
+.HP
+\fB\-startupnotify=\fR<cmd>
+.IP
+Execute command on startup.
+.HP
+\fB\-txindex\fR
+.IP
+Maintain a full transaction index, used by the getrawtransaction rpc
+call (default: 0)
+.HP
+\fB\-version\fR
+.IP
+Print version and exit
+.PP
+Connection options:
+.HP
+\fB\-addnode=\fR<ip>
+.IP
+Add a node to connect to and attempt to keep the connection open (see
+the addnode RPC help for more info). This option can be specified
+multiple times to add multiple nodes; connections are limited to
+8 at a time and are counted separately from the \fB\-maxconnections\fR
+limit.
+.HP
+\fB\-asmap=\fR<file>
+.IP
+Specify asn mapping used for bucketing of the peers (default:
+ip_asn.map). Relative paths will be prefixed by the net\-specific
+datadir location.
+.HP
+\fB\-bantime=\fR<n>
+.IP
+Default duration (in seconds) of manually configured bans (default:
+86400)
+.HP
+\fB\-bind=\fR<addr>[:<port>][=onion]
+.IP
+Bind to given address and always listen on it (default: 0.0.0.0). Use
+[host]:port notation for IPv6. Append =onion to tag any incoming
+connections to that address and port as incoming Tor connections
+(default: 127.0.0.1:8334=onion, testnet3: 127.0.0.1:18334=onion,
+testnet4: 127.0.0.1:48334=onion, signet: 127.0.0.1:38334=onion,
+regtest: 127.0.0.1:18445=onion)
+.HP
+\fB\-cjdnsreachable\fR
+.IP
+If set, then this host is configured for CJDNS (connecting to fc00::/8
+addresses would lead us to the CJDNS network, see doc/cjdns.md)
+(default: 0)
+.HP
+\fB\-connect=\fR<ip>
+.IP
+Connect only to the specified node; \fB\-noconnect\fR disables automatic
+connections (the rules for this peer are the same as for
+\fB\-addnode\fR). This option can be specified multiple times to connect
+to multiple nodes.
+.HP
+\fB\-discover\fR
+.IP
+Discover own IP addresses (default: 1 when listening and no \fB\-externalip\fR
+or \fB\-proxy\fR)
+.HP
+\fB\-dns\fR
+.IP
+Allow DNS lookups for \fB\-addnode\fR, \fB\-seednode\fR and \fB\-connect\fR (default: 1)
+.HP
+\fB\-dnsseed\fR
+.IP
+Query for peer addresses via DNS lookup, if low on addresses (default: 1
+unless \fB\-connect\fR used or \fB\-maxconnections\fR=\fI\,0\/\fR)
+.HP
+\fB\-externalip=\fR<ip>
+.IP
+Specify your own public address
+.HP
+\fB\-fixedseeds\fR
+.IP
+Allow fixed seeds if DNS seeds don't provide peers (default: 1)
+.HP
+\fB\-forcednsseed\fR
+.IP
+Always query for peer addresses via DNS lookup (default: 0)
+.HP
+\fB\-i2pacceptincoming\fR
+.IP
+Whether to accept inbound I2P connections (default: 1). Ignored if
+\fB\-i2psam\fR is not set. Listening for inbound I2P connections is done
+through the SAM proxy, not by binding to a local address and
+port.
+.HP
+\fB\-i2psam=\fR<ip:port>
+.IP
+I2P SAM proxy to reach I2P peers and accept I2P connections (default:
+none)
+.HP
+\fB\-listen\fR
+.IP
+Accept connections from outside (default: 1 if no \fB\-proxy\fR, \fB\-connect\fR or
+\fB\-maxconnections\fR=\fI\,0\/\fR)
+.HP
+\fB\-listenonion\fR
+.IP
+Automatically create Tor onion service (default: 1)
+.HP
+\fB\-maxconnections=\fR<n>
+.IP
+Maintain at most <n> automatic connections to peers (default: 125). This
+limit does not apply to connections manually added via \fB\-addnode\fR
+or the addnode RPC, which have a separate limit of 8.
+.HP
+\fB\-maxreceivebuffer=\fR<n>
+.IP
+Maximum per\-connection receive buffer, <n>*1000 bytes (default: 5000)
+.HP
+\fB\-maxsendbuffer=\fR<n>
+.IP
+Maximum per\-connection memory usage for the send buffer, <n>*1000 bytes
+(default: 1000)
+.HP
+\fB\-maxuploadtarget=\fR<n>
+.IP
+Tries to keep outbound traffic under the given target per 24h. Limit
+does not apply to peers with 'download' permission or blocks
+created within past week. 0 = no limit (default: 0M). Optional
+suffix units [k|K|m|M|g|G|t|T] (default: M). Lowercase is 1000
+base while uppercase is 1024 base
+.HP
+\fB\-natpmp\fR
+.IP
+Use PCP or NAT\-PMP to map the listening port (default: 0)
+.HP
+\fB\-networkactive\fR
+.IP
+Enable all P2P network activity (default: 1). Can be changed by the
+setnetworkactive RPC command
+.HP
+\fB\-onion=\fR<ip:port|path>
+.IP
+Use separate SOCKS5 proxy to reach peers via Tor onion services, set
+\fB\-noonion\fR to disable (default: \fB\-proxy\fR). May be a local file path
+prefixed with 'unix:'.
+.HP
+\fB\-onlynet=\fR<net>
+.IP
+Make automatic outbound connections only to network <net> (ipv4, ipv6,
+onion, i2p, cjdns). Inbound and manual connections are not
+affected by this option. It can be specified multiple times to
+allow multiple networks.
+.HP
+\fB\-peerblockfilters\fR
+.IP
+Serve compact block filters to peers per BIP 157 (default: 0)
+.HP
+\fB\-peerbloomfilters\fR
+.IP
+Support filtering of blocks and transaction with bloom filters (default:
+0)
+.HP
+\fB\-port=\fR<port>
+.IP
+Listen for connections on <port> (default: 8333, testnet3: 18333,
+testnet4: 48333, signet: 38333, regtest: 18444). Not relevant for
+I2P (see doc/i2p.md). If set to a value x, the default onion
+listening port will be set to x+1.
+.HP
+\fB\-proxy=\fR<ip:port|path>
+.IP
+Connect through SOCKS5 proxy, set \fB\-noproxy\fR to disable (default:
+disabled). May be a local file path prefixed with 'unix:' if the
+proxy supports it.
+.HP
+\fB\-proxyrandomize\fR
+.IP
+Randomize credentials for every proxy connection. This enables Tor
+stream isolation (default: 1)
+.HP
+\fB\-seednode=\fR<ip>
+.IP
+Connect to a node to retrieve peer addresses, and disconnect. This
+option can be specified multiple times to connect to multiple
+nodes. During startup, seednodes will be tried before dnsseeds.
+.HP
+\fB\-timeout=\fR<n>
+.IP
+Specify socket connection timeout in milliseconds. If an initial attempt
+to connect is unsuccessful after this amount of time, drop it
+(minimum: 1, default: 5000)
+.HP
+\fB\-torcontrol=\fR<ip>:<port>
+.IP
+Tor control host and port to use if onion listening enabled (default:
+127.0.0.1:9051). If no port is specified, the default port of
+9051 will be used.
+.HP
+\fB\-torpassword=\fR<pass>
+.IP
+Tor control port password (default: empty)
+.HP
+\fB\-v2transport\fR
+.IP
+Support v2 transport (default: 1)
+.HP
+\fB\-whitebind=\fR<[permissions@]addr>
+.IP
+Bind to the given address and add permission flags to the peers
+connecting to it. Use [host]:port notation for IPv6. Allowed
+permissions: bloomfilter (allow requesting BIP37 filtered blocks
+and transactions), noban (do not ban for misbehavior; implies
+download), forcerelay (relay transactions that are already in the
+mempool; implies relay), relay (relay even in \fB\-blocksonly\fR mode,
+and unlimited transaction announcements), mempool (allow
+requesting BIP35 mempool contents), download (allow getheaders
+during IBD, no disconnect after maxuploadtarget limit), addr
+(responses to GETADDR avoid hitting the cache and contain random
+records with the most up\-to\-date info). Specify multiple
+permissions separated by commas (default:
+download,noban,mempool,relay). Can be specified multiple times.
+.HP
+\fB\-whitelist=\fR<[permissions@]IP address or network>
+.IP
+Add permission flags to the peers using the given IP address (e.g.
+1.2.3.4) or CIDR\-notated network (e.g. 1.2.3.0/24). Uses the same
+permissions as \fB\-whitebind\fR. Additional flags "in" and "out"
+control whether permissions apply to incoming connections and/or
+manual (default: incoming only). Can be specified multiple times.
+.PP
+Wallet options:
+.HP
+\fB\-addresstype\fR
+.IP
+What type of addresses to use ("legacy", "p2sh\-segwit", "bech32", or
+"bech32m", default: "bech32")
+.HP
+\fB\-avoidpartialspends\fR
+.IP
+Group outputs by address, selecting many (possibly all) or none, instead
+of selecting on a per\-output basis. Privacy is improved as
+addresses are mostly swept with fewer transactions and outputs
+are aggregated in clean change addresses. It may result in higher
+fees due to less optimal coin selection caused by this added
+limitation and possibly a larger\-than\-necessary number of inputs
+being used. Always enabled for wallets with "avoid_reuse"
+enabled, otherwise default: 0.
+.HP
+\fB\-changetype\fR
+.IP
+What type of change to use ("legacy", "p2sh\-segwit", "bech32", or
+"bech32m"). Default is "legacy" when \fB\-addresstype\fR=\fI\,legacy\/\fR, else it
+is an implementation detail.
+.HP
+\fB\-consolidatefeerate=\fR<amt>
+.IP
+The maximum feerate (in BTC/kvB) at which transaction building may use
+more inputs than strictly necessary so that the wallet's UTXO
+pool can be reduced (default: 0.0001).
+.HP
+\fB\-disablewallet\fR
+.IP
+Do not load the wallet and disable wallet RPC calls
+.HP
+\fB\-discardfee=\fR<amt>
+.IP
+The fee rate (in BTC/kvB) that indicates your tolerance for discarding
+change by adding it to the fee (default: 0.0001). Note: An output
+is discarded if it is dust at this rate, but we will always
+discard up to the dust relay fee and a discard fee above that is
+limited by the fee estimate for the longest target
+.HP
+\fB\-fallbackfee=\fR<amt>
+.IP
+A fee rate (in BTC/kvB) that will be used when fee estimation has
+insufficient data. 0 to entirely disable the fallbackfee feature.
+(default: 0.00)
+.HP
+\fB\-keypool=\fR<n>
+.IP
+Set key pool size to <n> (default: 1000). Warning: Smaller sizes may
+increase the risk of losing funds when restoring from an old
+backup, if none of the addresses in the original keypool have
+been used.
+.HP
+\fB\-maxapsfee=\fR<n>
+.IP
+Spend up to this amount in additional (absolute) fees (in BTC) if it
+allows the use of partial spend avoidance (default: 0.00)
+.HP
+\fB\-mintxfee=\fR<amt>
+.IP
+Fee rates (in BTC/kvB) smaller than this are considered zero fee for
+transaction creation (default: 0.00001)
+.HP
+\fB\-paytxfee=\fR<amt>
+.IP
+Fee rate (in BTC/kvB) to add to transactions you send (default: 0.00)
+.HP
+\fB\-signer=\fR<cmd>
+.IP
+External signing tool, see doc/external\-signer.md
+.HP
+\fB\-spendzeroconfchange\fR
+.IP
+Spend unconfirmed change when sending transactions (default: 1)
+.HP
+\fB\-txconfirmtarget=\fR<n>
+.IP
+If paytxfee is not set, include enough fee so transactions begin
+confirmation on average within n blocks (default: 6)
+.HP
+\fB\-wallet=\fR<path>
+.IP
+Specify wallet path to load at startup. Can be used multiple times to
+load multiple wallets. Path is to a directory containing wallet
+data and log files. If the path is not absolute, it is
+interpreted relative to <walletdir>. This only loads existing
+wallets and does not create new ones. For backwards compatibility
+this also accepts names of existing top\-level data files in
+<walletdir>.
+.HP
+\fB\-walletbroadcast\fR
+.IP
+Make the wallet broadcast transactions (default: 1)
+.HP
+\fB\-walletdir=\fR<dir>
+.IP
+Specify directory to hold wallets (default: <datadir>/wallets if it
+exists, otherwise <datadir>)
+.HP
+\fB\-walletnotify=\fR<cmd>
+.IP
+Execute command when a wallet transaction changes. %s in cmd is replaced
+by TxID, %w is replaced by wallet name, %b is replaced by the
+hash of the block including the transaction (set to 'unconfirmed'
+if the transaction is not included) and %h is replaced by the
+block height (\fB\-1\fR if not included). %w is not currently
+implemented on windows. On systems where %w is supported, it
+should NOT be quoted because this would break shell escaping used
+to invoke the command.
+.HP
+\fB\-walletrbf\fR
+.IP
+Send transactions with full\-RBF opt\-in enabled (RPC only, default: 1)
+.PP
+ZeroMQ notification options:
+.HP
+\fB\-zmqpubhashblock=\fR<address>
+.IP
+Enable publish hash block in <address>
+.HP
+\fB\-zmqpubhashblockhwm=\fR<n>
+.IP
+Set publish hash block outbound message high water mark (default: 1000)
+.HP
+\fB\-zmqpubhashtx=\fR<address>
+.IP
+Enable publish hash transaction in <address>
+.HP
+\fB\-zmqpubhashtxhwm=\fR<n>
+.IP
+Set publish hash transaction outbound message high water mark (default:
+1000)
+.HP
+\fB\-zmqpubrawblock=\fR<address>
+.IP
+Enable publish raw block in <address>
+.HP
+\fB\-zmqpubrawblockhwm=\fR<n>
+.IP
+Set publish raw block outbound message high water mark (default: 1000)
+.HP
+\fB\-zmqpubrawtx=\fR<address>
+.IP
+Enable publish raw transaction in <address>
+.HP
+\fB\-zmqpubrawtxhwm=\fR<n>
+.IP
+Set publish raw transaction outbound message high water mark (default:
+1000)
+.HP
+\fB\-zmqpubsequence=\fR<address>
+.IP
+Enable publish hash block and tx sequence in <address>
+.HP
+\fB\-zmqpubsequencehwm=\fR<n>
+.IP
+Set publish hash sequence message high water mark (default: 1000)
+.PP
+Debugging/Testing options:
+.HP
+\fB\-debug=\fR<category>
+.IP
+Output debug and trace logging (default: \fB\-nodebug\fR, supplying <category>
+is optional). If <category> is not supplied or if <category> is 1
+or "all", output all debug logging. If <category> is 0 or "none",
+any other categories are ignored. Other valid values for
+<category> are: addrman, bench, blockstorage, cmpctblock, coindb,
+estimatefee, http, i2p, ipc, leveldb, libevent, mempool,
+mempoolrej, net, proxy, prune, qt, rand, reindex, rpc, scan,
+selectcoins, tor, txpackages, txreconciliation, validation,
+walletdb, zmq. This option can be specified multiple times to
+output multiple categories.
+.HP
+\fB\-debugexclude=\fR<category>
+.IP
+Exclude debug and trace logging for a category. Can be used in
+conjunction with \fB\-debug\fR=\fI\,1\/\fR to output debug and trace logging for
+all categories except the specified category. This option can be
+specified multiple times to exclude multiple categories. This
+takes priority over "\-debug"
+.HP
+\fB\-help\-debug\fR
+.IP
+Print help message with debugging options and exit
+.HP
+\fB\-logips\fR
+.IP
+Include IP addresses in debug output (default: 0)
+.HP
+\fB\-loglevelalways\fR
+.IP
+Always prepend a category and level (default: 0)
+.HP
+\fB\-logsourcelocations\fR
+.IP
+Prepend debug output with name of the originating source location
+(source file, line number and function name) (default: 0)
+.HP
+\fB\-logthreadnames\fR
+.IP
+Prepend debug output with name of the originating thread (default: 0)
+.HP
+\fB\-logtimestamps\fR
+.IP
+Prepend debug output with timestamp (default: 1)
+.HP
+\fB\-maxtxfee=\fR<amt>
+.IP
+Maximum total fees (in BTC) to use in a single wallet transaction;
+setting this too low may abort large transactions (default: 0.10)
+.HP
+\fB\-printtoconsole\fR
+.IP
+Send trace/debug info to console (default: 1 when no \fB\-daemon\fR. To disable
+logging to file, set \fB\-nodebuglogfile\fR)
+.HP
+\fB\-shrinkdebugfile\fR
+.IP
+Shrink debug.log file on client startup (default: 1 when no \fB\-debug\fR)
+.HP
+\fB\-uacomment=\fR<cmt>
+.IP
+Append comment to the user agent string
+.PP
+Chain selection options:
+.HP
+\fB\-chain=\fR<chain>
+.IP
+Use the chain <chain> (default: main). Allowed values: main, test,
+testnet4, signet, regtest
+.HP
+\fB\-signet\fR
+.IP
+Use the signet chain. Equivalent to \fB\-chain\fR=\fI\,signet\/\fR. Note that the network
+is defined by the \fB\-signetchallenge\fR parameter
+.HP
+\fB\-signetchallenge\fR
+.IP
+Blocks must satisfy the given script to be considered valid (only for
+signet networks; defaults to the global default signet test
+network challenge)
+.HP
+\fB\-signetseednode\fR
+.IP
+Specify a seed node for the signet network, in the hostname[:port]
+format, e.g. sig.net:1234 (may be used multiple times to specify
+multiple seed nodes; defaults to the global default signet test
+network seed node(s))
+.HP
+\fB\-testnet\fR
+.IP
+Use the testnet3 chain. Equivalent to \fB\-chain\fR=\fI\,test\/\fR. Support for testnet3
+is deprecated and will be removed in an upcoming release.
+Consider moving to testnet4 now by using \fB\-testnet4\fR.
+.HP
+\fB\-testnet4\fR
+.IP
+Use the testnet4 chain. Equivalent to \fB\-chain\fR=\fI\,testnet4\/\fR.
+.PP
+Node relay options:
+.HP
+\fB\-bytespersigop\fR
+.IP
+Equivalent bytes per sigop in transactions for relay and mining
+(default: 20)
+.HP
+\fB\-datacarrier\fR
+.IP
+Relay and mine data carrier transactions (default: 1)
+.HP
+\fB\-datacarriersize\fR
+.IP
+Relay and mine transactions whose data\-carrying raw scriptPubKey is of
+this size or less (default: 83)
+.HP
+\fB\-minrelaytxfee=\fR<amt>
+.IP
+Fees (in BTC/kvB) smaller than this are considered zero fee for
+relaying, mining and transaction creation (default: 0.000001)
+.HP
+\fB\-permitbaremultisig\fR
+.IP
+Relay transactions creating non\-P2SH multisig outputs (default: 1)
+.HP
+\fB\-whitelistforcerelay\fR
+.IP
+Add 'forcerelay' permission to whitelisted peers with default
+permissions. This will relay transactions even if the
+transactions were already in the mempool. (default: 0)
+.HP
+\fB\-whitelistrelay\fR
+.IP
+Add 'relay' permission to whitelisted peers with default permissions.
+This will accept relayed transactions even when not relaying
+transactions (default: 1)
+.PP
+Block creation options:
+.HP
+\fB\-blockmaxweight=\fR<n>
+.IP
+Set maximum BIP141 block weight (default: 4000000)
+.HP
+\fB\-blockmintxfee=\fR<amt>
+.IP
+Set lowest fee rate (in BTC/kvB) for transactions to be included in
+block creation. (default: 0.00000001)
+.HP
+\fB\-blockreservedweight=\fR<n>
+.IP
+Reserve space for the fixed\-size block header plus the largest coinbase
+transaction the mining software may add to the block. (default:
+8000).
+.PP
+RPC server options:
+.HP
+\fB\-rest\fR
+.IP
+Accept public REST requests (default: 0)
+.HP
+\fB\-rpcallowip=\fR<ip>
+.IP
+Allow JSON\-RPC connections from specified source. Valid values for <ip>
+are a single IP (e.g. 1.2.3.4), a network/netmask (e.g.
+1.2.3.4/255.255.255.0), a network/CIDR (e.g. 1.2.3.4/24), all
+ipv4 (0.0.0.0/0), or all ipv6 (::/0). This option can be
+specified multiple times
+.HP
+\fB\-rpcauth=\fR<userpw>
+.IP
+Username and HMAC\-SHA\-256 hashed password for JSON\-RPC connections. The
+field <userpw> comes in the format: <USERNAME>:<SALT>$<HASH>. A
+canonical python script is included in share/rpcauth. The client
+then connects normally using the
+rpcuser=<USERNAME>/rpcpassword=<PASSWORD> pair of arguments. This
+option can be specified multiple times
+.HP
+\fB\-rpcbind=\fR<addr>[:port]
+.IP
+Bind to given address to listen for JSON\-RPC connections. Do not expose
+the RPC server to untrusted networks such as the public internet!
+This option is ignored unless \fB\-rpcallowip\fR is also passed. Port is
+optional and overrides \fB\-rpcport\fR. Use [host]:port notation for
+IPv6. This option can be specified multiple times (default:
+127.0.0.1 and ::1 i.e., localhost)
+.HP
+\fB\-rpccookiefile=\fR<loc>
+.IP
+Location of the auth cookie. Relative paths will be prefixed by a
+net\-specific datadir location. (default: data dir)
+.HP
+\fB\-rpccookieperms=\fR<readable\-by>
+.IP
+Set permissions on the RPC auth cookie file so that it is readable by
+[owner|group|all] (default: owner [via umask 0077])
+.HP
+\fB\-rpcpassword=\fR<pw>
+.IP
+Password for JSON\-RPC connections
+.HP
+\fB\-rpcport=\fR<port>
+.IP
+Listen for JSON\-RPC connections on <port> (default: 8332, testnet3:
+18332, testnet4: 48332, signet: 38332, regtest: 18443)
+.HP
+\fB\-rpcthreads=\fR<n>
+.IP
+Set the number of threads to service RPC calls (default: 16)
+.HP
+\fB\-rpcuser=\fR<user>
+.IP
+Username for JSON\-RPC connections
+.HP
+\fB\-rpcwhitelist=\fR<whitelist>
+.IP
+Set a whitelist to filter incoming RPC calls for a specific user. The
+field <whitelist> comes in the format: <USERNAME>:<rpc 1>,<rpc
+2>,...,<rpc n>. If multiple whitelists are set for a given user,
+they are set\-intersected. See \fB\-rpcwhitelistdefault\fR documentation
+for information on default whitelist behavior.
+.HP
+\fB\-rpcwhitelistdefault\fR
+.IP
+Sets default behavior for rpc whitelisting. Unless rpcwhitelistdefault
+is set to 0, if any \fB\-rpcwhitelist\fR is set, the rpc server acts as
+if all rpc users are subject to empty\-unless\-otherwise\-specified
+whitelists. If rpcwhitelistdefault is set to 1 and no
+\fB\-rpcwhitelist\fR is set, rpc server acts as if all rpc users are
+subject to empty whitelists.
+.HP
+\fB\-server\fR
+.IP
+Accept command line and JSON\-RPC commands
+.SH COPYRIGHT
+Copyright (C) 2009-2025 The Bitcoin Core developers
 
-This is a placeholder file. Please follow the instructions in \fIcontrib/devtools/README.md\fR to generate the manual pages after a release.
+Please contribute if you find Bitcoin Core useful. Visit
+<https://bitcoincore.org/> for further information about the software.
+The source code is available from <https://github.com/bitcoin/bitcoin>.
+
+This is experimental software.
+Distributed under the MIT software license, see the accompanying file COPYING
+or <https://opensource.org/licenses/MIT>
+.SH "SEE ALSO"
+bitcoind(1), bitcoin-cli(1), bitcoin-tx(1), bitcoin-wallet(1), bitcoin-util(1), bitcoin-qt(1)

doc/p2p-bad-ports.md

@@ -87,10 +87,14 @@ incoming connections.
     1720:  h323hostcall
     1723:  pptp
     2049:  nfs
+    3306:  MySQL
+    3389:  RDP / Windows Remote Desktop
     3659:  apple-sasl / PasswordServer
     4045:  lockd
     5060:  sip
     5061:  sips
+    5432:  PostgreSQL
+    5900:  VNC
     6000:  X11
     6566:  sane-port
     6665:  Alternate IRC
@@ -100,6 +104,7 @@ incoming connections.
     6669:  Alternate IRC
     6697:  IRC + TLS
     10080: Amanda
+    27017: MongoDB
 
 For further information see:
 

doc/release-notes-empty-template.md

@@ -1,99 +0,0 @@
-*The release notes draft is a temporary file that can be added to by anyone. See
-[/doc/developer-notes.md#release-notes](/doc/developer-notes.md#release-notes)
-for the process.*
-
-*version* Release Notes Draft
-===============================
-
-Bitcoin Core version *version* is now available from:
-
-  <https://bitcoincore.org/bin/bitcoin-core-*version*/>
-
-This release includes new features, various bug fixes and performance
-improvements, as well as updated translations.
-
-Please report bugs using the issue tracker at GitHub:
-
-  <https://github.com/bitcoin/bitcoin/issues>
-
-To receive security and update notifications, please subscribe to:
-
-  <https://bitcoincore.org/en/list/announcements/join/>
-
-How to Upgrade
-==============
-
-If you are running an older version, shut it down. Wait until it has completely
-shut down (which might take a few minutes in some cases), then run the
-installer (on Windows) or just copy over `/Applications/Bitcoin-Qt` (on macOS)
-or `bitcoind`/`bitcoin-qt` (on Linux).
-
-Upgrading directly from a version of Bitcoin Core that has reached its EOL is
-possible, but it might take some time if the data directory needs to be migrated. Old
-wallet versions of Bitcoin Core are generally supported.
-
-Compatibility
-==============
-
-Bitcoin Core is supported and tested on operating systems using the
-Linux Kernel 3.17+, macOS 13+, and Windows 10+. Bitcoin
-Core should also work on most other Unix-like systems but is not as
-frequently tested on them. It is not recommended to use Bitcoin Core on
-unsupported systems.
-
-Notable changes
-===============
-
-P2P and network changes
------------------------
-
-Updated RPCs
-------------
-
-
-Changes to wallet related RPCs can be found in the Wallet section below.
-
-New RPCs
---------
-
-Build System
-------------
-
-Updated settings
-----------------
-
-
-Changes to GUI or wallet related settings can be found in the GUI or Wallet section below.
-
-New settings
-------------
-
-Tools and Utilities
--------------------
-
-Wallet
-------
-
-GUI changes
------------
-
-Low-level changes
-=================
-
-RPC
----
-
-Tests
------
-
-*version* change log
-====================
-
-Credits
-=======
-
-Thanks to everyone who directly contributed to this release:
-
-
-As well as to everyone that helped with translations on
-[Transifex](https://www.transifex.com/bitcoin/bitcoin/).

doc/release-notes.md

@@ -0,0 +1,98 @@
+Bitcoin Core version 29.3rc1 is now available from:
+
+  <https://bitcoincore.org/bin/bitcoin-core-29.3/test.rc1/>
+
+This release includes various bug fixes and performance
+improvements, as well as updated translations.
+
+Please report bugs using the issue tracker at GitHub:
+
+  <https://github.com/bitcoin/bitcoin/issues>
+
+To receive security and update notifications, please subscribe to:
+
+  <https://bitcoincore.org/en/list/announcements/join/>
+
+How to Upgrade
+==============
+
+If you are running an older version, shut it down. Wait until it has completely
+shut down (which might take a few minutes in some cases), then run the
+installer (on Windows) or just copy over `/Applications/Bitcoin-Qt` (on macOS)
+or `bitcoind`/`bitcoin-qt` (on Linux).
+
+Upgrading directly from a version of Bitcoin Core that has reached its EOL is
+possible, but it might take some time if the data directory needs to be migrated. Old
+wallet versions of Bitcoin Core are generally supported.
+
+Compatibility
+==============
+
+Bitcoin Core is supported and tested on operating systems using the
+Linux Kernel 3.17+, macOS 13+, and Windows 10+. Bitcoin
+Core should also work on most other Unix-like systems but is not as
+frequently tested on them. It is not recommended to use Bitcoin Core on
+unsupported systems.
+
+Notable changes
+===============
+
+### P2P
+
+- #33050 net, validation: don't punish peers for consensus-invalid txs
+- #33723 chainparams: remove dnsseed.bitcoin.dashjr-list-of-p2p-nodes.us
+
+### Validation
+
+- #32473 Introduce per-txin sighash midstate cache for legacy/p2sh/segwitv0 scripts
+- #33105 validation: detect witness stripping without re-running Script checks
+
+### Wallet
+
+- #33268 wallet: Identify transactions spending 0-value outputs, and add tests for anchor outputs in a wallet
+- #34156 wallet: fix unnamed legacy wallet migration failure
+- #34226 wallet: test: Relative wallet failed migration cleanup
+- #34123 wallet: migration, avoid creating spendable wallet from a watch-only legacy wallet
+- #34215 wallettool: fix unnamed createfromdump failure walletsdir deletion
+
+### Mining
+
+- #33475 bugfix: miner: fix `addPackageTxs` unsigned integer overflow
+
+### Build
+
+- #34227 guix: Fix `osslsigncode` tests
+
+### Documentation
+
+- #33623 doc: document capnproto and libmultiprocess deps in 29.x
+
+### Test
+
+- #33612 test: change log rate limit version gate
+
+### Misc
+
+- #33508 ci: fix buildx gha cache authentication on forks
+- #33581 ci: Properly include $FILE_ENV in DEPENDS_HASH
+
+Credits
+=======
+
+Thanks to everyone who directly contributed to this release:
+
+- Anthony Towns
+- Antoine Poinsot
+- Ava Chow
+- David Gumberg
+- Eugene Siegel
+- fanquake
+- furszy
+- Hennadii Stepanov
+- ismaelsadeeq
+- Pieter Wuille
+- SatsAndSports
+- willcl-ark
+
+As well as to everyone that helped with translations on
+[Transifex](https://explore.transifex.com/bitcoin/bitcoin/).

doc/release-process.md

@@ -57,10 +57,10 @@ Release Process
 - Clear the release notes and move them to the wiki (see "Write the release notes" below).
 - Translations on Transifex:
     - Pull translations from Transifex into the master branch.
-    - Create [a new resource](https://www.transifex.com/bitcoin/bitcoin/content/) named after the major version with the slug `qt-translation-<RRR>x`, where `RRR` is the major branch number padded with zeros. Use `src/qt/locale/bitcoin_en.xlf` to create it.
+    - Create [a new resource](https://app.transifex.com/bitcoin/bitcoin/content/) named after the major version with the slug `qt-translation-<RRR>x`, where `RRR` is the major branch number padded with zeros. Use `src/qt/locale/bitcoin_en.xlf` to create it.
     - In the project workflow settings, ensure that [Translation Memory Fill-up](https://help.transifex.com/en/articles/6224817-setting-up-translation-memory-fill-up) is enabled and that [Translation Memory Context Matching](https://help.transifex.com/en/articles/6224753-translation-memory-with-context) is disabled.
     - Update the Transifex slug in [`.tx/config`](/.tx/config) to the slug of the resource created in the first step. This identifies which resource the translations will be synchronized from.
-    - Make an announcement that translators can start translating for the new version. You can use one of the [previous announcements](https://www.transifex.com/bitcoin/communication/) as a template.
+    - Make an announcement that translators can start translating for the new version. You can use one of the [previous announcements](https://app.transifex.com/bitcoin/communication/) as a template.
     - Change the auto-update URL for the resource to `master`, e.g. `https://raw.githubusercontent.com/bitcoin/bitcoin/master/src/qt/locale/bitcoin_en.xlf`. (Do this only after the previous steps, to prevent an auto-update from interfering.)
 
 #### After branch-off (on the major release branch)

doc/tor.md

@@ -62,7 +62,7 @@ outgoing connections, but more is possible.
 
 In a typical situation, this suffices to run behind a Tor proxy:
 
-    ./bitcoind -proxy=127.0.0.1:9050
+    bitcoind -proxy=127.0.0.1:9050
 
 ## 2. Automatically create a Bitcoin Core onion service
 
@@ -187,25 +187,25 @@ should be equal to binding address and port for inbound Tor connections (127.0.0
 
 In a typical situation, where you're only reachable via Tor, this should suffice:
 
-    ./bitcoind -proxy=127.0.0.1:9050 -externalip=7zvj7a2imdgkdbg4f2dryd5rgtrn7upivr5eeij4cicjh65pooxeshid.onion -listen
+    bitcoind -proxy=127.0.0.1:9050 -externalip=7zvj7a2imdgkdbg4f2dryd5rgtrn7upivr5eeij4cicjh65pooxeshid.onion -listen
 
 (obviously, replace the .onion address with your own). It should be noted that you still
 listen on all devices and another node could establish a clearnet connection, when knowing
 your address. To mitigate this, additionally bind the address of your Tor proxy:
 
-    ./bitcoind ... -bind=127.0.0.1:8334=onion
+    bitcoind ... -bind=127.0.0.1:8334=onion
 
 If you don't care too much about hiding your node, and want to be reachable on IPv4
 as well, use `discover` instead:
 
-    ./bitcoind ... -discover
+    bitcoind ... -discover
 
 and open port 8333 on your firewall (or use port mapping, i.e., `-natpmp`).
 
 If you only want to use Tor to reach .onion addresses, but not use it as a proxy
 for normal IPv4/IPv6 communication, use:
 
-    ./bitcoind -onion=127.0.0.1:9050 -externalip=7zvj7a2imdgkdbg4f2dryd5rgtrn7upivr5eeij4cicjh65pooxeshid.onion -discover
+    bitcoind -onion=127.0.0.1:9050 -externalip=7zvj7a2imdgkdbg4f2dryd5rgtrn7upivr5eeij4cicjh65pooxeshid.onion -discover
 
 ## 4. Privacy recommendations
 

doc/translation_process.md

@@ -41,7 +41,7 @@ git commit
 ### Creating a Transifex account
 Visit the [Transifex Signup](https://www.transifex.com/signup/) page to create an account. Take note of your username and password, as they will be required to configure the command-line tool.
 
-You can find the Bitcoin translation project at [https://www.transifex.com/bitcoin/bitcoin/](https://www.transifex.com/bitcoin/bitcoin/).
+You can find the Bitcoin translation project at [https://explore.transifex.com/bitcoin/bitcoin/](https://explore.transifex.com/bitcoin/bitcoin/).
 
 ### Installing the Transifex client command-line tool
 The client is used to fetch updated translations. Please check installation instructions and any other details at https://developers.transifex.com/docs/cli.

doc/zmq.md

@@ -84,7 +84,7 @@ For instance:
     $ bitcoind -zmqpubhashtx=tcp://127.0.0.1:28332 \
                -zmqpubhashtx=tcp://192.168.1.2:28332 \
                -zmqpubhashblock="tcp://[::1]:28333" \
-               -zmqpubrawtx=ipc:///tmp/bitcoind.tx.raw \
+               -zmqpubrawtx=unix:/tmp/bitcoind.tx.raw \
                -zmqpubhashtxhwm=10000
 
 Each PUB notification has a topic and body, where the header

share/examples/bitcoin.conf

@@ -1 +1,706 @@
-# This is a placeholder file. Please follow the instructions in `contrib/devtools/README.md` to generate a bitcoin.conf file.
+##
+## bitcoin.conf configuration file.
+## Generated by contrib/devtools/gen-bitcoin-conf.sh.
+##
+## Lines beginning with # are comments.
+## All possible configuration options are provided. To use, copy this file
+## to your data directory (default or specified by -datadir), uncomment
+## options you would like to change, and save the file.
+##
+
+
+### Options
+
+
+# Execute command when an alert is raised (%s in cmd is replaced by
+# message)
+#alertnotify=<cmd>
+
+# For backwards compatibility, treat an unused bitcoin.conf file in the
+# datadir as a warning, not an error.
+#allowignoredconf=1
+
+# If this block is in the chain assume that it and its ancestors are valid
+# and potentially skip their script verification (0 to verify all,
+# default:
+# 00000000000000000001b658dd1120e82e66d2790811f89ede9742ada3ed6d77,
+# testnet3:
+# 00000000000003fc7967410ba2d0a8a8d50daedc318d43e8baf1a9782c236a57,
+# testnet4:
+# 0000000000003ed4f08dbdf6f7d6b271a6bcffce25675cb40aa9fa43179a89f3,
+# signet:
+# 000000895a110f46e59eb82bbc5bfb67fa314656009c295509c21b4999f5180a)
+#assumevalid=<hex>
+
+# Maintain an index of compact filters by block (default: 0, values:
+# basic). If <type> is not supplied or if <type> = 1, indexes for
+# all known types are enabled.
+#blockfilterindex=<type>
+
+# Execute command when the best block changes (%s in cmd is replaced by
+# block hash)
+#blocknotify=<cmd>
+
+# Extra transactions to keep in memory for compact block reconstructions
+# (default: 100)
+#blockreconstructionextratxn=<n>
+
+# Specify directory to hold blocks subdirectory for *.dat files (default:
+# <datadir>)
+#blocksdir=<dir>
+
+# Whether to reject transactions from network peers. Disables automatic
+# broadcast and rebroadcast of transactions, unless the source peer
+# has the 'forcerelay' permission. RPC transactions are not
+# affected. (default: 0)
+#blocksonly=1
+
+# Whether an XOR-key applies to blocksdir *.dat files. The created XOR-key
+# will be zeros for an existing blocksdir or when `-blocksxor=0` is
+# set, and random for a freshly initialized blocksdir. (default: 1)
+#blocksxor=1
+
+# Maintain coinstats index used by the gettxoutsetinfo RPC (default: 0)
+#coinstatsindex=1
+
+# Specify path to read-only configuration file. Relative paths will be
+# prefixed by datadir location (only useable from command line, not
+# configuration file) (default: bitcoin.conf)
+#conf=<file>
+
+# Run in the background as a daemon and accept commands (default: 0)
+#daemon=1
+
+# Wait for initialization to be finished before exiting. This implies
+# -daemon (default: 0)
+#daemonwait=1
+
+# Specify data directory
+#datadir=<dir>
+
+# Maximum database cache size <n> MiB (minimum 4, default: 450). Make sure
+# you have enough RAM. In addition, unused memory allocated to the
+# mempool is shared with this cache (see -maxmempool).
+#dbcache=<n>
+
+# Specify location of debug log file (default: debug.log). Relative paths
+# will be prefixed by a net-specific datadir location. Pass
+# -nodebuglogfile to disable writing the log to a file.
+#debuglogfile=<file>
+
+# Specify additional configuration file, relative to the -datadir path
+# (only useable from configuration file, not command line)
+#includeconf=<file>
+
+# Imports blocks from external file on startup
+#loadblock=<file>
+
+# Keep the transaction memory pool below <n> megabytes (default: 300)
+#maxmempool=<n>
+
+# Keep at most <n> unconnectable transactions in memory (default: 100)
+#maxorphantx=<n>
+
+# Do not keep transactions in the mempool longer than <n> hours (default:
+# 336)
+#mempoolexpiry=<n>
+
+# Set the number of script verification threads (0 = auto, up to 15, <0 =
+# leave that many cores free, default: 0)
+#par=<n>
+
+# Whether to save the mempool on shutdown and load on restart (default: 1)
+#persistmempool=1
+
+# Whether a mempool.dat file created by -persistmempool or the savemempool
+# RPC will be written in the legacy format (version 1) or the
+# current format (version 2). This temporary option will be removed
+# in the future. (default: 0)
+#persistmempoolv1=1
+
+# Specify pid file. Relative paths will be prefixed by a net-specific
+# datadir location. (default: bitcoind.pid)
+#pid=<file>
+
+# Reduce storage requirements by enabling pruning (deleting) of old
+# blocks. This allows the pruneblockchain RPC to be called to
+# delete specific blocks and enables automatic pruning of old
+# blocks if a target size in MiB is provided. This mode is
+# incompatible with -txindex. Warning: Reverting this setting
+# requires re-downloading the entire blockchain. (default: 0 =
+# disable pruning blocks, 1 = allow manual pruning via RPC, >=550 =
+# automatically prune block files to stay under the specified
+# target size in MiB)
+#prune=<n>
+
+# If enabled, wipe chain state and block index, and rebuild them from
+# blk*.dat files on disk. Also wipe and rebuild other optional
+# indexes that are active. If an assumeutxo snapshot was loaded,
+# its chainstate will be wiped as well. The snapshot can then be
+# reloaded via RPC.
+#reindex=1
+
+# If enabled, wipe chain state, and rebuild it from blk*.dat files on
+# disk. If an assumeutxo snapshot was loaded, its chainstate will
+# be wiped as well. The snapshot can then be reloaded via RPC.
+#reindex-chainstate=1
+
+# Specify path to dynamic settings data file. Can be disabled with
+# -nosettings. File is written at runtime and not meant to be
+# edited by users (use bitcoin.conf instead for custom settings).
+# Relative paths will be prefixed by datadir location. (default:
+# settings.json)
+#settings=<file>
+
+# Execute command immediately before beginning shutdown. The need for
+# shutdown may be urgent, so be careful not to delay it long (if
+# the command doesn't require interaction with the server, consider
+# having it fork into the background).
+#shutdownnotify=<cmd>
+
+# Execute command on startup.
+#startupnotify=<cmd>
+
+# Maintain a full transaction index, used by the getrawtransaction rpc
+# call (default: 0)
+#txindex=1
+
+# Print version and exit
+#version=1
+
+
+### Connection options
+
+
+# Add a node to connect to and attempt to keep the connection open (see
+# the addnode RPC help for more info). This option can be specified
+# multiple times to add multiple nodes; connections are limited to
+# 8 at a time and are counted separately from the -maxconnections
+# limit.
+#addnode=<ip>
+
+# Specify asn mapping used for bucketing of the peers (default:
+# ip_asn.map). Relative paths will be prefixed by the net-specific
+# datadir location.
+#asmap=<file>
+
+# Default duration (in seconds) of manually configured bans (default:
+# 86400)
+#bantime=<n>
+
+# Bind to given address and always listen on it (default: 0.0.0.0). Use
+# [host]:port notation for IPv6. Append =onion to tag any incoming
+# connections to that address and port as incoming Tor connections
+# (default: 127.0.0.1:8334=onion, testnet3: 127.0.0.1:18334=onion,
+# testnet4: 127.0.0.1:48334=onion, signet: 127.0.0.1:38334=onion,
+# regtest: 127.0.0.1:18445=onion)
+#bind=<addr>[:<port>][=onion]
+
+# If set, then this host is configured for CJDNS (connecting to fc00::/8
+# addresses would lead us to the CJDNS network, see doc/cjdns.md)
+# (default: 0)
+#cjdnsreachable=1
+
+# Connect only to the specified node; -noconnect disables automatic
+# connections (the rules for this peer are the same as for
+# -addnode). This option can be specified multiple times to connect
+# to multiple nodes.
+#connect=<ip>
+
+# Discover own IP addresses (default: 1 when listening and no -externalip
+# or -proxy)
+#discover=1
+
+# Allow DNS lookups for -addnode, -seednode and -connect (default: 1)
+#dns=1
+
+# Query for peer addresses via DNS lookup, if low on addresses (default: 1
+# unless -connect used or -maxconnections=0)
+#dnsseed=1
+
+# Specify your own public address
+#externalip=<ip>
+
+# Allow fixed seeds if DNS seeds don't provide peers (default: 1)
+#fixedseeds=1
+
+# Always query for peer addresses via DNS lookup (default: 0)
+#forcednsseed=1
+
+# Whether to accept inbound I2P connections (default: 1). Ignored if
+# -i2psam is not set. Listening for inbound I2P connections is done
+# through the SAM proxy, not by binding to a local address and
+# port.
+#i2pacceptincoming=1
+
+# I2P SAM proxy to reach I2P peers and accept I2P connections (default:
+# none)
+#i2psam=<ip:port>
+
+# Accept connections from outside (default: 1 if no -proxy, -connect or
+# -maxconnections=0)
+#listen=1
+
+# Automatically create Tor onion service (default: 1)
+#listenonion=1
+
+# Maintain at most <n> automatic connections to peers (default: 125). This
+# limit does not apply to connections manually added via -addnode
+# or the addnode RPC, which have a separate limit of 8.
+#maxconnections=<n>
+
+# Maximum per-connection receive buffer, <n>*1000 bytes (default: 5000)
+#maxreceivebuffer=<n>
+
+# Maximum per-connection memory usage for the send buffer, <n>*1000 bytes
+# (default: 1000)
+#maxsendbuffer=<n>
+
+# Tries to keep outbound traffic under the given target per 24h. Limit
+# does not apply to peers with 'download' permission or blocks
+# created within past week. 0 = no limit (default: 0M). Optional
+# suffix units [k|K|m|M|g|G|t|T] (default: M). Lowercase is 1000
+# base while uppercase is 1024 base
+#maxuploadtarget=<n>
+
+# Use PCP or NAT-PMP to map the listening port (default: 0)
+#natpmp=1
+
+# Enable all P2P network activity (default: 1). Can be changed by the
+# setnetworkactive RPC command
+#networkactive=1
+
+# Use separate SOCKS5 proxy to reach peers via Tor onion services, set
+# -noonion to disable (default: -proxy). May be a local file path
+# prefixed with 'unix:'.
+#onion=<ip:port|path>
+
+# Make automatic outbound connections only to network <net> (ipv4, ipv6,
+# onion, i2p, cjdns). Inbound and manual connections are not
+# affected by this option. It can be specified multiple times to
+# allow multiple networks.
+#onlynet=<net>
+
+# Serve compact block filters to peers per BIP 157 (default: 0)
+#peerblockfilters=1
+
+# Support filtering of blocks and transaction with bloom filters (default:
+# 0)
+#peerbloomfilters=1
+
+# Listen for connections on <port> (default: 8333, testnet3: 18333,
+# testnet4: 48333, signet: 38333, regtest: 18444). Not relevant for
+# I2P (see doc/i2p.md). If set to a value x, the default onion
+# listening port will be set to x+1.
+#port=<port>
+
+# Connect through SOCKS5 proxy, set -noproxy to disable (default:
+# disabled). May be a local file path prefixed with 'unix:' if the
+# proxy supports it.
+#proxy=<ip:port|path>
+
+# Randomize credentials for every proxy connection. This enables Tor
+# stream isolation (default: 1)
+#proxyrandomize=1
+
+# Connect to a node to retrieve peer addresses, and disconnect. This
+# option can be specified multiple times to connect to multiple
+# nodes. During startup, seednodes will be tried before dnsseeds.
+#seednode=<ip>
+
+# Specify socket connection timeout in milliseconds. If an initial attempt
+# to connect is unsuccessful after this amount of time, drop it
+# (minimum: 1, default: 5000)
+#timeout=<n>
+
+# Tor control host and port to use if onion listening enabled (default:
+# 127.0.0.1:9051). If no port is specified, the default port of
+# 9051 will be used.
+#torcontrol=<ip>:<port>
+
+# Tor control port password (default: empty)
+#torpassword=<pass>
+
+# Support v2 transport (default: 1)
+#v2transport=1
+
+# Bind to the given address and add permission flags to the peers
+# connecting to it. Use [host]:port notation for IPv6. Allowed
+# permissions: bloomfilter (allow requesting BIP37 filtered blocks
+# and transactions), noban (do not ban for misbehavior; implies
+# download), forcerelay (relay transactions that are already in the
+# mempool; implies relay), relay (relay even in -blocksonly mode,
+# and unlimited transaction announcements), mempool (allow
+# requesting BIP35 mempool contents), download (allow getheaders
+# during IBD, no disconnect after maxuploadtarget limit), addr
+# (responses to GETADDR avoid hitting the cache and contain random
+# records with the most up-to-date info). Specify multiple
+# permissions separated by commas (default:
+# download,noban,mempool,relay). Can be specified multiple times.
+#whitebind=<[permissions@]addr>
+
+# Add permission flags to the peers using the given IP address (e.g.
+# 1.2.3.4) or CIDR-notated network (e.g. 1.2.3.0/24). Uses the same
+# permissions as -whitebind. Additional flags "in" and "out"
+# control whether permissions apply to incoming connections and/or
+# manual (default: incoming only). Can be specified multiple times.
+#whitelist=<[permissions@]IP address or network>
+
+
+### Wallet options
+
+
+# What type of addresses to use ("legacy", "p2sh-segwit", "bech32", or
+# "bech32m", default: "bech32")
+#addresstype=1
+
+# Group outputs by address, selecting many (possibly all) or none, instead
+# of selecting on a per-output basis. Privacy is improved as
+# addresses are mostly swept with fewer transactions and outputs
+# are aggregated in clean change addresses. It may result in higher
+# fees due to less optimal coin selection caused by this added
+# limitation and possibly a larger-than-necessary number of inputs
+# being used. Always enabled for wallets with "avoid_reuse"
+# enabled, otherwise default: 0.
+#avoidpartialspends=1
+
+# What type of change to use ("legacy", "p2sh-segwit", "bech32", or
+# "bech32m"). Default is "legacy" when -addresstype=legacy, else it
+# is an implementation detail.
+#changetype=1
+
+# The maximum feerate (in BTC/kvB) at which transaction building may use
+# more inputs than strictly necessary so that the wallet's UTXO
+# pool can be reduced (default: 0.0001).
+#consolidatefeerate=<amt>
+
+# Do not load the wallet and disable wallet RPC calls
+#disablewallet=1
+
+# The fee rate (in BTC/kvB) that indicates your tolerance for discarding
+# change by adding it to the fee (default: 0.0001). Note: An output
+# is discarded if it is dust at this rate, but we will always
+# discard up to the dust relay fee and a discard fee above that is
+# limited by the fee estimate for the longest target
+#discardfee=<amt>
+
+# A fee rate (in BTC/kvB) that will be used when fee estimation has
+# insufficient data. 0 to entirely disable the fallbackfee feature.
+# (default: 0.00)
+#fallbackfee=<amt>
+
+# Set key pool size to <n> (default: 1000). Warning: Smaller sizes may
+# increase the risk of losing funds when restoring from an old
+# backup, if none of the addresses in the original keypool have
+# been used.
+#keypool=<n>
+
+# Spend up to this amount in additional (absolute) fees (in BTC) if it
+# allows the use of partial spend avoidance (default: 0.00)
+#maxapsfee=<n>
+
+# Fee rates (in BTC/kvB) smaller than this are considered zero fee for
+# transaction creation (default: 0.00001)
+#mintxfee=<amt>
+
+# Fee rate (in BTC/kvB) to add to transactions you send (default: 0.00)
+#paytxfee=<amt>
+
+# External signing tool, see doc/external-signer.md
+#signer=<cmd>
+
+# Spend unconfirmed change when sending transactions (default: 1)
+#spendzeroconfchange=1
+
+# If paytxfee is not set, include enough fee so transactions begin
+# confirmation on average within n blocks (default: 6)
+#txconfirmtarget=<n>
+
+# Specify wallet path to load at startup. Can be used multiple times to
+# load multiple wallets. Path is to a directory containing wallet
+# data and log files. If the path is not absolute, it is
+# interpreted relative to <walletdir>. This only loads existing
+# wallets and does not create new ones. For backwards compatibility
+# this also accepts names of existing top-level data files in
+# <walletdir>.
+#wallet=<path>
+
+# Make the wallet broadcast transactions (default: 1)
+#walletbroadcast=1
+
+# Specify directory to hold wallets (default: <datadir>/wallets if it
+# exists, otherwise <datadir>)
+#walletdir=<dir>
+
+# Execute command when a wallet transaction changes. %s in cmd is replaced
+# by TxID, %w is replaced by wallet name, %b is replaced by the
+# hash of the block including the transaction (set to 'unconfirmed'
+# if the transaction is not included) and %h is replaced by the
+# block height (-1 if not included). %w is not currently
+# implemented on windows. On systems where %w is supported, it
+# should NOT be quoted because this would break shell escaping used
+# to invoke the command.
+#walletnotify=<cmd>
+
+# Send transactions with full-RBF opt-in enabled (RPC only, default: 1)
+#walletrbf=1
+
+
+### ZeroMQ notification options
+
+
+# Enable publish hash block in <address>
+#zmqpubhashblock=<address>
+
+# Set publish hash block outbound message high water mark (default: 1000)
+#zmqpubhashblockhwm=<n>
+
+# Enable publish hash transaction in <address>
+#zmqpubhashtx=<address>
+
+# Set publish hash transaction outbound message high water mark (default:
+# 1000)
+#zmqpubhashtxhwm=<n>
+
+# Enable publish raw block in <address>
+#zmqpubrawblock=<address>
+
+# Set publish raw block outbound message high water mark (default: 1000)
+#zmqpubrawblockhwm=<n>
+
+# Enable publish raw transaction in <address>
+#zmqpubrawtx=<address>
+
+# Set publish raw transaction outbound message high water mark (default:
+# 1000)
+#zmqpubrawtxhwm=<n>
+
+# Enable publish hash block and tx sequence in <address>
+#zmqpubsequence=<address>
+
+# Set publish hash sequence message high water mark (default: 1000)
+#zmqpubsequencehwm=<n>
+
+
+### Debugging/Testing options
+
+
+# Output debug and trace logging (default: -nodebug, supplying <category>
+# is optional). If <category> is not supplied or if <category> is 1
+# or "all", output all debug logging. If <category> is 0 or "none",
+# any other categories are ignored. Other valid values for
+# <category> are: addrman, bench, blockstorage, cmpctblock, coindb,
+# estimatefee, http, i2p, ipc, leveldb, libevent, mempool,
+# mempoolrej, net, proxy, prune, qt, rand, reindex, rpc, scan,
+# selectcoins, tor, txpackages, txreconciliation, validation,
+# walletdb, zmq. This option can be specified multiple times to
+# output multiple categories.
+#debug=<category>
+
+# Exclude debug and trace logging for a category. Can be used in
+# conjunction with -debug=1 to output debug and trace logging for
+# all categories except the specified category. This option can be
+# specified multiple times to exclude multiple categories. This
+# takes priority over "-debug"
+#debugexclude=<category>
+
+# Include IP addresses in debug output (default: 0)
+#logips=1
+
+# Always prepend a category and level (default: 0)
+#loglevelalways=1
+
+# Prepend debug output with name of the originating source location
+# (source file, line number and function name) (default: 0)
+#logsourcelocations=1
+
+# Prepend debug output with name of the originating thread (default: 0)
+#logthreadnames=1
+
+# Prepend debug output with timestamp (default: 1)
+#logtimestamps=1
+
+# Maximum total fees (in BTC) to use in a single wallet transaction;
+# setting this too low may abort large transactions (default: 0.10)
+#maxtxfee=<amt>
+
+# Send trace/debug info to console (default: 1 when no -daemon. To disable
+# logging to file, set -nodebuglogfile)
+#printtoconsole=1
+
+# Shrink debug.log file on client startup (default: 1 when no -debug)
+#shrinkdebugfile=1
+
+# Append comment to the user agent string
+#uacomment=<cmt>
+
+
+### Chain selection options
+
+
+# Use the chain <chain> (default: main). Allowed values: main, test,
+# testnet4, signet, regtest
+#chain=<chain>
+
+# Use the signet chain. Equivalent to -chain=signet. Note that the network
+# is defined by the -signetchallenge parameter
+#signet=1
+
+# Blocks must satisfy the given script to be considered valid (only for
+# signet networks; defaults to the global default signet test
+# network challenge)
+#signetchallenge=1
+
+# Specify a seed node for the signet network, in the hostname[:port]
+# format, e.g. sig.net:1234 (may be used multiple times to specify
+# multiple seed nodes; defaults to the global default signet test
+# network seed node(s))
+#signetseednode=1
+
+# Use the testnet3 chain. Equivalent to -chain=test. Support for testnet3
+# is deprecated and will be removed in an upcoming release.
+# Consider moving to testnet4 now by using -testnet4.
+#testnet=1
+
+# Use the testnet4 chain. Equivalent to -chain=testnet4.
+#testnet4=1
+
+
+### Node relay options
+
+
+# Equivalent bytes per sigop in transactions for relay and mining
+# (default: 20)
+#bytespersigop=1
+
+# Relay and mine data carrier transactions (default: 1)
+#datacarrier=1
+
+# Relay and mine transactions whose data-carrying raw scriptPubKey is of
+# this size or less (default: 83)
+#datacarriersize=1
+
+# Fees (in BTC/kvB) smaller than this are considered zero fee for
+# relaying, mining and transaction creation (default: 0.000001)
+#minrelaytxfee=<amt>
+
+# Relay transactions creating non-P2SH multisig outputs (default: 1)
+#permitbaremultisig=1
+
+# Add 'forcerelay' permission to whitelisted peers with default
+# permissions. This will relay transactions even if the
+# transactions were already in the mempool. (default: 0)
+#whitelistforcerelay=1
+
+# Add 'relay' permission to whitelisted peers with default permissions.
+# This will accept relayed transactions even when not relaying
+# transactions (default: 1)
+#whitelistrelay=1
+
+
+### Block creation options
+
+
+# Set maximum BIP141 block weight (default: 4000000)
+#blockmaxweight=<n>
+
+# Set lowest fee rate (in BTC/kvB) for transactions to be included in
+# block creation. (default: 0.00000001)
+#blockmintxfee=<amt>
+
+# Reserve space for the fixed-size block header plus the largest coinbase
+# transaction the mining software may add to the block. (default:
+# 8000).
+#blockreservedweight=<n>
+
+
+### RPC server options
+
+
+# Accept public REST requests (default: 0)
+#rest=1
+
+# Allow JSON-RPC connections from specified source. Valid values for <ip>
+# are a single IP (e.g. 1.2.3.4), a network/netmask (e.g.
+# 1.2.3.4/255.255.255.0), a network/CIDR (e.g. 1.2.3.4/24), all
+# ipv4 (0.0.0.0/0), or all ipv6 (::/0). This option can be
+# specified multiple times
+#rpcallowip=<ip>
+
+# Username and HMAC-SHA-256 hashed password for JSON-RPC connections. The
+# field <userpw> comes in the format: <USERNAME>:<SALT>$<HASH>. A
+# canonical python script is included in share/rpcauth. The client
+# then connects normally using the
+# rpcuser=<USERNAME>/rpcpassword=<PASSWORD> pair of arguments. This
+# option can be specified multiple times
+#rpcauth=<userpw>
+
+# Bind to given address to listen for JSON-RPC connections. Do not expose
+# the RPC server to untrusted networks such as the public internet!
+# This option is ignored unless -rpcallowip is also passed. Port is
+# optional and overrides -rpcport. Use [host]:port notation for
+# IPv6. This option can be specified multiple times (default:
+# 127.0.0.1 and ::1 i.e., localhost)
+#rpcbind=<addr>[:port]
+
+# Location of the auth cookie. Relative paths will be prefixed by a
+# net-specific datadir location. (default: data dir)
+#rpccookiefile=<loc>
+
+# Set permissions on the RPC auth cookie file so that it is readable by
+# [owner|group|all] (default: owner [via umask 0077])
+#rpccookieperms=<readable-by>
+
+# Password for JSON-RPC connections
+#rpcpassword=<pw>
+
+# Listen for JSON-RPC connections on <port> (default: 8332, testnet3:
+# 18332, testnet4: 48332, signet: 38332, regtest: 18443)
+#rpcport=<port>
+
+# Set the number of threads to service RPC calls (default: 16)
+#rpcthreads=<n>
+
+# Username for JSON-RPC connections
+#rpcuser=<user>
+
+# Set a whitelist to filter incoming RPC calls for a specific user. The
+# field <whitelist> comes in the format: <USERNAME>:<rpc 1>,<rpc
+# 2>,...,<rpc n>. If multiple whitelists are set for a given user,
+# they are set-intersected. See -rpcwhitelistdefault documentation
+# for information on default whitelist behavior.
+#rpcwhitelist=<whitelist>
+
+# Sets default behavior for rpc whitelisting. Unless rpcwhitelistdefault
+# is set to 0, if any -rpcwhitelist is set, the rpc server acts as
+# if all rpc users are subject to empty-unless-otherwise-specified
+# whitelists. If rpcwhitelistdefault is set to 1 and no
+# -rpcwhitelist is set, rpc server acts as if all rpc users are
+# subject to empty whitelists.
+#rpcwhitelistdefault=1
+
+# Accept command line and JSON-RPC commands
+#server=1
+
+
+# [Sections]
+# Most options will apply to all networks. To confine an option to a specific
+# network, add it under the relevant section below.
+#
+# Note: If not specified under a network section, the options addnode, connect,
+# port, bind, rpcport, rpcbind, and wallet will only apply to mainnet.
+
+# Options for mainnet
+[main]
+
+# Options for testnet3
+[test]
+
+# Options for testnet4
+[testnet4]
+
+# Options for signet
+[signet]
+
+# Options for regtest
+[regtest]

src/bitcoin-cli-res.rc

@@ -14,7 +14,7 @@ BEGIN
     BEGIN
         BLOCK "040904E4" // U.S. English - multilingual (hex)
         BEGIN
-            VALUE "CompanyName",        "Bitcoin"
+            VALUE "CompanyName",        CLIENT_NAME " project"
             VALUE "FileDescription",    "bitcoin-cli (JSON-RPC client for " CLIENT_NAME ")"
             VALUE "FileVersion",        CLIENT_VERSION_STRING
             VALUE "InternalName",       "bitcoin-cli"

src/bitcoin-tx-res.rc

@@ -14,7 +14,7 @@ BEGIN
     BEGIN
         BLOCK "040904E4" // U.S. English - multilingual (hex)
         BEGIN
-            VALUE "CompanyName",        "Bitcoin"
+            VALUE "CompanyName",        CLIENT_NAME " project"
             VALUE "FileDescription",    "bitcoin-tx (CLI Bitcoin transaction editor utility)"
             VALUE "FileVersion",        CLIENT_VERSION_STRING
             VALUE "InternalName",       "bitcoin-tx"

src/bitcoin-util-res.rc

@@ -14,7 +14,7 @@ BEGIN
     BEGIN
         BLOCK "040904E4" // U.S. English - multilingual (hex)
         BEGIN
-            VALUE "CompanyName",        "Bitcoin"
+            VALUE "CompanyName",        CLIENT_NAME " project"
             VALUE "FileDescription",    "bitcoin-util (CLI Bitcoin utility)"
             VALUE "FileVersion",        CLIENT_VERSION_STRING
             VALUE "InternalName",       "bitcoin-util"

src/bitcoin-wallet-res.rc

@@ -14,7 +14,7 @@ BEGIN
     BEGIN
         BLOCK "040904E4" // U.S. English - multilingual (hex)
         BEGIN
-            VALUE "CompanyName",        "Bitcoin"
+            VALUE "CompanyName",        CLIENT_NAME " project"
             VALUE "FileDescription",    "bitcoin-wallet (CLI tool for " CLIENT_NAME " wallets)"
             VALUE "FileVersion",        CLIENT_VERSION_STRING
             VALUE "InternalName",       "bitcoin-wallet"

src/bitcoind-res.rc

@@ -14,7 +14,7 @@ BEGIN
     BEGIN
         BLOCK "040904E4" // U.S. English - multilingual (hex)
         BEGIN
-            VALUE "CompanyName",        "Bitcoin"
+            VALUE "CompanyName",        CLIENT_NAME " project"
             VALUE "FileDescription",    "bitcoind (Bitcoin node with a JSON-RPC server)"
             VALUE "FileVersion",        CLIENT_VERSION_STRING
             VALUE "InternalName",       "bitcoind"

src/blockencodings.cpp

@@ -180,7 +180,7 @@ bool PartiallyDownloadedBlock::IsTxAvailable(size_t index) const
     return txn_available[index] != nullptr;
 }
 
-ReadStatus PartiallyDownloadedBlock::FillBlock(CBlock& block, const std::vector<CTransactionRef>& vtx_missing)
+ReadStatus PartiallyDownloadedBlock::FillBlock(CBlock& block, const std::vector<CTransactionRef>& vtx_missing, bool segwit_active)
 {
     if (header.IsNull()) return READ_STATUS_INVALID;
 
@@ -205,16 +205,11 @@ ReadStatus PartiallyDownloadedBlock::FillBlock(CBlock& block, const std::vector<
     if (vtx_missing.size() != tx_missing_offset)
         return READ_STATUS_INVALID;
 
-    BlockValidationState state;
-    CheckBlockFn check_block = m_check_block_mock ? m_check_block_mock : CheckBlock;
-    if (!check_block(block, state, Params().GetConsensus(), /*fCheckPoW=*/true, /*fCheckMerkleRoot=*/true)) {
-        // TODO: We really want to just check merkle tree manually here,
-        // but that is expensive, and CheckBlock caches a block's
-        // "checked-status" (in the CBlock?). CBlock should be able to
-        // check its own merkle root and cache that check.
-        if (state.GetResult() == BlockValidationResult::BLOCK_MUTATED)
-            return READ_STATUS_FAILED; // Possible Short ID collision
-        return READ_STATUS_CHECKBLOCK_FAILED;
+    // Check for possible mutations early now that we have a seemingly good block
+    IsBlockMutatedFn check_mutated{m_check_block_mutated_mock ? m_check_block_mutated_mock : IsBlockMutated};
+    if (check_mutated(/*block=*/block,
+                       /*check_witness_root=*/segwit_active)) {
+        return READ_STATUS_FAILED; // Possible Short ID collision
     }
 
     LogDebug(BCLog::CMPCTBLOCK, "Successfully reconstructed block %s with %lu txn prefilled, %lu txn from mempool (incl at least %lu from extra pool) and %lu txn requested\n", hash.ToString(), prefilled_count, mempool_count, extra_count, vtx_missing.size());

src/blockencodings.h

@@ -84,8 +84,6 @@ typedef enum ReadStatus_t
     READ_STATUS_OK,
     READ_STATUS_INVALID, // Invalid object, peer is sending bogus crap
     READ_STATUS_FAILED, // Failed to process object
-    READ_STATUS_CHECKBLOCK_FAILED, // Used only by FillBlock to indicate a
-                                   // failure in CheckBlock.
 } ReadStatus;
 
 class CBlockHeaderAndShortTxIDs {
@@ -141,15 +139,16 @@ public:
     CBlockHeader header;
 
     // Can be overridden for testing
-    using CheckBlockFn = std::function<bool(const CBlock&, BlockValidationState&, const Consensus::Params&, bool, bool)>;
-    CheckBlockFn m_check_block_mock{nullptr};
+    using IsBlockMutatedFn = std::function<bool(const CBlock&, bool)>;
+    IsBlockMutatedFn m_check_block_mutated_mock{nullptr};
 
     explicit PartiallyDownloadedBlock(CTxMemPool* poolIn) : pool(poolIn) {}
 
     // extra_txn is a list of extra orphan/conflicted/etc transactions to look at
     ReadStatus InitData(const CBlockHeaderAndShortTxIDs& cmpctblock, const std::vector<CTransactionRef>& extra_txn);
     bool IsTxAvailable(size_t index) const;
-    ReadStatus FillBlock(CBlock& block, const std::vector<CTransactionRef>& vtx_missing);
+    // segwit_active enforces witness mutation checks just before reporting a healthy status
+    ReadStatus FillBlock(CBlock& block, const std::vector<CTransactionRef>& vtx_missing, bool segwit_active);
 };
 
 #endif // BITCOIN_BLOCKENCODINGS_H

src/crypto/CMakeLists.txt

@@ -47,7 +47,7 @@ if(HAVE_SSE41 AND HAVE_X86_SHANI)
   target_compile_definitions(bitcoin_crypto PRIVATE ENABLE_SSE41 ENABLE_X86_SHANI)
   target_sources(bitcoin_crypto PRIVATE sha256_x86_shani.cpp)
   set_property(SOURCE sha256_x86_shani.cpp PROPERTY
-    COMPILE_OPTIONS ${X86_SHANI_CXXFLAGS}
+    COMPILE_OPTIONS ${SSE41_CXXFLAGS} ${X86_SHANI_CXXFLAGS}
   )
 endif()
 

src/crypto/sha256.cpp

@@ -627,7 +627,7 @@ std::string SHA256AutoDetect(sha256_implementation::UseImplementation use_implem
         Transform = sha256_x86_shani::Transform;
         TransformD64 = TransformD64Wrapper<sha256_x86_shani::Transform>;
         TransformD64_2way = sha256d64_x86_shani::Transform_2way;
-        ret = "x86_shani(1way,2way)";
+        ret = "x86_shani(1way;2way)";
         have_sse4 = false; // Disable SSE4/AVX2;
         have_avx2 = false;
     }
@@ -641,14 +641,14 @@ std::string SHA256AutoDetect(sha256_implementation::UseImplementation use_implem
 #endif
 #if defined(ENABLE_SSE41)
         TransformD64_4way = sha256d64_sse41::Transform_4way;
-        ret += ",sse41(4way)";
+        ret += ";sse41(4way)";
 #endif
     }
 
 #if defined(ENABLE_AVX2)
     if (have_avx2 && have_avx && enabled_avx) {
         TransformD64_8way = sha256d64_avx2::Transform_8way;
-        ret += ",avx2(8way)";
+        ret += ";avx2(8way)";
     }
 #endif
 #endif // defined(HAVE_GETCPUID)
@@ -682,7 +682,7 @@ std::string SHA256AutoDetect(sha256_implementation::UseImplementation use_implem
         Transform = sha256_arm_shani::Transform;
         TransformD64 = TransformD64Wrapper<sha256_arm_shani::Transform>;
         TransformD64_2way = sha256d64_arm_shani::Transform_2way;
-        ret = "arm_shani(1way,2way)";
+        ret = "arm_shani(1way;2way)";
     }
 #endif
 #endif // DISABLE_OPTIMIZED_SHA256

src/crypto/sha256_sse4.cpp

@@ -13,13 +13,17 @@
 namespace sha256_sse4
 {
 void Transform(uint32_t* s, const unsigned char* chunk, size_t blocks)
-#if defined(__clang__) && !defined(__OPTIMIZE__)
+#if defined(__clang__)
   /*
   clang is unable to compile this with -O0 and -fsanitize=address.
-  See upstream bug: https://github.com/llvm/llvm-project/issues/92182
+  See upstream bug: https://github.com/llvm/llvm-project/issues/92182.
+  This also fails to compile with -O2, -fcf-protection & -fsanitize=address.
+  See https://github.com/bitcoin/bitcoin/issues/31913.
   */
+#if __has_feature(address_sanitizer)
   __attribute__((no_sanitize("address")))
 #endif
+#endif
 {
     static const uint32_t K256 alignas(16) [] = {
         0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,

src/index/base.cpp

@@ -253,18 +253,13 @@ bool BaseIndex::Rewind(const CBlockIndex* current_tip, const CBlockIndex* new_ti
         return false;
     }
 
-    // In the case of a reorg, ensure persisted block locator is not stale.
+    // Don't commit here - the committed index state must never be ahead of the
+    // flushed chainstate, otherwise unclean restarts would lead to index corruption.
     // Pruning has a minimum of 288 blocks-to-keep and getting the index
     // out of sync may be possible but a users fault.
     // In case we reorg beyond the pruned depth, ReadBlock would
     // throw and lead to a graceful shutdown
     SetBestBlockIndex(new_tip);
-    if (!Commit()) {
-        // If commit fails, revert the best block index to avoid corruption.
-        SetBestBlockIndex(current_tip);
-        return false;
-    }
-
     return true;
 }
 

src/init.cpp

@@ -1384,6 +1384,15 @@ bool AppInitMain(NodeContext& node, interfaces::BlockAndHeaderTipInfo* tip_info)
         }
     }, std::chrono::minutes{5});
 
+    if (args.GetBoolArg("-logratelimit", BCLog::DEFAULT_LOGRATELIMIT)) {
+        LogInstance().SetRateLimiting(BCLog::LogRateLimiter::Create(
+            [&scheduler](auto func, auto window) { scheduler.scheduleEvery(std::move(func), window); },
+            BCLog::RATELIMIT_MAX_BYTES,
+            BCLog::RATELIMIT_WINDOW));
+    } else {
+        LogInfo("Log rate limiting disabled");
+    }
+
     assert(!node.validation_signals);
     node.validation_signals = std::make_unique<ValidationSignals>(std::make_unique<SerialTaskRunner>(scheduler));
     auto& validation_signals = *node.validation_signals;

src/init/common.cpp

@@ -38,6 +38,7 @@ void AddLoggingArgs(ArgsManager& argsman)
     argsman.AddArg("-logsourcelocations", strprintf("Prepend debug output with name of the originating source location (source file, line number and function name) (default: %u)", DEFAULT_LOGSOURCELOCATIONS), ArgsManager::ALLOW_ANY, OptionsCategory::DEBUG_TEST);
     argsman.AddArg("-logtimemicros", strprintf("Add microsecond precision to debug timestamps (default: %u)", DEFAULT_LOGTIMEMICROS), ArgsManager::ALLOW_ANY | ArgsManager::DEBUG_ONLY, OptionsCategory::DEBUG_TEST);
     argsman.AddArg("-loglevelalways", strprintf("Always prepend a category and level (default: %u)", DEFAULT_LOGLEVELALWAYS), ArgsManager::ALLOW_ANY, OptionsCategory::DEBUG_TEST);
+    argsman.AddArg("-logratelimit", strprintf("Apply rate limiting to unconditional logging to mitigate disk-filling attacks (default: %u)", BCLog::DEFAULT_LOGRATELIMIT), ArgsManager::ALLOW_ANY | ArgsManager::DEBUG_ONLY, OptionsCategory::DEBUG_TEST);
     argsman.AddArg("-printtoconsole", "Send trace/debug info to console (default: 1 when no -daemon. To disable logging to file, set -nodebuglogfile)", ArgsManager::ALLOW_ANY, OptionsCategory::DEBUG_TEST);
     argsman.AddArg("-shrinkdebugfile", "Shrink debug.log file on client startup (default: 1 when no -debug)", ArgsManager::ALLOW_ANY, OptionsCategory::DEBUG_TEST);
 }

src/kernel/chainparams.cpp

@@ -146,7 +146,6 @@ public:
         // release ASAP to avoid it where possible.
         vSeeds.emplace_back("seed.bitcoin.sipa.be."); // Pieter Wuille, only supports x1, x5, x9, and xd
         vSeeds.emplace_back("dnsseed.bluematt.me."); // Matt Corallo, only supports x9
-        vSeeds.emplace_back("dnsseed.bitcoin.dashjr-list-of-p2p-nodes.us."); // Luke Dashjr
         vSeeds.emplace_back("seed.bitcoin.jonasschnelli.ch."); // Jonas Schnelli, only supports x1, x5, x9, and xd
         vSeeds.emplace_back("seed.btc.petertodd.net."); // Peter Todd, only supports x1, x5, x9, and xd
         vSeeds.emplace_back("seed.bitcoin.sprovoost.nl."); // Sjors Provoost

src/logging.cpp

@@ -12,8 +12,10 @@
 #include <util/time.h>
 
 #include <array>
+#include <cstring>
 #include <map>
 #include <optional>
+#include <utility>
 
 using util::Join;
 using util::RemovePrefixView;
@@ -73,12 +75,12 @@ bool BCLog::Logger::StartLogging()
     // dump buffered messages from before we opened the log
     m_buffering = false;
     if (m_buffer_lines_discarded > 0) {
-        LogPrintStr_(strprintf("Early logging buffer overflowed, %d log lines discarded.\n", m_buffer_lines_discarded), __func__, __FILE__, __LINE__, BCLog::ALL, Level::Info);
+        LogPrintStr_(strprintf("Early logging buffer overflowed, %d log lines discarded.\n", m_buffer_lines_discarded), std::source_location::current(), BCLog::ALL, Level::Info, /*should_ratelimit=*/false);
     }
     while (!m_msgs_before_open.empty()) {
         const auto& buflog = m_msgs_before_open.front();
         std::string s{buflog.str};
-        FormatLogStrInPlace(s, buflog.category, buflog.level, buflog.source_file, buflog.source_line, buflog.logging_function, buflog.threadname, buflog.now, buflog.mocktime);
+        FormatLogStrInPlace(s, buflog.category, buflog.level, buflog.source_loc, buflog.threadname, buflog.now, buflog.mocktime);
         m_msgs_before_open.pop_front();
 
         if (m_print_to_file) FileWriteStr(s, m_fileout);
@@ -364,17 +366,50 @@ std::string BCLog::Logger::GetLogPrefix(BCLog::LogFlags category, BCLog::Level l
 
 static size_t MemUsage(const BCLog::Logger::BufferedLog& buflog)
 {
-    return buflog.str.size() + buflog.logging_function.size() + buflog.source_file.size() + buflog.threadname.size() + memusage::MallocUsage(sizeof(memusage::list_node<BCLog::Logger::BufferedLog>));
+    return memusage::DynamicUsage(buflog.str) +
+           memusage::DynamicUsage(buflog.threadname) +
+           memusage::MallocUsage(sizeof(memusage::list_node<BCLog::Logger::BufferedLog>));
 }
 
-void BCLog::Logger::FormatLogStrInPlace(std::string& str, BCLog::LogFlags category, BCLog::Level level, std::string_view source_file, int source_line, std::string_view logging_function, std::string_view threadname, SystemClock::time_point now, std::chrono::seconds mocktime) const
+BCLog::LogRateLimiter::LogRateLimiter(uint64_t max_bytes, std::chrono::seconds reset_window)
+    : m_max_bytes{max_bytes}, m_reset_window{reset_window} {}
+
+std::shared_ptr<BCLog::LogRateLimiter> BCLog::LogRateLimiter::Create(
+    SchedulerFunction&& scheduler_func, uint64_t max_bytes, std::chrono::seconds reset_window)
+{
+    auto limiter{std::shared_ptr<LogRateLimiter>(new LogRateLimiter(max_bytes, reset_window))};
+    std::weak_ptr<LogRateLimiter> weak_limiter{limiter};
+    auto reset = [weak_limiter] {
+        if (auto shared_limiter{weak_limiter.lock()}) shared_limiter->Reset();
+    };
+    scheduler_func(reset, limiter->m_reset_window);
+    return limiter;
+}
+
+BCLog::LogRateLimiter::Status BCLog::LogRateLimiter::Consume(
+    const std::source_location& source_loc,
+    const std::string& str)
+{
+    StdLockGuard scoped_lock(m_mutex);
+    auto& stats{m_source_locations.try_emplace(source_loc, m_max_bytes).first->second};
+    Status status{stats.m_dropped_bytes > 0 ? Status::STILL_SUPPRESSED : Status::UNSUPPRESSED};
+
+    if (!stats.Consume(str.size()) && status == Status::UNSUPPRESSED) {
+        status = Status::NEWLY_SUPPRESSED;
+        m_suppression_active = true;
+    }
+
+    return status;
+}
+
+void BCLog::Logger::FormatLogStrInPlace(std::string& str, BCLog::LogFlags category, BCLog::Level level, const std::source_location& source_loc, std::string_view threadname, SystemClock::time_point now, std::chrono::seconds mocktime) const
 {
     if (!str.ends_with('\n')) str.push_back('\n');
 
     str.insert(0, GetLogPrefix(category, level));
 
     if (m_log_sourcelocations) {
-        str.insert(0, strprintf("[%s:%d] [%s] ", RemovePrefixView(source_file, "./"), source_line, logging_function));
+        str.insert(0, strprintf("[%s:%d] [%s] ", RemovePrefixView(source_loc.file_name(), "./"), source_loc.line(), source_loc.function_name()));
     }
 
     if (m_log_threadnames) {
@@ -384,28 +419,27 @@ void BCLog::Logger::FormatLogStrInPlace(std::string& str, BCLog::LogFlags catego
     str.insert(0, LogTimestampStr(now, mocktime));
 }
 
-void BCLog::Logger::LogPrintStr(std::string_view str, std::string_view logging_function, std::string_view source_file, int source_line, BCLog::LogFlags category, BCLog::Level level)
+void BCLog::Logger::LogPrintStr(std::string_view str, std::source_location&& source_loc, BCLog::LogFlags category, BCLog::Level level, bool should_ratelimit)
 {
     StdLockGuard scoped_lock(m_cs);
-    return LogPrintStr_(str, logging_function, source_file, source_line, category, level);
+    return LogPrintStr_(str, std::move(source_loc), category, level, should_ratelimit);
 }
 
-void BCLog::Logger::LogPrintStr_(std::string_view str, std::string_view logging_function, std::string_view source_file, int source_line, BCLog::LogFlags category, BCLog::Level level)
+// NOLINTNEXTLINE(misc-no-recursion)
+void BCLog::Logger::LogPrintStr_(std::string_view str, std::source_location&& source_loc, BCLog::LogFlags category, BCLog::Level level, bool should_ratelimit)
 {
     std::string str_prefixed = LogEscapeMessage(str);
 
     if (m_buffering) {
         {
             BufferedLog buf{
-                .now=SystemClock::now(),
-                .mocktime=GetMockTime(),
-                .str=str_prefixed,
-                .logging_function=std::string(logging_function),
-                .source_file=std::string(source_file),
-                .threadname=util::ThreadGetInternalName(),
-                .source_line=source_line,
-                .category=category,
-                .level=level,
+                .now = SystemClock::now(),
+                .mocktime = GetMockTime(),
+                .str = str_prefixed,
+                .threadname = util::ThreadGetInternalName(),
+                .source_loc = std::move(source_loc),
+                .category = category,
+                .level = level,
             };
             m_cur_buffer_memusage += MemUsage(buf);
             m_msgs_before_open.push_back(std::move(buf));
@@ -424,7 +458,31 @@ void BCLog::Logger::LogPrintStr_(std::string_view str, std::string_view logging_
         return;
     }
 
-    FormatLogStrInPlace(str_prefixed, category, level, source_file, source_line, logging_function, util::ThreadGetInternalName(), SystemClock::now(), GetMockTime());
+    FormatLogStrInPlace(str_prefixed, category, level, source_loc, util::ThreadGetInternalName(), SystemClock::now(), GetMockTime());
+    bool ratelimit{false};
+    if (should_ratelimit && m_limiter) {
+        auto status{m_limiter->Consume(source_loc, str_prefixed)};
+        if (status == LogRateLimiter::Status::NEWLY_SUPPRESSED) {
+            // NOLINTNEXTLINE(misc-no-recursion)
+            LogPrintStr_(strprintf(
+                             "Excessive logging detected from %s:%d (%s): >%d bytes logged during "
+                             "the last time window of %is. Suppressing logging to disk from this "
+                             "source location until time window resets. Console logging "
+                             "unaffected. Last log entry.",
+                             source_loc.file_name(), source_loc.line(), source_loc.function_name(),
+                             m_limiter->m_max_bytes,
+                             Ticks<std::chrono::seconds>(m_limiter->m_reset_window)),
+                         std::source_location::current(), LogFlags::ALL, Level::Warning, /*should_ratelimit=*/false); // with should_ratelimit=false, this cannot lead to infinite recursion
+        } else if (status == LogRateLimiter::Status::STILL_SUPPRESSED) {
+            ratelimit = true;
+        }
+    }
+
+    // To avoid confusion caused by dropped log messages when debugging an issue,
+    // we prefix log lines with "[*]" when there are any suppressed source locations.
+    if (m_limiter && m_limiter->SuppressionsActive()) {
+        str_prefixed.insert(0, "[*] ");
+    }
 
     if (m_print_to_console) {
         // print to console
@@ -434,7 +492,7 @@ void BCLog::Logger::LogPrintStr_(std::string_view str, std::string_view logging_
     for (const auto& cb : m_print_callbacks) {
         cb(str_prefixed);
     }
-    if (m_print_to_file) {
+    if (m_print_to_file && !ratelimit) {
         assert(m_fileout != nullptr);
 
         // reopen the log file, if requested
@@ -492,6 +550,36 @@ void BCLog::Logger::ShrinkDebugFile()
         fclose(file);
 }
 
+void BCLog::LogRateLimiter::Reset()
+{
+    decltype(m_source_locations) source_locations;
+    {
+        StdLockGuard scoped_lock(m_mutex);
+        source_locations.swap(m_source_locations);
+        m_suppression_active = false;
+    }
+    for (const auto& [source_loc, stats] : source_locations) {
+        if (stats.m_dropped_bytes == 0) continue;
+        LogPrintLevel_(
+            LogFlags::ALL, Level::Warning, /*should_ratelimit=*/false,
+            "Restarting logging from %s:%d (%s): %d bytes were dropped during the last %ss.",
+            source_loc.file_name(), source_loc.line(), source_loc.function_name(),
+            stats.m_dropped_bytes, Ticks<std::chrono::seconds>(m_reset_window));
+    }
+}
+
+bool BCLog::LogRateLimiter::Stats::Consume(uint64_t bytes)
+{
+    if (bytes > m_available_bytes) {
+        m_dropped_bytes += bytes;
+        m_available_bytes = 0;
+        return false;
+    }
+
+    m_available_bytes -= bytes;
+    return true;
+}
+
 bool BCLog::Logger::SetLogLevel(std::string_view level_str)
 {
     const auto level = GetLogLevel(level_str);

src/logging.h

@@ -6,6 +6,7 @@
 #ifndef BITCOIN_LOGGING_H
 #define BITCOIN_LOGGING_H
 
+#include <crypto/siphash.h>
 #include <threadsafety.h>
 #include <tinyformat.h>
 #include <util/fs.h>
@@ -14,11 +15,15 @@
 
 #include <atomic>
 #include <cstdint>
+#include <cstring>
 #include <functional>
 #include <list>
+#include <memory>
 #include <mutex>
+#include <source_location>
 #include <string>
 #include <unordered_map>
+#include <unordered_set>
 #include <vector>
 
 static const bool DEFAULT_LOGTIMEMICROS = false;
@@ -31,6 +36,24 @@ extern const char * const DEFAULT_DEBUGLOGFILE;
 
 extern bool fLogIPs;
 
+struct SourceLocationEqual {
+    bool operator()(const std::source_location& lhs, const std::source_location& rhs) const noexcept
+    {
+        return lhs.line() == rhs.line() && std::string_view(lhs.file_name()) == std::string_view(rhs.file_name());
+    }
+};
+
+struct SourceLocationHasher {
+    size_t operator()(const std::source_location& s) const noexcept
+    {
+        // Use CSipHasher(0, 0) as a simple way to get uniform distribution.
+        return size_t(CSipHasher(0, 0)
+                      .Write(s.line())
+                      .Write(MakeUCharSpan(std::string_view{s.file_name()}))
+                      .Finalize());
+    }
+};
+
 struct LogCategory {
     std::string category;
     bool active;
@@ -82,6 +105,69 @@ namespace BCLog {
     };
     constexpr auto DEFAULT_LOG_LEVEL{Level::Debug};
     constexpr size_t DEFAULT_MAX_LOG_BUFFER{1'000'000}; // buffer up to 1MB of log data prior to StartLogging
+    constexpr uint64_t RATELIMIT_MAX_BYTES{1024 * 1024}; // maximum number of bytes per source location that can be logged within the RATELIMIT_WINDOW
+    constexpr auto RATELIMIT_WINDOW{1h}; // time window after which log ratelimit stats are reset
+    constexpr bool DEFAULT_LOGRATELIMIT{true};
+
+    //! Fixed window rate limiter for logging.
+    class LogRateLimiter
+    {
+    public:
+        //! Keeps track of an individual source location and how many available bytes are left for logging from it.
+        struct Stats {
+            //! Remaining bytes
+            uint64_t m_available_bytes;
+            //! Number of bytes that were consumed but didn't fit in the available bytes.
+            uint64_t m_dropped_bytes{0};
+
+            Stats(uint64_t max_bytes) : m_available_bytes{max_bytes} {}
+            //! Updates internal accounting and returns true if enough available_bytes were remaining
+            bool Consume(uint64_t bytes);
+        };
+
+    private:
+        mutable StdMutex m_mutex;
+
+        //! Stats for each source location that has attempted to log something.
+        std::unordered_map<std::source_location, Stats, SourceLocationHasher, SourceLocationEqual> m_source_locations GUARDED_BY(m_mutex);
+        //! Whether any log locations are suppressed. Cached view on m_source_locations for performance reasons.
+        std::atomic<bool> m_suppression_active{false};
+        LogRateLimiter(uint64_t max_bytes, std::chrono::seconds reset_window);
+
+    public:
+        using SchedulerFunction = std::function<void(std::function<void()>, std::chrono::milliseconds)>;
+        /**
+         * @param scheduler_func    Callable object used to schedule resetting the window. The first
+         *                          parameter is the function to be executed, and the second is the
+         *                          reset_window interval.
+         * @param max_bytes         Maximum number of bytes that can be logged for each source
+         *                          location.
+         * @param reset_window      Time window after which the stats are reset.
+         */
+        static std::shared_ptr<LogRateLimiter> Create(
+            SchedulerFunction&& scheduler_func,
+            uint64_t max_bytes,
+            std::chrono::seconds reset_window);
+        //! Maximum number of bytes logged per location per window.
+        const uint64_t m_max_bytes;
+        //! Interval after which the window is reset.
+        const std::chrono::seconds m_reset_window;
+        //! Suppression status of a source log location.
+        enum class Status {
+            UNSUPPRESSED,     // string fits within the limit
+            NEWLY_SUPPRESSED, // suppression has started since this string
+            STILL_SUPPRESSED, // suppression is still ongoing
+        };
+        //! Consumes `source_loc`'s available bytes corresponding to the size of the (formatted)
+        //! `str` and returns its status.
+        [[nodiscard]] Status Consume(
+            const std::source_location& source_loc,
+            const std::string& str) EXCLUSIVE_LOCKS_REQUIRED(!m_mutex);
+        //! Resets all usage to zero. Called periodically by the scheduler.
+        void Reset() EXCLUSIVE_LOCKS_REQUIRED(!m_mutex);
+        //! Returns true if any log locations are currently being suppressed.
+        bool SuppressionsActive() const { return m_suppression_active; }
+    };
 
     class Logger
     {
@@ -89,8 +175,8 @@ namespace BCLog {
         struct BufferedLog {
             SystemClock::time_point now;
             std::chrono::seconds mocktime;
-            std::string str, logging_function, source_file, threadname;
-            int source_line;
+            std::string str, threadname;
+            std::source_location source_loc;
             LogFlags category;
             Level level;
         };
@@ -105,6 +191,9 @@ namespace BCLog {
         size_t m_cur_buffer_memusage GUARDED_BY(m_cs){0};
         size_t m_buffer_lines_discarded GUARDED_BY(m_cs){0};
 
+        //! Manages the rate limiting of each log location.
+        std::shared_ptr<LogRateLimiter> m_limiter GUARDED_BY(m_cs);
+
         //! Category-specific log level. Overrides `m_log_level`.
         std::unordered_map<LogFlags, Level> m_category_log_levels GUARDED_BY(m_cs);
 
@@ -115,7 +204,7 @@ namespace BCLog {
         /** Log categories bitfield. */
         std::atomic<CategoryMask> m_categories{BCLog::NONE};
 
-        void FormatLogStrInPlace(std::string& str, LogFlags category, Level level, std::string_view source_file, int source_line, std::string_view logging_function, std::string_view threadname, SystemClock::time_point now, std::chrono::seconds mocktime) const;
+        void FormatLogStrInPlace(std::string& str, LogFlags category, Level level, const std::source_location& source_loc, std::string_view threadname, SystemClock::time_point now, std::chrono::seconds mocktime) const;
 
         std::string LogTimestampStr(SystemClock::time_point now, std::chrono::seconds mocktime) const;
 
@@ -123,7 +212,7 @@ namespace BCLog {
         std::list<std::function<void(const std::string&)>> m_print_callbacks GUARDED_BY(m_cs) {};
 
         /** Send a string to the log output (internal) */
-        void LogPrintStr_(std::string_view str, std::string_view logging_function, std::string_view source_file, int source_line, BCLog::LogFlags category, BCLog::Level level)
+        void LogPrintStr_(std::string_view str, std::source_location&& source_loc, BCLog::LogFlags category, BCLog::Level level, bool should_ratelimit)
             EXCLUSIVE_LOCKS_REQUIRED(m_cs);
 
         std::string GetLogPrefix(LogFlags category, Level level) const;
@@ -142,7 +231,7 @@ namespace BCLog {
         std::atomic<bool> m_reopen_file{false};
 
         /** Send a string to the log output */
-        void LogPrintStr(std::string_view str, std::string_view logging_function, std::string_view source_file, int source_line, BCLog::LogFlags category, BCLog::Level level)
+        void LogPrintStr(std::string_view str, std::source_location&& source_loc, BCLog::LogFlags category, BCLog::Level level, bool should_ratelimit)
             EXCLUSIVE_LOCKS_REQUIRED(!m_cs);
 
         /** Returns whether logs will be written to any output */
@@ -172,6 +261,12 @@ namespace BCLog {
         /** Only for testing */
         void DisconnectTestLogger() EXCLUSIVE_LOCKS_REQUIRED(!m_cs);
 
+        void SetRateLimiting(std::shared_ptr<LogRateLimiter> limiter) EXCLUSIVE_LOCKS_REQUIRED(!m_cs)
+        {
+            StdLockGuard scoped_lock(m_cs);
+            m_limiter = std::move(limiter);
+        }
+
         /** Disable logging
          * This offers a slight speedup and slightly smaller memory usage
          * compared to leaving the logging system in its default state.
@@ -239,7 +334,7 @@ static inline bool LogAcceptCategory(BCLog::LogFlags category, BCLog::Level leve
 bool GetLogCategory(BCLog::LogFlags& flag, std::string_view str);
 
 template <typename... Args>
-inline void LogPrintFormatInternal(std::string_view logging_function, std::string_view source_file, const int source_line, const BCLog::LogFlags flag, const BCLog::Level level, util::ConstevalFormatString<sizeof...(Args)> fmt, const Args&... args)
+inline void LogPrintFormatInternal(std::source_location&& source_loc, BCLog::LogFlags flag, BCLog::Level level, bool should_ratelimit, util::ConstevalFormatString<sizeof...(Args)> fmt, const Args&... args)
 {
     if (LogInstance().Enabled()) {
         std::string log_msg;
@@ -248,19 +343,19 @@ inline void LogPrintFormatInternal(std::string_view logging_function, std::strin
         } catch (tinyformat::format_error& fmterr) {
             log_msg = "Error \"" + std::string{fmterr.what()} + "\" while formatting log message: " + fmt.fmt;
         }
-        LogInstance().LogPrintStr(log_msg, logging_function, source_file, source_line, flag, level);
+        LogInstance().LogPrintStr(log_msg, std::move(source_loc), flag, level, should_ratelimit);
     }
 }
 
-#define LogPrintLevel_(category, level, ...) LogPrintFormatInternal(__func__, __FILE__, __LINE__, category, level, __VA_ARGS__)
+#define LogPrintLevel_(category, level, should_ratelimit, ...) LogPrintFormatInternal(std::source_location::current(), category, level, should_ratelimit, __VA_ARGS__)
 
-// Log unconditionally.
+// Log unconditionally. Uses basic rate limiting to mitigate disk filling attacks.
 // Be conservative when using functions that unconditionally log to debug.log!
 // It should not be the case that an inbound peer can fill up a user's storage
 // with debug.log entries.
-#define LogInfo(...) LogPrintLevel_(BCLog::LogFlags::ALL, BCLog::Level::Info, __VA_ARGS__)
-#define LogWarning(...) LogPrintLevel_(BCLog::LogFlags::ALL, BCLog::Level::Warning, __VA_ARGS__)
-#define LogError(...) LogPrintLevel_(BCLog::LogFlags::ALL, BCLog::Level::Error, __VA_ARGS__)
+#define LogInfo(...) LogPrintLevel_(BCLog::LogFlags::ALL, BCLog::Level::Info, /*should_ratelimit=*/true, __VA_ARGS__)
+#define LogWarning(...) LogPrintLevel_(BCLog::LogFlags::ALL, BCLog::Level::Warning, /*should_ratelimit=*/true, __VA_ARGS__)
+#define LogError(...) LogPrintLevel_(BCLog::LogFlags::ALL, BCLog::Level::Error, /*should_ratelimit=*/true, __VA_ARGS__)
 
 // Deprecated unconditional logging.
 #define LogPrintf(...) LogInfo(__VA_ARGS__)
@@ -268,12 +363,18 @@ inline void LogPrintFormatInternal(std::string_view logging_function, std::strin
 // Use a macro instead of a function for conditional logging to prevent
 // evaluating arguments when logging for the category is not enabled.
 
-// Log conditionally, prefixing the output with the passed category name and severity level.
-#define LogPrintLevel(category, level, ...)               \
-    do {                                                  \
-        if (LogAcceptCategory((category), (level))) {     \
-            LogPrintLevel_(category, level, __VA_ARGS__); \
-        }                                                 \
+// Log by prefixing the output with the passed category name and severity level. This can either
+// log conditionally if the category is allowed or unconditionally if level >= BCLog::Level::Info
+// is passed. If this function logs unconditionally, logging to disk is rate-limited. This is
+// important so that callers don't need to worry about accidentally introducing a disk-fill
+// vulnerability if level >= Info is used. Additionally, users specifying -debug are assumed to be
+// developers or power users who are aware that -debug may cause excessive disk usage due to logging.
+#define LogPrintLevel(category, level, ...)                           \
+    do {                                                              \
+        if (LogAcceptCategory((category), (level))) {                 \
+            bool rate_limit{level >= BCLog::Level::Info};             \
+            LogPrintLevel_(category, level, rate_limit, __VA_ARGS__); \
+        }                                                             \
     } while (0)
 
 // Log conditionally, prefixing the output with the passed category name.

src/net.cpp

@@ -575,9 +575,9 @@ void CNode::CloseSocketDisconnect()
     m_i2p_sam_session.reset();
 }
 
-void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, const CNetAddr &addr, const std::vector<NetWhitelistPermissions>& ranges) const {
+void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr, const std::vector<NetWhitelistPermissions>& ranges) const {
     for (const auto& subnet : ranges) {
-        if (subnet.m_subnet.Match(addr)) {
+        if (addr.has_value() && subnet.m_subnet.Match(addr.value())) {
             NetPermissions::AddFlag(flags, subnet.m_flags);
         }
     }
@@ -1767,7 +1767,11 @@ void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
 {
     int nInbound = 0;
 
-    AddWhitelistPermissionFlags(permission_flags, addr, vWhitelistedRangeIncoming);
+    const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
+
+    // Tor inbound connections do not reveal the peer's actual network address.
+    // Therefore do not apply address-based whitelist permissions to them.
+    AddWhitelistPermissionFlags(permission_flags, inbound_onion ? std::optional<CNetAddr>{} : addr, vWhitelistedRangeIncoming);
 
     {
         LOCK(m_nodes_mutex);
@@ -1822,7 +1826,6 @@ void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
     NodeId id = GetNewNodeId();
     uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
 
-    const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
     // The V2Transport transparently falls back to V1 behavior when an incoming V1 connection is
     // detected, so use it whenever we signal NODE_P2P_V2.
     ServiceFlags local_services = GetLocalServices();

src/net.h

@@ -1364,7 +1364,7 @@ private:
 
     bool AttemptToEvictConnection();
     CNode* ConnectNode(CAddress addrConnect, const char *pszDest, bool fCountFailure, ConnectionType conn_type, bool use_v2transport) EXCLUSIVE_LOCKS_REQUIRED(!m_unused_i2p_sessions_mutex);
-    void AddWhitelistPermissionFlags(NetPermissionFlags& flags, const CNetAddr &addr, const std::vector<NetWhitelistPermissions>& ranges) const;
+    void AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr, const std::vector<NetWhitelistPermissions>& ranges) const;
 
     void DeleteNode(CNode* pnode);
 

src/net_processing.cpp

@@ -553,12 +553,6 @@ private:
                                  bool via_compact_block, const std::string& message = "")
         EXCLUSIVE_LOCKS_REQUIRED(!m_peer_mutex);
 
-    /**
-     * Potentially disconnect and discourage a node based on the contents of a TxValidationState object
-     */
-    void MaybePunishNodeForTx(NodeId nodeid, const TxValidationState& state)
-        EXCLUSIVE_LOCKS_REQUIRED(!m_peer_mutex);
-
     /** Maybe disconnect a peer and discourage future connections from its address.
      *
      * @param[in]   pnode     The node to check.
@@ -1805,32 +1799,6 @@ void PeerManagerImpl::MaybePunishNodeForBlock(NodeId nodeid, const BlockValidati
     }
 }
 
-void PeerManagerImpl::MaybePunishNodeForTx(NodeId nodeid, const TxValidationState& state)
-{
-    PeerRef peer{GetPeerRef(nodeid)};
-    switch (state.GetResult()) {
-    case TxValidationResult::TX_RESULT_UNSET:
-        break;
-    // The node is providing invalid data:
-    case TxValidationResult::TX_CONSENSUS:
-        if (peer) Misbehaving(*peer, "");
-        return;
-    // Conflicting (but not necessarily invalid) data or different policy:
-    case TxValidationResult::TX_INPUTS_NOT_STANDARD:
-    case TxValidationResult::TX_NOT_STANDARD:
-    case TxValidationResult::TX_MISSING_INPUTS:
-    case TxValidationResult::TX_PREMATURE_SPEND:
-    case TxValidationResult::TX_WITNESS_MUTATED:
-    case TxValidationResult::TX_WITNESS_STRIPPED:
-    case TxValidationResult::TX_CONFLICT:
-    case TxValidationResult::TX_MEMPOOL_POLICY:
-    case TxValidationResult::TX_NO_MEMPOOL:
-    case TxValidationResult::TX_RECONSIDERABLE:
-    case TxValidationResult::TX_UNKNOWN:
-        break;
-    }
-}
-
 bool PeerManagerImpl::BlockRequestAllowed(const CBlockIndex* pindex)
 {
     AssertLockHeld(cs_main);
@@ -2987,8 +2955,6 @@ std::optional<node::PackageToValidate> PeerManagerImpl::ProcessInvalidTx(NodeId
         if (peer) AddKnownTx(*peer, parent_txid);
     }
 
-    MaybePunishNodeForTx(nodeid, state);
-
     return package_to_validate;
 }
 
@@ -3314,7 +3280,21 @@ void PeerManagerImpl::ProcessCompactBlockTxns(CNode& pfrom, Peer& peer, const Bl
         }
 
         PartiallyDownloadedBlock& partialBlock = *range_flight.first->second.second->partialBlock;
-        ReadStatus status = partialBlock.FillBlock(*pblock, block_transactions.txn);
+
+        if (partialBlock.header.IsNull()) {
+            // It is possible for the header to be empty if a previous call to FillBlock wiped the header, but left
+            // the PartiallyDownloadedBlock pointer around (i.e. did not call RemoveBlockRequest). In this case, we
+            // should not call LookupBlockIndex below.
+            RemoveBlockRequest(block_transactions.blockhash, pfrom.GetId());
+            Misbehaving(peer, "previous compact block reconstruction attempt failed");
+            LogDebug(BCLog::NET, "Peer %d sent compact block transactions multiple times", pfrom.GetId());
+            return;
+        }
+
+        // We should not have gotten this far in compact block processing unless it's attached to a known header
+        const CBlockIndex* prev_block{Assume(m_chainman.m_blockman.LookupBlockIndex(partialBlock.header.hashPrevBlock))};
+        ReadStatus status = partialBlock.FillBlock(*pblock, block_transactions.txn,
+                                                   /*segwit_active=*/DeploymentActiveAfter(prev_block, m_chainman, Consensus::DEPLOYMENT_SEGWIT));
         if (status == READ_STATUS_INVALID) {
             RemoveBlockRequest(block_transactions.blockhash, pfrom.GetId()); // Reset in-flight state in case Misbehaving does not result in a disconnect
             Misbehaving(peer, "invalid compact block/non-matching block transactions");
@@ -3322,6 +3302,9 @@ void PeerManagerImpl::ProcessCompactBlockTxns(CNode& pfrom, Peer& peer, const Bl
         } else if (status == READ_STATUS_FAILED) {
             if (first_in_flight) {
                 // Might have collided, fall back to getdata now :(
+                // We keep the failed partialBlock to disallow processing another compact block announcement from the same
+                // peer for the same block. We let the full block download below continue under the same m_downloading_since
+                // timer.
                 std::vector<CInv> invs;
                 invs.emplace_back(MSG_BLOCK | GetFetchFlags(peer), block_transactions.blockhash);
                 MakeAndPushMessage(pfrom, NetMsgType::GETDATA, invs);
@@ -3331,23 +3314,7 @@ void PeerManagerImpl::ProcessCompactBlockTxns(CNode& pfrom, Peer& peer, const Bl
                 return;
             }
         } else {
-            // Block is either okay, or possibly we received
-            // READ_STATUS_CHECKBLOCK_FAILED.
-            // Note that CheckBlock can only fail for one of a few reasons:
-            // 1. bad-proof-of-work (impossible here, because we've already
-            //    accepted the header)
-            // 2. merkleroot doesn't match the transactions given (already
-            //    caught in FillBlock with READ_STATUS_FAILED, so
-            //    impossible here)
-            // 3. the block is otherwise invalid (eg invalid coinbase,
-            //    block is too big, too many legacy sigops, etc).
-            // So if CheckBlock failed, #3 is the only possibility.
-            // Under BIP 152, we don't discourage the peer unless proof of work is
-            // invalid (we don't require all the stateless checks to have
-            // been run).  This is handled below, so just treat this as
-            // though the block was successfully read, and rely on the
-            // handling in ProcessNewBlock to ensure the block index is
-            // updated, etc.
+            // Block is okay for further processing
             RemoveBlockRequest(block_transactions.blockhash, pfrom.GetId()); // it is now an empty pointer
             fBlockRead = true;
             // mapBlockSource is used for potentially punishing peers and
@@ -4462,7 +4429,9 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
                     return;
                 }
                 std::vector<CTransactionRef> dummy;
-                status = tempBlock.FillBlock(*pblock, dummy);
+                const CBlockIndex* prev_block{Assume(m_chainman.m_blockman.LookupBlockIndex(cmpctblock.header.hashPrevBlock))};
+                status = tempBlock.FillBlock(*pblock, dummy,
+                                             /*segwit_active=*/DeploymentActiveAfter(prev_block, m_chainman, Consensus::DEPLOYMENT_SEGWIT));
                 if (status == READ_STATUS_OK) {
                     fBlockReconstructed = true;
                 }

src/netbase.cpp

@@ -861,10 +861,14 @@ bool IsBadPort(uint16_t port)
     case 1720:  // h323hostcall
     case 1723:  // pptp
     case 2049:  // nfs
+    case 3306:  // MySQL
+    case 3389:  // RDP / Windows Remote Desktop
     case 3659:  // apple-sasl / PasswordServer
     case 4045:  // lockd
     case 5060:  // sip
     case 5061:  // sips
+    case 5432:  // PostgreSQL
+    case 5900:  // VNC
     case 6000:  // X11
     case 6566:  // sane-port
     case 6665:  // Alternate IRC
@@ -874,6 +878,7 @@ bool IsBadPort(uint16_t port)
     case 6669:  // Alternate IRC
     case 6697:  // IRC + TLS
     case 10080: // Amanda
+    case 27017: // MongoDB
         return true;
     }
     return false;