Open CharesFang opened 2 years ago
fdoving
commented
2 years ago I don't think point 9 is an issue.
We don't group like bitcoin. Grouping was introduced in https://github.com/bitcoin/bitcoin/pull/12257 We don't have that. Have not looked closely at it, but we could of course add an extra shuffle. Bitcoin does not do the extra shuffle unless -avoidpartialspends is enabled.
fdoving
commented
2 years ago Point 10 does not apply to Ravencoin. We have not yet merged https://github.com/bitcoin/bitcoin/commit/4279da47855ec776f8d57c6579fe89afc9cbe8c1 which is the commit this was introduced.
CharesFang
commented
2 years ago Here is another Bitcoin patch that should be backported.
This PR#12172 fixed a problem that the RPC savemempool would lose some memory data, but it introduced another race condition problem in its patch PR#15323. So, I recommend that Ravencoin should backport these 2 PRs together.
We recently investigated the Bitcoin issues which are related to privacy protection, vulnerability patches, or security enhancements. We have also checked the
Ravencoinsource code. Results show that these issues and their PRs are not backported yet. Henceforth, we suggest thatRavencoinshould backport the PRs listed below for the considerations of software security and integrity.Charvariable used asBool.signrawtransacAtionerror reporting.nLockTimefingerprint.InterruptRPC().Bitcoin PR#13683, avoid potential null pointer dereference.Some of these issues and PRs are not severe security-related, but backports can avoid the chaos ecosystem of Bitcoin-forked projects and the potential vulnerabilities in the future.
Reported by
de957ad9679f28a38f02f00cc7928bce8fb424882ff060a3c09c32895b1474cc.