dcrdex v0.4
DCRDEX v0.4.0
Jan 20, 2022
For a high level introduction to DCRDEX, please read the initial release's notes.
Highlights
This release includes a large number of improvements to wallet support, the UI, the communications protocol, and software design.
The most notable new features are:
- An integrated light (SPV) BTC wallet
- Support for dcrwallet/Decrediton in SPV mode
- BTC may be used for account account registration
- Introduce an application "seed" for deterministic account and wallet restoration
- UI overhaul and streamlined setup
- Improved market view with candlestick charts and a price feed
- A "remember password" login option to eliminate password nagging
- Translations for Chinese (zh-CN) and Portuguese (pt-BR)
- Extensive under-the-hood improvements
The latest 1.7 release of dcrd and dcrwallet is required for this release of DCRDEX. At the time of release, this corresponds to the v1.7.0 releases. Bitcoin Core 0.20 and 0.21 are both supported. Bitcoin Core v22 may be used, but the wallet type must not be a "descriptor" wallet, which may be the default on certain platforms and redistributed builds.
Note that we skipped a v0.3 release. The v0.3 development branch is a pre-SPV checkpoint branch, but it also requires Decred 1.7. Given the timing of the Decred v1.7 and DCRDEX v0.4 releases now coinciding, we are jumping straight to the DCRDEX v0.4 SPV-enabled release.
Important Notices
If upgrading from v0.2, read the Upgrading section for important information.
Always record the "seed" that is generated by the DEX client on initialization (when you set your password the first time in the browser window). This is a short string of characters that is used to derive DEX account identities and initialize any native/built-in wallets you create in the DEX client. You must have this seed to recover funds that you receive in such wallets if your lose access to your DEX client's data folder.
Although DCRDEX looks and feels like a regular exchange, the "decentralized" aspect brings an expanded role to the client. Please take the time to read and understand the following:
- Never shutdown your external wallets with dexc running. When shutting down, always stop dexc before stopping your wallets.
- If you have to restart dexc with active orders or swaps, you must immediately login again with your app password when dexc starts up.
- There is an "inaction timeout" when it becomes your client's turn to broadcast a transaction, so be sure not to stop dexc or lose connectivity for too long or you risk having your active orders and swaps/matches revoked. If you do have to restart dexc, just remember to login as soon as you start it up again.
- Only one dexc process should be running for a given user account at any time. For example, if you have identical dexc configurations on two computers and you run dexc and login on both, neither dexc instance will be adequately connected to successfully negotiate swaps.
- Order history is not synchronized between different client installations.
Upgrading
Client (dexc)
Application Seed
When upgrading from v0.2, an application "seed" is automatically generated upon login. The seed is used when creating new DEX accounts and native (built-in) wallets, and may be used to restore these accounts on a new DEX client installation. You should go to the Settings page to view this new seed, and back it up somewhere safe. This is especially important if you create a native Bitcoin wallet from within the DEX client since you will need the seed to recover any funds in the wallet.
If you run the upgrade multiple times, such as from different client installations or just repeated the upgrade from a v0.2 backup, you will get a different seed each time the upgrade runs and you login.
Any DEX accounts created prior to upgrading can NOT be later recovered from this seed. These "legacy" accounts continue to work in v0.4, but to back them up or move them to a different installation, it is still necessary to export/import them from the Settings page or backup the dexc.db file as it was in v0.2.
Developer note: For the upgrade to complete, it is necessary to call Login
before using most other Core
methods. If you receive the error "primary credentials not retrieved. Is the client initialized?" it is likely that you need to Login
first to complete the seed generation and credentials scheme migration. Typical startup should involve core.New
followed by: c.Run
in a goroutine, wait for <-c.Ready()
, consult c.IsInitialized()
before calling either c.InitializeClient
or c.Login
. After login, you should call c.ExportSeed
with the application password to retrieve the newly-generated application seed.
Changing the Bitcoin Wallet Type
If you previously had an external Bitcoin Core wallet configured with DEX, you may switch to a native BTC wallet from the Wallets page. Click the "gears" icon for the Bitcoin wallet, click "change the wallet type", select "SPV" from the dropdown box, and click the Submit button. This will start creating a new BTC wallet. After several seconds it will begin synchronizing in the background, and a circular arrow icon will be displayed in the Status column of the Wallets table. Synchronization of the wallet with the Bitcoin network is completed when the icon disappears. During the process you may see progress by hovering the mouse over the icon. This normally takes less than 10 minutes, but it may be
longer depending on your network and the peers it established. It is strongly advised to allow this to complete before attempting to shutdown, change any wallet settings, or attempt to lock/unlock the wallet. If you decide to change the wallet type back to an external wallet, you will need to re-enter the RPC settings that were previously used.
Server (dcrdex)
There are several changes to the configuration files.
- In markets.json, both lotSize and rateStep no longer belong in the asset settings, and instead should be configured for each market. See
4231914 for more information. - Lot size changes are now supported, but it presently involves restarting the dcrdex process after editing markets.json. It is advised to complete swaps and purge the market before shutting down. See 509205d for more information.
- With registration fees accepted in both BTC and DCR now, the registration fee settings should be configured per-asset in markets.json. Previously, dcrdex.conf was used to configure these settings for DCR. To accept BTC, a "zpub" encoding of your wallet's extended public key for the BIP84 (p2pkh) derivation path is required. See 4f2ab59 and 0124247 for more information.
For examples, consult the sample files: server/cmd/dcrdex/sample-markets.json and server/cmd/dcrdex/sample-dcrdex.conf
Client
Features and Improvements
- The client now uses a seed and deterministic (HD) account key derivation. An application seed is generated during client initialization. When a new dex account is created, the server's identity is used to deterministically generate a client identity for the account. Users should save a copy of their app seed. When upgrading, a new seed will be generated, which may be accessed for backup from the Settings page. When initializing a new dex client, there is an option to provide an existing seed. The RPC client (dexcctl) also has an
appseed
request endpoint. If an account is suspended, a new one will be generated from a different derivation path, and on restore from seed, non-suspended accounts will be located. (b66a35f, ac5affe, d8e46bb, 59868fe, 7f9d0d5, d203ebd, 242f597, a548723, 2df3b4b) - A new Bitcoin SPV wallet integrated into the DEX client. (c1992d8, d202f6d, d808492, 2d18cc8, f5835bd, 4249d97, 82833e0, 1890057, deab1c9, 3b4f2eb)
- Decred SPV wallet support (dcrwallet in SPV mode), use compact filters in counterparty redemption search,
gettxout
,gettransaction
, etc. (fe1995a, 1c508cb, c5413e8, 13d12a8) - Add historical market data charts (candle sticks) to the market page. (d11f1ce)
- Display prices from a new spot price feed from a server market. The current rate and 24-hour percent change are displayed in the market list on the left of the markets page, and in the browser title. (bb05332, 7c0fe85, 8ac1498, 10d78e9, 61e9138, 6231cf4)
- Support paying registration fees with multiple assets, now including BTC. The
getfee
RPC is replaced withgetdexconfig
. (4f2ab59, 0d4075a, 07c2001) - Improved registration sequence and form design. Add a table showing all markets offered by a server when registering. (ebfcff7, 027b480, bbf161e)
- The wallet balance is double checked prior attempting registration. (a5da7349)
- Add the ability to persist password on UI login. This adds a checkbox to the login page that gives the user the option to persist their password for the session. When selected, all the password fields, other than disable account and view seed, will no longer be displayed. (7a0c387)
- Internationalization support for frontend and backend notifications. (7c3d865, 6e6cac4, 0c4d240, 11d4e39)
- Added a pt-BR translation. (de0f679)
- Added a zh-CN translation. (de1d00e, d42e2fa)
- Lot size and rate step are now parameters of a market, not an asset. For newer clients that expect lot size and rate step to be market parameters, this detects and supports an older server. Older clients may not support newer servers, depending on their configuration. (4231914, 45e3894)
- To make order loading in the client faster, split the client order database into separate active and archived orders buckets. (e58a139)
- To make match loading in the client faster, split the client match database into separate active and archived matches buckets. (283744d, e122088, ee34cba)
- Log backup swap refund transactions so that the user can salvage funds in the case that they lose access to the client but still have the logs. These are for BACKUP ONLY as the client will do the refund, and if the user broadcasts them unnecessarily, they may cause unrecoverable client issues that could necessitate recreating the client DB. (9b012f9)
- Bin order tables by rate. Instead of displaying each individual order's quantity and rate on a separate row, the total quantity available at each rate will be displayed. Epoch orders are binned along with all other orders, and the check mark will no longer be displayed. (f7086ab)
- Introduce an "expired" order status for executed orders with 0% filled, and for orders that are still booked but currently settling matches to
"booked/settling". (c8d8d1d) - The order confirmation dialog is now modal, staying open until the submission request is processed, displaying any errors on the form. (ff59dbb)
- Add an
assetseed
command line tool for the user to derive various asset/wallet seeds from their application seed. (4ee4c47) - The Bitcoin Core
rpcconnect
setting is now recognized and used to configure the RPC client for such wallets. (2eaa733) - When connecting to a Bitcoin Core wallet, check the wallet type to prevent use of "descriptor" wallets, which do not support the full set of RPCs required by the DEX client. See https://bitcoincore.org/en/releases/0.21.0/#experimental-descriptor-wallets for more information on descriptor wallets. (256cd69)
- If a user has active trades, they must be settled by a wallet that can complete those trades. Disallow changing to a new wallet that cannot do this. (3fa59cf, aee00c8, 0fc475d)
- Add a "Fees" section to the readme to clarify on-chain transaction fees vs. the registration fee. (352809)
- Automatically check balance before attempting to pay registration fees, and show a clear error on the frontend. (cb0e295)
- Optionally rebroadcast counterparty swap transactions after auditing contracts, and log the counterparty redeem script for recovery purposes. Do this asynchronously since the outcome is not important. (2e4fe26, 0f7d561)
- Wallet connection errors that are encountered on login are show in the notification menu. (5149ee2)
Fixes
The most notable fixes are:
- Prevent high CPU use with max order size computations. (964fcc0)
- Keep order form hidden when wallets are not configured (regression fix). (5546ae2)
- Shutdown the DCR websocket client when a connection attempt fails. (16f357b)
- With both client and server btc asset backends using dcrd's rpcclient, use the correct error type to correctly recognize specific RPC errors from bitcoind. (03f9973)
- Fix an unbuffered
os.Signal
channel (CTRL+C was potentially ignored). (e755134) - Validate the commitment checksum in a match proof notification against the checksum from the preimage request to ensure the server did not change the epoch after the client provided a preimage for an order. (1c06280)
- Allow only one preimage request per order. (0ab34db)
- Fix depth chart resizing errors. (fda9187, 1640b70)
- Fix max order amount when balance is insufficient for a single lot. Other max order fixes. (f118992, 015961e)
- Fix an incorrect asset symbol in the client error log. (92c49d5)
- Correct determination of main chain ancestor on reorg. (cfa95eb)
- Prevent hang on Decred RPC client shutdown. (0490291)
- Restore vertical scroll in orders tables. (499ab0d)
- Always generate a refund transaction before broadcasting a swap transaction. (bd426fb)
- Do not log negative swap contract expiry durations (when they are just waiting on consensus rules). (85bc90f)
- Fix
match_status
requests failing if "tx data" were required for BTC swap transactions. (15f66bc) - Do not try to check for a site directory identified by an empty string. (6743411)
- Resolve data races with
client/core.Core.conns
. (6acc21f) - Leave the sequence in Bitcoin and Decred redeem transaction inputs set to the max value, since using a lower value was only needed for the refunds when the CLTV opcode is used and locktime is relevant. (28473de)
- Before broadcasting a swap transaction after startup or reconnect, perform match status resolution to ensure the match is not revoked. (983df6b)
- Avoid a (recoverable) panic on RPC wallet connect failure. (8478b6c)
- Add a missing error check in
server/db/driver/pg.(*Archiver).LoadEpochStats
. (7957691) - Fix handling of P2SH funding UTXOs when 0-conf coins are included. (dda8654)
- Show a properly scaled exchange rate in the depth chart's price legend. (94eedbd)
- Avoid a potential panic in the BTC native wallet in the event that the best block hash cannot be provided by the wallet. (1911080)
- Promote DEX connections to persistent when the
Register
method finds that the account is already paid. Normally this is done inDiscoverAccount
, but should be handled byRegister
as well. (a897f10) - Omit commas from the withdraw amount text field when clicking the max amount. (c987fa8)
Server
- Lot size and rate step are now configured per-market, not per-asset. The dcrdex server app now errors if markets.json has lot size or rate step set for any asset, and if any market lacks a non-zero lot size or rate step. A
'config'
response is generated in different ways depending on if a given asset has consistent lot sizes and rate steps across all markets. If consistent, it will also set theLotSize
/RateStep
in themsgjson.Asset
. If not consistent, the values will be zero/omitted and a warning will be logged that old clients will not work with the asset. (4231914) - Support lot size changes without manual DB updates. (509205d)
- Accept registration fee payment in multiple assets, including BTC. An operator now specifies the accepted fee assets and amounts in market.json settings instead of dcrdex.conf. The
'config'
response now includes aregFees
field that communicates these values to clients. Fee address derivation is moved out of server/db and into the server/asset packages. To accept BTC, an operator must provide a zpub extended public key encoding. (4f2ab59, 0124247) - Support clients with HD account key derivation. Return special errors during registration when the client's key already exists or is suspended. (b66a35f)
- Allow a client to submit a cancel order while a market is suspended. The database entries after a cancel order during a market suspension will be identical to one that gets matched while the market is running, except the preimage will not be recorded (or requested). Also there will be no entry in the epochs table for the epoch in which this order was "matched". (4a3dde1)
- Route-level request rate limiting. (5e2ab91, 132b16f)
- Add a new
price_feed
subscription request route, which is handled by theBookRouter
, and sendsmsgjson.Spot
messages to subscribed clients inprice_update
notifications. (bb05332) - Add a
usermatches
command line tool for exporting decoded match data directly from the database. (0844058) - Access postgres notices and log them depending on severity. (d6a9c33)
- Remove pre-schema-versioning DB pseudo-upgrade. (dad4a2e)
- Increase websocket read limits. Increases the server's authorized read limit by a factor of 4 to allow a large number of orders in a single epoch, and with more funding coins than normal. Also doubles the unauthorized/default read limit, which is still quite small at 8192 bytes. (de775fa)
- Remove the
ban
andunban
administrative functions. Forgiveness is done at the level of the match only now, and all administrative interference will go away in the future anyway (both fidelity bonds and mesh configuration). (dfbbe9a) - Exclude the maker address from a cancel order match's
msgjson.Match
. (dd31a8) - Abandon orphaned epoch orders on startup, which may happen after a hard server crash. (bd1599e)
- Validate the taker's contract hash during audit, complementing the existing client-side check. (10bb7a3)
- Fix incorrect encoding of preimage and commitment in an error log. (bc60036)
- Enable the
rpcclient
package logger, and set up a logging subsystem for therpcclient
to see connection attempts and other notices from dcrd'srpcclient
. (c1f03e0) - Fix required order funds check with market buys. (8ca81e2)
- Export candles types and make a
dex/candles
package. (26c149a, d11f1ce) - Modify
server/dex.feeFetcher
with the context arg, and add aLastRate
method for consumers to use as a fallback if FeeRate fails. Fix an issue where a zero rate would be cached onFeeRate
error. (7ffae7b)
Developer
-
Update build requirements to Go 1.16 or 1.17, and Node.js 16 or 17. (75c9b7a, b6cfe2a, 6c95f4f, ce823c3)
-
(Breaking) Context-enable
asset.Backend.FeeRate
. With a websocket RPC client with auto-reconnect where RPCs hang when the RPC server is disconnected, it is helpful to allow the caller to cancel requests. Give FeeRate a context arg. (7ffae7b) -
(Breaking) Give notifications topic IDs for internationalization support. (c994f03)
-
Add
(*Core).DiscoverAccount
and an RPC (dexcctl) endpoint to determine if an account exists at a DEX server after restoring from seed. (59868fe, 524b5a1) -
(Breaking)
(*Core).InitializeClient
has a newrestorationSeed []byte
input argument, which may benil
to generate a new app seed, or a previous seed for to restore a previous identity. The(*Core).ExportSeed
method is added to retrieve the generated seed. Further, the keys, encrypted app seed, and the relevant encryption parameters are embodied by theclient/db.PrimaryCredentials
struct, and the DB interface has new methods for upgrading to, initializing, and updating thePrimaryCredentials
. When upgrading, it is necessary callLogin
for the seed to be generated and the new credentials scheme applied, otherwise most methods will fail with "primary credentials not retrieved. Is the client initialized?". (b66a35f) -
(Breaking) To support paying registration fees with multiple assets, the
core.Exchange
struct has newRegFees
andPendingFee
fields, the deprecatedConfsRequired
andRegConfirms
fields are removed, but the deprecatedFee
field (DCR-specific) remains for compatibility.(*Core).GetFee
is removed andGetDEXConfig
should be used instead. Thecore.RegisterForm
struct now has anAsset *uint32
field to specify which asset to pay the fee with. The default if unset is 42 (DCR). (4f2ab59) -
Remove a hard-coded 1e8 constant in the client. This introduces a
UnitInfo
type that is defined for each asset and returned in new fields of
asset.WalletInfo
,dex.Asset
, andmsgjson.Asset
. Its(*UnitInfo).ConventionalString
method should be used to convert from atomic
units to a conventional string representation (e.g. "1.2 DCR"). Theclient/core.{MiniOrder,RemainderUpdate}
structs are updated with a
QtyAtomic uint64
field to complement the existingQty float64
fields.MiniOrder
also has a newMsgRate uint64
field, which communicates rate in "message-rate encoding" as described in the spec, and now modeled index/calc.RateEncodingFactor
, with the new encoding helpersConventionalRate
andConventionalRateAlt
. (08a72d1, ad1c20a, 75fa328, 207ddcf) -
Add
SpotPrice *msgjson.Spot
field tocore/Market
. (bb05332) -
(Breaking) To support multiple types of wallets,
client/asset.WalletInfo
has a newAvailableWallets []*WalletDefinition
field to describe available wallet types. Theclient/asset.Driver
now hasCreate
andExists
methods for "seeded" (native, built-in) wallet types.(*Core).ReconfigureWallet
replaces theassetID
andcfg
fields with acore.WalletForm struct
, which now has aType string
field. Thecore.WalletState
struct now has a newWalletType string
field. A type of""
(empty string) will be recognized as
the legacy RPC wallets. (d202f6d) -
(Breaking) Move the shutdown prompt function from client/core into client/cmd/dexc. The
(*Core).PromptShutdown
method is removed. (1248eb9) -
(Breaking) Remove the
LotSize
andRateStep
fields fromdex.Asset
. Add theLotSize
andRateStep
fields tomsgjson.Market
.msgjson.Asset
still hasLotSize
andRateStep
, but they are tagged withomitempty
, and will be zero/omitted when market configs require multiple different lot sizes or rate steps for an asset. The dcrdex server harness uses a configuration with two markets with DCR as the base asset and different lot sizes. (4231914) -
Update Decred dependencies for RPC client syntax changes to
EstimateSmartFee
andGetTxOut
, and decentralized treasury changes to various stake package functions. (8976d8d) -
Update Decred dependencies for auto-revocation agenda changes. (c2bdeb5)
-
Update Decred
stdscript
dependency and simplify much of the dex/networks/dcr package. Several exported functions and types are removed or renamed (breaking changes). (920b35a) -
Replace dcrutil usages with stdaddr. (f37fcbd)
-
Add
build
andrun
scripts to the dcrdex harness for easier testing. (e0a64a7) -
Use the new
GetTxOutResult.ScriptPubKey.Version
field with dcrd 1.7. Add script version checks and use actual version when decoding scripts. (fcd3926) -
Webpack 5 and other build system updates. (1298264, 93ac487, fa9b19)
-
Improve the Decred harness chain reorganization testing function. (c34f5f7, 90b1d92)
-
With internationalization support, CI now checks that the localized_html files are up-to-date. (c2ecd94)
-
Add a build and packaging script and update it for the localized html templates. (245ed7a, cf4eb6d)
-
Always use IPv4 in comms tests. (7523694)
-
Update the server administration section of the specification with a link to the wiki and an ETH market example. (c7ceb8c)
-
Remove all usage of the deprecated io/ioutil standard library package. (b294a00)
-
Set btc test harness node's debug levels per-subsystem. (aa76b62)
Ethereum (not enabled in 0.4)
- Add internal ethereum client. (16da72f, f4194e0, d0e5f31, 3ea9141)
- Add the ETH swap contract solidity and compiled ABI. (a7046c6, a6eca9e, 39fbfce, beaf951, 202465e, ead7bdd)
- Implement the required
client/asset.Wallet
methods. (783bf2c, 72212a8, d9611e5, 8bd3a34, 5f1928b, cef9c5c) - Implement the required
server/asset.Backend
methods. (fed96f5, 9e1e0cb, 4aa78e1, 2dac253, 05367f1) - Add a shell script that generates go code containing the runtime bytecode of the swap contract. (7f9793e, 9df4f78)
- Functions to decode transaction data. (ec3b7fd)
- Derive ETH wallet account keys from the dex client application seed. (7c2058f)
- Use snap mode for server nodes in harness. (68d1e64)
Build requirements
- Go 1.16 or 1.17
- Node 16 is the minimum supported version for building the site assets.
- dcrd and dcrwallet must still be built from their
release-v1.7
branches. - The minimum required dcrwallet RPC server version is 8.8.0, which corresponds
to the v1.7.0 release of dcrwallet, but the latestrelease-v1.7.x
tag should
be used.
Code Summary
204 commits, 332 files changed, 51,302 insertions(+), 23,309 deletions(-)
12 contributors
- Amir Massarwa (@amassarwi)
- Brian Stafford (@buck54321)
- David Hill (@dajohi)
- Dominic Ting
- @iurii
- Joe Gruffins (@JoeGruffins)
- Jonathan Chappelow (@chappjc)
- @martonp
- Peter Banik (@peterzen)
- Victor Oliveira (@vctt94)
- Wisdom Arerosuoghene (@itswisdomagain)
- @xaur