wallet: fix sendall creates tx that fails tx-size check

[kouloumos]

Fixes #26011

The sendall RPC doesn't use CreateTransactionInternal as the rest of
the wallet RPCs. This has already been discussed in the original PR.
By not going through that path, it never checks the transaction's weight
against the maximum tx weight for transactions we're willing to relay.

bitcoin/src/wallet/spend.cpp

Lines 1013 to 1018 in 447f50e

	// Limit size
	if ((sign && GetTransactionWeight(*tx) > MAX_STANDARD_TX_WEIGHT) ||
	(!sign && tx_sizes.weight > MAX_STANDARD_TX_WEIGHT))
	{
	return util::Error{_("Transaction too large")};
	}

This PR adds a check for tx-size as well as test coverage for that case.

Note: It seems that the test takes a bit of time on slower machines,
I'm not sure if dropping it might be for the better.

[ishaanam]

Concept ACK
It may be out of the scope of this PR to fix this, but I wanted to note that it seems like there are a few other checks that CreateTransactionInternal performs that aren't implemented in sendall but that I think would still be relevant. Namely:

• whether the feerate exceeds the default maximum feerate set by the user
• whether the tx will pass the mempool's chain limits

[kouloumos]

• whether the feerate exceeds the default maximum feerate set by the user

There is already this check against the fee_rate passed by the user. I can't find any other relevant check at CreateTransactionInternal. Could you give more details on that?

• whether the tx will pass the mempool's chain limits

My understanding is that this is not a problem because this RPC only uses confirmed UTXOs.

[ishaanam]

I can't find any other relevant check at CreateTransactionInternal. Could you give more details on that?

I meant this check, which checks that the total fee is not greater than the maximum fee (set using -maxtxfee). Earlier I should have said fee instead of feerate.

[achow101]

ACK 8d822033bcdf6888b900d5a65ff21f3d8b9d30d5

[DrahtBot]

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

No conflicts as of last run.

[glozow]

utACK 8d822033bcdf6888b900d5a65ff21f3d8b9d30d5

Agree we should stop sendall from creating a nonstandard tx. I think a more long term solution would be to still enable sendall to do what it's supposed to do, but create multiple transactions.

[glozow]

Sendall being able to create multiple transactions would also automatically resolve this problem.

[kouloumos]

Do you see this multiple transactions capability to be helpful on any other scenario except of when the wallet has many UTXOs?

[glozow]

No. But it seems quite limiting to just not be able to sendall when the wallet gets bigger. I might be wrong but isn't consolidation one of its use cases? And it's a bit ugly to not be able to use cleanup after this test. Anyway I don't want to hold up this PR, so feel free to resolve.

[kouloumos]

It was more of a curiosity question. Your argument seems valid, as per the current functional test, you need ~1600 inputs to reach the limit.

[kouloumos]

which checks that the total fee is not greater than the maximum fee (set using -maxtxfee).

Good catch, I see that this change is now #26084.

Force pushed only to add more context to the added check.

[achow101]

ACK 2b4fc04916e3ed43fcf7297ef6d7c9d71148c844

[ishaanam]

I think that the error code should not indicate that the wallet has insufficient funds.

Suggested change

	throw JSONRPCError(RPC_WALLET_INSUFFICIENT_FUNDS, "Transaction too large.");
	throw JSONRPCError(RPC_WALLET_ERROR, "Transaction too large.");

[kouloumos]

I initially tracked what error code the same check was returning from CreateTransactionInternal.

I now see that the 2 paths to call CreateTransaction return a different error code:

RPC_WALLET_INSUFFICIENT_FUNDS < SendMoney < CreateTransaction < CreateTransactionInternal

bitcoin/src/wallet/rpc/spend.cpp

Lines 159 to 162 in 718304d

	auto res = CreateTransaction(wallet, recipients, RANDOM_CHANGE_POSITION, coin_control, true);
	if (!res) {
	throw JSONRPCError(RPC_WALLET_INSUFFICIENT_FUNDS, util::ErrorString(res).original);
	}

RPC_WALLET_ERROR < FundTransaction < CreateTransaction < CreateTransactionInternal

bitcoin/src/wallet/rpc/spend.cpp

Lines 702 to 704 in 718304d

	if (!FundTransaction(wallet, tx, fee_out, change_position, error, lockUnspents, setSubtractFeeFromOutputs, coinControl)) {
	throw JSONRPCError(RPC_WALLET_ERROR, error.original);
	}

I am not sure if I am missing something but it seems that there is ambiguity. Probably because CreateTransactionInternal includes a variety of checks that in the end need to be represented with a single error code.

For example, a failed fee estimation is returned differently based on the RPC

bitcoin/test/functional/wallet_fallbackfee.py

Lines 27 to 29 in 718304d

	assert_raises_rpc_error(-6, "Fee estimation failed", lambda: self.nodes[0].sendtoaddress(self.nodes[0].getnewaddress(), 1))
	assert_raises_rpc_error(-4, "Fee estimation failed", lambda: self.nodes[0].fundrawtransaction(self.nodes[0].createrawtransaction([], {self.nodes[0].getnewaddress(): 1})))
	assert_raises_rpc_error(-6, "Fee estimation failed", lambda: self.nodes[0].sendmany("", {self.nodes[0].getnewaddress(): 1}))

Nevertheless, I agree with you that in this case RPC_WALLET_ERROR is more appropriate. I will change it together with the needed rebase.

[w0xlt]

ACK 2b4fc04

[w0xlt]

reACK cc434cb

[kouloumos]

Thank you all for the reviews!

A rebase was needed after the merge of #26084.
Also force pushed to change the error code from RPC_WALLET_INSUFFICIENT_FUNDS to RPC_WALLET_ERROR based on @ishaanam's comment.

[glozow]

re ACK cc434cb via range-diff. Changes were addressing #26024 (comment) and #26024 (comment).

[achow101]

ACK cc434cb

[murchandamus]

post-merge ACK cc434cb

Thanks for catching this.