Update to version 1.1.1

3 files changed, 278 insertions, 86 deletions

diff --git a/.SRCINFO b/.SRCINFO
index e25aa78c5d34..85d4f6529f9b 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,6 +1,6 @@
 pkgbase = fulcrum
 	pkgdesc = A fast & nimble SPV server for Bitcoin Cash
-	pkgver = 1.1.0
+	pkgver = 1.1.1
 	pkgrel = 1
 	url = https://github.com/cculianu/Fulcrum
 	install = fulcrum.install
@@ -11,10 +11,10 @@ pkgbase = fulcrum
 	depends = python
 	provides = fulcrum
 	backup = etc/fulcrum.conf
-	source = https://gitlab.com/FloweeTheHub/fulcrum/-/archive/v1.1.0/fulcrum-v1.1.0.tar.gz
+	source = https://gitlab.com/FloweeTheHub/fulcrum/-/archive/v1.1.1/fulcrum-v1.1.1.tar.gz
 	source = fulcrum.conf
-	sha256sums = 5301b7bc899fd37c8829e3c96bbedd08272dec86ee0245cda62b4ed8f4e3dcf7
-	sha256sums = 2570cd9cabc9a31b1b7ec8210e62a1206d00d12bc162e8508f69575d396b202f
+	sha256sums = a69bdee6a2fb24ccb2d7385fd1d4ff83b079909ddc50a090522c8d26007f8513
+	sha256sums = 975025a1810178a7ec32dc4bd8cd5767a68d21378ec65baf9708f6d5b3842a1b
 
 pkgname = fulcrum
 
diff --git a/PKGBUILD b/PKGBUILD
index 199e092bf05b..c299ece4bce6 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -2,7 +2,7 @@
 
 pkgname=fulcrum
 pkgdesc='A fast & nimble SPV server for Bitcoin Cash'
-pkgver=1.1.0
+pkgver=1.1.1
 pkgrel=1
 url='https://github.com/cculianu/Fulcrum'
 arch=('x86_64')
@@ -19,8 +19,8 @@ source=(
     "https://gitlab.com/FloweeTheHub/fulcrum/-/archive/v$pkgver/fulcrum-v$pkgver.tar.gz"
     "fulcrum.conf"
 )
-sha256sums=('5301b7bc899fd37c8829e3c96bbedd08272dec86ee0245cda62b4ed8f4e3dcf7'
-    '2570cd9cabc9a31b1b7ec8210e62a1206d00d12bc162e8508f69575d396b202f'
+sha256sums=('a69bdee6a2fb24ccb2d7385fd1d4ff83b079909ddc50a090522c8d26007f8513'
+    '975025a1810178a7ec32dc4bd8cd5767a68d21378ec65baf9708f6d5b3842a1b'
 )
 
 _qmake_args="CONFIG+=release"
diff --git a/fulcrum.conf b/fulcrum.conf
index 27a2602d0122..6d7211c1231e 100644
--- a/fulcrum.conf
+++ b/fulcrum.conf
@@ -129,6 +129,35 @@ rpcpassword = hunter1
 #ssl = 0.0.0.0:50002
 
 
+# WS bind - 'ws' - DEFAULT: disabled (no WS bind port)
+#
+# Specifies the IPv4 or IPv6 interface:port to bind to for the Web Socket
+# (ws://) port. Typically on the Electron Cash network 50003 & 50004 are for
+# mainnet WS & WSS and 60003 & 60004 are for testnet WS & WSS, respectively.
+# If you wish to bind to multiple ports, you may specify this option multiple
+# times, once for each interface:port combination.
+#
+# You may specify either IPv4 or IPv6 interfaces.
+#
+#ws = 0.0.0.0:50003
+
+
+# WSS bind - 'wss' - DEFAULT: disabled (no WSS bind port)
+#
+# Specifies the IPv4 or IPv6 interface:port to bind to for the Web Socket Secure
+# (wss://) port. Typically on the Electron Cash network 50003 & 50004 are for
+# mainnet WS & WSS and 60003 & 60004 are for testnet WS & WSS, respectively. If
+# you wish to bind to multiple ports, you may specify this option multiple
+# times, once for each interface:port combination.
+#
+# If you enable WSS you must also specify the 'cert' and 'key' configuration
+# parameters (see below).
+#
+# You may specify either IPv4 or IPv6 interfaces.
+#
+#wss = 0.0.0.0:50004
+
+
 # SSL certificate - 'cert' - DEFAULT: None (required for SSL)
 #
 # Specifes the SSL certificate to use for all SSL ports. The certificate must be
@@ -291,32 +320,63 @@ rpcpassword = hunter1
 
 # Public TCP port - 'public_tcp_port' - DEFAULT: The first 'tcp' port configured
 #
-# The server's public TCP port. This, along with 'hostname' and
-# 'public_ssl_port', is announced to clients and to other servers engaged in
-# peer discovery. The default is to simply use the first TCP port specified in
-# the server configuration (if any). If you are behind a firewall and doing some
-# port remapping, then you definitely want to set this option. This should be
-# the public TCP port as would be used by the rest of the internet to connect to
-# your server via an unencrypted TCP connection (non-SSL). You may also set this
-# option to 0 to disable reporting any TCP port.
+# The server's public TCP port. This, along with 'hostname' and the various
+# 'public_*_port' variables are announced to clients and to other servers
+# engaged in peer discovery. The default for this variable is to simply use the
+# first TCP port specified in the server configuration (if any). If you are
+# behind a firewall and doing some port remapping, then you definitely want to
+# set this option. This should be the public TCP port as would be used by the
+# rest of the internet to connect to your server via an unencrypted TCP
+# connection (non-SSL). You may also set this option to 0 to disable reporting
+# any TCP port.
 #
 #public_tcp_port = 50001
 
 
 # Public SSL port - 'public_ssl_port' - DEFAULT: The first 'ssl' port configured
 #
-# The server's public SSL port. This, along with 'hostname' and
-# 'public_ssl_port', is announced to clients and to other servers engaged in
-# peer discovery. The default is to simply use the first SSL port specified in
-# the server configuration (if any). If you are behind a firewall and doing some
-# port remapping, then you definitely want to set this option. This should be
-# the public SSL port as would be used by the rest of the internet to connect to
-# your server via SSL. You may also set this option to 0 to disable reporting
-# any SSL port.
+# The server's public SSL port. This, along with 'hostname' and the various
+# 'public_*_port' variables are announced to clients and to other servers
+# engaged in peer discovery. The default for this variable is to simply use the
+# first SSL port specified in the server configuration (if any). If you are
+# behind a firewall and doing some port remapping, then you definitely want to
+# set this option. This should be the public SSL port as would be used by the
+# rest of the internet to connect to your server via SSL. You may also set this
+# option to 0 to disable reporting any SSL port.
 #
 #public_ssl_port = 50002
 
 
+# Public WS port - 'public_ws_port' - DEFAULT: The first 'ws' port configured
+#
+# The server's public WS (Web Socket) port. This, along with 'hostname' and the
+# varous 'public_*_port' variables are announced to clients and to other servers
+# engaged in peer discovery. The default for this variable is to simply use the
+# first WS port specified in the server configuration (if any). If you are
+# behind a firewall and doing some port remapping, then you definitely want to
+# set this option. This should be the public WS port as would be used by the
+# rest of the internet to connect to your server via an unencrypted Web Socket
+# (ws://) connection. You may also set this option to 0 to disable reporting any
+# WS port. See also: ws, tor_ws_port
+#
+#public_ws_port = 50003
+
+
+# Public WSS port - 'public_wss_port' - DEFAULT: The first 'wss' port configured
+#
+# The server's public WSS (Web Socket Secure) port. This, along with 'hostname'
+# and the varous 'public_*_port' variables are announced to clients and to other
+# servers engaged in peer discovery. The default for this variable is to simply
+# use the first WSS port specified in the server configuration (if any). If you
+# are behind a firewall and doing some port remapping, then you definitely want
+# to set this option. This should be the public WSS port as would be used by the
+# rest of the internet to connect to your server via an encrypted Web Socket
+# Secure (wss://) connection. You may also set this option to 0 to disable
+# reporting any WSS port. See also: wss, tor_wss_port
+#
+#public_wss_port = 50004
+
+
 # Peer discovery - 'peering' - DEFAULT: true
 #
 # If set, we query other servers for their peer list and attempt to reach out to
@@ -373,23 +433,49 @@ rpcpassword = hunter1
 # Tor TCP port - 'tor_tcp_port' - DEFAULT: Nothing
 #
 # If set, we will advertise ourselves as living on the .onion tor_hostname above
-# and offering this port for incoming TCP connections. At least one port (along
-# with tor_hostname) must be specified to announce this server via Tor.
+# and offering this port for incoming TCP connections via Tor. At least one of
+# the various tor_*_port variables must be set (along with tor_hostname) in
+# order to announce this server via Tor.
 #
 # This option may not be specified multiple times.
 #
-#tor_tcp_port = 60001
+#tor_tcp_port = 50001
 
 
 # Tor SSL port - 'tor_ssl_port' - DEFAULT: Nothing
 #
 # If set, we will advertise ourselves as living on the .onion tor_hostname above
-# and offering this port for incoming SSL connections. At least one port (along
-# with tor_hostname) must be specified to announce this server via Tor.
+# and offering this port for incoming SSL connections via Tor. At least one of
+# the various tor_*_port variables must be set (along with tor_hostname) in
+# order to announce this server via Tor.
+#
+# This option may not be specified multiple times.
+#
+#tor_ssl_port = 50002
+
+
+# Tor WS port - 'tor_ws_port' - DEFAULT: Nothing
+#
+# If set, we will advertise ourselves as living on the .onion tor_hostname above
+# and offering this port for incoming WS connections via Tor. At least one of
+# the various tor_*_port variables must be set (along with tor_hostname) in
+# order to announce this server via Tor.
 #
 # This option may not be specified multiple times.
 #
-#tor_ssl_port = 60001
+#tor_ws_port = 50003
+
+
+# Tor WSS port - 'tor_wss_port' - DEFAULT: Nothing
+#
+# If set, we will advertise ourselves as living on the .onion tor_hostname above
+# and offering this port for incoming WSS connections via Tor. At least one of
+# the various tor_*_port variables must be set (along with tor_hostname) in
+# order to announce this server via Tor.
+#
+# This option may not be specified multiple times.
+#
+#tor_wss_port = 50004
 
 
 # Tor proxy to use for outbound connections - 'tor_proxy, tor_user, tor_pass'
@@ -411,6 +497,101 @@ rpcpassword = hunter1
 # ADVANCED OPTIONS
 #-------------------------------------------------------------------------------
 
+# BitcoinD request throttling - 'bitcoind_throttle - DEFAULT: 50 20 5
+#
+# This is an advanced parameter added to Fulcrum v1.0.4 to control and rate-
+# limit client spamming of requests that hit bitcoind, e.g.
+# 'blockchain.transaction.get'. The rationale for this facility is that it's
+# possible for misbehaving clients to choke the system by hitting the server (in
+# particular bitcoind) with many expensive, I/O-bound requests per unit time,
+# which would degrade the responsiveness of the server to other clients.
+#
+# This parameter must be specified as a 3-tuple (whitespace or comma-delimited).
+# The three items in the tuple are: "burst limit", "low water mark", and "decay
+# per second" for the first, second, and third items, respectively. The
+# definition of these three parameters is described below:
+#
+# "burst limit" - The number of simultaneous outstanding bitcoind-bound requests
+# a client may send out at once. If a client has outstanding bitcoind-bound
+# requests that have not yet returned results, and the number of such requests
+# hits this limit, then the client will be throttled for at least 200
+# milliseconds, or until the "low water mark" of extant request is reached
+# (whichever is longer). In other words, the throttling is acheived by pausing
+# all further processing of requests for that client, until either 200 ms
+# has elapsed or the "low-water mark" for outstanding requests (default 20) is
+# hit. The default value (50) for this burst parameter is a decent value that is
+# neither too liberal nor too conservative.
+#
+# "low water mark" - If a client is paused, then the number of requests that are
+# outstanding to bitcoind must dip below this number before it is unpaused.
+#
+# "decay per second" - If a client has outstanding requests, and bitcoind has
+# not replied in some time, "credit" the client with this many requests towards
+# their burst, per second.
+#
+# These parameters may be queried and/or adjusted dynamically at runtime via the
+# FulcrumAdmin 'bitcoind_throttle' command.
+#
+#bitcoind_throttle = 50 20 5
+
+
+# Keep RocksDB Log Files - 'db_keep_log_file_num' - DEAFULT: 5
+#
+# The maximum number of database log files to keep around on disk, per database.
+# Specify a value in the range 5, 20000.
+#
+# db_keep_log_file_num = 5
+
+
+# Max RocksDB Open Files - 'db_max_open_files' - DEAFULT: -1 (unlimited)
+#
+# The maximum number of database .sst files (table files) to keep open, per
+# database (there are 6 databases altogether used in Fulcrum). This limit can be
+# used if you know for a fact that your process ulimit is going to be below the
+# number of files in the database. The database on main net may be anywhere from
+# 500 to 1000 files total for all 6 databases. (As the database grows, new files
+# are added.)
+#
+# The default setting of "unlimited" keeps all database files open, so that
+# their indexes remain cached and in memory. This may impact memory consumption
+# but it is the fastest possible setting.
+#
+# See: https://github.com/facebook/rocksdb/wiki/Memory-usage-in-RocksDB#indexes-and-filter-blocks
+#
+# Specify -1 for unlimited, or a value in the range 20, 2147483648.
+#
+# db_max_open_files = -1
+
+
+# Maximum transmission backlog size - 'max_buffer' - DEFAULT: 4000000
+#
+# The maximum size in bytes of the transmission buffer "backlog" (send and
+# receive) per client. This limit is a simple sanity check against DoS and/or
+# misbehaving clients.
+#
+# As a client is sent data, it is expected that they will read it in time and
+# not let it accumulate on the sending end. If the data backlog exceeds this
+# size, then the client is automatically disconnected. The default chosen is a
+# good size in practice, but if your server is serving up large address
+# histories in excess of 55,000 transactions for a single address, and your
+# clients are slow to read and consume this data, then you may want to increase
+# this limit.
+#
+# Note that unlike ElectrumX or ElecronX, this variable does *not* limit the
+# size of transaction histories that may be sent to clients. In fact, you may
+# set this variable quite low and if clients can read data as it is generated,
+# they may receive arbitrarily large histories from your server.
+#
+# You may not set this number below 64000 (64 KiB) or in excess of 100000000
+# (100 MiB).
+#
+# Note that as of Fulcrum 1.0.4, you may dynamically adjust this value for all
+# connected clients using the 'maxbuffer' FulcrumAdmin command, and it will be
+# applied immediately to all connected clients.
+#
+#max_buffer = 4000000
+
+
 # Max client connections per IP - 'max_clients_per_ip' - DEFAULT: 12
 #
 # The maximum number of simultaneous client connections allowed per originating
@@ -426,21 +607,6 @@ rpcpassword = hunter1
 #max_clients_per_ip = 12
 
 
-# Exclude from per-IP limits = 'subnets_to_exclude_from_per_ip_limits'
-# - DEFAULT: 127.0.0.1/32, ::1/128
-#
-# Specify a comma-delimited list of subnets to exclude from the per-IP limits
-# (such as max_clients_per_ip). Clients connecting from one of these subnets
-# will not be subjected to any per-IP limits. The default is for any clients
-# connecting from localhost (this default is particularly useful if serving via
-# Tor, where all clients come from localhost). Set this to the empty string to
-# not have any excluded subnets, eg "subnets_to_exclude_from_per_ip_limits =".
-#
-# Examples: 10.10.2.0/24, 128.101.0.0/16, 123.45., 99.74.0.0/255.255.0.0, ...
-#
-#subnets_to_exclude_from_per_ip_limits = 127.0.0.1/32, ::1/128
-
-
 # Max history - 'max_history' - DEFAULT: 125000
 #
 # The maximum size of the transaction history for a particular address
@@ -474,31 +640,81 @@ rpcpassword = hunter1
 #max_history = 125000
 
 
-# Maximum transmission backlog size - 'max_buffer' - DEFAULT: 4000000
+# Max pending connections - 'max_pending_connections' - DEFAULT: 60
 #
-# The maximum size in bytes of the transmission buffer "backlog" (send and
-# receive) per client. This limit is a simple sanity check against DoS and/or
-# misbehaving clients.
+# The maximum number of connections that may be simultaneously "pending" before
+# new client connections are refused due to the backlog. "Pending" here refers
+# to new connections that come in from the OS's TCP/IP stack but haven't yet
+# been properly accepted by this software. The default value is 60, which is
+# already quite generous. This variable is exposed for troubleshooting and
+# debugging purposes and does not normally need to be modified. Valid values are
+# in the range: 10 to 9999.
 #
-# As a client is sent data, it is expected that they will read it in time and
-# not let it accumulate on the sending end. If the data backlog exceeds this
-# size, then the client is automatically disconnected. The default chosen is a
-# good size in practice, but if your server is serving up large address
-# histories in excess of 55,000 transactions for a single address, and your
-# clients are slow to read and consume this data, then you may want to increase
-# this limit.
+#max_pending_connections = 60
+
+
+# Maximum subscriptions (global limit) - 'max_subs' - DEFAULT: 10000000
 #
-# Note that unlike ElectrumX or ElecronX, this variable does *not* limit the
-# size of transaction histories that may be sent to clients. In fact, you may
-# set this variable quite low and if clients can read data as it is generated,
-# they may receive arbitrarily large histories from your server.
+# The maximum number of simultaneous script hash subscription that the server
+# supports. If more than this number of subscriptions is requested by clients
+# (unlikely) then the server will refuse new subscription requests. It will then
+# kick off a background task to find the most-subscribed IP address and kick all
+# the clients coming from that IP, and then clean up the subscription table.
 #
-# You may not set this number below 64000 (64 KiB) or in excess of 100000000
-# (100 MiB).
+# This config parameter was added in Fulcrum 1.0.5 as a measure to prevent
+# clients from potentially exhausting server resources.
 #
-#max_buffer = 4000000
+#max_subs = 10000000
 
 
+# Maximum subscriptions (per-IP address) - 'max_subs_per_ip' - DEFAULT: 50000
+#
+# The maximum number of script hash subscriptions per IP address. Note that IP
+# addresses matching 'subnets_to_exclude_from_per_ip_limits' will not be
+# subjected to this limit (they will still be subjected to the global 'max_subs'
+# limit, however).
+#
+# If a client attempts to subscribe beyond this limit for all the connections
+# coming from their IP address, it will receive an error message.
+#
+#max_subs_per_ip = 50000
+
+
+# Peer IP uniqueness enforcement - 'peering_enforce_unique_ip' - DEFAULT: true
+#
+# If true (the default) we reject duplicate peers that appear multiple times
+# under different hostnames but using the same IP address. Only the first such
+# peer is accepted and all the others are rejected and do not appear in your
+# server's peer list. This is a sybil attack defense measure and likely you
+# should leave it as true.
+#
+#peering_enforce_unique_ip = true
+
+
+# Exclusion from per-IP limits - 'subnets_to_exclude_from_per_ip_limits'
+# - DEFAULT: 127.0.0.1/32, ::1/128
+#
+# Specify a comma-delimited list of subnets to exclude from the per-IP limits
+# (such as max_clients_per_ip). Clients connecting from one of these subnets
+# will not be subjected to any per-IP limits. The default is for any clients
+# connecting from localhost (this default is particularly useful if serving via
+# Tor, where all clients come from localhost). Set this to the empty string to
+# not have any excluded subnets, eg "subnets_to_exclude_from_per_ip_limits =".
+#
+# Examples: 10.10.2.0/24, 128.101.0.0/16, 123.45., 99.74.0.0/255.255.0.0, ...
+#
+#subnets_to_exclude_from_per_ip_limits = 127.0.0.1/32, ::1/128
+
+
+# Log timestamp format - 'ts-format' - DEFAULT: localtime
+#
+# Specify the log timestamp format, one of: none, uptime, localtime, utc. If
+# unspecified, the default is "localtime". Before this option was introduced,
+# previous versions of Fulcrum always logged using "uptime".
+#
+#ts-format = localtime
+#
+
 # Work queue size - 'workqueue' - DEFAULT: 10000
 #
 # The maximum size of the work queue. Requests from clients that require further
@@ -538,27 +754,3 @@ rpcpassword = hunter1
 # higher than the number of cores on the system.
 #
 #worker_threads = 0   # <--- autodetect to number of cores on the system.
-
-
-# Peer IP uniqueness enforcement - 'peering_enforce_unique_ip' - DEFAULT: true
-#
-# If true (the default) we reject duplicate peers that appear multiple times
-# under different hostnames but using the same IP address. Only the first such
-# peer is accepted and all the others are rejected and do not appear in your
-# server's peer list. This is a sybil attack defense measure and likely you
-# should leave it as true.
-#
-#peering_enforce_unique_ip = true
-
-
-# Max pending connections - 'max_pending_connections' - DEFAULT: 60
-#
-# The maximum number of connections that may be simultaneously "pending" before
-# new client connections are refused due to the backlog. "Pending" here refers
-# to new connections that come in from the OS's TCP/IP stack but haven't yet
-# been properly accepted by this software. The default value is 60, which is
-# already quite generous. This variable is exposed for troubleshooting and
-# debugging purposes and does not normally need to be modified. Valid values are
-# in the range: 10 to 9999.
-#
-#max_pending_connections = 60