Merge pull request #2312 from gmaxwell/random_random

ApproximateBestSubset internal RNG to prevent degenerate behavior.
2013-02-22 08:57:38 -08:00
parent 1167af7e5c 907a2aa4c7
commit aaeb443791
4 changed files with 111 additions and 13 deletions
--- a/src/wallet.cpp
+++ b/src/wallet.cpp
@@ -984,6 +984,8 @@ static void ApproximateBestSubset(vector<pair<int64, pair<const CWalletTx*,unsig
    vfBest.assign(vValue.size(), true);
    nBest = nTotalLower;

+    seed_insecure_rand();
+
    for (int nRep = 0; nRep < iterations && nBest != nTargetValue; nRep++)
    {
        vfIncluded.assign(vValue.size(), false);
@@ -993,7 +995,13 @@ static void ApproximateBestSubset(vector<pair<int64, pair<const CWalletTx*,unsig
        {
            for (unsigned int i = 0; i < vValue.size(); i++)
            {
-                if (nPass == 0 ? rand() % 2 : !vfIncluded[i])
+                //The solver here uses a randomized algorithm,
+                //the randomness serves no real security purpose but is just
+                //needed to prevent degenerate behavior and it is important
+                //that the rng fast. We do not use a constant random sequence,
+                //because there may be some privacy improvement by making
+                //the selection random.
+                if (nPass == 0 ? insecure_rand()&1 : !vfIncluded[i])
                {
                    nTotal += vValue[i].first;
                    vfIncluded[i] = true;