diff --git a/_includes/ref_block_chain.md b/_includes/ref_block_chain.md index 500b808c..98e2ebf1 100644 --- a/_includes/ref_block_chain.md +++ b/_includes/ref_block_chain.md @@ -27,7 +27,7 @@ As of version 2 blocks, each block consists of four root elements: 4. One or more transactions. -Every block must include a [coinbase transaction][]{:#term-coinbase-tx}{:.term} which should collect and +The first transaction in a block must be a [coinbase transaction][]{:#term-coinbase-tx}{:.term} which should collect and spend any transaction fees paid by transactions included in this block. All blocks with a block height less than 6,930,000 are entitled to receive a [block reward][]{:#term-block-reward}{:.term} of newly created bitcoin value, which also diff --git a/_includes/ref_core_rpcs-abcdefg.md b/_includes/ref_core_rpcs-abcdefg.md index 72177248..7de4fa25 100644 --- a/_includes/ref_core_rpcs-abcdefg.md +++ b/_includes/ref_core_rpcs-abcdefg.md @@ -786,7 +786,9 @@ encryptwallet Encrypts the wallet with 'passphrase'. This is only to enable encryption for the first time. After encryption is enabled, you will need to -enter the passphrase to use private keys. +enter the passphrase to use private keys (which includes generating +additional new addresses once the keypool is exhausted---see +`keypoolrefill`). *Warning:* there is no RPC to completely disable encryption. If you want to return to an unencrypted wallet, you must create a new wallet @@ -2657,8 +2659,7 @@ transactions with at least the indicated number of confirmations. {% autocrossref %} *String; required:* a Bitcoin address to check. Must be an address -belonging to the wallet unless `txindex=1` was added to the `bitcoind` -startup options. +belonging to the wallet. {% endautocrossref %} diff --git a/_includes/ref_transactions.md b/_includes/ref_transactions.md index 9f2e2859..a039f2ef 100644 --- a/_includes/ref_transactions.md +++ b/_includes/ref_transactions.md @@ -47,9 +47,9 @@ The op codes used in standard transactions are, error in the Bitcoin Core implementation. This value is not used, so scriptSigs prefix the signatures with a single OP_0 (0x00). -* [`OP_RETURN`][op_return]{:#term-op-return}{:.term} terminates the script in failure. However, this will not - invalidate a null data transaction which contains no more than 40 - bytes following `OP_RETURN` no more than once per transaction. +* [`OP_RETURN`][op_return]{:#term-op-return}{:.term} terminates the script in failure, + rendering the output unspendable and allowing a miner to claim the + satoshis sent to that OP_RETURN output as an additional transaction fee. A complete list of OP codes can be found on the Bitcoin Wiki [Script Page][wiki script], with an authoritative list in the `opcodetype` enum diff --git a/en/developer-reference.md b/en/developer-reference.md index ae13030b..4e4a8cf2 100644 --- a/en/developer-reference.md +++ b/en/developer-reference.md @@ -33,6 +33,15 @@ title: "Developer Reference - Bitcoin" ### Remote Procedure Calls (RPCs) +**Warning:** the block chain and memory pool can include arbitrary data +which several of the commands below will return in hex format. If you +convert this data to another format in an executable context, it could +be used in an exploit. For example, displaying an output script as +ASCII text in a webpage could add arbitrary Javascript to that page and +create a cross-site scripting (XSS) exploit. To avoid problems, please +treat block chain and memory pool data as an arbitrary input from an +untrusted source. + {% include ref_core_rpcs-abcdefg.md %} {% include ref_core_rpcs-hijklmn.md %} {% include ref_core_rpcs-opqrst.md %}