HD Wallets: redo key rotation, it's no longer automatic and expects the wallet app to poll for maintenance transactions. Deterministic keys now inherit the creation time of their parent.

tools/src/main/java/com/google/bitcoin/tools/WalletTool.java

@@ -40,6 +40,7 @@ import com.google.common.base.Charsets;
 import com.google.common.base.Splitter;
 import com.google.common.collect.ImmutableList;
 import com.google.common.io.Resources;
+import com.google.common.util.concurrent.Futures;
 import com.google.common.util.concurrent.ListenableFuture;
 import com.subgraph.orchid.TorClient;
 import joptsimple.OptionParser;
@@ -163,7 +164,8 @@ public class WalletTool {
         SEND,
         ENCRYPT,
         DECRYPT,
-        MARRY
+        MARRY,
+        ROTATE,
     }
 
     public enum WaitForEnum {
@@ -356,6 +358,7 @@ public class WalletTool {
             case ENCRYPT: encrypt(); break;
             case DECRYPT: decrypt(); break;
             case MARRY: marry(); break;
+            case ROTATE: rotate(); break;
         }
 
         if (!wallet.isConsistent()) {
@@ -397,6 +400,27 @@ public class WalletTool {
         wallet.addFollowingAccountKeys(keys.build());
     }
 
+    private static void rotate() throws BlockStoreException {
+        setup();
+        peers.startAsync();
+        peers.awaitRunning();
+        // Set a key rotation time and possibly broadcast the resulting maintenance transactions.
+        long rotationTimeSecs = Utils.currentTimeSeconds();
+        if (options.has(dateFlag)) {
+            rotationTimeSecs = options.valueOf(dateFlag).getTime() / 1000;
+        }
+        log.info("Setting wallet key rotation time to {}", rotationTimeSecs);
+        wallet.setKeyRotationEnabled(true);
+        wallet.setKeyRotationTime(rotationTimeSecs);
+        KeyParameter aesKey = null;
+        if (wallet.isEncrypted()) {
+            aesKey = passwordToKey(true);
+            if (aesKey == null)
+                return;
+        }
+        Futures.getUnchecked(wallet.maybeDoMaintenance(aesKey, true));
+    }
+
     private static void encrypt() {
         if (password == null) {
             System.err.println("You must provide a --password");

tools/src/main/resources/com/google/bitcoin/tools/wallet-tool-help.txt

@@ -47,6 +47,10 @@ Usage: wallet-tool --flags action-name
                           --no-pki disables pki verification for payment requests.
   encrypt              Requires --password and uses it to encrypt the wallet in place.
   decrypt              Requires --password and uses it to decrypt the wallet in place.
+  rotate               Takes --date and sets that as the key rotation time. Any coins controlled by keys or HD chains
+                       created before this date will be re-spent to a key (from an HD tree) that was created after it.
+                       If --date is missing, the current time is assumed. If the time covers all keys, a new HD tree
+                       will be created from a new random seed.
 
 >>> GENERAL OPTIONS
   --debuglog           Enables logging from the core library.