Trim the scan_wallet comment so it only states the Rust-side behavior: derive every descriptor address, without the extra cross-reference to the Python path.
Seed TxGraph ownership state from all derived addresses, not just addresses discovered from transaction outputs. This makes is_ours() recognize every descriptor-derived address and preserves internal/change tagging separately.
Derive addresses from all wallet descriptors, external and internal, and persist both internal_addresses and derived_addresses on WalletHistory. This aligns the Rust path with the Python reference behavior.
Track all addresses derived from wallet descriptors in WalletHistory, not only internal/change addresses. This gives TxGraph a complete address set to compare ownership against later.
Removed from crates/stealth-bitcoincore and moved to bitcoincore as a
standalone package. This change is part of the refactor to create
separate packages for each component of the stealth project, allowing
for better modularity and separation of concerns.
- Update config.ini example to show datadir setting
- Fix bitcoin-cli command to include -datadir=bitcoin-data
- Expand project structure tree to show current file layout
setup.sh starts bitcoind with -datadir=bitcoin-data, but bitcoin_rpc.py
was calling bitcoin-cli without it, so it looked in ~/.bitcoin for the
auth cookie and failed with "Incorrect rpcuser or rpcpassword".
Add datadir config to config.ini and resolve it in _build_base_args().
- Update loading screen messages to match actual backend processing steps
- Verified walletService.js, App.jsx, ReportScreen.jsx, FindingCard.jsx
have no dead code or legacy endpoint references
- Cache get_input_addresses() and get_output_addresses() results in TxGraph
to avoid redundant parsing across 12 detector functions
- TxGraph.fetch_tx() already cached raw RPC calls; now parsed results are
cached too, eliminating repeated iteration over vin/vout arrays
- JSON output structure remains identical (no breaking changes)
- Delete verify.py (test script, not in critical path)
- Delete test_vulnerabilities.py (test script, not in critical path)
- Delete create_random_transactions.py (data generation, not in critical path)
- Delete setup_signet.sh (signet workflow, not used in regtest)
- Delete mine_blocks.sh (utility script, not in critical path)
- Delete run_all.sh (orchestrator script, not needed)
- Delete openconf.sh (config viewer, not needed)
- Add a `correction` field to every `finding()` call in detect.py with
actionable remediation advice for all 12 vulnerability types
- Add `CorrectionPanel` component to FindingCard.jsx that renders the
correction text under the technical details when a card is expanded
- Add `.correction` CSS styles with accent-tinted background and a
"HOW TO FIX" label to visually distinguish remediation from details
