From 9507ed0a97cc44e1aec5677862efa4312cfa3fa3 Mon Sep 17 00:00:00 2001
From: Svarog <feanorr@gmail.com>
Date: Wed, 23 Jan 2019 16:34:57 +0200
Subject: [PATCH] [DEV-351] Disallow unrequested transactions (#171)

---
 netsync/manager.go | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/netsync/manager.go b/netsync/manager.go
index 9cc2793db..9253b1272 100644
--- a/netsync/manager.go
+++ b/netsync/manager.go
@@ -408,15 +408,14 @@ func (sm *SyncManager) handleTxMsg(tmsg *txMsg) {
 		return
 	}
 
-	// NOTE:  BitcoinJ, and possibly other wallets, don't follow the spec of
-	// sending an inventory message and allowing the remote peer to decide
-	// whether or not they want to request the transaction via a getdata
-	// message.  Unfortunately, the reference implementation permits
-	// unrequested data, so it has allowed wallets that don't follow the
-	// spec to proliferate.  While this is not ideal, there is no check here
-	// to disconnect peers for sending unsolicited transactions to provide
-	// interoperability.
+	// If we didn't ask for this transaction then the peer is misbehaving.
 	txID := tmsg.tx.ID()
+	if _, exists = state.requestedTxns[*txID]; !exists {
+		log.Warnf("Got unrequested transaction %v from %s -- "+
+			"disconnecting", txID, peer.Addr())
+		peer.Disconnect()
+		return
+	}
 
 	// Ignore transactions that we have already rejected.  Do not
 	// send a reject message here because if the transaction was already