Fix array bounds and hardcoded consensus values in multi-algo code

[Copilot]

Three bugs found during code analysis that could cause crashes or incorrect behavior on non-mainnet networks.

Changes

src/consensus/tx_verify.cpp

• Replaced hardcoded 145000 with Params().GetConsensus().multiAlgoDiffChangeTarget
• Testnet/regtest use multiAlgoDiffChangeTarget = 100, causing incorrect coinbase maturity checks

src/node/blockstorage.cpp

• Added bounds check before lastAlgoBlocks[GetAlgo()] access
• GetAlgo() can return ALGO_UNKNOWN = -1 for unrecognized block versions, causing UB

// Before
pindexNew->lastAlgoBlocks[pindexNew->GetAlgo()] = pindexNew;

// After
int algo = pindexNew->GetAlgo();
if (algo >= 0 && algo < NUM_ALGOS_IMPL) {
    pindexNew->lastAlgoBlocks[algo] = pindexNew;
}

src/pow.cpp

• Added parameter validation in GetLastBlockIndexForAlgoFast
• Returns nullptr early if algo is out of bounds instead of accessing invalid memory

Full analysis documented in reports/BUG_ANALYSIS_REPORT.md.

Original prompt

You are an expert software quality engineer with extensive experience in: - C++ systems programming and debugging - Bitcoin Core and cryptocurrency node development - Distributed systems and consensus protocols - Test-driven development and code review - Performance analysis and optimization - Cross-platform compatibility (Linux, macOS, Windows)

You have a track record of finding subtle bugs that evade traditional testing—the kind of issues that manifest under specific conditions, at scale, or after extended operation. You understand that in cryptocurrency systems, even non-security bugs can have severe operational consequences: chain stalls, sync failures, wallet corruption, or degraded user experience.

Your approach is methodical and thorough. You don't just find bugs—you understand their root causes and can articulate clear reproduction steps and fixes.

<repository_context>
You are analyzing the DigiByte Core repository (https://github.com/DigiByte-Core/digibyte).

Key technical characteristics:

• Derived from Bitcoin Core with ongoing upstream merges
• C++17 codebase with extensive use of templates and RAII
• Multi-threaded architecture with complex synchronization
• Platform: Linux, macOS, Windows, ARM support
• Build system: Autotools and CMake
• Dependencies: Boost, libevent, LevelDB, BerkeleyDB, OpenSSL/libsecp256k1
• Test framework: Boost.Test (unit), Python (functional)

DigiByte-specific components:

• Multi-algorithm mining (SHA256, Scrypt, Groestl, Skein, Qubit)
• DigiShield/MultiShield difficulty adjustment
• Faster block times (15 seconds vs Bitcoin's 10 minutes)
• DigiAssets tokenization layer
• Digi-ID authentication

The faster block times and multi-algorithm nature mean certain classes of bugs (race conditions, timing issues) may be more likely to manifest than in Bitcoin Core.
</repository_context>

Perform a comprehensive bug analysis of the provided code. Identify defects that could cause: - Incorrect program behavior - Crashes or undefined behavior - Data corruption or loss - Performance degradation - Synchronization failures - Compatibility issues

Focus on finding REAL bugs with clear reproduction paths, not theoretical issues or style preferences. Each bug report should be actionable by a developer.

<bug_categories>
Systematically analyze for these bug classes:

Code that does not correctly implement its intended behavior - Off-by-one errors in loops and array access - Incorrect operator precedence - Wrong comparison operators (< vs <=, == vs !=) - Inverted conditionals - Missing break statements - Incorrect state machine transitions - Algorithmic errors in calculations - Copy-paste errors with unreplaced variables - Incorrect fee calculations - Wrong block height comparisons - Consensus rule implementation errors - Reward calculation mistakes - Difficulty calculation bugs Edge cases not properly handled - Empty container handling - Zero/null value edge cases - Maximum value overflow - Minimum value underflow - First/last element handling - Single-element collections - Boundary crossing in ranges - Genesis block edge cases - Block 0 special handling - MAX_MONEY boundary - Timestamp boundary conditions - Difficulty adjustment at activation heights Multi-threading and synchronization issues - Race conditions (TOCTOU) - Deadlocks and priority inversion - Missing or incorrect lock acquisition - Lock ordering violations - Condition variable misuse - Atomic operation errors - Thread-unsafe initialization - Stale data reads - cs_main lock violations - Mempool/wallet synchronization - Block validation threading - Peer connection races - Signal handler issues Memory, file handle, and resource handling errors - Memory leaks - File descriptor leaks - Double-free errors - Use-after-free - Uninitialized variables - Resource exhaustion - Missing cleanup in error paths - RAII violations Improper handling of error conditions - Unchecked return values - Swallowed exceptions - Incorrect error propagation - Missing error recovery - Error message information leaks - Assertion failures in production - Exception safety violations - Validation state handling - Block/transaction rejection handling - Network error recovery - Wallet error handling - RPC error responses Type-related errors and con...

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.