Bitcoin Core  27.99.0
P2P Digital Currency
psbt.cpp
Go to the documentation of this file.
1 // Copyright (c) 2009-2022 The Bitcoin Core developers
2 // Distributed under the MIT software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 
5 #include <psbt.h>
6 
7 #include <policy/policy.h>
9 #include <util/check.h>
10 #include <util/strencodings.h>
11 
12 
14 {
15  inputs.resize(tx.vin.size());
16  outputs.resize(tx.vout.size());
17 }
18 
20 {
21  return !tx && inputs.empty() && outputs.empty() && unknown.empty();
22 }
23 
25 {
26  // Prohibited to merge two PSBTs over different transactions
27  if (tx->GetHash() != psbt.tx->GetHash()) {
28  return false;
29  }
30 
31  for (unsigned int i = 0; i < inputs.size(); ++i) {
32  inputs[i].Merge(psbt.inputs[i]);
33  }
34  for (unsigned int i = 0; i < outputs.size(); ++i) {
35  outputs[i].Merge(psbt.outputs[i]);
36  }
37  for (auto& xpub_pair : psbt.m_xpubs) {
38  if (m_xpubs.count(xpub_pair.first) == 0) {
39  m_xpubs[xpub_pair.first] = xpub_pair.second;
40  } else {
41  m_xpubs[xpub_pair.first].insert(xpub_pair.second.begin(), xpub_pair.second.end());
42  }
43  }
44  unknown.insert(psbt.unknown.begin(), psbt.unknown.end());
45 
46  return true;
47 }
48 
50 {
51  if (std::find(tx->vin.begin(), tx->vin.end(), txin) != tx->vin.end()) {
52  return false;
53  }
54  tx->vin.push_back(txin);
55  psbtin.partial_sigs.clear();
56  psbtin.final_script_sig.clear();
58  inputs.push_back(psbtin);
59  return true;
60 }
61 
62 bool PartiallySignedTransaction::AddOutput(const CTxOut& txout, const PSBTOutput& psbtout)
63 {
64  tx->vout.push_back(txout);
65  outputs.push_back(psbtout);
66  return true;
67 }
68 
69 bool PartiallySignedTransaction::GetInputUTXO(CTxOut& utxo, int input_index) const
70 {
71  const PSBTInput& input = inputs[input_index];
72  uint32_t prevout_index = tx->vin[input_index].prevout.n;
73  if (input.non_witness_utxo) {
74  if (prevout_index >= input.non_witness_utxo->vout.size()) {
75  return false;
76  }
77  if (input.non_witness_utxo->GetHash() != tx->vin[input_index].prevout.hash) {
78  return false;
79  }
80  utxo = input.non_witness_utxo->vout[prevout_index];
81  } else if (!input.witness_utxo.IsNull()) {
82  utxo = input.witness_utxo;
83  } else {
84  return false;
85  }
86  return true;
87 }
88 
89 bool PSBTInput::IsNull() const
90 {
91  return !non_witness_utxo && witness_utxo.IsNull() && partial_sigs.empty() && unknown.empty() && hd_keypaths.empty() && redeem_script.empty() && witness_script.empty();
92 }
93 
95 {
96  if (!final_script_sig.empty()) {
97  sigdata.scriptSig = final_script_sig;
98  sigdata.complete = true;
99  }
100  if (!final_script_witness.IsNull()) {
102  sigdata.complete = true;
103  }
104  if (sigdata.complete) {
105  return;
106  }
107 
108  sigdata.signatures.insert(partial_sigs.begin(), partial_sigs.end());
109  if (!redeem_script.empty()) {
110  sigdata.redeem_script = redeem_script;
111  }
112  if (!witness_script.empty()) {
113  sigdata.witness_script = witness_script;
114  }
115  for (const auto& key_pair : hd_keypaths) {
116  sigdata.misc_pubkeys.emplace(key_pair.first.GetID(), key_pair);
117  }
118  if (!m_tap_key_sig.empty()) {
120  }
121  for (const auto& [pubkey_leaf, sig] : m_tap_script_sigs) {
122  sigdata.taproot_script_sigs.emplace(pubkey_leaf, sig);
123  }
124  if (!m_tap_internal_key.IsNull()) {
126  }
127  if (!m_tap_merkle_root.IsNull()) {
129  }
130  for (const auto& [leaf_script, control_block] : m_tap_scripts) {
131  sigdata.tr_spenddata.scripts.emplace(leaf_script, control_block);
132  }
133  for (const auto& [pubkey, leaf_origin] : m_tap_bip32_paths) {
134  sigdata.taproot_misc_pubkeys.emplace(pubkey, leaf_origin);
135  sigdata.tap_pubkeys.emplace(Hash160(pubkey), pubkey);
136  }
137  for (const auto& [hash, preimage] : ripemd160_preimages) {
138  sigdata.ripemd160_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);
139  }
140  for (const auto& [hash, preimage] : sha256_preimages) {
141  sigdata.sha256_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);
142  }
143  for (const auto& [hash, preimage] : hash160_preimages) {
144  sigdata.hash160_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);
145  }
146  for (const auto& [hash, preimage] : hash256_preimages) {
147  sigdata.hash256_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);
148  }
149 }
150 
152 {
153  if (sigdata.complete) {
154  partial_sigs.clear();
155  hd_keypaths.clear();
158 
159  if (!sigdata.scriptSig.empty()) {
160  final_script_sig = sigdata.scriptSig;
161  }
162  if (!sigdata.scriptWitness.IsNull()) {
164  }
165  return;
166  }
167 
168  partial_sigs.insert(sigdata.signatures.begin(), sigdata.signatures.end());
169  if (redeem_script.empty() && !sigdata.redeem_script.empty()) {
170  redeem_script = sigdata.redeem_script;
171  }
172  if (witness_script.empty() && !sigdata.witness_script.empty()) {
173  witness_script = sigdata.witness_script;
174  }
175  for (const auto& entry : sigdata.misc_pubkeys) {
176  hd_keypaths.emplace(entry.second);
177  }
178  if (!sigdata.taproot_key_path_sig.empty()) {
180  }
181  for (const auto& [pubkey_leaf, sig] : sigdata.taproot_script_sigs) {
182  m_tap_script_sigs.emplace(pubkey_leaf, sig);
183  }
184  if (!sigdata.tr_spenddata.internal_key.IsNull()) {
186  }
187  if (!sigdata.tr_spenddata.merkle_root.IsNull()) {
189  }
190  for (const auto& [leaf_script, control_block] : sigdata.tr_spenddata.scripts) {
191  m_tap_scripts.emplace(leaf_script, control_block);
192  }
193  for (const auto& [pubkey, leaf_origin] : sigdata.taproot_misc_pubkeys) {
194  m_tap_bip32_paths.emplace(pubkey, leaf_origin);
195  }
196 }
197 
198 void PSBTInput::Merge(const PSBTInput& input)
199 {
201  if (witness_utxo.IsNull() && !input.witness_utxo.IsNull()) {
202  witness_utxo = input.witness_utxo;
203  }
204 
205  partial_sigs.insert(input.partial_sigs.begin(), input.partial_sigs.end());
206  ripemd160_preimages.insert(input.ripemd160_preimages.begin(), input.ripemd160_preimages.end());
207  sha256_preimages.insert(input.sha256_preimages.begin(), input.sha256_preimages.end());
208  hash160_preimages.insert(input.hash160_preimages.begin(), input.hash160_preimages.end());
209  hash256_preimages.insert(input.hash256_preimages.begin(), input.hash256_preimages.end());
210  hd_keypaths.insert(input.hd_keypaths.begin(), input.hd_keypaths.end());
211  unknown.insert(input.unknown.begin(), input.unknown.end());
212  m_tap_script_sigs.insert(input.m_tap_script_sigs.begin(), input.m_tap_script_sigs.end());
213  m_tap_scripts.insert(input.m_tap_scripts.begin(), input.m_tap_scripts.end());
214  m_tap_bip32_paths.insert(input.m_tap_bip32_paths.begin(), input.m_tap_bip32_paths.end());
215 
220  if (m_tap_key_sig.empty() && !input.m_tap_key_sig.empty()) m_tap_key_sig = input.m_tap_key_sig;
223 }
224 
226 {
227  if (!redeem_script.empty()) {
228  sigdata.redeem_script = redeem_script;
229  }
230  if (!witness_script.empty()) {
231  sigdata.witness_script = witness_script;
232  }
233  for (const auto& key_pair : hd_keypaths) {
234  sigdata.misc_pubkeys.emplace(key_pair.first.GetID(), key_pair);
235  }
236  if (!m_tap_tree.empty() && m_tap_internal_key.IsFullyValid()) {
237  TaprootBuilder builder;
238  for (const auto& [depth, leaf_ver, script] : m_tap_tree) {
239  builder.Add((int)depth, script, (int)leaf_ver, /*track=*/true);
240  }
241  assert(builder.IsComplete());
242  builder.Finalize(m_tap_internal_key);
243  TaprootSpendData spenddata = builder.GetSpendData();
244 
246  sigdata.tr_spenddata.Merge(spenddata);
247  }
248  for (const auto& [pubkey, leaf_origin] : m_tap_bip32_paths) {
249  sigdata.taproot_misc_pubkeys.emplace(pubkey, leaf_origin);
250  sigdata.tap_pubkeys.emplace(Hash160(pubkey), pubkey);
251  }
252 }
253 
255 {
256  if (redeem_script.empty() && !sigdata.redeem_script.empty()) {
257  redeem_script = sigdata.redeem_script;
258  }
259  if (witness_script.empty() && !sigdata.witness_script.empty()) {
260  witness_script = sigdata.witness_script;
261  }
262  for (const auto& entry : sigdata.misc_pubkeys) {
263  hd_keypaths.emplace(entry.second);
264  }
265  if (!sigdata.tr_spenddata.internal_key.IsNull()) {
267  }
268  if (sigdata.tr_builder.has_value() && sigdata.tr_builder->HasScripts()) {
269  m_tap_tree = sigdata.tr_builder->GetTreeTuples();
270  }
271  for (const auto& [pubkey, leaf_origin] : sigdata.taproot_misc_pubkeys) {
272  m_tap_bip32_paths.emplace(pubkey, leaf_origin);
273  }
274 }
275 
276 bool PSBTOutput::IsNull() const
277 {
278  return redeem_script.empty() && witness_script.empty() && hd_keypaths.empty() && unknown.empty();
279 }
280 
281 void PSBTOutput::Merge(const PSBTOutput& output)
282 {
283  hd_keypaths.insert(output.hd_keypaths.begin(), output.hd_keypaths.end());
284  unknown.insert(output.unknown.begin(), output.unknown.end());
285  m_tap_bip32_paths.insert(output.m_tap_bip32_paths.begin(), output.m_tap_bip32_paths.end());
286 
287  if (redeem_script.empty() && !output.redeem_script.empty()) redeem_script = output.redeem_script;
290  if (m_tap_tree.empty() && !output.m_tap_tree.empty()) m_tap_tree = output.m_tap_tree;
291 }
292 
293 bool PSBTInputSigned(const PSBTInput& input)
294 {
295  return !input.final_script_sig.empty() || !input.final_script_witness.IsNull();
296 }
297 
298 bool PSBTInputSignedAndVerified(const PartiallySignedTransaction psbt, unsigned int input_index, const PrecomputedTransactionData* txdata)
299 {
300  CTxOut utxo;
301  assert(psbt.inputs.size() >= input_index);
302  const PSBTInput& input = psbt.inputs[input_index];
303 
304  if (input.non_witness_utxo) {
305  // If we're taking our information from a non-witness UTXO, verify that it matches the prevout.
306  COutPoint prevout = psbt.tx->vin[input_index].prevout;
307  if (prevout.n >= input.non_witness_utxo->vout.size()) {
308  return false;
309  }
310  if (input.non_witness_utxo->GetHash() != prevout.hash) {
311  return false;
312  }
313  utxo = input.non_witness_utxo->vout[prevout.n];
314  } else if (!input.witness_utxo.IsNull()) {
315  utxo = input.witness_utxo;
316  } else {
317  return false;
318  }
319 
320  if (txdata) {
321  return VerifyScript(input.final_script_sig, utxo.scriptPubKey, &input.final_script_witness, STANDARD_SCRIPT_VERIFY_FLAGS, MutableTransactionSignatureChecker{&(*psbt.tx), input_index, utxo.nValue, *txdata, MissingDataBehavior::FAIL});
322  } else {
323  return VerifyScript(input.final_script_sig, utxo.scriptPubKey, &input.final_script_witness, STANDARD_SCRIPT_VERIFY_FLAGS, MutableTransactionSignatureChecker{&(*psbt.tx), input_index, utxo.nValue, MissingDataBehavior::FAIL});
324  }
325 }
326 
328  size_t count = 0;
329  for (const auto& input : psbt.inputs) {
330  if (!PSBTInputSigned(input)) {
331  count++;
332  }
333  }
334 
335  return count;
336 }
337 
338 void UpdatePSBTOutput(const SigningProvider& provider, PartiallySignedTransaction& psbt, int index)
339 {
340  CMutableTransaction& tx = *Assert(psbt.tx);
341  const CTxOut& out = tx.vout.at(index);
342  PSBTOutput& psbt_out = psbt.outputs.at(index);
343 
344  // Fill a SignatureData with output info
345  SignatureData sigdata;
346  psbt_out.FillSignatureData(sigdata);
347 
348  // Construct a would-be spend of this output, to update sigdata with.
349  // Note that ProduceSignature is used to fill in metadata (not actual signatures),
350  // so provider does not need to provide any private keys (it can be a HidingSigningProvider).
351  MutableTransactionSignatureCreator creator(tx, /*input_idx=*/0, out.nValue, SIGHASH_ALL);
352  ProduceSignature(provider, creator, out.scriptPubKey, sigdata);
353 
354  // Put redeem_script, witness_script, key paths, into PSBTOutput.
355  psbt_out.FromSignatureData(sigdata);
356 }
357 
359 {
360  const CMutableTransaction& tx = *psbt.tx;
361  bool have_all_spent_outputs = true;
362  std::vector<CTxOut> utxos(tx.vin.size());
363  for (size_t idx = 0; idx < tx.vin.size(); ++idx) {
364  if (!psbt.GetInputUTXO(utxos[idx], idx)) have_all_spent_outputs = false;
365  }
367  if (have_all_spent_outputs) {
368  txdata.Init(tx, std::move(utxos), true);
369  } else {
370  txdata.Init(tx, {}, true);
371  }
372  return txdata;
373 }
374 
375 bool SignPSBTInput(const SigningProvider& provider, PartiallySignedTransaction& psbt, int index, const PrecomputedTransactionData* txdata, int sighash, SignatureData* out_sigdata, bool finalize)
376 {
377  PSBTInput& input = psbt.inputs.at(index);
378  const CMutableTransaction& tx = *psbt.tx;
379 
380  if (PSBTInputSignedAndVerified(psbt, index, txdata)) {
381  return true;
382  }
383 
384  // Fill SignatureData with input info
385  SignatureData sigdata;
386  input.FillSignatureData(sigdata);
387 
388  // Get UTXO
389  bool require_witness_sig = false;
390  CTxOut utxo;
391 
392  if (input.non_witness_utxo) {
393  // If we're taking our information from a non-witness UTXO, verify that it matches the prevout.
394  COutPoint prevout = tx.vin[index].prevout;
395  if (prevout.n >= input.non_witness_utxo->vout.size()) {
396  return false;
397  }
398  if (input.non_witness_utxo->GetHash() != prevout.hash) {
399  return false;
400  }
401  utxo = input.non_witness_utxo->vout[prevout.n];
402  } else if (!input.witness_utxo.IsNull()) {
403  utxo = input.witness_utxo;
404  // When we're taking our information from a witness UTXO, we can't verify it is actually data from
405  // the output being spent. This is safe in case a witness signature is produced (which includes this
406  // information directly in the hash), but not for non-witness signatures. Remember that we require
407  // a witness signature in this situation.
408  require_witness_sig = true;
409  } else {
410  return false;
411  }
412 
413  sigdata.witness = false;
414  bool sig_complete;
415  if (txdata == nullptr) {
416  sig_complete = ProduceSignature(provider, DUMMY_SIGNATURE_CREATOR, utxo.scriptPubKey, sigdata);
417  } else {
418  MutableTransactionSignatureCreator creator(tx, index, utxo.nValue, txdata, sighash);
419  sig_complete = ProduceSignature(provider, creator, utxo.scriptPubKey, sigdata);
420  }
421  // Verify that a witness signature was produced in case one was required.
422  if (require_witness_sig && !sigdata.witness) return false;
423 
424  // If we are not finalizing, set sigdata.complete to false to not set the scriptWitness
425  if (!finalize && sigdata.complete) sigdata.complete = false;
426 
427  input.FromSignatureData(sigdata);
428 
429  // If we have a witness signature, put a witness UTXO.
430  if (sigdata.witness) {
431  input.witness_utxo = utxo;
432  // We can remove the non_witness_utxo if and only if there are no non-segwit or segwit v0
433  // inputs in this transaction. Since this requires inspecting the entire transaction, this
434  // is something for the caller to deal with (i.e. FillPSBT).
435  }
436 
437  // Fill in the missing info
438  if (out_sigdata) {
439  out_sigdata->missing_pubkeys = sigdata.missing_pubkeys;
440  out_sigdata->missing_sigs = sigdata.missing_sigs;
441  out_sigdata->missing_redeem_script = sigdata.missing_redeem_script;
442  out_sigdata->missing_witness_script = sigdata.missing_witness_script;
443  }
444 
445  return sig_complete;
446 }
447 
448 void RemoveUnnecessaryTransactions(PartiallySignedTransaction& psbtx, const int& sighash_type)
449 {
450  // Only drop non_witness_utxos if sighash_type != SIGHASH_ANYONECANPAY
451  if ((sighash_type & 0x80) != SIGHASH_ANYONECANPAY) {
452  // Figure out if any non_witness_utxos should be dropped
453  std::vector<unsigned int> to_drop;
454  for (unsigned int i = 0; i < psbtx.inputs.size(); ++i) {
455  const auto& input = psbtx.inputs.at(i);
456  int wit_ver;
457  std::vector<unsigned char> wit_prog;
458  if (input.witness_utxo.IsNull() || !input.witness_utxo.scriptPubKey.IsWitnessProgram(wit_ver, wit_prog)) {
459  // There's a non-segwit input or Segwit v0, so we cannot drop any witness_utxos
460  to_drop.clear();
461  break;
462  }
463  if (wit_ver == 0) {
464  // Segwit v0, so we cannot drop any non_witness_utxos
465  to_drop.clear();
466  break;
467  }
468  if (input.non_witness_utxo) {
469  to_drop.push_back(i);
470  }
471  }
472 
473  // Drop the non_witness_utxos that we can drop
474  for (unsigned int i : to_drop) {
475  psbtx.inputs.at(i).non_witness_utxo = nullptr;
476  }
477  }
478 }
479 
481 {
482  // Finalize input signatures -- in case we have partial signatures that add up to a complete
483  // signature, but have not combined them yet (e.g. because the combiner that created this
484  // PartiallySignedTransaction did not understand them), this will combine them into a final
485  // script.
486  bool complete = true;
487  const PrecomputedTransactionData txdata = PrecomputePSBTData(psbtx);
488  for (unsigned int i = 0; i < psbtx.tx->vin.size(); ++i) {
489  complete &= SignPSBTInput(DUMMY_SIGNING_PROVIDER, psbtx, i, &txdata, SIGHASH_ALL, nullptr, true);
490  }
491 
492  return complete;
493 }
494 
496 {
497  // It's not safe to extract a PSBT that isn't finalized, and there's no easy way to check
498  // whether a PSBT is finalized without finalizing it, so we just do this.
499  if (!FinalizePSBT(psbtx)) {
500  return false;
501  }
502 
503  result = *psbtx.tx;
504  for (unsigned int i = 0; i < result.vin.size(); ++i) {
505  result.vin[i].scriptSig = psbtx.inputs[i].final_script_sig;
506  result.vin[i].scriptWitness = psbtx.inputs[i].final_script_witness;
507  }
508  return true;
509 }
510 
511 TransactionError CombinePSBTs(PartiallySignedTransaction& out, const std::vector<PartiallySignedTransaction>& psbtxs)
512 {
513  out = psbtxs[0]; // Copy the first one
514 
515  // Merge
516  for (auto it = std::next(psbtxs.begin()); it != psbtxs.end(); ++it) {
517  if (!out.Merge(*it)) {
519  }
520  }
521  return TransactionError::OK;
522 }
523 
524 std::string PSBTRoleName(PSBTRole role) {
525  switch (role) {
526  case PSBTRole::CREATOR: return "creator";
527  case PSBTRole::UPDATER: return "updater";
528  case PSBTRole::SIGNER: return "signer";
529  case PSBTRole::FINALIZER: return "finalizer";
530  case PSBTRole::EXTRACTOR: return "extractor";
531  // no default case, so the compiler can warn about missing cases
532  }
533  assert(false);
534 }
535 
536 bool DecodeBase64PSBT(PartiallySignedTransaction& psbt, const std::string& base64_tx, std::string& error)
537 {
538  auto tx_data = DecodeBase64(base64_tx);
539  if (!tx_data) {
540  error = "invalid base64";
541  return false;
542  }
543  return DecodeRawPSBT(psbt, MakeByteSpan(*tx_data), error);
544 }
545 
546 bool DecodeRawPSBT(PartiallySignedTransaction& psbt, Span<const std::byte> tx_data, std::string& error)
547 {
548  DataStream ss_data{tx_data};
549  try {
550  ss_data >> psbt;
551  if (!ss_data.empty()) {
552  error = "extra data after PSBT";
553  return false;
554  }
555  } catch (const std::exception& e) {
556  error = e.what();
557  return false;
558  }
559  return true;
560 }
561 
563 {
564  if (m_version != std::nullopt) {
565  return *m_version;
566  }
567  return 0;
568 }
#define Assert(val)
Identity function.
Definition: check.h:77
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
uint32_t n
Definition: transaction.h:32
Txid hash
Definition: transaction.h:31
void clear()
Definition: script.h:557
An input of a transaction.
Definition: transaction.h:67
An output of a transaction.
Definition: transaction.h:150
CScript scriptPubKey
Definition: transaction.h:153
CAmount nValue
Definition: transaction.h:152
bool IsNull() const
Definition: transaction.h:170
Double ended buffer combining vector and stream-like interfaces.
Definition: streams.h:147
A signature creator for transactions.
Definition: sign.h:40
An interface to be implemented by keystores that support signing.
Utility class to construct Taproot outputs from internal key and script tree.
TaprootSpendData GetSpendData() const
Compute spending data (after Finalize()).
bool IsComplete() const
Return whether there were either no leaves, or the leaves form a Huffman tree.
TaprootBuilder & Add(int depth, Span< const unsigned char > script, int leaf_version, bool track=true)
Add a new script at a certain depth in the tree.
TaprootBuilder & Finalize(const XOnlyPubKey &internal_key)
Finalize the construction.
bool IsNull() const
Test whether this is the 0 key (the result of default construction).
Definition: pubkey.h:249
bool IsFullyValid() const
Determine if this pubkey is fully valid.
Definition: pubkey.cpp:214
constexpr bool IsNull() const
Definition: uint256.h:42
bool empty() const
Definition: prevector.h:300
TransactionError
Definition: error.h:22
uint160 Hash160(const T1 &in1)
Compute the 160-bit hash an object.
Definition: hash.h:92
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
@ SIGHASH_ANYONECANPAY
Definition: interpreter.h:33
@ SIGHASH_ALL
Definition: interpreter.h:30
static constexpr unsigned int STANDARD_SCRIPT_VERIFY_FLAGS
Standard script verification flags that standard transactions will comply with.
Definition: policy.h:103
bool DecodeBase64PSBT(PartiallySignedTransaction &psbt, const std::string &base64_tx, std::string &error)
Decode a base64ed PSBT into a PartiallySignedTransaction.
Definition: psbt.cpp:536
void UpdatePSBTOutput(const SigningProvider &provider, PartiallySignedTransaction &psbt, int index)
Updates a PSBTOutput with information from provider.
Definition: psbt.cpp:338
bool PSBTInputSignedAndVerified(const PartiallySignedTransaction psbt, unsigned int input_index, const PrecomputedTransactionData *txdata)
Checks whether a PSBTInput is already signed by doing script verification using final fields.
Definition: psbt.cpp:298
std::string PSBTRoleName(PSBTRole role)
Definition: psbt.cpp:524
size_t CountPSBTUnsignedInputs(const PartiallySignedTransaction &psbt)
Counts the unsigned inputs of a PSBT.
Definition: psbt.cpp:327
bool FinalizeAndExtractPSBT(PartiallySignedTransaction &psbtx, CMutableTransaction &result)
Finalizes a PSBT if possible, and extracts it to a CMutableTransaction if it could be finalized.
Definition: psbt.cpp:495
void RemoveUnnecessaryTransactions(PartiallySignedTransaction &psbtx, const int &sighash_type)
Reduces the size of the PSBT by dropping unnecessary non_witness_utxos (i.e.
Definition: psbt.cpp:448
bool DecodeRawPSBT(PartiallySignedTransaction &psbt, Span< const std::byte > tx_data, std::string &error)
Decode a raw (binary blob) PSBT into a PartiallySignedTransaction.
Definition: psbt.cpp:546
bool SignPSBTInput(const SigningProvider &provider, PartiallySignedTransaction &psbt, int index, const PrecomputedTransactionData *txdata, int sighash, SignatureData *out_sigdata, bool finalize)
Signs a PSBTInput, verifying that all provided data matches what is being signed.
Definition: psbt.cpp:375
bool PSBTInputSigned(const PSBTInput &input)
Checks whether a PSBTInput is already signed by checking for non-null finalized fields.
Definition: psbt.cpp:293
PrecomputedTransactionData PrecomputePSBTData(const PartiallySignedTransaction &psbt)
Compute a PrecomputedTransactionData object from a psbt.
Definition: psbt.cpp:358
TransactionError CombinePSBTs(PartiallySignedTransaction &out, const std::vector< PartiallySignedTransaction > &psbtxs)
Combines PSBTs with the same underlying transaction, resulting in a single PSBT with all partial sign...
Definition: psbt.cpp:511
bool FinalizePSBT(PartiallySignedTransaction &psbtx)
Finalizes a PSBT if possible, combining partial signatures.
Definition: psbt.cpp:480
PSBTRole
Definition: psbt.h:1206
bool ProduceSignature(const SigningProvider &provider, const BaseSignatureCreator &creator, const CScript &fromPubKey, SignatureData &sigdata)
Produce a script signature using a generic signature creator.
Definition: sign.cpp:499
const BaseSignatureCreator & DUMMY_SIGNATURE_CREATOR
A signature creator that just produces 71-byte empty signatures.
Definition: sign.cpp:762
const SigningProvider & DUMMY_SIGNING_PROVIDER
Span< const std::byte > MakeByteSpan(V &&v) noexcept
Definition: span.h:277
A mutable version of CTransaction.
Definition: transaction.h:378
std::vector< CTxOut > vout
Definition: transaction.h:380
std::vector< CTxIn > vin
Definition: transaction.h:379
bool IsNull() const
Definition: script.h:574
void SetNull()
Definition: script.h:576
A structure for PSBTs which contain per-input information.
Definition: psbt.h:194
std::vector< unsigned char > m_tap_key_sig
Definition: psbt.h:209
std::map< CPubKey, KeyOriginInfo > hd_keypaths
Definition: psbt.h:201
std::map< uint256, std::vector< unsigned char > > hash256_preimages
Definition: psbt.h:206
CScriptWitness final_script_witness
Definition: psbt.h:200
std::map< std::pair< std::vector< unsigned char >, int >, std::set< std::vector< unsigned char >, ShortestVectorFirstComparator > > m_tap_scripts
Definition: psbt.h:211
CTransactionRef non_witness_utxo
Definition: psbt.h:195
std::map< CKeyID, SigPair > partial_sigs
Definition: psbt.h:202
std::map< std::pair< XOnlyPubKey, uint256 >, std::vector< unsigned char > > m_tap_script_sigs
Definition: psbt.h:210
uint256 m_tap_merkle_root
Definition: psbt.h:214
std::map< uint256, std::vector< unsigned char > > sha256_preimages
Definition: psbt.h:204
void FillSignatureData(SignatureData &sigdata) const
Definition: psbt.cpp:94
std::map< uint160, std::vector< unsigned char > > hash160_preimages
Definition: psbt.h:205
bool IsNull() const
Definition: psbt.cpp:89
void Merge(const PSBTInput &input)
Definition: psbt.cpp:198
CScript redeem_script
Definition: psbt.h:197
CScript final_script_sig
Definition: psbt.h:199
void FromSignatureData(const SignatureData &sigdata)
Definition: psbt.cpp:151
XOnlyPubKey m_tap_internal_key
Definition: psbt.h:213
std::map< XOnlyPubKey, std::pair< std::set< uint256 >, KeyOriginInfo > > m_tap_bip32_paths
Definition: psbt.h:212
std::map< std::vector< unsigned char >, std::vector< unsigned char > > unknown
Definition: psbt.h:216
std::map< uint160, std::vector< unsigned char > > ripemd160_preimages
Definition: psbt.h:203
CTxOut witness_utxo
Definition: psbt.h:196
CScript witness_script
Definition: psbt.h:198
A structure for PSBTs which contains per output information.
Definition: psbt.h:711
XOnlyPubKey m_tap_internal_key
Definition: psbt.h:715
std::map< XOnlyPubKey, std::pair< std::set< uint256 >, KeyOriginInfo > > m_tap_bip32_paths
Definition: psbt.h:717
CScript witness_script
Definition: psbt.h:713
bool IsNull() const
Definition: psbt.cpp:276
void Merge(const PSBTOutput &output)
Definition: psbt.cpp:281
CScript redeem_script
Definition: psbt.h:712
std::map< CPubKey, KeyOriginInfo > hd_keypaths
Definition: psbt.h:714
std::vector< std::tuple< uint8_t, uint8_t, std::vector< unsigned char > > > m_tap_tree
Definition: psbt.h:716
std::map< std::vector< unsigned char >, std::vector< unsigned char > > unknown
Definition: psbt.h:718
void FillSignatureData(SignatureData &sigdata) const
Definition: psbt.cpp:225
void FromSignatureData(const SignatureData &sigdata)
Definition: psbt.cpp:254
A version of CTransaction with the PSBT format.
Definition: psbt.h:947
uint32_t GetVersion() const
Definition: psbt.cpp:562
bool Merge(const PartiallySignedTransaction &psbt)
Merge psbt into this.
Definition: psbt.cpp:24
std::map< KeyOriginInfo, std::set< CExtPubKey > > m_xpubs
Definition: psbt.h:951
std::optional< uint32_t > m_version
Definition: psbt.h:955
bool IsNull() const
Definition: psbt.cpp:19
bool GetInputUTXO(CTxOut &utxo, int input_index) const
Finds the UTXO for a given input index.
Definition: psbt.cpp:69
std::map< std::vector< unsigned char >, std::vector< unsigned char > > unknown
Definition: psbt.h:954
bool AddOutput(const CTxOut &txout, const PSBTOutput &psbtout)
Definition: psbt.cpp:62
std::vector< PSBTInput > inputs
Definition: psbt.h:952
std::optional< CMutableTransaction > tx
Definition: psbt.h:948
bool AddInput(const CTxIn &txin, PSBTInput &psbtin)
Definition: psbt.cpp:49
std::vector< PSBTOutput > outputs
Definition: psbt.h:953
void Init(const T &tx, std::vector< CTxOut > &&spent_outputs, bool force=false)
Initialize this PrecomputedTransactionData with transaction data.
uint160 missing_redeem_script
ScriptID of the missing redeemScript (if any)
Definition: sign.h:85
std::vector< CKeyID > missing_sigs
KeyIDs of pubkeys for signatures which could not be found.
Definition: sign.h:84
std::map< std::vector< uint8_t >, std::vector< uint8_t > > ripemd160_preimages
Mapping from a RIPEMD160 hash to its preimage provided to solve a Script.
Definition: sign.h:89
std::map< CKeyID, XOnlyPubKey > tap_pubkeys
Misc Taproot pubkeys involved in this input, by hash. (Equivalent of misc_pubkeys but for Taproot....
Definition: sign.h:82
std::map< CKeyID, SigPair > signatures
BIP 174 style partial signatures for the input. May contain all signatures necessary for producing a ...
Definition: sign.h:77
TaprootSpendData tr_spenddata
Taproot spending data.
Definition: sign.h:75
bool witness
Stores whether the input this SigData corresponds to is a witness input.
Definition: sign.h:70
std::map< CKeyID, std::pair< CPubKey, KeyOriginInfo > > misc_pubkeys
Definition: sign.h:78
std::optional< TaprootBuilder > tr_builder
Taproot tree used to build tr_spenddata.
Definition: sign.h:76
CScript scriptSig
The scriptSig of an input. Contains complete signatures or the traditional partial signatures format.
Definition: sign.h:71
std::map< std::vector< uint8_t >, std::vector< uint8_t > > sha256_preimages
Mapping from a SHA256 hash to its preimage provided to solve a Script.
Definition: sign.h:87
std::vector< unsigned char > taproot_key_path_sig
Definition: sign.h:79
std::map< std::pair< XOnlyPubKey, uint256 >, std::vector< unsigned char > > taproot_script_sigs
Schnorr signature for key path spending.
Definition: sign.h:80
std::map< XOnlyPubKey, std::pair< std::set< uint256 >, KeyOriginInfo > > taproot_misc_pubkeys
Miscellaneous Taproot pubkeys involved in this input along with their leaf script hashes and key orig...
Definition: sign.h:81
std::map< std::vector< uint8_t >, std::vector< uint8_t > > hash256_preimages
Mapping from a HASH256 hash to its preimage provided to solve a Script.
Definition: sign.h:88
CScript redeem_script
The redeemScript (if any) for the input.
Definition: sign.h:72
uint256 missing_witness_script
SHA256 of the missing witnessScript (if any)
Definition: sign.h:86
std::vector< CKeyID > missing_pubkeys
KeyIDs of pubkeys which could not be found.
Definition: sign.h:83
CScript witness_script
The witnessScript (if any) for the input. witnessScripts are used in P2WSH outputs.
Definition: sign.h:73
CScriptWitness scriptWitness
The scriptWitness of an input. Contains complete signatures or the traditional partial signatures for...
Definition: sign.h:74
bool complete
Stores whether the scriptSig and scriptWitness are complete.
Definition: sign.h:69
std::map< std::vector< uint8_t >, std::vector< uint8_t > > hash160_preimages
Mapping from a HASH160 hash to its preimage provided to solve a Script.
Definition: sign.h:90
uint256 merkle_root
The Merkle root of the script tree (0 if no scripts).
std::map< std::pair< std::vector< unsigned char >, int >, std::set< std::vector< unsigned char >, ShortestVectorFirstComparator > > scripts
Map from (script, leaf_version) to (sets of) control blocks.
void Merge(TaprootSpendData other)
Merge other TaprootSpendData (for the same scriptPubKey) into this.
XOnlyPubKey internal_key
The BIP341 internal key.
static int count
std::optional< std::vector< unsigned char > > DecodeBase64(std::string_view str)
assert(!tx.IsCoinBase())