Bitcoin Core  25.99.0
P2P Digital Currency
psbt.h
Go to the documentation of this file.
1 // Copyright (c) 2009-2022 The Bitcoin Core developers
2 // Distributed under the MIT software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 
5 #ifndef BITCOIN_PSBT_H
6 #define BITCOIN_PSBT_H
7 
8 #include <node/transaction.h>
9 #include <policy/feerate.h>
10 #include <primitives/transaction.h>
11 #include <pubkey.h>
12 #include <script/keyorigin.h>
13 #include <script/sign.h>
14 #include <script/signingprovider.h>
15 #include <span.h>
16 #include <streams.h>
17 
18 #include <optional>
19 
20 // Magic bytes
21 static constexpr uint8_t PSBT_MAGIC_BYTES[5] = {'p', 's', 'b', 't', 0xff};
22 
23 // Global types
24 static constexpr uint8_t PSBT_GLOBAL_UNSIGNED_TX = 0x00;
25 static constexpr uint8_t PSBT_GLOBAL_XPUB = 0x01;
26 static constexpr uint8_t PSBT_GLOBAL_VERSION = 0xFB;
27 static constexpr uint8_t PSBT_GLOBAL_PROPRIETARY = 0xFC;
28 
29 // Input types
30 static constexpr uint8_t PSBT_IN_NON_WITNESS_UTXO = 0x00;
31 static constexpr uint8_t PSBT_IN_WITNESS_UTXO = 0x01;
32 static constexpr uint8_t PSBT_IN_PARTIAL_SIG = 0x02;
33 static constexpr uint8_t PSBT_IN_SIGHASH = 0x03;
34 static constexpr uint8_t PSBT_IN_REDEEMSCRIPT = 0x04;
35 static constexpr uint8_t PSBT_IN_WITNESSSCRIPT = 0x05;
36 static constexpr uint8_t PSBT_IN_BIP32_DERIVATION = 0x06;
37 static constexpr uint8_t PSBT_IN_SCRIPTSIG = 0x07;
38 static constexpr uint8_t PSBT_IN_SCRIPTWITNESS = 0x08;
39 static constexpr uint8_t PSBT_IN_RIPEMD160 = 0x0A;
40 static constexpr uint8_t PSBT_IN_SHA256 = 0x0B;
41 static constexpr uint8_t PSBT_IN_HASH160 = 0x0C;
42 static constexpr uint8_t PSBT_IN_HASH256 = 0x0D;
43 static constexpr uint8_t PSBT_IN_TAP_KEY_SIG = 0x13;
44 static constexpr uint8_t PSBT_IN_TAP_SCRIPT_SIG = 0x14;
45 static constexpr uint8_t PSBT_IN_TAP_LEAF_SCRIPT = 0x15;
46 static constexpr uint8_t PSBT_IN_TAP_BIP32_DERIVATION = 0x16;
47 static constexpr uint8_t PSBT_IN_TAP_INTERNAL_KEY = 0x17;
48 static constexpr uint8_t PSBT_IN_TAP_MERKLE_ROOT = 0x18;
49 static constexpr uint8_t PSBT_IN_PROPRIETARY = 0xFC;
50 
51 // Output types
52 static constexpr uint8_t PSBT_OUT_REDEEMSCRIPT = 0x00;
53 static constexpr uint8_t PSBT_OUT_WITNESSSCRIPT = 0x01;
54 static constexpr uint8_t PSBT_OUT_BIP32_DERIVATION = 0x02;
55 static constexpr uint8_t PSBT_OUT_TAP_INTERNAL_KEY = 0x05;
56 static constexpr uint8_t PSBT_OUT_TAP_TREE = 0x06;
57 static constexpr uint8_t PSBT_OUT_TAP_BIP32_DERIVATION = 0x07;
58 static constexpr uint8_t PSBT_OUT_PROPRIETARY = 0xFC;
59 
60 // The separator is 0x00. Reading this in means that the unserializer can interpret it
61 // as a 0 length key which indicates that this is the separator. The separator has no value.
62 static constexpr uint8_t PSBT_SEPARATOR = 0x00;
63 
64 // BIP 174 does not specify a maximum file size, but we set a limit anyway
65 // to prevent reading a stream indefinitely and running out of memory.
66 const std::streamsize MAX_FILE_SIZE_PSBT = 100000000; // 100 MB
67 
68 // PSBT version number
69 static constexpr uint32_t PSBT_HIGHEST_VERSION = 0;
70 
73 {
74  uint64_t subtype;
75  std::vector<unsigned char> identifier;
76  std::vector<unsigned char> key;
77  std::vector<unsigned char> value;
78 
79  bool operator<(const PSBTProprietary &b) const {
80  return key < b.key;
81  }
82  bool operator==(const PSBTProprietary &b) const {
83  return key == b.key;
84  }
85 };
86 
87 // Takes a stream and multiple arguments and serializes them as if first serialized into a vector and then into the stream
88 // The resulting output into the stream has the total serialized length of all of the objects followed by all objects concatenated with each other.
89 template<typename Stream, typename... X>
90 void SerializeToVector(Stream& s, const X&... args)
91 {
92  WriteCompactSize(s, GetSerializeSizeMany(s.GetVersion(), args...));
93  SerializeMany(s, args...);
94 }
95 
96 // Takes a stream and multiple arguments and unserializes them first as a vector then each object individually in the order provided in the arguments
97 template<typename Stream, typename... X>
98 void UnserializeFromVector(Stream& s, X&... args)
99 {
100  size_t expected_size = ReadCompactSize(s);
101  size_t remaining_before = s.size();
102  UnserializeMany(s, args...);
103  size_t remaining_after = s.size();
104  if (remaining_after + expected_size != remaining_before) {
105  throw std::ios_base::failure("Size of value was not the stated size");
106  }
107 }
108 
109 // Deserialize bytes of given length from the stream as a KeyOriginInfo
110 template<typename Stream>
111 KeyOriginInfo DeserializeKeyOrigin(Stream& s, uint64_t length)
112 {
113  // Read in key path
114  if (length % 4 || length == 0) {
115  throw std::ios_base::failure("Invalid length for HD key path");
116  }
117 
118  KeyOriginInfo hd_keypath;
119  s >> hd_keypath.fingerprint;
120  for (unsigned int i = 4; i < length; i += sizeof(uint32_t)) {
121  uint32_t index;
122  s >> index;
123  hd_keypath.path.push_back(index);
124  }
125  return hd_keypath;
126 }
127 
128 // Deserialize a length prefixed KeyOriginInfo from a stream
129 template<typename Stream>
130 void DeserializeHDKeypath(Stream& s, KeyOriginInfo& hd_keypath)
131 {
132  hd_keypath = DeserializeKeyOrigin(s, ReadCompactSize(s));
133 }
134 
135 // Deserialize HD keypaths into a map
136 template<typename Stream>
137 void DeserializeHDKeypaths(Stream& s, const std::vector<unsigned char>& key, std::map<CPubKey, KeyOriginInfo>& hd_keypaths)
138 {
139  // Make sure that the key is the size of pubkey + 1
140  if (key.size() != CPubKey::SIZE + 1 && key.size() != CPubKey::COMPRESSED_SIZE + 1) {
141  throw std::ios_base::failure("Size of key was not the expected size for the type BIP32 keypath");
142  }
143  // Read in the pubkey from key
144  CPubKey pubkey(key.begin() + 1, key.end());
145  if (!pubkey.IsFullyValid()) {
146  throw std::ios_base::failure("Invalid pubkey");
147  }
148  if (hd_keypaths.count(pubkey) > 0) {
149  throw std::ios_base::failure("Duplicate Key, pubkey derivation path already provided");
150  }
151 
152  KeyOriginInfo keypath;
153  DeserializeHDKeypath(s, keypath);
154 
155  // Add to map
156  hd_keypaths.emplace(pubkey, std::move(keypath));
157 }
158 
159 // Serialize a KeyOriginInfo to a stream
160 template<typename Stream>
161 void SerializeKeyOrigin(Stream& s, KeyOriginInfo hd_keypath)
162 {
163  s << hd_keypath.fingerprint;
164  for (const auto& path : hd_keypath.path) {
165  s << path;
166  }
167 }
168 
169 // Serialize a length prefixed KeyOriginInfo to a stream
170 template<typename Stream>
171 void SerializeHDKeypath(Stream& s, KeyOriginInfo hd_keypath)
172 {
173  WriteCompactSize(s, (hd_keypath.path.size() + 1) * sizeof(uint32_t));
174  SerializeKeyOrigin(s, hd_keypath);
175 }
176 
177 // Serialize HD keypaths to a stream from a map
178 template<typename Stream>
179 void SerializeHDKeypaths(Stream& s, const std::map<CPubKey, KeyOriginInfo>& hd_keypaths, CompactSizeWriter type)
180 {
181  for (const auto& keypath_pair : hd_keypaths) {
182  if (!keypath_pair.first.IsValid()) {
183  throw std::ios_base::failure("Invalid CPubKey being serialized");
184  }
185  SerializeToVector(s, type, Span{keypath_pair.first});
186  SerializeHDKeypath(s, keypath_pair.second);
187  }
188 }
189 
191 struct PSBTInput
192 {
199  std::map<CPubKey, KeyOriginInfo> hd_keypaths;
200  std::map<CKeyID, SigPair> partial_sigs;
201  std::map<uint160, std::vector<unsigned char>> ripemd160_preimages;
202  std::map<uint256, std::vector<unsigned char>> sha256_preimages;
203  std::map<uint160, std::vector<unsigned char>> hash160_preimages;
204  std::map<uint256, std::vector<unsigned char>> hash256_preimages;
205 
206  // Taproot fields
207  std::vector<unsigned char> m_tap_key_sig;
208  std::map<std::pair<XOnlyPubKey, uint256>, std::vector<unsigned char>> m_tap_script_sigs;
209  std::map<std::pair<std::vector<unsigned char>, int>, std::set<std::vector<unsigned char>, ShortestVectorFirstComparator>> m_tap_scripts;
210  std::map<XOnlyPubKey, std::pair<std::set<uint256>, KeyOriginInfo>> m_tap_bip32_paths;
213 
214  std::map<std::vector<unsigned char>, std::vector<unsigned char>> unknown;
215  std::set<PSBTProprietary> m_proprietary;
216  std::optional<int> sighash_type;
217 
218  bool IsNull() const;
219  void FillSignatureData(SignatureData& sigdata) const;
220  void FromSignatureData(const SignatureData& sigdata);
221  void Merge(const PSBTInput& input);
223 
224  template <typename Stream>
225  inline void Serialize(Stream& s) const {
226  // Write the utxo
227  if (non_witness_utxo) {
229  OverrideStream<Stream> os(&s, s.GetType(), s.GetVersion() | SERIALIZE_TRANSACTION_NO_WITNESS);
231  }
232  if (!witness_utxo.IsNull()) {
235  }
236 
238  // Write any partial signatures
239  for (auto sig_pair : partial_sigs) {
241  s << sig_pair.second.second;
242  }
243 
244  // Write the sighash type
245  if (sighash_type != std::nullopt) {
248  }
249 
250  // Write the redeem script
251  if (!redeem_script.empty()) {
253  s << redeem_script;
254  }
255 
256  // Write the witness script
257  if (!witness_script.empty()) {
259  s << witness_script;
260  }
261 
262  // Write any hd keypaths
264 
265  // Write any ripemd160 preimage
266  for (const auto& [hash, preimage] : ripemd160_preimages) {
268  s << preimage;
269  }
270 
271  // Write any sha256 preimage
272  for (const auto& [hash, preimage] : sha256_preimages) {
274  s << preimage;
275  }
276 
277  // Write any hash160 preimage
278  for (const auto& [hash, preimage] : hash160_preimages) {
280  s << preimage;
281  }
282 
283  // Write any hash256 preimage
284  for (const auto& [hash, preimage] : hash256_preimages) {
286  s << preimage;
287  }
288 
289  // Write taproot key sig
290  if (!m_tap_key_sig.empty()) {
292  s << m_tap_key_sig;
293  }
294 
295  // Write taproot script sigs
296  for (const auto& [pubkey_leaf, sig] : m_tap_script_sigs) {
297  const auto& [xonly, leaf_hash] = pubkey_leaf;
298  SerializeToVector(s, PSBT_IN_TAP_SCRIPT_SIG, xonly, leaf_hash);
299  s << sig;
300  }
301 
302  // Write taproot leaf scripts
303  for (const auto& [leaf, control_blocks] : m_tap_scripts) {
304  const auto& [script, leaf_ver] = leaf;
305  for (const auto& control_block : control_blocks) {
306  SerializeToVector(s, PSBT_IN_TAP_LEAF_SCRIPT, Span{control_block});
307  std::vector<unsigned char> value_v(script.begin(), script.end());
308  value_v.push_back((uint8_t)leaf_ver);
309  s << value_v;
310  }
311  }
312 
313  // Write taproot bip32 keypaths
314  for (const auto& [xonly, leaf_origin] : m_tap_bip32_paths) {
315  const auto& [leaf_hashes, origin] = leaf_origin;
317  std::vector<unsigned char> value;
318  CVectorWriter s_value(s.GetType(), s.GetVersion(), value, 0);
319  s_value << leaf_hashes;
320  SerializeKeyOrigin(s_value, origin);
321  s << value;
322  }
323 
324  // Write taproot internal key
325  if (!m_tap_internal_key.IsNull()) {
328  }
329 
330  // Write taproot merkle root
331  if (!m_tap_merkle_root.IsNull()) {
334  }
335  }
336 
337  // Write script sig
338  if (!final_script_sig.empty()) {
340  s << final_script_sig;
341  }
342  // write script witness
343  if (!final_script_witness.IsNull()) {
346  }
347 
348  // Write proprietary things
349  for (const auto& entry : m_proprietary) {
350  s << entry.key;
351  s << entry.value;
352  }
353 
354  // Write unknown things
355  for (auto& entry : unknown) {
356  s << entry.first;
357  s << entry.second;
358  }
359 
360  s << PSBT_SEPARATOR;
361  }
362 
363 
364  template <typename Stream>
365  inline void Unserialize(Stream& s) {
366  // Used for duplicate key detection
367  std::set<std::vector<unsigned char>> key_lookup;
368 
369  // Read loop
370  bool found_sep = false;
371  while(!s.empty()) {
372  // Read
373  std::vector<unsigned char> key;
374  s >> key;
375 
376  // the key is empty if that was actually a separator byte
377  // This is a special case for key lengths 0 as those are not allowed (except for separator)
378  if (key.empty()) {
379  found_sep = true;
380  break;
381  }
382 
383  // Type is compact size uint at beginning of key
384  SpanReader skey(s.GetType(), s.GetVersion(), key);
385  uint64_t type = ReadCompactSize(skey);
386 
387  // Do stuff based on type
388  switch(type) {
390  {
391  if (!key_lookup.emplace(key).second) {
392  throw std::ios_base::failure("Duplicate Key, input non-witness utxo already provided");
393  } else if (key.size() != 1) {
394  throw std::ios_base::failure("Non-witness utxo key is more than one byte type");
395  }
396  // Set the stream to unserialize with witness since this is always a valid network transaction
397  OverrideStream<Stream> os(&s, s.GetType(), s.GetVersion() & ~SERIALIZE_TRANSACTION_NO_WITNESS);
399  break;
400  }
402  if (!key_lookup.emplace(key).second) {
403  throw std::ios_base::failure("Duplicate Key, input witness utxo already provided");
404  } else if (key.size() != 1) {
405  throw std::ios_base::failure("Witness utxo key is more than one byte type");
406  }
408  break;
409  case PSBT_IN_PARTIAL_SIG:
410  {
411  // Make sure that the key is the size of pubkey + 1
412  if (key.size() != CPubKey::SIZE + 1 && key.size() != CPubKey::COMPRESSED_SIZE + 1) {
413  throw std::ios_base::failure("Size of key was not the expected size for the type partial signature pubkey");
414  }
415  // Read in the pubkey from key
416  CPubKey pubkey(key.begin() + 1, key.end());
417  if (!pubkey.IsFullyValid()) {
418  throw std::ios_base::failure("Invalid pubkey");
419  }
420  if (partial_sigs.count(pubkey.GetID()) > 0) {
421  throw std::ios_base::failure("Duplicate Key, input partial signature for pubkey already provided");
422  }
423 
424  // Read in the signature from value
425  std::vector<unsigned char> sig;
426  s >> sig;
427 
428  // Add to list
429  partial_sigs.emplace(pubkey.GetID(), SigPair(pubkey, std::move(sig)));
430  break;
431  }
432  case PSBT_IN_SIGHASH:
433  if (!key_lookup.emplace(key).second) {
434  throw std::ios_base::failure("Duplicate Key, input sighash type already provided");
435  } else if (key.size() != 1) {
436  throw std::ios_base::failure("Sighash type key is more than one byte type");
437  }
438  int sighash;
439  UnserializeFromVector(s, sighash);
440  sighash_type = sighash;
441  break;
443  {
444  if (!key_lookup.emplace(key).second) {
445  throw std::ios_base::failure("Duplicate Key, input redeemScript already provided");
446  } else if (key.size() != 1) {
447  throw std::ios_base::failure("Input redeemScript key is more than one byte type");
448  }
449  s >> redeem_script;
450  break;
451  }
453  {
454  if (!key_lookup.emplace(key).second) {
455  throw std::ios_base::failure("Duplicate Key, input witnessScript already provided");
456  } else if (key.size() != 1) {
457  throw std::ios_base::failure("Input witnessScript key is more than one byte type");
458  }
459  s >> witness_script;
460  break;
461  }
463  {
465  break;
466  }
467  case PSBT_IN_SCRIPTSIG:
468  {
469  if (!key_lookup.emplace(key).second) {
470  throw std::ios_base::failure("Duplicate Key, input final scriptSig already provided");
471  } else if (key.size() != 1) {
472  throw std::ios_base::failure("Final scriptSig key is more than one byte type");
473  }
474  s >> final_script_sig;
475  break;
476  }
478  {
479  if (!key_lookup.emplace(key).second) {
480  throw std::ios_base::failure("Duplicate Key, input final scriptWitness already provided");
481  } else if (key.size() != 1) {
482  throw std::ios_base::failure("Final scriptWitness key is more than one byte type");
483  }
485  break;
486  }
487  case PSBT_IN_RIPEMD160:
488  {
489  // Make sure that the key is the size of a ripemd160 hash + 1
490  if (key.size() != CRIPEMD160::OUTPUT_SIZE + 1) {
491  throw std::ios_base::failure("Size of key was not the expected size for the type ripemd160 preimage");
492  }
493  // Read in the hash from key
494  std::vector<unsigned char> hash_vec(key.begin() + 1, key.end());
495  uint160 hash(hash_vec);
496  if (ripemd160_preimages.count(hash) > 0) {
497  throw std::ios_base::failure("Duplicate Key, input ripemd160 preimage already provided");
498  }
499 
500  // Read in the preimage from value
501  std::vector<unsigned char> preimage;
502  s >> preimage;
503 
504  // Add to preimages list
505  ripemd160_preimages.emplace(hash, std::move(preimage));
506  break;
507  }
508  case PSBT_IN_SHA256:
509  {
510  // Make sure that the key is the size of a sha256 hash + 1
511  if (key.size() != CSHA256::OUTPUT_SIZE + 1) {
512  throw std::ios_base::failure("Size of key was not the expected size for the type sha256 preimage");
513  }
514  // Read in the hash from key
515  std::vector<unsigned char> hash_vec(key.begin() + 1, key.end());
516  uint256 hash(hash_vec);
517  if (sha256_preimages.count(hash) > 0) {
518  throw std::ios_base::failure("Duplicate Key, input sha256 preimage already provided");
519  }
520 
521  // Read in the preimage from value
522  std::vector<unsigned char> preimage;
523  s >> preimage;
524 
525  // Add to preimages list
526  sha256_preimages.emplace(hash, std::move(preimage));
527  break;
528  }
529  case PSBT_IN_HASH160:
530  {
531  // Make sure that the key is the size of a hash160 hash + 1
532  if (key.size() != CHash160::OUTPUT_SIZE + 1) {
533  throw std::ios_base::failure("Size of key was not the expected size for the type hash160 preimage");
534  }
535  // Read in the hash from key
536  std::vector<unsigned char> hash_vec(key.begin() + 1, key.end());
537  uint160 hash(hash_vec);
538  if (hash160_preimages.count(hash) > 0) {
539  throw std::ios_base::failure("Duplicate Key, input hash160 preimage already provided");
540  }
541 
542  // Read in the preimage from value
543  std::vector<unsigned char> preimage;
544  s >> preimage;
545 
546  // Add to preimages list
547  hash160_preimages.emplace(hash, std::move(preimage));
548  break;
549  }
550  case PSBT_IN_HASH256:
551  {
552  // Make sure that the key is the size of a hash256 hash + 1
553  if (key.size() != CHash256::OUTPUT_SIZE + 1) {
554  throw std::ios_base::failure("Size of key was not the expected size for the type hash256 preimage");
555  }
556  // Read in the hash from key
557  std::vector<unsigned char> hash_vec(key.begin() + 1, key.end());
558  uint256 hash(hash_vec);
559  if (hash256_preimages.count(hash) > 0) {
560  throw std::ios_base::failure("Duplicate Key, input hash256 preimage already provided");
561  }
562 
563  // Read in the preimage from value
564  std::vector<unsigned char> preimage;
565  s >> preimage;
566 
567  // Add to preimages list
568  hash256_preimages.emplace(hash, std::move(preimage));
569  break;
570  }
571  case PSBT_IN_TAP_KEY_SIG:
572  {
573  if (!key_lookup.emplace(key).second) {
574  throw std::ios_base::failure("Duplicate Key, input Taproot key signature already provided");
575  } else if (key.size() != 1) {
576  throw std::ios_base::failure("Input Taproot key signature key is more than one byte type");
577  }
578  s >> m_tap_key_sig;
579  if (m_tap_key_sig.size() < 64) {
580  throw std::ios_base::failure("Input Taproot key path signature is shorter than 64 bytes");
581  } else if (m_tap_key_sig.size() > 65) {
582  throw std::ios_base::failure("Input Taproot key path signature is longer than 65 bytes");
583  }
584  break;
585  }
587  {
588  if (!key_lookup.emplace(key).second) {
589  throw std::ios_base::failure("Duplicate Key, input Taproot script signature already provided");
590  } else if (key.size() != 65) {
591  throw std::ios_base::failure("Input Taproot script signature key is not 65 bytes");
592  }
593  SpanReader s_key(s.GetType(), s.GetVersion(), Span{key}.subspan(1));
594  XOnlyPubKey xonly;
595  uint256 hash;
596  s_key >> xonly;
597  s_key >> hash;
598  std::vector<unsigned char> sig;
599  s >> sig;
600  if (sig.size() < 64) {
601  throw std::ios_base::failure("Input Taproot script path signature is shorter than 64 bytes");
602  } else if (sig.size() > 65) {
603  throw std::ios_base::failure("Input Taproot script path signature is longer than 65 bytes");
604  }
605  m_tap_script_sigs.emplace(std::make_pair(xonly, hash), sig);
606  break;
607  }
609  {
610  if (!key_lookup.emplace(key).second) {
611  throw std::ios_base::failure("Duplicate Key, input Taproot leaf script already provided");
612  } else if (key.size() < 34) {
613  throw std::ios_base::failure("Taproot leaf script key is not at least 34 bytes");
614  } else if ((key.size() - 2) % 32 != 0) {
615  throw std::ios_base::failure("Input Taproot leaf script key's control block size is not valid");
616  }
617  std::vector<unsigned char> script_v;
618  s >> script_v;
619  if (script_v.empty()) {
620  throw std::ios_base::failure("Input Taproot leaf script must be at least 1 byte");
621  }
622  uint8_t leaf_ver = script_v.back();
623  script_v.pop_back();
624  const auto leaf_script = std::make_pair(script_v, (int)leaf_ver);
625  m_tap_scripts[leaf_script].insert(std::vector<unsigned char>(key.begin() + 1, key.end()));
626  break;
627  }
629  {
630  if (!key_lookup.emplace(key).second) {
631  throw std::ios_base::failure("Duplicate Key, input Taproot BIP32 keypath already provided");
632  } else if (key.size() != 33) {
633  throw std::ios_base::failure("Input Taproot BIP32 keypath key is not at 33 bytes");
634  }
635  SpanReader s_key(s.GetType(), s.GetVersion(), Span{key}.subspan(1));
636  XOnlyPubKey xonly;
637  s_key >> xonly;
638  std::set<uint256> leaf_hashes;
639  uint64_t value_len = ReadCompactSize(s);
640  size_t before_hashes = s.size();
641  s >> leaf_hashes;
642  size_t after_hashes = s.size();
643  size_t hashes_len = before_hashes - after_hashes;
644  if (hashes_len > value_len) {
645  throw std::ios_base::failure("Input Taproot BIP32 keypath has an invalid length");
646  }
647  size_t origin_len = value_len - hashes_len;
648  m_tap_bip32_paths.emplace(xonly, std::make_pair(leaf_hashes, DeserializeKeyOrigin(s, origin_len)));
649  break;
650  }
652  {
653  if (!key_lookup.emplace(key).second) {
654  throw std::ios_base::failure("Duplicate Key, input Taproot internal key already provided");
655  } else if (key.size() != 1) {
656  throw std::ios_base::failure("Input Taproot internal key key is more than one byte type");
657  }
659  break;
660  }
662  {
663  if (!key_lookup.emplace(key).second) {
664  throw std::ios_base::failure("Duplicate Key, input Taproot merkle root already provided");
665  } else if (key.size() != 1) {
666  throw std::ios_base::failure("Input Taproot merkle root key is more than one byte type");
667  }
669  break;
670  }
671  case PSBT_IN_PROPRIETARY:
672  {
673  PSBTProprietary this_prop;
674  skey >> this_prop.identifier;
675  this_prop.subtype = ReadCompactSize(skey);
676  this_prop.key = key;
677 
678  if (m_proprietary.count(this_prop) > 0) {
679  throw std::ios_base::failure("Duplicate Key, proprietary key already found");
680  }
681  s >> this_prop.value;
682  m_proprietary.insert(this_prop);
683  break;
684  }
685  // Unknown stuff
686  default:
687  if (unknown.count(key) > 0) {
688  throw std::ios_base::failure("Duplicate Key, key for unknown value already provided");
689  }
690  // Read in the value
691  std::vector<unsigned char> val_bytes;
692  s >> val_bytes;
693  unknown.emplace(std::move(key), std::move(val_bytes));
694  break;
695  }
696  }
697 
698  if (!found_sep) {
699  throw std::ios_base::failure("Separator is missing at the end of an input map");
700  }
701  }
702 
703  template <typename Stream>
705  Unserialize(s);
706  }
707 };
708 
711 {
714  std::map<CPubKey, KeyOriginInfo> hd_keypaths;
716  std::vector<std::tuple<uint8_t, uint8_t, std::vector<unsigned char>>> m_tap_tree;
717  std::map<XOnlyPubKey, std::pair<std::set<uint256>, KeyOriginInfo>> m_tap_bip32_paths;
718  std::map<std::vector<unsigned char>, std::vector<unsigned char>> unknown;
719  std::set<PSBTProprietary> m_proprietary;
720 
721  bool IsNull() const;
722  void FillSignatureData(SignatureData& sigdata) const;
723  void FromSignatureData(const SignatureData& sigdata);
724  void Merge(const PSBTOutput& output);
726 
727  template <typename Stream>
728  inline void Serialize(Stream& s) const {
729  // Write the redeem script
730  if (!redeem_script.empty()) {
732  s << redeem_script;
733  }
734 
735  // Write the witness script
736  if (!witness_script.empty()) {
738  s << witness_script;
739  }
740 
741  // Write any hd keypaths
743 
744  // Write proprietary things
745  for (const auto& entry : m_proprietary) {
746  s << entry.key;
747  s << entry.value;
748  }
749 
750  // Write taproot internal key
751  if (!m_tap_internal_key.IsNull()) {
754  }
755 
756  // Write taproot tree
757  if (!m_tap_tree.empty()) {
759  std::vector<unsigned char> value;
760  CVectorWriter s_value(s.GetType(), s.GetVersion(), value, 0);
761  for (const auto& [depth, leaf_ver, script] : m_tap_tree) {
762  s_value << depth;
763  s_value << leaf_ver;
764  s_value << script;
765  }
766  s << value;
767  }
768 
769  // Write taproot bip32 keypaths
770  for (const auto& [xonly, leaf] : m_tap_bip32_paths) {
771  const auto& [leaf_hashes, origin] = leaf;
773  std::vector<unsigned char> value;
774  CVectorWriter s_value(s.GetType(), s.GetVersion(), value, 0);
775  s_value << leaf_hashes;
776  SerializeKeyOrigin(s_value, origin);
777  s << value;
778  }
779 
780  // Write unknown things
781  for (auto& entry : unknown) {
782  s << entry.first;
783  s << entry.second;
784  }
785 
786  s << PSBT_SEPARATOR;
787  }
788 
789 
790  template <typename Stream>
791  inline void Unserialize(Stream& s) {
792  // Used for duplicate key detection
793  std::set<std::vector<unsigned char>> key_lookup;
794 
795  // Read loop
796  bool found_sep = false;
797  while(!s.empty()) {
798  // Read
799  std::vector<unsigned char> key;
800  s >> key;
801 
802  // the key is empty if that was actually a separator byte
803  // This is a special case for key lengths 0 as those are not allowed (except for separator)
804  if (key.empty()) {
805  found_sep = true;
806  break;
807  }
808 
809  // Type is compact size uint at beginning of key
810  SpanReader skey(s.GetType(), s.GetVersion(), key);
811  uint64_t type = ReadCompactSize(skey);
812 
813  // Do stuff based on type
814  switch(type) {
816  {
817  if (!key_lookup.emplace(key).second) {
818  throw std::ios_base::failure("Duplicate Key, output redeemScript already provided");
819  } else if (key.size() != 1) {
820  throw std::ios_base::failure("Output redeemScript key is more than one byte type");
821  }
822  s >> redeem_script;
823  break;
824  }
826  {
827  if (!key_lookup.emplace(key).second) {
828  throw std::ios_base::failure("Duplicate Key, output witnessScript already provided");
829  } else if (key.size() != 1) {
830  throw std::ios_base::failure("Output witnessScript key is more than one byte type");
831  }
832  s >> witness_script;
833  break;
834  }
836  {
838  break;
839  }
841  {
842  if (!key_lookup.emplace(key).second) {
843  throw std::ios_base::failure("Duplicate Key, output Taproot internal key already provided");
844  } else if (key.size() != 1) {
845  throw std::ios_base::failure("Output Taproot internal key key is more than one byte type");
846  }
848  break;
849  }
850  case PSBT_OUT_TAP_TREE:
851  {
852  if (!key_lookup.emplace(key).second) {
853  throw std::ios_base::failure("Duplicate Key, output Taproot tree already provided");
854  } else if (key.size() != 1) {
855  throw std::ios_base::failure("Output Taproot tree key is more than one byte type");
856  }
857  std::vector<unsigned char> tree_v;
858  s >> tree_v;
859  SpanReader s_tree(s.GetType(), s.GetVersion(), tree_v);
860  if (s_tree.empty()) {
861  throw std::ios_base::failure("Output Taproot tree must not be empty");
862  }
863  TaprootBuilder builder;
864  while (!s_tree.empty()) {
865  uint8_t depth;
866  uint8_t leaf_ver;
867  std::vector<unsigned char> script;
868  s_tree >> depth;
869  s_tree >> leaf_ver;
870  s_tree >> script;
871  if (depth > TAPROOT_CONTROL_MAX_NODE_COUNT) {
872  throw std::ios_base::failure("Output Taproot tree has as leaf greater than Taproot maximum depth");
873  }
874  if ((leaf_ver & ~TAPROOT_LEAF_MASK) != 0) {
875  throw std::ios_base::failure("Output Taproot tree has a leaf with an invalid leaf version");
876  }
877  m_tap_tree.push_back(std::make_tuple(depth, leaf_ver, script));
878  builder.Add((int)depth, script, (int)leaf_ver, /*track=*/true);
879  }
880  if (!builder.IsComplete()) {
881  throw std::ios_base::failure("Output Taproot tree is malformed");
882  }
883  break;
884  }
886  {
887  if (!key_lookup.emplace(key).second) {
888  throw std::ios_base::failure("Duplicate Key, output Taproot BIP32 keypath already provided");
889  } else if (key.size() != 33) {
890  throw std::ios_base::failure("Output Taproot BIP32 keypath key is not at 33 bytes");
891  }
892  XOnlyPubKey xonly(uint256(Span<uint8_t>(key).last(32)));
893  std::set<uint256> leaf_hashes;
894  uint64_t value_len = ReadCompactSize(s);
895  size_t before_hashes = s.size();
896  s >> leaf_hashes;
897  size_t after_hashes = s.size();
898  size_t hashes_len = before_hashes - after_hashes;
899  if (hashes_len > value_len) {
900  throw std::ios_base::failure("Output Taproot BIP32 keypath has an invalid length");
901  }
902  size_t origin_len = value_len - hashes_len;
903  m_tap_bip32_paths.emplace(xonly, std::make_pair(leaf_hashes, DeserializeKeyOrigin(s, origin_len)));
904  break;
905  }
907  {
908  PSBTProprietary this_prop;
909  skey >> this_prop.identifier;
910  this_prop.subtype = ReadCompactSize(skey);
911  this_prop.key = key;
912 
913  if (m_proprietary.count(this_prop) > 0) {
914  throw std::ios_base::failure("Duplicate Key, proprietary key already found");
915  }
916  s >> this_prop.value;
917  m_proprietary.insert(this_prop);
918  break;
919  }
920  // Unknown stuff
921  default: {
922  if (unknown.count(key) > 0) {
923  throw std::ios_base::failure("Duplicate Key, key for unknown value already provided");
924  }
925  // Read in the value
926  std::vector<unsigned char> val_bytes;
927  s >> val_bytes;
928  unknown.emplace(std::move(key), std::move(val_bytes));
929  break;
930  }
931  }
932  }
933 
934  if (!found_sep) {
935  throw std::ios_base::failure("Separator is missing at the end of an output map");
936  }
937  }
938 
939  template <typename Stream>
941  Unserialize(s);
942  }
943 };
944 
947 {
948  std::optional<CMutableTransaction> tx;
949  // We use a vector of CExtPubKey in the event that there happens to be the same KeyOriginInfos for different CExtPubKeys
950  // Note that this map swaps the key and values from the serialization
951  std::map<KeyOriginInfo, std::set<CExtPubKey>> m_xpubs;
952  std::vector<PSBTInput> inputs;
953  std::vector<PSBTOutput> outputs;
954  std::map<std::vector<unsigned char>, std::vector<unsigned char>> unknown;
955  std::optional<uint32_t> m_version;
956  std::set<PSBTProprietary> m_proprietary;
957 
958  bool IsNull() const;
959  uint32_t GetVersion() const;
960 
963  [[nodiscard]] bool Merge(const PartiallySignedTransaction& psbt);
964  bool AddInput(const CTxIn& txin, PSBTInput& psbtin);
965  bool AddOutput(const CTxOut& txout, const PSBTOutput& psbtout);
975  bool GetInputUTXO(CTxOut& utxo, int input_index) const;
976 
977  template <typename Stream>
978  inline void Serialize(Stream& s) const {
979 
980  // magic bytes
981  s << PSBT_MAGIC_BYTES;
982 
983  // unsigned tx flag
985 
986  // Write serialized tx to a stream
987  OverrideStream<Stream> os(&s, s.GetType(), s.GetVersion() | SERIALIZE_TRANSACTION_NO_WITNESS);
988  SerializeToVector(os, *tx);
989 
990  // Write xpubs
991  for (const auto& xpub_pair : m_xpubs) {
992  for (const auto& xpub : xpub_pair.second) {
993  unsigned char ser_xpub[BIP32_EXTKEY_WITH_VERSION_SIZE];
994  xpub.EncodeWithVersion(ser_xpub);
995  // Note that the serialization swaps the key and value
996  // The xpub is the key (for uniqueness) while the path is the value
997  SerializeToVector(s, PSBT_GLOBAL_XPUB, ser_xpub);
998  SerializeHDKeypath(s, xpub_pair.first);
999  }
1000  }
1001 
1002  // PSBT version
1003  if (GetVersion() > 0) {
1006  }
1007 
1008  // Write proprietary things
1009  for (const auto& entry : m_proprietary) {
1010  s << entry.key;
1011  s << entry.value;
1012  }
1013 
1014  // Write the unknown things
1015  for (auto& entry : unknown) {
1016  s << entry.first;
1017  s << entry.second;
1018  }
1019 
1020  // Separator
1021  s << PSBT_SEPARATOR;
1022 
1023  // Write inputs
1024  for (const PSBTInput& input : inputs) {
1025  s << input;
1026  }
1027  // Write outputs
1028  for (const PSBTOutput& output : outputs) {
1029  s << output;
1030  }
1031  }
1032 
1033 
1034  template <typename Stream>
1035  inline void Unserialize(Stream& s) {
1036  // Read the magic bytes
1037  uint8_t magic[5];
1038  s >> magic;
1039  if (!std::equal(magic, magic + 5, PSBT_MAGIC_BYTES)) {
1040  throw std::ios_base::failure("Invalid PSBT magic bytes");
1041  }
1042 
1043  // Used for duplicate key detection
1044  std::set<std::vector<unsigned char>> key_lookup;
1045 
1046  // Track the global xpubs we have already seen. Just for sanity checking
1047  std::set<CExtPubKey> global_xpubs;
1048 
1049  // Read global data
1050  bool found_sep = false;
1051  while(!s.empty()) {
1052  // Read
1053  std::vector<unsigned char> key;
1054  s >> key;
1055 
1056  // the key is empty if that was actually a separator byte
1057  // This is a special case for key lengths 0 as those are not allowed (except for separator)
1058  if (key.empty()) {
1059  found_sep = true;
1060  break;
1061  }
1062 
1063  // Type is compact size uint at beginning of key
1064  SpanReader skey(s.GetType(), s.GetVersion(), key);
1065  uint64_t type = ReadCompactSize(skey);
1066 
1067  // Do stuff based on type
1068  switch(type) {
1070  {
1071  if (!key_lookup.emplace(key).second) {
1072  throw std::ios_base::failure("Duplicate Key, unsigned tx already provided");
1073  } else if (key.size() != 1) {
1074  throw std::ios_base::failure("Global unsigned tx key is more than one byte type");
1075  }
1076  CMutableTransaction mtx;
1077  // Set the stream to serialize with non-witness since this should always be non-witness
1078  OverrideStream<Stream> os(&s, s.GetType(), s.GetVersion() | SERIALIZE_TRANSACTION_NO_WITNESS);
1079  UnserializeFromVector(os, mtx);
1080  tx = std::move(mtx);
1081  // Make sure that all scriptSigs and scriptWitnesses are empty
1082  for (const CTxIn& txin : tx->vin) {
1083  if (!txin.scriptSig.empty() || !txin.scriptWitness.IsNull()) {
1084  throw std::ios_base::failure("Unsigned tx does not have empty scriptSigs and scriptWitnesses.");
1085  }
1086  }
1087  break;
1088  }
1089  case PSBT_GLOBAL_XPUB:
1090  {
1091  if (key.size() != BIP32_EXTKEY_WITH_VERSION_SIZE + 1) {
1092  throw std::ios_base::failure("Size of key was not the expected size for the type global xpub");
1093  }
1094  // Read in the xpub from key
1095  CExtPubKey xpub;
1096  xpub.DecodeWithVersion(&key.data()[1]);
1097  if (!xpub.pubkey.IsFullyValid()) {
1098  throw std::ios_base::failure("Invalid pubkey");
1099  }
1100  if (global_xpubs.count(xpub) > 0) {
1101  throw std::ios_base::failure("Duplicate key, global xpub already provided");
1102  }
1103  global_xpubs.insert(xpub);
1104  // Read in the keypath from stream
1105  KeyOriginInfo keypath;
1106  DeserializeHDKeypath(s, keypath);
1107 
1108  // Note that we store these swapped to make searches faster.
1109  // Serialization uses xpub -> keypath to enqure key uniqueness
1110  if (m_xpubs.count(keypath) == 0) {
1111  // Make a new set to put the xpub in
1112  m_xpubs[keypath] = {xpub};
1113  } else {
1114  // Insert xpub into existing set
1115  m_xpubs[keypath].insert(xpub);
1116  }
1117  break;
1118  }
1119  case PSBT_GLOBAL_VERSION:
1120  {
1121  if (m_version) {
1122  throw std::ios_base::failure("Duplicate Key, version already provided");
1123  } else if (key.size() != 1) {
1124  throw std::ios_base::failure("Global version key is more than one byte type");
1125  }
1126  uint32_t v;
1127  UnserializeFromVector(s, v);
1128  m_version = v;
1130  throw std::ios_base::failure("Unsupported version number");
1131  }
1132  break;
1133  }
1135  {
1136  PSBTProprietary this_prop;
1137  skey >> this_prop.identifier;
1138  this_prop.subtype = ReadCompactSize(skey);
1139  this_prop.key = key;
1140 
1141  if (m_proprietary.count(this_prop) > 0) {
1142  throw std::ios_base::failure("Duplicate Key, proprietary key already found");
1143  }
1144  s >> this_prop.value;
1145  m_proprietary.insert(this_prop);
1146  break;
1147  }
1148  // Unknown stuff
1149  default: {
1150  if (unknown.count(key) > 0) {
1151  throw std::ios_base::failure("Duplicate Key, key for unknown value already provided");
1152  }
1153  // Read in the value
1154  std::vector<unsigned char> val_bytes;
1155  s >> val_bytes;
1156  unknown.emplace(std::move(key), std::move(val_bytes));
1157  }
1158  }
1159  }
1160 
1161  if (!found_sep) {
1162  throw std::ios_base::failure("Separator is missing at the end of the global map");
1163  }
1164 
1165  // Make sure that we got an unsigned tx
1166  if (!tx) {
1167  throw std::ios_base::failure("No unsigned transaction was provided");
1168  }
1169 
1170  // Read input data
1171  unsigned int i = 0;
1172  while (!s.empty() && i < tx->vin.size()) {
1173  PSBTInput input;
1174  s >> input;
1175  inputs.push_back(input);
1176 
1177  // Make sure the non-witness utxo matches the outpoint
1178  if (input.non_witness_utxo && input.non_witness_utxo->GetHash() != tx->vin[i].prevout.hash) {
1179  throw std::ios_base::failure("Non-witness UTXO does not match outpoint hash");
1180  }
1181  ++i;
1182  }
1183  // Make sure that the number of inputs matches the number of inputs in the transaction
1184  if (inputs.size() != tx->vin.size()) {
1185  throw std::ios_base::failure("Inputs provided does not match the number of inputs in transaction.");
1186  }
1187 
1188  // Read output data
1189  i = 0;
1190  while (!s.empty() && i < tx->vout.size()) {
1191  PSBTOutput output;
1192  s >> output;
1193  outputs.push_back(output);
1194  ++i;
1195  }
1196  // Make sure that the number of outputs matches the number of outputs in the transaction
1197  if (outputs.size() != tx->vout.size()) {
1198  throw std::ios_base::failure("Outputs provided does not match the number of outputs in transaction.");
1199  }
1200  }
1201 
1202  template <typename Stream>
1204  Unserialize(s);
1205  }
1206 };
1207 
1208 enum class PSBTRole {
1209  CREATOR,
1210  UPDATER,
1211  SIGNER,
1212  FINALIZER,
1213  EXTRACTOR
1214 };
1215 
1216 std::string PSBTRoleName(PSBTRole role);
1217 
1220 
1222 bool PSBTInputSigned(const PSBTInput& input);
1223 
1225 bool PSBTInputSignedAndVerified(const PartiallySignedTransaction psbt, unsigned int input_index, const PrecomputedTransactionData* txdata);
1226 
1232 bool SignPSBTInput(const SigningProvider& provider, PartiallySignedTransaction& psbt, int index, const PrecomputedTransactionData* txdata, int sighash = SIGHASH_ALL, SignatureData* out_sigdata = nullptr, bool finalize = true);
1233 
1235 void RemoveUnnecessaryTransactions(PartiallySignedTransaction& psbtx, const int& sighash_type);
1236 
1239 
1244 void UpdatePSBTOutput(const SigningProvider& provider, PartiallySignedTransaction& psbt, int index);
1245 
1253 
1262 
1270 [[nodiscard]] TransactionError CombinePSBTs(PartiallySignedTransaction& out, const std::vector<PartiallySignedTransaction>& psbtxs);
1271 
1273 [[nodiscard]] bool DecodeBase64PSBT(PartiallySignedTransaction& decoded_psbt, const std::string& base64_psbt, std::string& error);
1275 [[nodiscard]] bool DecodeRawPSBT(PartiallySignedTransaction& decoded_psbt, Span<const std::byte> raw_psbt, std::string& error);
1276 
1277 #endif // BITCOIN_PSBT_H
static const size_t OUTPUT_SIZE
Definition: hash.h:54
static const size_t OUTPUT_SIZE
Definition: hash.h:29
An encapsulated public key.
Definition: pubkey.h:34
CKeyID GetID() const
Get the KeyID of this public key (hash of its serialization)
Definition: pubkey.h:164
static constexpr unsigned int COMPRESSED_SIZE
Definition: pubkey.h:40
static constexpr unsigned int SIZE
secp256k1:
Definition: pubkey.h:39
bool IsFullyValid() const
fully validate whether this is a valid public key (more expensive than IsValid())
Definition: pubkey.cpp:296
static const size_t OUTPUT_SIZE
Definition: ripemd160.h:20
static const size_t OUTPUT_SIZE
Definition: sha256.h:21
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:411
An input of a transaction.
Definition: transaction.h:75
CScript scriptSig
Definition: transaction.h:78
CScriptWitness scriptWitness
Only serialized through CTransaction.
Definition: transaction.h:80
An output of a transaction.
Definition: transaction.h:158
bool IsNull() const
Definition: transaction.h:178
An interface to be implemented by keystores that support signing.
A Span is an object that can refer to a contiguous sequence of objects.
Definition: span.h:97
CONSTEXPR_IF_NOT_DEBUG Span< C > first(std::size_t count) const noexcept
Definition: span.h:204
CONSTEXPR_IF_NOT_DEBUG Span< C > subspan(std::size_t offset) const noexcept
Definition: span.h:194
Minimal stream for reading from an existing byte array by Span.
Definition: streams.h:135
bool empty() const
Definition: streams.h:163
Utility class to construct Taproot outputs from internal key and script tree.
Definition: standard.h:227
bool IsComplete() const
Return whether there were either no leaves, or the leaves form a Huffman tree.
Definition: standard.h:309
TaprootBuilder & Add(int depth, Span< const unsigned char > script, int leaf_version, bool track=true)
Add a new script at a certain depth in the tree.
Definition: standard.cpp:441
bool IsNull() const
Test whether this is the 0 key (the result of default construction).
Definition: pubkey.h:243
constexpr bool IsNull() const
Definition: uint256.h:41
bool empty() const
Definition: prevector.h:288
160-bit opaque blob.
Definition: uint256.h:94
256-bit opaque blob.
Definition: uint256.h:105
TransactionError
Definition: error.h:22
static constexpr uint8_t TAPROOT_LEAF_MASK
Definition: interpreter.h:229
@ SIGHASH_ALL
Definition: interpreter.h:28
static constexpr size_t TAPROOT_CONTROL_MAX_NODE_COUNT
Definition: interpreter.h:233
bool error(const char *fmt, const Args &... args)
Definition: logging.h:261
#define X(name)
Definition: net.cpp:624
ArgsManager args
static const int SERIALIZE_TRANSACTION_NO_WITNESS
A flag that is ORed into the protocol version to designate that a transaction should be (un)serialize...
Definition: transaction.h:32
std::shared_ptr< const CTransaction > CTransactionRef
Definition: transaction.h:421
void SerializeToVector(Stream &s, const X &... args)
Definition: psbt.h:90
static constexpr uint8_t PSBT_IN_RIPEMD160
Definition: psbt.h:39
void UpdatePSBTOutput(const SigningProvider &provider, PartiallySignedTransaction &psbt, int index)
Updates a PSBTOutput with information from provider.
Definition: psbt.cpp:335
static constexpr uint8_t PSBT_IN_HASH256
Definition: psbt.h:42
static constexpr uint8_t PSBT_GLOBAL_UNSIGNED_TX
Definition: psbt.h:24
static constexpr uint8_t PSBT_IN_NON_WITNESS_UTXO
Definition: psbt.h:30
bool PSBTInputSignedAndVerified(const PartiallySignedTransaction psbt, unsigned int input_index, const PrecomputedTransactionData *txdata)
Checks whether a PSBTInput is already signed by doing script verification using final fields.
Definition: psbt.cpp:295
static constexpr uint8_t PSBT_IN_TAP_KEY_SIG
Definition: psbt.h:43
static constexpr uint8_t PSBT_IN_SCRIPTSIG
Definition: psbt.h:37
static constexpr uint8_t PSBT_IN_WITNESSSCRIPT
Definition: psbt.h:35
std::string PSBTRoleName(PSBTRole role)
Definition: psbt.cpp:521
static constexpr uint8_t PSBT_OUT_REDEEMSCRIPT
Definition: psbt.h:52
static constexpr uint8_t PSBT_GLOBAL_VERSION
Definition: psbt.h:26
static constexpr uint8_t PSBT_IN_TAP_LEAF_SCRIPT
Definition: psbt.h:45
static constexpr uint8_t PSBT_OUT_PROPRIETARY
Definition: psbt.h:58
static constexpr uint8_t PSBT_MAGIC_BYTES[5]
Definition: psbt.h:21
static constexpr uint32_t PSBT_HIGHEST_VERSION
Definition: psbt.h:69
static constexpr uint8_t PSBT_SEPARATOR
Definition: psbt.h:62
static constexpr uint8_t PSBT_IN_BIP32_DERIVATION
Definition: psbt.h:36
static constexpr uint8_t PSBT_IN_SCRIPTWITNESS
Definition: psbt.h:38
static constexpr uint8_t PSBT_OUT_TAP_TREE
Definition: psbt.h:56
static constexpr uint8_t PSBT_OUT_BIP32_DERIVATION
Definition: psbt.h:54
PSBTRole
Definition: psbt.h:1208
static constexpr uint8_t PSBT_GLOBAL_PROPRIETARY
Definition: psbt.h:27
bool DecodeRawPSBT(PartiallySignedTransaction &decoded_psbt, Span< const std::byte > raw_psbt, std::string &error)
Decode a raw (binary blob) PSBT into a PartiallySignedTransaction.
Definition: psbt.cpp:543
static constexpr uint8_t PSBT_IN_PROPRIETARY
Definition: psbt.h:49
KeyOriginInfo DeserializeKeyOrigin(Stream &s, uint64_t length)
Definition: psbt.h:111
static constexpr uint8_t PSBT_IN_TAP_SCRIPT_SIG
Definition: psbt.h:44
void SerializeHDKeypaths(Stream &s, const std::map< CPubKey, KeyOriginInfo > &hd_keypaths, CompactSizeWriter type)
Definition: psbt.h:179
static constexpr uint8_t PSBT_IN_TAP_BIP32_DERIVATION
Definition: psbt.h:46
static constexpr uint8_t PSBT_IN_HASH160
Definition: psbt.h:41
static constexpr uint8_t PSBT_IN_REDEEMSCRIPT
Definition: psbt.h:34
bool DecodeBase64PSBT(PartiallySignedTransaction &decoded_psbt, const std::string &base64_psbt, std::string &error)
Decode a base64ed PSBT into a PartiallySignedTransaction.
Definition: psbt.cpp:533
static constexpr uint8_t PSBT_OUT_WITNESSSCRIPT
Definition: psbt.h:53
static constexpr uint8_t PSBT_GLOBAL_XPUB
Definition: psbt.h:25
bool SignPSBTInput(const SigningProvider &provider, PartiallySignedTransaction &psbt, int index, const PrecomputedTransactionData *txdata, int sighash=SIGHASH_ALL, SignatureData *out_sigdata=nullptr, bool finalize=true)
Signs a PSBTInput, verifying that all provided data matches what is being signed.
Definition: psbt.cpp:372
static constexpr uint8_t PSBT_OUT_TAP_BIP32_DERIVATION
Definition: psbt.h:57
static constexpr uint8_t PSBT_IN_PARTIAL_SIG
Definition: psbt.h:32
static constexpr uint8_t PSBT_IN_TAP_INTERNAL_KEY
Definition: psbt.h:47
size_t CountPSBTUnsignedInputs(const PartiallySignedTransaction &psbt)
Counts the unsigned inputs of a PSBT.
Definition: psbt.cpp:324
bool FinalizeAndExtractPSBT(PartiallySignedTransaction &psbtx, CMutableTransaction &result)
Finalizes a PSBT if possible, and extracts it to a CMutableTransaction if it could be finalized.
Definition: psbt.cpp:492
static constexpr uint8_t PSBT_OUT_TAP_INTERNAL_KEY
Definition: psbt.h:55
void RemoveUnnecessaryTransactions(PartiallySignedTransaction &psbtx, const int &sighash_type)
Reduces the size of the PSBT by dropping unnecessary non_witness_utxos (i.e.
Definition: psbt.cpp:445
static constexpr uint8_t PSBT_IN_TAP_MERKLE_ROOT
Definition: psbt.h:48
void SerializeKeyOrigin(Stream &s, KeyOriginInfo hd_keypath)
Definition: psbt.h:161
void UnserializeFromVector(Stream &s, X &... args)
Definition: psbt.h:98
void DeserializeHDKeypaths(Stream &s, const std::vector< unsigned char > &key, std::map< CPubKey, KeyOriginInfo > &hd_keypaths)
Definition: psbt.h:137
static constexpr uint8_t PSBT_IN_SIGHASH
Definition: psbt.h:33
bool PSBTInputSigned(const PSBTInput &input)
Checks whether a PSBTInput is already signed by checking for non-null finalized fields.
Definition: psbt.cpp:290
void SerializeHDKeypath(Stream &s, KeyOriginInfo hd_keypath)
Definition: psbt.h:171
PrecomputedTransactionData PrecomputePSBTData(const PartiallySignedTransaction &psbt)
Compute a PrecomputedTransactionData object from a psbt.
Definition: psbt.cpp:355
void DeserializeHDKeypath(Stream &s, KeyOriginInfo &hd_keypath)
Definition: psbt.h:130
TransactionError CombinePSBTs(PartiallySignedTransaction &out, const std::vector< PartiallySignedTransaction > &psbtxs)
Combines PSBTs with the same underlying transaction, resulting in a single PSBT with all partial sign...
Definition: psbt.cpp:508
bool FinalizePSBT(PartiallySignedTransaction &psbtx)
Finalizes a PSBT if possible, combining partial signatures.
Definition: psbt.cpp:477
const std::streamsize MAX_FILE_SIZE_PSBT
Definition: psbt.h:66
static constexpr uint8_t PSBT_IN_WITNESS_UTXO
Definition: psbt.h:31
static constexpr uint8_t PSBT_IN_SHA256
Definition: psbt.h:40
const unsigned int BIP32_EXTKEY_WITH_VERSION_SIZE
Definition: pubkey.h:20
std::vector< unsigned char > ToByteVector(const T &in)
Definition: script.h:63
void SerializeMany(Stream &s)
Definition: serialize.h:1040
uint64_t ReadCompactSize(Stream &is, bool range_check=true)
Decode a CompactSize-encoded variable-length integer.
Definition: serialize.h:275
void UnserializeMany(Stream &s)
Definition: serialize.h:1052
size_t GetSerializeSizeMany(int nVersion, const T &... t)
Definition: serialize.h:1115
void WriteCompactSize(CSizeComputer &os, uint64_t nSize)
Definition: serialize.h:1103
std::pair< CPubKey, std::vector< unsigned char > > SigPair
Definition: sign.h:63
void DecodeWithVersion(const unsigned char code[BIP32_EXTKEY_WITH_VERSION_SIZE])
Definition: pubkey.cpp:362
CPubKey pubkey
Definition: pubkey.h:300
A mutable version of CTransaction.
Definition: transaction.h:380
std::vector< std::vector< unsigned char > > stack
Definition: script.h:566
bool IsNull() const
Definition: script.h:571
unsigned char fingerprint[4]
First 32 bits of the Hash160 of the public key at the root of the path.
Definition: keyorigin.h:13
std::vector< uint32_t > path
Definition: keyorigin.h:14
A structure for PSBTs which contain per-input information.
Definition: psbt.h:192
PSBTInput()
Definition: psbt.h:222
std::vector< unsigned char > m_tap_key_sig
Definition: psbt.h:207
std::map< CPubKey, KeyOriginInfo > hd_keypaths
Definition: psbt.h:199
PSBTInput(deserialize_type, Stream &s)
Definition: psbt.h:704
std::map< uint256, std::vector< unsigned char > > hash256_preimages
Definition: psbt.h:204
CScriptWitness final_script_witness
Definition: psbt.h:198
std::map< std::pair< std::vector< unsigned char >, int >, std::set< std::vector< unsigned char >, ShortestVectorFirstComparator > > m_tap_scripts
Definition: psbt.h:209
CTransactionRef non_witness_utxo
Definition: psbt.h:193
std::map< CKeyID, SigPair > partial_sigs
Definition: psbt.h:200
std::optional< int > sighash_type
Definition: psbt.h:216
std::map< std::pair< XOnlyPubKey, uint256 >, std::vector< unsigned char > > m_tap_script_sigs
Definition: psbt.h:208
void Serialize(Stream &s) const
Definition: psbt.h:225
uint256 m_tap_merkle_root
Definition: psbt.h:212
std::map< uint256, std::vector< unsigned char > > sha256_preimages
Definition: psbt.h:202
void FillSignatureData(SignatureData &sigdata) const
Definition: psbt.cpp:93
std::map< uint160, std::vector< unsigned char > > hash160_preimages
Definition: psbt.h:203
bool IsNull() const
Definition: psbt.cpp:88
void Merge(const PSBTInput &input)
Definition: psbt.cpp:196
void Unserialize(Stream &s)
Definition: psbt.h:365
std::set< PSBTProprietary > m_proprietary
Definition: psbt.h:215
CScript redeem_script
Definition: psbt.h:195
CScript final_script_sig
Definition: psbt.h:197
void FromSignatureData(const SignatureData &sigdata)
Definition: psbt.cpp:149
XOnlyPubKey m_tap_internal_key
Definition: psbt.h:211
std::map< XOnlyPubKey, std::pair< std::set< uint256 >, KeyOriginInfo > > m_tap_bip32_paths
Definition: psbt.h:210
std::map< std::vector< unsigned char >, std::vector< unsigned char > > unknown
Definition: psbt.h:214
std::map< uint160, std::vector< unsigned char > > ripemd160_preimages
Definition: psbt.h:201
CTxOut witness_utxo
Definition: psbt.h:194
CScript witness_script
Definition: psbt.h:196
A structure for PSBTs which contains per output information.
Definition: psbt.h:711
XOnlyPubKey m_tap_internal_key
Definition: psbt.h:715
std::map< XOnlyPubKey, std::pair< std::set< uint256 >, KeyOriginInfo > > m_tap_bip32_paths
Definition: psbt.h:717
CScript witness_script
Definition: psbt.h:713
bool IsNull() const
Definition: psbt.cpp:273
void Merge(const PSBTOutput &output)
Definition: psbt.cpp:278
std::set< PSBTProprietary > m_proprietary
Definition: psbt.h:719
CScript redeem_script
Definition: psbt.h:712
void Serialize(Stream &s) const
Definition: psbt.h:728
PSBTOutput()
Definition: psbt.h:725
PSBTOutput(deserialize_type, Stream &s)
Definition: psbt.h:940
std::map< CPubKey, KeyOriginInfo > hd_keypaths
Definition: psbt.h:714
std::vector< std::tuple< uint8_t, uint8_t, std::vector< unsigned char > > > m_tap_tree
Definition: psbt.h:716
void Unserialize(Stream &s)
Definition: psbt.h:791
std::map< std::vector< unsigned char >, std::vector< unsigned char > > unknown
Definition: psbt.h:718
void FillSignatureData(SignatureData &sigdata) const
Definition: psbt.cpp:223
void FromSignatureData(const SignatureData &sigdata)
Definition: psbt.cpp:251
A structure for PSBT proprietary types.
Definition: psbt.h:73
std::vector< unsigned char > value
Definition: psbt.h:77
bool operator<(const PSBTProprietary &b) const
Definition: psbt.h:79
uint64_t subtype
Definition: psbt.h:74
std::vector< unsigned char > identifier
Definition: psbt.h:75
std::vector< unsigned char > key
Definition: psbt.h:76
bool operator==(const PSBTProprietary &b) const
Definition: psbt.h:82
A version of CTransaction with the PSBT format.
Definition: psbt.h:947
uint32_t GetVersion() const
Definition: psbt.cpp:559
bool Merge(const PartiallySignedTransaction &psbt)
Merge psbt into this.
Definition: psbt.cpp:23
std::map< KeyOriginInfo, std::set< CExtPubKey > > m_xpubs
Definition: psbt.h:951
std::optional< uint32_t > m_version
Definition: psbt.h:955
bool IsNull() const
Definition: psbt.cpp:18
bool GetInputUTXO(CTxOut &utxo, int input_index) const
Finds the UTXO for a given input index.
Definition: psbt.cpp:68
std::map< std::vector< unsigned char >, std::vector< unsigned char > > unknown
Definition: psbt.h:954
bool AddOutput(const CTxOut &txout, const PSBTOutput &psbtout)
Definition: psbt.cpp:61
std::vector< PSBTInput > inputs
Definition: psbt.h:952
std::optional< CMutableTransaction > tx
Definition: psbt.h:948
bool AddInput(const CTxIn &txin, PSBTInput &psbtin)
Definition: psbt.cpp:48
std::vector< PSBTOutput > outputs
Definition: psbt.h:953
std::set< PSBTProprietary > m_proprietary
Definition: psbt.h:956
void Serialize(Stream &s) const
Definition: psbt.h:978
PartiallySignedTransaction(deserialize_type, Stream &s)
Definition: psbt.h:1203
void Unserialize(Stream &s)
Definition: psbt.h:1035
Dummy data type to identify deserializing constructors.
Definition: serialize.h:47