bugfix: addmultisigaddress, add unsupported operation for redeem scripts over 520 bytes

furszy · furszy · commit 53302a09817e · 2024-05-03T14:20:45.000-03:00
Due to a bug in the legacy wallet, the p2sh maximum script size limit is also imposed
on 'p2sh-segwit' and 'bech32' redeem scripts.
Although redeem scripts over MAX_SCRIPT_ELEMENT_SIZE bytes are technically valid for
segwit output types, we don't want to enable this feature in legacy wallets for the
following reasons:

1) It introduces a compatibility-breaking change requiring downgrade protection; older
   wallets would be unable to interact with these "new" legacy wallets.

2) Considering the ongoing deprecation of the legacy spkm, this issue adds another
   good reason to transition towards descriptors.
diff --git a/src/wallet/rpc/addresses.cpp b/src/wallet/rpc/addresses.cpp
@@ -296,7 +296,20 @@ RPCHelpMan addmultisigaddress()
 
     // Import scripts into the wallet
     for (const auto& [id, script] : provider.scripts) {
-        spk_man.AddCScript(script);
+        // Due to a bug in the legacy wallet, the p2sh maximum script size limit is also imposed on 'p2sh-segwit' and 'bech32' redeem scripts.
+        // Even when redeem scripts over MAX_SCRIPT_ELEMENT_SIZE bytes are valid for segwit output types, we don't want to
+        // enable it because:
+        // 1) It introduces a compatibility-breaking change requiring downgrade protection; older wallets would be unable to interact with these "new" legacy wallets.
+        // 2) Considering the ongoing deprecation of the legacy spkm, this issue adds another good reason to transition towards descriptors.
+        if (script.size() > MAX_SCRIPT_ELEMENT_SIZE) throw JSONRPCError(RPC_WALLET_ERROR, "Unsupported multisig script size for legacy wallet. Upgrade to descriptors to overcome this limitation for p2sh-segwit or bech32 scripts");
+
+        if (!spk_man.AddCScript(script)) {
+            if (CScript inner_script; spk_man.GetCScript(CScriptID(script), inner_script)) {
+                CHECK_NONFATAL(inner_script == script); // Nothing to add, script already contained by the wallet
+                continue;
+            }
+            throw JSONRPCError(RPC_WALLET_ERROR, strprintf("Error importing script into the wallet"));
+        }
     }
 
     // Store destination in the addressbook
