Skip to content

Commit ee045b6

Browse files
achow101achow101
committed
rpc, psbt: Require sighashes match for descriptorprocesspsbt
1 parent 2b7682c commit ee045b6

File tree

2 files changed

+16
-2
lines changed

2 files changed

+16
-2
lines changed

src/rpc/rawtransaction.cpp

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -235,8 +235,10 @@ PartiallySignedTransaction ProcessPSBT(const std::string& psbt_string, const std
235235
// Note that SignPSBTInput does a lot more than just constructing ECDSA signatures.
236236
// We only actually care about those if our signing provider doesn't hide private
237237
// information, as is the case with `descriptorprocesspsbt`
238-
// As such, we ignore the return value as any errors just mean that we do not have enough information.
239-
(void)SignPSBTInput(provider, psbtx, /*index=*/i, &txdata, sighash_type, /*out_sigdata=*/nullptr, finalize);
238+
// Only error for mismatching sighash types as it is critical that the sighash to sign with matches the PSBT's
239+
if (SignPSBTInput(provider, psbtx, /*index=*/i, &txdata, sighash_type, /*out_sigdata=*/nullptr, finalize) == common::PSBTError::SIGHASH_MISMATCH) {
240+
throw JSONRPCPSBTError(common::PSBTError::SIGHASH_MISMATCH);
241+
}
240242
}
241243

242244
// Update script/keypath information using descriptor data.

test/functional/rpc_psbt.py

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -283,6 +283,9 @@ def test_sighash_mismatch(self):
283283
def_wallet.sendtoaddress(addr, 5)
284284
self.generate(self.nodes[0], 6)
285285

286+
# Retrieve the descriptors so we can do all of the tests with descriptorprocesspsbt as well
287+
descs = wallet.listdescriptors(True)["descriptors"]
288+
286289
# Make a PSBT
287290
psbt = wallet.walletcreatefundedpsbt([], [{def_wallet.getnewaddress(): 1}])["psbt"]
288291

@@ -299,6 +302,15 @@ def test_sighash_mismatch(self):
299302
proc = wallet.walletprocesspsbt(psbt, True, "ALL|ANYONECANPAY")
300303
assert_equal(proc["complete"], True)
301304

305+
# Repeat with descriptorprocesspsbt
306+
# Mismatching sighash type fails, including when no type is specified
307+
for sighash in ["DEFAULT", "ALL", "NONE", "SINGLE", "NONE|ANYONECANPAY", "SINGLE|ANYONECANPAY", None]:
308+
assert_raises_rpc_error(-22, "Specified sighash value does not match value stored in PSBT", self.nodes[0].descriptorprocesspsbt, psbt, descs, sighash)
309+
310+
# Matching sighash type succeeds
311+
proc = self.nodes[0].descriptorprocesspsbt(psbt, descs, "ALL|ANYONECANPAY")
312+
assert_equal(proc["complete"], True)
313+
302314
wallet.unloadwallet()
303315

304316
def test_sighash_adding(self):

0 commit comments

Comments
 (0)