feat!: Enable persistent utxo locking

wallet:

- Add pub struct `UtxoLock`
- Add `Wallet::lock_outpoint`
- Add `Wallet::unlock_outpoint`
- Add `Wallet::list_locked_outpoints`
- Add `Wallet::is_outpoint_locked`

changeset:

- Add member to ChangeSet
  `locked_outpoints: BTreeMap<OutPoint, UtxoLock>`

`tests/wallet.rs`:

- Add test `test_lock_outpoint_persist`

Author: ValuedMammal

wallet/src/wallet/changeset.rs

@@ -1,12 +1,17 @@
+use alloc::collections::BTreeMap;
+
 use bdk_chain::{
     indexed_tx_graph, keychain_txout, local_chain, tx_graph, ConfirmationBlockTime, Merge,
 };
+use bitcoin::{OutPoint, Txid};
 use miniscript::{Descriptor, DescriptorPublicKey};
 use serde::{Deserialize, Serialize};
 
 type IndexedTxGraphChangeSet =
     indexed_tx_graph::ChangeSet<ConfirmationBlockTime, keychain_txout::ChangeSet>;
 
+use crate::UtxoLock;
+
 /// A change set for [`Wallet`]
 ///
 /// ## Definition
@@ -114,6 +119,8 @@ pub struct ChangeSet {
     pub tx_graph: tx_graph::ChangeSet<ConfirmationBlockTime>,
     /// Changes to [`KeychainTxOutIndex`](keychain_txout::KeychainTxOutIndex).
     pub indexer: keychain_txout::ChangeSet,
+    /// Changes to locked outpoints.
+    pub locked_outpoints: BTreeMap<OutPoint, UtxoLock>,
 }
 
 impl Merge for ChangeSet {
@@ -142,6 +149,11 @@ impl Merge for ChangeSet {
             self.network = other.network;
         }
 
+        // To merge `locked_outpoints` we extend the existing collection. If there's
+        // an existing entry for a given outpoint, it is overwritten by the
+        // new utxo lock.
+        self.locked_outpoints.extend(other.locked_outpoints);
+
         Merge::merge(&mut self.local_chain, other.local_chain);
         Merge::merge(&mut self.tx_graph, other.tx_graph);
         Merge::merge(&mut self.indexer, other.indexer);
@@ -154,6 +166,7 @@ impl Merge for ChangeSet {
             && self.local_chain.is_empty()
             && self.tx_graph.is_empty()
             && self.indexer.is_empty()
+            && self.locked_outpoints.is_empty()
     }
 }
 
@@ -163,6 +176,8 @@ impl ChangeSet {
     pub const WALLET_SCHEMA_NAME: &'static str = "bdk_wallet";
     /// Name of table to store wallet descriptors and network.
     pub const WALLET_TABLE_NAME: &'static str = "bdk_wallet";
+    /// Name of table to store wallet locked outpoints.
+    pub const WALLET_UTXO_LOCK_TABLE_NAME: &'static str = "bdk_wallet_locked_outpoints";
 
     /// Get v0 sqlite [ChangeSet] schema
     pub fn schema_v0() -> alloc::string::String {
@@ -177,12 +192,26 @@ impl ChangeSet {
         )
     }
 
+    /// Get v1 sqlite [`ChangeSet`] schema. Schema v1 adds a table for locked outpoints.
+    pub fn schema_v1() -> alloc::string::String {
+        format!(
+            "CREATE TABLE {} ( \
+                txid TEXT NOT NULL, \
+                vout INTEGER NOT NULL, \
+                is_locked INTEGER, \
+                expiration_height INTEGER, \
+                PRIMARY KEY(txid, vout) \
+                ) STRICT;",
+            Self::WALLET_UTXO_LOCK_TABLE_NAME,
+        )
+    }
+
     /// Initialize sqlite tables for wallet tables.
     pub fn init_sqlite_tables(db_tx: &chain::rusqlite::Transaction) -> chain::rusqlite::Result<()> {
         crate::rusqlite_impl::migrate_schema(
             db_tx,
             Self::WALLET_SCHEMA_NAME,
-            &[&Self::schema_v0()],
+            &[&Self::schema_v0(), &Self::schema_v1()],
         )?;
 
         bdk_chain::local_chain::ChangeSet::init_sqlite_tables(db_tx)?;
@@ -220,6 +249,31 @@ impl ChangeSet {
             changeset.network = network.map(Impl::into_inner);
         }
 
+        // Select locked outpoints.
+        let mut stmt = db_tx.prepare(&format!(
+            "SELECT txid, vout, is_locked, expiration_height FROM {}",
+            Self::WALLET_UTXO_LOCK_TABLE_NAME,
+        ))?;
+        let rows = stmt.query_map([], |row| {
+            Ok((
+                row.get::<_, Impl<Txid>>("txid")?,
+                row.get::<_, u32>("vout")?,
+                row.get::<_, bool>("is_locked")?,
+                row.get::<_, Option<u32>>("expiration_height")?,
+            ))
+        })?;
+        for row in rows {
+            let (Impl(txid), vout, is_locked, expiration_height) = row?;
+            let utxo_lock = UtxoLock {
+                outpoint: OutPoint::new(txid, vout),
+                is_locked,
+                expiration_height,
+            };
+            changeset
+                .locked_outpoints
+                .insert(utxo_lock.outpoint, utxo_lock);
+        }
+
         changeset.local_chain = local_chain::ChangeSet::from_sqlite(db_tx)?;
         changeset.tx_graph = tx_graph::ChangeSet::<_>::from_sqlite(db_tx)?;
         changeset.indexer = keychain_txout::ChangeSet::from_sqlite(db_tx)?;
@@ -268,6 +322,21 @@ impl ChangeSet {
             })?;
         }
 
+        // Insert locked outpoints.
+        let mut stmt = db_tx.prepare_cached(&format!(
+            "INSERT INTO {}(txid, vout, is_locked, expiration_height) VALUES(:txid, :vout, :is_locked, :expiration_height) ON CONFLICT DO UPDATE SET is_locked=:is_locked, expiration_height=:expiration_height",
+            Self::WALLET_UTXO_LOCK_TABLE_NAME,
+        ))?;
+        for (&outpoint, utxo_lock) in &self.locked_outpoints {
+            let OutPoint { txid, vout } = outpoint;
+            stmt.execute(named_params! {
+                ":txid": Impl(txid),
+                ":vout": vout,
+                ":is_locked": utxo_lock.is_locked,
+                ":expiration_height": utxo_lock.expiration_height,
+            })?;
+        }
+
         self.local_chain.persist_to_sqlite(db_tx)?;
         self.tx_graph.persist_to_sqlite(db_tx)?;
         self.indexer.persist_to_sqlite(db_tx)?;

wallet/src/wallet/mod.rs

@@ -109,6 +109,7 @@ pub struct Wallet {
     stage: ChangeSet,
     network: Network,
     secp: SecpCtx,
+    locked_outpoints: BTreeMap<OutPoint, UtxoLock>,
 }
 
 /// An update to [`Wallet`].
@@ -449,6 +450,7 @@ impl Wallet {
         let change_descriptor = index.get_descriptor(KeychainKind::Internal).cloned();
         let indexed_graph = IndexedTxGraph::new(index);
         let indexed_graph_changeset = indexed_graph.initial_changeset();
+        let locked_outpoints = BTreeMap::new();
 
         let stage = ChangeSet {
             descriptor,
@@ -457,6 +459,7 @@ impl Wallet {
             tx_graph: indexed_graph_changeset.tx_graph,
             indexer: indexed_graph_changeset.indexer,
             network: Some(network),
+            ..Default::default()
         };
 
         Ok(Wallet {
@@ -467,6 +470,7 @@ impl Wallet {
             indexed_graph,
             stage,
             secp,
+            locked_outpoints,
         })
     }
 
@@ -653,6 +657,7 @@ impl Wallet {
         let mut indexed_graph = IndexedTxGraph::new(index);
         indexed_graph.apply_changeset(changeset.indexer.into());
         indexed_graph.apply_changeset(changeset.tx_graph.into());
+        let locked_outpoints = changeset.locked_outpoints;
 
         let stage = ChangeSet::default();
 
@@ -664,6 +669,7 @@ impl Wallet {
             stage,
             network,
             secp,
+            locked_outpoints,
         }))
     }
 
@@ -2110,6 +2116,8 @@ impl Wallet {
                     CanonicalizationParams::default(),
                     self.indexed_graph.index.outpoints().iter().cloned(),
                 )
+                // Filter out locked outpoints
+                .filter(|(_, txo)| !self.is_outpoint_locked(txo.outpoint))
                 // only create LocalOutput if UTxO is mature
                 .filter_map(move |((k, i), full_txo)| {
                     full_txo
@@ -2377,6 +2385,102 @@ impl Wallet {
         &self.chain
     }
 
+    /// List locked outpoints.
+    pub fn list_locked_outpoints(&self) -> impl Iterator<Item = UtxoLock> + '_ {
+        self.locked_outpoints.values().copied()
+    }
+
+    /// Whether the `outpoint` is currently locked. See [`Wallet::lock_outpoint`] for more.
+    pub fn is_outpoint_locked(&self, outpoint: OutPoint) -> bool {
+        if let Some(utxo_lock) = self.locked_outpoints.get(&outpoint) {
+            if utxo_lock.is_locked {
+                return utxo_lock
+                    .expiration_height
+                    .map_or(true, |height| self.chain.tip().height() < height);
+            }
+        }
+        false
+    }
+
+    /// Lock a wallet output identified by the given `outpoint`.
+    ///
+    /// A locked UTXO will not be selected as an input to fund a transaction. This is useful
+    /// for excluding or reserving candidate inputs during transaction creation. You can optionally
+    /// specify the `expiration_height` of the lock that defines the height of the local chain at
+    /// which the outpoint becomes spendable.
+    ///
+    /// You must persist the staged change for the lock status to be persistent. To unlock a
+    /// previously locked outpoint, see [`Wallet::unlock_outpoint`].
+    pub fn lock_outpoint(&mut self, outpoint: OutPoint, expiration_height: Option<u32>) {
+        use alloc::collections::btree_map;
+        let lock_value = true;
+
+        // We only stage a change if the lock status changed. Here that means
+        // checking if the outpoint is not currently locked, or if the expiration
+        // height changed.
+        let is_changed = match self.locked_outpoints.entry(outpoint) {
+            btree_map::Entry::Occupied(mut e) => {
+                let mut is_changed = false;
+                let utxo = e.get_mut();
+                if !utxo.is_locked {
+                    utxo.is_locked = lock_value;
+                    is_changed = true;
+                }
+                if utxo.expiration_height != expiration_height {
+                    utxo.expiration_height = expiration_height;
+                    is_changed = true;
+                }
+                is_changed
+            }
+            btree_map::Entry::Vacant(e) => {
+                e.insert(UtxoLock {
+                    outpoint,
+                    is_locked: lock_value,
+                    expiration_height,
+                });
+                true
+            }
+        };
+
+        if is_changed {
+            let utxo_lock = UtxoLock {
+                outpoint,
+                is_locked: lock_value,
+                expiration_height,
+            };
+            self.stage.merge(ChangeSet {
+                locked_outpoints: [(outpoint, utxo_lock)].into(),
+                ..Default::default()
+            });
+        }
+    }
+
+    /// Unlock the wallet output of the specified `outpoint`.
+    pub fn unlock_outpoint(&mut self, outpoint: OutPoint) {
+        use alloc::collections::btree_map;
+        let lock_value = false;
+
+        match self.locked_outpoints.entry(outpoint) {
+            btree_map::Entry::Vacant(..) => {}
+            btree_map::Entry::Occupied(mut e) => {
+                // If the utxo is currently locked, update the lock value and stage
+                // the change.
+                let utxo = e.get_mut();
+                if utxo.is_locked {
+                    utxo.is_locked = lock_value;
+                    let utxo_lock = UtxoLock {
+                        is_locked: lock_value,
+                        ..*utxo
+                    };
+                    self.stage.merge(ChangeSet {
+                        locked_outpoints: [(outpoint, utxo_lock)].into(),
+                        ..Default::default()
+                    });
+                }
+            }
+        }
+    }
+
     /// Introduces a `block` of `height` to the wallet, and tries to connect it to the
     /// `prev_blockhash` of the block's header.
     ///
@@ -2580,6 +2684,25 @@ impl AsRef<bdk_chain::tx_graph::TxGraph<ConfirmationBlockTime>> for Wallet {
     }
 }
 
+/// Records the lock status of a wallet UTXO (outpoint).
+///
+/// Only 1 [`UtxoLock`] may be applied to a particular outpoint at a time. Refer to the docs
+/// for [`Wallet::lock_outpoint`]. Note that the lock status is user-defined and does not take
+/// into account any timelocks directly encoded by the descriptor.
+#[derive(
+    Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, serde::Serialize, serde::Deserialize,
+)]
+pub struct UtxoLock {
+    /// Outpoint.
+    pub outpoint: OutPoint,
+    /// Whether the outpoint is currently locked.
+    pub is_locked: bool,
+    /// Height at which the UTXO lock expires. The outpoint may be selected when the
+    /// wallet chain tip is at or above this height. If `None`, the lock remains in
+    /// effect unless explicitly unlocked.
+    pub expiration_height: Option<u32>,
+}
+
 /// Deterministically generate a unique name given the descriptors defining the wallet
 ///
 /// Compatible with [`wallet_name_from_descriptor`]