Merge pull request #93 from Foundation-Devices/SFT-6018

SFT-6018: Add P2WSH wrapped in P2SH.

Author: icota

src/psbt.rs

@@ -227,7 +227,7 @@ pub enum Error {
     /// The script of the output is unknown and can't be validated or shown
     /// to the user if not a change address.
     #[error("the output number {index} script type is unknown")]
-    UnknownScript { index: usize },
+    UnknownOutputScript { index: usize },
 
     /// The PSBT specifies multiple keys for an output that belongs to us
     /// but the script type for the output is single-sig only, e.g. P2PKH,
@@ -514,7 +514,7 @@ where
                     return Err(Error::Unimplemented);
                 }
             } else {
-                return Err(Error::InvalidWitnessScript { index: i });
+                return Err(Error::MissingWitnessScript { index: i });
             }
         } else if funding_utxo.script_pubkey.is_p2sh() {
             if let Some(redeem_script) = input.redeem_script.as_ref() {
@@ -538,8 +538,24 @@ where
                     descriptors.insert(p2sh::p2shwpkh_descriptor(
                         secp, master_key, &source.1, network,
                     ));
+                } else if redeem_script.is_p2wsh() {
+                    if let Some(witness_script) = input.witness_script.as_ref() {
+                        if witness_script.is_multisig() {
+                            let required_signers = multisig::disassemble(witness_script).unwrap();
+                            descriptors.insert(p2sh::wsh_multisig_descriptor(
+                                required_signers,
+                                &psbt.xpub,
+                                &input.bip32_derivation,
+                            )?);
+                        } else {
+                            return Err(Error::Unimplemented);
+                        }
+                    } else {
+                        return Err(Error::MissingWitnessScript { index: i });
+                    }
                 } else {
-                    return Err(Error::Unimplemented);
+                    // TODO: Change to UnknownInputScript
+                    return Err(Error::UnknownOutputScript { index: i });
                 }
             } else {
                 return Err(Error::InvalidRedeemScript { index: i });
@@ -768,7 +784,7 @@ where
             op_return::parse(txout)
         } else {
             let address = Address::from_script(&txout.script_pubkey, network.params())
-                .map_err(|_| Error::UnknownScript { index })?;
+                .map_err(|_| Error::UnknownOutputScript { index })?;
 
             PsbtOutput {
                 amount: txout.value,
@@ -794,7 +810,7 @@ where
         // this output type.
         Err(Error::DeprecatedOutputType { index })
     } else {
-        Err(Error::UnknownScript { index })
+        Err(Error::UnknownOutputScript { index })
     }
 }
 

src/psbt/p2sh.rs

@@ -2,13 +2,17 @@ use crate::bip32::NgAccountPath;
 use crate::psbt::{
     Error, OutputKind, PsbtOutput, derive_account_xpub, derive_full_descriptor_pubkey,
 };
-use bdk_wallet::bitcoin::bip32::{ChildNumber, Xpriv};
+use bdk_wallet::bitcoin::bip32::{ChildNumber, DerivationPath, KeySource, Xpriv, Xpub};
 use bdk_wallet::bitcoin::psbt;
-use bdk_wallet::bitcoin::secp256k1::{Secp256k1, Signing};
+use bdk_wallet::bitcoin::secp256k1::{PublicKey, Secp256k1, Signing};
 use bdk_wallet::bitcoin::{Address, CompressedPublicKey, Network, TxOut};
-use bdk_wallet::descriptor::ExtendedDescriptor;
-use bdk_wallet::miniscript::descriptor::Wpkh;
+use bdk_wallet::descriptor::{Descriptor, ExtendedDescriptor, Segwitv0};
+use bdk_wallet::keys::DescriptorPublicKey;
+use bdk_wallet::miniscript::descriptor::{DerivPaths, DescriptorMultiXKey, Wildcard};
+use bdk_wallet::miniscript::descriptor::{Sh, Wpkh};
+use bdk_wallet::miniscript::{ForEachKey, Miniscript};
 use bdk_wallet::template::{Bip49Public, DescriptorTemplate};
+use std::collections::BTreeMap;
 
 pub fn validate_output(
     output: &psbt::Output,
@@ -18,26 +22,95 @@ pub fn validate_output(
 ) -> Result<PsbtOutput, Error> {
     debug_assert!(txout.script_pubkey.is_p2sh());
 
-    // There should be at least one.
-    if output.bip32_derivation.is_empty() {
-        return Err(Error::ExpectedKeys { index });
-    }
+    let redeem_script = output
+        .redeem_script
+        .as_ref()
+        .ok_or_else(|| Error::MissingRedeemScript { index })?;
 
-    let (_, source) = output
-        .bip32_derivation
-        .first_key_value()
-        .expect("the previous statement checks for at least one entry");
+    if redeem_script.is_p2wpkh() {
+        validate_p2wpkh_nested_in_p2sh_output(output, txout, network, index)
+    } else if redeem_script.is_p2wsh() {
+        let witness_script = output
+            .witness_script
+            .as_ref()
+            .ok_or_else(|| Error::MissingWitnessScript { index })?;
+
+        let ms = Miniscript::<_, Segwitv0>::parse(witness_script).unwrap();
+        let descriptor = Sh::new_wsh(ms).map(Descriptor::Sh).unwrap();
+
+        // Verify that all keys in the descriptor are in the bip32_derivation map
+        // which should have been validated already.
+        let are_keys_valid =
+            descriptor.for_each_key(|pk| output.bip32_derivation.contains_key(&pk.inner));
+        if !are_keys_valid {
+            return Err(Error::FraudulentOutput { index });
+        }
+
+        let address = descriptor.address(network).unwrap();
+        if !address.matches_script_pubkey(&txout.script_pubkey) {
+            return Err(Error::FraudulentOutput { index });
+        }
+
+        let (_, (_, path)) = output
+            .bip32_derivation
+            .first_key_value()
+            .expect("at least one bip32 derivation should be present");
+
+        let Some(purpose) = path.as_ref().iter().next() else {
+            return Ok(PsbtOutput {
+                amount: txout.value,
+                kind: OutputKind::Suspicious(address),
+            });
+        };
+
+        // TODO: Add support for other BIPs here.
+        if matches!(purpose, ChildNumber::Hardened { index: 48 }) {
+            // For BIP-0048 all paths used to derive an address should be equal.
+            let mut are_paths_equal = true;
+            for (_, (_, other_path)) in output.bip32_derivation.iter() {
+                if other_path != path {
+                    are_paths_equal = false;
+                    break;
+                }
+            }
+
+            if !are_paths_equal {
+                return Ok(PsbtOutput {
+                    amount: txout.value,
+                    kind: OutputKind::Suspicious(address),
+                });
+            }
 
-    if let Some(purpose) = source.1.as_ref().iter().next() {
-        match purpose {
-            ChildNumber::Hardened { index: 49 } => {
-                return validate_p2wpkh_nested_in_p2sh_output(output, txout, network, index);
+            let maybe_account_path =
+                NgAccountPath::parse(path).map_err(|e| Error::invalid_path(path.clone(), e))?;
+            let Some(account_path) = maybe_account_path else {
+                return Ok(PsbtOutput {
+                    amount: txout.value,
+                    kind: OutputKind::Suspicious(address),
+                });
+            };
+
+            if !matches!(account_path.script_type, Some(1)) {
+                return Ok(PsbtOutput {
+                    amount: txout.value,
+                    kind: OutputKind::Suspicious(address),
+                });
             }
-            _ => return Err(Error::Unimplemented),
+
+            Ok(PsbtOutput {
+                amount: txout.value,
+                kind: OutputKind::from_derivation_path(path, 48, network, address)?,
+            })
+        } else {
+            Ok(PsbtOutput {
+                amount: txout.value,
+                kind: OutputKind::Suspicious(address),
+            })
         }
+    } else {
+        // TODO: Legacy P2SH (e.g. BIP45).
+        Err(Error::Unimplemented)
     }
-
-    Err(Error::Unimplemented)
 }
 
 fn validate_p2wpkh_nested_in_p2sh_output(
@@ -105,3 +178,49 @@ where
         }
     }
 }
+
+/// Returns the descriptor for a P2WSH wrapped in P2SH multisig account.
+///
+/// The `required_signers` parameter must be known before hand, by for
+/// example, disassembling the multisig script.
+pub fn wsh_multisig_descriptor(
+    required_signers: u8,
+    global_xpubs: &BTreeMap<Xpub, KeySource>,
+    bip32_derivations: &BTreeMap<PublicKey, KeySource>,
+) -> Result<ExtendedDescriptor, Error> {
+    // Find the account Xpubs in the global Xpub map of the PSBT.
+    let xpubs = bip32_derivations
+        .iter()
+        .map(|(_, (subpath_fingerprint, subpath))| {
+            global_xpubs
+                .iter()
+                .find(|(_, (global_fingerprint, global_path))| {
+                    subpath_fingerprint == global_fingerprint
+                        && subpath.as_ref().starts_with(global_path.as_ref())
+                })
+                .ok_or_else(|| Error::MissingGlobalXpub(subpath.clone()))
+        });
+
+    let mut descriptor_pubkeys = Vec::new();
+    for maybe_xpub in xpubs {
+        let (xpub, source) = maybe_xpub?;
+
+        let descriptor_pubkey = DescriptorPublicKey::MultiXPub(DescriptorMultiXKey {
+            origin: Some(source.clone()),
+            xkey: *xpub,
+            derivation_paths: DerivPaths::new(vec![
+                DerivationPath::from(vec![ChildNumber::Normal { index: 0 }]),
+                DerivationPath::from(vec![ChildNumber::Normal { index: 1 }]),
+            ])
+            .expect("the vector passed should not be empty"),
+            wildcard: Wildcard::Unhardened,
+        });
+        descriptor_pubkeys.push(descriptor_pubkey);
+    }
+
+    Ok(ExtendedDescriptor::new_sh_wsh_sortedmulti(
+        usize::from(required_signers),
+        descriptor_pubkeys,
+    )
+    .unwrap())
+}