refactor(wallet)!: remove signers and it's APIs, relying on rust-bitcoin's Psbt::sign instead.

[oleonardolima]

fixes #70

Description

It's a work in progress to remove signers from Wallet and all related APIs. Users should use their own signer implementation, which needs to implement the GetKey trait from rust-bitcoin in order to rely on the Psbt::sign method.

Adds a reference implementation of a new SignerWrapper type as a test utility, which is currently being used on existing tests, instead of Wallet::sign.

Notes to the reviewers

Changelog notice

Checklists

All Submissions:

• I've signed all my commits
• I followed the contribution guidelines
• I ran cargo fmt and cargo clippy before committing

New Features:

• I've added tests for the new feature
• I've added docs for the new feature

Bugfixes:

• This pull request breaks the existing API
• I've added tests to reproduce the issue which are now passing
• I'm linking the issue being fixed by this PR

[coveralls]

Pull Request Test Coverage Report for Build 18367106306

Details

• 106 of 120 (88.33%) changed or added relevant lines in 3 files are covered.
• 256 unchanged lines in 4 files lost coverage.
• Overall coverage decreased (-3.1%) to 81.735%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
src/wallet/mod.rs	13	15	86.67%
src/test_utils.rs	77	89	86.52%

Files with Coverage Reduction	New Missed Lines	%
src/wallet/mod.rs	1	81.9%
src/test_utils.rs	3	94.21%
src/wallet/params.rs	7	72.38%
src/wallet/signer.rs	245	32.41%

Totals
Change from base Build 18318022693:	-3.1%
Covered Lines:	6672
Relevant Lines:	8163

---

💛 - Coveralls

[thunderbiscuit]

It's funny I was looking at the diff here when I got the notification that you had requested a review! I was like how does he know I'm looking at the files right now??? haha.

Concept ACK. The Wallet type is so much, but signing the PSBTs is really something separate. Added bonus this signing workflow actually already exists and makes sense as part of the rust-bitcoin ecosystem. Let's go!

My only comment is that because this is breaking, even once it's all good to go you might end up having to keep it fresh and rebase for a while because we might not be ready to merge breaking/3.0 features on master before mid-August (as per previous discussions, but that could change of course).

[ValuedMammal]

These are some of my high-level impressions, granted the details may be subject to change.

• I hesitate about keeping the sign/finalize flow in the example crates while SignerWrapper is still in its infancy. If the idea of the issue is to simultaneously "provide a new way to sign", can that be achieved with the async-hwi example feat: example using hwi signing with #206 ?
• Some tests that depend on the existence of signers can be changed to either sign using SignerWrapper, or else simulate signing by adding a fake sig / satisfaction weight. However my opinion is that any tests that were specifically written to test the old signing code (signer.rs) should probably just be removed.
• finalize_psbt is kind of a mess. SignOptions::assume_height is arguably not needed because After and Older are basically obsolete, but correct me if I'm wrong. The only possible error in finalize_psbt is SignerError::IndexOutOfRange - we can make a new error type for this. Have a structured IndexOutOfBoundsError type #267
• Make signer module pub(crate) and un-expose SignOptions, SignerError. For the moment SignersContainer is still being used.
• In terms of review it would be great if this PR was just a net-removal of code, and then have a potential followup with the experimental SignerWrapper, but I understand the motivation for having it here.

[ValuedMammal]

Following the idea of SignersContainer::default, in make_generic_signature we can set the contribution to None and remove the signers parameter from the function, and any function that calls it. The rationale is that a wallet with no signers won't be contributing a signature to the overall satisfaction.

This is a larger refactor but has the benefit of ultimately decoupling the signer module.

bdk_wallet/wallet/src/descriptor/policy.rs

Lines 763 to 779 in 00dafe7

	fn make_generic_signature<M: Fn() -> SatisfiableItem, F: Fn(&Psbt) -> bool>(
	key: &DescriptorPublicKey,
	signers: &SignersContainer,
	build_sat: BuildSatisfaction,
	secp: &SecpCtx,
	make_policy: M,
	find_sig: F,
	) -> Policy {
	let mut policy: Policy = make_policy().into();
	policy.contribution = if signers.find(signer_id(key, secp)).is_some() {
	Satisfaction::Complete {
	condition: Default::default(),
	}
	} else {
	Satisfaction::None
	};

[oleonardolima]

Yes, I agree with the rationale and it's better than having to keep the SignersContainers only for it's default implementation.

I've started playing with this, you can take a look here: oleonardolima@e9f6b0a. I'm taking a look on the failing tests, to check if the breaking changes are no big deal.

[ValuedMammal]

I thought about it and I don't mind having SignerWrapper as a test utility if it can be used in tests and examples.

[ItoroD]

@oleonardolima I have ran some of the test. I am particularly interested in the psbt.sign part. The result after running test seems psbt.sign(my_signer, secp) is working at this point. I can see that the psbt got signed 👍

Is SignerWrapper going to remain a test utility? Or will it develop into some sort of default signer? One which we can always just create an instance of and pass it to the psbt sign method.

Before user just needed to pass the psbt to wallet.sign() without worrying about signer implementation and all. (sorry to drag you back if this had been talked about already)

[oleonardolima]

Thanks for taking a look into this one, I still need to rebase and update some parts of it after backporting rust-miniscript#851.

Is SignerWrapper going to remain a test utility? Or will it develop into some sort of default signer? One which we can always just create an instance of and pass it to the psbt sign method.

No, the idea is to use directly the implementation from rust-bitcoin/rust-miniscript. Yes, if you need to just wrap it for some reasone you'll need to create an isntance of it an pass for each test, instead of having a re-implementation of it in the test-utils.

Before user just needed to pass the psbt to wallet.sign() without worrying about signer implementation and all. (sorry to drag you back if this had been talked about already)

It'd still be basically the same, the user won't need to care about the implementation of signing itself, just to have a type that implements a GetKey, if for some reason the user needs to use a different type that is not covered in rust-miniscript/rust-bitcoin, then it'll need to implement it's own GetKey, extracting the required key properly.

[ItoroD]

Thanks for taking a look into this one, I still need to rebase and update some parts of it after backporting rust-miniscript#851.

Is SignerWrapper going to remain a test utility? Or will it develop into some sort of default signer? One which we can always just create an instance of and pass it to the psbt sign method.

No, the idea is to use directly the implementation from rust-bitcoin/rust-miniscript. Yes, if you need to just wrap it for some reasone you'll need to create an isntance of it an pass for each test, instead of having a re-implementation of it in the test-utils.

Before user just needed to pass the psbt to wallet.sign() without worrying about signer implementation and all. (sorry to drag you back if this had been talked about already)

It'd still be basically the same, the user won't need to care about the implementation of signing itself, just to have a type that implements a GetKey, if for some reason the user needs to use a different type that is not covered in rust-miniscript/rust-bitcoin, then it'll need to implement it's own GetKey, extracting the required key properly.

Ah! Thanks for explanation!

So some of wrappers were sort of place holders for the updates now done in 851 rust-miniscript. This Pr was done before that was merged. Makes sense.

Look forward to seeing the update on here!