feat: check if taproot signature are present before allowing psbt changes

motorina0 · motorina0 · commit 057cdc55aef5 · 2022-11-29T10:41:17.000+02:00
diff --git a/src/psbt.js b/src/psbt.js
@@ -1035,41 +1035,81 @@ function checkFees(psbt, cache, opts) {
   }
 }
 function checkInputsForPartialSig(inputs, action) {
-  // todo: add for taproot
   inputs.forEach(input => {
-    let throws = false;
-    let pSigs = [];
-    if ((input.partialSig || []).length === 0) {
-      if (!input.finalScriptSig && !input.finalScriptWitness) return;
-      pSigs = getPsigsFromInputFinalScripts(input);
-    } else {
-      pSigs = input.partialSig;
-    }
-    pSigs.forEach(pSig => {
-      const { hashType } = bscript.signature.decode(pSig.signature);
-      const whitelist = [];
-      const isAnyoneCanPay =
-        hashType & transaction_1.Transaction.SIGHASH_ANYONECANPAY;
-      if (isAnyoneCanPay) whitelist.push('addInput');
-      const hashMod = hashType & 0x1f;
-      switch (hashMod) {
-        case transaction_1.Transaction.SIGHASH_ALL:
-          break;
-        case transaction_1.Transaction.SIGHASH_SINGLE:
-        case transaction_1.Transaction.SIGHASH_NONE:
-          whitelist.push('addOutput');
-          whitelist.push('setInputSequence');
-          break;
-      }
-      if (whitelist.indexOf(action) === -1) {
-        throws = true;
-      }
-    });
-    if (throws) {
+    const throws = (0, bip371_1.isTaprootInput)(input)
+      ? checkTaprootInputForSigs(input, action)
+      : checkInputForSig(input, action);
+    if (throws)
       throw new Error('Can not modify transaction, signatures exist.');
-    }
   });
 }
+function checkInputForSig(input, action) {
+  const pSigs = extractPartialSigs(input);
+  return pSigs.some(pSig =>
+    signatureBlocksAction(pSig, bscript.signature.decode, action),
+  );
+}
+function checkTaprootInputForSigs(input, action) {
+  const sigs = extractTaprootSigs(input);
+  return sigs.some(sig =>
+    signatureBlocksAction(sig, decodeSchnorSignature, action),
+  );
+}
+function decodeSchnorSignature(signature) {
+  return {
+    signature: signature.slice(0, 64),
+    hashType:
+      signature.slice(64)[0] || transaction_1.Transaction.SIGHASH_DEFAULT,
+  };
+}
+function extractTaprootSigs(input) {
+  const sigs = [];
+  if (input.tapKeySig) sigs.push(input.tapKeySig);
+  if (input.tapScriptSig)
+    sigs.push(...input.tapScriptSig.map(s => s.signature));
+  if (!sigs.length) {
+    const finalTapKeySig = getTapKeySigFromWithness(input.finalScriptWitness);
+    if (finalTapKeySig) sigs.push(finalTapKeySig);
+  }
+  return sigs;
+}
+function getTapKeySigFromWithness(finalScriptWitness) {
+  if (!finalScriptWitness) return;
+  const witness = finalScriptWitness.slice(2);
+  // todo: add schnor signature validation
+  if (witness.length === 64 || witness.length === 65) return witness;
+}
+function extractPartialSigs(input) {
+  let pSigs = [];
+  if ((input.partialSig || []).length === 0) {
+    if (!input.finalScriptSig && !input.finalScriptWitness) return [];
+    pSigs = getPsigsFromInputFinalScripts(input);
+  } else {
+    pSigs = input.partialSig;
+  }
+  return pSigs.map(p => p.signature);
+}
+function signatureBlocksAction(signature, signatureDecodeFn, action) {
+  const { hashType } = signatureDecodeFn(signature);
+  const whitelist = [];
+  const isAnyoneCanPay =
+    hashType & transaction_1.Transaction.SIGHASH_ANYONECANPAY;
+  if (isAnyoneCanPay) whitelist.push('addInput');
+  const hashMod = hashType & 0x1f;
+  switch (hashMod) {
+    case transaction_1.Transaction.SIGHASH_ALL:
+      break;
+    case transaction_1.Transaction.SIGHASH_SINGLE:
+    case transaction_1.Transaction.SIGHASH_NONE:
+      whitelist.push('addOutput');
+      whitelist.push('setInputSequence');
+      break;
+  }
+  if (whitelist.indexOf(action) === -1) {
+    return true;
+  }
+  return false;
+}
 function checkPartialSigSighashes(input) {
   if (!input.sighashType || !input.partialSig) return;
   const { partialSig, sighashType } = input;
diff --git a/test/fixtures/psbt.json b/test/fixtures/psbt.json
@@ -628,6 +628,36 @@
           "redeemScript": "Buffer.from('5221029583bf39ae0a609747ad199addd634fa6108559d6c5cd39b4c2183f1ab96e07f2102dab61ff49a14db6a7d02b0cd1fbb78fc4b18312b5b4e54dae4dba2fbfef536d752ae', 'hex')"
         },
         "exception": "Invalid arguments for Psbt.addOutput. Cannot use both taproot and non-taproot fields."
+      },
+      {
+        "description": "Adds output after tapkey signature has been added",
+        "isTaproot": true,
+        "psbt": "cHNidP8BAIcCAAAAAvz6EyMK2VQ0DFKWZyIyGZLZCnaIDtG5RI55OrGVs6u7AAAAAAD/////oB9A2l2NN5WPNjBDaRsz9Nmla1WdM3jl96ElSV5WWHMAAAAAAP////8BkEEGAAAAAAAiUSCnucwjGG2x9zGqP+E0PwxTkptd/9AYMW12ch7ffaogBAAAAAAAAQEroGgGAAAAAAAiUSDbRhL5phuWYLyqKbSqVb/Pic2mpPL46idVKQur9i06ugETQOPidQWL9dHDxd819Pn5QNNGyH0fmDv58pexSJVDalZ0W/HPVliPFZy7s//0TfTbvFce87/nKXcrwz5YuItIY6cBFyAOgJIoTQyYcpAqNfsK9CutgWckFE3mBMgpL50lKXb7oQABAL8CAAAAAcdkwPNWdYy1O8QM1xRkrJjas72QGQPEanYEpv6iT3PXAAAAAGpHMEQCIFpl6Nx8hoZA1o5Huo958RS/Hndy+DloLhp0nvRyBzN8AiB9jEbitThSs6TZ1XVBHZebj4nZbLMg3CCtss8WSZpv7QEhA+VxIxwCWeqoeDMYcEw3EC0ZPxIkOqt0YSK9Y3hAKTd1/////wGgaAYAAAAAABl2qRS9gA7n636cw49cUBJWm7IDJPKuuoisAAAAACICAknGKVC7w5Ek4l3IK5XCUwLNCeU4DD+76cdMAYDB72g3RzBEAiAjekFbBddaHY/LZidwKd3sBbifjmbEpka2Ps0B2Crg+wIgUoN4BhGCwMRTDaHbAX+0MXSGYA9nSlqeQJXpWQRCBfQBAAEFIE6DvlLK0f4BrtpMgez01WQYKLUQZ8HtbfuDPD52hmSvAA==",
+        "outputData": {
+          "address": "bc1px4ssshedlz4jc56ses3lftz462a06jwy8my4pwpx6twx30vvv6nsgwcpu3",
+          "value": 410000
+        },
+        "exception": "Can not modify transaction, signatures exist."
+      },
+      {
+        "description": "Adds output after tapkey spend input has been finalized",
+        "isTaproot": true,
+        "psbt": "cHNidP8BAF4CAAAAAfyhtBTm+3OPYBuMHvdPMf9jqniZDY925hbmnt8hxbA6AAAAAAD/////AZBBBgAAAAAAIlEgV6CyzSs5a6Tc8A+TYOiozWnh6FRH9E/VWFanhMAEbLEAAAAAAAEBK6BoBgAAAAAAIlEgV6CyzSs5a6Tc8A+TYOiozWnh6FRH9E/VWFanhMAEbLEBCEIBQOAqWBD/2jhPWzQvesT8sjkN2Cowphp3QvmlWbHiLx753ChcUovvWyBlWiCq77Kk+lZGEhC4vjClSjc26br+dc8AAA==",
+        "outputData": {
+          "address": "bc1px4ssshedlz4jc56ses3lftz462a06jwy8my4pwpx6twx30vvv6nsgwcpu3",
+          "value": 410000
+        },
+        "exception": "Can not modify transaction, signatures exist."
+      },
+      {
+        "description": "Adds output after tapscript signatures have been added",
+        "isTaproot": true,
+        "psbt": "cHNidP8BAF4CAAAAAa/0mhnSBXdEBKbbMC+2hm6AZZtCLBxBeubd1sjtau5dAAAAAAD/////AZBBBgAAAAAAIlEgISRIfamb9rCYzad52ikfoUUuFlvyTcImZMavR0jEaUQAAAAAAAEBK6BoBgAAAAAAIlEgISRIfamb9rCYzad52ikfoUUuFlvyTcImZMavR0jEaURBFBnEcOpwiHjNYPtWJOrQ8Pgc9bxBKyZh/i2D837Z1rC8BibL1C4Z/5e6dKzWfkzpsIbE5WEVn1bYpAAjrqIKMHlAKkl3w3Gfpkl9b0yDVbTlZd4yCEL9V2DJs6zpPrEmn3wiohBy8wwE6EZ0FxQdrCupnHKXhHBjpcHVwfJRQfcy9EEULx1ijisiHgGb/9/hBNhsIOv1ZyWsfmi/Ql+oz7AOuqAGJsvULhn/l7p0rNZ+TOmwhsTlYRWfVtikACOuogoweUBKNkxBf6vT8m7ISt1WikLWW9udCP7OQLXztr1IPalJT5z+esAWmgeLS7QoLgzTu8AnYp/rHxsgZ6CgiV8tlkciQRRXE7VxCk67h7Ee6CbSgNyotChx7CgwNTfxdJkyvCS0DgYmy9QuGf+XunSs1n5M6bCGxOVhFZ9W2KQAI66iCjB5QFN6DGtLlSIFBjZbdh3rbKBtBcEDSiEcuVxnSPpdM1RnQRmw5Ujo+/76wZfmGBMFzV0IA7vnHzzXN73jT6O8/wJiFcDBdB6IhNxYUBYgZT1K7FG5SblQ3S6nQMKRLc2vPcA0BhpSnJ+zzX53bWG2IltsYQ6JBvuPqmxZrFw+lbX4LSnWGlKcn7PNfndtYbYiW2xhDokG+4+qbFmsXD6VtfgtKdZpIFcTtXEKTruHsR7oJtKA3Ki0KHHsKDA1N/F0mTK8JLQOrCAvHWKOKyIeAZv/3+EE2Gwg6/VnJax+aL9CX6jPsA66oLogGcRw6nCIeM1g+1Yk6tDw+Bz1vEErJmH+LYPzftnWsLy6U5zAAAA=",
+        "outputData": {
+          "address": "bc1px4ssshedlz4jc56ses3lftz462a06jwy8my4pwpx6twx30vvv6nsgwcpu3",
+          "value": 410000
+        },
+        "exception": "Can not modify transaction, signatures exist."
       }
     ]
   },
diff --git a/ts_src/psbt.ts b/ts_src/psbt.ts
@@ -1367,41 +1367,105 @@ function checkFees(psbt: Psbt, cache: PsbtCache, opts: PsbtOpts): void {
 }
 
 function checkInputsForPartialSig(inputs: PsbtInput[], action: string): void {
-  // todo: add for taproot
   inputs.forEach(input => {
-    let throws = false;
-    let pSigs: PartialSig[] = [];
-    if ((input.partialSig || []).length === 0) {
-      if (!input.finalScriptSig && !input.finalScriptWitness) return;
-      pSigs = getPsigsFromInputFinalScripts(input);
-    } else {
-      pSigs = input.partialSig!;
-    }
-    pSigs.forEach(pSig => {
-      const { hashType } = bscript.signature.decode(pSig.signature);
-      const whitelist: string[] = [];
-      const isAnyoneCanPay = hashType & Transaction.SIGHASH_ANYONECANPAY;
-      if (isAnyoneCanPay) whitelist.push('addInput');
-      const hashMod = hashType & 0x1f;
-      switch (hashMod) {
-        case Transaction.SIGHASH_ALL:
-          break;
-        case Transaction.SIGHASH_SINGLE:
-        case Transaction.SIGHASH_NONE:
-          whitelist.push('addOutput');
-          whitelist.push('setInputSequence');
-          break;
-      }
-      if (whitelist.indexOf(action) === -1) {
-        throws = true;
-      }
-    });
-    if (throws) {
+    const throws = isTaprootInput(input)
+      ? checkTaprootInputForSigs(input, action)
+      : checkInputForSig(input, action);
+    if (throws)
       throw new Error('Can not modify transaction, signatures exist.');
-    }
   });
 }
 
+function checkInputForSig(input: PsbtInput, action: string): boolean {
+  const pSigs = extractPartialSigs(input);
+  return pSigs.some(pSig =>
+    signatureBlocksAction(pSig, bscript.signature.decode, action),
+  );
+}
+
+function checkTaprootInputForSigs(input: PsbtInput, action: string): boolean {
+  const sigs = extractTaprootSigs(input);
+  return sigs.some(sig =>
+    signatureBlocksAction(sig, decodeSchnorSignature, action),
+  );
+}
+
+function decodeSchnorSignature(
+  signature: Buffer,
+): {
+  signature: Buffer;
+  hashType: number;
+} {
+  return {
+    signature: signature.slice(0, 64),
+    hashType: signature.slice(64)[0] || Transaction.SIGHASH_DEFAULT,
+  };
+}
+
+function extractTaprootSigs(input: PsbtInput): Buffer[] {
+  const sigs: Buffer[] = [];
+  if (input.tapKeySig) sigs.push(input.tapKeySig);
+  if (input.tapScriptSig)
+    sigs.push(...input.tapScriptSig.map(s => s.signature));
+  if (!sigs.length) {
+    const finalTapKeySig = getTapKeySigFromWithness(input.finalScriptWitness);
+    if (finalTapKeySig) sigs.push(finalTapKeySig);
+  }
+
+  return sigs;
+}
+
+function getTapKeySigFromWithness(
+  finalScriptWitness?: Buffer,
+): Buffer | undefined {
+  if (!finalScriptWitness) return;
+  const witness = finalScriptWitness.slice(2);
+  // todo: add schnor signature validation
+  if (witness.length === 64 || witness.length === 65) return witness;
+}
+
+function extractPartialSigs(input: PsbtInput): Buffer[] {
+  let pSigs: PartialSig[] = [];
+  if ((input.partialSig || []).length === 0) {
+    if (!input.finalScriptSig && !input.finalScriptWitness) return [];
+    pSigs = getPsigsFromInputFinalScripts(input);
+  } else {
+    pSigs = input.partialSig!;
+  }
+  return pSigs.map(p => p.signature);
+}
+
+type SignatureDecodeFunc = (
+  buffer: Buffer,
+) => {
+  signature: Buffer;
+  hashType: number;
+};
+function signatureBlocksAction(
+  signature: Buffer,
+  signatureDecodeFn: SignatureDecodeFunc,
+  action: string,
+): boolean {
+  const { hashType } = signatureDecodeFn(signature);
+  const whitelist: string[] = [];
+  const isAnyoneCanPay = hashType & Transaction.SIGHASH_ANYONECANPAY;
+  if (isAnyoneCanPay) whitelist.push('addInput');
+  const hashMod = hashType & 0x1f;
+  switch (hashMod) {
+    case Transaction.SIGHASH_ALL:
+      break;
+    case Transaction.SIGHASH_SINGLE:
+    case Transaction.SIGHASH_NONE:
+      whitelist.push('addOutput');
+      whitelist.push('setInputSequence');
+      break;
+  }
+  if (whitelist.indexOf(action) === -1) {
+    return true;
+  }
+  return false;
+}
+
 function checkPartialSigSighashes(input: PsbtInput): void {
   if (!input.sighashType || !input.partialSig) return;
   const { partialSig, sighashType } = input;
