Wallet should not override signing errors #19568

pull fjahr wants to merge 1 commits into bitcoin:master from fjahr:err_override changing 1 files +0 −17
  1. fjahr commented at 1:55 PM on July 22, 2020: member

    While reviewing #17204 I noticed that the errors in input_errors from ::SignTransaction where being overridden by CWallet::SignTransaction. For example, a Script related error led to incomplete signature data which led to CWallet::SignTransaction reporting that keys were missing, which was a less precise error than the original one.

    Additionally, the error "Input not found or already spent" is duplicated in sign.cpp, so the error here is redundant at the moment. So technically the whole error block could be removed, I think. However, this code is affected by the ongoing work on the wallet so there might be a reason why these errors are here. But even if there is a reason to keep them, I don't think existing, potentially more precise errors should be overridden here unless we want to hide them from the users. I am looking for feedback if this is a work in progress state where these errors could be more useful in the future or if they can be removed.

    On testing: even though the errors in CWallet are covered, all tests still pass after removing them. I am not sure if there is a desire to cover these specific error messages, tests in test/functional/rpc_signrawtransaction.py seem to aim for a more generic approach.

  2. fanquake added the label Wallet on Jul 22, 2020
  3. achow101 commented at 4:50 PM on July 22, 2020: member

    ACK cf9245b97a8793510eb03944c35309b6cf4f4c2d

  4. laanwj commented at 8:33 PM on July 22, 2020: member

    This makes sense, we don't want earlier error messages to get lost and replaced with less specific errors. code review ACK cf9245b97a8793510eb03944c35309b6cf4f4c2d

    It is slightly worrying that this does not affect the tests, though. It doesn't necessarily have to be in this PR, but can we test signing failure somehow?

  5. fjahr commented at 8:38 PM on July 22, 2020: member

    It is slightly worrying that this does not affect the tests, though.

    Yepp, I am considering changing that in a follow-up. If I am too busy I will open an issue instead.

  6. in src/wallet/wallet.cpp:2490 in cf9245b97a outdated 
    2482 | @@ -2483,6 +2483,10 @@ bool CWallet::SignTransaction(CMutableTransaction& tx, const std::map<COutPoint,
2483 |      // At this point, one input was not fully signed otherwise we would have exited already
2484 |      // Find that input and figure out what went wrong.
2485 |      for (unsigned int i = 0; i < tx.vin.size(); i++) {
2486 | +        if (input_errors.count(i)) {
2487 | +            // If there is already an error reported from the signing process, keep it
2488 | +            continue;
2489 | +        }
2490 |          // Get the prevout
    promag commented at 9:24 PM on July 23, 2020:

    Looks like this block is unnecessary? The error Input not found or already spent is already set in ::SignTransaction.

    promag commented at 9:26 PM on July 23, 2020:

    And not sure why not set Unable to sign input, missing keys in ::SignTransaction.

  7. promag commented at 9:28 PM on July 23, 2020: member

    Code review ACK cf9245b97a8793510eb03944c35309b6cf4f4c2d.

    Agree that a test would be nice for this change.

  8. DrahtBot commented at 3:37 AM on July 24, 2020: member

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    No conflicts as of last run.

  9. promag commented at 8:51 PM on July 24, 2020: member

    Please see #19578 before merging this.

  10. fjahr commented at 8:54 PM on July 24, 2020: member

    Please see #19578 before merging this.

    I had noticed that as well and was looking for feedback from reviewers in my description if I should do this instead. See:

    Additionally, the error "Input not found or already spent" is duplicated in sign.cpp, so the error here is redundant at the moment. So technically the whole error block could be removed, I think. However, this code is affected by the ongoing work on the wallet so there might be a reason why these errors are here.

  11. promag commented at 9:08 PM on July 24, 2020: member

    @fjahr indeed, I've skipped that (I shouldn't). Not sure if these duplicate tests are leftovers from the multiple SPK refactor. @achow101?

  12. achow101 commented at 9:30 PM on July 24, 2020: member

    CWallet::SignTransaction andsign.cpp's SignTransaction should be safe to modify. There aren't any ongoing changes to those

  13. fjahr commented at 9:53 PM on July 24, 2020: member

    CWallet::SignTransaction andsign.cpp's SignTransaction should be safe to modify. There aren't any ongoing changes to those

    I take that as the error block can be removed. It seems the SPK SignTransaction was first called after the error block so the errors returned early and then that was switched around so now it does not make sense to keep them. I will update my code here if that's ok @promag .

  14. fjahr force-pushed on Jul 24, 2020
  15. wallet: Don't override signing errors e7448d6680
  16. fjahr force-pushed on Jul 24, 2020
  17. fanquake commented at 7:27 AM on July 28, 2020: member

    @fjahr @promag Can you coordinate to pull the other change from #19578 into here if required.

  18. fjahr commented at 3:47 PM on July 28, 2020: member

    @fjahr @promag Can you coordinate to pull the other change from #19578 into here if required.

    Assuming you mean the change in script/sign.cpp: I think the error, as it is set in #19578, would always either be overridden by the error returned from VerifyScript or nullified if VerifyScript succeeds. That could be fixed by emplacing these errors instead, like so: https://github.com/fjahr/bitcoin/commit/93199c4d1048bb25b74a94f6f9d982e91774e8f1. But I think these errors can be more helpful to users in certain cases like a failed multisig. So I would opt to leave it out.

  19. achow101 commented at 4:06 PM on August 13, 2020: member

    ACK e7448d66803f42984018ef8dfa6699027cb9536d

  20. meshcollider commented at 9:40 PM on August 13, 2020: contributor

    Code review ACK e7448d66803f42984018ef8dfa6699027cb9536d @promag mind re-reviewing before merge?

  21. fanquake merged this on Aug 14, 2020
  22. fanquake closed this on Aug 14, 2020
  23. sidhujag referenced this in commit f8f417028c on Aug 16, 2020
  24. Fabcien referenced this in commit f58d3ab837 on Sep 10, 2021
  25. DrahtBot locked this on Feb 15, 2022
Contributors
fjahrachow101laanwjpromagDrahtBotfanquakemeshcollider
Labels
Wallet
Linked (view graph)
#17204 wallet: Do not turn OP_1NEGATE in scriptSig into 0x0181 in signing code (sipa)#19578 wallet: Avoid duplicate checks on signing failure
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 21:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me