descriptors: disallow hybrid public keys #28587

pull sipa wants to merge 1 commits into bitcoin:master from sipa:202310_no_hybrid_descriptors changing 3 files +21 −2
  1. sipa commented at 2:58 pm on October 4, 2023: member

    Fixes #28511

    The descriptor documentation (doc/descriptors.md) and BIP380 explicitly require that hex-encoded public keys start with 02 or 03 (compressed) or 04 (uncompressed). However, the current parsing/inference code permit 06 and 07 (hybrid) encoding as well. Fix this.

  2. DrahtBot commented at 2:58 pm on October 4, 2023: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK darosior, achow101

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #27255 (MiniTapscript: port Miniscript to Tapscript by darosior)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  3. DrahtBot added the label Descriptors on Oct 4, 2023
  4. fanquake requested review from darosior on Oct 4, 2023
  5. fanquake requested review from achow101 on Oct 4, 2023
  6. sipa renamed this:
    miniscript: disallow hybrid public keys
    descriptors: disallow hybrid public keys
    on Oct 4, 2023
  7. descriptors: disallow hybrid public keys
    The descriptor documentation (doc/descriptors.md) and BIP380 explicitly
    require that hex-encoded public keys start with 02 or 03 (compressed) or
    04 (uncompressed). However, the current parsing/inference code permit 06
    and 07 (hybrid) encoding as well. Fix this.
    c1e6c542af
  8. darosior commented at 3:28 pm on October 4, 2023: member
    Concept ACK.
  9. sipa force-pushed on Oct 4, 2023
  10. darosior commented at 5:26 pm on October 4, 2023: member

    So this was permitted in both the legacy wallet and descriptor wallets, but only for watchonly wallets. Since we wouldn’t generate one from a privkey. Right?

    Trying to create a legacy wallet, importing a hybrid pubkey and migrating the wallet currently doesn’t return an error (??) but does give a helpful message:

    2023-10-04T17:17:54Z [test_hybrid_key_3] Error: Unrecognized descriptor found in wallet test_hybrid_key_3. The database might be corrupted or the software version is not compatible with one of your wallet descriptors. Please try running the latest software version Details: Invalid descriptor: pkh(): Hybrid public keys are not allowed: iostream error

    Trying to load a descriptor wallet containing a descriptor with a hybrid pubkey does return an error, although a slightly misleading one:

    error code: -4 error message: Wallet loading failed. Unrecognized descriptor found. Loading wallet /home/darosior/.bitcoin/regtest/wallets/test_hybrid_key_2/wallet.dat

    The wallet might had been created on a newer version. Please try running the latest software version.

    And it still logs a helpful error message mentioning hybrid keys.

    So this looks good to me overall. A node wouldn’t start with a wallet containing a descriptor with a hybrid pubkey and we do log the right error message so a user would be able to figure out why it’s failing. The migration not returning an error is a bit more concerning but also orthogonal to this PR. I’ll ACK with a fresh head tomorrow morning.

  11. fanquake added the label Needs release note on Oct 4, 2023
  12. darosior commented at 10:14 am on October 5, 2023: member
    ACK c1e6c542af6d89a499e2a65465865aec651c4d67
  13. DrahtBot removed review request from darosior on Oct 5, 2023
  14. fanquake added this to the milestone 26.0 on Oct 5, 2023
  15. achow101 commented at 3:48 pm on October 5, 2023: member
    ACK c1e6c542af6d89a499e2a65465865aec651c4d67
  16. DrahtBot removed review request from achow101 on Oct 5, 2023
  17. achow101 merged this on Oct 5, 2023
  18. achow101 closed this on Oct 5, 2023

  19. Frank-GER referenced this in commit 9fc8e8003f on Oct 13, 2023
  20. luke-jr referenced this in commit ae3a6ab04f on Oct 18, 2023
  21. luke-jr referenced this in commit 4229b52c12 on Oct 19, 2023
  22. fanquake removed the label Needs release note on Dec 7, 2023
  23. fanquake commented at 2:44 pm on December 7, 2023: member
    Release note to be added in #29023.
  24. bitcoin locked this on Dec 6, 2024

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-21 15:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me