The descriptor documentation (doc/descriptors.md) and BIP380 explicitly require that hex-encoded public keys start with 02 or 03 (compressed) or 04 (uncompressed). However, the current parsing/inference code permit 06 and 07 (hybrid) encoding as well. Fix this.
DrahtBot
commented at 2:58 pm on October 4, 2023:
contributor
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.
Reviews
See the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.
Conflicts
Reviewers, this pull request conflicts with the following ones:
#27255 (MiniTapscript: port Miniscript to Tapscript by darosior)
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.
DrahtBot added the label
Descriptors
on Oct 4, 2023
fanquake requested review from darosior
on Oct 4, 2023
fanquake requested review from achow101
on Oct 4, 2023
sipa renamed this:
miniscript: disallow hybrid public keys
descriptors: disallow hybrid public keys
on Oct 4, 2023
descriptors: disallow hybrid public keys
The descriptor documentation (doc/descriptors.md) and BIP380 explicitly
require that hex-encoded public keys start with 02 or 03 (compressed) or
04 (uncompressed). However, the current parsing/inference code permit 06
and 07 (hybrid) encoding as well. Fix this.
c1e6c542af
darosior
commented at 3:28 pm on October 4, 2023:
member
Concept ACK.
sipa force-pushed
on Oct 4, 2023
darosior
commented at 5:26 pm on October 4, 2023:
member
So this was permitted in both the legacy wallet and descriptor wallets, but only for watchonly wallets. Since we wouldn’t generate one from a privkey. Right?
Trying to create a legacy wallet, importing a hybrid pubkey and migrating the wallet currently doesn’t return an error (??) but does give a helpful message:
2023-10-04T17:17:54Z [test_hybrid_key_3] Error: Unrecognized descriptor found in wallet test_hybrid_key_3. The database might be corrupted or the software version is not compatible with one of your wallet descriptors. Please try running the latest software version
Details: Invalid descriptor: pkh(): Hybrid public keys are not allowed: iostream error
Trying to load a descriptor wallet containing a descriptor with a hybrid pubkey does return an error, although a slightly misleading one:
The wallet might had been created on a newer version.
Please try running the latest software version.
And it still logs a helpful error message mentioning hybrid keys.
So this looks good to me overall. A node wouldn’t start with a wallet containing a descriptor with a hybrid pubkey and we do log the right error message so a user would be able to figure out why it’s failing. The migration not returning an error is a bit more concerning but also orthogonal to this PR. I’ll ACK with a fresh head tomorrow morning.
fanquake added the label
Needs release note
on Oct 4, 2023
darosior
commented at 10:14 am on October 5, 2023:
member
ACKc1e6c542af6d89a499e2a65465865aec651c4d67
DrahtBot removed review request from darosior
on Oct 5, 2023
fanquake added this to the milestone 26.0
on Oct 5, 2023
achow101
commented at 3:48 pm on October 5, 2023:
member
ACKc1e6c542af6d89a499e2a65465865aec651c4d67
DrahtBot removed review request from achow101
on Oct 5, 2023
achow101 merged this
on Oct 5, 2023
achow101 closed this
on Oct 5, 2023
Frank-GER referenced this in commit
9fc8e8003f
on Oct 13, 2023
luke-jr referenced this in commit
ae3a6ab04f
on Oct 18, 2023
luke-jr referenced this in commit
4229b52c12
on Oct 19, 2023
fanquake removed the label
Needs release note
on Dec 7, 2023
fanquake
commented at 2:44 pm on December 7, 2023:
member
This is a metadata mirror of the GitHub repository
bitcoin/bitcoin.
This site is not affiliated with GitHub.
Content is generated from a GitHub metadata backup.
generated: 2024-12-21 15:12 UTC
This site is hosted by @0xB10C More mirrored repositories can be found on mirror.b10c.me