While testing MuSig2 integration in #29675 I ran into a Ledger bug https://github.com/LedgerHQ/app-bitcoin-new/issues/329 that was triggered because we signed for a script path in addition to the key path. The bug itself will be fixed, but it seems useful in general to be able to skip script path signing.
For example, you may have a 2-of-2 musig() descriptor with some sort of fallback after coins are N blocks old. For both on chain privacy and fee reasons, you don’t want to use this path unless absolutely necessary. But our wallet can’t know if our co-signer still has their key, so we sign the script path at all times. This could lead to accidental broadcast.
This PR introduces a keypath_only
option (default false
for now) to the send
and walletprocesspsbt
RPC.
The resulting PSBT won’t include taproot_script_path_sigs
. It does still have taproot_bip32_derivs
and musig2_participant_pubkeys
.
The wallet_taproot.py
tests are expanded to cover this behavior.
It can also be tested with https://github.com/Sjors/bitcoin/pull/91 and a slightly modified Moosig. See https://github.com/LedgerHQ/app-bitcoin-new/issues/329 for the rough steps.
TODO:
- refactor (how?)
- add test coverage for
send
Potential followups:
- make this default for
musig()
(after #29675)