migrate: Handle HD chains that have identical seeds but different IDs #35437

pull achow101 wants to merge 1 commits into bitcoin:master from achow101:fix-dup-seeds-migration changing 2 files +20 −11
  1. achow101 commented at 9:43 PM on June 1, 2026: member

    The seed ID is calculated from a pubkey produced by treating the seed as a private key. This calculation includes a pubkey compression parameter, even thought that compression is completely irrelevant for the usage of the seed as a BIP 32 seed. Thus migration should detect if a seed has been used multiple times by checking if the computed master key was already processed.

    The spkm_migration fuzzer needs to have it's added descriptors accounting updated for this fix.

    It should not be possible for users to actually run into this problem as all HD chains use seeds with the pubkey compression option set.

    Fixes #35434

  2. DrahtBot commented at 9:43 PM on June 1, 2026: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--006a51241073e994b41acfe9ec718e94-->

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/35437.

    <!--021abf342d371248e50ceaed478a90ca-->

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

    <!--5faf32d7da4f0f540f40219e4f7537a3-->

  3. DrahtBot added the label CI failed on Jun 1, 2026
  4. DrahtBot commented at 11:10 PM on June 1, 2026: contributor

    <!--85328a0da195eb286784d51f73fa0af9-->

    🚧 At least one of the CI tasks failed. <sub>Task macOS native, fuzz: https://github.com/bitcoin/bitcoin/actions/runs/26783841124/job/78954750669</sub> <sub>LLM reason (✨ experimental): Fuzz test failure: spkm_migration crashed on an assertion in scriptpubkeyman.cpp (MigrateToDescriptor, line 636), exiting with code 1.</sub>

    <details><summary>Hints</summary>

    Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

    • Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.

    • A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.

    • An intermittent issue.

    Leave a comment here, if you need help tracking down a confusing failure.

    </details>

  5. maflcko added this to the milestone 32.0 on Jun 2, 2026
  6. achow101 force-pushed on Jun 2, 2026
  7. migrate: Handle HD chains that have identical seeds but different IDs
    The seed ID is calculated from a pubkey produced by treating the seed as
a private key. This calculation includes a pubkey compression parameter,
even thought that compression is completely irrelevant for the usage of
the seed as a BIP 32 seed. Thus migration should detect if a seed has
been used multiple times by checking if the computed master key was
already processed.

The spkm_migration fuzzer needs to have it's added descriptors
accounting to be updated for this fix.
    de92208c2b
  8. achow101 force-pushed on Jun 3, 2026
  9. DrahtBot removed the label CI failed on Jun 3, 2026
  10. kevkevinpal commented at 8:38 PM on June 3, 2026: contributor

    I was able to recreate the fuzz failure on master and also test that it passed on de92208c2b508b40fa690624d026c775ed876606. Here are my steps in reproducing the error and checking this fix.

    Checking that it fails on master

    # Add input
echo 'IQIAJ1sAo6MYAcBQGP+VdP////////83v9sAAAAAAAAAAAAAAP8VAAAAAAAAAUUAAAAAWwD+////////CwAAAAAAAAB///8AAAAAAAAAAAAAAP8VAAAAAAAAAUUAAAAAAAD/k5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5MhAgAnWwCjoxgDwFAY/5V0/////////z+/2wAAAAABAAAAAAAA/xUAAAAAAAABRQAAAAAAAP////////8LAAAAAAAA/////wAA/P8AAAAAAAAA/xUAAAAAAAABRQAAAAAAAP+Tk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTkyECACdbAKOjGAPqUBhRa3Q+Pj4+Pj4+Pj4+Pj4+Pj4+Pj48Pj4+Pj4+wsHBuT4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+/////////zm/2wAAAAAAAAAAhqurq6urAAD/FQAAXAAAANoAAAAAAAAAAAAAAPgA0wAAAAAAAAAA/v/DX+Wel3+Tk5OTk5OTk5OTk5OTk5OTk0aB6YU2k5OTk5OTk5OTk5MhAgAAAAAAAP+Tk5OTk5OTk5OTk5OTk5OTk5OTopOTk5OTk5OTkyECACdbAKOjGAPAUBj/lXT/////////P7/bAAAAAAAAAAAAAAAAAABkAAAAAAFFAAAAAAAA/////////wsAAAAAAAD/////AAD8/wAAAAAAAAD/FQAAAAAAAAFFAAAAAAAA/5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTIQIAJ1sAo6MYA+pQGFFrdEA+Pj4+Pj4+Pj4+Pj4+Pj4+Pjw+Pj4+Pj7CwcG5Pj4+Pj4+Pv83v9sAAAAAAAAAAAAAAP8VAAAAAAAAAUUAAAAAWwD+/////v//CwAAAAAAAAB///8AAAAAAAAAAAAAAP8VAAAAAAAAAUUAAAAAAAD/k5OTk5OTk5OTk5OTk5N6k5OTk5OTk5OTk5OTk5MhAgAnWwCjoxgDwFAY/5V0/////////z+/2wAAAAAAAAAAAAAA/xUAAAAAAAABRQAAAAAAAP////////8LAAAAAAAA/////wAA/P8AAAAAAAAA/xUAAAAAAAABRQAAAAAAAP+Tk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTkyECACdbAKOjGAPqUBhRa3Q+Pj4+Pj4+Pj4+Pj4+Pj4+Pj48Pj4+Pj4+wsHBuT4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+/////////zm/2wAAAAAAAAAAhqurq6urAAD/Fd7/WwAAANoAAAAAAAAAAAAAAPgA0wAAAAAAAAAA/v/YX+Wel3+Tk5MAAP+Y/6Ghnpd/k5OTk5OTkwAAAKE='   | base64 -d > spkmmigrate_input

# Checkout master
git checkout master
cmake --preset=libfuzzer && cmake --build build_fuzz --parallel

# Run failing input
FUZZ=spkm_migration build_fuzz/bin/fuzz -runs=1 spkmmigrate_input

    Checking that it passes on de92208c2b508b40fa690624d026c775ed876606

    # Checkout this PR
git fetch origin pull/35437/head:PR35437
git checkout PR35437

# Build this PR
cmake --preset=libfuzzer && cmake --build build_fuzz --parallel

# Run failing input and observe that it works
FUZZ=spkm_migration build_fuzz/bin/fuzz -runs=1 spkmmigrate_input
Contributors
achow101DrahtBotkevkevinpal

Milestone
32.0

Linked (view graph)
#35434 wallet: Fuzz crash in `spkm_migration`
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-06-04 11:50 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me