Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sparrow won't sign a PSBT input by OutPoint if TXO details are missing #1428

Closed
DanGould opened this issue May 30, 2024 · 5 comments
Closed

Comments

@DanGould
Copy link

I’m trying to see if a widget can let Sparrow test async payjoin v2 before a full integration is available. This is done through an interface that accepts a constructed PSBT and returns a Payjoin PSBT for signing and broadcast but otherwise handles PSBT checks that don't require wallet input and handles cryptographically secured application transport over Oblivious HTTP. Craig gave me instructions to extract an original PSBT manually.

However, once that original PSBT Is subsequently modified by a receiver to become a payjoin PSBT, it seems sparrow won’t sign it. It says “No open wallets to sign” even though the first input is indeed from the loaded wallet. Perhaps that’s because the payjoin PSBT is missing sender UTXO details (as spec requires) and sparrow does not check an unsigned PSBT’s input OutPoints to see if it can sign, it checks the UTXO scripts. Does that sound right? I shall open an issue

v2 URI

bitcoin:tb1qqupnc8q082m0uqer634n5skjk69we7cs60c4am?amount=0.001&pj=https://payjo.in/AzzKI8EZJ3WF14dwBZLGyRX5FJ-s84oNwmviJE-T3vj-&pjos=0&ohttp=AQAgbLIT3-hgHP5dAGB574b
dCyTeJvJR4n7hLJ4B8dxgYDMABAABAAM

original exported from manually constructed payjoin tx:

cHNidP8BAHECAAAAAQtzVUCDTGPS2iZ+aKDguo3QANm232MOzae86EnqYuybAQAAAAD9////AlnXIwAAAAAAFgAUk8HqJYVUtU9Jawl5Xzv5oNKWtB2ghgEAAAAAABYAFAcDPBwPOrb+AyPUazpC0raK7PsQ1gQDAE8BBDWHzwNZXM9jgAAAAKc92f6RjxQdoGoZrSANKGMjtCpi0RFRUzCsTIhDazgwAvaIBuDUI1e5Y2/CGKpFvawO0N4XgoYaZsIjLZfCaDhsEPZthiRUAACAAQAAgAAAAIAAAQBxAQAAAAEDme3nq63kwpiGl86kAEW635PRRQ7stXk0JcyKS4rCNgEAAAAA/////wJh5SYAAAAAABYAFPWJreIBnV5Oxvf0viS8DTMDLgviUGIlAAAAAAAWABRFt9LrgEXn+3DGn2O0TdkTX4mdtAAAAAABAR9QYiUAAAAAABYAFEW30uuARef7cMafY7RN2RNfiZ20IgYDlOzJDaAsGQb0nS+Y93BG4XBX13Ru9tKzzZZK2tRAhwYY9m2GJFQAAIABAACAAAAAgAAAAAAAAAAAAQcAAQhrAkcwRAIgKypDi1YHetc/EZQ1g2PFNtoJGt1ExmnbdRVHSwHtUI0CIFUhDpNNPN27cdXtJ6cOzPmCMWRrzTMEBSF8uXNe33x7ASEDlOzJDaAsGQb0nS+Y93BG4XBX13Ru9tKzzZZK2tRAhwYAIgIDIfz4DXHhOFEubJ96fKDVxA4niX57PrcelQW2sBhMgIIY9m2GJFQAAIABAACAAAAAgAEAAAAAAAAAAAA=

Payjoin PSBT:

cHNidP8BAJoCAAAAAgtzVUCDTGPS2iZ+aKDguo3QANm232MOzae86EnqYuybAQAAAAD9////A5nt56ut5MKYhpfOpABFut+T0UUO7LV5NCXMikuKwjYAAAAAAP3///8CFdcjAAAAAAAWABSTweolhVS1T0lrCXlfO/mg0pa0HTDHFgEAAAAAFgAUNKNtPzjgEs4Kj6IojRA87hOkgp/WBAMAAAABAJoCAAAAAjmqirVSBUjKC3nu3hu156qdSydARc6IaaGb1AUkTv5WAQAAAAD9////YNYT/FsUAz7vAAD4We/FuenKuLQIkP0ojUbPLrMBtCEAAAAAAP3///8CkEAVAQAAAAAWABTn2SmRvvff9t3OAaetUJoKVxMxc29KTAAAAAAAFgAUVK9TwbmqGlBJmd1R70WDefZoHb0AAAAAAQEfkEAVAQAAAAAWABTn2SmRvvff9t3OAaetUJoKVxMxcwEIawJHMEQCIFuxVUKAyFAIZnXhre6cR7JlsB1sjoZnX8Z1iJOItFKXAiAqnvfTC8OJk8VSWnW4FjWRt5sQKSSfY46aZRMbIsAm/AEhAiCHLs88VJ9qBVih6ui2778bHJRbBRW1CIbOM/qRoJEpAAAA

Sparrow won't sign the Payjoin PSBT even though it controls 9bec62ea49e8bca7cd0e63dfb6d900d08dbae0a0687e26dad2634c834055730b:1

It seems that the Sparrow payjoin sender implementation fills in these details for signing. It would be nice if there were a way for Sparrow to fill in these details for any PSBT even if outside the typical Payjoin PSBT flow.

@craigraw
Copy link
Collaborator

BIP78 is actually in violation of BIP174 here. BIP174 states that the PSBT_IN_NON_WITNESS_UTXO field "should be present for inputs that spend non-segwit outputs" while the PSBT_IN_WITNESS_UTXO "should only be present for inputs which spend segwit outputs".

Do you know why BIP78 intentionally violates BIP174?

That said, I don't have a strong objection to adding this information to a loaded PSBT if it's available from open wallets (as per Postel's law). The real problem with such a minimal PSBT input is other required information may also be missing - for example, if I change the outpoint in the Payjoin PSBT above to one controlled by a Coldcard, the Coldcard refuses to sign, stating "PSBT does not contain any key path information".

@craigraw
Copy link
Collaborator

craigraw commented Jun 1, 2024

As of 1bc2f7d, Sparrow will add missing PSBT_IN_NON_WITNESS_UTXO or PSBT_IN_WITNESS_UTXO fields to PSBT inputs, if available in open wallets. I would still recommend BIP174 spec compliance to allow the PSBT to be self describing.

I'm leaving this open as I'm still considering the need to add key information to PSBT inputs, which is required by some signers as mentioned above.

@DanGould
Copy link
Author

DanGould commented Jun 1, 2024

I would also prefer BIP 78 become BIP 174 compliant. There is an open PR on the bips repo since December 2022 to this end. Perhaps if someone else expressed their support it could move through? bitcoin/bips#1396

@DanGould
Copy link
Author

DanGould commented Jun 3, 2024

The sender always has Original PSBT UTXOs, so it makes more sense to restore UTXO data by matching outpoints from the Payjoin PSBT to the Original PSBT at the sender rather than looking up all of the OutPoints the signer. I don't think Sparrow needs to accommodate for BIP 78's weirdness here.

@DanGould DanGould closed this as completed Jun 3, 2024
@craigraw
Copy link
Collaborator

Now that BIP78 has changed, I've removed the relevant Payjoin verification step in 4bf02f8.

Also, Sparrow does now add missing previous outputs to a loaded psbt if available from open wallets - this was added in 1bc2f7d.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants