Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MuSig2 support #294

Draft
wants to merge 45 commits into
base: develop
Choose a base branch
from
Draft

MuSig2 support #294

wants to merge 45 commits into from

Conversation

bigspider
Copy link
Collaborator

@bigspider bigspider commented Oct 9, 2024
edited
Loading

Add full support for musig() in wallet policies.

Also improves the signing flow to only sign for spending paths that are filled in in the PSBT (that is, the corresponding PSBT_IN_BIP32_DERIVATION or PSBT_IN_TAP_BIP32_DERIVATION fields are present), optimizing certain use cases for wallet policies with multiple alternative spending paths.

Closes: #208, #177

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 9, 2024
View reviewed changes
src/handler/sign_psbt.c Fixed Show fixed Hide fixed
@codecov-commenter
Copy link

codecov-commenter commented Oct 9, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 84.21053% with 12 lines in your changes missing coverage. Please review.

Project coverage is 84.67%. Comparing base (bc81ed0) to head (e6b07ce).

Files with missing lines Patch % Lines
src/common/wallet.c 83.56% 12 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff             @@
##           develop     #294      +/-   ##
===========================================
- Coverage    84.76%   84.67%   -0.10%     
===========================================
  Files           17       17              
  Lines         2186     2231      +45     
===========================================
+ Hits          1853     1889      +36     
- Misses         333      342       +9
Flag Coverage Δ
unittests 84.67% <84.21%> (-0.10%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚨 Try these New Features:

@bigspider bigspider changed the title Musig2 MuSig2 support Oct 9, 2024
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 29, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
6.0% Coverage on New Code (required ≥ 80%)
11.1% Duplication on New Code (required ≤ 3%)
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

@bigspider
Added parsing for musig(); generalized key placeholders in wallet pol…
f962150 
…icies to more general key expressions
@bigspider
Rename "key placeholder" with "key expression" where appropriate; add…
5efbc36 
…ed some comments.

Generalizing to key expressions containing musig() makes it necessary to distinguish
the key expressions in the wallet policy from the actual key placeholders that are
just indexes to the list of key informations (@num in the descriptor template),
whereas the two concepts were often not clearly separated in the code base.

Renaming to "key expressions" makes the distinction more clear.
@bigspider
Refactored policy_node_keyexpr_t to explicitly label which of the uni…
8e24994 
…on type is used; generalized some parts of the code that are not generalized to musig key expressions, and annotated some others.
@bigspider
Add PSBT constants related to MuSig2; deleted unused constant
3dbf464
@bigspider
Moved secp256k1 constants to a separate module
92f1b54
@bigspider
Added address generation tests for musig
4e6bae5
@bigspider
Made crypto_tr_lift_x and crypto_tr_tagged_hash functions public
654e1e2
@bigspider
Musig key aggregation and address generation
bbde126
@bigspider
Compute aggregate xpub for musig() in descriptors in the python clien…
7b7af76 
…t library
@bigspider bigspider force-pushed the musig2 branch 3 times, most recently from 256f790 to 4616d67 Compare November 6, 2024 09:26
@bigspider bigspider force-pushed the musig2 branch 7 times, most recently from aae5a24 to 261d7d6 Compare November 7, 2024 11:55
@bigspider
Update sanity checks for musig key expressions
16261f5
@bigspider
Add architecture docs for MuSig2
5b51ab8
@bigspider
Reference musig docs in musig session module
3418b60
@bigspider
Add const qualifiers, and asserts guarding against overflows
8e13101
@bigspider
Expose new types in python client
ad377fb
@bigspider
Update BIP_MUSIG_CHAINCODE ==> BIP_328_CHAINCODE
38a9e80
@bigspider
Fix read_change_and_index_from_psbt_bip32_derivation incorrectly abor…
aea89fd 
…ting prematurely for some PSBTs. Added explanatory comment
@bigspider
Removed unused argument; deleted commented out check
13abab8 
The check doesn't serve a security purpose, since direct derivation of each input/change script
is used to check if they are internal.
@bigspider
Generalized count_internal_keys in the test suite to count_internal_k…
5fcdcdf 
…ey_placeholders, with musig placeholder support
@bigspider
Support BIP-389 multipath descriptors in get_descriptor
1192d10
@bigspider
Updated e2e tests to use deterministic xprivs in bitcoin-core
6c8fb7e
@bigspider
Refactor code of is_policy_sane for clarity; improved comments
4189823
@bigspider
[WIP] Musig2 e2e tests
712bfa7
@bigspider
[CI] Use custom image for bitcoin from achow101's branch with MuSig2 …
34f2746 
…support
@bigspider
Reduce maximum supported number of keys in musig to 5
ce066d7
@bigspider
Move sign_psbt_cache to global space to reduce stack usage
ac4a48c
@bigspider
Add array of all internal key expressions in sign_psbt_state_t
9645d25
@bigspider
Refactor input_keys_callback output_keys_callback to match against al…
6184d44 
…l the internal key expressions, instead of only the first
@bigspider
Added test for incomplete matching of BIP32 derivation paths in polic…
c5a3b92 
…ies with multiple internal keys
@bigspider
Test that only paths for which a key is present are indeed signed
1d25a27
@bigspider
Fixup: musig e2e tests
6d858b4
@bigspider
Detect if the PSBT has at least a PSBT_IN_MUSIG2_PUB_NONCE field
3f556d8 
It will be needed in order to enable silently participating to Round 1
of the MuSig2 protocol, which should only happen if no such fields are
found (which would indicate that Round 1 was already executed).
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 21, 2024
View reviewed changes
src/handler/sign_psbt.c
int sign_result = sign_transaction(dc, &st, cache, &signing_state, internal_inputs);

if (!G_swap_state.called_from_swap) {
ui_post_processing_confirm_transaction(dc, sign_result);

Check warning

Code scanning / CodeQL

Expression has no effect Warning

This expression has no effect (because
ui_post_processing_confirm_transaction
Loading
has no external side effects).
@bigspider
Moved MuSig2 Round 1 out of the signing flow. Allow it without user c…
b6ce98c 
…onfirmation.

The first round of MuSig does not involve access to the private keys and does not
complete authorizing a transaction. Therefore, it is safe to do it without user
confirmation, which allows software wallets to possibly do it in background.

In cases when the other cosigners are online, this allows to get a single-sig
user experience, as the user would only have to plug the device once, and confirm
a single action.
@bigspider
Only compute the aggregate key once for each key expression
392b942
@bigspider
Fix wrong documentation for get_extended_pubkey; renamed to get_exten…
752aaa8 
…ded_pubkey_from_client
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

MuSig2 support
2 participants
@bigspider @codecov-commenter