recovering txs with unspent outputs without txindex

[nothingmuch]

Due to the recent fee attack on BIP 143 hardware wallet signing, the full previous transactions may be required or at least highly desired in order for the hardware wallet to validate the prevout amount which is committed indirectly by the txid.

scantxoutset is currently used to find unspent outputs, but if I understand the code correctly, this only adds references to spendable outpoints to the repo, not the complete transactions, which is a problem for btcpay users.

For non pruned nodes this provides enough information to recover the full transaction, since the height is also given and is used to obtain the block hash, similarly the transactions in the block could be queried via the getblock RPC, obtain the complete transaction for insertion into the repo similarly to a rescan with txid or an explicit transaction, which would allow users to sign transaction spending their UTXOs even after a firmware upgrade without requiring txindex or a blockchain rescan.

For pruned nodes, instead of getblock the block can even be safely (but with privacy leaks) refetched from a peer and compared against the locally available headers, similar to spruned.

Note that I'm not familiar with the codebase so this is all fairly speculative, but @Kukks suggested I open an issue in order to document this proposed change.

[NicolasDorier]

@Kukks did 81b7623

[NicolasDorier]

I think

NBXplorer/NBXplorer/Controllers/MainController.PSBT.cs

Line 420 in 81b7623

private async Task UpdateUTXO(UpdatePSBTRequest update, Repository repo, BitcoinDWaiter rpc)

should try to use getblock. We check only txindex and local nbx db for now. I don't see any reason why we can't use getblock.