Only Validate PSBT BIP143 vulnerability on signing (#2204)

2025-02-23 14:50:42 +01:00 · 2020-10-22 13:05:58 -05:00 · 2020-10-22 13:05:58 -05:00 · 6b6167bdf0
commit 6b6167bdf0
parent 7dd7e2574d
2 changed files with 21 additions and 5 deletions
--- a/core/src/main/scala/org/bitcoins/core/psbt/PSBT.scala
+++ b/core/src/main/scala/org/bitcoins/core/psbt/PSBT.scala
@ -40,10 +40,6 @@ case class PSBT(
      s", got $inputMaps, ${transaction.inputs}"
  )

-  require(isFinalized || inputMaps.size == 1 || inputMaps.forall(
-            !_.isBIP143Vulnerable),
-          "One or more of the input maps are susceptible to the BIP 143")
-
  import org.bitcoins.core.psbt.InputPSBTRecord._
  import org.bitcoins.core.psbt.PSBTInputKeyId._

@ -74,6 +70,15 @@ case class PSBT(

  def version: UInt32 = globalMap.version.version

+  def validateBIP143Vulnerability: PSBT = {
+    require(
+      isFinalized || inputMaps.size == 1 || inputMaps.forall(
+        !_.isBIP143Vulnerable),
+      "One or more of the input maps are susceptible to the BIP 143 vulnerability")
+
+    this
+  }
+
  /**
    * Combiner defined by https://github.com/bitcoin/bips/blob/master/bip-0174.mediawiki#combiner
    * Takes another PSBT and adds all records that are not contained in this PSBT
@ -96,6 +101,10 @@ case class PSBT(
    PSBT(global, inputs, outputs)
  }

+  def combinePSBTAndValidate(other: PSBT): PSBT = {
+    combinePSBT(other).validateBIP143Vulnerability
+  }
+
  def finalizeInput(index: Int): Try[PSBT] = {
    require(index >= 0 && index < inputMaps.size,
            s"Index must be within 0 and the number of inputs, got: $index")
@ -155,6 +164,11 @@ case class PSBT(
      conditionalPath: ConditionalPath = ConditionalPath.NoCondition,
      isDummySignature: Boolean = false)(implicit
      ec: ExecutionContext): Future[PSBT] = {
+    require(
+      inputMaps.size == 1 || !inputMaps(inputIndex).isBIP143Vulnerable,
+      "This input map is susceptible to the BIP 143 vulnerability, add the non-witness utxo to be safe"
+    )
+
    BitcoinSigner.sign(psbt = this,
                       inputIndex = inputIndex,
                       signer = signer,
--- a/core/src/main/scala/org/bitcoins/core/psbt/PSBTMap.scala
+++ b/core/src/main/scala/org/bitcoins/core/psbt/PSBTMap.scala
@ -207,7 +207,9 @@ case class InputPSBTMap(elements: Vector[InputPSBTRecord])
      FinalizedScriptWitnessKeyId).nonEmpty

  def isBIP143Vulnerable: Boolean = {
-    if (!isFinalized && witnessUTXOOpt.isDefined) {
+    if (
+      !isFinalized && witnessUTXOOpt.isDefined && nonWitnessOrUnknownUTXOOpt.isEmpty
+    ) {

      val isNativeV0 = witnessUTXOOpt.get.witnessUTXO.scriptPubKey
        .isInstanceOf[WitnessScriptPubKeyV0]