Add more checks for delayed payout tx

core/src/main/java/bisq/core/btc/wallet/TradeWalletService.java

@@ -724,11 +724,29 @@ public Transaction finalizeDelayedPayoutTx(Transaction delayedPayoutTx,
         return delayedPayoutTx;
     }
 
-    public boolean verifiesDepositTxAndDelayedPayoutTx(@SuppressWarnings("unused") Transaction depositTx,
-                                                       Transaction delayedPayoutTx) {
-        // todo add more checks
-        if (delayedPayoutTx.getLockTime() == 0) {
-            log.error("Time lock is not set");
+    public boolean verifiesDepositTxAndDelayedPayoutTx(Transaction depositTx,
+                                                       Transaction delayedPayoutTx,
+                                                       long lockTime) {
+
+        TransactionOutput p2SHMultiSigOutput = depositTx.getOutput(0);
+        if (delayedPayoutTx.getInputs().size() != 1) {
+            log.error("Number of inputs must be 1");
+            return false;
+        }
+
+        TransactionOutput connectedOutput = delayedPayoutTx.getInput(0).getConnectedOutput();
+        if (connectedOutput == null) {
+            log.error("connectedOutput must not be null");
+            return false;
+        }
+
+        if (!connectedOutput.equals(p2SHMultiSigOutput)) {
+            log.error("connectedOutput must be p2SHMultiSigOutput");
+            return false;
+        }
+
+        if (delayedPayoutTx.getLockTime() != lockTime) {
+            log.error("LockTime must match trades lockTime");
             return false;
         }
 
@@ -1228,11 +1246,10 @@ private void applyLockTime(long lockTime, Transaction tx) {
     private boolean removeDust(Transaction transaction) {
         List<TransactionOutput> originalTransactionOutputs = transaction.getOutputs();
         List<TransactionOutput> keepTransactionOutputs = new ArrayList<>();
-        for (TransactionOutput transactionOutput: originalTransactionOutputs) {
+        for (TransactionOutput transactionOutput : originalTransactionOutputs) {
             if (transactionOutput.getValue().isLessThan(Restrictions.getMinNonDustOutput())) {
                 log.info("your transaction would have contained a dust output of {}", transactionOutput.toString());
-            }
-            else {
+            } else {
                 keepTransactionOutputs.add(transactionOutput);
             }
         }

core/src/main/java/bisq/core/trade/DonationAddressValidation.java

@@ -29,6 +29,7 @@
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 
+import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
 
 @Slf4j
@@ -71,6 +72,9 @@ public static void validate(Transaction delayedPayoutTx,
         // In case the seller has deactivated the DAO the default address will be used.
         String defaultDonationAddressString = Param.RECIPIENT_BTC_ADDRESS.getDefaultValue();
 
+        checkArgument(delayedPayoutTx.getOutputs().size() == 1,
+                "preparedDelayedPayoutTx must have 1 output");
+
         TransactionOutput output = delayedPayoutTx.getOutput(0);
         NetworkParameters params = btcWalletService.getParams();
         Address address = output.getAddressFromP2PKHScript(params);

core/src/main/java/bisq/core/trade/protocol/tasks/buyer/BuyerVerifiesFinalDelayedPayoutTx.java

@@ -42,7 +42,9 @@ protected void run() {
 
             Transaction depositTx = checkNotNull(trade.getDepositTx());
             Transaction delayedPayoutTx = checkNotNull(trade.getDelayedPayoutTx());
-            if (processModel.getTradeWalletService().verifiesDepositTxAndDelayedPayoutTx(depositTx, delayedPayoutTx)) {
+            if (processModel.getTradeWalletService().verifiesDepositTxAndDelayedPayoutTx(depositTx,
+                    delayedPayoutTx,
+                    trade.getLockTime())) {
                 complete();
             } else {
                 failed("DelayedPayoutTx is not spending depositTx correctly");

core/src/main/java/bisq/core/trade/protocol/tasks/buyer/BuyerVerifiesPreparedDelayedPayoutTx.java

@@ -17,14 +17,22 @@
 
 package bisq.core.trade.protocol.tasks.buyer;
 
+import bisq.core.offer.Offer;
 import bisq.core.trade.DonationAddressValidation;
 import bisq.core.trade.Trade;
 import bisq.core.trade.protocol.tasks.TradeTask;
 
 import bisq.common.taskrunner.TaskRunner;
 
+import org.bitcoinj.core.Coin;
+import org.bitcoinj.core.Transaction;
+import org.bitcoinj.core.TransactionInput;
+
 import lombok.extern.slf4j.Slf4j;
 
+import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
+
 @Slf4j
 public class BuyerVerifiesPreparedDelayedPayoutTx extends TradeTask {
     @SuppressWarnings({"unused"})
@@ -37,9 +45,29 @@ protected void run() {
         try {
             runInterceptHook();
 
-            DonationAddressValidation.validate(processModel.getPreparedDelayedPayoutTx(),
+            Transaction preparedDelayedPayoutTx = processModel.getPreparedDelayedPayoutTx();
+
+            // Check donation address
+            DonationAddressValidation.validate(preparedDelayedPayoutTx,
                     processModel.getDaoFacade(),
                     processModel.getBtcWalletService());
+
+            // Check amount
+            Offer offer = checkNotNull(trade.getOffer());
+            Coin msOutputAmount = offer.getBuyerSecurityDeposit()
+                    .add(offer.getSellerSecurityDeposit())
+                    .add(checkNotNull(trade.getTradeAmount()));
+            checkArgument(preparedDelayedPayoutTx.getOutput(0).getValue().equals(msOutputAmount),
+                    "output value of deposit tx and delayed payout tx must match");
+
+            // Check lock time
+            checkArgument(preparedDelayedPayoutTx.getLockTime() == trade.getLockTime(),
+                    "preparedDelayedPayoutTx lock time must match trade.getLockTime()");
+
+            // Check seq num
+            checkArgument(preparedDelayedPayoutTx.getInputs().stream().anyMatch(e -> e.getSequenceNumber() == TransactionInput.NO_SEQUENCE - 1),
+                    "Sequence number must be 0xFFFFFFFE");
+
             complete();
         } catch (DonationAddressValidation.DonationAddressException e) {
             failed("Sellers donation address is invalid." +

desktop/src/main/java/bisq/desktop/main/offer/MutableOfferViewModel.java

@@ -231,7 +231,7 @@ public void activate() {
         if (DevEnv.isDevMode()) {
             UserThread.runAfter(() -> {
                 amount.set("0.001");
-                price.set("75000"); // for CNY
+                price.set("0.0001"); // for BSQ
                 minAmount.set(amount.get());
                 onFocusOutPriceAsPercentageTextField(true, false);
                 applyMakerFee();