From 792b39fa92bfa1218a33bd6ded257fc105aec67c Mon Sep 17 00:00:00 2001
From: Daniela Brozzoni <danielabrozzoni@protonmail.com>
Date: Wed, 19 Jul 2023 18:48:20 +0200
Subject: [PATCH] Explicitly deny multipath keys

Although there is *some* code to handle multipath keys inside bdk,
it's all untested, and from a few quick tests it
seems that it's pretty easy to find buggy edge cases.
Better to deny multipath descs for now, and revisit the
decision once we work on supporting multidescriptor wallets.
---
 crates/bdk/src/descriptor/error.rs |  6 ++++++
 crates/bdk/src/descriptor/mod.rs   | 10 ++++++++++
 2 files changed, 16 insertions(+)

diff --git a/crates/bdk/src/descriptor/error.rs b/crates/bdk/src/descriptor/error.rs
index 8731b5bfd..07a874efe 100644
--- a/crates/bdk/src/descriptor/error.rs
+++ b/crates/bdk/src/descriptor/error.rs
@@ -22,6 +22,8 @@ pub enum Error {
     InvalidDescriptorChecksum,
     /// The descriptor contains hardened derivation steps on public extended keys
     HardenedDerivationXpub,
+    /// The descriptor contains multipath keys
+    MultiPath,
 
     /// Error thrown while working with [`keys`](crate::keys)
     Key(crate::keys::KeyError),
@@ -64,6 +66,10 @@ impl fmt::Display for Error {
                 f,
                 "The descriptor contains hardened derivation steps on public extended keys"
             ),
+            Self::MultiPath => write!(
+                f,
+                "The descriptor contains multipath keys, which are not supported yet"
+            ),
             Self::Key(err) => write!(f, "Key error: {}", err),
             Self::Policy(err) => write!(f, "Policy error: {}", err),
             Self::InvalidDescriptorCharacter(char) => {
diff --git a/crates/bdk/src/descriptor/mod.rs b/crates/bdk/src/descriptor/mod.rs
index e139f7bd8..d5c3415f7 100644
--- a/crates/bdk/src/descriptor/mod.rs
+++ b/crates/bdk/src/descriptor/mod.rs
@@ -308,6 +308,10 @@ pub(crate) fn into_wallet_descriptor_checked<T: IntoWalletDescriptor>(
         return Err(DescriptorError::HardenedDerivationXpub);
     }
 
+    if descriptor.is_multipath() {
+        return Err(DescriptorError::MultiPath);
+    }
+
     // Run miniscript's sanity check, which will look for duplicated keys and other potential
     // issues
     descriptor.sanity_check()?;
@@ -865,6 +869,12 @@ mod test {
 
         assert_matches!(result, Err(DescriptorError::HardenedDerivationXpub));
 
+        let descriptor = "wpkh(tpubD6NzVbkrYhZ4XHndKkuB8FifXm8r5FQHwrN6oZuWCz13qb93rtgKvD4PQsqC4HP4yhV3tA2fqr2RbY5mNXfM7RxXUoeABoDtsFUq2zJq6YK/<0;1>/*)";
+        let result = into_wallet_descriptor_checked(descriptor, &secp, Network::Testnet);
+
+        assert_matches!(result, Err(DescriptorError::MultiPath));
+
+        // repeated pubkeys
         let descriptor = "wsh(multi(2,tpubD6NzVbkrYhZ4XHndKkuB8FifXm8r5FQHwrN6oZuWCz13qb93rtgKvD4PQsqC4HP4yhV3tA2fqr2RbY5mNXfM7RxXUoeABoDtsFUq2zJq6YK/0/*,tpubD6NzVbkrYhZ4XHndKkuB8FifXm8r5FQHwrN6oZuWCz13qb93rtgKvD4PQsqC4HP4yhV3tA2fqr2RbY5mNXfM7RxXUoeABoDtsFUq2zJq6YK/0/*))";
         let result = into_wallet_descriptor_checked(descriptor, &secp, Network::Testnet);