-
Notifications
You must be signed in to change notification settings - Fork 321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make Wallet require a change descriptor #1390
Make Wallet require a change descriptor #1390
Conversation
Do we want to keep the change descriptor optional for |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some comments
edd290d
to
238c292
Compare
If two descriptors are the same except that each has a different extended public key that is replaced by the corresponding extended private key, do these qualify as distinct? Also, to clarify, the receive descriptors for any two wallets must also be distinct with this change, too, correct? |
238c292
to
6c6aae8
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm concerned with the way we are checking whether the 2 keychains are "distinct". I have a few questions.
- How can we guarantee that
into_wallet_descriptor
returns the same public-descriptor string for all non-distinct descriptors? - How can we ensure that a non-wildcard descriptor and a wildcard descriptor has no overlaps (the non-wildcard descriptor's spk can be derived from the wildcard descriptor).
For 2. also refer to my comment here: #1383 (comment)
6c6aae8
to
04c8750
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 04c8750
I'm going to be away so not going to get another chance to look at this. It LGTM. Feel free to keep shedding. Thanks for taking on this rather tedious PR.
e3ba751
to
cba43de
Compare
Small changes
|
To point 1) I don't think you're objecting to checking equality for two values of Note that the public descriptor will be common whether the wallet is given a public or private descriptor. So for example this should pass: #[test]
fn same_descriptor_public_private() {
// public + private of same descriptor should fail to create wallet
let desc = "wpkh(tprv8ZgxMBicQKsPdcAqYBpzAFwU5yxBUo88ggoBqu1qPcHUfSbKK1sKMLmC7EAk438btHQrSdu3jGGQa6PA71nvH5nkDexhLteJqkM4dQmWF9g/84'/1'/0'/0/*)";
let change = "wpkh([3c31d632/84'/1'/0']tpubDCYwFkks2cg78N7eoYbBatsFEGje8vW8arSKW4rLwD1AU1s9KJMDRHE32JkvYERuiFjArrsH7qpWSpJATed5ShZbG9KsskA5Rmi6NSYgYN2/0/*)";
let err = Wallet::new_no_persist(desc, change, Network::Testnet);
assert!(matches!(
err,
Err(DescriptorError::ExternalAndInternalAreTheSame),
));
} |
cba43de
to
cd9afd5
Compare
cd9afd5
to
77d2bc9
Compare
Rebased on 358e842 |
77d2bc9
to
cddefbb
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK cddefbb
cddefbb
to
aec4dda
Compare
Rebased on 7607b49 and added two commits, but this may need more discussion and testing to decide if it's a reasonable solution |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Totally agree with the infallible.
ACK aec4dda
Note that you might want to update the original PR message details.
This test does pass and I think is an adequate level of error checking. If we run into cases where users are adding duplicates descriptors that aren't caught we can add more sophisticated checking later and it won't break the API. It's good documentation to add this test to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK aec4dda
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK aec4dda
aec4dda
to
cf98f62
Compare
cf98f62
to
40c7358
Compare
@storopoli I took your advice about more precise wording from this comment #1390 (comment) and I even put the variable inside the format string in 0ffcd9a :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 0ffcd9a
All `Wallet` constructors are modified to require a change descriptor, where previously it was optional. Additionally we enforce uniqueness of the change descriptor to avoid ambiguity when deriving scripts and ensure the wallet will always have two distinct keystores. Notable changes * Add error DescriptorError::ExternalAndInternalAreTheSame * Remove error CreateTxError::ChangePolicyDescriptor * No longer rely on `map_keychain`
0ffcd9a
to
8bc3d35
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
re-ACK 8bc3d35
The change descriptor is made optional, making this an effective reversion of bitcoindevkit#1390 and enables creating wallets with a single descriptor.
The change descriptor is made optional, making this an effective reversion of bitcoindevkit#1390 and enables creating wallets with a single descriptor.
The change descriptor is made optional, making this an effective reversion of bitcoindevkit#1390 and enables creating wallets with a single descriptor.
13e7008 doc(wallet): clarify docs for `Wallet::load` (valued mammal) 3951110 fix(wallet)!: Change method `LoadParams::descriptors` (valued mammal) b802714 example(wallet): simplify miniscript compiler example (valued mammal) 2ca8b6f test(wallet): Add tests for single descriptor wallet (valued mammal) 31f1c2d fix(wallet): Change FromSql type to `Option<_>` (valued mammal) 75155b7 feat(wallet): Add method `Wallet::create_single` (valued mammal) Pull request description: The change descriptor is made optional, making this an effective reversion of #1390 and enables creating wallets with a single descriptor. fixes #1511 ### Notes to the reviewers PR 1390 also removed an error case [`ChangePolicyDescriptor`](https://github.com/bitcoindevkit/bdk/blob/8eef350bd08057acc39b6fc50b1217db5e29b968/crates/wallet/src/wallet/mod.rs#L1529-L1533) and this can possibly be added back. In the case the wallet only has a single descriptor we allow any utxos to fund a tx that aren't specifically marked unspendable regardless of the change spend policy. ### Changelog notice * Added method `Wallet::create_single` that expects a single `D: IntoWalletDescriptor` as input and enables building a wallet with no internal keychain. ### Checklists #### All Submissions: * [x] I've signed all my commits * [x] I followed the [contribution guidelines](https://github.com/bitcoindevkit/bdk/blob/master/CONTRIBUTING.md) * [x] I ran `cargo fmt` and `cargo clippy` before committing #### New Features: * [x] This pull request breaks the existing API * [x] I've added tests for the new feature * [x] I've added docs for the new feature ACKs for top commit: evanlinjin: ACK 13e7008 Tree-SHA512: 3e6fe5d9165d62332ac1863ec769c4bc5c7cd3c7f3fbdb8f505906bcdc681fa73b3fef2571adb0e52e9a23d4257f66a6145838b90ec68596b5f4c64054a047fa
All
Wallet
constructors are modified to require a change descriptor, where previously it was optional. Additionally we enforce uniqueness of the change descriptor to avoid ambiguity when deriving scripts and ensure the wallet will always have two distinct keystores.Notable changes
DescriptorError::ExternalAndInternalAreTheSame
CreateTxError::ChangePolicyDescriptor
map_keychain
fixes #1383
Notes to the reviewers
Changelog notice
Changed:
Constructing a Wallet now requires two distinct descriptors.
Checklists
All Submissions:
cargo fmt
andcargo clippy
before committing