From 15ce1bd73f80e998f7402433572b695f589f7f42 Mon Sep 17 00:00:00 2001
From: Ava Chow <github@achow101.com>
Date: Tue, 4 Mar 2025 09:05:42 -0800
Subject: [PATCH] psbt: Enforce sighash type of signatures matches psbt

BIP 174 states that the sighash type of all signatures must match the
type given by the PSBT, so do that.
---
 src/psbt.cpp | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/psbt.cpp b/src/psbt.cpp
index c4d3e0e227f..94e80cd075e 100644
--- a/src/psbt.cpp
+++ b/src/psbt.cpp
@@ -425,6 +425,26 @@ PSBTError SignPSBTInput(const SigningProvider& provider, PartiallySignedTransact
         return PSBTError::SIGHASH_MISMATCH;
     }
 
+    // Check all existing signatures use the sighash type
+    if (sighash == SIGHASH_DEFAULT) {
+        if (!input.m_tap_key_sig.empty() && input.m_tap_key_sig.size() != 64) {
+            return PSBTError::SIGHASH_MISMATCH;
+        }
+        for (const auto& [_, sig] : input.m_tap_script_sigs) {
+            if (sig.size() != 64) return PSBTError::SIGHASH_MISMATCH;
+        }
+    } else {
+        if (!input.m_tap_key_sig.empty() && (input.m_tap_key_sig.size() != 65 || input.m_tap_key_sig.back() != *sighash)) {
+            return PSBTError::SIGHASH_MISMATCH;
+        }
+        for (const auto& [_, sig] : input.m_tap_script_sigs) {
+            if (sig.size() != 65 || sig.back() != *sighash) return PSBTError::SIGHASH_MISMATCH;
+        }
+        for (const auto& [_, sig] : input.partial_sigs) {
+            if (sig.second.back() != *sighash) return PSBTError::SIGHASH_MISMATCH;
+        }
+    }
+
     sigdata.witness = false;
     bool sig_complete;
     if (txdata == nullptr) {