descriptor: refuse to parse unspendable miniscript descriptors

It's possible for some unsatisfiable miniscripts to be considered sane. Make sure we refuse to import those, as they would be unspendable.
2025-12-15 07:03:40 +01:00 · 2023-07-01 11:59:11 +02:00
parent e3280eae1b
commit 639e3b6c97
2 changed files with 7 additions and 2 deletions
--- a/src/script/descriptor.cpp
+++ b/src/script/descriptor.cpp
@@ -1541,14 +1541,14 @@ std::unique_ptr<DescriptorImpl> ParseScript(uint32_t& key_exp_index, Span<const
                error = std::move(parser.m_key_parsing_error);
                return nullptr;
            }
-            if (!node->IsSane()) {
+            if (!node->IsSane() || node->IsNotSatisfiable()) {
                // Try to find the first insane sub for better error reporting.
                auto insane_node = node.get();
                if (const auto sub = node->FindInsaneSub()) insane_node = sub;
                if (const auto str = insane_node->ToString(parser)) error = *str;
                if (!insane_node->IsValid()) {
                    error += " is invalid";
-                } else {
+                } else if (!node->IsSane()) {
                    error += " is not sane";
                    if (!insane_node->IsNonMalleable()) {
                        error += ": malleable witnesses exist";
@@ -1561,6 +1561,8 @@ std::unique_ptr<DescriptorImpl> ParseScript(uint32_t& key_exp_index, Span<const
                    } else if (!insane_node->ValidSatisfactions()) {
                        error += ": needs witnesses that may exceed resource limits";
                    }
+                } else {
+                    error += " is not satisfiable";
                }
                return nullptr;
            }