rpc, psbt: Require sighashes match for descriptorprocesspsbt

2025-03-29 11:12:10 +01:00 · 2025-01-08 16:47:55 -05:00 · 2025-01-08 16:47:55 -05:00 · a7f76b28a1
commit a7f76b28a1
parent f8b71807fd
2 changed files with 19 additions and 2 deletions
--- a/src/rpc/rawtransaction.cpp
+++ b/src/rpc/rawtransaction.cpp
@ -235,8 +235,10 @@ PartiallySignedTransaction ProcessPSBT(const std::string& psbt_string, const std
        // Note that SignPSBTInput does a lot more than just constructing ECDSA signatures.
        // We only actually care about those if our signing provider doesn't hide private
        // information, as is the case with `descriptorprocesspsbt`
-        // As such, we ignore the return value as any errors just mean that we do not have enough information.
-        (void)SignPSBTInput(provider, psbtx, /*index=*/i, &txdata, sighash_type, /*out_sigdata=*/nullptr, finalize);
+        // Only error for mismatching sighash types as it is critical that the sighash to sign with matches the PSBT's
+        if (SignPSBTInput(provider, psbtx, /*index=*/i, &txdata, sighash_type, /*out_sigdata=*/nullptr, finalize) == common::PSBTError::SIGHASH_MISMATCH) {
+            throw JSONRPCPSBTError(common::PSBTError::SIGHASH_MISMATCH);
+        }
    }

    // Update script/keypath information using descriptor data.
--- a/test/functional/rpc_psbt.py
+++ b/test/functional/rpc_psbt.py
@ -212,6 +212,12 @@ class PSBTTest(BitcoinTestFramework):
        def_wallet.sendtoaddress(addr, 5)
        self.generate(self.nodes[0], 6)

+        # Retrieve the descriptors so we can do all of the tests with descriptorprocesspsbt as well
+        if self.options.descriptors:
+            descs = wallet.listdescriptors(True)["descriptors"]
+        else:
+            descs = [descsum_create(f"wpkh({wallet.dumpprivkey(addr)})")]
+
        # Make a PSBT
        psbt = wallet.walletcreatefundedpsbt([], [{def_wallet.getnewaddress(): 1}])["psbt"]

@ -228,6 +234,15 @@ class PSBTTest(BitcoinTestFramework):
        proc = wallet.walletprocesspsbt(psbt, True, "ALL|ANYONECANPAY")
        assert_equal(proc["complete"], True)

+        # Repeat with descriptorprocesspsbt
+        # Mismatching sighash type fails, including when no type is specified
+        for sighash in ["DEFAULT", "ALL", "NONE", "SINGLE", "NONE|ANYONECANPAY", "SINGLE|ANYONECANPAY", None]:
+            assert_raises_rpc_error(-22, "Specified sighash value does not match value stored in PSBT", self.nodes[0].descriptorprocesspsbt, psbt, descs, sighash)
+
+        # Matching sighash type succeeds
+        proc = self.nodes[0].descriptorprocesspsbt(psbt, descs, "ALL|ANYONECANPAY")
+        assert_equal(proc["complete"], True)
+
        wallet.unloadwallet()

    def test_sighash_adding(self):