Merge pull request #7529 from ziggie1984/psbt-bug

Check for nonWitness UTXO or witness UTXO data in the psbt inputs
2025-03-26 17:52:25 +01:00 · 2023-03-31 11:58:45 +02:00 · 2023-03-31 11:58:45 +02:00 · 21dd2cf61d
commit 21dd2cf61d
parent ec5b95c9a9 71b8fac819
7 changed files with 45 additions and 13 deletions
--- a/docs/release-notes/release-notes-0.16.1.md
+++ b/docs/release-notes/release-notes-0.16.1.md
@ -38,7 +38,7 @@

 ## RPC

- A [debug log](https://github.com/lightningnetwork/lnd/pull/7514) has been
+* A [debug log](https://github.com/lightningnetwork/lnd/pull/7514) has been
  added to `lnrpc` so the node operator can know whether a certain request has
  happened or not.

@ -48,6 +48,11 @@
  anything for the users since the message type(36) stays unchanged, except in
  the logging all the appearance of `funding_locked` replated experssion is
  replaced with `channel_ready`.
+## Bug Fixes
+
+* [Fix a bug where lnd crashes when psbt data is not fully 
+available](https://github.com/lightningnetwork/lnd/pull/7529).
+

 # Contributors (Alphabetical Order)

@ -56,3 +61,4 @@
 * Oliver Gugger
 * Tommy Volk
 * Yong Yu
+* ziggie1984
--- a/go.mod
+++ b/go.mod
@ -6,10 +6,10 @@ require (
 	github.com/btcsuite/btcd v0.23.5-0.20230125025938-be056b0a0b2f
 	github.com/btcsuite/btcd/btcec/v2 v2.3.2
 	github.com/btcsuite/btcd/btcutil v1.1.3
-	github.com/btcsuite/btcd/btcutil/psbt v1.1.5
+	github.com/btcsuite/btcd/btcutil/psbt v1.1.8
 	github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2
 	github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f
-	github.com/btcsuite/btcwallet v0.16.7
+	github.com/btcsuite/btcwallet v0.16.8-0.20230324081040-520f650ce045
 	github.com/btcsuite/btcwallet/wallet/txauthor v1.3.2
 	github.com/btcsuite/btcwallet/wallet/txrules v1.2.0
 	github.com/btcsuite/btcwallet/walletdb v1.4.0
--- a/go.sum
+++ b/go.sum
@ -80,8 +80,8 @@ github.com/btcsuite/btcd/btcutil v1.1.0/go.mod h1:5OapHB7A2hBBWLm48mmw4MOHNJCcUB
 github.com/btcsuite/btcd/btcutil v1.1.1/go.mod h1:nbKlBMNm9FGsdvKvu0essceubPiAcI57pYBNnsLAa34=
 github.com/btcsuite/btcd/btcutil v1.1.3 h1:xfbtw8lwpp0G6NwSHb+UE67ryTFHJAiNuipusjXSohQ=
 github.com/btcsuite/btcd/btcutil v1.1.3/go.mod h1:UR7dsSJzJUfMmFiiLlIrMq1lS9jh9EdCV7FStZSnpi0=
-github.com/btcsuite/btcd/btcutil/psbt v1.1.5 h1:x0ZRrYY8j75ThV6xBz86CkYAG82F5bzay4H5D1c8b/U=
-github.com/btcsuite/btcd/btcutil/psbt v1.1.5/go.mod h1:kA6FLH/JfUx++j9pYU0pyu+Z8XGBQuuTmuKYUf6q7/U=
+github.com/btcsuite/btcd/btcutil/psbt v1.1.8 h1:4voqtT8UppT7nmKQkXV+T9K8UyQjKOn2z/ycpmJK8wg=
+github.com/btcsuite/btcd/btcutil/psbt v1.1.8/go.mod h1:kA6FLH/JfUx++j9pYU0pyu+Z8XGBQuuTmuKYUf6q7/U=
 github.com/btcsuite/btcd/chaincfg/chainhash v1.0.0/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
 github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
 github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2 h1:KdUfX2zKommPRa+PD0sWZUyXe9w277ABlgELO7H04IM=
@ -89,8 +89,8 @@ github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2/go.mod h1:7SFka0XMvUgj3hfZtyd
 github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f h1:bAs4lUbRJpnnkd9VhRV3jjAVU7DJVjMaK+IsvSeZvFo=
 github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA=
 github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg=
-github.com/btcsuite/btcwallet v0.16.7 h1:J6nBMMMc90n77/4QIfzRFn5XB1hPvMDfcgX5U6Ls0kI=
-github.com/btcsuite/btcwallet v0.16.7/go.mod h1:J/q3/JxytAcuqR+zSTCRZ5K+0LtMuhxtCjLVXKDHBu0=
+github.com/btcsuite/btcwallet v0.16.8-0.20230324081040-520f650ce045 h1:302lmdYbONzrLACkm9IlCobMYuYOjF8to+tUhaQsTzc=
+github.com/btcsuite/btcwallet v0.16.8-0.20230324081040-520f650ce045/go.mod h1:WBcb0CNEgzjF2EdatcERzG7cd/lhHXtNJ4VjIePOdXM=
 github.com/btcsuite/btcwallet/wallet/txauthor v1.3.2 h1:etuLgGEojecsDOYTII8rYiGHjGyV5xTqsXi+ZQ715UU=
 github.com/btcsuite/btcwallet/wallet/txauthor v1.3.2/go.mod h1:Zpk/LOb2sKqwP2lmHjaZT9AdaKsHPSbNLm2Uql5IQ/0=
 github.com/btcsuite/btcwallet/wallet/txrules v1.2.0 h1:BtEN5Empw62/RVnZ0VcJaVtVlBijnLlJY+dwjAye2Bg=
--- a/itest/lnd_psbt_test.go
+++ b/itest/lnd_psbt_test.go
@ -1009,17 +1009,28 @@ func assertPsbtSpend(ht *lntest.HarnessTest, alice *node.HarnessNode,
 	packet, err := psbt.NewFromUnsignedTx(pendingTx)
 	require.NoError(ht, err)

+	// We first try to sign the psbt without the necessary input data
+	// which should fail with the expected error.
+	var buf bytes.Buffer
+	err = packet.Serialize(&buf)
+	require.NoError(ht, err)
+
+	signReq := &walletrpc.SignPsbtRequest{FundedPsbt: buf.Bytes()}
+	err = alice.RPC.SignPsbtErr(signReq)
+	require.ErrorContains(ht, err, "input (index=0) doesn't specify "+
+		"any UTXO info", "error does not match")
+
 	// Now let's add the meta information that we need for signing.
 	packet.Inputs[0].WitnessUtxo = utxo
 	packet.Inputs[0].NonWitnessUtxo = prevTx
 	decorateUnsigned(packet)

 	// That's it, we should be able to sign the PSBT now.
-	var buf bytes.Buffer
+	buf.Reset()
 	err = packet.Serialize(&buf)
 	require.NoError(ht, err)

-	signReq := &walletrpc.SignPsbtRequest{FundedPsbt: buf.Bytes()}
+	signReq = &walletrpc.SignPsbtRequest{FundedPsbt: buf.Bytes()}
 	signResp := alice.RPC.SignPsbt(signReq)

 	// Let's make sure we have a partial signature.
--- a/lntest/rpc/wallet_kit.go
+++ b/lntest/rpc/wallet_kit.go
@ -263,6 +263,19 @@ func (h *HarnessRPC) SignPsbt(
 	return resp
 }

+// SignPsbtErr makes a RPC call to the node's WalletKitClient and asserts
+// an error returned.
+func (h *HarnessRPC) SignPsbtErr(req *walletrpc.SignPsbtRequest) error {
+	ctxt, cancel := context.WithTimeout(h.runCtx, DefaultTimeout)
+	defer cancel()
+
+	_, err := h.WalletKit.SignPsbt(ctxt, req)
+	require.Errorf(h, err, "%s: expect sign psbt to return an error",
+		h.Name)
+
+	return err
+}
+
 // ImportTapscript makes a RPC call to the node's WalletKitClient and asserts.
 //
 //nolint:lll
--- a/lnwallet/btcwallet/psbt.go
+++ b/lnwallet/btcwallet/psbt.go
@ -135,8 +135,9 @@ func (b *BtcWallet) SignPsbt(packet *psbt.Packet) ([]uint32, error) {
 	var signedInputs []uint32

 	// Let's check that this is actually something we can and want to sign.
-	// We need at least one input and one output.
-	err := psbt.VerifyInputOutputLen(packet, true, true)
+	// We need at least one input and one output. In addition each
+	// input needs nonWitness Utxo or witness Utxo data specified.
+	err := psbt.InputsReadyToSign(packet)
 	if err != nil {
 		return nil, err
 	}
--- a/lnwallet/rpcwallet/rpcwallet.go
+++ b/lnwallet/rpcwallet/rpcwallet.go
@ -255,8 +255,9 @@ func (r *RPCKeyRing) SignPsbt(packet *psbt.Packet) ([]uint32, error) {
 // parameter in FinalizePsbt so we can get rid of this code duplication.
 func (r *RPCKeyRing) FinalizePsbt(packet *psbt.Packet, _ string) error {
 	// Let's check that this is actually something we can and want to sign.
-	// We need at least one input and one output.
-	err := psbt.VerifyInputOutputLen(packet, true, true)
+	// We need at least one input and one output. In addition each
+	// input needs nonWitness Utxo or witness Utxo data specified.
+	err := psbt.InputsReadyToSign(packet)
 	if err != nil {
 		return err
 	}