MuSig2 power #91
Open
MuSig2 power #91
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sjors
force-pushed
the
2025/06/musig2-power
branch
from
7b0dd9f to
f842cae
Compare
3 tasks
Sjors
force-pushed
the
2025/06/musig2-power
branch
from
2ecd3b6 to
0f809dd
Compare
This was referenced Jul 18, 2025
Previously, to determine if a desc is watchonly, `ToPrivateString()`, was used. It returns `false` if there is at least one pubkey in the descriptor that does not have a private key. ToPrivateString() behaviour will change in the following commits to only return false if no priv keys could be found for the pub keys in the descriptor. IsWatchOnly() is added here to replace the use of ToPrivateString() for determining if a descriptor is 'watchonly'. Co-authored-by: rkrux <[email protected]>
ToPrivateString() behaviour will be modified in the following commits. This change ensures that wallet migration does not break.
- Refactor Descriptor::ToPrivateString() to allow descriptors with missing private keys to printed. Useful in descriptors with multiple keys e.g tr() etc. - The existing behaviour of listdescriptors is preserved as much as possible, if no private keys are availablle ToPrivateString will return false
unused() descriptors do not have scriptPubKeys. Instead, the wallet uses them to store keys without having any scripts to watch for.
A helper method to obtain all unused(key) descriptor SPKMs.
When a wallet contains only an unused(KEY) descriptor, use it. Previously the user would have to call listdescriptors and manually specify it.
Invert any_key_parsed so that the name matches the behavior.
There will be other functions within MutableTransactionSignatureCreator that need to compute the same sighash, so make it a separate member function.
Adds GetMuSig2SecNonces which returns secp256k1_musig_secnonce*, and DeleteMuSig2Session which removes the MuSig2 secnonce from wherever it was retrieved. FlatSigningProvider stores it as a pointer to a map of session id to secnonce so that deletion will actually delete from the object that actually owns the secnonces. The session id is just a unique identifier for the caller to determine what secnonces have been created.
Use derivehdkey instead of extracting each participant xpub (and derivation info) from the listdescriptors output. Additionally use the new <0;1> descriptor syntax. Finally this commits adds a few debug log lines, and expand the explanation for why we use m/44h/1h/0h.
Use derivehdkey instead of extracting each participant xpub from the listdescriptors output. Additionally use the new <0;1> descriptor syntax. Also use bitcoin rpc instead of bitcoin-cli.
Replace the sign, finalize , bip32derivs and sighash_type arguments which are passed to FillPSBT() and SignPSBTInput() with a PSBTFillOptions struct. This makes it easier to add additional options later without large code churn, such as avoid_script_path proposed in bitcoin#32857. It also makes the use of default boolean options safer compared to positional arguments that can easily get mixed up.
Expand taproot tests to cover avoid_script_path in walletprocesspsbt. When avoiding script paths, there's no need for the workaround that increases fee_rate to compensate for the wallet's inability to estimate fees for script path spends. We use this to indirectly test that key path was used. We also check that taproot_script_path_sigs is not set. Finally, for transactions that can't be signed using their key path, we try again by allowing the script path. Additional test extended private keys were extracted from other tests.
Conflicts: src/script/sign.cpp Using m_options.sighash_type
Conflicts: src/wallet/external_signer_scriptpubkeyman.h src/wallet/rpc/wallet.cpp
An earlier merge commit contained an outdated version of this.
…ys' into 2025/06/musig2-power
Sjors
force-pushed
the
2025/06/musig2-power
branch
from
c524af5 to
66705f3
Compare
|
Fresh rebase after bitcoin#31244 landed. |
External signer enabled wallets should always use the process PSBT flow. Avoid going through CreateTransaction. This has no effect until the next commit when WALLET_FLAG_EXTERNAL_SIGNER no longer implies WALLET_FLAG_DISABLE_PRIVATE_KEYS. Without this change signing with the GUI would break for external signers with private keys enabled.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Combines the following:
addhdkeyRPC to add just keys to wallets via newunused(KEY)descriptor bitcoin/bitcoin#29136Best combined with either MooSig or bitcoin-core/HWI#794.
Update note to self:
(update master on the fork repo if needed)