You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In #41, I added a method called describe_basic_multisig_tx() that abstracts away a lot of what's happening under the hood for wallet developers.
One remaining issue is that Signers need a copy of all the xpubs, which requires state to be stored somewhere. It seems like describe_basic_multisig_tx() is duplicating a lot of code from the various parse() and validate methods in psbt.py. Another complicating factor is that my current implementation requires a dict of the form {xfp_hex: HDPublicKey}, but it would be possible to drop the xfp_hex requirement (and just iterate through a list of HDPublicKeys here. Performance would be worse, but developer UX would be better (no need to know root_fingerprint_hex for each HDPublicKey).
Some ideas:
Would it be a good idea to move some of the logic from from describe_basic_multisig_tx() to the PSBT class (either parse() and/or validate() methods? The simplest answer may be to add the xpubs as NamedHDPublicKey to the PSBT, and do that in a way so that validating business logic (validate each input matches those xpubs, and that change has the same xpubs m-of-n, etc) can easily be done in describe_basic_multisig_tx().
Is there a way to pass state in via the PSBT? This may not be possible as we want to be compatible with what Specter-Desktop is using, so that's problematic.
In #41, I added a method called
describe_basic_multisig_tx()that abstracts away a lot of what's happening under the hood for wallet developers.One remaining issue is that Signers need a copy of all the xpubs, which requires state to be stored somewhere. It seems like
describe_basic_multisig_tx()is duplicating a lot of code from the variousparse()andvalidatemethods inpsbt.py. Another complicating factor is that my current implementation requires a dict of the form{xfp_hex: HDPublicKey}, but it would be possible to drop thexfp_hexrequirement (and just iterate through a list ofHDPublicKeys here. Performance would be worse, but developer UX would be better (no need to knowroot_fingerprint_hexfor eachHDPublicKey).Some ideas:
describe_basic_multisig_tx()to thePSBTclass (eitherparse()and/orvalidate()methods? The simplest answer may be to add the xpubs asNamedHDPublicKeyto thePSBT, and do that in a way so that validating business logic (validate each input matches those xpubs, and that change has the same xpubsm-of-n, etc) can easily be done indescribe_basic_multisig_tx().There's also a potential security vulnerability pointed out by @jimmysong. I don't see the vulnerability, so would like to understand what I'm missing so I can fix it!
The text was updated successfully, but these errors were encountered: