feat(wasm-utxo): expose requiresPrevTx prevTx-inclusion policy#306
Open
OttoAllmendinger wants to merge 1 commit into
Open
feat(wasm-utxo): expose requiresPrevTx prevTx-inclusion policy#306OttoAllmendinger wants to merge 1 commit into
OttoAllmendinger wants to merge 1 commit into
Conversation
OttoAllmendinger
force-pushed
the
otto/T1-3654-requires-prevtx
branch
4 times, most recently
from
6d7ba59 to
de82daa
Compare
Add a pure-JS prevTx-inclusion predicate to @bitgo/wasm-utxo so all callers share one source of truth for whether a p2sh PSBT input needs non_witness_utxo (full prevTx) or can be signed from witness_utxo-only. requiresPrevTxForP2sh(coinName) answers only the coin-level question for an input the caller has already determined is p2sh (non-segwit) and whose tx format includes prevTx (e.g. "psbt", not "psbt-lite"). It returns false for value-committing coins whose sighash commits the input amount, making prevTx cryptographically pointless for signing p2sh inputs: - Zcash (zec/tzec): ZIP-243 transparent sighash commits the amount. Including prevTx also crashes wasm-utxo, whose consensus::deserialize rejects Zcash overwintered transactions. - BCH family (bch/bcha/eCash, bsv, btg + testnets): replay-protected BIP-143 sighash (SIGHASH_FORKID, the default for the whole family) commits the 8-byte value as preimage item #6. The value-committing mainnets {zec, bch, bcha, bsv, btg} are matched via a switch on getMainnet(coinName), so testnets are covered. The module is pure JS — no WASM initialization — so the predicate is cheap to evaluate without loading wasm-utxo. Exported both namespaced (fixedScriptWallet.requiresPrevTxForP2sh) and as a top-level named export (alongside CoinName/getMainnet). Refs: T1-3654
OttoAllmendinger
force-pushed
the
otto/T1-3654-requires-prevtx
branch
from
de82daa to
8feac80
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Expose a pure-JS
requiresPrevTxpolicy from@bitgo/wasm-utxoso all callers share one source of truth for whether a PSBT input needsnon_witness_utxo(full prevTx) or can be signed fromwitness_utxo-only.Why
wasm-utxo'sadd_wallet_input_to_psbtdeserializesprev_txwith the standard Bitcoinconsensus::deserialize, which rejects Zcash overwintered transactions — the root cause of the Zcash (tzec) signing failures (T1-3654). Centralizing the prevTx-inclusion decision inside the sharedwasm-utxopackage gives every caller the same correct policy without each one re-deriving it.Change
New pure-JS module
packages/wasm-utxo/js/fixedScriptWallet/prevTx.tsexporting:requiresPrevTx(coinName, txFormat, chain)— returnsfalsewhenwitness_utxo-only suffices:psbt-litenever includesnon_witness_utxo;witness_utxo;prevTxis pointless for signing p2sh inputs even whentxFormat === "psbt":zec/tzec): ZIP-243 transparent sighash commits the amount. (IncludingprevTxalso crasheswasm-utxo.)bch/bcha/eCash,bsv,btg+ testnets): replay-protected BIP-143 sighash (SIGHASH_FORKID, the default for the whole family) commits the 8-byte value as preimage item feat(wasm-utxo): implement MuSig2 with BitGo-specific p2tr variant #6.isValueCommittingCoin— backed by a mainnet Set{zec, bch, bcha, bsv, btg}normalized viagetMainnet(covers testnets).isZcashCoin— kept (selectsZcashBitGoPsbt).isNonSegwitChain— checkschain === 0 || 1literally so the module does not trigger WASM initialization; the predicate is cheap to evaluate without loadingwasm-utxo.TxFormattype ("psbt" | "psbt-lite" | "legacy").Exported both namespaced (
fixedScriptWallet.requiresPrevTx) and as top-level named exports alongsideCoinName/getMainnet.Test plan
npx mocha test/fixedScript/prevTx.ts— 26 passing (fullrequiresPrevTxtruth table +isValueCommittingCoin/isZcashCoin/isNonSegwitChainsuites)npm run build:ts-esm(tsc) — cleanOut of scope
wasm-utxoconsensus::deserializecrash site is untouched; this PR only exposes a shared predicate so callers can avoid sendingprevTxwhen it's pointless. (The Zcash-awaredecode_zcash_transaction_partshardening and the repro test live on a separate jj change.)Refs: T1-3654