descriptor: Implement wallet-policies BIP #369
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bigspider
reviewed
Feb 21, 2023
jgriffiths
force-pushed
the
wallet_policies
branch
from
9883c6c
to
13a7fd7
Compare
See bitcoin/bips#1389 Policies are a restriction on the general variable substitution mechanism that wally already supports, combined with a shorthand notation for path derivation. 1 - Key variables can only be named @n where n is an integer 2 - Key variable names must increase sequentially from 0 to n 3 - Key variables names must be followed by '/*', '/**', or '/<m;n>/*' 4 - Key variables can only be serialized BIP32 public keys without paths 5 - All key expressions to substitute must be unique 6 - Al least one key expression must be present 7 - Key variables must appear in the policy in order from 0 to n (back-references are allowed for repeated keys) 8 - All key expressions in a policy must be in the form of Key variables 9 - All key expression must share the same solved cardinality (keys using '/*', cannot be mixed with those using '/**' or '/<m;n>/*') 10 - The solved cardinality of a policy must be 1 or 2 (e.g. no combo())`. 11 - All repeated references to the same key must use distinct derivations. This initial change implements and tests points 1-4. This implementation will ignore the whitelisted expression lists given in the BIP, and instead accept any valid descriptor that doesn't have a solved cardinality greater than 2. See the above linked github PR discussion for the rationale behind this decision.
Point 5 of the policy key requirements.
Point 6 of the policy key requirements.
Point 7 of the policy key requirements.
…ions Point 8 of the policy key requirements.
Point 9 of the policy key requirements.
Point 10 of the policy key requirements
jgriffiths
force-pushed
the
wallet_policies
branch
2 times, most recently
from
f0d8121
to
76defcd
Compare
Also align and re-use the context feature flags for node features (so we can later expose the node features to callers).
This is required e.g. to differentiate x-only keys.
Also fix and test a few edge cases in ensuring substitution invariants. The relevant BIP makes this mandatory, however given it is somewhat expensive to verify, and the security concerns mentioned seem to only relate to miniscript malleation via old tx signatures, make it opt-in. It would be nice to support ensuring this for non-policy miniscript descriptors. But, given the combination of possible descriptor key types and path expressions I do not believe it is feasible for any implementation to do this correctly without exactly the other limits that policies enforce. A general solution would have to solve all possible paths and derive all combinations of allowed keys which is not trivial to prove correct and extremely compute intensive and thus not feasible on HWW.
jgriffiths
force-pushed
the
wallet_policies
branch
from
76defcd
to
f419bb0
Compare
jgriffiths
changed the title
This was referenced Sep 12, 2023
jgriffiths
force-pushed
the
wallet_policies
branch
from
f419bb0
to
33dbf68
Compare
jgriffiths
force-pushed
the
wallet_policies
branch
from
33dbf68
to
7446283
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See bitcoin/bips#1389 for details of wallet policies.
Note wally implements the
/*extension to support non-BIP44 wallets such as Blockstream Green. Additionally, we do not limit allowable policies to the whitelist in the linked BIP. We allow all valid descriptors where the solved cardinality is either 1 or 2.Includes some extra functionality that is useful for validating descriptors/policies, primarily the ability to iterate and query the keys in the parsed expression.