Line data Source code
1 : // Copyright (c) 2019-2020 The Bitcoin Core developers
2 : // Distributed under the MIT software license, see the accompanying
3 : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 :
5 : #include <key_io.h>
6 : #include <outputtype.h>
7 : #include <script/descriptor.h>
8 : #include <script/sign.h>
9 : #include <util/bip32.h>
10 : #include <util/strencodings.h>
11 : #include <util/string.h>
12 : #include <util/translation.h>
13 : #include <wallet/scriptpubkeyman.h>
14 :
15 : //! Value for the first BIP 32 hardened derivation. Can be used as a bit mask and as a value. See BIP 32 for more details.
16 : const uint32_t BIP32_HARDENED_KEY_LIMIT = 0x80000000;
17 :
18 7521 : bool LegacyScriptPubKeyMan::GetNewDestination(const OutputType type, CTxDestination& dest, std::string& error)
19 : {
20 7521 : LOCK(cs_KeyStore);
21 7521 : error.clear();
22 :
23 : // Generate a new key that is added to wallet
24 7521 : CPubKey new_key;
25 7521 : if (!GetKeyFromPool(new_key, type)) {
26 4 : error = _("Error: Keypool ran out, please call keypoolrefill first").translated;
27 4 : return false;
28 : }
29 7517 : LearnRelatedScripts(new_key, type);
30 7517 : dest = GetDestinationForKey(new_key, type);
31 7517 : return true;
32 7521 : }
33 :
34 : typedef std::vector<unsigned char> valtype;
35 :
36 : namespace {
37 :
38 : /**
39 : * This is an enum that tracks the execution context of a script, similar to
40 : * SigVersion in script/interpreter. It is separate however because we want to
41 : * distinguish between top-level scriptPubKey execution and P2SH redeemScript
42 : * execution (a distinction that has no impact on consensus rules).
43 : */
44 : enum class IsMineSigVersion
45 : {
46 : TOP = 0, //!< scriptPubKey execution
47 : P2SH = 1, //!< P2SH redeemScript
48 : WITNESS_V0 = 2, //!< P2WSH witness script execution
49 : };
50 :
51 : /**
52 : * This is an internal representation of isminetype + invalidity.
53 : * Its order is significant, as we return the max of all explored
54 : * possibilities.
55 : */
56 : enum class IsMineResult
57 : {
58 : NO = 0, //!< Not ours
59 : WATCH_ONLY = 1, //!< Included in watch-only balance
60 : SPENDABLE = 2, //!< Included in all balances
61 : INVALID = 3, //!< Not spendable by anyone (uncompressed pubkey in segwit, P2SH inside P2SH or witness, witness inside witness)
62 : };
63 :
64 931673 : bool PermitsUncompressed(IsMineSigVersion sigversion)
65 : {
66 931673 : return sigversion == IsMineSigVersion::TOP || sigversion == IsMineSigVersion::P2SH;
67 : }
68 :
69 3262 : bool HaveKeys(const std::vector<valtype>& pubkeys, const LegacyScriptPubKeyMan& keystore)
70 : {
71 8536 : for (const valtype& pubkey : pubkeys) {
72 5274 : CKeyID keyID = CPubKey(pubkey).GetID();
73 5274 : if (!keystore.HaveKey(keyID)) return false;
74 5274 : }
75 2515 : return true;
76 3262 : }
77 :
78 : //! Recursively solve script and return spendable/watchonly/invalid status.
79 : //!
80 : //! @param keystore legacy key and script store
81 : //! @param script script to solve
82 : //! @param sigversion script type (top-level / redeemscript / witnessscript)
83 : //! @param recurse_scripthash whether to recurse into nested p2sh and p2wsh
84 : //! scripts or simply treat any script that has been
85 : //! stored in the keystore as spendable
86 1833229 : IsMineResult IsMineInner(const LegacyScriptPubKeyMan& keystore, const CScript& scriptPubKey, IsMineSigVersion sigversion, bool recurse_scripthash=true)
87 : {
88 1833229 : IsMineResult ret = IsMineResult::NO;
89 :
90 1833229 : std::vector<valtype> vSolutions;
91 1833229 : TxoutType whichType = Solver(scriptPubKey, vSolutions);
92 :
93 1833229 : CKeyID keyID;
94 1833229 : switch (whichType)
95 : {
96 : case TxoutType::NONSTANDARD:
97 : case TxoutType::NULL_DATA:
98 : case TxoutType::WITNESS_UNKNOWN:
99 : break;
100 : case TxoutType::PUBKEY:
101 8506 : keyID = CPubKey(vSolutions[0]).GetID();
102 8506 : if (!PermitsUncompressed(sigversion) && vSolutions[0].size() != 33) {
103 352 : return IsMineResult::INVALID;
104 : }
105 8154 : if (keystore.HaveKey(keyID)) {
106 1165 : ret = std::max(ret, IsMineResult::SPENDABLE);
107 1165 : }
108 : break;
109 : case TxoutType::WITNESS_V0_KEYHASH:
110 : {
111 439572 : if (sigversion == IsMineSigVersion::WITNESS_V0) {
112 : // P2WPKH inside P2WSH is invalid.
113 1 : return IsMineResult::INVALID;
114 : }
115 439571 : if (sigversion == IsMineSigVersion::TOP && !keystore.HaveCScript(CScriptID(CScript() << OP_0 << vSolutions[0]))) {
116 : // We do not support bare witness outputs unless the P2SH version of it would be
117 : // acceptable as well. This protects against matching before segwit activates.
118 : // This also applies to the P2WSH case.
119 : break;
120 : }
121 281241 : ret = std::max(ret, IsMineInner(keystore, GetScriptForDestination(PKHash(uint160(vSolutions[0]))), IsMineSigVersion::WITNESS_V0));
122 281241 : break;
123 : }
124 : case TxoutType::PUBKEYHASH:
125 919376 : keyID = CKeyID(uint160(vSolutions[0]));
126 919376 : if (!PermitsUncompressed(sigversion)) {
127 282198 : CPubKey pubkey;
128 282198 : if (keystore.GetPubKey(keyID, pubkey) && !pubkey.IsCompressed()) {
129 705 : return IsMineResult::INVALID;
130 : }
131 282198 : }
132 918671 : if (keystore.HaveKey(keyID)) {
133 820405 : ret = std::max(ret, IsMineResult::SPENDABLE);
134 820405 : }
135 : break;
136 : case TxoutType::SCRIPTHASH:
137 : {
138 134661 : if (sigversion != IsMineSigVersion::TOP) {
139 : // P2SH inside P2WSH or P2SH is invalid.
140 2 : return IsMineResult::INVALID;
141 : }
142 134659 : CScriptID scriptID = CScriptID(uint160(vSolutions[0]));
143 134659 : CScript subscript;
144 134659 : if (keystore.GetCScript(scriptID, subscript)) {
145 13098 : ret = std::max(ret, recurse_scripthash ? IsMineInner(keystore, subscript, IsMineSigVersion::P2SH) : IsMineResult::SPENDABLE);
146 13098 : }
147 : break;
148 134659 : }
149 : case TxoutType::WITNESS_V0_SCRIPTHASH:
150 : {
151 28204 : if (sigversion == IsMineSigVersion::WITNESS_V0) {
152 : // P2WSH inside P2WSH is invalid.
153 1 : return IsMineResult::INVALID;
154 : }
155 28203 : if (sigversion == IsMineSigVersion::TOP && !keystore.HaveCScript(CScriptID(CScript() << OP_0 << vSolutions[0]))) {
156 : break;
157 : }
158 6727 : uint160 hash;
159 6727 : CRIPEMD160().Write(&vSolutions[0][0], vSolutions[0].size()).Finalize(hash.begin());
160 6727 : CScriptID scriptID = CScriptID(hash);
161 6727 : CScript subscript;
162 6727 : if (keystore.GetCScript(scriptID, subscript)) {
163 6705 : ret = std::max(ret, recurse_scripthash ? IsMineInner(keystore, subscript, IsMineSigVersion::WITNESS_V0) : IsMineResult::SPENDABLE);
164 6705 : }
165 : break;
166 6727 : }
167 :
168 : case TxoutType::MULTISIG:
169 : {
170 : // Never treat bare multisig outputs as ours (they can still be made watchonly-though)
171 4727 : if (sigversion == IsMineSigVersion::TOP) {
172 : break;
173 : }
174 :
175 : // Only consider transactions "mine" if we own ALL the
176 : // keys involved. Multi-signature transactions that are
177 : // partially owned (somebody else has a key that can spend
178 : // them) enable spend-out-from-under-you attacks, especially
179 : // in shared-wallet situations.
180 3791 : std::vector<valtype> keys(vSolutions.begin()+1, vSolutions.begin()+vSolutions.size()-1);
181 3791 : if (!PermitsUncompressed(sigversion)) {
182 6717 : for (size_t i = 0; i < keys.size(); i++) {
183 4458 : if (keys[i].size() != 33) {
184 529 : return IsMineResult::INVALID;
185 : }
186 : }
187 : }
188 3262 : if (HaveKeys(keys, keystore)) {
189 2515 : ret = std::max(ret, IsMineResult::SPENDABLE);
190 2515 : }
191 3262 : break;
192 3791 : }
193 : }
194 :
195 1831639 : if (ret == IsMineResult::NO && keystore.HaveWatchOnly(scriptPubKey)) {
196 16029 : ret = std::max(ret, IsMineResult::WATCH_ONLY);
197 16029 : }
198 1831639 : return ret;
199 1833229 : }
200 :
201 : } // namespace
202 :
203 927044 : isminetype LegacyScriptPubKeyMan::IsMine(const CScript& script) const
204 : {
205 927044 : switch (IsMineInner(*this, script, IsMineSigVersion::TOP)) {
206 : case IsMineResult::INVALID:
207 : case IsMineResult::NO:
208 580465 : return ISMINE_NO;
209 : case IsMineResult::WATCH_ONLY:
210 14537 : return ISMINE_WATCH_ONLY;
211 : case IsMineResult::SPENDABLE:
212 332042 : return ISMINE_SPENDABLE;
213 : }
214 0 : assert(false);
215 927044 : }
216 :
217 46 : bool LegacyScriptPubKeyMan::CheckDecryptionKey(const CKeyingMaterial& master_key, bool accept_no_keys)
218 : {
219 : {
220 46 : LOCK(cs_KeyStore);
221 46 : assert(mapKeys.empty());
222 :
223 46 : bool keyPass = mapCryptedKeys.empty(); // Always pass when there are no encrypted keys
224 166 : bool keyFail = false;
225 46 : CryptedKeyMap::const_iterator mi = mapCryptedKeys.begin();
226 46 : WalletBatch batch(m_storage.GetDatabase());
227 120 : for (; mi != mapCryptedKeys.end(); ++mi)
228 : {
229 105 : const CPubKey &vchPubKey = (*mi).second.first;
230 105 : const std::vector<unsigned char> &vchCryptedSecret = (*mi).second.second;
231 105 : CKey key;
232 105 : if (!DecryptKey(master_key, vchCryptedSecret, vchPubKey, key))
233 : {
234 : keyFail = true;
235 0 : break;
236 : }
237 : keyPass = true;
238 105 : if (fDecryptionThoroughlyChecked)
239 31 : break;
240 : else {
241 : // Rewrite these encrypted keys with checksums
242 74 : batch.WriteCryptedKey(vchPubKey, vchCryptedSecret, mapKeyMetadata[vchPubKey.GetID()]);
243 : }
244 105 : }
245 46 : if (keyPass && keyFail)
246 : {
247 0 : LogPrintf("The wallet is probably corrupted: Some keys decrypt but not all.\n");
248 0 : throw std::runtime_error("Error unlocking wallet: some keys decrypt but not all. Your wallet file may be corrupt.");
249 : }
250 46 : if (keyFail || (!keyPass && !accept_no_keys))
251 0 : return false;
252 46 : fDecryptionThoroughlyChecked = true;
253 46 : }
254 46 : return true;
255 46 : }
256 :
257 16 : bool LegacyScriptPubKeyMan::Encrypt(const CKeyingMaterial& master_key, WalletBatch* batch)
258 : {
259 16 : LOCK(cs_KeyStore);
260 16 : encrypted_batch = batch;
261 16 : if (!mapCryptedKeys.empty()) {
262 0 : encrypted_batch = nullptr;
263 0 : return false;
264 : }
265 :
266 16 : KeyMap keys_to_encrypt;
267 16 : keys_to_encrypt.swap(mapKeys); // Clear mapKeys so AddCryptedKeyInner will succeed.
268 283 : for (const KeyMap::value_type& mKey : keys_to_encrypt)
269 : {
270 267 : const CKey &key = mKey.second;
271 267 : CPubKey vchPubKey = key.GetPubKey();
272 267 : CKeyingMaterial vchSecret(key.begin(), key.end());
273 267 : std::vector<unsigned char> vchCryptedSecret;
274 267 : if (!EncryptSecret(master_key, vchSecret, vchPubKey.GetHash(), vchCryptedSecret)) {
275 0 : encrypted_batch = nullptr;
276 0 : return false;
277 : }
278 267 : if (!AddCryptedKey(vchPubKey, vchCryptedSecret)) {
279 0 : encrypted_batch = nullptr;
280 0 : return false;
281 : }
282 267 : }
283 16 : encrypted_batch = nullptr;
284 16 : return true;
285 16 : }
286 :
287 2149 : bool LegacyScriptPubKeyMan::GetReservedDestination(const OutputType type, bool internal, CTxDestination& address, int64_t& index, CKeyPool& keypool)
288 : {
289 2149 : LOCK(cs_KeyStore);
290 2149 : if (!CanGetAddresses(internal)) {
291 12 : return false;
292 : }
293 :
294 2137 : if (!ReserveKeyFromKeyPool(index, keypool, internal)) {
295 4 : return false;
296 : }
297 2133 : address = GetDestinationForKey(keypool.vchPubKey, type);
298 2133 : return true;
299 2149 : }
300 :
301 8 : bool LegacyScriptPubKeyMan::TopUpInactiveHDChain(const CKeyID seed_id, int64_t index, bool internal)
302 : {
303 8 : LOCK(cs_KeyStore);
304 :
305 8 : if (m_storage.IsLocked()) return false;
306 :
307 8 : auto it = m_inactive_hd_chains.find(seed_id);
308 8 : if (it == m_inactive_hd_chains.end()) {
309 0 : return false;
310 : }
311 :
312 8 : CHDChain& chain = it->second;
313 :
314 : // Top up key pool
315 8 : int64_t target_size = std::max(gArgs.GetArg("-keypool", DEFAULT_KEYPOOL_SIZE), (int64_t) 1);
316 :
317 : // "size" of the keypools. Not really the size, actually the difference between index and the chain counter
318 : // Since chain counter is 1 based and index is 0 based, one of them needs to be offset by 1.
319 8 : int64_t kp_size = (internal ? chain.nInternalChainCounter : chain.nExternalChainCounter) - (index + 1);
320 :
321 : // make sure the keypool fits the user-selected target (-keypool)
322 8 : int64_t missing = std::max(target_size - kp_size, (int64_t) 0);
323 :
324 8 : if (missing > 0) {
325 3 : WalletBatch batch(m_storage.GetDatabase());
326 11 : for (int64_t i = missing; i > 0; --i) {
327 8 : GenerateNewKey(batch, chain, internal);
328 : }
329 3 : if (internal) {
330 0 : WalletLogPrintf("inactive seed with id %s added %d internal keys\n", HexStr(seed_id), missing);
331 0 : } else {
332 3 : WalletLogPrintf("inactive seed with id %s added %d keys\n", HexStr(seed_id), missing);
333 : }
334 3 : }
335 : return true;
336 8 : }
337 :
338 186760 : void LegacyScriptPubKeyMan::MarkUnusedAddresses(const CScript& script)
339 : {
340 186760 : LOCK(cs_KeyStore);
341 : // extract addresses and check if they match with an unused keypool key
342 265155 : for (const auto& keyid : GetAffectedKeys(script, *this)) {
343 78395 : std::map<CKeyID, int64_t>::const_iterator mi = m_pool_key_to_index.find(keyid);
344 78395 : if (mi != m_pool_key_to_index.end()) {
345 40 : WalletLogPrintf("%s: Detected a used keypool key, mark all keypool keys up to this key as used\n", __func__);
346 40 : MarkReserveKeysAsUsed(mi->second);
347 :
348 40 : if (!TopUp()) {
349 1 : WalletLogPrintf("%s: Topping up keypool failed (locked wallet)\n", __func__);
350 1 : }
351 : }
352 :
353 : // Find the key's metadata and check if it's seed id (if it has one) is inactive, i.e. it is not the current m_hd_chain seed id.
354 : // If so, TopUp the inactive hd chain
355 78395 : auto it = mapKeyMetadata.find(keyid);
356 78395 : if (it != mapKeyMetadata.end()){
357 78395 : CKeyMetadata meta = it->second;
358 78395 : if (!meta.hd_seed_id.IsNull() && meta.hd_seed_id != m_hd_chain.seed_id) {
359 8 : bool internal = (meta.key_origin.path[1] & ~BIP32_HARDENED_KEY_LIMIT) != 0;
360 8 : int64_t index = meta.key_origin.path[2] & ~BIP32_HARDENED_KEY_LIMIT;
361 :
362 8 : if (!TopUpInactiveHDChain(meta.hd_seed_id, index, internal)) {
363 0 : WalletLogPrintf("%s: Adding inactive seed keys failed\n", __func__);
364 0 : }
365 8 : }
366 78395 : }
367 78395 : }
368 186760 : }
369 :
370 136 : void LegacyScriptPubKeyMan::UpgradeKeyMetadata()
371 : {
372 136 : LOCK(cs_KeyStore);
373 136 : if (m_storage.IsLocked() || m_storage.IsWalletFlagSet(WALLET_FLAG_KEY_ORIGIN_METADATA)) {
374 0 : return;
375 : }
376 :
377 136 : std::unique_ptr<WalletBatch> batch = MakeUnique<WalletBatch>(m_storage.GetDatabase());
378 7019 : for (auto& meta_pair : mapKeyMetadata) {
379 6883 : CKeyMetadata& meta = meta_pair.second;
380 6883 : if (!meta.hd_seed_id.IsNull() && !meta.has_key_origin && meta.hdKeypath != "s") { // If the hdKeypath is "s", that's the seed and it doesn't have a key origin
381 8 : CKey key;
382 8 : GetKey(meta.hd_seed_id, key);
383 8 : CExtKey masterKey;
384 8 : masterKey.SetSeed(key.begin(), key.size());
385 : // Add to map
386 8 : CKeyID master_id = masterKey.key.GetPubKey().GetID();
387 8 : std::copy(master_id.begin(), master_id.begin() + 4, meta.key_origin.fingerprint);
388 8 : if (!ParseHDKeypath(meta.hdKeypath, meta.key_origin.path)) {
389 0 : throw std::runtime_error("Invalid stored hdKeypath");
390 : }
391 8 : meta.has_key_origin = true;
392 8 : if (meta.nVersion < CKeyMetadata::VERSION_WITH_KEY_ORIGIN) {
393 8 : meta.nVersion = CKeyMetadata::VERSION_WITH_KEY_ORIGIN;
394 8 : }
395 :
396 : // Write meta to wallet
397 8 : CPubKey pubkey;
398 8 : if (GetPubKey(meta_pair.first, pubkey)) {
399 8 : batch->WriteKeyMetadata(meta, pubkey, true);
400 : }
401 8 : }
402 0 : }
403 136 : }
404 :
405 355 : bool LegacyScriptPubKeyMan::SetupGeneration(bool force)
406 : {
407 355 : if ((CanGenerateKeys() && !force) || m_storage.IsLocked()) {
408 0 : return false;
409 : }
410 :
411 355 : SetHDSeed(GenerateNewSeed());
412 355 : if (!NewKeyPool()) {
413 0 : return false;
414 : }
415 355 : return true;
416 355 : }
417 :
418 64201 : bool LegacyScriptPubKeyMan::IsHDEnabled() const
419 : {
420 64201 : return !m_hd_chain.seed_id.IsNull();
421 : }
422 :
423 17341 : bool LegacyScriptPubKeyMan::CanGetAddresses(bool internal) const
424 : {
425 17341 : LOCK(cs_KeyStore);
426 : // Check if the keypool has keys
427 : bool keypool_has_keys;
428 17341 : if (internal && m_storage.CanSupportFeature(FEATURE_HD_SPLIT)) {
429 2250 : keypool_has_keys = setInternalKeyPool.size() > 0;
430 2250 : } else {
431 15091 : keypool_has_keys = KeypoolCountExternalKeys() > 0;
432 : }
433 : // If the keypool doesn't have keys, check if we can generate them
434 17341 : if (!keypool_has_keys) {
435 6888 : return CanGenerateKeys();
436 : }
437 10453 : return keypool_has_keys;
438 17341 : }
439 :
440 2 : bool LegacyScriptPubKeyMan::Upgrade(int prev_version, bilingual_str& error)
441 : {
442 2 : LOCK(cs_KeyStore);
443 : bool hd_upgrade = false;
444 : bool split_upgrade = false;
445 2 : if (m_storage.CanSupportFeature(FEATURE_HD) && !IsHDEnabled()) {
446 1 : WalletLogPrintf("Upgrading wallet to HD\n");
447 1 : m_storage.SetMinVersion(FEATURE_HD);
448 :
449 : // generate a new master key
450 1 : CPubKey masterPubKey = GenerateNewSeed();
451 1 : SetHDSeed(masterPubKey);
452 : hd_upgrade = true;
453 1 : }
454 : // Upgrade to HD chain split if necessary
455 2 : if (m_storage.CanSupportFeature(FEATURE_HD_SPLIT) && CHDChain::VERSION_HD_CHAIN_SPLIT) {
456 2 : WalletLogPrintf("Upgrading wallet to use HD chain split\n");
457 2 : m_storage.SetMinVersion(FEATURE_PRE_SPLIT_KEYPOOL);
458 2 : split_upgrade = FEATURE_HD_SPLIT > prev_version;
459 2 : }
460 : // Mark all keys currently in the keypool as pre-split
461 2 : if (split_upgrade) {
462 1 : MarkPreSplitKeys();
463 : }
464 : // Regenerate the keypool if upgraded to HD
465 2 : if (hd_upgrade) {
466 1 : if (!TopUp()) {
467 0 : error = _("Unable to generate keys");
468 0 : return false;
469 : }
470 : }
471 2 : return true;
472 2 : }
473 :
474 11 : bool LegacyScriptPubKeyMan::HavePrivateKeys() const
475 : {
476 11 : LOCK(cs_KeyStore);
477 11 : return !mapKeys.empty() || !mapCryptedKeys.empty();
478 11 : }
479 :
480 0 : void LegacyScriptPubKeyMan::RewriteDB()
481 : {
482 0 : LOCK(cs_KeyStore);
483 0 : setInternalKeyPool.clear();
484 0 : setExternalKeyPool.clear();
485 0 : m_pool_key_to_index.clear();
486 : // Note: can't top-up keypool here, because wallet is locked.
487 : // User will be prompted to unlock wallet the next operation
488 : // that requires a new key.
489 0 : }
490 :
491 1820 : static int64_t GetOldestKeyTimeInPool(const std::set<int64_t>& setKeyPool, WalletBatch& batch) {
492 1820 : if (setKeyPool.empty()) {
493 269 : return GetTime();
494 : }
495 :
496 1551 : CKeyPool keypool;
497 1551 : int64_t nIndex = *(setKeyPool.begin());
498 1551 : if (!batch.ReadPool(nIndex, keypool)) {
499 0 : throw std::runtime_error(std::string(__func__) + ": read oldest key in keypool failed");
500 : }
501 1551 : assert(keypool.vchPubKey.IsValid());
502 1551 : return keypool.nTime;
503 1820 : }
504 :
505 949 : int64_t LegacyScriptPubKeyMan::GetOldestKeyPoolTime() const
506 : {
507 949 : LOCK(cs_KeyStore);
508 :
509 949 : WalletBatch batch(m_storage.GetDatabase());
510 :
511 : // load oldest key from keypool, get time and return
512 949 : int64_t oldestKey = GetOldestKeyTimeInPool(setExternalKeyPool, batch);
513 949 : if (IsHDEnabled() && m_storage.CanSupportFeature(FEATURE_HD_SPLIT)) {
514 869 : oldestKey = std::max(GetOldestKeyTimeInPool(setInternalKeyPool, batch), oldestKey);
515 869 : if (!set_pre_split_keypool.empty()) {
516 2 : oldestKey = std::max(GetOldestKeyTimeInPool(set_pre_split_keypool, batch), oldestKey);
517 2 : }
518 : }
519 :
520 949 : return oldestKey;
521 949 : }
522 :
523 16040 : size_t LegacyScriptPubKeyMan::KeypoolCountExternalKeys() const
524 : {
525 16040 : LOCK(cs_KeyStore);
526 16040 : return setExternalKeyPool.size() + set_pre_split_keypool.size();
527 16040 : }
528 :
529 1609 : unsigned int LegacyScriptPubKeyMan::GetKeyPoolSize() const
530 : {
531 1609 : LOCK(cs_KeyStore);
532 1609 : return setInternalKeyPool.size() + setExternalKeyPool.size() + set_pre_split_keypool.size();
533 1609 : }
534 :
535 62 : int64_t LegacyScriptPubKeyMan::GetTimeFirstKey() const
536 : {
537 62 : LOCK(cs_KeyStore);
538 62 : return nTimeFirstKey;
539 62 : }
540 :
541 499600 : std::unique_ptr<SigningProvider> LegacyScriptPubKeyMan::GetSolvingProvider(const CScript& script) const
542 : {
543 499600 : return MakeUnique<LegacySigningProvider>(*this);
544 : }
545 :
546 611951 : bool LegacyScriptPubKeyMan::CanProvide(const CScript& script, SignatureData& sigdata)
547 : {
548 611951 : IsMineResult ismine = IsMineInner(*this, script, IsMineSigVersion::TOP, /* recurse_scripthash= */ false);
549 611951 : if (ismine == IsMineResult::SPENDABLE || ismine == IsMineResult::WATCH_ONLY) {
550 : // If ismine, it means we recognize keys or script ids in the script, or
551 : // are watching the script itself, and we can at least provide metadata
552 : // or solving information, even if not able to sign fully.
553 500345 : return true;
554 : } else {
555 : // If, given the stuff in sigdata, we could make a valid sigature, then we can provide for this script
556 111606 : ProduceSignature(*this, DUMMY_SIGNATURE_CREATOR, script, sigdata);
557 111606 : if (!sigdata.signatures.empty()) {
558 : // If we could make signatures, make sure we have a private key to actually make a signature
559 : bool has_privkeys = false;
560 0 : for (const auto& key_sig_pair : sigdata.signatures) {
561 0 : has_privkeys |= HaveKey(key_sig_pair.first);
562 : }
563 0 : return has_privkeys;
564 : }
565 111606 : return false;
566 : }
567 611951 : }
568 :
569 3598 : bool LegacyScriptPubKeyMan::SignTransaction(CMutableTransaction& tx, const std::map<COutPoint, Coin>& coins, int sighash, std::map<int, std::string>& input_errors) const
570 : {
571 3598 : return ::SignTransaction(tx, this, coins, sighash, input_errors);
572 : }
573 :
574 8 : SigningResult LegacyScriptPubKeyMan::SignMessage(const std::string& message, const PKHash& pkhash, std::string& str_sig) const
575 : {
576 8 : CKey key;
577 8 : if (!GetKey(ToKeyID(pkhash), key)) {
578 0 : return SigningResult::PRIVATE_KEY_NOT_AVAILABLE;
579 : }
580 :
581 8 : if (MessageSign(key, message, str_sig)) {
582 8 : return SigningResult::OK;
583 : }
584 0 : return SigningResult::SIGNING_FAILED;
585 8 : }
586 :
587 145 : TransactionError LegacyScriptPubKeyMan::FillPSBT(PartiallySignedTransaction& psbtx, int sighash_type, bool sign, bool bip32derivs, int* n_signed) const
588 : {
589 145 : if (n_signed) {
590 144 : *n_signed = 0;
591 144 : }
592 327 : for (unsigned int i = 0; i < psbtx.tx->vin.size(); ++i) {
593 184 : const CTxIn& txin = psbtx.tx->vin[i];
594 184 : PSBTInput& input = psbtx.inputs.at(i);
595 :
596 184 : if (PSBTInputSigned(input)) {
597 2 : continue;
598 : }
599 :
600 : // Get the Sighash type
601 182 : if (sign && input.sighash_type > 0 && input.sighash_type != sighash_type) {
602 0 : return TransactionError::SIGHASH_MISMATCH;
603 : }
604 :
605 : // Check non_witness_utxo has specified prevout
606 182 : if (input.non_witness_utxo) {
607 170 : if (txin.prevout.n >= input.non_witness_utxo->vout.size()) {
608 2 : return TransactionError::MISSING_INPUTS;
609 : }
610 12 : } else if (input.witness_utxo.IsNull()) {
611 : // There's no UTXO so we can just skip this now
612 5 : continue;
613 : }
614 175 : SignatureData sigdata;
615 175 : input.FillSignatureData(sigdata);
616 175 : SignPSBTInput(HidingSigningProvider(this, !sign, !bip32derivs), psbtx, i, sighash_type);
617 :
618 175 : bool signed_one = PSBTInputSigned(input);
619 175 : if (n_signed && (signed_one || !sign)) {
620 : // If sign is false, we assume that we _could_ sign if we get here. This
621 : // will never have false negatives; it is hard to tell under what i
622 : // circumstances it could have false positives.
623 155 : (*n_signed)++;
624 155 : }
625 175 : }
626 :
627 : // Fill in the bip32 keypaths and redeemscripts for the outputs so that hardware wallets can identify change
628 351 : for (unsigned int i = 0; i < psbtx.tx->vout.size(); ++i) {
629 208 : UpdatePSBTOutput(HidingSigningProvider(this, true, !bip32derivs), psbtx, i);
630 : }
631 :
632 143 : return TransactionError::OK;
633 145 : }
634 :
635 736 : std::unique_ptr<CKeyMetadata> LegacyScriptPubKeyMan::GetMetadata(const CTxDestination& dest) const
636 : {
637 736 : LOCK(cs_KeyStore);
638 :
639 736 : CKeyID key_id = GetKeyForDestination(*this, dest);
640 736 : if (!key_id.IsNull()) {
641 603 : auto it = mapKeyMetadata.find(key_id);
642 603 : if (it != mapKeyMetadata.end()) {
643 589 : return MakeUnique<CKeyMetadata>(it->second);
644 : }
645 603 : }
646 :
647 147 : CScript scriptPubKey = GetScriptForDestination(dest);
648 147 : auto it = m_script_metadata.find(CScriptID(scriptPubKey));
649 147 : if (it != m_script_metadata.end()) {
650 21 : return MakeUnique<CKeyMetadata>(it->second);
651 : }
652 :
653 126 : return nullptr;
654 736 : }
655 :
656 694 : uint256 LegacyScriptPubKeyMan::GetID() const
657 : {
658 694 : return UINT256_ONE();
659 : }
660 :
661 : /**
662 : * Update wallet first key creation time. This should be called whenever keys
663 : * are added to the wallet, with the oldest key creation time.
664 : */
665 37726 : void LegacyScriptPubKeyMan::UpdateTimeFirstKey(int64_t nCreateTime)
666 : {
667 37726 : AssertLockHeld(cs_KeyStore);
668 37726 : if (nCreateTime <= 1) {
669 : // Cannot determine birthday information, so set the wallet birthday to
670 : // the beginning of time.
671 799 : nTimeFirstKey = 1;
672 37726 : } else if (!nTimeFirstKey || nCreateTime < nTimeFirstKey) {
673 610 : nTimeFirstKey = nCreateTime;
674 610 : }
675 37726 : }
676 :
677 10750 : bool LegacyScriptPubKeyMan::LoadKey(const CKey& key, const CPubKey &pubkey)
678 : {
679 10750 : return AddKeyPubKeyInner(key, pubkey);
680 : }
681 :
682 404 : bool LegacyScriptPubKeyMan::AddKeyPubKey(const CKey& secret, const CPubKey &pubkey)
683 : {
684 404 : LOCK(cs_KeyStore);
685 404 : WalletBatch batch(m_storage.GetDatabase());
686 404 : return LegacyScriptPubKeyMan::AddKeyPubKeyWithDB(batch, secret, pubkey);
687 404 : }
688 :
689 26548 : bool LegacyScriptPubKeyMan::AddKeyPubKeyWithDB(WalletBatch& batch, const CKey& secret, const CPubKey& pubkey)
690 : {
691 26548 : AssertLockHeld(cs_KeyStore);
692 :
693 : // Make sure we aren't adding private keys to private key disabled wallets
694 26548 : assert(!m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS));
695 :
696 : // FillableSigningProvider has no concept of wallet databases, but calls AddCryptedKey
697 : // which is overridden below. To avoid flushes, the database handle is
698 : // tunneled through to it.
699 26548 : bool needsDB = !encrypted_batch;
700 26548 : if (needsDB) {
701 26548 : encrypted_batch = &batch;
702 26548 : }
703 26548 : if (!AddKeyPubKeyInner(secret, pubkey)) {
704 0 : if (needsDB) encrypted_batch = nullptr;
705 0 : return false;
706 : }
707 26548 : if (needsDB) encrypted_batch = nullptr;
708 :
709 : // check if we need to remove from watch-only
710 26548 : CScript script;
711 26548 : script = GetScriptForDestination(PKHash(pubkey));
712 26548 : if (HaveWatchOnly(script)) {
713 4 : RemoveWatchOnly(script);
714 : }
715 26548 : script = GetScriptForRawPubKey(pubkey);
716 26548 : if (HaveWatchOnly(script)) {
717 4 : RemoveWatchOnly(script);
718 : }
719 :
720 26548 : if (!m_storage.HasEncryptionKeys()) {
721 26014 : return batch.WriteKey(pubkey,
722 26014 : secret.GetPrivKey(),
723 26014 : mapKeyMetadata[pubkey.GetID()]);
724 : }
725 534 : m_storage.UnsetBlankWalletFlag(batch);
726 534 : return true;
727 26548 : }
728 :
729 2602 : bool LegacyScriptPubKeyMan::LoadCScript(const CScript& redeemScript)
730 : {
731 : /* A sanity check was added in pull #3843 to avoid adding redeemScripts
732 : * that never can be redeemed. However, old wallets may still contain
733 : * these. Do not add them to the wallet and warn. */
734 2602 : if (redeemScript.size() > MAX_SCRIPT_ELEMENT_SIZE)
735 : {
736 0 : std::string strAddr = EncodeDestination(ScriptHash(redeemScript));
737 0 : WalletLogPrintf("%s: Warning: This wallet contains a redeemScript of size %i which exceeds maximum size %i thus can never be redeemed. Do not use address %s.\n", __func__, redeemScript.size(), MAX_SCRIPT_ELEMENT_SIZE, strAddr);
738 : return true;
739 0 : }
740 :
741 2602 : return FillableSigningProvider::AddCScript(redeemScript);
742 2602 : }
743 :
744 10887 : void LegacyScriptPubKeyMan::LoadKeyMetadata(const CKeyID& keyID, const CKeyMetadata& meta)
745 : {
746 10887 : LOCK(cs_KeyStore);
747 10887 : UpdateTimeFirstKey(meta.nCreateTime);
748 10887 : mapKeyMetadata[keyID] = meta;
749 10887 : }
750 :
751 45 : void LegacyScriptPubKeyMan::LoadScriptMetadata(const CScriptID& script_id, const CKeyMetadata& meta)
752 : {
753 45 : LOCK(cs_KeyStore);
754 45 : UpdateTimeFirstKey(meta.nCreateTime);
755 45 : m_script_metadata[script_id] = meta;
756 45 : }
757 :
758 37298 : bool LegacyScriptPubKeyMan::AddKeyPubKeyInner(const CKey& key, const CPubKey &pubkey)
759 : {
760 37298 : LOCK(cs_KeyStore);
761 37298 : if (!m_storage.HasEncryptionKeys()) {
762 36764 : return FillableSigningProvider::AddKeyPubKey(key, pubkey);
763 : }
764 :
765 534 : if (m_storage.IsLocked()) {
766 0 : return false;
767 : }
768 :
769 534 : std::vector<unsigned char> vchCryptedSecret;
770 534 : CKeyingMaterial vchSecret(key.begin(), key.end());
771 534 : if (!EncryptSecret(m_storage.GetEncryptionKey(), vchSecret, pubkey.GetHash(), vchCryptedSecret)) {
772 0 : return false;
773 : }
774 :
775 534 : if (!AddCryptedKey(pubkey, vchCryptedSecret)) {
776 0 : return false;
777 : }
778 534 : return true;
779 37298 : }
780 :
781 136 : bool LegacyScriptPubKeyMan::LoadCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret, bool checksum_valid)
782 : {
783 : // Set fDecryptionThoroughlyChecked to false when the checksum is invalid
784 136 : if (!checksum_valid) {
785 136 : fDecryptionThoroughlyChecked = false;
786 136 : }
787 :
788 136 : return AddCryptedKeyInner(vchPubKey, vchCryptedSecret);
789 : }
790 :
791 937 : bool LegacyScriptPubKeyMan::AddCryptedKeyInner(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret)
792 : {
793 937 : LOCK(cs_KeyStore);
794 937 : assert(mapKeys.empty());
795 :
796 937 : mapCryptedKeys[vchPubKey.GetID()] = make_pair(vchPubKey, vchCryptedSecret);
797 937 : ImplicitlyLearnRelatedKeyScripts(vchPubKey);
798 : return true;
799 937 : }
800 :
801 801 : bool LegacyScriptPubKeyMan::AddCryptedKey(const CPubKey &vchPubKey,
802 : const std::vector<unsigned char> &vchCryptedSecret)
803 : {
804 801 : if (!AddCryptedKeyInner(vchPubKey, vchCryptedSecret))
805 0 : return false;
806 : {
807 801 : LOCK(cs_KeyStore);
808 801 : if (encrypted_batch)
809 801 : return encrypted_batch->WriteCryptedKey(vchPubKey,
810 : vchCryptedSecret,
811 801 : mapKeyMetadata[vchPubKey.GetID()]);
812 : else
813 0 : return WalletBatch(m_storage.GetDatabase()).WriteCryptedKey(vchPubKey,
814 : vchCryptedSecret,
815 0 : mapKeyMetadata[vchPubKey.GetID()]);
816 801 : }
817 801 : }
818 :
819 762533 : bool LegacyScriptPubKeyMan::HaveWatchOnly(const CScript &dest) const
820 : {
821 762533 : LOCK(cs_KeyStore);
822 762533 : return setWatchOnly.count(dest) > 0;
823 762533 : }
824 :
825 300 : bool LegacyScriptPubKeyMan::HaveWatchOnly() const
826 : {
827 300 : LOCK(cs_KeyStore);
828 300 : return (!setWatchOnly.empty());
829 300 : }
830 :
831 544 : static bool ExtractPubKey(const CScript &dest, CPubKey& pubKeyOut)
832 : {
833 544 : std::vector<std::vector<unsigned char>> solutions;
834 691 : return Solver(dest, solutions) == TxoutType::PUBKEY &&
835 147 : (pubKeyOut = CPubKey(solutions[0])).IsFullyValid();
836 544 : }
837 :
838 13 : bool LegacyScriptPubKeyMan::RemoveWatchOnly(const CScript &dest)
839 : {
840 : {
841 13 : LOCK(cs_KeyStore);
842 13 : setWatchOnly.erase(dest);
843 13 : CPubKey pubKey;
844 13 : if (ExtractPubKey(dest, pubKey)) {
845 6 : mapWatchKeys.erase(pubKey.GetID());
846 6 : }
847 : // Related CScripts are not removed; having superfluous scripts around is
848 : // harmless (see comment in ImplicitlyLearnRelatedKeyScripts).
849 13 : }
850 :
851 13 : if (!HaveWatchOnly())
852 5 : NotifyWatchonlyChanged(false);
853 13 : if (!WalletBatch(m_storage.GetDatabase()).EraseWatchOnly(dest))
854 0 : return false;
855 :
856 13 : return true;
857 13 : }
858 :
859 50 : bool LegacyScriptPubKeyMan::LoadWatchOnly(const CScript &dest)
860 : {
861 50 : return AddWatchOnlyInMem(dest);
862 : }
863 :
864 531 : bool LegacyScriptPubKeyMan::AddWatchOnlyInMem(const CScript &dest)
865 : {
866 531 : LOCK(cs_KeyStore);
867 531 : setWatchOnly.insert(dest);
868 531 : CPubKey pubKey;
869 531 : if (ExtractPubKey(dest, pubKey)) {
870 137 : mapWatchKeys[pubKey.GetID()] = pubKey;
871 137 : ImplicitlyLearnRelatedKeyScripts(pubKey);
872 : }
873 : return true;
874 531 : }
875 :
876 481 : bool LegacyScriptPubKeyMan::AddWatchOnlyWithDB(WalletBatch &batch, const CScript& dest)
877 : {
878 481 : if (!AddWatchOnlyInMem(dest))
879 0 : return false;
880 481 : const CKeyMetadata& meta = m_script_metadata[CScriptID(dest)];
881 481 : UpdateTimeFirstKey(meta.nCreateTime);
882 481 : NotifyWatchonlyChanged(true);
883 481 : if (batch.WriteWatchOnly(dest, meta)) {
884 481 : m_storage.UnsetBlankWalletFlag(batch);
885 481 : return true;
886 : }
887 0 : return false;
888 481 : }
889 :
890 478 : bool LegacyScriptPubKeyMan::AddWatchOnlyWithDB(WalletBatch &batch, const CScript& dest, int64_t create_time)
891 : {
892 478 : m_script_metadata[CScriptID(dest)].nCreateTime = create_time;
893 478 : return AddWatchOnlyWithDB(batch, dest);
894 : }
895 :
896 3 : bool LegacyScriptPubKeyMan::AddWatchOnly(const CScript& dest)
897 : {
898 3 : WalletBatch batch(m_storage.GetDatabase());
899 3 : return AddWatchOnlyWithDB(batch, dest);
900 3 : }
901 :
902 3 : bool LegacyScriptPubKeyMan::AddWatchOnly(const CScript& dest, int64_t nCreateTime)
903 : {
904 3 : m_script_metadata[CScriptID(dest)].nCreateTime = nCreateTime;
905 3 : return AddWatchOnly(dest);
906 : }
907 :
908 262 : void LegacyScriptPubKeyMan::LoadHDChain(const CHDChain& chain)
909 : {
910 262 : LOCK(cs_KeyStore);
911 262 : m_hd_chain = chain;
912 262 : }
913 :
914 370 : void LegacyScriptPubKeyMan::AddHDChain(const CHDChain& chain)
915 : {
916 370 : LOCK(cs_KeyStore);
917 : // Store the new chain
918 370 : if (!WalletBatch(m_storage.GetDatabase()).WriteHDChain(chain)) {
919 0 : throw std::runtime_error(std::string(__func__) + ": writing chain failed");
920 : }
921 : // When there's an old chain, add it as an inactive chain as we are now rotating hd chains
922 370 : if (!m_hd_chain.seed_id.IsNull()) {
923 15 : AddInactiveHDChain(m_hd_chain);
924 : }
925 :
926 370 : m_hd_chain = chain;
927 370 : }
928 :
929 25 : void LegacyScriptPubKeyMan::AddInactiveHDChain(const CHDChain& chain)
930 : {
931 25 : LOCK(cs_KeyStore);
932 25 : assert(!chain.seed_id.IsNull());
933 25 : m_inactive_hd_chains[chain.seed_id] = chain;
934 25 : }
935 :
936 953254 : bool LegacyScriptPubKeyMan::HaveKey(const CKeyID &address) const
937 : {
938 953254 : LOCK(cs_KeyStore);
939 953254 : if (!m_storage.HasEncryptionKeys()) {
940 881121 : return FillableSigningProvider::HaveKey(address);
941 : }
942 72133 : return mapCryptedKeys.count(address) > 0;
943 953254 : }
944 :
945 833716 : bool LegacyScriptPubKeyMan::GetKey(const CKeyID &address, CKey& keyOut) const
946 : {
947 833716 : LOCK(cs_KeyStore);
948 833716 : if (!m_storage.HasEncryptionKeys()) {
949 831914 : return FillableSigningProvider::GetKey(address, keyOut);
950 : }
951 :
952 1802 : CryptedKeyMap::const_iterator mi = mapCryptedKeys.find(address);
953 1802 : if (mi != mapCryptedKeys.end())
954 : {
955 1802 : const CPubKey &vchPubKey = (*mi).second.first;
956 1802 : const std::vector<unsigned char> &vchCryptedSecret = (*mi).second.second;
957 1802 : return DecryptKey(m_storage.GetEncryptionKey(), vchCryptedSecret, vchPubKey, keyOut);
958 0 : }
959 0 : return false;
960 833716 : }
961 :
962 588863 : bool LegacyScriptPubKeyMan::GetKeyOrigin(const CKeyID& keyID, KeyOriginInfo& info) const
963 : {
964 588863 : CKeyMetadata meta;
965 : {
966 588863 : LOCK(cs_KeyStore);
967 588863 : auto it = mapKeyMetadata.find(keyID);
968 588863 : if (it != mapKeyMetadata.end()) {
969 588149 : meta = it->second;
970 : }
971 588863 : }
972 588863 : if (meta.has_key_origin) {
973 229871 : std::copy(meta.key_origin.fingerprint, meta.key_origin.fingerprint + 4, info.fingerprint);
974 229871 : info.path = meta.key_origin.path;
975 : } else { // Single pubkeys get the master fingerprint of themselves
976 358992 : std::copy(keyID.begin(), keyID.begin() + 4, info.fingerprint);
977 : }
978 : return true;
979 588863 : }
980 :
981 29427 : bool LegacyScriptPubKeyMan::GetWatchPubKey(const CKeyID &address, CPubKey &pubkey_out) const
982 : {
983 29427 : LOCK(cs_KeyStore);
984 29427 : WatchKeyMap::const_iterator it = mapWatchKeys.find(address);
985 29427 : if (it != mapWatchKeys.end()) {
986 5459 : pubkey_out = it->second;
987 5459 : return true;
988 : }
989 23968 : return false;
990 29427 : }
991 :
992 904644 : bool LegacyScriptPubKeyMan::GetPubKey(const CKeyID &address, CPubKey& vchPubKeyOut) const
993 : {
994 904644 : LOCK(cs_KeyStore);
995 904644 : if (!m_storage.HasEncryptionKeys()) {
996 794401 : if (!FillableSigningProvider::GetPubKey(address, vchPubKeyOut)) {
997 29144 : return GetWatchPubKey(address, vchPubKeyOut);
998 : }
999 765257 : return true;
1000 : }
1001 :
1002 110243 : CryptedKeyMap::const_iterator mi = mapCryptedKeys.find(address);
1003 110243 : if (mi != mapCryptedKeys.end())
1004 : {
1005 109967 : vchPubKeyOut = (*mi).second.first;
1006 109967 : return true;
1007 : }
1008 : // Check for watch-only pubkeys
1009 276 : return GetWatchPubKey(address, vchPubKeyOut);
1010 904644 : }
1011 :
1012 24920 : CPubKey LegacyScriptPubKeyMan::GenerateNewKey(WalletBatch &batch, CHDChain& hd_chain, bool internal)
1013 : {
1014 24920 : assert(!m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS));
1015 24920 : assert(!m_storage.IsWalletFlagSet(WALLET_FLAG_BLANK_WALLET));
1016 24920 : AssertLockHeld(cs_KeyStore);
1017 24920 : bool fCompressed = m_storage.CanSupportFeature(FEATURE_COMPRPUBKEY); // default to compressed public keys if we want 0.6.0 wallets
1018 :
1019 24920 : CKey secret;
1020 :
1021 : // Create new metadata
1022 24920 : int64_t nCreationTime = GetTime();
1023 24920 : CKeyMetadata metadata(nCreationTime);
1024 :
1025 : // use HD key derivation if HD was enabled during wallet creation and a seed is present
1026 24920 : if (IsHDEnabled()) {
1027 19918 : DeriveNewChildKey(batch, metadata, secret, hd_chain, (m_storage.CanSupportFeature(FEATURE_HD_SPLIT) ? internal : false));
1028 : } else {
1029 5002 : secret.MakeNewKey(fCompressed);
1030 : }
1031 :
1032 : // Compressed public keys were introduced in version 0.6.0
1033 24920 : if (fCompressed) {
1034 18918 : m_storage.SetMinVersion(FEATURE_COMPRPUBKEY);
1035 : }
1036 :
1037 24920 : CPubKey pubkey = secret.GetPubKey();
1038 24920 : assert(secret.VerifyPubKey(pubkey));
1039 :
1040 24920 : mapKeyMetadata[pubkey.GetID()] = metadata;
1041 24920 : UpdateTimeFirstKey(nCreationTime);
1042 :
1043 24920 : if (!AddKeyPubKeyWithDB(batch, secret, pubkey)) {
1044 0 : throw std::runtime_error(std::string(__func__) + ": AddKey failed");
1045 : }
1046 : return pubkey;
1047 24920 : }
1048 :
1049 19918 : void LegacyScriptPubKeyMan::DeriveNewChildKey(WalletBatch &batch, CKeyMetadata& metadata, CKey& secret, CHDChain& hd_chain, bool internal)
1050 : {
1051 : // for now we use a fixed keypath scheme of m/0'/0'/k
1052 19918 : CKey seed; //seed (256bit)
1053 19918 : CExtKey masterKey; //hd master key
1054 19918 : CExtKey accountKey; //key at m/0'
1055 19918 : CExtKey chainChildKey; //key at m/0'/0' (external) or m/0'/1' (internal)
1056 19918 : CExtKey childKey; //key at m/0'/0'/<n>'
1057 :
1058 : // try to get the seed
1059 19918 : if (!GetKey(hd_chain.seed_id, seed))
1060 0 : throw std::runtime_error(std::string(__func__) + ": seed not found");
1061 :
1062 19918 : masterKey.SetSeed(seed.begin(), seed.size());
1063 :
1064 : // derive m/0'
1065 : // use hardened derivation (child keys >= 0x80000000 are hardened after bip32)
1066 19918 : masterKey.Derive(accountKey, BIP32_HARDENED_KEY_LIMIT);
1067 :
1068 : // derive m/0'/0' (external chain) OR m/0'/1' (internal chain)
1069 19918 : assert(internal ? m_storage.CanSupportFeature(FEATURE_HD_SPLIT) : true);
1070 19918 : accountKey.Derive(chainChildKey, BIP32_HARDENED_KEY_LIMIT+(internal ? 1 : 0));
1071 :
1072 : // derive child key at next index, skip keys already known to the wallet
1073 : do {
1074 : // always derive hardened keys
1075 : // childIndex | BIP32_HARDENED_KEY_LIMIT = derive childIndex in hardened child-index-range
1076 : // example: 1 | BIP32_HARDENED_KEY_LIMIT == 0x80000001 == 2147483649
1077 19919 : if (internal) {
1078 6705 : chainChildKey.Derive(childKey, hd_chain.nInternalChainCounter | BIP32_HARDENED_KEY_LIMIT);
1079 6705 : metadata.hdKeypath = "m/0'/1'/" + ToString(hd_chain.nInternalChainCounter) + "'";
1080 6705 : metadata.key_origin.path.push_back(0 | BIP32_HARDENED_KEY_LIMIT);
1081 6705 : metadata.key_origin.path.push_back(1 | BIP32_HARDENED_KEY_LIMIT);
1082 6705 : metadata.key_origin.path.push_back(hd_chain.nInternalChainCounter | BIP32_HARDENED_KEY_LIMIT);
1083 6705 : hd_chain.nInternalChainCounter++;
1084 6705 : }
1085 : else {
1086 13214 : chainChildKey.Derive(childKey, hd_chain.nExternalChainCounter | BIP32_HARDENED_KEY_LIMIT);
1087 13214 : metadata.hdKeypath = "m/0'/0'/" + ToString(hd_chain.nExternalChainCounter) + "'";
1088 13214 : metadata.key_origin.path.push_back(0 | BIP32_HARDENED_KEY_LIMIT);
1089 13214 : metadata.key_origin.path.push_back(0 | BIP32_HARDENED_KEY_LIMIT);
1090 13214 : metadata.key_origin.path.push_back(hd_chain.nExternalChainCounter | BIP32_HARDENED_KEY_LIMIT);
1091 13214 : hd_chain.nExternalChainCounter++;
1092 : }
1093 19919 : } while (HaveKey(childKey.key.GetPubKey().GetID()));
1094 19918 : secret = childKey.key;
1095 19918 : metadata.hd_seed_id = hd_chain.seed_id;
1096 19918 : CKeyID master_id = masterKey.key.GetPubKey().GetID();
1097 19918 : std::copy(master_id.begin(), master_id.begin() + 4, metadata.key_origin.fingerprint);
1098 19918 : metadata.has_key_origin = true;
1099 : // update the chain model in the database
1100 19918 : if (hd_chain.seed_id == m_hd_chain.seed_id && !batch.WriteHDChain(hd_chain))
1101 0 : throw std::runtime_error(std::string(__func__) + ": writing HD chain model failed");
1102 19918 : }
1103 :
1104 7834 : void LegacyScriptPubKeyMan::LoadKeyPool(int64_t nIndex, const CKeyPool &keypool)
1105 : {
1106 7834 : LOCK(cs_KeyStore);
1107 7834 : if (keypool.m_pre_split) {
1108 0 : set_pre_split_keypool.insert(nIndex);
1109 7834 : } else if (keypool.fInternal) {
1110 3933 : setInternalKeyPool.insert(nIndex);
1111 3933 : } else {
1112 3901 : setExternalKeyPool.insert(nIndex);
1113 : }
1114 7834 : m_max_keypool_index = std::max(m_max_keypool_index, nIndex);
1115 7834 : m_pool_key_to_index[keypool.vchPubKey.GetID()] = nIndex;
1116 :
1117 : // If no metadata exists yet, create a default with the pool key's
1118 : // creation time. Note that this may be overwritten by actually
1119 : // stored metadata for that key later, which is fine.
1120 7834 : CKeyID keyid = keypool.vchPubKey.GetID();
1121 7834 : if (mapKeyMetadata.count(keyid) == 0)
1122 7834 : mapKeyMetadata[keyid] = CKeyMetadata(keypool.nTime);
1123 7834 : }
1124 :
1125 18008 : bool LegacyScriptPubKeyMan::CanGenerateKeys() const
1126 : {
1127 : // A wallet can generate keys if it has an HD seed (IsHDEnabled) or it is a non-HD wallet (pre FEATURE_HD)
1128 18008 : LOCK(cs_KeyStore);
1129 18008 : return IsHDEnabled() || !m_storage.CanSupportFeature(FEATURE_HD);
1130 18008 : }
1131 :
1132 364 : CPubKey LegacyScriptPubKeyMan::GenerateNewSeed()
1133 : {
1134 364 : assert(!m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS));
1135 364 : CKey key;
1136 364 : key.MakeNewKey(true);
1137 364 : return DeriveNewSeed(key);
1138 364 : }
1139 :
1140 370 : CPubKey LegacyScriptPubKeyMan::DeriveNewSeed(const CKey& key)
1141 : {
1142 370 : int64_t nCreationTime = GetTime();
1143 370 : CKeyMetadata metadata(nCreationTime);
1144 :
1145 : // calculate the seed
1146 370 : CPubKey seed = key.GetPubKey();
1147 370 : assert(key.VerifyPubKey(seed));
1148 :
1149 : // set the hd keypath to "s" -> Seed, refers the seed to itself
1150 370 : metadata.hdKeypath = "s";
1151 370 : metadata.has_key_origin = false;
1152 370 : metadata.hd_seed_id = seed.GetID();
1153 :
1154 : {
1155 370 : LOCK(cs_KeyStore);
1156 :
1157 : // mem store the metadata
1158 370 : mapKeyMetadata[seed.GetID()] = metadata;
1159 :
1160 : // write the key&metadata to the database
1161 370 : if (!AddKeyPubKey(key, seed))
1162 0 : throw std::runtime_error(std::string(__func__) + ": AddKeyPubKey failed");
1163 370 : }
1164 :
1165 : return seed;
1166 370 : }
1167 :
1168 370 : void LegacyScriptPubKeyMan::SetHDSeed(const CPubKey& seed)
1169 : {
1170 370 : LOCK(cs_KeyStore);
1171 : // store the keyid (hash160) together with
1172 : // the child index counter in the database
1173 : // as a hdchain object
1174 370 : CHDChain newHdChain;
1175 370 : newHdChain.nVersion = m_storage.CanSupportFeature(FEATURE_HD_SPLIT) ? CHDChain::VERSION_HD_CHAIN_SPLIT : CHDChain::VERSION_HD_BASE;
1176 370 : newHdChain.seed_id = seed.GetID();
1177 370 : AddHDChain(newHdChain);
1178 370 : NotifyCanGetAddressesChanged();
1179 370 : WalletBatch batch(m_storage.GetDatabase());
1180 370 : m_storage.UnsetBlankWalletFlag(batch);
1181 370 : }
1182 :
1183 : /**
1184 : * Mark old keypool keys as used,
1185 : * and generate all new keys
1186 : */
1187 367 : bool LegacyScriptPubKeyMan::NewKeyPool()
1188 : {
1189 367 : if (m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS)) {
1190 0 : return false;
1191 : }
1192 : {
1193 367 : LOCK(cs_KeyStore);
1194 367 : WalletBatch batch(m_storage.GetDatabase());
1195 :
1196 472 : for (const int64_t nIndex : setInternalKeyPool) {
1197 105 : batch.ErasePool(nIndex);
1198 0 : }
1199 367 : setInternalKeyPool.clear();
1200 :
1201 471 : for (const int64_t nIndex : setExternalKeyPool) {
1202 104 : batch.ErasePool(nIndex);
1203 0 : }
1204 367 : setExternalKeyPool.clear();
1205 :
1206 367 : for (const int64_t nIndex : set_pre_split_keypool) {
1207 0 : batch.ErasePool(nIndex);
1208 0 : }
1209 367 : set_pre_split_keypool.clear();
1210 :
1211 367 : m_pool_key_to_index.clear();
1212 :
1213 367 : if (!TopUp()) {
1214 0 : return false;
1215 : }
1216 367 : WalletLogPrintf("LegacyScriptPubKeyMan::NewKeyPool rewrote keypool\n");
1217 367 : }
1218 367 : return true;
1219 367 : }
1220 :
1221 10765 : bool LegacyScriptPubKeyMan::TopUp(unsigned int kpSize)
1222 : {
1223 10765 : if (!CanGenerateKeys()) {
1224 80 : return false;
1225 : }
1226 : {
1227 10685 : LOCK(cs_KeyStore);
1228 :
1229 10685 : if (m_storage.IsLocked()) return false;
1230 :
1231 : // Top up key pool
1232 : unsigned int nTargetSize;
1233 10646 : if (kpSize > 0)
1234 8 : nTargetSize = kpSize;
1235 : else
1236 10638 : nTargetSize = std::max(gArgs.GetArg("-keypool", DEFAULT_KEYPOOL_SIZE), (int64_t) 0);
1237 :
1238 : // count amount of available keys (internal, external)
1239 : // make sure the keypool of external and internal keys fits the user selected target (-keypool)
1240 10646 : int64_t missingExternal = std::max(std::max((int64_t) nTargetSize, (int64_t) 1) - (int64_t)setExternalKeyPool.size(), (int64_t) 0);
1241 10646 : int64_t missingInternal = std::max(std::max((int64_t) nTargetSize, (int64_t) 1) - (int64_t)setInternalKeyPool.size(), (int64_t) 0);
1242 :
1243 10646 : if (!IsHDEnabled() || !m_storage.CanSupportFeature(FEATURE_HD_SPLIT))
1244 : {
1245 : // don't create extra internal keys
1246 : missingInternal = 0;
1247 9 : }
1248 : bool internal = false;
1249 10646 : WalletBatch batch(m_storage.GetDatabase());
1250 35558 : for (int64_t i = missingInternal + missingExternal; i--;)
1251 : {
1252 24912 : if (i < missingInternal) {
1253 : internal = true;
1254 6705 : }
1255 :
1256 24912 : CPubKey pubkey(GenerateNewKey(batch, m_hd_chain, internal));
1257 24912 : AddKeypoolPubkeyWithDB(pubkey, internal, batch);
1258 24912 : }
1259 10646 : if (missingInternal + missingExternal > 0) {
1260 9845 : WalletLogPrintf("keypool added %d keys (%d internal), size=%u (%u internal)\n", missingInternal + missingExternal, missingInternal, setInternalKeyPool.size() + setExternalKeyPool.size() + set_pre_split_keypool.size(), setInternalKeyPool.size());
1261 9845 : }
1262 10685 : }
1263 10646 : NotifyCanGetAddressesChanged();
1264 10646 : return true;
1265 10765 : }
1266 :
1267 24949 : void LegacyScriptPubKeyMan::AddKeypoolPubkeyWithDB(const CPubKey& pubkey, const bool internal, WalletBatch& batch)
1268 : {
1269 24949 : LOCK(cs_KeyStore);
1270 24949 : assert(m_max_keypool_index < std::numeric_limits<int64_t>::max()); // How in the hell did you use so many keys?
1271 24949 : int64_t index = ++m_max_keypool_index;
1272 24949 : if (!batch.WritePool(index, CKeyPool(pubkey, internal))) {
1273 0 : throw std::runtime_error(std::string(__func__) + ": writing imported pubkey failed");
1274 : }
1275 24949 : if (internal) {
1276 6721 : setInternalKeyPool.insert(index);
1277 6721 : } else {
1278 18228 : setExternalKeyPool.insert(index);
1279 : }
1280 24949 : m_pool_key_to_index[pubkey.GetID()] = index;
1281 24949 : }
1282 :
1283 9619 : void LegacyScriptPubKeyMan::KeepDestination(int64_t nIndex, const OutputType& type)
1284 : {
1285 : // Remove from key pool
1286 9619 : WalletBatch batch(m_storage.GetDatabase());
1287 9619 : batch.ErasePool(nIndex);
1288 9619 : CPubKey pubkey;
1289 9619 : bool have_pk = GetPubKey(m_index_to_reserved_key.at(nIndex), pubkey);
1290 9619 : assert(have_pk);
1291 9619 : LearnRelatedScripts(pubkey, type);
1292 9619 : m_index_to_reserved_key.erase(nIndex);
1293 9619 : WalletLogPrintf("keypool keep %d\n", nIndex);
1294 9619 : }
1295 :
1296 31 : void LegacyScriptPubKeyMan::ReturnDestination(int64_t nIndex, bool fInternal, const CTxDestination&)
1297 : {
1298 : // Return to key pool
1299 : {
1300 31 : LOCK(cs_KeyStore);
1301 31 : if (fInternal) {
1302 31 : setInternalKeyPool.insert(nIndex);
1303 31 : } else if (!set_pre_split_keypool.empty()) {
1304 0 : set_pre_split_keypool.insert(nIndex);
1305 0 : } else {
1306 0 : setExternalKeyPool.insert(nIndex);
1307 : }
1308 31 : CKeyID& pubkey_id = m_index_to_reserved_key.at(nIndex);
1309 31 : m_pool_key_to_index[pubkey_id] = nIndex;
1310 31 : m_index_to_reserved_key.erase(nIndex);
1311 31 : NotifyCanGetAddressesChanged();
1312 31 : }
1313 31 : WalletLogPrintf("keypool return %d\n", nIndex);
1314 31 : }
1315 :
1316 7521 : bool LegacyScriptPubKeyMan::GetKeyFromPool(CPubKey& result, const OutputType type, bool internal)
1317 : {
1318 7521 : if (!CanGetAddresses(internal)) {
1319 1 : return false;
1320 : }
1321 :
1322 7520 : CKeyPool keypool;
1323 : {
1324 7520 : LOCK(cs_KeyStore);
1325 7520 : int64_t nIndex;
1326 7520 : if (!ReserveKeyFromKeyPool(nIndex, keypool, internal) && !m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS)) {
1327 3 : if (m_storage.IsLocked()) return false;
1328 0 : WalletBatch batch(m_storage.GetDatabase());
1329 0 : result = GenerateNewKey(batch, m_hd_chain, internal);
1330 : return true;
1331 0 : }
1332 7517 : KeepDestination(nIndex, type);
1333 7517 : result = keypool.vchPubKey;
1334 7520 : }
1335 7517 : return true;
1336 7521 : }
1337 :
1338 9657 : bool LegacyScriptPubKeyMan::ReserveKeyFromKeyPool(int64_t& nIndex, CKeyPool& keypool, bool fRequestedInternal)
1339 : {
1340 9657 : nIndex = -1;
1341 9657 : keypool.vchPubKey = CPubKey();
1342 : {
1343 9657 : LOCK(cs_KeyStore);
1344 :
1345 : bool fReturningInternal = fRequestedInternal;
1346 9657 : fReturningInternal &= (IsHDEnabled() && m_storage.CanSupportFeature(FEATURE_HD_SPLIT)) || m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS);
1347 9657 : bool use_split_keypool = set_pre_split_keypool.empty();
1348 9657 : std::set<int64_t>& setKeyPool = use_split_keypool ? (fReturningInternal ? setInternalKeyPool : setExternalKeyPool) : set_pre_split_keypool;
1349 :
1350 : // Get the oldest key
1351 9657 : if (setKeyPool.empty()) {
1352 7 : return false;
1353 : }
1354 :
1355 9650 : WalletBatch batch(m_storage.GetDatabase());
1356 :
1357 9650 : auto it = setKeyPool.begin();
1358 9650 : nIndex = *it;
1359 9650 : setKeyPool.erase(it);
1360 9650 : if (!batch.ReadPool(nIndex, keypool)) {
1361 0 : throw std::runtime_error(std::string(__func__) + ": read failed");
1362 : }
1363 9650 : CPubKey pk;
1364 9650 : if (!GetPubKey(keypool.vchPubKey.GetID(), pk)) {
1365 0 : throw std::runtime_error(std::string(__func__) + ": unknown key in key pool");
1366 : }
1367 : // If the key was pre-split keypool, we don't care about what type it is
1368 9650 : if (use_split_keypool && keypool.fInternal != fReturningInternal) {
1369 0 : throw std::runtime_error(std::string(__func__) + ": keypool entry misclassified");
1370 : }
1371 9650 : if (!keypool.vchPubKey.IsValid()) {
1372 0 : throw std::runtime_error(std::string(__func__) + ": keypool entry invalid");
1373 : }
1374 :
1375 9650 : assert(m_index_to_reserved_key.count(nIndex) == 0);
1376 9650 : m_index_to_reserved_key[nIndex] = keypool.vchPubKey.GetID();
1377 9650 : m_pool_key_to_index.erase(keypool.vchPubKey.GetID());
1378 9650 : WalletLogPrintf("keypool reserve %d\n", nIndex);
1379 9657 : }
1380 9650 : NotifyCanGetAddressesChanged();
1381 9650 : return true;
1382 9657 : }
1383 :
1384 17303 : void LegacyScriptPubKeyMan::LearnRelatedScripts(const CPubKey& key, OutputType type)
1385 : {
1386 17303 : if (key.IsCompressed() && (type == OutputType::P2SH_SEGWIT || type == OutputType::BECH32)) {
1387 16684 : CTxDestination witdest = WitnessV0KeyHash(key.GetID());
1388 16684 : CScript witprog = GetScriptForDestination(witdest);
1389 : // Make sure the resulting program is solvable.
1390 16684 : assert(IsSolvable(*this, witprog));
1391 16684 : AddCScript(witprog);
1392 16684 : }
1393 17303 : }
1394 :
1395 167 : void LegacyScriptPubKeyMan::LearnAllRelatedScripts(const CPubKey& key)
1396 : {
1397 : // OutputType::P2SH_SEGWIT always adds all necessary scripts for all types.
1398 167 : LearnRelatedScripts(key, OutputType::P2SH_SEGWIT);
1399 167 : }
1400 :
1401 40 : void LegacyScriptPubKeyMan::MarkReserveKeysAsUsed(int64_t keypool_id)
1402 : {
1403 40 : AssertLockHeld(cs_KeyStore);
1404 40 : bool internal = setInternalKeyPool.count(keypool_id);
1405 40 : if (!internal) assert(setExternalKeyPool.count(keypool_id) || set_pre_split_keypool.count(keypool_id));
1406 40 : std::set<int64_t> *setKeyPool = internal ? &setInternalKeyPool : (set_pre_split_keypool.empty() ? &setExternalKeyPool : &set_pre_split_keypool);
1407 40 : auto it = setKeyPool->begin();
1408 :
1409 40 : WalletBatch batch(m_storage.GetDatabase());
1410 207 : while (it != std::end(*setKeyPool)) {
1411 194 : const int64_t& index = *(it);
1412 194 : if (index > keypool_id) break; // set*KeyPool is ordered
1413 :
1414 167 : CKeyPool keypool;
1415 167 : if (batch.ReadPool(index, keypool)) { //TODO: This should be unnecessary
1416 167 : m_pool_key_to_index.erase(keypool.vchPubKey.GetID());
1417 167 : }
1418 167 : LearnAllRelatedScripts(keypool.vchPubKey);
1419 167 : batch.ErasePool(index);
1420 167 : WalletLogPrintf("keypool index %d removed\n", index);
1421 167 : it = setKeyPool->erase(it);
1422 167 : }
1423 40 : }
1424 :
1425 187093 : std::vector<CKeyID> GetAffectedKeys(const CScript& spk, const SigningProvider& provider)
1426 : {
1427 187093 : std::vector<CScript> dummy;
1428 187093 : FlatSigningProvider out;
1429 187093 : InferDescriptor(spk, provider)->Expand(0, DUMMY_SIGNING_PROVIDER, dummy, out);
1430 187093 : std::vector<CKeyID> ret;
1431 265707 : for (const auto& entry : out.pubkeys) {
1432 78614 : ret.push_back(entry.first);
1433 0 : }
1434 : return ret;
1435 187093 : }
1436 :
1437 1 : void LegacyScriptPubKeyMan::MarkPreSplitKeys()
1438 : {
1439 1 : WalletBatch batch(m_storage.GetDatabase());
1440 2 : for (auto it = setExternalKeyPool.begin(); it != setExternalKeyPool.end();) {
1441 1 : int64_t index = *it;
1442 1 : CKeyPool keypool;
1443 1 : if (!batch.ReadPool(index, keypool)) {
1444 0 : throw std::runtime_error(std::string(__func__) + ": read keypool entry failed");
1445 : }
1446 1 : keypool.m_pre_split = true;
1447 1 : if (!batch.WritePool(index, keypool)) {
1448 0 : throw std::runtime_error(std::string(__func__) + ": writing modified keypool entry failed");
1449 : }
1450 1 : set_pre_split_keypool.insert(index);
1451 1 : it = setExternalKeyPool.erase(it);
1452 1 : }
1453 1 : }
1454 :
1455 16882 : bool LegacyScriptPubKeyMan::AddCScript(const CScript& redeemScript)
1456 : {
1457 16882 : WalletBatch batch(m_storage.GetDatabase());
1458 16882 : return AddCScriptWithDB(batch, redeemScript);
1459 16882 : }
1460 :
1461 16982 : bool LegacyScriptPubKeyMan::AddCScriptWithDB(WalletBatch& batch, const CScript& redeemScript)
1462 : {
1463 16982 : if (!FillableSigningProvider::AddCScript(redeemScript))
1464 0 : return false;
1465 16982 : if (batch.WriteCScript(Hash160(redeemScript), redeemScript)) {
1466 9734 : m_storage.UnsetBlankWalletFlag(batch);
1467 9734 : return true;
1468 : }
1469 7248 : return false;
1470 16982 : }
1471 :
1472 59 : bool LegacyScriptPubKeyMan::AddKeyOriginWithDB(WalletBatch& batch, const CPubKey& pubkey, const KeyOriginInfo& info)
1473 : {
1474 59 : LOCK(cs_KeyStore);
1475 59 : std::copy(info.fingerprint, info.fingerprint + 4, mapKeyMetadata[pubkey.GetID()].key_origin.fingerprint);
1476 59 : mapKeyMetadata[pubkey.GetID()].key_origin.path = info.path;
1477 59 : mapKeyMetadata[pubkey.GetID()].has_key_origin = true;
1478 59 : mapKeyMetadata[pubkey.GetID()].hdKeypath = WriteHDKeypath(info.path);
1479 59 : return batch.WriteKeyMetadata(mapKeyMetadata[pubkey.GetID()], pubkey, true);
1480 59 : }
1481 :
1482 1377 : bool LegacyScriptPubKeyMan::ImportScripts(const std::set<CScript> scripts, int64_t timestamp)
1483 : {
1484 1377 : WalletBatch batch(m_storage.GetDatabase());
1485 2651 : for (const auto& entry : scripts) {
1486 1274 : CScriptID id(entry);
1487 1274 : if (HaveCScript(id)) {
1488 1174 : WalletLogPrintf("Already have script %s, skipping\n", HexStr(entry));
1489 1174 : continue;
1490 : }
1491 100 : if (!AddCScriptWithDB(batch, entry)) {
1492 0 : return false;
1493 : }
1494 :
1495 100 : if (timestamp > 0) {
1496 64 : m_script_metadata[CScriptID(entry)].nCreateTime = timestamp;
1497 64 : }
1498 1274 : }
1499 1377 : if (timestamp > 0) {
1500 167 : UpdateTimeFirstKey(timestamp);
1501 : }
1502 :
1503 1377 : return true;
1504 1377 : }
1505 :
1506 1335 : bool LegacyScriptPubKeyMan::ImportPrivKeys(const std::map<CKeyID, CKey>& privkey_map, const int64_t timestamp)
1507 : {
1508 1335 : WalletBatch batch(m_storage.GetDatabase());
1509 2559 : for (const auto& entry : privkey_map) {
1510 1224 : const CKey& key = entry.second;
1511 1224 : CPubKey pubkey = key.GetPubKey();
1512 1224 : const CKeyID& id = entry.first;
1513 1224 : assert(key.VerifyPubKey(pubkey));
1514 : // Skip if we already have the key
1515 1224 : if (HaveKey(id)) {
1516 0 : WalletLogPrintf("Already have key with pubkey %s, skipping\n", HexStr(pubkey));
1517 0 : continue;
1518 : }
1519 1224 : mapKeyMetadata[id].nCreateTime = timestamp;
1520 : // If the private key is not present in the wallet, insert it.
1521 1224 : if (!AddKeyPubKeyWithDB(batch, key, pubkey)) {
1522 0 : return false;
1523 : }
1524 1224 : UpdateTimeFirstKey(timestamp);
1525 1224 : }
1526 1335 : return true;
1527 1335 : }
1528 :
1529 199 : bool LegacyScriptPubKeyMan::ImportPubKeys(const std::vector<CKeyID>& ordered_pubkeys, const std::map<CKeyID, CPubKey>& pubkey_map, const std::map<CKeyID, std::pair<CPubKey, KeyOriginInfo>>& key_origins, const bool add_keypool, const bool internal, const int64_t timestamp)
1530 : {
1531 199 : WalletBatch batch(m_storage.GetDatabase());
1532 258 : for (const auto& entry : key_origins) {
1533 59 : AddKeyOriginWithDB(batch, entry.second.first, entry.second.second);
1534 0 : }
1535 329 : for (const CKeyID& id : ordered_pubkeys) {
1536 130 : auto entry = pubkey_map.find(id);
1537 130 : if (entry == pubkey_map.end()) {
1538 2 : continue;
1539 : }
1540 128 : const CPubKey& pubkey = entry->second;
1541 128 : CPubKey temp;
1542 128 : if (GetPubKey(id, temp)) {
1543 : // Already have pubkey, skipping
1544 8 : WalletLogPrintf("Already have pubkey %s, skipping\n", HexStr(temp));
1545 8 : continue;
1546 : }
1547 120 : if (!AddWatchOnlyWithDB(batch, GetScriptForRawPubKey(pubkey), timestamp)) {
1548 0 : return false;
1549 : }
1550 120 : mapKeyMetadata[id].nCreateTime = timestamp;
1551 :
1552 : // Add to keypool only works with pubkeys
1553 120 : if (add_keypool) {
1554 37 : AddKeypoolPubkeyWithDB(pubkey, internal, batch);
1555 37 : NotifyCanGetAddressesChanged();
1556 : }
1557 130 : }
1558 199 : return true;
1559 199 : }
1560 :
1561 281 : bool LegacyScriptPubKeyMan::ImportScriptPubKeys(const std::set<CScript>& script_pub_keys, const bool have_solving_data, const int64_t timestamp)
1562 : {
1563 281 : WalletBatch batch(m_storage.GetDatabase());
1564 690 : for (const CScript& script : script_pub_keys) {
1565 409 : if (!have_solving_data || !IsMine(script)) { // Always call AddWatchOnly for non-solvable watch-only, so that watch timestamp gets updated
1566 358 : if (!AddWatchOnlyWithDB(batch, script, timestamp)) {
1567 0 : return false;
1568 : }
1569 : }
1570 409 : }
1571 281 : return true;
1572 281 : }
1573 :
1574 6 : std::set<CKeyID> LegacyScriptPubKeyMan::GetKeys() const
1575 : {
1576 6 : LOCK(cs_KeyStore);
1577 6 : if (!m_storage.HasEncryptionKeys()) {
1578 5 : return FillableSigningProvider::GetKeys();
1579 : }
1580 1 : std::set<CKeyID> set_address;
1581 393 : for (const auto& mi : mapCryptedKeys) {
1582 392 : set_address.insert(mi.first);
1583 0 : }
1584 1 : return set_address;
1585 6 : }
1586 :
1587 0 : void LegacyScriptPubKeyMan::SetInternal(bool internal) {}
1588 :
1589 1459 : bool DescriptorScriptPubKeyMan::GetNewDestination(const OutputType type, CTxDestination& dest, std::string& error)
1590 : {
1591 : // Returns true if this descriptor supports getting new addresses. Conditions where we may be unable to fetch them (e.g. locked) are caught later
1592 1459 : if (!CanGetAddresses(m_internal)) {
1593 0 : error = "No addresses available";
1594 0 : return false;
1595 : }
1596 : {
1597 1459 : LOCK(cs_desc_man);
1598 1459 : assert(m_wallet_descriptor.descriptor->IsSingleType()); // This is a combo descriptor which should not be an active descriptor
1599 1459 : Optional<OutputType> desc_addr_type = m_wallet_descriptor.descriptor->GetOutputType();
1600 1459 : assert(desc_addr_type);
1601 1459 : if (type != *desc_addr_type) {
1602 0 : throw std::runtime_error(std::string(__func__) + ": Types are inconsistent");
1603 : }
1604 :
1605 1459 : TopUp();
1606 :
1607 : // Get the scriptPubKey from the descriptor
1608 1459 : FlatSigningProvider out_keys;
1609 1459 : std::vector<CScript> scripts_temp;
1610 1459 : if (m_wallet_descriptor.range_end <= m_max_cached_index && !TopUp(1)) {
1611 : // We can't generate anymore keys
1612 0 : error = "Error: Keypool ran out, please call keypoolrefill first";
1613 0 : return false;
1614 : }
1615 1459 : if (!m_wallet_descriptor.descriptor->ExpandFromCache(m_wallet_descriptor.next_index, m_wallet_descriptor.cache, scripts_temp, out_keys)) {
1616 : // We can't generate anymore keys
1617 5 : error = "Error: Keypool ran out, please call keypoolrefill first";
1618 5 : return false;
1619 : }
1620 :
1621 1454 : Optional<OutputType> out_script_type = m_wallet_descriptor.descriptor->GetOutputType();
1622 1454 : if (out_script_type && out_script_type == type) {
1623 1454 : ExtractDestination(scripts_temp[0], dest);
1624 : } else {
1625 0 : throw std::runtime_error(std::string(__func__) + ": Types are inconsistent. Stored type does not match type of newly generated address");
1626 : }
1627 1454 : m_wallet_descriptor.next_index++;
1628 1454 : WalletBatch(m_storage.GetDatabase()).WriteDescriptor(GetID(), m_wallet_descriptor);
1629 : return true;
1630 1459 : }
1631 1459 : }
1632 :
1633 499432 : isminetype DescriptorScriptPubKeyMan::IsMine(const CScript& script) const
1634 : {
1635 499432 : LOCK(cs_desc_man);
1636 499432 : if (m_map_script_pub_keys.count(script) > 0) {
1637 51426 : return ISMINE_SPENDABLE;
1638 : }
1639 448006 : return ISMINE_NO;
1640 499432 : }
1641 :
1642 235 : bool DescriptorScriptPubKeyMan::CheckDecryptionKey(const CKeyingMaterial& master_key, bool accept_no_keys)
1643 : {
1644 235 : LOCK(cs_desc_man);
1645 235 : if (!m_map_keys.empty()) {
1646 0 : return false;
1647 : }
1648 :
1649 235 : bool keyPass = m_map_crypted_keys.empty(); // Always pass when there are no encrypted keys
1650 496 : bool keyFail = false;
1651 446 : for (const auto& mi : m_map_crypted_keys) {
1652 211 : const CPubKey &pubkey = mi.second.first;
1653 211 : const std::vector<unsigned char> &crypted_secret = mi.second.second;
1654 211 : CKey key;
1655 211 : if (!DecryptKey(master_key, crypted_secret, pubkey, key)) {
1656 : keyFail = true;
1657 0 : break;
1658 : }
1659 : keyPass = true;
1660 211 : if (m_decryption_thoroughly_checked)
1661 185 : break;
1662 211 : }
1663 235 : if (keyPass && keyFail) {
1664 0 : LogPrintf("The wallet is probably corrupted: Some keys decrypt but not all.\n");
1665 0 : throw std::runtime_error("Error unlocking wallet: some keys decrypt but not all. Your wallet file may be corrupt.");
1666 : }
1667 235 : if (keyFail || (!keyPass && !accept_no_keys)) {
1668 0 : return false;
1669 : }
1670 235 : m_decryption_thoroughly_checked = true;
1671 235 : return true;
1672 235 : }
1673 :
1674 20 : bool DescriptorScriptPubKeyMan::Encrypt(const CKeyingMaterial& master_key, WalletBatch* batch)
1675 : {
1676 20 : LOCK(cs_desc_man);
1677 20 : if (!m_map_crypted_keys.empty()) {
1678 0 : return false;
1679 : }
1680 :
1681 40 : for (const KeyMap::value_type& key_in : m_map_keys)
1682 : {
1683 20 : const CKey &key = key_in.second;
1684 20 : CPubKey pubkey = key.GetPubKey();
1685 20 : CKeyingMaterial secret(key.begin(), key.end());
1686 20 : std::vector<unsigned char> crypted_secret;
1687 20 : if (!EncryptSecret(master_key, secret, pubkey.GetHash(), crypted_secret)) {
1688 0 : return false;
1689 : }
1690 20 : m_map_crypted_keys[pubkey.GetID()] = make_pair(pubkey, crypted_secret);
1691 20 : batch->WriteCryptedDescriptorKey(GetID(), pubkey, crypted_secret);
1692 20 : }
1693 20 : m_map_keys.clear();
1694 20 : return true;
1695 20 : }
1696 :
1697 338 : bool DescriptorScriptPubKeyMan::GetReservedDestination(const OutputType type, bool internal, CTxDestination& address, int64_t& index, CKeyPool& keypool)
1698 : {
1699 338 : LOCK(cs_desc_man);
1700 338 : std::string error;
1701 338 : bool result = GetNewDestination(type, address, error);
1702 338 : index = m_wallet_descriptor.next_index - 1;
1703 : return result;
1704 338 : }
1705 :
1706 7 : void DescriptorScriptPubKeyMan::ReturnDestination(int64_t index, bool internal, const CTxDestination& addr)
1707 : {
1708 7 : LOCK(cs_desc_man);
1709 : // Only return when the index was the most recent
1710 7 : if (m_wallet_descriptor.next_index - 1 == index) {
1711 7 : m_wallet_descriptor.next_index--;
1712 7 : }
1713 7 : WalletBatch(m_storage.GetDatabase()).WriteDescriptor(GetID(), m_wallet_descriptor);
1714 7 : NotifyCanGetAddressesChanged();
1715 7 : }
1716 :
1717 7204 : std::map<CKeyID, CKey> DescriptorScriptPubKeyMan::GetKeys() const
1718 : {
1719 7204 : AssertLockHeld(cs_desc_man);
1720 7204 : if (m_storage.HasEncryptionKeys() && !m_storage.IsLocked()) {
1721 298 : KeyMap keys;
1722 596 : for (auto key_pair : m_map_crypted_keys) {
1723 298 : const CPubKey& pubkey = key_pair.second.first;
1724 298 : const std::vector<unsigned char>& crypted_secret = key_pair.second.second;
1725 298 : CKey key;
1726 298 : DecryptKey(m_storage.GetEncryptionKey(), crypted_secret, pubkey, key);
1727 298 : keys[pubkey.GetID()] = key;
1728 298 : }
1729 : return keys;
1730 298 : }
1731 6906 : return m_map_keys;
1732 7204 : }
1733 :
1734 6414 : bool DescriptorScriptPubKeyMan::TopUp(unsigned int size)
1735 : {
1736 6414 : LOCK(cs_desc_man);
1737 : unsigned int target_size;
1738 6414 : if (size > 0) {
1739 : target_size = size;
1740 18 : } else {
1741 6396 : target_size = std::max(gArgs.GetArg("-keypool", DEFAULT_KEYPOOL_SIZE), (int64_t) 1);
1742 : }
1743 :
1744 : // Calculate the new range_end
1745 6414 : int32_t new_range_end = std::max(m_wallet_descriptor.next_index + (int32_t)target_size, m_wallet_descriptor.range_end);
1746 :
1747 : // If the descriptor is not ranged, we actually just want to fill the first cache item
1748 6414 : if (!m_wallet_descriptor.descriptor->IsRange()) {
1749 : new_range_end = 1;
1750 1925 : m_wallet_descriptor.range_end = 1;
1751 1925 : m_wallet_descriptor.range_start = 0;
1752 1925 : }
1753 :
1754 6414 : FlatSigningProvider provider;
1755 6414 : provider.keys = GetKeys();
1756 :
1757 6414 : WalletBatch batch(m_storage.GetDatabase());
1758 6414 : uint256 id = GetID();
1759 21034 : for (int32_t i = m_max_cached_index + 1; i < new_range_end; ++i) {
1760 14828 : FlatSigningProvider out_keys;
1761 14828 : std::vector<CScript> scripts_temp;
1762 14828 : DescriptorCache temp_cache;
1763 : // Maybe we have a cached xpub and we can expand from the cache first
1764 14828 : if (!m_wallet_descriptor.descriptor->ExpandFromCache(i, m_wallet_descriptor.cache, scripts_temp, out_keys)) {
1765 1140 : if (!m_wallet_descriptor.descriptor->Expand(i, provider, scripts_temp, out_keys, &temp_cache)) return false;
1766 : }
1767 : // Add all of the scriptPubKeys to the scriptPubKey set
1768 29339 : for (const CScript& script : scripts_temp) {
1769 14719 : m_map_script_pub_keys[script] = i;
1770 : }
1771 21205 : for (const auto& pk_pair : out_keys.pubkeys) {
1772 6585 : const CPubKey& pubkey = pk_pair.second;
1773 6585 : if (m_map_pubkeys.count(pubkey) != 0) {
1774 : // We don't need to give an error here.
1775 : // It doesn't matter which of many valid indexes the pubkey has, we just need an index where we can derive it and it's private key
1776 0 : continue;
1777 : }
1778 6585 : m_map_pubkeys[pubkey] = i;
1779 13170 : }
1780 : // Write the cache
1781 14853 : for (const auto& parent_xpub_pair : temp_cache.GetCachedParentExtPubKeys()) {
1782 233 : CExtPubKey xpub;
1783 233 : if (m_wallet_descriptor.cache.GetCachedParentExtPubKey(parent_xpub_pair.first, xpub)) {
1784 0 : if (xpub != parent_xpub_pair.second) {
1785 0 : throw std::runtime_error(std::string(__func__) + ": New cached parent xpub does not match already cached parent xpub");
1786 : }
1787 0 : continue;
1788 : }
1789 233 : if (!batch.WriteDescriptorParentCache(parent_xpub_pair.second, id, parent_xpub_pair.first)) {
1790 0 : throw std::runtime_error(std::string(__func__) + ": writing cache item failed");
1791 : }
1792 233 : m_wallet_descriptor.cache.CacheParentExtPubKey(parent_xpub_pair.first, parent_xpub_pair.second);
1793 233 : }
1794 15335 : for (const auto& derived_xpub_map_pair : temp_cache.GetCachedDerivedExtPubKeys()) {
1795 1430 : for (const auto& derived_xpub_pair : derived_xpub_map_pair.second) {
1796 715 : CExtPubKey xpub;
1797 715 : if (m_wallet_descriptor.cache.GetCachedDerivedExtPubKey(derived_xpub_map_pair.first, derived_xpub_pair.first, xpub)) {
1798 0 : if (xpub != derived_xpub_pair.second) {
1799 0 : throw std::runtime_error(std::string(__func__) + ": New cached derived xpub does not match already cached derived xpub");
1800 : }
1801 0 : continue;
1802 : }
1803 715 : if (!batch.WriteDescriptorDerivedCache(derived_xpub_pair.second, id, derived_xpub_map_pair.first, derived_xpub_pair.first)) {
1804 0 : throw std::runtime_error(std::string(__func__) + ": writing cache item failed");
1805 : }
1806 715 : m_wallet_descriptor.cache.CacheDerivedExtPubKey(derived_xpub_map_pair.first, derived_xpub_pair.first, derived_xpub_pair.second);
1807 715 : }
1808 0 : }
1809 14620 : m_max_cached_index++;
1810 14828 : }
1811 6206 : m_wallet_descriptor.range_end = new_range_end;
1812 6206 : batch.WriteDescriptor(GetID(), m_wallet_descriptor);
1813 :
1814 : // By this point, the cache size should be the size of the entire range
1815 6206 : assert(m_wallet_descriptor.range_end - 1 == m_max_cached_index);
1816 :
1817 6206 : NotifyCanGetAddressesChanged();
1818 6206 : return true;
1819 6414 : }
1820 :
1821 41791 : void DescriptorScriptPubKeyMan::MarkUnusedAddresses(const CScript& script)
1822 : {
1823 41791 : LOCK(cs_desc_man);
1824 41791 : if (IsMine(script)) {
1825 2793 : int32_t index = m_map_script_pub_keys[script];
1826 2793 : if (index >= m_wallet_descriptor.next_index) {
1827 54 : WalletLogPrintf("%s: Detected a used keypool item at index %d, mark all keypool items up to this item as used\n", __func__, index);
1828 54 : m_wallet_descriptor.next_index = index + 1;
1829 54 : }
1830 2793 : if (!TopUp()) {
1831 0 : WalletLogPrintf("%s: Topping up keypool failed (locked wallet)\n", __func__);
1832 0 : }
1833 2793 : }
1834 41791 : }
1835 :
1836 51 : void DescriptorScriptPubKeyMan::AddDescriptorKey(const CKey& key, const CPubKey &pubkey)
1837 : {
1838 51 : LOCK(cs_desc_man);
1839 51 : WalletBatch batch(m_storage.GetDatabase());
1840 51 : if (!AddDescriptorKeyWithDB(batch, key, pubkey)) {
1841 0 : throw std::runtime_error(std::string(__func__) + ": writing descriptor private key failed");
1842 : }
1843 51 : }
1844 :
1845 255 : bool DescriptorScriptPubKeyMan::AddDescriptorKeyWithDB(WalletBatch& batch, const CKey& key, const CPubKey &pubkey)
1846 : {
1847 255 : AssertLockHeld(cs_desc_man);
1848 255 : assert(!m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS));
1849 :
1850 255 : if (m_storage.HasEncryptionKeys()) {
1851 31 : if (m_storage.IsLocked()) {
1852 0 : return false;
1853 : }
1854 :
1855 31 : std::vector<unsigned char> crypted_secret;
1856 31 : CKeyingMaterial secret(key.begin(), key.end());
1857 31 : if (!EncryptSecret(m_storage.GetEncryptionKey(), secret, pubkey.GetHash(), crypted_secret)) {
1858 0 : return false;
1859 : }
1860 :
1861 31 : m_map_crypted_keys[pubkey.GetID()] = make_pair(pubkey, crypted_secret);
1862 31 : return batch.WriteCryptedDescriptorKey(GetID(), pubkey, crypted_secret);
1863 31 : } else {
1864 224 : m_map_keys[pubkey.GetID()] = key;
1865 224 : return batch.WriteDescriptorKey(GetID(), pubkey, key.GetPrivKey());
1866 : }
1867 255 : }
1868 :
1869 204 : bool DescriptorScriptPubKeyMan::SetupDescriptorGeneration(const CExtKey& master_key, OutputType addr_type)
1870 : {
1871 204 : LOCK(cs_desc_man);
1872 204 : assert(m_storage.IsWalletFlagSet(WALLET_FLAG_DESCRIPTORS));
1873 :
1874 : // Ignore when there is already a descriptor
1875 204 : if (m_wallet_descriptor.descriptor) {
1876 0 : return false;
1877 : }
1878 :
1879 204 : int64_t creation_time = GetTime();
1880 :
1881 204 : std::string xpub = EncodeExtPubKey(master_key.Neuter());
1882 :
1883 : // Build descriptor string
1884 204 : std::string desc_prefix;
1885 204 : std::string desc_suffix = "/*)";
1886 204 : switch (addr_type) {
1887 : case OutputType::LEGACY: {
1888 68 : desc_prefix = "pkh(" + xpub + "/44'";
1889 68 : break;
1890 : }
1891 : case OutputType::P2SH_SEGWIT: {
1892 68 : desc_prefix = "sh(wpkh(" + xpub + "/49'";
1893 68 : desc_suffix += ")";
1894 : break;
1895 : }
1896 : case OutputType::BECH32: {
1897 68 : desc_prefix = "wpkh(" + xpub + "/84'";
1898 68 : break;
1899 : }
1900 : } // no default case, so the compiler can warn about missing cases
1901 204 : assert(!desc_prefix.empty());
1902 :
1903 : // Mainnet derives at 0', testnet and regtest derive at 1'
1904 204 : if (Params().IsTestChain()) {
1905 204 : desc_prefix += "/1'";
1906 : } else {
1907 0 : desc_prefix += "/0'";
1908 : }
1909 :
1910 204 : std::string internal_path = m_internal ? "/1" : "/0";
1911 204 : std::string desc_str = desc_prefix + "/0'" + internal_path + desc_suffix;
1912 :
1913 : // Make the descriptor
1914 204 : FlatSigningProvider keys;
1915 204 : std::string error;
1916 204 : std::unique_ptr<Descriptor> desc = Parse(desc_str, keys, error, false);
1917 204 : WalletDescriptor w_desc(std::move(desc), creation_time, 0, 0, 0);
1918 204 : m_wallet_descriptor = w_desc;
1919 :
1920 : // Store the master private key, and descriptor
1921 204 : WalletBatch batch(m_storage.GetDatabase());
1922 204 : if (!AddDescriptorKeyWithDB(batch, master_key.key, master_key.key.GetPubKey())) {
1923 0 : throw std::runtime_error(std::string(__func__) + ": writing descriptor master private key failed");
1924 : }
1925 204 : if (!batch.WriteDescriptor(GetID(), m_wallet_descriptor)) {
1926 0 : throw std::runtime_error(std::string(__func__) + ": writing descriptor failed");
1927 : }
1928 :
1929 : // TopUp
1930 204 : TopUp();
1931 :
1932 204 : m_storage.UnsetBlankWalletFlag(batch);
1933 : return true;
1934 204 : }
1935 :
1936 0 : bool DescriptorScriptPubKeyMan::IsHDEnabled() const
1937 : {
1938 0 : LOCK(cs_desc_man);
1939 0 : return m_wallet_descriptor.descriptor->IsRange();
1940 0 : }
1941 :
1942 2595 : bool DescriptorScriptPubKeyMan::CanGetAddresses(bool internal) const
1943 : {
1944 : // We can only give out addresses from descriptors that are single type (not combo), ranged,
1945 : // and either have cached keys or can generate more keys (ignoring encryption)
1946 2595 : LOCK(cs_desc_man);
1947 2595 : return m_wallet_descriptor.descriptor->IsSingleType() &&
1948 2595 : m_wallet_descriptor.descriptor->IsRange() &&
1949 2595 : (HavePrivateKeys() || m_wallet_descriptor.next_index < m_wallet_descriptor.range_end);
1950 2595 : }
1951 :
1952 29347 : bool DescriptorScriptPubKeyMan::HavePrivateKeys() const
1953 : {
1954 29347 : LOCK(cs_desc_man);
1955 29347 : return m_map_keys.size() > 0 || m_map_crypted_keys.size() > 0;
1956 29347 : }
1957 :
1958 677 : int64_t DescriptorScriptPubKeyMan::GetOldestKeyPoolTime() const
1959 : {
1960 : // This is only used for getwalletinfo output and isn't relevant to descriptor wallets.
1961 : // The magic number 0 indicates that it shouldn't be displayed so that's what we return.
1962 677 : return 0;
1963 : }
1964 :
1965 437 : size_t DescriptorScriptPubKeyMan::KeypoolCountExternalKeys() const
1966 : {
1967 437 : if (m_internal) {
1968 208 : return 0;
1969 : }
1970 229 : return GetKeyPoolSize();
1971 437 : }
1972 :
1973 1001 : unsigned int DescriptorScriptPubKeyMan::GetKeyPoolSize() const
1974 : {
1975 1001 : LOCK(cs_desc_man);
1976 1001 : return m_wallet_descriptor.range_end - m_wallet_descriptor.next_index;
1977 1001 : }
1978 :
1979 106 : int64_t DescriptorScriptPubKeyMan::GetTimeFirstKey() const
1980 : {
1981 106 : LOCK(cs_desc_man);
1982 106 : return m_wallet_descriptor.creation_time;
1983 106 : }
1984 :
1985 31172 : std::unique_ptr<FlatSigningProvider> DescriptorScriptPubKeyMan::GetSigningProvider(const CScript& script, bool include_private) const
1986 : {
1987 31172 : LOCK(cs_desc_man);
1988 :
1989 : // Find the index of the script
1990 31172 : auto it = m_map_script_pub_keys.find(script);
1991 31172 : if (it == m_map_script_pub_keys.end()) {
1992 4438 : return nullptr;
1993 : }
1994 26734 : int32_t index = it->second;
1995 :
1996 26734 : return GetSigningProvider(index, include_private);
1997 31172 : }
1998 :
1999 396 : std::unique_ptr<FlatSigningProvider> DescriptorScriptPubKeyMan::GetSigningProvider(const CPubKey& pubkey) const
2000 : {
2001 396 : LOCK(cs_desc_man);
2002 :
2003 : // Find index of the pubkey
2004 396 : auto it = m_map_pubkeys.find(pubkey);
2005 396 : if (it == m_map_pubkeys.end()) {
2006 380 : return nullptr;
2007 : }
2008 16 : int32_t index = it->second;
2009 :
2010 : // Always try to get the signing provider with private keys. This function should only be called during signing anyways
2011 16 : return GetSigningProvider(index, true);
2012 396 : }
2013 :
2014 26750 : std::unique_ptr<FlatSigningProvider> DescriptorScriptPubKeyMan::GetSigningProvider(int32_t index, bool include_private) const
2015 : {
2016 26750 : AssertLockHeld(cs_desc_man);
2017 : // Get the scripts, keys, and key origins for this script
2018 26750 : std::unique_ptr<FlatSigningProvider> out_keys = MakeUnique<FlatSigningProvider>();
2019 26750 : std::vector<CScript> scripts_temp;
2020 26750 : if (!m_wallet_descriptor.descriptor->ExpandFromCache(index, m_wallet_descriptor.cache, scripts_temp, *out_keys)) return nullptr;
2021 :
2022 26750 : if (HavePrivateKeys() && include_private) {
2023 790 : FlatSigningProvider master_provider;
2024 790 : master_provider.keys = GetKeys();
2025 790 : m_wallet_descriptor.descriptor->ExpandPrivate(index, master_provider, *out_keys);
2026 790 : }
2027 :
2028 26750 : return out_keys;
2029 26750 : }
2030 :
2031 26221 : std::unique_ptr<SigningProvider> DescriptorScriptPubKeyMan::GetSolvingProvider(const CScript& script) const
2032 : {
2033 26221 : return GetSigningProvider(script, false);
2034 : }
2035 :
2036 85293 : bool DescriptorScriptPubKeyMan::CanProvide(const CScript& script, SignatureData& sigdata)
2037 : {
2038 85293 : return IsMine(script);
2039 : }
2040 :
2041 1466 : bool DescriptorScriptPubKeyMan::SignTransaction(CMutableTransaction& tx, const std::map<COutPoint, Coin>& coins, int sighash, std::map<int, std::string>& input_errors) const
2042 : {
2043 1466 : std::unique_ptr<FlatSigningProvider> keys = MakeUnique<FlatSigningProvider>();
2044 5861 : for (const auto& coin_pair : coins) {
2045 4395 : std::unique_ptr<FlatSigningProvider> coin_keys = GetSigningProvider(coin_pair.second.out.scriptPubKey, true);
2046 4395 : if (!coin_keys) {
2047 3637 : continue;
2048 : }
2049 758 : *keys = Merge(*keys, *coin_keys);
2050 4395 : }
2051 :
2052 1466 : return ::SignTransaction(tx, keys.get(), coins, sighash, input_errors);
2053 1466 : }
2054 :
2055 4 : SigningResult DescriptorScriptPubKeyMan::SignMessage(const std::string& message, const PKHash& pkhash, std::string& str_sig) const
2056 : {
2057 4 : std::unique_ptr<FlatSigningProvider> keys = GetSigningProvider(GetScriptForDestination(pkhash), true);
2058 4 : if (!keys) {
2059 0 : return SigningResult::PRIVATE_KEY_NOT_AVAILABLE;
2060 : }
2061 :
2062 4 : CKey key;
2063 4 : if (!keys->GetKey(ToKeyID(pkhash), key)) {
2064 0 : return SigningResult::PRIVATE_KEY_NOT_AVAILABLE;
2065 : }
2066 :
2067 4 : if (!MessageSign(key, message, str_sig)) {
2068 0 : return SigningResult::SIGNING_FAILED;
2069 : }
2070 4 : return SigningResult::OK;
2071 4 : }
2072 :
2073 260 : TransactionError DescriptorScriptPubKeyMan::FillPSBT(PartiallySignedTransaction& psbtx, int sighash_type, bool sign, bool bip32derivs, int* n_signed) const
2074 : {
2075 260 : if (n_signed) {
2076 260 : *n_signed = 0;
2077 260 : }
2078 754 : for (unsigned int i = 0; i < psbtx.tx->vin.size(); ++i) {
2079 495 : const CTxIn& txin = psbtx.tx->vin[i];
2080 495 : PSBTInput& input = psbtx.inputs.at(i);
2081 :
2082 495 : if (PSBTInputSigned(input)) {
2083 42 : continue;
2084 : }
2085 :
2086 : // Get the Sighash type
2087 453 : if (sign && input.sighash_type > 0 && input.sighash_type != sighash_type) {
2088 0 : return TransactionError::SIGHASH_MISMATCH;
2089 : }
2090 :
2091 : // Get the scriptPubKey to know which SigningProvider to use
2092 453 : CScript script;
2093 453 : if (!input.witness_utxo.IsNull()) {
2094 201 : script = input.witness_utxo.scriptPubKey;
2095 252 : } else if (input.non_witness_utxo) {
2096 217 : if (txin.prevout.n >= input.non_witness_utxo->vout.size()) {
2097 1 : return TransactionError::MISSING_INPUTS;
2098 : }
2099 216 : script = input.non_witness_utxo->vout[txin.prevout.n].scriptPubKey;
2100 : } else {
2101 : // There's no UTXO so we can just skip this now
2102 35 : continue;
2103 : }
2104 417 : SignatureData sigdata;
2105 417 : input.FillSignatureData(sigdata);
2106 :
2107 417 : std::unique_ptr<FlatSigningProvider> keys = MakeUnique<FlatSigningProvider>();
2108 417 : std::unique_ptr<FlatSigningProvider> script_keys = GetSigningProvider(script, sign);
2109 417 : if (script_keys) {
2110 50 : *keys = Merge(*keys, *script_keys);
2111 50 : } else {
2112 : // Maybe there are pubkeys listed that we can sign for
2113 367 : script_keys = MakeUnique<FlatSigningProvider>();
2114 763 : for (const auto& pk_pair : input.hd_keypaths) {
2115 396 : const CPubKey& pubkey = pk_pair.first;
2116 396 : std::unique_ptr<FlatSigningProvider> pk_keys = GetSigningProvider(pubkey);
2117 396 : if (pk_keys) {
2118 16 : *keys = Merge(*keys, *pk_keys);
2119 16 : }
2120 396 : }
2121 : }
2122 :
2123 417 : SignPSBTInput(HidingSigningProvider(keys.get(), !sign, !bip32derivs), psbtx, i, sighash_type);
2124 :
2125 417 : bool signed_one = PSBTInputSigned(input);
2126 417 : if (n_signed && (signed_one || !sign)) {
2127 : // If sign is false, we assume that we _could_ sign if we get here. This
2128 : // will never have false negatives; it is hard to tell under what i
2129 : // circumstances it could have false positives.
2130 232 : (*n_signed)++;
2131 232 : }
2132 453 : }
2133 :
2134 : // Fill in the bip32 keypaths and redeemscripts for the outputs so that hardware wallets can identify change
2135 715 : for (unsigned int i = 0; i < psbtx.tx->vout.size(); ++i) {
2136 456 : std::unique_ptr<SigningProvider> keys = GetSolvingProvider(psbtx.tx->vout.at(i).scriptPubKey);
2137 456 : if (!keys) {
2138 434 : continue;
2139 : }
2140 22 : UpdatePSBTOutput(HidingSigningProvider(keys.get(), true, !bip32derivs), psbtx, i);
2141 456 : }
2142 :
2143 259 : return TransactionError::OK;
2144 260 : }
2145 :
2146 135 : std::unique_ptr<CKeyMetadata> DescriptorScriptPubKeyMan::GetMetadata(const CTxDestination& dest) const
2147 : {
2148 135 : std::unique_ptr<SigningProvider> provider = GetSigningProvider(GetScriptForDestination(dest));
2149 135 : if (provider) {
2150 135 : KeyOriginInfo orig;
2151 135 : CKeyID key_id = GetKeyForDestination(*provider, dest);
2152 135 : if (provider->GetKeyOrigin(key_id, orig)) {
2153 135 : LOCK(cs_desc_man);
2154 135 : std::unique_ptr<CKeyMetadata> meta = MakeUnique<CKeyMetadata>();
2155 135 : meta->key_origin = orig;
2156 135 : meta->has_key_origin = true;
2157 135 : meta->nCreateTime = m_wallet_descriptor.creation_time;
2158 : return meta;
2159 135 : }
2160 135 : }
2161 0 : return nullptr;
2162 135 : }
2163 :
2164 14980 : uint256 DescriptorScriptPubKeyMan::GetID() const
2165 : {
2166 14980 : LOCK(cs_desc_man);
2167 14980 : std::string desc_str = m_wallet_descriptor.descriptor->ToString();
2168 14980 : uint256 id;
2169 14980 : CSHA256().Write((unsigned char*)desc_str.data(), desc_str.size()).Finalize(id.begin());
2170 : return id;
2171 14980 : }
2172 :
2173 356 : void DescriptorScriptPubKeyMan::SetInternal(bool internal)
2174 : {
2175 356 : this->m_internal = internal;
2176 356 : }
2177 :
2178 240 : void DescriptorScriptPubKeyMan::SetCache(const DescriptorCache& cache)
2179 : {
2180 240 : LOCK(cs_desc_man);
2181 240 : m_wallet_descriptor.cache = cache;
2182 5302 : for (int32_t i = m_wallet_descriptor.range_start; i < m_wallet_descriptor.range_end; ++i) {
2183 5062 : FlatSigningProvider out_keys;
2184 5062 : std::vector<CScript> scripts_temp;
2185 5062 : if (!m_wallet_descriptor.descriptor->ExpandFromCache(i, m_wallet_descriptor.cache, scripts_temp, out_keys)) {
2186 0 : throw std::runtime_error("Error: Unable to expand wallet descriptor from cache");
2187 : }
2188 : // Add all of the scriptPubKeys to the scriptPubKey set
2189 10199 : for (const CScript& script : scripts_temp) {
2190 5137 : if (m_map_script_pub_keys.count(script) != 0) {
2191 0 : throw std::runtime_error(strprintf("Error: Already loaded script at index %d as being at index %d", i, m_map_script_pub_keys[script]));
2192 : }
2193 5137 : m_map_script_pub_keys[script] = i;
2194 : }
2195 8044 : for (const auto& pk_pair : out_keys.pubkeys) {
2196 2982 : const CPubKey& pubkey = pk_pair.second;
2197 2982 : if (m_map_pubkeys.count(pubkey) != 0) {
2198 : // We don't need to give an error here.
2199 : // It doesn't matter which of many valid indexes the pubkey has, we just need an index where we can derive it and it's private key
2200 0 : continue;
2201 : }
2202 2982 : m_map_pubkeys[pubkey] = i;
2203 5964 : }
2204 5062 : m_max_cached_index++;
2205 5062 : }
2206 240 : }
2207 :
2208 157 : bool DescriptorScriptPubKeyMan::AddKey(const CKeyID& key_id, const CKey& key)
2209 : {
2210 157 : LOCK(cs_desc_man);
2211 157 : m_map_keys[key_id] = key;
2212 : return true;
2213 157 : }
2214 :
2215 0 : bool DescriptorScriptPubKeyMan::AddCryptedKey(const CKeyID& key_id, const CPubKey& pubkey, const std::vector<unsigned char>& crypted_key)
2216 : {
2217 0 : LOCK(cs_desc_man);
2218 0 : if (!m_map_keys.empty()) {
2219 0 : return false;
2220 : }
2221 :
2222 0 : m_map_crypted_keys[key_id] = make_pair(pubkey, crypted_key);
2223 0 : return true;
2224 0 : }
2225 :
2226 960 : bool DescriptorScriptPubKeyMan::HasWalletDescriptor(const WalletDescriptor& desc) const
2227 : {
2228 960 : LOCK(cs_desc_man);
2229 960 : return m_wallet_descriptor.descriptor != nullptr && desc.descriptor != nullptr && m_wallet_descriptor.descriptor->ToString() == desc.descriptor->ToString();
2230 960 : }
2231 :
2232 92 : void DescriptorScriptPubKeyMan::WriteDescriptor()
2233 : {
2234 92 : LOCK(cs_desc_man);
2235 92 : WalletBatch batch(m_storage.GetDatabase());
2236 92 : if (!batch.WriteDescriptor(GetID(), m_wallet_descriptor)) {
2237 0 : throw std::runtime_error(std::string(__func__) + ": writing descriptor failed");
2238 : }
2239 92 : }
2240 :
2241 26 : const WalletDescriptor DescriptorScriptPubKeyMan::GetWalletDescriptor() const
2242 : {
2243 26 : return m_wallet_descriptor;
2244 : }
2245 :
2246 71 : const std::vector<CScript> DescriptorScriptPubKeyMan::GetScriptPubKeys() const
2247 : {
2248 71 : LOCK(cs_desc_man);
2249 71 : std::vector<CScript> script_pub_keys;
2250 71 : script_pub_keys.reserve(m_map_script_pub_keys.size());
2251 :
2252 241 : for (auto const& script_pub_key: m_map_script_pub_keys) {
2253 170 : script_pub_keys.push_back(script_pub_key.first);
2254 0 : }
2255 : return script_pub_keys;
2256 71 : }
|
