Merge #16546: External signer support - Wallet Box edition

f75e0c1edde39a91cc353b0102638e232def9476 doc: add external-signer.md (Sjors Provoost) d4b0107d68a91ed4d1a5c78c8ca76251329d3f3c rpc: send: support external signer (Sjors Provoost) 245b4457cf9265190a05529a0a97e1cb258cca8a rpc: signerdisplayaddress (Sjors Provoost) 7ebc7c0215979c53b92a436acc8b5b607b8d735a wallet: ExternalSigner: add GetDescriptors method (Sjors Provoost) fc5da520f5c72287f59823b8a6d748dda49c574a wallet: add GetExternalSigner() (Sjors Provoost) 259f52cc33817a00b91ec9c7d078c07b88db7ab4 test: external_signer wallet flag is immutable (Sjors Provoost) 2655197e1c2dea9536c32afe1482ced4a1f481e9 rpc: add external_signer option to createwallet (Sjors Provoost) 2700f09c4130af6167ce71f46960e92ca800e205 rpc: signer: add enumeratesigners to list external signers (Sjors Provoost) 07b7c940a7da138d55a484ef83fee19ebf58a867 rpc: add external signer RPC files (Sjors Provoost) 8ce7767071779a0170364e6426bd393ed71bf281 wallet: add ExternalSignerScriptPubKeyMan (Sjors Provoost) 157ea7c614950d61bfe405310e2aaabcee31f7a3 wallet: add external_signer flag (Sjors Provoost) f3e6ce78fba2b31173fe7b606aa9edb5b615bff3 test: add external signer test (Sjors Provoost) 8cf543f96dcd6fdfac1367b9e2b1d7d51be8bb76 wallet: add -signer argument for external signer command (Sjors Provoost) f7eb7ecc6750ab267a979d9268ce5b5d151c26de test: framework: add skip_if_no_external_signer (Sjors Provoost) 87a97941f667483bbf2ab00929e03a2199cb8a62 configure: add --enable-external-signer (Sjors Provoost) Pull request description: Big picture overview in [this gist](https://gist.github.com/Sjors/29d06728c685e6182828c1ce9b74483d). This PR lets `bitcoind` call an arbitrary command `-signer=<cmd>`, e.g. a hardware wallet driver, where it can fetch public keys, ask to display an address, and sign a transaction (using PSBT under the hood). It's design to work with https://github.com/bitcoin-core/HWI, which supports multiple hardware wallets. Any command with the same arguments and return values will work. It simplifies the manual procedure described [here](https://github.com/bitcoin-core/HWI/blob/master/docs/bitcoin-core-usage.md). Usage is documented in [doc/external-signer.md]( https://github.com/Sjors/bitcoin/blob/2019/08/hww-box2/doc/external-signer.md), which also describes what protocol a different signer binary should conform to. Use `--enable-external-signer` to opt in, requires Boost::Process: ``` Options used to compile and link: with wallet = yes with gui / qt = no external signer = yes ``` It adds the following RPC methods: * `enumeratesigners`: asks <cmd> for a list of signers (e.g. devices) and their master key fingerprint * `signerdisplayaddress <address>`: asks <cmd> to display an address It enhances the following RPC methods: * `createwallet`: takes an additional `external_signer` argument and fetches keys from device * `send`: automatically sends transaction to device and waits Usage TL&DR: * clone HWI repo somewhere and launch `bitcoind -signer=../HWI/hwi.py` * check if you can see your hardware device: `bitcoin-cli enumeratesigners` * create wallet and auto import keys `bitcoin-cli createwallet "hww" true true "" true true true` * display address on device: `bitcoin-cli signerdisplayaddress ...` * to spend, use `send` RPC and approve transaction on device Prerequisites: - [x] #21127 load wallet flags before everything else - [x] #21182 remove mostly pointless BOOST_PROCESS macro Potentially useful followups: - GUI support: bitcoin-core/gui#4 - bumpfee support - (automatically) verify (a subset of) keys on the device after import, through message signing ACKs for top commit: laanwj: re-ACK f75e0c1edde39a91cc353b0102638e232def9476 Tree-SHA512: 7db8afd54762295c1424c3f01d8c587ec256a72f34bd5256e04b21832dabd5dc212be8ab975ae3b67de75259fd569a561491945750492f417111dc7b6641e77f
author: Wladimir J. van der Laan <laanwj@protonmail.com> 2021-02-23 17:56:24 +0100
committer: Wladimir J. van der Laan <laanwj@protonmail.com> 2021-02-23 17:56:43 +0100
commit: a9335e4f129cadd87fda0fe49baf74670ded491a (patch)
tree: c16d6d229e204758a32362f8c10a88791d2c03c4 /src/wallet/external_signer.h
parent: 78effb37f35ff09733e79497bd6b06d355272d79 (diff)
parent: f75e0c1edde39a91cc353b0102638e232def9476 (diff)
1 files changed, 73 insertions, 0 deletions
diff --git a/src/wallet/external_signer.h b/src/wallet/external_signer.h
new file mode 100644
index 0000000000..4b9711107b
--- /dev/null
+++ b/src/wallet/external_signer.h
@@ -0,0 +1,73 @@
+// Copyright (c) 2018-2021 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_WALLET_EXTERNAL_SIGNER_H
+#define BITCOIN_WALLET_EXTERNAL_SIGNER_H
+
+#include <stdexcept>
+#include <string>
+#include <univalue.h>
+#include <util/system.h>
+
+struct PartiallySignedTransaction;
+
+class ExternalSignerException : public std::runtime_error {
+public:
+    using std::runtime_error::runtime_error;
+};
+
+//! Enables interaction with an external signing device or service, such as
+//! a hardware wallet. See doc/external-signer.md
+class ExternalSigner
+{
+private:
+    //! The command which handles interaction with the external signer.
+    std::string m_command;
+
+public:
+    //! @param[in] command      the command which handles interaction with the external signer
+    //! @param[in] fingerprint  master key fingerprint of the signer
+    //! @param[in] chain        "main", "test", "regtest" or "signet"
+    //! @param[in] name         device name
+    ExternalSigner(const std::string& command, const std::string& fingerprint, std::string chain, std::string name);
+
+    //! Master key fingerprint of the signer
+    std::string m_fingerprint;
+
+    //! Bitcoin mainnet, testnet, etc
+    std::string m_chain;
+
+    //! Name of signer
+    std::string m_name;
+
+    const std::string NetworkArg() const;
+
+#ifdef ENABLE_EXTERNAL_SIGNER
+    //! Obtain a list of signers. Calls `<command> enumerate`.
+    //! @param[in]              command the command which handles interaction with the external signer
+    //! @param[in,out] signers  vector to which new signers (with a unique master key fingerprint) are added
+    //! @param chain            "main", "test", "regtest" or "signet"
+    //! @param[out] success     Boolean
+    static bool Enumerate(const std::string& command, std::vector<ExternalSigner>& signers, std::string chain, bool ignore_errors = false);
+
+    //! Display address on the device. Calls `<command> displayaddress --desc <descriptor>`.
+    //! @param[in] descriptor Descriptor specifying which address to display.
+    //!            Must include a public key or xpub, as well as key origin.
+    UniValue DisplayAddress(const std::string& descriptor) const;
+
+    //! Get receive and change Descriptor(s) from device for a given account.
+    //! Calls `<command> getdescriptors --account <account>`
+    //! @param[in] account  which BIP32 account to use (e.g. `m/44'/0'/account'`)
+    //! @param[out] UniValue see doc/external-signer.md
+    UniValue GetDescriptors(int account);
+
+    //! Sign PartiallySignedTransaction on the device.
+    //! Calls `<command> signtransaction` and passes the PSBT via stdin.
+    //! @param[in,out] psbt  PartiallySignedTransaction to be signed
+    bool SignTransaction(PartiallySignedTransaction& psbt, std::string& error);
+
+#endif
+};
+
+#endif // BITCOIN_WALLET_EXTERNAL_SIGNER_H
author	Wladimir J. van der Laan <laanwj@protonmail.com>	2021-02-23 17:56:24 +0100
committer	Wladimir J. van der Laan <laanwj@protonmail.com>	2021-02-23 17:56:43 +0100
commit	a9335e4f129cadd87fda0fe49baf74670ded491a (patch)
tree	c16d6d229e204758a32362f8c10a88791d2c03c4 /src/wallet/external_signer.h
parent	78effb37f35ff09733e79497bd6b06d355272d79 (diff)
parent	f75e0c1edde39a91cc353b0102638e232def9476 (diff)