aboutsummaryrefslogtreecommitdiff
path: root/src/script
AgeCommit message (Collapse)Author
2019-02-16Merge #15368: Descriptor checksumsWladimir J. van der Laan
fd637be8d21a606e98c037b40b268c4a1fae2244 Add checksums to descriptors.md (Pieter Wuille) be62903c417293f6217e124669e62fd2172a18f1 Make descriptor checksums mandatory in deriveaddresses and importmulti (Pieter Wuille) b52cb6368869c9f6dd2cd8f309b3000de514d439 Add getdescriptorinfo to compute checksum (Pieter Wuille) 3b40bff9880e9ae2817136b7d14989afccfc1937 Descriptor checksum (Pieter Wuille) Pull request description: This adds support for a descriptor-specific 8-character checksum. Descriptors may optionally be suffixed with a `#` plus these 8 checksum characters. Any descriptor that contains a `#` at the end must be followed by a valid checksum. If the `#` is missing entirely, it is valid without checksum. All RPCs are updated to report descriptors that include the checksum. On input, they are optional except in `deriveaddress` and `importmulti`, which require descriptors which include a checksum. A new RPC is also added to analyse descriptors (`getdescriptorinfo`), which can be used to compute the checksum for a descriptor without. Tree-SHA512: a8294b09155eb6c67fbc178b5e2d3fbc0e9bec8b6de57a13f8835550d51c2cb32a428b3c9a188ded42b454d594e9305edbd4797906b755de77a8f33c79165f6b
2019-02-16Merge #13932: Additional utility RPCs for PSBTWladimir J. van der Laan
540729ef4bf1b6c6da1ec795e441d2ce56a9a58b Implement analyzepsbt RPC and tests (Andrew Chow) 77542cf2a5f8abb97dd46f782c1b0199cc062033 Move PSBT UTXO fetching to a separate method (Andrew Chow) cb40b3abd4514361a024a1e7a1a281da9261261b Figure out what is missing during signing (Andrew Chow) 08f749c9147a5f3fdbbd880e0974b97084429002 Implement joinpsbts RPC and tests (Andrew Chow) 7344a7b9984b99882e136efc8ad48fb31740df93 Implement utxoupdatepsbt RPC and tests (Andrew Chow) Pull request description: This PR adds 3 new utility RPCs for interacting with PSBTs. `utxoupdatepsbt` updates a PSBT with UTXO information from the node. It only works with witness UTXOs because full transactions (as would be needed for non-witness UTXOs) are not available unless txindex is enabled. `joinpsbts` joins the inputs from multiple distinct PSBTs into one PSBT. e.g. if PSBT 1 has inputs 1 and 2, and PSBT 2 has inputs 3 and 4, `joinpsbts` would create a new PSBT with inputs 1, 2, 3, and 4. `analyzepsbt` analyzes a PSBT and determines the current state of it and all of its inputs, and the next step that needs to be done. Tree-SHA512: 3c1fa302201abca76a8901d0c2be7b4ccbce334d989533c215f8b3e50e22f2f018ce6209544b26789f58f5980a253c0655111e1e20d47d5656e0414c64891a5c
2019-02-15Descriptor checksumPieter Wuille
2019-02-16Figure out what is missing during signingAndrew Chow
When signing an input, figure out what was requested for but was unable to be found and store it in a SignatureData. Return this information in SignPSBTInput.
2019-02-14Store key origin info in key metadataAndrew Chow
Store the master key fingerprint and derivation path in the key metadata. hdKeypath is kept to indicate the seed and for backwards compatibility, but all key derivation path output uses the key origin info instead of hdKeypath.
2019-02-14Add WriteHDKeypath function and move *HDKeypath to util/bip32.{h,cpp}Andrew Chow
Creates new files util/bip32.h and util/bip32.cpp for containing BIP 32 stuff. Moves FormatKeyPath from descriptor.cpp to util/bip32. Adds a wrapper around it to prepent the 'm' for when just the BIP 32 style keypath is needed.
2019-02-11Move PSBT definitions and code to separate filesGlenn Willen
Move non-wallet PSBT code to src/psbt.{h,cpp}, and PSBT wallet code to src/wallet/psbtwallet.{h,cpp}. This commit contains only code movement (and adjustments to includes and Makefile.am.)
2019-01-25Descriptor expansions only need pubkey entries for PKH/WPKHPieter Wuille
2018-12-17 Minimal changes to comply with explicit CMutableTransaction -> CTranaction ↵lucash-dev
conversion. This commit makes the minimal changes necessary to fix compilation once CTransaction(const CMutableTransaction &tx) is made explicit. In each case an explicit call `CTransaction(...)` was added. Shouldn't affect behaviour or performance.
2018-11-28Add descriptor expansion cachePieter Wuille
2018-11-28[refactor] Combine the ToString and ToPrivateString implementationsPieter Wuille
2018-11-28[refactor] Use DescriptorImpl internally, permitting access to new methodsPieter Wuille
2018-11-28[refactor] Add a base DescriptorImpl with most common logicPieter Wuille
2018-11-27Merge #14477: Add ability to convert solvability info to descriptorPieter Wuille
109699dd33 Add release notes (Pieter Wuille) b65326b562 Add matching descriptors to scantxoutset output + tests (Pieter Wuille) 16203d5df7 Add descriptors to listunspent and getaddressinfo + tests (Pieter Wuille) 9b2a25b13f Add tests for InferDescriptor and Descriptor::IsSolvable (Pieter Wuille) 225bf3e3b0 Add Descriptor::IsSolvable() to distinguish addr/raw from others (Pieter Wuille) 4d78bd93b5 Add support for inferring descriptors from scripts (Pieter Wuille) Pull request description: This PR adds functionality to convert a script to a descriptor, given a `SigningProvider` with the relevant information about public keys and redeemscripts/witnessscripts. The feature is exposed in `listunspent`, `getaddressinfo`, and `scantxoutset` whenever these calls are applied to solvable outputs/addresses. This is not very useful on its own, though when we add RPCs to import descriptors, or sign PSBTs using descriptors, these strings become a compact and standalone way of conveying everything necessary to sign an output (excluding private keys). Unit tests and rudimentary RPC tests are included (more relevant tests can be added once RPCs support descriptors). Fixes #14503. Tree-SHA512: cb36b84a3e0200375b7e06a98c7e750cfaf95cf5de132cad59f7ec3cbd201f739427de0dc108f515be7aca203652089fbf5f24ed283d4553bddf23a3224ab31f
2018-11-23Merge #14678: [wallet] remove redundant KeyOriginInfo access, already done ↵Wladimir J. van der Laan
in CreateSig b81a1860561ccbda3cd6913f54e49fdc91c7718c GetPubKey: make sigdata const (Gregory Sanders) f7beb95a1f921ed292680fbd2f042b4bac73bf59 remove redundant KeyOriginInfo access, already done in CreateSig (Gregory Sanders) Pull request description: This redundancy is confusing as it looks like pubkeyhashes are special in some way based on where it's called. Tree-SHA512: a980b7c774c6d69322945227a2b156489fb1991ebf57fe6f26096d5f8047f246a133debc241b05af67810f604b040079add3ab3d30d9e2928095905a2afe17eb
2018-11-15Merge #13815: util: Add [[nodiscard]] to all {Decode,Parse}[...](...) ↵MarcoFalke
functions returning bool 9cc0230cfc Add NODISCARD to all {Decode,Parse}[...](...) functions returning bool. Sort includes. (practicalswift) 579497e77a tests: Explicitly ignore the return value of DecodeBase58(...) (practicalswift) 145fe95ec7 tests: Check return value of ParseParameters(...) (practicalswift) 7c5bc2a523 miner: Default to DEFAULT_BLOCK_MIN_TX_FEE if unable to parse -blockmintxfee (practicalswift) Pull request description: Changes in this PR: * ~~Add linter to make sure the return value of `Parse[...](...)` is checked~~ * Add `__attribute__((warn_unused_result))` to all `{Decode,Parse}[...](...)` functions returning `bool` * Fix violations Context: * #13712: `wallet: Fix non-determinism in ParseHDKeypath(...). Avoid using an uninitialized variable in path calculation.` would have been prevented by this Tree-SHA512: 41a97899f2d5a26584235fa02b1ebfb4faacd81ea97e927022955a658fa7e15d07a1443b4b7635151a43259a1adf8f2f4de3c1c75d7b5f09f0d5496463a1dae6
2018-11-13GetPubKey: make sigdata constGregory Sanders
2018-11-13Merge #14690: Throw error if CPubKey is invalid during PSBT keypath ↵Wladimir J. van der Laan
serialization 4e4de10f69d5d705256cadfb15d76314dff16e77 Throw error if CPubKey is invalid during PSBT keypath serialization (Gregory Sanders) Pull request description: Related to https://github.com/bitcoin/bitcoin/pull/14689 We should catch this error before attempting to deserialize it later. Tree-SHA512: d2f3ea7f363818ac70c81ee988231b2bb50d055b6919f7bff3f27120c85a7048bfa183efae33e23e6b81d684bcb8bb81e5b209abb3acbcaff1d88014f4f1aa93
2018-11-12remove redundant KeyOriginInfo access, already done in CreateSigGregory Sanders
2018-11-09Merge #14689: Require a public key to be retrieved when signing a P2PKH inputPieter Wuille
6b8d86ddb8 Require a public key to be retrieved when signing a P2PKH input (Andrew Chow) Pull request description: If we do not have the public key for a P2PKH input, we should not continue to attempt to sign for it. This fixes a problem where a PSBT with a P2PKH output would include invalid BIP 32 derivation paths that are missing the public key. Tree-SHA512: 850d5e74c06833da937d5bf0348bd134180be7167b6f9b9cecbf09f75e3543fbad60d0abbc0b9afdfa51ce165aa36168849f24a7c5abf1e75f37ce8f9a13d127
2018-11-09Merge #14588: Refactor PSBT signing logic to enforce invariant and fix ↵Pieter Wuille
signing bug e13fea975d Add regression test for PSBT signing bug #14473 (Glenn Willen) 565500508a Refactor PSBTInput signing to enforce invariant (Glenn Willen) 0f5bda2bd9 Simplify arguments to SignPSBTInput (Glenn Willen) 53e6fffb8f Add bool PSBTInputSigned (Glenn Willen) 65166d4cf8 New PartiallySignedTransaction constructor from CTransction (Glenn Willen) 4f3f5cb4b1 Remove redundant txConst parameter to FillPSBT (Glenn Willen) fe5d22bc67 More concise conversion of CDataStream to string (Glenn Willen) Pull request description: As discussed in the comments on #14473, I think that bug was caused primarily by failure to adhere to the invariant that a PSBTInput always has exactly one of the two utxo fields present -- an invariant that is already enforced by PSBTInput::IsSane, but which we were temporarily suspending during signing. This refactor repairs the invariant, also fixing the bug. It also simplifies some other code, and removes redundant parameters from some related functions. fixes #14473 Tree-SHA512: cbad3428175e30f9b7bac3f600668dd1a8f9acde16b915d27a940a2fa6d5149d4fbe236d5808fd590fb20a032274c99e8cac34bef17f79a53fdf69a5948c0fd0
2018-11-08Throw error if CPubKey is invalid during PSBT keypath serializationGregory Sanders
2018-11-08Require a public key to be retrieved when signing a P2PKH inputAndrew Chow
If we do not have the public key for a P2PKH input, we should not continue to attempt to sign for it.
2018-11-07Merge #14636: Avoid using numeric_limits for sequence numbers and lock timesMarcoFalke
535203075e Avoid using numeric_limits for sequence numbers and lock times (Russell Yanofsky) bafb921507 Remove duplicated code (Hennadii Stepanov) e4dc39b3bc Replace platform dependent type with proper const (Hennadii Stepanov) Pull request description: Switches to named constants, because numeric_limits calls can be harder to read and less portable. Change was suggested by jamesob in https://github.com/bitcoin/bitcoin/pull/10973#discussion_r213473620 There are no changes in behavior except on some platforms we don't support (ILP64, IP16L32, I16LP32), where `SignalsOptInRBF` and `MutateTxAddInput` functions would now work correctly. Tree-SHA512: 3f5c6393c260551f65a0edfba55ef7eb3625232eec8d85b1457f26e144aa0b90c7ef5f44b2fd2f7d9be3c3bcb301030a9f5473c21b3bac566cc59b8c8780737c
2018-11-05Add NODISCARD to all {Decode,Parse}[...](...) functions returning bool. Sort ↵practicalswift
includes.
2018-11-04scripted-diff: Move util files to separate directory.Jim Posen
-BEGIN VERIFY SCRIPT- mkdir -p src/util git mv src/util.h src/util/system.h git mv src/util.cpp src/util/system.cpp git mv src/utilmemory.h src/util/memory.h git mv src/utilmoneystr.h src/util/moneystr.h git mv src/utilmoneystr.cpp src/util/moneystr.cpp git mv src/utilstrencodings.h src/util/strencodings.h git mv src/utilstrencodings.cpp src/util/strencodings.cpp git mv src/utiltime.h src/util/time.h git mv src/utiltime.cpp src/util/time.cpp sed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h sed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h sed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h sed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h sed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h sed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am sed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am sed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am sed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am sed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am sed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh sed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh sed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh sed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh sed -i 's/src\\utilstrencodings\.cpp/src\\util\\strencodings\.cpp/' build_msvc/libbitcoinconsensus/libbitcoinconsensus.vcxproj -END VERIFY SCRIPT-
2018-11-01Refactor PSBTInput signing to enforce invariantGlenn Willen
Refactor the process of PSBTInput signing to enforce the invariant that a PSBTInput always has _either_ a witness_utxo or a non_witness_utxo, never both. This simplifies the logic of SignPSBTInput slightly, since it no longer has to deal with the "both" case. When calling it, we now give it, in order of preference: (1) whichever of the utxo fields was already present in the PSBT we received, or (2) if neither, the non_witness_utxo field, which is just a copy of the input transaction, which we get from the wallet. SignPSBTInput no longer has to remove one of the two fields; instead, it will check if we have a witness signature, and if so, it will replace the non_witness_utxo with the witness_utxo (which is smaller, as it is just a copy of the output being spent.) Add PSBTInput::IsSane checks in two more places, which checks for both utxo fields being present; we will now give an RPC error early on if we are supplied such a malformed PSBT to fill in. Also add a check to FillPSBT, to avoid touching any input that is already signed. (This is now redundant, since we should no longer potentially harm an already-signed input, but it's harmless.) fixes #14473
2018-11-01Simplify arguments to SignPSBTInputGlenn Willen
Remove redundant arguments to SignPSBTInput -- since it needs several bits of the PartiallySignedTransaction, pass in a reference instead of doing it piecemeal. This saves us having to pass in both a PSBTInput and its index, as well as having to pass in the CTransaction. Also avoid redundantly passing the sighash_type, which is contained in the PSBTInput already.
2018-11-01Add bool PSBTInputSignedGlenn Willen
Refactor out a "PSBTInputSigned" function to check if a PSBT is signed, for use in subsequent commits. Also improve a related comment.
2018-11-01New PartiallySignedTransaction constructor from CTransctionGlenn Willen
New constructor that creates a PartiallySignedTransaction from a CTransaction, automatically sizing the inputs and outputs vectors for convenience.
2018-11-01Avoid using numeric_limits for sequence numbers and lock timesRussell Yanofsky
Switches to named constants, because numeric_limits calls can be harder to read and less portable. Change was suggested by James O'Beirne <james.obeirne@gmail.com> in https://github.com/bitcoin/bitcoin/pull/10973#discussion_r213473620 There are no changes in behavior except on some platforms we don't support (ILP64, IP16L32, I16LP32), where SignalsOptInRBF() and MutateTxAddInput() functions would now work correctly.
2018-11-01Merge #14377: check that a separator is found for psbt inputs, outputs, and ↵Wladimir J. van der Laan
global map 4fb3388db95f408566e43ebb9736842cfbff0a7d check that a separator is found for psbt inputs, outputs, and global map (Andrew Chow) Pull request description: Currently it doesn't make sure that a separator was found so PSBTs missing a trailing separator would still pass. This fixes that and adds a test case for it. It really only makes sense to check for the separator for the output maps as if an input or global map was missing a separator, the fields following it would be interpreted as belonging to the previous input or global map. However I have added the check for those two anyways to be consistent. Tree-SHA512: 50c0c08e201ba02494b369a4d36ddb73e6634eb5a4e4e201c4ef38fd2dbeea2c642b8a04d50c91615da61ecbfade37309e47431368f4b1064539c42015766b50
2018-11-01Merge #14197: [psbt] Convert non-witness UTXOs to witness if witness sig createdWladimir J. van der Laan
862d159d635c1de219d94e030b186a745fe28eb9 Add test for conversion from non-witness to witness UTXO (Pieter Wuille) f8c1714634445542a16ac01d128d8ad2b2810e19 Convert non-witness UTXOs to witness if witness sig created (Andrew Chow) Pull request description: If a witness signature was created when a non-witness UTXO is used, convert the non-witness UTXO to a witness one. Port of #14196 to master. Tree-SHA512: 2235eeb008ffa48e821628032d689e4a83bff6c29b93fa050ab2ee492b0e67b3a30f29a680d4a0e574e05c3a2f9edf0005e161fbe25b7aef2acd034a2424e2f2
2018-10-26Add tests for InferDescriptor and Descriptor::IsSolvablePieter Wuille
2018-10-26Add Descriptor::IsSolvable() to distinguish addr/raw from othersPieter Wuille
2018-10-26Add support for inferring descriptors from scriptsPieter Wuille
2018-10-20Add key origin support to descriptorsPieter Wuille
2018-10-07Stop requiring imported pubkey to sign non-PKH schemesPieter Wuille
2018-10-03check that a separator is found for psbt inputs, outputs, and global mapAndrew Chow
2018-09-26doxygen: Fix member commentsMarcoFalke
2018-09-22Convert non-witness UTXOs to witness if witness sig createdAndrew Chow
If a witness signature was created when a non-witness UTXO is used, convert the non-witness UTXO to a witness one.
2018-09-11Merge #13558: Drop unused GetType() from CSizeComputerWladimir J. van der Laan
893628be0166b4096b6e52f516e0f65bb63a75a2 Drop minor GetSerializeSize template (Ben Woosley) da74db0940720407fafaf3582bbaf9c81a4d3b4d Drop unused GetType() from CSizeComputer (Ben Woosley) Pull request description: Based on conversation in #13462, it seems the serialization `GetType` has very narrow use/effect. In every case except for `CAddress`, which specifically relates to a network peer's address, not a wallet address etc., the serialized representation of an object is irrespective of its destination / type. This removes the unused `GetType` method from `CSizeComputer` as a step to further narrowing that use. Tree-SHA512: e72b8e9e5160396691e05aeaee3aba5a57935a75bd5005cfcc7fb51c936f3d1728a397f999da5c36696506dd815fafa5c738f3894df8864f25f91f639eba9c3d
2018-09-11Drop minor GetSerializeSize templateBen Woosley
Now that `GetType()` is not propagated, the benefits are not worth the code.
2018-09-11Drop unused GetType() from CSizeComputerBen Woosley
2018-09-06Merge #14096: Add reference documentation for descriptors languageWladimir J. van der Laan
2b5d6f8df24b381d35b75187c97ae0cc9f7c3ed0 Replace duplcate reference with reference to reference doc (Pieter Wuille) 89709db7a2710456011eac9dcd6a60d5e87b97ae Adjust TODO link (Pieter Wuille) 9254ffcf2d910ecb0f9ecbeef6d40a2008a44870 Add descriptor reference documentation (Pieter Wuille) Pull request description: Tree-SHA512: 1ca0d537f9bcbb23266e9a4a02a60013ef8309958fb701f638283887585b5ddea6bc9dab859454ec3a373b1a12a4fd69836e7030417bb2ca43fef26b104c0d65
2018-09-05Replace duplcate reference with reference to reference docPieter Wuille
2018-09-04Fix typos reported by codespellpracticalswift
2018-08-28Merge #13723: PSBT key path cleanupsWladimir J. van der Laan
917353c8b0eff4cd95f9a5f7719f6756bb8338b1 Make SignPSBTInput operate on a private SignatureData object (Pieter Wuille) cad5dd2368109ec398a3b79c8b9e94dfd23f0845 Pass HD path data through SignatureData (Pieter Wuille) 03a99586a398ee38f40c3b72d24c6a2ba4b88579 Implement key origin lookup in CWallet (Pieter Wuille) 3b01efa0d1bf3d23d1b7b7e518849f1fc26314f9 [MOVEONLY] Move ParseHDKeypath to utilstrencodings (Pieter Wuille) 81e1dd5ce1a32114a38691ec6b55e72ab04dbbb1 Generalize PublicOnlySigningProvider into HidingSigningProvider (Pieter Wuille) 84f1f1bfdf900cd28099e428441aa42f9d11a0ed Make SigningProvider expose key origin information (Pieter Wuille) 611ab307fbd8b6f8f7ffc1d569bb86d1f9cb4e92 Introduce KeyOriginInfo for fingerprint + path (Pieter Wuille) Pull request description: This PR adds "key origin" (master fingeprint + key path) information to what is exposed from `SigningProvider`s, allowing this information to be used by the generic PSBT code instead of having the RPC pull it directly from the wallet. This is also a preparation to having PSBT interact with output descriptors, which can then directly expose key origin information for the scripts they generate. Tree-SHA512: c718382ba8ba2d6fc9a32c062bd4cff08b6f39b133838aa03115c39aeca0f654c7cc3ec72d87005bf8306e550824cd8eb9d60f0bd41784a3e22e17b2afcfe833
2018-08-25Merge #13429: Return the script type from SolverWladimir J. van der Laan
984d72ec659361d8c1a6f3c6864e839a807817a7 Return the script type from Solver (Ben Woosley) Pull request description: Because false is synonymous with TX_NONSTANDARD, this conveys the same information and makes the handling explicitly based on script type, simplifying each call site. Prior to this change it was common for the return value to be ignored, or for the return value and TX_NONSTANDARD to be redundantly handled. Tree-SHA512: 31864f856b8cb75f4b782d12678070e8b1cfe9665c6f57cfb25e7ac8bcea8a22f9a78d7c8cf0101c841f2a612400666fb91798bffe88de856e98b873703b0965
2018-08-14Merge #13917: Additional safety checks in PSBT signerWladimir J. van der Laan
5df6f089b53c5b5859e5a3454c026447e4752f82 More tests of signer checks (Andrew Chow) 7c8bffdc24e005c3044a9a80bbc227b2a39b8605 Test that a non-witness script as witness utxo is not signed (Andrew Chow) 8254e9950f67d750c7f5905bfdef526d825965ed Additional sanity checks in SignPSBTInput (Pieter Wuille) c05712cb590c8c76729a71d75a290c67ae9e3c06 Only wipe wrong UTXO type data if overwritten by wallet (Pieter Wuille) Pull request description: The current PSBT signing code can end up producing a non-segwit signature, while only the UTXO being spent is provided in the PSBT (as opposed to the entire transaction being spent). This may be used to trick a user to incorrectly decide a transaction has the semantics he intends to sign. Fix this by refusing to sign if there is any mismatch between the provided data and what is being signed. Tree-SHA512: b55790d79d8166e05513fc4c603a982a33710e79dc3c045060cddac6b48a1be3a28ebf8db63f988b6567b15dd27fd09bbaf48846e323c8635376ac20178956f4