Branch data Line data Source code
1 : : // Copyright (c) 2019-2022 The Bitcoin Core developers
2 : : // Distributed under the MIT software license, see the accompanying
3 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 : :
5 : : #ifndef BITCOIN_WALLET_SCRIPTPUBKEYMAN_H
6 : : #define BITCOIN_WALLET_SCRIPTPUBKEYMAN_H
7 : :
8 : : #include <addresstype.h>
9 : : #include <common/messages.h>
10 : : #include <common/signmessage.h>
11 : : #include <common/types.h>
12 : : #include <logging.h>
13 : : #include <node/types.h>
14 : : #include <psbt.h>
15 : : #include <script/descriptor.h>
16 : : #include <script/script.h>
17 : : #include <script/signingprovider.h>
18 : : #include <util/result.h>
19 : : #include <util/time.h>
20 : : #include <wallet/crypter.h>
21 : : #include <wallet/types.h>
22 : : #include <wallet/walletdb.h>
23 : : #include <wallet/walletutil.h>
24 : :
25 : : #include <boost/signals2/signal.hpp>
26 : :
27 : : #include <functional>
28 : : #include <optional>
29 : : #include <unordered_map>
30 : :
31 : : enum class OutputType;
32 : :
33 : : namespace wallet {
34 : : struct MigrationData;
35 : : class ScriptPubKeyMan;
36 : :
37 : : // Wallet storage things that ScriptPubKeyMans need in order to be able to store things to the wallet database.
38 : : // It provides access to things that are part of the entire wallet and not specific to a ScriptPubKeyMan such as
39 : : // wallet flags, wallet version, encryption keys, encryption status, and the database itself. This allows a
40 : : // ScriptPubKeyMan to have callbacks into CWallet without causing a circular dependency.
41 : : // WalletStorage should be the same for all ScriptPubKeyMans of a wallet.
42 [ + - ]: 913 : class WalletStorage
43 : : {
44 : : public:
45 : 913 : virtual ~WalletStorage() = default;
46 : : virtual std::string GetDisplayName() const = 0;
47 : : virtual WalletDatabase& GetDatabase() const = 0;
48 : : virtual bool IsWalletFlagSet(uint64_t) const = 0;
49 : : virtual void UnsetBlankWalletFlag(WalletBatch&) = 0;
50 : : virtual bool CanSupportFeature(enum WalletFeature) const = 0;
51 : : virtual void SetMinVersion(enum WalletFeature, WalletBatch* = nullptr) = 0;
52 : : //! Pass the encryption key to cb().
53 : : virtual bool WithEncryptionKey(std::function<bool (const CKeyingMaterial&)> cb) const = 0;
54 : : virtual bool HasEncryptionKeys() const = 0;
55 : : virtual bool IsLocked() const = 0;
56 : : //! Callback function for after TopUp completes containing any scripts that were added by a SPKMan
57 : : virtual void TopUpCallback(const std::set<CScript>&, ScriptPubKeyMan*) = 0;
58 : : };
59 : :
60 : : //! Constant representing an unknown spkm creation time
61 : : static constexpr int64_t UNKNOWN_TIME = std::numeric_limits<int64_t>::max();
62 : :
63 : : //! Default for -keypool
64 : : static const unsigned int DEFAULT_KEYPOOL_SIZE = 1000;
65 : :
66 : : std::vector<CKeyID> GetAffectedKeys(const CScript& spk, const SigningProvider& provider);
67 : :
68 : : /** A key from a CWallet's keypool
69 : : *
70 : : * The wallet holds one (for pre HD-split wallets) or several keypools. These
71 : : * are sets of keys that have not yet been used to provide addresses or receive
72 : : * change.
73 : : *
74 : : * The Bitcoin Core wallet was originally a collection of unrelated private
75 : : * keys with their associated addresses. If a non-HD wallet generated a
76 : : * key/address, gave that address out and then restored a backup from before
77 : : * that key's generation, then any funds sent to that address would be
78 : : * lost definitively.
79 : : *
80 : : * The keypool was implemented to avoid this scenario (commit: 10384941). The
81 : : * wallet would generate a set of keys (100 by default). When a new public key
82 : : * was required, either to give out as an address or to use in a change output,
83 : : * it would be drawn from the keypool. The keypool would then be topped up to
84 : : * maintain 100 keys. This ensured that as long as the wallet hadn't used more
85 : : * than 100 keys since the previous backup, all funds would be safe, since a
86 : : * restored wallet would be able to scan for all owned addresses.
87 : : *
88 : : * A keypool also allowed encrypted wallets to give out addresses without
89 : : * having to be decrypted to generate a new private key.
90 : : *
91 : : * With the introduction of HD wallets (commit: f1902510), the keypool
92 : : * essentially became an address look-ahead pool. Restoring old backups can no
93 : : * longer definitively lose funds as long as the addresses used were from the
94 : : * wallet's HD seed (since all private keys can be rederived from the seed).
95 : : * However, if many addresses were used since the backup, then the wallet may
96 : : * not know how far ahead in the HD chain to look for its addresses. The
97 : : * keypool is used to implement a 'gap limit'. The keypool maintains a set of
98 : : * keys (by default 1000) ahead of the last used key and scans for the
99 : : * addresses of those keys. This avoids the risk of not seeing transactions
100 : : * involving the wallet's addresses, or of re-using the same address.
101 : : * In the unlikely case where none of the addresses in the `gap limit` are
102 : : * used on-chain, the look-ahead will not be incremented to keep
103 : : * a constant size and addresses beyond this range will not be detected by an
104 : : * old backup. For this reason, it is not recommended to decrease keypool size
105 : : * lower than default value.
106 : : *
107 : : * The HD-split wallet feature added a second keypool (commit: 02592f4c). There
108 : : * is an external keypool (for addresses to hand out) and an internal keypool
109 : : * (for change addresses).
110 : : *
111 : : * Keypool keys are stored in the wallet/keystore's keymap. The keypool data is
112 : : * stored as sets of indexes in the wallet (setInternalKeyPool,
113 : : * setExternalKeyPool and set_pre_split_keypool), and a map from the key to the
114 : : * index (m_pool_key_to_index). The CKeyPool object is used to
115 : : * serialize/deserialize the pool data to/from the database.
116 : : */
117 : : class CKeyPool
118 : : {
119 : : public:
120 : : //! The time at which the key was generated. Set in AddKeypoolPubKeyWithDB
121 : : int64_t nTime;
122 : : //! The public key
123 : : CPubKey vchPubKey;
124 : : //! Whether this keypool entry is in the internal keypool (for change outputs)
125 : : bool fInternal;
126 : : //! Whether this key was generated for a keypool before the wallet was upgraded to HD-split
127 : : bool m_pre_split;
128 : :
129 : : CKeyPool();
130 : : CKeyPool(const CPubKey& vchPubKeyIn, bool internalIn);
131 : :
132 : : template<typename Stream>
133 : 2004 : void Serialize(Stream& s) const
134 : : {
135 : 2004 : s << int{259900}; // Unused field, writes the highest client version ever written
136 : 2004 : s << nTime << vchPubKey << fInternal << m_pre_split;
137 : 2004 : }
138 : :
139 : : template<typename Stream>
140 : 4038 : void Unserialize(Stream& s)
141 : : {
142 : 4038 : s >> int{}; // Discard unused field
143 : 4038 : s >> nTime >> vchPubKey;
144 : : try {
145 [ + - ]: 4038 : s >> fInternal;
146 [ - - ]: 0 : } catch (std::ios_base::failure&) {
147 : : /* flag as external address if we can't read the internal boolean
148 : : (this will be the case for any wallet before the HD chain split version) */
149 : 0 : fInternal = false;
150 : : }
151 : : try {
152 [ + - ]: 4038 : s >> m_pre_split;
153 [ - - ]: 0 : } catch (std::ios_base::failure&) {
154 : : /* flag as postsplit address if we can't read the m_pre_split boolean
155 : : (this will be the case for any wallet that upgrades to HD chain split) */
156 : 0 : m_pre_split = false;
157 : : }
158 : 4038 : }
159 : : };
160 : :
161 : 91573 : struct WalletDestination
162 : : {
163 : : CTxDestination dest;
164 : : std::optional<bool> internal;
165 : : };
166 : :
167 : : /*
168 : : * A class implementing ScriptPubKeyMan manages some (or all) scriptPubKeys used in a wallet.
169 : : * It contains the scripts and keys related to the scriptPubKeys it manages.
170 : : * A ScriptPubKeyMan will be able to give out scriptPubKeys to be used, as well as marking
171 : : * when a scriptPubKey has been used. It also handles when and how to store a scriptPubKey
172 : : * and its related scripts and keys, including encryption.
173 : : */
174 : : class ScriptPubKeyMan
175 : : {
176 : : protected:
177 : : WalletStorage& m_storage;
178 : :
179 : : public:
180 [ + - + - ]: 5901 : explicit ScriptPubKeyMan(WalletStorage& storage) : m_storage(storage) {}
181 : 5901 : virtual ~ScriptPubKeyMan() = default;
182 [ # # ]: 0 : virtual util::Result<CTxDestination> GetNewDestination(const OutputType type) { return util::Error{Untranslated("Not supported")}; }
183 : 0 : virtual isminetype IsMine(const CScript& script) const { return ISMINE_NO; }
184 : :
185 : : //! Check that the given decryption key is valid for this ScriptPubKeyMan, i.e. it decrypts all of the keys handled by it.
186 : 0 : virtual bool CheckDecryptionKey(const CKeyingMaterial& master_key) { return false; }
187 : 0 : virtual bool Encrypt(const CKeyingMaterial& master_key, WalletBatch* batch) { return false; }
188 : :
189 [ # # ]: 0 : virtual util::Result<CTxDestination> GetReservedDestination(const OutputType type, bool internal, int64_t& index, CKeyPool& keypool) { return util::Error{Untranslated("Not supported")}; }
190 : 1810 : virtual void KeepDestination(int64_t index, const OutputType& type) {}
191 : 0 : virtual void ReturnDestination(int64_t index, bool internal, const CTxDestination& addr) {}
192 : :
193 : : /** Fills internal address pool. Use within ScriptPubKeyMan implementations should be used sparingly and only
194 : : * when something from the address pool is removed, excluding GetNewDestination and GetReservedDestination.
195 : : * External wallet code is primarily responsible for topping up prior to fetching new addresses
196 : : */
197 : 26 : virtual bool TopUp(unsigned int size = 0) { return false; }
198 : :
199 : : /** Mark unused addresses as being used
200 : : * Affects all keys up to and including the one determined by provided script.
201 : : *
202 : : * @param script determines the last key to mark as used
203 : : *
204 : : * @return All of the addresses affected
205 : : */
206 : 0 : virtual std::vector<WalletDestination> MarkUnusedAddresses(const CScript& script) { return {}; }
207 : :
208 : : /** Sets up the key generation stuff, i.e. generates new HD seeds and sets them as active.
209 : : * Returns false if already setup or setup fails, true if setup is successful
210 : : * Set force=true to make it re-setup if already setup, used for upgrades
211 : : */
212 : 0 : virtual bool SetupGeneration(bool force = false) { return false; }
213 : :
214 : : /* Returns true if HD is enabled */
215 : 0 : virtual bool IsHDEnabled() const { return false; }
216 : :
217 : : /* Returns true if the wallet can give out new addresses. This means it has keys in the keypool or can generate new keys */
218 : 0 : virtual bool CanGetAddresses(bool internal = false) const { return false; }
219 : :
220 : : /** Upgrades the wallet to the specified version */
221 : 0 : virtual bool Upgrade(int prev_version, int new_version, bilingual_str& error) { return true; }
222 : :
223 : 2 : virtual bool HavePrivateKeys() const { return false; }
224 : 0 : virtual bool HaveCryptedKeys() const { return false; }
225 : :
226 : : //! The action to do when the DB needs rewrite
227 : 0 : virtual void RewriteDB() {}
228 : :
229 : 0 : virtual std::optional<int64_t> GetOldestKeyPoolTime() const { return GetTime(); }
230 : :
231 : 26 : virtual unsigned int GetKeyPoolSize() const { return 0; }
232 : :
233 : 52 : virtual int64_t GetTimeFirstKey() const { return 0; }
234 : :
235 : 0 : virtual std::unique_ptr<CKeyMetadata> GetMetadata(const CTxDestination& dest) const { return nullptr; }
236 : :
237 : 0 : virtual std::unique_ptr<SigningProvider> GetSolvingProvider(const CScript& script) const { return nullptr; }
238 : :
239 : : /** Whether this ScriptPubKeyMan can provide a SigningProvider (via GetSolvingProvider) that, combined with
240 : : * sigdata, can produce solving data.
241 : : */
242 : 0 : virtual bool CanProvide(const CScript& script, SignatureData& sigdata) { return false; }
243 : :
244 : : /** Creates new signatures and adds them to the transaction. Returns whether all inputs were signed */
245 : 0 : virtual bool SignTransaction(CMutableTransaction& tx, const std::map<COutPoint, Coin>& coins, int sighash, std::map<int, bilingual_str>& input_errors) const { return false; }
246 : : /** Sign a message with the given script */
247 : 0 : virtual SigningResult SignMessage(const std::string& message, const PKHash& pkhash, std::string& str_sig) const { return SigningResult::SIGNING_FAILED; };
248 : : /** Adds script and derivation path information to a PSBT, and optionally signs it. */
249 : 0 : virtual std::optional<common::PSBTError> FillPSBT(PartiallySignedTransaction& psbt, const PrecomputedTransactionData& txdata, int sighash_type = SIGHASH_DEFAULT, bool sign = true, bool bip32derivs = false, int* n_signed = nullptr, bool finalize = true) const { return common::PSBTError::UNSUPPORTED; }
250 : :
251 : 0 : virtual uint256 GetID() const { return uint256(); }
252 : :
253 : : /** Returns a set of all the scriptPubKeys that this ScriptPubKeyMan watches */
254 : 0 : virtual std::unordered_set<CScript, SaltedSipHasher> GetScriptPubKeys() const { return {}; };
255 : :
256 : : /** Prepends the wallet name in logging output to ease debugging in multi-wallet use cases */
257 : : template <typename... Params>
258 : 533 : void WalletLogPrintf(util::ConstevalFormatString<sizeof...(Params)> wallet_fmt, const Params&... params) const
259 : : {
260 [ + - + - ]: 1066 : LogInfo("%s %s", m_storage.GetDisplayName(), tfm::format(wallet_fmt, params...));
261 : 533 : };
262 : :
263 : : /** Watch-only address added */
264 : : boost::signals2::signal<void (bool fHaveWatchOnly)> NotifyWatchonlyChanged;
265 : :
266 : : /** Keypool has new keys */
267 : : boost::signals2::signal<void ()> NotifyCanGetAddressesChanged;
268 : :
269 : : /** Birth time changed */
270 : : boost::signals2::signal<void (const ScriptPubKeyMan* spkm, int64_t new_birth_time)> NotifyFirstKeyTimeChanged;
271 : : };
272 : :
273 : : /** OutputTypes supported by the LegacyScriptPubKeyMan */
274 : : static const std::unordered_set<OutputType> LEGACY_OUTPUT_TYPES {
275 : : OutputType::LEGACY,
276 : : OutputType::P2SH_SEGWIT,
277 : : OutputType::BECH32,
278 : : };
279 : :
280 : : class DescriptorScriptPubKeyMan;
281 : :
282 : : // Manages the data for a LegacyScriptPubKeyMan.
283 : : // This is the minimum necessary to load a legacy wallet so that it can be migrated.
284 : : class LegacyDataSPKM : public ScriptPubKeyMan, public FillableSigningProvider
285 : : {
286 : : protected:
287 : : using WatchOnlySet = std::set<CScript>;
288 : : using WatchKeyMap = std::map<CKeyID, CPubKey>;
289 : : using CryptedKeyMap = std::map<CKeyID, std::pair<CPubKey, std::vector<unsigned char>>>;
290 : :
291 : : CryptedKeyMap mapCryptedKeys GUARDED_BY(cs_KeyStore);
292 : : WatchOnlySet setWatchOnly GUARDED_BY(cs_KeyStore);
293 : : WatchKeyMap mapWatchKeys GUARDED_BY(cs_KeyStore);
294 : :
295 : : /* the HD chain data model (external chain counters) */
296 : : CHDChain m_hd_chain;
297 : : std::unordered_map<CKeyID, CHDChain, SaltedSipHasher> m_inactive_hd_chains;
298 : :
299 : : //! keeps track of whether Unlock has run a thorough check before
300 : : bool fDecryptionThoroughlyChecked = true;
301 : :
302 : : bool AddWatchOnlyInMem(const CScript &dest);
303 : : virtual bool AddKeyPubKeyInner(const CKey& key, const CPubKey &pubkey);
304 : : bool AddCryptedKeyInner(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret);
305 : :
306 : : public:
307 : : using ScriptPubKeyMan::ScriptPubKeyMan;
308 : :
309 : : // Map from Key ID to key metadata.
310 : : std::map<CKeyID, CKeyMetadata> mapKeyMetadata GUARDED_BY(cs_KeyStore);
311 : :
312 : : // Map from Script ID to key metadata (for watch-only keys).
313 : : std::map<CScriptID, CKeyMetadata> m_script_metadata GUARDED_BY(cs_KeyStore);
314 : :
315 : : // ScriptPubKeyMan overrides
316 : : bool CheckDecryptionKey(const CKeyingMaterial& master_key) override;
317 : : std::unordered_set<CScript, SaltedSipHasher> GetScriptPubKeys() const override;
318 : : std::unique_ptr<SigningProvider> GetSolvingProvider(const CScript& script) const override;
319 : 48 : uint256 GetID() const override { return uint256::ONE; }
320 : : // TODO: Remove IsMine when deleting LegacyScriptPubKeyMan
321 : : isminetype IsMine(const CScript& script) const override;
322 : :
323 : : // FillableSigningProvider overrides
324 : : bool HaveKey(const CKeyID &address) const override;
325 : : bool GetKey(const CKeyID &address, CKey& keyOut) const override;
326 : : bool GetPubKey(const CKeyID &address, CPubKey& vchPubKeyOut) const override;
327 : : bool GetKeyOrigin(const CKeyID& keyid, KeyOriginInfo& info) const override;
328 : :
329 : : std::set<int64_t> setInternalKeyPool GUARDED_BY(cs_KeyStore);
330 : : std::set<int64_t> setExternalKeyPool GUARDED_BY(cs_KeyStore);
331 : : std::set<int64_t> set_pre_split_keypool GUARDED_BY(cs_KeyStore);
332 : : int64_t m_max_keypool_index GUARDED_BY(cs_KeyStore) = 0;
333 : : std::map<CKeyID, int64_t> m_pool_key_to_index;
334 : :
335 : : //! Load metadata (used by LoadWallet)
336 : : virtual void LoadKeyMetadata(const CKeyID& keyID, const CKeyMetadata &metadata);
337 : : virtual void LoadScriptMetadata(const CScriptID& script_id, const CKeyMetadata &metadata);
338 : :
339 : : //! Adds a watch-only address to the store, without saving it to disk (used by LoadWallet)
340 : : bool LoadWatchOnly(const CScript &dest);
341 : : //! Returns whether the watch-only script is in the wallet
342 : : bool HaveWatchOnly(const CScript &dest) const;
343 : : //! Returns whether there are any watch-only things in the wallet
344 : : bool HaveWatchOnly() const;
345 : : //! Adds a key to the store, without saving it to disk (used by LoadWallet)
346 : : bool LoadKey(const CKey& key, const CPubKey &pubkey);
347 : : //! Adds an encrypted key to the store, without saving it to disk (used by LoadWallet)
348 : : bool LoadCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret, bool checksum_valid);
349 : : //! Adds a CScript to the store
350 : : bool LoadCScript(const CScript& redeemScript);
351 : : //! Load a HD chain model (used by LoadWallet)
352 : : void LoadHDChain(const CHDChain& chain);
353 : : void AddInactiveHDChain(const CHDChain& chain);
354 : : const CHDChain& GetHDChain() const { return m_hd_chain; }
355 : : //! Load a keypool entry
356 : : void LoadKeyPool(int64_t nIndex, const CKeyPool &keypool);
357 : :
358 : : //! Fetches a pubkey from mapWatchKeys if it exists there
359 : : bool GetWatchPubKey(const CKeyID &address, CPubKey &pubkey_out) const;
360 : :
361 : : /**
362 : : * Retrieves scripts that were imported by bugs into the legacy spkm and are
363 : : * simply invalid, such as a sh(sh(pkh())) script, or not watched.
364 : : */
365 : : std::unordered_set<CScript, SaltedSipHasher> GetNotMineScriptPubKeys() const;
366 : :
367 : : /** Get the DescriptorScriptPubKeyMans (with private keys) that have the same scriptPubKeys as this LegacyScriptPubKeyMan.
368 : : * Does not modify this ScriptPubKeyMan. */
369 : : std::optional<MigrationData> MigrateToDescriptor();
370 : : /** Delete all the records of this LegacyScriptPubKeyMan from disk*/
371 : : bool DeleteRecords();
372 : : bool DeleteRecordsWithDB(WalletBatch& batch);
373 : : };
374 : :
375 : : // Implements the full legacy wallet behavior
376 : : class LegacyScriptPubKeyMan : public LegacyDataSPKM
377 : : {
378 : : private:
379 : : WalletBatch *encrypted_batch GUARDED_BY(cs_KeyStore) = nullptr;
380 : :
381 : : // By default, do not scan any block until keys/scripts are generated/imported
382 : : int64_t nTimeFirstKey GUARDED_BY(cs_KeyStore) = UNKNOWN_TIME;
383 : :
384 : : //! Number of pre-generated keys/scripts (part of the look-ahead process, used to detect payments)
385 : : int64_t m_keypool_size GUARDED_BY(cs_KeyStore){DEFAULT_KEYPOOL_SIZE};
386 : :
387 : : bool AddKeyPubKeyInner(const CKey& key, const CPubKey &pubkey) override;
388 : :
389 : : /**
390 : : * Private version of AddWatchOnly method which does not accept a
391 : : * timestamp, and which will reset the wallet's nTimeFirstKey value to 1 if
392 : : * the watch key did not previously have a timestamp associated with it.
393 : : * Because this is an inherited virtual method, it is accessible despite
394 : : * being marked private, but it is marked private anyway to encourage use
395 : : * of the other AddWatchOnly which accepts a timestamp and sets
396 : : * nTimeFirstKey more intelligently for more efficient rescans.
397 : : */
398 : : bool AddWatchOnly(const CScript& dest) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
399 : : bool AddWatchOnlyWithDB(WalletBatch &batch, const CScript& dest) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
400 : : //! Adds a watch-only address to the store, and saves it to disk.
401 : : bool AddWatchOnlyWithDB(WalletBatch &batch, const CScript& dest, int64_t create_time) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
402 : :
403 : : //! Adds a key to the store, and saves it to disk.
404 : : bool AddKeyPubKeyWithDB(WalletBatch &batch,const CKey& key, const CPubKey &pubkey) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
405 : :
406 : : void AddKeypoolPubkeyWithDB(const CPubKey& pubkey, const bool internal, WalletBatch& batch);
407 : :
408 : : //! Adds a script to the store and saves it to disk
409 : : bool AddCScriptWithDB(WalletBatch& batch, const CScript& script);
410 : :
411 : : /** Add a KeyOriginInfo to the wallet */
412 : : bool AddKeyOriginWithDB(WalletBatch& batch, const CPubKey& pubkey, const KeyOriginInfo& info);
413 : :
414 : : /* HD derive new child key (on internal or external chain) */
415 : : void DeriveNewChildKey(WalletBatch& batch, CKeyMetadata& metadata, CKey& secret, CHDChain& hd_chain, bool internal = false) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
416 : :
417 : : // Tracks keypool indexes to CKeyIDs of keys that have been taken out of the keypool but may be returned to it
418 : : std::map<int64_t, CKeyID> m_index_to_reserved_key;
419 : :
420 : : //! Fetches a key from the keypool
421 : : bool GetKeyFromPool(CPubKey &key, const OutputType type);
422 : :
423 : : /**
424 : : * Reserves a key from the keypool and sets nIndex to its index
425 : : *
426 : : * @param[out] nIndex the index of the key in keypool
427 : : * @param[out] keypool the keypool the key was drawn from, which could be the
428 : : * the pre-split pool if present, or the internal or external pool
429 : : * @param fRequestedInternal true if the caller would like the key drawn
430 : : * from the internal keypool, false if external is preferred
431 : : *
432 : : * @return true if succeeded, false if failed due to empty keypool
433 : : * @throws std::runtime_error if keypool read failed, key was invalid,
434 : : * was not found in the wallet, or was misclassified in the internal
435 : : * or external keypool
436 : : */
437 : : bool ReserveKeyFromKeyPool(int64_t& nIndex, CKeyPool& keypool, bool fRequestedInternal);
438 : :
439 : : /**
440 : : * Like TopUp() but adds keys for inactive HD chains.
441 : : * Ensures that there are at least -keypool number of keys derived after the given index.
442 : : *
443 : : * @param seed_id the CKeyID for the HD seed.
444 : : * @param index the index to start generating keys from
445 : : * @param internal whether the internal chain should be used. true for internal chain, false for external chain.
446 : : *
447 : : * @return true if seed was found and keys were derived. false if unable to derive seeds
448 : : */
449 : : bool TopUpInactiveHDChain(const CKeyID seed_id, int64_t index, bool internal);
450 : :
451 : : bool TopUpChain(WalletBatch& batch, CHDChain& chain, unsigned int size);
452 : : public:
453 : 32 : LegacyScriptPubKeyMan(WalletStorage& storage, int64_t keypool_size) : LegacyDataSPKM(storage), m_keypool_size(keypool_size) {}
454 : :
455 : : util::Result<CTxDestination> GetNewDestination(const OutputType type) override;
456 : :
457 : : bool Encrypt(const CKeyingMaterial& master_key, WalletBatch* batch) override;
458 : :
459 : : util::Result<CTxDestination> GetReservedDestination(const OutputType type, bool internal, int64_t& index, CKeyPool& keypool) override;
460 : : void KeepDestination(int64_t index, const OutputType& type) override;
461 : : void ReturnDestination(int64_t index, bool internal, const CTxDestination&) override;
462 : :
463 : : bool TopUp(unsigned int size = 0) override;
464 : :
465 : : std::vector<WalletDestination> MarkUnusedAddresses(const CScript& script) override;
466 : :
467 : : //! Upgrade stored CKeyMetadata objects to store key origin info as KeyOriginInfo
468 : : void UpgradeKeyMetadata();
469 : :
470 : : bool IsHDEnabled() const override;
471 : :
472 : : bool SetupGeneration(bool force = false) override;
473 : :
474 : : bool Upgrade(int prev_version, int new_version, bilingual_str& error) override;
475 : :
476 : : bool HavePrivateKeys() const override;
477 : : bool HaveCryptedKeys() const override;
478 : :
479 : : void RewriteDB() override;
480 : :
481 : : std::optional<int64_t> GetOldestKeyPoolTime() const override;
482 : : size_t KeypoolCountExternalKeys() const;
483 : : unsigned int GetKeyPoolSize() const override;
484 : :
485 : : int64_t GetTimeFirstKey() const override;
486 : :
487 : : std::unique_ptr<CKeyMetadata> GetMetadata(const CTxDestination& dest) const override;
488 : :
489 : : bool CanGetAddresses(bool internal = false) const override;
490 : :
491 : : bool CanProvide(const CScript& script, SignatureData& sigdata) override;
492 : :
493 : : bool SignTransaction(CMutableTransaction& tx, const std::map<COutPoint, Coin>& coins, int sighash, std::map<int, bilingual_str>& input_errors) const override;
494 : : SigningResult SignMessage(const std::string& message, const PKHash& pkhash, std::string& str_sig) const override;
495 : : std::optional<common::PSBTError> FillPSBT(PartiallySignedTransaction& psbt, const PrecomputedTransactionData& txdata, int sighash_type = SIGHASH_DEFAULT, bool sign = true, bool bip32derivs = false, int* n_signed = nullptr, bool finalize = true) const override;
496 : :
497 : : uint256 GetID() const override;
498 : :
499 : : //! Adds a key to the store, and saves it to disk.
500 : : bool AddKeyPubKey(const CKey& key, const CPubKey &pubkey) override;
501 : : //! Adds an encrypted key to the store, and saves it to disk.
502 : : bool AddCryptedKey(const CPubKey &vchPubKey, const std::vector<unsigned char> &vchCryptedSecret);
503 : : void UpdateTimeFirstKey(int64_t nCreateTime) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
504 : : //! Load metadata (used by LoadWallet)
505 : : void LoadKeyMetadata(const CKeyID& keyID, const CKeyMetadata &metadata) override;
506 : : void LoadScriptMetadata(const CScriptID& script_id, const CKeyMetadata &metadata) override;
507 : : //! Generate a new key
508 : : CPubKey GenerateNewKey(WalletBatch& batch, CHDChain& hd_chain, bool internal = false) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
509 : :
510 : : /* Set the HD chain model (chain child index counters) and writes it to the database */
511 : : void AddHDChain(const CHDChain& chain);
512 : :
513 : : //! Remove a watch only script from the keystore
514 : : bool RemoveWatchOnly(const CScript &dest);
515 : : bool AddWatchOnly(const CScript& dest, int64_t nCreateTime) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
516 : :
517 : : /* SigningProvider overrides */
518 : : bool AddCScript(const CScript& redeemScript) override;
519 : :
520 : : bool NewKeyPool();
521 : : void MarkPreSplitKeys() EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
522 : :
523 : : bool ImportScripts(const std::set<CScript> scripts, int64_t timestamp) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
524 : : bool ImportPrivKeys(const std::map<CKeyID, CKey>& privkey_map, const int64_t timestamp) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
525 : : bool ImportPubKeys(const std::vector<std::pair<CKeyID, bool>>& ordered_pubkeys, const std::map<CKeyID, CPubKey>& pubkey_map, const std::map<CKeyID, std::pair<CPubKey, KeyOriginInfo>>& key_origins, const bool add_keypool, const int64_t timestamp) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
526 : : bool ImportScriptPubKeys(const std::set<CScript>& script_pub_keys, const bool have_solving_data, const int64_t timestamp) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
527 : :
528 : : /* Returns true if the wallet can generate new keys */
529 : : bool CanGenerateKeys() const;
530 : :
531 : : /* Generates a new HD seed (will not be activated) */
532 : : CPubKey GenerateNewSeed();
533 : :
534 : : /* Derives a new HD seed (will not be activated) */
535 : : CPubKey DeriveNewSeed(const CKey& key);
536 : :
537 : : /* Set the current HD seed (will reset the chain child index counters)
538 : : Sets the seed's version based on the current wallet version (so the
539 : : caller must ensure the current wallet version is correct before calling
540 : : this function). */
541 : : void SetHDSeed(const CPubKey& key);
542 : :
543 : : /**
544 : : * Explicitly make the wallet learn the related scripts for outputs to the
545 : : * given key. This is purely to make the wallet file compatible with older
546 : : * software, as FillableSigningProvider automatically does this implicitly for all
547 : : * keys now.
548 : : */
549 : : void LearnRelatedScripts(const CPubKey& key, OutputType);
550 : :
551 : : /**
552 : : * Same as LearnRelatedScripts, but when the OutputType is not known (and could
553 : : * be anything).
554 : : */
555 : : void LearnAllRelatedScripts(const CPubKey& key);
556 : :
557 : : /**
558 : : * Marks all keys in the keypool up to and including the provided key as used.
559 : : *
560 : : * @param keypool_id determines the last key to mark as used
561 : : *
562 : : * @return All affected keys
563 : : */
564 : : std::vector<CKeyPool> MarkReserveKeysAsUsed(int64_t keypool_id) EXCLUSIVE_LOCKS_REQUIRED(cs_KeyStore);
565 [ + - ]: 1 : const std::map<CKeyID, int64_t>& GetAllReserveKeys() const { return m_pool_key_to_index; }
566 : :
567 : : std::set<CKeyID> GetKeys() const override;
568 : : };
569 : :
570 : : /** Wraps a LegacyScriptPubKeyMan so that it can be returned in a new unique_ptr. Does not provide privkeys */
571 : : class LegacySigningProvider : public SigningProvider
572 : : {
573 : : private:
574 : : const LegacyDataSPKM& m_spk_man;
575 : : public:
576 : 43 : explicit LegacySigningProvider(const LegacyDataSPKM& spk_man) : m_spk_man(spk_man) {}
577 : :
578 : 23 : bool GetCScript(const CScriptID &scriptid, CScript& script) const override { return m_spk_man.GetCScript(scriptid, script); }
579 : 0 : bool HaveCScript(const CScriptID &scriptid) const override { return m_spk_man.HaveCScript(scriptid); }
580 : 20 : bool GetPubKey(const CKeyID &address, CPubKey& pubkey) const override { return m_spk_man.GetPubKey(address, pubkey); }
581 : 0 : bool GetKey(const CKeyID &address, CKey& key) const override { return false; }
582 : 0 : bool HaveKey(const CKeyID &address) const override { return false; }
583 : 55 : bool GetKeyOrigin(const CKeyID& keyid, KeyOriginInfo& info) const override { return m_spk_man.GetKeyOrigin(keyid, info); }
584 : : };
585 : :
586 : : class DescriptorScriptPubKeyMan : public ScriptPubKeyMan
587 : : {
588 : : friend class LegacyDataSPKM;
589 : : private:
590 : : using ScriptPubKeyMap = std::map<CScript, int32_t>; // Map of scripts to descriptor range index
591 : : using PubKeyMap = std::map<CPubKey, int32_t>; // Map of pubkeys involved in scripts to descriptor range index
592 : : using CryptedKeyMap = std::map<CKeyID, std::pair<CPubKey, std::vector<unsigned char>>>;
593 : : using KeyMap = std::map<CKeyID, CKey>;
594 : :
595 : : ScriptPubKeyMap m_map_script_pub_keys GUARDED_BY(cs_desc_man);
596 : : PubKeyMap m_map_pubkeys GUARDED_BY(cs_desc_man);
597 : : int32_t m_max_cached_index = -1;
598 : :
599 : : KeyMap m_map_keys GUARDED_BY(cs_desc_man);
600 : : CryptedKeyMap m_map_crypted_keys GUARDED_BY(cs_desc_man);
601 : :
602 : : //! keeps track of whether Unlock has run a thorough check before
603 : : bool m_decryption_thoroughly_checked = false;
604 : :
605 : : //! Number of pre-generated keys/scripts (part of the look-ahead process, used to detect payments)
606 : : int64_t m_keypool_size GUARDED_BY(cs_desc_man){DEFAULT_KEYPOOL_SIZE};
607 : :
608 : : bool AddDescriptorKeyWithDB(WalletBatch& batch, const CKey& key, const CPubKey &pubkey) EXCLUSIVE_LOCKS_REQUIRED(cs_desc_man);
609 : :
610 : : KeyMap GetKeys() const EXCLUSIVE_LOCKS_REQUIRED(cs_desc_man);
611 : :
612 : : // Cached FlatSigningProviders to avoid regenerating them each time they are needed.
613 : : mutable std::map<int32_t, FlatSigningProvider> m_map_signing_providers;
614 : : // Fetch the SigningProvider for the given script and optionally include private keys
615 : : std::unique_ptr<FlatSigningProvider> GetSigningProvider(const CScript& script, bool include_private = false) const;
616 : : // Fetch the SigningProvider for a given index and optionally include private keys. Called by the above functions.
617 : : std::unique_ptr<FlatSigningProvider> GetSigningProvider(int32_t index, bool include_private = false) const EXCLUSIVE_LOCKS_REQUIRED(cs_desc_man);
618 : :
619 : : protected:
620 : : WalletDescriptor m_wallet_descriptor GUARDED_BY(cs_desc_man);
621 : :
622 : : //! Same as 'TopUp' but designed for use within a batch transaction context
623 : : bool TopUpWithDB(WalletBatch& batch, unsigned int size = 0);
624 : :
625 : : public:
626 : 2969 : DescriptorScriptPubKeyMan(WalletStorage& storage, WalletDescriptor& descriptor, int64_t keypool_size)
627 : 2969 : : ScriptPubKeyMan(storage),
628 [ + - ]: 2969 : m_keypool_size(keypool_size),
629 [ + - ]: 2969 : m_wallet_descriptor(descriptor)
630 : 2969 : {}
631 : 2874 : DescriptorScriptPubKeyMan(WalletStorage& storage, int64_t keypool_size)
632 : 2874 : : ScriptPubKeyMan(storage),
633 : 2874 : m_keypool_size(keypool_size)
634 : 2874 : {}
635 : :
636 : : mutable RecursiveMutex cs_desc_man;
637 : :
638 : : util::Result<CTxDestination> GetNewDestination(const OutputType type) override;
639 : : isminetype IsMine(const CScript& script) const override;
640 : :
641 : : bool CheckDecryptionKey(const CKeyingMaterial& master_key) override;
642 : : bool Encrypt(const CKeyingMaterial& master_key, WalletBatch* batch) override;
643 : :
644 : : util::Result<CTxDestination> GetReservedDestination(const OutputType type, bool internal, int64_t& index, CKeyPool& keypool) override;
645 : : void ReturnDestination(int64_t index, bool internal, const CTxDestination& addr) override;
646 : :
647 : : // Tops up the descriptor cache and m_map_script_pub_keys. The cache is stored in the wallet file
648 : : // and is used to expand the descriptor in GetNewDestination. DescriptorScriptPubKeyMan relies
649 : : // more on ephemeral data than LegacyScriptPubKeyMan. For wallets using unhardened derivation
650 : : // (with or without private keys), the "keypool" is a single xpub.
651 : : bool TopUp(unsigned int size = 0) override;
652 : :
653 : : std::vector<WalletDestination> MarkUnusedAddresses(const CScript& script) override;
654 : :
655 : : bool IsHDEnabled() const override;
656 : :
657 : : //! Setup descriptors based on the given CExtkey
658 : : bool SetupDescriptorGeneration(WalletBatch& batch, const CExtKey& master_key, OutputType addr_type, bool internal);
659 : :
660 : : bool HavePrivateKeys() const override;
661 : : bool HasPrivKey(const CKeyID& keyid) const EXCLUSIVE_LOCKS_REQUIRED(cs_desc_man);
662 : : //! Retrieve the particular key if it is available. Returns nullopt if the key is not in the wallet, or if the wallet is locked.
663 : : std::optional<CKey> GetKey(const CKeyID& keyid) const EXCLUSIVE_LOCKS_REQUIRED(cs_desc_man);
664 : : bool HaveCryptedKeys() const override;
665 : :
666 : : std::optional<int64_t> GetOldestKeyPoolTime() const override;
667 : : unsigned int GetKeyPoolSize() const override;
668 : :
669 : : int64_t GetTimeFirstKey() const override;
670 : :
671 : : std::unique_ptr<CKeyMetadata> GetMetadata(const CTxDestination& dest) const override;
672 : :
673 : : bool CanGetAddresses(bool internal = false) const override;
674 : :
675 : : std::unique_ptr<SigningProvider> GetSolvingProvider(const CScript& script) const override;
676 : :
677 : : bool CanProvide(const CScript& script, SignatureData& sigdata) override;
678 : :
679 : : // Fetch the SigningProvider for the given pubkey and always include private keys. This should only be called by signing code.
680 : : std::unique_ptr<FlatSigningProvider> GetSigningProvider(const CPubKey& pubkey) const;
681 : :
682 : : bool SignTransaction(CMutableTransaction& tx, const std::map<COutPoint, Coin>& coins, int sighash, std::map<int, bilingual_str>& input_errors) const override;
683 : : SigningResult SignMessage(const std::string& message, const PKHash& pkhash, std::string& str_sig) const override;
684 : : std::optional<common::PSBTError> FillPSBT(PartiallySignedTransaction& psbt, const PrecomputedTransactionData& txdata, int sighash_type = SIGHASH_DEFAULT, bool sign = true, bool bip32derivs = false, int* n_signed = nullptr, bool finalize = true) const override;
685 : :
686 : : uint256 GetID() const override;
687 : :
688 : : void SetCache(const DescriptorCache& cache);
689 : :
690 : : bool AddKey(const CKeyID& key_id, const CKey& key);
691 : : bool AddCryptedKey(const CKeyID& key_id, const CPubKey& pubkey, const std::vector<unsigned char>& crypted_key);
692 : :
693 : : bool HasWalletDescriptor(const WalletDescriptor& desc) const;
694 : : void UpdateWalletDescriptor(WalletDescriptor& descriptor);
695 : : bool CanUpdateToWalletDescriptor(const WalletDescriptor& descriptor, std::string& error);
696 : : void AddDescriptorKey(const CKey& key, const CPubKey &pubkey);
697 : : void WriteDescriptor();
698 : :
699 : : WalletDescriptor GetWalletDescriptor() const EXCLUSIVE_LOCKS_REQUIRED(cs_desc_man);
700 : : std::unordered_set<CScript, SaltedSipHasher> GetScriptPubKeys() const override;
701 : : std::unordered_set<CScript, SaltedSipHasher> GetScriptPubKeys(int32_t minimum_index) const;
702 : : int32_t GetEndRange() const;
703 : :
704 : : [[nodiscard]] bool GetDescriptorString(std::string& out, const bool priv) const;
705 : :
706 : : void UpgradeDescriptorCache();
707 : : };
708 : :
709 : : /** struct containing information needed for migrating legacy wallets to descriptor wallets */
710 : : struct MigrationData
711 : : {
712 : : CExtKey master_key;
713 : : std::vector<std::pair<std::string, int64_t>> watch_descs;
714 : : std::vector<std::pair<std::string, int64_t>> solvable_descs;
715 : : std::vector<std::unique_ptr<DescriptorScriptPubKeyMan>> desc_spkms;
716 : : std::shared_ptr<CWallet> watchonly_wallet{nullptr};
717 : : std::shared_ptr<CWallet> solvable_wallet{nullptr};
718 : : };
719 : :
720 : : } // namespace wallet
721 : :
722 : : #endif // BITCOIN_WALLET_SCRIPTPUBKEYMAN_H
|
