LBRYCommunity/lbcutil
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

psbt: don't remove non-witness UTXO for segwit v0

Browse source 
As a countermeasure to CVE-2020-14199 new HW wallet firmwares require
the full non-witness UTXO to be set even for witness inputs.
We therefore shouldn't remove it when signing.
This commit is contained in:
Oliver Gugger 2020-07-20 15:02:03 +02:00
parent c5f199e40f
commit b283b0eb92
No known key found for this signature in database
GPG key ID: 8E4256593F177720
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
psbt/signer.go
View file

@ -142,8 +142,11 @@ func nonWitnessToWitness(p *Packet, inIndex int) error {
outIndex := p.UnsignedTx.TxIn[inIndex].PreviousOutPoint.Index
txout := p.Inputs[inIndex].NonWitnessUtxo.TxOut[outIndex]
// Remove the non-witness first, else sanity check will not pass:
p.Inputs[inIndex].NonWitnessUtxo = nil
// TODO(guggero): For segwit v1, we'll want to remove the NonWitnessUtxo
// from the packet. For segwit v0 it is unsafe to only rely on the
// witness UTXO. See https://github.com/bitcoin/bitcoin/pull/19215.
// p.Inputs[inIndex].NonWitnessUtxo = nil
u := Updater{
Upsbt: p,
}