Commit graph

159 commits

Author SHA1 Message Date
Yaacov Akiba Slama
759741dccc waddrmgr: add support for pay to witness script address
With this commit we refactor the existing script address into a
baseScriptAddress struct and then add a new witnessScriptAddress type
that manages a pay-to-witness-script address.
2022-05-24 03:09:34 -07:00
Oliver Gugger
9eb48cb6ab waddrmgr: add adtWitnessScript serialization 2022-05-24 03:09:34 -07:00
Oliver Gugger
6d7b545acb waddrmgr: rename ambiguous scriptCT to scriptClearText
Since CT can mean both Cipher Text as well as Clear Text, the variable
name scriptCT lead to confusion about its meaning. We rename it to make
it more clear how it's used.
2022-05-24 03:09:34 -07:00
Oliver Gugger
b4e83b1f8c waddrmgr: fix concurrent map access
Fixes lightningnetwork/lnd#5864.
The loadAccountInfo does load an account as its name suggests. But after
loading it, the account is also added to a map to cache it. That map
write should be seen as a writing operation and therefore the _write_
lock must be held, not just the read lock.
2022-05-24 03:09:33 -07:00
Oliver Gugger
4e131c23d0 waddrmgr: fix test compilation 2022-05-24 03:09:33 -07:00
Olaoluwa Osuntokun
e0c5ce72cf waddrmgr: add new DeriveFromKeyPathCache method for faster key retrieval
In this commit, we add a new method `DeriveFromKeyPathCache` that gives
callers a way to more quickly obtain a private key they know they'll be
using frequently. This method lets a caller avoid the write database
transaction as well as the EC operations to derive the key itself (BIP
32).
2022-05-24 03:09:33 -07:00
Oliver Gugger
4a75796117 wallet+waddrmgr: refactor to use extended key instead of seed
To allow a wallet to be created directly from an extended master root
key (xprv), we move the derivation from seed to extended key to the
loader instead of the address manager itself.
2022-05-24 03:09:33 -07:00
Wilmer Paulino
5053325946
wallet: add dry run implementation of ImportAccount
This method returns the first N external and internal addresses, which
can be presented to users to confirm whether the account has been
imported correctly.
2021-05-06 16:32:58 -07:00
Olaoluwa Osuntokun
a7a9234968
Merge pull request #734 from bhandras/external_db
wallet: allow using external wallet db
2021-04-29 15:48:04 -07:00
Andras Banki-Horvath
13966db554
waddrmgr: test flake fix 2021-04-29 11:31:04 +02:00
Oliver Gugger
1f1ffb56b5
multi: add signet params
With this commit we add the signet test network parameters to all switch
cases where we distinguish between the different networks.
2021-04-27 09:59:14 +02:00
Wilmer Paulino
e1dfc4d1b7
waddrmgr+wallet: allow account import for simnet wallets
Simnet was previously left out as it didn't have defined HD versions for
some of our key scopes. To allow testing importing accounts into simnet
wallets, we fall back to use the mainnet HD versions.

This commit also addresses an issue with simnet wallets that would arise
whenever ScopedKeyManager.AccountProperties was invoked:

`failed to retrieve account public key: unsupported net SimNet`
2021-04-14 17:21:07 -07:00
Wilmer Paulino
bbd7f8f887
waddrmgr+wallet: expose LookupAccount
This exposes a mapping of account name to its corresponding key scope
and internal account number to facilitate the use of external APIs by
users.
2021-03-29 16:00:51 -07:00
Wilmer Paulino
f5845dfb42
wallet: prevent input signing for transactions on watch-only accounts
Watch-only accounts don't have any type of private key information
stored, so we avoid populating input signatures in those cases.
2021-03-29 16:00:49 -07:00
Wilmer Paulino
7fa80abc44
waddrmgr: include master key fingerprint in derivation path
Following the previous commit, some external hardware signers require a
master key fingerprint to be present within the PSBT input derivation
paths so that the signer can recognize which inputs are relevant and
must be signed.
2021-03-29 16:00:47 -07:00
Oliver Gugger
3a5d9f84b0
multi: fix linter issues 2021-03-24 14:44:32 +01:00
Wilmer Paulino
f1b329f680
waddrmgr: add TODO to determine proper address type of imported key
For key scopes which have an address schema where the external and
internal branches differ, we always assume that imported keys use the
external address type defined in the scope's address schema. This may
not always be the case however, and should be handled correctly.
Ideally, we generate two addresses per imported key (only if the
external and internal address types differ) and scan for both in the
chain.
2021-03-15 19:27:13 -07:00
Wilmer Paulino
b0a4956231
wallet: add derived public key import
Co-authored-by: Oliver Gugger <gugger@gmail.com>
2021-03-15 19:27:12 -07:00
Wilmer Paulino
9d909110f9
waddrmgr: use proper version for account key of non-watch-only accounts 2021-03-15 19:27:11 -07:00
Wilmer Paulino
adb3d77c86
waddrmgr: extend AccountProperties with watch-only account properties 2021-03-15 19:27:10 -07:00
Wilmer Paulino
283f914b95
waddrmgr: return err when priv key is requested for watch-only addr 2021-03-15 19:27:09 -07:00
Wilmer Paulino
e2d54f001b
waddrmgr: derive account addresses with schema override
This change was motivated by the need to support importing BIP-0049 keys
that use the standard address derivation scheme, where nested witness
pubkeys are used for both the external and internal branches. Our
BIP-0049 key scope is slightly different, in that addresses derived from
the internal branch use the witness pubkey address type. By having the
option of overriding the address schema for a particular account, we can
support importing standard BIP-0049 keys.
2021-03-15 19:27:07 -07:00
Wilmer Paulino
89e1671f0c
waddrmgr: extend watch-only account init with new parameters
The master fingerprint corresponds to the fingerprint of the root master
public key (otherwise known as m/). This is required by some hardware
wallets for proper identification and signing.

The address schema is an optional field that allows an account to
override its corresponding address schema with a custom one.
2021-03-15 19:27:06 -07:00
Wilmer Paulino
198b0b8dae
waddrmgr: store watch-only accounts under new account type
Watch-only accounts are usually backed by an external signer as they do
not contain any private key information. Some external signers require a
root key fingerprint for identification and signing purposes. In order
to guarantee compatibility with external signers, we need to persist the
root key fingerprint within the database.

Before this change, watch-only accounts used the default account
database structure. In this commit, we introduce a new account type to
store different information for watch-only accounts only. This isn't a
breaking change as watch-only accounts have yet to be supported by the
primary user of the wallet (lnd). With this new account type, we can
avoid the empty private key fields, which are irrelevant to watch-only
accounts, and we can store the root key fingerprint.
2021-03-15 19:27:05 -07:00
Wilmer Paulino
0492cb4507
waddrmgr: use correct DerivationPath for watch-only accounts
Previously, addresses that belong to a watch-only account would have a
derivation path using the internal account number used to identify
accounts within the databse, rather than the actual account number based
on the account's master public key child index. This wasn't an issue
before as only one account would exist within the wallet, the 0 account,
which is also the default. To ensure users of the DerivationPath struct
can arrive at addresses correctly, we introduce a new field
InternalAccount to denote the internal account number and repurpose the
existing Account field to its actual meaning.
2021-03-15 19:27:04 -07:00
Wilmer Paulino
dead1a89d9
waddrmgr: add ImportPublicKey 2021-03-15 19:27:03 -07:00
Wilmer Paulino
ee9a1fb0ce
waddrmgr: refactor code from ImportPrivateKey into methods 2021-03-15 19:27:03 -07:00
Wilmer Paulino
02c4a1a54f
build: update btcutil dependency 2021-03-15 19:27:02 -07:00
Wilmer Paulino
742d879352
multi: fix linter 2021-03-15 19:27:00 -07:00
yyforyongyu
f6ea9d4d7b
waddrmgr: update tests to use db timeout param 2020-11-06 23:58:09 +08:00
Wilmer Paulino
6aa23a2389
waddrmgr: set timestamp for genesis block sync info
Not setting this would result in a non-sensible unix timestamp
(2288912640) being exposed when the wallet hasn't synced any blocks,
like in the case when it's waiting for the backend to sync.
2020-06-01 12:51:58 -07:00
Dev Random
4c5bc1b15d
waddrmgr: create watch-only address managers and accounts
This PR allows the creation of managers and accounts that are watch-only. The state of the database after creation would be identical to the state after calling 

Manager.ConvertToWatchingOnly, assuming accounts with the right xpubs were created in the former case.

Co-authored-by: Ken Sedgwick <ken@bonsai.com>
2020-04-24 17:44:21 -07:00
Wilmer Paulino
1285049923
wallet: include addresses from relevant key scopes in rescan
Due to a no longer existing bug within the wallet, it was possible for
change addresses to be created outside of their intended key scope (the
default), so wallets affected by this now need to ensure they scan the
chain for all addresses within the default key scopes (as expected), and
all _internal_ addresses (branch used for change addresses) within any
other registered key scopes to reflect their proper balance.
2020-03-30 15:35:49 -07:00
Wilmer Paulino
43e19da868
Revert "waddrmgr+wallet: only watch addresses within default key scopes"
The commit being reverted resulted in the discovery of a bug in which
change addresses could at times be created outside of the default key
scopes, causing us to not properly determine their spends.
2020-03-30 15:31:44 -07:00
Olaoluwa Osuntokun
ae9416ad76
Merge pull request #676 from wpaulino/watch-default-account-addrs-only
waddrmgr+wallet: only watch addresses within default key scopes
2020-02-18 16:46:49 -08:00
Wilmer Paulino
51b362d7c5
waddrmgr+wallet: only watch addresses within default key scopes
It was discovered that the wallet can scan the chain for unnecessary
additional addresses that are derived by higher-level applications using
custom key scopes. This isn't much of an issue for full nodes, but it
can cause light clients to scan more than what's required, triggering
more false positive matches which lead to block retrieval.

Now, we'll only scan the chain for addresses that exist within the
default key scopes, as those are the only ones the wallet should be
concerned about.
2020-01-24 17:12:23 -08:00
Oliver Gugger
655c23db1d
waddrmgr: export fast scrypt options 2020-01-23 13:47:02 +01:00
Wilmer Paulino
81797fe29d
multi: extend walletdb bolt driver with NoFreelistSync option
This allows external callers to set the option instead. All tests
remained with the option enabled.
2019-10-03 13:28:04 -04:00
Wilmer Paulino
f710cd4a92
cmd/dropwtxmgr+waddrmgr: handle constraint when resetting synced state
We update the dropwtxmgr utility tool to take into account that the
wallet only stores MaxReorgDepth blocks, which introduced an additional
constraint when updating the wallet's synced state. The constraint
ensures that the previous block exists when updating the wallet's synced
state, but this does not hold for the birthday block since it's the
first block we'll store.
2019-07-08 13:26:43 -07:00
Wilmer Paulino
f2f46b674d
waddrmgr: add migration to maintain MaxReorgDepth block hashes stored
In this commit, we add a migration that will be used by existing wallets
to ensure they can adhere to the new requirement of storing up to
MaxReorgDepth entries within the block hash index.
2019-06-11 12:02:42 -07:00
Wilmer Paulino
e548e76684
waddrmgr: maintain a maximum of MaxReorgDepth block hashes stored
In this commit, we modify the wallet's block hash index to only store up
to MaxReorgDepth blocks. This allows us to reduce consumed storage, as
we'd be mostly storing duplicate data. We choose to store up to
MaxReorgDepth to ensure we can recover from a potential long reorg.
2019-06-11 12:02:41 -07:00
Wilmer Paulino
8ae8071c54
waddrmgr: use RLock when retrieving sync info 2019-05-23 14:04:02 -07:00
Wilmer Paulino
3cf41c92b5
waddrmgr: use methods that do not hold the manager's lock 2019-03-18 15:47:48 -07:00
Johan T. Halseth
918d9c2f88
waddrmgr/scoped_manager: add nextAddresses cache update to db tx's OnCommit()
This commit makes nextAddresses add a function to the transactions
OnCommit handler used to update the cache on successful database
transaction commit. Before this we would risk the cache and database of
get out of sync if the database transaction failed or was aborted after
the cache was updated.
2019-02-14 09:19:25 +01:00
Wilmer Paulino
177e31c0b3 waddrmgr+cmd/dropwtxmgr: start rescan from birthday block
In this commit, we modify the dropwtxmgr tool to force a rescan upon
restart from the wallet's birthday block, rather than the chain's
genesis block. We can safely do this as we expect that no on-chain
events relevant to the wallet should happen before this block.  For
older wallets which do not have their birthday block set, the rescan
should start from the genesis block.
2019-01-08 20:12:16 -08:00
Wilmer Paulino
7c377b2906
waddrmgr/sync: expose verification status in Manager's birthday block methods 2018-11-15 18:02:21 -08:00
Wilmer Paulino
6568c433fe
waddrmgr/db: store birthday block verification status
In this commit, we add a new key/value pair to the waddrmgr's sync
bucket to store the verification status of the birthday block. This
verification status determines whether the wallet has verified the
correctness of its birthday block through its sanity check on startup.
2018-11-15 18:01:19 -08:00
Wilmer Paulino
0424fd22ec
waddrmgr/migrations: add migration to force rescan from birthday block
In this commit, we add a migration to force a rescan of users' wallets
starting from their birthday block to ensure that their balance is
reflected correctly as it is on-chain. This was inspired by the recent
bug discovered where the wallet would not watch for the confirmation of
a relevant transaction.
2018-11-14 18:09:10 -08:00
Wilmer Paulino
a25899eae7
waddrmgr/migrations: add migration to populate birthday block for existing wallets
In this commit, we add a new migration to the waddrmgr to populate the
birthday block for existing wallets. This will deem useful when
performing rescans for whatever reason, as we'll now be able to start
from this point rather than the genesis block, incurring a longer
rescan.

The migration is not as reliable since we do not store block timestamps,
so we'll need to estimate our height by looking at the genesis timestamp
and assuming a block occurs every 10 minutes. This can be unsafe, and
cause us to actually miss on-chain events, so a sanity check will be
added before the wallet attempts to sync itself in a later commit.
2018-11-13 19:37:08 -08:00
Wilmer Paulino
709fa17540
waddrmgr+wallet: add waddrmgr log to the wallet 2018-11-12 08:56:31 -08:00