support input encoded data for bitcoin network (#486)

* add input script check * add test * optimizations * bug fix * fix pr comments * Test SegWit-encoded data using a single output (not two) * Remove TODO used as a question, document origins when SegWit encoding --------- Co-authored-by: Luke Parker <lukeparker5132@gmail.com>
2025-12-08 20:29:23 +00:00 · 2024-02-18 15:43:44 +03:00
parent c05c511938
commit d88aa90ec2
3 changed files with 338 additions and 88 deletions
--- a/processor/src/tests/literal/mod.rs
+++ b/processor/src/tests/literal/mod.rs
@@ -5,8 +5,42 @@ use dockertest::{

 #[cfg(feature = "bitcoin")]
 mod bitcoin {
+  use std::sync::Arc;
+
+  use rand_core::OsRng;
+
+  use frost::Participant;
+
+  use bitcoin_serai::bitcoin::{
+    secp256k1::{SECP256K1, SecretKey, Message},
+    PrivateKey, PublicKey,
+    hashes::{HashEngine, Hash, sha256::Hash as Sha256},
+    sighash::{SighashCache, EcdsaSighashType},
+    absolute::LockTime,
+    Amount as BAmount, Sequence, Script, Witness, OutPoint,
+    address::Address as BAddress,
+    transaction::{Version, Transaction, TxIn, TxOut},
+    Network as BNetwork, ScriptBuf,
+    opcodes::all::{OP_SHA256, OP_EQUALVERIFY},
+  };
+
+  use scale::Encode;
+  use sp_application_crypto::Pair;
+  use serai_client::{in_instructions::primitives::Shorthand, primitives::insecure_pair_from_name};
+
+  use tokio::{
+    time::{timeout, Duration},
+    sync::Mutex,
+  };
+
+  use serai_db::MemDb;
+
  use super::*;
-  use crate::networks::{Network, Bitcoin};
+  use crate::{
+    networks::{Network, Bitcoin, Output, OutputType, Block},
+    tests::scanner::new_scanner,
+    multisigs::scanner::ScannerEvent,
+  };

  #[test]
  fn test_dust_constant() {
@@ -19,6 +53,142 @@ mod bitcoin {
    check::<IsTrue<{ Bitcoin::DUST >= bitcoin_serai::wallet::DUST }>>();
  }

+  #[test]
+  fn test_receive_data_from_input() {
+    let docker = spawn_bitcoin();
+    docker.run(|ops| async move {
+      let btc = bitcoin(&ops).await;
+
+      // generate a multisig address to receive the coins
+      let mut keys = frost::tests::key_gen::<_, <Bitcoin as Network>::Curve>(&mut OsRng)
+        .remove(&Participant::new(1).unwrap())
+        .unwrap();
+      <Bitcoin as Network>::tweak_keys(&mut keys);
+      let group_key = keys.group_key();
+      let serai_btc_address = <Bitcoin as Network>::external_address(group_key);
+
+      // btc key pair to send from
+      let private_key = PrivateKey::new(SecretKey::new(&mut rand_core::OsRng), BNetwork::Regtest);
+      let public_key = PublicKey::from_private_key(SECP256K1, &private_key);
+      let main_addr = BAddress::p2pkh(&public_key, BNetwork::Regtest);
+
+      // get unlocked coins
+      let new_block = btc.get_latest_block_number().await.unwrap() + 1;
+      btc
+        .rpc
+        .rpc_call::<Vec<String>>("generatetoaddress", serde_json::json!([100, main_addr]))
+        .await
+        .unwrap();
+
+      // create a scanner
+      let db = MemDb::new();
+      let mut scanner = new_scanner(&btc, &db, group_key, &Arc::new(Mutex::new(true))).await;
+
+      // make a transfer instruction & hash it for script.
+      let serai_address = insecure_pair_from_name("alice").public();
+      let message = Shorthand::transfer(None, serai_address.into()).encode();
+      let mut data = Sha256::engine();
+      data.input(&message);
+
+      // make the output script => msg_script(OP_SHA256 PUSH MSG_HASH OP_EQUALVERIFY) + any_script
+      let mut script = ScriptBuf::builder()
+        .push_opcode(OP_SHA256)
+        .push_slice(Sha256::from_engine(data).as_byte_array())
+        .push_opcode(OP_EQUALVERIFY)
+        .into_script();
+      // append a regular spend script
+      for i in main_addr.script_pubkey().instructions() {
+        script.push_instruction(i.unwrap());
+      }
+
+      // Create the first transaction
+      let tx = btc.get_block(new_block).await.unwrap().txdata.swap_remove(0);
+      let mut tx = Transaction {
+        version: Version(2),
+        lock_time: LockTime::ZERO,
+        input: vec![TxIn {
+          previous_output: OutPoint { txid: tx.txid(), vout: 0 },
+          script_sig: Script::new().into(),
+          sequence: Sequence(u32::MAX),
+          witness: Witness::default(),
+        }],
+        output: vec![TxOut {
+          value: tx.output[0].value - BAmount::from_sat(10000),
+          script_pubkey: ScriptBuf::new_p2wsh(&script.wscript_hash()),
+        }],
+      };
+      tx.input[0].script_sig = Bitcoin::sign_btc_input_for_p2pkh(&tx, 0, &private_key);
+      let initial_output_value = tx.output[0].value;
+
+      // send it
+      btc.rpc.send_raw_transaction(&tx).await.unwrap();
+
+      // Chain a transaction spending it with the InInstruction embedded in the input
+      let mut tx = Transaction {
+        version: Version(2),
+        lock_time: LockTime::ZERO,
+        input: vec![TxIn {
+          previous_output: OutPoint { txid: tx.txid(), vout: 0 },
+          script_sig: Script::new().into(),
+          sequence: Sequence(u32::MAX),
+          witness: Witness::new(),
+        }],
+        output: vec![TxOut {
+          value: tx.output[0].value - BAmount::from_sat(10000),
+          script_pubkey: serai_btc_address.as_ref().script_pubkey(),
+        }],
+      };
+
+      // add the witness script
+      // This is the standard script with an extra argument of the InInstruction
+      let mut sig = SECP256K1
+        .sign_ecdsa_low_r(
+          &Message::from(
+            SighashCache::new(&tx)
+              .p2wsh_signature_hash(0, &script, initial_output_value, EcdsaSighashType::All)
+              .unwrap()
+              .to_raw_hash(),
+          ),
+          &private_key.inner,
+        )
+        .serialize_der()
+        .to_vec();
+      sig.push(1);
+      tx.input[0].witness.push(sig);
+      tx.input[0].witness.push(public_key.inner.serialize());
+      tx.input[0].witness.push(message.clone());
+      tx.input[0].witness.push(script);
+
+      // Send it immediately, as Bitcoin allows mempool chaining
+      btc.rpc.send_raw_transaction(&tx).await.unwrap();
+
+      // Mine enough confirmations
+      let block_number = btc.get_latest_block_number().await.unwrap() + 1;
+      for _ in 0 .. <Bitcoin as Network>::CONFIRMATIONS {
+        btc.mine_block().await;
+      }
+      let tx_block = btc.get_block(block_number).await.unwrap();
+
+      // verify that scanner picked up the output
+      let outputs =
+        match timeout(Duration::from_secs(30), scanner.events.recv()).await.unwrap().unwrap() {
+          ScannerEvent::Block { is_retirement_block, block, outputs } => {
+            scanner.multisig_completed.send(false).unwrap();
+            assert!(!is_retirement_block);
+            assert_eq!(block, tx_block.id());
+            assert_eq!(outputs.len(), 1);
+            assert_eq!(outputs[0].kind(), OutputType::External);
+            outputs
+          }
+          _ => panic!("unexpectedly got eventuality completion"),
+        };
+
+      // verify that the amount and message are correct
+      assert_eq!(outputs[0].balance().amount.0, tx.output[0].value.to_sat());
+      assert_eq!(outputs[0].data(), message);
+    });
+  }
+
  fn spawn_bitcoin() -> DockerTest {
    serai_docker_tests::build("bitcoin".to_string());

--- a/processor/src/tests/scanner.rs
+++ b/processor/src/tests/scanner.rs
@@ -1,6 +1,7 @@
 use core::time::Duration;
 use std::sync::Arc;

+use ciphersuite::Ciphersuite;
 use rand_core::OsRng;

 use frost::{Participant, tests::key_gen};
@@ -14,6 +15,31 @@ use crate::{
  multisigs::scanner::{ScannerEvent, Scanner, ScannerHandle},
 };

+pub async fn new_scanner<N: Network, D: Db>(
+  network: &N,
+  db: &D,
+  group_key: <N::Curve as Ciphersuite>::G,
+  first: &Arc<Mutex<bool>>,
+) -> ScannerHandle<N, D> {
+  let activation_number = network.get_latest_block_number().await.unwrap();
+  let mut db = db.clone();
+  let (mut scanner, current_keys) = Scanner::new(network.clone(), db.clone());
+  let mut first = first.lock().await;
+  if *first {
+    assert!(current_keys.is_empty());
+    let mut txn = db.txn();
+    scanner.register_key(&mut txn, activation_number, group_key).await;
+    txn.commit();
+    for _ in 0 .. N::CONFIRMATIONS {
+      network.mine_block().await;
+    }
+    *first = false;
+  } else {
+    assert_eq!(current_keys.len(), 1);
+  }
+  scanner
+}
+
 pub async fn test_scanner<N: Network>(network: N) {
  let mut keys =
    frost::tests::key_gen::<_, N::Curve>(&mut OsRng).remove(&Participant::new(1).unwrap()).unwrap();
@@ -25,28 +51,9 @@ pub async fn test_scanner<N: Network>(network: N) {
    network.mine_block().await;
  }

-  let first = Arc::new(Mutex::new(true));
-  let activation_number = network.get_latest_block_number().await.unwrap();
  let db = MemDb::new();
-  let new_scanner = || async {
-    let mut db = db.clone();
-    let (mut scanner, current_keys) = Scanner::new(network.clone(), db.clone());
-    let mut first = first.lock().await;
-    if *first {
-      assert!(current_keys.is_empty());
-      let mut txn = db.txn();
-      scanner.register_key(&mut txn, activation_number, group_key).await;
-      txn.commit();
-      for _ in 0 .. N::CONFIRMATIONS {
-        network.mine_block().await;
-      }
-      *first = false;
-    } else {
-      assert_eq!(current_keys.len(), 1);
-    }
-    scanner
-  };
-  let scanner = new_scanner().await;
+  let first = Arc::new(Mutex::new(true));
+  let scanner = new_scanner(&network, &db, group_key, &first).await;

  // Receive funds
  let block = network.test_send(N::external_address(keys.group_key())).await;
@@ -73,7 +80,7 @@ pub async fn test_scanner<N: Network>(network: N) {
  let (mut scanner, outputs) = verify_event(scanner).await;

  // Create a new scanner off the current DB and verify it re-emits the above events
-  verify_event(new_scanner().await).await;
+  verify_event(new_scanner(&network, &db, group_key, &first).await).await;

  // Acknowledge the block
  let mut cloned_db = db.clone();
@@ -86,7 +93,12 @@ pub async fn test_scanner<N: Network>(network: N) {
  assert!(timeout(Duration::from_secs(30), scanner.events.recv()).await.is_err());

  // Create a new scanner off the current DB and make sure it also does nothing
-  assert!(timeout(Duration::from_secs(30), new_scanner().await.events.recv()).await.is_err());
+  assert!(timeout(
+    Duration::from_secs(30),
+    new_scanner(&network, &db, group_key, &first).await.events.recv()
+  )
+  .await
+  .is_err());
 }

 pub async fn test_no_deadlock_in_multisig_completed<N: Network>(network: N) {