PSBT Cosign WIP

[limpbrains]

closes #976

psbt.cosign.mp4

If psbt can be fully-signed, UI shows TX hex-encoded and ready to be broadcasted.

If psbt can be party-signed, UI shows PSBT

[limpbrains]

@Overtorment I'm thinking of how to test it. Let's create 3 wallets. HDLegacyP2PKHWallet, HDSegwitP2SHWallet and HDSegwitBech32Wallet. And one transaction to use UTXO from all of them, then try to sign this psbt using them one by one. In the result it should be new valid transaction.

[ncoelho]

tACK, worked well for me.

Some inconsistencies with the current PSBTs and signing flows:
1- Sing button is located on send > top right options (I would prefer to keep it there for now)
2- On current PSBT signed screen we show the "hex string" and not the QR code. Should we change it to QR as well on the other? The QR code + share button, seems to be the more elegant GUI.

[Overtorment]

hmm, this summarizes signatures for all inputs.
theoretically, there could be a tx with 8 inputs, but only 7 are signed. this makes no sense, no one would produce such tx and hope to do smth useful with it, but still.
anyway, for single sig wallets we only care if that method returns something greater than zero or not
(similar to multisig where we care if this method returns something greater than M or not).

[limpbrains]

I think of it this way: you can have 3 offline wallets and want to create one tx to spend all the funds from them. In this case somewhere in the middle of signing process you will have a PBST with 3 inputs and only 2 of them will be signed

[Overtorment]

how is transactino crafted, adding inputs one by one? its kind of custom transaction. i dont know if theres a software that allows users to craft it.
but could be useful for payjoins and mixes tho

[Overtorment]

exportPSBT we could move to this screen:

so if this screen received not only txhex but also psbt - provide option to export it

[limpbrains]

not sure about this. Looks like I can break something

[Overtorment]

also, needs unit test (at the very least, we can use seed for zpub6rDWXE4wbwefeCrHWehXJheXnti5F9PbpamDUeB5eFbqaY89x3jq86JADBuXpnJnSvRVwqkaTnyMaZERUg4BpxD9V4tSZfKeYh1ozPdL1xK ), and probably e2e

[limpbrains]

2- On current PSBT signed screen we show the "hex string" and not the QR code. Should we change it to QR as well on the other? The QR code + share button, seems to be the more elegant GUI.

Agree, will do it in another PR

[limpbrains]

cosign2.mov

What do you guys think of this one? If everything is ok, I will start working on e2e test

[ncoelho]

Is that a send to many (batch) example?

[limpbrains]

@ncoelho no

[limpbrains]

Example has 2 outputs. One of them is change. But on details page both are shown. I think this is correct behavior.

Imagine having 2 wallets and creating one tx using UTXOs from both of them.
Now you need to sign this tx. If I try to guess change output and hide it from Details screen, then it will depend on signing order. And Details screen will be different in each case.

[limpbrains]

Do you think I should move "Coin control" and "Sign a transaction" to the top of actions list?
"Add Recipient" and "Remove Recipient" are the most used options here

[ncoelho]

I understand that. But the job of a wallet is to transform outputs in a user/human understandable GUI.

I expect to see the balance I'm sending plus the fee, independently of the number of outputs the transaction is generating. And we can't assume the user knows what change is (that's a big assumption). Change should just be/stay in my wallet in a transparent way.

This is the logic that happens in all transactions flow. We can improve the verify screen with all information, but the confirmation screen should not show outputs.

Balance + address + fee on the confirm screen. User then can verify or send.

[ncoelho]

Do you think I should move "Coin control" and "Sign a transaction" to the top of actions list?
"Add Recipient" and "Remove Recipient" are the most used options here

For now I will just try to make as similar as the multisig setup as possible. We do need to "redesign" these screens for consistency later, but let's make them work first. In multisig you have:
1- use full balance
2- import transaction
3- sign transaction

Here you are adding the sign transaction with both importing and scanning, which should be the correct behaviour. So as 2nd option is fine. Leave coin control in the end for now.

[limpbrains]

I understand that. But the job of a wallet is to transform outputs in a user/human understandable GUI.

I expect to see the balance I'm sending plus the fee, independently of the number of outputs the transaction is generating. And we can't assume the user knows what change is (that's a big assumption). Change should just be/stay in my wallet in a transparent way.

This is the logic that happens in all transactions flow. We can improve the verify screen with all information, but the confirmation screen should not show outputs.

Balance + address + fee on the confirm screen. User then can verify or send.

Can you please elaborate on what exactly you want me to do. I see 2 options:

• try to find change output and show correct info on Confirm. Will work most of the time.
• hide Confirm, because we can't show it correctly, user should rely on tools where PSBT was created. It could be BW on another device or HW

[ncoelho]

I create a PSBT, imported it to the wallet with the seed. And land on a screen to sign the transaction. Am I doing something wrong?

I would expect to land on the screen with the transaction signed, ready to copy or broadcast.

Screen.Recording.2021-02-08.at.12.40.45.mov

[limpbrains]

@ncoelho It can't sign any inputs. Strange. Can't reproduce this. Are you sure psbt was created using zpub from the wallet you are trying to sign tx?

[ncoelho]

@ncoelho It can't sign any inputs. Strange. Can't reproduce this. Are you sure psbt was created using zpub from the wallet you are trying to sign tx?

Sorry my mistake. Imported the wrong psbt file on that video. Worked for me now.

[ncoelho]

Transaction signed with the seed, gives QR with HEX. QR is imported to online watch-only to broadcast, doesn't recognize HEX. Something is wrong on the flow right? We are giving HEX and watch-only is expecting PSBT?

Screen.Recording.2021-02-08.at.15.25.57.mov

[limpbrains]

@ncoelho
I'm not familiar with this flow.

BlueWallet/screen/send/details.js

Line 897 in 52f1bdf

// this looks like NOT base64, so maybe its transaction's hex

It says
this looks like NOT base64, so maybe its transaction's hex
we dont support it in this flow

May be we should? cc @Overtorment

When you generate PSBT there is a "Scan Signed Transaction" button. It works fine.

[limpbrains]

2 questions

• probably we should change text "This wallet is not being used in conjunction with a hardware wallet. Would you like to enable hardware wallet use?" to something like "This wallet is not being used in conjunction with an offline signing. Would you like to enable it now?
• do you think we should move this feature under Anvanced? In order not to overload the interface.

[ncoelho]

2 questions

• probably we should change text "This wallet is not being used in conjunction with a hardware wallet. Would you like to enable hardware wallet use?" to something like "This wallet is not being used in conjunction with an offline signing. Would you like to enable it now?
• do you think we should move this feature under Anvanced? In order not to overload the interface.

Yes, the text should be changed.
We can keep it for now

[limpbrains]

@Overtorment I copy-pasted this from multisig cosign function. This never worked for me in tests. Always throws Need one bip32Derivation masterFingerprint to match the HDSigner fingerprint error.
Can you please take a look? Maybe I should remove this ?

[Overtorment]

thats because you used fp 00000000 in unit test
signInputHD tries to match path & fp, and it has proper fp from the seed.
PS. this reminds me. when we have option to display xpub for BIP84/49/44 whatever, we should encode fp & path in json inside qr, not just xpub string. i think we had a ticket for this somewhere...

[Overtorment]

yeah, would be nice to make signInputHD work, and keep the fallback as well (pls add comments)

[Overtorment]

heres how psbt's input data looks like when BW crafts it (having only Zpub):

[Overtorment]

It says
this looks like NOT base64, so maybe its transaction's hex
we dont support it in this flow
May be we should? cc @Overtorment

no, PSBT was specifically invented so developers would not have to pass hex around.
txhex doesn't have necessary metadata so parsing it to sign it would be a guesswork/bruteforce prone to errors

[Overtorment]

i like how it works in general, tested it on my devices.
but requires some refactoring.
ill probably work on this branch myself.

[Overtorment]

thats because you used fp 00000000 in unit test
signInputHD tries to match path & fp, and it has proper fp from the seed.
PS. this reminds me. when we have option to display xpub for BIP84/49/44 whatever, we should encode fp & path in json inside qr, not just xpub string. i think we had a ticket for this somewhere...

[Overtorment]

time comes when we will have to split e2e specs on several scenarios.
one spec should work with the app where HD_MNEMONIC_BIP84 is already imported. and NOT restart the app (currently app wipes and restarts for each test case).
that should save us lots of time on CI

[Overtorment]

incorrect fp

[Overtorment]

yeah, would be nice to make signInputHD work, and keep the fallback as well (pls add comments)

[Overtorment]

noice

[Overtorment]

i like the approach. solid test

[Overtorment]

heres how psbt's input data looks like when BW crafts it (having only Zpub):

[Overtorment]

screen PsbtSign is not necessary.
first, you could cosign transaction right on that screen (dont forget to set isLoading) - similar to how its done in importTransactionMultisigScanQr on the same screen.
and then, if you have a txhex - navigate to send/create and pass an option that along with multiline input with txhes should also be rendered animated qr (dynamicqrcode, bc-ur encoded). boom! code reuse. flow unification

[limpbrains]

Screen unification is a good thing. I just thoungt send/details is already overloaded

[limpbrains]

i like how it works in general, tested it on my devices.
but requires some refactoring.
ill probably work on this branch myself.

Sure, you are welcome!

I'm trying to generate a correct fingerprint using:

  const seed = bip39.mnemonicToSeed(process.env.HD_MNEMONIC);
  const root = HDNode.fromSeed(seed);
  const child = root.derivePath(path);
  const fp = child.fingerprint

and use this fingerprint in psbt.addInput

but psbt.signInputHD still doesn't work for me with the same error

[Overtorment]

@limpbrains i simplified it. removed unnecessary screen. drawback is that I had to remove the flow with some inputs being unsigned (class still supports it, so we can bring it back in UI anytime - we just need a use case for it).
I reused send/Confirm screen, but screwed up with react markup so visually its a bit broken.
I also uncommented signInputHD and added a testcase that tests it.

[GladosBlueWallet]

♫ This was a triumph. I'm making a note here: HUGE SUCCESS ♫

[android in browser] https://appetize.io/app/32vde681zvm7yfk2u8hy735xvw

download apk