Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gui: save and load PSBT #17509

Merged
merged 6 commits into from Apr 23, 2020
Merged

gui: save and load PSBT #17509

merged 6 commits into from Apr 23, 2020

Conversation

Sjors
Copy link
Member

@Sjors Sjors commented Nov 18, 2019

This adds:

  • a dialog after Create Unsigned, which lets you save a PSBT file in binary format, e.g. to an SD card
  • a "Load PSBT" menu entry lets you pick a PSBT file. We broadcast the transaction if complete

Save flow

Schermafbeelding 2020-01-04 om 20 39 34

Schermafbeelding 2020-01-04 om 20 40 35

Schermafbeelding 2020-01-04 om 20 41 12

Schermafbeelding 2020-01-04 om 20 41 28

By default the file name contains the destination address(es) and amount(s).

We only use the binary format for files, in order to avoid compatibility hell. If we do want to add base64 file format support, we should use a different extension for that (.psbt64?).

Load flow

Select a file:
Schermafbeelding 2020-01-04 om 21 08 57

Offer to send if complete:

Schermafbeelding 2020-01-04 om 21 09 06

Tell user if signatures are missing, offer to copy to clipboard:
Schermafbeelding 2020-01-04 om 21 15 57

Incomplete for another reason:

Schermafbeelding 2020-01-04 om 21 07 51

@DrahtBot
Copy link
Contributor

@DrahtBot DrahtBot commented Nov 18, 2019

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

  • #18656 (gui: Add a Make unsigned button next to Send by achow101)
  • #18246 (wip: gui: Drop connectSlotsByName usage by promag)
  • #18027 ("PSBT Operations" dialog by gwillen)
  • #17463 (Bugfix: GUI: Restore SendConfirmationDialog button default to "Yes" by luke-jr)
  • #17457 (gui: Fix manual coin control with multiple wallets loaded by promag)
  • #17034 (Bip174 extensions by achow101)
  • #16463 ([BIP 174] Implement serialization support for GLOBAL_XPUB field. by achow101)
  • #14485 (Try to use posix_fadvise with CBufferedFile by luke-jr)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

@practicalswift
Copy link
Contributor

@practicalswift practicalswift commented Nov 19, 2019

I haven't investigated thoroughly yet but it seems like at least a subset of the issues regarding handling of malformed PSBT inputs reported in #17149 ("Potential PSBT issues found by the PSBT fuzzer") are reachable from this code?

That is not a problem once the #17149 issues have been fixed by making the PSBT code more robust against malformed PSBT input, but I wanted to mention the dependency here so that the PSBT issues get fixed before the merge of this PR :)

@Sjors Sjors mentioned this pull request Nov 19, 2019
2 tasks
}

// PSBTAnalysis analysis = AnalyzePSBT(psbtx);
// bool have_all_sigs = (analysis.next == PSBTRole::FINALIZER) || (analysis.next == PSBTRole::EXTRACTOR);
Copy link
Member Author

@Sjors Sjors Nov 20, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@achow101 I uncommented this because the next role was UPDATER, which seems similar to what @justinmoon found: https://bitcoin.stackexchange.com/questions/89203/analyzepsbt-says-next-role-is-updater-but-nothing-is-missing

Will investigate more thoroughly when I work on this PR again, if I still see it.

@Sjors Sjors force-pushed the 2019/11/gui-psbt-save branch 2 times, most recently from 208b9f0 to a2654c0 Compare Nov 23, 2019
@Sjors Sjors force-pushed the 2019/11/gui-psbt-save branch from a2654c0 to 3eebd15 Compare Nov 26, 2019
@gwillen
Copy link
Contributor

@gwillen gwillen commented Dec 9, 2019

UI comment: I think "create unsigned" / "save" is a weird juxtaposition. Perhaps "Copy PSBT" / "Save PSBT"? Or perhaps "Create Unsigned" with further options in a dialog?

src/qt/walletview.cpp Outdated Show resolved Hide resolved
@promag
Copy link
Member

@promag promag commented Dec 23, 2019

Concept ACK.

@Sjors
Copy link
Member Author

@Sjors Sjors commented Jan 2, 2020

Rebased. I can address feedback for #17463 here if needed.

Or perhaps "Create Unsigned" with further options in a dialog?

Yes, this seems like a better idea. It's especially useful to have some flexibility after loading a PSBT.

@Sjors Sjors force-pushed the 2019/11/gui-psbt-save branch 3 times, most recently from 1fc4e70 to 1f57fbe Compare Jan 4, 2020
@Sjors Sjors marked this pull request as ready for review Jan 4, 2020
@Sjors
Copy link
Member Author

@Sjors Sjors commented Jan 4, 2020

I added a dialog for Create Unsigned that appears after the usual transaction approval. The PSBT is automatically copied to clipboard as before, but the dialog offers to also save it. When loading a PSBT, the dialog asks if the users wants to broadcast. When there's a problem, e.g. missing signatures, it offers to copy it (so you can e.g. inspect it with RPC).

@Sjors Sjors mentioned this pull request Jan 4, 2020
@Sjors Sjors force-pushed the 2019/11/gui-psbt-save branch from 1f57fbe to e6ea593 Compare Jan 6, 2020
@Sjors
Copy link
Member Author

@Sjors Sjors commented Jan 6, 2020

I dropped the dependency on #17463; should be easy to rebase. This is now ready for review.

@gwillen
Copy link
Contributor

@gwillen gwillen commented Jan 28, 2020

Tested ACK e6ea593. Thoughts:

  • Obviously I'm not exactly an unbiased reviewer since some of this is based on some of my work, but I think my ACK probably still counts. :-)
  • I don't like the verbosity of the save filenames, but that's so easy to change later, and so subject to bikeshedding, that I think it should be left alone for this PR.

@luke-jr
Copy link
Member

@luke-jr luke-jr commented Jan 29, 2020

No way to actually sign an incomplete one?

Maybe it should load raw signed transactions too...

@Sjors
Copy link
Member Author

@Sjors Sjors commented Jan 29, 2020

@luke-jr both should be possible, but I prefer to keep this PR simple.

@practicalswift wrote:

I haven't investigated thoroughly yet but it seems like at least a subset of the issues regarding handling of malformed PSBT inputs reported in #17149 ("Potential PSBT issues found by the PSBT fuzzer") are reachable from this code?

That is not a problem once the #17149 issues have been fixed by making the PSBT code more robust against malformed PSBT input, but I wanted to mention the dependency here so that the PSBT issues get fixed before the merge of this PR :)

These are merged now in #17156, though I haven't rebased to preserve @gwillen's ACK.

sidhujag pushed a commit to syscoin/syscoin that referenced this issue Apr 23, 2020
764bfe4 [psbt] add file size limit (Sjors Provoost)
1cd8dc2 [gui] load PSBT (Sjors Provoost)
f689530 [gui] save PSBT to file (Sjors Provoost)
1d05a9d Move DEFAULT_MAX_RAW_TX_FEE_RATE to node/transaction.h (Sjors Provoost)
86e22d2 [util] GetFileSize (Sjors Provoost)
6ab3aad [gui] send dialog: split on_sendButton_clicked (Sjors Provoost)

Pull request description:

  This adds:
  * a dialog after Create Unsigned, which lets you save a PSBT file in binary format, e.g. to an SD card
  * a "Load PSBT" menu entry lets you pick a PSBT file. We broadcast the transaction if complete

  ## Save flow
  <img width="482" alt="Schermafbeelding 2020-01-04 om 20 39 34" src="https://user-images.githubusercontent.com/10217/71765684-ba60d580-2f32-11ea-8dea-0c4398eb6e15.png">

  <img width="287" alt="Schermafbeelding 2020-01-04 om 20 40 35" src="https://user-images.githubusercontent.com/10217/71765677-a0bf8e00-2f32-11ea-8172-12dfd34a89f3.png">

  <img width="594" alt="Schermafbeelding 2020-01-04 om 20 41 12" src="https://user-images.githubusercontent.com/10217/71765681-aa48f600-2f32-11ea-8e2c-c4f6bf9f5309.png">

  <img width="632" alt="Schermafbeelding 2020-01-04 om 20 41 28" src="https://user-images.githubusercontent.com/10217/71765691-d19fc300-2f32-11ea-97ff-70f5dd59987a.png">

  By default the file name contains the destination address(es) and amount(s).

  We only use the binary format for files, in order to avoid compatibility hell. If we do want to add base64 file format support, we should use a different extension for that (`.psbt64`?).

  ## Load flow

  Select a file:
  <img width="649" alt="Schermafbeelding 2020-01-04 om 21 08 57" src="https://user-images.githubusercontent.com/10217/71766089-2ba28780-2f37-11ea-875d-074794b5707d.png">

  Offer to send if complete:

  <img width="308" alt="Schermafbeelding 2020-01-04 om 21 09 06" src="https://user-images.githubusercontent.com/10217/71766088-2a715a80-2f37-11ea-807d-394c8b840c59.png">

  Tell user if signatures are missing, offer to copy to clipboard:
  <img width="308" alt="Schermafbeelding 2020-01-04 om 21 15 57" src="https://user-images.githubusercontent.com/10217/71766115-702e2300-2f37-11ea-9f62-a6ede499c0fa.png">

  Incomplete for another reason:

  <img width="309" alt="Schermafbeelding 2020-01-04 om 21 07 51" src="https://user-images.githubusercontent.com/10217/71766090-2c3b1e00-2f37-11ea-8a22-6188377b67a1.png">

ACKs for top commit:
  instagibbs:
    re-ACK  bitcoin@764bfe4
  achow101:
    ACK 764bfe4
  jb55:
    Tested ACK 764bfe4
  jonatack:
    ACK 764bfe4
  promag:
    Code review ACK 764bfe4.

Tree-SHA512: d284ed6895f3a271fb8ff879aac388ad217ddc13f72074725608e1c3d6d90650f6dc9e9e254479544dd71fc111516b02c8ff92158153208dc40fb2726b37d063
@laanwj laanwj removed this from Blockers in High-priority for review Apr 23, 2020
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 9, 2020
This commit does not change behavior.

Github-Pull: bitcoin#17509
Rebased-From: 6ab3aad
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 9, 2020
Github-Pull: bitcoin#17509
Rebased-From: 86e22d2
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 9, 2020
So it can be used in the GUI.

Github-Pull: bitcoin#17509
Rebased-From: 1d05a9d
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 9, 2020
co-authored-by: Glenn Willen <gwillen@nerdnet.org>

Github-Pull: bitcoin#17509
Rebased-From: f689530
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 9, 2020
co-authored-by: Glenn Willen <gwillen@nerdnet.org>

Github-Pull: bitcoin#17509
Rebased-From: 1cd8dc2
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 9, 2020
luke-jr added a commit to bitcoinknots/bitcoin that referenced this issue Jun 9, 2020
Github-Pull: bitcoin#17509
Rebased-From: 39b13259fc8d91f8f7836a30ca1295a17fe5e191

TransactionError result = BroadcastTransaction(*clientModel->node().context(), tx, err_string, DEFAULT_MAX_RAW_TX_FEE_RATE.GetFeePerK(), /* relay */ true, /* wait_callback */ false);
if (result == TransactionError::OK) {
Q_EMIT message(tr("Success"), tr("Broadcasted transaction sucessfully."), CClientUIInterface::MSG_INFORMATION | CClientUIInterface::MODAL);
Copy link
Member

@luke-jr luke-jr Jun 10, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo

Copy link
Member Author

@Sjors Sjors Jun 10, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@luke-jr that's already fixed in master

luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 10, 2020
luke-jr added a commit to bitcoinknots/bitcoin that referenced this issue Jun 10, 2020
Github-Pull: bitcoin#17509
Rebased-From: 39b13259fc8d91f8f7836a30ca1295a17fe5e191
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 12, 2020
This commit does not change behavior.

Github-Pull: bitcoin#17509
Rebased-From: 6ab3aad
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 12, 2020
Github-Pull: bitcoin#17509
Rebased-From: 86e22d2
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 12, 2020
So it can be used in the GUI.

Github-Pull: bitcoin#17509
Rebased-From: 1d05a9d
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 12, 2020
co-authored-by: Glenn Willen <gwillen@nerdnet.org>

Github-Pull: bitcoin#17509
Rebased-From: f689530
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 12, 2020
co-authored-by: Glenn Willen <gwillen@nerdnet.org>

Github-Pull: bitcoin#17509
Rebased-From: 1cd8dc2
luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this issue Jun 12, 2020
luke-jr added a commit to bitcoinknots/bitcoin that referenced this issue Jun 12, 2020
Github-Pull: bitcoin#17509
Rebased-From: 39b13259fc8d91f8f7836a30ca1295a17fe5e191
meshcollider added a commit that referenced this issue Jun 21, 2020
931dd47 Make lint-spelling.py happy (Glenn Willen)
11a0ffb [gui] Load PSBT from clipboard (Glenn Willen)
a6cb0b0 [gui] PSBT Operations Dialog (sign & broadcast) (Glenn Willen)
5dd0c03 FillPSBT: report number of inputs signed (or would sign) (Glenn Willen)
9e7b23b Improve TransactionErrorString messages. (Glenn Willen)

Pull request description:

  Add a "PSBT Operations" dialog, reached from the "Load PSBT..." menu item, giving options to sign or broadcast the loaded PSBT as appropriate, as well as copying the result to the clipboard or saving it to a file.

  This is based on Sjors' #17509, and depends on that PR going in first. (It effectively replaces the small "load PSBT" dialog from that PR with a more feature-rich one.)

  Some notes:
  * The way I display status information is maybe unusual (a status bar, rather than messageboxes.) I think it's helpful to have the information in it be persistent rather than transitory. But if people dislike it, I would probably move the "current state of the transaction" info to the top line of the main label, and the "what action just happened, and did it succeed" info into a messagebox.
  * I don't really know much about the translation/localization stuff. I put tr() in all the places it seemed like it ought to go. I did not attempt to translate the result of TransactionErrorString (which is shared by GUI and non-GUI code); I don't know if that's correct, but it matches the "error messages in logs should be googleable in English" heuristic. I don't know whether there are things I should be doing to reduce translator effort (like minimizing the total number of distinct message strings I use, or something.)
  * I don't really know how (if?) automated testing is applied to GUI code. I can make a list of PSBTs exercising all the codepaths for manual testing, if that's the right approach. Input appreciated.

ACKs for top commit:
  instagibbs:
    tested ACK 931dd47
  Sjors:
    re-tACK 931dd47
  jb55:
    ACK 931dd47
  achow101:
    ACK 931dd47

Tree-SHA512: ade52471a2242f839a8bd6a1fd231443cc4b43bb9c1de3fb5ace7c5eb59eca99b1f2e9f17dfdb4b08d84d91f5fd65677db1433dd03eef51c7774963ef4e2e74f
deadalnix pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this issue Oct 23, 2020
Summary:
This commit does not change behavior.

Backport of Core [[bitcoin/bitcoin#17509 | PR17509]] part [1/6] : bitcoin/bitcoin@6ab3aad

Test Plan:
  ninja all check-all

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Differential Revision: https://reviews.bitcoinabc.org/D8066
jasonbcox pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this issue Oct 23, 2020
Summary: Backport of Core [[bitcoin/bitcoin#17509 | PR17509]] part [2/6] : bitcoin/bitcoin@86e22d2

Test Plan:
  ninja all check-all

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Differential Revision: https://reviews.bitcoinabc.org/D8067
jasonbcox pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this issue Oct 23, 2020
Summary:
So it can be used in the GUI.

Backport of Core [[bitcoin/bitcoin#17509 | PR17509]] part [3/6] : bitcoin/bitcoin@1d05a9d

Test Plan:
  ninja all check-all

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Differential Revision: https://reviews.bitcoinabc.org/D8068
jasonbcox pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this issue Oct 23, 2020
Summary:
co-authored-by: Glenn Willen <gwillen@nerdnet.org>

Backport of Core [[bitcoin/bitcoin#17509 | PR17509]] part [4/6] : bitcoin/bitcoin@f689530

Depends on D8066

Test Plan:
  ninja all check-all

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Differential Revision: https://reviews.bitcoinabc.org/D8069
jasonbcox pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this issue Oct 23, 2020
Summary: Backport of Core [[bitcoin/bitcoin#17509 | PR17509]] part [5/6] : bitcoin/bitcoin@764bfe4

Test Plan:
  ninja all check

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Subscribers: Fabien

Differential Revision: https://reviews.bitcoinabc.org/D8070
jasonbcox pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this issue Oct 23, 2020
Summary:
co-authored-by: Glenn Willen <gwillen@nerdnet.org>

Backport of Core [[bitcoin/bitcoin#17509 | PR17509]] part [6/6] : bitcoin/bitcoin@1cd8dc2

Depends on D8065, D8070, D8068 and D8069

Test Plan:
  ninja all check-all

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Subscribers: Fabien

Differential Revision: https://reviews.bitcoinabc.org/D8071
sidhujag pushed a commit to syscoin-core/syscoin that referenced this issue Nov 10, 2020
…orrect

1ef28b4 Make AnalyzePSBT next role calculation simple, correct (Gregory Sanders)

Pull request description:

  Sniped test and alternative to bitcoin#18220

  Sjors documenting the issue:
  ```
  A PSBT signed by ColdCard was analyzed as follows (see bitcoin#17509 (comment))

  {
    "inputs": [
      {
        "has_utxo": true,
        "is_final": false,
        "next": "finalizer"
      }
    ],
    "estimated_vsize": 141,
    "estimated_feerate": 1e-05,
    "fee": 1.41e-06,
    "next": "signer"
  }
  I changed AnalyzePSBT so that it returns "next": "finalizer" instead.
  ```

  It makes it much clearer that the role has been decided before hitting the `calc_fee` block, and groups all state-deciding in one spot instead of 2.

  Note that this assumes that PSBT roles are a complete ordering, which for now and in the future seems to be a correct assumption.

ACKs for top commit:
  Sjors:
    ACK 1ef28b4, much nicer. Don't forget to document the bug fix.
  achow101:
    ACK 1ef28b4
  Empact:
    ACK bitcoin@1ef28b4

Tree-SHA512: 22ba4234985c6f9c1445b14565c71268cfaa121c4ef000ee3d5117212b09442dee8d46d9701bceddaf355263fe25dfe40def2ef614d4f2fe66c9ce876cb49934
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Feb 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet