Support for advanced transactions

[CodeForcer]

Electrum is great for standard transactions, but one place I've noticed it really struggles is advanced transactions such as P2SH-P2WSH transactions where the witness script is not the standard multisig.

I'm currently working on a decentralised trading system which doesn't use standard multisig, but instead a custom witness script where parties to the transaction have secret codes they can reveal to other parties. For example the moderator of the trade can reveal a release code to the buyer in the transaction, allowing the buyer to spend the UTXO, or a return code to the seller, allowing the seller to spend the UTXO.

I have been able to leverage a lot of the transaction.py module to achieve what I want, but I noticed that if I don't manually construct the witness then it tries to parse the witness with a standard multi-sig script.

Is there a recommended way to construct transactions where I have custom parameters that need to go into the witness, and also where one of those custom parameters is a signature that needs to be signed against the preimage of the entire transaction (according to BIP143)?

I think support for this in Electrum would be really powerful, because it would allow decentralised exchanges to plug directly into Electrum as a trading interface. Ideally I would like to allow users of my platform to redeem transactions from P2SH-P2WSH addresses directly into their electrum wallets by giving them the secret codes which unlock the locking script.

(Note: I'm using latest Electrum on master branch for this)

[SomberNight]

advanced transactions such as P2SH-P2WSH transactions where the witness script is not the standard multisig
I have been able to leverage a lot of the transaction.py module to achieve what I want, but I noticed that if I don't manually construct the witness then it tries to parse the witness with a standard multi-sig script.

Yes, indeed, transaction.py is currently very limited in terms of "advanced" scripts. Pretty much everything is assumed to be a multisig (if it's not p2pkh-like).
See how we are using it ourselves for the Lightning-related scripts:

electrum/electrum/lnsweep.py

Line 496 in 9734546

def create_sweeptx_ctx_to_local(*, sweep_address: str, ctx: Transaction, output_idx: int, witness_script: str,

It sounds hard to provide useful support of custom scripts, especially in a way that could be exposed to the UI. Maybe with miniscript?

[CodeForcer]

Yes it's difficult to imagine how to make it friendly to the UI. For my use-case it would be enough to provide users with the address where the Bitcoin is, a witness script, and then the parameters to unlock the script - everything else can be worked out with standard Electrum operations like gathering prevouts, etc. However, difficulty arises primarily when one of the witness parameters is a signature of the entire transaction. I'm still able to achieve what I need, but I have to do the signing and construction of the witness outside of Electrum and then attach the result back onto the transaction object,

If Miniscript can solve this in a way that is also more generic for other people's use-cases, and also can be done on the UI, then it would be the perfect integration for Electrum. Now that Electrum has lightning network and PSBT support, advanced transaction scripting is the only thing missing I can think of.

[aantonop]

I would be very interested in an implementation of Miniscript as an abstraction of the scripting engine in Electrum. There are dozens of applications that would benefit from this work, including easier upgrade-ability of the BOLT3 scripts for Lightning, custom multisig, timelock and hierarchical unlocking scripts (for corporate governance, inheritance planning, recovery, trust accounts etc), as well as future upgrades for CHECKTEMPLATEVERIFY (covenant) scripts.

Is anyone working on something like this?
Is anyone else interested in something like this?
Would anyone else be interested in funding a bounty/grant for this functionality?
Is anyone interested in implementing this with a bounty/grant?

[CodeForcer]

@aantonop the LocalCoinSwap (https://localcoinswap.com) team would be interested in working on this under a grant program. We've worked successfully under grant programs in the past to produce python libraries in the Kusama/Polkadot ecosystem. We may not be as good a choice for this as someone who is already an active Electrum developer, but would happily raise our hands as it's an interesting thing to work on.

This would be a seriously cool addition to Electrum, and if implemented would allow Electrum to be extended in a variety of ways. For example in our use case, we could create a non-custodial plugin for Electrum users to trade directly from their Electrum wallets.

[ksedgwic]

@aantonop - @devrandom and I are looking at ways to integrate advanced scripts in electrum, has there been any progress on this front?d Anyone we should talk to?

[aantonop]

I have not seen any work on this. I would be interested in funding a gitcoin grant to implement an "output descriptors" abstraction of the Electrum wallet, based on miniscript expressions, similar to what is implemented in Bitcoin Core ( https://github.com/bitcoin/bitcoin/blob/master/doc/descriptors.md). This would replace the fixed script libraries and allow plugins to extend the wallet with new script types. Not sure how much effort this involves, would be interested in also funding an initial assessment project, if someone with Electrum codebase experience is willing to do the work.

[SomberNight]

related: #6016

[devrandom]

BTW, @ksedgwic and I took the approach of subclassing MultiSig_Wallet. We overrode the following methods:

• __init__ - need to set self.m equal to self.n, which is somewhat of a hack, just so that transactions are not auto-finalized
• pubkeys_to_scriptcode - straightforward generation of our custom redeemscript
• sign_transaction - added our own finalization, so we can create our own witness
• create_transaction - we needed to set locktime for our use case