Merge pull request #6436 from BitGo/BTC-2286

Bump BitGo's fork for bitcoinjs-lib and improve the functionality for wrapping safe signing

Author: davidkaplanbitgo

modules/abstract-utxo/src/sign.ts

@@ -64,6 +64,7 @@ export function signAndVerifyPsbt(
   signerKeychain: utxolib.BIP32Interface,
   {
     isLastSignature,
+    /** deprecated */
     allowNonSegwitSigningWithoutPrevTx,
   }: { isLastSignature: boolean; allowNonSegwitSigningWithoutPrevTx?: boolean }
 ): utxolib.bitgo.UtxoPsbt | utxolib.bitgo.UtxoTransaction<bigint> {
@@ -85,11 +86,7 @@ export function signAndVerifyPsbt(
       }
 
       try {
-        utxolib.bitgo.withUnsafeNonSegwit(
-          psbt,
-          () => psbt.signInputHD(inputIndex, signerKeychain),
-          !!allowNonSegwitSigningWithoutPrevTx
-        );
+        psbt.signInputHD(inputIndex, signerKeychain);
         debug('Successfully signed input %d of %d', inputIndex + 1, psbt.data.inputs.length);
       } catch (e) {
         return new InputSigningError<bigint>(inputIndex, { id: outputId }, e);
@@ -111,13 +108,7 @@ export function signAndVerifyPsbt(
 
       const outputId = outputIds[inputIndex];
       try {
-        if (
-          !utxolib.bitgo.withUnsafeNonSegwit(
-            psbt,
-            () => psbt.validateSignaturesOfInputHD(inputIndex, signerKeychain),
-            !!allowNonSegwitSigningWithoutPrevTx
-          )
-        ) {
+        if (!psbt.validateSignaturesOfInputHD(inputIndex, signerKeychain)) {
           return new InputSigningError(inputIndex, { id: outputId }, new Error(`invalid signature`));
         }
       } catch (e) {

modules/abstract-utxo/src/transaction/fixedScript/signTransaction.ts

@@ -27,6 +27,7 @@ export async function signTransaction<TNumber extends number | bigint>(
     txInfo: { unspents?: utxolib.bitgo.Unspent<TNumber>[] } | undefined;
     isLastSignature: boolean;
     signingStep: 'signerNonce' | 'cosignerNonce' | 'signerSignature' | undefined;
+    /** deprecated */
     allowNonSegwitSigningWithoutPrevTx: boolean;
     pubs: string[] | undefined;
     cosignerPub: string | undefined;
@@ -47,19 +48,11 @@ export async function signTransaction<TNumber extends number | bigint>(
     isLastSignature = params.isLastSignature;
   }
 
-  const setSignerMusigNonceWithOverride = (
-    psbt: utxolib.bitgo.UtxoPsbt,
-    signerKeychain: utxolib.BIP32Interface,
-    nonSegwitOverride: boolean
-  ) => {
-    utxolib.bitgo.withUnsafeNonSegwit(psbt, () => psbt.setAllInputsMusig2NonceHD(signerKeychain), nonSegwitOverride);
-  };
-
   if (tx instanceof bitgo.UtxoPsbt && isTxWithKeyPathSpendInput) {
     switch (params.signingStep) {
       case 'signerNonce':
         assert(signerKeychain);
-        setSignerMusigNonceWithOverride(tx, signerKeychain, params.allowNonSegwitSigningWithoutPrevTx);
+        tx.setAllInputsMusig2NonceHD(signerKeychain);
         PSBT_CACHE.set(tx.getUnsignedTx().getId(), tx);
         return { txHex: tx.toHex() };
       case 'cosignerNonce':
@@ -80,7 +73,7 @@ export async function signTransaction<TNumber extends number | bigint>(
         // this instance is not an external signer
         assert(params.walletId, 'walletId is required for MuSig2 bitgo nonce');
         assert(signerKeychain);
-        setSignerMusigNonceWithOverride(tx, signerKeychain, params.allowNonSegwitSigningWithoutPrevTx);
+        tx.setAllInputsMusig2NonceHD(signerKeychain);
         const response = await coin.signPsbt(tx.toHex(), params.walletId);
         tx.combine(bitgo.createPsbtFromHex(response.psbt, coin.network));
         break;
@@ -102,7 +95,6 @@ export async function signTransaction<TNumber extends number | bigint>(
     assert(signerKeychain);
     signedTransaction = signAndVerifyPsbt(tx, signerKeychain, {
       isLastSignature,
-      allowNonSegwitSigningWithoutPrevTx: params.allowNonSegwitSigningWithoutPrevTx,
     });
   } else {
     if (tx.ins.length !== params.txInfo?.unspents?.length) {

modules/utxo-bin/package.json

@@ -35,7 +35,7 @@
     "@noble/curves": "1.8.1",
     "archy": "^1.0.0",
     "bech32": "^2.0.0",
-    "bitcoinjs-lib": "npm:@bitgo-forks/[email protected].2",
+    "bitcoinjs-lib": "npm:@bitgo-forks/[email protected].11",
     "bs58": "^5.0.0",
     "bs58check": "^2.1.2",
     "cashaddress": "^1.1.0",

modules/utxo-lib/package.json

@@ -54,7 +54,7 @@
     "bip174": "npm:@bitgo-forks/[email protected]",
     "bip32": "^3.0.1",
     "bitcoin-ops": "^1.3.0",
-    "bitcoinjs-lib": "npm:@bitgo-forks/[email protected].9",
+    "bitcoinjs-lib": "npm:@bitgo-forks/[email protected].11",
     "bs58check": "^2.1.2",
     "cashaddress": "^1.1.0",
     "create-hash": "^1.2.0",

modules/utxo-lib/src/bitgo/PsbtUtil.ts

@@ -133,12 +133,14 @@ export function toPsbtBuffer(data: Buffer | string): Buffer {
  * This function allows signing or validating a psbt with non-segwit inputs those do not contain nonWitnessUtxo.
  */
 export function withUnsafeNonSegwit<T>(psbt: Psbt, fn: () => T, unsafe = true): T {
+  const prevValue = (psbt as any).__CACHE.__UNSAFE_SIGN_NONSEGWIT;
+  const prevValueWarn = (psbt as any).__CACHE.__WARN_UNSAFE_SIGN_NONSEGWIT;
   (psbt as any).__CACHE.__UNSAFE_SIGN_NONSEGWIT = unsafe;
   (psbt as any).__CACHE.__WARN_UNSAFE_SIGN_NONSEGWIT = !unsafe;
   try {
     return fn();
   } finally {
-    (psbt as any).__CACHE.__UNSAFE_SIGN_NONSEGWIT = false;
-    (psbt as any).__CACHE.__WARN_UNSAFE_SIGN_NONSEGWIT = true;
+    (psbt as any).__CACHE.__UNSAFE_SIGN_NONSEGWIT = prevValue;
+    (psbt as any).__CACHE.__WARN_UNSAFE_SIGN_NONSEGWIT = prevValueWarn;
   }
 }

modules/utxo-lib/src/bitgo/zcash/ZcashPsbt.ts

@@ -4,11 +4,10 @@ import {
   getDefaultVersionGroupIdForVersion,
   ZcashTransaction,
 } from './ZcashTransaction';
-import { Network, PsbtTransaction, Signer } from '../../';
+import { Network, PsbtTransaction } from '../../';
 import { Psbt as PsbtBase } from 'bip174';
 import * as types from 'bitcoinjs-lib/src/types';
-import { ValidateSigFunction } from 'bitcoinjs-lib/src/psbt';
-import { ProprietaryKeySubtype, PSBT_PROPRIETARY_IDENTIFIER, withUnsafeNonSegwit } from '../PsbtUtil';
+import { ProprietaryKeySubtype, PSBT_PROPRIETARY_IDENTIFIER } from '../PsbtUtil';
 const typeforce = require('typeforce');
 
 const CONSENSUS_BRANCH_ID_KEY = Buffer.concat([
@@ -124,17 +123,6 @@ export class ZcashPsbt extends UtxoPsbt<ZcashTransaction<bigint>> {
     this.tx.consensusBranchId = getDefaultConsensusBranchIdForVersion(network, version);
   }
 
-  // For Zcash transactions, we do not have to have non-witness UTXO data for non-segwit
-  // transactions because zcash hashes the value directly. Thus, it is unnecessary to have
-  // the previous transaction hash on the unspent.
-  signInput(inputIndex: number, keyPair: Signer, sighashTypes?: number[]): this {
-    return withUnsafeNonSegwit(this, super.signInput.bind(this, inputIndex, keyPair, sighashTypes));
-  }
-
-  validateSignaturesOfInput(inputIndex: number, validator: ValidateSigFunction, pubkey?: Buffer): boolean {
-    return withUnsafeNonSegwit(this, super.validateSignaturesOfInput.bind(this, inputIndex, validator, pubkey));
-  }
-
   private setPropertyCheckSignatures(propName: keyof ZcashTransaction<bigint>, value: unknown) {
     if (this.tx[propName] === value) {
       return;

modules/utxo-lib/src/testutil/psbt.ts

@@ -24,7 +24,6 @@ import {
   UtxoPsbt,
   UtxoTransaction,
   verifySignatureWithUnspent,
-  withUnsafeNonSegwit,
 } from '../bitgo';
 import { Network } from '../networks';
 import { mockReplayProtectionUnspent, mockWalletUnspent } from './mock';
@@ -115,32 +114,21 @@ export function signPsbtInput(
   params?: {
     signers?: { signerName: KeyName; cosignerName?: KeyName };
     deterministic?: boolean;
+    // For backwards compatibility keep this here.
     skipNonWitnessUtxo?: boolean;
   }
 ): void {
-  function signPsbt(psbt: UtxoPsbt, signFunc: () => void, skipNonWitnessUtxo?: boolean) {
-    if (skipNonWitnessUtxo) {
-      withUnsafeNonSegwit(psbt, signFunc);
-    } else {
-      signFunc();
-    }
-  }
-
-  const { signers, deterministic, skipNonWitnessUtxo } = params ?? {};
+  const { signers, deterministic } = params ?? {};
   const { signerName, cosignerName } = signers ? signers : getSigners(input.scriptType);
   if (sign === 'halfsigned') {
     if (input.scriptType === 'p2shP2pk') {
-      signPsbt(psbt, () => psbt.signInput(inputIndex, rootWalletKeys[signerName]), skipNonWitnessUtxo);
+      psbt.signInput(inputIndex, rootWalletKeys[signerName]);
     } else {
-      signPsbt(psbt, () => psbt.signInputHD(inputIndex, rootWalletKeys[signerName]), skipNonWitnessUtxo);
+      psbt.signInputHD(inputIndex, rootWalletKeys[signerName]);
     }
   }
   if (sign === 'fullsigned' && cosignerName && input.scriptType !== 'p2shP2pk') {
-    signPsbt(
-      psbt,
-      () => psbt.signInputHD(inputIndex, rootWalletKeys[cosignerName], { deterministic }),
-      skipNonWitnessUtxo
-    );
+    psbt.signInputHD(inputIndex, rootWalletKeys[cosignerName], { deterministic });
   }
 }
 
@@ -156,12 +144,13 @@ export function signAllPsbtInputs(
   params?: {
     signers?: { signerName: KeyName; cosignerName?: KeyName };
     deterministic?: boolean;
+    // For backwards compatibility keep this here.
     skipNonWitnessUtxo?: boolean;
   }
 ): void {
-  const { signers, deterministic, skipNonWitnessUtxo } = params ?? {};
+  const { signers, deterministic } = params ?? {};
   inputs.forEach((input, inputIndex) => {
-    signPsbtInput(psbt, input, inputIndex, rootWalletKeys, sign, { signers, deterministic, skipNonWitnessUtxo });
+    signPsbtInput(psbt, input, inputIndex, rootWalletKeys, sign, { signers, deterministic });
   });
 }
 

modules/utxo-lib/test/bitgo/psbt/Psbt.ts

@@ -32,7 +32,6 @@ import {
   clonePsbtWithoutNonWitnessUtxo,
   deleteWitnessUtxoForNonSegwitInputs,
   getPsbtInputScriptType,
-  withUnsafeNonSegwit,
   getTransactionAmountsFromPsbt,
   WalletUnspent,
   getDefaultSigHash,
@@ -289,18 +288,14 @@ function runBuildSignSendFlowTest(
       hex = psbtWithoutPrevTx.toHex();
 
       psbtAtHsm = createPsbtFromHex(hex, network);
-      withUnsafeNonSegwit(psbtAtHsm, () => {
-        testutil.signAllPsbtInputs(psbtAtHsm, inputs, rootWalletKeys, 'fullsigned', {
-          signers: {
-            signerName: 'user',
-            cosignerName: 'bitgo',
-          },
-          deterministic: true,
-        });
-      });
-      withUnsafeNonSegwit(psbtAtHsm, () => {
-        assertValidate(psbtAtHsm);
+      testutil.signAllPsbtInputs(psbtAtHsm, inputs, rootWalletKeys, 'fullsigned', {
+        signers: {
+          signerName: 'user',
+          cosignerName: 'bitgo',
+        },
+        deterministic: true,
       });
+      assertValidate(psbtAtHsm);
       hexAtHsm = psbtAtHsm.toHex();
 
       psbtFromHsm = createPsbtFromHex(hexAtHsm, network);

modules/utxo-lib/test/bitgo/psbt/ZcashPsbt.ts

@@ -45,14 +45,11 @@ describe('Zcash PSBT', function () {
   describe('should be able to sign the transaction', function () {
     it('can sign the inputs', async function () {
       psbt.signAllInputsHD(rootWalletKeys.user);
-      assert(!(psbt as any).__CACHE.__UNSAFE_SIGN_NONSEGWIT);
       psbt.signAllInputsHD(rootWalletKeys.bitgo);
-      assert(!(psbt as any).__CACHE.__UNSAFE_SIGN_NONSEGWIT);
     });
 
     it('can validate the signatures on the unspents', async function () {
       psbt.validateSignaturesOfAllInputs();
-      assert(!(psbt as any).__CACHE.__UNSAFE_SIGN_NONSEGWIT);
     });
 
     it('can finalize and extract the transaction', async function () {

yarn.lock

@@ -7459,11 +7459,6 @@ bip174@=2.1.1, bip174@^2.1.1:
   resolved "https://registry.npmjs.org/bip174/-/bip174-2.1.1.tgz#ef3e968cf76de234a546962bcf572cc150982f9f"
   integrity sha512-mdFV5+/v0XyNYXjBS6CQPLo9ekCx4gtKZFnJm5PMto7Fs9hTTDpkkzOB7/FtluRI6JbUUAu+snTYfJRgHLZbZQ==
 
-"bip174@npm:@bitgo-forks/[email protected]":
-  version "3.0.0-rc.1"
-  resolved "https://registry.npmjs.org/@bitgo-forks/bip174/-/bip174-3.0.0-rc.1.tgz#6ca32dc75513744a9ae914255f915494056541b4"
-  integrity sha512-eGi5die7Q7O3yPtkcGF1gD7qLlJLiLnYI4DpFTF6tUhUo71gy3RoXAAeeJA2fLpnVoJofXnLdLfpcO6OEZAsvw==
-
 "bip174@npm:@bitgo-forks/[email protected]":
   version "3.1.0-master.4"
   resolved "https://registry.npmjs.org/@bitgo-forks/bip174/-/bip174-3.1.0-master.4.tgz#0c8a750cc98097120169e753e7fccc23b1cb9eaa"
@@ -7528,26 +7523,10 @@ bitcoinjs-lib@^6.1.5, bitcoinjs-lib@^6.1.7:
     typeforce "^1.11.3"
     varuint-bitcoin "^1.1.2"
 
-"bitcoinjs-lib@npm:@bitgo-forks/[email protected]":
-  version "7.1.0-master.2"
-  resolved "https://registry.npmjs.org/@bitgo-forks/bitcoinjs-lib/-/bitcoinjs-lib-7.1.0-master.2.tgz#8b5760fd7d7f6ca526f1fbee93bc74a6ea75ac6d"
-  integrity sha512-D62U1pWej8M+7gROykLGGPvFf0zFal10kAAbuaHuy1ohtwKLNHRiUz8dpdjEZBzNkF+pU+GQhItdiEJTslK4/A==
-  dependencies:
-    bech32 "^2.0.0"
-    bip174 "npm:@bitgo-forks/[email protected]"
-    bs58check "^2.1.2"
-    create-hash "^1.1.0"
-    fastpriorityqueue "^0.7.1"
-    json5 "^2.2.3"
-    ripemd160 "^2.0.2"
-    typeforce "^1.11.3"
-    varuint-bitcoin "^1.1.2"
-    wif "^2.0.1"
-
-"bitcoinjs-lib@npm:@bitgo-forks/[email protected]":
-  version "7.1.0-master.9"
-  resolved "https://registry.npmjs.org/@bitgo-forks/bitcoinjs-lib/-/bitcoinjs-lib-7.1.0-master.9.tgz#e2fa6b9a12106980772899f7409754244ec0fe35"
-  integrity sha512-iWDwsRZK30tW7jtBiOlOJhuJzZ2THIvdvREBHM2cHG669nGQxNPxpYXmk0Lgm5x4jG4GN1dM6dPR6Car6EtDsA==
+"bitcoinjs-lib@npm:@bitgo-forks/[email protected]":
+  version "7.1.0-master.11"
+  resolved "https://registry.npmjs.org/@bitgo-forks/bitcoinjs-lib/-/bitcoinjs-lib-7.1.0-master.11.tgz#49b9c31b5a973b08c34c9dc468ac241c9416e18a"
+  integrity sha512-Yyh67I26iI7FGqPBY7rxqHZ9FM9JuouAsViQocrr7URhRpuZEWVsM/oMTNbMnRw2cPFj4jWKhRDLadgrUk2HEQ==
   dependencies:
     bech32 "^2.0.0"
     bip174 "npm:@bitgo-forks/[email protected]"