psbt: add global XPubs to packet

Adds support for the PSBT_GLOBAL_XPUB type as defined in BIP-0174.
btcsuite · Jan 14, 2025 · bda0481 · bda0481
1 parent bdb0b3d
commit bda0481
Show file tree

Hide file tree

Showing 3 changed files with 151 additions and 10 deletions.
diff --git a/btcutil/psbt/bip32.go b/btcutil/psbt/bip32.go
@@ -3,6 +3,10 @@ package psbt
 import (
 	"bytes"
 	"encoding/binary"
+
+	"github.com/btcsuite/btcd/btcutil/base58"
+	"github.com/btcsuite/btcd/btcutil/hdkeychain"
+	"github.com/btcsuite/btcd/chaincfg/chainhash"
 )
 
 const (
@@ -85,3 +89,68 @@ func SerializeBIP32Derivation(masterKeyFingerprint uint32,
 
 	return derivationPath
 }
+
+// XPub is a struct that encapsulates an extended public key, as defined in
+// BIP-0032.
+type XPub struct {
+	// ExtendedKey is the serialized extended public key as defined in
+	// BIP-0032.
+	ExtendedKey []byte
+
+	// MasterFingerprint is the fingerprint of the master pubkey.
+	MasterKeyFingerprint uint32
+
+	// Bip32Path is the derivation path of the key, with hardened elements
+	// having the 0x80000000 offset added, as defined in BIP-0032. The
+	// number of path elements must match the depth provided in the extended
+	// public key.
+	Bip32Path []uint32
+}
+
+// ReadXPub deserializes a byte slice containing an extended public key and a
+// BIP-0032 derivation path.
+func ReadXPub(keyData []byte, path []byte) (*XPub, error) {
+	xPub, err := DecodeExtendedKey(keyData)
+	if err != nil {
+		return nil, ErrInvalidPsbtFormat
+	}
+	numPathElements := xPub.Depth()
+
+	// The path also contains the master key fingerprint,
+	expectedSize := int(uint32Size * (numPathElements + 1))
+	if len(path) != expectedSize {
+		return nil, ErrInvalidPsbtFormat
+	}
+
+	masterKeyFingerprint, bip32Path, err := ReadBip32Derivation(path)
+	if err != nil {
+		return nil, err
+	}
+
+	return &XPub{
+		ExtendedKey:          keyData,
+		MasterKeyFingerprint: masterKeyFingerprint,
+		Bip32Path:            bip32Path,
+	}, nil
+}
+
+// EncodeExtendedKey serializes an extended key to a byte slice, without the
+// checksum.
+func EncodeExtendedKey(key *hdkeychain.ExtendedKey) []byte {
+	serializedKey := key.String()
+	decodedKey := base58.Decode(serializedKey)
+	return decodedKey[:len(decodedKey)-uint32Size]
+}
+
+// DecodeExtendedKey deserializes an extended key from a byte slice that does
+// not contain the checksum.
+func DecodeExtendedKey(encodedKey []byte) (*hdkeychain.ExtendedKey, error) {
+	checkSum := chainhash.DoubleHashB(encodedKey)[:uint32Size]
+	serializedBytes := append(encodedKey, checkSum...)
+	xPub, err := hdkeychain.NewKeyFromString(base58.Encode(serializedBytes))
+	if err != nil {
+		return nil, err
+	}
+
+	return xPub, nil
+}
diff --git a/btcutil/psbt/psbt.go b/btcutil/psbt/psbt.go
@@ -135,6 +135,13 @@ type Packet struct {
 	// produced by this PSBT.
 	Outputs []POutput
 
+	// XPubs is a list of extended public keys that can be used to derive
+	// public keys used in the inputs and outputs of this transaction. It
+	// should be the public key at the highest hardened derivation index so
+	// that the unhardened child keys used in the transaction can be
+	// derived.
+	XPubs []XPub
+
 	// Unknowns are the set of custom types (global only) within this PSBT.
 	Unknowns []*Unknown
 }
@@ -161,12 +168,14 @@ func NewFromUnsignedTx(tx *wire.MsgTx) (*Packet, error) {
 
 	inSlice := make([]PInput, len(tx.TxIn))
 	outSlice := make([]POutput, len(tx.TxOut))
+	xPubSlice := make([]XPub, 0)
 	unknownSlice := make([]*Unknown, 0)
 
 	return &Packet{
 		UnsignedTx: tx,
 		Inputs:     inSlice,
 		Outputs:    outSlice,
+		XPubs:      xPubSlice,
 		Unknowns:   unknownSlice,
 	}, nil
 }
@@ -230,7 +239,10 @@ func NewFromRawBytes(r io.Reader, b64 bool) (*Packet, error) {
 
 	// Next we parse any unknowns that may be present, making sure that we
 	// break at the separator.
-	var unknownSlice []*Unknown
+	var (
+		xPubSlice    []XPub
+		unknownSlice []*Unknown
+	)
 	for {
 		keyint, keydata, err := getKey(r)
 		if err != nil {
@@ -247,14 +259,32 @@ func NewFromRawBytes(r io.Reader, b64 bool) (*Packet, error) {
 			return nil, err
 		}
 
-		keyintanddata := []byte{byte(keyint)}
-		keyintanddata = append(keyintanddata, keydata...)
-
-		newUnknown := &Unknown{
-			Key:   keyintanddata,
-			Value: value,
+		switch GlobalType(keyint) {
+		case XPubType:
+			xPub, err := ReadXPub(keydata, value)
+			if err != nil {
+				return nil, err
+			}
+
+			// Duplicate keys are not allowed
+			for _, x := range xPubSlice {
+				if bytes.Equal(x.ExtendedKey, keyData) {
+					return nil, ErrDuplicateKey
+				}
+			}
+
+			xPubSlice = append(xPubSlice, *xPub)
+
+		default:
+			keyintanddata := []byte{byte(keyint)}
+			keyintanddata = append(keyintanddata, keydata...)
+
+			newUnknown := &Unknown{
+				Key:   keyintanddata,
+				Value: value,
+			}
+			unknownSlice = append(unknownSlice, newUnknown)
 		}
-		unknownSlice = append(unknownSlice, newUnknown)
 	}
 
 	// Next we parse the INPUT section.
@@ -286,6 +316,7 @@ func NewFromRawBytes(r io.Reader, b64 bool) (*Packet, error) {
 		UnsignedTx: msgTx,
 		Inputs:     inSlice,
 		Outputs:    outSlice,
+		XPubs:      xPubSlice,
 		Unknowns:   unknownSlice,
 	}
 
@@ -325,6 +356,19 @@ func (p *Packet) Serialize(w io.Writer) error {
 		return err
 	}
 
+	// Serialize the global xPubs.
+	for _, xPub := range p.XPubs {
+		pathBytes := SerializeBIP32Derivation(
+			xPub.MasterKeyFingerprint, xPub.Bip32Path,
+		)
+		err := serializeKVPairWithType(
+			w, uint8(XPubType), xPub.ExtendedKey, pathBytes,
+		)
+		if err != nil {
+			return err
+		}
+	}
+
 	// Unknown is a special case; we don't have a key type, only a key and
 	// a value field
 	for _, kv := range p.Unknowns {