fix(chain): sanitize derivation index before apply changeset #1792
Conversation
|
@notmandatory I am also working on this PR but is not been assigned to me yet. |
|
If this helps, it appears that #[test]
fn insert_descriptor_should_reject_hardened_steps() {
use bdk_chain::keychain_txout::KeychainTxOutIndex;
// This descriptor has hardened child steps
let s = "wpkh([e273fe42/84h/1h/0h/0h]tpubDEBY7DLZ5kK6pMC2qdtVvKpe6CiAmVDx1SiLtLS3V4GAGyRvsuVbCYReJ9oQz1rfMapghJyUAYLqkqJ3Xadp3GSTCtdAFcKPgzAXC1hzz8a/*h)";
let (desc, _) =
<Descriptor<DescriptorPublicKey>>::parse_descriptor(&Secp256k1::new(), s).unwrap();
// FIXME: This will panic by attempting to derive a script pubkey from a hardened step
let mut indexer = KeychainTxOutIndex::<&str>::new(10);
let _ = indexer.insert_descriptor("keychain", desc);
} |
yes thanks @ValuedMammal I did a similar test 😅 It panics because of So I am going to add the sanitize part in the |
|
I think it makes sense to handle the error in |
I tried to create such a test but it takes a lot of time to complete #[test]
fn insert_descriptor_maliciously() {
use bdk_chain::keychain_txout::KeychainTxOutIndex;
let s = "wpkh([e273fe42/84h/1h/0h/0h]tpubDEBY7DLZ5kK6pMC2qdtVvKpe6CiAmVDx1SiLtLS3V4GAGyRvsuVbCYReJ9oQz1rfMapghJyUAYLqkqJ3Xadp3GSTCtdAFcKPgzAXC1hzz8a/*)";
let (desc, _) =
<Descriptor<DescriptorPublicKey>>::parse_descriptor(&Secp256k1::new(), s).unwrap();
let changeset: ChangeSet = ChangeSet {
last_revealed: [(desc.descriptor_id(), bdk_chain::BIP32_MAX_INDEX + 1)].into(),
};
let mut indexer_a = KeychainTxOutIndex::<TestKeychain>::new(10);
indexer_a
.insert_descriptor(TestKeychain::External, desc.clone())
.expect("must insert keychain");
indexer_a
.apply_changeset(changeset.clone())
.expect("must apply changeset");
} |
|
@ValuedMammal just to be sure, the sanitize check has to be only made in |
There was a problem hiding this comment.
Approach NACK
The thing with changesets is that they are designed to be loaded from persistence and ideally be fully monotone in nature. Erroring when applying the changeset is against this design principle.
I think the correct solution would be to modify the ChangeSet::last_revealed values in KeychainTxOutIndex::apply_changeset to be maxed at 2^31-1.
Whether the descriptor has any hardened steps in the derivation path should be checked in insert_descriptor (which already returns an error).
f3r10
force-pushed
the
sanitize_derivation_index_in_apply_changeset
branch
from
64a0976 to
2582e02
Compare
f3r10
force-pushed
the
sanitize_derivation_index_in_apply_changeset
branch
from
a3f087c to
6c14a7d
Compare
| if index > BIP32_MAX_INDEX { | ||
| return Err(InsertDescriptorError::OutOfBounds); | ||
| } |
There was a problem hiding this comment.
🔧 This comment #1792 (review) is saying, and I agree, that in principle apply_changeset should not have to return a Result.
fix: #1688
Description
Right now, ff a descriptor has hardened child steps when inserting a descriptor throws a panic. This PR adds a previous descriptor sanitization controlling such cases.
An additional problem pointed out by @ValuedMammal is that when the apply_changest is applied a malicious crafter index could be greater that
BIP32_MAX_INDEX. This PR adds a verification to handle such cases.Notes to the reviewers
Changelog notice
Checklists
All Submissions:
cargo fmtandcargo clippybefore committing