Support payjoin PSBT with multiple sender inputs #1700
Conversation
|
This is important because senders often spend more than one UTXO in order to pay for the requested amount. Separately, I ask any reviewer to consider whether the assumption that a payjoin sender only supplies one input affects any other part of JoinMarket payjoin support like fee calculation. I doubt that it does, but it might. |
|
Would be good to add also test to |
|
There is actually already a test for this case, but the sender is skipping some checks from the BIP78 checklist that would catch this issue (specifically, "If it is one of the sender's input, Verify that non_witness_utxo and witness_utxo are not specified). In fact it manually re-adds the utxo data prior to performing the checks (L621). I added an assert right before this step, which fails without this patch and passes with. I believe this check should be in |
|
@AdamISZ Any comments on this? |
|
First, thanks @grizznaut for looking at it! My best attempt at remembering (obviously it was years ago and I don't) is it was a case of "I'll do the simple version now and change the code later" and then failed to note it down and actually fix it later (I obviously should have put a TODO in this case). I'll spend some time probably tomorrow trying to check the logic as I understand it. |
|
OK, after an initial review, I think this is the situation: Joinmarket does "support" such payjoins (multiple sender inputs), but doesn't do so according to BIP78 spec. So for interoperability tests you would definitely see an error if the other implementation is following the spec fully. More specifically: The line serves the role of simply overwriting an existing So this PR is definitely correct from that point of view, it is a simple change that makes sure that that "blanking out" is occurring for all the sender's inputs and not only one. (note that |
Ah thanks, yes. Since it is part of that set of checks, it should instead be in this section, logically (keeping the same response format etc.). And to reaffirm, yes, I agree you are of course correct to add that check. There is already another check (final status of PSBT) that's also an assert in that same function (I think that was me thinking "this would be a logical/coding error not a usage pattern error so it's appropriate to just assert", but I'm not sure if I was really right about that). Edit: also your code tests fine for me, unsurprisingly. |
spacebear21
force-pushed
the
payjoin-receiver-multi-input
branch
from
67ba0f5 to
865247c
Compare
|
OK, makes sense and agreed. I removed that assert. |
|
tACK 865247c |
Sending to JoinMarket tested and works (only partially works before JoinMarket-Org/joinmarket-clientserver#1700, but should work on all future releases)
Compatibility testing with PDK revealed that the JoinMarket payjoin receiver doesn't support signing for PSBTs that contain multiple sender inputs. This patch fixes that.