psbt: Use the top-most Xpriv for signing, support multi-Xpriv

This is typically what the user wants, as the bip32_derivation and
tap_key_origins PSBT fields usually point to the fingerprint of the
top-most key and not to that of its child.

This also adds support for multi-Xprivs, which now became trivial as all
paths point to the same parent key.

Author: shesek

src/error.rs

@@ -90,6 +90,9 @@ pub enum RuntimeError {
     #[error("Expected a single Xpriv, not {0}")]
     NotSingleXpriv(Box<miniscript::descriptor::DescriptorSecretKey>),
 
+    #[error("Expected an Xpriv (single or multi-path), not {0}")]
+    NotXpriv(Box<miniscript::descriptor::DescriptorSecretKey>),
+
     #[error("Expected TapInfo or tr() Descriptor, not {}", ValErrFmt(.0))]
     NotTapInfoLike(Box<Value>),
 

src/stdlib/keys.rs

@@ -329,6 +329,22 @@ impl TryFrom<Value> for Xpriv {
     }
 }
 
+/// Type wrapper for converting into the top-most master Xpriv that the DescriptorSecretKey points to,
+/// without applying derivation steps like the Xpriv conversion (above). Also unlike it, this works
+/// with multi-Xprivs too since all paths point to the same parent key.
+#[derive(Debug, Clone)]
+pub struct MasterXpriv(pub Xpriv);
+impl TryFrom<Value> for MasterXpriv {
+    type Error = Error;
+    fn try_from(val: Value) -> Result<Self> {
+        Ok(Self(match val.try_into()? {
+            DescriptorSecretKey::XPrv(xprv) => xprv.xkey,
+            DescriptorSecretKey::MultiXPrv(xprv) => xprv.xkey,
+            sk @ DescriptorSecretKey::Single(_) => bail!(Error::NotXpriv(sk.into())),
+        }))
+    }
+}
+
 // Convert from Value to BIP32 types
 
 impl TryFrom<Value> for bip32::Fingerprint {

src/stdlib/psbt.rs

@@ -14,9 +14,10 @@ use crate::display::{fmt_list, indentation_params, PrettyDisplay};
 use crate::runtime::{
     Array, Error, FieldAccess, FromValue, Mutable, Number::Int, Result, ScopeRef, Value,
 };
-use crate::stdlib::btc::WshScript;
 use crate::util::{DescriptorExt, DescriptorPubKeyExt, PsbtInExt, PsbtOutExt, TapInfoExt, EC};
 
+use super::{btc::WshScript, keys::MasterXpriv};
+
 pub fn attach_stdlib(scope: &ScopeRef<Mutable>) {
     let mut scope = scope.borrow_mut();
     scope.set_fn("psbt", fns::psbt).unwrap(); // create or update
@@ -201,8 +202,8 @@ fn sign_psbt(psbt: &mut Psbt, keys_val: Value) -> Result<(SigningKeysMap, Signin
                 }
 
                 // Keys provided as [ $xpriv1, $xpriv2, ... ]
-                Value::SecKey(DescriptorSecretKey::XPrv(_)) => {
-                    psbt.sign(&XprivSet(keys.try_into()?), &EC)
+                Value::SecKey(DescriptorSecretKey::XPrv(_) | DescriptorSecretKey::MultiXPrv(_)) => {
+                    psbt.sign(&XprivSet::try_from(keys)?, &EC)
                 }
 
                 // Keys provided as [ $single_sk1, $single_sk2, ... ]
@@ -212,15 +213,16 @@ fn sign_psbt(psbt: &mut Psbt, keys_val: Value) -> Result<(SigningKeysMap, Signin
                 _ => bail!(Error::PsbtInvalidSignKeys),
             }
         }
-        // Key provided as one Xpriv
-        Value::SecKey(DescriptorSecretKey::XPrv(_)) => psbt.sign(&Xpriv::try_from(keys_val)?, &EC),
+        // Key provided as an Xpriv
+        Value::SecKey(DescriptorSecretKey::XPrv(_) | DescriptorSecretKey::MultiXPrv(_)) => {
+            psbt.sign(&MasterXpriv::try_from(keys_val)?.0, &EC)
+        }
 
-        // Key provided as one single key
+        // Key provided as a single key
         Value::SecKey(DescriptorSecretKey::Single(_)) => {
             psbt.sign(&single_seckey_to_map(PrivateKey::try_from(keys_val)?), &EC)
         }
 
-        // TODO support signing with MultiXpriv
         _ => bail!(Error::PsbtInvalidSignKeys),
     };
     // Returns input signing failures in the the Ok variant. An Err is only raised if the `seckeys` argument is invalid.
@@ -736,9 +738,26 @@ impl TryFrom<Value> for raw::ProprietaryKey {
     }
 }
 
-// GetKey wrapper around Vec<Xpriv>, needed as a workaround for https://github.com/rust-bitcoin/rust-bitcoin/pull/2850
-// Could otherwise directly use `psbt.sign(&Vec::<Xpriv>::try_from(seckeys)?, &EC)`
+// GetKey wrapper around Vec<Xpriv>
 struct XprivSet(Vec<Xpriv>);
+
+// Convert an Array into a set of Xprivs used for PSBT signing.
+// Unlike the the standard TryInto<Xpriv> conversion which derives the final child Xpriv after applying all derivation
+// steps, this instead uses the top-most known Xpriv without deriving. The PSBT bip32_derivation/tap_key_origins fields
+// are expected to point to the fingerprint of the top-most key, and not to that of the child.
+impl TryFrom<Array> for XprivSet {
+    type Error = Error;
+    fn try_from(arr: Array) -> Result<Self> {
+        Ok(Self(
+            arr.into_iter_of()
+                .map(|xprv: Result<MasterXpriv>| Ok(xprv?.0))
+                .collect::<Result<Vec<Xpriv>>>()?,
+        ))
+    }
+}
+
+// Needed as a workaround for https://github.com/rust-bitcoin/rust-bitcoin/pull/2850
+// Could otherwise use Psbt::sign() with the inner Vec<Xpriv>.
 impl psbt::GetKey for XprivSet {
     type Error = <Xpriv as psbt::GetKey>::Error;