-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multisig Wallets #569
Multisig Wallets #569
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are a few other places we could use the t
function, such as Error
constructor and some of
/or
Thanks @Falci! Addressed all comments. |
Lots to review here. I read through all the wallet / background stuff and the new signing flow looks really good. I wrote a few review comments that I eventually deleted after reading more code ;-) I'm going to build locally next and try to break it, but great job so far on the wallet flow! |
I think this display may be a bit too verbose for Bob. Maybe the goodies can be hidden behind a "show advanced" arrow or something. IMO, all we need here is the main output / action / value (dont even bother showing destination address if its not a NONE send ?) and "who needs to sign". actually the change output might be confusing to ledger users as well. hm.... |
also I dont think we should allow users to export TX before they sign it themselves? I think thats going to lead to confusion |
Ok this is fun: create 2of2 ... I signed a tx, but then altered the exported file (changed the sighash flag). Importing that into the second wallet, it showed the first signer as having not signed (because you cleverly actually check the sig with secp256k1) BUT when I signed with the second wallet, the logic still detected what it thinks is two valid signatures. I'm not sure there's any great way to check for this (palm reader doesnt either I dont think) BUT we could:
|
}); | ||
return; | ||
} | ||
if (isNaN(mNum) || nNum <= 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
copypasta typo?
if (isNaN(mNum) || nNum <= 0) { | |
if (isNaN(nNum) || nNum <= 0) { |
type="number" | ||
placeholder={t('obSelectWalletTypeMinimum')} | ||
min={1} | ||
max={15} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I found this max of 15 easy to bypass. I didn't even get a warning unless I hovered the mouse over the value. You can easily create a 1-of-100 multisig from this form. bob and hsd dont complain even though that redeem script (with 100 pubkeys) wouldnt fit in a witness item.
I even was able to create a wallet with n=1000000 and hsd threw silently in the background:
Sending IPC method error. {
jsonrpc: '2.0',
method: 'Wallet.createNewWallet',
params: [ '<SANITIZED>' ],
id: 347
} AssertionError [ERR_ASSERTION]: Assertion failed.
at Account.fromOptions (/Users/matthewzipkin/Desktop/work/bob-wallet/node_modules/hsd/lib/wallet/account.js:116:7)
at Function.fromOptions (/Users/matthewzipkin/Desktop/work/bob-wallet/node_modules/hsd/lib/wallet/account.js:164:26)
at Wallet._createAccount (/Users/matthewzipkin/Desktop/work/bob-wallet/node_modules/hsd/lib/wallet/wallet.js:635:29)
at Wallet.init (/Users/matthewzipkin/Desktop/work/bob-wallet/node_modules/hsd/lib/wallet/wallet.js:193:21)
at WalletDB._create (/Users/matthewzipkin/Desktop/work/bob-wallet/node_modules/hsd/lib/wallet/walletdb.js:1272:5)
at WalletDB.create (/Users/matthewzipkin/Desktop/work/bob-wallet/node_modules/hsd/lib/wallet/walletdb.js:1249:14)
at WalletService.createNewWallet (/Users/matthewzipkin/Desktop/work/bob-wallet/app/background/wallet/service.js:369:13) {
type: 'AssertionError',
code: 'ERR_ASSERTION',
generatedMessage: true,
actual: false,
expected: true,
operator: '=='
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oops I shouldve made this comment on n
not m
. I think the only rule on m
is that it is <= n
... if you can fit all the pubkeys you want in a script then you can always fit the signatures (pretty sure)
Oct-18-2022.11-13-45.mp4Here I tried to import the same xpub a second time. Instead of throwing an error, what it did was RENAME the original signer and then reset the second input field |
while were talking about "advanced" features... maybe you can offer a "copy hex to clipboard" or something to be compatible with palm reader multisig UI 😬 . Its a good addition to export as file anyway |
14b5a08
to
8928789
Compare
* Fixed line 107 of package.js Changed claims.js to notifications.js in scripts/package.js * Added both claims and notifications to package.js and .sh Co-authored-by: Nathan Woodburn <contact@nathan.woodburn.id.au>
8928789
to
8bc96b1
Compare
For debugging and palmreader users
added a tertiary button so that it's visible, but it doesn't attract attention from regular bob users won't need it @pinheadmz: |
Adds multisig wallets to Bob! Closes #493, #549.
The wallet creation and import flows have one new section for multisig. This also works with Ledger devices. The general flow to use multisig wallets is:
Pics below may make more sense.
Screenshots
Click items to expand screenshots.
Creating / Importing multisig wallets
Wallet setup
Ready to use
Transaction Viewer
Multisig + Ledger
Gotchas / Notes
What works and what doesn't
(bid, reveal, redeem, etc.)
(register, update, transfer, etc.)
*
**
*
/**
(send and receive)
&
&
&
*
**
&
For reviewers
Tips to review
Transaction File
This is conceptually similar to Bitcoin's PSBT, but in JSON format so easier to handle. It includes a transaction as a hex string, and metadata for inputs and outputs.
app/background/wallet/service.js
has JSDoc typedefs at the end of the file and helps with autocomplete if your editor supports it.where:
version
is always 1 (for now)metadata.{inputs, outputs}
are arrays with index matching input/output numbers (from 0)sighashType
(optional, defaults to ALL): refer to hsd's Script.hashTypename
- required if a covenant is present (non-NONE)bid
- required if covenant is BID, in dollarydoosTo Do / Discuss
master
and multisig requires wallet: derive all keys in generateNonce for multisig handshake-org/hsd#767. If we considermaster
as unstable, it should be fine to update package.json with hsd master