Thomas Eizinger 273cf15631
Introduce Watchable abstraction for Bitcoin wallet
We have a repeated pattern where we construct one of our
Tx{Cancel,Redeem,Punish,Refund,Lock} transactions and wait until
the status of this transaction changes. We can make this more
ergonomic by creating and implementing a `Watchable` trait that
gives access to the TxId and relevant script for this transaction.
This allows us to remove a parameter from the `watch_until_status`

Additionally, there is a 2nd pattern: "Completing" one of these
transaction and waiting until they are confirmed with the configured
number of blocks for finality. We can make this more ergonomic by
returning a future from `broadcast` that callers can await in case
they want to wait for the broadcasted transaction to reach finality.
2021-03-16 19:24:32 +11:00

127 lines
3.6 KiB

use crate::bitcoin::wallet::Watchable;
use crate::bitcoin::{
verify_sig, Address, EmptyWitnessStack, NoInputs, NotThreeWitnesses, PublicKey, TooManyInputs,
Transaction, TxCancel,
use ::bitcoin::util::bip143::SigHashCache;
use ::bitcoin::{SigHash, SigHashType, Txid};
use anyhow::{bail, Context, Result};
use bitcoin::Script;
use ecdsa_fun::Signature;
use miniscript::{Descriptor, DescriptorTrait};
use std::collections::HashMap;
pub struct TxRefund {
inner: Transaction,
digest: SigHash,
cancel_output_descriptor: Descriptor<::bitcoin::PublicKey>,
watch_script: Script,
impl TxRefund {
pub fn new(tx_cancel: &TxCancel, refund_address: &Address) -> Self {
let tx_punish = tx_cancel.build_spend_transaction(refund_address, None);
let digest = SigHashCache::new(&tx_punish).signature_hash(
0, // Only one input: cancel transaction
Self {
inner: tx_punish,
cancel_output_descriptor: tx_cancel.output_descriptor.clone(),
watch_script: refund_address.script_pubkey(),
pub fn txid(&self) -> Txid {
pub fn digest(&self) -> SigHash {
pub fn add_signatures(
(A, sig_a): (PublicKey, Signature),
(B, sig_b): (PublicKey, Signature),
) -> Result<Transaction> {
let satisfier = {
let mut satisfier = HashMap::with_capacity(2);
let A = ::bitcoin::PublicKey {
compressed: true,
key: A.0.into(),
let B = ::bitcoin::PublicKey {
compressed: true,
key: B.0.into(),
// The order in which these are inserted doesn't matter
satisfier.insert(A, (sig_a.into(), ::bitcoin::SigHashType::All));
satisfier.insert(B, (sig_b.into(), ::bitcoin::SigHashType::All));
let mut tx_refund = self.inner;
.satisfy(&mut tx_refund.input[0], satisfier)?;
pub fn extract_signature_by_key(
candidate_transaction: Transaction,
B: PublicKey,
) -> Result<Signature> {
let input = match candidate_transaction.input.as_slice() {
[input] => input,
[] => bail!(NoInputs),
[inputs @ ..] => bail!(TooManyInputs(inputs.len())),
let sigs = match input
.map(|vec| vec.as_slice())
[sig_1, sig_2, _script] => [sig_1, sig_2]
.map(|sig| {
bitcoin::secp256k1::Signature::from_der(&sig[..sig.len() - 1])
.collect::<std::result::Result<Vec<_>, _>>(),
[] => bail!(EmptyWitnessStack),
[witnesses @ ..] => bail!(NotThreeWitnesses(witnesses.len())),
let sig = sigs
.find(|sig| verify_sig(&B, &self.digest(), &sig).is_ok())
.context("Neither signature on witness stack verifies against B")?;
impl Watchable for TxRefund {
fn id(&self) -> Txid {
fn script(&self) -> Script {