Skip to content

Permit Combiner to strip bip32_deriv information #30341

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
willcl-ark wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Permit Combiner to strip bip32_deriv information #30341

willcl-ark wants to merge 3 commits into from
+50 −2

Conversation

@willcl-ark
Copy link
Member

@willcl-ark willcl-ark commented Jun 26, 2024
edited
Loading

Closes: #30294

Looking for approach (N)ACK.

Previously setting the bip32derivs flag to false with the walletprocesspsbt RPC correctly does not include bip32_derivs for inputs in the PSBT, but does include bip32_derivs for outputs.

User may want to actively strip all bip32 derivation paths from a PSBT for privacy reasons however. It may make sense to do this after signing your inputs and outputs during a manual coinjoin as demonstrated in the BIP174 example.

To me, this makes more sense to include in the Combiner PSBT role. It's then separated from signing done by the Signers.

Therefore add functionality to combinepsbt permitting stripping of all bip32_derivation paths found in all provided psbts' inputs and outputs.

As this RPC can be called with a single PSBT, it can be used to strip derivation paths from a PSBT with any number of participants.

@DrahtBot
Copy link
Contributor

DrahtBot commented Jun 26, 2024
edited
Loading

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage & Benchmarks

For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/30341.

Reviews

See the guideline for information on the review process.

Type Reviewers
Approach NACK achow101

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

Reviewers, this pull request conflicts with the following ones:

  • #32784 (wallet: derivehdkey RPC to get xpub at arbitrary path by Sjors)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

LLM Linter (✨ experimental)

Possible typos and grammar issues:

  • “out inputs and outputs” -> “inputs and outputs” [“out” is extraneous and confuses the phrase]
  • “these those that are not empty” -> “those that are not empty” [duplicate demonstratives]

drahtbot_id_4_m

@willcl-ark willcl-ark mentioned this pull request Jun 26, 2024
Open
@willcl-ark willcl-ark force-pushed the psbt-strip-derivs-combine branch from db364a5 to 31cc0f4 Compare June 26, 2024 14:10
@DrahtBot DrahtBot mentioned this pull request Jun 26, 2024
Open
@DrahtBot DrahtBot mentioned this pull request Jul 8, 2024
Merged
@willcl-ark willcl-ark force-pushed the psbt-strip-derivs-combine branch from 31cc0f4 to f3e2a7f Compare October 8, 2024 07:54
@fanquake
Copy link
Member

fanquake commented Feb 20, 2025

Looking for approach (N)ACK.

Maybe @achow101 ? Otherwise given no interest in this in 8 months, maybe we should just close.

@willcl-ark
rpc: strip derivation paths from psbt during combine
b009550 
Previously setting bip32derivs to false with walletprocesspsbt does not
include bip32_derivs for inputs, but does include bip32_derivs for
outputs.

User may want to strip all bip32 derivation paths for privacy reasons
however. It may make sense to do this after signing your inputs and
outputs during a manual coinjoin for example.

Therefore add functionality to `combinepsbt` permitting stripping of
all bip32_derivation paths found in all provided psbts.

As this RPC can be called with a single psbt, it can be used to strip
derivation paths from any psbt.
@willcl-ark
test: exercise bip32_deriv stripping during psbt combine
c3dec1a 
These asserts check that when calling `combinepsbt` RPC with
`stripderivs=true`, all derivation paths are stripped from all inputs
and outputs.
@willcl-ark
doc: detail psbt combiner derivation strip ability.
be9246e
@willcl-ark willcl-ark force-pushed the psbt-strip-derivs-combine branch from f3e2a7f to be9246e Compare June 25, 2025 19:28
@DrahtBot DrahtBot mentioned this pull request Jun 26, 2025
Draft
@achow101 achow101 self-requested a review October 22, 2025 15:16
@willcl-ark willcl-ark changed the title WIP: Permit Combiner to strip bip32_deriv information Permit Combiner to strip bip32_deriv information Oct 22, 2025
@willcl-ark willcl-ark marked this pull request as ready for review October 22, 2025 15:18
@achow101
Copy link
Member

achow101 commented Oct 27, 2025

Approach NACK

I don't think it's up to the combiner to strip this information. If a signer wants to preserve their own privacy, then they should remove it prior to sending the PSBT to any of their counterparties, or the combiner. I think it would be better to have the strip functionality be in walletprocesspsbt, and signers can pass their PSBT back through that if they want to strip the derivation paths.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@achow101 achow101 Awaiting requested review from achow101

Assignees

No one assigned

Labels

PSBT

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Setting bip32derivs to false with walletprocesspsbt includes bip32_derivs for outputs.

4 participants

@willcl-ark @DrahtBot @fanquake @achow101