rpc: Fix internal bug in descriptorprocesspsbt when encountering invalid signatures #33014

b-l-u-e · 2025-07-19T05:15:00Z

Fixes #32849
The descriptorprocesspsbt RPC was crashing with an internal bug assertion when processing PSBTs with invalid signatures (like invalid Schnorr signatures with SIGHASH_SINGLE | ANYONECANPAY flags). Instead of returning a helpful error message, it would just crash.
This change replaces the CHECK_NONFATAL call with proper error handling that catches the failure and returns a JSONRPCError with a clear message to the user.
Tested with Bitcoin Core v29.0.0 using the exact PSBT from the issue report. The fix now returns proper error messages instead of crashing.

DrahtBot · 2025-07-19T05:15:05Z

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage & Benchmarks

For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/33014.

Reviews

See the guideline for information on the review process.

Type	Reviewers
Stale ACK	rkrux

If your review is incorrectly listed, please copy-paste  into the comment that the bot should ignore.

Conflicts

Reviewers, this pull request conflicts with the following ones:

#34193 (wallet: make migration more robust against failures by furszy)
#34176 (wallet: improve error msg when db directory is not writable by furszy)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

achow101 · 2025-07-22T22:47:58Z

The CHECK_NONFATAL is correct. complete == true means that the PSBT is complete and can be finalized. The invariant here is that complete == true means FinalizeAndExtract must succeed.

BIP 174 states that a finalizer must only construct valid scriptSigs and witnesses. We encounter this error because we assume that if a PSBT is finalized, the scriptSigs and witnesses are valid so we are not performing the extra step of verifying the script. However, in this situation, the finalizer has misbehaved and produce invalid scriptSigs or witnesses which causes the assumption to fail.

This should be resolved by using PSBTInputSignedAndVerified instead. It may even be worth it to combine PSBTInputSigned with PSBTInputSignedAndVerified and replacing PSBTInputSigned wherever it is used. Although that may not be possible to do.

b-l-u-e · 2025-07-24T13:00:11Z

@achow101... my initial approach was incorrect. CHECK_NONFATAL is correctly protecting the invariant that a PSBT marked as complete must be finalizable.

The actual bug, as you pointed out, was that the completeness check was too lenient, only checking for the presence of a signature rather than its cryptographic validity.

After ensuring that the logic first verifies the existing signatures before declaring the PSBT complete (the approach you suggested with PSBTInputSignedAndVerified), the system now behaves as expected. The same invalid PSBT now correctly results in { "complete": false } instead of triggering the internal bug.

rkrux

I don't think the corresponding bug is still present after v30, see: #32849 (comment)

Also, a test case in rpc_psbt.py would be good to verify the fix.

src/rpc/rawtransaction.cpp

rkrux

Concept ACK 507501ddfa3f2c538a0817a5645b20ddde554362

I don't think the corresponding bug is still present after v30, see: #32849 (comment)

I was able to reproduce this bug in the functional tests.

Also, a test case in rpc_psbt.py would be good to verify the fix.

Consider adding the following test case in the second commit in this PR. The following test fails without this fix and passes with it.

Edit: Added bitflipper function in util (taken from feature_taproot.py) and used it to make the signature invalid. The previous approach I used here changed the last byte to 0x42 always that could have been proven to be flaky.

diff --git a/test/functional/rpc_psbt.py b/test/functional/rpc_psbt.py
index 933e4cd1ad..55c5df4a95 100755
--- a/test/functional/rpc_psbt.py
+++ b/test/functional/rpc_psbt.py
@@ -37,6 +37,7 @@ from test_framework.psbt import (
     PSBT_IN_WITNESS_UTXO,
     PSBT_OUT_MUSIG2_PARTICIPANT_PUBKEYS,
     PSBT_OUT_TAP_TREE,
+    PSBT_IN_FINAL_SCRIPTWITNESS,
 )
 from test_framework.script import CScript, OP_TRUE, SIGHASH_ALL, SIGHASH_ANYONECANPAY
 from test_framework.script_util import MIN_STANDARD_TX_NONWITNESS_SIZE
@@ -50,6 +51,7 @@ from test_framework.util import (
     assert_raises_rpc_error,
     find_vout_for_address,
     wallet_importprivkey,
+    bitflipper,
 )
 from test_framework.wallet_util import (
     calculate_input_weight,
@@ -369,6 +371,35 @@ class PSBTTest(BitcoinTestFramework):
         changepos = psbtx["changepos"]
         assert_equal(decoded_psbt["tx"]["vout"][changepos]["scriptPubKey"]["type"], expected_type)
 
+    def test_psbt_with_invalid_signature(self):
+        self.log.info("Test descriptorprocesspsbt with invalid signature in signed PSBT")
+
+        def_wallet = self.nodes[0].get_wallet_rpc(self.default_wallet_name)
+        outputs = [{def_wallet.getnewaddress(address_type="bech32m"): 1}]
+        def_wallet.send(outputs)
+        self.generate(self.nodes[0], 6)
+
+        utxos = [utxo for utxo in def_wallet.listunspent() if utxo["desc"].startswith("tr")]
+        psbt = def_wallet.walletcreatefundedpsbt(utxos, [{def_wallet.getnewaddress(): 0.5}])["psbt"]
+        descs = [desc for desc in def_wallet.listdescriptors(True)["descriptors"] if desc["desc"].startswith("tr")]
+
+        # unload wallet so as to not use the wallet RPC in further process PSBT calls
+        def_wallet.unloadwallet()
+
+        desc_psbt = self.nodes[0].descriptorprocesspsbt(psbt=psbt, descriptors=descs, finalize=True)["psbt"]
+        flawed_psbt = PSBT.from_base64(desc_psbt)
+        valid_sig = flawed_psbt.i[0].map.get(PSBT_IN_FINAL_SCRIPTWITNESS)
+        invalid_sig = bitflipper(valid_sig)
+        flawed_psbt.i[0].map[PSBT_IN_FINAL_SCRIPTWITNESS] = invalid_sig
+        flawed_psbt = flawed_psbt.to_base64()
+
+        result = self.nodes[0].descriptorprocesspsbt(psbt=flawed_psbt, descriptors=descs)
+        assert_equal(result["complete"], False)
+        assert_equal("hex" in result, False)
+
+        # load the default wallet back
+        self.nodes[0].loadwallet(self.default_wallet_name)
+
     def run_test(self):
         # Create and fund a raw tx for sending 10 BTC
         psbtx1 = self.nodes[0].walletcreatefundedpsbt([], {self.nodes[2].getnewaddress():10})['psbt']
@@ -1211,6 +1242,7 @@ class PSBTTest(BitcoinTestFramework):
         if not self.options.usecli:
             self.test_sighash_mismatch()
         self.test_sighash_adding()
+        self.test_psbt_with_invalid_signature()
 
 if __name__ == '__main__':
     PSBTTest(__file__).main()
diff --git a/test/functional/test_framework/util.py b/test/functional/test_framework/util.py
index bbad6ea771..b4e597ce1d 100644
--- a/test/functional/test_framework/util.py
+++ b/test/functional/test_framework/util.py
@@ -715,3 +715,6 @@ def wallet_importprivkey(wallet_rpc, privkey, timestamp, *, label=""):
     }]
     import_res = wallet_rpc.importdescriptors(req)
     assert_equal(import_res[0]["success"], True)
+
+def bitflipper(input):
+    assert isinstance(input, bytes)
+    return (int.from_bytes(input, 'little') ^ (1 << random.randrange(len(input) * 8))).to_bytes(len(input), 'little')
\ No newline at end of file

achow101 · 2025-11-17T22:17:46Z

A test is definitely necessary here to avoid future regressions. @rkrux's proposed test would be fine.

The commit message has a duplicate line that needs to be removed.

rkrux

lgtm ACK ac99af4

Thanks for accepting the suggestion adding the functional test.

test/functional/rpc_psbt.py

DrahtBot · 2025-12-15T18:04:44Z

🚧 At least one of the CI tasks failed.
_{Task lint: https://github.com/bitcoin/bitcoin/actions/runs/20010940750/job/58081580703}
_{LLM reason (✨ experimental): Lint check failed due to trailing whitespace in the codebase.}

Hints

Try to run the tests locally, according to the documentation. However, a CI failure may still
happen due to a number of reasons, for example:

Possibly due to a silent merge conflict (the changes in this pull request being
incompatible with the current code in the target branch). If so, make sure to rebase on the latest
commit of the target branch.
A sanitizer issue, which can only be found by compiling with the sanitizer and running the
affected test.
An intermittent issue.

Leave a comment here, if you need help tracking down a confusing failure.

DrahtBot · 2025-12-22T09:34:52Z

Could turn into draft while CI is red?

@b-l-u-e Are you still working on this?

b-l-u-e · 2025-12-22T12:36:40Z

Could turn into draft while CI is red?

@b-l-u-e Are you still working on this?

yes still workin on it

rkrux

code review re-ACK 7e468a6

git range-diff ac99af4...7e468a6

Thanks for accepting the nit suggestion.

test/functional/rpc_psbt.py

src/rpc/rawtransaction.cpp

rkrux · 2025-12-26T08:55:01Z

re-ACK 222139e

git range-diff 7e468a6...222139e

rkrux

re-ACK 9f55be6

Removed the unrelated lint changes because PR #34154 is merged now.

git range-diff 222139e...9f55be6

Please resolve the PR comments that have been addressed to make it easier to go through the PR.

b-l-u-e · 2026-01-05T14:45:22Z

re-ACK 9f55be6

Removed the unrelated lint changes because PR #34154 is merged now.
git range-diff 222139e...9f55be6
Please resolve the PR comments that have been addressed to make it easier to go through the PR.

all the PR comments have been resolved

rkrux · 2026-01-05T15:11:28Z

git range-diff 9f55be6...e995c85

I don't see any changes in the latest range-diff, why was this latest push done after this #33014 (review)?

b-l-u-e · 2026-01-05T15:16:01Z

git range-diff 9f55be6...e995c85
I don't see any changes in the latest range-diff, why was this latest push done after this #33014 (review)?

the review my bad i was suppose to comment after i rebased the branch that i resolved the comments
the trailing spaces was sorted in 9f55be6

test/functional/rpc_psbt.py

Use PSBTInputSignedAndVerified instead of PSBTInputSigned to properly validate signatures before marking PSBT as complete.

DrahtBot added the RPC/REST/ZMQ label Jul 19, 2025

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from 5265405 to 8b4cf7d Compare July 24, 2025 12:56

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from 8b4cf7d to 507501d Compare July 24, 2025 18:55

achow101 self-requested a review October 22, 2025 15:47

rkrux reviewed Oct 24, 2025

View reviewed changes

src/rpc/rawtransaction.cpp Outdated Show resolved Hide resolved

src/rpc/rawtransaction.cpp Outdated Show resolved Hide resolved

rkrux reviewed Oct 25, 2025

View reviewed changes

rkrux mentioned this pull request Oct 25, 2025

Internal bug detected: FinalizeAndExtractPSBT(psbtx_copy, mtx) #32849

Open

1 task

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from 507501d to ac99af4 Compare December 7, 2025 21:59

b-l-u-e requested review from l0rinc and rkrux December 7, 2025 22:02

DrahtBot mentioned this pull request Dec 8, 2025

Implement BIP 370 PSBTv2 #21283

Open

rkrux approved these changes Dec 10, 2025

View reviewed changes

test/functional/rpc_psbt.py Outdated Show resolved Hide resolved

DrahtBot added the CI failed label Dec 15, 2025

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from ac99af4 to 7e468a6 Compare December 22, 2025 12:54

b-l-u-e requested a review from rkrux December 22, 2025 12:55

rkrux approved these changes Dec 22, 2025

View reviewed changes

test/functional/rpc_psbt.py Outdated Show resolved Hide resolved

achow101 reviewed Dec 24, 2025

View reviewed changes

test/functional/rpc_psbt.py Outdated Show resolved Hide resolved

test/functional/rpc_psbt.py Outdated Show resolved Hide resolved

src/rpc/rawtransaction.cpp Outdated Show resolved Hide resolved

src/rpc/rawtransaction.cpp Outdated Show resolved Hide resolved

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from 7e468a6 to 222139e Compare December 24, 2025 18:10

b-l-u-e requested review from achow101 and rkrux December 24, 2025 18:14

rkrux mentioned this pull request Dec 26, 2025

test: Enable ruff E713 lint #34154

Merged

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from 222139e to 9f55be6 Compare December 27, 2025 17:34

DrahtBot removed the CI failed label Dec 31, 2025

DrahtBot mentioned this pull request Jan 4, 2026

wallet: improve error msg when db directory is not writable #34176

Open

rkrux approved these changes Jan 5, 2026

View reviewed changes

DrahtBot mentioned this pull request Jan 5, 2026

wallet: make migration more robust against failures #34193

Open

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from 9f55be6 to e995c85 Compare January 5, 2026 14:57

b-l-u-e requested review from maflcko and rkrux January 5, 2026 15:03

DrahtBot added the CI failed label Jan 5, 2026

DrahtBot reviewed Jan 6, 2026

View reviewed changes

test/functional/rpc_psbt.py Show resolved Hide resolved

rpc: Fix descriptorprocesspsbt internal bug on invalid signatures

5a04a06

Use PSBTInputSignedAndVerified instead of PSBTInputSigned to properly validate signatures before marking PSBT as complete.

b-l-u-e force-pushed the fix-32849-descriptorprocesspsbt-internal-bug branch from e995c85 to 5a04a06 Compare January 10, 2026 10:38

DrahtBot removed the CI failed label Jan 11, 2026

rpc: Fix internal bug in descriptorprocesspsbt when encountering invalid signatures #33014

Are you sure you want to change the base?

rpc: Fix internal bug in descriptorprocesspsbt when encountering invalid signatures #33014

Conversation

b-l-u-e commented Jul 19, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

DrahtBot commented Jul 19, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Code Coverage & Benchmarks

Reviews

Conflicts

Uh oh!

achow101 commented Jul 22, 2025

Uh oh!

b-l-u-e commented Jul 24, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

rkrux left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

rkrux left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

achow101 commented Nov 17, 2025

Uh oh!

rkrux left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

DrahtBot commented Dec 15, 2025

Uh oh!

DrahtBot commented Dec 22, 2025

Uh oh!

b-l-u-e commented Dec 22, 2025

Uh oh!

rkrux left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

rkrux commented Dec 26, 2025

Uh oh!

rkrux left a comment

Choose a reason for hiding this comment

Uh oh!

b-l-u-e commented Jan 5, 2026

Uh oh!

rkrux commented Jan 5, 2026

Uh oh!

b-l-u-e commented Jan 5, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

b-l-u-e commented Jul 19, 2025 •

edited

Loading

DrahtBot commented Jul 19, 2025 •

edited

Loading

b-l-u-e commented Jul 24, 2025 •

edited

Loading

rkrux left a comment •

edited

Loading

rkrux left a comment •

edited

Loading

b-l-u-e commented Jan 5, 2026 •

edited

Loading