[SOLVED] walletprocesspsbt: How am I supposed to sign this?

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

SOLVED: After I updated Bitcoin Core to 25.0, walletprocesspsbt signed the PSBT and made the correct transaction requested by the service.

I am not sure exactly what happened between 24.0.1 and 25.0 that changed how walletprocesspsbt (partially) signs transactions, but if I find anything while analyzing the commits, then I will report it back here.

EDIT:

This is caused by two commits in Bitcoin Core code:

The first one is "decodescript may now infer a Miniscript descriptor under P2WSH context if it is not lacking information. (#27037)" - this basically means there is now a "desc" field inside the "segwit" field when you import a Mixin Safe script, which is P2WSH. Although it's not very important in this case as I manged to reconstruct the Miniscript myself.

The second one is "Descriptor wallets can now spend coins sent to P2WSH Miniscript descriptors. (#24149)" - this is the important commit which allows walletprocesspsbt to sign transactions with keys used in Mixin Safe P2WSH scripts.

Therefore, it follows that if you are using a Bitcoin Core with this commit, it must be able to process the Safe PSBT.

nc50lc

legendary

Activity: 2618

Merit: 6452

Self-proclaimed Genius

Quote from: NotATether on August 01, 2023, 03:26:26 AM

Quote from: nc50lc on August 01, 2023, 03:23:46 AM

-snip-

OK, I have successfully obtained the private key. Now what should I do? I still have the PSBT that needs to be signed by this private key.

I only answered the other option in the quoted part of my previous reply, to fetch the private key from your descriptor wallet.

Sorry but I don't have experience on signing that kind of non-standard script.
So I'll leave that to others to answer.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: nc50lc on August 01, 2023, 03:23:46 AM

Quote from: NotATether on August 01, 2023, 03:16:38 AM

But when I tried to paste it into iancoleman's site (in the area that says BIP39 seed), there's no information that appears. And there's an error when I paste it in "BIP32 root key".

You need to paste the xprv in "BIP32 Root Key" input area which is equivalent to the master private key.
The "BIP39 seed" is the seed derived from the mnemonic seed.

OK, I have successfully obtained the private key. Now what should I do? I still have the PSBT that needs to be signed by this private key.

nc50lc

legendary

Activity: 2618

Merit: 6452

Self-proclaimed Genius

Quote from: NotATether on August 01, 2023, 03:16:38 AM

But when I tried to paste it into iancoleman's site (in the area that says BIP39 seed), there's no information that appears. And there's an error when I paste it in "BIP32 root key".

You need to paste the xprv in "BIP32 Root Key" input area which is equivalent to the master private key.
The "BIP39 seed" is the seed derived from the mnemonic seed.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: nc50lc on July 29, 2023, 04:27:41 AM

Quote from: NotATether on July 27, 2023, 06:14:47 AM

2- I own the private key to "02ec372c4b6d6a6fc0964e07dd48448bc84921469fbfdc4c522da90f3a6b954fe9", so I need to be able to partially sign at least that. Given that you can't export private keys from descriptor wallets yet, is there any way I can sign the PSBT outside of Bitcoin Core or at least fetch the private key somehow?

Answer for the latter option:
Given that your descriptor with secrets has derivation path, you can use your favorite tool to derive a specific private key from the master private key.

Use the command listdescriptors true (need to unlock wallet) to view all of your wallet's private descriptors.
Select the one that corresponds to the correct private key.
Your hints would be the address type of the original address derived from that public key [pkh, wpkh, sh(wpkh), tr, etc.] and if it's a change or receiving address (internal: true or false)
With the descriptor's derivation path, try to derive the private key from the xprv using tools that can do so like IanColeman's BIP39 tool.

@nc50lc

I've obtained the descriptor I need, and the BIP32 extended key:

Code:

descriptors": [
{
"desc": "xprvCENSORED",
"timestamp": 1690286853,
"active": true,
"internal": false,
"range": [
0,
999
],
"next": 1
},
...

But when I tried to paste it into iancoleman's site (in the area that says BIP39 seed), there's no information that appears. And there's an error when I paste it in "BIP32 root key".

I am trying with my own library zpywallet but I am having trouble reproducing the public key from the xprv at the derivation path: m/44'/0'/0'/0/0. But I know I have the key for it, since it displays in the Bitcoin Core private key wallet!

nc50lc

legendary

Activity: 2618

Merit: 6452

Self-proclaimed Genius

Quote from: NotATether on July 27, 2023, 06:14:47 AM

2- I own the private key to "02ec372c4b6d6a6fc0964e07dd48448bc84921469fbfdc4c522da90f3a6b954fe9", so I need to be able to partially sign at least that. Given that you can't export private keys from descriptor wallets yet, is there any way I can sign the PSBT outside of Bitcoin Core or at least fetch the private key somehow?

Answer for the latter option:
Given that your descriptor with secrets has derivation path, you can use your favorite tool to derive a specific private key from the master private key.

Use the command listdescriptors true (need to unlock wallet) to view all of your wallet's private descriptors.
Select the one that corresponds to the correct private key.
Your hints would be the address type of the original address derived from that public key [pkh, wpkh, sh(wpkh), tr, etc.] and if it's a change or receiving address (internal: true or false)
With the descriptor's derivation path, try to derive the private key from the xprv using tools that can do so like IanColeman's BIP39 tool.

Findingnemo

hero member

Activity: 2366

Merit: 793

Bitcoin = Financial freedom

1. Without private keys the signing operation is not possible so yes you are right only with descriptors it is not possible to sign even PSBT.

2. If you have the private key corresponding to the public key "02ec372c4b6d6a6fc0964e07dd48448bc84921469fbfdc4c522da90f3a6b954fe9" you can sign PSBT outside of bitcoin core that supports PSBT feature I am sure that there are HW wallets that supports it and also it is available on Electrum too.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

I need to sign the following PSBT in order to recover $10 from a service:

Code:

cHNidP8BAG0CAAAAAUFu84YkNsGPV2cIqxFcO59PXJ8pJY9TMw90ew6qXp+VAAAAAAD/////AkCcAAAAAAAAFgAUH8WFFsDMwDYR8WzeafSpjeMzGXUAAAAAAAAAABJqEGraR8OsQUhlhYdcPQRibgMAAAAAAAEBK0CcAAAAAAAAIgAgaN/B/zX5booLeWET8OQDmgXWR24Fx1wvU4fIw7mWekQBAwSBAAAAAQV4IQLsNyxLbWpvwJZOB91IRIvISSFGn7/cTFItqQ86a5VP6ax8IQPWQXejk5icX/nIYD30IeKJDQORPx4eXnlItj9+E2pX0ayTfIKSYyEC2E82kxxhOPGCWknCn1xNmvlSTKeV4TO4z8ZaAazXfJqtArABspJok1KHAAAA

Decoded:

Code:

{
  "tx": {
   "txid": "58ca9a2e311d821e646302eb0536fb90f1fc1f69997231b33c5658609df3f600",
   "hash": "58ca9a2e311d821e646302eb0536fb90f1fc1f69997231b33c5658609df3f600",
   "version": 2,
   "size": 109,
   "vsize": 109,
   "weight": 436,
   "locktime": 0,
   "vin": [
   {
   "txid": "959f5eaa0e7b740f33538f25299f5c4f9f3b5c11ab0867578fc1362486f36e41",
   "vout": 0,
   "scriptSig": {
   "asm": "",
   "hex": ""
   },
   "sequence": 4294967295
   }
   ],
   "vout": [
   {
   "value": 0.00040000,
   "n": 0,
   "scriptPubKey": {
   "asm": "0 1fc58516c0ccc03611f16cde69f4a98de3331975",
   "desc": "addr(bc1qrlzc29kqenqrvy03dn0xna9f3h3nxxt4jzhmxq)#5vtelfh2",
   "hex": "00141fc58516c0ccc03611f16cde69f4a98de3331975",
   "address": "bc1qrlzc29kqenqrvy03dn0xna9f3h3nxxt4jzhmxq",
   "type": "witness_v0_keyhash"
   }
   },
   {
   "value": 0.00000000,
   "n": 1,
   "scriptPubKey": {
   "asm": "OP_RETURN 6ada47c3ac41486585875c3d04626e03",
   "desc": "raw(6a106ada47c3ac41486585875c3d04626e03)#2nemtpu9",
   "hex": "6a106ada47c3ac41486585875c3d04626e03",
   "type": "nulldata"
   }
   }
   ]
  },
  "global_xpubs": [
  ],
  "psbt_version": 0,
  "proprietary": [
  ],
  "unknown": {
  },
  "inputs": [
   {
   "witness_utxo": {
   "amount": 0.00040000,
   "scriptPubKey": {
   "asm": "0 68dfc1ff35f96e8a0b796113f0e4039a05d6476e05c75c2f5387c8c3b9967a44",
   "desc": "addr(bc1qdr0urle4l9hg5zmevyflpeqrngzav3mwqhr4ct6nslyv8wvk0fzqhfrph9)#vgyk5the",
   "hex": "002068dfc1ff35f96e8a0b796113f0e4039a05d6476e05c75c2f5387c8c3b9967a44",
   "address": "bc1qdr0urle4l9hg5zmevyflpeqrngzav3mwqhr4ct6nslyv8wvk0fzqhfrph9",
   "type": "witness_v0_scripthash"
   }
   },
   "sighash": "ALL|ANYONECANPAY",
   "witness_script": {
   "asm": "02ec372c4b6d6a6fc0964e07dd48448bc84921469fbfdc4c522da90f3a6b954fe9 OP_CHECKSIG OP_SWAP 03d64177a393989c5ff9c8603df421e2890d03913f1e1e5e7948b63f7e136a57d1 OP_CHECKSIG OP_ADD OP_SWAP OP_SIZE OP_0NOTEQUAL OP_IF 02d84f36931c6138f1825a49c29f5c4d9af9524ca795e133b8cfc65a01acd77c9a OP_CHECKSIGVERIFY 432 OP_CHECKSEQUENCEVERIFY OP_0NOTEQUAL OP_ENDIF OP_ADD 2 OP_EQUAL",
   "hex": "2102ec372c4b6d6a6fc0964e07dd48448bc84921469fbfdc4c522da90f3a6b954fe9ac7c2103d64177a393989c5ff9c8603df421e2890d03913f1e1e5e7948b63f7e136a57d1ac937c8292632102d84f36931c6138f1825a49c29f5c4d9af9524ca795e133b8cfc65a01acd77c9aad02b001b29268935287",
   "type": "nonstandard"
   }
   }
  ],
  "outputs": [
   {
   },
   {
   }
  ],
  "fee": 0.00000000
}

A few questions are looming in my head:

1 - Is it only possible to partially sign PSBTs with wallets that have private keys inside them? I'm not sure how (even partially) signing PSBTs with only the descriptors is supposed to be possible.
2- I own the private key to "02ec372c4b6d6a6fc0964e07dd48448bc84921469fbfdc4c522da90f3a6b954fe9", so I need to be able to partially sign at least that. Given that you can't export private keys from descriptor wallets yet, is there any way I can sign the PSBT outside of Bitcoin Core or at least fetch the private key somehow?

Topic: [SOLVED] walletprocesspsbt: How am I supposed to sign this? (Read 212 times)