doc: Add offline signing tutorial #28363
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. |
rot13maxi
reviewed
Aug 29, 2023
fd4366b to
de9a0f7
Compare
willcl-ark
reviewed
Sep 5, 2023
There was a problem hiding this comment.
Nice work @BrandonOdiwuor
Gave it a first pass too, and agree with many of @pinheadmz comments. I think removing the online wallet would remove a load of steps and make things easier to follow.
Later today I will try and manually test the steps myself using a docker instance, as you described.
|
Thanks all for the feedback, I have updated the docs to include the suggestions |
|
Thanks @BrandonOdiwuor, I'll take another look as soon as I am able, but you'll also probably want to squash these commits, either now or later, but certainly before merge :) |
117c378 to
dcf4557
Compare
achow101
added a commit
that referenced
this pull request
Sep 12, 2023
…if complete 2e249b9 doc: add release note for PR #28414 (Matthew Zipkin) 4614332 test: remove unnecessary finalizepsbt rpc calls (ismaelsadeeq) e3d484b wallet rpc: return final tx hex from walletprocesspsbt if complete (Matthew Zipkin) Pull request description: See #28363 (comment) `walletprocesspsbt` currently returns a base64-encoded PSBT and a boolean indicating if the tx is "complete". If it is complete, the base64 PSBT can be finalized with `finalizepsbt` which returns the hex-encoded transaction suitable for `sendrawtransaction`. With this patch, `walletprocesspsbt` return object will ALSO include the broadcast-able hex string if the tx is already final. This saves users the extra step of calling `finalizepsbt` assuming they have already inspected and approve the transaction from earlier steps. ACKs for top commit: ismaelsadeeq: re ACK 2e249b9 BrandonOdiwuor: re ACK 2e249b9 Randy808: Tested ACK 2e249b9 achow101: ACK 2e249b9 ishaanam: ACK 2e249b9 Tree-SHA512: 229c1103265a9b4248f080935a7ad5607c3be3f9a096a9ab6554093b2cd8aa8b4d1fa55b1b97d3925ba208dbc3ccba4e4d37c40e1491db0d27ba3d9fe98f931e
pinheadmz
reviewed
Sep 12, 2023
dcf4557 to
f22625f
Compare
|
@pinheadmz I have updated the doc to include the changes on #28414 |
pinheadmz
reviewed
Sep 15, 2023
Frank-GER
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Sep 19, 2023
…sspsbt if complete 2e249b9 doc: add release note for PR bitcoin#28414 (Matthew Zipkin) 4614332 test: remove unnecessary finalizepsbt rpc calls (ismaelsadeeq) e3d484b wallet rpc: return final tx hex from walletprocesspsbt if complete (Matthew Zipkin) Pull request description: See bitcoin#28363 (comment) `walletprocesspsbt` currently returns a base64-encoded PSBT and a boolean indicating if the tx is "complete". If it is complete, the base64 PSBT can be finalized with `finalizepsbt` which returns the hex-encoded transaction suitable for `sendrawtransaction`. With this patch, `walletprocesspsbt` return object will ALSO include the broadcast-able hex string if the tx is already final. This saves users the extra step of calling `finalizepsbt` assuming they have already inspected and approve the transaction from earlier steps. ACKs for top commit: ismaelsadeeq: re ACK 2e249b9 BrandonOdiwuor: re ACK 2e249b9 Randy808: Tested ACK 2e249b9 achow101: ACK 2e249b9 ishaanam: ACK 2e249b9 Tree-SHA512: 229c1103265a9b4248f080935a7ad5607c3be3f9a096a9ab6554093b2cd8aa8b4d1fa55b1b97d3925ba208dbc3ccba4e4d37c40e1491db0d27ba3d9fe98f931e
f22625f to
c01707b
Compare
|
@pinheadmz, @willcl-ark , @rot13maxi I have updated the doc with the feedbacks received |
willcl-ark
reviewed
Sep 26, 2023
There was a problem hiding this comment.
Hey @BrandonOdiwuor looking pretty good now, nice work!
I left some (ok, quite a few!) nits, but not related to the process. Feel free to take whichever you feel improve the readability the most.
|
could you please review the latest version of the doc |
achow101
reviewed
Oct 26, 2023
1f8ac46 to
915dbdc
Compare
915dbdc to
3c208cc
Compare
|
ACK 3c208cc |
pinheadmz
approved these changes
Nov 5, 2023
There was a problem hiding this comment.
ACK 3c208cc
Confirmed only updates since last review addressed achow101's nits re: send and blank
Show Signature
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
ACK 3c208cc05ea9efb145c956e70f80efd8b027ff33
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE5hdzzW4BBA4vG9eM5+KYS2KJyToFAmVH8gIACgkQ5+KYS2KJ
yToV3Q//TyBSa0j3/cGSVnT7dNZREnfh2ecKV5IueWBK1OnS3Bae1eLFS9hikmuG
gjxgRJFcrQYnwrqst72fkXlhXWnldam9NRsMV7LB8e5Caq6Vu0Bw+Kn0A1iSGnAc
VpZ5BVTz/bfB5UaLsoxGmsSU7S36YiuleXmuf/y/V59O6bxKBR0AAyxSSPLCW0yZ
KScURimiX0Y7VIfZxQdnj/Jm4a0K9CfaFEjaAJeS622hdQTJDWx/Diwog4PWMdDe
jmjnBQ+zAUT4O90ACJoe+Dipgv4Hl2e4TuvhVU/+2bmycnzxIgD5R2ZUyX7tplbD
b9y4OpEdKuJDu6LMlIJtFvvhESRxGwWaliGS5afXxO4O4slqmMnyizm93jcJdhaQ
SpSCaywOTdbcRQ0/IHn0Lz+hECsAeJgdFgOXJXfH5y5Q1AZkSkXYyrKaNBR+EHpg
vBEPiJyoRu57xzH360JW0PFmUdF4P60mmHQaTl5uH2CdHw0YofTAcjs/KfijqjVu
gEPHHWflq6G9HcUinWZRcZ9asaJG2hzmoyrDTRnrL70ztRVyMtIU/99jN9lsix7s
9Hfv9MPBddFmLbBTKmulmzMZ9r+VOT4eexcq+J9zOwDEZZ/LHC2ClkzvrX7gJDlo
h/dQ9ud7qN5oGOSbbjQ7CTHaquTEw6ijbgHkaEw5E7j95JlSmaQ=
=9+H8
-----END PGP SIGNATURE-----
pinheadmz's public key is on keybase
|
ACK 3c208cc Looks good to me! |
willcl-ark
approved these changes
Nov 6, 2023
Zero-1729
reviewed
Nov 6, 2023
|
|
||
| ### Process and Sign the PSBT | ||
|
|
||
| 1. Unlock the `offline_wallet` with the Passphrase: |
There was a problem hiding this comment.
Minor capitalization nit.
Suggested change
| 1. Unlock the `offline_wallet` with the Passphrase: | |
| 1. Unlock the `offline_wallet` with the passphrase: |
Zero-1729
reviewed
Nov 6, 2023
| ## Overview | ||
| In this tutorial we have two hosts, both running Bitcoin v25.0 | ||
|
|
||
| * `offline` host which is disconnected from all networks (internet, Tor, wifi, bluetooth etc.) and does not have, or need, a copy of the blockchain. |
There was a problem hiding this comment.
Minor capitalization nit.
Suggested change
| * `offline` host which is disconnected from all networks (internet, Tor, wifi, bluetooth etc.) and does not have, or need, a copy of the blockchain. | |
| * `offline` host which is disconnected from all networks (Internet, Tor, WiFi, Bluetooth, etc.) and does not have, or need, a copy of the blockchain. |
Zero-1729
reviewed
Nov 6, 2023
|
|
||
| This tutorial will describe how to use two instances of Bitcoin Core, one online and one offline, to greatly increase security by not having private keys reside on a networked device. | ||
|
|
||
| Maintaining an air-gap between private keys and any network connections drastically reduces the opportunity for those keys to be exfiltrated from the user. |
There was a problem hiding this comment.
Minor hyphenation nit.
Suggested change
| Maintaining an air-gap between private keys and any network connections drastically reduces the opportunity for those keys to be exfiltrated from the user. | |
| Maintaining an air gap between private keys and any network connections drastically reduces the opportunity for those keys to be exfiltrated from the user. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds offline signing tutorial. Fixes #9492
Although there currently exists tutorials on external-signer and on multisig implemented on #24519 . The external-signer tutorial assumes a connected device and the multisig tutorial is only for multisig transactions and does not include using an offline wallet