The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage

For detailed information about the code coverage, see the test coverage report.

Reviews

See the guideline for information on the review process.

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #29154 (tests: improve wallet multisig descriptor test and docs by mjdietzx)
• #29136 (wallet: addhdkey RPC to add just keys to wallets via new void(KEY) descriptor by achow101)
• #29130 (wallet: Add createwalletdescriptor and gethdkeys RPCs for adding new automatically generated descriptors by achow101)
• #29124 (wallet: Automatically repair corrupted metadata with doubled derivation path by achow101)
• #29016 (RPC: add new listmempooltransactions by niftynei)
• #28976 (wallet: Fix migration of blank wallets by achow101)
• #28868 (wallet: Fix migration of wallets with txs that have both spendable and watchonly outputs by achow101)
• #28710 (Remove the legacy wallet and BDB dependency by achow101)
• #28610 (wallet: Migrate entire address book entries to watchonly and solvables too by achow101)
• #28574 (wallet: optimize migration process, batch db transactions by furszy)
• #28333 (wallet: Construct ScriptPubKeyMans with all data rather than loaded progressively by achow101)
• #28192 (ParseHDKeypath: support h as hardened marker by Sjors)
• #27865 (wallet: Track no-longer-spendable TXOs separately by achow101)
• #27286 (wallet: Keep track of the wallet's own transaction outputs in memory by achow101)
• #26008 (wallet: cache IsMine scriptPubKeys to improve performance of descriptor wallets by achow101)
• #24748 (test/BIP324: functional tests for v2 P2P encryption by stratospher)
• #22838 (descriptors: Be able to specify change and receiving in a single descriptor string by achow101)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

Thanks for working on this!

Thanks so much for continuing to work on this! Love the use of BIP 87 :)

Call importdescriptors which will allow the import if its own fingerprint is recognized (and after checking the xpub)

Yes, important to check the xpub also, not just the fingerprint, which is easy to spoof

• export their own xpub and then import a descriptor...
• import xpub(s) from other wallets, compose a multisig...
• get xpub(s) from connected hardware devices...

I agree that the above 3 encompasses all use cases/needs for Bitcoin Core being a coordinator and a signer in a multisig setup.

importdescriptors should treat an xpub as if it was an xpriv, after checking that it can derive the xpub from the seed (that matches the fingerprint); it needs to copy the seed from a sibling descriptor??

Can you explain this to me more?

As for the blank wallets, why do we need to be working from blank wallets, and if xprivs are derived from seeds, how can a blank wallet have a seed?

It depends on how we want to define blank. It would be empty except for a seed, so without any descriptors in it.

If a wallet has a seed and you call importdescriptors on it with some multisig descriptor, it should check the fingerprint(s) and path(s) mentioned in that descriptor. It should then derive the xpriv & xpub for that path, from the wallet seed, and check if it matches the descriptor xpub. In that case, the wallet should replace that xpub with the xpriv, as if the user provided it upon import. This avoid the dangerous act of exporting and re-importing an xpriv. That way, if you want to sign a transaction, the wallet knows it can provide one of the signatures.

Thank you, makes a lot of sense!

And what about sibling descriptors?

Concept ACK

I'll be sure to update the tests/docs in #22067 to use this when this PR gets merged

Concept ACK

I managed to reconstruct the master extended private key, by combining the key part of the descriptor CExtKey with the chaincode part of the CExtPubKey stored inside that descriptor. This code is absolute trash though. I'll try to reuse some of @achow101's work in https://github.com/achow101/bitcoin/commits/upgrade-to-tr-1 which tries to solve a similar problem, for adding a taproot descriptor to an existing descriptor wallet.

I plan to re-work this on top of #29130 with a similar interface to createwalletdescriptor. That is, if you have a regular wallet with normal descriptors, it will Just Work(tm). Otherwise you need to specify which master key to use.

Initially I'll make a separate PR. If #26728 is closed in favor of the new approach in #29130 then this PR can be closed too.

Initially I'll make a separate PR. If #26728 is closed in favor of the new approach in #29130 then this PR can be closed too.

It seems like you could just rebase this on top of #29130, since the description of the PR and new commits aren't going to change that much, they will just be based on #29130 instead of #26728. Either way seems fine, though.

@ryanofsky building on #29130 introduces a new argument to specify which master key you intend to use.

🐙 This pull request conflicts with the target branch and needs rebase.

Given that #26728 was closed, I'll just modify this PR to build on top of #29130.

(bit busy with stratum v2 stuff, but it will happen)

This seems more involved than a simple rebase. #29130 changes gethdkey to gethdkeys making it a less obvious choice to add a path argument to. We probably need a new RPC that's more similar to createwalletdescriptor in how it's called.

I probably won't have time for this in the near future, so I'm closing this as up for grabs.