The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage & Benchmarks

For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/32821.

Reviews

See the guideline for information on the review process.

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #33230 (cli: Handle arguments that can be either JSON or string by achow101)
• #32784 (wallet: derivehdkey RPC to get xpub at arbitrary path by Sjors)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

I ran into this issue in #32784 while editing the multisig tutorial. 14e2125 fixes it.

Concept ACK 14e2125. Thanks for the fix!

If possible it would be good to add python tests to check the new behavior and I also agree with comment that this change doesn't need to be limited to base64 parameters and could probably be extended to other string parameters. But maybe the "If parameter is unknown for a given known string method, then treat the whole string as positional" behavior might have to be dropped in that case.

I think this fix is little different from my suggestion in #31375 (comment) because I was thinking of continuing to treat unknown parameters as named not positional, but maybe this approach is better. Would have to think about it. The implementation is also a little different than what I had in mind because I was thinking of extending the vRPCConvertParams table with type information instead of adding a separate table, but your approach might be simpler.

If possible it would be good to add python tests to check the new behavior

Sure, I'm also thinking of adding a python test, but the main problem is, this issue is only reproducible when there exists = padding or in between, so while creating a PSBT, I need to look at how I can achieve this. Or maybe by calling RPCs with a label.

I also agree with #32821 (comment) that this change doesn't need to be limited to base64 parameters and could probably be extended to other string parameters. But maybe the "If parameter is unknown for a given known string method, then treat the whole string as positional" behavior might have to be dropped in that case.

To extend this feature to any string parameters, we simply need to add an entry in the vRPCStringParams table. I tested with getnewaddress which requires a label (optionally) and it's working fine. Without adding the entry in vRPCStringParams it doesn't work if we provide a label that consists of the = char in it.

And the line you mentioned to remove is problematic if we remove it, as it's only got invoked if the RPC method is correct and matches with our table. And if the parameter name is not known then it's invoked; otherwise not. This is safe to do because we already make sure that the calling method is present in the table. Otherwise, if the user passed the correct method name but an incorrect parameter, then the targeted RPC will fail with an error.

If possible it would be good to add python tests to check the new behavior

Sure, I'm also thinking of adding a python test, but the main problem is, this issue is only reproducible when there exists = padding or in between, so while creating a PSBT, I need to look at how I can achieve this.

You could just manually generate a random PSBT on regtest, hardcode it into a test and call analyzepsbt. It doesn't matter if it's unspendable.

Or you could even just call these methods with abc=efg since it doesn't even need to be a validly encoded psbt.

I generalised this change to any string parameter which might contain the = char in it. I also added the functional test for most of the RPCs I included in the new table. For any new RPC method which might need to be parsed this way with -named enabled, one can add the new entry of that RPC in the vRPCStringParams table.

Concept ACK

./build/bin/bitcoin-cli -named  finalizepsbt cHNidP8BAJoCAAAAAqvNEjSrzRI0q80SNKvNEjSrzRI0q80SNKvNEjSrzRI0AAAAAAD9////NBLNqzQSzas0Es2rNBLNqzQSzas0Es2rNBLNqzQSzasBAAAAAP3///8CoIYBAAAAAAAWABQVQBGVs/sqFAmC8HZ8O=g1htqivkANAwAAAAAAFgAUir7MzgyzDnRMjdkVa7d+Dwr07jsAAAAAAAAAAAA=

error code: -8
error message:
Unknown named parameter cHNidP8BAJoCAAAAAqvNEjSrzRI0q80SNKvNEjSrzRI0q80SNKvNEjSrzRI0AAAAAAD9////NBLNqzQSzas0Es2rNBLNqzQSzas0Es2rNBLNqzQSzasBAAAAAP3///8CoIYBAAAAAAAWABQVQBGVs/sqFAmC8HZ8O

Commit 59fcefc

./build/bin//bitcoin-cli -named  finalizepsbt cHNidP8BAJoCAAAAAqvNEjSrzRI0q80SNKvNEjSrzRI0q80SNKvNEjSrzRI0AAAAAAD9////NBLNqzQSzas0Es2rNBLNqzQSzas0Es2rNBLNqzQSzasBAAAAAP3///8CoIYBAAAAAAAWABQVQBGVs/sqFAmC8HZ8O+g1htqivkANAwAAAAAAFgAUir7MzgyzDnRMjdkVa7d+Dwr07jsAAAAAAAAAAAA=
{
  "psbt": "cHNidP8BAJoCAAAAAqvNEjSrzRI0q80SNKvNEjSrzRI0q80SNKvNEjSrzRI0AAAAAAD9////NBLNqzQSzas0Es2rNBLNqzQSzas0Es2rNBLNqzQSzasBAAAAAP3///8CoIYBAAAAAAAWABQVQBGVs/sqFAmC8HZ8O+g1htqivkANAwAAAAAAFgAUir7MzgyzDnRMjdkVa7d+Dwr07jsAAAAAAAAAAAA=",
  "complete": false
}

Will review the code soon!

From CI:

assert not "non_witness_utxo" in mining_node.decodepsbt(signed_psbt["psbt"])["inputs"][0]

I didn't check the code, but that's usually a cryptic way of saying that signing the psbt failed.

Signing the PSBT works fine while running locally, and removing non-witness UTXO from the PSBT.

Signing the PSBT works fine while running locally, and removing non-witness UTXO from the PSBT.

What command did you use to run locally?

What command did you use to run locally?

I first checked by adding two log statements in rpc_psbt.py the first log to check the psbt before signing and the second log after walletprocesspsbt where CI is reporting an error. And then manually parsing the result with the help of decodepsbt to check whether the PSBT afterwalletprocesspsbt contains non-witness UTXO, but it doesn't in my case, so the test passed successfully.

I also ran all the functional test cases with —extended and all tests passed.

you'll have to use --usecli to run the tests, otherwise the cli is not used

Trying to debug the issue I see some irregularities in the how the test behaves in rpc mode and cli mode.

diff --git a/test/functional/rpc_psbt.py b/test/functional/rpc_psbt.py
index a241978b5f..f92e8d6e88 100755
--- a/test/functional/rpc_psbt.py
+++ b/test/functional/rpc_psbt.py
@@ -135,8 +135,64 @@ class PSBTTest(BitcoinTestFramework):
         assert "non_witness_utxo" in mining_node.decodepsbt(psbt_new.to_base64())["inputs"][0]

         # Have the offline node sign the PSBT (which will remove the non-witness UTXO)
+
+        decoded_before = mining_node.decodepsbt(psbt_new.to_base64())
+
+        self.log.info(f"=== DEBUG: CLI Mode = {self.options.usecli} ===")
+
+        # Log address and input details
+        offline_addr_info = offline_node.getaddressinfo(offline_addr)
+        self.log.info(f"Offline address: {offline_addr}")
+        self.log.info(f"Address type: {offline_addr_info.get('type', 'unknown')}")
+
+        decoded_before = mining_node.decodepsbt(psbt_new.to_base64())
+
+        self.log.info(f"=== DEBUG: CLI Mode = {self.options.usecli} ===")
+
+        # Log address and input details
+        offline_addr_info = offline_node.getaddressinfo(offline_addr)
+        self.log.info(f"Offline address: {offline_addr}")
+        self.log.info(f"Address type: {offline_addr_info.get('type', 'unknown')}")
+        self.log.info(f"Script type: {offline_addr_info.get('script', 'unknown')}")
+        self.log.info(f"Is witness: {offline_addr_info.get('iswitness', False)}")
+        self.log.info(f"Witness version: {offline_addr_info.get('witness_version', 'none')}")
+        self.log.info(f"Witness program: {offline_addr_info.get('witness_program', 'none')}")
+
+        # Log PSBT input details before signing
+        self.log.info(f"BEFORE signing - input[0] keys: {list(decoded_before['inputs'][0].keys())}")
+        self.log.info(f"BEFORE signing - has non_witness_utxo: {'non_witness_utxo' in decoded_before['inputs'][0]}")
+        self.log.info(f"BEFORE signing - has witness_utxo: {'witness_utxo' in decoded_before['inputs'][0]}")
+
+        # Check witness_utxo script details
+        if 'witness_utxo' in decoded_before['inputs'][0]:
+            witness_utxo = decoded_before['inputs'][0]['witness_utxo']
+            self.log.info(f"BEFORE signing - witness_utxo script type: {witness_utxo['scriptPubKey'].get('type', 'unknown')}")
+            self.log.info(f"BEFORE signing - witness_utxo hex: {witness_utxo['scriptPubKey'].get('hex', 'none')}")
+
+        # Log the exact walletprocesspsbt call being made
+        psbt_b64 = psbt_new.to_base64()
+        self.log.info(f"walletprocesspsbt call: offline_node.walletprocesspsbt('{psbt_b64[:50]}...', True, 'ALL', True, True)")
+
         signed_psbt = offline_node.walletprocesspsbt(psbt_new.to_base64())
-        assert not "non_witness_utxo" in mining_node.decodepsbt(signed_psbt["psbt"])["inputs"][0]
+        decoded_after = mining_node.decodepsbt(signed_psbt["psbt"])
+
+        # Log PSBT input details after signing
+        self.log.info(f"AFTER signing - input[0] keys: {list(decoded_after['inputs'][0].keys())}")
+        self.log.info(f"AFTER signing - has non_witness_utxo: {'non_witness_utxo' in decoded_after['inputs'][0]}")
+        self.log.info(f"AFTER signing - has witness_utxo: {'witness_utxo' in decoded_after['inputs'][0]}")
+        self.log.info(f"walletprocesspsbt result complete: {signed_psbt.get('complete', 'not present')}")
+
+        # Check for Taproot vs regular segwit indicators
+        has_taproot_derivs = 'taproot_bip32_derivs' in decoded_before['inputs'][0] or 'taproot_bip32_derivs' in decoded_after['inputs'][0]
+        has_taproot_key = 'taproot_internal_key' in decoded_before['inputs'][0] or 'taproot_internal_key' in decoded_after['inputs'][0]
+        has_regular_derivs = 'bip32_derivs' in decoded_before['inputs'][0] or 'bip32_derivs' in decoded_after['inputs'][0]
+
+        self.log.info(f"Input type detection - Taproot derivs: {has_taproot_derivs}, Taproot key: {has_taproot_key}, Regular derivs: {has_regular_derivs}")
+
+        # Log the actual walletprocesspsbt call details for comparison
+        if self.options.usecli:
+            self.log.info("Using CLI mode - parameters passed as separate arguments")
+        else:
+            self.log.info("Using RPC mode - parameters passed as JSON")
+
+        # More detailed assertion with context
+        if "non_witness_utxo" in decoded_after["inputs"][0]:
+            self.log.error("FAILURE: non_witness_utxo should be removed for segwit v1+ inputs!")
+            self.log.error(f"This suggests the input is being treated as segwit v0 instead of v1+ in CLI mode")
+
+

2025-07-07T15:20:33.852283Z TestFramework (INFO): Check that non-witness UTXOs are removed for segwit v1+ inputs
2025-07-07T15:20:34.004885Z TestFramework (INFO): === DEBUG: CLI Mode = True ===
2025-07-07T15:20:34.008380Z TestFramework (INFO): Offline address: bcrt1q2skwujcxhaawtf0hlqawfmk3gclpdz24a84znw
2025-07-07T15:20:34.008437Z TestFramework (INFO): Address type: unknown
2025-07-07T15:20:34.008459Z TestFramework (INFO): Script type: unknown
2025-07-07T15:20:34.008479Z TestFramework (INFO): Is witness: True
2025-07-07T15:20:34.008497Z TestFramework (INFO): Witness version: 0
2025-07-07T15:20:34.008513Z TestFramework (INFO): Witness program: 542cee4b06bf7ae5a5f7f83ae4eed1463e168955
2025-07-07T15:20:34.008532Z TestFramework (INFO): BEFORE signing - input[0] keys: ['witness_utxo', 'non_witness_utxo', 'bip32_derivs']
2025-07-07T15:20:34.008550Z TestFramework (INFO): BEFORE signing - has non_witness_utxo: True
2025-07-07T15:20:34.008565Z TestFramework (INFO): BEFORE signing - has witness_utxo: True
2025-07-07T15:20:34.008579Z TestFramework (INFO): BEFORE signing - witness_utxo script type: witness_v0_keyhash
2025-07-07T15:20:34.008595Z TestFramework (INFO): BEFORE signing - witness_utxo hex: 0014542cee4b06bf7ae5a5f7f83ae4eed1463e168955
2025-07-07T15:20:34.008688Z TestFramework (INFO): walletprocesspsbt call: offline_node.walletprocesspsbt('cHNidP8BAFICAAAAAQVChcz/DF+d62weFt4XJAYjd8cLM81FZV...', True, 'ALL', True, True)
2025-07-07T15:20:34.016020Z TestFramework (INFO): AFTER signing - input[0] keys: ['witness_utxo', 'non_witness_utxo', 'final_scriptwitness']
2025-07-07T15:20:34.016093Z TestFramework (INFO): AFTER signing - has non_witness_utxo: True
2025-07-07T15:20:34.016117Z TestFramework (INFO): AFTER signing - has witness_utxo: True
2025-07-07T15:20:34.016135Z TestFramework (INFO): walletprocesspsbt result complete: True
2025-07-07T15:20:34.016155Z TestFramework (INFO): Input type detection - Taproot derivs: False, Taproot key: False, Regular derivs: True
2025-07-07T15:20:34.016174Z TestFramework (INFO): Using CLI mode - parameters passed as separate arguments
2025-07-07T15:20:34.016193Z TestFramework (ERROR): FAILURE: non_witness_utxo should be removed for segwit v1+ inputs!
2025-07-07T15:20:34.016209Z TestFramework (ERROR): This suggests the input is being treated as segwit v0 instead of v1+ in CLI mode
2025-07-07T15:20:34.016234Z TestFramework (ERROR): Assertion failed

2025-07-07T15:19:10.430768Z TestFramework (INFO): === DEBUG: CLI Mode = False ===
2025-07-07T15:19:10.431566Z TestFramework (INFO): Offline address: bcrt1pxmju835wnuw3z5thftuz84q8rt96vqd97jaxwdn2uqlxwwka923q8fcsp8
2025-07-07T15:19:10.431613Z TestFramework (INFO): Address type: unknown
2025-07-07T15:19:10.431645Z TestFramework (INFO): Script type: unknown
2025-07-07T15:19:10.431672Z TestFramework (INFO): Is witness: True
2025-07-07T15:19:10.431699Z TestFramework (INFO): Witness version: 1
2025-07-07T15:19:10.431729Z TestFramework (INFO): Witness program: 36e5c3c68e9f1d1151774af823d4071acba601a5f4ba67366ae03e673add2aa2
2025-07-07T15:19:10.431760Z TestFramework (INFO): BEFORE signing - input[0] keys: ['witness_utxo', 'non_witness_utxo', 'taproot_bip32_derivs', 'taproot_internal_key']
2025-07-07T15:19:10.431789Z TestFramework (INFO): BEFORE signing - has non_witness_utxo: True
2025-07-07T15:19:10.431831Z TestFramework (INFO): BEFORE signing - has witness_utxo: True
2025-07-07T15:19:10.431857Z TestFramework (INFO): BEFORE signing - witness_utxo script type: witness_v1_taproot
2025-07-07T15:19:10.431881Z TestFramework (INFO): BEFORE signing - witness_utxo hex: 512036e5c3c68e9f1d1151774af823d4071acba601a5f4ba67366ae03e673add2aa2
2025-07-07T15:19:10.431929Z TestFramework (INFO): walletprocesspsbt call: offline_node.walletprocesspsbt('cHNidP8BAF4CAAAAAVteg2JVDVvQHLSH4zmmgu7l4bYJdyIoFq...', True, 'ALL', True, True)
2025-07-07T15:19:10.433261Z TestFramework (INFO): AFTER signing - input[0] keys: ['witness_utxo', 'final_scriptwitness']
2025-07-07T15:19:10.433305Z TestFramework (INFO): AFTER signing - has non_witness_utxo: False
2025-07-07T15:19:10.433336Z TestFramework (INFO): AFTER signing - has witness_utxo: True
2025-07-07T15:19:10.433364Z TestFramework (INFO): walletprocesspsbt result complete: True
2025-07-07T15:19:10.433399Z TestFramework (INFO): Input type detection - Taproot derivs: True, Taproot key: True, Regular derivs: False
2025-07-07T15:19:10.433426Z TestFramework (INFO): Using RPC mode - parameters passed as JSON

1. inputs are being treated differently in the cli and non-cli mode
2. even the address being generated in rpc mode is different (larger as compared to cli mode)
3. non-witness utxo remains in cli mode.

• I think it would good to add a test to cover cases where positional non-string parameters contain '=', i.e. the bitcoin-cli -named echojson '["fail=yes"]' case which previously failed (because it treated everything before the '=' character as a parameter name) and now succeeds.

You are right here, I will add a test for non-string params like echojson.

• I think the code change suggested in df4f391 (tag) to combine vRPCConvertParams and vRPCStringParams tables into a single table, and document it better, and remove some layers of indirection could still be a good change to make.

I intentionally choose this approach to use both the vRPCStringParams and vRPCConvertParams tables because the string table has some additional cases, like adding all the string params for a given method in the table for consistency and valid lookups. So with all these things, separating the tables is a good and less complex way between both logics.

I'm wondering if there's a different way we can go about this without adding another table of arguments that need special treatment. Perhaps we could move named argument handling and string to json conversion server side? That's a much more significant refactor, but the RPC server already knows every parameter type and name, so it could do the conversion and named argument check as well.

I'm wondering if there's a different way we can go about this without adding another table of arguments that need special treatment.

I'm also not a fan of separate tables and suggested the following change to unify them earlier: b998cc5 (tag). This change is just a refactoring and could be a followup.

Perhaps we could move named argument handling and string to json conversion server side?

I think moving logic server side would avoid need for duplicate tables, but not actually make the code or logic simpler because the current syntax for distinguishing named parameters is inherently ambiguous. (It probably would have been better to require named parameters to begin with - to avoid ambiguity. It could also be better to try to parse every argument as JSON and just fall back to passing strings if they are not valid JSON to avoid the need for the conversion table.) I feel like current PR just makes some small tweaks to parsing to make the current syntax work a little better, and it adds good test coverage. If we follow up this PR with b998cc5 or incorporate those changes here, the client code should be better documented and more maintainable too.

because the current syntax for distinguishing named parameters is inherently ambiguous.

But since the server knows the names of all parameters, it can also check whether the incoming string starts with the name of a parameter.

Alternatively, maybe we can make the rpc client aware of all of the rpcs so it can do that conversion? Although that would likely have the effect of reducing the utility of bitcoin-cli across versions.

Alternatively, maybe we can make the rpc client aware of all of the rpcs so it can do that conversion?

That's basically what the PR does implicitly and what my refactoring of the PR does more explicitly with string/json formats in
rpc/client.cpp.

I think if you look at that file you will see that the the parsing logic is not that complicated and can be well explained. The code there should actually be simpler than current client code in master because it gets rid of intermediate lookup tables and the overloaded overloaded ArgToUniValue method.

Although that would likely have the effect of reducing the utility of bitcoin-cli across versions.

I think that's just the current reality. The fact that client needs to know about parameter names and types makes it more fragile, but shouldn't be made worse by the changes here, as far as I can tell.

That's basically what the PR does implicitly and what my refactoring of the PR does more explicitly with string/json formats

Yes, but I meant more so in having access to RPCHelpMan which already has the names and types of all parameters.

Or if we had a machine parseable schema thing (see #29912) that bitcon-cli refers to.

Rebased on top latest master.

I still think b998cc5 ('rpc/client.cpp') would be an nice simplification, but it's just a refactoring so it could be a followup.

Yes, that could be the next possible followup.

Code review ACK 6de6c78. Just style and naming changes since last review.

Just to restate my opinion of this PR from earlier, I think it is not good to have separate tables for string and json parameters. I think it will make this code harder to maintain and it would be better in long run to have a single table with clearly spelled out rules for what parameters need to be included in the table, as implemented in my suggested code change df4f391 (tag) . But I'd be happy to see this PR merged as is and cleanup done as a followup if both things can't be done in the same PR.

I think it is not good to have separate tables for string and json parameters.

I would also prefer that.