Signature verify failed because wrong signatures order

[soralit]

Hi, we met an issue about signatures order when testing.
Currently the function parseSignaturesFromPSBT will make signatures grouped by public keys, which will make signatures' order mismatched with PSBT's inputs.

e.g:

If we have 7 public keys [A,B,C,D,E,F,G] and 10 UTXOs [0,1,2,3,4,5,6,7,8,9] while 4 UTXOs [0,2,4,8] belong to the same public key E.
After parsing signatures from signed PSBT, the signatures will be grouped by public keys and when call validateAndSetSignature in caravan, we will flat the signatureSet and get a signature list with wrong inputs order like [0',2',4',8',1',3',5',6',7',9'] (x' means it is inputs[x]'s signature) which will cause error when verify inputs[2]'s signature with inputs[1]'s hash and public key.

What do you think?

[soralit]

Currently the process is:

1. Reading PSBT from file / via QR
2. Extract signatures and drop PSBT data
3. Verify signatures with inputs data in another place
4. Show signatures info on UI

I think it would be better to verify signatures in step 2 and skip step 3.

[humanumbrella]

will be checking into this one tonight

[humanumbrella]

I was looking into the other post directly in Caravan and got tied up trying to get that working. I still think they may be related, but have not yet solved the issue.

We are aware of the functionality you present in terms of grouping signatures by public keys and not properly maintaining order of signatures in the case of multi-address multi-utxo spend as you presented. We did spend some time thinking about grouping signatures by address instead of by public key, but even in that case we'd want the signature order to match the utxo order / be maintained.

In principle I agree with the suggestions you make with regard to the process. But making that the reality is a bit of a lift, but we would like to get there. Will look at this function in a bit more detail tomorrow.

[humanumbrella]

One question -- let's take example of 2-of-3. Does CoboVault support doubly signing the psbt? 2 Cobovaults and a coldcard in a multisig vault. E.g. Transaction is exported to coldcard first, and then signed there. bring in partially-signed (single set of signatures from coldcard) PSBT via SD card to CoboVault. After signing with CoboVault, CV now offers a doubly signed PSBT to the card or via QR?

[soralit]

One question -- let's take example of 2-of-3. Does CoboVault support doubly signing the psbt? 2 Cobovaults and a coldcard in a multisig vault. E.g. Transaction is exported to coldcard first, and then signed there. bring in partially-signed (single set of signatures from coldcard) PSBT via SD card to CoboVault. After signing with CoboVault, CV now offers a doubly signed PSBT to the card or via QR?

Hi @humanumbrella Sorry for the late reply, we were in Spring festival last week.
For the question: Yes, we support signing a partially-signed PSBT in Cobo Vault if the PSBT's inputs are not finalized.

[soralit]

@humanumbrella I think the function validateSignaturesForAllInputs provided by bitcoinjs-lib could be used here. How do you like it?
Raised a PR: #28

[bucko13]

Sorry for the late reply, we were in Spring festival last week.

春节快乐!

[soralit]

Sorry for the late reply, we were in Spring festival last week.

春节快乐!

Thank you 😆

[jevidon]

Migrated this issue to the new repo: caravan-bitcoin/caravan#62