Add P2SH-P2WSH support to listunspent RPC

[meshcollider]

This is a reworked version of #11708 after #12427 and the signrawtransaction split.

For a P2WSH address, listunspent should return the witness script, and for a P2SH-P2WSH address, it should also return the inner witness script (because SignTransaction will automatically wrap it in P2SH if required).

Includes a test which also tests the behaviour of #12427, and release note.

[Sjors]

Why not a separate witnessScript field like in #14454?

[meshcollider]

@Sjors because this has to be compatible with how signrawtransaction works, so it can be passed directly in. signrawtransaction only accepts the witness script as "redeemScript" and automatically wraps it

[Sjors]

Would it be super involved to add support for witnessScript to signrawtransactionwithkey and signrawtransactionwithwallet? The terminology is already quite confusing, so consistency can really help.

[instagibbs]

Agreed with @Sjors I'd much rather we fix terminology instead of compounding confusion.

[ryanofsky]

re: #14481 (comment)

Being consistent with terminology from https://bitcoincore.org/en/segwit_wallet_dev/#creation-of-p2sh-p2wsh-address and importmulti seems good. Making it possible to call signrawtransaction directly also seems good. Can't we do both by updating signrawtransaction to accept a witnessScript field?

If we did this, I guess there would still be question of whether signrawtransaction should remain backwards compatible and continue accepting overloaded redeemScript's introduced in #12427, or if that feature should be deprecated. I'd probably opt not to deprecate. Nicolas made decent usability arguments in #11708 (comment), #11708 (comment) that overloading redeemScript can make calling signraw less painful, and that it doesn't introduce ambiguities that would let callers shoot themselves in the foot (which I guess would not be the case with importmulti).

[DrahtBot]

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #12677 (RPC: Add ancestor{count,size,fees} to listunspent output by luke-jr)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

[ryanofsky]

Code utACK c789fef8ca4739e2fb3c930bacad77543650b781, but I agree with others about not wanting to overload redeemScript in listunspent #14481 (comment). It seems like it should be possible to be compatible with signraw without overloading.

[ryanofsky]

re: #14481 (comment)

Being consistent with terminology from https://bitcoincore.org/en/segwit_wallet_dev/#creation-of-p2sh-p2wsh-address and importmulti seems good. Making it possible to call signrawtransaction directly also seems good. Can't we do both by updating signrawtransaction to accept a witnessScript field?

If we did this, I guess there would still be question of whether signrawtransaction should remain backwards compatible and continue accepting overloaded redeemScript's introduced in #12427, or if that feature should be deprecated. I'd probably opt not to deprecate. Nicolas made decent usability arguments in #11708 (comment), #11708 (comment) that overloading redeemScript can make calling signraw less painful, and that it doesn't introduce ambiguities that would let callers shoot themselves in the foot (which I guess would not be the case with importmulti).

[ryanofsky]

IsPayToWitnessScriptHash succeeding and ExtractDestination failing should never happen, right? I think it would be better to trigger an actual error in this case than to silently fall back to the non-witness case.

[sipa]

I wonder if it isn't just easier to support passing in a descriptor in signrawtransactionwithkey and using #14477 to get to get descriptors from listunspent etc? The various ways of passing around scripts in different RPCs looks like hard to solve mess.

[ryanofsky]

@meshcollider is there an update on the status of this PR?

c789fef8ca4739e2fb3c930bacad77543650b781 seems like an improvement to me, and has my ACK. But I do think it would be an easy win to replace "redeemScript" with "witnessScript" there, and tweak signrawtransaction to accept "witnessScript", so all RPCs could use these terms consistently.

Or if we want to abandon this approach and jump to descriptors instead as suggested in #14481 (comment), this seems like another good option. Do you have thoughts on it? Does it require more work? Is it blocked on anything now that #14477 is merged?

[meshcollider]

@ryanofsky I plan on modifying this for terminology as above for now, and then I think we should look at RPC descriptor support as a whole after that. But I will come back to this PR in the next few days

[meshcollider]

I've rebased this and addressed the terminology comments above, moving to a new witnessScript field with backwards compatibility

[Sjors]

bd2b1f65e949a1768c6f989677ea24b746384ca6 looks OK, but...

I have my doubt if backwards compatibility with something that was already buggy is worth the confusion of overloading redeemScript for listunspent. I'd rather have it null if signrawtransaction can infer it anyway, or even just the P2SH wrapper redeem script.

It might be better to squash the first and last commit.

I think addmultisigaddress should also return both redeemScript and witnessScript in the correct manner, so you you can just test:

assert_equal(unspent_output["witnessScript"], p2sh_p2wsh_address["witnessScript"])
assert_equal(unspent_output["redeemScript"], p2sh_p2wsh_address["redeemScript"])
assert_equal(unspent_output["redeemScript"], CScript([OP_0, sha256(hex_str_to_bytes(unspent_output["witnessScript"])))

[meshcollider]

Forgot to update the release notes, listunspent doesn't overload redeemScript anymore

Agree about addmultisigaddress, and about squashing 👍

[meshcollider]

I've squashed and updated the release notes, but modifying addmultisigaddress to return a witnessScript as well as redeemScript would be a breaking change, because currently the witnessScript is returned as "redeemScript". It would be more confusing to use different terminology so unless a breaking change is worth it here, which I don't think it is, I'll leave it as is

[laanwj]

maybe optionally instead of also

[laanwj]

Please pass fractional amounts as a Decimal

[Sjors]

to return a witnessScript as well as redeemScript would be a breaking change, because currently the witnessScript is returned as "redeemScript"

I could be wrong, but I suspect very few people use addmultisigaddress with SegWit in an automated setup (maybe @alecalve has stats on how much SegWit multisig is used in general). So it might still be early enough for a breaking change to use redeemScript and witnessScript accurately and consistently throughout the RPC.

(I can live with not doing it though)

[Sjors]

I was also referring to this overloading.

[ryanofsky]

utACK 77c0c8e246e1a7f8c403c19d13c8bb699dba8cf4. Left some comments but I think this is good to merge as-is. Only changes since last review are rebase and following up on previous suggestions (main one being to switch from redeemScript to witnessScript). Thanks for adopting these!

change to use redeemScript and witnessScript accurately and consistently throughout the RPC

Would agree with Sjors in preferring to use these terms consistently, and breaking backwards compatibility in what seems to be a minor edge case. This could be done in a followup PR, and would be easy thing to explain in release notes.

[ryanofsky]

In commit "Make listunspent return witness script for P2WSH or P2SH-P2WSH" (0b665ab577ab41e3b7b12d9b7d83c151cf90fdaf)

Could update commit message to mention change to signrawtransactionwithkey

[ryanofsky]

In commit "Make listunspent return witness script for P2WSH or P2SH-P2WSH" (0b665ab577ab41e3b7b12d9b7d83c151cf90fdaf)

This would be broken if compiled with NDEBUG, which even though we don't support it, isn't really great for readability because you don't expect to see code with side effects inside an assert. Would be a little better to write something like:

bool extracted = ExtractDestitionation...;
assert(extracted);

[maflcko]

Needs rebase (blame me)

[meshcollider]

Rebased and addressed comments above. @MarcoFalke I expect a review from you then ;)

addmultisigaddress change can be done in a followup PR to avoid adding extra review burden here so close to merge-readiness

[ryanofsky]

utACK 6ca836a. Changes since last review: rebase due to #14918 and making various requested changes (updating release notes and first commit message, removing assert side-effect, using python Decimal).

[maflcko]

utACK 6ca836a