-
Notifications
You must be signed in to change notification settings - Fork 618
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sighash method signatures could return no error or io::Error if it wasn't for input index argument #1965
Comments
This MR fixes that one missing error for segwit: #1966 |
We could create an |
Even more annoying part is that if we are writing to impl io::Write for sha256::HashEngine {
fn flush(&mut self) -> io::Result<()> { Ok(()) }
fn write(&mut self, buf: &[u8]) -> io::Result<usize> {
self.input(buf);
Ok(buf.len())
}
} The only reason segwit_signature_hash should fail is if the index is out of bounds. There is some work on trying to return only the error types that are reachable instead of giant parent enum. If that experiment is successful, we should adopt it for this sighash module. See related: cc @tcharding |
Thanks @sanket1729 , yeah read this yesterday and did some more work on the error stuff you link to. I rekon we need to get on and work this error stuff out. |
#2329 splits the general error up to a state that may be acceptable enough to close this. |
I think we should close it regardless. Ultimately this is a "I wish Rust had dependent types" issue, but it doesn't, so there's nothing we can do. There is a trivial error variant that could in-principle be eliminated by extremely simple static analysis, but Rust can't do it, so we have to keep it. |
Oh, only noticed this now. I had some ideas around this but forgot what they were. :D But one I have now is to use |
Cool, what is your hoped time frame on being able to use |
Crazy idea: use both |
Oh, I remembered one of the ideas: have a method that signs all inputs and sets the witnesses so at least in the case when one is signing all inputs the out of bounds errors can be removed. |
This is just a thought that annoys me, but I don't really have a proposed solution.
Currently methods like
Return this super generic
sighash::Error
type but in all cases it's eitherio::Error
or this one special caseIf it wasn't for this case, the
segwit_signature_hash
method would not need to return an error at all the the first one could just returnio::Error
forwarded from thewriter
argument.That's very unfortunate.
Oh going into the taproot variant, I see another exception to that rule that actually is a bug in the segwit variant:
That should also do a range check like it does in the taproot variant:
I can fix that.
Still, it seems that taproot has more error variants. Maybe we should have a
SegwitError
andTaprootError
so that users of segwit can explicitly unwrap if indices are in range or something.The text was updated successfully, but these errors were encountered: