lnwallet/btcwallet: check output is under our control in FetchInputInfo
In this commit, we add an additional check to btcwallet's FetchInputInfo method to ensure the output is actually under control of the wallet. Previously, the wallet would assume the output was under its control if the txid of the output was found within the wallet. This is not a safe assumption to make however, because if we happened to be the sender of this transaction, it would be found within the wallet but it's not actually under our control. To fix this, we explicitly check that there exists an address in our wallet for this output.
This commit is contained in:
parent
fd5b24fb4e
commit
255f38e72d
@ -44,7 +44,14 @@ func (b *BtcWallet) FetchInputInfo(prevOut *wire.OutPoint) (*wire.TxOut, error)
|
|||||||
return nil, lnwallet.ErrNotMine
|
return nil, lnwallet.ErrNotMine
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// With the output retrieved, we'll make an additional check to ensure
|
||||||
|
// we actually have control of this output. We do this because the check
|
||||||
|
// above only guarantees that the transaction is somehow relevant to us,
|
||||||
|
// like in the event of us being the sender of the transaction.
|
||||||
output = txDetail.TxRecord.MsgTx.TxOut[prevOut.Index]
|
output = txDetail.TxRecord.MsgTx.TxOut[prevOut.Index]
|
||||||
|
if _, err := b.fetchOutputAddr(output.PkScript); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
b.cacheMtx.Lock()
|
b.cacheMtx.Lock()
|
||||||
b.utxoCache[*prevOut] = output
|
b.utxoCache[*prevOut] = output
|
||||||
@ -72,7 +79,7 @@ func (b *BtcWallet) fetchOutputAddr(script []byte) (waddrmgr.ManagedAddress, err
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil, errors.Errorf("address not found")
|
return nil, lnwallet.ErrNotMine
|
||||||
}
|
}
|
||||||
|
|
||||||
// fetchPrivKey attempts to retrieve the raw private key corresponding to the
|
// fetchPrivKey attempts to retrieve the raw private key corresponding to the
|
||||||
@ -196,7 +203,7 @@ func (b *BtcWallet) ComputeInputScript(tx *wire.MsgTx,
|
|||||||
outputScript := signDesc.Output.PkScript
|
outputScript := signDesc.Output.PkScript
|
||||||
walletAddr, err := b.fetchOutputAddr(outputScript)
|
walletAddr, err := b.fetchOutputAddr(outputScript)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
pka := walletAddr.(waddrmgr.ManagedPubKeyAddress)
|
pka := walletAddr.(waddrmgr.ManagedPubKeyAddress)
|
||||||
|
Loading…
Reference in New Issue
Block a user