Skip to content

wallet.check_sighash: don't assume tx.add_info_from_wallet alrdy ran#10729

Merged
SomberNight merged 1 commit into
spesmilo:masterfrom
SomberNight:202606_sighash
Jul 1, 2026
Merged

wallet.check_sighash: don't assume tx.add_info_from_wallet alrdy ran#10729
SomberNight merged 1 commit into
spesmilo:masterfrom
SomberNight:202606_sighash

Conversation

@SomberNight

Copy link
Copy Markdown
Member

Sighash warnings/errors might in theory not be triggered for inputs owned by the wallet but which are beyond the gap limit. tx.add_info_from_wallet(wallet) side-effects the wallet state so that wallet.is_mine() learns derivation paths for beyond-gap-limit addresses.

In practice both GUIs currently call tx.add_info_from_wallet before check_sighash runs, so this was not exploitable.

Sighash warnings/errors might in theory not be triggered for
inputs owned by the wallet but which are beyond the gap limit.
tx.add_info_from_wallet(wallet) side-effects the wallet state
so that wallet.is_mine() learns derivation paths for beyond-gap-limit addresses.

In practice both GUIs currently call tx.add_info_from_wallet before
check_sighash runs, so this was not exploitable.
@SomberNight SomberNight added this to the 4.8.0 milestone Jul 1, 2026
@SomberNight SomberNight added the topic-wallet 👛 related to wallet.py, or maybe address_synchronizer.py/coinchooser.py label Jul 1, 2026
@SomberNight SomberNight merged commit c1f367a into spesmilo:master Jul 1, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

topic-wallet 👛 related to wallet.py, or maybe address_synchronizer.py/coinchooser.py

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant