search

benma / HWI

Bitcoin Hardware Wallet Interface
MIT License
1 stars 1 forks source link

prevtx missing #2

Open benma opened 3 years ago

benma commented 3 years ago

But how did you create the PSBT?

The command I used is:

repl -d "$DESCRIPTOR_EXT" -c "$DESCRIPTOR_INT" -n testnet -w bdk3of3 create_tx --to mkHS9ne12qx9pS9VojpwU5xtRd4T7X7ZUt:50000
{
  "details": {
    "fees": 211,
    "height": null,
    "received": 49789,
    "sent": 100000,
    "timestamp": 1606593409,
    "transaction": null,
    "txid": "81b67c6b1b0f41234e6c6d81044460b967dc9f63362de4ef837f9aa49bfbfa81"
  },
  "psbt": "cHNidP8BAIABAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD/////An3CAAAAAAAAIgAg7Y0ZD7rbmzL59fqIirQLdcw+W3WinPfTLvAz2yRLutxQwwAAAAAAABl2qRQ0Sg9IyhUOwrkDgXZgubaLE6ZwJoisAAAAAAABASughgEAAAAAACIAIM1+bcrNLOHqPXWfGAaPN7XSLKQfYNOmlBL7QshGDsV8AQVpUyECDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb8hApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQIQLtp0xfYzGGfzft/xj1CgvbydUfb0PJJUSkIpJ+qszPb1OuIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAACIGApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQHLmO/a4wAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6Rvxz675iAMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAACICA5U30HZuUjerUXWlNdg+EKlB1KTDQBelMk0MPF53csVkHLmO/a4wAACAAQAAgAAAAIACAACAAQAAAAAAAAAiAgNj7V0eZ5g7cY+HP/cLiEJRjTvN3oHc8zaqIKAEGbh3kxz675iAMAAAgAEAAIAAAACAAgAAgAEAAAAAAAAAIgICgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apcc11nfNjAAAIABAACAAAAAgAIAAIABAAAAAAAAAAAA"
}

This is the only UTXO present in the wallet:

repl -d "$DESCRIPTOR_EXT" -c "$DESCRIPTOR_INT" -n testnet -w bdk3of3 list_unspent
[
  {
    "is_internal": false,
    "outpoint": "5b8213c91aae5e46605ff74a8c3edd2a73742aed86b214f261112e95757756b9:1",
    "txout": {
      "script_pubkey": "0020cd7e6dcacd2ce1ea3d759f18068f37b5d22ca41f60d3a69412fb42c8460ec57c",
      "value": 100000
    }
  }
]

Which is the one used in the psbt. This utxo was formed in the transaction from the testnet faucet to my wallet. I think it is a segwit transaction even not "native". From the explorer:

This transaction saved 25% on fees by upgrading to SegWit and could save 12% more by fully upgrading to native SegWit-Bech32

Even if all inputs are segwit inputs, the non_segwit_utxo still needs to be populated with the full prevtx, due to an attack that is otherwise possible.

There is only one UTXO and it seems segwit to me.

Also, the other two Hardware wallets have signed the transaction without errors.

benma commented 3 years ago

@gabridome

What is repl?

As I mentioned in https://github.com/bitcoin-core/HWI/pull/407#issuecomment-735446338, the non_witness_utxo field of the input in the PSBT must to be populated with the full previous transaction for this to work, to avoid the segwit fee attack.

You said Trezor signed it. According to their fix, they would also reject the transaction if it didn't contain this field. Are you sure you are at the newest version?

gabridome commented 3 years ago

Repl is the Bitcoin Development Kit CLI used to prepare the tx. It is a bundle or Rust bitcoin libraries which support Miniscript, Output Descriptors and PSBT as their native format (https://github.com/bitcoindevkit/bdk).

The decoded psbt shows that it is a segwit transaction, so IMHO it doesn't need the prev_out. I beg your pardon. I'm not the expert here, but also, trezor and ledger sign it with no questions. What am I missing?:

bitcoin-cli -testnet decodepsbt cHNidP8BAIABAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD/////An3CAAAAAAAAIgAg7Y0ZD7rbmzL59fqIirQLdcw+W3WinPfTLvAz2yRLutxQwwAAAAAAABl2qRQ0Sg9IyhUOwrkDgXZgubaLE6ZwJoisAAAAAAABASughgEAAAAAACIAIM1+bcrNLOHqPXWfGAaPN7XSLKQfYNOmlBL7QshGDsV8AQVpUyECDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb8hApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQIQLtp0xfYzGGfzft/xj1CgvbydUfb0PJJUSkIpJ+qszPb1OuIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAACIGApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQHLmO/a4wAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6Rvxz675iAMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAACICA5U30HZuUjerUXWlNdg+EKlB1KTDQBelMk0MPF53csVkHLmO/a4wAACAAQAAgAAAAIACAACAAQAAAAAAAAAiAgNj7V0eZ5g7cY+HP/cLiEJRjTvN3oHc8zaqIKAEGbh3kxz675iAMAAAgAEAAIAAAACAAgAAgAEAAAAAAAAAIgICgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apcc11nfNjAAAIABAACAAAAAgAIAAIABAAAAAAAAAAAA
{
  "tx": {
    "txid": "81b67c6b1b0f41234e6c6d81044460b967dc9f63362de4ef837f9aa49bfbfa81",
    "hash": "81b67c6b1b0f41234e6c6d81044460b967dc9f63362de4ef837f9aa49bfbfa81",
    "version": 1,
    "size": 128,
    "vsize": 128,
    "weight": 512,
    "locktime": 0,
    "vin": [
      {
        "txid": "5b8213c91aae5e46605ff74a8c3edd2a73742aed86b214f261112e95757756b9",
        "vout": 1,
        "scriptSig": { # <<<<<<<<<<<<<<<<<<<<<<<<<<< the scriptsig is empty
          "asm": "",
          "hex": ""
        },
        "sequence": 4294967295
      }
    ],
    "vout": [
      {
        "value": 0.00049789,
        "n": 0,
        "scriptPubKey": {
          "asm": "0 ed8d190fbadb9b32f9f5fa888ab40b75cc3e5b75a29cf7d32ef033db244bbadc",
          "hex": "0020ed8d190fbadb9b32f9f5fa888ab40b75cc3e5b75a29cf7d32ef033db244bbadc",
          "reqSigs": 1,
          "type": "witness_v0_scripthash",
          "addresses": [
            "tb1qakx3jra6mwdn9704l2yg4dqtwhxrukm452w005ew7qeakfzthtwq8l47mn"
          ]
        }
      },
      {
        "value": 0.00050000,
        "n": 1,
        "scriptPubKey": {
          "asm": "OP_DUP OP_HASH160 344a0f48ca150ec2b903817660b9b68b13a67026 OP_EQUALVERIFY OP_CHECKSIG",
          "hex": "76a914344a0f48ca150ec2b903817660b9b68b13a6702688ac",
          "reqSigs": 1,
          "type": "pubkeyhash",
          "addresses": [
            "mkHS9ne12qx9pS9VojpwU5xtRd4T7X7ZUt"
          ]
        }
      }
    ]
  },
  "unknown": {
  },
  "inputs": [
    {
      "witness_utxo": {
        "amount": 0.00100000,
        "scriptPubKey": {
          "asm": "0 cd7e6dcacd2ce1ea3d759f18068f37b5d22ca41f60d3a69412fb42c8460ec57c",
          "hex": "0020cd7e6dcacd2ce1ea3d759f18068f37b5d22ca41f60d3a69412fb42c8460ec57c",
          "type": "witness_v0_scripthash",
          "address": "tb1qe4lxmjkd9ns750t4nuvqdrehkhfzefqlvrf6d9qjldpvs3swc47qtgkq35"
        }
      },
      "witness_script": {
        "asm": "3 020db877859f8d6aea7794e642a74e12072042fdf331aec8e04d8727790c5e91bf 02976f7192ff905cdfb1a74720f658b5b2ba7d36cfa56fe06783eb73668369bc90 02eda74c5f6331867f37edff18f50a0bdbc9d51f6f43c92544a422927eaacccf6f 3 OP_CHECKMULTISIG",
        "hex": "5321020db877859f8d6aea7794e642a74e12072042fdf331aec8e04d8727790c5e91bf2102976f7192ff905cdfb1a74720f658b5b2ba7d36cfa56fe06783eb73668369bc902102eda74c5f6331867f37edff18f50a0bdbc9d51f6f43c92544a422927eaacccf6f53ae",
        "type": "multisig"
      },
      "bip32_derivs": [
        {
          "pubkey": "020db877859f8d6aea7794e642a74e12072042fdf331aec8e04d8727790c5e91bf",
          "master_fingerprint": "faef9880",
          "path": "m/48'/1'/0'/2'/0/0"
        },
        {
          "pubkey": "02976f7192ff905cdfb1a74720f658b5b2ba7d36cfa56fe06783eb73668369bc90",
          "master_fingerprint": "b98efdae",
          "path": "m/48'/1'/0'/2'/0/0"
        },
        {
          "pubkey": "02eda74c5f6331867f37edff18f50a0bdbc9d51f6f43c92544a422927eaacccf6f",
          "master_fingerprint": "d759df36",
          "path": "m/48'/1'/0'/2'/0/0"
        }
      ]
    }
  ],
  "outputs": [
    {
      "bip32_derivs": [
        {
          "pubkey": "028068cb02c0d229c447fc026d2a259a31424c6e76359b451e5374190934346a97",
          "master_fingerprint": "d759df36",
          "path": "m/48'/1'/0'/2'/1/0"
        },
        {
          "pubkey": "0363ed5d1e67983b718f873ff70b8842518d3bcdde81dcf336aa20a00419b87793",
          "master_fingerprint": "faef9880",
          "path": "m/48'/1'/0'/2'/1/0"
        },
        {
          "pubkey": "039537d0766e5237ab5175a535d83e10a941d4a4c34017a5324d0c3c5e7772c564",
          "master_fingerprint": "b98efdae",
          "path": "m/48'/1'/0'/2'/1/0"
        }
      ]
    },
    {
    }
  ],
  "fee": 0.00000211
}
benma commented 3 years ago

First of all, before you use Trezor and Ledger in multisig, please be aware of the following pitfalls:

How nearly all personal hardware wallet multisig setups are insecure.

I filed this issue at the repo you linked: https://github.com/bitcoindevkit/bdk/issues/199

As I stated here, the non_witness_utxo field needs to be be present also for segwit inputs: https://github.com/bitcoin-core/HWI/pull/407#issuecomment-735446338 .

It must be there to fix this bug:

https://medium.com/shiftcrypto/bitbox-app-firmware-update-6-2020-c70f733a5330 https://blog.trezor.io/details-of-firmware-updates-for-trezor-one-version-1-9-1-and-trezor-model-t-version-2-3-1-1eba8f60f2dd

Also Electrum adds the field since https://github.com/spesmilo/electrum/pull/6198.

If you say Trezor signs it, then you might be using an old Trezor firmware, or Trezor has a bug. What Trezor model (One, T) and which firmware version are you using?

By the way, after this issue, your PSBT also is missing the global xpub (PSBT_GLOBAL_XPUB) field. The BitBox02 requires it to be able to register and retrieve the multisig setup on the device. Trezor and Ledger do not perform any registration, so they can get away without this field, but it is a detriment to security (see the blog post linked above).

gabridome commented 3 years ago

I have done my own research as well and discovered I was running a non updated version of the firmware on Trezor. With the new one (1.9.3), the psbt prepared without the previous output cannot be signed by trezor as well

../HWI/hwi.py -f b98efdae signtx cHNidP8BAIABAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD/////An3CAAAAAAAAIgAg7Y0ZD7rbmzL59fqIirQLdcw+W3WinPfTLvAz2yRLutxQwwAAAAAAABl2qRQ0Sg9IyhUOwrkDgXZgubaLE6ZwJoisAAAAAAABASughgEAAAAAACIAIM1+bcrNLOHqPXWfGAaPN7XSLKQfYNOmlBL7QshGDsV8AQVpUyECDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb8hApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQIQLtp0xfYzGGfzft/xj1CgvbydUfb0PJJUSkIpJ+qszPb1OuIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAACIGApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQHLmO/a4wAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6Rvxz675iAMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAACICA5U30HZuUjerUXWlNdg+EKlB1KTDQBelMk0MPF53csVkHLmO/a4wAACAAQAAgAAAAIACAACAAQAAAAAAAAAiAgNj7V0eZ5g7cY+HP/cLiEJRjTvN3oHc8zaqIKAEGbh3kxz675iAMAAAgAEAAIAAAACAAgAAgAEAAAAAAAAAIgICgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apcc11nfNjAAAIABAACAAAAAgAIAAIABAAAAAAAAAAAA
{"error": "Previous transaction b'5b8213c91aae5e46605ff74a8c3edd2a73742aed86b214f261112e95757756b9' not available", "code": -7}

I made a wallet with the same descriptors in core and made the psbt with it:

bitcoin-cli -testnet -rpcwallet=3of3withBDK walletcreatefundedpsbt "[]" "[{\"mkHS9ne12qx9pS9VojpwU5xtRd4T7X7ZUt\":0.0005}]"
{
  "psbt": "cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD+////AlDDAAAAAAAAGXapFDRKD0jKFQ7CuQOBdmC5tosTpnAmiKx9wgAAAAAAACIAIK6iSMo8ZHFPeKcGk4I5BspFJE1L+u7hsnWrQ6COG2UAAAAAAAABAJQCAAAAAXh0fFbfxWYGNSzyuyJpKdKM/KTiLtosUquYZVwLARWXAAAAABcWABQcA+VzwTGY79kpsOEScw+9Ob4FDv7///8CbpYqAAAAAAAWABT9lJltcQLQoTPSgKb0W34HSvbdXqCGAQAAAAAAIgAgzX5tys0s4eo9dZ8YBo83tdIspB9g06aUEvtCyEYOxXwZ6xwAAQEroIYBAAAAAAAiACDNfm3KzSzh6j11nxgGjze10iykH2DTppQS+0LIRg7FfAEFaVMhAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/IQKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kCEC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz29TriIGAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/HPrvmIAwAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kBy5jv2uMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAAAAAAQFpUyECPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0hAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wIQMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDslOuIgICPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0c11nfNjAAAIABAACAAAAAgAIAAIABAAAAAQAAACICAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAEAAAAiAgMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDshy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAABAAAAAA==",
  "fee": 0.00000211,
  "changepos": 1
}

Now I decode it:

bitcoin-cli -testnet decodepsbt cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD+////AlDDAAAAAAAAGXapFDRKD0jKFQ7CuQOBdmC5tosTpnAmiKx9wgAAAAAAACIAIK6iSMo8ZHFPeKcGk4I5BspFJE1L+u7hsnWrQ6COG2UAAAAAAAABAJQCAAAAAXh0fFbfxWYGNSzyuyJpKdKM/KTiLtosUquYZVwLARWXAAAAABcWABQcA+VzwTGY79kpsOEScw+9Ob4FDv7///8CbpYqAAAAAAAWABT9lJltcQLQoTPSgKb0W34HSvbdXqCGAQAAAAAAIgAgzX5tys0s4eo9dZ8YBo83tdIspB9g06aUEvtCyEYOxXwZ6xwAAQEroIYBAAAAAAAiACDNfm3KzSzh6j11nxgGjze10iykH2DTppQS+0LIRg7FfAEFaVMhAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/IQKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kCEC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz29TriIGAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/HPrvmIAwAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kBy5jv2uMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAAAAAAQFpUyECPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0hAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wIQMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDslOuIgICPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0c11nfNjAAAIABAACAAAAAgAIAAIABAAAAAQAAACICAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAEAAAAiAgMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDshy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAABAAAAAA==
{
  "tx": {
    "txid": "0e9170c5fc3f2e121154868c436e52f1abe786958546f1ba3766e5e6bb5eb74e",
    "hash": "0e9170c5fc3f2e121154868c436e52f1abe786958546f1ba3766e5e6bb5eb74e",
    "version": 2,
    "size": 128,
    "vsize": 128,
    "weight": 512,
    "locktime": 0,
    "vin": [
      {
        "txid": "5b8213c91aae5e46605ff74a8c3edd2a73742aed86b214f261112e95757756b9",
        "vout": 1,
        "scriptSig": {
          "asm": "",
          "hex": ""
        },
        "sequence": 4294967294
      }
    ],
    "vout": [
      {
        "value": 0.00050000,
        "n": 0,
        "scriptPubKey": {
          "asm": "OP_DUP OP_HASH160 344a0f48ca150ec2b903817660b9b68b13a67026 OP_EQUALVERIFY OP_CHECKSIG",
          "hex": "76a914344a0f48ca150ec2b903817660b9b68b13a6702688ac",
          "reqSigs": 1,
          "type": "pubkeyhash",
          "addresses": [
            "mkHS9ne12qx9pS9VojpwU5xtRd4T7X7ZUt"
          ]
        }
      },
      {
        "value": 0.00049789,
        "n": 1,
        "scriptPubKey": {
          "asm": "0 aea248ca3c64714f78a70693823906ca45244d4bfaeee1b275ab43a08e1b6500",
          "hex": "0020aea248ca3c64714f78a70693823906ca45244d4bfaeee1b275ab43a08e1b6500",
          "reqSigs": 1,
          "type": "witness_v0_scripthash",
          "addresses": [
            "tb1q463y3j3uv3c57798q6fcywgxefzjgn2tlthwrvn44dp6prsmv5qqzjxz3e"
          ]
        }
      }
    ]
  },
  "unknown": {
  },
  "inputs": [
    {
      "witness_utxo": {
        "amount": 0.00100000,
        "scriptPubKey": {
          "asm": "0 cd7e6dcacd2ce1ea3d759f18068f37b5d22ca41f60d3a69412fb42c8460ec57c",
          "hex": "0020cd7e6dcacd2ce1ea3d759f18068f37b5d22ca41f60d3a69412fb42c8460ec57c",
          "type": "witness_v0_scripthash",
          "address": "tb1qe4lxmjkd9ns750t4nuvqdrehkhfzefqlvrf6d9qjldpvs3swc47qtgkq35"
        }
      },
      "non_witness_utxo": {
        "txid": "5b8213c91aae5e46605ff74a8c3edd2a73742aed86b214f261112e95757756b9",
        "hash": "5b8213c91aae5e46605ff74a8c3edd2a73742aed86b214f261112e95757756b9",
        "version": 2,
        "size": 148,
        "vsize": 148,
        "weight": 592,
        "locktime": 1895193,
        "vin": [
          {
            "txid": "9715010b5c6598ab522cda2ee2a4fc8cd2296922bbf22c350666c5df567c7478",
            "vout": 0,
            "scriptSig": {
              "asm": "00141c03e573c13198efd929b0e112730fbd39be050e",
              "hex": "1600141c03e573c13198efd929b0e112730fbd39be050e"
            },
            "sequence": 4294967294
          }
        ],
        "vout": [
          {
            "value": 0.02791022,
            "n": 0,
            "scriptPubKey": {
              "asm": "0 fd94996d7102d0a133d280a6f45b7e074af6dd5e",
              "hex": "0014fd94996d7102d0a133d280a6f45b7e074af6dd5e",
              "reqSigs": 1,
              "type": "witness_v0_keyhash",
              "addresses": [
                "tb1qlk2fjmt3qtg2zv7jszn0gkm7qa90dh273lmzc3"
              ]
            }
          },
          {
            "value": 0.00100000,
            "n": 1,
            "scriptPubKey": {
              "asm": "0 cd7e6dcacd2ce1ea3d759f18068f37b5d22ca41f60d3a69412fb42c8460ec57c",
              "hex": "0020cd7e6dcacd2ce1ea3d759f18068f37b5d22ca41f60d3a69412fb42c8460ec57c",
              "reqSigs": 1,
              "type": "witness_v0_scripthash",
              "addresses": [
                "tb1qe4lxmjkd9ns750t4nuvqdrehkhfzefqlvrf6d9qjldpvs3swc47qtgkq35"
              ]
            }
          }
        ]
      },
      "witness_script": {
        "asm": "3 020db877859f8d6aea7794e642a74e12072042fdf331aec8e04d8727790c5e91bf 02976f7192ff905cdfb1a74720f658b5b2ba7d36cfa56fe06783eb73668369bc90 02eda74c5f6331867f37edff18f50a0bdbc9d51f6f43c92544a422927eaacccf6f 3 OP_CHECKMULTISIG",
        "hex": "5321020db877859f8d6aea7794e642a74e12072042fdf331aec8e04d8727790c5e91bf2102976f7192ff905cdfb1a74720f658b5b2ba7d36cfa56fe06783eb73668369bc902102eda74c5f6331867f37edff18f50a0bdbc9d51f6f43c92544a422927eaacccf6f53ae",
        "type": "multisig"
      },
      "bip32_derivs": [
        {
          "pubkey": "020db877859f8d6aea7794e642a74e12072042fdf331aec8e04d8727790c5e91bf",
          "master_fingerprint": "faef9880",
          "path": "m/48'/1'/0'/2'/0/0"
        },
        {
          "pubkey": "02976f7192ff905cdfb1a74720f658b5b2ba7d36cfa56fe06783eb73668369bc90",
          "master_fingerprint": "b98efdae",
          "path": "m/48'/1'/0'/2'/0/0"
        },
        {
          "pubkey": "02eda74c5f6331867f37edff18f50a0bdbc9d51f6f43c92544a422927eaacccf6f",
          "master_fingerprint": "d759df36",
          "path": "m/48'/1'/0'/2'/0/0"
        }
      ]
    }
  ],
  "outputs": [
    {
    },
    {
      "witness_script": {
        "asm": "3 023c175d175b05fbab7f78b3e75e8ca1372b61e1b804ad5654fb07a3d2104b8add 0310f84f2a802cff5ce5303e2611243c7bdae76bf05fbf1d7f8fc109c4be32fef0 032fc3c1a39d715e2c2edbd8e98c1c50c61b369b0cb6e540f41a8db45feb7843b2 3 OP_CHECKMULTISIG",
        "hex": "5321023c175d175b05fbab7f78b3e75e8ca1372b61e1b804ad5654fb07a3d2104b8add210310f84f2a802cff5ce5303e2611243c7bdae76bf05fbf1d7f8fc109c4be32fef021032fc3c1a39d715e2c2edbd8e98c1c50c61b369b0cb6e540f41a8db45feb7843b253ae",
        "type": "multisig"
      },
      "bip32_derivs": [
        {
          "pubkey": "023c175d175b05fbab7f78b3e75e8ca1372b61e1b804ad5654fb07a3d2104b8add",
          "master_fingerprint": "d759df36",
          "path": "m/48'/1'/0'/2'/1/1"
        },
        {
          "pubkey": "0310f84f2a802cff5ce5303e2611243c7bdae76bf05fbf1d7f8fc109c4be32fef0",
          "master_fingerprint": "faef9880",
          "path": "m/48'/1'/0'/2'/1/1"
        },
        {
          "pubkey": "032fc3c1a39d715e2c2edbd8e98c1c50c61b369b0cb6e540f41a8db45feb7843b2",
          "master_fingerprint": "b98efdae",
          "path": "m/48'/1'/0'/2'/1/1"
        }
      ]
    }
  ],
  "fee": 0.00000211
}

For what I can understand, the psbt prepared by Core is complete in the sense you mean and include a non segwit output in the previous tx(?). I will try to sign THIS with the three wallets. Mmmh... Bitbox02 gives me this:

../HWI/hwi.py -f faef9880 signtx cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD+////AlDDAAAAAAAAGXapFDRKD0jKFQ7CuQOBdmC5tosTpnAmiKx9wgAAAAAAACIAIK6iSMo8ZHFPeKcGk4I5BspFJE1L+u7hsnWrQ6COG2UAAAAAAAABAJQCAAAAAXh0fFbfxWYGNSzyuyJpKdKM/KTiLtosUquYZVwLARWXAAAAABcWABQcA+VzwTGY79kpsOEScw+9Ob4FDv7///8CbpYqAAAAAAAWABT9lJltcQLQoTPSgKb0W34HSvbdXqCGAQAAAAAAIgAgzX5tys0s4eo9dZ8YBo83tdIspB9g06aUEvtCyEYOxXwZ6xwAAQEroIYBAAAAAAAiACDNfm3KzSzh6j11nxgGjze10iykH2DTppQS+0LIRg7FfAEFaVMhAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/IQKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kCEC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz29TriIGAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/HPrvmIAwAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kBy5jv2uMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAAAAAAQFpUyECPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0hAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wIQMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDslOuIgICPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0c11nfNjAAAIABAACAAAAAgAIAAIABAAAAAQAAACICAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAEAAAAiAgMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDshy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAABAAAAAA==
BitBox02 attestation check PASSED
{"error": "Input script type not recognized of input 0.", "code": -7}

Also Trezor gives me an other error but Ledger signs it.

benma commented 3 years ago

Are you sure you are using the multisig PR? The input itself looks fine.

What is missing though from the PSBT is the PSBT_GLOBAL_XPUB field, containing all three xpubs. It seems bitcoin-core does not export them. I filed an issue about it: https://github.com/bitcoin/bitcoin/issues/20533

Try using Electrum for now to setup your wallet, make a tx and then export the PSBT from there.

gabridome commented 3 years ago

Are you sure you are using the multisig PR? The input itself looks fine.

You were right. This is the result with the right directory:

../HWI2/hwi.py -f faef9880 signtx cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD+////AlDDAAAAAAAAGXapFDRKD0jKFQ7CuQOBdmC5tosTpnAmiKx9wgAAAAAAACIAIK6iSMo8ZHFPeKcGk4I5BspFJE1L+u7hsnWrQ6COG2UAAAAAAAABAJQCAAAAAXh0fFbfxWYGNSzyuyJpKdKM/KTiLtosUquYZVwLARWXAAAAABcWABQcA+VzwTGY79kpsOEScw+9Ob4FDv7///8CbpYqAAAAAAAWABT9lJltcQLQoTPSgKb0W34HSvbdXqCGAQAAAAAAIgAgzX5tys0s4eo9dZ8YBo83tdIspB9g06aUEvtCyEYOxXwZ6xwAAQEroIYBAAAAAAAiACDNfm3KzSzh6j11nxgGjze10iykH2DTppQS+0LIRg7FfAEFaVMhAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/IQKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kCEC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz29TriIGAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/HPrvmIAwAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kBy5jv2uMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAAAAAAQFpUyECPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0hAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wIQMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDslOuIgICPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0c11nfNjAAAIABAACAAAAAgAIAAIABAAAAAQAAACICAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAEAAAAiAgMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDshy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAABAAAAAA==
BitBox02 attestation check PASSED
{"error": "This BitBox02 is not one of the cosigners", "code": -7}

Which is strange because I imported this descriptors:

bitcoin-cli -testnet -rpcwallet=3of3withBDK importdescriptors "[\
{\"desc\":\"$dest\",\"timestamp\":\"now\",\"active\":true,\"internal\":false},\
{\"desc\":\"$dint\",\"timestamp\":\"now\",\"active\":true,\"internal\":true}]"
# in which the env $dest:
echo $dest
wsh(sortedmulti(3,[b98efdae/48'/1'/0'/2']tpubDDwagvhh5rcGdpLm4vhTUtihfdfoaApfwB16eAgkjFBkjcyvU6VZ4hmttdKfkxpiNihpgLEMcZSjjSY4YegjsacBfoH8uRjQfPgXhD68iCT/0/*,[d759df36/48'/1'/0'/2']tpubDF8y2sXUFTioAePCQJmS7ctENhKUZoKuAyi4nCpyA3RQMuQyJ6kMEqwXY9GmDNxvwGwQ8Yc93cux79ypoi1UAJV6mf4tU5Ed12BDutMLP7V/0/*,[faef9880/48'/1'/0'/2']tpubDEpe6LEQzqwaQVL7MZo2kG3sQj57YjxfgLe3RPyKU1sgikwvDSVfbaJjPPCzrRDmPryz8sBFWnD2mkxmEiTRgR4sS6SQS3YN8VTjbAeSHss/0/*))#5x2trlu9

The last xpub of the descriptor is the one of the bitbox:

../HWI2/hwi.py --testnet -f faef9880 getxpub m/48h/1h/0h/2h
BitBox02 attestation check PASSED
{"xpub": "tpubDEpe6LEQzqwaQVL7MZo2kG3sQj57YjxfgLe3RPyKU1sgikwvDSVfbaJjPPCzrRDmPryz8sBFWnD2mkxmEiTRgR4sS6SQS3YN8VTjbAeSHss"}

And you can see that the psbt was prepared with that very wallet:

bitcoin-cli -testnet -rpcwallet=3of3withBDK walletcreatefundedpsbt "[]" "[{\"mkHS9ne12qx9pS9VojpwU5xtRd4T7X7ZUt\":0.0005}]"
{
  "psbt": "cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD+////AlDDAAAAAAAAGXapFDRKD0jKFQ7CuQOBdmC5tosTpnAmiKx9wgAAAAAAACIAIK6iSMo8ZHFPeKcGk4I5BspFJE1L+u7hsnWrQ6COG2UAAAAAAAABAJQCAAAAAXh0fFbfxWYGNSzyuyJpKdKM/KTiLtosUquYZVwLARWXAAAAABcWABQcA+VzwTGY79kpsOEScw+9Ob4FDv7///8CbpYqAAAAAAAWABT9lJltcQLQoTPSgKb0W34HSvbdXqCGAQAAAAAAIgAgzX5tys0s4eo9dZ8YBo83tdIspB9g06aUEvtCyEYOxXwZ6xwAAQEroIYBAAAAAAAiACDNfm3KzSzh6j11nxgGjze10iykH2DTppQS+0LIRg7FfAEFaVMhAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/IQKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kCEC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz29TriIGAg24d4WfjWrqd5TmQqdOEgcgQv3zMa7I4E2HJ3kMXpG/HPrvmIAwAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgKXb3GS/5Bc37GnRyD2WLWyun02z6Vv4GeD63Nmg2m8kBy5jv2uMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYC7adMX2Mxhn837f8Y9QoL28nVH29DySVEpCKSfqrMz28c11nfNjAAAIABAACAAAAAgAIAAIAAAAAAAAAAAAAAAQFpUyECPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0hAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wIQMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDslOuIgICPBddF1sF+6t/eLPnXoyhNyth4bgErVZU+wej0hBLit0c11nfNjAAAIABAACAAAAAgAIAAIABAAAAAQAAACICAxD4TyqALP9c5TA+JhEkPHva52vwX78df4/BCcS+Mv7wHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAEAAAAiAgMvw8GjnXFeLC7b2OmMHFDGGzabDLblQPQajbRf63hDshy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAABAAAAAA==",
  "fee": 0.00000211,
  "changepos": 1
}

What is missing though from the PSBT is the PSBT_GLOBAL_XPUB field, containing all three xpubs. It seems bitcoin-core does not export them. I filed an issue about it: bitcoin/bitcoin#20533

Well done. To be fair, I am using a Core version in master that supports descriptor wallets.

Try using Electrum for now to setup your wallet, make a tx and then export the PSBT from there.

Let me just check if they have fixed something in Core in the last commits... I'll then try to seutp the wallet in Electrum (I don't think they support descriptors though)

gabridome commented 3 years ago

I prepared the transaction with Electrum (to obtain the .psbt was not so easy) but, in the end, at least the bitbox02 part was done:

proj/HWI2/hwi.py --testnet -f faef9880 signtx cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD9////AiTCAAAAAAAAIgAg7Y0ZD7rbmzL59fqIirQLdcw+W3WinPfTLvAz2yRLutxQwwAAAAAAABl2qRQ0Sg9IyhUOwrkDgXZgubaLE6ZwJoisxOwcAE8BAldUgwR8kmaWgAAAAjmd11QmHmUwFGc3IGhc5z5QVu1itAx0JTUXqronbNhtAjwTYtoi6uw6yUvFo/ogE20FLwA5kgr/rIHaoZa+Ev4SFPrvmIAwAACAAQAAgAAAAIACAACATwECV1SDBATNmOmAAAACUIDM7s4FlkHgnZm/1J3GlJcU8hI7FadOV9cMa47wW2MCd42oPgFodAt5P7dl2nU7z9B81VvTsZDmx81M8Gm2pOQUuY79rjAAAIABAACAAAAAgAIAAIBPAQJXVIMEp4+FmIAAAAKCUOvB3sAJy8SbCCk8LoZbAMjnXxzo9FP2Ds0+HDHBTQO1DnBVAn+xTo7cBzAUs0OWgHAvTJh+7H/Mb2Ybixv0zBTXWd82MAAAgAEAAIAAAACAAgAAgAABAP0BAQIAAAAAAQF4dHxW38VmBjUs8rsiaSnSjPyk4i7aLFKrmGVcCwEVlwAAAAAXFgAUHAPlc8ExmO/ZKbDhEnMPvTm+BQ7+////Am6WKgAAAAAAFgAU/ZSZbXEC0KEz0oCm9Ft+B0r23V6ghgEAAAAAACIAIM1+bcrNLOHqPXWfGAaPN7XSLKQfYNOmlBL7QshGDsV8AkcwRAIgJE9MVi4kJfaMEWq6qex0A8GUP8Ba+t2IOZKhB4XrS/8CIFBUf1gr8V5W7vInLowHrOflzIWXfRfudBqbc+WhKQnGASECkMDsgwiGNhoyvE3NRQ/Lj8+jr9UTraMCV1KJ+4jKlwYZ6xwAAQVpUyECDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb8hApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQIQLtp0xfYzGGfzft/xj1CgvbydUfb0PJJUSkIpJ+qszPb1OuIgYCDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb8c+u+YgDAAAIABAACAAAAAgAIAAIAAAAAAAAAAACIGApdvcZL/kFzfsadHIPZYtbK6fTbPpW/gZ4Prc2aDabyQHLmO/a4wAACAAQAAgAAAAIACAACAAAAAAAAAAAAiBgLtp0xfYzGGfzft/xj1CgvbydUfb0PJJUSkIpJ+qszPbxzXWd82MAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAAAEBaVMhAoBoywLA0inER/wCbSolmjFCTG52NZtFHlN0GQk0NGqXIQNj7V0eZ5g7cY+HP/cLiEJRjTvN3oHc8zaqIKAEGbh3kyEDlTfQdm5SN6tRdaU12D4QqUHUpMNAF6UyTQw8XndyxWRTriICAoBoywLA0inER/wCbSolmjFCTG52NZtFHlN0GQk0NGqXHNdZ3zYwAACAAQAAgAAAAIACAACAAQAAAAAAAAAiAgNj7V0eZ5g7cY+HP/cLiEJRjTvN3oHc8zaqIKAEGbh3kxz675iAMAAAgAEAAIAAAACAAgAAgAEAAAAAAAAAIgIDlTfQdm5SN6tRdaU12D4QqUHUpMNAF6UyTQw8XndyxWQcuY79rjAAAIABAACAAAAAgAIAAIABAA
AAAAAAAAAA
BitBox02 attestation check PASSED
{"psbt": "cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD9////AiTCAAAAAAAAIgAg7Y0ZD7rbmzL59fqIirQLdcw+W3WinPfTLvAz2yRLutxQwwAAAAAAABl2qRQ0Sg9IyhUOwrkDgXZgubaLE6ZwJoisxOwcAE8BAldUgwQEzZjpgAAAAlCAzO7OBZZB4J2Zv9SdxpSXFPISOxWnTlfXDGuO8FtjAneNqD4BaHQLeT+3Zdp1O8/QfNVb07GQ5sfNTPBptqTkFLmO/a4wAACAAQAAgAAAAIACAACATwECV1SDBHySZpaAAAACOZ3XVCYeZTAUZzcgaFznPlBW7WK0DHQlNRequids2G0CPBNi2iLq7DrJS8Wj+iATbQUvADmSCv+sgdqhlr4S/hIU+u+YgDAAAIABAACAAAAAgAIAAIBPAQJXVIMEp4+FmIAAAAKCUOvB3sAJy8SbCCk8LoZbAMjnXxzo9FP2Ds0+HDHBTQO1DnBVAn+xTo7cBzAUs0OWgHAvTJh+7H/Mb2Ybixv0zBTXWd82MAAAgAEAAIAAAACAAgAAgAABAP0BAQIAAAAAAQF4dHxW38VmBjUs8rsiaSnSjPyk4i7aLFKrmGVcCwEVlwAAAAAXFgAUHAPlc8ExmO/ZKbDhEnMPvTm+BQ7+////Am6WKgAAAAAAFgAU/ZSZbXEC0KEz0oCm9Ft+B0r23V6ghgEAAAAAACIAIM1+bcrNLOHqPXWfGAaPN7XSLKQfYNOmlBL7QshGDsV8AkcwRAIgJE9MVi4kJfaMEWq6qex0A8GUP8Ba+t2IOZKhB4XrS/8CIFBUf1gr8V5W7vInLowHrOflzIWXfRfudBqbc+WhKQnGASECkMDsgwiGNhoyvE3NRQ/Lj8+jr9UTraMCV1KJ+4jKlwYZ6xwAIgICDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb9HMEQCICEj/BoVjP6aQhpVjQHm8ofRq5OcdSMxOZiXoWd/ehUAAiABZ/Y70b5Vjuy9F4GNeqp1nf7dlR7ji8Nn7afEoCMUEAEBBWlTIQINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6RvyECl29xkv+QXN+xp0cg9li1srp9Ns+lb+Bng+tzZoNpvJAhAu2nTF9jMYZ/N+3/GPUKC9vJ1R9vQ8klRKQikn6qzM9vU64iBgINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6Rvxz675iAMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYCl29xkv+QXN+xp0cg9li1srp9Ns+lb+Bng+tzZoNpvJAcuY79rjAAAIABAACAAAAAgAIAAIAAAAAAAAAAACIGAu2nTF9jMYZ/N+3/GPUKC9vJ1R9vQ8klRKQikn6qzM9vHNdZ3zYwAACAAQAAgAAAAIACAACAAAAAAAAAAAAAAQFpUyECgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apchA2PtXR5nmDtxj4c/9wuIQlGNO83egdzzNqogoAQZuHeTIQOVN9B2blI3q1F1pTXYPhCpQdSkw0AXpTJNDDxed3LFZFOuIgICgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apcc11nfNjAAAIABAACAAAAAgAIAAIABAAAAAAAAACICA2PtXR5nmDtxj4c/9wuIQlGNO83egdzzNqogoAQZuHeTHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAAAAAAiAgOVN9B2blI3q1F1pTXYPhCpQdSkw0AXpTJNDDxed3LFZBy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAAAAAAAAAA="}

I had to press a lot of buttons on the bitbox02 to name the account and to confirm the xpubs but they weren't shown on the screen.

At this point Electrum seems the only application capable to prepare a multisig transaction in psbt format. @benma , Thank you for the post about multisig. I'm reading it carefully. Even if I'm learning how difficult it is, I think it is important to push for more interoperability in this field. I hope to be more and more useful as I learn.

Problem is Trezor and Ledger seem to refuse the psbt now:

proj/HWI2/hwi.py -f d759df36 signtx cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD9////AiTCAAAAAAAAIgAg7Y0ZD7rbmzL59fqIirQLdcw+W3WinPfTLvAz2yRLutxQwwAAAAAAABl2qRQ0Sg9IyhUOwrkDgXZgubaLE6ZwJoisxOwcAE8BAldUgwQEzZjpgAAAAlCAzO7OBZZB4J2Zv9SdxpSXFPISOxWnTlfXDGuO8FtjAneNqD4BaHQLeT+3Zdp1O8/QfNVb07GQ5sfNTPBptqTkFLmO/a4wAACAAQAAgAAAAIACAACATwECV1SDBHySZpaAAAACOZ3XVCYeZTAUZzcgaFznPlBW7WK0DHQlNRequids2G0CPBNi2iLq7DrJS8Wj+iATbQUvADmSCv+sgdqhlr4S/hIU+u+YgDAAAIABAACAAAAAgAIAAIBPAQJXVIMEp4+FmIAAAAKCUOvB3sAJy8SbCCk8LoZbAMjnXxzo9FP2Ds0+HDHBTQO1DnBVAn+xTo7cBzAUs0OWgHAvTJh+7H/Mb2Ybixv0zBTXWd82MAAAgAEAAIAAAACAAgAAgAABAP0BAQIAAAAAAQF4dHxW38VmBjUs8rsiaSnSjPyk4i7aLFKrmGVcCwEVlwAAAAAXFgAUHAPlc8ExmO/ZKbDhEnMPvTm+BQ7+////Am6WKgAAAAAAFgAU/ZSZbXEC0KEz0oCm9Ft+B0r23V6ghgEAAAAAACIAIM1+bcrNLOHqPXWfGAaPN7XSLKQfYNOmlBL7QshGDsV8AkcwRAIgJE9MVi4kJfaMEWq6qex0A8GUP8Ba+t2IOZKhB4XrS/8CIFBUf1gr8V5W7vInLowHrOflzIWXfRfudBqbc+WhKQnGASECkMDsgwiGNhoyvE3NRQ/Lj8+jr9UTraMCV1KJ+4jKlwYZ6xwAIgICDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb9HMEQCICEj/BoVjP6aQhpVjQHm8ofRq5OcdSMxOZiXoWd/ehUAAiABZ/Y70b5Vjuy9F4GNeqp1nf7dlR7ji8Nn7afEoCMUEAEBBWlTIQINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6RvyECl29xkv+QXN+xp0cg9li1srp9Ns+lb+Bng+tzZoNpvJAhAu2nTF9jMYZ/N+3/GPUKC9vJ1R9vQ8klRKQikn6qzM9vU64iBgINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6Rvxz675iAMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYCl29xkv+QXN+xp0cg9li1srp9Ns+lb+Bng+tzZoNpvJAcuY79rjAAAIABAACAAAAAgAIAAIAAAAAAAAAAACIGAu2nTF9jMYZ/N+3/GPUKC9vJ1R9vQ8klRKQikn6qzM9vHNdZ3zYwAACAAQAAgAAAAIACAACAAAAAAAAAAAAAAQFpUyECgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apchA2PtXR5nmDtxj4c/9wuIQlGNO83egdzzNqogoAQZuHeTIQOVN9B2blI3q1F1pTXYPhCpQdSkw0AXpTJNDDxed3LFZFOuIgICgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apcc11nfNjAAAIABAACAAAAAgAIAAIABAAAAAAAAACICA2PtXR5nmDtxj4c/9wuIQlGNO83egdzzNqogoAQZuHeTHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAAAAAAiAgOVN9B2blI3q1F1pTXYPhCpQdSkw0AXpTJNDDxed3LFZBy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAAAAAAAAAA=
{"error": "'KeyOriginInfo' object is not subscriptable", "code": -13}

proj/HWI2/hwi.py -f b98efdae signtx cHNidP8BAIACAAAAAblWd3WVLhFh8hSyhu0qdHMq3T6MSvdfYEZerhrJE4JbAQAAAAD9////AiTCAAAAAAAAIgAg7Y0ZD7rbmzL59fqIirQLdcw+W3WinPfTLvAz2yRLutxQwwAAAAAAABl2qRQ0Sg9IyhUOwrkDgXZgubaLE6ZwJoisxOwcAE8BAldUgwQEzZjpgAAAAlCAzO7OBZZB4J2Zv9SdxpSXFPISOxWnTlfXDGuO8FtjAneNqD4BaHQLeT+3Zdp1O8/QfNVb07GQ5sfNTPBptqTkFLmO/a4wAACAAQAAgAAAAIACAACATwECV1SDBHySZpaAAAACOZ3XVCYeZTAUZzcgaFznPlBW7WK0DHQlNRequids2G0CPBNi2iLq7DrJS8Wj+iATbQUvADmSCv+sgdqhlr4S/hIU+u+YgDAAAIABAACAAAAAgAIAAIBPAQJXVIMEp4+FmIAAAAKCUOvB3sAJy8SbCCk8LoZbAMjnXxzo9FP2Ds0+HDHBTQO1DnBVAn+xTo7cBzAUs0OWgHAvTJh+7H/Mb2Ybixv0zBTXWd82MAAAgAEAAIAAAACAAgAAgAABAP0BAQIAAAAAAQF4dHxW38VmBjUs8rsiaSnSjPyk4i7aLFKrmGVcCwEVlwAAAAAXFgAUHAPlc8ExmO/ZKbDhEnMPvTm+BQ7+////Am6WKgAAAAAAFgAU/ZSZbXEC0KEz0oCm9Ft+B0r23V6ghgEAAAAAACIAIM1+bcrNLOHqPXWfGAaPN7XSLKQfYNOmlBL7QshGDsV8AkcwRAIgJE9MVi4kJfaMEWq6qex0A8GUP8Ba+t2IOZKhB4XrS/8CIFBUf1gr8V5W7vInLowHrOflzIWXfRfudBqbc+WhKQnGASECkMDsgwiGNhoyvE3NRQ/Lj8+jr9UTraMCV1KJ+4jKlwYZ6xwAIgICDbh3hZ+Naup3lOZCp04SByBC/fMxrsjgTYcneQxekb9HMEQCICEj/BoVjP6aQhpVjQHm8ofRq5OcdSMxOZiXoWd/ehUAAiABZ/Y70b5Vjuy9F4GNeqp1nf7dlR7ji8Nn7afEoCMUEAEBBWlTIQINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6RvyECl29xkv+QXN+xp0cg9li1srp9Ns+lb+Bng+tzZoNpvJAhAu2nTF9jMYZ/N+3/GPUKC9vJ1R9vQ8klRKQikn6qzM9vU64iBgINuHeFn41q6neU5kKnThIHIEL98zGuyOBNhyd5DF6Rvxz675iAMAAAgAEAAIAAAACAAgAAgAAAAAAAAAAAIgYCl29xkv+QXN+xp0cg9li1srp9Ns+lb+Bng+tzZoNpvJAcuY79rjAAAIABAACAAAAAgAIAAIAAAAAAAAAAACIGAu2nTF9jMYZ/N+3/GPUKC9vJ1R9vQ8klRKQikn6qzM9vHNdZ3zYwAACAAQAAgAAAAIACAACAAAAAAAAAAAAAAQFpUyECgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apchA2PtXR5nmDtxj4c/9wuIQlGNO83egdzzNqogoAQZuHeTIQOVN9B2blI3q1F1pTXYPhCpQdSkw0AXpTJNDDxed3LFZFOuIgICgGjLAsDSKcRH/AJtKiWaMUJMbnY1m0UeU3QZCTQ0apcc11nfNjAAAIABAACAAAAAgAIAAIABAAAAAAAAACICA2PtXR5nmDtxj4c/9wuIQlGNO83egdzzNqogoAQZuHeTHPrvmIAwAACAAQAAgAAAAIACAACAAQAAAAAAAAAiAgOVN9B2blI3q1F1pTXYPhCpQdSkw0AXpTJNDDxed3LFZBy5jv2uMAAAgAEAAIAAAACAAgAAgAEAAAAAAAAAAAA=
Please confirm action on your Trezor device
{"error": "ProcessError: Failed to compile input", "code": -13}
benma commented 3 years ago

Great!

I had to press a lot of buttons on the bitbox02 to name the account and to confirm the xpubs but they weren't shown on the screen.

Yeah correct multisig setup is currently very difficult. You are supposed to make a backup of your multisig setup, including all xpubs, and then confirm the xpubs in your backup against what each hardware wallet shows on its screen. This is partly impossible today depending on which HW wallets you use.