Expected use model for PSBT
I want to use Bitcoin Core to create a PSBT for offline signing (cold storage) of a multisig p2wsh-in-p2sh address, such as that created by Glacier. Based on the PSBT doc I assume I want the online node to be the Creator & Updater, and the offline node to be the Signer, Finalizer, and Extractor.
Firstly, what is the expected use model (using RPC)?
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Secondly, is this process expected to work in today's 0.17.1 software? Is it expected to change in the near future?
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
bitcoin-core
New contributor
add a comment |
I want to use Bitcoin Core to create a PSBT for offline signing (cold storage) of a multisig p2wsh-in-p2sh address, such as that created by Glacier. Based on the PSBT doc I assume I want the online node to be the Creator & Updater, and the offline node to be the Signer, Finalizer, and Extractor.
Firstly, what is the expected use model (using RPC)?
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Secondly, is this process expected to work in today's 0.17.1 software? Is it expected to change in the near future?
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
bitcoin-core
New contributor
add a comment |
I want to use Bitcoin Core to create a PSBT for offline signing (cold storage) of a multisig p2wsh-in-p2sh address, such as that created by Glacier. Based on the PSBT doc I assume I want the online node to be the Creator & Updater, and the offline node to be the Signer, Finalizer, and Extractor.
Firstly, what is the expected use model (using RPC)?
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Secondly, is this process expected to work in today's 0.17.1 software? Is it expected to change in the near future?
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
bitcoin-core
New contributor
I want to use Bitcoin Core to create a PSBT for offline signing (cold storage) of a multisig p2wsh-in-p2sh address, such as that created by Glacier. Based on the PSBT doc I assume I want the online node to be the Creator & Updater, and the offline node to be the Signer, Finalizer, and Extractor.
Firstly, what is the expected use model (using RPC)?
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Secondly, is this process expected to work in today's 0.17.1 software? Is it expected to change in the near future?
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
bitcoin-core
bitcoin-core
New contributor
New contributor
New contributor
asked 5 hours ago
Bitcoin Hodler
162
162
New contributor
New contributor
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
It is important to note that with this process, you will want to use a wallet that does not have private keys. Otherwise, you could accidentally be sending Bitcoin to an address that is in the online wallet. This especially important with change addresses because change addresses are automatically pulled from the current wallet. By disabling private keys, you won't have any change addresses (or other addresses) in the wallet that has your addresses imported. You can create a wallet that has no private keys by using createwallet "<wallet name>" true
.
When doing the following with bitcoin-cli
, make sure that you include the option -rpcwallet=<wallet name>
so that you are using the correct wallet that does not have private keys.
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Use the importmulti
command to import your addresses, their redeemScripts, and their witnessScripts, if any. When you receive coins to these addresses, you will be able to see them in your online wallet's balance using getbalance "*" 0 true
.
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
You can use the walletcreatefundedpsbt
command. Your command will be something like:
walletcreatefundedpsbt '' '[{"<recipient address>":<recipient amount>}]' 0 '{"includeWatching":true,"changeAddress":"<change address>"}' true
What this will do is create a transaction with the outputs to your recipients. It will then choose inputs from the wallet, and add them to the transaction. If there is change, it will use the change address that you specify. walletcreatefundedpsbt
has other options too. Read the help text for more information.
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Assuming that your offline node has the private keys, you can sign using the offline node by taking the PSBT from the previous step and using the walletprocesspsbt
command. Your command will be something like this:
walletprocesspsbt <psbt>
It will give you a PSBT that contains signatures. You can double check this by decoding it with decodepsbt <psbt>
.
Then you can finalize and extract using either your online or offline node, it doesn't matter. You will use finalizepsbt <psbt>
. If everything is correct, you will get a hex transaction that you can send with sendrawtransaction
. If some part of the process failed, then it will fail to finalize and extract, so you will get another PSBT from finalizepsbt
.
Secondly, is this process expected to work in today's 0.17.1 software?
Yes
Is it expected to change in the near future?
Not significantly. There may be more commands that are added that are useful, but not necessarily required. The format for the existing commands won't change significantly if at all.
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
Yes, it is secure, even if the online node is compromised. When the offline node signs, it does several checks. It will check that the entire previous transaction included for non-witness inputs has a txid that matches the one specified in the transaction being made. This ensures that you are spending what you expect to be spending.
For segwit inputs, part of what you are signing is the value of the output being spent. So you always know what amount you are spending. If the amount is incorrect (does not match the amount that you expect for that output), the signature will be invalid and thus the whole transaction will be invalid.
These checks ensure that what you sign will either be exactly what you expect it to be, or that the result is invalid and nothing moves anyways. Since the transaction includes full amount and scriptPubKey information, you can double check that the amounts are correct, the fee is correct, the inputs are the ones you want to use, and the outputs are the ones you want to create by using the decodepsbt
command.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "308"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Bitcoin Hodler is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f83070%2fexpected-use-model-for-psbt%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
It is important to note that with this process, you will want to use a wallet that does not have private keys. Otherwise, you could accidentally be sending Bitcoin to an address that is in the online wallet. This especially important with change addresses because change addresses are automatically pulled from the current wallet. By disabling private keys, you won't have any change addresses (or other addresses) in the wallet that has your addresses imported. You can create a wallet that has no private keys by using createwallet "<wallet name>" true
.
When doing the following with bitcoin-cli
, make sure that you include the option -rpcwallet=<wallet name>
so that you are using the correct wallet that does not have private keys.
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Use the importmulti
command to import your addresses, their redeemScripts, and their witnessScripts, if any. When you receive coins to these addresses, you will be able to see them in your online wallet's balance using getbalance "*" 0 true
.
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
You can use the walletcreatefundedpsbt
command. Your command will be something like:
walletcreatefundedpsbt '' '[{"<recipient address>":<recipient amount>}]' 0 '{"includeWatching":true,"changeAddress":"<change address>"}' true
What this will do is create a transaction with the outputs to your recipients. It will then choose inputs from the wallet, and add them to the transaction. If there is change, it will use the change address that you specify. walletcreatefundedpsbt
has other options too. Read the help text for more information.
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Assuming that your offline node has the private keys, you can sign using the offline node by taking the PSBT from the previous step and using the walletprocesspsbt
command. Your command will be something like this:
walletprocesspsbt <psbt>
It will give you a PSBT that contains signatures. You can double check this by decoding it with decodepsbt <psbt>
.
Then you can finalize and extract using either your online or offline node, it doesn't matter. You will use finalizepsbt <psbt>
. If everything is correct, you will get a hex transaction that you can send with sendrawtransaction
. If some part of the process failed, then it will fail to finalize and extract, so you will get another PSBT from finalizepsbt
.
Secondly, is this process expected to work in today's 0.17.1 software?
Yes
Is it expected to change in the near future?
Not significantly. There may be more commands that are added that are useful, but not necessarily required. The format for the existing commands won't change significantly if at all.
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
Yes, it is secure, even if the online node is compromised. When the offline node signs, it does several checks. It will check that the entire previous transaction included for non-witness inputs has a txid that matches the one specified in the transaction being made. This ensures that you are spending what you expect to be spending.
For segwit inputs, part of what you are signing is the value of the output being spent. So you always know what amount you are spending. If the amount is incorrect (does not match the amount that you expect for that output), the signature will be invalid and thus the whole transaction will be invalid.
These checks ensure that what you sign will either be exactly what you expect it to be, or that the result is invalid and nothing moves anyways. Since the transaction includes full amount and scriptPubKey information, you can double check that the amounts are correct, the fee is correct, the inputs are the ones you want to use, and the outputs are the ones you want to create by using the decodepsbt
command.
add a comment |
It is important to note that with this process, you will want to use a wallet that does not have private keys. Otherwise, you could accidentally be sending Bitcoin to an address that is in the online wallet. This especially important with change addresses because change addresses are automatically pulled from the current wallet. By disabling private keys, you won't have any change addresses (or other addresses) in the wallet that has your addresses imported. You can create a wallet that has no private keys by using createwallet "<wallet name>" true
.
When doing the following with bitcoin-cli
, make sure that you include the option -rpcwallet=<wallet name>
so that you are using the correct wallet that does not have private keys.
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Use the importmulti
command to import your addresses, their redeemScripts, and their witnessScripts, if any. When you receive coins to these addresses, you will be able to see them in your online wallet's balance using getbalance "*" 0 true
.
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
You can use the walletcreatefundedpsbt
command. Your command will be something like:
walletcreatefundedpsbt '' '[{"<recipient address>":<recipient amount>}]' 0 '{"includeWatching":true,"changeAddress":"<change address>"}' true
What this will do is create a transaction with the outputs to your recipients. It will then choose inputs from the wallet, and add them to the transaction. If there is change, it will use the change address that you specify. walletcreatefundedpsbt
has other options too. Read the help text for more information.
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Assuming that your offline node has the private keys, you can sign using the offline node by taking the PSBT from the previous step and using the walletprocesspsbt
command. Your command will be something like this:
walletprocesspsbt <psbt>
It will give you a PSBT that contains signatures. You can double check this by decoding it with decodepsbt <psbt>
.
Then you can finalize and extract using either your online or offline node, it doesn't matter. You will use finalizepsbt <psbt>
. If everything is correct, you will get a hex transaction that you can send with sendrawtransaction
. If some part of the process failed, then it will fail to finalize and extract, so you will get another PSBT from finalizepsbt
.
Secondly, is this process expected to work in today's 0.17.1 software?
Yes
Is it expected to change in the near future?
Not significantly. There may be more commands that are added that are useful, but not necessarily required. The format for the existing commands won't change significantly if at all.
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
Yes, it is secure, even if the online node is compromised. When the offline node signs, it does several checks. It will check that the entire previous transaction included for non-witness inputs has a txid that matches the one specified in the transaction being made. This ensures that you are spending what you expect to be spending.
For segwit inputs, part of what you are signing is the value of the output being spent. So you always know what amount you are spending. If the amount is incorrect (does not match the amount that you expect for that output), the signature will be invalid and thus the whole transaction will be invalid.
These checks ensure that what you sign will either be exactly what you expect it to be, or that the result is invalid and nothing moves anyways. Since the transaction includes full amount and scriptPubKey information, you can double check that the amounts are correct, the fee is correct, the inputs are the ones you want to use, and the outputs are the ones you want to create by using the decodepsbt
command.
add a comment |
It is important to note that with this process, you will want to use a wallet that does not have private keys. Otherwise, you could accidentally be sending Bitcoin to an address that is in the online wallet. This especially important with change addresses because change addresses are automatically pulled from the current wallet. By disabling private keys, you won't have any change addresses (or other addresses) in the wallet that has your addresses imported. You can create a wallet that has no private keys by using createwallet "<wallet name>" true
.
When doing the following with bitcoin-cli
, make sure that you include the option -rpcwallet=<wallet name>
so that you are using the correct wallet that does not have private keys.
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Use the importmulti
command to import your addresses, their redeemScripts, and their witnessScripts, if any. When you receive coins to these addresses, you will be able to see them in your online wallet's balance using getbalance "*" 0 true
.
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
You can use the walletcreatefundedpsbt
command. Your command will be something like:
walletcreatefundedpsbt '' '[{"<recipient address>":<recipient amount>}]' 0 '{"includeWatching":true,"changeAddress":"<change address>"}' true
What this will do is create a transaction with the outputs to your recipients. It will then choose inputs from the wallet, and add them to the transaction. If there is change, it will use the change address that you specify. walletcreatefundedpsbt
has other options too. Read the help text for more information.
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Assuming that your offline node has the private keys, you can sign using the offline node by taking the PSBT from the previous step and using the walletprocesspsbt
command. Your command will be something like this:
walletprocesspsbt <psbt>
It will give you a PSBT that contains signatures. You can double check this by decoding it with decodepsbt <psbt>
.
Then you can finalize and extract using either your online or offline node, it doesn't matter. You will use finalizepsbt <psbt>
. If everything is correct, you will get a hex transaction that you can send with sendrawtransaction
. If some part of the process failed, then it will fail to finalize and extract, so you will get another PSBT from finalizepsbt
.
Secondly, is this process expected to work in today's 0.17.1 software?
Yes
Is it expected to change in the near future?
Not significantly. There may be more commands that are added that are useful, but not necessarily required. The format for the existing commands won't change significantly if at all.
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
Yes, it is secure, even if the online node is compromised. When the offline node signs, it does several checks. It will check that the entire previous transaction included for non-witness inputs has a txid that matches the one specified in the transaction being made. This ensures that you are spending what you expect to be spending.
For segwit inputs, part of what you are signing is the value of the output being spent. So you always know what amount you are spending. If the amount is incorrect (does not match the amount that you expect for that output), the signature will be invalid and thus the whole transaction will be invalid.
These checks ensure that what you sign will either be exactly what you expect it to be, or that the result is invalid and nothing moves anyways. Since the transaction includes full amount and scriptPubKey information, you can double check that the amounts are correct, the fee is correct, the inputs are the ones you want to use, and the outputs are the ones you want to create by using the decodepsbt
command.
It is important to note that with this process, you will want to use a wallet that does not have private keys. Otherwise, you could accidentally be sending Bitcoin to an address that is in the online wallet. This especially important with change addresses because change addresses are automatically pulled from the current wallet. By disabling private keys, you won't have any change addresses (or other addresses) in the wallet that has your addresses imported. You can create a wallet that has no private keys by using createwallet "<wallet name>" true
.
When doing the following with bitcoin-cli
, make sure that you include the option -rpcwallet=<wallet name>
so that you are using the correct wallet that does not have private keys.
I've created privkeys, redemption script, and matching address on an offline node. How do I import this into my online node (presumably as a watch-only address)?
Use the importmulti
command to import your addresses, their redeemScripts, and their witnessScripts, if any. When you receive coins to these addresses, you will be able to see them in your online wallet's balance using getbalance "*" 0 true
.
Using the online node, how do I construct a PSBT that spends some of the UTXO(s) for this address?
You can use the walletcreatefundedpsbt
command. Your command will be something like:
walletcreatefundedpsbt '' '[{"<recipient address>":<recipient amount>}]' 0 '{"includeWatching":true,"changeAddress":"<change address>"}' true
What this will do is create a transaction with the outputs to your recipients. It will then choose inputs from the wallet, and add them to the transaction. If there is change, it will use the change address that you specify. walletcreatefundedpsbt
has other options too. Read the help text for more information.
Using the offline node, how do I sign said PSBT using the privkeys, redemption script, and matching address that I have stored on paper?
Assuming that your offline node has the private keys, you can sign using the offline node by taking the PSBT from the previous step and using the walletprocesspsbt
command. Your command will be something like this:
walletprocesspsbt <psbt>
It will give you a PSBT that contains signatures. You can double check this by decoding it with decodepsbt <psbt>
.
Then you can finalize and extract using either your online or offline node, it doesn't matter. You will use finalizepsbt <psbt>
. If everything is correct, you will get a hex transaction that you can send with sendrawtransaction
. If some part of the process failed, then it will fail to finalize and extract, so you will get another PSBT from finalizepsbt
.
Secondly, is this process expected to work in today's 0.17.1 software?
Yes
Is it expected to change in the near future?
Not significantly. There may be more commands that are added that are useful, but not necessarily required. The format for the existing commands won't change significantly if at all.
Thirdly, is this secure, assuming a secure offline node but an insecure online node? Can I be sure this isn't funding a too-large miner fee, for example? I understand that hardware wallets sometimes require the entire input transactions in order to verify input amounts.
Yes, it is secure, even if the online node is compromised. When the offline node signs, it does several checks. It will check that the entire previous transaction included for non-witness inputs has a txid that matches the one specified in the transaction being made. This ensures that you are spending what you expect to be spending.
For segwit inputs, part of what you are signing is the value of the output being spent. So you always know what amount you are spending. If the amount is incorrect (does not match the amount that you expect for that output), the signature will be invalid and thus the whole transaction will be invalid.
These checks ensure that what you sign will either be exactly what you expect it to be, or that the result is invalid and nothing moves anyways. Since the transaction includes full amount and scriptPubKey information, you can double check that the amounts are correct, the fee is correct, the inputs are the ones you want to use, and the outputs are the ones you want to create by using the decodepsbt
command.
answered 3 hours ago
Andrew Chow♦
30.4k42161
30.4k42161
add a comment |
add a comment |
Bitcoin Hodler is a new contributor. Be nice, and check out our Code of Conduct.
Bitcoin Hodler is a new contributor. Be nice, and check out our Code of Conduct.
Bitcoin Hodler is a new contributor. Be nice, and check out our Code of Conduct.
Bitcoin Hodler is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Bitcoin Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f83070%2fexpected-use-model-for-psbt%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown