Implement GetKey for KeyMap

[tcharding]

Create a KeyMap type to replace the current BTreeMap alias and implement bitcoin::psbt::GetKey for it.

Close: #709

[tcharding]

cc @LLFourn

[apoelstra]

Nice! Yeah, this is probably the right approach.

In 00342a1 you have a bunch of unreachables because you assume that public keys map consistently to secret keys. I think this is a reasonable assumption, but you need to enforce it in the insert method. Or perhaps you could change insert to just take a secret key, and do the pubkey computation itself.

Alternately, you could make insert be non-pub so that the type can only be constructed by calling Descriptor::parse_descriptor. This might be the better approach. (Though in this case I'd still add an assertion to insert checking consistency of the public and secret keys.)i

[LLFourn]

Thanks @tcharding. It might be nice to be able to append your key maps onto each other so you keep one big jumble of secret keys across all your descriptors in the application. This is possible now but would be harder to do if you make the field private (which does seem like the right thing in general). So maybe an .extend with another keymap. If you make it private you probably want to make a way to iterate it too.

[tcharding]

Yes I threw the pub inner field so as not to have to implement the whole BTreeMap API but private inner is probably better as you say - I can do this now we a have loose concept ack.

[ValuedMammal]

Concept ACK

[sanket1729]

It might be nice to be able to append your key maps onto each other so you keep one big jumble of secret keys across all your descriptors in the application.

Maybe in the longer term, a cleaner solution is to implement rust-bitcoin to implement GetKey for a tuple, vec, set of things that already implement GetKey.

impl_get_key_tuple!((T1, T2))
impl GetKey for Vec<T> where T: GetKey {
}
impl GetKey for BtreeSet<T>...

[sanket1729]

Concept ACK.

[tcharding]

Implemented iter::IntoIterator and iter::Extend, would love someone else to give a few minutes to thinking if this is all of the iterator traits we need please.

Also made new take only the secret key. I did not remove any unreachable calls, nor did I add an assertion on the pk/sk since pk in insertion is now controlled.

[Copilot]

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

Comments suppressed due to low confidence (2)

src/descriptor/key_map.rs:143

• The use of the unreachable! macro can be problematic if assumptions change. Consider handling this case more gracefully.

unreachable!("XPrv maps to XPrv")

src/descriptor/key_map.rs:22

• [nitpick] The name KeyMap is quite generic. Consider renaming it to something more descriptive like DescriptorKeyMap.

pub struct KeyMap {

[Copilot]

The use of the unreachable! macro can be problematic if assumptions change. Consider handling this case more gracefully.

Suggested change

	_ => unreachable!("Single maps to Single"),
	_ => return Err(GetKeyError::InvalidKey),

[apoelstra]

Lol, no

[tcharding]

AI is so awesome I think we are all going to be out of a job soon.

[yancyribbens]

Not if your job is to have fun :)

[Copilot]

The use of the unreachable! macro can be problematic if assumptions change. Consider handling this case more gracefully.

[Copilot]

The use of the unreachable! macro can be problematic if assumptions change. Consider handling this case more gracefully.

[apoelstra]

Too bad. copilot has been around long enough that you'd think it would work, but 100% of its suggestions are wrong and it's full of irritating woke language like "harmful" and "problematic".

[apoelstra]

In d2c954a:

I think if you replace

match k {
    Thing => match key_request {
        Thing2 => ...

with

    match (k, key_request) {
        (Thing, Thing) => {

you can reduce the amount of indentation and should be able to reduce the number of branches.

[oleonardolima]

Yes, at least it looks better. I tried this, see: oleonardolima@4f304d1

[sanket1729]

Too bad. copilot has been around long enough that you'd think it would work, but 100% of its suggestions are wrong and it's full of irritating woke language like "harmful" and "problematic".

:) . Still too far. Let's try it in another 6 months.

[sanket1729]

@apoelstra @tcharding wdyt about #765 (comment)? I think that would solve future API requests like extend, merge etc

[apoelstra]

Maybe in the longer term, a cleaner solution is to implement rust-bitcoin to implement GetKey for a tuple, vec, set of things that already implement GetKey.

concept ACK, though we haven't really looked at GetKey upstream with an eye to 1.0. Unsure what the trait will look like when we do.

[tcharding]

FTR I had totally forgotten about this PR until @ValuedMammal tagged me. I tried but am unable to engage my brain right now to implement the review suggestion from Andrew (#765 (comment)).

[tcharding]

@apoelstra @tcharding wdyt about #765 (comment)? I think that would solve future API requests like extend, merge etc

I have no opinion ATM sorry mate simply because I haven't managed to context switch into miniscript properly right now.

[oleonardolima]

@tcharding I've been working on similar changes for bitcoindevkit/bdk_wallet#70 in bitcoindevkit/bdk_wallet#235, and I can continue the initial work from here and open another candidate PR. Is that fine?

I discussed with @ValuedMammal, and it seems that we could implement the GetKey for DescriptorSecretKey instead. Any previous thoughts on this?

[tcharding]

I've no real opinion mate, I don't work much on miniscript. I actually don't even know if this PR can go in or requires changes.

[apoelstra]

In d2c954a:

Both the contains_key check and the clone are unnecessary here.

[tcharding]

I had a dig and the BTreeMap::insert is a little different to this one because the value in the map can differ but because our map is mapping pk to sk it cannot, right? If that assumption is correct then I believe the code is correct if we want to unconditionally return the public key.

[apoelstra]

Oh, yeah, the clone may be necessary.

But the check isn't doing anything except a pointless lookup.

[apoelstra]

In d2c954a:

This might not be unreachable for every version of 0.32.x. You should just return None here.

[tcharding]

I was very confused by what was in this PR until I found rust-bitcoin/rust-bitcoin#4238

I've returned None as suggested and added a TODO because I think we can support XOnlyPublicKey look up as well, right? I'm not familiar enough with the codebase and not sharp enough right now to work it out. If this requires any thought on your part just say and I'll come back and think harder.

[tcharding]

Also are you ok with TODO in the codebase here in miniscript or would you prefer an issue?

[apoelstra]

Fine to have a TODO in the codebase.

[oleonardolima]

The existing get_key implementation for Xpriv does not cover the scenario when the KeyRequest::Bip32(..) uses the key origin information, and it'd need to be covered here (it's a scenario that's being tested by BDK).

I handled it this way in my implementation, see: oleonardolima@4f304d1#diff-9b4da42f4bda05e0c63a0bae838b0eae32dfc2d5511a0c8142db8acfa9337aa2R142-R160 it's tested by oleonardolima@4f304d1#diff-9b4da42f4bda05e0c63a0bae838b0eae32dfc2d5511a0c8142db8acfa9337aa2R391-R422

[oleonardolima]

Yes, at least it looks better. I tried this, see: oleonardolima@4f304d1

[tcharding]

Thanks for the review @oleonardolima, I'll look into your suggestions.