// Copyright (c) 2009-present The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <psbt.h>

#include <common/types.h>

#include <node/types.h>

#include <policy/policy.h>

#include <script/signingprovider.h>

#include <util/check.h>

#include <util/strencodings.h>

using common::PSBTError;

PartiallySignedTransaction::PartiallySignedTransaction(const CMutableTransaction& tx) : tx(tx)

{

    inputs.resize(tx.vin.size());

    outputs.resize(tx.vout.size());

}

bool PartiallySignedTransaction::IsNull() const

{

    return !tx && inputs.empty() && outputs.empty() && unknown.empty();

  Branch (24:12): [True: 0, False: 0]
  Branch (24:19): [True: 0, False: 0]
  Branch (24:37): [True: 0, False: 0]
  Branch (24:56): [True: 0, False: 0]

}

bool PartiallySignedTransaction::Merge(const PartiallySignedTransaction& psbt)

{

    // Prohibited to merge two PSBTs over different transactions

    if (tx->GetHash() != psbt.tx->GetHash()) {

  Branch (30:9): [True: 0, False: 0]

        return false;

    }

    for (unsigned int i = 0; i < inputs.size(); ++i) {

  Branch (34:30): [True: 0, False: 0]

        inputs[i].Merge(psbt.inputs[i]);

    }

    for (unsigned int i = 0; i < outputs.size(); ++i) {

  Branch (37:30): [True: 0, False: 0]

        outputs[i].Merge(psbt.outputs[i]);

    }

    for (auto& xpub_pair : psbt.m_xpubs) {

  Branch (40:26): [True: 0, False: 0]

        if (m_xpubs.count(xpub_pair.first) == 0) {

  Branch (41:13): [True: 0, False: 0]

            m_xpubs[xpub_pair.first] = xpub_pair.second;

        } else {

            m_xpubs[xpub_pair.first].insert(xpub_pair.second.begin(), xpub_pair.second.end());

        }

    }

    unknown.insert(psbt.unknown.begin(), psbt.unknown.end());

    return true;

}

bool PartiallySignedTransaction::AddInput(const CTxIn& txin, PSBTInput& psbtin)

{

    if (std::find(tx->vin.begin(), tx->vin.end(), txin) != tx->vin.end()) {

  Branch (54:9): [True: 0, False: 0]

        return false;

    }

    tx->vin.push_back(txin);

    psbtin.partial_sigs.clear();

    psbtin.final_script_sig.clear();

    psbtin.final_script_witness.SetNull();

    inputs.push_back(psbtin);

    return true;

}

bool PartiallySignedTransaction::AddOutput(const CTxOut& txout, const PSBTOutput& psbtout)

{

    tx->vout.push_back(txout);

    outputs.push_back(psbtout);

    return true;

}

bool PartiallySignedTransaction::GetInputUTXO(CTxOut& utxo, int input_index) const

{

    const PSBTInput& input = inputs[input_index];

    uint32_t prevout_index = tx->vin[input_index].prevout.n;

    if (input.non_witness_utxo) {

  Branch (76:9): [True: 0, False: 0]

        if (prevout_index >= input.non_witness_utxo->vout.size()) {

  Branch (77:13): [True: 0, False: 0]

            return false;

        }

        if (input.non_witness_utxo->GetHash() != tx->vin[input_index].prevout.hash) {

  Branch (80:13): [True: 0, False: 0]

            return false;

        }

        utxo = input.non_witness_utxo->vout[prevout_index];

    } else if (!input.witness_utxo.IsNull()) {

  Branch (84:16): [True: 0, False: 0]

        utxo = input.witness_utxo;

    } else {

        return false;

    }

    return true;

}

bool PSBTInput::IsNull() const

{

    return !non_witness_utxo && witness_utxo.IsNull() && partial_sigs.empty() && unknown.empty() && hd_keypaths.empty() && redeem_script.empty() && witness_script.empty();

  Branch (94:12): [True: 0, False: 0]
  Branch (94:33): [True: 0, False: 0]
  Branch (94:58): [True: 0, False: 0]
  Branch (94:82): [True: 0, False: 0]
  Branch (94:101): [True: 0, False: 0]
  Branch (94:124): [True: 0, False: 0]
  Branch (94:149): [True: 0, False: 0]

}

void PSBTInput::FillSignatureData(SignatureData& sigdata) const

{

    if (!final_script_sig.empty()) {

  Branch (99:9): [True: 0, False: 0]

        sigdata.scriptSig = final_script_sig;

        sigdata.complete = true;

    }

    if (!final_script_witness.IsNull()) {

  Branch (103:9): [True: 0, False: 0]

        sigdata.scriptWitness = final_script_witness;

        sigdata.complete = true;

    }

    if (sigdata.complete) {

  Branch (107:9): [True: 0, False: 0]

        return;

    }

    sigdata.signatures.insert(partial_sigs.begin(), partial_sigs.end());

    if (!redeem_script.empty()) {

  Branch (112:9): [True: 0, False: 0]

        sigdata.redeem_script = redeem_script;

    }

    if (!witness_script.empty()) {

  Branch (115:9): [True: 0, False: 0]

        sigdata.witness_script = witness_script;

    }

    for (const auto& key_pair : hd_keypaths) {

  Branch (118:31): [True: 0, False: 0]

        sigdata.misc_pubkeys.emplace(key_pair.first.GetID(), key_pair);

    }

    if (!m_tap_key_sig.empty()) {

  Branch (121:9): [True: 0, False: 0]

        sigdata.taproot_key_path_sig = m_tap_key_sig;

    }

    for (const auto& [pubkey_leaf, sig] : m_tap_script_sigs) {

  Branch (124:41): [True: 0, False: 0]

        sigdata.taproot_script_sigs.emplace(pubkey_leaf, sig);

    }

    if (!m_tap_internal_key.IsNull()) {

  Branch (127:9): [True: 0, False: 0]

        sigdata.tr_spenddata.internal_key = m_tap_internal_key;

    }

    if (!m_tap_merkle_root.IsNull()) {

  Branch (130:9): [True: 0, False: 0]

        sigdata.tr_spenddata.merkle_root = m_tap_merkle_root;

    }

    for (const auto& [leaf_script, control_block] : m_tap_scripts) {

  Branch (133:51): [True: 0, False: 0]

        sigdata.tr_spenddata.scripts.emplace(leaf_script, control_block);

    }

    for (const auto& [pubkey, leaf_origin] : m_tap_bip32_paths) {

  Branch (136:44): [True: 0, False: 0]

        sigdata.taproot_misc_pubkeys.emplace(pubkey, leaf_origin);

        sigdata.tap_pubkeys.emplace(Hash160(pubkey), pubkey);

    }

    for (const auto& [hash, preimage] : ripemd160_preimages) {

  Branch (140:39): [True: 0, False: 0]

        sigdata.ripemd160_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);

    }

    for (const auto& [hash, preimage] : sha256_preimages) {

  Branch (143:39): [True: 0, False: 0]

        sigdata.sha256_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);

    }

    for (const auto& [hash, preimage] : hash160_preimages) {

  Branch (146:39): [True: 0, False: 0]

        sigdata.hash160_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);

    }

    for (const auto& [hash, preimage] : hash256_preimages) {

  Branch (149:39): [True: 0, False: 0]

        sigdata.hash256_preimages.emplace(std::vector<unsigned char>(hash.begin(), hash.end()), preimage);

    }

}

void PSBTInput::FromSignatureData(const SignatureData& sigdata)

{

    if (sigdata.complete) {

  Branch (156:9): [True: 0, False: 0]

        partial_sigs.clear();

        hd_keypaths.clear();

        redeem_script.clear();

        witness_script.clear();

        if (!sigdata.scriptSig.empty()) {

  Branch (162:13): [True: 0, False: 0]

            final_script_sig = sigdata.scriptSig;

        }

        if (!sigdata.scriptWitness.IsNull()) {

  Branch (165:13): [True: 0, False: 0]

            final_script_witness = sigdata.scriptWitness;

        }

        return;

    }

    partial_sigs.insert(sigdata.signatures.begin(), sigdata.signatures.end());

    if (redeem_script.empty() && !sigdata.redeem_script.empty()) {

  Branch (172:9): [True: 0, False: 0]
  Branch (172:34): [True: 0, False: 0]

        redeem_script = sigdata.redeem_script;

    }

    if (witness_script.empty() && !sigdata.witness_script.empty()) {

  Branch (175:9): [True: 0, False: 0]
  Branch (175:35): [True: 0, False: 0]

        witness_script = sigdata.witness_script;

    }

    for (const auto& entry : sigdata.misc_pubkeys) {

  Branch (178:28): [True: 0, False: 0]

        hd_keypaths.emplace(entry.second);

    }

    if (!sigdata.taproot_key_path_sig.empty()) {

  Branch (181:9): [True: 0, False: 0]

        m_tap_key_sig = sigdata.taproot_key_path_sig;

    }

    for (const auto& [pubkey_leaf, sig] : sigdata.taproot_script_sigs) {

  Branch (184:41): [True: 0, False: 0]

        m_tap_script_sigs.emplace(pubkey_leaf, sig);

    }

    if (!sigdata.tr_spenddata.internal_key.IsNull()) {

  Branch (187:9): [True: 0, False: 0]

        m_tap_internal_key = sigdata.tr_spenddata.internal_key;

    }

    if (!sigdata.tr_spenddata.merkle_root.IsNull()) {

  Branch (190:9): [True: 0, False: 0]

        m_tap_merkle_root = sigdata.tr_spenddata.merkle_root;

    }

    for (const auto& [leaf_script, control_block] : sigdata.tr_spenddata.scripts) {

  Branch (193:51): [True: 0, False: 0]

        m_tap_scripts.emplace(leaf_script, control_block);

    }

    for (const auto& [pubkey, leaf_origin] : sigdata.taproot_misc_pubkeys) {

  Branch (196:44): [True: 0, False: 0]

        m_tap_bip32_paths.emplace(pubkey, leaf_origin);

    }

}

void PSBTInput::Merge(const PSBTInput& input)

{

    if (!non_witness_utxo && input.non_witness_utxo) non_witness_utxo = input.non_witness_utxo;

  Branch (203:9): [True: 0, False: 0]
  Branch (203:30): [True: 0, False: 0]

    if (witness_utxo.IsNull() && !input.witness_utxo.IsNull()) {

  Branch (204:9): [True: 0, False: 0]
  Branch (204:34): [True: 0, False: 0]

        witness_utxo = input.witness_utxo;

    }

    partial_sigs.insert(input.partial_sigs.begin(), input.partial_sigs.end());

    ripemd160_preimages.insert(input.ripemd160_preimages.begin(), input.ripemd160_preimages.end());

    sha256_preimages.insert(input.sha256_preimages.begin(), input.sha256_preimages.end());

    hash160_preimages.insert(input.hash160_preimages.begin(), input.hash160_preimages.end());

    hash256_preimages.insert(input.hash256_preimages.begin(), input.hash256_preimages.end());

    hd_keypaths.insert(input.hd_keypaths.begin(), input.hd_keypaths.end());

    unknown.insert(input.unknown.begin(), input.unknown.end());

    m_tap_script_sigs.insert(input.m_tap_script_sigs.begin(), input.m_tap_script_sigs.end());

    m_tap_scripts.insert(input.m_tap_scripts.begin(), input.m_tap_scripts.end());

    m_tap_bip32_paths.insert(input.m_tap_bip32_paths.begin(), input.m_tap_bip32_paths.end());

    if (redeem_script.empty() && !input.redeem_script.empty()) redeem_script = input.redeem_script;

  Branch (219:9): [True: 0, False: 0]
  Branch (219:34): [True: 0, False: 0]

    if (witness_script.empty() && !input.witness_script.empty()) witness_script = input.witness_script;

  Branch (220:9): [True: 0, False: 0]
  Branch (220:35): [True: 0, False: 0]

    if (final_script_sig.empty() && !input.final_script_sig.empty()) final_script_sig = input.final_script_sig;

  Branch (221:9): [True: 0, False: 0]
  Branch (221:37): [True: 0, False: 0]

    if (final_script_witness.IsNull() && !input.final_script_witness.IsNull()) final_script_witness = input.final_script_witness;

  Branch (222:9): [True: 0, False: 0]
  Branch (222:42): [True: 0, False: 0]

    if (m_tap_key_sig.empty() && !input.m_tap_key_sig.empty()) m_tap_key_sig = input.m_tap_key_sig;

  Branch (223:9): [True: 0, False: 0]
  Branch (223:34): [True: 0, False: 0]

    if (m_tap_internal_key.IsNull() && !input.m_tap_internal_key.IsNull()) m_tap_internal_key = input.m_tap_internal_key;

  Branch (224:9): [True: 0, False: 0]
  Branch (224:40): [True: 0, False: 0]

    if (m_tap_merkle_root.IsNull() && !input.m_tap_merkle_root.IsNull()) m_tap_merkle_root = input.m_tap_merkle_root;

  Branch (225:9): [True: 0, False: 0]
  Branch (225:39): [True: 0, False: 0]

}

void PSBTOutput::FillSignatureData(SignatureData& sigdata) const

{

    if (!redeem_script.empty()) {

  Branch (230:9): [True: 0, False: 0]

        sigdata.redeem_script = redeem_script;

    }

    if (!witness_script.empty()) {

  Branch (233:9): [True: 0, False: 0]

        sigdata.witness_script = witness_script;

    }

    for (const auto& key_pair : hd_keypaths) {

  Branch (236:31): [True: 0, False: 0]

        sigdata.misc_pubkeys.emplace(key_pair.first.GetID(), key_pair);

    }

    if (!m_tap_tree.empty() && m_tap_internal_key.IsFullyValid()) {

  Branch (239:9): [True: 0, False: 0]
  Branch (239:32): [True: 0, False: 0]

        TaprootBuilder builder;

        for (const auto& [depth, leaf_ver, script] : m_tap_tree) {

  Branch (241:52): [True: 0, False: 0]

            builder.Add((int)depth, script, (int)leaf_ver, /*track=*/true);

        }

        assert(builder.IsComplete());

  Branch (244:9): [True: 0, False: 0]

        builder.Finalize(m_tap_internal_key);

        TaprootSpendData spenddata = builder.GetSpendData();

        sigdata.tr_spenddata.internal_key = m_tap_internal_key;

        sigdata.tr_spenddata.Merge(spenddata);

    }

    for (const auto& [pubkey, leaf_origin] : m_tap_bip32_paths) {

  Branch (251:44): [True: 0, False: 0]

        sigdata.taproot_misc_pubkeys.emplace(pubkey, leaf_origin);

        sigdata.tap_pubkeys.emplace(Hash160(pubkey), pubkey);

    }

}

void PSBTOutput::FromSignatureData(const SignatureData& sigdata)

{

    if (redeem_script.empty() && !sigdata.redeem_script.empty()) {

  Branch (259:9): [True: 0, False: 0]
  Branch (259:34): [True: 0, False: 0]

        redeem_script = sigdata.redeem_script;

    }

    if (witness_script.empty() && !sigdata.witness_script.empty()) {

  Branch (262:9): [True: 0, False: 0]
  Branch (262:35): [True: 0, False: 0]

        witness_script = sigdata.witness_script;

    }

    for (const auto& entry : sigdata.misc_pubkeys) {

  Branch (265:28): [True: 0, False: 0]

        hd_keypaths.emplace(entry.second);

    }

    if (!sigdata.tr_spenddata.internal_key.IsNull()) {

  Branch (268:9): [True: 0, False: 0]

        m_tap_internal_key = sigdata.tr_spenddata.internal_key;

    }

    if (sigdata.tr_builder.has_value() && sigdata.tr_builder->HasScripts()) {

  Branch (271:9): [True: 0, False: 0]
  Branch (271:43): [True: 0, False: 0]

        m_tap_tree = sigdata.tr_builder->GetTreeTuples();

    }

    for (const auto& [pubkey, leaf_origin] : sigdata.taproot_misc_pubkeys) {

  Branch (274:44): [True: 0, False: 0]

        m_tap_bip32_paths.emplace(pubkey, leaf_origin);

    }

}

bool PSBTOutput::IsNull() const

{

    return redeem_script.empty() && witness_script.empty() && hd_keypaths.empty() && unknown.empty();

  Branch (281:12): [True: 0, False: 0]
  Branch (281:37): [True: 0, False: 0]
  Branch (281:63): [True: 0, False: 0]
  Branch (281:86): [True: 0, False: 0]

}

void PSBTOutput::Merge(const PSBTOutput& output)

{

    hd_keypaths.insert(output.hd_keypaths.begin(), output.hd_keypaths.end());

    unknown.insert(output.unknown.begin(), output.unknown.end());

    m_tap_bip32_paths.insert(output.m_tap_bip32_paths.begin(), output.m_tap_bip32_paths.end());

    if (redeem_script.empty() && !output.redeem_script.empty()) redeem_script = output.redeem_script;

  Branch (290:9): [True: 0, False: 0]
  Branch (290:34): [True: 0, False: 0]

    if (witness_script.empty() && !output.witness_script.empty()) witness_script = output.witness_script;

  Branch (291:9): [True: 0, False: 0]
  Branch (291:35): [True: 0, False: 0]

    if (m_tap_internal_key.IsNull() && !output.m_tap_internal_key.IsNull()) m_tap_internal_key = output.m_tap_internal_key;

  Branch (292:9): [True: 0, False: 0]
  Branch (292:40): [True: 0, False: 0]

    if (m_tap_tree.empty() && !output.m_tap_tree.empty()) m_tap_tree = output.m_tap_tree;

  Branch (293:9): [True: 0, False: 0]
  Branch (293:31): [True: 0, False: 0]

}

bool PSBTInputSigned(const PSBTInput& input)

{

    return !input.final_script_sig.empty() || !input.final_script_witness.IsNull();

  Branch (298:12): [True: 0, False: 0]
  Branch (298:47): [True: 0, False: 0]

}

bool PSBTInputSignedAndVerified(const PartiallySignedTransaction psbt, unsigned int input_index, const PrecomputedTransactionData* txdata)

{

    CTxOut utxo;

    assert(psbt.inputs.size() >= input_index);

  Branch (304:5): [True: 0, False: 0]

    const PSBTInput& input = psbt.inputs[input_index];

    if (input.non_witness_utxo) {

  Branch (307:9): [True: 0, False: 0]

        // If we're taking our information from a non-witness UTXO, verify that it matches the prevout.

        COutPoint prevout = psbt.tx->vin[input_index].prevout;

        if (prevout.n >= input.non_witness_utxo->vout.size()) {

  Branch (310:13): [True: 0, False: 0]

            return false;

        }

        if (input.non_witness_utxo->GetHash() != prevout.hash) {

  Branch (313:13): [True: 0, False: 0]

            return false;

        }

        utxo = input.non_witness_utxo->vout[prevout.n];

    } else if (!input.witness_utxo.IsNull()) {

  Branch (317:16): [True: 0, False: 0]

        utxo = input.witness_utxo;

    } else {

        return false;

    }

    if (txdata) {

  Branch (323:9): [True: 0, False: 0]

        return VerifyScript(input.final_script_sig, utxo.scriptPubKey, &input.final_script_witness, STANDARD_SCRIPT_VERIFY_FLAGS, MutableTransactionSignatureChecker{&(*psbt.tx), input_index, utxo.nValue, *txdata, MissingDataBehavior::FAIL});

    } else {

        return VerifyScript(input.final_script_sig, utxo.scriptPubKey, &input.final_script_witness, STANDARD_SCRIPT_VERIFY_FLAGS, MutableTransactionSignatureChecker{&(*psbt.tx), input_index, utxo.nValue, MissingDataBehavior::FAIL});

    }

}

size_t CountPSBTUnsignedInputs(const PartiallySignedTransaction& psbt) {

    size_t count = 0;

    for (const auto& input : psbt.inputs) {

  Branch (332:28): [True: 0, False: 0]

        if (!PSBTInputSigned(input)) {

  Branch (333:13): [True: 0, False: 0]

            count++;

        }

    }

    return count;

}

void UpdatePSBTOutput(const SigningProvider& provider, PartiallySignedTransaction& psbt, int index)

{

    CMutableTransaction& tx = *Assert(psbt.tx);

    const CTxOut& out = tx.vout.at(index);

    PSBTOutput& psbt_out = psbt.outputs.at(index);

    // Fill a SignatureData with output info

    SignatureData sigdata;

    psbt_out.FillSignatureData(sigdata);

    // Construct a would-be spend of this output, to update sigdata with.

    // Note that ProduceSignature is used to fill in metadata (not actual signatures),

    // so provider does not need to provide any private keys (it can be a HidingSigningProvider).

    MutableTransactionSignatureCreator creator(tx, /*input_idx=*/0, out.nValue, SIGHASH_ALL);

    ProduceSignature(provider, creator, out.scriptPubKey, sigdata);

    // Put redeem_script, witness_script, key paths, into PSBTOutput.

    psbt_out.FromSignatureData(sigdata);

}

PrecomputedTransactionData PrecomputePSBTData(const PartiallySignedTransaction& psbt)

{

    const CMutableTransaction& tx = *psbt.tx;

    bool have_all_spent_outputs = true;

    std::vector<CTxOut> utxos(tx.vin.size());

    for (size_t idx = 0; idx < tx.vin.size(); ++idx) {

  Branch (366:26): [True: 0, False: 0]

        if (!psbt.GetInputUTXO(utxos[idx], idx)) have_all_spent_outputs = false;

  Branch (367:13): [True: 0, False: 0]

    }

    PrecomputedTransactionData txdata;

    if (have_all_spent_outputs) {

  Branch (370:9): [True: 0, False: 0]

        txdata.Init(tx, std::move(utxos), true);

    } else {

        txdata.Init(tx, {}, true);

    }

    return txdata;

}

PSBTError SignPSBTInput(const SigningProvider& provider, PartiallySignedTransaction& psbt, int index, const PrecomputedTransactionData* txdata, std::optional<int> sighash,  SignatureData* out_sigdata, bool finalize)

{

    PSBTInput& input = psbt.inputs.at(index);

    const CMutableTransaction& tx = *psbt.tx;

    if (PSBTInputSignedAndVerified(psbt, index, txdata)) {

  Branch (383:9): [True: 0, False: 0]

        return PSBTError::OK;

    }

    // Fill SignatureData with input info

    SignatureData sigdata;

    input.FillSignatureData(sigdata);

    // Get UTXO

    bool require_witness_sig = false;

    CTxOut utxo;

    if (input.non_witness_utxo) {

  Branch (395:9): [True: 0, False: 0]

        // If we're taking our information from a non-witness UTXO, verify that it matches the prevout.

        COutPoint prevout = tx.vin[index].prevout;

        if (prevout.n >= input.non_witness_utxo->vout.size()) {

  Branch (398:13): [True: 0, False: 0]

            return PSBTError::MISSING_INPUTS;

        }

        if (input.non_witness_utxo->GetHash() != prevout.hash) {

  Branch (401:13): [True: 0, False: 0]

            return PSBTError::MISSING_INPUTS;

        }

        utxo = input.non_witness_utxo->vout[prevout.n];

    } else if (!input.witness_utxo.IsNull()) {

  Branch (405:16): [True: 0, False: 0]

        utxo = input.witness_utxo;

        // When we're taking our information from a witness UTXO, we can't verify it is actually data from

        // the output being spent. This is safe in case a witness signature is produced (which includes this

        // information directly in the hash), but not for non-witness signatures. Remember that we require

        // a witness signature in this situation.

        require_witness_sig = true;

    } else {

        return PSBTError::MISSING_INPUTS;

    }

    // Get the sighash type

    // If both the field and the parameter are provided, they must match

    // If only the parameter is provided, use it and add it to the PSBT if it is other than SIGHASH_DEFAULT

    // for all input types, and not SIGHASH_ALL for non-taproot input types.

    // If neither are provided, use SIGHASH_DEFAULT if it is taproot, and SIGHASH_ALL for everything else.

    if (!sighash) sighash = utxo.scriptPubKey.IsPayToTaproot() ? SIGHASH_DEFAULT : SIGHASH_ALL;

  Branch (421:9): [True: 0, False: 0]
  Branch (421:29): [True: 0, False: 0]

    Assert(sighash.has_value());

    // For user safety, the desired sighash must be provided if the PSBT wants something other than the default set in the previous line.

    if (input.sighash_type && input.sighash_type != sighash) {

  Branch (424:9): [True: 0, False: 0]
  Branch (424:31): [True: 0, False: 0]

        return PSBTError::SIGHASH_MISMATCH;

    }

    // Set the PSBT sighash field when sighash is not DEFAULT or ALL

    // DEFAULT is allowed for non-taproot inputs since DEFAULT may be passed for them (e.g. the psbt being signed also has taproot inputs)

    // Note that signing already aliases DEFAULT to ALL for non-taproot inputs.

    if (utxo.scriptPubKey.IsPayToTaproot() ? sighash != SIGHASH_DEFAULT :

  Branch (430:9): [True: 0, False: 0]
  Branch (430:9): [True: 0, False: 0]

                                            (sighash != SIGHASH_DEFAULT && sighash != SIGHASH_ALL)) {

  Branch (431:46): [True: 0, False: 0]
  Branch (431:76): [True: 0, False: 0]

        input.sighash_type = sighash;

    }

    // Check all existing signatures use the sighash type

    if (sighash == SIGHASH_DEFAULT) {

  Branch (436:9): [True: 0, False: 0]

        if (!input.m_tap_key_sig.empty() && input.m_tap_key_sig.size() != 64) {

  Branch (437:13): [True: 0, False: 0]
  Branch (437:45): [True: 0, False: 0]

            return PSBTError::SIGHASH_MISMATCH;

        }

        for (const auto& [_, sig] : input.m_tap_script_sigs) {

  Branch (440:35): [True: 0, False: 0]

            if (sig.size() != 64) return PSBTError::SIGHASH_MISMATCH;

  Branch (441:17): [True: 0, False: 0]

        }

    } else {

        if (!input.m_tap_key_sig.empty() && (input.m_tap_key_sig.size() != 65 || input.m_tap_key_sig.back() != *sighash)) {

  Branch (444:13): [True: 0, False: 0]
  Branch (444:46): [True: 0, False: 0]
  Branch (444:82): [True: 0, False: 0]

            return PSBTError::SIGHASH_MISMATCH;

        }

        for (const auto& [_, sig] : input.m_tap_script_sigs) {

  Branch (447:35): [True: 0, False: 0]

            if (sig.size() != 65 || sig.back() != *sighash) return PSBTError::SIGHASH_MISMATCH;

  Branch (448:17): [True: 0, False: 0]
  Branch (448:37): [True: 0, False: 0]

        }

        for (const auto& [_, sig] : input.partial_sigs) {

  Branch (450:35): [True: 0, False: 0]

            if (sig.second.back() != *sighash) return PSBTError::SIGHASH_MISMATCH;

  Branch (451:17): [True: 0, False: 0]

        }

    }

    sigdata.witness = false;

    bool sig_complete;

    if (txdata == nullptr) {

  Branch (457:9): [True: 0, False: 0]

        sig_complete = ProduceSignature(provider, DUMMY_SIGNATURE_CREATOR, utxo.scriptPubKey, sigdata);

    } else {

        MutableTransactionSignatureCreator creator(tx, index, utxo.nValue, txdata, *sighash);

        sig_complete = ProduceSignature(provider, creator, utxo.scriptPubKey, sigdata);

    }

    // Verify that a witness signature was produced in case one was required.

    if (require_witness_sig && !sigdata.witness) return PSBTError::INCOMPLETE;

  Branch (464:9): [True: 0, False: 0]
  Branch (464:32): [True: 0, False: 0]

    // If we are not finalizing, set sigdata.complete to false to not set the scriptWitness

    if (!finalize && sigdata.complete) sigdata.complete = false;

  Branch (467:9): [True: 0, False: 0]
  Branch (467:22): [True: 0, False: 0]

    input.FromSignatureData(sigdata);

    // If we have a witness signature, put a witness UTXO.

    if (sigdata.witness) {

  Branch (472:9): [True: 0, False: 0]

        input.witness_utxo = utxo;

        // We can remove the non_witness_utxo if and only if there are no non-segwit or segwit v0

        // inputs in this transaction. Since this requires inspecting the entire transaction, this

        // is something for the caller to deal with (i.e. FillPSBT).

    }

    // Fill in the missing info

    if (out_sigdata) {

  Branch (480:9): [True: 0, False: 0]

        out_sigdata->missing_pubkeys = sigdata.missing_pubkeys;

        out_sigdata->missing_sigs = sigdata.missing_sigs;

        out_sigdata->missing_redeem_script = sigdata.missing_redeem_script;

        out_sigdata->missing_witness_script = sigdata.missing_witness_script;

    }

    return sig_complete ? PSBTError::OK : PSBTError::INCOMPLETE;

  Branch (487:12): [True: 0, False: 0]

}

void RemoveUnnecessaryTransactions(PartiallySignedTransaction& psbtx)

{

    // Figure out if any non_witness_utxos should be dropped

    std::vector<unsigned int> to_drop;

    for (unsigned int i = 0; i < psbtx.inputs.size(); ++i) {

  Branch (494:30): [True: 0, False: 0]

        const auto& input = psbtx.inputs.at(i);

        int wit_ver;

        std::vector<unsigned char> wit_prog;

        if (input.witness_utxo.IsNull() || !input.witness_utxo.scriptPubKey.IsWitnessProgram(wit_ver, wit_prog)) {

  Branch (498:13): [True: 0, False: 0]
  Branch (498:44): [True: 0, False: 0]

            // There's a non-segwit input, so we cannot drop any non_witness_utxos

            to_drop.clear();

            break;

        }

        if (wit_ver == 0) {

  Branch (503:13): [True: 0, False: 0]

            // Segwit v0, so we cannot drop any non_witness_utxos

            to_drop.clear();

            break;

        }

        // non_witness_utxos cannot be dropped if the sighash type includes SIGHASH_ANYONECANPAY

        // Since callers should have called SignPSBTInput which updates the sighash type in the PSBT, we only

        // need to look at that field. If it is not present, then we can assume SIGHASH_DEFAULT or SIGHASH_ALL.

        if (input.sighash_type != std::nullopt && (*input.sighash_type & 0x80) == SIGHASH_ANYONECANPAY) {

  Branch (511:13): [True: 0, False: 0]
  Branch (511:51): [True: 0, False: 0]

            to_drop.clear();

            break;

        }

        if (input.non_witness_utxo) {

  Branch (516:13): [True: 0, False: 0]

            to_drop.push_back(i);

        }

    }

    // Drop the non_witness_utxos that we can drop

    for (unsigned int i : to_drop) {

  Branch (522:25): [True: 0, False: 0]

        psbtx.inputs.at(i).non_witness_utxo = nullptr;

    }

}

bool FinalizePSBT(PartiallySignedTransaction& psbtx)

{

    // Finalize input signatures -- in case we have partial signatures that add up to a complete

    //   signature, but have not combined them yet (e.g. because the combiner that created this

    //   PartiallySignedTransaction did not understand them), this will combine them into a final

    //   script.

    bool complete = true;

    const PrecomputedTransactionData txdata = PrecomputePSBTData(psbtx);

    for (unsigned int i = 0; i < psbtx.tx->vin.size(); ++i) {

  Branch (535:30): [True: 0, False: 0]

        PSBTInput& input = psbtx.inputs.at(i);

        complete &= (SignPSBTInput(DUMMY_SIGNING_PROVIDER, psbtx, i, &txdata, input.sighash_type, nullptr, true) == PSBTError::OK);

    }

    return complete;

}

bool FinalizeAndExtractPSBT(PartiallySignedTransaction& psbtx, CMutableTransaction& result)

{

    // It's not safe to extract a PSBT that isn't finalized, and there's no easy way to check

    //   whether a PSBT is finalized without finalizing it, so we just do this.

    if (!FinalizePSBT(psbtx)) {

  Branch (547:9): [True: 0, False: 0]

        return false;

    }

    result = *psbtx.tx;

    for (unsigned int i = 0; i < result.vin.size(); ++i) {

  Branch (552:30): [True: 0, False: 0]

        result.vin[i].scriptSig = psbtx.inputs[i].final_script_sig;

        result.vin[i].scriptWitness = psbtx.inputs[i].final_script_witness;

    }

    return true;

}

bool CombinePSBTs(PartiallySignedTransaction& out, const std::vector<PartiallySignedTransaction>& psbtxs)

{

    out = psbtxs[0]; // Copy the first one

    // Merge

    for (auto it = std::next(psbtxs.begin()); it != psbtxs.end(); ++it) {

  Branch (564:47): [True: 0, False: 0]

        if (!out.Merge(*it)) {

  Branch (565:13): [True: 0, False: 0]

            return false;

        }

    }

    return true;

}

std::string PSBTRoleName(PSBTRole role) {

    switch (role) {

  Branch (573:13): [True: 0, False: 0]

    case PSBTRole::CREATOR: return "creator";

  Branch (574:5): [True: 0, False: 0]

    case PSBTRole::UPDATER: return "updater";

  Branch (575:5): [True: 0, False: 0]

    case PSBTRole::SIGNER: return "signer";

  Branch (576:5): [True: 0, False: 0]

    case PSBTRole::FINALIZER: return "finalizer";

  Branch (577:5): [True: 0, False: 0]

    case PSBTRole::EXTRACTOR: return "extractor";

  Branch (578:5): [True: 0, False: 0]

        // no default case, so the compiler can warn about missing cases

    }

    assert(false);

  Branch (581:5): [Folded - Ignored]

}

bool DecodeBase64PSBT(PartiallySignedTransaction& psbt, const std::string& base64_tx, std::string& error)

{

    auto tx_data = DecodeBase64(base64_tx);

    if (!tx_data) {

  Branch (587:9): [True: 0, False: 0]

        error = "invalid base64";

        return false;

    }

    return DecodeRawPSBT(psbt, MakeByteSpan(*tx_data), error);

}

bool DecodeRawPSBT(PartiallySignedTransaction& psbt, std::span<const std::byte> tx_data, std::string& error)

{

    DataStream ss_data{tx_data};

    try {

        ss_data >> psbt;

        if (!ss_data.empty()) {

  Branch (599:13): [True: 0, False: 0]

            error = "extra data after PSBT";

            return false;

        }

    } catch (const std::exception& e) {

        error = e.what();

        return false;

    }

    return true;

}

uint32_t PartiallySignedTransaction::GetVersion() const

{

    if (m_version != std::nullopt) {

  Branch (612:9): [True: 0, False: 0]

        return *m_version;

    }

    return 0;

}