How would a PSBT signer identify a non-bip32 key?


In a PSBT, version 0 or 2, how would a signer know what keypair to use for an input or an output if the keypair isn’t derived through bip32?

For inputs, assuming p2wpkh for simplicity, I suppose one can use PSBT_IN_HASH160 with the pubkey hash from the output script as keydata and the pubkey as valuedata.

But how would you identify the pubkey for an output? There is no way to convey that information via the PSBT, it seems. The signer thus needs to maintain a map from pubkey hashes to pubkeys for all its pubkeys to verify that it owns an output. Alternatively, it can calculate the pubkey hash for each pubkey it knows about until it finds a hash that matches the pubkey hash in the output. It also has to do this for every output of the transaction, since there are no hints in the psbt on which outputs are signable by the signer. The pubkeys needs to be hashed at most once, though, because you can check each pubkey hash against all outputs.

Source link

Leave a reply