diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2a51179fe..4b6657efd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,7 +8,7 @@ stages: .test_template: stage: test - image: blockstream/wallycore@sha256:060af7536b6d197b269f4e8bcab0e30fe082f656dd4738cf64ad9fd90b93e1d7 + image: blockstream/wallycore@sha256:f8409731379488d4f0b4a1692df2e4d42e8bfa952630e8174be08dc412ae4a82 tags: - ga diff --git a/CHANGES.md b/CHANGES.md index 8c5eb16f7..35de08639 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,26 @@ # Changes +## Version 1.5.4 + +### Added +- descriptor: Add support for elements confidential wallet policies. +- docker: Build amd64/arm64 multi-arch images, migrate to blockstream/wallycore. +- python: Add support and release wheels for Python 3.14. + +### Changed +- build: Move CI and docker images to Debian Trixie. +- deps: Bump libsecp256k1-zkp to current master branch, update emsdk. +- java: update source version to v17 for supported Java installs. +- js: Move to Node v24, bump fast-uri dependency. + +### Fixed +- python: Remove internal dependency on distutils (which is now deprecated). +- descriptor: Disallow leading zero in numbers/policy key indices. +- descriptor: Return WALLY_ENONMEM correctly on out-of-memory errors. +- elements: Align unblinding behaviour with elements-core. +- build: Add missing cmake defines. +- build: Various build and test fixes. + ## Version 1.5.3 ### Added @@ -7,7 +28,7 @@ - build: Add support for fuzzing wally API calls. ### Fixed -- psbt: corectly handle allocation failures in psbt_set_global_tx(). +- psbt: Corectly handle allocation failures in psbt_set_global_tx(). - tx: Avoid quadratic behaviour parsing txs with a huge number of witnesses. - tx: Fix parsing Liquid transactions with short commitments. - tx: Reject non-corresponding output as per bip341 when signing. diff --git a/README.md b/README.md index 5c1ce3ab2..d830eb97b 100644 --- a/README.md +++ b/README.md @@ -125,7 +125,7 @@ installed. For non-development use, you can install wally from PyPI with `pip` as follows: ``` -pip install wallycore==1.5.3 +pip install wallycore==1.5.4 ``` For development, you can build and install wally using: diff --git a/_CMakeLists.txt b/_CMakeLists.txt index 007729f56..978858c52 100644 --- a/_CMakeLists.txt +++ b/_CMakeLists.txt @@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.18) project( libwallycore - VERSION 1.5.3 + VERSION 1.5.4 DESCRIPTION "A collection of useful primitives for cryptocurrency wallets" LANGUAGES C ) diff --git a/configure.ac b/configure.ac index 735a205bb..9dd4fa54e 100644 --- a/configure.ac +++ b/configure.ac @@ -1,5 +1,5 @@ AC_PREREQ([2.60]) -AC_INIT([libwallycore],[1.5.3]) +AC_INIT([libwallycore],[1.5.4]) AC_CONFIG_AUX_DIR([tools/build-aux]) AC_CONFIG_MACRO_DIR([tools/build-aux/m4]) AC_CONFIG_SRCDIR([src/mnemonic.h]) diff --git a/contrib/Dockerfile_trixie b/contrib/Dockerfile_trixie index 436e7fc63..9452248c8 100644 --- a/contrib/Dockerfile_trixie +++ b/contrib/Dockerfile_trixie @@ -5,7 +5,7 @@ # and for linux/arm64: # DOCKER_BUILDKIT=1 docker build . -t blockstream/wallycore -f Dockerfile_trixie --platform linux/arm64 --build-arg TARGETARCH=arm64 # -FROM debian:trixie@sha256:35b8ff74ead4880f22090b617372daff0ccae742eb5674455d542bef71ef1999 +FROM debian:trixie@sha256:4ae67669760b807c19f23902a3fd7c121a6a70cf2ae709035674b23e712e4d62 WORKDIR /root COPY trixie_deps.sh ./deps.sh COPY requirements.txt ./contrib/requirements.txt diff --git a/docs/source/conf.py b/docs/source/conf.py index 7ce9c7eb4..72c7af06b 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -168,7 +168,7 @@ def extract_docs(infile, outfile): # built documents. # # The short X.Y version. -version = u'1.5.3' +version = u'1.5.4' # The full version, including alpha/beta/rc tags. release = version diff --git a/include/wally_core.h b/include/wally_core.h index 916105128..cb8f7ca9c 100644 --- a/include/wally_core.h +++ b/include/wally_core.h @@ -31,8 +31,8 @@ extern "C" { /** Library version */ #define WALLY_MAJOR_VER 1 #define WALLY_MINOR_VER 5 -#define WALLY_PATCH_VER 3 -#define WALLY_BUILD_VER 0x10503 +#define WALLY_PATCH_VER 4 +#define WALLY_BUILD_VER 0x10504 /** * Initialize wally. diff --git a/setup.py b/setup.py index fddb61994..b76e8cc85 100644 --- a/setup.py +++ b/setup.py @@ -172,7 +172,7 @@ def _call(args, cwd=ABS_PATH): kwargs = { 'name': 'wallycore', - 'version': '1.5.3', + 'version': '1.5.4', 'description': 'libwally Bitcoin library', 'long_description': 'Python bindings for the libwally Bitcoin library', 'url': 'https://github.com/ElementsProject/libwally-core', diff --git a/src/Makefile.am b/src/Makefile.am index 82674dbc1..977593a51 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -202,7 +202,7 @@ if SHARED_BUILD_ENABLED # Increment at every ABI change (whether breaking or non-breaking) LT_VER_CURRENT = 9 # Increment at every release, but reset to 0 at every ABI change -LT_VER_REVISION = 0 +LT_VER_REVISION = 1 # Increment at every ABI change, but reset to 0 if breaking LT_VER_AGE = 3 # The library filename will be "libwallycore.so.$((current-age)).$((age)).$((revision))", diff --git a/src/elements.c b/src/elements.c index 07566330d..b615f9dee 100644 --- a/src/elements.c +++ b/src/elements.c @@ -433,12 +433,35 @@ int wally_asset_unblind_with_nonce(const unsigned char *nonce_hash, size_t nonce &gen)) goto cleanup; - /* FIXME: check results per blind.cpp */ - - /* Extract the asset id and asset blinding factor from the message */ - memcpy(asset_out, message, ASSET_TAG_LEN); - memcpy(abf_out, message + ASSET_TAG_LEN, ASSET_TAG_LEN); - ret = WALLY_OK; + if (message_len != sizeof(message)) { + ret = WALLY_ERROR; + goto cleanup; + } else { + unsigned char msg_generator[ASSET_GENERATOR_LEN]; + unsigned char msg_commitment[ASSET_COMMITMENT_LEN]; + /* Extract the asset id and asset blinding factor from the message */ + memcpy(asset_out, message, ASSET_TAG_LEN); + memcpy(abf_out, message + ASSET_TAG_LEN, ASSET_TAG_LEN); + /* Verify extracted asset */ + ret = wally_asset_generator_from_bytes(asset_out, asset_out_len, + abf_out, abf_out_len, + msg_generator, sizeof(msg_generator)); + if (ret != WALLY_OK || memcmp(generator, msg_generator, generator_len)) { + goto mismatch; + } + /* Verify unwound value */ + ret = wally_asset_value_commitment(*value_out, vbf_out, vbf_out_len, + generator, generator_len, + msg_commitment, sizeof(msg_commitment)); + if (ret != WALLY_OK || memcmp(commitment, msg_commitment, commitment_len)) { +mismatch: + wally_clear_4(msg_commitment, sizeof(msg_commitment), + msg_generator, sizeof(msg_generator), + asset_out, asset_out_len, abf_out, abf_out_len); + ret = WALLY_ERROR; + goto cleanup; + } + } cleanup: wally_clear_3(&gen, sizeof(gen), &commit, sizeof(commit), diff --git a/src/wasm_package/package-lock.json b/src/wasm_package/package-lock.json index e276d8f5d..286974f1d 100644 --- a/src/wasm_package/package-lock.json +++ b/src/wasm_package/package-lock.json @@ -1,12 +1,12 @@ { "name": "wallycore", - "version": "1.5.3", + "version": "1.5.4", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "wallycore", - "version": "1.5.3", + "version": "1.5.4", "license": "(MIT or BSD)", "devDependencies": { "buffer": "^6.0.3", diff --git a/src/wasm_package/package.json b/src/wasm_package/package.json index fb82fd4c9..8d9acb769 100644 --- a/src/wasm_package/package.json +++ b/src/wasm_package/package.json @@ -1,6 +1,6 @@ { "name": "wallycore", - "version": "1.5.3", + "version": "1.5.4", "description": "JavaScript bindings for libwally", "main": "src/index.js", "type": "module", diff --git a/src/wasm_package/src/const.js b/src/wasm_package/src/const.js index 27e30dff2..ead3617c4 100755 --- a/src/wasm_package/src/const.js +++ b/src/wasm_package/src/const.js @@ -109,7 +109,7 @@ export const WALLY_ADDRESS_VERSION_WIF_TESTNET = 0xEF; /** Wallet Import Format export const WALLY_BIP32_CHAIN_CODE_LEN = 32; export const WALLY_BIP32_TWEAK_SUM_LEN = 32; export const WALLY_BTC_MAX = 21000000; -export const WALLY_BUILD_VER = 0x10503; +export const WALLY_BUILD_VER = 0x10504; export const WALLY_CA_PREFIX_LIQUID = 0x0c; /** Liquid v1 confidential address prefix */ export const WALLY_CA_PREFIX_LIQUID_REGTEST = 0x04; /** Liquid v1 confidential address prefix for regtest */ export const WALLY_CA_PREFIX_LIQUID_TESTNET = 0x17; /** Liquid v1 confidential address prefix for testnet */ @@ -153,7 +153,7 @@ export const WALLY_NETWORK_LIQUID_TESTNET = 0x05; /** Liquid v1 testnet */ export const WALLY_NETWORK_NONE = 0x00; /** Used for miniscript parsing only */ export const WALLY_NO_CODESEPARATOR = 0xffffffff; /* No BIP342 code separator position */ export const WALLY_OK = 0; /** Success */ -export const WALLY_PATCH_VER = 3; +export const WALLY_PATCH_VER = 4; export const WALLY_PSBT_COMBINE_SIGS = 0x1; /* Combine the signatures from a signature-only PSBT */ export const WALLY_PSBT_EXTRACT_FINAL = 0x0; /* Extract a final transaction; fail if any inputs aren't finalized */ export const WALLY_PSBT_EXTRACT_NON_FINAL = 0x1; /* Extract without any final scriptsig and witness */