Commit Graph

191 Commits

Author SHA1 Message Date
Fmt Bot 4b5c6dd547 2025-06-08 automated rustfmt nightly 2025-06-08 01:44:53 +00:00
Tobin C. Harding b27d8e5819
Change the internal representation of FeeRate
To get more precision use sats per million virtual bytes.

To make review easier keep most calls in tests using
`FeeRate::from_sats_per_kwu` and just unwrap. These can likely be
cleaned up later on if we want to.

For `serde` just change the module to `_floor` and leave it at that. The
serde stuff likely needs re-visiting before release anyways.
2025-05-31 07:52:31 +01:00
Tobin C. Harding b929022d56
Add floor/ceil versions of to_sat_per_kwu
In preparation for changing the inner representation of `FeeRate` add
floor and ceil versions of the getter function `to_sat_per_kwu`.

For now both functions return the same thing but still call the
correct one so that when we change the representation we do not need
to re-visit them.
2025-05-31 07:51:59 +01:00
merge-script 5e0b86d2b1
Merge rust-bitcoin/rust-bitcoin#4440: Add support for de/serializing PSBT_{IN,OUT}_MUSIG2_PARTICIPANT_PUBKEYS
2481695b45 Add tests for BIP-373 PSBT_{IN,OUT}_MUSIG2_PARTICIPANT_PUBKEYS serialization and deserialization (Daniel Roberts)
3e8e6d9aa1 Add BIP-373 PSBT_{IN,OUT}_MUSIG2_PARTICIPANT_PUBKEYS serialization and deserialization (Daniel Roberts)

Pull request description:

  This change adds support for serializing and deserializing two PSBT keys from BIP-373: `PSBT_IN_MUSIG2_PARTICIPANT_PUBKEYS` and `PSBT_OUT_MUSIG2_PARTICIPANT_PUBKEYS`

  This is a part of #4207 that can be implemented independently of the rest (which depends on https://github.com/rust-bitcoin/rust-secp256k1/pull/716). I believe this satisfactorily avoids changing things multiple times on end users, *however* it's not *completely* transparent to end users, since any code that currently accesses these fields through `unknown` will need to be updated. Later, when `PSBT_IN_MUSIG2_PUB_NONCE` and `PSBT_IN_MUSIG2_PARTIAL_SIG` are supported, code will need to be updated a second time to retrieve them from the correct place instead of `unknown`. I'm of the opinion that this imposes a very minor maintenance burden, only consisting of *removing* deserialization code.

  ### Notes/Requests for feedback

  - For the most part I used my judgement rather than `cargo fmt` since `cargo fmt` already had a lot of other complaints, but of course I'll update if I need to.
  - To satisfy the requirement that every commit pass tests, the commit updating the psbt serde regression test should probably be squashed into the first commit, but I just wanted to confirm that before I did it. I suppose similarly, the test commit could be squashed as well?
  - I waffled between `musig2_participants` and `musig2_participant_pubkeys`, but I've decided to go with `musig2_participant_pubkeys` because that is consistent with Bitcoin Core

ACKs for top commit:
  tcharding:
    ACK 2481695b45
  apoelstra:
    ACK 2481695b456bcccbb25c247c1fd39bbda24dbb30; successfully ran local tests

Tree-SHA512: af884923593c9cbb24ff3f1f08219458538592fabde85d5d65bc2d9bc7bf0b1a73dac38d2c56303b4f3162088db129ea7e879c3d4b324e965933c121ef939a07
2025-05-26 19:17:48 +00:00
Daniel Roberts 2481695b45 Add tests for BIP-373 PSBT_{IN,OUT}_MUSIG2_PARTICIPANT_PUBKEYS serialization and deserialization 2025-05-25 08:28:16 -05:00
Fmt Bot c73131c8f0 2025-05-25 automated rustfmt nightly 2025-05-25 01:42:57 +00:00
merge-script ecf4b2bcee
Merge rust-bitcoin/rust-bitcoin#4496: BREAKING: Change Psbt serde implementations
9aa235c24d BREAKING: Change Psbt serde implementations (Daniel Roberts)
d7e9a84339 Fix Psbt preimage keys in serde test (Daniel Roberts)
62026c1e2d Don't use PSBT_GLOBAL_XPUB as an unknown key in Psbt serde test (Daniel Roberts)

Pull request description:

  Implements the conclusion of #3454 by serializing Psbts using the BIP-174 binary encoding, optionally using base64 where appropriate.

  The core of the problem is the old derived serde implementation by its nature can't be backwards compatible when serialized in binary formats like bincode. Fields will be added to the Psbt (my motivating case in #4440 ) and this will always break formats like bincode.

ACKs for top commit:
  apoelstra:
    ACK 9aa235c24d65d23de2afc21fcbd019892bf4ad2a; successfully ran local tests
  tcharding:
    ACK 9aa235c24d

Tree-SHA512: 4dc9dbf1a71f06769d74fada7e3d5557a3df3ee78769c66c2d8480c434baa0abd2efba555137563af58da2cc1d545813eb43b6c696b363a5777a9836bc1b7382
2025-05-24 16:03:33 +00:00
merge-script 1c07916777
Merge rust-bitcoin/rust-bitcoin#4538: Use `_u32` in `FeeRate` constructor instead of `_unchecked`
a1ce2d1ac8 Use _u32 in FeeRate constructor instead of _unchecked (Tobin C. Harding)

Pull request description:

  When constructing an `Amount` it was observed recently that a `u32` is often big enough. For the same reason we can use a `u32` to construct a fee rate instead of overflowing.

  Use `_u32`in the constructor and remove the panic.

ACKs for top commit:
  apoelstra:
    ACK a1ce2d1ac8d646b63532ed9ac459ffea39ec8c20; successfully ran local tests

Tree-SHA512: 339974c954ad613b0be684f7b2fa1402f59fe401969f3785a702ffbb14ac913ecf4c8228240d068ba4b482e38263590154167a071d823ccc9b4d0691036ca484
2025-05-23 16:18:59 +00:00
Daniel Roberts 9aa235c24d BREAKING: Change Psbt serde implementations
Replace derived Psbt serde implementation with one that conforms to
BIP-174. In human readable serde contexts, serialize to the base64
encoded format, and in binary serde contexts, serialize to the raw
binary format.

The previous derived serde implementation cannot be used in a backward or
forward compatible way in binary formats like bincode, which means that
every field added to the Psbt struct would break serde de/serialization
into binary formats. Instead, this one-time breaking change will fix the
issue going forward.

Downstream users with persisted data in the old serde format should continue
using 0.32.x to create migrations to the new format.
2025-05-22 16:41:05 -05:00
Daniel Roberts d7e9a84339 Fix Psbt preimage keys in serde test
The preimage values in the serde Psbt don't actually correspond to the
hash keys they should in the serde test. This doesn't cause an error
currently because the derived serde implementation doesn't enforce their
validity during deserialization, but it will when the serde
implementation is modified to use the BIP-174 format.
2025-05-22 16:40:23 -05:00
Daniel Roberts 62026c1e2d Don't use PSBT_GLOBAL_XPUB as an unknown key in Psbt serde test
The previous test used global key id 1 which is not unknown, it's PSBT_GLOBAL_XPUB.
That's an inconsistent state for a Psbt to be in, and will cause a
deserialization error when the Psbt serde implementation is modified to
use the BIP-174 format.
2025-05-22 16:38:57 -05:00
Tobin C. Harding 7e67737393
Use / to divide fee by weight
Looks like this code was written before we added support for dividing
`Amount` by `Weight`.

Refactor, no logic change.
2025-05-22 10:48:08 +10:00
Tobin C. Harding a1ce2d1ac8
Use _u32 in FeeRate constructor instead of _unchecked
When constructing an `Amount` it was observed recently that a `u32` is
often big enough. For the same reason we can use a `u32` to construct a
fee rate instead of overflowing.

Use `_u32`in the constructor and remove the panic.
2025-05-22 10:47:34 +10:00
merge-script fa52a31ace
Merge rust-bitcoin/rust-bitcoin#4527: Automated nightly rustfmt (2025-05-18)
d9ec934251 2025-05-18 automated rustfmt nightly (Fmt Bot)

Pull request description:

  Automated nightly `rustfmt` changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action

ACKs for top commit:
  tcharding:
    ACK d9ec934251
  apoelstra:
    ACK d9ec93425102a014fc495d0918f40ff0f3629e2b; successfully ran local tests

Tree-SHA512: 9f1914af1375443e421ab5309ef8af0f64aa0b3dd03a4cde15b8315d1453f43f35533ae31a7295a83599e7e5ce081149c97f63bbab21e371d60b9401baecc941
2025-05-20 14:43:01 +00:00
merge-script 9310942888
Merge rust-bitcoin/rust-bitcoin#4529: psbt: replace the fee rate magic numbers with named constants in tests
ade7ea5fcf psbt: replace the fee rate magic numbers with named constants in tests (frankomosh)

Pull request description:

  Replace a hardcoded fee rate numbers in PSBT high-fee checks test with named constants.

  Close #4378

ACKs for top commit:
  tcharding:
    ACK ade7ea5fcf
  apoelstra:
    ACK ade7ea5fcfc1d00a7cb3c35b4022a4543a7efe1d; successfully ran local tests

Tree-SHA512: fa02217940ae32f00164c762c82ecb6bd28da58e5ad44165124a7ad44367d7d0f752e7ab189b991edb2460c449bbd0a83df16a47b082f6755bd9e9d38e398cd8
2025-05-19 17:48:54 +00:00
frankomosh ade7ea5fcf psbt: replace the fee rate magic numbers with named constants in tests
Replace a hardcoded fee rate numbers in PSBT high-fee checks test with named
constants.

Close #4378
2025-05-18 22:04:41 +03:00
Fmt Bot d9ec934251 2025-05-18 automated rustfmt nightly 2025-05-18 01:40:39 +00:00
Tobin C. Harding 29b12bec6b
Remove Display/FromStr for FeeRate
Parsing and displaying strings is a PITA. `FeeRate` is likely not that
heavily used at the moment and users can always just call
`to_sat_per_kwu()` to format it.

So we can get the `units-1.0-alpha.0` release out the door just remove
the `Display` and `FromStr` impls for now. They can be added back in
later when we have time to get #4339 in.
2025-05-17 08:20:17 +10:00
merge-script 7d4b40dfd4
Merge rust-bitcoin/rust-bitcoin#4410: Wrap secp256k1::XOnlyPublicKey to improve error handling
c11772a768 Accept flexible input types for Taproot-related functions (Erick Cestari)
2a518d62e6 Wrap secp256k1::XOnlyPublicKey to improve error handling (Erick Cestari)

Pull request description:

  This PR addresses issue #4361 by creating a wrapper type for XOnlyPublicKey instead of directly re-exporting it from the secp256k1 library.

  ### Key Changes

  1. Created a new `XOnlyPublicKey` struct that wraps `secp256k1::XOnlyPublicKey`
  2. Implemented custom error types:
      - `ParseXOnlyPublicKeyError` for handling parsing errors
      - `TweakXOnlyPublicKeyError` for tweaking an `XOnlyPublicKey`
  3. Updated all imports and usage throughout the codebase
  4. Implemented necessary traits and methods for compatibility

  Closes #4361

ACKs for top commit:
  apoelstra:
    ACK c11772a768eefd89dcc0e3b1a369d535c191f94a; successfully ran local tests
  tcharding:
    ACK c11772a768

Tree-SHA512: c8da3486e7ffcab6c24cc08f9b2f964dd9158449ef2bd720e54d56176bc7027052314ea23cac3f673d217fa785238ea8a9b5323ba57f02199f20e56df5893965
2025-05-07 17:01:31 +00:00
Erick Cestari 2a518d62e6
Wrap secp256k1::XOnlyPublicKey to improve error handling
This commit creates a wrapper type for XOnlyPublicKey instead of
directly re-exporting it from the secp256k1 library.
2025-05-06 09:01:17 -03:00
merge-script 082075304e
Merge rust-bitcoin/rust-bitcoin#4373: Add as_inner method to TweakedKeypair
3bb6c73f2d Add methods to retrieve inner types (Shing Him Ng)

Pull request description:

  Resolves #4345

ACKs for top commit:
  tcharding:
    ACK 3bb6c73f2d
  apoelstra:
    ACK 3bb6c73f2d3edd1165b7b7f3a833fa471786e166; successfully ran local tests; should backport to 0.32.x

Tree-SHA512: c89017bbc2126ec62c756c4ee9b49dcc8b94a3063a8155aadcf7c69a6f0bc9337baedffe7f52a4ab6f0b738302bea683391d394483c4c7eefbb622b97d34d26c
2025-05-03 23:24:19 +00:00
Shing Him Ng 3bb6c73f2d Add methods to retrieve inner types
For TweakedKeypair, `to_inner` is also renamed to `to_keypair` to maintain
consistency. Similarly, `to_inner` is renamed to `to_x_only_pubkey` for
TweakedPublicKey
2025-05-01 08:24:43 -05:00
merge-script ee037042ae
Merge rust-bitcoin/rust-bitcoin#4387: bip32: overhaul error types and add a "maximum depth exceeded" error
b9a12043b0 bip32: return error when trying to derive a path too deep (Andrew Poelstra)
73781e047b bip32: rename Error to ParseError (Andrew Poelstra)
a66ad97fb6 bip32: split InvalidChildNumber and InvalidChildNumberFormat out of error (Andrew Poelstra)
a891fb9b74 bip32: remove unused error variants (Andrew Poelstra)
f0a237c001 bip32: split out DerivationError from the main error enum (Andrew Poelstra)
32d96f6c33 bip32: make Xpriv::new_master be infallible (Andrew Poelstra)
0e5e021b69 bip32: change several cryptographically unreachable paths to expects (Andrew Poelstra)

Pull request description:

  This PR makes a first pass at splitting the `bip32::Error` type into multiple distinct types -- one for derivation (which can fail if you try to derive a hardened child of an xpub, or if you try to derive too many layers), one for parsing child numbers or derivation paths, and one for parsing xkeys. Along the way it cleans up a ton of weird things and typos, e.g. the psbt `GetKeyError` having an unused `Bip32` variant whose display text references "bip 23".

  Because all the error types get renamed, every part of this PR is an API break, but only the last commit is a "real" API break which uses the new `DerivationError::MaximumDepthExceeded` error variant to return an error when trying to derive a path of length 256 or longer. This means that `Xpriv::derive_xpriv` again returns an error result.

  I will make a simpler version of this last commit suitable for backporting to 0.32.x. (In 0.32.x `Xpriv::derive_priv` returns an error, so we can change it to error out on max-depth-exceeded without breaking the API. Sadly most users are likely to be unwrapping the error because in 0.32.x currently the error path is cryptographically unreachable...but at least this way the panic will be in their control rather than ours.)

  Fixes https://github.com/rust-bitcoin/rust-bitcoin/issues/4308

ACKs for top commit:
  tcharding:
    ACK b9a12043b0

Tree-SHA512: 688826126ff24066c6de9de3caa73db68c516ba8893d64d9226a498774a2fb9db7d7fd797375c6b3f820588c178632e1e6e8561022dfa7042a560582bf1509b4
2025-04-30 13:12:01 +00:00
Andrew Poelstra b9a12043b0
bip32: return error when trying to derive a path too deep
This restores the Result return from derive_xpriv which we had removed
in a previous PR, but such is life.

Fixes #4308
2025-04-29 23:09:32 +00:00
Andrew Poelstra 73781e047b
bip32: rename Error to ParseError
The bip32::Error enum is now exclusively used for errors related to
parsing and decoding. It is still a little messy (mainly: it contains a
base58 variant which is used when parsing a string but not when decoding
from bytes) but much cleaner than it was.
2025-04-29 23:09:30 +00:00
Tobin C. Harding 5d5a19793a
Run the formatter 2025-04-28 13:44:24 +10:00
Tobin C. Harding c27b95fb0d
Make script to/from hex use consensus encoding
I'm not sure why we do not use consensus encoding currently for encoding
and decoding scripts to/from hex strings. Many tests include hard coded
hex which do not include the length prefix.

- Add a pair of encoding functions to encode/decode to/from hex without
the length prefix.
- Make `to_hex` and `from_hex` expect the length prefix i.e., use
consensus encoding.

This makes the API easier to use because the various encoding APIs can
be use together now eg `consensus::encode_hex` and `ScriptBuf::from_hex`.
2025-04-28 13:39:44 +10:00
Andrew Poelstra 32d96f6c33
bip32: make Xpriv::new_master be infallible
The only error path for this is cryptographically unreachable and was
removed in a previous commit.
2025-04-22 14:45:36 +00:00
Tobin C. Harding d6296cd3d1
Remove usage of hex::test_hex_unwrap
We have the `hex_lit` dependency for converting a hex string literal
to an array.

Currently we have a `test_hex_unwrap` macro in the `hex v0.3.0` release
but not on either `master` or the upcoming `v1.0.0-alpha.0` release.
This is making PRs around releasing and depending on the release more
noisy than required.

Use `hex_lit::hex` where possible (often needing an additional call to
`to_vec()`) and where not possible use `Vec::from_hex`.
2025-04-11 06:49:06 +10:00
Erick Cestari 069d2fd07e Add XOnlyPublicKey support for PSBT key retrieval and improve Taproot signing
This commit enhances PSBT signing functionality by:

1. Added new KeyRequest::XOnlyPubkey variant to support direct retrieval using XOnly public keys
2. Implemented GetKey for HashMap<XOnlyPublicKey, PrivateKey> for more efficient Taproot key management
3. Modified HashMap<PublicKey, PrivateKey> implementation to handle XOnlyPublicKey requests by checking both even and odd parity variants

These changes allow for more flexible key management in Taproot transactions.
Specifically, wallet implementations can now store keys indexed by either
PublicKey or XOnlyPublicKey and successfully sign PSBTs with Taproot inputs.

Added tests for both implementations to verify correct behavior.

Added test for odd parity key retrieval.

Closes #4150
2025-03-21 11:28:54 -03:00
Andrew Poelstra 05c8b043ff
tests: replace Amount::from_sat_unchecked with from_sat.unwrap
There are only 7 instances of this so just call .unwrap() on each one.
2025-03-18 19:27:53 +00:00
Andrew Poelstra beaa2db7e5
amount: add from_sat_i32 and from_sat_u32 methods for small constants
We have a ton of calls to `from_sat_unchecked` for small constants which
were clearly in range, e.g. in fee.rs. Add a new constfn for these
cases. Don't bother making a generic Into<u32>/Into<u16> variant because
there isn't an obvious name for it.

There are 7 instances where we're using this method with values that are
out of range, which we leave as from_sat_unchecked for now.
2025-03-18 19:27:53 +00:00
Fmt Bot a74e08a53d 2025-03-16 automated rustfmt nightly 2025-03-16 01:25:25 +00:00
Tobin C. Harding ab4ea7c13d
Enforce the MAX_MONEY invariant in amount types
Enforcing the MAX_MONEY invariant is quite involved because it means
multiple things:

- Constructing amounts is now fallible
- Converting from unsigned to signed is now infallible
- Taking the absolute value is now infallible
- Integer overflow is illuminated in various places

Details:

- Update from_sat to check the invariant
- Fix all docs including examples
- Use the unchecked constructor in test code
- Comment any other use of the unchecked constructor
- Deprecate unchecked_abs
- Fail serde (using the horrible string error variant)
- Try not to use the unchecked constructor in rustdocs, no need to encourage unsuspecting users to use it.
- Use ? in rustdoc examples (required by Rust API guidlines)
- Remove TryFrom<Amount> for SignedAmount because the conversion is now infallible. Add a From impl.
- Fix the arbitrary impls
- Maintain correct formatting
- Remove private check_max function as its no longer needed
2025-03-13 09:07:14 +11:00
Tobin C. Harding 938461cc65
psbt: Use Amount::ZERO in unit test
We have a const for this, use it.

Internal change only.
2025-03-11 05:32:06 +11:00
merge-script 644adb4c18
Merge rust-bitcoin/rust-bitcoin#4177: Manually update nightly version
a4b9c196b1 Manually update nightly version (Tobin C. Harding)

Pull request description:

  While trying to use the `macro_use_imports` lint I found that there is a bug in last weeks nightly. It has been fixed already so lets update.

  Update to todays nightly compiler. Doing so causes some new linter warnings, for now we just allow them.

ACKs for top commit:
  apoelstra:
    ACK a4b9c196b13a2029ef0de198114a29c71a192d03; successfully ran local tests

Tree-SHA512: a982ba05713c214af3b9375ecf37b66aea07ec0330392c30d2dbe3c9b40e1219b587ee43222f2355292b9b374a6a1d8a19d18b559bb47d33e544ed78509a51b8
2025-03-04 21:47:20 +00:00
Tobin C. Harding a4b9c196b1
Manually update nightly version
While trying to use the `macro_use_imports` lint I found that there is a
bug in last weeks nightly. It has been fixed already so lets update.

Update to todays nightly compiler. Doing so causes some new linter
warnings, for now we just allow them.
2025-03-03 15:05:55 +11:00
19年梦醒 f80cf2cb2a
update secp256k1 to 0.30.0 2025-03-02 23:31:48 +08:00
Tobin C. Harding 6244cb75fa
Introduce monadic AmountOpResult
We would like to return an error when doing math ops on amount types.
We cannot however use the stdlib `Result` or `Option` because we want to
implement ops on the result type.

Add an `AmountOpResult` type. Return this type from all math operations
on `Amount` and `SignedAmount`.

Implement `core::iter::Sum` for the new type to allow summing iterators
of amounts - somewhat ugly to use, see tests for example usage.
2025-02-10 10:06:59 +11:00
Martin Habovstiak a9ffb1571c Stop using `TxOut::NULL` in tests
We want to get rid of this constant, so we replace it in tests with 0
amount, empty script. Notably, the tests were already using it as a
dummy value - the exact amount was irrelevant, so this change doesn't
break anything.
2025-01-29 23:02:41 +01:00
Fmt Bot 8bdd67a368 2025-01-12 automated rustfmt nightly 2025-01-12 01:23:13 +00:00
merge-script 515a66b854
Merge rust-bitcoin/rust-bitcoin#3839: Use `_unchecked` to construct amounts
a7c44cebf9 Use _unchecked to construct amounts (Tobin C. Harding)
09df951760 Use sat variable in tests (Tobin C. Harding)
4a5b2c60c6 Use ssat variable in tests (Tobin C. Harding)

Pull request description:

  We have a `_unchecked` constructor now for both `Amount` and `SignedAmount`. Soon we would like to start enforcing the `MAX_MONEY` invariant in both amount types. To make that change easier do a few refactorings:

  - Patch 1 and 2 introduce local variables for amount constructors.
  - Patch 3 replaces the local variables introduce in  (1) and (2) with macros
  - Patch 4 uses `_unchecked` constructor for hard coded integers

  The strange patch separation is done intentionally so we don't inadvertently reduce test coverage by using the wrong constructor. I made this mistake already in a previous PR, lesson learned.

  Note please, the macro introduced in patch 3 is in preparation for enforcing `MAX_MONEY`. The macros allow us to panic (`from_sat().unwrap()`) instead of using the `_unchecked` version.

ACKs for top commit:
  apoelstra:
    ACK a7c44cebf9975c4eeba56a65c0ea65be90e5c7f3; successfully ran local tests

Tree-SHA512: 55c2428ae231882542a4cfa724675341f7b493d158f4bec26277d3eefb04d9597cc29b05dce859661a96855fa6f4bac250d53c3dfa9f86a9611d43387ee18667
2025-01-08 04:08:39 +00:00
Tobin C. Harding a7c44cebf9
Use _unchecked to construct amounts
We have a `_unchecked` constructor now for both `Amount` and
`SignedAmount`. In preparation for enforcing the `MAX_MONEY` invariant
use the `_unchecked` constructor throughout the codebase to construct
amounts from hard coded integer values.
2025-01-06 13:14:21 +11:00
Shing Him Ng f94c7185fd Remove usage of impl_from_infallible in crates
Rust macros, while at times useful, are a maintenance nightmare. And
we have been bitten by calling macros from other crates multiple times
in the past.

In a push to just use less macros remove the usage of the
`impl_from_infallible` macro in the bitcoin, units, and internals crates
and just write the code.
2025-01-04 23:46:12 -06:00
Tobin C. Harding 85e04315d5
Remove test_ prefix from unit tests
There is a loose convention in Rust to not use `test_` prefix. The
reason being that `cargo test` outputs 'test <test name>' using the
prefix makes the output stutter.

This patch smells a bit like code-churn but having the prefix in some
places and not others is confusing to new contributors and is leading me
to explain this many times now. Lets just fix it.

Remove the prefix unless doing so breaks the code.
2025-01-02 10:06:50 +11:00
yancy 774f066879 refactor: Change from u64 to Amount
The Amount type provides better type safety and is more appropriate in
this context than u64.  Currently the checked arithmetic operations for
Amount and u64 are identical in behavior.  Therefore, this refactor does
not result in any behavior change and is purely cosmetic.
2024-12-23 13:03:53 -06:00
Jamil Lambert, PhD e56f461916
Make capitalization of SegWit uniform in strings 2024-12-17 14:49:01 +00:00
Jamil Lambert, PhD 3520e832ac
Make capitalization of SegWit uniform in rustdocs 2024-12-17 14:28:28 +00:00
Tobin C. Harding 3ac9b2ded2
Remove unnecessary type
`hex_psbt` returns `Psbt`, no need for the explicit type.

Internal change only.
2024-12-13 09:00:41 +11:00
Jamil Lambert, PhD 6950c0a7b5
Change `Amount::MAX` to equal `MAX_MONEY`
To prevent rounding errors converting to and from f64 change
`Amount::MAX` to `MAX_MONEY` which is below the limit in f64 that has
issues.

Add checks to `from_str_in`, `checked_add` and `checked_mul` that the
result is below MAX, where previously a u64 overflow was relied on.

Change tests to account for new lower MAX that is within the range of
SignedAmount and does not overflow so easily

Remove overflow tests

`Amount::MAX` is now below `u64::MAX` and within the range of values for
`SignedAmount`.   These tests therefore do not overflow.
In effective_value there is no error with `Amount::MAX` and the correct
value is returned.
In psbt the removed test is effectively the same as the previous test.

Modify `Amount` tests to work with new `MAX`

Tests need to be changed that checked values above the new `MAX` or
`Amount::MAX` was out of range for `SignedAmount` which it isn't anymore
2024-12-04 14:17:00 +00:00