Implementing proof of reserves

[ulrichard]

Description

Adding a module that allows the construction of "proof of reserves" PSBTs and the verification thereof.

Notes to the reviewers

There will be an accompanying PR in bdk-cli. I will paste the URL here, once it's created.
https://github.com/ulrichard/bdk-cli/tree/reserves
But it builds upon this one:
bitcoindevkit/bdk-cli#28

Checklists

All Submissions:

• I've signed all my commits
• I followed the contribution guidelines
• I ran cargo fmt and cargo clippy before committing

New Features:

• I've added tests for the new feature
• I've added docs for the new feature
• I've updated CHANGELOG.md

[notmandatory]

@nicolasburtey heard you on SLP and that you are looking into proof of reserve for your project. I would be interested to have your feedback on if you think this PR is in the right direction.

[afilini]

I'm not a big fan of adding extra dependencies, even if they are only used during tests since they increase compilation times. Is there a different way to achieve the same result without adding this extra dependency?

[ulrichard]

I'm sure it would be possible with some macro magic. But I don't know rust macros good enough yet.

[afilini]

Ok, we can leave this open for the meantime and once everything else is done I'll help you out with the macro

[ulrichard]

I'm not sure if it would make sense to copy the outpoints into a sorted container for faster lookups here.

[nicolasburtey]

@notmandatory super cool I'll have a look. thanks.

[notmandatory]

@ulrichard I have a meta question also about this PR. It seems that you don't need to access any wallet internals to create or validate a proof of reserve. So how would you feel about making this it's own repo here in the bitcoindevkit project? I think this would make it easier to iterate on the PoR concepts and release on your own schedule. And you can still have pub extern crate bdk so anyone using your crate will have full access to bdk wallet features.

[ulrichard]

@ulrichard I have a meta question also about this PR. It seems that you don't need to access any wallet internals to create or validate a proof of reserve. So how would you feel about making this it's own repo here in the bitcoindevkit project? I think this would make it easier to iterate on the PoR concepts and release on your own schedule. And you can still have pub extern crate bdk so anyone using your crate will have full access to bdk wallet features.

I'm still fairly new to rust, and thus still learning how to structure projects. If you think that's better, it's fine with me.

1. Do you have naming conventions for stuff like that? How about "bdk-reserves"?
2. Can I just create the project, and you add it to the bitcoindevkit project, or is it better if you create it first?

[notmandatory]

I'm still fairly new to rust, and thus still learning how to structure projects. If you think that's better, it's fine with me.

Thanks, we're still figuring it out too, but I think in this case since proof of reserve is still an experimental topic it makes sense for it to live in it's own repo.

1. Do you have naming conventions for stuff like that? How about "bdk-reserves"?

We don't have an official convention, the most important thing is that the name isn't taken in https://crates.io yet. The name bdk-reserves is a available.

2. Can I just create the project, and you add it to the `bitcoindevkit` project, or is it better if you create it first?

It's probably easier if you create the repo in your account and then when you have it ready to re-review you can transfer it to the bitcoindevkit project. I don't think your code will need to change much, you should still be able to implementing the ProofOfReserves trait on Wallet. And I think this could be a good dev model for how other experimental features (mixing, DLCs, stuff like that), could be built on bdk.

[rajarshimaitra]

Hello @ulrichard , I haven't looked into the PR in detail yet, but judging from the overall objective is it something similar to BIP322? That BIP is a generic message signing protocol using specially formed Bitcoin transactions. And one of the major applications of such generic signing is "Proof of Reserve", as outlined here.

My understanding is BIP322 can be used for many things including proof of reserve, so maybe you might wanna try to include that standard in your implementation?

Unfortunately, there is no working implementation of BIP322 and rust-miniscript had a feature request open for it for some time now. As far as my understanding, nobody in Blockstream has time to write it, but they would appreciate PRs.

I have worked on a very rough sketch of it a few months ago trying to layout how basic BIP322 rust structures might look like. rust-bitcoin/rust-miniscript#240

It's not complete but it does basic BIP322 functions of signing and verifying. That might be something of your interest?

I am also happy to put in hands with you finishing BIP322 (it has been stale for some time now) and BDK can simply use that (it already has rust-miniscript dependency), if that aligns with your need.

Overall I feel this magic should reside in some upstream rust library like rust-miniscript or rust-bitcoin instead of wallet tools. Wallet tools like BDK can then simply expose simple APIs to use it.

[ulrichard]

Hello @ulrichard , I haven't looked into the PR in detail yet, but judging from the overall objective is it something similar to BIP322? That BIP is a generic message signing protocol using specially formed Bitcoin transactions. And one of the major applications of such generic signing is "Proof of Reserve", as outlined here.

My understanding is BIP322 can be used for many things including proof of reserve, so maybe you might wanna try to include that standard in your implementation?

Unfortunately, there is no working implementation of BIP322 and rust-miniscript had a feature request open for it for some time now. As far as my understanding, nobody in Blockstream has time to write it, but they would appreciate PRs.

I have worked on a very rough sketch of it a few months ago trying to layout how basic BIP322 rust structures might look like. rust-bitcoin/rust-miniscript#240

It's not complete but it does basic BIP322 functions of signing and verifying. That might be something of your interest?

I am also happy to put in hands with you finishing BIP322 (it has been stale for some time now) and BDK can simply use that (it already has rust-miniscript dependency), if that aligns with your need.

Overall I feel this magic should reside in some upstream rust library like rust-miniscript or rust-bitcoin instead of wallet tools. Wallet tools like BDK can then simply expose simple APIs to use it.

Hi @rajarshimaitra, Yes BIP322 along with BIP127 were the main inspirations. Of which I followed BIP127 more closely.
I didn't realize BIP322 could be implemented in miniscript. I'll have a look at your PR.

[notmandatory]

Closing the PR and will work with @ulrichard on his https://github.com/ulrichard/bdk-reserves repo instead.