Skip to content

WIP: Add Silent Payments + BIP 375 Support#587

Draft
macgyver13 wants to merge 13 commits intoColdcard:new_edgefrom
macgyver13:silentpayments-bip375-psbt
Draft

WIP: Add Silent Payments + BIP 375 Support#587
macgyver13 wants to merge 13 commits intoColdcard:new_edgefrom
macgyver13:silentpayments-bip375-psbt

Conversation

@macgyver13
Copy link
Copy Markdown

@macgyver13 macgyver13 commented Nov 26, 2025
edited
Loading

Tested with Sparrow Air Gapped Wallet commit a6081970 and simulator on mainnet

After putting together some python BIP 375 examples I took a look at the coldcard firmware and discovered it would be a easy lift to create a Proof of Concept to evaluate silent payments since PSBTv2 was already supported. This PR focuses on core behavior and minimal UI/UX changes.

The commits were organized to make review as easy as possible. There are some # TODO: in code where I don't have enough knowledge to make a decision at this time. Appreciate your feedback and advice on this PR.

TODOs:

  • verify silent payments labeled address handling
  • (partial) verify multi sig silent payment workflows - need to implement on wallet coordinator side first
  • (partial) address edge cases / attack scenarios
  • (on hold) test on real hardware - evaluate memory and performance
  • (partial) proper UI/UX for Silent Payments

Screenshots

Updated UX with - silent payment address - appended to - to address -

SHIFT SYM CAPS SHIFT SYM CAPS SHIFT SYM CAPS

Contribute Shares Prompt

0F056943EDGE

@macgyver13 macgyver13 mentioned this pull request Nov 26, 2025
Open
@macgyver13 macgyver13 force-pushed the silentpayments-bip375-psbt branch from e065256 to 4923edd Compare December 4, 2025 22:37
scgbckbone
scgbckbone reviewed Dec 5, 2025
View reviewed changes
@macgyver13 macgyver13 force-pushed the silentpayments-bip375-psbt branch from 4923edd to c5b5977 Compare December 5, 2025 21:28
@FreeOnlineUser FreeOnlineUser mentioned this pull request Jan 7, 2026
Open
nymius
nymius reviewed Jan 30, 2026
View reviewed changes
@scgbckbone scgbckbone mentioned this pull request Mar 18, 2026
Open
@macgyver13 macgyver13 force-pushed the silentpayments-bip375-psbt branch from 2554014 to b39d529 Compare March 26, 2026 13:29
@macgyver13 macgyver13 marked this pull request as draft March 26, 2026 13:33
macgyver13 added 13 commits March 26, 2026 21:17
@macgyver13
nit: mark bitcoind dependent sign tests
7887701
@macgyver13
bump submodule versions
d50ab56 
external/ckcc-protocol
external/libngu
@macgyver13
BIP-352: Implement Silent Payment Cryptographic Primitives
b243727 
update libngu
- add interface for s_ec_pubkey_tweak_mul
- add interface for s_ec_pubkey_combine
add bip352 crypto primitives / helpers
add bip352 tagged hashes
@macgyver13
BIP-374: Implement DLEQ Proof Generation and Verification
c516610 
add bip374 tagged hashes
add dleq bip374 reference generate_dleq_proof, verify_dleq_proof functions
@macgyver13
SP: Add SilentPaymentsMixin
64795d2 
extend psbt handling with silent payment specific functions
incorporate BIP375 test validation functions
- psbt_structure, input_eligibility, ecdh_coverage
@macgyver13
fix: (psbt v2) structural changes
0b2b60d 
only store key_data for short_values - remove key_type
only serialize PSBT_OUT_SCRIPT if self.script has a value
adjust v2 script assert to not required if sp_v0_info is present
@macgyver13
fix: (usb_test) Use single namespace dict so globals and locals are u…
03197ad 
…nified

provides silent payments testing framework with access to MockPSBT
@macgyver13
BIP-375: Add Silent Payments Test Vectors
e31c9d3 
migrate test_silentpayments to use simulator and bip375_test_vectors.json
- add devtest/unit_silentpayments.py
- add devtest/verify_sp_outputs.py
mirror psbt fields in testing/psbt
correct input eligibility ecdh share assumptions
@macgyver13
BIP-375: Implement Silent Payment PSBT Signing
0a40e1e 
integrate preview silent payment address as output in auth workflow
integrate silent payments in signing workflow
add sp_hrp property to chains
add silent payments fields to psbt
@macgyver13
BIP-376: Handle spending silent payment outputs
7983568 
refactor _derive_input_privkey
use sp_tweak when spending silent payment output
@macgyver13
SP: Add integration tests - test_silentpayments_sign.py
45507e9 
create end-to-end tests for silent payments
handle sp_tweak tweak parity when matching private key
introduce mine vs theirs seed construct to fake_txn
@macgyver13
SP: Introduce partial share contribution workflow
bfda09c 
add test to validate 'Contribute Shares?' UX
@macgyver13
SP: Introduce UI change output validation
ecbd31f 
add silent payments label change tests
- detect presence or absence of 'Change back:' in UI story
add multi-signer incomplete coverage scenario tests
fix sp_spend test failure when B_spend has odd Y parity
@macgyver13 macgyver13 force-pushed the silentpayments-bip375-psbt branch from b39d529 to ecbd31f Compare March 27, 2026 01:25
@macgyver13
Copy link
Copy Markdown
Author

macgyver13 commented Mar 27, 2026

Still have plenty of tasks to do on this PR but wanted to provide a checkpoint given the number of changes. I can break this into multiple PRs if preferred. I expect commits 7887701 through c516610 to remain stable.

Core Changes:

  • fix: (psbt v2)
  • fix: (usb_test)

Silent Payments Changes:

  • Standardized testing to use pytest and simulator instead of ngu_wrapper
  • Added bip375_test_vectors.json and parameterized test_silentpayments to use each vector
  • Introduced the workflow of contributing shares but not signing when multi-signers contribute to a SP output
  • Silent Payments Address is now appended to UI text instead of replacing - to address -
  • Labeled silent payments addresses are rendered correctly for change
  • Added BIP376 fields and associated operations

TODOs:

  • Considering how to show BIP353 HRN when provided by wallet coordinator like Sparrow
  • Identify sensitive material areas that need to be cleared
  • Add more tests to handle edge cases - open to suggestions
  • Consider doc/silentpayments.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@scgbckbone scgbckbone scgbckbone left review comments

@nymius nymius nymius left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@macgyver13 @scgbckbone @nymius