Antoine Poinsot

Rebased. Dropped the commit modifying the interpreter, not needed after #25664. This PR does not touch consensus code anymore. Note however that since we can't mock the preimage check, we...

Rebased (quite verbose, following #25863) and removed needless commit 1af2145ef6 ("descriptor_tests: use clang-tidy verifiable syntax for argument comment"). I changed the commit introducing hashlock satisfaction to use a mapping per...

> @renepickhardt I don't have a stack exchange account, but if you feel this answers the question, then feel free to copy it over. @Roasbeef I answered this SE question...

Thanks. To address https://github.com/trezor/trezor-firmware/issues/416#issuecomment-1119350991. Miniscript can be compiled from, and lifted to, a humanly-readable policy language. The compiler obviously has nothing to do on the hardware signing device, but the...

> In the model that we are using (register and verify the policy once, then trust the previous registration), unfortunately I think showing the "lifted policy" might not be safe...

I had forgotten about this PR.. I'll get back to rebase it. If anyone cares and gets to it before i do please feel free to consider this as up...

ACK 15db5e0c1c03a65db4ed5b9a400817bf96237590 CI jobs that are failing seem spurious ("Failed to start an instance! Failed to pull null image! Repository does not exist or may require authentication."), or https://github.com/bitcoin/bitcoin/issues/27879.

This needs rebase for CI to pass.

The descriptor on which it crashed is `wsh(0)`. This is a bug in the Miniscript logic, exposed by the new check but not introduced in this PR. A `0` script...

I think the `CHECK_NONFATAL` that we don't parse Miniscript descriptors with an empty set of keys can be removed here, No need to hold off this PR and it was...