Merge #5: feat: enable random anti-fee sniping

179860e feat!: implement anti-fee-sniping protection (Abiodun)
c95e8ed refactor: remove unnecessary clippy allow attributes (Abiodun)

Pull request description:

  This PR implements Anti-Fee-Sniping with randomization as discussed in issue #4

  ## Notes to the reviewers
  The implementation adds randomization to anti-fee-sniping behavior:

  1. Uses a 50/50 chance to choose between nLockTime and nSequence (when possible)
  2. Adds a 10% chance to set either value further back in time (by a random value between 0-99)
  3. Detects taproot inputs and their confirmation status

  ## Changelog notice

  ### Changed
  - `CreatePsbtError::MissingFullTxForLegacyInput` and `CreatePsbtError::MissingFullTxForSegwitV0Input` now wrap `Input` in `Box` (breaking change)

  ### Added
  - `PsbtParams::enable_anti_fee_sniping` field for BIP326 anti-fee-sniping protection
  - `CreatePsbtError::InvalidLockTime` and `CreatePsbtError::UnsupportedVersion` error variants
  - `Selection::create_psbt_with_rng` method for custom RNG

  * [x] I've signed all my commits
  * [x] I ran `cargo fmt` and `cargo clippy` before committing
  * [x] I've added docs for the new feature

  Closes #4

ACKs for top commit:
  ValuedMammal:
    ACK 179860e
  nymius:
    ACK 179860e

Tree-SHA512: 52a9190560e2714f99afae519f7facd304013afc0cf4167204be92b084feed166496250f041378e0c676ac383006a7d90ebd37d4cd486bb7c0664f834ca188e4

Author: ValuedMammal

Cargo.toml

@@ -11,24 +11,29 @@ license = "MIT OR Apache-2.0"
 readme = "README.md"
 
 [dependencies]
-miniscript = { version = "12", default-features = false }
+miniscript = { version = "12.3.5", default-features = false }
 bdk_coin_select = "0.4.0"
+rand_core = { version = "0.6.4", default-features = false }
+rand = { version = "0.8", optional = true }
 
 [dev-dependencies]
 anyhow = "1"
 bdk_tx = { path = "." }
-bitcoin = { version = "0.32", features = ["rand-std"] }
+bitcoin = { version = "0.32", default-features = false, features = ["rand-std"] }
 bdk_testenv = "0.13.0"
 bdk_bitcoind_rpc = "0.20.0"
 bdk_chain = { version = "0.23.0" }
 
 [features]
 default = ["std"]
-std = ["miniscript/std"]
+std = ["miniscript/std", "rand/std"]
 
 [[example]]
 name = "synopsis"
 
 [[example]]
 name = "common"
 crate-type = ["lib"]
+
+[[example]]
+name = "anti_fee_sniping"

examples/anti_fee_sniping.rs

@@ -0,0 +1,150 @@
+#![allow(dead_code)]
+use bdk_testenv::{bitcoincore_rpc::RpcApi, TestEnv};
+use bdk_tx::{
+    filter_unspendable_now, group_by_spk, selection_algorithm_lowest_fee_bnb, FeeStrategy, Output,
+    PsbtParams, ScriptSource, SelectorParams,
+};
+use bitcoin::{absolute::LockTime, key::Secp256k1, Amount, FeeRate, Sequence};
+use miniscript::Descriptor;
+
+mod common;
+
+use common::Wallet;
+
+fn main() -> anyhow::Result<()> {
+    let secp = Secp256k1::new();
+    let (external, _) = Descriptor::parse_descriptor(&secp, bdk_testenv::utils::DESCRIPTORS[0])?;
+    let (internal, _) = Descriptor::parse_descriptor(&secp, bdk_testenv::utils::DESCRIPTORS[1])?;
+
+    let env = TestEnv::new()?;
+    let genesis_hash = env.genesis_hash()?;
+    env.mine_blocks(101, None)?;
+
+    let mut wallet = Wallet::new(genesis_hash, external, internal.clone())?;
+    wallet.sync(&env)?;
+
+    let addr = wallet.next_address().expect("must derive address");
+
+    let txid1 = env.send(&addr, Amount::ONE_BTC)?;
+    env.mine_blocks(1, None)?;
+    wallet.sync(&env)?;
+    println!("Received confirmed input: {}", txid1);
+
+    let txid2 = env.send(&addr, Amount::ONE_BTC)?;
+    env.mine_blocks(1, None)?;
+    wallet.sync(&env)?;
+    println!("Received confirmed input: {}", txid2);
+
+    println!("Balance (confirmed): {}", wallet.balance());
+
+    let (tip_height, tip_time) = wallet.tip_info(env.rpc_client())?;
+    println!("Current height: {}", tip_height);
+    let longterm_feerate = FeeRate::from_sat_per_vb_unchecked(1);
+
+    let recipient_addr = env
+        .rpc_client()
+        .get_new_address(None, None)?
+        .assume_checked();
+
+    // When anti-fee-sniping is enabled, the transaction will either use nLockTime or nSequence.
+    //
+    // Locktime approach is used when:
+    // - RBF is disabled, OR
+    // - Any input requires locktime (non-taproot, unconfirmed, or >65535 confirmations), OR
+    // - There are no taproot inputs, OR
+    // - Random 50/50 coin flip chose locktime
+    //
+    // Sequence approach is used otherwise:
+    // - Sets tx.lock_time to ZERO
+    // - Modifies one randomly selected taproot input's sequence
+    //
+    // Once the approach is selected, to reduce transaction fingerprinting,
+    // - For nLockTime: With 10% probability, subtract a random 0-99 block offset from current height
+    // - For nSequence: With 10% probability, subtract a random 0-99 block offset (minimum value of 1)
+    //
+    // Note: When locktime is used, all sequence values remain unchanged.
+
+    let mut locktime_count = 0;
+    let mut sequence_count = 0;
+
+    for _ in 0..10 {
+        let selection = wallet
+            .all_candidates()
+            .regroup(group_by_spk())
+            .filter(filter_unspendable_now(tip_height, tip_time))
+            .into_selection(
+                selection_algorithm_lowest_fee_bnb(longterm_feerate, 100_000),
+                SelectorParams::new(
+                    FeeStrategy::FeeRate(FeeRate::from_sat_per_vb_unchecked(10)),
+                    vec![Output::with_script(
+                        recipient_addr.script_pubkey(),
+                        Amount::from_sat(50_000_000),
+                    )],
+                    ScriptSource::Descriptor(Box::new(internal.at_derivation_index(0)?)),
+                    wallet.change_policy(),
+                ),
+            )?;
+
+        let fallback_locktime: LockTime = LockTime::from_consensus(tip_height.to_consensus_u32());
+
+        let selection_inputs = selection.inputs.clone();
+
+        let psbt = selection.create_psbt(PsbtParams {
+            enable_anti_fee_sniping: true,
+            fallback_locktime,
+            fallback_sequence: Sequence::ENABLE_RBF_NO_LOCKTIME,
+            ..Default::default()
+        })?;
+
+        let tx = psbt.unsigned_tx;
+
+        if tx.lock_time != LockTime::ZERO {
+            locktime_count += 1;
+            let locktime_value = tx.lock_time.to_consensus_u32();
+            let current_height = tip_height.to_consensus_u32();
+
+            let offset = current_height.saturating_sub(locktime_value);
+            if offset > 0 {
+                println!(
+                    "nLockTime = {} (tip height: {}, offset: -{})",
+                    locktime_value, current_height, offset
+                );
+            } else {
+                println!(
+                    "nLockTime = {} (tip height: {}, no offset)",
+                    locktime_value, current_height
+                );
+            }
+        } else {
+            sequence_count += 1;
+
+            for (i, inp) in tx.input.iter().enumerate() {
+                let sequence_value = inp.sequence.to_consensus_u32();
+
+                if (1..0xFFFFFFFD).contains(&sequence_value) {
+                    let input_confirmations = selection_inputs[i].confirmations(tip_height);
+                    let offset = input_confirmations.saturating_sub(sequence_value);
+
+                    if offset > 0 {
+                        println!(
+                            "nSequence[{}] = {} (confirmations: {}, offset: -{})",
+                            i, sequence_value, input_confirmations, offset
+                        );
+                    } else {
+                        println!(
+                            "nSequence[{}] = {} (confirmations: {}, no offset)",
+                            i, sequence_value, input_confirmations
+                        );
+                    }
+
+                    break;
+                }
+            }
+        }
+    }
+
+    println!("nLockTime approach used: {} times", locktime_count);
+    println!("nSequence approach used: {} times", sequence_count);
+
+    Ok(())
+}

src/lib.rs

@@ -1,8 +1,4 @@
 //! `bdk_tx`
-
-// FIXME: try to remove clippy "allows"
-#![allow(clippy::large_enum_variant)]
-#![allow(clippy::result_large_err)]
 #![warn(missing_docs)]
 #![no_std]
 
@@ -21,6 +17,7 @@ mod rbf;
 mod selection;
 mod selector;
 mod signer;
+mod utils;
 
 pub use canonical_unspents::*;
 pub use finalizer::*;
@@ -34,6 +31,7 @@ pub use rbf::*;
 pub use selection::*;
 pub use selector::*;
 pub use signer::*;
+use utils::*;
 
 #[cfg(feature = "std")]
 pub(crate) mod collections {