rust-bitcoin · apoelstra · Mar 9, 2023 · Feb 18, 2023 · Mar 9, 2023 · Mar 9, 2023
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,11 @@
+# 7.0.1 - March 8, 2023
+
+- Fixed a typing rule in `multi_a` for taproot miniscript descriptors. Current typing rules
+incorrectly tagged `multi_a` with the `n` property. Certain miniscripts of the form `j:multi_a` could
+could not spent without the first key. We could not find any evidence of these scripts being used
+in the wild. While this is technically a breaking change, any downstream users whose code would
+break by this change are already vulnerable.
+
 # 7.0.0 - April 20, 2022
 
 - Fixed miniscript type system bug. This is a security vulnerability and users are strongly encouraged to upgrade.

diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "miniscript"
-version = "7.0.0"
+version = "7.0.1"
 authors = ["Andrew Poelstra <[email protected]>, Sanket Kanjalkar <[email protected]>"]
 repository = "https://github.com/apoelstra/miniscript"
 description = "Miniscript: a subset of Bitcoin Script designed for analysis"

diff --git a/contrib/test.sh b/contrib/test.sh
@@ -8,6 +8,13 @@ then
     alias cargo="cargo +$TOOLCHAIN"
 fi
 
+
+# Pin dependencies as required if we are using MSRV toolchain.
+if cargo --version | grep "1\.41"; then
+    # 1.0.108 uses `matches!` macro so does not work with Rust 1.41.1, bad `syn` no biscuit.
+    cargo update -p syn --precise 1.0.107
+fi
+
 # Lint if told to
 if [ "$DO_LINT" = true ]
 then

diff --git a/src/miniscript/types/correctness.rs b/src/miniscript/types/correctness.rs
@@ -173,6 +173,15 @@ impl Property for Correctness {
         }
     }
 
+    fn from_multi_a(_: usize, _: usize) -> Self {
+        Correctness {
+            base: Base::B,
+            input: Input::Any,
+            dissatisfiable: true,
+            unit: true,
+        }
+    }
+
     fn from_hash() -> Self {
         Correctness {
             base: Base::B,

diff --git a/src/miniscript/types/malleability.rs b/src/miniscript/types/malleability.rs
@@ -122,6 +122,14 @@ impl Property for Malleability {
         }
     }
 
+    fn from_multi_a(_: usize, _: usize) -> Self {
+        Malleability {
+            dissat: Dissat::Unique,
+            safe: true,
+            non_malleable: true,
+        }
+    }
+
     fn from_hash() -> Self {
         Malleability {
             dissat: Dissat::Unknown,

diff --git a/src/miniscript/types/mod.rs b/src/miniscript/types/mod.rs
@@ -270,10 +270,7 @@ pub trait Property: Sized {
     fn from_multi(k: usize, n: usize) -> Self;
 
     /// Type property of a `MultiA` fragment
-    fn from_multi_a(k: usize, n: usize) -> Self {
-        // default impl same as multi
-        Self::from_multi(k, n)
-    }
+    fn from_multi_a(k: usize, n: usize) -> Self;
 
     /// Type property of a hash fragment
     fn from_hash() -> Self;
@@ -584,6 +581,13 @@ impl Property for Type {
         }
     }
 
+    fn from_multi_a(k: usize, n: usize) -> Self {
+        Type {
+            corr: Property::from_multi_a(k, n),
+            mall: Property::from_multi_a(k, n),
+        }
+    }
+
     fn from_hash() -> Self {
         Type {
             corr: Property::from_hash(),

diff --git a/src/policy/compiler.rs b/src/policy/compiler.rs
@@ -191,6 +191,14 @@ impl Property for CompilerExtData {
         }
     }
 
+    fn from_multi_a(k: usize, n: usize) -> Self {
+        CompilerExtData {
+            branch_prob: None,
+            sat_cost: 66.0 * k as f64 + (n - k) as f64,
+            dissat_cost: Some(n as f64), /* <w_n> ... <w_1> := 0x00 ... 0x00 (n times) */
+        }
+    }
+
     fn from_hash() -> Self {
         CompilerExtData {
             branch_prob: None,