fix: error out the stx protocol if the sender sends unsupported data (t…

…ari-project#5572)

Description
---
Will error out the stx protocol if the sender sends unsupported script,
features, or covenant

Motivation and Context
---
Its possible for the sender to block the spending of the transaction by
using unsupported script, covenant or features. This will now make it
that the receiver will not accept a transaction it does not know how to
spend.

How Has This Been Tested?
---
Passes all unit tests.

base_layer/wallet/src/output_manager_service/error.rs

@@ -116,6 +116,10 @@ pub enum OutputManagerError {
     NodeIdError(#[from] NodeIdError),
     #[error("Script hash does not match expected script")]
     InvalidScriptHash,
+    #[error("Unsupported Covenant")]
+    InvalidCovenant,
+    #[error("Unsupported Output Features")]
+    InvalidOutputFeatures,
     #[error("Tari script error: {0}")]
     ScriptError(#[from] ScriptError),
     #[error("Master secret key does not match persisted key manager state")]

base_layer/wallet/src/output_manager_service/service.rs

@@ -233,7 +233,7 @@ where
                     .map(OutputManagerResponse::Balance)
             },
             OutputManagerRequest::GetRecipientTransaction(tsm) => self
-                .get_recipient_transaction(tsm)
+                .get_default_recipient_transaction(tsm)
                 .await
                 .map(OutputManagerResponse::RecipientTransactionGenerated),
             OutputManagerRequest::GetCoinbaseTransaction {
@@ -680,7 +680,7 @@ where
     }
 
     /// Request a receiver transaction be generated from the supplied Sender Message
-    async fn get_recipient_transaction(
+    async fn get_default_recipient_transaction(
         &mut self,
         sender_message: TransactionSenderMessage,
     ) -> Result<ReceiverTransactionProtocol, OutputManagerError> {
@@ -689,14 +689,29 @@ where
             _ => return Err(OutputManagerError::InvalidSenderMessage),
         };
 
-        // Confirm script hash is for the expected script, at the moment assuming Nop
-        if single_round_sender_data.script != script!(Nop) {
-            return Err(OutputManagerError::InvalidScriptHash);
+        // Confirm covenant is default
+        if single_round_sender_data.covenant != Covenant::default() {
+            return Err(OutputManagerError::InvalidCovenant);
+        }
+
+        // Confirm output features is default
+        if single_round_sender_data.features != OutputFeatures::default() {
+            return Err(OutputManagerError::InvalidOutputFeatures);
         }
 
         let (spending_key_id, _, script_key_id, script_public_key) =
             self.resources.key_manager.get_next_spend_and_script_key_ids().await?;
 
+        // Confirm script hash is for the expected script, at the moment assuming Nop or Push_pubkey
+        // if the script is Push_pubkey(default_key) we know we have to fill it in.
+        let script = if single_round_sender_data.script == script!(Nop) {
+            single_round_sender_data.script.clone()
+        } else if single_round_sender_data.script == script!(PushPubKey(Box::new(PublicKey::default()))) {
+            script!(PushPubKey(Box::new(script_public_key.clone())))
+        } else {
+            return Err(OutputManagerError::InvalidScriptHash);
+        };
+
         let encrypted_data = self
             .resources
             .key_manager
@@ -707,7 +722,7 @@ where
 
         let metadata_message = TransactionOutput::metadata_signature_message_from_parts(
             &TransactionOutputVersion::get_current_version(),
-            &single_round_sender_data.script,
+            &script,
             &single_round_sender_data.features.clone(),
             &single_round_sender_data.covenant,
             &encrypted_data,
@@ -731,7 +746,7 @@ where
             single_round_sender_data.amount,
             spending_key_id.clone(),
             single_round_sender_data.features.clone(),
-            single_round_sender_data.script.clone(),
+            script,
             inputs!(script_public_key),
             script_key_id,
             single_round_sender_data.sender_offset_public_key.clone(),