]> Untitled Git - bdk/commit
projects / bdk / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: de7a89f) | patch
fix(electrum): verify txid of server-returned transactions
authorElias Rohrer <dev@tnull.de>
Thu, 23 Apr 2026 16:54:52 +0000 (18:54 +0200)
committerElias Rohrer <dev@tnull.de>
Thu, 23 Apr 2026 16:55:27 +0000 (18:55 +0200)
commitd101a0973bc19ac1b64809c0d9f0cd3516e263d8
tree056cd9acede2269219630e228ae2080989f32420tree | snapshot
parentde7a89fd642ebc98d6ec1717c19728dc860499f2commit | diff
fix(electrum): verify txid of server-returned transactions

An Electrum server could return an arbitrary transaction when
`fetch_tx()` requests a specific txid. The returned transaction was
cached and used without verifying that its computed txid matches the
requested one.

Add a verification check that `tx.compute_txid() == txid` after
fetching from the server, returning an error on mismatch.

Signed-off-by: Elias Rohrer <dev@tnull.de>
crates/electrum/src/bdk_electrum_client.rs diff | blob | blame | history
A modern, lightweight, descriptor-based wallet library written in Rust!