Add a minimal timelock module

tcharding · tcharding · commit d9ffbefb7c42 · 2022-05-25T21:08:42.000+10:00
Currently if we mix up height/time absolute timelocks when filtering
policies the result is incorrect.

Add a `timelock` module that includes a single public function for
checking if absolute timelocks are the same unit. Use the new function
to fix a bug in policy filtering.
diff --git a/src/lib.rs b/src/lib.rs
@@ -104,6 +104,7 @@ pub mod interpreter;
 pub mod miniscript;
 pub mod policy;
 pub mod psbt;
+pub mod timelock;
 
 mod util;
 
diff --git a/src/policy/semantic.rs b/src/policy/semantic.rs
@@ -22,6 +22,7 @@ use bitcoin::hashes::{hash160, ripemd160, sha256, sha256d};
 
 use super::concrete::PolicyError;
 use super::ENTAILMENT_MAX_TERMINALS;
+use crate::timelock;
 use crate::{errstr, expression, Error, ForEach, ForEachKey, MiniscriptKey};
 
 /// Abstract policy which corresponds to the semantics of a Miniscript
@@ -543,7 +544,9 @@ impl<Pk: MiniscriptKey> Policy<Pk> {
     pub fn at_height(mut self, time: u32) -> Policy<Pk> {
         self = match self {
             Policy::After(t) => {
-                if t > time {
+                if !timelock::absolute_timelocks_are_same_unit(t, time) {
+                    Policy::Unsatisfiable
+                } else if t > time {
                     Policy::Unsatisfiable
                 } else {
                     Policy::After(t)
diff --git a/src/timelock.rs b/src/timelock.rs
@@ -0,0 +1,22 @@
+//! Various functions for manipulating Bitcoin timelocks.
+
+use crate::miniscript::limits::LOCKTIME_THRESHOLD;
+
+/// Returns true if `a` and `b` are the same unit i.e., both are block heights or both are UNIX
+/// timestamps. `a` and `b` are nLockTime values.
+pub fn absolute_timelocks_are_same_unit(a: u32, b: u32) -> bool {
+    n_lock_time_is_block_height(a) && n_lock_time_is_block_height(b)
+        || n_lock_time_is_timestamp(a) && n_lock_time_is_timestamp(b)
+}
+
+// https://github.com/bitcoin/bitcoin/blob/9ccaee1d5e2e4b79b0a7c29aadb41b97e4741332/src/script/script.h#L39
+
+/// Returns true if nLockTime `n` is to be interpreted as a block height.
+fn n_lock_time_is_block_height(n: u32) -> bool {
+    n < LOCKTIME_THRESHOLD
+}
+
+/// Returns true if nLockTime `n` is to be interpreted as a UNIX timestamp.
+fn n_lock_time_is_timestamp(n: u32) -> bool {
+    n >= LOCKTIME_THRESHOLD
+}
