Merge #220: Add experimental silent payment transaction creation support

c579854 feat(silentpayments): add experimental silent-payments sending support (nymius)

Pull request description:

  **Description**

  This PR adds experimental support for creating silent payment transactions through a new `CreateSpTx` command. The implementation integrates the `bdk_sp` crate to enable sending Bitcoin to silent payment addresses.

  Key changes:
  - Adds `bdk_sp` dependency as an optional feature
  - Implements `CreateSpTx` command with support for silent payment recipients
  - Includes parser for silent payment `address:amount` pairs
  - Returns signed transactions ready for broadcast (not PSBTs due to silent payment derivation constraints)

  **Notes to the reviewers**

  - This feature is marked as **EXPERIMENTAL** and includes warnings against mainnet use
  - The command returns signed transactions directly rather than PSBTs because silent payment script pubkey derivation cannot be performed securely in a trustless manner with standard PSBT workflows
  - RBF is disabled for silent payment transactions (sequence set to MAX)
  - The implementation handles both single key and extended key signers
  - Error handling uses temporary `.expect()` calls that should be addressed in future iterations

  **Changelog notice**

  **Added**: Experimental silent payment transaction creation via `CreateSpTx` command (feature-gated behind `sp` flag)

  **Checklists**

  **All Submissions**

  * [x] I've signed all my commits
  * [x] I followed the [conventional commit guidelines](https://www.conventionalcommits.org/en/v1.0.0/)
  * [x] I ran cargo fmt, clippy and test before committing

  **New Features**

  ~~* [ ] I've added tests for the new feature~~
  * [x] I've added docs for the new feature

ACKs for top commit:
  tvpeter:
    tACK c579854

Tree-SHA512: 0d5e2064b2eacab4fa2c0161bb1d9fd73c17401900c80a665a8ba3feb2025ddd6896efd0c30f7ceab361a88c397010965442bc9689df85383aaa9a0ec95fec0c

Author: tvpeter

Cargo.lock

@@ -33,6 +33,7 @@ bdk_electrum = { version = "0.23.2", optional = true }
 bdk_esplora = { version = "0.22.1", features = ["async-https", "tokio"], optional = true }
 bdk_kyoto = { version = "0.15.4", optional = true }
 bdk_redb = { version = "0.1.1", optional = true }
+bdk_sp = { version = "0.1.0", optional = true, git = "https://github.com/bitcoindevkit/bdk-sp", tag = "v0.1.0" }
 shlex = {  version = "1.3.0", optional = true }
 payjoin = { version = "=1.0.0-rc.1", features = ["v1", "v2", "io", "_test-utils"], optional = true}
 reqwest = { version = "0.13.2", default-features = false, optional = true }
@@ -65,3 +66,6 @@ verify = []
 # Extra utility tools
 # Compile policies
 compiler = []
+
+# Experimental silent payment sending capabilities
+silent-payments = ["dep:bdk_sp"]

Cargo.toml

@@ -148,6 +148,31 @@ cargo run --features rpc -- wallet --wallet payjoin_wallet2 sync
 cargo run --features rpc -- wallet --wallet payjoin_wallet2 balance
 
 cargo run --features rpc -- wallet --wallet payjoin_wallet2 send_payjoin --ohttp_relay "https://pj.bobspacebkk.com" --ohttp_relay "https://pj.benalleng.com" --fee_rate 1 --uri "<URI>"
+
+#### Silent payments
+
+> [!WARNING]
+> This tool does not support silent payment scanning, nor the `silent_payment_code`
+> command has any control on the public keys provided. If you don't have access
+> to a silent payment scanner with the keys you provided, you are not going to
+> be able to discover any funds, and if you do not control the private keys,
+> you are not going to be able to spend the funds. We do not recommend the use
+> of any of the silent payment features with real funds.
+
+To experiment with silent payments, you can get two public keys in compressed or uncompressed format, `A1` and `A2`, and produce a silent payment code by calling:
+```shell
+cargo run --features sp -- --network signet silent_payment_code --scan_public_key '<A1>' --spend_public_key '<A2>'
+```
+
+Once you have a silent payment code, `SP_CODE_1` and an amount `AMOUNT_1` to send, you can create a valid transaction locking funds to a silent payment code derived address with the following command:
+
+```shell
+cargo run --features electrum,sp -- --network testnet4 wallet --wallet sample_wallet --ext-descriptor "wpkh(tpubEBr4i6yk5nf5DAaJpsi9N2pPYBeJ7fZ5Z9rmN4977iYLCGco1VyjB9tvvuvYtfZzjD5A8igzgw3HeWeeKFmanHYqksqZXYXGsw5zjnj7KM9/*)" --database-type sqlite --client-type electrum --url "ssl://mempool.space:40002" create_sp_tx --to-sp <SP_CODE_1>:<AMOUNT_1>
+```
+
+It's also possible to drain all balance to a silent payment wallet by using the `--send_all` flag:
+```shell
+cargo run --features electrum,sp -- --network testnet4 wallet --wallet sample_wallet --ext-descriptor "wpkh(tpubEBr4i6yk5nf5DAaJpsi9N2pPYBeJ7fZ5Z9rmN4977iYLCGco1VyjB9tvvuvYtfZzjD5A8igzgw3HeWeeKFmanHYqksqZXYXGsw5zjnj7KM9/*)" --database-type sqlite --client-type electrum --url "ssl://mempool.space:40002" create_sp_tx --send_all --to-sp <SP_CODE_1>:0
 ```
 
 ## Justfile

README.md

@@ -13,6 +13,9 @@
 //! All subcommands are defined in the below enums.
 
 #![allow(clippy::large_enum_variant)]
+#[cfg(feature = "silent-payments")]
+use {crate::utils::parse_sp_code_value_pairs, bdk_sp::encoding::SilentPaymentCode};
+
 use bdk_wallet::bitcoin::{
     Address, Network, OutPoint, ScriptBuf,
     bip32::{DerivationPath, Xpriv},
@@ -182,6 +185,19 @@ pub enum CliSubCommand {
         #[arg(value_enum)]
         shell: Shell,
     },
+    /// Silent payment code generation tool.
+    ///
+    /// Allows the encoding of two public keys into a silent payment code.
+    /// Useful to create silent payment transactions using fake silent payment codes.
+    #[cfg(feature = "silent-payments")]
+    SilentPaymentCode {
+        /// The scan public key to use on the silent payment code.
+        #[arg(long = "scan_key")]
+        scan: bdk_sp::bitcoin::secp256k1::PublicKey,
+        /// The spend public key to use on the silent payment code.
+        #[arg(long = "spend_key")]
+        spend: bdk_sp::bitcoin::secp256k1::PublicKey,
+    },
 }
 
 /// Wallet operation subcommands.
@@ -395,6 +411,62 @@ pub enum OfflineWalletSubCommand {
         )]
         add_data: Option<String>, //base 64 econding
     },
+    /// Creates a silent payment transaction
+    ///
+    /// This sub-command is **EXPERIMENTAL** and should only be used for testing. Do not use this
+    /// feature to create transactions that spend actual funds on the Bitcoin mainnet.
+
+    // This command DOES NOT return a PSBT. Instead, it directly returns a signed transaction
+    // ready for broadcast, as it is not yet possible to perform a shared derivation of a silent
+    // payment script pubkey in a secure and trustless manner.
+    #[cfg(feature = "silent-payments")]
+    CreateSpTx {
+        /// Adds a recipient to the transaction.
+        // Clap Doesn't support complex vector parsing https://github.com/clap-rs/clap/issues/1704.
+        // Address and amount parsing is done at run time in handler function.
+        #[arg(env = "ADDRESS:SAT", long = "to", required = false, value_parser = parse_recipient)]
+        recipients: Option<Vec<(ScriptBuf, u64)>>,
+        /// Parse silent payment recipients
+        #[arg(long = "to-sp", required = true, value_parser = parse_sp_code_value_pairs)]
+        silent_payment_recipients: Vec<(SilentPaymentCode, u64)>,
+        /// Sends all the funds (or all the selected utxos). Requires only one recipient with value 0.
+        #[arg(long = "send_all", short = 'a')]
+        send_all: bool,
+        /// Make a PSBT that can be signed by offline signers and hardware wallets. Forces the addition of `non_witness_utxo` and more details to let the signer identify the change output.
+        #[arg(long = "offline_signer")]
+        offline_signer: bool,
+        /// Selects which utxos *must* be spent.
+        #[arg(env = "MUST_SPEND_TXID:VOUT", long = "utxos", value_parser = parse_outpoint)]
+        utxos: Option<Vec<OutPoint>>,
+        /// Marks a utxo as unspendable.
+        #[arg(env = "CANT_SPEND_TXID:VOUT", long = "unspendable", value_parser = parse_outpoint)]
+        unspendable: Option<Vec<OutPoint>>,
+        /// Fee rate to use in sat/vbyte.
+        #[arg(env = "SATS_VBYTE", short = 'f', long = "fee_rate")]
+        fee_rate: Option<f32>,
+        /// Selects which policy should be used to satisfy the external descriptor.
+        #[arg(env = "EXT_POLICY", long = "external_policy")]
+        external_policy: Option<String>,
+        /// Selects which policy should be used to satisfy the internal descriptor.
+        #[arg(env = "INT_POLICY", long = "internal_policy")]
+        internal_policy: Option<String>,
+        /// Optionally create an OP_RETURN output containing given String in utf8 encoding (max 80 bytes)
+        #[arg(
+            env = "ADD_STRING",
+            long = "add_string",
+            short = 's',
+            conflicts_with = "add_data"
+        )]
+        add_string: Option<String>,
+        /// Optionally create an OP_RETURN output containing given base64 encoded String. (max 80 bytes)
+        #[arg(
+            env = "ADD_DATA",
+            long = "add_data",
+            short = 'o',
+            conflicts_with = "add_string"
+        )]
+        add_data: Option<String>, //base 64 econding
+    },
     /// Bumps the fees of an RBF transaction.
     BumpFee {
         /// TXID of the transaction to update.

src/commands.rs

@@ -21,6 +21,10 @@ pub enum BDKCliError {
     #[error("Create transaction error: {0}")]
     CreateTx(#[from] bdk_wallet::error::CreateTxError),
 
+    #[cfg(feature = "silent-payments")]
+    #[error("Silent payment address decoding error: {0}")]
+    SilentPaymentParseError(#[from] bdk_sp::encoding::ParseError),
+
     #[error("Descriptor error: {0}")]
     DescriptorError(#[from] bdk_wallet::descriptor::error::Error),