fix(tx_builder)!: check foreign utxos are not local before inclusion

The new check is added to ensure all added foreign utxos are not owned
by the wallet.

Author: nymius

crates/wallet/src/wallet/tx_builder.rs

@@ -342,8 +342,9 @@ impl<'a, Cs> TxBuilder<'a, Cs> {
     ///
     /// This method returns errors in the following circumstances:
     ///
-    /// 1. The `psbt_input` does not contain a `witness_utxo` or `non_witness_utxo`.
-    /// 2. The data in `non_witness_utxo` does not match what is in `outpoint`.
+    /// 1. The provided outpoint is associated to a [`LocalOutput`].
+    /// 2. The `psbt_input` does not contain a `witness_utxo` or `non_witness_utxo`.
+    /// 3. The data in `non_witness_utxo` does not match what is in `outpoint`.
     ///
     /// Note unless you set [`only_witness_utxo`] any non-taproot `psbt_input` you pass to this
     /// method must have `non_witness_utxo` set otherwise you will get an error when [`finish`]
@@ -374,6 +375,10 @@ impl<'a, Cs> TxBuilder<'a, Cs> {
         satisfaction_weight: Weight,
         sequence: Sequence,
     ) -> Result<&mut Self, AddForeignUtxoError> {
+        // Avoid the inclusion of local utxos as foreign utxos
+        if self.wallet.tx_graph().get_txout(outpoint).is_some() {
+            return Err(AddForeignUtxoError::NotForeignUtxo);
+        };
         if psbt_input.witness_utxo.is_none() {
             match psbt_input.non_witness_utxo.as_ref() {
                 Some(tx) => {
@@ -711,6 +716,8 @@ pub enum AddForeignUtxoError {
     InvalidOutpoint(OutPoint),
     /// Foreign utxo missing witness_utxo or non_witness_utxo
     MissingUtxo,
+    /// UTxO is owned by wallet
+    NotForeignUtxo,
 }
 
 impl fmt::Display for AddForeignUtxoError {
@@ -730,6 +737,7 @@ impl fmt::Display for AddForeignUtxoError {
                 outpoint.txid, outpoint.vout,
             ),
             Self::MissingUtxo => write!(f, "Foreign utxo missing witness_utxo or non_witness_utxo"),
+            Self::NotForeignUtxo => write!(f, "UTxO is owned by wallet"),
         }
     }
 }

crates/wallet/tests/wallet.rs

@@ -1645,6 +1645,38 @@ fn test_calculate_fee_with_missing_foreign_utxo() {
 
 #[test]
 fn test_add_foreign_utxo_invalid_psbt_input() {
+    let (mut wallet, _) = get_funded_wallet_wpkh();
+    let address = Address::from_str("bcrt1q3qtze4ys45tgdvguj66zrk4fu6hq3a3v9pfly5")
+        .expect("address")
+        .require_network(Network::Regtest)
+        .unwrap();
+    let tx0 = Transaction {
+        output: vec![TxOut {
+            value: Amount::from_sat(76_000),
+            script_pubkey: address.script_pubkey(),
+        }],
+        ..new_tx(0)
+    };
+    let external_outpoint = OutPoint {
+        txid: tx0.compute_txid(),
+        vout: 0,
+    };
+    let foreign_utxo_satisfaction = wallet
+        .public_descriptor(KeychainKind::External)
+        .max_weight_to_satisfy()
+        .unwrap();
+
+    let mut builder = wallet.build_tx();
+    let result = builder.add_foreign_utxo(
+        external_outpoint,
+        psbt::Input::default(),
+        foreign_utxo_satisfaction,
+    );
+    assert!(matches!(result, Err(AddForeignUtxoError::MissingUtxo)));
+}
+
+#[test]
+fn test_add_foreign_utxo_fails_when_utxo_is_owned_by_wallet() {
     let (mut wallet, _) = get_funded_wallet_wpkh();
     let outpoint = wallet.list_unspent().next().expect("must exist").outpoint;
     let foreign_utxo_satisfaction = wallet
@@ -1655,7 +1687,7 @@ fn test_add_foreign_utxo_invalid_psbt_input() {
     let mut builder = wallet.build_tx();
     let result =
         builder.add_foreign_utxo(outpoint, psbt::Input::default(), foreign_utxo_satisfaction);
-    assert!(matches!(result, Err(AddForeignUtxoError::MissingUtxo)));
+    assert!(matches!(result, Err(AddForeignUtxoError::NotForeignUtxo)));
 }
 
 #[test]