Bitcoin PSBT
Fordefi supports signing arbitrary Bitcoin transactions using the Partially Signed Bitcoin Transaction (PSBT) format.
The following fields are required in the request body (within the details field).
The psbt_raw_data field must contain the PSBT in its raw binary format. For general information on PSBTs, see the BIP-174 specification, which documents the PSBT format. In practice, you will probably use a library like bitcoin-js to generate the PSBTs.
The sender field must specify the vault address that will be used to sign the PSBT. Currently, Fordefi supports signing PSBTs only with Schnorr signatures using any of the vault's Taproot addresses. If you need to sign a PSBT with a Legacy or Segwit address, please contact Fordefi support.
The auto_finalize field in the request body controls whether Fordefi will automatically finalize the PSBT after signing it. If your PSBT requires adding more signatures after signing it with your Fordefi vault, you should set auto_finalize to false.
Similarly, the push_mode field controls whether Fordefi will push the signed transaction to the network. If your PSBT requires adding more signatures after signing it with your Fordefi vault, you should set push_mode to manual.
The following is an example of the body of a Create Transaction request for a Bitcoin PSBT. The general details of creating the request appear here.
{
"vault_id": "3fd3ed32-64e5-47ef-b822-65493d30bf3f",
"signer_type": "api_signer",
"type": "utxo_transaction",
"details": {
"type": "utxo_partially_signed_bitcoin_transaction",
"psbt_raw_data": "0x70736274ff01005e0200000001c23e3e8573df5c6746f7f060e6afe2421b9e5757318aa989d3119503454bfb4a0000000000fdffffff0140420f00000000002251200e8fe1beb4ccbc845a4a37cbd7a15ce0ac41ae2743f34c0a9dc388d5899b38ec000000000001012b60e316000000000022512068c00571d283f000be7962b97d839d93062050a2b6780cc9cca2691a37d28be02215c1b3034b6e8655ae58a818c3c587b434d625368795d1b13fcd0fb81b40941e0e9923206b085b16099839a79700f329aeb165ed7ae05a4dce8bcbcddbf400b0d800a040acc021166b085b16099839a79700f329aeb165ed7ae05a4dce8bcbcddbf400b0d800a04025011634253c4fe7f3cc69eb70b3d7d1fa4e1512d73f390d008a47eab9f0aed5fcd96870ab482116b3034b6e8655ae58a818c3c587b434d625368795d1b13fcd0fb81b40941e0e9905003eafb721011720b3034b6e8655ae58a818c3c587b434d625368795d1b13fcd0fb81b40941e0e990118201634253c4fe7f3cc69eb70b3d7d1fa4e1512d73f390d008a47eab9f0aed5fcd90000",
"sender": {
"address_type": "taproot",
"chain": {
"chain_type": "utxo",
"unique_id": "bitcoin_testnet"
},
"address": "tb1pdawc9gg3sqlqcx7wjrd6e972px0tgrvlr09tcmzxck5ernt4zxzsm3p4jy"
},
"auto_finalize": "true",
"push_mode": "auto"
}
}Optional: Specify inputs to sign
Fordefi automatically detects the inputs to sign from the way that the PSBT references the signing vault's public key, given in the sender field. Specifically:
- Key spending path: When a PSBT input specifies the vault's public key as the input's internal key (given in the
PSBT_IN_TAP_INTERNAL_KEY = 0x17PSBT field), Fordefi will sign that input with the vault's private key tweaked with the default tweak. Support for signing PSBTs with the key path where the script path is non-empty is coming soon. - Script spending path: When a PSBT input contains a leaf script (given in the
PSBT_IN_TAP_LEAF_SCRIPTPSBT field), and the leaf script contains the vault's public key, Fordefi will sign that input with the vault's private key, left untweaked.
There is also an option to manually specify the inputs to sign, using the optional inputs field. However, in most cases, this field can be omitted, and the determination of which inputs to sign is left to Fordefi.