MuSig2 with script path fallback pubnonce failure

[Sjors]

See also bitcoin/bitcoin#29675 (comment)

I created a 2-of-2 multisig between Bitcoin Core and a (physical) Ledger Nano X. The keypath uses MuSig2 and then there's one fallback script path per device that works after one day and three days.

On the Bitcoin Core side I'm using a slightly modified version of the branch here: bitcoin/bitcoin#29675 (modifications were just to create the wallet using an unused descriptor and addhdkey RPC).

I'm using the 2.4.0 testnet app and tweaked moosig.py to perform the device steps. (returning early and/or skipping previous steps where needed)

Here's the descriptor including the Bitcoin Core (test) private key, which you should be able to import into a blank wallet (not watch-only):

bitcoin-cli importdescriptors '[{"desc": "tr(musig([c5f97abd/87h/1h/0h]tpubDC7VXdmq5VRJVjk3FwoUfCNDZMaoGtjdRESPR6NKXtMskS6c6qekcmzv9USCDTPY3zpzmoKEzBcEKGYUw6LEGAnYM2xxuS8ytK5Nnq49uMS,[2562bd2d/44h/1h/0h]tprv8ZgxMBicQKsPd6FP57ADU99XR8BSVzRQcqhrGuQ7C8hhpnNWcPkzPdwuCnx7y1gqysf8ea4JQz57kmnvxb5ZAfoUzDZctESnNsv5JFyCqmu)/<0;1>/*,{and_v(v:pk([c5f97abd/87h/1h/0h]tpubDC7VXdmq5VRJVjk3FwoUfCNDZMaoGtjdRESPR6NKXtMskS6c6qekcmzv9USCDTPY3zpzmoKEzBcEKGYUw6LEGAnYM2xxuS8ytK5Nnq49uMS/<0;1>/*),older(144)),and_v(v:pk([2562bd2d/44h/1h/0h]tprv8ZgxMBicQKsPd6FP57ADU99XR8BSVzRQcqhrGuQ7C8hhpnNWcPkzPdwuCnx7y1gqysf8ea4JQz57kmnvxb5ZAfoUzDZctESnNsv5JFyCqmu/<0;1>/*),older(432))})#m9hslhr6", "timestamp": "now", "active": true}]'

I funded it on testnet4 but it should work on any test network if you fund it yourself. Feel free to sweep some, but do leave a bit behind.

First I registered the policy (crafted by manually editing the descriptor):

• tr(musig(@0,@1)/**,{and_v(v:pk(@0/**),older(144)),and_v(v:pk(@1/**),older(432))})
• @0 is the device [c5f97abd/87h/1h/0h]tpubDC7VXdmq5VRJVjk3FwoUfCNDZMaoGtjdRESPR6NKXtMskS6c6qekcmzv9USCDTPY3zpzmoKEzBcEKGYUw6LEGAnYM2xxuS8ytK5Nnq49uMS
• @1 is Bitcoin Core (xpub version): [2562bd2d/44h/1h/0h]tpubD6NzVbkrYhZ4WZHAxkposYodz9hNfKcKC9JdZRSQcQW6fGdHEnaaa8ZmNvfTYsWPPwCubgf7ijbjVPSC6Q4zrgCK9m3p8baQSqHrAMLd4DP

Registration worked fine, and I took note of the HMAC. IIRC it warned about the unusual derivation, but otherwise recognized itself and the other side.

I had Bitcoin Core generate a deposit address (getnewaddress RPC) and didn't try displaying it.

After funding and confirmation, I tried spending some of it using the send RPC. This generates the following PSBT:

cHNidP8BAIkCAAAAAS8uFbOVYwYXnaXNJEfOVSH9LtWXEr/UT5Ml3sLLVj2SAAAAAAD9////AkBCDwAAAAAAIlEgerOb+hgorf49Yh7vU5fXj8NZ5dwPxL9wDarxalhg6vCjU4kAAAAAACJRIMA7osaPers2syXo62naul6vadat10OhQLngfCnRVYBzAAAAAAABASuAlpgAAAAAACJRIF1FoshgM1Vzpq6lPBrsQ7fT4JoN5I4J1+5kAJdsIUovQRROMdmxG3tPLW4V5h48KK8WtJcX1lxhJdxOmpBV7au1zfICGqj+wnFqwXWCm7mYByjeDLNNQeA6ajogMjCkvjpJQGpWJjHwApSHjMDb4NluS4wcllBOCBHFU9YiHog/bDFIQq7uwGVAKtNOieU6SgJ0PKRCwYf84GafDBn87o4hl5pCFcFy3SMXh2B5UyjgVoHpRnCZ+V3NWiW8rEWfB5ZtSmy09Y0V8Nn43mQ4JtRgiGkrX1HikcEGXuFDnU95yXhpAO7GJyBOMdmxG3tPLW4V5h48KK8WtJcX1lxhJdxOmpBV7au1za0CsAGywEIVwXLdIxeHYHlTKOBWgelGcJn5Xc1aJbysRZ8Hlm1KbLT18gIaqP7CcWrBdYKbuZgHKN4Ms01B4DpqOiAyMKS+OkknIMUiAVK+PbqRIVLkOJ1OWjzVg6o6DgiqWME/+1phNSeVrQKQALLAIRYwI+ADGD4CVH2DDgzcRav4Z5kTkGd++yKR9h7I3WC6U1ECjRXw2fjeZDgm1GCIaStfUeKRwQZe4UOdT3nJeGkA7sbyAhqo/sJxasF1gpu5mAco3gyzTUHgOmo6IDIwpL46ScX5er1XAACAAQAAgAAAAIAhFk4x2bEbe08tbhXmHjworxa0lxfWXGEl3E6akFXtq7XNOQHyAhqo/sJxasF1gpu5mAco3gyzTUHgOmo6IDIwpL46SSVivS0sAACAAQAAgAAAAIAAAAAAAAAAACEWct0jF4dgeVMo4FaB6UZwmfldzVolvKxFnweWbUpstPUNAHe76/MAAAAAAAAAACEWxSIBUr49upEhUuQ4nU5aPNWDqjoOCKpYwT/7WmE1J5U5AY0V8Nn43mQ4JtRgiGkrX1HikcEGXuFDnU95yXhpAO7Gxfl6vVcAAIABAACAAAAAgAAAAAAAAAAAIRb7FnfmX6CFoh6ghBETTfDcOfVsK3AZ+kNOO1IlfLhtTFECjRXw2fjeZDgm1GCIaStfUeKRwQZe4UOdT3nJeGkA7sbyAhqo/sJxasF1gpu5mAco3gyzTUHgOmo6IDIwpL46SSVivS0sAACAAQAAgAAAAIABFyBy3SMXh2B5UyjgVoHpRnCZ+V3NWiW8rEWfB5ZtSmy09QEYIEVuwIhAaBB2q4T44NkbVH7RfWiUeDV57zsdg+PjF6pDIhoDvBBYzaZQvcUgM5hJffS0lZ2nqbMg8JnN+nMXJ/hsXapCAjAj4AMYPgJUfYMODNxFq/hnmROQZ377IpH2HsjdYLpTAvsWd+ZfoIWiHqCEERNN8Nw59WwrcBn6Q047UiV8uG1MAAABBSAKZXrCtzAv4Tgob3D8QNUiTjss42ZwNpq3aaHB02b+7AEGUgHAJiDEJbCcHQU80YZib+8F7O8wAnyJ1riRDvKtD6FXg4xVeK0CsAGyAcAmIF6KGLsMBK+Nqxr/Lg6hZfxVddlnabBt51SRn6FnifjarQKQALIhBwplesK3MC/hOChvcPxA1SJOOyzjZnA2mrdpocHTZv7sDQB3u+vzAQAAAAYAAAAhBzAj4AMYPgJUfYMODNxFq/hnmROQZ377IpH2HsjdYLpTUQJ4hNQvUzTI4fq71WMHooMDn+iPxXzKBFbOcoLDNKyWOaQNSyQbnhYr/N5J+ZCN53JsoI1fyQrbb4SQ/k+8jLofxfl6vVcAAIABAACAAAAAgCEHXooYuwwEr42rGv8uDqFl/FV12WdpsG3nVJGfoWeJ+No5AaQNSyQbnhYr/N5J+ZCN53JsoI1fyQrbb4SQ/k+8jLofxfl6vVcAAIABAACAAAAAgAEAAAAGAAAAIQfEJbCcHQU80YZib+8F7O8wAnyJ1riRDvKtD6FXg4xVeDkBeITUL1M0yOH6u9VjB6KDA5/oj8V8ygRWznKCwzSsljklYr0tLAAAgAEAAIAAAACAAQAAAAYAAAAhB/sWd+ZfoIWiHqCEERNN8Nw59WwrcBn6Q047UiV8uG1MUQJ4hNQvUzTI4fq71WMHooMDn+iPxXzKBFbOcoLDNKyWOaQNSyQbnhYr/N5J+ZCN53JsoI1fyQrbb4SQ/k+8jLofJWK9LSwAAIABAACAAAAAgCIIA7wQWM2mUL3FIDOYSX30tJWdp6mzIPCZzfpzFyf4bF2qQgIwI+ADGD4CVH2DDgzcRav4Z5kTkGd++yKR9h7I3WC6UwL7FnfmX6CFoh6ghBETTfDcOfVsK3AZ+kNOO1IlfLhtTAA=

Just in case here's an alternative PSBT generated with an unmodified bitcoin/bitcoin#29675 @ d4693372eb1bb13e24e01438c5dc6d9811929982, which has the same length and causes the same failure.

"cHNidP8BAIkCAAAAAS8uFbOVYwYXnaXNJEfOVSH9LtWXEr/UT5Ml3sLLVj2SAAAAAAD9////AkBCDwAAAAAAIlEgerOb+hgorf49Yh7vU5fXj8NZ5dwPxL9wDarxalhg6vCjU4kAAAAAACJRIMA1j8tQwtJRXo65wdIhwGeSFuiZwbIanDJrPtcjD0PoAAAAAAABASuAlpgAAAAAACJRIF1FoshgM1Vzpq6lPBrsQ7fT4JoN5I4J1+5kAJdsIUovQRROMdmxG3tPLW4V5h48KK8WtJcX1lxhJdxOmpBV7au1zfICGqj+wnFqwXWCm7mYByjeDLNNQeA6ajogMjCkvjpJQGzWlgIU8di5NGxWWvuHLfrZdBp33xzlJz1Y3U122jpLEd12TTnl85KeDHXvratoOyihp6vnSJy9u/wEV0GbRhhCFcFy3SMXh2B5UyjgVoHpRnCZ+V3NWiW8rEWfB5ZtSmy09Y0V8Nn43mQ4JtRgiGkrX1HikcEGXuFDnU95yXhpAO7GJyBOMdmxG3tPLW4V5h48KK8WtJcX1lxhJdxOmpBV7au1za0CsAGywEIVwXLdIxeHYHlTKOBWgelGcJn5Xc1aJbysRZ8Hlm1KbLT18gIaqP7CcWrBdYKbuZgHKN4Ms01B4DpqOiAyMKS+OkknIMUiAVK+PbqRIVLkOJ1OWjzVg6o6DgiqWME/+1phNSeVrQKQALLAIRYwI+ADGD4CVH2DDgzcRav4Z5kTkGd++yKR9h7I3WC6U1ECjRXw2fjeZDgm1GCIaStfUeKRwQZe4UOdT3nJeGkA7sbyAhqo/sJxasF1gpu5mAco3gyzTUHgOmo6IDIwpL46ScX5er1XAACAAQAAgAAAAIAhFk4x2bEbe08tbhXmHjworxa0lxfWXGEl3E6akFXtq7XNOQHyAhqo/sJxasF1gpu5mAco3gyzTUHgOmo6IDIwpL46SSVivS0sAACAAQAAgAAAAIAAAAAAAAAAACEWct0jF4dgeVMo4FaB6UZwmfldzVolvKxFnweWbUpstPUNAHe76/MAAAAAAAAAACEWxSIBUr49upEhUuQ4nU5aPNWDqjoOCKpYwT/7WmE1J5U5AY0V8Nn43mQ4JtRgiGkrX1HikcEGXuFDnU95yXhpAO7Gxfl6vVcAAIABAACAAAAAgAAAAAAAAAAAIRb7FnfmX6CFoh6ghBETTfDcOfVsK3AZ+kNOO1IlfLhtTFECjRXw2fjeZDgm1GCIaStfUeKRwQZe4UOdT3nJeGkA7sbyAhqo/sJxasF1gpu5mAco3gyzTUHgOmo6IDIwpL46SSVivS0sAACAAQAAgAAAAIABFyBy3SMXh2B5UyjgVoHpRnCZ+V3NWiW8rEWfB5ZtSmy09QEYIEVuwIhAaBB2q4T44NkbVH7RfWiUeDV57zsdg+PjF6pDIhoDvBBYzaZQvcUgM5hJffS0lZ2nqbMg8JnN+nMXJ/hsXapCAjAj4AMYPgJUfYMODNxFq/hnmROQZ377IpH2HsjdYLpTAvsWd+ZfoIWiHqCEERNN8Nw59WwrcBn6Q047UiV8uG1MAAABBSC96z6yOOuSqE4j6DJKoHRaqZfkS/BlNtR3VtrqESLlygEGUgHAJiDLBpGEt8l6/bF1BBZuWiYpJZV94P2cwpcyoSYi+zT9Yq0CsAGyAcAmICLlzTRR7u4EdZAT9w4/27vo60jmckfBRxr4E+VgRKKirQKQALIhByLlzTRR7u4EdZAT9w4/27vo60jmckfBRxr4E+VgRKKiOQG4LIL7Fz8Bw0lmP6Rp1ZOmFhZJXepIW4JN4boq8Y50+8X5er1XAACAAQAAgAAAAIABAAAAAAAAACEHMCPgAxg+AlR9gw4M3EWr+GeZE5BnfvsikfYeyN1gulNRArgsgvsXPwHDSWY/pGnVk6YWFkld6khbgk3huirxjnT72y6jd7rPdrhJCvNWslLjOqh5CN59A2EKz/cYzxgmmdfF+Xq9VwAAgAEAAIAAAACAIQe96z6yOOuSqE4j6DJKoHRaqZfkS/BlNtR3VtrqESLlyg0Ad7vr8wEAAAAAAAAAIQfLBpGEt8l6/bF1BBZuWiYpJZV94P2cwpcyoSYi+zT9YjkB2y6jd7rPdrhJCvNWslLjOqh5CN59A2EKz/cYzxgmmdclYr0tLAAAgAEAAIAAAACAAQAAAAAAAAAhB/sWd+ZfoIWiHqCEERNN8Nw59WwrcBn6Q047UiV8uG1MUQK4LIL7Fz8Bw0lmP6Rp1ZOmFhZJXepIW4JN4boq8Y50+9suo3e6z3a4SQrzVrJS4zqoeQjefQNhCs/3GM8YJpnXJWK9LSwAAIABAACAAAAAgCIIA7wQWM2mUL3FIDOYSX30tJWdp6mzIPCZzfpzFyf4bF2qQgIwI+ADGD4CVH2DDgzcRav4Z5kTkGd++yKR9h7I3WC6UwL7FnfmX6CFoh6ghBETTfDcOfVsK3AZ+kNOO1IlfLhtTAA="

JSON version

{
  "tx": {
    "txid": "b7f0dcd584bfe6d747348fac4b29c3ea7929e9abbaaf82e606bb3b0cc905f7b5",
    "hash": "b7f0dcd584bfe6d747348fac4b29c3ea7929e9abbaaf82e606bb3b0cc905f7b5",
    "version": 2,
    "size": 137,
    "vsize": 137,
    "weight": 548,
    "locktime": 0,
    "vin": [
      {
        "txid": "923d56cbc2de25934fd4bf1297d52efd2155ce4724cda59d17066395b3152e2f",
        "vout": 0,
        "scriptSig": {
          "asm": "",
          "hex": ""
        },
        "sequence": 4294967293
      }
    ],
    "vout": [
      {
        "value": 0.01000000,
        "n": 0,
        "scriptPubKey": {
          "asm": "1 7ab39bfa1828adfe3d621eef5397d78fc359e5dc0fc4bf700daaf16a5860eaf0",
          "desc": "rawtr(7ab39bfa1828adfe3d621eef5397d78fc359e5dc0fc4bf700daaf16a5860eaf0)#vcg5x0q8",
          "hex": "51207ab39bfa1828adfe3d621eef5397d78fc359e5dc0fc4bf700daaf16a5860eaf0",
          "address": "tb1p02eeh7sc9zklu0tzrmh4897h3lp4newuplzt7uqd4tck5krqatcqlsynf9",
          "type": "witness_v1_taproot"
        }
      },
      {
        "value": 0.08999843,
        "n": 1,
        "scriptPubKey": {
          "asm": "1 c0358fcb50c2d2515e8eb9c1d221c0679216e899c1b21a9c326b3ed7230f43e8",
          "desc": "rawtr(c0358fcb50c2d2515e8eb9c1d221c0679216e899c1b21a9c326b3ed7230f43e8)#f2u3lqel",
          "hex": "5120c0358fcb50c2d2515e8eb9c1d221c0679216e899c1b21a9c326b3ed7230f43e8",
          "address": "tb1pcq6clj6sctf9zh5wh8qaygwqv7fpd6yecxep48pjdvldwgc0g05qt8t7uv",
          "type": "witness_v1_taproot"
        }
      }
    ]
  },
  "global_xpubs": [],
  "psbt_version": 0,
  "proprietary": [],
  "unknown": {},
  "inputs": [
    {
      "witness_utxo": {
        "amount": 0.10000000,
        "scriptPubKey": {
          "asm": "1 5d45a2c860335573a6aea53c1aec43b7d3e09a0de48e09d7ee6400976c214a2f",
          "desc": "rawtr(5d45a2c860335573a6aea53c1aec43b7d3e09a0de48e09d7ee6400976c214a2f)#7v9nexl5",
          "hex": "51205d45a2c860335573a6aea53c1aec43b7d3e09a0de48e09d7ee6400976c214a2f",
          "address": "tb1pt4z69jrqxd2h8f4w557p4mzrklf7pxsduj8qn4lwvsqfwmppfghsd96mfp",
          "type": "witness_v1_taproot"
        }
      },
      "taproot_script_path_sigs": [
        {
          "pubkey": "4e31d9b11b7b4f2d6e15e61e3c28af16b49717d65c6125dc4e9a9055edabb5cd",
          "leaf_hash": "f2021aa8fec2716ac175829bb9980728de0cb34d41e03a6a3a203230a4be3a49",
          "sig": "6cd6960214f1d8b9346c565afb872dfad9741a77df1ce5273d58dd4d76da3a4b11dd764d39e5f3929e0c75efadab683b28a1a7abe7489cbdbbfc0457419b4618"
        }
      ],
      "taproot_scripts": [
        {
          "script": "204e31d9b11b7b4f2d6e15e61e3c28af16b49717d65c6125dc4e9a9055edabb5cdad02b001b2",
          "leaf_ver": 192,
          "control_blocks": [
            "c172dd23178760795328e05681e9467099f95dcd5a25bcac459f07966d4a6cb4f58d15f0d9f8de643826d46088692b5f51e291c1065ee1439d4f79c9786900eec6"
          ]
        },
        {
          "script": "20c5220152be3dba912152e4389d4e5a3cd583aa3a0e08aa58c13ffb5a61352795ad029000b2",
          "leaf_ver": 192,
          "control_blocks": [
            "c172dd23178760795328e05681e9467099f95dcd5a25bcac459f07966d4a6cb4f5f2021aa8fec2716ac175829bb9980728de0cb34d41e03a6a3a203230a4be3a49"
          ]
        }
      ],
      "taproot_bip32_derivs": [
        {
          "pubkey": "3023e003183e02547d830e0cdc45abf867991390677efb2291f61ec8dd60ba53",
          "master_fingerprint": "c5f97abd",
          "path": "m/87h/1h/0h",
          "leaf_hashes": [
            "8d15f0d9f8de643826d46088692b5f51e291c1065ee1439d4f79c9786900eec6",
            "f2021aa8fec2716ac175829bb9980728de0cb34d41e03a6a3a203230a4be3a49"
          ]
        },
        {
          "pubkey": "4e31d9b11b7b4f2d6e15e61e3c28af16b49717d65c6125dc4e9a9055edabb5cd",
          "master_fingerprint": "2562bd2d",
          "path": "m/44h/1h/0h/0/0",
          "leaf_hashes": [
            "f2021aa8fec2716ac175829bb9980728de0cb34d41e03a6a3a203230a4be3a49"
          ]
        },
        {
          "pubkey": "72dd23178760795328e05681e9467099f95dcd5a25bcac459f07966d4a6cb4f5",
          "master_fingerprint": "77bbebf3",
          "path": "m/0/0",
          "leaf_hashes": []
        },
        {
          "pubkey": "c5220152be3dba912152e4389d4e5a3cd583aa3a0e08aa58c13ffb5a61352795",
          "master_fingerprint": "c5f97abd",
          "path": "m/87h/1h/0h/0/0",
          "leaf_hashes": [
            "8d15f0d9f8de643826d46088692b5f51e291c1065ee1439d4f79c9786900eec6"
          ]
        },
        {
          "pubkey": "fb1677e65fa085a21ea08411134df0dc39f56c2b7019fa434e3b52257cb86d4c",
          "master_fingerprint": "2562bd2d",
          "path": "m/44h/1h/0h",
          "leaf_hashes": [
            "8d15f0d9f8de643826d46088692b5f51e291c1065ee1439d4f79c9786900eec6",
            "f2021aa8fec2716ac175829bb9980728de0cb34d41e03a6a3a203230a4be3a49"
          ]
        }
      ],
      "taproot_internal_key": "72dd23178760795328e05681e9467099f95dcd5a25bcac459f07966d4a6cb4f5",
      "taproot_merkle_root": "456ec08840681076ab84f8e0d91b547ed17d6894783579ef3b1d83e3e317aa43",
      "musig2_participant_pubkeys": [
        {
          "aggregate_pubkey": "03bc1058cda650bdc5203398497df4b4959da7a9b320f099cdfa731727f86c5daa",
          "participant_pubkeys": [
            "023023e003183e02547d830e0cdc45abf867991390677efb2291f61ec8dd60ba53",
            "02fb1677e65fa085a21ea08411134df0dc39f56c2b7019fa434e3b52257cb86d4c"
          ]
        }
      ]
    }
  ],
  "outputs": [
    {},
    {
      "taproot_internal_key": "bdeb3eb238eb92a84e23e8324aa0745aa997e44bf06536d47756daea1122e5ca",
      "taproot_tree": [
        {
          "depth": 1,
          "leaf_ver": 192,
          "script": "20cb069184b7c97afdb17504166e5a262925957de0fd9cc29732a12622fb34fd62ad02b001b2"
        },
        {
          "depth": 1,
          "leaf_ver": 192,
          "script": "2022e5cd3451eeee04759013f70e3fdbbbe8eb48e67247c1471af813e56044a2a2ad029000b2"
        }
      ],
      "taproot_bip32_derivs": [
        {
          "pubkey": "22e5cd3451eeee04759013f70e3fdbbbe8eb48e67247c1471af813e56044a2a2",
          "master_fingerprint": "c5f97abd",
          "path": "m/87h/1h/0h/1/0",
          "leaf_hashes": [
            "b82c82fb173f01c349663fa469d593a61616495dea485b824de1ba2af18e74fb"
          ]
        },
        {
          "pubkey": "3023e003183e02547d830e0cdc45abf867991390677efb2291f61ec8dd60ba53",
          "master_fingerprint": "c5f97abd",
          "path": "m/87h/1h/0h",
          "leaf_hashes": [
            "b82c82fb173f01c349663fa469d593a61616495dea485b824de1ba2af18e74fb",
            "db2ea377bacf76b8490af356b252e33aa87908de7d03610acff718cf182699d7"
          ]
        },
        {
          "pubkey": "bdeb3eb238eb92a84e23e8324aa0745aa997e44bf06536d47756daea1122e5ca",
          "master_fingerprint": "77bbebf3",
          "path": "m/1/0",
          "leaf_hashes": []
        },
        {
          "pubkey": "cb069184b7c97afdb17504166e5a262925957de0fd9cc29732a12622fb34fd62",
          "master_fingerprint": "2562bd2d",
          "path": "m/44h/1h/0h/1/0",
          "leaf_hashes": [
            "db2ea377bacf76b8490af356b252e33aa87908de7d03610acff718cf182699d7"
          ]
        },
        {
          "pubkey": "fb1677e65fa085a21ea08411134df0dc39f56c2b7019fa434e3b52257cb86d4c",
          "master_fingerprint": "2562bd2d",
          "path": "m/44h/1h/0h",
          "leaf_hashes": [
            "b82c82fb173f01c349663fa469d593a61616495dea485b824de1ba2af18e74fb",
            "db2ea377bacf76b8490af356b252e33aa87908de7d03610acff718cf182699d7"
          ]
        }
      ],
      "musig2_participant_pubkeys": [
        {
          "aggregate_pubkey": "03bc1058cda650bdc5203398497df4b4959da7a9b320f099cdfa731727f86c5daa",
          "participant_pubkeys": [
            "023023e003183e02547d830e0cdc45abf867991390677efb2291f61ec8dd60ba53",
            "02fb1677e65fa085a21ea08411134df0dc39f56c2b7019fa434e3b52257cb86d4c"
          ]
        }
      ]
    }
  ],
  "fee": 0.00000157
}

This doesn't contain a public nonce (which would require a processpsbt call).

I hardcoded that as psbt_base64 into moosig.py.

And then try to get the public nonce:

signer_1 = LedgerMusig2Cosigner(client, wallet_policy, wallet_hmac)
print("🐮 Signing time!")

print("\n🐮 Requesting pubnonce (Round 1)")
signer_1.generate_public_nonces(psbt)

The device then prompts me to approve the transaction. It recognized the policy. My understanding is that this prompt is for signing the script path, since the keypath public nonce commitment should be silent.

But it crashes, after the last approval step (fees) and after confirming "sign transaction":

🐮 Requesting pubnonce (Round 1)
Traceback (most recent call last):
  File "/Users/sjors/dev/moosig/moosig.py", line 103, in <module>
    main(client)
  File "/Users/sjors/dev/moosig/moosig.py", line 84, in main
    signer_1.generate_public_nonces(psbt)
  File "/Users/sjors/dev/moosig/utils/musig2.py", line 812, in generate_public_nonces
    res = self.client.sign_psbt(psbt, self.wallet_policy, self.wallet_hmac)
  File "/Users/sjors/dev/moosig/venv/lib/python3.10/site-packages/ledger_bitcoin/client.py", line 330, in sign_psbt
    raise DeviceException(error_code=sw, ins=BitcoinInsType.SIGN_PSBT)
ledger_bitcoin.exception.errors.IncorrectDataError: ('0x6a80', 'Error in <BitcoinInsType.SIGN_PSBT: 4> command', '')

The same descriptor and policy with the script path fallbacks works fine (once I learned that the PSBT needs to contain either no public nonces or all of them). So my guess is that the combination trips it up.

I haven't tried a unilateral spend from the Bitcoin Core side yet since it's not spendable yet (the ledger side should be now), so there's also the possibility that it's just not spendable if my manual miniscript skills failed me.