fix(dsl): handle invalid RelLockTime without panicking

The `descriptor!` DSL previously used `.expect("valid \`RelLockTime\`")` when converting an integer into `miniscript::RelLockTime`, causing a panic
for out-of-range values (e.g. values with the high bit set).

This change matches on `RelLockTime::from_consensus(...)` and returns `DescriptorError::RelLockTime(...)` for invalid values, so callers can
handle errors cleanly instead of crashing.

Includes new tests verifying valid/invalid values and ensuring the macro no longer panics.

Ran cargo fmt and cargo clippy, and just p

Author: AmosOO7

src/descriptor/dsl.rs

@@ -724,7 +724,10 @@ macro_rules! fragment {
         $crate::impl_leaf_opcode_value!(After, $crate::miniscript::AbsLockTime::from_consensus($value).expect("valid `AbsLockTime`"))
     });
     ( older ( $value:expr ) ) => ({
-        $crate::impl_leaf_opcode_value!(Older, $crate::miniscript::RelLockTime::from_consensus($value).expect("valid `RelLockTime`")) // TODO!!
+        match $crate::miniscript::RelLockTime::from_consensus($value) {
+            Ok(lock_time) => $crate::impl_leaf_opcode_value!(Older, lock_time),
+            Err(e) => Err($crate::descriptor::DescriptorError::RelLockTime(e)),
+        }
     });
     ( sha256 ( $hash:expr ) ) => ({
         $crate::impl_leaf_opcode_value!(Sha256, $hash)

src/descriptor/error.rs

@@ -44,6 +44,8 @@ pub enum Error {
     Hex(bitcoin::hex::HexToBytesError),
     /// The provided wallet descriptors are identical
     ExternalAndInternalAreTheSame,
+    /// RelLockTime validation error
+    RelLockTime(miniscript::RelLockTimeError),
 }
 
 impl From<crate::keys::KeyError> for Error {
@@ -84,11 +86,13 @@ impl fmt::Display for Error {
             Self::ExternalAndInternalAreTheSame => {
                 write!(f, "External and internal descriptors are the same")
             }
+            Self::RelLockTime(err) => write!(f, "RelLockTime error: {err}"),
         }
     }
 }
 
-impl core::error::Error for Error {}
+#[cfg(feature = "std")]
+impl std::error::Error for Error {}
 
 impl From<bitcoin::bip32::Error> for Error {
     fn from(err: bitcoin::bip32::Error) -> Self {
@@ -125,3 +129,9 @@ impl From<crate::descriptor::policy::PolicyError> for Error {
         Error::Policy(err)
     }
 }
+
+impl From<miniscript::RelLockTimeError> for Error {
+    fn from(err: miniscript::RelLockTimeError) -> Self {
+        Error::RelLockTime(err)
+    }
+}

tests/test_rellocktime_issue.rs

@@ -0,0 +1,85 @@
+/// Test to demonstrate the RelLockTime issue in dsl.rs
+///
+/// The issue: older() macro uses .expect() on RelLockTime::from_consensus(),
+/// which can panic if given an invalid value (> 16,777,215).
+///
+/// This file shows the problem and how to catch it.
+use bdk_wallet::descriptor;
+
+#[test]
+fn test_older_with_invalid_rellocktime_too_large() {
+    // Value with high bit set causes RelLockTime::from_consensus() to fail
+    let invalid_value = 0x80000000; // 2147483648
+
+    // This should now return an error instead of panicking
+    let result = descriptor!(wsh(older(invalid_value)));
+    assert!(
+        result.is_err(),
+        "Invalid RelLockTime {} should return an error",
+        invalid_value
+    );
+
+    // Check that it's the right kind of error
+    if let Err(descriptor::DescriptorError::RelLockTime(_)) = result {
+        // Good, it's the expected error type
+    } else {
+        panic!("Expected RelLockTime error, got {:?}", result);
+    }
+}
+
+#[test]
+fn test_older_with_valid_rellocktime_max() {
+    // Max valid value is 16,777,215 (0xFFFFFF)
+    let max_valid_value = 16_777_215;
+    let result = descriptor!(wsh(older(max_valid_value)));
+    assert!(result.is_ok(), "Max valid RelLockTime should work");
+}
+
+#[test]
+fn test_older_with_valid_rellocktime_min() {
+    // Min valid value is 1 (0 is not valid for RelLockTime)
+    let min_value = 1;
+
+    let result = descriptor!(wsh(older(min_value)));
+    assert!(result.is_ok(), "Min valid RelLockTime should work");
+}
+
+#[test]
+fn test_older_with_valid_common_values() {
+    // Common usage: blocks or seconds
+    let test_cases = vec![
+        1,         // 1 block/second
+        144,       // ~1 day in blocks
+        1000,      // Common value
+        65535,     // Max 16-bit value (common for CSV)
+        4_209_713, // Valid but large
+    ];
+
+    for value in test_cases {
+        let result = descriptor!(wsh(older(value)));
+        assert!(result.is_ok(), "Valid RelLockTime {} should work", value);
+    }
+}
+
+// Alternative: Show how proper error handling should look
+#[test]
+fn test_demonstrate_proper_error_handling() {
+    // This is what the fix should look like - proper Result handling
+    // instead of .expect() which panics
+
+    use miniscript::RelLockTime;
+
+    // Valid case
+    match RelLockTime::from_consensus(144) {
+        Ok(lock_time) => println!("Valid: {:?}", lock_time),
+        Err(e) => println!("Invalid: {}", e),
+    }
+
+    // Invalid case - properly handled
+    match RelLockTime::from_consensus(16_777_216) {
+        Ok(lock_time) => println!("Valid: {:?}", lock_time),
+        Err(e) => {
+            println!("Invalid RelLockTime value: {}", e);
+        }
+    }
+}