bitcoinrb 0.3.2 → 0.8.0

data/lib/bitcoin/chainparams/regtest.yml

@@ -9,7 +9,7 @@ privkey_version: "ef"
 extended_privkey_version: "04358394"
 extended_pubkey_version: "043587cf"
 bip49_pubkey_p2wpkh_p2sh_version: "044a5262"
-bip49_pubkey_p2wsh_p2sh_version: "024285ef"
+bip49_pubkey_p2wsh_p2sh_version: "024289ef"
 bip49_privkey_p2wpkh_p2sh_version: "044a4e28"
 bip49_privkey_p2wsh_p2sh_version: "024285b5"
 bip84_pubkey_p2wpkh_version: "045f1cf6"

data/lib/bitcoin/chainparams/signet.yml

@@ -0,0 +1,39 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "signet"
+magic_head: "0a03cf40"
+message_magic: "Bitcoin Signed Message:\n"
+address_version: "6f"
+p2sh_version: "c4"
+bech32_hrp: 'tb'
+privkey_version: "ef"
+extended_privkey_version: "04358394"
+extended_pubkey_version: "043587cf"
+bip49_pubkey_p2wpkh_p2sh_version: "044a5262"
+bip49_pubkey_p2wsh_p2sh_version: "024289ef"
+bip49_privkey_p2wpkh_p2sh_version: "044a4e28"
+bip49_privkey_p2wsh_p2sh_version: "024285b5"
+bip84_pubkey_p2wpkh_version: "045f1cf6"
+bip84_pubkey_p2wsh_version: "02575483"
+bip84_privkey_p2wpkh_version: "045f18bc"
+bip84_privkey_p2wsh_version: "02575048"
+default_port: 38333
+protocol_version: 70013
+retarget_interval: 2016
+retarget_time: 1209600 # 2 weeks
+target_spacing: 600 # block interval
+max_money: 21000000
+bip34_height: 227931
+genesis_hash: "00000008819873e925422c1ff0f99f7cc9bbb232af63a077a480a3633bee1ef6"
+proof_of_work_limit: 0x1d00ffff
+dns_seeds:
+  - "178.128.221.177"
+  - "2a01:7c8:d005:390::5"
+genesis:
+  hash: "00000008819873e925422c1ff0f99f7cc9bbb232af63a077a480a3633bee1ef6"
+  merkle_root: "4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"
+  time: 1598918400
+  nonce: 52613770
+  bits: 0x1e0377ae
+  version: 1
+  prev_hash: "0000000000000000000000000000000000000000000000000000000000000000"
+bip44_coin_type: 1

data/lib/bitcoin/chainparams/testnet.yml

@@ -9,7 +9,7 @@ privkey_version: "ef"
 extended_privkey_version: "04358394"
 extended_pubkey_version: "043587cf"
 bip49_pubkey_p2wpkh_p2sh_version: "044a5262"
-bip49_pubkey_p2wsh_p2sh_version: "024285ef"
+bip49_pubkey_p2wsh_p2sh_version: "024289ef"
 bip49_privkey_p2wpkh_p2sh_version: "044a4e28"
 bip49_privkey_p2wsh_p2sh_version: "024285b5"
 bip84_pubkey_p2wpkh_version: "045f1cf6"

data/lib/bitcoin/constants.rb

@@ -44,6 +44,11 @@ module Bitcoin
   SCRIPT_VERIFY_NULLFAIL = (1 << 14) # Signature(s) must be empty vector if an CHECK(MULTI)SIG operation failed
   SCRIPT_VERIFY_WITNESS_PUBKEYTYPE = (1 << 15) # Public keys in segregated witness scripts must be compressed
   SCRIPT_VERIFY_CONST_SCRIPTCODE = (1 << 16) # Making OP_CODESEPARATOR and FindAndDelete fail any non-segwit scripts
+  SCRIPT_VERIFY_TAPROOT = (1 << 17) # Taproot/Tapscript validation (BIPs 341 & 342)
+  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION = (1 << 18) # Making unknown Taproot leaf versions non-standard
+  SCRIPT_VERIFY_DISCOURAGE_UNKNOWN_ANNEX = (1 << 19) # Making the use of (unknown) annexes non-standard (currently no annexes are known)
+  SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS = (1 << 20) # Making unknown OP_SUCCESS non-standard
+  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE = (1 << 21) # Making unknown public key versions (in BIP 342 scripts) non-standard
 
   MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH
 
@@ -68,7 +73,8 @@ module Bitcoin
   # for script
 
   # witness version
-  WITNESS_VERSION = 0x00
+  WITNESS_VERSION_V0 = 0x00
+  WITNESS_VERSION_V1 = Bitcoin::Opcodes::OP_1
 
   # Maximum script length in bytes
   MAX_SCRIPT_SIZE = 10000
@@ -88,15 +94,19 @@ module Bitcoin
   # Threshold for nLockTime: below this value it is interpreted as block number, otherwise as UNIX timestamp.
   LOCKTIME_THRESHOLD = 500000000
 
-  # Signature hash types/flags
-  SIGHASH_TYPE = { all: 1, none: 2, single: 3, anyonecanpay: 128 }
+  # Tag for input annex. If there are at least two witness elements for a transaction input,
+  # and the first byte of the last element is 0x50, this last element is called annex, and
+  # has meanings independent of the script
+  ANNEX_TAG = 0x50
+
+  # Validation weight per passing signature (Tapscript only, see BIP 342).
+  VALIDATION_WEIGHT_PER_SIGOP_PASSED = 50
 
-  # SIGHASH_FORK_ID for replay protection of the fork coin
-  SIGHASH_FORK_ID = 0x40
+  # How much weight budget is added to the witness size (Tapscript only, see BIP 342).
+  VALIDATION_WEIGHT_OFFSET = 50
 
-  # fork coin id.
-  FORK_ID_CASH = 0
-  FORK_ID_GOLD = 79
+  # Signature hash types/flags
+  SIGHASH_TYPE = { all: 0x01, none: 0x02, single: 0x3, anyonecanpay: 0x80 , default: 0}
 
   # Maximum number length in bytes
   DEFAULT_MAX_NUM_SIZE = 4
@@ -104,8 +114,6 @@ module Bitcoin
   # 80 bytes of data, +1 for OP_RETURN, +2 for the pushdata opcodes.
   MAX_OP_RETURN_RELAY = 83
 
-  SIG_VERSION = [:base, :witness_v0]
-
   # for script error
   SCRIPT_ERR_OK = 0
   SCRIPT_ERR_UNKNOWN_ERROR = 1
@@ -153,6 +161,10 @@ module Bitcoin
   # softfork safeness
   SCRIPT_ERR_DISCOURAGE_UPGRADABLE_NOPS = 60
   SCRIPT_ERR_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM = 61
+  SCRIPT_ERR_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION = 62
+  SCRIPT_ERR_DISCOURAGE_UNKNOWN_ANNEX = 63
+  SCRIPT_ERR_DISCOURAGE_OP_SUCCESS = 64
+  SCRIPT_ERR_DISCOURAGE_UPGRADABLE_PUBKEYTYPE = 65
 
   # segregated witness
   SCRIPT_ERR_WITNESS_PROGRAM_WRONG_LENGTH = 70
@@ -169,6 +181,15 @@ module Bitcoin
 
   SCRIPT_ERR_ERROR_COUNT = 80
 
+  # Taproot
+  SCRIPT_ERR_SCHNORR_SIG_SIZE = 90
+  SCRIPT_ERR_SCHNORR_SIG_HASHTYPE = 91
+  SCRIPT_ERR_SCHNORR_SIG = 92
+  SCRIPT_ERR_TAPROOT_WRONG_CONTROL_SIZE = 93
+  SCRIPT_ERR_TAPSCRIPT_VALIDATION_WEIGHT = 94
+  SCRIPT_ERR_TAPSCRIPT_CHECKMULTISIG = 95
+  SCRIPT_ERR_TAPSCRIPT_MINIMALIF = 96
+
   ERRCODES_MAP = Hash[*constants.grep(/^SCRIPT_ERR_/).map { |c| [const_get(c), c.to_s] }.flatten]
   NAME_MAP = Hash[*constants.grep(/^SCRIPT_ERR_/).map { |c| [c.to_s, const_get(c)] }.flatten]
 
@@ -192,4 +213,17 @@ module Bitcoin
   BIP32_EXTKEY_WITH_VERSION_SIZE = 78
 
   HARDENED_THRESHOLD = 2147483648 # 2**31
+
+  # Signature hash sizes
+  WITNESS_V0_SCRIPTHASH_SIZE = 32
+  WITNESS_V0_KEYHASH_SIZE = 20
+  WITNESS_V1_TAPROOT_SIZE = 32
+
+  TAPROOT_LEAF_MASK = 0xfe
+  TAPROOT_LEAF_TAPSCRIPT = 0xc0
+  TAPROOT_CONTROL_BASE_SIZE = 33
+  TAPROOT_CONTROL_NODE_SIZE = 32
+  TAPROOT_CONTROL_MAX_NODE_COUNT = 128
+  TAPROOT_CONTROL_MAX_SIZE = TAPROOT_CONTROL_BASE_SIZE + TAPROOT_CONTROL_NODE_SIZE * TAPROOT_CONTROL_MAX_NODE_COUNT
+
 end

data/lib/bitcoin/descriptor.rb

@@ -116,7 +116,7 @@ module Bitcoin
         end
       end
       key = key.is_a?(Bitcoin::Key) ? key : key.key
-      raise ArgumentError, 'Invalid pubkey.' unless key.fully_valid_pubkey?
+      raise ArgumentError, Errors::Messages::INVALID_PUBLIC_KEY unless key.fully_valid_pubkey?
       key.pubkey
     end
 

data/lib/bitcoin/errors.rb

@@ -0,0 +1,19 @@
+module Bitcoin
+  module Errors
+
+    module Messages
+
+      INVALID_PUBLIC_KEY = 'Invalid public key.'
+      INVALID_BIP32_PRIV_PREFIX = 'Invalid BIP32 private key prefix. prefix must be 0x00.'
+      INVALID_BIP32_FINGERPRINT = 'Invalid parent fingerprint.'
+      INVALID_BIP32_ZERO_INDEX = 'Invalid index. Depth 0 must have 0 index.'
+      INVALID_BIP32_ZERO_DEPTH = 'Invalid depth. Master key must have 0 depth.'
+      INVALID_BIP32_VERSION = 'An unsupported version byte was specified.'
+
+      INVALID_PRIV_KEY = 'Private key is not in range [1..n-1].'
+      INVALID_CHECKSUM = 'Invalid checksum.'
+
+    end
+
+  end
+end

data/lib/bitcoin/ext.rb

@@ -0,0 +1,6 @@
+module Bitcoin
+  module Ext
+    autoload :JsonParser, 'bitcoin/ext/json_parser'
+    autoload :ArrayExt, 'bitcoin/ext/array_ext'
+  end
+end

data/lib/bitcoin/ext/array_ext.rb

@@ -0,0 +1,22 @@
+module Bitcoin
+  module Ext
+    module ArrayExt
+
+      refine Array do
+
+        # resize array content with +initial_value+.
+        # expect to behave like vec#resize in c++.
+        def resize!(new_size, initial_value = 0)
+          if size < new_size
+            (new_size - size).times{self.<< initial_value}
+          elsif size > new_size
+            (size - new_size).times{delete_at(-1)}
+          end
+          self
+        end
+
+      end
+
+    end
+  end
+end

data/lib/bitcoin/ext/ecdsa.rb

@@ -0,0 +1,36 @@
+class ::ECDSA::Signature
+  # convert signature to der string.
+  def to_der
+    ECDSA::Format::SignatureDerString.encode(self)
+  end
+
+  def ==(other)
+    return false unless other.is_a?(ECDSA::Signature)
+    r == other.r && s == other.s
+  end
+end
+
+class ::ECDSA::Point
+  def to_hex(compression = true)
+    ECDSA::Format::PointOctetString.encode(self, compression: compression).bth
+  end
+end
+
+module ::ECDSA::Format::PointOctetString
+
+  class << self
+    alias_method :base_decode, :decode
+  end
+
+  def self.decode(string, group, allow_hybrid: false)
+    string = string.dup.force_encoding('BINARY')
+    raise ECDSA::Format::DecodeError, 'Point octet string is empty.' if string.empty?
+    if [6, 7].include?(string[0].ord)
+      raise ECDSA::Format::DecodeError, 'Unrecognized start byte for point octet string: 0x%x' % string[0].ord unless allow_hybrid
+      decode_uncompressed string, group if allow_hybrid
+    else
+      base_decode(string, group)
+    end
+  end
+
+end

data/lib/bitcoin/ext/json_parser.rb

@@ -0,0 +1,46 @@
+require 'json/pure'
+
+module Bitcoin
+  module Ext
+    # Extension of JSON::Pure::Parser.
+    # This class convert Float value to String value.
+    class JsonParser < JSON::Pure::Parser
+
+      def parse_value
+        case
+        when scan(FLOAT)
+          self[1].to_s
+        when scan(INTEGER)
+          Integer(self[1])
+        when scan(TRUE)
+          true
+        when scan(FALSE)
+          false
+        when scan(NULL)
+          nil
+        when !UNPARSED.equal?(string = parse_string)
+          string
+        when scan(ARRAY_OPEN)
+          @current_nesting += 1
+          ary = parse_array
+          @current_nesting -= 1
+          ary
+        when scan(OBJECT_OPEN)
+          @current_nesting += 1
+          obj = parse_object
+          @current_nesting -= 1
+          obj
+        when @allow_nan && scan(NAN)
+          NaN
+        when @allow_nan && scan(INFINITY)
+          Infinity
+        when @allow_nan && scan(MINUS_INFINITY)
+          MinusInfinity
+        else
+          UNPARSED
+        end
+      end
+
+    end
+  end
+end

data/lib/bitcoin/ext_key.rb

@@ -6,6 +6,11 @@ module Bitcoin
   # BIP32 Extended private key
   class ExtKey
 
+    include Bitcoin::HexConverter
+
+    MAX_DEPTH = 255
+    MASTER_FINGERPRINT = '00000000'
+
     attr_accessor :ver
     attr_accessor :depth
     attr_accessor :number
@@ -18,7 +23,7 @@ module Bitcoin
     def self.generate_master(seed)
       ext_key = ExtKey.new
       ext_key.depth = ext_key.number = 0
-      ext_key.parent_fingerprint = '00000000'
+      ext_key.parent_fingerprint = MASTER_FINGERPRINT
       l = Bitcoin.hmac_sha512('Bitcoin seed', seed.htb)
       left = l[0..31].bth.to_i(16)
       raise 'invalid key' if left >= CURVE_ORDER || left == 0
@@ -47,9 +52,7 @@ module Bitcoin
 
     # Base58 encoded extended private key
     def to_base58
-      h = to_payload.bth
-      hex = h + Bitcoin.calc_checksum(h)
-      Base58.encode(hex)
+      ExtPubkey.encode_base58(to_hex)
     end
 
     # get private key(hex)
@@ -94,6 +97,7 @@ module Bitcoin
       number += Bitcoin::HARDENED_THRESHOLD if harden
       new_key = ExtKey.new
       new_key.depth = depth + 1
+      raise IndexError, 'Depth over 255.' if new_key.depth > MAX_DEPTH
       new_key.number = number
       new_key.parent_fingerprint = fingerprint
       if number > (Bitcoin::HARDENED_THRESHOLD - 1)
@@ -140,19 +144,24 @@ module Bitcoin
       buf = StringIO.new(payload)
       ext_key = ExtKey.new
       ext_key.ver = buf.read(4).bth # version
-      raise 'An unsupported version byte was specified.' unless ExtKey.support_version?(ext_key.ver)
-      ext_key.depth = buf.read(1).unpack('C').first
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_VERSION unless ExtKey.support_version?(ext_key.ver)
+      ext_key.depth = buf.read(1).unpack1('C')
       ext_key.parent_fingerprint = buf.read(4).bth
-      ext_key.number = buf.read(4).unpack('N').first
+      ext_key.number = buf.read(4).unpack1('N')
+      if ext_key.depth == 0
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_FINGERPRINT unless ext_key.parent_fingerprint == ExtKey::MASTER_FINGERPRINT
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_ZERO_INDEX if ext_key.number > 0
+      end
+      raise ArgumentError, Errors::Messages:: INVALID_BIP32_ZERO_DEPTH if ext_key.parent_fingerprint == ExtKey::MASTER_FINGERPRINT && ext_key.depth > 0
       ext_key.chain_code = buf.read(32)
-      buf.read(1) # 0x00
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_PRIV_PREFIX unless buf.read(1).bth == '00' # 0x00
       ext_key.key = Bitcoin::Key.new(priv_key: buf.read(32).bth, key_type: Bitcoin::Key::TYPES[:compressed])
       ext_key
     end
 
     # import private key from Base58 private key address
-    def self.from_base58(address)
-      ExtKey.parse_from_payload(Base58.decode(address).htb)
+    def self.from_base58(base58)
+      ExtKey.parse_from_payload(ExtPubkey.validate_base58(base58))
     end
 
     # get version bytes from purpose' value.
@@ -191,6 +200,8 @@ module Bitcoin
   # BIP-32 Extended public key
   class ExtPubkey
 
+    include Bitcoin::HexConverter
+
     attr_accessor :ver
     attr_accessor :depth
     attr_accessor :number
@@ -242,9 +253,14 @@ module Bitcoin
 
     # Base58 encoded extended pubkey
     def to_base58
-      h = to_payload.bth
-      hex = h + Bitcoin.calc_checksum(h)
-      Base58.encode(hex)
+      ExtPubkey.encode_base58(to_hex)
+    end
+
+    # Generate Base58 encoded key from BIP32 payload with hex format.
+    # @param [String] hex BIP32 payload with hex format.
+    # @return [String] Base58 encoded extended key.
+    def self.encode_base58(hex)
+      Base58.encode(hex + Bitcoin.calc_checksum(hex))
     end
 
     # whether hardened key.
@@ -256,6 +272,7 @@ module Bitcoin
     def derive(number)
       new_key = ExtPubkey.new
       new_key.depth = depth + 1
+      raise IndexError, 'Depth over 255.' if new_key.depth > Bitcoin::ExtKey::MAX_DEPTH
       new_key.number = number
       new_key.parent_fingerprint = fingerprint
       raise 'hardened key is not support' if number > (Bitcoin::HARDENED_THRESHOLD - 1)
@@ -263,9 +280,9 @@ module Bitcoin
       l = Bitcoin.hmac_sha512(chain_code, data)
       left = l[0..31].bth.to_i(16)
       raise 'invalid key' if left >= CURVE_ORDER
-      p1 = Bitcoin::Secp256k1::GROUP.generator.multiply_by_scalar(left)
+      p1 = Bitcoin::Key.new(priv_key: left.to_s(16), key_type: Bitcoin::Key::TYPES[:uncompressed]).to_point
       p2 = Bitcoin::Key.new(pubkey: pubkey, key_type: key_type).to_point
-      new_key.pubkey = ECDSA::Format::PointOctetString.encode(p1 + p2, compression: true).bth
+      new_key.pubkey = (p1 + p2).to_hex
       new_key.chain_code = l[32..-1]
       new_key.ver = version
       new_key
@@ -298,19 +315,33 @@ module Bitcoin
       buf = StringIO.new(payload)
       ext_pubkey = ExtPubkey.new
       ext_pubkey.ver = buf.read(4).bth # version
-      raise 'An unsupported version byte was specified.' unless ExtPubkey.support_version?(ext_pubkey.ver)
-      ext_pubkey.depth = buf.read(1).unpack('C').first
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_VERSION unless ExtPubkey.support_version?(ext_pubkey.ver)
+      ext_pubkey.depth = buf.read(1).unpack1('C')
       ext_pubkey.parent_fingerprint = buf.read(4).bth
-      ext_pubkey.number = buf.read(4).unpack('N').first
+      ext_pubkey.number = buf.read(4).unpack1('N')
+      if ext_pubkey.depth == 0
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_FINGERPRINT unless ext_pubkey.parent_fingerprint == ExtKey::MASTER_FINGERPRINT
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_ZERO_INDEX if ext_pubkey.number > 0
+      end
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_ZERO_DEPTH if ext_pubkey.parent_fingerprint == ExtKey::MASTER_FINGERPRINT && ext_pubkey.depth > 0
       ext_pubkey.chain_code = buf.read(32)
-      ext_pubkey.pubkey = buf.read(33).bth
+      ext_pubkey.pubkey = Bitcoin::Key.new(pubkey: buf.read(33).bth).pubkey
       ext_pubkey
     end
 
 
     # import pub key from Base58 private key address
     def self.from_base58(address)
-      ExtPubkey.parse_from_payload(Base58.decode(address).htb)
+      ExtPubkey.parse_from_payload(ExtPubkey.validate_base58(address))
+    end
+
+    # Validate address checksum and return payload.
+    # @param [String] BIP32 Base58 address
+    # @return [String] BIP32 payload with binary format
+    def self.validate_base58(address)
+      raw = Base58.decode(address)
+      raise ArgumentError, Errors::Messages::INVALID_CHECKSUM unless Bitcoin.calc_checksum(raw[0...-8]) == raw[-8..-1]
+      raw[0...-8].htb
     end
 
     # get version bytes from purpose' value.