bitcoinrb 0.3.2 → 0.8.0

data/lib/bitcoin/key.rb

@@ -10,6 +10,7 @@ module Bitcoin
     COMPRESSED_PUBLIC_KEY_SIZE = 33
     SIGNATURE_SIZE = 72
     COMPACT_SIGNATURE_SIZE = 65
+    COMPACT_SIG_HEADER_BYTE = 0x1b
 
     attr_accessor :priv_key
     attr_accessor :pubkey
@@ -28,7 +29,7 @@ module Bitcoin
     # @param [Integer] key_type a key type which determine address type.
     # @param [Boolean] compressed [Deprecated] whether public key is compressed.
     # @return [Bitcoin::Key] a key object.
-    def initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true)
+    def initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true, allow_hybrid: false)
       puts "[Warning] Use key_type parameter instead of compressed. compressed parameter removed in the future." if key_type.nil? && !compressed.nil? && pubkey.nil?
       if key_type
         @key_type = key_type
@@ -39,13 +40,14 @@ module Bitcoin
       @secp256k1_module =  Bitcoin.secp_impl
       @priv_key = priv_key
       if @priv_key
-        raise ArgumentError, 'private key is not on curve' unless validate_private_key_range(@priv_key)
+        raise ArgumentError, Errors::Messages::INVALID_PRIV_KEY unless validate_private_key_range(@priv_key)
       end
       if pubkey
         @pubkey = pubkey
       else
         @pubkey = generate_pubkey(priv_key, compressed: compressed) if priv_key
       end
+      raise ArgumentError, Errors::Messages::INVALID_PUBLIC_KEY unless fully_valid_pubkey?(allow_hybrid)
     end
 
     # generate key pair
@@ -63,9 +65,9 @@ module Bitcoin
       data = hex[2...-8].htb
       checksum = hex[-8..-1]
       raise ArgumentError, 'invalid version' unless version == Bitcoin.chain_params.privkey_version
-      raise ArgumentError, 'invalid checksum' unless Bitcoin.calc_checksum(version + data.bth) == checksum
+      raise ArgumentError, Errors::Messages::INVALID_CHECKSUM unless Bitcoin.calc_checksum(version + data.bth) == checksum
       key_len = data.bytesize
-      if key_len == COMPRESSED_PUBLIC_KEY_SIZE && data[-1].unpack('C').first == 1
+      if key_len == COMPRESSED_PUBLIC_KEY_SIZE && data[-1].unpack1('C') == 1
         key_type = TYPES[:compressed]
         data = data[0..-2]
       elsif key_len == 32
@@ -76,6 +78,23 @@ module Bitcoin
       new(priv_key: data.bth, key_type: key_type)
     end
 
+    # Generate from xonly public key.
+    # @param [String] xonly_pubkey xonly public key with hex format.
+    # @return [Bitcoin::Key] key object has public key.
+    def self.from_xonly_pubkey(xonly_pubkey)
+      raise ArgumentError, 'xonly_pubkey must be 32 bytes' unless xonly_pubkey.htb.bytesize == 32
+      Bitcoin::Key.new(pubkey: "02#{xonly_pubkey}", key_type: TYPES[:compressed])
+    end
+
+    # Generate from public key point.
+    # @param [ECDSA::Point] point Public key point.
+    # @param [Boolean] compressed whether compressed or not.
+    # @return [Bitcoin::Key]
+    def self.from_point(point, compressed: true)
+      pubkey = ECDSA::Format::PointOctetString.encode(point, compression: compressed).bth
+      Bitcoin::Key.new(pubkey: pubkey, key_type: TYPES[:compressed])
+    end
+
     # export private key with wif format
     def to_wif
       version = Bitcoin.chain_params.privkey_version
@@ -88,30 +107,69 @@ module Bitcoin
     # sign +data+ with private key
     # @param [String] data a data to be signed with binary format
     # @param [Boolean] low_r flag to apply low-R.
-    # @param [String] extra_entropy the extra entropy for rfc6979.
+    # @param [String] extra_entropy the extra entropy with binary format for rfc6979.
+    # @param [Symbol] algo signature algorithm. ecdsa(default) or schnorr.
     # @return [String] signature data with binary format
-    def sign(data, low_r = true, extra_entropy = nil)
-      sig = secp256k1_module.sign_data(data, priv_key, extra_entropy)
-      if low_r && !sig_has_low_r?(sig)
-        counter = 1
-        until sig_has_low_r?(sig)
-          extra_entropy = [counter].pack('I*').bth.ljust(64, '0').htb
-          sig = secp256k1_module.sign_data(data, priv_key, extra_entropy)
-          counter += 1
+    def sign(data, low_r = true, extra_entropy = nil, algo: :ecdsa)
+      case algo
+      when :ecdsa
+        sig = secp256k1_module.sign_data(data, priv_key, extra_entropy)
+        if low_r && !sig_has_low_r?(sig)
+          counter = 1
+          until sig_has_low_r?(sig)
+            extra_entropy = [counter].pack('I*').bth.ljust(64, '0').htb
+            sig = secp256k1_module.sign_data(data, priv_key, extra_entropy)
+            counter += 1
+          end
         end
+        sig
+      when :schnorr
+        secp256k1_module.sign_data(data, priv_key, extra_entropy, algo: :schnorr)
+      else
+        raise ArgumentError "Unsupported algo specified: #{algo}"
       end
-      sig
+    end
+
+    # Sign compact signature.
+    # @param [String] data message digest to be signed.
+    # @return [String] compact signature with binary format.
+    def sign_compact(data)
+      signature, rec = secp256k1_module.sign_compact(data, priv_key)
+      rec = Bitcoin::Key::COMPACT_SIG_HEADER_BYTE + rec + (compressed? ? 4 : 0)
+      [rec].pack('C') + ECDSA::Format::IntegerOctetString.encode(signature.r, 32) +
+        ECDSA::Format::IntegerOctetString.encode(signature.s, 32)
+    end
+
+    # Recover public key from compact signature.
+    # @param [String] data message digest using signature.
+    # @param [String] signature signature with binary format.
+    # @return [Bitcoin::Key] Recovered public key.
+    def self.recover_compact(data, signature)
+      rec_id = signature.unpack1('C')
+      rec = rec_id - Bitcoin::Key::COMPACT_SIG_HEADER_BYTE
+      raise ArgumentError, 'Invalid signature parameter' if rec < 0 || rec > 15
+      rec = rec & 3
+      compressed = (rec_id - Bitcoin::Key::COMPACT_SIG_HEADER_BYTE) & 4 != 0
+      Bitcoin.secp_impl.recover_compact(data, signature, rec, compressed)
     end
 
     # verify signature using public key
     # @param [String] sig signature data with binary format
-    # @param [String] origin original message
+    # @param [String] data original message
+    # @param [Symbol] algo signature algorithm. ecdsa(default) or schnorr.
     # @return [Boolean] verify result
-    def verify(sig, origin)
+    def verify(sig, data, algo: :ecdsa)
       return false unless valid_pubkey?
       begin
-        sig = ecdsa_signature_parse_der_lax(sig)
-        secp256k1_module.verify_sig(origin, sig, pubkey)
+        case algo
+        when :ecdsa
+          sig = ecdsa_signature_parse_der_lax(sig)
+          secp256k1_module.verify_sig(data, sig, pubkey)
+        when :schnorr
+          secp256k1_module.verify_sig(data, sig, xonly_pubkey, algo: :schnorr)
+        else
+          false
+        end
       rescue Exception
         false
       end
@@ -125,19 +183,19 @@ module Bitcoin
     # get pay to pubkey hash address
     # @deprecated
     def to_p2pkh
-      Bitcoin::Script.to_p2pkh(hash160).addresses.first
+      Bitcoin::Script.to_p2pkh(hash160).to_addr
     end
 
     # get pay to witness pubkey hash address
     # @deprecated
     def to_p2wpkh
-      Bitcoin::Script.to_p2wpkh(hash160).addresses.first
+      Bitcoin::Script.to_p2wpkh(hash160).to_addr
     end
 
     # get p2wpkh address nested in p2sh.
     # @deprecated
     def to_nested_p2wpkh
-      Bitcoin::Script.to_p2wpkh(hash160).to_p2sh.addresses.first
+      Bitcoin::Script.to_p2wpkh(hash160).to_p2sh.to_addr
     end
 
     def compressed?
@@ -148,10 +206,17 @@ module Bitcoin
     # @return [ECDSA::Point]
     def to_point
       p = pubkey
-      p ||= generate_pubkey(priv_key, compressed: compressed)
+      p ||= generate_pubkey(priv_key, compressed: compressed?)
       ECDSA::Format::PointOctetString.decode(p.htb, Bitcoin::Secp256k1::GROUP)
     end
 
+    # get xonly public key (32 bytes).
+    # @return [String] xonly public key with hex format
+    def xonly_pubkey
+      puts "Derive a public key whose y-coordinate is different from this public key." if compressed? && pubkey[0...2] != '02'
+      pubkey[2..65]
+    end
+
     # check +pubkey+ (hex) is compress or uncompress pubkey.
     def self.compress_or_uncompress_pubkey?(pubkey)
       p = pubkey.htb
@@ -225,14 +290,8 @@ module Bitcoin
     end
 
     # fully validate whether this is a valid public key (more expensive than IsValid())
-    def fully_valid_pubkey?
-      return false unless valid_pubkey?
-      begin
-        point = ECDSA::Format::PointOctetString.decode(pubkey.htb, ECDSA::Group::Secp256k1)
-        ECDSA::Group::Secp256k1.valid_public_key?(point)
-      rescue ECDSA::Format::DecodeError
-        false
-      end
+    def fully_valid_pubkey?(allow_hybrid = false)
+      valid_pubkey? && secp256k1_module.parse_ec_pubkey?(pubkey, allow_hybrid)
     end
 
     private

data/lib/bitcoin/key_path.rb

@@ -4,14 +4,21 @@ module Bitcoin
     # key path convert an array of derive number
     # @param [String] path_string
     # @return [Array[Integer]] key path numbers.
+    # @raise [ArgumentError] if invalid +path_string+.
     def parse_key_path(path_string)
-      path_string.split('/').map.with_index do|p, index|
+      paths = path_string.split('/')
+      raise ArgumentError, "Invalid path." if path_string.include?(" ")
+      raise ArgumentError, "Invalid path." unless path_string.count("/") <= paths.size
+      paths.map.with_index do|p, index|
         if index == 0
-          raise ArgumentError.new("#{path_string} is invalid format.") unless p == 'm'
-          next
+          next if p == 'm'
+          raise ArgumentError, "Invalid path." unless p == 'm'
         end
-        raise ArgumentError.new("#{path_string} is invalid format.") unless p.delete("'") =~ /^[0-9]+$/
-        (p[-1] == "'" ? p.delete("'").to_i + Bitcoin::HARDENED_THRESHOLD : p.to_i)
+        raise ArgumentError, "Invalid path." if p.count("'") > 1 || (p.count("'") == 1 && p[-1] != "'")
+        raise ArgumentError, "Invalid path." unless p.delete("'") =~ /^[0-9]+$/
+        value = (p[-1] == "'" ? p.delete("'").to_i + Bitcoin::HARDENED_THRESHOLD : p.to_i)
+        raise ArgumentError, "Invalid path." if value > 4294967295 # 4294967295 = 0xFFFFFFFF (uint32 max)
+        value
       end[1..-1]
     end
 

data/lib/bitcoin/message.rb

@@ -1,6 +1,8 @@
 module Bitcoin
   module Message
 
+    class Error < StandardError; end
+
     autoload :Base, 'bitcoin/message/base'
     autoload :Inventory, 'bitcoin/message/inventory'
     autoload :InventoriesParser, 'bitcoin/message/inventories_parser'
@@ -37,6 +39,15 @@ module Bitcoin
     autoload :BlockTransactionRequest, 'bitcoin/message/block_transaction_request'
     autoload :BlockTxn, 'bitcoin/message/block_txn'
     autoload :BlockTransactions, 'bitcoin/message/block_transactions'
+    autoload :GetCFilters, 'bitcoin/message/get_cfilters'
+    autoload :GetCFHeaders, 'bitcoin/message/get_cfheaders'
+    autoload :CFParser, 'bitcoin/message/cf_parser'
+    autoload :GetCFCheckpt, 'bitcoin/message/get_cfcheckpt'
+    autoload :CFCheckpt, 'bitcoin/message/cfcheckpt'
+    autoload :CFilter, 'bitcoin/message/cfilter'
+    autoload :CFHeaders, 'bitcoin/message/cfheaders'
+    autoload :SendAddrV2, 'bitcoin/message/send_addr_v2'
+    autoload :AddrV2, 'bitcoin/message/addr_v2'
 
     USER_AGENT = "/bitcoinrb:#{Bitcoin::VERSION}/"
 
@@ -66,5 +77,73 @@ module Bitcoin
         compact_witness: 70015
     }
 
+    module_function
+
+    # Decode P2P message.
+    # @param [String] command P2P message command string.
+    # @param [String] payload P2P message payload with hex format..
+    # @return [Bitcoin::Message::]
+    def decode(command, payload = nil)
+      payload = payload.htb if payload
+      case command
+      when Bitcoin::Message::Version::COMMAND
+        Bitcoin::Message::Version.parse_from_payload(payload)
+      when Bitcoin::Message::VerAck::COMMAND
+        Bitcoin::Message::VerAck.new
+      when Bitcoin::Message::GetAddr::COMMAND
+        Bitcoin::Message::GetAddr.new
+      when Bitcoin::Message::Addr::COMMAND
+        Bitcoin::Message::Addr.parse_from_payload(payload)
+      when Bitcoin::Message::SendHeaders::COMMAND
+        Bitcoin::Message::SendHeaders.new
+      when Bitcoin::Message::FeeFilter::COMMAND
+        Bitcoin::Message::FeeFilter.parse_from_payload(payload)
+      when Bitcoin::Message::Ping::COMMAND
+        Bitcoin::Message::Ping.parse_from_payload(payload)
+      when Bitcoin::Message::Pong::COMMAND
+        Bitcoin::Message::Pong.parse_from_payload(payload)
+      when Bitcoin::Message::GetHeaders::COMMAND
+        Bitcoin::Message::GetHeaders.parse_from_payload(payload)
+      when Bitcoin::Message::Headers::COMMAND
+        Bitcoin::Message::Headers.parse_from_payload(payload)
+      when Bitcoin::Message::Block::COMMAND
+        Bitcoin::Message::Block.parse_from_payload(payload)
+      when Bitcoin::Message::Tx::COMMAND
+        Bitcoin::Message::Tx.parse_from_payload(payload)
+      when Bitcoin::Message::NotFound::COMMAND
+        Bitcoin::Message::NotFound.parse_from_payload(payload)
+      when Bitcoin::Message::MemPool::COMMAND
+        Bitcoin::Message::MemPool.new
+      when Bitcoin::Message::Reject::COMMAND
+        Bitcoin::Message::Reject.parse_from_payload(payload)
+      when Bitcoin::Message::SendCmpct::COMMAND
+        Bitcoin::Message::SendCmpct.parse_from_payload(payload)
+      when Bitcoin::Message::Inv::COMMAND
+        Bitcoin::Message::Inv.parse_from_payload(payload)
+      when Bitcoin::Message::MerkleBlock::COMMAND
+        Bitcoin::Message::MerkleBlock.parse_from_payload(payload)
+      when Bitcoin::Message::CmpctBlock::COMMAND
+        Bitcoin::Message::CmpctBlock.parse_from_payload(payload)
+      when Bitcoin::Message::GetData::COMMAND
+        Bitcoin::Message::GetData.parse_from_payload(payload)
+      when Bitcoin::Message::GetCFHeaders::COMMAND
+        Bitcoin::Message::GetCFHeaders.parse_from_payload(payload)
+      when Bitcoin::Message::GetCFilters::COMMAND
+        Bitcoin::Message::GetCFilters.parse_from_payload(payload)
+      when Bitcoin::Message::GetCFCheckpt::COMMAND
+        Bitcoin::Message::GetCFCheckpt.parse_from_payload(payload)
+      when Bitcoin::Message::CFCheckpt::COMMAND
+        Bitcoin::Message::CFCheckpt.parse_from_payload(payload)
+      when Bitcoin::Message::CFHeaders::COMMAND
+        Bitcoin::Message::CFHeaders.parse_from_payload(payload)
+      when Bitcoin::Message::CFilter::COMMAND
+        Bitcoin::Message::CFilter.parse_from_payload(payload)
+      when Bitcoin::Message::SendAddrV2::COMMAND
+        Bitcoin::Message::SendAddrV2.new
+      when Bitcoin::Message::AddrV2::COMMAND
+        Bitcoin::Message::AddrV2.parse_from_payload(payload)
+      end
+    end
+
   end
 end

data/lib/bitcoin/message/addr_v2.rb

@@ -0,0 +1,34 @@
+module Bitcoin
+  module Message
+
+    # addrv2 message class.
+    # https://github.com/bitcoin/bips/blob/master/bip-0155.mediawiki
+    class AddrV2 < Base
+
+      COMMAND = 'addrv2'
+
+      attr_reader :addrs
+
+      def initialize(addrs = [])
+        @addrs = addrs
+      end
+
+      def self.parse_from_payload(payload)
+        buf = StringIO.new(payload)
+        addr_count = Bitcoin.unpack_var_int_from_io(buf)
+        v2 = new
+        addr_count.times do
+          v2.addrs << NetworkAddr.parse_from_payload(buf, type: NetworkAddr::TYPE[:addr_v2])
+        end
+        v2
+      end
+
+      def to_payload
+        buf = Bitcoin.pack_var_int(addrs.size)
+        buf << (addrs.map { |a| a.to_payload(type: NetworkAddr::TYPE[:addr_v2])}.join)
+      end
+
+    end
+
+  end
+end

data/lib/bitcoin/message/base.rb

@@ -3,6 +3,7 @@ module Bitcoin
 
     # Base message class
     class Base
+      include Bitcoin::HexConverter
       include Bitcoin::Util
       extend Bitcoin::Util
 
@@ -22,6 +23,22 @@ module Bitcoin
         raise 'to_payload must be implemented in a child class.'
       end
 
+      # Decode message data to message object.
+      # @param [String] message with binary format.
+      # @return [Bitcoin::Message::XXX] An instance of a class that inherits Bitcoin::Message::Base
+      # @raise [ArgumentError] Occurs for data that cannot be decoded.
+      def self.from_pkt(message)
+        buf = StringIO.new(message)
+        magic = buf.read(4)
+        raise ArgumentError, 'Invalid magic.' unless magic == Bitcoin.chain_params.magic_head.htb
+        command = buf.read(12).delete("\x00")
+        length = buf.read(4).unpack1('V')
+        checksum = buf.read(4)
+        payload = buf.read(length)
+        raise ArgumentError, 'Checksum do not match.' unless checksum == Bitcoin.double_sha256(payload)[0...4]
+        Bitcoin::Message.decode(command, payload&.bth)
+      end
+
     end
 
   end

data/lib/bitcoin/message/cf_parser.rb

@@ -0,0 +1,16 @@
+module Bitcoin
+  module Message
+    module CFParser
+
+      def parse_from_payload(payload)
+        type, start, hash = payload.unpack('CLH*')
+        self.new(type, start, hash)
+      end
+
+      def to_payload
+        [filter_type, start_height, stop_hash].pack('CLH*')
+      end
+
+    end
+  end
+end

data/lib/bitcoin/message/cfcheckpt.rb

@@ -0,0 +1,36 @@
+module Bitcoin
+  module Message
+
+    # cfcheckpt message for BIP-157
+    # https://github.com/bitcoin/bips/blob/master/bip-0157.mediawiki#cfcheckpt
+    class CFCheckpt < Base
+
+      COMMAND = 'cfcheckpt'
+
+      attr_accessor :filter_type
+      attr_accessor :stop_hash      # little endian
+      attr_accessor :filter_headers # little endian
+
+      def initialize(filter_type, stop_hash, filter_headers)
+        @filter_type = filter_type
+        @stop_hash = stop_hash
+        @filter_headers = filter_headers
+      end
+
+      def self.parse_from_payload(payload)
+        buf = StringIO.new(payload)
+        type = buf.read(1).unpack1('C')
+        hash = buf.read(32).unpack1('H*')
+        count = Bitcoin.unpack_var_int_from_io(buf)
+        headers = count.times.map{buf.read(32).bth}
+        self.new(type, hash, headers)
+      end
+
+      def to_payload
+        [filter_type, stop_hash].pack('CH*') +
+            Bitcoin.pack_var_int(filter_headers.size) + filter_headers.map(&:htb).join
+      end
+    end
+
+  end
+end