bitcoinrb 0.5.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a5da63d0663778eba1816d008ebf369348bc75d214965b68c2ff7ce564e95ac3
-  data.tar.gz: 2a7e31c9f5b29b72b14e93103f1b69111a2283e390fb61fdad517a5aa764f9f4
+  metadata.gz: aa485194b6a1f5ea2ba0a4ed3355cae8cc8cdd4252475a78dc811ec54a93dfa4
+  data.tar.gz: 5c2c91ab2041b88e0ada77a1099df5e4d564f2d1da0a2963e3ff1beec0b63172
 SHA512:
-  metadata.gz: b062f7c6e944cac7787fdca7be284224961b9a675467bd6f55fa0d49ed502157507e098aee9b28998f600826d677ddc3f8b26947134591240b5d8ada5e004686
-  data.tar.gz: b32d9705400ac5bfb1cc252e4a79c66ff9fb2d8dcba1f530060b5c130e14726e412a5434d5769dd6824588374cbae99c797ae65a2478a92d53cc5fa664ab5a4e
+  metadata.gz: c84550004b92167af33a7832c69cafeb44e24a98d491865976194614eed2ea6c831f5ac47a716ec989d1f759786741a26cb81fa6b5da33850a2e2b4dc0fa331b
+  data.tar.gz: fb8bdfea37eb452b565f826cb2a12c56865fd80410376f0d444cddf339a1e4eb423988ef617a1dc84b573bb114db3ddae89ae49f60afd882349e92169bac6031

data/.ruby-version

@@ -1 +1 @@
-2.7.0
+ruby-3.0.0

data/.travis.yml

@@ -1,9 +1,10 @@
 language: ruby
 rvm:
-  - 2.4.6
-  - 2.5.5
-  - 2.6.3
-  - 2.7.0
+  - 2.4.10
+  - 2.5.8
+  - 2.6.6
+  - 2.7.2
+  - 3.0.0
 addons:
   apt:
     packages:

data/README.md

@@ -18,6 +18,8 @@ Bitcoinrb supports following feature:
 * [BIP-173](https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki) Bech32 address support
 * [BIP-174](https://github.com/bitcoin/bips/blob/master/bip-0174.mediawiki) PSBT(Partially Signed Bitcoin Transaction) support
 * [BIP-85](https://github.com/bitcoin/bips/blob/master/bip-0085.mediawiki) Deterministic Entropy From BIP32 Keychains support by `Bitcoin::BIP85Entropy` class.
+* Schnorr signature([BIP-340](https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki))  
+* Taproot consensus([BIP-341](https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki) and [BIP-342](https://github.com/bitcoin/bips/blob/master/bip-0342.mediawiki))  
 * [WIP] SPV node
 * [WIP] 0ff-chain protocol
 
@@ -93,6 +95,14 @@ Bitcoin.chain_params = :regtest
 
 This parameter is described in https://github.com/chaintope/bitcoinrb/blob/master/lib/bitcoin/chainparams/regtest.yml.
 
+* default signet
+
+```ruby
+Bitcoin.chain_params = :signet
+```
+
+This parameter is described in https://github.com/chaintope/bitcoinrb/blob/master/lib/bitcoin/chainparams/signet.yml.
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/bitcoinrb. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.

data/bitcoinrb.gemspec

@@ -10,8 +10,8 @@ Gem::Specification.new do |spec|
   spec.authors       = ["azuchi"]
   spec.email         = ["azuchi@chaintope.com"]
 
-  spec.summary       = %q{[WIP]The implementation of Bitcoin Protocol for Ruby.}
-  spec.description   = %q{[WIP]The implementation of Bitcoin Protocol for Ruby.}
+  spec.summary       = %q{The implementation of Bitcoin Protocol for Ruby.}
+  spec.description   = %q{The implementation of Bitcoin Protocol for Ruby.}
   spec.homepage      = 'https://github.com/chaintope/bitcoinrb'
   spec.license       = "MIT"
 
@@ -32,8 +32,8 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'iniparse'
   spec.add_runtime_dependency 'siphash'
   spec.add_runtime_dependency 'protobuf', '3.8.5'
-  spec.add_runtime_dependency 'scrypt'
   spec.add_runtime_dependency 'json_pure', '>= 2.3.1'
+  spec.add_runtime_dependency 'bip-schnorr', '>= 0.3.2'
 
   # for options
   spec.add_development_dependency 'leveldb-native'
@@ -42,6 +42,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'timecop'
-  spec.add_development_dependency 'webmock', '~> 3.0'
+  spec.add_development_dependency 'webmock', '>= 3.11.1'
 
 end

data/lib/bitcoin.rb

@@ -3,7 +3,7 @@
 
 require 'bitcoin/version'
 require 'eventmachine'
-require 'ecdsa'
+require 'schnorr'
 require 'securerandom'
 require 'json'
 require 'bech32'
@@ -58,8 +58,11 @@ module Bitcoin
   autoload :Aezeed, 'bitcoin/aezeed'
   autoload :PaymentCode, 'bitcoin/payment_code'
   autoload :BIP85Entropy, 'bitcoin/bip85_entropy'
+  autoload :Errors, 'bitcoin/errors'
+  autoload :SigHashGenerator, 'bitcoin/sighash_generator'
 
   require_relative 'bitcoin/constants'
+  require_relative 'bitcoin/ext/ecdsa'
 
   extend Util
 
@@ -67,7 +70,7 @@ module Bitcoin
 
   # set bitcoin network chain params
   def self.chain_params=(name)
-    raise "chain params for #{name} is not defined." unless %i(mainnet testnet regtest).include?(name.to_sym)
+    raise "chain params for #{name} is not defined." unless %i(mainnet testnet regtest signet).include?(name.to_sym)
     @current_chain = nil
     @chain_param = name.to_sym
   end
@@ -82,6 +85,8 @@ module Bitcoin
       @current_chain = Bitcoin::ChainParams.testnet
     when :regtest
       @current_chain = Bitcoin::ChainParams.regtest
+    when :signet
+      @current_chain = Bitcoin::ChainParams.signet
     end
     @current_chain
   end
@@ -108,7 +113,7 @@ module Bitcoin
   class ::String
     # binary convert to hex string
     def bth
-      unpack('H*').first
+      unpack1('H*')
     end
 
     # hex string convert to binary
@@ -165,6 +170,27 @@ module Bitcoin
       self[offset..-1]
     end
 
+    def valid_pushdata_length?
+      buf = StringIO.new(self)
+      opcode = buf.read(1).ord
+      offset = 1
+      return false if buf.eof?
+      len = case opcode
+            when Bitcoin::Opcodes::OP_PUSHDATA1
+              offset += 1
+              buf.read(1).unpack1('C')
+            when Bitcoin::Opcodes::OP_PUSHDATA2
+              offset += 2
+              buf.read(2).unpack1('v')
+            when Bitcoin::Opcodes::OP_PUSHDATA4
+              offset += 4
+              buf.read(4).unpack1('V')
+            else
+              opcode
+            end
+      self.bytesize == len + offset
+    end
+
     # whether value is hex or not hex
     # @return [Boolean] return true if data is hex
     def valid_hex?
@@ -219,17 +245,4 @@ module Bitcoin
     end
   end
 
-  class ::ECDSA::Signature
-    # convert signature to der string.
-    def to_der
-      ECDSA::Format::SignatureDerString.encode(self)
-    end
-  end
-
-  class ::ECDSA::Point
-    def to_hex(compression = true)
-      ECDSA::Format::PointOctetString.encode(self, compression: compression).bth
-    end
-  end
-
 end

data/lib/bitcoin/block_filter.rb

@@ -43,6 +43,20 @@ module Bitcoin
       BlockFilter.new(filter_type, filter, block.block_hash)
     end
 
+    # Decode Block Filter from encoded filter
+    # @param [Integer] filter_type filter type.
+    # @param [String] block_hash block hash with hex format. not little endian.
+    # @param [String] encoded encoded_filter with hex format.
+    # @return [Bitcoin::BlockFilter] block filter object.
+    def self.decode(filter_type, block_hash, encoded)
+      filter = case filter_type
+               when TYPE[:basic]
+                GCSFilter.new(block_hash.htb[0...16], BASIC_FILTER_P, BASIC_FILTER_M, encoded_filter: encoded)
+              else
+                raise "unknown filter type: #{filter_type}."
+               end
+      BlockFilter.new(filter_type, filter, block_hash)
+    end
 
     # calculate filter hash.
     # @return [String] this filter hash with hex format.

data/lib/bitcoin/chain_params.rb

@@ -51,6 +51,11 @@ module Bitcoin
       init('regtest')
     end
 
+    # signet genesis
+    def self.signet
+      init('signet')
+    end
+
     def mainnet?
       network == 'mainnet'
     end
@@ -63,6 +68,10 @@ module Bitcoin
       network == 'regtest'
     end
 
+    def signet?
+      network == 'signet'
+    end
+
     def genesis_block
       header = Bitcoin::BlockHeader.new(
           genesis['version'], genesis['prev_hash'].rhex, genesis['merkle_root'].rhex,

data/lib/bitcoin/chainparams/signet.yml

@@ -0,0 +1,39 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "signet"
+magic_head: "0a03cf40"
+message_magic: "Bitcoin Signed Message:\n"
+address_version: "6f"
+p2sh_version: "c4"
+bech32_hrp: 'tb'
+privkey_version: "ef"
+extended_privkey_version: "04358394"
+extended_pubkey_version: "043587cf"
+bip49_pubkey_p2wpkh_p2sh_version: "044a5262"
+bip49_pubkey_p2wsh_p2sh_version: "024289ef"
+bip49_privkey_p2wpkh_p2sh_version: "044a4e28"
+bip49_privkey_p2wsh_p2sh_version: "024285b5"
+bip84_pubkey_p2wpkh_version: "045f1cf6"
+bip84_pubkey_p2wsh_version: "02575483"
+bip84_privkey_p2wpkh_version: "045f18bc"
+bip84_privkey_p2wsh_version: "02575048"
+default_port: 38333
+protocol_version: 70013
+retarget_interval: 2016
+retarget_time: 1209600 # 2 weeks
+target_spacing: 600 # block interval
+max_money: 21000000
+bip34_height: 227931
+genesis_hash: "00000008819873e925422c1ff0f99f7cc9bbb232af63a077a480a3633bee1ef6"
+proof_of_work_limit: 0x1d00ffff
+dns_seeds:
+  - "178.128.221.177"
+  - "2a01:7c8:d005:390::5"
+genesis:
+  hash: "00000008819873e925422c1ff0f99f7cc9bbb232af63a077a480a3633bee1ef6"
+  merkle_root: "4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"
+  time: 1598918400
+  nonce: 52613770
+  bits: 0x1e0377ae
+  version: 1
+  prev_hash: "0000000000000000000000000000000000000000000000000000000000000000"
+bip44_coin_type: 1

data/lib/bitcoin/constants.rb

@@ -44,6 +44,11 @@ module Bitcoin
   SCRIPT_VERIFY_NULLFAIL = (1 << 14) # Signature(s) must be empty vector if an CHECK(MULTI)SIG operation failed
   SCRIPT_VERIFY_WITNESS_PUBKEYTYPE = (1 << 15) # Public keys in segregated witness scripts must be compressed
   SCRIPT_VERIFY_CONST_SCRIPTCODE = (1 << 16) # Making OP_CODESEPARATOR and FindAndDelete fail any non-segwit scripts
+  SCRIPT_VERIFY_TAPROOT = (1 << 17) # Taproot/Tapscript validation (BIPs 341 & 342)
+  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION = (1 << 18) # Making unknown Taproot leaf versions non-standard
+  SCRIPT_VERIFY_DISCOURAGE_UNKNOWN_ANNEX = (1 << 19) # Making the use of (unknown) annexes non-standard (currently no annexes are known)
+  SCRIPT_VERIFY_DISCOURAGE_OP_SUCCESS = (1 << 20) # Making unknown OP_SUCCESS non-standard
+  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_PUBKEYTYPE = (1 << 21) # Making unknown public key versions (in BIP 342 scripts) non-standard
 
   MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH
 
@@ -88,8 +93,19 @@ module Bitcoin
   # Threshold for nLockTime: below this value it is interpreted as block number, otherwise as UNIX timestamp.
   LOCKTIME_THRESHOLD = 500000000
 
+  # Tag for input annex. If there are at least two witness elements for a transaction input,
+  # and the first byte of the last element is 0x50, this last element is called annex, and
+  # has meanings independent of the script
+  ANNEX_TAG = 0x50
+
+  # Validation weight per passing signature (Tapscript only, see BIP 342).
+  VALIDATION_WEIGHT_PER_SIGOP_PASSED = 50
+
+  # How much weight budget is added to the witness size (Tapscript only, see BIP 342).
+  VALIDATION_WEIGHT_OFFSET = 50
+
   # Signature hash types/flags
-  SIGHASH_TYPE = { all: 1, none: 2, single: 3, anyonecanpay: 128 }
+  SIGHASH_TYPE = { all: 0x01, none: 0x02, single: 0x3, anyonecanpay: 0x80 , default: 0}
 
   # Maximum number length in bytes
   DEFAULT_MAX_NUM_SIZE = 4
@@ -97,8 +113,6 @@ module Bitcoin
   # 80 bytes of data, +1 for OP_RETURN, +2 for the pushdata opcodes.
   MAX_OP_RETURN_RELAY = 83
 
-  SIG_VERSION = [:base, :witness_v0]
-
   # for script error
   SCRIPT_ERR_OK = 0
   SCRIPT_ERR_UNKNOWN_ERROR = 1
@@ -146,6 +160,10 @@ module Bitcoin
   # softfork safeness
   SCRIPT_ERR_DISCOURAGE_UPGRADABLE_NOPS = 60
   SCRIPT_ERR_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM = 61
+  SCRIPT_ERR_DISCOURAGE_UPGRADABLE_TAPROOT_VERSION = 62
+  SCRIPT_ERR_DISCOURAGE_UNKNOWN_ANNEX = 63
+  SCRIPT_ERR_DISCOURAGE_OP_SUCCESS = 64
+  SCRIPT_ERR_DISCOURAGE_UPGRADABLE_PUBKEYTYPE = 65
 
   # segregated witness
   SCRIPT_ERR_WITNESS_PROGRAM_WRONG_LENGTH = 70
@@ -162,6 +180,15 @@ module Bitcoin
 
   SCRIPT_ERR_ERROR_COUNT = 80
 
+  # Taproot
+  SCRIPT_ERR_SCHNORR_SIG_SIZE = 90
+  SCRIPT_ERR_SCHNORR_SIG_HASHTYPE = 91
+  SCRIPT_ERR_SCHNORR_SIG = 92
+  SCRIPT_ERR_TAPROOT_WRONG_CONTROL_SIZE = 93
+  SCRIPT_ERR_TAPSCRIPT_VALIDATION_WEIGHT = 94
+  SCRIPT_ERR_TAPSCRIPT_CHECKMULTISIG = 95
+  SCRIPT_ERR_TAPSCRIPT_MINIMALIF = 96
+
   ERRCODES_MAP = Hash[*constants.grep(/^SCRIPT_ERR_/).map { |c| [const_get(c), c.to_s] }.flatten]
   NAME_MAP = Hash[*constants.grep(/^SCRIPT_ERR_/).map { |c| [c.to_s, const_get(c)] }.flatten]
 
@@ -185,4 +212,17 @@ module Bitcoin
   BIP32_EXTKEY_WITH_VERSION_SIZE = 78
 
   HARDENED_THRESHOLD = 2147483648 # 2**31
+
+  # Signature hash sizes
+  WITNESS_V0_SCRIPTHASH_SIZE = 32
+  WITNESS_V0_KEYHASH_SIZE = 20
+  WITNESS_V1_TAPROOT_SIZE = 32
+
+  TAPROOT_LEAF_MASK = 0xfe
+  TAPROOT_LEAF_TAPSCRIPT = 0xc0
+  TAPROOT_CONTROL_BASE_SIZE = 33
+  TAPROOT_CONTROL_NODE_SIZE = 32
+  TAPROOT_CONTROL_MAX_NODE_COUNT = 128
+  TAPROOT_CONTROL_MAX_SIZE = TAPROOT_CONTROL_BASE_SIZE + TAPROOT_CONTROL_NODE_SIZE * TAPROOT_CONTROL_MAX_NODE_COUNT
+
 end

data/lib/bitcoin/descriptor.rb

@@ -116,7 +116,7 @@ module Bitcoin
         end
       end
       key = key.is_a?(Bitcoin::Key) ? key : key.key
-      raise ArgumentError, 'Invalid pubkey.' unless key.fully_valid_pubkey?
+      raise ArgumentError, Errors::Messages::INVALID_PUBLIC_KEY unless key.fully_valid_pubkey?
       key.pubkey
     end
 

data/lib/bitcoin/errors.rb

@@ -0,0 +1,19 @@
+module Bitcoin
+  module Errors
+
+    module Messages
+
+      INVALID_PUBLIC_KEY = 'Invalid public key.'
+      INVALID_BIP32_PRIV_PREFIX = 'Invalid BIP32 private key prefix. prefix must be 0x00.'
+      INVALID_BIP32_FINGERPRINT = 'Invalid parent fingerprint.'
+      INVALID_BIP32_ZERO_INDEX = 'Invalid index. Depth 0 must have 0 index.'
+      INVALID_BIP32_ZERO_DEPTH = 'Invalid depth. Master key must have 0 depth.'
+      INVALID_BIP32_VERSION = 'An unsupported version byte was specified.'
+
+      INVALID_PRIV_KEY = 'Private key is not in range [1..n-1].'
+      INVALID_CHECKSUM = 'Invalid checksum.'
+
+    end
+
+  end
+end

data/lib/bitcoin/ext/ecdsa.rb

@@ -0,0 +1,31 @@
+class ::ECDSA::Signature
+  # convert signature to der string.
+  def to_der
+    ECDSA::Format::SignatureDerString.encode(self)
+  end
+end
+
+class ::ECDSA::Point
+  def to_hex(compression = true)
+    ECDSA::Format::PointOctetString.encode(self, compression: compression).bth
+  end
+end
+
+module ::ECDSA::Format::PointOctetString
+
+  class << self
+    alias_method :base_decode, :decode
+  end
+
+  def self.decode(string, group, allow_hybrid: false)
+    string = string.dup.force_encoding('BINARY')
+    raise ECDSA::Format::DecodeError, 'Point octet string is empty.' if string.empty?
+    if [6, 7].include?(string[0].ord)
+      raise ECDSA::Format::DecodeError, 'Unrecognized start byte for point octet string: 0x%x' % string[0].ord unless allow_hybrid
+      decode_uncompressed string, group if allow_hybrid
+    else
+      base_decode(string, group)
+    end
+  end
+
+end

data/lib/bitcoin/ext_key.rb

@@ -52,9 +52,7 @@ module Bitcoin
 
     # Base58 encoded extended private key
     def to_base58
-      h = to_hex
-      hex = h + Bitcoin.calc_checksum(h)
-      Base58.encode(hex)
+      ExtPubkey.encode_base58(to_hex)
     end
 
     # get private key(hex)
@@ -146,22 +144,24 @@ module Bitcoin
       buf = StringIO.new(payload)
       ext_key = ExtKey.new
       ext_key.ver = buf.read(4).bth # version
-      raise 'An unsupported version byte was specified.' unless ExtKey.support_version?(ext_key.ver)
-      ext_key.depth = buf.read(1).unpack('C').first
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_VERSION unless ExtKey.support_version?(ext_key.ver)
+      ext_key.depth = buf.read(1).unpack1('C')
       ext_key.parent_fingerprint = buf.read(4).bth
+      ext_key.number = buf.read(4).unpack1('N')
       if ext_key.depth == 0
-        raise ArgumentError, 'Invalid parent fingerprint.' unless ext_key.parent_fingerprint == MASTER_FINGERPRINT
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_FINGERPRINT unless ext_key.parent_fingerprint == ExtKey::MASTER_FINGERPRINT
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_ZERO_INDEX if ext_key.number > 0
       end
-      ext_key.number = buf.read(4).unpack('N').first
+      raise ArgumentError, Errors::Messages:: INVALID_BIP32_ZERO_DEPTH if ext_key.parent_fingerprint == ExtKey::MASTER_FINGERPRINT && ext_key.depth > 0
       ext_key.chain_code = buf.read(32)
-      buf.read(1) # 0x00
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_PRIV_PREFIX unless buf.read(1).bth == '00' # 0x00
       ext_key.key = Bitcoin::Key.new(priv_key: buf.read(32).bth, key_type: Bitcoin::Key::TYPES[:compressed])
       ext_key
     end
 
     # import private key from Base58 private key address
-    def self.from_base58(address)
-      ExtKey.parse_from_payload(Base58.decode(address).htb)
+    def self.from_base58(base58)
+      ExtKey.parse_from_payload(ExtPubkey.validate_base58(base58))
     end
 
     # get version bytes from purpose' value.
@@ -253,9 +253,14 @@ module Bitcoin
 
     # Base58 encoded extended pubkey
     def to_base58
-      h = to_hex
-      hex = h + Bitcoin.calc_checksum(h)
-      Base58.encode(hex)
+      ExtPubkey.encode_base58(to_hex)
+    end
+
+    # Generate Base58 encoded key from BIP32 payload with hex format.
+    # @param [String] hex BIP32 payload with hex format.
+    # @return [String] Base58 encoded extended key.
+    def self.encode_base58(hex)
+      Base58.encode(hex + Bitcoin.calc_checksum(hex))
     end
 
     # whether hardened key.
@@ -310,22 +315,33 @@ module Bitcoin
       buf = StringIO.new(payload)
       ext_pubkey = ExtPubkey.new
       ext_pubkey.ver = buf.read(4).bth # version
-      raise 'An unsupported version byte was specified.' unless ExtPubkey.support_version?(ext_pubkey.ver)
-      ext_pubkey.depth = buf.read(1).unpack('C').first
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_VERSION unless ExtPubkey.support_version?(ext_pubkey.ver)
+      ext_pubkey.depth = buf.read(1).unpack1('C')
       ext_pubkey.parent_fingerprint = buf.read(4).bth
+      ext_pubkey.number = buf.read(4).unpack1('N')
       if ext_pubkey.depth == 0
-        raise ArgumentError, 'Invalid parent fingerprint.' unless ext_pubkey.parent_fingerprint == ExtKey::MASTER_FINGERPRINT
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_FINGERPRINT unless ext_pubkey.parent_fingerprint == ExtKey::MASTER_FINGERPRINT
+        raise ArgumentError, Errors::Messages::INVALID_BIP32_ZERO_INDEX if ext_pubkey.number > 0
       end
-      ext_pubkey.number = buf.read(4).unpack('N').first
+      raise ArgumentError, Errors::Messages::INVALID_BIP32_ZERO_DEPTH if ext_pubkey.parent_fingerprint == ExtKey::MASTER_FINGERPRINT && ext_pubkey.depth > 0
       ext_pubkey.chain_code = buf.read(32)
-      ext_pubkey.pubkey = buf.read(33).bth
+      ext_pubkey.pubkey = Bitcoin::Key.new(pubkey: buf.read(33).bth).pubkey
       ext_pubkey
     end
 
 
     # import pub key from Base58 private key address
     def self.from_base58(address)
-      ExtPubkey.parse_from_payload(Base58.decode(address).htb)
+      ExtPubkey.parse_from_payload(ExtPubkey.validate_base58(address))
+    end
+
+    # Validate address checksum and return payload.
+    # @param [String] BIP32 Base58 address
+    # @return [String] BIP32 payload with binary format
+    def self.validate_base58(address)
+      raw = Base58.decode(address)
+      raise ArgumentError, Errors::Messages::INVALID_CHECKSUM unless Bitcoin.calc_checksum(raw[0...-8]) == raw[-8..-1]
+      raw[0...-8].htb
     end
 
     # get version bytes from purpose' value.