bsv-sdk 0.14.0 → 0.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4532a163439721455da80290d8b02342e597a01bb1e00b259d13343f8f9bd592
-  data.tar.gz: b7cfda4a8084b96c28f34afb6829fcba9f5be0dabb01fca536147bfe2c66bad8
+  metadata.gz: a76170f9d5dcdfc76945c20c541b556a02f3fb5a7214a8d6f777eb589f048461
+  data.tar.gz: 57176276d41d430d654682dd22aef0f93bee9e2e3c57d4fb76d435dbd8c3e705
 SHA512:
-  metadata.gz: ed0b97db3cec8503eba509f232a463d8566373b34ccaf5fe7cd130a72e712cde17b083b4ce94ef64fa84786d6e6aec8965423ca6b8a7471ada70ebd522956e2a
-  data.tar.gz: 0747a93bef059a8eccf0f504e703d20ddc875f8c562db8f01d3af4050bf7562deb262eb4494db4d98b78665f91274ed77754fa76e99254b8592b7e0f1526aa13
+  metadata.gz: fb7257bda0b14c14ab55d8da3a19fdc27a8eca113cfeb857487079d4e0f042ebbaef184e81382d50aed7a9efd69dc4d2cb2d77594b6e1ae5f3f6d047c01d2ab9
+  data.tar.gz: 20f9e8fe53476ddd87900d1b58d00811da403703d5ae8cf6dc0f6d4a4836ab8a12e42ddce88c7323bd281e710770f4b7b6805cb842ab4f164c4b17559afa46e7

data/CHANGELOG.md

@@ -5,6 +5,49 @@ All notable changes to the `bsv-sdk` gem are documented here.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/)
 and this gem adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.16.0 — 2026-05-01
+
+### Breaking Changes
+- Removed `bsv-wallet` and `bsv-wallet-postgres` gems from the monorepo (#662)
+- Unified `BSV::Wallet` namespace with canonical BRC-100 interface, error reconciliation, and idiomatic ProtoWallet (#664)
+- Hard-deprecated `Network::ARC` and `Network::WhatsOnChain` facades (#659)
+
+### Added
+- `BSV::Wallet::ProtoWallet` for SDK-native cryptographic operations (signing, encryption, HMAC, key derivation) (#662)
+
+### Fixed
+- Guard nil `status_code` in MCP error messages (#659)
+
+## 0.15.0 — 2026-04-29
+
+### Added
+- Extracted secp256k1 elliptic curve operations to the standalone
+  `secp256k1-native` gem, with an optional native C extension providing
+  ~22x speedup for field, scalar, and Jacobian point operations (#648)
+- Native C extension scaffold with field arithmetic, scalar arithmetic,
+  and Jacobian point operations (#627, #628, #629, #630, #631)
+- Constant-time Montgomery ladder with branchless conditional swap for
+  scalar multiplication; `mul` is now constant-time by default, with
+  `mul_vt` available for variable-time use cases (#641, #653)
+- Wycheproof Bitcoin ECDSA test vectors (463 cases) with explicit
+  categorisation of high-S malleability cases as mathematically valid
+  but policy-rejected — documenting the layer separation between
+  ECDSA verification and Bitcoin's low-S enforcement (#652)
+- Wycheproof standard ECDSA test vectors (474 cases), RFC 6979
+  compliance suite, and secp256k1 field/scalar/point compliance
+  examples (#636, #637, #638)
+
+### Fixed
+- Carry overflow in schoolbook multiplication (L2) and branchless
+  borrow extraction in field reduction (#631)
+- Gemspec version floor, docstring, and variable name corrections
+  from PR review (#653)
+
+### Changed
+- Replaced `BN` hex intermediaries with direct binary construction
+  for improved performance (#622)
+- Binary byte comparison in `SignedMessage` verification (#624)
+
 ## 0.14.0 — 2026-04-22
 
 ### Added

data/README.md

@@ -34,7 +34,9 @@ These are maintained under the BSV Blockchain organisation and backed by the Bit
 
 The BSV Blockchain Libraries Project aims to structure and maintain a middleware layer of the BSV Blockchain technology stack. By facilitating the development and maintenance of core libraries, it serves as an essential toolkit for developers looking to build on the BSV Blockchain.
 
-This Ruby SDK brings maximum compatibility with the official SDK family to the Ruby ecosystem. It was born from a practical need: building an attestation gem ([bsv-attest](https://rubygems.org/gems/bsv-attest)) required a complete, idiomatic Ruby implementation of BSV primitives, script handling, and transaction construction. Rather than wrapping FFI bindings or shelling out to other languages, the SDK implements everything in pure Ruby. Elliptic curve operations (secp256k1) use a native Ruby implementation ported from the TypeScript reference SDK; OpenSSL is used only for hashing, HMAC, and symmetric encryption.
+This Ruby SDK brings maximum compatibility with the official SDK family to the Ruby ecosystem. It was born from a practical need: building an attestation gem ([bsv-attest](https://rubygems.org/gems/bsv-attest)) required a complete, idiomatic Ruby implementation of BSV primitives, script handling, and transaction construction.
+
+Elliptic curve operations (secp256k1) are provided by the [`secp256k1-native`](https://github.com/sgbett/secp256k1-native) gem, which was originally part of this library and has been extracted as a standalone dependency. This is a custom implementation ported from the TypeScript reference SDK — it does not wrap `libsecp256k1`. It includes a pure Ruby implementation with an optional native C extension for constant-time field arithmetic and performance. OpenSSL is used only for hashing, HMAC, and symmetric encryption.
 
 <!-- TODO: Update bsv-attest link once gem documentation is published (see #48) -->
 
@@ -59,6 +61,16 @@ Or install directly:
 gem install bsv-sdk
 ```
 
+### Native C Extension (Recommended)
+
+The SDK depends on [`secp256k1-native`](https://github.com/sgbett/secp256k1-native) for elliptic curve operations. It works out of the box in pure Ruby, but compiling the optional C extension is strongly recommended — it provides constant-time field arithmetic, which protects against timing side-channel attacks on private key operations:
+
+```bash
+cd $(bundle show secp256k1-native) && bundle exec rake compile
+```
+
+This requires a C99 compiler with `__uint128_t` support (GCC or Clang on macOS/Linux). If compilation is not possible, the SDK falls back to pure Ruby automatically — but the pure Ruby path does not guarantee constant-time execution.
+
 ### Basic Usage
 
 Create and sign a P2PKH transaction:
@@ -101,7 +113,7 @@ puts tx.to_hex
 
 ## Features & Deliverables
 
-- **Cryptographic Primitives** — ECDSA signing with RFC 6979 deterministic nonces, Schnorr signatures, ECIES encryption/decryption, Bitcoin Signed Messages. Elliptic curve operations use a [pure Ruby secp256k1 implementation](docs/about/secp256k1.md) ported from the TypeScript reference SDK.
+- **Cryptographic Primitives** — ECDSA signing with RFC 6979 deterministic nonces, Schnorr signatures, ECIES encryption/decryption, Bitcoin Signed Messages. Elliptic curve operations are provided by the [`secp256k1-native`](https://github.com/sgbett/secp256k1-native) gem — a pure Ruby secp256k1 implementation with an optional C extension (~22× speedup).
 - **Key Management** — BIP-32 HD key derivation, BIP-39 mnemonic generation (12/24-word phrases), WIF import/export, Base58Check encoding/decoding.
 - **Script Layer** — Complete opcode set, script parsing and serialisation, type detection and predicates (`p2pkh?`, `p2pk?`, `p2sh?`, `multisig?`, `op_return?`), data extraction (pubkey hashes, script hashes, addresses), and a fluent builder API.
 - **Script Templates** — Ready-made locking and unlocking script generators for P2PKH, P2PK, P2MS (multisig), and OP_RETURN.

data/lib/bsv/auth/auth_middleware.rb

@@ -180,12 +180,12 @@ module BSV
         response_nonce = ::Base64.strict_encode64(::SecureRandom.random_bytes(32))
         key_id         = "#{response_nonce} #{session.peer_nonce}"
 
-        sig_result = @wallet.create_signature({
-                                                data: response_payload_bin.bytes,
-                                                protocol_id: Peer::AUTH_PROTOCOL,
-                                                key_id: key_id,
-                                                counterparty: identity_key
-                                              })
+        sig_result = @wallet.create_signature(
+          data: response_payload_bin.bytes,
+          protocol_id: Peer::AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: identity_key
+        )
 
         our_identity_key = @peer.identity_key
         sig_hex_out      = sig_result[:signature].pack('C*').unpack1('H*')

data/lib/bsv/auth/certificate.rb

@@ -166,27 +166,27 @@ module BSV
 
       # Verify the certificate's signature.
       #
-      # Uses a fresh +'anyone'+ Client as the verifier, which matches the
+      # Uses a fresh +'anyone'+ ProtoWallet as the verifier, which matches the
       # TS SDK behaviour. If no signature is present, raises +ArgumentError+.
       #
       # @param verifier_wallet [#verify_signature, nil] wallet to verify with;
-      #   defaults to +BSV::Wallet::Client.new('anyone', storage: BSV::Wallet::Store::Memory.new)+
+      #   defaults to +BSV::Wallet::ProtoWallet.new('anyone')+
       # @return [Boolean] +true+ if the signature is valid
       # @raise [ArgumentError] if the certificate has no signature
       def verify(verifier_wallet = nil)
         raise ArgumentError, 'certificate has no signature to verify' if @signature.nil? || @signature.empty?
 
-        verifier_wallet ||= BSV::Wallet::Client.new('anyone', storage: BSV::Wallet::Store::Memory.new, allow_memory_store: true)
+        verifier_wallet ||= BSV::Wallet::ProtoWallet.new('anyone')
         preimage  = to_binary(include_signature: false)
         sig_bytes = [@signature].pack('H*').unpack('C*')
 
-        result = verifier_wallet.verify_signature({
-                                                    data: preimage.unpack('C*'),
-                                                    signature: sig_bytes,
-                                                    protocol_id: CERT_SIG_PROTOCOL,
-                                                    key_id: "#{@type} #{@serial_number}",
-                                                    counterparty: @certifier
-                                                  })
+        result = verifier_wallet.verify_signature(
+          data: preimage.unpack('C*'),
+          signature: sig_bytes,
+          protocol_id: CERT_SIG_PROTOCOL,
+          key_id: "#{@type} #{@serial_number}",
+          counterparty: @certifier
+        )
 
         result.is_a?(Hash) && result[:valid] == true
       rescue BSV::Wallet::InvalidSignatureError
@@ -203,14 +203,14 @@ module BSV
       def sign(certifier_wallet)
         raise ArgumentError, "certificate has already been signed: #{@signature}" if @signature && !@signature.empty?
 
-        @certifier = certifier_wallet.get_public_key({ identity_key: true })[:public_key]
+        @certifier = certifier_wallet.get_public_key(identity_key: true)[:public_key]
 
         preimage = to_binary(include_signature: false)
-        result   = certifier_wallet.create_signature({
-                                                       data: preimage.unpack('C*'),
-                                                       protocol_id: CERT_SIG_PROTOCOL,
-                                                       key_id: "#{@type} #{@serial_number}"
-                                                     })
+        result   = certifier_wallet.create_signature(
+          data: preimage.unpack('C*'),
+          protocol_id: CERT_SIG_PROTOCOL,
+          key_id: "#{@type} #{@serial_number}"
+        )
         @signature = result[:signature].pack('C*').unpack1('H*')
       end
 

data/lib/bsv/auth/master_certificate.rb

@@ -128,7 +128,7 @@ module BSV
             privileged_reason: privileged_reason
           }.merge(Certificate.certificate_field_encryption_details(field_name))
 
-          result = creator_wallet.encrypt(enc_args)
+          result = creator_wallet.encrypt(**enc_args)
           master_keyring[field_name] = Base64.strict_encode64(result[:ciphertext].pack('C*'))
         end
 
@@ -187,7 +187,7 @@ module BSV
             privileged_reason: privileged_reason
           }.merge(Certificate.certificate_field_encryption_details(field_name, serial_number))
 
-          result = subject_wallet.encrypt(enc_args)
+          result = subject_wallet.encrypt(**enc_args)
           keyring[field_name] = Base64.strict_encode64(result[:ciphertext].pack('C*'))
         end
 
@@ -218,7 +218,7 @@ module BSV
         keyring = result[:master_keyring]
 
         subject_key = if subject == 'self'
-                        certifier_wallet.get_public_key({ identity_key: true })[:public_key]
+                        certifier_wallet.get_public_key(identity_key: true)[:public_key]
                       else
                         subject
                       end
@@ -229,7 +229,7 @@ module BSV
                                 "#{'00' * 32}.0"
                               end
 
-        certifier_key = certifier_wallet.get_public_key({ identity_key: true })[:public_key]
+        certifier_key = certifier_wallet.get_public_key(identity_key: true)[:public_key]
 
         cert = new(
           type: certificate_type,
@@ -309,7 +309,7 @@ module BSV
             privileged_reason: privileged_reason
           }.merge(Certificate.certificate_field_encryption_details(field_name))
 
-          field_revelation_key = wallet.decrypt(dec_args)[:plaintext]
+          field_revelation_key = wallet.decrypt(**dec_args)[:plaintext]
 
           sym_key = BSV::Primitives::SymmetricKey.new(field_revelation_key.pack('C*'))
           decrypted_bytes = sym_key.decrypt(Base64.strict_decode64(field_value))

data/lib/bsv/auth/nonce.rb

@@ -34,12 +34,12 @@ module BSV
         first_half = SecureRandom.random_bytes(RANDOM_BYTES)
         key_id     = decode_as_utf8(first_half)
 
-        result = wallet.create_hmac({
-                                      data: first_half.bytes,
-                                      protocol_id: PROTOCOL_ID,
-                                      key_id: key_id,
-                                      counterparty: counterparty
-                                    })
+        result = wallet.create_hmac(
+          data: first_half.bytes,
+          protocol_id: PROTOCOL_ID,
+          key_id: key_id,
+          counterparty: counterparty
+        )
 
         nonce_bytes = first_half + result[:hmac].pack('C*')
         ::Base64.strict_encode64(nonce_bytes)
@@ -60,13 +60,13 @@ module BSV
         hmac_bytes = nonce_bytes.byteslice(RANDOM_BYTES, nonce_bytes.bytesize - RANDOM_BYTES)
         key_id     = decode_as_utf8(first_half)
 
-        wallet.verify_hmac({
-                             data: first_half.bytes,
-                             hmac: hmac_bytes.bytes,
-                             protocol_id: PROTOCOL_ID,
-                             key_id: key_id,
-                             counterparty: counterparty
-                           })
+        wallet.verify_hmac(
+          data: first_half.bytes,
+          hmac: hmac_bytes.bytes,
+          protocol_id: PROTOCOL_ID,
+          key_id: key_id,
+          counterparty: counterparty
+        )
 
         true
       rescue BSV::Wallet::InvalidHmacError

data/lib/bsv/auth/peer.rb

@@ -180,7 +180,7 @@ module BSV
       #
       # @return [String] compressed public key hex
       def identity_key
-        @identity_key ||= @wallet.get_public_key({ identity_key: true })[:public_key]
+        @identity_key ||= @wallet.get_public_key(identity_key: true)[:public_key]
       end
 
       # Checks whether we have an authenticated session with a peer.
@@ -318,12 +318,12 @@ module BSV
         key_id        = key_id_for(request_nonce, session.peer_nonce)
         data          = JSON.generate(certificates_to_request).encode('UTF-8').bytes
 
-        sig_result = @wallet.create_signature({
-                                                data: data,
-                                                protocol_id: AUTH_PROTOCOL,
-                                                key_id: key_id,
-                                                counterparty: session.peer_identity_key
-                                              })
+        sig_result = @wallet.create_signature(
+          data: data,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: session.peer_identity_key
+        )
 
         session.last_update = current_time_ms
         @session_manager.update_session(session)
@@ -355,12 +355,12 @@ module BSV
         cert_data     = certificates.map { |c| c.respond_to?(:to_h) ? c.to_h : c }
         data          = JSON.generate(cert_data).encode('UTF-8').bytes
 
-        sig_result = @wallet.create_signature({
-                                                data: data,
-                                                protocol_id: AUTH_PROTOCOL,
-                                                key_id: key_id,
-                                                counterparty: session.peer_identity_key
-                                              })
+        sig_result = @wallet.create_signature(
+          data: data,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: session.peer_identity_key
+        )
 
         session.last_update = current_time_ms
         @session_manager.update_session(session)
@@ -394,12 +394,12 @@ module BSV
         request_nonce = ::Base64.strict_encode64(SecureRandom.random_bytes(32))
         key_id        = key_id_for(request_nonce, session.peer_nonce)
 
-        sig_result = @wallet.create_signature({
-                                                data: payload,
-                                                protocol_id: AUTH_PROTOCOL,
-                                                key_id: key_id,
-                                                counterparty: session.peer_identity_key
-                                              })
+        sig_result = @wallet.create_signature(
+          data: payload,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: session.peer_identity_key
+        )
 
         session.last_update = current_time_ms
         @session_manager.update_session(session)
@@ -455,12 +455,12 @@ module BSV
         sig_data = b64_decode(their_nonce) + b64_decode(our_nonce)
         key_id   = key_id_for(their_nonce, our_nonce)
 
-        sig_result = @wallet.create_signature({
-                                                data: sig_data,
-                                                protocol_id: AUTH_PROTOCOL,
-                                                key_id: key_id,
-                                                counterparty: peer_key
-                                              })
+        sig_result = @wallet.create_signature(
+          data: sig_data,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: peer_key
+        )
 
         @last_interacted_peer ||= peer_key if @auto_persist_last_session
 
@@ -498,13 +498,13 @@ module BSV
         sig_data = b64_decode(our_nonce) + b64_decode(their_nonce)
         key_id   = key_id_for(our_nonce, their_nonce)
 
-        @wallet.verify_signature({
-                                   data: sig_data,
-                                   signature: signature,
-                                   protocol_id: AUTH_PROTOCOL,
-                                   key_id: key_id,
-                                   counterparty: peer_key
-                                 })
+        @wallet.verify_signature(
+          data: sig_data,
+          signature: signature,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: peer_key
+        )
 
         # Authentication complete
         session.peer_nonce        = their_nonce
@@ -574,13 +574,13 @@ module BSV
         # Verify signature: signed over payload with key_id "msg_nonce session_nonce"
         key_id = key_id_for(msg_nonce, session.session_nonce)
 
-        @wallet.verify_signature({
-                                   data: payload,
-                                   signature: signature,
-                                   protocol_id: AUTH_PROTOCOL,
-                                   key_id: key_id,
-                                   counterparty: session.peer_identity_key
-                                 })
+        @wallet.verify_signature(
+          data: payload,
+          signature: signature,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: session.peer_identity_key
+        )
 
         session.last_update = current_time_ms
         @session_manager.update_session(session)
@@ -610,13 +610,13 @@ module BSV
         data   = JSON.generate(requested).encode('UTF-8').bytes
         key_id = key_id_for(msg_nonce, session.session_nonce)
 
-        @wallet.verify_signature({
-                                   data: data,
-                                   signature: signature,
-                                   protocol_id: AUTH_PROTOCOL,
-                                   key_id: key_id,
-                                   counterparty: session.peer_identity_key
-                                 })
+        @wallet.verify_signature(
+          data: data,
+          signature: signature,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: session.peer_identity_key
+        )
 
         session.last_update = current_time_ms
         @session_manager.update_session(session)
@@ -655,13 +655,13 @@ module BSV
         data   = JSON.generate(certs).encode('UTF-8').bytes
         key_id = key_id_for(msg_nonce, session.session_nonce)
 
-        @wallet.verify_signature({
-                                   data: data,
-                                   signature: signature,
-                                   protocol_id: AUTH_PROTOCOL,
-                                   key_id: key_id,
-                                   counterparty: session.peer_identity_key
-                                 })
+        @wallet.verify_signature(
+          data: data,
+          signature: signature,
+          protocol_id: AUTH_PROTOCOL,
+          key_id: key_id,
+          counterparty: session.peer_identity_key
+        )
 
         if certs.is_a?(Array) && !certs.empty?
           validation_msg = { identity_key: session.peer_identity_key, certificates: certs }

data/lib/bsv/auth/verifiable_certificate.rb

@@ -130,7 +130,7 @@ module BSV
               privileged_reason: privileged_reason
             }.merge(Certificate.certificate_field_encryption_details(field_name, @serial_number))
 
-            field_revelation_key = verifier_wallet.decrypt(dec_args)[:plaintext]
+            field_revelation_key = verifier_wallet.decrypt(**dec_args)[:plaintext]
 
             sym_key = BSV::Primitives::SymmetricKey.new(field_revelation_key.pack('C*'))
             decrypted_bytes = sym_key.decrypt(Base64.strict_decode64(@fields[field_name]))

data/lib/bsv/identity/client.rb

@@ -71,7 +71,7 @@ module BSV
         args[:limit]  = limit  unless limit.nil?
         args[:offset] = offset unless offset.nil?
 
-        result = @wallet.discover_by_identity_key(args, originator: @originator)
+        result = @wallet.discover_by_identity_key(**args, originator: @originator)
         parse_certificates(result)
       end
 
@@ -89,7 +89,7 @@ module BSV
         args[:limit]  = limit  unless limit.nil?
         args[:offset] = offset unless offset.nil?
 
-        result = @wallet.discover_by_attributes(args, originator: @originator)
+        result = @wallet.discover_by_attributes(**args, originator: @originator)
         parse_certificates(result)
       end
 
@@ -117,7 +117,7 @@ module BSV
         # Prove the certificate to the "anyone" verifier (PrivateKey(1) public key)
         anyone_pubkey = BSV::Script::PushDropTemplate::GENERATOR_PUBKEY_HEX
         prove_result  = @wallet.prove_certificate(
-          { certificate: certificate, fields_to_reveal: fields_to_reveal, verifier: anyone_pubkey },
+          certificate: certificate, fields_to_reveal: fields_to_reveal, verifier: anyone_pubkey,
           originator: @originator
         )
         keyring = prove_result[:keyring_for_verifier]
@@ -155,17 +155,15 @@ module BSV
 
         # Create the transaction
         create_result = @wallet.create_action(
-          {
-            description: 'Create a new Identity Token',
-            outputs: [
-              {
-                satoshis: @options.token_amount,
-                locking_script: locking_script.to_hex,
-                output_description: 'Identity Token'
-              }
-            ],
-            options: { randomize_outputs: false }
-          },
+          description: 'Create a new Identity Token',
+          outputs: [
+            {
+              satoshis: @options.token_amount,
+              locking_script: locking_script.to_hex,
+              output_description: 'Identity Token'
+            }
+          ],
+          options: { randomize_outputs: false },
           originator: @originator
         )
 
@@ -215,18 +213,16 @@ module BSV
         # Create a spending transaction; use unlocking_script_length so the wallet
         # produces a signable transaction that can then be signed and broadcast.
         create_result = @wallet.create_action(
-          {
-            description: 'Spend certificate revelation token',
-            input_beef: beef_bytes,
-            inputs: [
-              {
-                input_description: 'Revelation token',
-                outpoint: outpoint,
-                unlocking_script_length: BSV::Script::PushDropTemplate::Unlocker::ESTIMATED_LENGTH
-              }
-            ],
-            options: { randomize_outputs: false, no_send: true }
-          },
+          description: 'Spend certificate revelation token',
+          input_beef: beef_bytes,
+          inputs: [
+            {
+              input_description: 'Revelation token',
+              outpoint: outpoint,
+              unlocking_script_length: BSV::Script::PushDropTemplate::Unlocker::ESTIMATED_LENGTH
+            }
+          ],
+          options: { randomize_outputs: false, no_send: true },
           originator: @originator
         )
 
@@ -248,11 +244,9 @@ module BSV
         unlocking_script = unlocker.sign(partial_tx, spending_input_idx)
 
         sign_result = @wallet.sign_action(
-          {
-            reference: signable[:reference],
-            spends: { spending_input_idx => { unlocking_script: unlocking_script.to_hex } },
-            options: { no_send: true }
-          },
+          reference: signable[:reference],
+          spends: { spending_input_idx => { unlocking_script: unlocking_script.to_hex } },
+          options: { no_send: true },
           originator: @originator
         )
 
@@ -343,7 +337,7 @@ module BSV
       #
       # @return [Symbol] :mainnet or :testnet
       def wallet_network
-        result = @wallet.get_network({}, originator: @originator)
+        result = @wallet.get_network(originator: @originator)
         net_str = result[:network] || result['network'] || 'mainnet'
         net_str.to_sym
       end

data/lib/bsv/mcp/tools/broadcast_p2pkh.rb

@@ -91,8 +91,16 @@ module BSV
           private_key = BSV::Primitives::PrivateKey.from_wif(wif)
           sender_address = private_key.public_key.address(network: net_sym)
 
-          woc = BSV::Network::WhatsOnChain.new(network: net_sym)
-          all_utxos = woc.fetch_utxos(sender_address)
+          woc = BSV::Network::Providers::WhatsOnChain.default(network: net_sym)
+          utxo_result = woc.call(:get_utxos_all, sender_address)
+          return Helpers.error_response("UTXO fetch failed: #{utxo_result.message}") unless utxo_result.success?
+
+          all_utxos = utxo_result.data.map do |entry|
+            BSV::Network::UTXO.new(
+              tx_hash: entry[:tx_hash], tx_pos: entry[:tx_pos],
+              satoshis: entry[:satoshis], height: entry[:height]
+            )
+          end
 
           return Helpers.error_response('No UTXOs found for sender address — the address may have no funds') if all_utxos.empty?
 
@@ -104,11 +112,12 @@ module BSV
           tx = build_transaction(selected, satoshis, to_address, sender_address, private_key)
 
           arc = build_arc(net_sym, server_context)
-          broadcast_result = arc.broadcast(tx)
+          arc_result = arc.call(:broadcast, tx)
+          return Helpers.error_response("Broadcast failed: #{arc_result.message}") unless arc_result.success?
 
           result = {
-            txid: broadcast_result.txid,
-            tx_status: broadcast_result.tx_status,
+            txid: arc_result.data[:txid],
+            tx_status: arc_result.data[:tx_status],
             hex: tx.to_hex
           }
 
@@ -118,10 +127,6 @@ module BSV
           )
         rescue ArgumentError => e
           Helpers.error_response(e.message)
-        rescue BSV::Network::ChainProviderError => e
-          Helpers.error_response("UTXO fetch failed: #{e.message}")
-        rescue BSV::Network::BroadcastError => e
-          Helpers.error_response("Broadcast failed: #{e.message}")
         end
 
         # Select UTXOs greedily until the total meets or exceeds the target.
@@ -196,13 +201,14 @@ module BSV
         end
         private_class_method :p2pkh_lock_for
 
-        # Build an ARC broadcaster using server config when available.
+        # Build an ARC protocol instance using server config when available.
         # @api private
         def self.build_arc(net_sym, server_context)
           testnet = net_sym == :testnet
           opts = {}
           opts[:api_key] = server_context[:arc_api_key] if server_context.is_a?(Hash) && server_context[:arc_api_key]
-          BSV::Network::ARC.default(testnet: testnet, **opts)
+          provider = BSV::Network::Providers::GorillaPool.default(testnet: testnet, **opts)
+          provider.protocol_for(:broadcast)
         end
         private_class_method :build_arc
       end

data/lib/bsv/mcp/tools/check_balance.rb

@@ -59,8 +59,22 @@ module BSV
           net_sym = Helpers.resolve_network_sym(network, server_context)
           address = resolve_address(address_or_wif, net_sym)
 
-          woc = BSV::Network::WhatsOnChain.new(network: net_sym)
-          utxos = woc.fetch_utxos(address)
+          provider = BSV::Network::Providers::WhatsOnChain.default(network: net_sym)
+          utxo_result = provider.call(:get_utxos_all, address)
+
+          unless utxo_result.success?
+            code = utxo_result.metadata[:status_code]
+            msg = utxo_result.message
+            msg = "#{msg} (HTTP #{code})" if code
+            return Helpers.error_response(msg)
+          end
+
+          utxos = utxo_result.data.map do |entry|
+            BSV::Network::UTXO.new(
+              tx_hash: entry[:tx_hash], tx_pos: entry[:tx_pos],
+              satoshis: entry[:satoshis], height: entry[:height]
+            )
+          end
 
           balance = utxos.sum(&:satoshis)
           result = {
@@ -77,8 +91,6 @@ module BSV
           )
         rescue ArgumentError => e
           Helpers.error_response(e.message)
-        rescue BSV::Network::ChainProviderError => e
-          Helpers.error_response("#{e.message} (HTTP #{e.status_code})")
         end
 
         # Resolve a WIF key or address string to a P2PKH address.