bsv-sdk 0.2.1 → 0.3.0

data/lib/bsv/primitives/symmetric_key.rb

@@ -0,0 +1,128 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'securerandom'
+
+module BSV
+  module Primitives
+    # AES-256-GCM symmetric encryption.
+    #
+    # Provides authenticated encryption matching the interface used by the
+    # TS, Go, and Python reference SDKs. The wire format is:
+    #
+    #   |--- 32-byte IV ---|--- ciphertext ---|--- 16-byte auth tag ---|
+    #
+    # All three reference SDKs use a 32-byte IV (non-standard but
+    # cross-SDK compatible) and 16-byte authentication tag.
+    #
+    # @example Round-trip encryption
+    #   key = BSV::Primitives::SymmetricKey.from_random
+    #   encrypted = key.encrypt('hello world')
+    #   key.decrypt(encrypted) #=> "hello world"
+    class SymmetricKey
+      IV_SIZE = 32
+      TAG_SIZE = 16
+      KEY_SIZE = 32
+
+      # @param key_bytes [String] 32-byte binary key (shorter keys are left-zero-padded)
+      # @raise [ArgumentError] if key is empty or longer than 32 bytes
+      def initialize(key_bytes)
+        key_bytes = key_bytes.b
+        raise ArgumentError, 'key must not be empty' if key_bytes.empty?
+        raise ArgumentError, "key must be at most #{KEY_SIZE} bytes, got #{key_bytes.bytesize}" if key_bytes.bytesize > KEY_SIZE
+
+        @key = if key_bytes.bytesize < KEY_SIZE
+                 ("\x00".b * (KEY_SIZE - key_bytes.bytesize)) + key_bytes
+               else
+                 key_bytes
+               end
+      end
+
+      # Generate a random symmetric key.
+      #
+      # @return [SymmetricKey]
+      def self.from_random
+        new(SecureRandom.random_bytes(KEY_SIZE))
+      end
+
+      # Derive a symmetric key from an ECDH shared secret.
+      #
+      # Computes the shared point between the two parties and uses the
+      # X-coordinate as the key material. The X-coordinate may be 31 or
+      # 32 bytes; shorter values are left-zero-padded automatically.
+      #
+      # @example Alice and Bob derive the same key
+      #   alice_key = SymmetricKey.from_ecdh(alice_priv, bob_pub)
+      #   bob_key   = SymmetricKey.from_ecdh(bob_priv, alice_pub)
+      #   alice_key.to_bytes == bob_key.to_bytes #=> true
+      #
+      # @param private_key [PrivateKey] one party's private key
+      # @param public_key [PublicKey] the other party's public key
+      # @return [SymmetricKey]
+      def self.from_ecdh(private_key, public_key)
+        shared = private_key.derive_shared_secret(public_key)
+        # X-coordinate = bytes 1..32 of the compressed point (skip the 02/03 prefix)
+        x_bytes = shared.compressed.byteslice(1, 32)
+        new(x_bytes)
+      end
+
+      # Encrypt a message with AES-256-GCM.
+      #
+      # Generates a random 32-byte IV per call. Returns the concatenation
+      # of IV, ciphertext, and 16-byte authentication tag.
+      #
+      # @param plaintext [String] the message to encrypt
+      # @return [String] binary string: IV (32) + ciphertext + auth tag (16)
+      def encrypt(plaintext)
+        iv = SecureRandom.random_bytes(IV_SIZE)
+
+        cipher = OpenSSL::Cipher.new('aes-256-gcm')
+        cipher.encrypt
+        cipher.key = @key
+        cipher.iv_len = IV_SIZE
+        cipher.iv = iv
+        cipher.auth_data = ''.b
+
+        plaintext_bytes = plaintext.b
+        ciphertext = plaintext_bytes.empty? ? cipher.final : cipher.update(plaintext_bytes) + cipher.final
+        tag = cipher.auth_tag(TAG_SIZE)
+
+        iv + ciphertext + tag
+      end
+
+      # Decrypt an AES-256-GCM encrypted message.
+      #
+      # Expects the wire format: IV (32) + ciphertext + auth tag (16).
+      #
+      # @param data [String] the encrypted message
+      # @return [String] the decrypted plaintext (binary)
+      # @raise [ArgumentError] if the data is too short
+      # @raise [OpenSSL::Cipher::CipherError] if authentication fails (wrong key or tampered data)
+      def decrypt(data)
+        data = data.b
+        raise ArgumentError, "ciphertext too short: #{data.bytesize} bytes (minimum #{IV_SIZE + TAG_SIZE})" if data.bytesize < IV_SIZE + TAG_SIZE
+
+        iv = data.byteslice(0, IV_SIZE)
+        tag = data.byteslice(-TAG_SIZE, TAG_SIZE)
+        ciphertext = data.byteslice(IV_SIZE, data.bytesize - IV_SIZE - TAG_SIZE)
+
+        decipher = OpenSSL::Cipher.new('aes-256-gcm')
+        decipher.decrypt
+        decipher.key = @key
+        decipher.iv_len = IV_SIZE
+        decipher.iv = iv
+        decipher.auth_tag = tag
+        decipher.auth_data = ''.b
+
+        ciphertext.empty? ? decipher.final : decipher.update(ciphertext) + decipher.final
+      end
+
+      # Return the raw key bytes.
+      #
+      # @return [String] 32-byte binary key
+      def to_bytes
+        @key.dup
+      end
+    end
+  end
+end

data/lib/bsv/primitives.rb

@@ -7,17 +7,23 @@ module BSV
   # HD key derivation (BIP-32), and mnemonic phrase generation (BIP-39).
   # All cryptography uses Ruby's stdlib +openssl+ — no external gems.
   module Primitives
-    autoload :Curve,      'bsv/primitives/curve'
-    autoload :Digest,     'bsv/primitives/digest'
-    autoload :Base58,     'bsv/primitives/base58'
-    autoload :Signature,  'bsv/primitives/signature'
-    autoload :ECDSA,      'bsv/primitives/ecdsa'
-    autoload :ECIES,      'bsv/primitives/ecies'
-    autoload :BSM,        'bsv/primitives/bsm'
-    autoload :Schnorr, 'bsv/primitives/schnorr'
-    autoload :PublicKey, 'bsv/primitives/public_key'
-    autoload :PrivateKey,  'bsv/primitives/private_key'
-    autoload :ExtendedKey, 'bsv/primitives/extended_key'
-    autoload :Mnemonic,    'bsv/primitives/mnemonic'
+    autoload :Curve,        'bsv/primitives/curve'
+    autoload :Digest,       'bsv/primitives/digest'
+    autoload :Base58,       'bsv/primitives/base58'
+    autoload :Signature,    'bsv/primitives/signature'
+    autoload :ECDSA,        'bsv/primitives/ecdsa'
+    autoload :ECIES,        'bsv/primitives/ecies'
+    autoload :BSM,          'bsv/primitives/bsm'
+    autoload :Schnorr,      'bsv/primitives/schnorr'
+    autoload :PublicKey,    'bsv/primitives/public_key'
+    autoload :PrivateKey,   'bsv/primitives/private_key'
+    autoload :ExtendedKey,  'bsv/primitives/extended_key'
+    autoload :Mnemonic,     'bsv/primitives/mnemonic'
+    autoload :SymmetricKey,         'bsv/primitives/symmetric_key'
+    autoload :SignedMessage,        'bsv/primitives/signed_message'
+    autoload :EncryptedMessage,     'bsv/primitives/encrypted_message'
+    autoload :PointInFiniteField,   'bsv/primitives/point_in_finite_field'
+    autoload :Polynomial,           'bsv/primitives/polynomial'
+    autoload :KeyShares,            'bsv/primitives/key_shares'
   end
 end

data/lib/bsv/script/interpreter/interpreter.rb

@@ -96,9 +96,7 @@ module BSV
           break if @early_return && script_idx == 1
 
           # Between scripts: verify conditionals balanced
-          unless @cond_stack.empty?
-            raise ScriptError.new(ScriptErrorCode::UNBALANCED_CONDITIONAL, 'unbalanced conditional')
-          end
+          raise ScriptError.new(ScriptErrorCode::UNBALANCED_CONDITIONAL, 'unbalanced conditional') unless @cond_stack.empty?
 
           # Clear alt stack between scripts
           @astack.clear

data/lib/bsv/script/interpreter/operations/bitwise.rb

@@ -55,9 +55,7 @@ module BSV
           def pop_equal_length_pair
             a = @dstack.pop_bytes
             b = @dstack.pop_bytes
-            if a.bytesize != b.bytesize
-              raise ScriptError.new(ScriptErrorCode::INVALID_INPUT_LENGTH, 'byte arrays are not the same length')
-            end
+            raise ScriptError.new(ScriptErrorCode::INVALID_INPUT_LENGTH, 'byte arrays are not the same length') if a.bytesize != b.bytesize
 
             [a, b]
           end

data/lib/bsv/script/interpreter/operations/crypto.rb

@@ -52,9 +52,7 @@ module BSV
             result = verify_checksig(full_sig, pubkey_bytes)
 
             # NULLFAIL: non-empty signature that failed verification
-            unless result
-              raise ScriptError.new(ScriptErrorCode::SIG_NULLFAIL, 'non-empty signature failed verification')
-            end
+            raise ScriptError.new(ScriptErrorCode::SIG_NULLFAIL, 'non-empty signature failed verification') unless result
 
             @dstack.push_bool(true)
           end
@@ -85,18 +83,14 @@ module BSV
 
             # Dummy element (off-by-one bug compatibility)
             dummy = @dstack.pop_bytes
-            unless dummy.empty?
-              raise ScriptError.new(ScriptErrorCode::SIG_NULLDUMMY, 'CHECKMULTISIG dummy element must be empty')
-            end
+            raise ScriptError.new(ScriptErrorCode::SIG_NULLDUMMY, 'CHECKMULTISIG dummy element must be empty') unless dummy.empty?
 
             success = multisig_match?(signatures, pubkeys)
 
             # NULLFAIL: if failed, all signatures must be empty
             unless success
               signatures.each do |sig|
-                unless sig.empty?
-                  raise ScriptError.new(ScriptErrorCode::SIG_NULLFAIL, 'non-empty signature failed verification')
-                end
+                raise ScriptError.new(ScriptErrorCode::SIG_NULLFAIL, 'non-empty signature failed verification') unless sig.empty?
               end
             end
 

data/lib/bsv/script/interpreter/operations/flow_control.rb

@@ -30,9 +30,7 @@ module BSV
 
           # OP_ELSE: toggle conditional branch (only one ELSE per IF after genesis)
           def op_else
-            if @cond_stack.empty?
-              raise ScriptError.new(ScriptErrorCode::UNBALANCED_CONDITIONAL, 'OP_ELSE without matching OP_IF')
-            end
+            raise ScriptError.new(ScriptErrorCode::UNBALANCED_CONDITIONAL, 'OP_ELSE without matching OP_IF') if @cond_stack.empty?
 
             # After genesis: only one ELSE per IF
             raise ScriptError.new(ScriptErrorCode::UNBALANCED_CONDITIONAL, 'duplicate OP_ELSE') if @else_stack.pop
@@ -47,9 +45,7 @@ module BSV
 
           # OP_ENDIF: close conditional block
           def op_endif
-            if @cond_stack.empty?
-              raise ScriptError.new(ScriptErrorCode::UNBALANCED_CONDITIONAL, 'OP_ENDIF without matching OP_IF')
-            end
+            raise ScriptError.new(ScriptErrorCode::UNBALANCED_CONDITIONAL, 'OP_ENDIF without matching OP_IF') if @cond_stack.empty?
 
             @cond_stack.pop
             @else_stack.pop

data/lib/bsv/script/interpreter/operations/splice.rb

@@ -44,9 +44,7 @@ module BSV
             size = @dstack.pop_int.to_i32
             data = @dstack.pop_bytes
 
-            if size.negative?
-              raise ScriptError.new(ScriptErrorCode::INVALID_INPUT_LENGTH, 'OP_NUM2BIN: size is negative')
-            end
+            raise ScriptError.new(ScriptErrorCode::INVALID_INPUT_LENGTH, 'OP_NUM2BIN: size is negative') if size.negative?
 
             minimal = ScriptNumber.minimally_encode(data)
 

data/lib/bsv/script/interpreter/script_number.rb

@@ -44,10 +44,7 @@ module BSV
         return new(0) if bytes.empty?
 
         if bytes.bytesize > max_length
-          raise ScriptError.new(
-            ScriptErrorCode::NUMBER_TOO_BIG,
-            "script number overflow: #{bytes.bytesize} > #{max_length}"
-          )
+          raise ScriptError.new ScriptErrorCode::NUMBER_TOO_BIG, "script number overflow: #{bytes.bytesize} > #{max_length}"
         end
 
         check_minimal_encoding!(bytes) if require_minimal
@@ -202,9 +199,7 @@ module BSV
         return if msb.anybits?(0x7f)
 
         # Single byte that is pure sign/zero (0x00 or 0x80) — not minimal
-        if bytes.bytesize == 1
-          raise ScriptError.new(ScriptErrorCode::MINIMAL_DATA, 'non-minimal script number encoding')
-        end
+        raise ScriptError.new(ScriptErrorCode::MINIMAL_DATA, 'non-minimal script number encoding') if bytes.bytesize == 1
 
         # Padding is justified if second-to-last byte has high bit set
         return if bytes.getbyte(bytes.bytesize - 2) & 0x80 != 0

data/lib/bsv/script/script.rb

@@ -177,6 +177,100 @@ module BSV
         new(buf)
       end
 
+      # Construct a PushDrop locking script.
+      #
+      # Pushes arbitrary data fields onto the stack, then drops them all
+      # before the locking condition executes. Used for token protocols
+      # where data must be embedded in spendable outputs.
+      #
+      # Structure: +[field0] [field1] ... [fieldN] [OP_2DROP...] [OP_DROP?] [lock_script]+
+      #
+      # @param fields [Array<String>] data payloads to embed (binary strings)
+      # @param lock_script [Script] the underlying locking condition (e.g. P2PKH)
+      # @return [Script]
+      # @raise [ArgumentError] if fields is empty or lock_script is not a Script
+      def self.pushdrop_lock(fields, lock_script)
+        raise ArgumentError, 'fields must not be empty' if fields.empty?
+        raise ArgumentError, 'lock_script must be a Script' unless lock_script.is_a?(Script)
+
+        chunks = fields.map { |f| encode_minimally(f.b) }
+
+        remaining = fields.length
+        while remaining > 1
+          chunks << Chunk.new(opcode: Opcodes::OP_2DROP)
+          remaining -= 2
+        end
+        chunks << Chunk.new(opcode: Opcodes::OP_DROP) if remaining == 1
+
+        chunks.concat(lock_script.chunks)
+        from_chunks(chunks)
+      end
+
+      # Construct a PushDrop unlocking script.
+      #
+      # Pass-through wrapper — the data fields are dropped during execution,
+      # so the unlocking script just needs to satisfy the underlying lock.
+      #
+      # @param unlock_script [Script] unlocking script for the underlying condition
+      # @return [Script]
+      def self.pushdrop_unlock(unlock_script)
+        unlock_script
+      end
+
+      # Hash type to opcode mapping for RPuzzle scripts.
+      RPUZZLE_HASH_OPS = {
+        raw: nil,
+        sha1: Opcodes::OP_SHA1,
+        ripemd160: Opcodes::OP_RIPEMD160,
+        sha256: Opcodes::OP_SHA256,
+        hash160: Opcodes::OP_HASH160,
+        hash256: Opcodes::OP_HASH256
+      }.freeze
+
+      # Reverse lookup: opcode → hash type symbol (excludes :raw).
+      RPUZZLE_OP_TO_TYPE = RPUZZLE_HASH_OPS.reject { |k, _| k == :raw }.invert.freeze
+
+      # The fixed opcode prefix shared by all RPuzzle locking scripts.
+      # OP_OVER OP_3 OP_SPLIT OP_NIP OP_1 OP_SPLIT OP_SWAP OP_SPLIT OP_DROP
+      RPUZZLE_PREFIX = [
+        Opcodes::OP_OVER, Opcodes::OP_3, Opcodes::OP_SPLIT,
+        Opcodes::OP_NIP, Opcodes::OP_1, Opcodes::OP_SPLIT,
+        Opcodes::OP_SWAP, Opcodes::OP_SPLIT, Opcodes::OP_DROP
+      ].freeze
+
+      # Construct an RPuzzle locking script.
+      #
+      # RPuzzle enables hash-puzzle-based spending where the spender proves
+      # knowledge of the ECDSA K-value (nonce) that produced a signature's
+      # R component.
+      #
+      # @param hash_value [String] the R-value or hash of R-value to lock against
+      # @param hash_type [Symbol] one of +:raw+, +:sha1+, +:ripemd160+,
+      #   +:sha256+, +:hash160+, +:hash256+
+      # @return [Script]
+      # @raise [ArgumentError] if hash_type is invalid
+      def self.rpuzzle_lock(hash_value, hash_type: :hash160)
+        raise ArgumentError, "unknown hash_type: #{hash_type}" unless RPUZZLE_HASH_OPS.key?(hash_type)
+
+        buf = RPUZZLE_PREFIX.pack('C*')
+        hash_op = RPUZZLE_HASH_OPS[hash_type]
+        buf << [hash_op].pack('C') if hash_op
+        buf << encode_push_data(hash_value.b)
+        buf << [Opcodes::OP_EQUALVERIFY, Opcodes::OP_CHECKSIG].pack('CC')
+        new(buf)
+      end
+
+      # Construct an RPuzzle unlocking script.
+      #
+      # Same wire format as P2PKH: signature + public key.
+      #
+      # @param signature_der [String] DER-encoded signature with sighash byte
+      # @param pubkey_bytes [String] compressed or uncompressed public key bytes
+      # @return [Script]
+      def self.rpuzzle_unlock(signature_der, pubkey_bytes)
+        p2pkh_unlock(signature_der, pubkey_bytes)
+      end
+
       # --- Serialisation ---
 
       # @return [String] a copy of the raw script bytes
@@ -256,6 +350,76 @@ module BSV
           ([0x04, 0x06, 0x07].include?(version) && pubkey.bytesize == 65)
       end
 
+      # Whether this is a PushDrop script.
+      #
+      # Detects scripts with one or more data pushes followed by a
+      # OP_DROP/OP_2DROP chain and a recognisable locking condition.
+      #
+      # @return [Boolean]
+      def pushdrop?
+        c = chunks
+        return false if c.length < 3
+
+        # Find the first DROP/2DROP — everything before is data fields
+        drop_start = c.index { |ch| [Opcodes::OP_DROP, Opcodes::OP_2DROP].include?(ch.opcode) }
+        return false unless drop_start&.positive?
+
+        # All chunks before first drop must be data pushes or minimal push opcodes
+        field_chunks = c[0...drop_start]
+        return false unless field_chunks.all? { |ch| ch.data? || minimal_push_opcode?(ch.opcode) }
+
+        # Count fields and verify the drop sequence
+        num_fields = field_chunks.length
+        expected_drops = []
+        remaining = num_fields
+        while remaining > 1
+          expected_drops << Opcodes::OP_2DROP
+          remaining -= 2
+        end
+        expected_drops << Opcodes::OP_DROP if remaining == 1
+
+        drop_end = drop_start + expected_drops.length
+        return false if drop_end > c.length
+
+        actual_drops = c[drop_start...drop_end].map(&:opcode)
+        return false unless actual_drops == expected_drops
+
+        # Must have at least one chunk after the drops (the lock script)
+        drop_end < c.length
+      end
+
+      # Whether this is an RPuzzle script.
+      #
+      # Detects the fixed R-value extraction prefix followed by an optional
+      # hash opcode, a data push, OP_EQUALVERIFY, and OP_CHECKSIG.
+      #
+      # @return [Boolean]
+      def rpuzzle?
+        c = chunks
+        # Minimum: 9 prefix + hash_data + OP_EQUALVERIFY + OP_CHECKSIG = 12
+        # With hash op: 13
+        return false unless c.length >= 12
+
+        # Verify the 9-opcode prefix
+        RPUZZLE_PREFIX.each_with_index do |op, i|
+          return false unless c[i].opcode == op
+        end
+
+        # After prefix: optional hash op, then data push, OP_EQUALVERIFY, OP_CHECKSIG
+        return false unless c[-1].opcode == Opcodes::OP_CHECKSIG
+        return false unless c[-2].opcode == Opcodes::OP_EQUALVERIFY
+        return false unless c[-3].data?
+
+        # Either exactly 12 chunks (raw) or 13 chunks (with hash op)
+        if c.length == 12
+          true
+        elsif c.length == 13
+          RPUZZLE_HASH_OPS.values.compact.include?(c[9].opcode)
+        else
+          false
+        end
+      end
+
       # Whether this is a bare multisig script.
       #
       # Pattern: +OP_M <pubkey1> ... <pubkeyN> OP_N OP_CHECKMULTISIG+
@@ -275,7 +439,8 @@ module BSV
       # Classify the script as a standard type.
       #
       # @return [String] one of +"empty"+, +"pubkeyhash"+, +"pubkey"+,
-      #   +"scripthash"+, +"nulldata"+, +"multisig"+, or +"nonstandard"+
+      #   +"scripthash"+, +"nulldata"+, +"multisig"+, +"pushdrop"+,
+      #   +"rpuzzle"+, or +"nonstandard"+
       def type
         if @bytes.empty? then 'empty'
         elsif p2pkh? then 'pubkeyhash'
@@ -283,6 +448,8 @@ module BSV
         elsif p2sh? then 'scripthash'
         elsif op_return? then 'nulldata'
         elsif multisig? then 'multisig'
+        elsif pushdrop? then 'pushdrop'
+        elsif rpuzzle? then 'rpuzzle'
         else 'nonstandard'
         end
       end
@@ -317,6 +484,49 @@ module BSV
         Script.new(@bytes.byteslice(start..)).chunks.select(&:data?).map(&:data)
       end
 
+      # Extract the hash value from an RPuzzle script.
+      #
+      # @return [String, nil] the locked hash/R-value, or +nil+ if not RPuzzle
+      def rpuzzle_hash
+        return unless rpuzzle?
+
+        chunks[-3].data
+      end
+
+      # Detect the hash type used in an RPuzzle script.
+      #
+      # @return [Symbol, nil] the hash type (e.g. +:hash160+, +:raw+), or +nil+ if not RPuzzle
+      def rpuzzle_hash_type
+        return unless rpuzzle?
+
+        chunks.length == 12 ? :raw : RPUZZLE_OP_TO_TYPE[chunks[9].opcode]
+      end
+
+      # Extract the embedded data fields from a PushDrop script.
+      #
+      # @return [Array<String>, nil] array of field data, or +nil+ if not PushDrop
+      def pushdrop_fields
+        return unless pushdrop?
+
+        c = chunks
+        drop_start = c.index { |ch| [Opcodes::OP_DROP, Opcodes::OP_2DROP].include?(ch.opcode) }
+        c[0...drop_start].map { |ch| decode_minimal_push(ch) }
+      end
+
+      # Extract the underlying lock script from a PushDrop script.
+      #
+      # @return [Script, nil] the lock script portion, or +nil+ if not PushDrop
+      def pushdrop_lock_script
+        return unless pushdrop?
+
+        c = chunks
+        drop_start = c.index { |ch| [Opcodes::OP_DROP, Opcodes::OP_2DROP].include?(ch.opcode) }
+        num_fields = drop_start
+        num_drops = (num_fields / 2) + (num_fields.odd? ? 1 : 0)
+        lock_start = drop_start + num_drops
+        self.class.from_chunks(c[lock_start..])
+      end
+
       # Derive Bitcoin addresses from this script.
       #
       # Currently supports P2PKH scripts only.
@@ -366,6 +576,26 @@ module BSV
           end
         end
 
+        def encode_minimally(data)
+          len = data.bytesize
+
+          if len.zero? || (len == 1 && data.getbyte(0).zero?)
+            Chunk.new(opcode: Opcodes::OP_0)
+          elsif len == 1 && data.getbyte(0).between?(1, 16)
+            Chunk.new(opcode: 0x50 + data.getbyte(0))
+          elsif len == 1 && data.getbyte(0) == 0x81
+            Chunk.new(opcode: Opcodes::OP_1NEGATE)
+          elsif len <= 0x4b
+            Chunk.new(opcode: len, data: data)
+          elsif len <= 0xff
+            Chunk.new(opcode: Opcodes::OP_PUSHDATA1, data: data)
+          elsif len <= 0xffff
+            Chunk.new(opcode: Opcodes::OP_PUSHDATA2, data: data)
+          else
+            Chunk.new(opcode: Opcodes::OP_PUSHDATA4, data: data)
+          end
+        end
+
         def resolve_opcode(token)
           return nil unless token.start_with?('OP_')
 
@@ -381,6 +611,23 @@ module BSV
         opcode == Opcodes::OP_0 || opcode.between?(Opcodes::OP_1, Opcodes::OP_16)
       end
 
+      def minimal_push_opcode?(opcode)
+        opcode == Opcodes::OP_0 ||
+          opcode == Opcodes::OP_1NEGATE ||
+          opcode.between?(Opcodes::OP_1, Opcodes::OP_16)
+      end
+
+      def decode_minimal_push(chunk)
+        return chunk.data if chunk.data?
+
+        case chunk.opcode
+        when Opcodes::OP_0 then ''.b
+        when Opcodes::OP_1NEGATE then "\x81".b
+        when Opcodes::OP_1..Opcodes::OP_16
+          [chunk.opcode - 0x50].pack('C')
+        end
+      end
+
       def parse_chunks
         result = []
         pos = 0
@@ -392,11 +639,13 @@ module BSV
 
           if opcode.positive? && opcode <= 0x4b
             raise ArgumentError, "truncated script: need #{opcode} data bytes at offset #{pos}" if pos + opcode > raw.bytesize
+
             data = raw.byteslice(pos, opcode)
             pos += opcode
             result << Chunk.new(opcode: opcode, data: data)
           elsif opcode == Opcodes::OP_PUSHDATA1
             raise ArgumentError, "truncated script: OP_PUSHDATA1 missing length byte at offset #{pos}" if pos >= raw.bytesize
+
             len = raw.getbyte(pos)
             pos += 1
             data = raw.byteslice(pos, len)
@@ -404,6 +653,7 @@ module BSV
             result << Chunk.new(opcode: opcode, data: data)
           elsif opcode == Opcodes::OP_PUSHDATA2
             raise ArgumentError, "truncated script: OP_PUSHDATA2 needs 2 length bytes at offset #{pos}" if pos + 2 > raw.bytesize
+
             len = raw.byteslice(pos, 2).unpack1('v')
             pos += 2
             data = raw.byteslice(pos, len)
@@ -411,6 +661,7 @@ module BSV
             result << Chunk.new(opcode: opcode, data: data)
           elsif opcode == Opcodes::OP_PUSHDATA4
             raise ArgumentError, "truncated script: OP_PUSHDATA4 needs 4 length bytes at offset #{pos}" if pos + 4 > raw.bytesize
+
             len = raw.byteslice(pos, 4).unpack1('V')
             pos += 4
             data = raw.byteslice(pos, len)

data/lib/bsv/transaction/beef.rb

@@ -106,10 +106,7 @@ module BSV
       # @param data [String] raw BEEF binary
       # @return [Beef] the parsed BEEF bundle
       def self.from_binary(data)
-        if data.bytesize < 4
-          raise ArgumentError,
-                "truncated BEEF: need at least 4 bytes for version, got #{data.bytesize}"
-        end
+        raise ArgumentError, "truncated BEEF: need at least 4 bytes for version, got #{data.bytesize}" if data.bytesize < 4
 
         offset = 0