tapyrus 0.1.0 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 73863e0b35030aee45baa96661f5bbd0322e78381be022d8372e620f8cd8668c
-  data.tar.gz: 3f6378420bb9940a4829e378bb9975c67f5e5c5b61e4c5e077d85f83e0f59715
+  metadata.gz: 6e7f821324dfe56eb103457c17b585792e2cc250c3738f59f1665aa4a831a917
+  data.tar.gz: 1faa2850c7dfe07d9be35c75e3c9500e10ef39725db64fc01d88de5548894068
 SHA512:
-  metadata.gz: 5ffa34b251d363ade9355430980d50d233c104071b15f46535fee2009b8826f4b163891e384cec997b72e2680387cd3d200b55a41c4ebda8c359fdf6f965f091
-  data.tar.gz: c3860a9b13c2f43ef55b47cb985eb9467d5c4fdf9f1436b6c0e97b9a1b04a2ecdcd726e0103baa5ccd302753cc460f0240c0cd76c32cc08347e46e997e0ec7d6
+  metadata.gz: 3299a042ff5f3fa919d4732c1c7c9288cef3bdb213267171d7fa733b53929479b83abb333be1820304fbb593cda742fd8240d8589424536a044901e92cf96823
+  data.tar.gz: c579e85d346cb81290e5854c303147f32dbe1df3049f4190f05af1fded387aaf7cf7cc4170761fa9eaf409c174b7b37f9f3031193c442567bc95e5d8b1b02e2f

data/README.md

@@ -12,7 +12,7 @@ Tapyrusrb supports following feature:
 * Tapyrus script interpreter
 * De/serialization of Tapyrus protocol network messages
 * De/serialization of blocks and transactions
-* Key generation and verification for ECDSA, including [BIP-32](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki) and [BIP-39](https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki) supports.
+* Key generation and verification for Schnorr and ECDSA (including [BIP-32](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki) and [BIP-39](https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki) supports).
 * ECDSA signature(RFC6979 -Deterministic ECDSA, LOW-S, LOW-R support)
 * [WIP] SPV node
 * [WIP] 0ff-chain protocol
@@ -65,29 +65,21 @@ And then add to your .rb file:
 
 The parameters of the blockchain are managed by `Tapyrus::ChainParams`. Switch chain parameters as follows:
 
-* mainnet
+* prod
 
 ```ruby
-Tapyrus.chain_params = :mainnet
+Tapyrus.chain_params = :prod
 ```
 
-This parameter is described in https://github.com/chaintope/tapyrusrb/blob/master/lib/tapyrus/chainparams/mainnet.yml.
+This parameter is described in https://github.com/chaintope/tapyrusrb/blob/master/lib/tapyrus/chainparams/prod.yml.
 
-* testnet
+* dev
 
 ```ruby
-Tapyrus.chain_params = :testnet
+Tapyrus.chain_params = :dev
 ```
 
-This parameter is described in https://github.com/chaintope/tapyrusrb/blob/master/lib/tapyrus/chainparams/testnet.yml.
-
-* regtest
-
-```ruby
-Tapyrus.chain_params = :regtest
-```
-
-This parameter is described in https://github.com/chaintope/tapyrusrb/blob/master/lib/tapyrus/chainparams/regtest.yml.
+This parameter is described in https://github.com/chaintope/tapyrusrb/blob/master/lib/tapyrus/chainparams/dev.yml.
 
 ## Contributing
 

data/exe/tapyrusrbd

@@ -16,11 +16,11 @@ end
 
 class Tapyrusrbd < Thor
 
-  class_option :network, aliases: '-n', default: :mainnet
+  class_option :network, aliases: '-n', default: :prod
 
   desc 'start', 'start tapyrusrb daemon.'
   def start
-    network = options['network'] ? options['network'].to_sym : :mainnet
+    network = options['network'] ? options['network'].to_sym : :prod
     Tapyrus.chain_params = network
     FileUtils.mkdir_p(Tapyrus.base_dir)
     execute_daemon(['start', network: network])

data/lib/openassets/util.rb

@@ -18,10 +18,8 @@ module OpenAssets
       end
 
       def oa_version_byte
-        case Tapyrus.chain_params.network
-        when 'mainnet' then OA_VERSION_BYTE
-        when 'testnet', 'regtest' then OA_VERSION_BYTE_TESTNET
-        end
+        return OA_VERSION_BYTE if Tapyrus.chain_params.prod?
+        return OA_VERSION_BYTE_TESTNET if Tapyrus.chain_params.dev?
       end
     end
   end

data/lib/schnorr.rb

@@ -0,0 +1,83 @@
+module Schnorr
+  autoload :Signature, 'schnorr/signature'
+
+  module_function
+
+  GROUP = ECDSA::Group::Secp256k1
+  ALGO16 = 'SCHNORR + SHA256'
+
+  # Generate schnorr signature.
+  # @param message (String) A message to be signed with binary format.
+  # @param private_key (Integer) The private key.
+  # (The number of times to add the generator point to itself to get the public key.)
+  # @return (Schnorr::Signature)
+  def sign(message, private_key)
+    raise 'The message must be a 32-byte array.' unless message.bytesize == 32
+    raise 'private_key is zero or over the curve order.' if private_key == 0 || private_key >= GROUP.order
+
+    p = GROUP.new_point(private_key)
+    secret = ECDSA::Format::IntegerOctetString.encode(private_key, GROUP.byte_length)
+    secret = secret + message + ALGO16
+    nonce = Tapyrus::Secp256k1::RFC6979.generate_rfc6979_nonce(secret, '')
+
+    k0 = nonce % GROUP.order
+    raise 'Creation of signature failed. k is zero' if k0.zero?
+
+    r = GROUP.new_point(k0)
+    k = ECDSA::PrimeField.jacobi(r.y, GROUP.field.prime) == 1 ? k0 : GROUP.order - k0
+
+    e = create_challenge(r.x, p, message)
+
+    Schnorr::Signature.new(r.x, (k + e * private_key) % GROUP.order)
+  end
+
+  # Verifies the given {Signature} and returns true if it is valid.
+  # @param message (String) A message to be signed with binary format.
+  # @param public_key (String) The public key with binary format.
+  # @param signature (String) The signature with binary format.
+  # @return (Boolean) whether signature is valid.
+  def valid_sig?(message, signature, public_key)
+    check_sig!(message, signature, public_key)
+  rescue InvalidSignatureError, ECDSA::Format::DecodeError
+    false
+  end
+
+  # Verifies the given {Signature} and raises an {InvalidSignatureError} if it is invalid.
+  # @param message (String) A message to be signed with binary format.
+  # @param public_key (String) The public key with binary format.
+  # @param signature (String) The signature with binary format.
+  # @return (Boolean)
+  def check_sig!(message, signature, public_key)
+    sig = Schnorr::Signature.decode(signature)
+    pubkey = ECDSA::Format::PointOctetString.decode(public_key, GROUP)
+    field = GROUP.field
+
+    raise Schnorr::InvalidSignatureError, 'Invalid signature: r is not in the field.' unless field.include?(sig.r)
+    raise Schnorr::InvalidSignatureError, 'Invalid signature: s is not in the field.' unless field.include?(sig.s)
+    raise Schnorr::InvalidSignatureError, 'Invalid signature: r is zero.' if sig.r.zero?
+    raise Schnorr::InvalidSignatureError, 'Invalid signature: s is zero.' if sig.s.zero?
+    raise Schnorr::InvalidSignatureError, 'Invalid signature: r is larger than field size.' if sig.r >= field.prime
+    raise Schnorr::InvalidSignatureError, 'Invalid signature: s is larger than group order.' if sig.s >= GROUP.order
+
+    e = create_challenge(sig.r, pubkey, message)
+
+    r = GROUP.new_point(sig.s) + pubkey.multiply_by_scalar(e).negate
+
+    if r.infinity? || r.x != sig.r || ECDSA::PrimeField.jacobi(r.y, GROUP.field.prime) != 1
+      raise Schnorr::InvalidSignatureError, 'signature verification failed.'
+    end
+
+    true
+  end
+
+  # create signature digest.
+  # @param (Integer) x a x coordinate for R.
+  # @param (ECDSA::Point) p a public key.
+  # @return (Integer) digest e.
+  def create_challenge(x, p, message)
+    r_x = ECDSA::Format::IntegerOctetString.encode(x, GROUP.byte_length)
+    p_str= p.to_hex.htb
+    (ECDSA.normalize_digest(Digest::SHA256.digest(r_x + p_str + message), GROUP.bit_length)) % GROUP.order
+  end
+
+end

data/lib/schnorr/signature.rb

@@ -0,0 +1,38 @@
+module Schnorr
+
+  class InvalidSignatureError < StandardError; end
+
+  # Instances of this class represents Schnorr signatures,
+  # which are simply a pair of integers named `r` and `s`.
+  class Signature
+
+    attr_reader :r
+    attr_reader :s
+
+    # @param r (Integer) the value of r.
+    # @param s (Integer) the value of s.
+    def initialize(r, s)
+      @r, @s = r, s
+      r.is_a?(Integer) or raise ArgumentError, 'r is not an integer.'
+      s.is_a?(Integer) or raise ArgumentError, 's is not an integer.'
+    end
+
+    # Parse a string to a {Signature}.
+    # @param string (String) signature string with binary format.
+    # @return (Signature) signature instance.
+    def self.decode(string)
+      raise InvalidSignatureError, 'Invalid schnorr signature length.' unless string.bytesize == 64
+      r = string[0...32].unpack('H*').first.to_i(16)
+      s = string[32..-1].unpack('H*').first.to_i(16)
+      new(r, s)
+    end
+
+    # Encode signature to string.
+    # @return (String) encoded signature.
+    def encode
+      ECDSA::Format::IntegerOctetString.encode(r, 32) + ECDSA::Format::IntegerOctetString.encode(s, 32)
+    end
+
+  end
+
+end

data/lib/tapyrus.rb

@@ -6,14 +6,15 @@ require 'eventmachine'
 require 'ecdsa'
 require 'securerandom'
 require 'json'
-require 'bech32'
 require 'ffi'
 require 'observer'
 require 'tmpdir'
 require_relative 'openassets'
+require_relative 'schnorr'
 
 module Tapyrus
 
+  autoload :Ext, 'tapyrus/ext'
   autoload :Util, 'tapyrus/util'
   autoload :ChainParams, 'tapyrus/chain_params'
   autoload :Message, 'tapyrus/message'
@@ -29,7 +30,6 @@ module Tapyrus
   autoload :TxIn, 'tapyrus/tx_in'
   autoload :TxOut, 'tapyrus/tx_out'
   autoload :OutPoint, 'tapyrus/out_point'
-  autoload :ScriptWitness, 'tapyrus/script_witness'
   autoload :MerkleTree, 'tapyrus/merkle_tree'
   autoload :Key, 'tapyrus/key'
   autoload :ExtKey, 'tapyrus/ext_key'
@@ -46,18 +46,20 @@ module Tapyrus
   autoload :Wallet, 'tapyrus/wallet'
   autoload :BloomFilter, 'tapyrus/bloom_filter'
   autoload :KeyPath, 'tapyrus/key_path'
-  autoload :Descriptor, 'tapyrus/descriptor'
   autoload :SLIP39, 'tapyrus/slip39'
+  autoload :Color, 'tapyrus/script/color'
+  autoload :Errors, 'tapyrus/errors'
 
   require_relative 'tapyrus/constants'
+  require_relative 'tapyrus/ext/ecdsa'
 
   extend Util
 
-  @chain_param = :mainnet
+  @chain_param = :prod
 
   # set tapyrus network chain params
   def self.chain_params=(name)
-    raise "chain params for #{name} is not defined." unless %i(mainnet testnet regtest).include?(name.to_sym)
+    raise "chain params for #{name} is not defined." unless %i(prod dev).include?(name.to_sym)
     @current_chain = nil
     @chain_param = name.to_sym
   end
@@ -66,12 +68,10 @@ module Tapyrus
   def self.chain_params
     return @current_chain if @current_chain
     case @chain_param
-    when :mainnet
-      @current_chain = Tapyrus::ChainParams.mainnet
-    when :testnet
-      @current_chain = Tapyrus::ChainParams.testnet
-    when :regtest
-      @current_chain = Tapyrus::ChainParams.regtest
+    when :prod
+      @current_chain = Tapyrus::ChainParams.prod
+    when :dev
+      @current_chain = Tapyrus::ChainParams.dev
     end
     @current_chain
   end
@@ -209,11 +209,4 @@ module Tapyrus
     end
   end
 
-  class ::ECDSA::Signature
-    # convert signature to der string.
-    def to_der
-      ECDSA::Format::SignatureDerString.encode(self)
-    end
-  end
-
 end

data/lib/tapyrus/block.rb

@@ -1,5 +1,6 @@
 module Tapyrus
   class Block
+    include Tapyrus::Util
 
     attr_accessor :header
     attr_accessor :transactions
@@ -21,23 +22,6 @@ module Tapyrus
       header.block_hash
     end
 
-    # calculate block weight
-    def weight
-      stripped_size * (WITNESS_SCALE_FACTOR - 1) + size
-    end
-
-    # calculate total size (include witness data.)
-    def size
-      80 + Tapyrus.pack_var_int(transactions.size).bytesize +
-          transactions.inject(0){|sum, tx| sum + (tx.witness? ? tx.serialize_witness_format.bytesize : tx.serialize_old_format.bytesize)}
-    end
-
-    # calculate base size (not include witness data.)
-    def stripped_size
-      80 + Tapyrus.pack_var_int(transactions.size).bytesize +
-          transactions.inject(0){|sum, tx| sum + tx.serialize_old_format.bytesize}
-    end
-
     # check the merkle root in the block header matches merkle root calculated from tx list.
     def valid_merkle_root?
       calculate_merkle_root == header.merkle_root
@@ -48,29 +32,10 @@ module Tapyrus
       Tapyrus::MerkleTree.build_from_leaf(transactions.map(&:tx_hash)).merkle_root
     end
 
-    # check the witness commitment in coinbase tx matches witness commitment calculated from tx list.
-    def valid_witness_commitment?
-      transactions[0].witness_commitment == calculate_witness_commitment
-    end
-
-    # calculate witness commitment from tx list.
-    def calculate_witness_commitment
-      witness_hashes = [COINBASE_WTXID]
-      witness_hashes += (transactions[1..-1].map(&:witness_hash))
-      reserved_value = transactions[0].inputs[0].script_witness.stack.map(&:bth).join
-      root_hash = Tapyrus::MerkleTree.build_from_leaf(witness_hashes).merkle_root
-      Tapyrus.double_sha256([root_hash + reserved_value].pack('H*')).bth
-    end
-
     # return this block height. block height is included in coinbase.
-    # if block version under 1, height does not include in coinbase, so return nil.
+    # @return [Integer] block height.
     def height
-      return nil if header.version < 2
-      coinbase_tx = transactions[0]
-      return nil unless coinbase_tx.coinbase_tx?
-      buf = StringIO.new(coinbase_tx.inputs[0].script_sig.to_payload)
-      len = Tapyrus.unpack_var_int_from_io(buf)
-      buf.read(len).reverse.bth.to_i(16)
+      transactions.first.in.first.out_point.index
     end
 
   end

data/lib/tapyrus/block_header.rb

@@ -2,61 +2,70 @@ module Tapyrus
 
   # Block Header
   class BlockHeader
+    include Tapyrus::HexConverter
+    extend Tapyrus::Util
+    include Tapyrus::Util
 
-    attr_accessor :version
+    X_FILED_TYPES = {none: 0, aggregate_pubkey: 1}
+
+    attr_accessor :features
     attr_accessor :prev_hash
     attr_accessor :merkle_root
-    attr_accessor :time # unix timestamp
-    attr_accessor :bits
-    attr_accessor :nonce
-
-    def initialize(version, prev_hash, merkle_root, time, bits, nonce)
-      @version = version
+    attr_accessor :im_merkle_root # merkel root of immulable merkle tree which consist of immutable txid.
+    attr_accessor :time           # unix timestamp
+    attr_accessor :x_field_type
+    attr_accessor :x_field
+    attr_accessor :proof
+
+    def initialize(features, prev_hash, merkle_root, im_merkle_root, time, x_field_type, x_field, proof = nil)
+      @features = features
       @prev_hash = prev_hash
       @merkle_root = merkle_root
+      @im_merkle_root = im_merkle_root
       @time = time
-      @bits = bits
-      @nonce = nonce
+      @x_field_type = x_field_type
+      @x_field = x_field
+      @proof = proof
     end
 
     def self.parse_from_payload(payload)
-      version, prev_hash, merkle_root, time, bits, nonce = payload.unpack('Va32a32VVV')
-      new(version, prev_hash.bth, merkle_root.bth, time, bits, nonce)
-    end
-
-    def to_payload
-      [version, prev_hash.htb, merkle_root.htb, time, bits, nonce].pack('Va32a32VVV')
+      buf = payload.is_a?(String) ? StringIO.new(payload) : payload
+      features, prev_hash, merkle_root, im_merkle_root, time, x_filed_type = buf.read(105).unpack('Va32a32a32Vc')
+      x_field = buf.read(unpack_var_int_from_io(buf)) unless x_filed_type == X_FILED_TYPES[:none]
+      proof = buf.read(unpack_var_int_from_io(buf))
+      new(features, prev_hash.bth, merkle_root.bth, im_merkle_root.bth, time, x_filed_type, x_field ? x_field.bth : x_field, proof.bth)
     end
 
-    # compute difficulty target from bits.
-    def difficulty_target
-      exponent = ((bits >> 24) & 0xff)
-      mantissa = bits & 0x7fffff
-      mantissa *= -1 if (bits & 0x800000) > 0
-      (mantissa * 2 ** (8 * (exponent - 3)))
+    def to_payload(skip_proof = false)
+      payload = [features, prev_hash.htb, merkle_root.htb, im_merkle_root.htb, time, x_field_type].pack('Va32a32a32Vc')
+      payload << pack_var_string(x_field.htb) unless x_field_type == X_FILED_TYPES[:none]
+      payload << pack_var_string(proof.htb) if proof && !skip_proof
+      payload
     end
 
-    def hash
-      calc_hash.to_i(16)
+    # Calculate hash using sign which does not contains proof.
+    # @return [String] hash of block without proof.
+    def hash_for_sign
+      Tapyrus.double_sha256(to_payload(true)).bth
     end
 
+    # Calculate block hash
+    # @return [String] hash of block with hex format.
     def block_hash
-      calc_hash
+      Tapyrus.double_sha256(to_payload).bth
     end
 
     # block hash(big endian)
+    # @return [String] block id which is reversed version of block hash.
     def block_id
       block_hash.rhex
     end
 
     # evaluate block header
-    def valid?
-      valid_pow? && valid_timestamp?
-    end
-
-    # evaluate valid proof of work.
-    def valid_pow?
-      block_id.hex < difficulty_target
+    # @param [String] agg_pubkey aggregated public key for signers with hex format.
+    # @return [Boolean] result.
+    def valid?(agg_pubkey)
+      valid_timestamp? && valid_proof?(agg_pubkey) && valid_x_field?
     end
 
     # evaluate valid timestamp.
@@ -65,22 +74,42 @@ module Tapyrus
       time <= Time.now.to_i + Tapyrus::MAX_FUTURE_BLOCK_TIME
     end
 
-    # compute chain work of this block.
-    # @return [Integer] a chain work.
-    def work
-      target = difficulty_target
-      return 0 if target < 1
-      115792089237316195423570985008687907853269984665640564039457584007913129639936.div(target + 1) # 115792089237316195423570985008687907853269984665640564039457584007913129639936 is 2**256
+    # Check whether proof is valid.
+    # @param [String] agg_pubkey aggregated public key for signers with hex format.
+    # @return [Boolean] Return true if proof is valid, otherwise return false.
+    def valid_proof?(agg_pubkey)
+      pubkey = Tapyrus::Key.new(pubkey: agg_pubkey)
+      msg = hash_for_sign.htb
+      pubkey.verify(proof.htb, msg, algo: :schnorr)
+    end
+
+    # Check whether x_field is valid.
+    # @return [Boolean] if valid return true, otherwise false
+    def valid_x_field?
+      case x_field_type
+      when X_FILED_TYPES[:none] then
+        x_field.nil?
+      when X_FILED_TYPES[:aggregate_pubkey] then
+        Tapyrus::Key.new(pubkey: x_field).fully_valid_pubkey?
+      else
+        false
+      end
+    end
+
+    # Check this header contains upgrade aggregated publiec key.
+    # @return [Boolean] if contains return true, otherwise false.
+    def upgrade_agg_pubkey?
+      x_field_type == X_FILED_TYPES[:aggregate_pubkey]
     end
 
     def ==(other)
       other && other.to_payload == to_payload
     end
 
-    private
-
-    def calc_hash
-      Tapyrus.double_sha256(to_payload).bth
+    # get bytesize.
+    # @return [Integer] bytesize.
+    def size
+      to_payload.bytesize
     end
 
   end