tapyrus 0.1.0 → 0.2.4

data/lib/tapyrus/script/tx_checker.rb

@@ -12,10 +12,11 @@ module Tapyrus
     end
 
     # check signature
-    # @param [String] script_sig
-    # @param [String] pubkey
+    # @param [String] script_sig a signature with hex format.
+    # @param [String] pubkey a public key with hex format.
     # @param [Tapyrus::Script] script_code
     # @param [Integer] sig_version
+    # @return [Boolean] if check is passed return true, otherwise false.
     def check_sig(script_sig, pubkey, script_code, sig_version)
       return false if script_sig.empty?
       script_sig = script_sig.htb
@@ -23,9 +24,24 @@ module Tapyrus
       sig = script_sig[0..-2]
       sighash = tx.sighash_for_input(input_index, script_code, hash_type: hash_type,
                                      amount: amount, sig_version: sig_version)
+      verify_sig(sig.bth, pubkey, sighash)
+    end
+
+    # Check data signature.
+    # @param [String] sig a signature with hex format.
+    # @param [String] pubkey a public key with hex format.
+    # @param [String] digest a message digest with binary format to be verified.
+    # @return [Boolean] if check is passed return true, otherwise false.
+    def verify_sig(sig, pubkey, digest, allow_hybrid: false)
       key_type = pubkey.start_with?('02') || pubkey.start_with?('03') ? Key::TYPES[:compressed] : Key::TYPES[:uncompressed]
-      key = Key.new(pubkey: pubkey, key_type: key_type)
-      key.verify(sig, sighash)
+      sig = sig.htb
+      algo = sig.bytesize == 64 ? :schnorr : :ecdsa
+      begin
+        key = Key.new(pubkey: pubkey, key_type: key_type, allow_hybrid: allow_hybrid)
+        key.verify(sig, digest, algo: algo)
+      rescue Exception
+        false
+      end
     end
 
     def check_locktime(locktime)
@@ -53,7 +69,7 @@ module Tapyrus
     def check_sequence(sequence)
       tx_sequence = tx.inputs[input_index].sequence
       # Fail if the transaction's version number is not set high enough to trigger BIP 68 rules.
-      return false if tx.version < 2
+      return false if tx.features < 2
 
       # Sequence numbers with their most significant bit set are not consensus constrained.
       # Testing that the transaction's sequence number do not have this bit set prevents using this property to get around a CHECKSEQUENCEVERIFY check.

data/lib/tapyrus/secp256k1.rb

@@ -6,6 +6,7 @@ module Tapyrus
 
     autoload :Ruby, 'tapyrus/secp256k1/ruby'
     autoload :Native, 'tapyrus/secp256k1/native'
+    autoload :RFC6979, 'tapyrus/secp256k1/rfc6979'
 
   end
 

data/lib/tapyrus/secp256k1/native.rb

@@ -4,8 +4,8 @@
 module Tapyrus
   module Secp256k1
 
-    # binding for secp256k1 (https://github.com/bitcoin/bitcoin/tree/v0.14.2/src/secp256k1)
-    # tag: v0.14.2
+    # binding for secp256k1 (https://github.com/chaintope/tapyrus-core/tree/v0.4.0/src/secp256k1)
+    # tag: v0.4.0
     # this is not included by default, to enable set shared object path to ENV['SECP256K1_LIB_PATH']
     # for linux, ENV['SECP256K1_LIB_PATH'] = '/usr/local/lib/libsecp256k1.so'
     # for mac,
@@ -50,6 +50,8 @@ module Tapyrus
         attach_function(:secp256k1_ecdsa_signature_parse_der, [:pointer, :pointer, :pointer, :size_t], :int)
         attach_function(:secp256k1_ecdsa_signature_normalize, [:pointer, :pointer, :pointer], :int)
         attach_function(:secp256k1_ecdsa_verify, [:pointer, :pointer, :pointer, :pointer], :int)
+        attach_function(:secp256k1_schnorr_sign, [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer], :int)
+        attach_function(:secp256k1_schnorr_verify, [:pointer, :pointer, :pointer, :pointer], :int)
       end
 
       def with_context(flags: (SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN))
@@ -100,7 +102,68 @@ module Tapyrus
       # @param [String] privkey a private key using sign
       # @param [String] extra_entropy a extra entropy for rfc6979
       # @return [String] signature data with binary format
-      def sign_data(data, privkey, extra_entropy)
+      def sign_data(data, privkey, extra_entropy, algo: :ecdsa)
+        case algo
+        when :ecdsa
+          sign_ecdsa(data, privkey, extra_entropy)
+        when :schnorr
+          sign_schnorr(data, privkey)
+        else
+          nil
+        end
+      end
+
+      # verify signature.
+      # @param[String] data a data.
+      # @param [String] sig signature data with binary format
+      # @param [String] pub_key a public key using verify.
+      def verify_sig(data, sig, pub_key, algo: :ecdsa)
+        case algo
+        when :ecdsa
+          verify_ecdsa(data, sig, pub_key)
+        when :schnorr
+          verify_schnorr(data, sig, pub_key)
+        else
+          false
+        end
+      end
+
+      # # validate whether this is a valid public key (more expensive than IsValid())
+      # @param [String] pub_key public key with hex format.
+      # @param [Boolean] allow_hybrid whether support hybrid public key.
+      # @return [Boolean] If valid public key return true, otherwise false.
+      def parse_ec_pubkey?(pub_key, allow_hybrid = false)
+        pub_key = pub_key.htb
+        return false if !allow_hybrid && ![0x02, 0x03, 0x04].include?(pub_key[0].ord)
+        with_context do |context|
+          pubkey = FFI::MemoryPointer.new(:uchar, pub_key.bytesize).put_bytes(0, pub_key)
+          internal_pubkey = FFI::MemoryPointer.new(:uchar, 64)
+          result = secp256k1_ec_pubkey_parse(context, internal_pubkey, pubkey, pub_key.bytesize)
+          result == 1
+        end
+      end
+
+      private
+
+      def generate_pubkey_in_context(context, privkey, compressed: true)
+        internal_pubkey = FFI::MemoryPointer.new(:uchar, 64)
+        result = secp256k1_ec_pubkey_create(context, internal_pubkey, privkey.htb)
+        raise 'error creating pubkey' unless result
+
+        pubkey = FFI::MemoryPointer.new(:uchar, 65)
+        pubkey_len = FFI::MemoryPointer.new(:uint64)
+        result = if compressed
+                   pubkey_len.put_uint64(0, 33)
+                   secp256k1_ec_pubkey_serialize(context, pubkey, pubkey_len, internal_pubkey, SECP256K1_EC_COMPRESSED)
+                 else
+                   pubkey_len.put_uint64(0, 65)
+                   secp256k1_ec_pubkey_serialize(context, pubkey, pubkey_len, internal_pubkey, SECP256K1_EC_UNCOMPRESSED)
+                 end
+        raise 'error serialize pubkey' unless result || pubkey_len.read_uint64 > 0
+        pubkey.read_string(pubkey_len.read_uint64).bth
+      end
+
+      def sign_ecdsa(data, privkey, extra_entropy)
         with_context do |context|
           secret = FFI::MemoryPointer.new(:uchar, privkey.htb.bytesize).put_bytes(0, privkey.htb)
           raise 'priv_key invalid' unless secp256k1_ec_seckey_verify(context, secret)
@@ -126,7 +189,19 @@ module Tapyrus
         end
       end
 
-      def verify_sig(data, sig, pub_key)
+      def sign_schnorr(data, privkey)
+        with_context do |context|
+          secret = FFI::MemoryPointer.new(:uchar, privkey.htb.bytesize).put_bytes(0, privkey.htb)
+          raise 'priv_key invalid' unless secp256k1_ec_seckey_verify(context, secret)
+
+          signature = FFI::MemoryPointer.new(:uchar, 64)
+          msg32 = FFI::MemoryPointer.new(:uchar, 32).put_bytes(0, data)
+          raise 'Failed to generate schnorr signature.' unless secp256k1_schnorr_sign(context, signature, msg32, secret, nil, nil) == 1
+          signature.read_string(64)
+        end
+      end
+
+      def verify_ecdsa(data, sig, pub_key)
         with_context do |context|
           return false if data.bytesize == 0
 
@@ -150,25 +225,23 @@ module Tapyrus
         end
       end
 
-      private
+      def verify_schnorr(data, sig, pub_key)
+        with_context do |context|
+          return false if data.bytesize == 0
+          pubkey = FFI::MemoryPointer.new(:uchar, pub_key.htb.bytesize).put_bytes(0, pub_key.htb)
+          internal_pubkey = FFI::MemoryPointer.new(:uchar, 64)
+          result = secp256k1_ec_pubkey_parse(context, internal_pubkey, pubkey, pubkey.size)
+          return false unless result
 
-      def generate_pubkey_in_context(context, privkey, compressed: true)
-        internal_pubkey = FFI::MemoryPointer.new(:uchar, 64)
-        result = secp256k1_ec_pubkey_create(context, internal_pubkey, privkey.htb)
-        raise 'error creating pubkey' unless result
+          signature = FFI::MemoryPointer.new(:uchar, sig.bytesize).put_bytes(0, sig)
 
-        pubkey = FFI::MemoryPointer.new(:uchar, 65)
-        pubkey_len = FFI::MemoryPointer.new(:uint64)
-        result = if compressed
-                   pubkey_len.put_uint64(0, 33)
-                   secp256k1_ec_pubkey_serialize(context, pubkey, pubkey_len, internal_pubkey, SECP256K1_EC_COMPRESSED)
-                 else
-                   pubkey_len.put_uint64(0, 65)
-                   secp256k1_ec_pubkey_serialize(context, pubkey, pubkey_len, internal_pubkey, SECP256K1_EC_UNCOMPRESSED)
-                 end
-        raise 'error serialize pubkey' unless result || pubkey_len.read_uint64 > 0
-        pubkey.read_string(pubkey_len.read_uint64).bth
+          msg32 = FFI::MemoryPointer.new(:uchar, 32).put_bytes(0, data)
+          result = secp256k1_schnorr_verify(context, signature, msg32, internal_pubkey)
+
+          result == 1
+        end
       end
+
     end
   end
 end

data/lib/tapyrus/secp256k1/rfc6979.rb

@@ -0,0 +1,43 @@
+module Tapyrus
+  module Secp256k1
+    module RFC6979
+
+      INITIAL_V = '0101010101010101010101010101010101010101010101010101010101010101'.htb
+      INITIAL_K = '0000000000000000000000000000000000000000000000000000000000000000'.htb
+      ZERO_B = '00'.htb
+      ONE_B = '01'.htb
+
+      module_function
+
+      # generate temporary key k to be used when ECDSA sign.
+      # https://tools.ietf.org/html/rfc6979#section-3.2
+      # @param [String] key_data a data contains private key and message.
+      # @param [String] extra_entropy extra entropy with binary format.
+      # @return [Integer] a nonce.
+      def generate_rfc6979_nonce(key_data, extra_entropy)
+        v = INITIAL_V # 3.2.b
+        k = INITIAL_K # 3.2.c
+        # 3.2.d
+        k = Tapyrus.hmac_sha256(k, v + ZERO_B + key_data + extra_entropy)
+        # 3.2.e
+        v = Tapyrus.hmac_sha256(k, v)
+        # 3.2.f
+        k = Tapyrus.hmac_sha256(k, v + ONE_B + key_data + extra_entropy)
+        # 3.2.g
+        v = Tapyrus.hmac_sha256(k, v)
+        # 3.2.h
+        t = ''
+        10000.times do
+          v = Tapyrus.hmac_sha256(k, v)
+          t = (t + v)
+          t_num = t.bth.to_i(16)
+          return t_num if 1 <= t_num && t_num < Tapyrus::Secp256k1::GROUP.order
+          k = Tapyrus.hmac_sha256(k, v + '00'.htb)
+          v = Tapyrus.hmac_sha256(k, v)
+        end
+        raise 'A valid nonce was not found.'
+      end
+
+    end
+  end
+end

data/lib/tapyrus/secp256k1/ruby.rb

@@ -12,8 +12,8 @@ module Tapyrus
         private_key = 1 + SecureRandom.random_number(GROUP.order - 1)
         public_key = GROUP.generator.multiply_by_scalar(private_key)
         privkey = ECDSA::Format::IntegerOctetString.encode(private_key, 32)
-        pubkey = ECDSA::Format::PointOctetString.encode(public_key, compression: compressed)
-        [privkey.bth, pubkey.bth]
+        pubkey = public_key.to_hex(compressed)
+        [privkey.bth, pubkey]
       end
 
       # generate tapyrus key object
@@ -24,18 +24,75 @@ module Tapyrus
 
       def generate_pubkey(privkey, compressed: true)
         public_key = ECDSA::Group::Secp256k1.generator.multiply_by_scalar(privkey.to_i(16))
-        ECDSA::Format::PointOctetString.encode(public_key, compression: compressed).bth
+        public_key.to_hex(compressed)
       end
 
       # sign data.
       # @param [String] data a data to be signed with binary format
       # @param [String] privkey a private key using sign
       # @return [String] signature data with binary format
-      def sign_data(data, privkey, extra_entropy)
+      def sign_data(data, privkey, extra_entropy, algo: :ecdsa)
+        case algo
+        when :ecdsa
+          sign_ecdsa(data, privkey, extra_entropy)
+        when :schnorr
+          Schnorr.sign(data, privkey.to_i(16)).encode
+        else
+          nil
+        end
+      end
+
+      # verify signature using public key
+      # @param [String] digest a SHA-256 message digest with binary format
+      # @param [String] sig a signature for +data+ with binary format
+      # @param [String] pubkey a public key corresponding to the private key used for sign
+      # @return [Boolean] verify result
+      def verify_sig(digest, sig, pubkey, algo: :ecdsa)
+        case algo
+        when :ecdsa
+          verify_ecdsa(digest, sig, pubkey)
+        when :schnorr
+          Schnorr.valid_sig?(digest, sig, pubkey.htb)
+        else
+          false
+        end
+      end
+
+      alias :valid_sig? :verify_sig
+
+      module_function :valid_sig?
+
+      # validate whether this is a valid public key (more expensive than IsValid())
+      # @param [String] pubkey public key with hex format.
+      # @param [Boolean] allow_hybrid whether support hybrid public key.
+      # @return [Boolean] If valid public key return true, otherwise false.
+      def parse_ec_pubkey?(pubkey, allow_hybrid = false)
+        begin
+          point = ECDSA::Format::PointOctetString.decode(pubkey.htb, ECDSA::Group::Secp256k1, allow_hybrid: allow_hybrid)
+          ECDSA::Group::Secp256k1.valid_public_key?(point)
+        rescue ECDSA::Format::DecodeError
+          false
+        end
+      end
+
+      # if +pubkey+ is hybrid public key format, it convert uncompressed format.
+      # https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2012-June/001578.html
+      def repack_pubkey(pubkey)
+        p = pubkey.htb
+        case p[0]
+          when "\x06", "\x07"
+            p[0] = "\x04"
+            p
+          else
+            pubkey.htb
+        end
+      end
+
+      def sign_ecdsa(data, privkey, extra_entropy)
         privkey = privkey.htb
         private_key = ECDSA::Format::IntegerOctetString.decode(privkey)
         extra_entropy ||= ''
-        nonce = generate_rfc6979_nonce(data, privkey, extra_entropy)
+        nonce = RFC6979.generate_rfc6979_nonce(privkey + data, extra_entropy)
 
         # port form ecdsa gem.
         r_point = GROUP.new_point(nonce)
@@ -59,12 +116,7 @@ module Tapyrus
         signature
       end
 
-      # verify signature using public key
-      # @param [String] digest a SHA-256 message digest with binary format
-      # @param [String] sig a signature for +data+ with binary format
-      # @param [String] pubkey a public key corresponding to the private key used for sign
-      # @return [Boolean] verify result
-      def verify_sig(digest, sig, pubkey)
+      def verify_ecdsa(digest, sig, pubkey)
         begin
           k = ECDSA::Format::PointOctetString.decode(repack_pubkey(pubkey), GROUP)
           signature = ECDSA::Format::SignatureDerString.decode(sig)
@@ -74,49 +126,6 @@ module Tapyrus
         end
       end
 
-      # if +pubkey+ is hybrid public key format, it convert uncompressed format.
-      # https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2012-June/001578.html
-      def repack_pubkey(pubkey)
-        p = pubkey.htb
-        case p[0]
-          when "\x06", "\x07"
-            p[0] = "\x04"
-            p
-          else
-            pubkey.htb
-        end
-      end
-
-      INITIAL_V = '0101010101010101010101010101010101010101010101010101010101010101'.htb
-      INITIAL_K = '0000000000000000000000000000000000000000000000000000000000000000'.htb
-      ZERO_B = '00'.htb
-      ONE_B = '01'.htb
-
-      # generate temporary key k to be used when ECDSA sign.
-      # https://tools.ietf.org/html/rfc6979#section-3.2
-      def generate_rfc6979_nonce(data, privkey, extra_entropy)
-        v = INITIAL_V # 3.2.b
-        k = INITIAL_K # 3.2.c
-        # 3.2.d
-        k = Tapyrus.hmac_sha256(k, v + ZERO_B + privkey + data + extra_entropy)
-        # 3.2.e
-        v = Tapyrus.hmac_sha256(k, v)
-        # 3.2.f
-        k = Tapyrus.hmac_sha256(k, v + ONE_B + privkey + data + extra_entropy)
-        # 3.2.g
-        v = Tapyrus.hmac_sha256(k, v)
-        # 3.2.h
-        t = ''
-        10000.times do
-          v = Tapyrus.hmac_sha256(k, v)
-          t = (t + v)
-          t_num = t.bth.to_i(16)
-          return t_num if 1 <= t_num && t_num < GROUP.order
-          k = Tapyrus.hmac_sha256(k, v + '00'.htb)
-          v = Tapyrus.hmac_sha256(k, v)
-        end
-        raise 'A valid nonce was not found.'
-      end
     end
 
   end

data/lib/tapyrus/store/chain_entry.rb

@@ -3,6 +3,7 @@ module Tapyrus
 
     # wrap a block header object with extra data.
     class ChainEntry
+      include Tapyrus::HexConverter
 
       attr_reader :header
       attr_reader :height
@@ -35,7 +36,7 @@ module Tapyrus
 
       # whether genesis block
       def genesis?
-        Tapyrus.chain_params.genesis_block.header == header
+        height == 0
       end
 
       # @param [String] payload a payload with binary format.
@@ -43,7 +44,7 @@ module Tapyrus
         buf = StringIO.new(payload)
         len = Tapyrus.unpack_var_int_from_io(buf)
         height = buf.read(len).reverse.bth.to_i(16)
-        new(Tapyrus::BlockHeader.parse_from_payload(buf.read(80)), height)
+        new(Tapyrus::BlockHeader.parse_from_payload(buf), height)
       end
 
       # build next block +StoredBlock+ instance.

data/lib/tapyrus/store/db/level_db.rb

@@ -58,14 +58,64 @@ module Tapyrus
           db.get(KEY_PREFIX[:entry] + hash)
         end
 
+        # Save entry.
+        # @param [Tapyrus::Store::ChainEntry]
         def save_entry(entry)
           db.batch do
             db.put(entry.key ,entry.to_payload)
             db.put(height_key(entry.height), entry.block_hash)
+            add_agg_pubkey(entry.height == 0 ? 0 : entry.height + 1, entry.header.x_field) if entry.header.upgrade_agg_pubkey?
             connect_entry(entry)
           end
         end
 
+        # Add aggregated public key.
+        # @param [Integer] activate_height
+        # @param [String] agg_pubkey aggregated public key with hex format.
+        def add_agg_pubkey(activate_height, agg_pubkey)
+          payload = activate_height.to_even_length_hex + agg_pubkey
+          index = latest_agg_pubkey_index
+          next_index = (index.nil? ? 0 : index + 1).to_even_length_hex
+          db.batch do
+            db.put(KEY_PREFIX[:agg_pubkey] + next_index, payload)
+            db.put(KEY_PREFIX[:latest_agg_pubkey], next_index)
+          end
+        end
+
+        # Get aggregated public key by specifying +index+.
+        # @param [Integer] index
+        # @return [Array] tupple of activate height and aggregated public key.
+        def agg_pubkey(index)
+          payload = db.get(KEY_PREFIX[:agg_pubkey] + index.to_even_length_hex)
+          [payload[0...(payload.length - 66)].to_i(16), payload[(payload.length - 66)..-1]]
+        end
+
+        # Get aggregated public key by specifying block +height+.
+        # @param [Integer] height block height.
+        # @return [String] aggregated public key with hex format.
+        def agg_pubkey_with_height(height)
+          index = latest_agg_pubkey_index
+          index ||= 0
+          (index + 1).times do |i|
+            target = index - i
+            active_height, pubkey = agg_pubkey(target)
+            return pubkey unless active_height > height
+          end
+        end
+
+        # Get latest aggregated public key.
+        # @return [Array] aggregated public key with hex format.
+        def latest_agg_pubkey
+          agg_pubkey(latest_agg_pubkey_index)[1]
+        end
+
+        # Get aggregated public key list.
+        # @return [Array[Array]] list of public key and index
+        def agg_pubkeys
+          index = latest_agg_pubkey_index
+          (index + 1).times.map { |i| agg_pubkey(i) }
+        end
+
         def close
           db.close
         end
@@ -91,6 +141,14 @@ module Tapyrus
           db.put(KEY_PREFIX[:best], entry.block_hash)
           db.put(KEY_PREFIX[:next] + entry.prev_hash, entry.block_hash)
         end
+
+        # Get latest aggregated public key index.
+        # @return [Integer] key index
+        def latest_agg_pubkey_index
+          index = db.get(KEY_PREFIX[:latest_agg_pubkey])
+          index&.to_i(16)
+        end
+
       end
 
     end