tapyrus 0.1.0

data/lib/tapyrus/bloom_filter.rb

@@ -0,0 +1,78 @@
+require "murmurhash3"
+module Tapyrus
+  class BloomFilter
+    LN2_SQUARED = 0.4804530139182014246671025263266649717305529515945455 # log(2) ** 2
+    LN2 = 0.6931471805599453094172321214581765680755001343602552 # log(2)
+
+    MAX_BLOOM_FILTER_SIZE = 36_000 # bytes
+    MAX_HASH_FUNCS = 50
+
+    attr_reader :filter, :hash_funcs, :tweak
+
+    def initialize(filter, hash_funcs, tweak)
+      @filter = filter
+      @hash_funcs = hash_funcs
+      @tweak = tweak
+    end
+
+    # Create a new bloom filter.
+    # @param [Integer] elements_length the number of elements
+    # @param [Float] fp_rate the false positive rate chosen by the client
+    # @param [Integer] tweak A random value to add to the seed value in the hash function used by the bloom filter
+    def self.create_filter(elements_length, fp_rate, tweak = 0)
+      # The size S of the filter in bytes is given by (-1 / pow(log(2), 2) * N * log(P)) / 8
+      len = [[(-elements_length * Math.log(fp_rate) / (LN2_SQUARED * 8)).to_i, MAX_BLOOM_FILTER_SIZE].min, 1].max
+      filter = Array.new(len, 0)
+      # The number of hash functions required is given by S * 8 / N * log(2)
+      hash_funcs = [[(filter.size * 8 * LN2 / elements_length).to_i, MAX_HASH_FUNCS].min, 1].max
+      BloomFilter.new(filter, hash_funcs, tweak)
+    end
+
+    # @param [String] data The data element to add to the current filter.
+    def add(data)
+      return if full?
+      hash_funcs.times do |i|
+        hash = to_hash(data, i)
+        set_bit(hash)
+      end
+    end
+
+    # Returns true if the given data matches the filter
+    # @param [String] data The data to check the current filter
+    # @return [Boolean] true if the given data matches the filter
+    def contains?(data)
+      return true if full?
+      hash_funcs.times do |i|
+        hash = to_hash(data, i)
+        return false unless check_bit(hash)
+      end
+      true
+    end
+
+    def clear
+      filter.fill(0)
+      @full = false
+    end
+
+    def to_a
+      filter
+    end
+
+    private
+    def to_hash(data, i)
+      MurmurHash3::V32.str_hash(data, (i * 0xfba4c795 + tweak) & 0xffffffff)  % (filter.length * 8)
+    end
+
+    def set_bit(data)
+      filter[data >> 3] |= (1 << (7 & data))
+    end
+
+    def check_bit(data)
+      filter[data >> 3] & (1 << (7 & data)) != 0
+    end
+
+    def full?
+      @full |= filter.all? {|byte| byte == 0xff}
+    end
+  end
+end

data/lib/tapyrus/chain_params.rb

@@ -0,0 +1,90 @@
+require 'yaml'
+
+module Tapyrus
+
+  # Network parameter class
+  class ChainParams
+
+    attr_reader :network
+    attr_reader :magic_head
+    attr_reader :message_magic
+    attr_reader :address_version
+    attr_reader :p2sh_version
+    attr_reader :bech32_hrp
+    attr_reader :privkey_version
+    attr_reader :extended_privkey_version
+    attr_reader :extended_pubkey_version
+    attr_reader :bip49_pubkey_p2wpkh_p2sh_version
+    attr_reader :bip49_privkey_p2wpkh_p2sh_version
+    attr_reader :bip49_pubkey_p2wsh_p2sh_version
+    attr_reader :bip49_privkey_p2wsh_p2sh_version
+    attr_reader :bip84_pubkey_p2wpkh_version
+    attr_reader :bip84_privkey_p2wpkh_version
+    attr_reader :bip84_pubkey_p2wsh_version
+    attr_reader :bip84_privkey_p2wsh_version
+    attr_reader :default_port
+    attr_reader :protocol_version
+    attr_reader :retarget_interval
+    attr_reader :retarget_time
+    attr_reader :target_spacing
+    attr_reader :max_money
+    attr_reader :bip34_height
+    attr_reader :proof_of_work_limit
+    attr_reader :dns_seeds
+    attr_reader :genesis
+    attr_reader :bip44_coin_type
+
+    attr_accessor :dust_relay_fee
+
+    # fork coin id.
+    attr_accessor :fork_id
+
+    # mainnet genesis
+    def self.mainnet
+      init('mainnet')
+    end
+
+    # testnet genesis
+    def self.testnet
+      init('testnet')
+    end
+
+    # regtest genesis
+    def self.regtest
+      init('regtest')
+    end
+
+    def mainnet?
+      network == 'mainnet'
+    end
+
+    def testnet?
+      network == 'testnet'
+    end
+
+    def regtest?
+      network == 'regtest'
+    end
+
+    def genesis_block
+      header = Tapyrus::BlockHeader.new(
+          genesis['version'], genesis['prev_hash'].rhex, genesis['merkle_root'].rhex,
+          genesis['time'], genesis['bits'], genesis['nonce'])
+      Tapyrus::Block.new(header)
+    end
+
+    # whether fork coin.
+    def fork_chain?
+      !fork_id.nil?
+    end
+
+    def self.init(name)
+      i = YAML.load(File.open("#{__dir__}/chainparams/#{name}.yml"))
+      i.dust_relay_fee ||= Tapyrus::DUST_RELAY_TX_FEE
+      i
+    end
+
+    private_class_method :init
+  end
+
+end

data/lib/tapyrus/chainparams/mainnet.yml

@@ -0,0 +1,41 @@
+--- !ruby/object:Tapyrus::ChainParams
+network: "mainnet"
+magic_head: "f9beb4d9"
+message_magic: "Bitcoin Signed Message:\n"
+address_version: "00"
+p2sh_version: "05"
+bech32_hrp: 'bc'
+privkey_version: "80"
+extended_privkey_version: "0488ade4"
+extended_pubkey_version: "0488b21e"
+bip49_pubkey_p2wpkh_p2sh_version: "049d7cb2"
+bip49_pubkey_p2wsh_p2sh_version: "0295b43f"
+bip49_privkey_p2wpkh_p2sh_version: "049d7878"
+bip49_privkey_p2wsh_p2sh_version: "0295b005"
+bip84_pubkey_p2wpkh_version: "04b24746"
+bip84_pubkey_p2wsh_version: "02aa7ed3"
+bip84_privkey_p2wpkh_version: "04b2430c"
+bip84_privkey_p2wsh_version: "02aa7a99"
+default_port: 8333
+protocol_version: 70013
+retarget_interval: 2016
+retarget_time: 1209600 # 2 weeks
+target_spacing: 600 # block interval
+max_money: 21000000
+bip34_height: 227931
+proof_of_work_limit: 0x1d00ffff
+dns_seeds:
+  - "seed.bitcoin.sipa.be"
+  - "dnsseed.bluematt.me"
+  - "dnsseed.bitcoin.dashjr.org"
+  - "seed.bitcoinstats.com"
+  - "seed.bitcoin.jonasschnelli.ch"
+genesis:
+  hash: "000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"
+  merkle_root: "4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"
+  time: 1231006505
+  nonce: 2083236893
+  bits: 0x1d00ffff
+  version: 1
+  prev_hash: "0000000000000000000000000000000000000000000000000000000000000000"
+bip44_coin_type: 0

data/lib/tapyrus/chainparams/regtest.yml

@@ -0,0 +1,38 @@
+--- !ruby/object:Tapyrus::ChainParams
+network: "regtest"
+magic_head: "fabfb5da"
+message_magic: "Bitcoin Signed Message:\n"
+address_version: "6f"
+p2sh_version: "c4"
+bech32_hrp: 'bcrt'
+privkey_version: "ef"
+extended_privkey_version: "04358394"
+extended_pubkey_version: "043587cf"
+bip49_pubkey_p2wpkh_p2sh_version: "044a5262"
+bip49_pubkey_p2wsh_p2sh_version: "024285ef"
+bip49_privkey_p2wpkh_p2sh_version: "044a4e28"
+bip49_privkey_p2wsh_p2sh_version: "024285b5"
+bip84_pubkey_p2wpkh_version: "045f1cf6"
+bip84_pubkey_p2wsh_version: "02575483"
+bip84_privkey_p2wpkh_version: "045f18bc"
+bip84_privkey_p2wsh_version: "02575048"
+default_port: 18444
+protocol_version: 70013
+retarget_interval: 2016
+retarget_time: 1209600 # 2 weeks
+target_spacing: 600 # block interval
+max_money: 21000000
+bip34_height: 0
+genesis_hash: "0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"
+proof_of_work_limit: 0x207fffff
+dns_seeds:
+genesis:
+  hash: "0f9188f13cb7b2c71f2a335e3a4fc328bf5beb436012afca590b1a11466e2206"
+  merkle_root: "4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"
+  time: 1296688602
+  nonce: 2
+  bits: 0x207fffff
+  version: 1
+  prev_hash: "0000000000000000000000000000000000000000000000000000000000000000"
+bip44_coin_type: 1
+dust_relay_fee: 3600

data/lib/tapyrus/chainparams/testnet.yml

@@ -0,0 +1,41 @@
+--- !ruby/object:Tapyrus::ChainParams
+network: "testnet"
+magic_head: "0b110907"
+message_magic: "Bitcoin Signed Message:\n"
+address_version: "6f"
+p2sh_version: "c4"
+bech32_hrp: 'tb'
+privkey_version: "ef"
+extended_privkey_version: "04358394"
+extended_pubkey_version: "043587cf"
+bip49_pubkey_p2wpkh_p2sh_version: "044a5262"
+bip49_pubkey_p2wsh_p2sh_version: "024285ef"
+bip49_privkey_p2wpkh_p2sh_version: "044a4e28"
+bip49_privkey_p2wsh_p2sh_version: "024285b5"
+bip84_pubkey_p2wpkh_version: "045f1cf6"
+bip84_pubkey_p2wsh_version: "02575483"
+bip84_privkey_p2wpkh_version: "045f18bc"
+bip84_privkey_p2wsh_version: "02575048"
+default_port: 18333
+protocol_version: 70013
+retarget_interval: 2016
+retarget_time: 1209600 # 2 weeks
+target_spacing: 600 # block interval
+max_money: 21000000
+bip34_height: 227931
+genesis_hash: "000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"
+proof_of_work_limit: 0x1d00ffff
+dns_seeds:
+  - "testnet-seed.bitcoin.jonasschnelli.ch"
+  - "seed.tbtc.petertodd.org"
+  - "testnet-seed.bluematt.me"
+  - "testnet-seed.bitcoin.schildbach.de"
+genesis:
+  hash: "000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943"
+  merkle_root: "4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b"
+  time: 1296688602
+  nonce: 414098458
+  bits: 0x1d00ffff
+  version: 1
+  prev_hash: "0000000000000000000000000000000000000000000000000000000000000000"
+bip44_coin_type: 1

data/lib/tapyrus/constants.rb

@@ -0,0 +1,195 @@
+module Tapyrus
+
+  COIN = 100_000_000
+  MAX_MONEY = 21_000_000 * COIN
+
+  # The maximum allowed size for a serialized block, in bytes (only for buffer size limits)
+  MAX_BLOCK_SERIALIZED_SIZE = 4_000_000
+  # The maximum allowed weight for a block, see BIP 141 (network rule)
+  MAX_BLOCK_WEIGHT = 4_000_000
+  # The maximum allowed number of signature check operations in a block (network rule)
+  MAX_BLOCK_SIGOPS_COST = 80_000
+  # Coinbase transaction outputs can only be spent after this number of new blocks (network rule)
+  COINBASE_MATURITY = 100
+  WITNESS_SCALE_FACTOR = 4
+
+  # 60 is the lower bound for the size of a valid serialized Tx
+  MIN_TRANSACTION_WEIGHT = WITNESS_SCALE_FACTOR * 60
+  # 10 is the lower bound for the size of a serialized Tx
+  MIN_SERIALIZABLE_TRANSACTION_WEIGHT = WITNESS_SCALE_FACTOR * 10
+
+  # Flags for nSequence and nLockTime locks
+  LOCKTIME_VERIFY_SEQUENCE = (1 << 0)
+  LOCKTIME_MEDIAN_TIME_PAST = (1 << 1)
+
+  # Min feerate for defining dust.
+  DUST_RELAY_TX_FEE = 3000
+
+  # script verify flags
+  SCRIPT_VERIFY_NONE      = 0
+  SCRIPT_VERIFY_P2SH      = (1 << 0)
+  SCRIPT_VERIFY_STRICTENC = (1 << 1)
+  SCRIPT_VERIFY_DERSIG    = (1 << 2)
+  SCRIPT_VERIFY_LOW_S     = (1 << 3)
+  SCRIPT_VERIFY_NULLDUMMY = (1 << 4)
+  SCRIPT_VERIFY_SIGPUSHONLY = (1 << 5)
+  SCRIPT_VERIFY_MINIMALDATA = (1 << 6)
+  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS = (1 << 7)
+  SCRIPT_VERIFY_CLEANSTACK = (1 << 8)
+  SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY = (1 << 9) # Verify CHECKLOCKTIMEVERIFY (BIP-65)
+  SCRIPT_VERIFY_CHECKSEQUENCEVERIFY = (1 << 10) # support CHECKSEQUENCEVERIFY opcode (BIP-112)
+  SCRIPT_VERIFY_WITNESS = (1 << 11) # Support segregated witness
+  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM = (1 << 12) # Making v1-v16 witness program non-standard
+  SCRIPT_VERIFY_MINIMALIF = (1 << 13) # Segwit script only: Require the argument of OP_IF/NOTIF to be exactly 0x01 or empty vector
+  SCRIPT_VERIFY_NULLFAIL = (1 << 14) # Signature(s) must be empty vector if an CHECK(MULTI)SIG operation failed
+  SCRIPT_VERIFY_WITNESS_PUBKEYTYPE = (1 << 15) # Public keys in segregated witness scripts must be compressed
+  SCRIPT_VERIFY_CONST_SCRIPTCODE = (1 << 16) # Making OP_CODESEPARATOR and FindAndDelete fail any non-segwit scripts
+
+  MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH
+
+  # Standard script verification flags that standard transactions will comply with.
+  STANDARD_SCRIPT_VERIFY_FLAGS = [MANDATORY_SCRIPT_VERIFY_FLAGS,
+                                  SCRIPT_VERIFY_DERSIG,
+                                  SCRIPT_VERIFY_STRICTENC,
+                                  SCRIPT_VERIFY_MINIMALDATA,
+                                  SCRIPT_VERIFY_NULLDUMMY,
+                                  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS,
+                                  SCRIPT_VERIFY_CLEANSTACK,
+                                  SCRIPT_VERIFY_MINIMALIF,
+                                  SCRIPT_VERIFY_NULLFAIL,
+                                  SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY,
+                                  SCRIPT_VERIFY_CHECKSEQUENCEVERIFY,
+                                  SCRIPT_VERIFY_LOW_S,
+                                  SCRIPT_VERIFY_WITNESS,
+                                  SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM,
+                                  SCRIPT_VERIFY_WITNESS_PUBKEYTYPE,
+                                  SCRIPT_VERIFY_CONST_SCRIPTCODE].inject(SCRIPT_VERIFY_NONE){|flags, f| flags |= f}
+
+  # for script
+
+  # witness version
+  WITNESS_VERSION = 0x00
+
+  # Maximum script length in bytes
+  MAX_SCRIPT_SIZE = 10000
+
+  # Maximum number of public keys per multisig
+  MAX_PUBKEYS_PER_MULTISIG = 20
+
+  # Maximum number of non-push operations per script
+  MAX_OPS_PER_SCRIPT = 201
+
+  # Maximum number of bytes pushable to the stack
+  MAX_SCRIPT_ELEMENT_SIZE = 520
+
+  # Maximum number of size in the stack
+  MAX_STACK_SIZE = 1000
+
+  # Threshold for nLockTime: below this value it is interpreted as block number, otherwise as UNIX timestamp.
+  LOCKTIME_THRESHOLD = 500000000
+
+  # Signature hash types/flags
+  SIGHASH_TYPE = { all: 1, none: 2, single: 3, anyonecanpay: 128 }
+
+  # SIGHASH_FORK_ID for replay protection of the fork coin
+  SIGHASH_FORK_ID = 0x40
+
+  # fork coin id.
+  FORK_ID_CASH = 0
+  FORK_ID_GOLD = 79
+
+  # Maximum number length in bytes
+  DEFAULT_MAX_NUM_SIZE = 4
+
+  # 80 bytes of data, +1 for OP_RETURN, +2 for the pushdata opcodes.
+  MAX_OP_RETURN_RELAY = 83
+
+  SIG_VERSION = [:base, :witness_v0]
+
+  # for script error
+  SCRIPT_ERR_OK = 0
+  SCRIPT_ERR_UNKNOWN_ERROR = 1
+  SCRIPT_ERR_EVAL_FALSE = 2
+  SCRIPT_ERR_OP_RETURN = 3
+
+  # Max sizes
+  SCRIPT_ERR_SCRIPT_SIZE = 10
+  SCRIPT_ERR_PUSH_SIZE = 11
+  SCRIPT_ERR_OP_COUNT = 12
+  SCRIPT_ERR_STACK_SIZE = 13
+  SCRIPT_ERR_SIG_COUNT = 14
+  SCRIPT_ERR_PUBKEY_COUNT = 15
+
+  # Failed verify operations
+  SCRIPT_ERR_VERIFY = 20
+  SCRIPT_ERR_EQUALVERIFY = 21
+  SCRIPT_ERR_CHECKMULTISIGVERIFY = 22
+  SCRIPT_ERR_CHECKSIGVERIFY = 23
+  SCRIPT_ERR_NUMEQUALVERIFY = 24
+
+  # Logical/Format/Canonical errors
+  SCRIPT_ERR_BAD_OPCODE = 30
+  SCRIPT_ERR_DISABLED_OPCODE = 31
+  SCRIPT_ERR_INVALID_STACK_OPERATION = 32
+  SCRIPT_ERR_INVALID_ALTSTACK_OPERATION = 33
+  SCRIPT_ERR_UNBALANCED_CONDITIONAL = 34
+
+  # CHECKLOCKTIMEVERIFY and CHECKSEQUENCEVERIFY
+  SCRIPT_ERR_NEGATIVE_LOCKTIME = 40
+  SCRIPT_ERR_UNSATISFIED_LOCKTIME = 41
+
+  # Malleability
+  SCRIPT_ERR_SIG_HASHTYPE = 50
+  SCRIPT_ERR_SIG_DER = 51
+  SCRIPT_ERR_MINIMALDATA = 52
+  SCRIPT_ERR_SIG_PUSHONLY = 53
+  SCRIPT_ERR_SIG_HIGH_S = 54
+  SCRIPT_ERR_SIG_NULLDUMMY = 55
+  SCRIPT_ERR_PUBKEYTYPE = 56
+  SCRIPT_ERR_CLEANSTACK = 56
+  SCRIPT_ERR_MINIMALIF = 57
+  SCRIPT_ERR_SIG_NULLFAIL = 58
+
+  # softfork safeness
+  SCRIPT_ERR_DISCOURAGE_UPGRADABLE_NOPS = 60
+  SCRIPT_ERR_DISCOURAGE_UPGRADABLE_WITNESS_PROGRAM = 61
+
+  # segregated witness
+  SCRIPT_ERR_WITNESS_PROGRAM_WRONG_LENGTH = 70
+  SCRIPT_ERR_WITNESS_PROGRAM_WITNESS_EMPTY = 71
+  SCRIPT_ERR_WITNESS_PROGRAM_MISMATCH = 72
+  SCRIPT_ERR_WITNESS_MALLEATED = 73
+  SCRIPT_ERR_WITNESS_MALLEATED_P2SH = 74
+  SCRIPT_ERR_WITNESS_UNEXPECTED = 75
+  SCRIPT_ERR_WITNESS_PUBKEYTYPE = 76
+
+  # Constant scriptCode
+  SCRIPT_ERR_OP_CODESEPARATOR = 77
+  SCRIPT_ERR_SIG_FINDANDDELETE = 78
+
+  SCRIPT_ERR_ERROR_COUNT = 80
+
+  ERRCODES_MAP = Hash[*constants.grep(/^SCRIPT_ERR_/).map { |c| [const_get(c), c.to_s] }.flatten]
+  NAME_MAP = Hash[*constants.grep(/^SCRIPT_ERR_/).map { |c| [c.to_s, const_get(c)] }.flatten]
+
+  # witness commitment
+  WITNESS_COMMITMENT_HEADER = 'aa21a9ed'
+
+  COINBASE_WTXID = '00'* 32
+
+  # for message
+  MESSAGE_HEADER_SIZE = 24
+
+  # for peer
+  PARALLEL_THREAD = 3
+
+  # Maximum amount of time that a block timestamp is allowed to exceed the current network-adjusted time before the block will be accepted.
+  MAX_FUTURE_BLOCK_TIME = 2 * 60 * 60
+
+  # Size of set to pick median time from.
+  MEDIAN_TIME_SPAN = 11
+
+  BIP32_EXTKEY_WITH_VERSION_SIZE = 78
+
+  HARDENED_THRESHOLD = 2147483648 # 2**31
+end

data/lib/tapyrus/descriptor.rb

@@ -0,0 +1,147 @@
+module Tapyrus
+
+  module Descriptor
+
+    include Tapyrus::Opcodes
+
+    # generate P2PK output for the given public key.
+    # @param [String] key private key or public key with hex format
+    # @return [Tapyrus::Script] P2PK script.
+    def pk(key)
+      Tapyrus::Script.new << extract_pubkey(key) << OP_CHECKSIG
+    end
+
+    # generate P2PKH output for the given public key.
+    # @param [String] key private key or public key with hex format.
+    # @return [Tapyrus::Script] P2PKH script.
+    def pkh(key)
+      Tapyrus::Script.to_p2pkh(Tapyrus.hash160(extract_pubkey(key)))
+    end
+
+    # generate P2PKH output for the given public key.
+    # @param [String] key private key or public key with hex format.
+    # @return [Tapyrus::Script] P2WPKH script.
+    def wpkh(key)
+      pubkey = extract_pubkey(key)
+      raise ArgumentError, "Uncompressed key are not allowed." unless compressed_key?(pubkey)
+      Tapyrus::Script.to_p2wpkh(Tapyrus.hash160(pubkey))
+    end
+
+    # generate P2SH embed the argument.
+    # @param [String or Script] script script to be embed.
+    # @return [Tapyrus::Script] P2SH script.
+    def sh(script)
+      script = script.to_hex if script.is_a?(Tapyrus::Script)
+      raise ArgumentError, "P2SH script is too large, 547 bytes is larger than #{Tapyrus::MAX_SCRIPT_ELEMENT_SIZE} bytes." if script.htb.bytesize > Tapyrus::MAX_SCRIPT_ELEMENT_SIZE
+      Tapyrus::Script.to_p2sh(Tapyrus.hash160(script))
+    end
+
+    # generate P2WSH embed the argument.
+    # @param [String or Script] script script to be embed.
+    # @return [Tapyrus::Script] P2WSH script.
+    def wsh(script)
+      script = Tapyrus::Script(script.htb) if script.is_a?(String)
+      raise ArgumentError, "P2SH script is too large, 547 bytes is larger than #{Tapyrus::MAX_SCRIPT_ELEMENT_SIZE} bytes." if script.to_payload.bytesize > Tapyrus::MAX_SCRIPT_ELEMENT_SIZE
+      raise ArgumentError, "Uncompressed key are not allowed." if script.get_pubkeys.any?{|p|!compressed_key?(p)}
+      Tapyrus::Script.to_p2wsh(script)
+    end
+
+    # an alias for the collection of `pk(KEY)` and `pkh(KEY)`.
+    # If the key is compressed, it also includes `wpkh(KEY)` and `sh(wpkh(KEY))`.
+    # @param [String] key private key or public key with hex format.
+    # @return [Array[Tapyrus::Script]]
+    def combo(key)
+      result = [pk(key), pkh(key)]
+      pubkey = extract_pubkey(key)
+      if compressed_key?(pubkey)
+        result << wpkh(key)
+        result << sh(result.last)
+      end
+      result
+    end
+
+    # generate multisig output for given keys.
+    # @param [Integer] threshold the threshold of multisig.
+    # @param [Array[String]] keys an array of keys.
+    # @return [Tapyrus::Script] multisig script.
+    def multi(threshold, *keys, sort: false)
+      raise ArgumentError, 'Multisig threshold is not valid.' unless threshold.is_a?(Integer)
+      raise ArgumentError, 'Multisig threshold cannot be 0, must be at least 1.' unless threshold > 0
+      raise ArgumentError, 'Multisig threshold cannot be larger than the number of keys.' if threshold > keys.size
+      raise ArgumentError, 'Multisig must have between 1 and 16 keys, inclusive.' if keys.size > 16
+      pubkeys = keys.map{|key| extract_pubkey(key) }
+      Tapyrus::Script.to_multisig_script(threshold, pubkeys, sort: sort)
+    end
+
+    # generate sorted multisig output for given keys.
+    # @param [Integer] threshold the threshold of multisig.
+    # @param [Array[String]] keys an array of keys.
+    # @return [Tapyrus::Script] multisig script.
+    def sortedmulti(threshold, *keys)
+      multi(threshold, *keys, sort: true)
+    end
+
+    private
+
+    # extract public key from KEY format.
+    # @param [String] key KEY string.
+    # @return [String] public key.
+    def extract_pubkey(key)
+      if key.start_with?('[') # BIP32 fingerprint
+        raise ArgumentError, 'Invalid key origin.' if key.count('[') > 1 || key.count(']') > 1
+        info = key[1...key.index(']')] # TODO
+        fingerprint, *paths = info.split('/')
+        raise ArgumentError, 'Fingerprint is not hex.' unless fingerprint.valid_hex?
+        raise ArgumentError, 'Fingerprint is not 4 bytes.' unless fingerprint.size == 8
+        key = key[(key.index(']') + 1)..-1]
+      else
+        raise ArgumentError, 'Invalid key origin.' if key.include?(']')
+      end
+
+      # check BIP32 derivation path
+      key, *paths = key.split('/')
+
+      if key.start_with?('xprv')
+        key = Tapyrus::ExtKey.from_base58(key)
+        key = derive_path(key, paths, true) if paths
+      elsif key.start_with?('xpub')
+        key = Tapyrus::ExtPubkey.from_base58(key)
+        key = derive_path(key, paths, false) if paths
+      else
+        begin
+          key = Tapyrus::Key.from_wif(key)
+        rescue ArgumentError
+          key_type =  compressed_key?(key) ? Tapyrus::Key::TYPES[:compressed] : Tapyrus::Key::TYPES[:uncompressed]
+          key = Tapyrus::Key.new(pubkey: key, key_type: key_type)
+        end
+      end
+      key = key.is_a?(Tapyrus::Key) ? key : key.key
+      raise ArgumentError, 'Invalid pubkey.' unless key.fully_valid_pubkey?
+      key.pubkey
+    end
+
+    def compressed_key?(key)
+      %w(02 03).include?(key[0..1]) && [key].pack("H*").bytesize == 33
+    end
+
+    def derive_path(key, paths, is_private)
+      paths.each do |path|
+        raise ArgumentError, 'xpub can not derive hardened key.' if !is_private && path.end_with?("'")
+        if is_private
+          hardened = path.end_with?("'")
+          path = hardened ? path[0..-2] : path
+          raise ArgumentError, 'Key path value is not a valid value.' unless path =~ /^[0-9]+$/
+          raise ArgumentError, 'Key path value is out of range.' if !hardened && path.to_i >= Tapyrus::HARDENED_THRESHOLD
+          key = key.derive(path.to_i, hardened)
+        else
+          raise ArgumentError, 'Key path value is not a valid value.' unless path =~ /^[0-9]+$/
+          raise ArgumentError, 'Key path value is out of range.' if path.to_i >= Tapyrus::HARDENED_THRESHOLD
+          key = key.derive(path.to_i)
+        end
+      end
+      key
+    end
+
+  end
+
+end