@arkade-os/boltz-swap 0.3.6 → 0.3.7

package/dist/{background-5IKGSVTP.js → background-RLZLTWCI.js}

@@ -2,8 +2,8 @@ import {
   defineExpoSwapBackgroundTask,
   registerExpoSwapBackgroundTask,
   unregisterExpoSwapBackgroundTask
-} from "./chunk-LMHVRFGY.js";
-import "./chunk-SUFFGYDJ.js";
+} from "./chunk-XUBVFCQZ.js";
+import "./chunk-ZJ2Q5QSA.js";
 import "./chunk-3RG5ZIWI.js";
 export {
   defineExpoSwapBackgroundTask,

package/dist/{chunk-LMHVRFGY.js → chunk-XUBVFCQZ.js}

@@ -8,7 +8,7 @@ import {
   isSubmarineFinalStatus,
   isSubmarineSwapRefundable,
   logger
-} from "./chunk-SUFFGYDJ.js";
+} from "./chunk-ZJ2Q5QSA.js";
 import {
   __require
 } from "./chunk-3RG5ZIWI.js";

package/dist/{chunk-SUFFGYDJ.js → chunk-ZJ2Q5QSA.js}

@@ -814,10 +814,16 @@ var isValidArkAddress = (address) => {
 // src/utils/signatures.ts
 import { verifyTapscriptSignatures } from "@arkade-os/sdk";
 import { hex } from "@scure/base";
-var verifySignatures = (tx, inputIndex, requiredSigners) => {
+var verifySignatures = (tx, inputIndex, requiredSigners, expectedLeafHash) => {
   try {
     verifyTapscriptSignatures(tx, inputIndex, requiredSigners);
-    return true;
+    const input = tx.getInput(inputIndex);
+    const expectedHex = hex.encode(expectedLeafHash);
+    return requiredSigners.every(
+      (signer) => input.tapScriptSig?.some(
+        ([{ pubKey, leafHash }]) => hex.encode(pubKey) === signer && hex.encode(leafHash) === expectedHex
+      )
+    );
   } catch (_) {
     return false;
   }
@@ -2429,7 +2435,8 @@ import {
   VtxoScript as VtxoScript2,
   VtxoTaprootTree,
   CSVMultisigTapscript as CSVMultisigTapscript2,
-  combineTapscriptSigs
+  combineTapscriptSigs,
+  Transaction as Transaction5
 } from "@arkade-os/sdk";
 import { hex as hex7, base64 as base643 } from "@scure/base";
 
@@ -2593,7 +2600,8 @@ function createForfeitTx(input, forfeitOutputScript, connector) {
 
 // src/utils/vhtlc.ts
 import { ripemd160 } from "@noble/hashes/legacy.js";
-import { Address, OutScript, Transaction as Transaction5 } from "@scure/btc-signer";
+import { Address, OutScript } from "@scure/btc-signer";
+import { tapLeafHash as tapLeafHash3 } from "@scure/btc-signer/payment.js";
 var createVHTLCScript = (args) => {
   const {
     network,
@@ -2741,14 +2749,28 @@ var claimVHTLCwithOffchainTx = async (identity, vhtlcScript, serverXOnlyPublicKe
     base643.encode(signedArkTx.toPSBT()),
     checkpoints.map((c) => base643.encode(c.toPSBT()))
   );
-  if (!validFinalArkTx(finalArkTx, serverXOnlyPublicKey, vhtlcScript.leaves)) {
-    throw new Error("Invalid final Ark transaction");
+  const finalTx = Transaction5.fromPSBT(base643.decode(finalArkTx));
+  const serverPubkeyHex = hex7.encode(serverXOnlyPublicKey);
+  const claimLeafHash = tapLeafHash3(
+    scriptFromTapLeafScript(vhtlcScript.claim())
+  );
+  for (let i = 0; i < finalTx.inputsLength; i++) {
+    if (!verifySignatures(finalTx, i, [serverPubkeyHex], claimLeafHash)) {
+      throw new Error("Invalid final Ark transaction");
+    }
   }
   const finalCheckpoints = await Promise.all(
-    signedCheckpointTxs.map(async (c) => {
-      const tx = Transaction5.fromPSBT(base643.decode(c), {
-        allowUnknown: true
-      });
+    signedCheckpointTxs.map(async (c, idx) => {
+      const tx = Transaction5.fromPSBT(base643.decode(c));
+      const checkpointLeaf = checkpoints[idx].getInput(0).tapLeafScript[0];
+      const cpLeafHash = tapLeafHash3(
+        scriptFromTapLeafScript(checkpointLeaf)
+      );
+      if (!verifySignatures(tx, 0, [serverPubkeyHex], cpLeafHash)) {
+        throw new Error(
+          "Invalid server signature in checkpoint transaction"
+        );
+      }
       const signedCheckpoint = await identity.sign(tx, [0]);
       return base643.encode(signedCheckpoint.toPSBT());
     })
@@ -2771,10 +2793,27 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
     checkpoint: boltzSignedCheckpointTx
   } = await refundFunc(swapId, unsignedRefundTx, unsignedCheckpointTx);
   const boltzXOnlyPublicKeyHex = hex7.encode(boltzXOnlyPublicKey);
-  if (!verifySignatures(boltzSignedRefundTx, 0, [boltzXOnlyPublicKeyHex])) {
+  const refundLeafHash = tapLeafHash3(
+    scriptFromTapLeafScript(input.tapLeafScript)
+  );
+  if (!verifySignatures(
+    boltzSignedRefundTx,
+    0,
+    [boltzXOnlyPublicKeyHex],
+    refundLeafHash
+  )) {
     throw new Error("Invalid Boltz signature in refund transaction");
   }
-  if (!verifySignatures(boltzSignedCheckpointTx, 0, [boltzXOnlyPublicKeyHex])) {
+  const checkpointLeaf = unsignedCheckpointTx.getInput(0).tapLeafScript[0];
+  const checkpointLeafHash = tapLeafHash3(
+    scriptFromTapLeafScript(checkpointLeaf)
+  );
+  if (!verifySignatures(
+    boltzSignedCheckpointTx,
+    0,
+    [boltzXOnlyPublicKeyHex],
+    checkpointLeafHash
+  )) {
     throw new Error("Invalid Boltz signature in checkpoint transaction");
   }
   const signedRefundTx = await identity.sign(unsignedRefundTx);
@@ -2798,7 +2837,7 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
     hex7.encode(boltzXOnlyPublicKey),
     hex7.encode(serverXOnlyPublicKey)
   ];
-  if (!verifySignatures(tx, inputIndex, requiredSigners)) {
+  if (!verifySignatures(tx, inputIndex, requiredSigners, refundLeafHash)) {
     throw new Error("Invalid refund transaction");
   }
   if (signedCheckpointTxs.length !== 1) {
@@ -2809,6 +2848,15 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
   const serverSignedCheckpointTx = Transaction5.fromPSBT(
     base643.decode(signedCheckpointTxs[0])
   );
+  const serverPubkeyHex = hex7.encode(serverXOnlyPublicKey);
+  if (!verifySignatures(
+    serverSignedCheckpointTx,
+    0,
+    [serverPubkeyHex],
+    checkpointLeafHash
+  )) {
+    throw new Error("Invalid server signature in checkpoint transaction");
+  }
   const finalCheckpointTx = combineTapscriptSigs(
     combinedSignedCheckpointTx,
     serverSignedCheckpointTx
@@ -2817,17 +2865,9 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
     base643.encode(finalCheckpointTx.toPSBT())
   ]);
 };
-var validFinalArkTx = (finalArkTx, _pubkey, _tapLeaves) => {
-  const tx = Transaction5.fromPSBT(base643.decode(finalArkTx), {
-    allowUnknown: true
-  });
-  if (!tx) return false;
-  const inputs = [];
-  for (let i = 0; i < tx.inputsLength; i++) {
-    inputs.push(tx.getInput(i));
-  }
-  return inputs.every((input) => input.witnessUtxo);
-};
+function scriptFromTapLeafScript(leaf) {
+  return leaf[1].subarray(0, leaf[1].length - 1);
+}
 
 // src/arkade-swaps.ts
 var ArkadeSwaps = class _ArkadeSwaps {
@@ -3253,7 +3293,7 @@ var ArkadeSwaps = class _ArkadeSwaps {
   async sendLightningPayment(args) {
     const pendingSwap = await this.createSubmarineSwap(args);
     await this.savePendingSubmarineSwap(pendingSwap);
-    const txid = await this.wallet.sendBitcoin({
+    const txid = await this.wallet.send({
       address: pendingSwap.response.address,
       amount: pendingSwap.response.expectedAmount
     });

package/dist/expo/index.cjs

@@ -1164,10 +1164,16 @@ var init_signatures = __esm({
     "use strict";
     import_sdk3 = require("@arkade-os/sdk");
     import_base4 = require("@scure/base");
-    verifySignatures = (tx, inputIndex, requiredSigners) => {
+    verifySignatures = (tx, inputIndex, requiredSigners, expectedLeafHash) => {
       try {
         (0, import_sdk3.verifyTapscriptSignatures)(tx, inputIndex, requiredSigners);
-        return true;
+        const input = tx.getInput(inputIndex);
+        const expectedHex = import_base4.hex.encode(expectedLeafHash);
+        return requiredSigners.every(
+          (signer) => input.tapScriptSig?.some(
+            ([{ pubKey, leafHash }]) => import_base4.hex.encode(pubKey) === signer && import_base4.hex.encode(leafHash) === expectedHex
+          )
+        );
       } catch (_) {
         return false;
       }
@@ -2563,7 +2569,10 @@ var init_batch = __esm({
 });
 
 // src/utils/vhtlc.ts
-var import_sdk7, import_base8, import_legacy, import_btc_signer4, createVHTLCScript, joinBatch, claimVHTLCwithOffchainTx, refundVHTLCwithOffchainTx, validFinalArkTx;
+function scriptFromTapLeafScript(leaf) {
+  return leaf[1].subarray(0, leaf[1].length - 1);
+}
+var import_sdk7, import_base8, import_legacy, import_btc_signer4, import_payment3, createVHTLCScript, joinBatch, claimVHTLCwithOffchainTx, refundVHTLCwithOffchainTx;
 var init_vhtlc = __esm({
   "src/utils/vhtlc.ts"() {
     "use strict";
@@ -2573,6 +2582,7 @@ var init_vhtlc = __esm({
     init_batch();
     import_legacy = require("@noble/hashes/legacy.js");
     import_btc_signer4 = require("@scure/btc-signer");
+    import_payment3 = require("@scure/btc-signer/payment.js");
     init_signatures();
     createVHTLCScript = (args) => {
       const {
@@ -2721,14 +2731,28 @@ var init_vhtlc = __esm({
         import_base8.base64.encode(signedArkTx.toPSBT()),
         checkpoints.map((c) => import_base8.base64.encode(c.toPSBT()))
       );
-      if (!validFinalArkTx(finalArkTx, serverXOnlyPublicKey, vhtlcScript.leaves)) {
-        throw new Error("Invalid final Ark transaction");
+      const finalTx = import_sdk7.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx));
+      const serverPubkeyHex = import_base8.hex.encode(serverXOnlyPublicKey);
+      const claimLeafHash = (0, import_payment3.tapLeafHash)(
+        scriptFromTapLeafScript(vhtlcScript.claim())
+      );
+      for (let i = 0; i < finalTx.inputsLength; i++) {
+        if (!verifySignatures(finalTx, i, [serverPubkeyHex], claimLeafHash)) {
+          throw new Error("Invalid final Ark transaction");
+        }
       }
       const finalCheckpoints = await Promise.all(
-        signedCheckpointTxs.map(async (c) => {
-          const tx = import_btc_signer4.Transaction.fromPSBT(import_base8.base64.decode(c), {
-            allowUnknown: true
-          });
+        signedCheckpointTxs.map(async (c, idx) => {
+          const tx = import_sdk7.Transaction.fromPSBT(import_base8.base64.decode(c));
+          const checkpointLeaf = checkpoints[idx].getInput(0).tapLeafScript[0];
+          const cpLeafHash = (0, import_payment3.tapLeafHash)(
+            scriptFromTapLeafScript(checkpointLeaf)
+          );
+          if (!verifySignatures(tx, 0, [serverPubkeyHex], cpLeafHash)) {
+            throw new Error(
+              "Invalid server signature in checkpoint transaction"
+            );
+          }
           const signedCheckpoint = await identity.sign(tx, [0]);
           return import_base8.base64.encode(signedCheckpoint.toPSBT());
         })
@@ -2751,10 +2775,27 @@ var init_vhtlc = __esm({
         checkpoint: boltzSignedCheckpointTx
       } = await refundFunc(swapId, unsignedRefundTx, unsignedCheckpointTx);
       const boltzXOnlyPublicKeyHex = import_base8.hex.encode(boltzXOnlyPublicKey);
-      if (!verifySignatures(boltzSignedRefundTx, 0, [boltzXOnlyPublicKeyHex])) {
+      const refundLeafHash = (0, import_payment3.tapLeafHash)(
+        scriptFromTapLeafScript(input.tapLeafScript)
+      );
+      if (!verifySignatures(
+        boltzSignedRefundTx,
+        0,
+        [boltzXOnlyPublicKeyHex],
+        refundLeafHash
+      )) {
         throw new Error("Invalid Boltz signature in refund transaction");
       }
-      if (!verifySignatures(boltzSignedCheckpointTx, 0, [boltzXOnlyPublicKeyHex])) {
+      const checkpointLeaf = unsignedCheckpointTx.getInput(0).tapLeafScript[0];
+      const checkpointLeafHash = (0, import_payment3.tapLeafHash)(
+        scriptFromTapLeafScript(checkpointLeaf)
+      );
+      if (!verifySignatures(
+        boltzSignedCheckpointTx,
+        0,
+        [boltzXOnlyPublicKeyHex],
+        checkpointLeafHash
+      )) {
         throw new Error("Invalid Boltz signature in checkpoint transaction");
       }
       const signedRefundTx = await identity.sign(unsignedRefundTx);
@@ -2771,14 +2812,14 @@ var init_vhtlc = __esm({
         import_base8.base64.encode(combinedSignedRefundTx.toPSBT()),
         [import_base8.base64.encode(unsignedCheckpointTx.toPSBT())]
       );
-      const tx = import_btc_signer4.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx));
+      const tx = import_sdk7.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx));
       const inputIndex = 0;
       const requiredSigners = [
         import_base8.hex.encode(ourXOnlyPublicKey),
         import_base8.hex.encode(boltzXOnlyPublicKey),
         import_base8.hex.encode(serverXOnlyPublicKey)
       ];
-      if (!verifySignatures(tx, inputIndex, requiredSigners)) {
+      if (!verifySignatures(tx, inputIndex, requiredSigners, refundLeafHash)) {
         throw new Error("Invalid refund transaction");
       }
       if (signedCheckpointTxs.length !== 1) {
@@ -2786,9 +2827,18 @@ var init_vhtlc = __esm({
           `Expected one signed checkpoint transaction, got ${signedCheckpointTxs.length}`
         );
       }
-      const serverSignedCheckpointTx = import_btc_signer4.Transaction.fromPSBT(
+      const serverSignedCheckpointTx = import_sdk7.Transaction.fromPSBT(
         import_base8.base64.decode(signedCheckpointTxs[0])
       );
+      const serverPubkeyHex = import_base8.hex.encode(serverXOnlyPublicKey);
+      if (!verifySignatures(
+        serverSignedCheckpointTx,
+        0,
+        [serverPubkeyHex],
+        checkpointLeafHash
+      )) {
+        throw new Error("Invalid server signature in checkpoint transaction");
+      }
       const finalCheckpointTx = (0, import_sdk7.combineTapscriptSigs)(
         combinedSignedCheckpointTx,
         serverSignedCheckpointTx
@@ -2797,17 +2847,6 @@ var init_vhtlc = __esm({
         import_base8.base64.encode(finalCheckpointTx.toPSBT())
       ]);
     };
-    validFinalArkTx = (finalArkTx, _pubkey, _tapLeaves) => {
-      const tx = import_btc_signer4.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx), {
-        allowUnknown: true
-      });
-      if (!tx) return false;
-      const inputs = [];
-      for (let i = 0; i < tx.inputsLength; i++) {
-        inputs.push(tx.getInput(i));
-      }
-      return inputs.every((input) => input.witnessUtxo);
-    };
   }
 });
 
@@ -3259,7 +3298,7 @@ var init_arkade_swaps = __esm({
       async sendLightningPayment(args) {
         const pendingSwap = await this.createSubmarineSwap(args);
         await this.savePendingSubmarineSwap(pendingSwap);
-        const txid = await this.wallet.sendBitcoin({
+        const txid = await this.wallet.send({
           address: pendingSwap.response.address,
           amount: pendingSwap.response.expectedAmount
         });

package/dist/expo/index.js

@@ -4,10 +4,10 @@ import {
   registerExpoSwapBackgroundTask,
   swapsPollProcessor,
   unregisterExpoSwapBackgroundTask
-} from "../chunk-LMHVRFGY.js";
+} from "../chunk-XUBVFCQZ.js";
 import {
   ArkadeSwaps
-} from "../chunk-SUFFGYDJ.js";
+} from "../chunk-ZJ2Q5QSA.js";
 import "../chunk-3RG5ZIWI.js";
 
 // src/expo/arkade-lightning.ts
@@ -56,7 +56,7 @@ var ExpoArkadeSwaps = class _ExpoArkadeSwaps {
     await instance.seedSwapPollTask();
     if (config.background.minimumBackgroundInterval) {
       try {
-        const { registerExpoSwapBackgroundTask: registerExpoSwapBackgroundTask2 } = await import("../background-5IKGSVTP.js");
+        const { registerExpoSwapBackgroundTask: registerExpoSwapBackgroundTask2 } = await import("../background-RLZLTWCI.js");
         await registerExpoSwapBackgroundTask2(
           config.background.taskName,
           {
@@ -119,7 +119,7 @@ var ExpoArkadeSwaps = class _ExpoArkadeSwaps {
     }
     await this.inner.dispose();
     try {
-      const { unregisterExpoSwapBackgroundTask: unregisterExpoSwapBackgroundTask2 } = await import("../background-5IKGSVTP.js");
+      const { unregisterExpoSwapBackgroundTask: unregisterExpoSwapBackgroundTask2 } = await import("../background-RLZLTWCI.js");
       await unregisterExpoSwapBackgroundTask2(this.taskName);
     } catch (err) {
       const message = err instanceof Error ? err.message : String(err);

package/dist/index.cjs

@@ -1288,10 +1288,16 @@ var isValidArkAddress = (address) => {
 // src/utils/signatures.ts
 var import_sdk3 = require("@arkade-os/sdk");
 var import_base4 = require("@scure/base");
-var verifySignatures = (tx, inputIndex, requiredSigners) => {
+var verifySignatures = (tx, inputIndex, requiredSigners, expectedLeafHash) => {
   try {
     (0, import_sdk3.verifyTapscriptSignatures)(tx, inputIndex, requiredSigners);
-    return true;
+    const input = tx.getInput(inputIndex);
+    const expectedHex = import_base4.hex.encode(expectedLeafHash);
+    return requiredSigners.every(
+      (signer) => input.tapScriptSig?.some(
+        ([{ pubKey, leafHash }]) => import_base4.hex.encode(pubKey) === signer && import_base4.hex.encode(leafHash) === expectedHex
+      )
+    );
   } catch (_) {
     return false;
   }
@@ -2654,6 +2660,7 @@ function createForfeitTx(input, forfeitOutputScript, connector) {
 // src/utils/vhtlc.ts
 var import_legacy = require("@noble/hashes/legacy.js");
 var import_btc_signer4 = require("@scure/btc-signer");
+var import_payment3 = require("@scure/btc-signer/payment.js");
 var createVHTLCScript = (args) => {
   const {
     network,
@@ -2801,14 +2808,28 @@ var claimVHTLCwithOffchainTx = async (identity, vhtlcScript, serverXOnlyPublicKe
     import_base8.base64.encode(signedArkTx.toPSBT()),
     checkpoints.map((c) => import_base8.base64.encode(c.toPSBT()))
   );
-  if (!validFinalArkTx(finalArkTx, serverXOnlyPublicKey, vhtlcScript.leaves)) {
-    throw new Error("Invalid final Ark transaction");
+  const finalTx = import_sdk7.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx));
+  const serverPubkeyHex = import_base8.hex.encode(serverXOnlyPublicKey);
+  const claimLeafHash = (0, import_payment3.tapLeafHash)(
+    scriptFromTapLeafScript(vhtlcScript.claim())
+  );
+  for (let i = 0; i < finalTx.inputsLength; i++) {
+    if (!verifySignatures(finalTx, i, [serverPubkeyHex], claimLeafHash)) {
+      throw new Error("Invalid final Ark transaction");
+    }
   }
   const finalCheckpoints = await Promise.all(
-    signedCheckpointTxs.map(async (c) => {
-      const tx = import_btc_signer4.Transaction.fromPSBT(import_base8.base64.decode(c), {
-        allowUnknown: true
-      });
+    signedCheckpointTxs.map(async (c, idx) => {
+      const tx = import_sdk7.Transaction.fromPSBT(import_base8.base64.decode(c));
+      const checkpointLeaf = checkpoints[idx].getInput(0).tapLeafScript[0];
+      const cpLeafHash = (0, import_payment3.tapLeafHash)(
+        scriptFromTapLeafScript(checkpointLeaf)
+      );
+      if (!verifySignatures(tx, 0, [serverPubkeyHex], cpLeafHash)) {
+        throw new Error(
+          "Invalid server signature in checkpoint transaction"
+        );
+      }
       const signedCheckpoint = await identity.sign(tx, [0]);
       return import_base8.base64.encode(signedCheckpoint.toPSBT());
     })
@@ -2831,10 +2852,27 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
     checkpoint: boltzSignedCheckpointTx
   } = await refundFunc(swapId, unsignedRefundTx, unsignedCheckpointTx);
   const boltzXOnlyPublicKeyHex = import_base8.hex.encode(boltzXOnlyPublicKey);
-  if (!verifySignatures(boltzSignedRefundTx, 0, [boltzXOnlyPublicKeyHex])) {
+  const refundLeafHash = (0, import_payment3.tapLeafHash)(
+    scriptFromTapLeafScript(input.tapLeafScript)
+  );
+  if (!verifySignatures(
+    boltzSignedRefundTx,
+    0,
+    [boltzXOnlyPublicKeyHex],
+    refundLeafHash
+  )) {
     throw new Error("Invalid Boltz signature in refund transaction");
   }
-  if (!verifySignatures(boltzSignedCheckpointTx, 0, [boltzXOnlyPublicKeyHex])) {
+  const checkpointLeaf = unsignedCheckpointTx.getInput(0).tapLeafScript[0];
+  const checkpointLeafHash = (0, import_payment3.tapLeafHash)(
+    scriptFromTapLeafScript(checkpointLeaf)
+  );
+  if (!verifySignatures(
+    boltzSignedCheckpointTx,
+    0,
+    [boltzXOnlyPublicKeyHex],
+    checkpointLeafHash
+  )) {
     throw new Error("Invalid Boltz signature in checkpoint transaction");
   }
   const signedRefundTx = await identity.sign(unsignedRefundTx);
@@ -2851,14 +2889,14 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
     import_base8.base64.encode(combinedSignedRefundTx.toPSBT()),
     [import_base8.base64.encode(unsignedCheckpointTx.toPSBT())]
   );
-  const tx = import_btc_signer4.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx));
+  const tx = import_sdk7.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx));
   const inputIndex = 0;
   const requiredSigners = [
     import_base8.hex.encode(ourXOnlyPublicKey),
     import_base8.hex.encode(boltzXOnlyPublicKey),
     import_base8.hex.encode(serverXOnlyPublicKey)
   ];
-  if (!verifySignatures(tx, inputIndex, requiredSigners)) {
+  if (!verifySignatures(tx, inputIndex, requiredSigners, refundLeafHash)) {
     throw new Error("Invalid refund transaction");
   }
   if (signedCheckpointTxs.length !== 1) {
@@ -2866,9 +2904,18 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
       `Expected one signed checkpoint transaction, got ${signedCheckpointTxs.length}`
     );
   }
-  const serverSignedCheckpointTx = import_btc_signer4.Transaction.fromPSBT(
+  const serverSignedCheckpointTx = import_sdk7.Transaction.fromPSBT(
     import_base8.base64.decode(signedCheckpointTxs[0])
   );
+  const serverPubkeyHex = import_base8.hex.encode(serverXOnlyPublicKey);
+  if (!verifySignatures(
+    serverSignedCheckpointTx,
+    0,
+    [serverPubkeyHex],
+    checkpointLeafHash
+  )) {
+    throw new Error("Invalid server signature in checkpoint transaction");
+  }
   const finalCheckpointTx = (0, import_sdk7.combineTapscriptSigs)(
     combinedSignedCheckpointTx,
     serverSignedCheckpointTx
@@ -2877,17 +2924,9 @@ var refundVHTLCwithOffchainTx = async (swapId, identity, arkProvider, boltzXOnly
     import_base8.base64.encode(finalCheckpointTx.toPSBT())
   ]);
 };
-var validFinalArkTx = (finalArkTx, _pubkey, _tapLeaves) => {
-  const tx = import_btc_signer4.Transaction.fromPSBT(import_base8.base64.decode(finalArkTx), {
-    allowUnknown: true
-  });
-  if (!tx) return false;
-  const inputs = [];
-  for (let i = 0; i < tx.inputsLength; i++) {
-    inputs.push(tx.getInput(i));
-  }
-  return inputs.every((input) => input.witnessUtxo);
-};
+function scriptFromTapLeafScript(leaf) {
+  return leaf[1].subarray(0, leaf[1].length - 1);
+}
 
 // src/arkade-swaps.ts
 var ArkadeSwaps = class _ArkadeSwaps {
@@ -3313,7 +3352,7 @@ var ArkadeSwaps = class _ArkadeSwaps {
   async sendLightningPayment(args) {
     const pendingSwap = await this.createSubmarineSwap(args);
     await this.savePendingSubmarineSwap(pendingSwap);
-    const txid = await this.wallet.sendBitcoin({
+    const txid = await this.wallet.send({
       address: pendingSwap.response.address,
       amount: pendingSwap.response.expectedAmount
     });

package/dist/index.d.cts

@@ -83,7 +83,17 @@ declare const getInvoiceSatoshis: (invoice: string) => number;
 declare const getInvoicePaymentHash: (invoice: string) => string;
 declare const isValidArkAddress: (address: string) => boolean;
 
-declare const verifySignatures: (tx: Transaction, inputIndex: number, requiredSigners: string[]) => boolean;
+/**
+ * Verifies that a transaction input has valid tapscript signatures
+ * from all required signers for a specific tapscript leaf.
+ *
+ * @param tx - The transaction to verify.
+ * @param inputIndex - The index of the input to check.
+ * @param requiredSigners - Hex-encoded x-only public keys of all required signers.
+ * @param expectedLeafHash - The tapscript leaf hash that signatures must commit to.
+ * @returns `true` if all required signers have valid signatures on the expected leaf, `false` otherwise.
+ */
+declare const verifySignatures: (tx: Transaction, inputIndex: number, requiredSigners: string[], expectedLeafHash: Uint8Array) => boolean;
 
 /**
  * Generic type for swap save functions

package/dist/index.d.ts

@@ -83,7 +83,17 @@ declare const getInvoiceSatoshis: (invoice: string) => number;
 declare const getInvoicePaymentHash: (invoice: string) => string;
 declare const isValidArkAddress: (address: string) => boolean;
 
-declare const verifySignatures: (tx: Transaction, inputIndex: number, requiredSigners: string[]) => boolean;
+/**
+ * Verifies that a transaction input has valid tapscript signatures
+ * from all required signers for a specific tapscript leaf.
+ *
+ * @param tx - The transaction to verify.
+ * @param inputIndex - The index of the input to check.
+ * @param requiredSigners - Hex-encoded x-only public keys of all required signers.
+ * @param expectedLeafHash - The tapscript leaf hash that signatures must commit to.
+ * @returns `true` if all required signers have valid signatures on the expected leaf, `false` otherwise.
+ */
+declare const verifySignatures: (tx: Transaction, inputIndex: number, requiredSigners: string[], expectedLeafHash: Uint8Array) => boolean;
 
 /**
  * Generic type for swap save functions

package/dist/index.js

@@ -49,7 +49,7 @@ import {
   updateReverseSwapStatus,
   updateSubmarineSwapStatus,
   verifySignatures
-} from "./chunk-SUFFGYDJ.js";
+} from "./chunk-ZJ2Q5QSA.js";
 import "./chunk-3RG5ZIWI.js";
 
 // src/serviceWorker/arkade-swaps-message-handler.ts

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@arkade-os/boltz-swap",
-  "version": "0.3.6",
+  "version": "0.3.7",
   "type": "module",
   "description": "A production-ready TypeScript package that brings Boltz submarine-swaps to Arkade.",
   "main": "./dist/index.js",
@@ -60,7 +60,7 @@
   "author": "Arkade-OS",
   "license": "MIT",
   "dependencies": {
-    "@arkade-os/sdk": "0.4.8",
+    "@arkade-os/sdk": "0.4.9",
     "@noble/hashes": "2.0.1",
     "@scure/base": "2.0.0",
     "@scure/btc-signer": "2.0.1",