@arkade-os/sdk 0.3.0-alpha.7 → 0.3.1-alpha.0

package/dist/cjs/utils/arkTransaction.js

@@ -1,12 +1,15 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.buildOffchainTx = buildOffchainTx;
-const transaction_js_1 = require("@scure/btc-signer/transaction.js");
+exports.hasBoardingTxExpired = hasBoardingTxExpired;
+exports.verifyTapscriptSignatures = verifyTapscriptSignatures;
+const secp256k1_js_1 = require("@noble/curves/secp256k1.js");
+const base_1 = require("@scure/base");
+const btc_signer_1 = require("@scure/btc-signer");
+const payment_js_1 = require("@scure/btc-signer/payment.js");
 const tapscript_1 = require("../script/tapscript");
-const base_1 = require("../script/base");
+const base_2 = require("../script/base");
 const anchor_1 = require("./anchor");
-const base_2 = require("@scure/base");
-const utils_js_1 = require("@scure/btc-signer/utils.js");
 const unknownFields_1 = require("./unknownFields");
 /**
  * Builds an offchain transaction with checkpoint transactions.
@@ -31,7 +34,7 @@ function buildOffchainTx(inputs, outputs, serverUnrollScript) {
 function buildVirtualTx(inputs, outputs) {
     let lockTime = 0n;
     for (const input of inputs) {
-        const tapscript = (0, tapscript_1.decodeTapscript)((0, base_1.scriptFromTapLeafScript)(input.tapLeafScript));
+        const tapscript = (0, tapscript_1.decodeTapscript)((0, base_2.scriptFromTapLeafScript)(input.tapLeafScript));
         if (tapscript_1.CLTVMultisigTapscript.is(tapscript)) {
             if (lockTime !== 0n) {
                 // if a locktime is already set, check if the new locktime is in the same unit
@@ -45,7 +48,7 @@ function buildVirtualTx(inputs, outputs) {
             }
         }
     }
-    const tx = new transaction_js_1.Transaction({
+    const tx = new btc_signer_1.Transaction({
         version: 3,
         allowUnknown: true,
         allowUnknownOutputs: true,
@@ -55,9 +58,9 @@ function buildVirtualTx(inputs, outputs) {
         tx.addInput({
             txid: input.txid,
             index: input.vout,
-            sequence: lockTime ? transaction_js_1.DEFAULT_SEQUENCE - 1 : undefined,
+            sequence: lockTime ? btc_signer_1.DEFAULT_SEQUENCE - 1 : undefined,
             witnessUtxo: {
-                script: base_1.VtxoScript.decode(input.tapTree).pkScript,
+                script: base_2.VtxoScript.decode(input.tapTree).pkScript,
                 amount: BigInt(input.value),
             },
             tapLeafScript: [input.tapLeafScript],
@@ -74,9 +77,9 @@ function buildVirtualTx(inputs, outputs) {
 function buildCheckpointTx(vtxo, serverUnrollScript) {
     // create the checkpoint vtxo script from collaborative closure
     const collaborativeClosure = (0, tapscript_1.decodeTapscript)(vtxo.checkpointTapLeafScript ??
-        (0, base_1.scriptFromTapLeafScript)(vtxo.tapLeafScript));
+        (0, base_2.scriptFromTapLeafScript)(vtxo.tapLeafScript));
     // create the checkpoint vtxo script combining collaborative closure and server unroll script
-    const checkpointVtxoScript = new base_1.VtxoScript([
+    const checkpointVtxoScript = new base_2.VtxoScript([
         serverUnrollScript.script,
         collaborativeClosure.script,
     ]);
@@ -88,10 +91,10 @@ function buildCheckpointTx(vtxo, serverUnrollScript) {
         },
     ]);
     // get the collaborative leaf proof
-    const collaborativeLeafProof = checkpointVtxoScript.findLeaf(base_2.hex.encode(collaborativeClosure.script));
+    const collaborativeLeafProof = checkpointVtxoScript.findLeaf(base_1.hex.encode(collaborativeClosure.script));
     // create the checkpoint input that will be used as input of the virtual tx
     const checkpointInput = {
-        txid: base_2.hex.encode((0, utils_js_1.sha256x2)(checkpointTx.toBytes(true)).reverse()),
+        txid: checkpointTx.id,
         vout: 0,
         value: vtxo.value,
         tapLeafScript: collaborativeLeafProof,
@@ -106,3 +109,105 @@ const nLocktimeMinSeconds = 500000000n;
 function isSeconds(locktime) {
     return locktime >= nLocktimeMinSeconds;
 }
+function hasBoardingTxExpired(coin, boardingTimelock) {
+    if (!coin.status.block_time)
+        return false;
+    if (boardingTimelock.value === 0n)
+        return true;
+    if (boardingTimelock.type !== "blocks")
+        return false; // TODO: handle get chain tip
+    // validate expiry in terms of seconds
+    const now = BigInt(Math.floor(Date.now() / 1000));
+    const blockTime = BigInt(Math.floor(coin.status.block_time));
+    return blockTime + boardingTimelock.value <= now;
+}
+/**
+ * Formats a sighash type as a hex string (e.g., 0x01)
+ */
+function formatSighash(type) {
+    return `0x${type.toString(16).padStart(2, "0")}`;
+}
+/**
+ * Verify tapscript signatures on a transaction input
+ * @param tx Transaction to verify
+ * @param inputIndex Index of the input to verify
+ * @param requiredSigners List of required signer pubkeys (hex encoded)
+ * @param excludePubkeys List of pubkeys to exclude from verification (hex encoded, e.g., server key not yet signed)
+ * @param allowedSighashTypes List of allowed sighash types (defaults to [SigHash.DEFAULT])
+ * @throws Error if verification fails
+ */
+function verifyTapscriptSignatures(tx, inputIndex, requiredSigners, excludePubkeys = [], allowedSighashTypes = [btc_signer_1.SigHash.DEFAULT]) {
+    const input = tx.getInput(inputIndex);
+    // Collect prevout scripts and amounts for ALL inputs (required for preimageWitnessV1)
+    const prevoutScripts = [];
+    const prevoutAmounts = [];
+    for (let i = 0; i < tx.inputsLength; i++) {
+        const inp = tx.getInput(i);
+        if (!inp.witnessUtxo) {
+            throw new Error(`Input ${i} is missing witnessUtxo`);
+        }
+        prevoutScripts.push(inp.witnessUtxo.script);
+        prevoutAmounts.push(inp.witnessUtxo.amount);
+    }
+    // Verify tapScriptSig signatures
+    if (!input.tapScriptSig || input.tapScriptSig.length === 0) {
+        throw new Error(`Input ${inputIndex} is missing tapScriptSig`);
+    }
+    // Verify each signature in tapScriptSig
+    for (const [tapScriptSigData, signature] of input.tapScriptSig) {
+        const pubKey = tapScriptSigData.pubKey;
+        const pubKeyHex = base_1.hex.encode(pubKey);
+        // Skip verification for excluded pubkeys
+        if (excludePubkeys.includes(pubKeyHex)) {
+            continue;
+        }
+        // Extract sighash type from signature
+        // Schnorr signatures are 64 bytes, with optional 1-byte sighash appended
+        const sighashType = signature.length === 65 ? signature[64] : btc_signer_1.SigHash.DEFAULT;
+        const sig = signature.subarray(0, 64);
+        // Verify sighash type is allowed
+        if (!allowedSighashTypes.includes(sighashType)) {
+            const sighashName = formatSighash(sighashType);
+            throw new Error(`Unallowed sighash type ${sighashName} for input ${inputIndex}, pubkey ${pubKeyHex}.`);
+        }
+        // Find the tapLeafScript that matches this signature's leafHash
+        if (!input.tapLeafScript || input.tapLeafScript.length === 0) {
+            throw new Error();
+        }
+        // Search for the leaf that matches the leafHash in tapScriptSigData
+        const leafHash = tapScriptSigData.leafHash;
+        const leafHashHex = base_1.hex.encode(leafHash);
+        let matchingScript;
+        let matchingVersion;
+        for (const [_, scriptWithVersion] of input.tapLeafScript) {
+            const script = scriptWithVersion.subarray(0, -1);
+            const version = scriptWithVersion[scriptWithVersion.length - 1];
+            // Compute the leaf hash for this script and compare as hex strings
+            const computedLeafHash = (0, payment_js_1.tapLeafHash)(script, version);
+            const computedHex = base_1.hex.encode(computedLeafHash);
+            if (computedHex === leafHashHex) {
+                matchingScript = script;
+                matchingVersion = version;
+                break;
+            }
+        }
+        if (!matchingScript || matchingVersion === undefined) {
+            throw new Error(`Input ${inputIndex}: No tapLeafScript found matching leafHash ${base_1.hex.encode(leafHash)}`);
+        }
+        // Reconstruct the message that was signed
+        // Note: preimageWitnessV1 requires ALL input prevout scripts and amounts
+        const message = tx.preimageWitnessV1(inputIndex, prevoutScripts, sighashType, prevoutAmounts, undefined, matchingScript, matchingVersion);
+        // Verify the schnorr signature
+        const isValid = secp256k1_js_1.schnorr.verify(sig, message, pubKey);
+        if (!isValid) {
+            throw new Error(`Invalid signature for input ${inputIndex}, pubkey ${pubKeyHex}`);
+        }
+    }
+    // Verify we have signatures from all required signers (excluding those we're skipping)
+    const signedPubkeys = input.tapScriptSig.map(([data]) => base_1.hex.encode(data.pubKey));
+    const requiredNotExcluded = requiredSigners.filter((pk) => !excludePubkeys.includes(pk));
+    const missingSigners = requiredNotExcluded.filter((pk) => !signedPubkeys.includes(pk));
+    if (missingSigners.length > 0) {
+        throw new Error(`Missing signatures from: ${missingSigners.map((pk) => pk.slice(0, 16)).join(", ")}...`);
+    }
+}

package/dist/cjs/utils/unknownFields.js

@@ -37,7 +37,7 @@ exports.VtxoTreeExpiry = exports.CosignerPublicKey = exports.ConditionWitness =
 exports.setArkPsbtField = setArkPsbtField;
 exports.getArkPsbtFields = getArkPsbtFields;
 const bip68 = __importStar(require("bip68"));
-const script_js_1 = require("@scure/btc-signer/script.js");
+const btc_signer_1 = require("@scure/btc-signer");
 const base_1 = require("@scure/base");
 /**
  * ArkPsbtFieldKey is the key values for ark psbt fields.
@@ -126,12 +126,12 @@ exports.ConditionWitness = {
             type: exports.ArkPsbtFieldKeyType,
             key: encodedPsbtFieldKey[ArkPsbtFieldKey.ConditionWitness],
         },
-        script_js_1.RawWitness.encode(value),
+        btc_signer_1.RawWitness.encode(value),
     ],
     decode: (value) => nullIfCatch(() => {
         if (!checkKeyIncludes(value[0], ArkPsbtFieldKey.ConditionWitness))
             return null;
-        return script_js_1.RawWitness.decode(value[1]);
+        return btc_signer_1.RawWitness.decode(value[1]);
     }),
 };
 /**
@@ -176,12 +176,12 @@ exports.VtxoTreeExpiry = {
             type: exports.ArkPsbtFieldKeyType,
             key: encodedPsbtFieldKey[ArkPsbtFieldKey.VtxoTreeExpiry],
         },
-        (0, script_js_1.ScriptNum)(6, true).encode(value.value === 0n ? 0n : value.value),
+        (0, btc_signer_1.ScriptNum)(6, true).encode(value.value === 0n ? 0n : value.value),
     ],
     decode: (unknown) => nullIfCatch(() => {
         if (!checkKeyIncludes(unknown[0], ArkPsbtFieldKey.VtxoTreeExpiry))
             return null;
-        const v = (0, script_js_1.ScriptNum)(6, true).decode(unknown[1]);
+        const v = (0, btc_signer_1.ScriptNum)(6, true).decode(unknown[1]);
         if (!v)
             return null;
         const { blocks, seconds } = bip68.decode(Number(v));

package/dist/cjs/wallet/index.js

@@ -10,7 +10,7 @@ var TxType;
     TxType["TxReceived"] = "RECEIVED";
 })(TxType || (exports.TxType = TxType = {}));
 function isSpendable(vtxo) {
-    return vtxo.spentBy === undefined || vtxo.spentBy === "";
+    return !vtxo.isSpent;
 }
 function isRecoverable(vtxo) {
     return vtxo.virtualStatus.state === "swept" && isSpendable(vtxo);

package/dist/cjs/wallet/onchain.js

@@ -2,10 +2,9 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.OnchainWallet = void 0;
 exports.selectCoins = selectCoins;
-const payment_js_1 = require("@scure/btc-signer/payment.js");
+const btc_signer_1 = require("@scure/btc-signer");
 const networks_1 = require("../networks");
 const onchain_1 = require("../providers/onchain");
-const transaction_js_1 = require("@scure/btc-signer/transaction.js");
 const anchor_1 = require("../utils/anchor");
 const txSizeEstimator_1 = require("../utils/txSizeEstimator");
 /**
@@ -39,7 +38,7 @@ class OnchainWallet {
         }
         const network = (0, networks_1.getNetwork)(networkName);
         const onchainProvider = provider || new onchain_1.EsploraProvider(onchain_1.ESPLORA_URL[networkName]);
-        const onchainP2TR = (0, payment_js_1.p2tr)(pubkey, undefined, network);
+        const onchainP2TR = (0, btc_signer_1.p2tr)(pubkey, undefined, network);
         return new OnchainWallet(identity, network, onchainP2TR, onchainProvider);
     }
     get address() {
@@ -80,7 +79,7 @@ class OnchainWallet {
         // Select coins
         const selected = selectCoins(coins, totalNeeded);
         // Create transaction
-        let tx = new transaction_js_1.Transaction();
+        let tx = new btc_signer_1.Transaction();
         // Add inputs
         for (const input of selected.inputs) {
             tx.addInput({
@@ -108,7 +107,7 @@ class OnchainWallet {
     }
     async bumpP2A(parent) {
         const parentVsize = parent.vsize;
-        let child = new transaction_js_1.Transaction({
+        let child = new btc_signer_1.Transaction({
             allowUnknownInputs: true,
             allowLegacyWitnessUtxo: true,
             version: 3,

package/dist/cjs/wallet/serviceWorker/utils.js

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_DB_NAME = void 0;
 exports.setupServiceWorker = setupServiceWorker;
-exports.extendVirtualCoin = extendVirtualCoin;
+exports.DEFAULT_DB_NAME = "arkade-service-worker";
 /**
  * setupServiceWorker sets up the service worker.
  * @param path - the path to the service worker script
@@ -48,11 +49,3 @@ async function setupServiceWorker(path) {
         navigator.serviceWorker.addEventListener("error", onError);
     });
 }
-function extendVirtualCoin(wallet, vtxo) {
-    return {
-        ...vtxo,
-        forfeitTapLeafScript: wallet.offchainTapscript.forfeit(),
-        intentTapLeafScript: wallet.offchainTapscript.exit(),
-        tapTree: wallet.offchainTapscript.encode(),
-    };
-}

package/dist/cjs/wallet/serviceWorker/wallet.js

@@ -25,7 +25,7 @@ class ServiceWorkerWallet {
     }
     static async create(options) {
         // Default to IndexedDB for service worker context
-        const storage = options.storage || new indexedDB_1.IndexedDBStorageAdapter("wallet-db");
+        const storage = new indexedDB_1.IndexedDBStorageAdapter(options.dbName || utils_1.DEFAULT_DB_NAME, options.dbVersion);
         // Create repositories
         const walletRepo = new walletRepository_1.WalletRepositoryImpl(storage);
         const contractRepo = new contractRepository_1.ContractRepositoryImpl(storage);
@@ -34,7 +34,7 @@ class ServiceWorkerWallet {
             ? options.identity
             : null;
         if (!identity) {
-            throw new Error("ServiceWorkerWallet.create() requires a Identity that can expose its private key");
+            throw new Error("ServiceWorkerWallet.create() requires a Identity that can expose a single private key");
         }
         // Extract private key for service worker initialization
         const privateKey = identity.toHex();
@@ -77,13 +77,9 @@ class ServiceWorkerWallet {
         // Register and setup the service worker
         const serviceWorker = await (0, utils_1.setupServiceWorker)(options.serviceWorkerPath);
         // Use the existing create method
-        return await ServiceWorkerWallet.create({
-            arkServerPublicKey: options.arkServerPublicKey,
-            arkServerUrl: options.arkServerUrl,
-            esploraUrl: options.esploraUrl,
-            identity: options.identity,
+        return ServiceWorkerWallet.create({
+            ...options,
             serviceWorker,
-            storage: options.storage,
         });
     }
     // send a message and wait for a response

package/dist/cjs/wallet/serviceWorker/worker.js

@@ -13,15 +13,18 @@ const indexer_1 = require("../../providers/indexer");
 const base_1 = require("@scure/base");
 const indexedDB_1 = require("../../storage/indexedDB");
 const walletRepository_1 = require("../../repositories/walletRepository");
-const utils_1 = require("./utils");
+const utils_1 = require("../utils");
+const utils_2 = require("./utils");
 /**
  * Worker is a class letting to interact with ServiceWorkerWallet from the client
  * it aims to be run in a service worker context
  */
 class Worker {
-    constructor(messageCallback = () => { }) {
+    constructor(dbName = utils_2.DEFAULT_DB_NAME, dbVersion = 1, messageCallback = () => { }) {
+        this.dbName = dbName;
+        this.dbVersion = dbVersion;
         this.messageCallback = messageCallback;
-        this.storage = new indexedDB_1.IndexedDBStorageAdapter("arkade-service-worker", 1);
+        this.storage = new indexedDB_1.IndexedDBStorageAdapter(dbName, dbVersion);
         this.walletRepository = new walletRepository_1.WalletRepositoryImpl(this.storage);
     }
     /**
@@ -77,6 +80,8 @@ class Worker {
             this.incomingFundsSubscription();
         // Clear storage - this replaces vtxoRepository.close()
         await this.storage.clear();
+        // Reset in-memory caches by recreating the repository
+        this.walletRepository = new walletRepository_1.WalletRepositoryImpl(this.storage);
         this.wallet = undefined;
         this.arkProvider = undefined;
         this.indexerProvider = undefined;
@@ -105,7 +110,7 @@ class Worker {
         const txs = await this.wallet.getTransactionHistory();
         if (txs)
             await this.walletRepository.saveTransactions(address, txs);
-        // stop previous subscriptions if any
+        // unsubscribe previous subscription if any
         if (this.incomingFundsSubscription)
             this.incomingFundsSubscription();
         // subscribe for incoming funds and notify all clients when new funds arrive
@@ -127,7 +132,7 @@ class Worker {
                 // notify all clients about the vtxo update
                 this.sendMessageToAllClients("VTXO_UPDATE", JSON.stringify({ newVtxos, spentVtxos }));
             }
-            if (funds.type === "utxo" && funds.coins.length > 0) {
+            if (funds.type === "utxo") {
                 // notify all clients about the utxo update
                 this.sendMessageToAllClients("UTXO_UPDATE", JSON.stringify(funds.coins));
             }
@@ -354,23 +359,21 @@ class Worker {
             return;
         }
         try {
-            let vtxos = await this.getSpendableVtxos();
-            if (!message.filter?.withRecoverable) {
-                if (!this.wallet)
-                    throw new Error("Wallet not initialized");
-                // exclude subdust is we don't want recoverable
-                const dustAmount = this.wallet?.dustAmount;
-                vtxos =
-                    dustAmount == null
-                        ? vtxos
-                        : vtxos.filter((v) => !(0, __1.isSubdust)(v, dustAmount));
-            }
-            if (message.filter?.withRecoverable) {
-                // get also swept and spendable vtxos
-                const sweptVtxos = await this.getSweptVtxos();
-                vtxos.push(...sweptVtxos.filter(__1.isSpendable));
-            }
-            event.source?.postMessage(response_1.Response.vtxos(message.id, vtxos));
+            const vtxos = await this.getSpendableVtxos();
+            const dustAmount = this.wallet.dustAmount;
+            const includeRecoverable = message.filter?.withRecoverable ?? false;
+            const filteredVtxos = includeRecoverable
+                ? vtxos
+                : vtxos.filter((v) => {
+                    if (dustAmount != null && (0, __1.isSubdust)(v, dustAmount)) {
+                        return false;
+                    }
+                    if ((0, __1.isRecoverable)(v)) {
+                        return false;
+                    }
+                    return true;
+                });
+            event.source?.postMessage(response_1.Response.vtxos(message.id, filteredVtxos));
         }
         catch (error) {
             console.error("Error getting vtxos:", error);
@@ -529,7 +532,6 @@ class Worker {
     }
     async handleReloadWallet(event) {
         const message = event.data;
-        console.log("RELOAD_WALLET message received", message);
         if (!request_1.Request.isReloadWallet(message)) {
             console.error("Invalid RELOAD_WALLET message format", message);
             event.source?.postMessage(response_1.Response.error(message.id, "Invalid RELOAD_WALLET message format"));

package/dist/cjs/wallet/unroll.js

@@ -1,11 +1,10 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Unroll = void 0;
-const transaction_js_1 = require("@scure/btc-signer/transaction.js");
-const indexer_1 = require("../providers/indexer");
 const base_1 = require("@scure/base");
+const btc_signer_1 = require("@scure/btc-signer");
+const indexer_1 = require("../providers/indexer");
 const base_2 = require("../script/base");
-const psbt_js_1 = require("@scure/btc-signer/psbt.js");
 const txSizeEstimator_1 = require("../utils/txSizeEstimator");
 const wallet_1 = require("./wallet");
 var Unroll;
@@ -106,7 +105,7 @@ var Unroll;
             if (virtualTxs.txs.length === 0) {
                 throw new Error(`Tx ${nextTxToBroadcast.txid} not found`);
             }
-            const tx = transaction_js_1.Transaction.fromPSBT(base_1.base64.decode(virtualTxs.txs[0]), {
+            const tx = btc_signer_1.Transaction.fromPSBT(base_1.base64.decode(virtualTxs.txs[0]), {
                 allowUnknownInputs: true,
             });
             // finalize the tree transaction
@@ -197,11 +196,11 @@ var Unroll;
                     amount: BigInt(vtxo.value),
                     script: base_2.VtxoScript.decode(vtxo.tapTree).pkScript,
                 },
-                sighashType: transaction_js_1.SigHash.DEFAULT,
+                sighashType: btc_signer_1.SigHash.DEFAULT,
             });
-            txWeightEstimator.addTapscriptInput(64, spendingLeaf[1].length, psbt_js_1.TaprootControlBlock.encode(spendingLeaf[0]).length);
+            txWeightEstimator.addTapscriptInput(64, spendingLeaf[1].length, btc_signer_1.TaprootControlBlock.encode(spendingLeaf[0]).length);
         }
-        const tx = new transaction_js_1.Transaction({ allowUnknownInputs: true, version: 2 });
+        const tx = new btc_signer_1.Transaction({ allowUnknownInputs: true, version: 2 });
         for (const input of inputs) {
             tx.addInput(input);
         }

package/dist/cjs/wallet/utils.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extendVirtualCoin = extendVirtualCoin;
+function extendVirtualCoin(wallet, vtxo) {
+    return {
+        ...vtxo,
+        forfeitTapLeafScript: wallet.offchainTapscript.forfeit(),
+        intentTapLeafScript: wallet.offchainTapscript.exit(),
+        tapTree: wallet.offchainTapscript.encode(),
+    };
+}