@arkade-os/sdk 0.4.22 → 0.4.24

package/README.md

@@ -146,19 +146,19 @@ import { mnemonicToSeedSync } from '@scure/bip39'
 const seed = mnemonicToSeedSync(mnemonic)
 const identity = SeedIdentity.fromSeed(seed)
 
-// Or with a custom output descriptor
-const identityWithDescriptor = SeedIdentity.fromSeed(seed, { descriptor })
+// Or with a custom account-descriptor template (must end in "/*)")
+const identityWithDescriptor = SeedIdentity.fromSeed(seed, { descriptor: template })
 
-// Or with a custom descriptor and passphrase (MnemonicIdentity)
+// Or with a custom template and passphrase (MnemonicIdentity)
 const identityWithDescriptorAndPassphrase = MnemonicIdentity.fromMnemonic(mnemonic, {
-  descriptor,
+  descriptor: template,
   passphrase: 'my secret passphrase'
 })
 ```
 
 #### Watch-Only with ReadonlyDescriptorIdentity
 
-Create watch-only wallets from an output descriptor:
+Create watch-only wallets from an account-descriptor template:
 
 ```typescript
 import { MnemonicIdentity, ReadonlyDescriptorIdentity, ReadonlyWallet } from '@arkade-os/sdk'
@@ -170,9 +170,9 @@ const mnemonic = generateMnemonic(wordlist)
 const identity = MnemonicIdentity.fromMnemonic(mnemonic)
 const readonly = await identity.toReadonly()
 
-// Or directly from a descriptor (e.g., from another wallet)
-const descriptor = "tr([12345678/86'/0'/0']xpub.../0/0)"
-const readonlyFromDescriptor = ReadonlyDescriptorIdentity.fromDescriptor(descriptor)
+// Or directly from a wildcard template (e.g., exported from another wallet)
+const template = "tr([12345678/86'/0'/0']xpub.../0/*)"
+const readonlyFromTemplate = ReadonlyDescriptorIdentity.fromDescriptor(template)
 
 // Use in a watch-only wallet
 const readonlyWallet = await ReadonlyWallet.create({
@@ -184,12 +184,10 @@ const readonlyWallet = await ReadonlyWallet.create({
 const balance = await readonlyWallet.getBalance()
 ```
 
-**Derivation Path:** `m/86'/{coinType}'/0'/0/0`
+**Derivation Path:** `m/86'/{coinType}'/0'/0/*`
 - BIP86 (Taproot) purpose
 - Coin type 0 for mainnet, 1 for testnet
-- Account 0, external chain, first address
-
-The descriptor format (`tr([fingerprint/path']xpub.../0/0)`) is HD-ready — future versions will support deriving multiple addresses and change outputs from the same seed.
+- Account 0, external chain, wildcard index — `identity.descriptor` is the wildcard template that drives HD rotation; consumers materialize a concrete descriptor at a specific index when they need one.
 
 ### Batch Signing for Browser Wallets
 
@@ -227,6 +225,91 @@ await wallet.send({ address: 'ark1q...', amount: 1000 })
 
 Identities without `signMultiple` continue to work unchanged — each checkpoint is signed individually via `sign()`.
 
+### Onchain Providers
+
+Wallets read onchain state (UTXOs, transactions, fee rates, chain tip) through an `OnchainProvider`. The SDK ships with two implementations and a single transport-agnostic interface so you can swap them without touching wallet code.
+
+| Provider | Transport | When to use |
+|---|---|---|
+| `EsploraProvider` | REST/HTTP (mempool.space-compatible) | Default for browser wallets, public mempool deployments, simple integrations. Both atomic 1P1C package broadcast and outspends are first-class. |
+| `ElectrumOnchainProvider` | WebSocket (Electrum protocol) | Self-hosted nodes (Fulcrum, electrs), low-latency subscriptions, environments where you control the backend. Required if you need to talk to an Electrum server directly. |
+
+If you don't pass a provider explicitly, `OnchainWallet` and `Wallet.create({ ... })` both default to `EsploraProvider` pointing at the URL in `ESPLORA_URL[networkName]`.
+
+#### Default URLs
+
+The SDK ships with reachable defaults for each network — bitcoin, signet, and mutinynet point at Ark Labs–operated deployments; testnet falls back to mempool.space; regtest assumes a local nigiri stack.
+
+```typescript
+import {
+  ESPLORA_URL,        // Record<NetworkName, string>
+  ELECTRUM_WS_URL,    // Record<NetworkName, string>
+  ELECTRUM_TCP_HOST,  // Record<NetworkName, string | null> — informational
+} from '@arkade-os/sdk'
+
+ESPLORA_URL.bitcoin       // "https://mempool.arkade.sh/api"
+ESPLORA_URL.signet        // "https://mempool.signet.arkade.sh/api"
+ESPLORA_URL.mutinynet     // "https://mempool.mutinynet.arkade.sh/api"
+
+ELECTRUM_WS_URL.bitcoin   // "wss://electrum.arkade.sh"
+ELECTRUM_WS_URL.signet    // "wss://electrum.signet.arkade.sh"
+ELECTRUM_WS_URL.mutinynet // "wss://electrum.mutinynet.arkade.sh"
+```
+
+#### Using Esplora (default)
+
+```typescript
+import { EsploraProvider, ESPLORA_URL, OnchainWallet } from '@arkade-os/sdk'
+
+// Use the default URL for the network
+const provider = new EsploraProvider(ESPLORA_URL.bitcoin)
+
+// Or pass nothing — OnchainWallet picks the default for you
+const wallet = await OnchainWallet.create(identity, 'bitcoin')
+
+// Or override with your own mempool/esplora instance
+const customProvider = new EsploraProvider('https://my-esplora.example/api')
+```
+
+#### Using Electrum (WebSocket)
+
+```typescript
+import { ElectrumWS } from 'ws-electrumx-client'
+import {
+  ElectrumOnchainProvider,
+  ELECTRUM_WS_URL,
+  OnchainWallet,
+  networks,
+} from '@arkade-os/sdk'
+
+const ws = new ElectrumWS(ELECTRUM_WS_URL.bitcoin)
+const provider = new ElectrumOnchainProvider(ws, networks.bitcoin)
+
+const wallet = await OnchainWallet.create(identity, 'bitcoin', provider)
+
+// Remember to close the connection when you're done
+await provider.close()
+```
+
+#### Atomic 1P1C package broadcast (TRUC / BIP 431)
+
+Both providers expose `broadcastTransaction(...txs)` that accepts either a single tx or a 1P1C package (parent first, child last). The package path is **atomic** — the parent doesn't have to independently meet mempool minfee, which is the point of TRUC relay.
+
+The Electrum provider implements this via `blockchain.transaction.broadcast_package` (Fulcrum ≥ 1.10 backed by bitcoind ≥ v28). **There is no fallback to sequential broadcast**: if the server doesn't support `broadcast_package`, the call surfaces a clear error so you can route through a different provider rather than have TRUC packages silently fail at the parent step. Ark Labs Fulcrum deployments at `electrum.arkade.sh` (and the `*.signet` / `*.mutinynet` variants) all support it.
+
+#### Server compatibility notes
+
+`ElectrumOnchainProvider` is built around methods supported by both **Fulcrum** and **electrs** (the two main Electrum server implementations):
+
+- ✅ `blockchain.scripthash.{listunspent, get_history, subscribe}`
+- ✅ `blockchain.transaction.{get, get_merkle, broadcast}`
+- ✅ `blockchain.block.header`, `blockchain.headers.subscribe`
+- ✅ `blockchain.estimatefee`, `blockchain.relayfee`
+- ⚠️ `blockchain.transaction.broadcast_package` — **Fulcrum-only**. Required for atomic 1P1C; the provider throws a descriptive error against electrs.
+- ❌ The provider does **not** call `blockchain.transaction.get` with `verbose=true` (Fulcrum-only and rejected by electrs); confirmation status is derived from `transaction.get_merkle` + raw block headers instead.
+
+Output amounts are derived from parsed raw transaction bytes (exact bigints), never from floating-point `value` fields — protocol-level money handling shouldn't depend on `Math.round(value * 1e8)`.
+
 ### Receiving Bitcoin
 
 ```typescript
@@ -650,7 +733,7 @@ for await (const step of session) {
       console.log(`Waiting for transaction ${step.txid} to be confirmed`);
       break;
     case Unroll.StepType.UNROLL:
-      console.log(`Broadcasting transaction ${step.tx.id}`);
+      console.log(`Transaction ${step.tx.id} unrolled`);
       break;
     case Unroll.StepType.DONE:
       console.log(`Unrolling complete for virtual output ${step.vtxoTxid}`);
@@ -666,6 +749,26 @@ The unrolling process works by:
 - Waiting for confirmations between steps
 - Using P2A (Pay-to-Anchor) transactions to pay for fees
 
+Optionally, you can use `session.next()` to control the broadcasting process manually.
+
+```typescript
+const step = await session.next();
+switch (step.type) {
+  case Unroll.StepType.WAIT:
+    await step.do(); // wait for the transaction to be confirmed
+    break;
+  case Unroll.StepType.UNROLL:
+    const [parent, child] = step.pkg;
+    console.log(`Parent: ${parent}`)
+    console.log(`Child: ${child}`)
+    await step.do(); // broadcast the 1C1P package
+    break;
+  case Unroll.StepType.DONE:
+    console.log(`Unrolling complete for VTXO ${step.vtxoTxid}`);
+    break;
+  }
+```
+
 #### Step 2: Completing the Exit
 
 Once virtual outputs are fully unrolled and the unilateral exit timelock has expired, you can complete the exit:

package/dist/cjs/contracts/arkcontract.js

@@ -7,6 +7,7 @@ exports.contractFromArkContractWithAddress = contractFromArkContractWithAddress;
 exports.isArkContract = isArkContract;
 const base_1 = require("@scure/base");
 const handlers_1 = require("./handlers");
+const wallet_1 = require("../wallet");
 /**
  * Prefix for arkcontract strings.
  */
@@ -122,7 +123,7 @@ function contractFromArkContract(encoded, options = {}) {
  * @param options - Additional options
  * @returns A complete Contract object
  */
-function contractFromArkContractWithAddress(encoded, serverPubKey, addressPrefix, options = {}) {
+function contractFromArkContractWithAddress(encoded, serverPubKey, addressPrefix = wallet_1.DEFAULT_ARKADE_HRP, options = {}) {
     const parsed = decodeArkContract(encoded);
     const handler = handlers_1.contractHandlers.getOrThrow(parsed.type);
     const params = parsed.data;

package/dist/cjs/contracts/contractManager.js

@@ -6,6 +6,7 @@ const contractWatcher_1 = require("./contractWatcher");
 const handlers_1 = require("./handlers");
 const utils_1 = require("../wallet/utils");
 const syncCursors_1 = require("../utils/syncCursors");
+const vtxoOwnership_1 = require("./vtxoOwnership");
 const DEFAULT_PAGE_SIZE = 500;
 /**
  * Central manager for contract lifecycle and operations.
@@ -357,9 +358,19 @@ class ContractManager {
         const contracts = opts?.scripts
             ? await this.getContracts({ script: opts.scripts })
             : undefined;
+        // Only forward an explicit window when the caller supplied one. An
+        // empty `{ after: undefined, before: undefined }` would short-circuit
+        // both the cursor-derived `?after=` query in `syncContracts` (because
+        // `??` doesn't fire on a non-nullish object) AND the cursor-advance
+        // gate (which requires `options.window === undefined`), turning every
+        // `refreshVtxos()` call into an unbounded full re-scan whose cursor
+        // never moves forward.
+        const hasExplicitWindow = opts?.after !== undefined || opts?.before !== undefined;
         await this.syncContracts({
             contracts,
-            window: { after: opts?.after, before: opts?.before },
+            window: hasExplicitWindow
+                ? { after: opts?.after, before: opts?.before }
+                : undefined,
         });
     }
     /**
@@ -402,7 +413,11 @@ class ContractManager {
         this.emitEvent(event);
     }
     async getVtxosForContracts(contracts) {
-        const res = await Promise.all(contracts.map(({ script, address }) => this.config.walletRepository.getVtxos(address).then((vtxos) => vtxos.map((vtxo) => ({
+        const res = await Promise.all(contracts.map(({ script, address }) => this.config.walletRepository.getVtxos(address).then((vtxos) => 
+        // Address buckets may carry legacy duplicate rows from
+        // other contracts that once shared the same address —
+        // gate by script so the wrong-script row never wins.
+        (0, vtxoOwnership_1.filterVtxosForScript)(vtxos, script).map((vtxo) => ({
             ...vtxo,
             contractScript: script,
         })))));
@@ -470,7 +485,14 @@ class ContractManager {
             });
         }
         for (const [addr, contractVtxos] of byContract) {
-            await this.config.walletRepository.saveVtxos(addr, contractVtxos);
+            // The bucket is keyed by contract address, so the script filter
+            // here is the same as the contract's. Skip wrong-script rows
+            // rather than crash the reconcile loop.
+            const contract = contracts.find((c) => c.address === addr);
+            const filtered = (0, vtxoOwnership_1.warnAndFilterVtxosForScript)(contractVtxos, contract.script, "ContractManager.reconcilePendingFrontier");
+            if (filtered.length === 0)
+                continue;
+            await this.config.walletRepository.saveVtxos(addr, filtered);
         }
     }
     async fetchContractVxosFromIndexer(contracts, pageSize, syncWindow) {
@@ -480,7 +502,10 @@ class ContractManager {
             result.set(contractScript, vtxos);
             const contract = contracts.find((c) => c.script === contractScript);
             if (contract) {
-                await this.config.walletRepository.saveVtxos(contract.address, vtxos);
+                const filtered = (0, vtxoOwnership_1.warnAndFilterVtxosForScript)(vtxos, contract.script, "ContractManager.fetchContractVxosFromIndexer");
+                if (filtered.length === 0)
+                    continue;
+                await this.config.walletRepository.saveVtxos(contract.address, filtered);
             }
         }
         return result;

package/dist/cjs/contracts/contractWatcher.js

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.ContractWatcher = void 0;
 const utils_1 = require("../wallet/utils");
 const utils_2 = require("../providers/utils");
+const vtxoOwnership_1 = require("./vtxoOwnership");
 /**
  * Watches multiple contracts for virtual output state changes with resilient connection handling.
  *
@@ -90,7 +91,10 @@ class ContractWatcher {
      */
     async seedLastKnownVtxos(state) {
         try {
-            const cached = await this.config.walletRepository.getVtxos(state.contract.address);
+            // Apply the same script gate used by getContractVtxos so a legacy
+            // wrong-script row in the address bucket can't seed the baseline
+            // and then look "spent" on the first poll.
+            const cached = (0, vtxoOwnership_1.filterVtxosForScript)(await this.config.walletRepository.getVtxos(state.contract.address), state.contract.script);
             for (const vtxo of cached) {
                 if (vtxo.isSpent)
                     continue;
@@ -169,8 +173,10 @@ class ContractWatcher {
             return true;
         })
             .map(async (state) => {
-            // Use contract address as cache key
-            const cached = await repo.getVtxos(state.contract.address);
+            // Use contract address as cache key. Legacy address buckets
+            // can contain rows from other contracts; gate by script before
+            // converting so a wrong-script row never reaches the watcher.
+            const cached = (0, vtxoOwnership_1.filterVtxosForScript)(await repo.getVtxos(state.contract.address), state.contract.script);
             if (cached.length > 0) {
                 // Convert to ContractVtxo with contractScript
                 const contractVtxos = cached.map((v) => ({

package/dist/cjs/contracts/handlers/default.js

@@ -4,6 +4,7 @@ exports.DefaultContractHandler = void 0;
 const base_1 = require("@scure/base");
 const default_1 = require("../../script/default");
 const helpers_1 = require("./helpers");
+const timelock_1 = require("../../utils/timelock");
 const descriptor_1 = require("../../identity/descriptor");
 /**
  * Extract pubkey bytes from a descriptor or hex string.
@@ -28,12 +29,12 @@ exports.DefaultContractHandler = {
         return {
             pubKey: base_1.hex.encode(params.pubKey),
             serverPubKey: base_1.hex.encode(params.serverPubKey),
-            csvTimelock: (0, helpers_1.timelockToSequence)(params.csvTimelock).toString(),
+            csvTimelock: (0, timelock_1.timelockToSequence)(params.csvTimelock).toString(),
         };
     },
     deserializeParams(params) {
         const csvTimelock = params.csvTimelock
-            ? (0, helpers_1.sequenceToTimelock)(Number(params.csvTimelock))
+            ? (0, timelock_1.sequenceToTimelock)(Number(params.csvTimelock))
             : default_1.DefaultVtxo.Script.DEFAULT_TIMELOCK;
         return {
             pubKey: extractPubKeyBytes(params.pubKey),

package/dist/cjs/contracts/handlers/delegate.js

@@ -5,6 +5,7 @@ const base_1 = require("@scure/base");
 const delegate_1 = require("../../script/delegate");
 const default_1 = require("../../script/default");
 const helpers_1 = require("./helpers");
+const timelock_1 = require("../../utils/timelock");
 /**
  * Handler for delegate wallet virtual outputs.
  *
@@ -24,12 +25,12 @@ exports.DelegateContractHandler = {
             pubKey: base_1.hex.encode(params.pubKey),
             serverPubKey: base_1.hex.encode(params.serverPubKey),
             delegatePubKey: base_1.hex.encode(params.delegatePubKey),
-            csvTimelock: (0, helpers_1.timelockToSequence)(params.csvTimelock).toString(),
+            csvTimelock: (0, timelock_1.timelockToSequence)(params.csvTimelock).toString(),
         };
     },
     deserializeParams(params) {
         const csvTimelock = params.csvTimelock
-            ? (0, helpers_1.sequenceToTimelock)(Number(params.csvTimelock))
+            ? (0, timelock_1.sequenceToTimelock)(Number(params.csvTimelock))
             : default_1.DefaultVtxo.Script.DEFAULT_TIMELOCK;
         return {
             pubKey: base_1.hex.decode(params.pubKey),

package/dist/cjs/contracts/handlers/helpers.js

@@ -1,44 +1,9 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.timelockToSequence = timelockToSequence;
-exports.sequenceToTimelock = sequenceToTimelock;
 exports.resolveRole = resolveRole;
 exports.isCltvSatisfied = isCltvSatisfied;
 exports.isCsvSpendable = isCsvSpendable;
-const bip68 = __importStar(require("bip68"));
+const timelock_1 = require("../../utils/timelock");
 const descriptor_1 = require("../../identity/descriptor");
 /**
  * Extract raw hex pubkey from a value that may be a descriptor or raw hex.
@@ -56,27 +21,6 @@ function extractRawPubKey(value) {
         return undefined;
     }
 }
-/**
- * Convert RelativeTimelock to BIP68 sequence number.
- */
-function timelockToSequence(timelock) {
-    return bip68.encode(timelock.type === "blocks"
-        ? { blocks: Number(timelock.value) }
-        : { seconds: Number(timelock.value) });
-}
-/**
- * Convert BIP68 sequence number back to RelativeTimelock.
- */
-function sequenceToTimelock(sequence) {
-    const decoded = bip68.decode(sequence);
-    if ("blocks" in decoded && decoded.blocks !== undefined) {
-        return { type: "blocks", value: BigInt(decoded.blocks) };
-    }
-    if ("seconds" in decoded && decoded.seconds !== undefined) {
-        return { type: "seconds", value: BigInt(decoded.seconds) };
-    }
-    throw new Error(`Invalid BIP68 sequence: ${sequence}`);
-}
 /**
  * Resolve wallet's role from explicit role or by matching descriptor/pubkey.
  */
@@ -152,7 +96,7 @@ function isCsvSpendable(context, sequence) {
         return true;
     if (!context.vtxo)
         return false;
-    const timelock = sequenceToTimelock(sequence);
+    const timelock = (0, timelock_1.sequenceToTimelock)(sequence);
     if (timelock.type === "blocks") {
         if (context.blockHeight === undefined ||
             context.vtxo.status.block_height === undefined) {

package/dist/cjs/contracts/handlers/vhtlc.js

@@ -4,6 +4,7 @@ exports.VHTLCContractHandler = void 0;
 const base_1 = require("@scure/base");
 const vhtlc_1 = require("../../script/vhtlc");
 const helpers_1 = require("./helpers");
+const timelock_1 = require("../../utils/timelock");
 /**
  * Handler for Virtual Hash Time Lock Contract (VHTLC).
  *
@@ -32,9 +33,9 @@ exports.VHTLCContractHandler = {
             server: base_1.hex.encode(params.server),
             hash: base_1.hex.encode(params.preimageHash),
             refundLocktime: params.refundLocktime.toString(),
-            claimDelay: (0, helpers_1.timelockToSequence)(params.unilateralClaimDelay).toString(),
-            refundDelay: (0, helpers_1.timelockToSequence)(params.unilateralRefundDelay).toString(),
-            refundNoReceiverDelay: (0, helpers_1.timelockToSequence)(params.unilateralRefundWithoutReceiverDelay).toString(),
+            claimDelay: (0, timelock_1.timelockToSequence)(params.unilateralClaimDelay).toString(),
+            refundDelay: (0, timelock_1.timelockToSequence)(params.unilateralRefundDelay).toString(),
+            refundNoReceiverDelay: (0, timelock_1.timelockToSequence)(params.unilateralRefundWithoutReceiverDelay).toString(),
         };
     },
     deserializeParams(params) {
@@ -44,9 +45,9 @@ exports.VHTLCContractHandler = {
             server: base_1.hex.decode(params.server),
             preimageHash: base_1.hex.decode(params.hash),
             refundLocktime: BigInt(params.refundLocktime),
-            unilateralClaimDelay: (0, helpers_1.sequenceToTimelock)(Number(params.claimDelay)),
-            unilateralRefundDelay: (0, helpers_1.sequenceToTimelock)(Number(params.refundDelay)),
-            unilateralRefundWithoutReceiverDelay: (0, helpers_1.sequenceToTimelock)(Number(params.refundNoReceiverDelay)),
+            unilateralClaimDelay: (0, timelock_1.sequenceToTimelock)(Number(params.claimDelay)),
+            unilateralRefundDelay: (0, timelock_1.sequenceToTimelock)(Number(params.refundDelay)),
+            unilateralRefundWithoutReceiverDelay: (0, timelock_1.sequenceToTimelock)(Number(params.refundNoReceiverDelay)),
         };
     },
     /**

package/dist/cjs/contracts/vtxoOwnership.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.vtxoOutpoint = vtxoOutpoint;
+exports.isVtxoForScript = isVtxoForScript;
+exports.filterVtxosForScript = filterVtxosForScript;
+exports.warnAndFilterVtxosForScript = warnAndFilterVtxosForScript;
+exports.validateVtxosForScript = validateVtxosForScript;
+/**
+ * Tier 1 helpers that enforce VTXO ownership at call sites that already know
+ * the intended contract script. Address-keyed repositories may still hand back
+ * legacy duplicate rows under the wrong bucket; these helpers gate reads and
+ * writes so a wrong-script row never wins.
+ *
+ * `script` is the authoritative ownership key. Equality is strict: a missing
+ * or empty `vtxo.script` never matches.
+ */
+function vtxoOutpoint(vtxo) {
+    return `${vtxo.txid}:${vtxo.vout}`;
+}
+function isVtxoForScript(vtxo, script) {
+    return !!vtxo.script && vtxo.script === script;
+}
+function filterVtxosForScript(vtxos, script) {
+    return vtxos.filter((v) => isVtxoForScript(v, script));
+}
+/**
+ * Background/indexer sync flavour: drop wrong-script rows and log enough
+ * context to identify each rejection. Returns only matching rows so the
+ * caller can keep going.
+ */
+function warnAndFilterVtxosForScript(vtxos, script, context) {
+    const matches = [];
+    const rejected = [];
+    for (const v of vtxos) {
+        if (isVtxoForScript(v, script)) {
+            matches.push(v);
+        }
+        else {
+            rejected.push(`${vtxoOutpoint(v)}(script=${v.script ?? ""})`);
+        }
+    }
+    if (rejected.length > 0) {
+        console.warn(`${context}: dropped ${rejected.length} wrong-script VTXO(s) for script ${script}: ${rejected.join(", ")}`);
+    }
+    return matches;
+}
+/**
+ * User-initiated transaction/signing flavour: throw before persisting or
+ * signing inconsistent ownership state. Silently skipping here would hide a
+ * serious bug in the wallet's spend path.
+ */
+function validateVtxosForScript(vtxos, script, context) {
+    const mismatches = vtxos.filter((v) => !isVtxoForScript(v, script));
+    if (mismatches.length === 0)
+        return;
+    const detail = mismatches
+        .map((v) => `${vtxoOutpoint(v)}(script=${v.script ?? ""})`)
+        .join(", ");
+    throw new Error(`${context}: refusing to persist ${mismatches.length} VTXO(s) whose script does not match ${script}: ${detail}`);
+}

package/dist/cjs/identity/descriptor.js

@@ -1,13 +1,80 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.isMainnetDescriptor = isMainnetDescriptor;
+exports.descriptorIsOurs = descriptorIsOurs;
 exports.isDescriptor = isDescriptor;
 exports.normalizeToDescriptor = normalizeToDescriptor;
 exports.extractPubKey = extractPubKey;
 exports.parseHDDescriptor = parseHDDescriptor;
 const descriptors_scure_1 = require("@bitcoinerlab/descriptors-scure");
 const base_1 = require("@scure/base");
-function inferNetwork(descriptor) {
-    return descriptor.includes("tpub") ? descriptors_scure_1.networks.testnet : descriptors_scure_1.networks.bitcoin;
+/**
+ * True iff `descriptor` is a Bitcoin mainnet descriptor (xpub-prefixed
+ * BIP32 key).
+ *
+ * Note: testnet, signet, regtest, mutinynet, and other non-mainnet
+ * networks all share the same `tpub` BIP32 version bytes — they cannot
+ * be distinguished from one another at the descriptor level. Callers
+ * that need a `Network` constants object for `expand()` pick
+ * `networks.bitcoin` vs `networks.testnet` themselves; callers that
+ * need the *actual* network the wallet is on must track that
+ * out-of-band.
+ */
+function isMainnetDescriptor(descriptor) {
+    return !descriptor.includes("tpub");
+}
+/**
+ * Shared "does `candidate` belong to the identity backed by
+ * `ourDescriptor`?" predicate.
+ *
+ * - HD descriptors (expanding to a `bip32` key) match by account xpub
+ *   on both sides — index-agnostic, so a wildcard template and any
+ *   concrete index under it all collapse to the same xpub.
+ * - Bare `tr(pubkey)` candidates fall back to comparing the candidate
+ *   pubkey against `ourXOnlyPubkey` (the cached pubkey on the identity
+ *   side, since pulling it from `ourDescriptor` would require an index
+ *   substitution the caller already performed).
+ */
+function descriptorIsOurs(candidate, ourDescriptor, ourXOnlyPubkey) {
+    if (!isDescriptor(candidate))
+        return false;
+    try {
+        const candidateInfo = (0, descriptors_scure_1.expand)({
+            descriptor: candidate,
+            network: isMainnetDescriptor(candidate)
+                ? descriptors_scure_1.networks.bitcoin
+                : descriptors_scure_1.networks.testnet,
+        }).expansionMap?.["@0"];
+        if (!candidateInfo)
+            return false;
+        if (candidateInfo.bip32) {
+            const ourBip32 = (0, descriptors_scure_1.expand)({
+                descriptor: ourDescriptor,
+                network: isMainnetDescriptor(ourDescriptor)
+                    ? descriptors_scure_1.networks.bitcoin
+                    : descriptors_scure_1.networks.testnet,
+            }).expansionMap?.["@0"]?.bip32;
+            if (!ourBip32)
+                return false;
+            return ourBip32.toBase58() === candidateInfo.bip32.toBase58();
+        }
+        if (candidateInfo.pubkey) {
+            // For tr() the library hands back a 32-byte x-only key, but
+            // strip a leading parity byte defensively so a 33-byte
+            // compressed key (mismatched length) doesn't silently
+            // false-negative against our 32-byte x-only side.
+            const candidatePub = candidateInfo.pubkey.length === 33
+                ? candidateInfo.pubkey.subarray(1)
+                : candidateInfo.pubkey;
+            if (candidatePub.length !== ourXOnlyPubkey.length)
+                return false;
+            return base_1.hex.encode(candidatePub) === base_1.hex.encode(ourXOnlyPubkey);
+        }
+        return false;
+    }
+    catch {
+        return false;
+    }
 }
 /**
  * Check if a string is a descriptor of the shape `tr(...)`.
@@ -49,7 +116,9 @@ function extractPubKey(descriptor) {
     if (!isDescriptor(descriptor)) {
         return descriptor;
     }
-    const network = inferNetwork(descriptor);
+    const network = isMainnetDescriptor(descriptor)
+        ? descriptors_scure_1.networks.bitcoin
+        : descriptors_scure_1.networks.testnet;
     const expansion = (0, descriptors_scure_1.expand)({ descriptor, network });
     if (!expansion.expansionMap) {
         throw new Error("Cannot extract pubkey from descriptor: expansion failed.");
@@ -76,7 +145,9 @@ function parseHDDescriptor(descriptor) {
     }
     let expansion;
     try {
-        const network = inferNetwork(descriptor);
+        const network = isMainnetDescriptor(descriptor)
+            ? descriptors_scure_1.networks.bitcoin
+            : descriptors_scure_1.networks.testnet;
         expansion = (0, descriptors_scure_1.expand)({ descriptor, network });
     }
     catch {

package/dist/cjs/identity/hdCapableIdentity.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });