@bitcoinerlab/descriptors 2.2.0 → 2.3.0

package/README.md

@@ -77,6 +77,16 @@ For miniscript-based descriptors, the `signersPubKeys` parameter in the constuct
 
 The `Output` class [offers various helpful methods](https://bitcoinerlab.com/modules/descriptors/api/classes/_Internal_.Output.html), including `getAddress()`, which returns the address associated with the descriptor, `getScriptPubKey()`, which returns the `scriptPubKey` for the descriptor, `expand()`, which decomposes a descriptor into its elemental parts, `updatePsbtAsInput()` and `updatePsbtAsOutput()`.
 
+ The library supports a wide range of descriptor types, including:
+ - Pay-to-Public-Key-Hash (P2PKH): `pkh(KEY)`
+ - Pay-to-Witness-Public-Key-Hash (P2WPKH): `wpkh(KEY)`
+ - Pay-to-Script-Hash (P2SH): `sh(SCRIPT)`
+ - Pay-to-Witness-Script-Hash (P2WSH): `wsh(SCRIPT)`
+ - Pay-to-Taproot (P2TR) with single key: `tr(KEY)`
+ - Address-based descriptors: `addr(ADDRESS)`, including Taproot addresses
+
+ These descriptors can be used with various key expressions, including raw public keys, BIP32 derivation paths, and more.
+
 The `updatePsbtAsInput()` method is an essential part of the library, responsible for adding an input to the PSBT corresponding to the UTXO  described by the descriptor. Additionally, when the descriptor expresses an absolute time-spending condition, such as "This UTXO can only be spent after block N", `updatePsbtAsInput()` adds timelock information to the PSBT.
 
 To call `updatePsbtAsInput()`, use the following syntax:

package/dist/applyPR2137.d.ts

@@ -0,0 +1,2 @@
+import type { Psbt } from 'bitcoinjs-lib';
+export declare const applyPR2137: (psbt: Psbt) => void;

package/dist/applyPR2137.js

@@ -0,0 +1,123 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.applyPR2137 = void 0;
+const utils_1 = require("bip174/src/lib/utils");
+const bip341_1 = require("bitcoinjs-lib/src/payments/bip341");
+const bip371_1 = require("bitcoinjs-lib/src/psbt/bip371");
+const crypto_1 = require("bitcoinjs-lib/src/crypto");
+const toXOnly = (pubKey) => pubKey.length === 32 ? pubKey : pubKey.slice(1, 33);
+function range(n) {
+    return [...Array(n).keys()];
+}
+function tapBranchHash(a, b) {
+    return (0, crypto_1.taggedHash)('TapBranch', Buffer.concat([a, b]));
+}
+function calculateScriptTreeMerkleRoot(leafHashes) {
+    if (!leafHashes || leafHashes.length === 0) {
+        return undefined;
+    }
+    // sort the leaf nodes
+    leafHashes.sort(Buffer.compare);
+    // create the initial hash node
+    let currentLevel = leafHashes;
+    // build Merkle Tree
+    while (currentLevel.length > 1) {
+        const nextLevel = [];
+        for (let i = 0; i < currentLevel.length; i += 2) {
+            const left = currentLevel[i];
+            const right = i + 1 < currentLevel.length ? currentLevel[i + 1] : left;
+            nextLevel.push(i + 1 < currentLevel.length ? tapBranchHash(left, right) : left);
+        }
+        currentLevel = nextLevel;
+    }
+    return currentLevel[0];
+}
+function getTweakSignersFromHD(inputIndex, inputs, hdKeyPair) {
+    const input = (0, utils_1.checkForInput)(inputs, inputIndex);
+    if (!input.tapBip32Derivation || input.tapBip32Derivation.length === 0) {
+        throw new Error('Need tapBip32Derivation to sign with HD');
+    }
+    const myDerivations = input.tapBip32Derivation
+        .map(bipDv => {
+        if (bipDv.masterFingerprint.equals(hdKeyPair.fingerprint)) {
+            return bipDv;
+        }
+        else {
+            return;
+        }
+    })
+        .filter(v => !!v);
+    if (myDerivations.length === 0) {
+        throw new Error('Need one tapBip32Derivation masterFingerprint to match the HDSigner fingerprint');
+    }
+    const signers = myDerivations.map(bipDv => {
+        const node = hdKeyPair.derivePath(bipDv.path);
+        if (!bipDv.pubkey.equals(toXOnly(node.publicKey))) {
+            throw new Error('pubkey did not match tapBip32Derivation');
+        }
+        const h = calculateScriptTreeMerkleRoot(bipDv.leafHashes);
+        const tweakValue = (0, bip341_1.tapTweakHash)(toXOnly(node.publicKey), h);
+        return node.tweak(tweakValue);
+    });
+    return signers;
+}
+function getSignersFromHD(inputIndex, inputs, hdKeyPair) {
+    const input = (0, utils_1.checkForInput)(inputs, inputIndex);
+    if ((0, bip371_1.isTaprootInput)(input)) {
+        return getTweakSignersFromHD(inputIndex, inputs, hdKeyPair);
+    }
+    if (!input.bip32Derivation || input.bip32Derivation.length === 0) {
+        throw new Error('Need bip32Derivation to sign with HD');
+    }
+    const myDerivations = input.bip32Derivation
+        .map(bipDv => {
+        if (bipDv.masterFingerprint.equals(hdKeyPair.fingerprint)) {
+            return bipDv;
+        }
+        else {
+            return;
+        }
+    })
+        .filter(v => !!v);
+    if (myDerivations.length === 0) {
+        throw new Error('Need one bip32Derivation masterFingerprint to match the HDSigner fingerprint');
+    }
+    const signers = myDerivations.map(bipDv => {
+        const node = hdKeyPair.derivePath(bipDv.path);
+        if (!bipDv.pubkey.equals(node.publicKey)) {
+            throw new Error('pubkey did not match bip32Derivation');
+        }
+        return node;
+    });
+    return signers;
+}
+const applyPR2137 = (psbt) => {
+    psbt.signInputHD = function signInputHD(inputIndex, hdKeyPair, sighashTypes) {
+        if (!hdKeyPair || !hdKeyPair.publicKey || !hdKeyPair.fingerprint) {
+            throw new Error('Need HDSigner to sign input');
+        }
+        const signers = getSignersFromHD(inputIndex, this.data.inputs, hdKeyPair);
+        signers.forEach(signer => this.signInput(inputIndex, signer, sighashTypes));
+        return this;
+    };
+    psbt.signAllInputsHD = function signAllInputsHD(hdKeyPair, sighashTypes) {
+        if (!hdKeyPair || !hdKeyPair.publicKey || !hdKeyPair.fingerprint) {
+            throw new Error('Need HDSigner to sign input');
+        }
+        const results = [];
+        for (const i of range(psbt.data.inputs.length)) {
+            try {
+                psbt.signInputHD(i, hdKeyPair, sighashTypes);
+                results.push(true);
+            }
+            catch (err) {
+                results.push(false);
+            }
+        }
+        if (results.every(v => v === false)) {
+            throw new Error('No inputs were signed');
+        }
+        return psbt;
+    };
+};
+exports.applyPR2137 = applyPR2137;

package/dist/descriptors.d.ts

@@ -47,6 +47,7 @@ export declare function DescriptorsFactory(ecc: TinySecp256k1Interface): {
             readonly "__#1@#witnessScript"?: Buffer;
             readonly "__#1@#redeemScript"?: Buffer;
             readonly "__#1@#isSegwit"?: boolean;
+            readonly "__#1@#isTaproot"?: boolean;
             readonly "__#1@#expandedExpression"?: string;
             readonly "__#1@#expandedMiniscript"?: string;
             readonly "__#1@#expansionMap"?: ExpansionMap;
@@ -125,13 +126,29 @@ export declare function DescriptorsFactory(ecc: TinySecp256k1Interface): {
              */
             isSegwit(): boolean | undefined;
             /**
-             * Returns the tuple: `{ isPKH: boolean; isWPKH: boolean; isSH: boolean; }`
-             * for this Output.
+             * Whether this `Output` is Taproot.
+             */
+            isTaproot(): boolean | undefined;
+            /**
+             * Attempts to determine the type of output script by testing it against
+             * various payment types.
+             *
+             * This method tries to identify if the output is one of the following types:
+             * - P2SH (Pay to Script Hash)
+             * - P2WSH (Pay to Witness Script Hash)
+             * - P2WPKH (Pay to Witness Public Key Hash)
+             * - P2PKH (Pay to Public Key Hash)
+             * - P2TR (Pay to Taproot)
+             *
+             * @returns An object { isPKH: boolean; isWPKH: boolean; isSH: boolean; isWSH: boolean; isTR: boolean;}
+             * with boolean properties indicating the detected output type
              */
             guessOutput(): {
                 isPKH: boolean;
                 isWPKH: boolean;
                 isSH: boolean;
+                isWSH: boolean;
+                isTR: boolean;
             };
             /**
              * Computes the Weight Unit contributions of this Output as if it were the
@@ -140,8 +157,12 @@ export declare function DescriptorsFactory(ecc: TinySecp256k1Interface): {
              * *NOTE:* When the descriptor in an input is `addr(address)`, it is assumed
              * that any `addr(SH_TYPE_ADDRESS)` is in fact a Segwit `SH_WPKH`
              * (Script Hash-Witness Public Key Hash).
+             *, Also any `addr(SINGLE_KEY_ADDRESS)` * is assumed to be a single key Taproot
+             * address (like those defined in BIP86).
              * For inputs using arbitrary scripts (not standard addresses),
-             * use a descriptor in the format `sh(MINISCRIPT)`.
+             * use a descriptor in the format `sh(MINISCRIPT)` or `tr(MINISCRIPT)`.
+             * Note however that tr(MINISCRIPT) is not yet supported for non-single-key
+             * expressions.
              */
             inputWeight(isSegwitTx: boolean, signatures: PartialSig[] | 'DANGEROUSLY_USE_FAKE_SIGNATURES'): number;
             /**
@@ -339,6 +360,7 @@ export declare function DescriptorsFactory(ecc: TinySecp256k1Interface): {
             readonly "__#1@#witnessScript"?: Buffer;
             readonly "__#1@#redeemScript"?: Buffer;
             readonly "__#1@#isSegwit"?: boolean;
+            readonly "__#1@#isTaproot"?: boolean;
             readonly "__#1@#expandedExpression"?: string;
             readonly "__#1@#expandedMiniscript"?: string;
             readonly "__#1@#expansionMap"?: ExpansionMap;
@@ -417,13 +439,29 @@ export declare function DescriptorsFactory(ecc: TinySecp256k1Interface): {
              */
             isSegwit(): boolean | undefined;
             /**
-             * Returns the tuple: `{ isPKH: boolean; isWPKH: boolean; isSH: boolean; }`
-             * for this Output.
+             * Whether this `Output` is Taproot.
+             */
+            isTaproot(): boolean | undefined;
+            /**
+             * Attempts to determine the type of output script by testing it against
+             * various payment types.
+             *
+             * This method tries to identify if the output is one of the following types:
+             * - P2SH (Pay to Script Hash)
+             * - P2WSH (Pay to Witness Script Hash)
+             * - P2WPKH (Pay to Witness Public Key Hash)
+             * - P2PKH (Pay to Public Key Hash)
+             * - P2TR (Pay to Taproot)
+             *
+             * @returns An object { isPKH: boolean; isWPKH: boolean; isSH: boolean; isWSH: boolean; isTR: boolean;}
+             * with boolean properties indicating the detected output type
              */
             guessOutput(): {
                 isPKH: boolean;
                 isWPKH: boolean;
                 isSH: boolean;
+                isWSH: boolean;
+                isTR: boolean;
             };
             /**
              * Computes the Weight Unit contributions of this Output as if it were the
@@ -432,8 +470,12 @@ export declare function DescriptorsFactory(ecc: TinySecp256k1Interface): {
              * *NOTE:* When the descriptor in an input is `addr(address)`, it is assumed
              * that any `addr(SH_TYPE_ADDRESS)` is in fact a Segwit `SH_WPKH`
              * (Script Hash-Witness Public Key Hash).
+             *, Also any `addr(SINGLE_KEY_ADDRESS)` * is assumed to be a single key Taproot
+             * address (like those defined in BIP86).
              * For inputs using arbitrary scripts (not standard addresses),
-             * use a descriptor in the format `sh(MINISCRIPT)`.
+             * use a descriptor in the format `sh(MINISCRIPT)` or `tr(MINISCRIPT)`.
+             * Note however that tr(MINISCRIPT) is not yet supported for non-single-key
+             * expressions.
              */
             inputWeight(isSegwitTx: boolean, signatures: PartialSig[] | 'DANGEROUSLY_USE_FAKE_SIGNATURES'): number;
             /**

package/dist/descriptors.js

@@ -1,5 +1,5 @@
 "use strict";
-// Copyright (c) 2023 Jose-Luis Landabaso - https://bitcoinerlab.com
+// Copyright (c) 2025 Jose-Luis Landabaso - https://bitcoinerlab.com
 // Distributed under the MIT software license
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
@@ -148,18 +148,31 @@ function evaluate({ descriptor, checksumRequired, index }) {
  * [@bitcoinerlab/secp256k1](https://github.com/bitcoinerlab/secp256k1).
  */
 function DescriptorsFactory(ecc) {
-    var _Output_instances, _Output_payment, _Output_preimages, _Output_signersPubKeys, _Output_miniscript, _Output_witnessScript, _Output_redeemScript, _Output_isSegwit, _Output_expandedExpression, _Output_expandedMiniscript, _Output_expansionMap, _Output_network, _Output_getTimeConstraints, _Output_assertPsbtInput;
+    var _Output_instances, _Output_payment, _Output_preimages, _Output_signersPubKeys, _Output_miniscript, _Output_witnessScript, _Output_redeemScript, _Output_isSegwit, _Output_isTaproot, _Output_expandedExpression, _Output_expandedMiniscript, _Output_expansionMap, _Output_network, _Output_getTimeConstraints, _Output_assertPsbtInput;
+    (0, bitcoinjs_lib_1.initEccLib)(ecc); //Taproot requires initEccLib
     const BIP32 = (0, bip32_1.BIP32Factory)(ecc);
     const ECPair = (0, ecpair_1.ECPairFactory)(ecc);
-    const signatureValidator = (pubkey, msghash, signature) => ECPair.fromPublicKey(pubkey).verify(msghash, signature);
+    const signatureValidator = (pubkey, msghash, signature) => {
+        if (pubkey.length === 32) {
+            //x-only
+            if (!ecc.verifySchnorr) {
+                throw new Error('TinySecp256k1Interface is not initialized properly: verifySchnorr is missing.');
+            }
+            return ecc.verifySchnorr(msghash, pubkey, signature);
+        }
+        else {
+            return ECPair.fromPublicKey(pubkey).verify(msghash, signature);
+        }
+    };
     /**
      * Takes a string key expression (xpub, xprv, pubkey or wif) and parses it
      */
-    const parseKeyExpression = ({ keyExpression, isSegwit, network = bitcoinjs_lib_1.networks.bitcoin }) => {
+    const parseKeyExpression = ({ keyExpression, isSegwit, isTaproot, network = bitcoinjs_lib_1.networks.bitcoin }) => {
         return (0, keyExpressions_1.parseKeyExpression)({
             keyExpression,
             network,
             ...(typeof isSegwit === 'boolean' ? { isSegwit } : {}),
+            ...(typeof isTaproot === 'boolean' ? { isTaproot } : {}),
             ECPair,
             BIP32
         });
@@ -179,6 +192,7 @@ function DescriptorsFactory(ecc) {
         let miniscript;
         let expansionMap;
         let isSegwit;
+        let isTaproot;
         let expandedMiniscript;
         let payment;
         let witnessScript;
@@ -212,27 +226,32 @@ function DescriptorsFactory(ecc) {
             try {
                 payment = p2pkh({ output, network });
                 isSegwit = false;
+                isTaproot = false;
             }
             catch (e) { }
             try {
                 payment = p2sh({ output, network });
                 // It assumes that an addr(SH_ADDRESS) is always a add(SH_WPKH) address
                 isSegwit = true;
+                isTaproot = false;
             }
             catch (e) { }
             try {
                 payment = p2wpkh({ output, network });
                 isSegwit = true;
+                isTaproot = false;
             }
             catch (e) { }
             try {
                 payment = p2wsh({ output, network });
                 isSegwit = true;
+                isTaproot = false;
             }
             catch (e) { }
             try {
                 payment = p2tr({ output, network });
                 isSegwit = true;
+                isTaproot = true;
             }
             catch (e) { }
             if (!payment) {
@@ -242,7 +261,8 @@ function DescriptorsFactory(ecc) {
         //pk(KEY)
         else if (canonicalExpression.match(RE.rePkAnchored)) {
             isSegwit = false;
-            const keyExpression = canonicalExpression.match(RE.reKeyExp)?.[0];
+            isTaproot = false;
+            const keyExpression = canonicalExpression.match(RE.reNonSegwitKeyExp)?.[0];
             if (!keyExpression)
                 throw new Error(`Error: keyExpression could not me extracted`);
             if (canonicalExpression !== `pk(${keyExpression})`)
@@ -261,7 +281,8 @@ function DescriptorsFactory(ecc) {
         //pkh(KEY) - legacy
         else if (canonicalExpression.match(RE.rePkhAnchored)) {
             isSegwit = false;
-            const keyExpression = canonicalExpression.match(RE.reKeyExp)?.[0];
+            isTaproot = false;
+            const keyExpression = canonicalExpression.match(RE.reNonSegwitKeyExp)?.[0];
             if (!keyExpression)
                 throw new Error(`Error: keyExpression could not me extracted`);
             if (canonicalExpression !== `pkh(${keyExpression})`)
@@ -279,7 +300,8 @@ function DescriptorsFactory(ecc) {
         //sh(wpkh(KEY)) - nested segwit
         else if (canonicalExpression.match(RE.reShWpkhAnchored)) {
             isSegwit = true;
-            const keyExpression = canonicalExpression.match(RE.reKeyExp)?.[0];
+            isTaproot = false;
+            const keyExpression = canonicalExpression.match(RE.reSegwitKeyExp)?.[0];
             if (!keyExpression)
                 throw new Error(`Error: keyExpression could not me extracted`);
             if (canonicalExpression !== `sh(wpkh(${keyExpression}))`)
@@ -300,7 +322,8 @@ function DescriptorsFactory(ecc) {
         //wpkh(KEY) - native segwit
         else if (canonicalExpression.match(RE.reWpkhAnchored)) {
             isSegwit = true;
-            const keyExpression = canonicalExpression.match(RE.reKeyExp)?.[0];
+            isTaproot = false;
+            const keyExpression = canonicalExpression.match(RE.reSegwitKeyExp)?.[0];
             if (!keyExpression)
                 throw new Error(`Error: keyExpression could not me extracted`);
             if (canonicalExpression !== `wpkh(${keyExpression})`)
@@ -318,6 +341,7 @@ function DescriptorsFactory(ecc) {
         //sh(wsh(miniscript))
         else if (canonicalExpression.match(RE.reShWshMiniscriptAnchored)) {
             isSegwit = true;
+            isTaproot = false;
             miniscript = canonicalExpression.match(RE.reShWshMiniscriptAnchored)?.[1]; //[1]-> whatever is found sh(wsh(->HERE<-))
             if (!miniscript)
                 throw new Error(`Error: could not get miniscript in ${descriptor}`);
@@ -351,6 +375,7 @@ function DescriptorsFactory(ecc) {
             //isSegwit false because we know it's a P2SH of a miniscript and not a
             //P2SH that embeds a witness payment.
             isSegwit = false;
+            isTaproot = false;
             miniscript = canonicalExpression.match(RE.reShMiniscriptAnchored)?.[1]; //[1]-> whatever is found sh(->HERE<-)
             if (!miniscript)
                 throw new Error(`Error: could not get miniscript in ${descriptor}`);
@@ -383,6 +408,7 @@ function DescriptorsFactory(ecc) {
         //wsh(miniscript)
         else if (canonicalExpression.match(RE.reWshMiniscriptAnchored)) {
             isSegwit = true;
+            isTaproot = false;
             miniscript = canonicalExpression.match(RE.reWshMiniscriptAnchored)?.[1]; //[1]-> whatever is found wsh(->HERE<-)
             if (!miniscript)
                 throw new Error(`Error: could not get miniscript in ${descriptor}`);
@@ -405,6 +431,36 @@ function DescriptorsFactory(ecc) {
                 payment = p2wsh({ redeem: { output: script, network }, network });
             }
         }
+        //tr(KEY) - taproot - TODO: tr(KEY,TREE) not yet supported
+        else if (canonicalExpression.match(RE.reTrSingleKeyAnchored)) {
+            isSegwit = true;
+            isTaproot = true;
+            const keyExpression = canonicalExpression.match(RE.reTaprootKeyExp)?.[0];
+            if (!keyExpression)
+                throw new Error(`Error: keyExpression could not me extracted`);
+            if (canonicalExpression !== `tr(${keyExpression})`)
+                throw new Error(`Error: invalid expression ${expression}`);
+            expandedExpression = 'tr(@0)';
+            const pKE = parseKeyExpression({
+                keyExpression,
+                network,
+                isSegwit,
+                isTaproot
+            });
+            expansionMap = { '@0': pKE };
+            if (!isCanonicalRanged) {
+                const pubkey = pKE.pubkey;
+                if (!pubkey)
+                    throw new Error(`Error: could not extract a pubkey from ${expression}`);
+                payment = p2tr({ internalPubkey: pubkey, network });
+                //console.log('TRACE', {
+                //  pKE,
+                //  pubkey: pubkey?.toString('hex'),
+                //  payment,
+                //  paymentPubKey: payment.pubkey
+                //});
+            }
+        }
         else {
             throw new Error(`Error: Could not parse descriptor ${descriptor}`);
         }
@@ -414,6 +470,7 @@ function DescriptorsFactory(ecc) {
             ...(miniscript !== undefined ? { miniscript } : {}),
             ...(expansionMap !== undefined ? { expansionMap } : {}),
             ...(isSegwit !== undefined ? { isSegwit } : {}),
+            ...(isTaproot !== undefined ? { isTaproot } : {}),
             ...(expandedMiniscript !== undefined ? { expandedMiniscript } : {}),
             ...(redeemScript !== undefined ? { redeemScript } : {}),
             ...(witnessScript !== undefined ? { witnessScript } : {}),
@@ -432,6 +489,7 @@ function DescriptorsFactory(ecc) {
         return (0, miniscript_1.expandMiniscript)({
             miniscript,
             isSegwit,
+            isTaproot: false,
             network,
             BIP32,
             ECPair
@@ -459,6 +517,7 @@ function DescriptorsFactory(ecc) {
             //isSegwit true if witnesses are needed to the spend coins sent to this descriptor.
             //may be unset because we may get addr(P2SH) which we don't know if they have segwit.
             _Output_isSegwit.set(this, void 0);
+            _Output_isTaproot.set(this, void 0);
             _Output_expandedExpression.set(this, void 0);
             _Output_expandedMiniscript.set(this, void 0);
             _Output_expansionMap.set(this, void 0);
@@ -487,6 +546,8 @@ function DescriptorsFactory(ecc) {
                 __classPrivateFieldSet(this, _Output_expansionMap, expandedResult.expansionMap, "f");
             if (expandedResult.isSegwit !== undefined)
                 __classPrivateFieldSet(this, _Output_isSegwit, expandedResult.isSegwit, "f");
+            if (expandedResult.isTaproot !== undefined)
+                __classPrivateFieldSet(this, _Output_isTaproot, expandedResult.isTaproot, "f");
             if (expandedResult.expandedMiniscript !== undefined)
                 __classPrivateFieldSet(this, _Output_expandedMiniscript, expandedResult.expandedMiniscript, "f");
             if (expandedResult.redeemScript !== undefined)
@@ -671,8 +732,24 @@ function DescriptorsFactory(ecc) {
             return __classPrivateFieldGet(this, _Output_isSegwit, "f");
         }
         /**
-         * Returns the tuple: `{ isPKH: boolean; isWPKH: boolean; isSH: boolean; }`
-         * for this Output.
+         * Whether this `Output` is Taproot.
+         */
+        isTaproot() {
+            return __classPrivateFieldGet(this, _Output_isTaproot, "f");
+        }
+        /**
+         * Attempts to determine the type of output script by testing it against
+         * various payment types.
+         *
+         * This method tries to identify if the output is one of the following types:
+         * - P2SH (Pay to Script Hash)
+         * - P2WSH (Pay to Witness Script Hash)
+         * - P2WPKH (Pay to Witness Public Key Hash)
+         * - P2PKH (Pay to Public Key Hash)
+         * - P2TR (Pay to Taproot)
+         *
+         * @returns An object { isPKH: boolean; isWPKH: boolean; isSH: boolean; isWSH: boolean; isTR: boolean;}
+         * with boolean properties indicating the detected output type
          */
         guessOutput() {
             function guessSH(output) {
@@ -684,6 +761,15 @@ function DescriptorsFactory(ecc) {
                     return false;
                 }
             }
+            function guessWSH(output) {
+                try {
+                    bitcoinjs_lib_1.payments.p2wsh({ output });
+                    return true;
+                }
+                catch (err) {
+                    return false;
+                }
+            }
             function guessWPKH(output) {
                 try {
                     bitcoinjs_lib_1.payments.p2wpkh({ output });
@@ -702,18 +788,30 @@ function DescriptorsFactory(ecc) {
                     return false;
                 }
             }
+            function guessTR(output) {
+                try {
+                    bitcoinjs_lib_1.payments.p2tr({ output });
+                    return true;
+                }
+                catch (err) {
+                    return false;
+                }
+            }
             const isPKH = guessPKH(this.getScriptPubKey());
             const isWPKH = guessWPKH(this.getScriptPubKey());
             const isSH = guessSH(this.getScriptPubKey());
-            if ([isPKH, isWPKH, isSH].filter(Boolean).length > 1)
+            const isWSH = guessWSH(this.getScriptPubKey());
+            const isTR = guessTR(this.getScriptPubKey());
+            if ([isPKH, isWPKH, isSH, isWSH, isTR].filter(Boolean).length > 1)
                 throw new Error('Cannot have multiple output types.');
-            return { isPKH, isWPKH, isSH };
+            return { isPKH, isWPKH, isSH, isWSH, isTR };
         }
         // References for inputWeight & outputWeight:
         // https://gist.github.com/junderw/b43af3253ea5865ed52cb51c200ac19c
         // https://bitcoinops.org/en/tools/calc-size/
         // Look for byteLength: https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/ts_src/transaction.ts
         // https://github.com/bitcoinjs/coinselect/blob/master/utils.js
+        // https://bitcoin.stackexchange.com/questions/111395/what-is-the-weight-of-a-p2tr-input
         /**
          * Computes the Weight Unit contributions of this Output as if it were the
          * input in a tx.
@@ -721,8 +819,12 @@ function DescriptorsFactory(ecc) {
          * *NOTE:* When the descriptor in an input is `addr(address)`, it is assumed
          * that any `addr(SH_TYPE_ADDRESS)` is in fact a Segwit `SH_WPKH`
          * (Script Hash-Witness Public Key Hash).
+         *, Also any `addr(SINGLE_KEY_ADDRESS)` * is assumed to be a single key Taproot
+         * address (like those defined in BIP86).
          * For inputs using arbitrary scripts (not standard addresses),
-         * use a descriptor in the format `sh(MINISCRIPT)`.
+         * use a descriptor in the format `sh(MINISCRIPT)` or `tr(MINISCRIPT)`.
+         * Note however that tr(MINISCRIPT) is not yet supported for non-single-key
+         * expressions.
          */
         inputWeight(
         /**
@@ -737,21 +839,23 @@ function DescriptorsFactory(ecc) {
         /*
          *  Array of `PartialSig`. Each `PartialSig` includes
          *  a public key and its corresponding signature. This parameter
-         *  enables the accurate calculation of signature sizes.
-         *  Pass 'DANGEROUSLY_USE_FAKE_SIGNATURES' to assume 72 bytes in length.
+         *  enables the accurate calculation of signature sizes for ECDSA.
+         *  Pass 'DANGEROUSLY_USE_FAKE_SIGNATURES' to assume 72 bytes in length
+         *  for ECDSA.
+         *  Schnorr signatures are always 64 bytes.
          *  Mainly used for testing.
          */
         signatures) {
             if (this.isSegwit() && !isSegwitTx)
                 throw new Error(`a tx is segwit if at least one input is segwit`);
-            const errorMsg = 'Input type not implemented. Currently supported: pkh(KEY), wpkh(KEY), \
-    sh(wpkh(KEY)), sh(wsh(MINISCRIPT)), sh(MINISCRIPT), wsh(MINISCRIPT), \
-    addr(PKH_ADDRESS), addr(WPKH_ADDRESS), addr(SH_WPKH_ADDRESS).';
+            const errorMsg = 'Input type not implemented. Currently supported: pkh(KEY), wpkh(KEY), tr(KEY), \
+sh(wpkh(KEY)), sh(wsh(MINISCRIPT)), sh(MINISCRIPT), wsh(MINISCRIPT), \
+addr(PKH_ADDRESS), addr(WPKH_ADDRESS), addr(SH_WPKH_ADDRESS), addr(SINGLE_KEY_ADDRESS).';
             //expand any miniscript-based descriptor. If not miniscript-based, then it's
             //an addr() descriptor. For those, we can only guess their type.
             const expansion = this.expand().expandedExpression;
-            const { isPKH, isWPKH, isSH } = this.guessOutput();
-            if (!expansion && !isPKH && !isWPKH && !isSH)
+            const { isPKH, isWPKH, isSH, isTR } = this.guessOutput();
+            if (!expansion && !isPKH && !isWPKH && !isSH && !isTR)
                 throw new Error(errorMsg);
             const firstSignature = signatures && typeof signatures[0] === 'object'
                 ? signatures[0]
@@ -842,6 +946,17 @@ function DescriptorsFactory(ecc) {
                 4 * (40 + varSliceSize(payment.input)) +
                     //Segwit
                     vectorSize(payment.witness));
+                //when addr(SINGLE_KEY_ADDRESS) or tr(KEY) (single key):
+                //TODO: only single-key taproot outputs currently supported
+            }
+            else if (isTR && (!expansion || expansion === 'tr(@0)')) {
+                if (!isSegwitTx)
+                    throw new Error('Should be SegwitTx');
+                return (
+                // Non-segwit: (txid:32) + (vout:4) + (sequence:4) + (script_len:1)
+                41 * 4 +
+                    // Segwit: (push_count:1) + (sig_length(1) + schnorr_sig(64): 65)
+                    (1 + 65));
             }
             else {
                 throw new Error(errorMsg);
@@ -852,14 +967,14 @@ function DescriptorsFactory(ecc) {
          * output in a tx.
          */
         outputWeight() {
-            const errorMsg = 'Output type not implemented. Currently supported: pkh(KEY), wpkh(KEY), \
-    sh(ANYTHING), wsh(ANYTHING), addr(PKH_ADDRESS), addr(WPKH_ADDRESS), \
-    addr(SH_WPKH_ADDRESS)';
+            const errorMsg = 'Output type not implemented. Currently supported: pkh(KEY), wpkh(KEY), tr(ANYTHING), \
+sh(ANYTHING), wsh(ANYTHING), addr(PKH_ADDRESS), addr(WPKH_ADDRESS), \
+addr(SH_WPKH_ADDRESS), addr(TR_ADDRESS)';
             //expand any miniscript-based descriptor. If not miniscript-based, then it's
             //an addr() descriptor. For those, we can only guess their type.
             const expansion = this.expand().expandedExpression;
-            const { isPKH, isWPKH, isSH } = this.guessOutput();
-            if (!expansion && !isPKH && !isWPKH && !isSH)
+            const { isPKH, isWPKH, isSH, isWSH, isTR } = this.guessOutput();
+            if (!expansion && !isPKH && !isWPKH && !isSH && !isTR)
                 throw new Error(errorMsg);
             if (expansion ? expansion.startsWith('pkh(') : isPKH) {
                 // (p2pkh:26) + (amount:8)
@@ -873,10 +988,14 @@ function DescriptorsFactory(ecc) {
                 // (p2sh:24) + (amount:8)
                 return 32 * 4;
             }
-            else if (expansion?.startsWith('wsh(')) {
+            else if (expansion ? expansion.startsWith('wsh(') : isWSH) {
                 // (p2wsh:35) + (amount:8)
                 return 43 * 4;
             }
+            else if (expansion ? expansion.startsWith('tr(') : isTR) {
+                // (script_pubKey_length:1) + (p2t2(OP_1 OP_PUSH32 <schnorr_public_key>):34) + (amount:8)
+                return 43 * 4;
+            }
             else {
                 throw new Error(errorMsg);
             }
@@ -930,12 +1049,20 @@ function DescriptorsFactory(ecc) {
                 //This should only happen when using addr() expressions
                 throw new Error(`Error: could not determine whether this is a segwit descriptor`);
             }
+            const isTaproot = this.isTaproot();
+            if (isTaproot === undefined) {
+                //This should only happen when using addr() expressions
+                throw new Error(`Error: could not determine whether this is a taproot descriptor`);
+            }
             const index = (0, psbt_1.updatePsbt)({
                 psbt,
                 vout,
                 ...(txHex !== undefined ? { txHex } : {}),
                 ...(txId !== undefined ? { txId } : {}),
                 ...(value !== undefined ? { value } : {}),
+                ...(isTaproot
+                    ? { tapInternalKey: this.getPayment().internalPubkey }
+                    : {}),
                 sequence: this.getSequence(),
                 locktime: this.getLockTime(),
                 keysInfo: __classPrivateFieldGet(this, _Output_expansionMap, "f") ? Object.values(__classPrivateFieldGet(this, _Output_expansionMap, "f")) : [],
@@ -1000,15 +1127,15 @@ function DescriptorsFactory(ecc) {
             //same sequences, ... The descriptor does not store the hash of the previous
             //transaction since it is a general Descriptor object. Indices must be kept
             //out of the scope of this class and then passed.
-            const signatures = psbt.data.inputs[index]?.partialSig;
-            if (!signatures)
-                throw new Error(`Error: cannot finalize without signatures`);
             __classPrivateFieldGet(this, _Output_instances, "m", _Output_assertPsbtInput).call(this, { index, psbt });
             if (!__classPrivateFieldGet(this, _Output_miniscript, "f")) {
                 //Use standard finalizers
                 psbt.finalizeInput(index);
             }
             else {
+                const signatures = psbt.data.inputs[index]?.partialSig;
+                if (!signatures)
+                    throw new Error(`Error: cannot finalize without signatures`);
                 const scriptSatisfaction = this.getScriptSatisfaction(signatures);
                 psbt.finalizeInput(index, (0, psbt_1.finalScriptsFuncFactory)(scriptSatisfaction, __classPrivateFieldGet(this, _Output_network, "f")));
             }
@@ -1034,7 +1161,7 @@ function DescriptorsFactory(ecc) {
             };
         }
     }
-    _Output_payment = new WeakMap(), _Output_preimages = new WeakMap(), _Output_signersPubKeys = new WeakMap(), _Output_miniscript = new WeakMap(), _Output_witnessScript = new WeakMap(), _Output_redeemScript = new WeakMap(), _Output_isSegwit = new WeakMap(), _Output_expandedExpression = new WeakMap(), _Output_expandedMiniscript = new WeakMap(), _Output_expansionMap = new WeakMap(), _Output_network = new WeakMap(), _Output_instances = new WeakSet(), _Output_getTimeConstraints = function _Output_getTimeConstraints() {
+    _Output_payment = new WeakMap(), _Output_preimages = new WeakMap(), _Output_signersPubKeys = new WeakMap(), _Output_miniscript = new WeakMap(), _Output_witnessScript = new WeakMap(), _Output_redeemScript = new WeakMap(), _Output_isSegwit = new WeakMap(), _Output_isTaproot = new WeakMap(), _Output_expandedExpression = new WeakMap(), _Output_expandedMiniscript = new WeakMap(), _Output_expansionMap = new WeakMap(), _Output_network = new WeakMap(), _Output_instances = new WeakSet(), _Output_getTimeConstraints = function _Output_getTimeConstraints() {
         const miniscript = __classPrivateFieldGet(this, _Output_miniscript, "f");
         const preimages = __classPrivateFieldGet(this, _Output_preimages, "f");
         const expandedMiniscript = __classPrivateFieldGet(this, _Output_expandedMiniscript, "f");

package/dist/keyExpressions.d.ts

@@ -19,7 +19,7 @@ import { LedgerState, LedgerManager } from './ledger';
  *  }
  * ```
  */
-export declare function parseKeyExpression({ keyExpression, isSegwit, ECPair, BIP32, network }: {
+export declare function parseKeyExpression({ keyExpression, isSegwit, isTaproot, ECPair, BIP32, network }: {
     keyExpression: string;
     /** @default networks.bitcoin */
     network?: Network;
@@ -29,6 +29,13 @@ export declare function parseKeyExpression({ keyExpression, isSegwit, ECPair, BI
      * expression) is compressed (33 bytes).
      */
     isSegwit?: boolean;
+    /**
+     * Indicates if this key expression belongs to a Taproot output. For Taproot,
+     * the key must be represented as an x-only public key (32 bytes).
+     * If a 33-byte compressed pubkey is derived, it is converted to its x-only
+     * representation.
+     */
+    isTaproot?: boolean;
     ECPair: ECPairAPI;
     BIP32: BIP32API;
 }): KeyInfo;

package/dist/keyExpressions.js

@@ -59,7 +59,7 @@ const derivePath = (node, path) => {
  *  }
  * ```
  */
-function parseKeyExpression({ keyExpression, isSegwit, ECPair, BIP32, network = bitcoinjs_lib_1.networks.bitcoin }) {
+function parseKeyExpression({ keyExpression, isSegwit, isTaproot, ECPair, BIP32, network = bitcoinjs_lib_1.networks.bitcoin }) {
     let pubkey; //won't be computed for ranged keyExpressions
     let ecpair;
     let bip32;
@@ -68,8 +68,18 @@ function parseKeyExpression({ keyExpression, isSegwit, ECPair, BIP32, network =
     let keyPath;
     let path;
     const isRanged = keyExpression.indexOf('*') !== -1;
+    const reKeyExp = isTaproot
+        ? RE.reTaprootKeyExp
+        : isSegwit
+            ? RE.reSegwitKeyExp
+            : RE.reNonSegwitKeyExp;
+    const rePubKey = isTaproot
+        ? RE.reTaprootPubKey
+        : isSegwit
+            ? RE.reSegwitPubKey
+            : RE.reNonSegwitPubKey;
     //Validate the keyExpression:
-    const keyExpressions = keyExpression.match(RE.reKeyExp);
+    const keyExpressions = keyExpression.match(reKeyExp);
     if (keyExpressions === null || keyExpressions[0] !== keyExpression) {
         throw new Error(`Error: expected a keyExpression but got ${keyExpression}`);
     }
@@ -93,8 +103,11 @@ function parseKeyExpression({ keyExpression, isSegwit, ECPair, BIP32, network =
     const actualKey = keyExpression.replace(reOriginAnchoredStart, '');
     let mPubKey, mWIF, mXpubKey, mXprvKey;
     //match pubkey:
-    if ((mPubKey = actualKey.match(RE.anchorStartAndEnd(RE.rePubKey))) !== null) {
+    if ((mPubKey = actualKey.match(RE.anchorStartAndEnd(rePubKey))) !== null) {
         pubkey = Buffer.from(mPubKey[0], 'hex');
+        if (isTaproot && pubkey.length === 32)
+            //convert the xonly point to a compressed point assuming even parity
+            pubkey = Buffer.concat([Buffer.from([0x02]), pubkey]);
         ecpair = ECPair.fromPublicKey(pubkey, { network });
         //Validate the pubkey (compressed or uncompressed)
         if (!ECPair.isPoint(pubkey) ||
@@ -161,6 +174,9 @@ function parseKeyExpression({ keyExpression, isSegwit, ECPair, BIP32, network =
     if (originPath || keyPath) {
         path = `m${originPath ?? ''}${keyPath ?? ''}`;
     }
+    if (pubkey !== undefined && isTaproot && pubkey.length === 33)
+        // If we get a 33-byte compressed key, drop the first byte.
+        pubkey = pubkey.slice(1, 33);
     return {
         keyExpression,
         ...(pubkey !== undefined ? { pubkey } : {}),

package/dist/miniscript.d.ts

@@ -11,9 +11,10 @@ import type { Preimage, TimeConstraints, ExpansionMap } from './types';
  * satisfied with satisfier.
  * Also compute pubkeys from descriptors to use them later.
  */
-export declare function expandMiniscript({ miniscript, isSegwit, network, ECPair, BIP32 }: {
+export declare function expandMiniscript({ miniscript, isSegwit, isTaproot, network, ECPair, BIP32 }: {
     miniscript: string;
     isSegwit: boolean;
+    isTaproot: boolean;
     network?: Network;
     ECPair: ECPairAPI;
     BIP32: BIP32API;

package/dist/miniscript.js

@@ -37,9 +37,16 @@ const miniscript_1 = require("@bitcoinerlab/miniscript");
  * satisfied with satisfier.
  * Also compute pubkeys from descriptors to use them later.
  */
-function expandMiniscript({ miniscript, isSegwit, network = bitcoinjs_lib_1.networks.bitcoin, ECPair, BIP32 }) {
+function expandMiniscript({ miniscript, isSegwit, isTaproot, network = bitcoinjs_lib_1.networks.bitcoin, ECPair, BIP32 }) {
+    if (isTaproot)
+        throw new Error('Taproot miniscript not yet supported.');
+    const reKeyExp = isTaproot
+        ? RE.reTaprootKeyExp
+        : isSegwit
+            ? RE.reSegwitKeyExp
+            : RE.reNonSegwitKeyExp;
     const expansionMap = {};
-    const expandedMiniscript = miniscript.replace(RegExp(RE.reKeyExp, 'g'), (keyExpression) => {
+    const expandedMiniscript = miniscript.replace(RegExp(reKeyExp, 'g'), (keyExpression) => {
         const key = '@' + Object.keys(expansionMap).length;
         expansionMap[key] = (0, keyExpressions_1.parseKeyExpression)({
             keyExpression,

package/dist/psbt.d.ts

@@ -21,7 +21,7 @@ export declare function finalScriptsFuncFactory(scriptSatisfaction: Buffer, netw
 /**
  * Important: Read comments on descriptor.updatePsbt regarding not passing txHex
  */
-export declare function updatePsbt({ psbt, vout, txHex, txId, value, sequence, locktime, keysInfo, scriptPubKey, isSegwit, witnessScript, redeemScript, rbf }: {
+export declare function updatePsbt({ psbt, vout, txHex, txId, value, sequence, locktime, keysInfo, scriptPubKey, isSegwit, tapInternalKey, witnessScript, redeemScript, rbf }: {
     psbt: Psbt;
     vout: number;
     txHex?: string;
@@ -32,6 +32,8 @@ export declare function updatePsbt({ psbt, vout, txHex, txId, value, sequence, l
     keysInfo: KeyInfo[];
     scriptPubKey: Buffer;
     isSegwit: boolean;
+    /** for taproot **/
+    tapInternalKey?: Buffer | undefined;
     witnessScript: Buffer | undefined;
     redeemScript: Buffer | undefined;
     rbf: boolean;

package/dist/psbt.js

@@ -1,5 +1,5 @@
 "use strict";
-// Copyright (c) 2023 Jose-Luis Landabaso - https://bitcoinerlab.com
+// Copyright (c) 2025 Jose-Luis Landabaso - https://bitcoinerlab.com
 // Distributed under the MIT software license
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.updatePsbt = exports.finalScriptsFuncFactory = void 0;
@@ -86,7 +86,7 @@ exports.finalScriptsFuncFactory = finalScriptsFuncFactory;
 /**
  * Important: Read comments on descriptor.updatePsbt regarding not passing txHex
  */
-function updatePsbt({ psbt, vout, txHex, txId, value, sequence, locktime, keysInfo, scriptPubKey, isSegwit, witnessScript, redeemScript, rbf }) {
+function updatePsbt({ psbt, vout, txHex, txId, value, sequence, locktime, keysInfo, scriptPubKey, isSegwit, tapInternalKey, witnessScript, redeemScript, rbf }) {
     //Some data-sanity checks:
     if (sequence !== undefined && rbf && sequence > 0xfffffffd)
         throw new Error(`Error: incompatible sequence and rbf settings`);
@@ -155,20 +155,45 @@ function updatePsbt({ psbt, vout, txHex, txId, value, sequence, locktime, keysIn
     if (txHex !== undefined) {
         input.nonWitnessUtxo = bitcoinjs_lib_1.Transaction.fromHex(txHex).toBuffer();
     }
-    const bip32Derivation = keysInfo
-        .filter((keyInfo) => keyInfo.pubkey && keyInfo.masterFingerprint && keyInfo.path)
-        .map((keyInfo) => {
-        const pubkey = keyInfo.pubkey;
-        if (!pubkey)
-            throw new Error(`key ${keyInfo.keyExpression} missing pubkey`);
-        return {
-            masterFingerprint: keyInfo.masterFingerprint,
-            pubkey,
-            path: keyInfo.path
-        };
-    });
-    if (bip32Derivation.length)
-        input.bip32Derivation = bip32Derivation;
+    if (tapInternalKey) {
+        //Taproot
+        const tapBip32Derivation = keysInfo
+            .filter((keyInfo) => keyInfo.pubkey && keyInfo.masterFingerprint && keyInfo.path)
+            .map((keyInfo) => {
+            const pubkey = keyInfo.pubkey;
+            if (!pubkey)
+                throw new Error(`key ${keyInfo.keyExpression} missing pubkey`);
+            return {
+                masterFingerprint: keyInfo.masterFingerprint,
+                pubkey,
+                path: keyInfo.path,
+                leafHashes: [] // TODO: Empty array for tr(KEY) taproot key spend - this is the only type currently supported
+            };
+        });
+        if (tapBip32Derivation.length)
+            input.tapBip32Derivation = tapBip32Derivation;
+        input.tapInternalKey = tapInternalKey;
+        //TODO: currently only single-key taproot supported.
+        //https://github.com/bitcoinjs/bitcoinjs-lib/blob/6ba8bb3ce20ba533eeaba6939cfc2891576d9969/test/integration/taproot.spec.ts#L243
+        if (tapBip32Derivation.length > 1)
+            throw new Error('Only single key taproot inputs are currently supported');
+    }
+    else {
+        const bip32Derivation = keysInfo
+            .filter((keyInfo) => keyInfo.pubkey && keyInfo.masterFingerprint && keyInfo.path)
+            .map((keyInfo) => {
+            const pubkey = keyInfo.pubkey;
+            if (!pubkey)
+                throw new Error(`key ${keyInfo.keyExpression} missing pubkey`);
+            return {
+                masterFingerprint: keyInfo.masterFingerprint,
+                pubkey,
+                path: keyInfo.path
+            };
+        });
+        if (bip32Derivation.length)
+            input.bip32Derivation = bip32Derivation;
+    }
     if (isSegwit && txHex !== undefined) {
         //There's no need to put both witnessUtxo and nonWitnessUtxo
         input.witnessUtxo = { script: scriptPubKey, value };

package/dist/re.d.ts

@@ -2,20 +2,25 @@ export declare const reOriginPath: string;
 export declare const reMasterFingerprint: string;
 export declare const reOrigin: string;
 export declare const reChecksum: string;
-export declare const rePubKey: string;
+export declare const reNonSegwitPubKey: string;
+export declare const reSegwitPubKey: string;
+export declare const reTaprootPubKey: string;
 export declare const reWIF: string;
 export declare const reXpub: string;
 export declare const reXprv: string;
 export declare const rePath: string;
 export declare const reXpubKey: string;
 export declare const reXprvKey: string;
-export declare const reKeyExp: string;
+export declare const reNonSegwitKeyExp: string;
+export declare const reSegwitKeyExp: string;
+export declare const reTaprootKeyExp: string;
 export declare const anchorStartAndEnd: (re: string) => string;
 export declare const rePkAnchored: string;
 export declare const reAddrAnchored: string;
 export declare const rePkhAnchored: string;
 export declare const reWpkhAnchored: string;
 export declare const reShWpkhAnchored: string;
+export declare const reTrSingleKeyAnchored: string;
 export declare const reShMiniscriptAnchored: string;
 export declare const reShWshMiniscriptAnchored: string;
 export declare const reWshMiniscriptAnchored: string;

package/dist/re.js

@@ -1,8 +1,8 @@
 "use strict";
-// Copyright (c) 2023 Jose-Luis Landabaso - https://bitcoinerlab.com
+// Copyright (c) 2025 Jose-Luis Landabaso - https://bitcoinerlab.com
 // Distributed under the MIT software license
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.reWshMiniscriptAnchored = exports.reShWshMiniscriptAnchored = exports.reShMiniscriptAnchored = exports.reShWpkhAnchored = exports.reWpkhAnchored = exports.rePkhAnchored = exports.reAddrAnchored = exports.rePkAnchored = exports.anchorStartAndEnd = exports.reKeyExp = exports.reXprvKey = exports.reXpubKey = exports.rePath = exports.reXprv = exports.reXpub = exports.reWIF = exports.rePubKey = exports.reChecksum = exports.reOrigin = exports.reMasterFingerprint = exports.reOriginPath = void 0;
+exports.reWshMiniscriptAnchored = exports.reShWshMiniscriptAnchored = exports.reShMiniscriptAnchored = exports.reTrSingleKeyAnchored = exports.reShWpkhAnchored = exports.reWpkhAnchored = exports.rePkhAnchored = exports.reAddrAnchored = exports.rePkAnchored = exports.anchorStartAndEnd = exports.reTaprootKeyExp = exports.reSegwitKeyExp = exports.reNonSegwitKeyExp = exports.reXprvKey = exports.reXpubKey = exports.rePath = exports.reXprv = exports.reXpub = exports.reWIF = exports.reTaprootPubKey = exports.reSegwitPubKey = exports.reNonSegwitPubKey = exports.reChecksum = exports.reOrigin = exports.reMasterFingerprint = exports.reOriginPath = void 0;
 const checksum_1 = require("./checksum");
 //Regular expressions cheat sheet:
 //https://www.keycdn.com/support/regex-cheat-sheet
@@ -22,7 +22,10 @@ exports.reChecksum = String.raw `(#[${checksum_1.CHECKSUM_CHARSET}]{8})`;
 //as explained here: github.com/bitcoin/bitcoin/blob/master/doc/descriptors.md#reference
 const reCompressedPubKey = String.raw `((02|03)[0-9a-fA-F]{64})`;
 const reUncompressedPubKey = String.raw `(04[0-9a-fA-F]{128})`;
-exports.rePubKey = String.raw `(${reCompressedPubKey}|${reUncompressedPubKey})`;
+const reXOnlyPubKey = String.raw `([0-9a-fA-F]{64})`;
+exports.reNonSegwitPubKey = String.raw `(${reCompressedPubKey}|${reUncompressedPubKey})`;
+exports.reSegwitPubKey = String.raw `(${reCompressedPubKey})`;
+exports.reTaprootPubKey = String.raw `(${reCompressedPubKey}|${reXOnlyPubKey})`;
 //https://learnmeabitcoin.com/technical/wif
 //5, K, L for mainnet, 5: uncompressed, {K, L}: compressed
 //c, 9, testnet, c: compressed, 9: uncompressed
@@ -38,15 +41,20 @@ exports.rePath = String.raw `(\/(${rePathComponent})*(${reRangeLevel}|${reLevel}
 exports.reXpubKey = String.raw `(${exports.reXpub})(${exports.rePath})?`;
 exports.reXprvKey = String.raw `(${exports.reXprv})(${exports.rePath})?`;
 //actualKey is the keyExpression without optional origin
-const reActualKey = String.raw `(${exports.reXpubKey}|${exports.reXprvKey}|${exports.rePubKey}|${exports.reWIF})`;
+const reNonSegwitActualKey = String.raw `(${exports.reXpubKey}|${exports.reXprvKey}|${exports.reNonSegwitPubKey}|${exports.reWIF})`;
+const reSegwitActualKey = String.raw `(${exports.reXpubKey}|${exports.reXprvKey}|${exports.reSegwitPubKey}|${exports.reWIF})`;
+const reTaprootActualKey = String.raw `(${exports.reXpubKey}|${exports.reXprvKey}|${exports.reTaprootPubKey}|${exports.reWIF})`;
 //reOrigin is optional: Optionally, key origin information, consisting of:
 //Matches a key expression: wif, xpub, xprv or pubkey:
-exports.reKeyExp = String.raw `(${exports.reOrigin})?(${reActualKey})`;
+exports.reNonSegwitKeyExp = String.raw `(${exports.reOrigin})?(${reNonSegwitActualKey})`;
+exports.reSegwitKeyExp = String.raw `(${exports.reOrigin})?(${reSegwitActualKey})`;
+exports.reTaprootKeyExp = String.raw `(${exports.reOrigin})?(${reTaprootActualKey})`;
 const rePk = String.raw `pk\((.*?)\)`; //Matches anything. We assert later in the code that the pubkey is valid.
 const reAddr = String.raw `addr\((.*?)\)`; //Matches anything. We assert later in the code that the address is valid.
-const rePkh = String.raw `pkh\(${exports.reKeyExp}\)`;
-const reWpkh = String.raw `wpkh\(${exports.reKeyExp}\)`;
-const reShWpkh = String.raw `sh\(wpkh\(${exports.reKeyExp}\)\)`;
+const rePkh = String.raw `pkh\(${exports.reNonSegwitKeyExp}\)`;
+const reWpkh = String.raw `wpkh\(${exports.reSegwitKeyExp}\)`;
+const reShWpkh = String.raw `sh\(wpkh\(${exports.reSegwitKeyExp}\)\)`;
+const reTrSingleKey = String.raw `tr\(${exports.reTaprootKeyExp}\)`; // TODO: tr(KEY,TREE) not yet supported. TrSingleKey used for tr(KEY)
 const reMiniscript = String.raw `(.*?)`; //Matches anything. We assert later in the code that miniscripts are valid and sane.
 //RegExp makers:
 const makeReSh = (re) => String.raw `sh\(${re}\)`;
@@ -60,6 +68,7 @@ exports.reAddrAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(reAddr))
 exports.rePkhAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(rePkh));
 exports.reWpkhAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(reWpkh));
 exports.reShWpkhAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(reShWpkh));
+exports.reTrSingleKeyAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(reTrSingleKey));
 exports.reShMiniscriptAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(makeReSh(reMiniscript)));
 exports.reShWshMiniscriptAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(makeReShWsh(reMiniscript)));
 exports.reWshMiniscriptAnchored = (0, exports.anchorStartAndEnd)(composeChecksum(makeReWsh(reMiniscript)));

package/dist/scriptExpressions.d.ts

@@ -43,6 +43,20 @@ export declare const wpkhBIP32: ({ masterNode, network, keyPath, account, change
      */
     isPublic?: boolean;
 }) => string;
+export declare const trBIP32: ({ masterNode, network, keyPath, account, change, index, isPublic }: {
+    masterNode: BIP32Interface;
+    /** @default networks.bitcoin */
+    network?: Network;
+    account: number;
+    change?: number | undefined;
+    index?: number | undefined | '*';
+    keyPath?: string;
+    /**
+     * Compute an xpub or xprv
+     * @default true
+     */
+    isPublic?: boolean;
+}) => string;
 export declare const pkhLedger: {
     ({ ledgerManager, account, keyPath, change, index }: {
         ledgerManager: LedgerManager;
@@ -100,3 +114,22 @@ export declare const wpkhLedger: {
         index?: number | undefined | '*';
     }): Promise<string>;
 };
+export declare const trLedger: {
+    ({ ledgerManager, account, keyPath, change, index }: {
+        ledgerManager: LedgerManager;
+        account: number;
+        keyPath?: string;
+        change?: number | undefined;
+        index?: number | undefined | '*';
+    }): Promise<string>;
+    ({ ledgerClient, ledgerState, network, account, keyPath, change, index }: {
+        ledgerClient: unknown;
+        ledgerState: LedgerState;
+        /** @default networks.bitcoin */
+        network?: Network;
+        account: number;
+        keyPath?: string;
+        change?: number | undefined;
+        index?: number | undefined | '*';
+    }): Promise<string>;
+};

package/dist/scriptExpressions.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.wpkhLedger = exports.shWpkhLedger = exports.pkhLedger = exports.wpkhBIP32 = exports.shWpkhBIP32 = exports.pkhBIP32 = void 0;
+exports.trLedger = exports.wpkhLedger = exports.shWpkhLedger = exports.pkhLedger = exports.trBIP32 = exports.wpkhBIP32 = exports.shWpkhBIP32 = exports.pkhBIP32 = void 0;
 const bitcoinjs_lib_1 = require("bitcoinjs-lib");
 const keyExpressions_1 = require("./keyExpressions");
 function assertStandardKeyPath(keyPath) {
@@ -43,6 +43,7 @@ function standardExpressionsBIP32Maker(purpose, scriptTemplate) {
 exports.pkhBIP32 = standardExpressionsBIP32Maker(44, 'pkh(KEYEXPRESSION)');
 exports.shWpkhBIP32 = standardExpressionsBIP32Maker(49, 'sh(wpkh(KEYEXPRESSION))');
 exports.wpkhBIP32 = standardExpressionsBIP32Maker(84, 'wpkh(KEYEXPRESSION)');
+exports.trBIP32 = standardExpressionsBIP32Maker(86, 'tr(KEYEXPRESSION)');
 function standardExpressionsLedgerMaker(purpose, scriptTemplate) {
     /** @hidden */
     async function standardScriptExpressionLedger({ ledgerClient, ledgerState, ledgerManager, network, account, keyPath, change, index }) {
@@ -74,3 +75,4 @@ function standardExpressionsLedgerMaker(purpose, scriptTemplate) {
 exports.pkhLedger = standardExpressionsLedgerMaker(44, 'pkh(KEYEXPRESSION)');
 exports.shWpkhLedger = standardExpressionsLedgerMaker(49, 'sh(wpkh(KEYEXPRESSION))');
 exports.wpkhLedger = standardExpressionsLedgerMaker(84, 'wpkh(KEYEXPRESSION)');
+exports.trLedger = standardExpressionsLedgerMaker(86, 'tr(KEYEXPRESSION)');

package/dist/signers.d.ts

@@ -3,11 +3,48 @@ import type { ECPairInterface } from 'ecpair';
 import type { BIP32Interface } from 'bip32';
 import type { DescriptorInstance } from './descriptors';
 import { LedgerState, LedgerManager } from './ledger';
+/**
+ * Signs a specific input of a PSBT with an ECPair.
+ *
+ * Unlike bitcoinjs-lib's native `psbt.signInput()`, this function automatically detects
+ * if the input is a Taproot input and internally tweaks the key if needed.
+ *
+ * This behavior matches how `signInputBIP32` works, where the BIP32 node is automatically
+ * tweaked for Taproot inputs. In contrast, bitcoinjs-lib's native implementation requires
+ * manual pre-tweaking of ECPair signers for Taproot inputs.
+ *
+ * @see https://github.com/bitcoinjs/bitcoinjs-lib/pull/2137#issuecomment-2713264848
+ *
+ * @param {Object} params - The parameters object
+ * @param {Psbt} params.psbt - The PSBT to sign
+ * @param {number} params.index - The input index to sign
+ * @param {ECPairInterface} params.ecpair - The ECPair to sign with
+ */
 export declare function signInputECPair({ psbt, index, ecpair }: {
     psbt: Psbt;
     index: number;
     ecpair: ECPairInterface;
 }): void;
+/**
+ * Signs all inputs of a PSBT with an ECPair.
+ *
+ * This function improves upon bitcoinjs-lib's native `psbt.signAllInputs()` by automatically
+ * handling Taproot inputs. For each input, it detects if it's a Taproot input and internally
+ * tweaks the key if needed.
+ *
+ * This creates consistency with the BIP32 signing methods (`signBIP32`/`signInputBIP32`),
+ * which also automatically handle key tweaking for Taproot inputs. In contrast, bitcoinjs-lib's
+ * native implementation requires users to manually pre-tweak ECPair signers for Taproot inputs.
+ *
+ * With this implementation, you can use a single ECPair to sign both Taproot and non-Taproot
+ * inputs in the same PSBT, similar to how `signBIP32` allows using a common node for both types.
+ *
+ * @see https://github.com/bitcoinjs/bitcoinjs-lib/pull/2137#issuecomment-2713264848
+ *
+ * @param {Object} params - The parameters object
+ * @param {Psbt} params.psbt - The PSBT to sign
+ * @param {ECPairInterface} params.ecpair - The ECPair to sign with
+ */
 export declare function signECPair({ psbt, ecpair }: {
     psbt: Psbt;
     ecpair: ECPairInterface;

package/dist/signers.js

@@ -1,22 +1,94 @@
 "use strict";
-// Copyright (c) 2023 Jose-Luis Landabaso - https://bitcoinerlab.com
+// Copyright (c) 2025 Jose-Luis Landabaso - https://bitcoinerlab.com
 // Distributed under the MIT software license
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.signLedger = exports.signInputLedger = exports.signBIP32 = exports.signInputBIP32 = exports.signECPair = exports.signInputECPair = void 0;
+const bip371_1 = require("bitcoinjs-lib/src/psbt/bip371");
+const bip341_1 = require("bitcoinjs-lib/src/payments/bip341");
 const ledger_1 = require("./ledger");
+const applyPR2137_1 = require("./applyPR2137");
+function range(n) {
+    return [...Array(n).keys()];
+}
+/**
+ * Signs a specific input of a PSBT with an ECPair.
+ *
+ * Unlike bitcoinjs-lib's native `psbt.signInput()`, this function automatically detects
+ * if the input is a Taproot input and internally tweaks the key if needed.
+ *
+ * This behavior matches how `signInputBIP32` works, where the BIP32 node is automatically
+ * tweaked for Taproot inputs. In contrast, bitcoinjs-lib's native implementation requires
+ * manual pre-tweaking of ECPair signers for Taproot inputs.
+ *
+ * @see https://github.com/bitcoinjs/bitcoinjs-lib/pull/2137#issuecomment-2713264848
+ *
+ * @param {Object} params - The parameters object
+ * @param {Psbt} params.psbt - The PSBT to sign
+ * @param {number} params.index - The input index to sign
+ * @param {ECPairInterface} params.ecpair - The ECPair to sign with
+ */
 function signInputECPair({ psbt, index, ecpair }) {
-    psbt.signInput(index, ecpair);
+    //psbt.signInput(index, ecpair); <- Replaced for the code below
+    //that can handle taroot inputs automatically.
+    //See https://github.com/bitcoinjs/bitcoinjs-lib/pull/2137#issuecomment-2713264848
+    const input = psbt.data.inputs[index];
+    if (!input)
+        throw new Error('Invalid index');
+    if ((0, bip371_1.isTaprootInput)(input)) {
+        const hash = (0, bip341_1.tapTweakHash)(Buffer.from(ecpair.publicKey.slice(1, 33)), undefined);
+        const tweakedEcpair = ecpair.tweak(hash);
+        psbt.signInput(index, tweakedEcpair);
+    }
+    else
+        psbt.signInput(index, ecpair);
 }
 exports.signInputECPair = signInputECPair;
+/**
+ * Signs all inputs of a PSBT with an ECPair.
+ *
+ * This function improves upon bitcoinjs-lib's native `psbt.signAllInputs()` by automatically
+ * handling Taproot inputs. For each input, it detects if it's a Taproot input and internally
+ * tweaks the key if needed.
+ *
+ * This creates consistency with the BIP32 signing methods (`signBIP32`/`signInputBIP32`),
+ * which also automatically handle key tweaking for Taproot inputs. In contrast, bitcoinjs-lib's
+ * native implementation requires users to manually pre-tweak ECPair signers for Taproot inputs.
+ *
+ * With this implementation, you can use a single ECPair to sign both Taproot and non-Taproot
+ * inputs in the same PSBT, similar to how `signBIP32` allows using a common node for both types.
+ *
+ * @see https://github.com/bitcoinjs/bitcoinjs-lib/pull/2137#issuecomment-2713264848
+ *
+ * @param {Object} params - The parameters object
+ * @param {Psbt} params.psbt - The PSBT to sign
+ * @param {ECPairInterface} params.ecpair - The ECPair to sign with
+ */
 function signECPair({ psbt, ecpair }) {
-    psbt.signAllInputs(ecpair);
+    //psbt.signAllInputs(ecpair); <- replaced for the code below that handles
+    //taptoot automatically.
+    //See https://github.com/bitcoinjs/bitcoinjs-lib/pull/2137#issuecomment-2713264848
+    const results = [];
+    for (const index of range(psbt.data.inputs.length)) {
+        try {
+            signInputECPair({ psbt, index, ecpair });
+            results.push(true);
+        }
+        catch (err) {
+            results.push(false);
+        }
+    }
+    if (results.every(v => v === false)) {
+        throw new Error('No inputs were signed');
+    }
 }
 exports.signECPair = signECPair;
 function signInputBIP32({ psbt, index, node }) {
+    (0, applyPR2137_1.applyPR2137)(psbt);
     psbt.signInputHD(index, node);
 }
 exports.signInputBIP32 = signInputBIP32;
 function signBIP32({ psbt, masterNode }) {
+    (0, applyPR2137_1.applyPR2137)(psbt);
     psbt.signAllInputsHD(masterNode);
 }
 exports.signBIP32 = signBIP32;
@@ -50,6 +122,8 @@ async function signInputLedger({ psbt, index, descriptor, ledgerClient, ledgerSt
         throw new Error(`Error: pass a valid ledgerClient`);
     let ledgerSignatures;
     if (ledgerManager) {
+        if (psbt.data.inputs[index]?.tapInternalKey)
+            throw new Error('Taproot inputs not yet supported for the Ledger device');
         const policy = await (0, ledger_1.ledgerPolicyFromPsbtInput)({
             psbt,
             index,
@@ -129,6 +203,8 @@ async function signLedger({ psbt, descriptors, ledgerClient, ledgerState, ledger
     const ledgerPolicies = [];
     if (ledgerManager)
         for (let index = 0; index < psbt.data.inputs.length; index++) {
+            if (psbt.data.inputs[index]?.tapInternalKey)
+                throw new Error('Taproot inputs not yet supported for the Ledger device');
             const policy = await (0, ledger_1.ledgerPolicyFromPsbtInput)({
                 psbt,
                 index,

package/dist/types.d.ts

@@ -88,6 +88,7 @@ export interface TinySecp256k1Interface {
     verify(h: Uint8Array, Q: Uint8Array, signature: Uint8Array, strict?: boolean): boolean;
     verifySchnorr?(h: Uint8Array, Q: Uint8Array, signature: Uint8Array): boolean;
     xOnlyPointAddTweak(p: Uint8Array, tweak: Uint8Array): XOnlyPointAddTweakResult | null;
+    isXOnlyPoint(p: Uint8Array): boolean;
     privateNegate(d: Uint8Array): Uint8Array;
 }
 /**
@@ -118,6 +119,10 @@ export type Expansion = {
      * A boolean indicating whether the descriptor uses SegWit.
      */
     isSegwit?: boolean;
+    /**
+     * A boolean indicating whether the descriptor uses Taproot.
+     */
+    isTaproot?: boolean;
     /**
      * The expanded miniscript, if any.
      * It corresponds to the `expandedExpression` without the top-level script
@@ -176,6 +181,13 @@ export interface ParseKeyExpression {
          * expression) is compressed (33 bytes).
          */
         isSegwit?: boolean;
+        /**
+         * Indicates if this key expression belongs to a Taproot output.
+         * For Taproot, the key must be represented as an x-only public key
+         * (32 bytes). If a 33-byte compressed pubkey is derived, it is converted to
+         * its x-only representation.
+         */
+        isTaproot?: boolean;
         network?: Network;
     }): KeyInfo;
 }

package/package.json

@@ -2,7 +2,7 @@
   "name": "@bitcoinerlab/descriptors",
   "description": "This library parses and creates Bitcoin Miniscript Descriptors and generates Partially Signed Bitcoin Transactions (PSBTs). It provides PSBT finalizers and signers for single-signature, BIP32 and Hardware Wallets.",
   "homepage": "https://github.com/bitcoinerlab/descriptors",
-  "version": "2.2.0",
+  "version": "2.3.0",
   "author": "Jose-Luis Landabaso",
   "license": "MIT",
   "repository": {
@@ -68,7 +68,7 @@
   },
   "dependencies": {
     "@bitcoinerlab/miniscript": "^1.4.0",
-    "@bitcoinerlab/secp256k1": "^1.1.1",
+    "@bitcoinerlab/secp256k1": "^1.2.0",
     "bip32": "^4.0.0",
     "bitcoinjs-lib": "^6.1.3",
     "ecpair": "^2.1.0",