@bitcoinerlab/descriptors 2.3.6 → 3.0.1

package/dist/ledger.js

@@ -36,15 +36,17 @@ exports.ledgerPolicyFromState = ledgerPolicyFromState;
  */
 const descriptors_1 = require("./descriptors");
 const bitcoinjs_lib_1 = require("bitcoinjs-lib");
+const uint8array_tools_1 = require("uint8array-tools");
+const networkUtils_1 = require("./networkUtils");
 const re_1 = require("./re");
 /**
- * Dynamically imports the 'ledger-bitcoin' module and, if provided, checks if `ledgerClient` is an instance of `AppClient`.
+ * Dynamically imports the '@ledgerhq/ledger-bitcoin' module and, if provided, checks if `ledgerClient` is an instance of `AppClient`.
  *
  * @async
  * @param {unknown} ledgerClient - An optional parameter that, if provided, is checked to see if it's an instance of `AppClient`.
  * @throws {Error} Throws an error if `ledgerClient` is provided but is not an instance of `AppClient`.
- * @throws {Error} Throws an error if the 'ledger-bitcoin' module cannot be imported. This typically indicates that the 'ledger-bitcoin' peer dependency is not installed.
- * @returns {Promise<unknown>} Returns a promise that resolves with the entire 'ledger-bitcoin' module if it can be successfully imported. We force it to return an unknown type so that the declaration of this function won't break projects that don't use ledger-bitcoin as dependency
+ * @throws {Error} Throws an error if the '@ledgerhq/ledger-bitcoin' module cannot be imported. This typically indicates that the '@ledgerhq/ledger-bitcoin' peer dependency is not installed.
+ * @returns {Promise<unknown>} Returns a promise that resolves with the entire '@ledgerhq/ledger-bitcoin' module if it can be successfully imported. We force it to return an unknown type so that the declaration of this function won't break projects that don't use @ledgerhq/ledger-bitcoin as dependency
  *
  * @example
  *
@@ -59,22 +61,22 @@ async function importAndValidateLedgerBitcoin(ledgerClient) {
     let ledgerBitcoinModule;
     try {
         // Originally, the code used dynamic imports:
-        // ledgerBitcoinModule = await import('ledger-bitcoin');
+        // ledgerBitcoinModule = await import('@ledgerhq/ledger-bitcoin');
         // However, in React Native with the Metro bundler, there's an issue with
         // recognizing dynamic imports inside try-catch blocks. For details, refer to:
         // https://github.com/react-native-community/discussions-and-proposals/issues/120
         // The dynamic import gets transpiled to:
-        // ledgerBitcoinModule = Promise.resolve().then(() => __importStar(require('ledger-bitcoin')));
+        // ledgerBitcoinModule = Promise.resolve().then(() => __importStar(require('@ledgerhq/ledger-bitcoin')));
         // Metro bundler fails to recognize the above as conditional. Hence, it tries
-        // to require 'ledger-bitcoin' unconditionally, leading to potential errors if
-        // 'ledger-bitcoin' is not installed (given it's an optional peerDependency).
+        // to require '@ledgerhq/ledger-bitcoin' unconditionally, leading to potential errors if
+        // '@ledgerhq/ledger-bitcoin' is not installed (given it's an optional peerDependency).
         // To bypass this, we directly use require:
         // eslint-disable-next-line @typescript-eslint/no-require-imports
-        ledgerBitcoinModule = require('ledger-bitcoin');
+        ledgerBitcoinModule = require('@ledgerhq/ledger-bitcoin');
     }
     catch (error) {
         void error;
-        throw new Error('Could not import "ledger-bitcoin". This is a peer dependency and needs to be installed explicitly. Please run "npm install ledger-bitcoin" to use Ledger Hardware Wallet functionality.');
+        throw new Error('Could not import "@ledgerhq/ledger-bitcoin". This is a peer dependency and needs to be installed explicitly. Please run "npm install @ledgerhq/ledger-bitcoin" to use Ledger Hardware Wallet functionality.');
     }
     const { AppClient } = ledgerBitcoinModule;
     if (ledgerClient !== undefined && !(ledgerClient instanceof AppClient)) {
@@ -129,8 +131,10 @@ function isLedgerStandard({ ledgerTemplate, keyRoots, network = bitcoinjs_lib_1.
     const originPath = keyRoots[0]?.match(re_1.reOriginPath)?.[1];
     if (!originPath)
         return false;
-    //Network is the 6th character: /44'/0'
-    if (originPath[5] !== (network === bitcoinjs_lib_1.networks.bitcoin ? '0' : '1'))
+    const originCoinType = originPath.match(/^\/\d+'\/([01])'/)?.[1];
+    if (!originCoinType)
+        return false;
+    if (originCoinType !== `${(0, networkUtils_1.coinTypeFromNetwork)(network)}`)
         return false;
     if ((ledgerTemplate === 'pkh(@0/**)' &&
         originPath.match(/^\/44'\/[01]'\/(\d+)'$/)) ||
@@ -143,32 +147,20 @@ function isLedgerStandard({ ledgerTemplate, keyRoots, network = bitcoinjs_lib_1.
         return true;
     return false;
 }
-/** @overload */
-async function getLedgerMasterFingerPrint({ ledgerClient, ledgerState, ledgerManager }) {
-    if (ledgerManager && (ledgerClient || ledgerState))
-        throw new Error(`ledgerClient and ledgerState have been deprecated`);
-    if (ledgerManager)
-        ({ ledgerClient, ledgerState } = ledgerManager);
-    if (!ledgerClient || !ledgerState)
-        throw new Error(`Could not retrieve ledgerClient or ledgerState`);
+async function getLedgerMasterFingerPrint({ ledgerManager }) {
+    const { ledgerClient, ledgerState } = ledgerManager;
     const { AppClient } = (await importAndValidateLedgerBitcoin(ledgerClient));
     if (!(ledgerClient instanceof AppClient))
         throw new Error(`Error: pass a valid ledgerClient`);
     let masterFingerprint = ledgerState.masterFingerprint;
     if (!masterFingerprint) {
-        masterFingerprint = Buffer.from(await ledgerClient.getMasterFingerprint(), 'hex');
+        masterFingerprint = (0, uint8array_tools_1.fromHex)(await ledgerClient.getMasterFingerprint());
         ledgerState.masterFingerprint = masterFingerprint;
     }
     return masterFingerprint;
 }
-/** @hidden */
-async function getLedgerXpub({ originPath, ledgerClient, ledgerState, ledgerManager }) {
-    if (ledgerManager && (ledgerClient || ledgerState))
-        throw new Error(`ledgerClient and ledgerState have been deprecated`);
-    if (ledgerManager)
-        ({ ledgerClient, ledgerState } = ledgerManager);
-    if (!ledgerClient || !ledgerState)
-        throw new Error(`Could not retrieve ledgerClient or ledgerState`);
+async function getLedgerXpub({ originPath, ledgerManager }) {
+    const { ledgerClient, ledgerState } = ledgerManager;
     const { AppClient } = (await importAndValidateLedgerBitcoin(ledgerClient));
     if (!(ledgerClient instanceof AppClient))
         throw new Error(`Error: pass a valid ledgerClient`);
@@ -199,7 +191,7 @@ async function getLedgerXpub({ originPath, ledgerClient, ledgerState, ledgerMana
  * All considerations in the header of this file are applied
  */
 async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
-    const { ledgerState, ledgerClient, ecc, network } = ledgerManager;
+    const { ledgerState, ecc, network } = ledgerManager;
     const { Output } = (0, descriptors_1.DescriptorsFactory)(ecc);
     const input = psbt.data.inputs[index];
     if (!input)
@@ -209,28 +201,31 @@ async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
         const vout = psbt.txInputs[index]?.index;
         if (vout === undefined)
             throw new Error(`Could not extract vout from nonWitnessUtxo for input ${index}.`);
-        scriptPubKey = bitcoinjs_lib_1.Transaction.fromBuffer(input.nonWitnessUtxo).outs[vout]
-            ?.script;
+        const nonWitnessScript = bitcoinjs_lib_1.Transaction.fromBuffer(input.nonWitnessUtxo).outs[vout]?.script;
+        scriptPubKey = nonWitnessScript;
     }
     else if (input.witnessUtxo) {
         scriptPubKey = input.witnessUtxo.script;
     }
     if (!scriptPubKey)
         throw new Error(`Could not retrieve scriptPubKey for input ${index}.`);
-    const bip32Derivations = input.bip32Derivation;
-    if (!bip32Derivations || !bip32Derivations.length)
-        throw new Error(`Input ${index} does not contain bip32 derivations.`);
+    const keyDerivations = [
+        ...(input.bip32Derivation || []),
+        ...(input.tapBip32Derivation || [])
+    ];
+    if (keyDerivations.length === 0)
+        throw new Error(`Input ${index} does not contain bip32 or tapBip32 derivations.`);
     const ledgerMasterFingerprint = await getLedgerMasterFingerPrint({
         ledgerManager
     });
-    for (const bip32Derivation of bip32Derivations) {
+    for (const keyDerivation of keyDerivations) {
         //get the keyRoot and keyPath. If it matches one of our policies then
         //we are still not sure this is the policy that must be used yet
         //So we must use the template and the keyRoot of each policy and compute the
         //scriptPubKey:
-        if (Buffer.compare(bip32Derivation.masterFingerprint, ledgerMasterFingerprint) === 0) {
+        if ((0, uint8array_tools_1.compare)(keyDerivation.masterFingerprint, ledgerMasterFingerprint) === 0) {
             // Match /m followed by n consecutive hardened levels and then 2 consecutive unhardened levels:
-            const match = bip32Derivation.path.match(/m((\/\d+['hH])*)(\/\d+\/\d+)?/);
+            const match = keyDerivation.path.match(/m((\/\d+['hH])*)(\/\d+\/\d+)?/);
             const originPath = match ? match[1] : undefined; //n consecutive hardened levels
             const keyPath = match ? match[3] : undefined; //2 unhardened levels or undefined
             if (originPath && keyPath) {
@@ -239,7 +234,7 @@ async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
                     throw new Error(`keyPath ${keyPath} incorrectly extracted`);
                 const change = parseInt(strChange, 10);
                 const index = parseInt(strIndex, 10);
-                const coinType = network === bitcoinjs_lib_1.networks.bitcoin ? 0 : 1;
+                const coinType = (0, networkUtils_1.coinTypeFromNetwork)(network);
                 //standard policy candidate. This policy will be added to the pool
                 //of policies below and check if it produces the correct scriptPubKey
                 let standardPolicy;
@@ -254,15 +249,11 @@ async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
                                     ? 'tr(@0/**)'
                                     : undefined;
                     if (standardTemplate) {
-                        const xpub = await getLedgerXpub({
-                            originPath,
-                            ledgerClient,
-                            ledgerState
-                        });
+                        const xpub = await getLedgerXpub({ originPath, ledgerManager });
                         standardPolicy = {
                             ledgerTemplate: standardTemplate,
                             keyRoots: [
-                                `[${ledgerMasterFingerprint.toString('hex')}${originPath}]${xpub}`
+                                `[${(0, uint8array_tools_1.toHex)(ledgerMasterFingerprint)}${originPath}]${xpub}`
                             ]
                         };
                     }
@@ -277,18 +268,16 @@ async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
                     // Replace change (making sure the value in the change level for the
                     // template of the policy meets the change in bip32Derivation):
                     descriptor = descriptor.replace(/\/\*\*/g, `/<0;1>/*`);
-                    const regExpMN = new RegExp(`/<(\\d+);(\\d+)>`, 'g');
-                    let matchMN;
-                    while (descriptor && (matchMN = regExpMN.exec(descriptor)) !== null) {
-                        const [M, N] = [
-                            parseInt(matchMN[1], 10),
-                            parseInt(matchMN[2], 10)
-                        ];
+                    let tupleMismatch = false;
+                    descriptor = descriptor.replace(/\/<(\d+);(\d+)>/g, (token, strM, strN) => {
+                        const [M, N] = [parseInt(strM, 10), parseInt(strN, 10)];
                         if (M === change || N === change)
-                            descriptor = descriptor.replace(`/<${M};${N}>`, `/${change}`);
-                        else
-                            descriptor = undefined;
-                    }
+                            return `/${change}`;
+                        tupleMismatch = true;
+                        return token;
+                    });
+                    if (tupleMismatch)
+                        descriptor = undefined;
                     if (descriptor) {
                         // Replace index:
                         descriptor = descriptor.replace(/\/\*/g, `/${index}`);
@@ -310,8 +299,12 @@ async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
                                 else
                                     descriptor = undefined;
                             }
-                            else
-                                descriptor = undefined;
+                            else {
+                                // Keys without origin info are treated as external by Ledger
+                                // and are allowed in policy matching.
+                                if (descriptor)
+                                    descriptor = descriptor.replace(new RegExp(`@${i}`, 'g'), keyRoot);
+                            }
                         }
                         //verify the scriptPubKey from the input vs. the one obtained from
                         //the policy after having filled in the keyPath in the template
@@ -320,7 +313,7 @@ async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
                                 descriptor,
                                 network
                             }).getScriptPubKey();
-                            if (Buffer.compare(policyScriptPubKey, scriptPubKey) === 0) {
+                            if ((0, uint8array_tools_1.compare)(policyScriptPubKey, scriptPubKey) === 0) {
                                 return policy;
                             }
                         }
@@ -358,24 +351,73 @@ async function ledgerPolicyFromPsbtInput({ ledgerManager, psbt, index }) {
  * This function takes into account all the considerations regarding Ledger
  * policy implementation details expressed in the header of this file.
  */
-async function ledgerPolicyFromOutput({ output, ledgerClient, ledgerState }) {
-    const expandedExpression = output.expand().expandedExpression;
-    const expansionMap = output.expand().expansionMap;
+async function ledgerPolicyFromOutput({ output, ledgerManager }) {
+    const expanded = output.expand();
+    let expandedExpression = expanded.expandedExpression;
+    const expansionMap = expanded.expansionMap
+        ? { ...expanded.expansionMap }
+        : undefined;
+    // Taproot script-path keys are expanded in tapTreeInfo leaf expansion maps,
+    // not in the top-level expansionMap. For ledger policy derivation we remap
+    // leaf-local placeholders to global placeholders and merge all leaf keys into
+    // the top-level expansionMap.
+    if (expandedExpression?.startsWith('tr(@0,') &&
+        expansionMap &&
+        expanded.tapTreeInfo) {
+        const keyExpressionToGlobalPlaceholder = new Map(Object.entries(expansionMap).map(([placeholder, keyInfo]) => [
+            keyInfo.keyExpression,
+            placeholder
+        ]));
+        let nextPlaceholderIndex = Object.keys(expansionMap).length;
+        const globalPlaceholderFor = (keyInfo) => {
+            const existing = keyExpressionToGlobalPlaceholder.get(keyInfo.keyExpression);
+            if (existing)
+                return existing;
+            const placeholder = `@${nextPlaceholderIndex}`;
+            nextPlaceholderIndex += 1;
+            keyExpressionToGlobalPlaceholder.set(keyInfo.keyExpression, placeholder);
+            expansionMap[placeholder] = keyInfo;
+            return placeholder;
+        };
+        const remapTapTree = (node) => {
+            if ('expression' in node) {
+                // Prefer descriptor-level expanded expression for policy templates so
+                // script expressions (e.g. sortedmulti_a) are preserved. Fall back to
+                // expandedMiniscript for older metadata.
+                let remappedMiniscript = node.expandedExpression ?? node.expandedMiniscript;
+                if (!remappedMiniscript)
+                    throw new Error(`Error: taproot leaf expansion not available`);
+                const localEntries = Object.entries(node.expansionMap);
+                const localToGlobalPlaceholder = new Map();
+                for (const [localPlaceholder, keyInfo] of localEntries) {
+                    const globalPlaceholder = globalPlaceholderFor(keyInfo);
+                    localToGlobalPlaceholder.set(localPlaceholder, globalPlaceholder);
+                }
+                remappedMiniscript = remappedMiniscript.replace(/@\d+/g, placeholder => localToGlobalPlaceholder.get(placeholder) ?? placeholder);
+                return remappedMiniscript;
+            }
+            return `{${remapTapTree(node.left)},${remapTapTree(node.right)}}`;
+        };
+        expandedExpression = `tr(@0,${remapTapTree(expanded.tapTreeInfo)})`;
+    }
     if (!expandedExpression || !expansionMap)
         throw new Error(`Error: invalid output`);
     const ledgerMasterFingerprint = await getLedgerMasterFingerPrint({
-        ledgerClient,
-        ledgerState
+        ledgerManager
+    });
+    // Keep placeholders in numeric order (@0, @1, @2, ...). This avoids
+    // lexicographic pitfalls like @10 being ordered before @2.
+    const allKeys = Object.keys(expansionMap).sort((a, b) => {
+        const aIndex = Number(a.slice(1));
+        const bIndex = Number(b.slice(1));
+        if (Number.isNaN(aIndex) || Number.isNaN(bIndex))
+            return a.localeCompare(b);
+        return aIndex - bIndex;
     });
-    //It's important to have keys sorted in ascii order. keys
-    //are of this type: @0, @1, @2, ....  and they also appear in the expandedExpression
-    //in ascending ascii order. Note that Object.keys(expansionMap ) does not ensure
-    //that the order is respected and so we force it.
-    const allKeys = Object.keys(expansionMap).sort();
     const ledgerKeys = allKeys.filter(key => {
         const masterFingerprint = expansionMap[key]?.masterFingerprint;
         return (masterFingerprint &&
-            Buffer.compare(masterFingerprint, ledgerMasterFingerprint) === 0);
+            (0, uint8array_tools_1.compare)(masterFingerprint, ledgerMasterFingerprint) === 0);
     });
     if (ledgerKeys.length === 0)
         return null;
@@ -392,8 +434,8 @@ async function ledgerPolicyFromOutput({ output, ledgerClient, ledgerState }) {
     if (!/^\/[01]\/\d+$/.test(keyPath))
         throw new Error(`Error: key paths must be /<1;0>/index, where change is 1 or 0 and index >= 0`);
     const keyRoots = [];
-    let ledgerTemplate = expandedExpression;
-    allKeys.forEach(key => {
+    const placeholderToLedgerPlaceholder = new Map();
+    allKeys.forEach((key, index) => {
         if (key !== ledgerKey) {
             //This block here only does data integrity assertions:
             const otherKeyInfo = expansionMap[key];
@@ -409,55 +451,46 @@ async function ledgerPolicyFromOutput({ output, ledgerClient, ledgerState }) {
                 throw new Error(`Error: all keyPaths must be the same for Ledger being able to sign: ${otherKeyInfo.keyPath} !== ${keyPath}`);
             }
         }
-        ledgerTemplate = ledgerTemplate.replaceAll(key, `@${keyRoots.length}/**`);
+        placeholderToLedgerPlaceholder.set(key, `@${index}/**`);
         const keyInfo = expansionMap[key];
         if (keyInfo.masterFingerprint && keyInfo.originPath)
-            keyRoots.push(`[${keyInfo.masterFingerprint?.toString('hex')}${keyInfo.originPath}]${keyInfo?.bip32?.neutered().toBase58()}`);
+            keyRoots.push(`[${(0, uint8array_tools_1.toHex)(keyInfo.masterFingerprint)}${keyInfo.originPath}]${keyInfo?.bip32?.neutered().toBase58()}`);
         else
             keyRoots.push(`${keyInfo?.bip32?.neutered().toBase58()}`);
     });
+    const ledgerTemplate = expandedExpression.replace(/@\d+/g, placeholder => placeholderToLedgerPlaceholder.get(placeholder) ?? placeholder);
     return { ledgerTemplate, keyRoots };
 }
 /**
- * To be removed in v3.0 and replaced by a version that does not accept
- * descriptors
- * @overload
- **/
-async function registerLedgerWallet({ descriptor, ledgerClient, ledgerState, ledgerManager, policyName }) {
-    if (typeof descriptor !== 'string' && ledgerManager)
-        throw new Error(`Invalid usage: descriptor must be a string`);
-    if (ledgerManager && (ledgerClient || ledgerState))
-        throw new Error(`Invalid usage: either ledgerManager or ledgerClient + ledgerState`);
-    if (ledgerManager)
-        ({ ledgerClient, ledgerState } = ledgerManager);
-    if (!ledgerClient)
-        throw new Error(`ledgerManager not provided`);
-    if (!ledgerState)
-        throw new Error(`ledgerManager not provided`);
+ * Registers a policy based on a provided descriptor.
+ *
+ * This function will:
+ * 1. Store the policy in `ledgerState` inside the `ledgerManager`.
+ * 2. Avoid re-registering if the policy was previously registered.
+ * 3. Skip registration if the policy is considered "standard".
+ *
+ * It's important to understand the nature of the Ledger Policy being registered:
+ * - While a descriptor might point to a specific output index of a particular change address,
+ *   the corresponding Ledger Policy abstracts this and represents potential outputs for
+ *   all addresses (both external and internal).
+ * - This means that the registered Ledger Policy is a generalized version of the descriptor,
+ *   not assuming specific values for the keyPath.
+ */
+async function registerLedgerWallet({ descriptor, ledgerManager, policyName }) {
+    const { ledgerClient, ledgerState, ecc, network } = ledgerManager;
     const { WalletPolicy, AppClient } = (await importAndValidateLedgerBitcoin(ledgerClient));
     if (!(ledgerClient instanceof AppClient))
         throw new Error(`Error: pass a valid ledgerClient`);
-    let output;
-    if (typeof descriptor === 'string') {
-        if (!ledgerManager)
-            throw new Error(`ledgerManager not provided`);
-        const { Output } = (0, descriptors_1.DescriptorsFactory)(ledgerManager.ecc);
-        output = new Output({
-            descriptor,
-            ...(descriptor.includes('*') ? { index: 0 } : {}), //if ranged set any index
-            network: ledgerManager.network
-        });
-    }
-    else
-        output = descriptor;
-    if (await ledgerPolicyFromStandard({ output, ledgerClient, ledgerState }))
-        return;
-    const result = await ledgerPolicyFromOutput({
-        output,
-        ledgerClient,
-        ledgerState
+    const { Output } = (0, descriptors_1.DescriptorsFactory)(ecc);
+    const output = new Output({
+        descriptor,
+        ...(descriptor.includes('*') ? { index: 0 } : {}), //if ranged set any index
+        network
     });
-    if (await ledgerPolicyFromStandard({ output, ledgerClient, ledgerState }))
+    if (await ledgerPolicyFromStandard({ output, ledgerManager }))
+        return;
+    const result = await ledgerPolicyFromOutput({ output, ledgerManager });
+    if (await ledgerPolicyFromStandard({ output, ledgerManager }))
         return;
     if (!result)
         throw new Error(`Error: output does not have a ledger input`);
@@ -466,11 +499,7 @@ async function registerLedgerWallet({ descriptor, ledgerClient, ledgerState, led
         ledgerState.policies = [];
     let walletPolicy, policyHmac;
     //Search in ledgerState first
-    const policy = await ledgerPolicyFromState({
-        output,
-        ledgerClient,
-        ledgerState
-    });
+    const policy = await ledgerPolicyFromState({ output, ledgerManager });
     if (policy) {
         if (policy.policyName !== policyName)
             throw new Error(`Error: policy was already registered with a different name: ${policy.policyName}`);
@@ -493,11 +522,10 @@ async function registerLedgerWallet({ descriptor, ledgerClient, ledgerState, led
 /**
  * Retrieve a standard ledger policy or null if it does correspond.
  **/
-async function ledgerPolicyFromStandard({ output, ledgerClient, ledgerState }) {
+async function ledgerPolicyFromStandard({ output, ledgerManager }) {
     const result = await ledgerPolicyFromOutput({
         output,
-        ledgerClient,
-        ledgerState
+        ledgerManager
     });
     if (!result)
         throw new Error(`Error: descriptor does not have a ledger input`);
@@ -528,11 +556,11 @@ function comparePolicies(policyA, policyB) {
 /**
  * Retrieve a ledger policy from ledgerState or null if it does not exist yet.
  **/
-async function ledgerPolicyFromState({ output, ledgerClient, ledgerState }) {
+async function ledgerPolicyFromState({ output, ledgerManager }) {
+    const { ledgerState } = ledgerManager;
     const result = await ledgerPolicyFromOutput({
         output,
-        ledgerClient,
-        ledgerState
+        ledgerManager
     });
     if (!result)
         throw new Error(`Error: output does not have a ledger input`);

package/dist/miniscript.d.ts

@@ -1,7 +1,7 @@
 import { Network } from 'bitcoinjs-lib';
 import type { ECPairAPI } from 'ecpair';
 import type { BIP32API } from 'bip32';
-import type { PartialSig } from 'bip174/src/lib/interfaces';
+import type { PartialSig } from 'bip174';
 import type { Preimage, TimeConstraints, ExpansionMap } from './types';
 /**
  * Expand a miniscript to a generalized form using variables instead of key
@@ -21,10 +21,11 @@ export declare function expandMiniscript({ miniscript, isSegwit, isTaproot, netw
     expandedMiniscript: string;
     expansionMap: ExpansionMap;
 };
-export declare function miniscript2Script({ expandedMiniscript, expansionMap }: {
+export declare function miniscript2Script({ expandedMiniscript, expansionMap, tapscript }: {
     expandedMiniscript: string;
     expansionMap: ExpansionMap;
-}): Buffer;
+    tapscript?: boolean;
+}): Uint8Array;
 /**
  * Assumptions:
  * The attacker does not have access to any of the private keys of public keys
@@ -36,19 +37,32 @@ export declare function miniscript2Script({ expandedMiniscript, expansionMap }:
  * Pass timeConstraints to search for the first solution with this nLockTime and
  * nSequence. Throw if no solution is possible using these constraints.
  *
+ * Time constraints are used to keep the chosen satisfaction stable between the
+ * planning pass (fake signatures) and the signing pass (real signatures).
+ * We run the satisfier once with fake signatures to discover the implied
+ * nLockTime/nSequence without requiring user signatures. If real signatures
+ * had the same length, the satisfier would typically pick the same
+ * minimal-weight solution again. But ECDSA signature sizes can vary (71–73
+ * bytes), which may change which solution is considered "smallest".
+ *
+ * Passing the previously derived timeConstraints in the second pass forces the
+ * same solution to be selected, ensuring locktime/sequence do not change
+ * between planning and finalization.
+ *
  * Don't pass timeConstraints (this is the default) if you want to get the
  * smallest size solution altogether.
  *
  * If a solution is not found this function throws.
  */
-export declare function satisfyMiniscript({ expandedMiniscript, expansionMap, signatures, preimages, timeConstraints }: {
+export declare function satisfyMiniscript({ expandedMiniscript, expansionMap, signatures, preimages, timeConstraints, tapscript }: {
     expandedMiniscript: string;
     expansionMap: ExpansionMap;
     signatures?: PartialSig[];
     preimages?: Preimage[];
     timeConstraints?: TimeConstraints;
+    tapscript?: boolean;
 }): {
-    scriptSatisfaction: Buffer;
+    scriptSatisfaction: Uint8Array;
     nLockTime: number | undefined;
     nSequence: number | undefined;
 };
@@ -78,7 +92,7 @@ export declare function satisfyMiniscript({ expandedMiniscript, expansionMap, si
  * However, the `0` number is an edge case that we specially handle with this
  * function.
  *
- * bitcoinjs-lib's `bscript.number.encode(0)` produces an empty Buffer.
+ * bitcoinjs-lib's `bscript.number.encode(0)` produces an empty array.
  * This is what the Bitcoin interpreter does and it is what `script.number.encode` was
  * implemented to do.
  *