@bitgo/wasm-utxo 1.1.0 → 1.2.0

package/dist/browser/js/fixedScriptWallet.d.ts

@@ -63,6 +63,11 @@ export declare class BitGoPsbt {
      * @returns A BitGoPsbt instance
      */
     static fromBytes(bytes: Uint8Array, network: NetworkName): BitGoPsbt;
+    /**
+     * Get the unsigned transaction ID
+     * @returns The unsigned transaction ID
+     */
+    unsignedTxid(): string;
     /**
      * Parse transaction with wallet keys to identify wallet inputs/outputs
      * @param walletKeys - The wallet keys to use for identification
@@ -82,5 +87,39 @@ export declare class BitGoPsbt {
      * @note This method does NOT validate wallet inputs. It only parses outputs.
      */
     parseOutputsWithWalletKeys(walletKeys: WalletKeys): ParsedOutput[];
+    /**
+     * Verify if a valid signature exists for a given extended public key at the specified input index.
+     *
+     * This method derives the public key from the xpub using the derivation path found in the
+     * PSBT input, then verifies the signature. It supports:
+     * - ECDSA signatures (for legacy/SegWit inputs)
+     * - Schnorr signatures (for Taproot script path inputs)
+     * - MuSig2 partial signatures (for Taproot keypath MuSig2 inputs)
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param xpub - The extended public key as a base58-encoded string
+     * @returns true if a valid signature exists, false if no signature exists
+     * @throws Error if input index is out of bounds, xpub is invalid, or verification fails
+     */
+    verifySignature(inputIndex: number, xpub: string): boolean;
+    /**
+     * Verify if a replay protection input has a valid signature.
+     *
+     * This method checks if a given input is a replay protection input (like P2shP2pk) and verifies
+     * the signature. Replay protection inputs don't use standard derivation paths, so this method
+     * verifies signatures without deriving from xpub.
+     *
+     * For P2PK replay protection inputs, this:
+     * - Extracts the signature from final_script_sig
+     * - Extracts the public key from redeem_script
+     * - Computes the legacy P2SH sighash
+     * - Verifies the ECDSA signature cryptographically
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param replayProtection - Scripts that identify replay protection inputs (same format as parseTransactionWithWalletKeys)
+     * @returns true if the input is a replay protection input and has a valid signature, false if no valid signature
+     * @throws Error if the input is not a replay protection input, index is out of bounds, or scripts are invalid
+     */
+    verifyReplayProtectionSignature(inputIndex: number, replayProtection: ReplayProtection): boolean;
 }
 export {};

package/dist/browser/js/fixedScriptWallet.js

@@ -35,6 +35,13 @@ export class BitGoPsbt {
         const wasm = WasmBitGoPsbt.from_bytes(bytes, network);
         return new BitGoPsbt(wasm);
     }
+    /**
+     * Get the unsigned transaction ID
+     * @returns The unsigned transaction ID
+     */
+    unsignedTxid() {
+        return this.wasm.unsigned_txid();
+    }
     /**
      * Parse transaction with wallet keys to identify wallet inputs/outputs
      * @param walletKeys - The wallet keys to use for identification
@@ -58,4 +65,42 @@ export class BitGoPsbt {
     parseOutputsWithWalletKeys(walletKeys) {
         return this.wasm.parse_outputs_with_wallet_keys(walletKeys);
     }
+    /**
+     * Verify if a valid signature exists for a given extended public key at the specified input index.
+     *
+     * This method derives the public key from the xpub using the derivation path found in the
+     * PSBT input, then verifies the signature. It supports:
+     * - ECDSA signatures (for legacy/SegWit inputs)
+     * - Schnorr signatures (for Taproot script path inputs)
+     * - MuSig2 partial signatures (for Taproot keypath MuSig2 inputs)
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param xpub - The extended public key as a base58-encoded string
+     * @returns true if a valid signature exists, false if no signature exists
+     * @throws Error if input index is out of bounds, xpub is invalid, or verification fails
+     */
+    verifySignature(inputIndex, xpub) {
+        return this.wasm.verify_signature(inputIndex, xpub);
+    }
+    /**
+     * Verify if a replay protection input has a valid signature.
+     *
+     * This method checks if a given input is a replay protection input (like P2shP2pk) and verifies
+     * the signature. Replay protection inputs don't use standard derivation paths, so this method
+     * verifies signatures without deriving from xpub.
+     *
+     * For P2PK replay protection inputs, this:
+     * - Extracts the signature from final_script_sig
+     * - Extracts the public key from redeem_script
+     * - Computes the legacy P2SH sighash
+     * - Verifies the ECDSA signature cryptographically
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param replayProtection - Scripts that identify replay protection inputs (same format as parseTransactionWithWalletKeys)
+     * @returns true if the input is a replay protection input and has a valid signature, false if no valid signature
+     * @throws Error if the input is not a replay protection input, index is out of bounds, or scripts are invalid
+     */
+    verifyReplayProtectionSignature(inputIndex, replayProtection) {
+        return this.wasm.verify_replay_protection_signature(inputIndex, replayProtection);
+    }
 }

package/dist/browser/js/wasm/wasm_utxo.d.ts

@@ -15,6 +15,27 @@ export class BitGoPsbt {
    * Deserialize a PSBT from bytes with network-specific logic
    */
   static from_bytes(bytes: Uint8Array, network: string): BitGoPsbt;
+  /**
+   * Get the unsigned transaction ID
+   */
+  unsigned_txid(): string;
+  /**
+   * Verify if a valid signature exists for a given xpub at the specified input index
+   *
+   * This method derives the public key from the xpub using the derivation path found in the
+   * PSBT input, then verifies the signature. It supports both ECDSA signatures (for legacy/SegWit
+   * inputs) and Schnorr signatures (for Taproot script path inputs).
+   *
+   * # Arguments
+   * - `input_index`: The index of the input to check
+   * - `xpub_str`: The extended public key as a base58-encoded string
+   *
+   * # Returns
+   * - `Ok(true)` if a valid signature exists for the derived public key
+   * - `Ok(false)` if no signature exists for the derived public key
+   * - `Err(WasmUtxoError)` if the input index is out of bounds, xpub is invalid, derivation fails, or verification fails
+   */
+  verify_signature(input_index: number, xpub_str: string): boolean;
   /**
    * Parse outputs with wallet keys to identify which outputs belong to a wallet
    *
@@ -25,6 +46,24 @@ export class BitGoPsbt {
    * Parse transaction with wallet keys to identify wallet inputs/outputs
    */
   parse_transaction_with_wallet_keys(wallet_keys: any, replay_protection: any): any;
+  /**
+   * Verify if a replay protection input has a valid signature
+   *
+   * This method checks if a given input is a replay protection input and cryptographically verifies
+   * the signature. Replay protection inputs (like P2shP2pk) don't use standard derivation paths,
+   * so this method verifies signatures without deriving from xpub.
+   *
+   * # Arguments
+   * - `input_index`: The index of the input to check
+   * - `replay_protection`: Replay protection configuration (same format as parseTransactionWithWalletKeys)
+   *   Can be either `{ outputScripts: Buffer[] }` or `{ addresses: string[] }`
+   *
+   * # Returns
+   * - `Ok(true)` if the input is a replay protection input and has a valid signature
+   * - `Ok(false)` if the input is a replay protection input but has no valid signature
+   * - `Err(WasmUtxoError)` if the input is not a replay protection input, index is out of bounds, or configuration is invalid
+   */
+  verify_replay_protection_signature(input_index: number, replay_protection: any): boolean;
 }
 export class FixedScriptWalletNamespace {
   private constructor();

package/dist/browser/js/wasm/wasm_utxo_bg.js

@@ -289,6 +289,62 @@ export class BitGoPsbt {
             wasm.__wbindgen_add_to_stack_pointer(16);
         }
     }
+    /**
+     * Get the unsigned transaction ID
+     * @returns {string}
+     */
+    unsigned_txid() {
+        let deferred1_0;
+        let deferred1_1;
+        try {
+            const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+            wasm.bitgopsbt_unsigned_txid(retptr, this.__wbg_ptr);
+            var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+            var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+            deferred1_0 = r0;
+            deferred1_1 = r1;
+            return getStringFromWasm0(r0, r1);
+        } finally {
+            wasm.__wbindgen_add_to_stack_pointer(16);
+            wasm.__wbindgen_export_3(deferred1_0, deferred1_1, 1);
+        }
+    }
+    /**
+     * Verify if a valid signature exists for a given xpub at the specified input index
+     *
+     * This method derives the public key from the xpub using the derivation path found in the
+     * PSBT input, then verifies the signature. It supports both ECDSA signatures (for legacy/SegWit
+     * inputs) and Schnorr signatures (for Taproot script path inputs).
+     *
+     * # Arguments
+     * - `input_index`: The index of the input to check
+     * - `xpub_str`: The extended public key as a base58-encoded string
+     *
+     * # Returns
+     * - `Ok(true)` if a valid signature exists for the derived public key
+     * - `Ok(false)` if no signature exists for the derived public key
+     * - `Err(WasmUtxoError)` if the input index is out of bounds, xpub is invalid, derivation fails, or verification fails
+     * @param {number} input_index
+     * @param {string} xpub_str
+     * @returns {boolean}
+     */
+    verify_signature(input_index, xpub_str) {
+        try {
+            const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+            const ptr0 = passStringToWasm0(xpub_str, wasm.__wbindgen_export_1, wasm.__wbindgen_export_2);
+            const len0 = WASM_VECTOR_LEN;
+            wasm.bitgopsbt_verify_signature(retptr, this.__wbg_ptr, input_index, ptr0, len0);
+            var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+            var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+            var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+            if (r2) {
+                throw takeObject(r1);
+            }
+            return r0 !== 0;
+        } finally {
+            wasm.__wbindgen_add_to_stack_pointer(16);
+        }
+    }
     /**
      * Parse outputs with wallet keys to identify which outputs belong to a wallet
      *
@@ -332,6 +388,41 @@ export class BitGoPsbt {
             wasm.__wbindgen_add_to_stack_pointer(16);
         }
     }
+    /**
+     * Verify if a replay protection input has a valid signature
+     *
+     * This method checks if a given input is a replay protection input and cryptographically verifies
+     * the signature. Replay protection inputs (like P2shP2pk) don't use standard derivation paths,
+     * so this method verifies signatures without deriving from xpub.
+     *
+     * # Arguments
+     * - `input_index`: The index of the input to check
+     * - `replay_protection`: Replay protection configuration (same format as parseTransactionWithWalletKeys)
+     *   Can be either `{ outputScripts: Buffer[] }` or `{ addresses: string[] }`
+     *
+     * # Returns
+     * - `Ok(true)` if the input is a replay protection input and has a valid signature
+     * - `Ok(false)` if the input is a replay protection input but has no valid signature
+     * - `Err(WasmUtxoError)` if the input is not a replay protection input, index is out of bounds, or configuration is invalid
+     * @param {number} input_index
+     * @param {any} replay_protection
+     * @returns {boolean}
+     */
+    verify_replay_protection_signature(input_index, replay_protection) {
+        try {
+            const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+            wasm.bitgopsbt_verify_replay_protection_signature(retptr, this.__wbg_ptr, input_index, addHeapObject(replay_protection));
+            var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+            var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+            var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+            if (r2) {
+                throw takeObject(r1);
+            }
+            return r0 !== 0;
+        } finally {
+            wasm.__wbindgen_add_to_stack_pointer(16);
+        }
+    }
 }
 if (Symbol.dispose) BitGoPsbt.prototype[Symbol.dispose] = BitGoPsbt.prototype.free;
 

package/dist/browser/js/wasm/wasm_utxo_bg.wasm.d.ts

@@ -1,14 +1,29 @@
 /* tslint:disable */
 /* eslint-disable */
 export const memory: WebAssembly.Memory;
+export const __wbg_bitgopsbt_free: (a: number, b: number) => void;
+export const __wbg_fixedscriptwalletnamespace_free: (a: number, b: number) => void;
+export const __wbg_wrappsbt_free: (a: number, b: number) => void;
+export const bitgopsbt_from_bytes: (a: number, b: number, c: number, d: number, e: number) => void;
+export const bitgopsbt_parse_outputs_with_wallet_keys: (a: number, b: number, c: number) => void;
+export const bitgopsbt_parse_transaction_with_wallet_keys: (a: number, b: number, c: number, d: number) => void;
+export const bitgopsbt_unsigned_txid: (a: number, b: number) => void;
+export const bitgopsbt_verify_replay_protection_signature: (a: number, b: number, c: number, d: number) => void;
+export const bitgopsbt_verify_signature: (a: number, b: number, c: number, d: number, e: number) => void;
+export const fixedscriptwalletnamespace_address: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
+export const fixedscriptwalletnamespace_output_script: (a: number, b: number, c: number, d: number, e: number) => void;
+export const wrappsbt_clone: (a: number) => number;
+export const wrappsbt_deserialize: (a: number, b: number, c: number) => void;
+export const wrappsbt_finalize: (a: number, b: number) => void;
+export const wrappsbt_serialize: (a: number, b: number) => void;
+export const wrappsbt_signWithPrv: (a: number, b: number, c: number, d: number) => void;
+export const wrappsbt_signWithXprv: (a: number, b: number, c: number, d: number) => void;
+export const wrappsbt_updateInputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
+export const wrappsbt_updateOutputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
 export const __wbg_addressnamespace_free: (a: number, b: number) => void;
-export const __wbg_utxolibcompatnamespace_free: (a: number, b: number) => void;
-export const __wbg_wrapdescriptor_free: (a: number, b: number) => void;
-export const __wbg_wrapminiscript_free: (a: number, b: number) => void;
 export const addressnamespace_from_output_script_with_coin: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
 export const addressnamespace_to_output_script_with_coin: (a: number, b: number, c: number, d: number, e: number) => void;
-export const utxolibcompatnamespace_from_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
-export const utxolibcompatnamespace_to_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
+export const __wbg_wrapdescriptor_free: (a: number, b: number) => void;
 export const wrapdescriptor_atDerivationIndex: (a: number, b: number, c: number) => void;
 export const wrapdescriptor_descType: (a: number, b: number) => void;
 export const wrapdescriptor_encode: (a: number, b: number) => void;
@@ -20,28 +35,16 @@ export const wrapdescriptor_node: (a: number, b: number) => void;
 export const wrapdescriptor_scriptPubkey: (a: number, b: number) => void;
 export const wrapdescriptor_toAsmString: (a: number, b: number) => void;
 export const wrapdescriptor_toString: (a: number, b: number) => void;
+export const __wbg_utxolibcompatnamespace_free: (a: number, b: number) => void;
+export const __wbg_wrapminiscript_free: (a: number, b: number) => void;
+export const utxolibcompatnamespace_from_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
+export const utxolibcompatnamespace_to_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
 export const wrapminiscript_encode: (a: number, b: number) => void;
 export const wrapminiscript_fromBitcoinScript: (a: number, b: number, c: number, d: number, e: number) => void;
 export const wrapminiscript_fromString: (a: number, b: number, c: number, d: number, e: number) => void;
 export const wrapminiscript_node: (a: number, b: number) => void;
 export const wrapminiscript_toAsmString: (a: number, b: number) => void;
 export const wrapminiscript_toString: (a: number, b: number) => void;
-export const __wbg_bitgopsbt_free: (a: number, b: number) => void;
-export const __wbg_fixedscriptwalletnamespace_free: (a: number, b: number) => void;
-export const __wbg_wrappsbt_free: (a: number, b: number) => void;
-export const bitgopsbt_from_bytes: (a: number, b: number, c: number, d: number, e: number) => void;
-export const bitgopsbt_parse_outputs_with_wallet_keys: (a: number, b: number, c: number) => void;
-export const bitgopsbt_parse_transaction_with_wallet_keys: (a: number, b: number, c: number, d: number) => void;
-export const fixedscriptwalletnamespace_address: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
-export const fixedscriptwalletnamespace_output_script: (a: number, b: number, c: number, d: number, e: number) => void;
-export const wrappsbt_clone: (a: number) => number;
-export const wrappsbt_deserialize: (a: number, b: number, c: number) => void;
-export const wrappsbt_finalize: (a: number, b: number) => void;
-export const wrappsbt_serialize: (a: number, b: number) => void;
-export const wrappsbt_signWithPrv: (a: number, b: number, c: number, d: number) => void;
-export const wrappsbt_signWithXprv: (a: number, b: number, c: number, d: number) => void;
-export const wrappsbt_updateInputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
-export const wrappsbt_updateOutputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
 export const rustsecp256k1_v0_10_0_context_create: (a: number) => number;
 export const rustsecp256k1_v0_10_0_context_destroy: (a: number) => void;
 export const rustsecp256k1_v0_10_0_default_error_callback_fn: (a: number, b: number) => void;

package/dist/node/js/fixedScriptWallet.d.ts

@@ -63,6 +63,11 @@ export declare class BitGoPsbt {
      * @returns A BitGoPsbt instance
      */
     static fromBytes(bytes: Uint8Array, network: NetworkName): BitGoPsbt;
+    /**
+     * Get the unsigned transaction ID
+     * @returns The unsigned transaction ID
+     */
+    unsignedTxid(): string;
     /**
      * Parse transaction with wallet keys to identify wallet inputs/outputs
      * @param walletKeys - The wallet keys to use for identification
@@ -82,5 +87,39 @@ export declare class BitGoPsbt {
      * @note This method does NOT validate wallet inputs. It only parses outputs.
      */
     parseOutputsWithWalletKeys(walletKeys: WalletKeys): ParsedOutput[];
+    /**
+     * Verify if a valid signature exists for a given extended public key at the specified input index.
+     *
+     * This method derives the public key from the xpub using the derivation path found in the
+     * PSBT input, then verifies the signature. It supports:
+     * - ECDSA signatures (for legacy/SegWit inputs)
+     * - Schnorr signatures (for Taproot script path inputs)
+     * - MuSig2 partial signatures (for Taproot keypath MuSig2 inputs)
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param xpub - The extended public key as a base58-encoded string
+     * @returns true if a valid signature exists, false if no signature exists
+     * @throws Error if input index is out of bounds, xpub is invalid, or verification fails
+     */
+    verifySignature(inputIndex: number, xpub: string): boolean;
+    /**
+     * Verify if a replay protection input has a valid signature.
+     *
+     * This method checks if a given input is a replay protection input (like P2shP2pk) and verifies
+     * the signature. Replay protection inputs don't use standard derivation paths, so this method
+     * verifies signatures without deriving from xpub.
+     *
+     * For P2PK replay protection inputs, this:
+     * - Extracts the signature from final_script_sig
+     * - Extracts the public key from redeem_script
+     * - Computes the legacy P2SH sighash
+     * - Verifies the ECDSA signature cryptographically
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param replayProtection - Scripts that identify replay protection inputs (same format as parseTransactionWithWalletKeys)
+     * @returns true if the input is a replay protection input and has a valid signature, false if no valid signature
+     * @throws Error if the input is not a replay protection input, index is out of bounds, or scripts are invalid
+     */
+    verifyReplayProtectionSignature(inputIndex: number, replayProtection: ReplayProtection): boolean;
 }
 export {};

package/dist/node/js/fixedScriptWallet.js

@@ -41,6 +41,13 @@ class BitGoPsbt {
         const wasm = wasm_utxo_2.BitGoPsbt.from_bytes(bytes, network);
         return new BitGoPsbt(wasm);
     }
+    /**
+     * Get the unsigned transaction ID
+     * @returns The unsigned transaction ID
+     */
+    unsignedTxid() {
+        return this.wasm.unsigned_txid();
+    }
     /**
      * Parse transaction with wallet keys to identify wallet inputs/outputs
      * @param walletKeys - The wallet keys to use for identification
@@ -64,5 +71,43 @@ class BitGoPsbt {
     parseOutputsWithWalletKeys(walletKeys) {
         return this.wasm.parse_outputs_with_wallet_keys(walletKeys);
     }
+    /**
+     * Verify if a valid signature exists for a given extended public key at the specified input index.
+     *
+     * This method derives the public key from the xpub using the derivation path found in the
+     * PSBT input, then verifies the signature. It supports:
+     * - ECDSA signatures (for legacy/SegWit inputs)
+     * - Schnorr signatures (for Taproot script path inputs)
+     * - MuSig2 partial signatures (for Taproot keypath MuSig2 inputs)
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param xpub - The extended public key as a base58-encoded string
+     * @returns true if a valid signature exists, false if no signature exists
+     * @throws Error if input index is out of bounds, xpub is invalid, or verification fails
+     */
+    verifySignature(inputIndex, xpub) {
+        return this.wasm.verify_signature(inputIndex, xpub);
+    }
+    /**
+     * Verify if a replay protection input has a valid signature.
+     *
+     * This method checks if a given input is a replay protection input (like P2shP2pk) and verifies
+     * the signature. Replay protection inputs don't use standard derivation paths, so this method
+     * verifies signatures without deriving from xpub.
+     *
+     * For P2PK replay protection inputs, this:
+     * - Extracts the signature from final_script_sig
+     * - Extracts the public key from redeem_script
+     * - Computes the legacy P2SH sighash
+     * - Verifies the ECDSA signature cryptographically
+     *
+     * @param inputIndex - The index of the input to check (0-based)
+     * @param replayProtection - Scripts that identify replay protection inputs (same format as parseTransactionWithWalletKeys)
+     * @returns true if the input is a replay protection input and has a valid signature, false if no valid signature
+     * @throws Error if the input is not a replay protection input, index is out of bounds, or scripts are invalid
+     */
+    verifyReplayProtectionSignature(inputIndex, replayProtection) {
+        return this.wasm.verify_replay_protection_signature(inputIndex, replayProtection);
+    }
 }
 exports.BitGoPsbt = BitGoPsbt;

package/dist/node/js/wasm/wasm_utxo.d.ts

@@ -15,6 +15,27 @@ export class BitGoPsbt {
    * Deserialize a PSBT from bytes with network-specific logic
    */
   static from_bytes(bytes: Uint8Array, network: string): BitGoPsbt;
+  /**
+   * Get the unsigned transaction ID
+   */
+  unsigned_txid(): string;
+  /**
+   * Verify if a valid signature exists for a given xpub at the specified input index
+   *
+   * This method derives the public key from the xpub using the derivation path found in the
+   * PSBT input, then verifies the signature. It supports both ECDSA signatures (for legacy/SegWit
+   * inputs) and Schnorr signatures (for Taproot script path inputs).
+   *
+   * # Arguments
+   * - `input_index`: The index of the input to check
+   * - `xpub_str`: The extended public key as a base58-encoded string
+   *
+   * # Returns
+   * - `Ok(true)` if a valid signature exists for the derived public key
+   * - `Ok(false)` if no signature exists for the derived public key
+   * - `Err(WasmUtxoError)` if the input index is out of bounds, xpub is invalid, derivation fails, or verification fails
+   */
+  verify_signature(input_index: number, xpub_str: string): boolean;
   /**
    * Parse outputs with wallet keys to identify which outputs belong to a wallet
    *
@@ -25,6 +46,24 @@ export class BitGoPsbt {
    * Parse transaction with wallet keys to identify wallet inputs/outputs
    */
   parse_transaction_with_wallet_keys(wallet_keys: any, replay_protection: any): any;
+  /**
+   * Verify if a replay protection input has a valid signature
+   *
+   * This method checks if a given input is a replay protection input and cryptographically verifies
+   * the signature. Replay protection inputs (like P2shP2pk) don't use standard derivation paths,
+   * so this method verifies signatures without deriving from xpub.
+   *
+   * # Arguments
+   * - `input_index`: The index of the input to check
+   * - `replay_protection`: Replay protection configuration (same format as parseTransactionWithWalletKeys)
+   *   Can be either `{ outputScripts: Buffer[] }` or `{ addresses: string[] }`
+   *
+   * # Returns
+   * - `Ok(true)` if the input is a replay protection input and has a valid signature
+   * - `Ok(false)` if the input is a replay protection input but has no valid signature
+   * - `Err(WasmUtxoError)` if the input is not a replay protection input, index is out of bounds, or configuration is invalid
+   */
+  verify_replay_protection_signature(input_index: number, replay_protection: any): boolean;
 }
 export class FixedScriptWalletNamespace {
   private constructor();

package/dist/node/js/wasm/wasm_utxo.js

@@ -281,6 +281,62 @@ class BitGoPsbt {
             wasm.__wbindgen_add_to_stack_pointer(16);
         }
     }
+    /**
+     * Get the unsigned transaction ID
+     * @returns {string}
+     */
+    unsigned_txid() {
+        let deferred1_0;
+        let deferred1_1;
+        try {
+            const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+            wasm.bitgopsbt_unsigned_txid(retptr, this.__wbg_ptr);
+            var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+            var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+            deferred1_0 = r0;
+            deferred1_1 = r1;
+            return getStringFromWasm0(r0, r1);
+        } finally {
+            wasm.__wbindgen_add_to_stack_pointer(16);
+            wasm.__wbindgen_export_3(deferred1_0, deferred1_1, 1);
+        }
+    }
+    /**
+     * Verify if a valid signature exists for a given xpub at the specified input index
+     *
+     * This method derives the public key from the xpub using the derivation path found in the
+     * PSBT input, then verifies the signature. It supports both ECDSA signatures (for legacy/SegWit
+     * inputs) and Schnorr signatures (for Taproot script path inputs).
+     *
+     * # Arguments
+     * - `input_index`: The index of the input to check
+     * - `xpub_str`: The extended public key as a base58-encoded string
+     *
+     * # Returns
+     * - `Ok(true)` if a valid signature exists for the derived public key
+     * - `Ok(false)` if no signature exists for the derived public key
+     * - `Err(WasmUtxoError)` if the input index is out of bounds, xpub is invalid, derivation fails, or verification fails
+     * @param {number} input_index
+     * @param {string} xpub_str
+     * @returns {boolean}
+     */
+    verify_signature(input_index, xpub_str) {
+        try {
+            const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+            const ptr0 = passStringToWasm0(xpub_str, wasm.__wbindgen_export_1, wasm.__wbindgen_export_2);
+            const len0 = WASM_VECTOR_LEN;
+            wasm.bitgopsbt_verify_signature(retptr, this.__wbg_ptr, input_index, ptr0, len0);
+            var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+            var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+            var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+            if (r2) {
+                throw takeObject(r1);
+            }
+            return r0 !== 0;
+        } finally {
+            wasm.__wbindgen_add_to_stack_pointer(16);
+        }
+    }
     /**
      * Parse outputs with wallet keys to identify which outputs belong to a wallet
      *
@@ -324,6 +380,41 @@ class BitGoPsbt {
             wasm.__wbindgen_add_to_stack_pointer(16);
         }
     }
+    /**
+     * Verify if a replay protection input has a valid signature
+     *
+     * This method checks if a given input is a replay protection input and cryptographically verifies
+     * the signature. Replay protection inputs (like P2shP2pk) don't use standard derivation paths,
+     * so this method verifies signatures without deriving from xpub.
+     *
+     * # Arguments
+     * - `input_index`: The index of the input to check
+     * - `replay_protection`: Replay protection configuration (same format as parseTransactionWithWalletKeys)
+     *   Can be either `{ outputScripts: Buffer[] }` or `{ addresses: string[] }`
+     *
+     * # Returns
+     * - `Ok(true)` if the input is a replay protection input and has a valid signature
+     * - `Ok(false)` if the input is a replay protection input but has no valid signature
+     * - `Err(WasmUtxoError)` if the input is not a replay protection input, index is out of bounds, or configuration is invalid
+     * @param {number} input_index
+     * @param {any} replay_protection
+     * @returns {boolean}
+     */
+    verify_replay_protection_signature(input_index, replay_protection) {
+        try {
+            const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+            wasm.bitgopsbt_verify_replay_protection_signature(retptr, this.__wbg_ptr, input_index, addHeapObject(replay_protection));
+            var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+            var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+            var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
+            if (r2) {
+                throw takeObject(r1);
+            }
+            return r0 !== 0;
+        } finally {
+            wasm.__wbindgen_add_to_stack_pointer(16);
+        }
+    }
 }
 if (Symbol.dispose) BitGoPsbt.prototype[Symbol.dispose] = BitGoPsbt.prototype.free;
 

package/dist/node/js/wasm/wasm_utxo_bg.wasm.d.ts

@@ -1,14 +1,29 @@
 /* tslint:disable */
 /* eslint-disable */
 export const memory: WebAssembly.Memory;
+export const __wbg_bitgopsbt_free: (a: number, b: number) => void;
+export const __wbg_fixedscriptwalletnamespace_free: (a: number, b: number) => void;
+export const __wbg_wrappsbt_free: (a: number, b: number) => void;
+export const bitgopsbt_from_bytes: (a: number, b: number, c: number, d: number, e: number) => void;
+export const bitgopsbt_parse_outputs_with_wallet_keys: (a: number, b: number, c: number) => void;
+export const bitgopsbt_parse_transaction_with_wallet_keys: (a: number, b: number, c: number, d: number) => void;
+export const bitgopsbt_unsigned_txid: (a: number, b: number) => void;
+export const bitgopsbt_verify_replay_protection_signature: (a: number, b: number, c: number, d: number) => void;
+export const bitgopsbt_verify_signature: (a: number, b: number, c: number, d: number, e: number) => void;
+export const fixedscriptwalletnamespace_address: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
+export const fixedscriptwalletnamespace_output_script: (a: number, b: number, c: number, d: number, e: number) => void;
+export const wrappsbt_clone: (a: number) => number;
+export const wrappsbt_deserialize: (a: number, b: number, c: number) => void;
+export const wrappsbt_finalize: (a: number, b: number) => void;
+export const wrappsbt_serialize: (a: number, b: number) => void;
+export const wrappsbt_signWithPrv: (a: number, b: number, c: number, d: number) => void;
+export const wrappsbt_signWithXprv: (a: number, b: number, c: number, d: number) => void;
+export const wrappsbt_updateInputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
+export const wrappsbt_updateOutputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
 export const __wbg_addressnamespace_free: (a: number, b: number) => void;
-export const __wbg_utxolibcompatnamespace_free: (a: number, b: number) => void;
-export const __wbg_wrapdescriptor_free: (a: number, b: number) => void;
-export const __wbg_wrapminiscript_free: (a: number, b: number) => void;
 export const addressnamespace_from_output_script_with_coin: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
 export const addressnamespace_to_output_script_with_coin: (a: number, b: number, c: number, d: number, e: number) => void;
-export const utxolibcompatnamespace_from_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
-export const utxolibcompatnamespace_to_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
+export const __wbg_wrapdescriptor_free: (a: number, b: number) => void;
 export const wrapdescriptor_atDerivationIndex: (a: number, b: number, c: number) => void;
 export const wrapdescriptor_descType: (a: number, b: number) => void;
 export const wrapdescriptor_encode: (a: number, b: number) => void;
@@ -20,28 +35,16 @@ export const wrapdescriptor_node: (a: number, b: number) => void;
 export const wrapdescriptor_scriptPubkey: (a: number, b: number) => void;
 export const wrapdescriptor_toAsmString: (a: number, b: number) => void;
 export const wrapdescriptor_toString: (a: number, b: number) => void;
+export const __wbg_utxolibcompatnamespace_free: (a: number, b: number) => void;
+export const __wbg_wrapminiscript_free: (a: number, b: number) => void;
+export const utxolibcompatnamespace_from_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
+export const utxolibcompatnamespace_to_output_script: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
 export const wrapminiscript_encode: (a: number, b: number) => void;
 export const wrapminiscript_fromBitcoinScript: (a: number, b: number, c: number, d: number, e: number) => void;
 export const wrapminiscript_fromString: (a: number, b: number, c: number, d: number, e: number) => void;
 export const wrapminiscript_node: (a: number, b: number) => void;
 export const wrapminiscript_toAsmString: (a: number, b: number) => void;
 export const wrapminiscript_toString: (a: number, b: number) => void;
-export const __wbg_bitgopsbt_free: (a: number, b: number) => void;
-export const __wbg_fixedscriptwalletnamespace_free: (a: number, b: number) => void;
-export const __wbg_wrappsbt_free: (a: number, b: number) => void;
-export const bitgopsbt_from_bytes: (a: number, b: number, c: number, d: number, e: number) => void;
-export const bitgopsbt_parse_outputs_with_wallet_keys: (a: number, b: number, c: number) => void;
-export const bitgopsbt_parse_transaction_with_wallet_keys: (a: number, b: number, c: number, d: number) => void;
-export const fixedscriptwalletnamespace_address: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
-export const fixedscriptwalletnamespace_output_script: (a: number, b: number, c: number, d: number, e: number) => void;
-export const wrappsbt_clone: (a: number) => number;
-export const wrappsbt_deserialize: (a: number, b: number, c: number) => void;
-export const wrappsbt_finalize: (a: number, b: number) => void;
-export const wrappsbt_serialize: (a: number, b: number) => void;
-export const wrappsbt_signWithPrv: (a: number, b: number, c: number, d: number) => void;
-export const wrappsbt_signWithXprv: (a: number, b: number, c: number, d: number) => void;
-export const wrappsbt_updateInputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
-export const wrappsbt_updateOutputWithDescriptor: (a: number, b: number, c: number, d: number) => void;
 export const rustsecp256k1_v0_10_0_context_create: (a: number) => number;
 export const rustsecp256k1_v0_10_0_context_destroy: (a: number) => void;
 export const rustsecp256k1_v0_10_0_default_error_callback_fn: (a: number, b: number) => void;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@bitgo/wasm-utxo",
   "description": "WebAssembly wrapper for rust-bitcoin (beta)",
-  "version": "1.1.0",
+  "version": "1.2.0",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/BitGo/BitGoWASM"
@@ -48,7 +48,11 @@
       "types": "./dist/node/js/utxolibCompat.d.ts",
       "browser": "./dist/browser/js/utxolibCompat.js",
       "default": "./dist/node/js/utxolibCompat.js"
-    }
+    },
+    "./dist/browser/js/wasm/wasm_utxo_bg.js": "./dist/browser/js/wasm/wasm_utxo_bg.js",
+    "./dist/browser/js/wasm/wasm_utxo_bg.wasm": "./dist/browser/js/wasm/wasm_utxo_bg.wasm",
+    "./dist/node/js/wasm/wasm_utxo_bg.js": "./dist/node/js/wasm/wasm_utxo_bg.js",
+    "./dist/node/js/wasm/wasm_utxo_bg.wasm": "./dist/node/js/wasm/wasm_utxo_bg.wasm"
   },
   "sideEffects": [
     "./dist/node/js/wasm/wasm_utxo.js",