@bsv/sdk 1.0.13 → 1.0.15

package/src/primitives/PrivateKey.ts

@@ -75,7 +75,7 @@ export default class PrivateKey extends BigNumber {
    * @param base - The base of number provided. By default is 10. Ignored if number is BigNumber.
    *
    * @param endian - The endianness provided. By default is 'big endian'. Ignored if number is BigNumber.
-   * 
+   *
    * @param modN - Optional. Default 'apply. If 'apply', apply modN to input to guarantee a valid PrivateKey. If 'error', if input is out of field throw Error('Input is out of field'). If 'nocheck', assumes input is in field.
    *
    * @example
@@ -100,7 +100,7 @@ export default class PrivateKey extends BigNumber {
       const check = this.checkInField()
       if (!check.inField) {
         if (modN === 'error') {
-          throw new Error('Input is out of field') 
+          throw new Error('Input is out of field')
         }
         // Force the PrivateKey BigNumber value to lie in the field limited by curve.n
         BigNumber.move(this, check.modN)
@@ -112,7 +112,7 @@ export default class PrivateKey extends BigNumber {
    * A utility function to check that the value of this PrivateKey lies in the field limited by curve.n
    * @returns { inField, modN } where modN is this PrivateKey's current BigNumber value mod curve.n, and inField is true only if modN equals current BigNumber value.
    */
-  checkInField() : { inField: boolean, modN: BigNumber } {
+  checkInField (): { inField: boolean, modN: BigNumber } {
     const curve = new Curve()
     const modN = this.mod(curve.n)
     const inField = this.cmp(modN) === 0
@@ -122,7 +122,7 @@ export default class PrivateKey extends BigNumber {
   /**
    * @returns true if the PrivateKey's current BigNumber value lies in the field limited by curve.n
    */
-  isValid() : boolean {
+  isValid (): boolean {
     return this.checkInField().inField
   }
 
@@ -184,41 +184,40 @@ export default class PrivateKey extends BigNumber {
 
   /**
    * Converts the private key to a Wallet Import Format (WIF) string.
-   * 
+   *
    * Base58Check encoding is used for encoding the private key.
-   * The prefix 
-   * 
+   * The prefix
+   *
    * @method toWif
    * @returns The WIF string.
-   * 
+   *
    * @param prefix defaults to [0x80] for mainnet, set it to [0xef] for testnet.
-   * 
+   *
    * @throws Error('Value is out of field') if current BigNumber value is out of field limited by curve.n
-   * 
+   *
    * @example
    * const privateKey = PrivateKey.fromRandom();
    * const wif = privateKey.toWif();
    * const testnetWif = privateKey.toWif([0xef]);
    */
-  toWif (prefix : number[] = [0x80]): string {
-    if (!this.isValid())
-      throw new Error('Value is out of field')
-    return toBase58Check([...this.toArray("be", 32), 1], prefix)
+  toWif (prefix: number[] = [0x80]): string {
+    if (!this.isValid()) { throw new Error('Value is out of field') }
+    return toBase58Check([...this.toArray('be', 32), 1], prefix)
   }
 
   /**
    * Base58Check encodes the hash of the public key associated with this private key with a prefix to indicate locking script type.
    * Defaults to P2PKH for mainnet, otherwise known as a "Bitcoin Address".
-   * 
+   *
    * @param prefix defaults to [0x00] for mainnet, set to [0x6f] for testnet.
-   * 
-   * @returns Returns the address encoding associated with the hash of the public key associated with this private key. 
-   * 
+   *
+   * @returns Returns the address encoding associated with the hash of the public key associated with this private key.
+   *
    * @example
    * const address = pubkey.toAddress()
    * const testnetAddress = pubkey.toAddress([0x6f])
    */
-  toAddress (prefix : number[] = [0x00]): string {
+  toAddress (prefix: number[] = [0x00]): string {
     return this.toPublicKey().toAddress(prefix)
   }
 

package/src/primitives/PublicKey.ts

@@ -3,10 +3,9 @@ import PrivateKey from './PrivateKey.js'
 import Curve from './Curve.js'
 import { verify } from './ECDSA.js'
 import BigNumber from './BigNumber.js'
-import { sha256, sha256hmac } from './Hash.js'
+import { sha256, sha256hmac, hash160 } from './Hash.js'
 import Signature from './Signature.js'
 import { toArray, toBase58Check, toHex } from './utils.js'
-import { hash160 } from './Hash.js'
 
 /**
  * The PublicKey class extends the Point class. It is used in public-key cryptography to derive shared secret, verify message signatures, and encode the public key in the DER format.
@@ -128,14 +127,14 @@ export default class PublicKey extends Point {
 
   /**
    * Hash sha256 and ripemd160 of the public key.
-   * 
+   *
    * @returns Returns the hash of the public key.
-   * 
+   *
    * @example
    * const publicKeyHash = pubkey.toHash()
    */
   toHash (enc?: 'hex'): number[] | string {
-    const pkh = hash160(this.encode(true)) as number[]
+    const pkh = hash160(this.encode(true))
     if (enc === 'hex') {
       return toHex(pkh)
     }
@@ -145,16 +144,16 @@ export default class PublicKey extends Point {
   /**
    * Base58Check encodes the hash of the public key with a prefix to indicate locking script type.
    * Defaults to P2PKH for mainnet, otherwise known as a "Bitcoin Address".
-   * 
+   *
    * @param prefix defaults to [0x00] for mainnet, set to [0x6f] for testnet.
-   * 
-   * @returns Returns the address encoding associated with the hash of the public key. 
-   * 
+   *
+   * @returns Returns the address encoding associated with the hash of the public key.
+   *
    * @example
    * const address = pubkey.toAddress()
    * const testnetAddress = pubkey.toAddress([0x6f])
    */
-  toAddress (prefix : number[] = [0x00]): string {
+  toAddress (prefix: number[] = [0x00]): string {
     return toBase58Check(this.toHash() as number[], prefix)
   }
 

package/src/primitives/Random.ts

@@ -1,7 +1,7 @@
 class Rand {
   _rand: Function
-  constructor() {
-    let noRand = () => {
+  constructor () {
+    const noRand = () => {
       throw new Error('No secure random number generator is available in this environment.')
     }
     if (typeof self === 'object') {
@@ -13,7 +13,7 @@ class Rand {
           self.crypto.getRandomValues(arr)
           return [...arr]
         }
-      } else /*if (typeof window === 'object')*/ {
+      } else /* if (typeof window === 'object') */ {
         this._rand = noRand
       }
     } else {
@@ -29,7 +29,7 @@ class Rand {
     }
   }
 
-  generate(len: number): number[] {
+  generate (len: number): number[] {
     return this._rand(len)
   }
 }

package/src/primitives/Signature.ts

@@ -3,6 +3,8 @@ import PublicKey from './PublicKey.js'
 import { verify } from './ECDSA.js'
 import { sha256 } from './Hash.js'
 import { toArray, toHex, toBase64 } from './utils.js'
+import Point from './Point.js'
+import Curve from './Curve.js'
 
 /**
  * Represents a digital signature.
@@ -39,7 +41,7 @@ export default class Signature {
    * @example
    * const signature = Signature.fromDER('30440220018c1f5502f8...', 'hex');
    */
-  static fromDER(data: number[] | string, enc?: 'hex' | 'base64'): Signature {
+  static fromDER (data: number[] | string, enc?: 'hex' | 'base64'): Signature {
     const getLength = (buf, p): number => {
       const initial = buf[p.place++]
       if ((initial & 0x80) === 0) {
@@ -51,20 +53,12 @@ export default class Signature {
 
     class Position {
       place: number
-      constructor() {
+      constructor () {
         this.place = 0
       }
     }
     data = toArray(data, enc)
 
-    // Support compact signatures
-    if (data.length === 65) {
-      return new Signature(
-        new BigNumber(data.slice(1, 33)),
-        new BigNumber(data.slice(33, 65))
-      )
-    }
-
     const p = new Position()
     if (data[p.place++] !== 0x30) {
       throw new Error('Signature DER must start with 0x30')
@@ -108,6 +102,39 @@ export default class Signature {
     )
   }
 
+  /**
+   * Takes an array of numbers or a string and returns a new Signature instance.
+   * This method will throw an error if the Compact encoding is invalid.
+   * If a string is provided, it is assumed to represent a hexadecimal sequence.
+   * compactByte value 27-31 means compressed public key.
+   * 32-35 means uncompressed public key.
+   * The range represents the recovery param which can be 0,1,2,3,4.
+   * We could support recovery functions in future if there's demand.
+   *
+   * @static
+   * @method fromCompact
+   * @param data - The sequence to decode from Compact encoding.
+   * @param enc - The encoding of the data string.
+   * @returns The decoded data in the form of Signature instance.
+   *
+   * @example
+   * const signature = Signature.fromCompact('1b18c1f5502f8...', 'hex');
+   */
+  static fromCompact (data: number[] | string, enc?: 'hex' | 'base64'): Signature {
+    data = toArray(data, enc)
+    if (data.length !== 65) {
+      throw new Error('Invalid Compact Signature')
+    }
+    const compactByte = data[0]
+    if (compactByte < 27 || compactByte >= 35) {
+      throw new Error('Invalid Compact Byte')
+    }
+    return new Signature(
+      new BigNumber(data.slice(1, 33)),
+      new BigNumber(data.slice(33, 65))
+    )
+  }
+
   /**
    * Creates an instance of the Signature class.
    *
@@ -120,7 +147,7 @@ export default class Signature {
    * const s = new BigNumber('564745627577...');
    * const signature = new Signature(r, s);
    */
-  constructor(r: BigNumber, s: BigNumber) {
+  constructor (r: BigNumber, s: BigNumber) {
     this.r = r
     this.s = s
   }
@@ -142,7 +169,7 @@ export default class Signature {
    * const publicKey = PublicKey.fromString('04188ca1050...');
    * const isVerified = signature.verify(msg, publicKey);
    */
-  verify(msg: number[] | string, key: PublicKey, enc?: 'hex'): boolean {
+  verify (msg: number[] | string, key: PublicKey, enc?: 'hex'): boolean {
     const msgHash = new BigNumber(sha256(msg, enc), 16)
     return verify(msgHash, this, key)
   }
@@ -162,7 +189,7 @@ export default class Signature {
    * @example
    * const der = signature.toString('base64');
    */
-  toString(enc?: 'hex' | 'base64') {
+  toString (enc?: 'hex' | 'base64') {
     return this.toDER(enc)
   }
 
@@ -180,7 +207,7 @@ export default class Signature {
    * @example
    * const der = signature.toDER('hex');
    */
-  toDER(enc?: 'hex' | 'base64'): number[] | string {
+  toDER (enc?: 'hex' | 'base64'): number[] | string {
     const constructLength = (arr, len): void => {
       if (len < 0x80) {
         arr.push(len)
@@ -232,4 +259,121 @@ export default class Signature {
       return res
     }
   }
+
+  /**
+   * Converts an instance of Signature into Compact encoding.
+   *
+   * If the encoding parameter is set to 'hex', the function will return a hex string.
+   * If 'base64', it will return a base64 string.
+   * Otherwise, it will return an array of numbers.
+   *
+   * @method toCompact
+   * @param enc - The encoding to use for the output.
+   * @returns The current instance in DER encoding.
+   *
+   * @example
+   * const compact = signature.toCompact(3, true, 'base64');
+   */
+  toCompact (recovery: number, compressed: boolean, enc?: 'hex' | 'base64'): number[] | string {
+    if (recovery < 0 || recovery > 3) throw new Error('Invalid recovery param')
+    if (typeof compressed !== 'boolean') throw new Error('Invalid compressed param')
+    let compactByte = 27 + recovery
+    if (compressed) {
+      compactByte += 4
+    }
+    let arr = [compactByte]
+    arr = arr.concat(this.r.toArray())
+    arr = arr.concat(this.s.toArray())
+    if (enc === 'hex') {
+      return toHex(arr)
+    } else if (enc === 'base64') {
+      return toBase64(arr)
+    } else {
+      return arr
+    }
+  }
+
+  /**
+   * Recovers the public key from a signature.
+   * This method will return the public key if it finds a valid public key.
+   * If it does not find a valid public key, it will throw an error.
+   * The recovery factor is a number between 0 and 3.
+   * @method RecoverPublicKey
+   * @param recovery - The recovery factor.
+   * @param e - The message hash.
+   * @returns The public key associated with the signature.
+   *
+   * @example
+   * const publicKey = signature.RecoverPublicKey(0, msgHash);
+   */
+  RecoverPublicKey (recovery: number, e: BigNumber): PublicKey {
+    const r = this.r
+    const s = this.s
+
+    // A set LSB signifies that the y-coordinate is odd
+    const isYOdd = !!(recovery & 1)
+
+    // The more significant bit specifies whether we should use the
+    // first or second candidate key.
+    const isSecondKey = recovery >> 1
+
+    const curve = new Curve()
+    const n = curve.n
+    const G = curve.g
+
+    // 1.1 LEt x = r + jn
+    const x = isSecondKey ? r.add(n) : r
+    const R = Point.fromX(x, isYOdd)
+
+    // 1.4 Check that nR is at infinity
+    const nR = R.mul(n)
+    if (!nR.isInfinity()) {
+      throw new Error('nR is not at infinity')
+    }
+
+    // Compute -e from e
+    const eNeg = e.neg().umod(n)
+
+    // 1.6.1 Compute Q = r^-1 (sR - eG)
+    // Q = r^-1 (sR + -eG)
+    const rInv = r.invm(n)
+
+    // const Q = R.multiplyTwo(s, G, eNeg).mul(rInv)
+    const Q = R.mul(s)
+      .add(G.mul(eNeg))
+      .mul(rInv)
+
+    const pubKey = new PublicKey(Q)
+    pubKey.validate()
+
+    return pubKey
+  }
+
+  /**
+   * Calculates the recovery factor which will work for a particular public key and message hash.
+   * This method will return the recovery factor if it finds a valid recovery factor.
+   * If it does not find a valid recovery factor, it will throw an error.
+   * The recovery factor is a number between 0 and 3.
+   *
+   * @method CalculateRecoveryFactor
+   * @param msgHash - The message hash.
+   * @returns the recovery factor: number
+   * /
+   * @example
+   * const recovery = signature.CalculateRecoveryFactor(publicKey, msgHash);
+   */
+  CalculateRecoveryFactor (pubkey: PublicKey, msgHash: BigNumber): number {
+    for (let recovery = 0; recovery < 4; recovery++) {
+      let Qprime
+      try {
+        Qprime = this.RecoverPublicKey(recovery, msgHash)
+      } catch (e) {
+        continue
+      }
+      if (pubkey.eq(Qprime)) {
+        return recovery
+      }
+    }
+    throw new Error('Unable to find valid recovery factor')
+  }
 }

package/src/primitives/SymmetricKey.ts

@@ -22,7 +22,7 @@ export default class SymmetricKey extends BigNumber {
    * @example
    * const symmetricKey = SymmetricKey.fromRandom();
    */
-  static fromRandom(): SymmetricKey {
+  static fromRandom (): SymmetricKey {
     return new SymmetricKey(Random(32))
   }
 
@@ -40,7 +40,7 @@ export default class SymmetricKey extends BigNumber {
   * const key = new SymmetricKey(1234);
   * const encryptedMessage = key.encrypt('plainText', 'utf8');
   */
-  encrypt(msg: number[] | string, enc?: 'hex'): string | number[] {
+  encrypt (msg: number[] | string, enc?: 'hex'): string | number[] {
     const iv = Random(32)
     msg = toArray(msg, enc)
     const { result, authenticationTag } = AESGCM(
@@ -68,7 +68,7 @@ export default class SymmetricKey extends BigNumber {
    *
    * @throws {Error} Will throw an error if the decryption fails, likely due to message tampering or incorrect decryption key.
    */
-  decrypt(msg: number[] | string, enc?: 'hex' | 'utf8'): string | number[] {
+  decrypt (msg: number[] | string, enc?: 'hex' | 'utf8'): string | number[] {
     msg = toArray(msg, enc) as number[]
     const iv = msg.slice(0, 32)
     const ciphertextWithTag = msg.slice(32)

package/src/primitives/TransactionSignature.ts

@@ -15,7 +15,7 @@ export default class TransactionSignature extends Signature {
 
   scope: number
 
-  static format(params: {
+  static format (params: {
     sourceTXID: string
     sourceOutputIndex: number
     sourceSatoshis: number
@@ -48,7 +48,7 @@ export default class TransactionSignature extends Signature {
       }
 
       const buf = writer.toArray()
-      const ret = Hash.hash256(buf) as number[]
+      const ret = Hash.hash256(buf)
       return ret
     }
 
@@ -60,11 +60,11 @@ export default class TransactionSignature extends Signature {
       }
 
       const buf = writer.toArray()
-      const ret = Hash.hash256(buf) as number[]
+      const ret = Hash.hash256(buf)
       return ret
     }
 
-    function getOutputsHash(outputIndex?: number): number[] {
+    function getOutputsHash (outputIndex?: number): number[] {
       const writer = new Writer()
 
       if (typeof outputIndex === 'undefined') {
@@ -84,7 +84,7 @@ export default class TransactionSignature extends Signature {
       }
 
       const buf = writer.toArray()
-      const ret = Hash.hash256(buf) as number[]
+      const ret = Hash.hash256(buf)
       return ret
     }
 
@@ -146,7 +146,7 @@ export default class TransactionSignature extends Signature {
   }
 
   // The format used in a tx
-  static fromChecksigFormat(buf: number[]): TransactionSignature {
+  static fromChecksigFormat (buf: number[]): TransactionSignature {
     if (buf.length === 0) {
       // allow setting a "blank" signature
       const r = new BigNumber(1)
@@ -160,7 +160,7 @@ export default class TransactionSignature extends Signature {
     return new TransactionSignature(tempSig.r, tempSig.s, scope)
   }
 
-  constructor(r: BigNumber, s: BigNumber, scope: number) {
+  constructor (r: BigNumber, s: BigNumber, scope: number) {
     super(r, s)
     this.scope = scope
   }
@@ -170,7 +170,7 @@ export default class TransactionSignature extends Signature {
      * See also Ecdsa signature algorithm which enforces this.
      * See also Bip 62, "low S values in signatures"
      */
-  public hasLowS(): boolean {
+  public hasLowS (): boolean {
     if (
       this.s.ltn(1) ||
       this.s.gt(new BigNumber(
@@ -182,7 +182,7 @@ export default class TransactionSignature extends Signature {
     return true
   }
 
-  toChecksigFormat(): number[] {
+  toChecksigFormat (): number[] {
     const derbuf = this.toDER() as number[]
     return [...derbuf, this.scope]
   }

package/src/primitives/index.ts

@@ -9,4 +9,4 @@ export * as ECDSA from './ECDSA.js'
 export * as Utils from './utils.js'
 export * as Hash from './Hash.js'
 export { default as Random } from './Random.js'
-export { default as TransactionSignature } from './TransactionSignature.js'
+export { default as TransactionSignature } from './TransactionSignature.js'