@bsv/sdk 1.6.19 → 1.6.20

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bsv/sdk",
-  "version": "1.6.19",
+  "version": "1.6.20",
   "type": "module",
   "description": "BSV Blockchain Software Development Kit",
   "main": "dist/cjs/mod.js",
@@ -243,6 +243,7 @@
   "devDependencies": {
     "@eslint/js": "^9.23.0",
     "@jest/globals": "^29.7.0",
+    "@rspack/cli": "^1.4.9",
     "@types/jest": "^29.5.14",
     "@types/node": "^22.13.14",
     "eslint": "^9.23.0",
@@ -255,8 +256,7 @@
     "ts2md": "^0.2.8",
     "tsconfig-to-dual-package": "^1.2.0",
     "typescript": "5.1",
-    "typescript-eslint": "^8.29.0",
-    "@rspack/cli": "^0.4.4"
+    "typescript-eslint": "^8.29.0"
   },
   "ts-standard": {
     "project": "tsconfig.eslint.json",

package/src/primitives/ECDSA.ts

@@ -39,6 +39,11 @@ function truncateToN (
   }
 }
 
+const curve = new Curve()
+const bytes = curve.n.byteLength()
+const ns1 = curve.n.subn(1)
+const halfN = N_BIGINT >> 1n
+
 /**
  * Generates a digital signature for a given message.
  *
@@ -60,84 +65,80 @@ export const sign = (
   forceLowS: boolean = false,
   customK?: BigNumber | ((iter: number) => BigNumber)
 ): Signature => {
-  const curve = new Curve()
+  // —— prepare inputs ────────────────────────────────────────────────────────
   msg = truncateToN(msg)
+  const msgBig = BigInt('0x' + msg.toString(16))
+  const keyBig = BigInt('0x' + key.toString(16))
 
-  // Zero-extend key to provide enough entropy
-  const bytes = curve.n.byteLength()
+  // DRBG seeding identical to previous implementation
   const bkey = key.toArray('be', bytes)
-
-  // Zero-extend nonce to have the same byte size as N
   const nonce = msg.toArray('be', bytes)
-
-  // Instantiate Hmac_DRBG
   const drbg = new DRBG(bkey, nonce)
 
-  // Number of bytes to generate
-  const ns1 = curve.n.subn(1)
-
   for (let iter = 0; ; iter++) {
-    // Compute the k-value
-    let k =
+    // —— k generation & basic validity checks ───────────────────────────────
+    let kBN =
       typeof customK === 'function'
         ? customK(iter)
         : BigNumber.isBN(customK)
           ? customK
           : new BigNumber(drbg.generate(bytes), 16)
-    if (k != null) {
-      k = truncateToN(k, true)
-    } else {
-      throw new Error('k is undefined')
-    }
-    if (k.cmpn(1) <= 0 || k.cmp(ns1) >= 0) {
+
+    if (kBN == null) throw new Error('k is undefined')
+    kBN = truncateToN(kBN, true)
+
+    if (kBN.cmpn(1) <= 0 || kBN.cmp(ns1) >= 0) {
       if (BigNumber.isBN(customK)) {
-        throw new Error(
-          'Invalid fixed custom K value (must be more than 1 and less than N-1)'
-        )
-      } else {
-        continue
+        throw new Error('Invalid fixed custom K value (must be >1 and <N‑1)')
       }
+      continue
     }
 
-    const kp = curve.g.mul(k)
-    if (kp.isInfinity()) {
+    const kBig = BigInt('0x' + kBN.toString(16))
+
+    // —— R = k·G (Jacobian, window‑NAF) ──────────────────────────────────────
+    const R = scalarMultiplyWNAF(kBig, { x: GX_BIGINT, y: GY_BIGINT })
+    if (R.Z === 0n) { // point at infinity – should never happen for valid k
       if (BigNumber.isBN(customK)) {
-        throw new Error(
-          'Invalid fixed custom K value (must not create a point at infinity when multiplied by the generator point)'
-        )
-      } else {
-        continue
+        throw new Error('Invalid fixed custom K value (k·G at infinity)')
       }
+      continue
     }
 
-    const kpX = kp.getX()
-    const r = kpX.umod(curve.n)
-    if (r.cmpn(0) === 0) {
+    // affine X coordinate of R
+    const zInv = biModInv(R.Z)
+    const zInv2 = biModMul(zInv, zInv)
+    const xAff = biModMul(R.X, zInv2)
+    const rBig = modN(xAff)
+
+    if (rBig === 0n) {
       if (BigNumber.isBN(customK)) {
-        throw new Error(
-          'Invalid fixed custom K value (when multiplied by G, the resulting x coordinate mod N must not be zero)'
-        )
-      } else {
-        continue
+        throw new Error('Invalid fixed custom K value (r == 0)')
       }
+      continue
     }
 
-    let s = k.invm(curve.n).mul(r.mul(key).iadd(msg))
-    s = s.umod(curve.n)
-    if (s.cmpn(0) === 0) {
+    // —— s = k⁻¹ · (msg + r·key)  mod n ─────────────────────────────────────
+    const kInv = modInvN(kBig)
+    const rTimesKey = modMulN(rBig, keyBig)
+    const sum = modN(msgBig + rTimesKey)
+    let sBig = modMulN(kInv, sum)
+
+    if (sBig === 0n) {
       if (BigNumber.isBN(customK)) {
-        throw new Error(
-          'Invalid fixed custom K value (when used with the key, it cannot create a zero value for S)'
-        )
-      } else {
-        continue
+        throw new Error('Invalid fixed custom K value (s == 0)')
       }
+      continue
     }
 
-    // Use complement of `s`, if it is > `n / 2`
-    if (forceLowS && s.cmp(curve.n.ushrn(1)) > 0) {
-      s = curve.n.sub(s)
+    // low‑S mitigation (BIP‑62/BIP‑340 style)
+    if (forceLowS && sBig > halfN) {
+      sBig = N_BIGINT - sBig
     }
+
+    // —— convert back to BigNumber & return ─────────────────────────────────
+    const r = new BigNumber(rBig.toString(16), 16)
+    const s = new BigNumber(sBig.toString(16), 16)
     return new Signature(r, s)
   }
 }

package/src/primitives/Point.ts

@@ -2,7 +2,6 @@ import BasePoint from './BasePoint.js'
 import JPoint from './JacobianPoint.js'
 import BigNumber from './BigNumber.js'
 import { toArray, toHex } from './utils.js'
-import ReductionContext from './ReductionContext.js'
 
 // -----------------------------------------------------------------------------
 // BigInt helpers & constants (secp256k1) – hoisted so we don't recreate them on
@@ -44,6 +43,32 @@ export const biModInv = (a: bigint): bigint => { // binary‑ext GCD
 }
 export const biModSqr = (a: bigint): bigint => biModMul(a, a)
 
+export const biModPow = (base: bigint, exp: bigint): bigint => {
+  let result = BI_ONE
+  base = biMod(base)
+  let e = exp
+  while (e > BI_ZERO) {
+    if ((e & BI_ONE) === BI_ONE) result = biModMul(result, base)
+    base = biModMul(base, base)
+    e >>= BI_ONE
+  }
+  return result
+}
+
+export const P_PLUS1_DIV4 = (P_BIGINT + 1n) >> 2n
+
+export const biModSqrt = (a: bigint): bigint | null => {
+  const r = biModPow(a, P_PLUS1_DIV4)
+  return biModMul(r, r) === biMod(a) ? r : null
+}
+
+const toBigInt = (x: BigNumber | number | number[] | string): bigint => {
+  if (BigNumber.isBN(x)) return BigInt('0x' + (x as BigNumber).toString(16))
+  if (typeof x === 'string') return BigInt('0x' + x)
+  if (Array.isArray(x)) return BigInt('0x' + toHex(x))
+  return BigInt(x as number)
+}
+
 // Generator point coordinates as bigint constants
 export const GX_BIGINT = BigInt('0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798')
 export const GY_BIGINT = BigInt('0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8')
@@ -191,10 +216,6 @@ export const modInvN = (a: bigint): bigint => {
  * @property inf - Flag to record if the point is at infinity in the Elliptic Curve.
  */
 export default class Point extends BasePoint {
-  private static readonly red: any = new ReductionContext('k256')
-  private static readonly a: BigNumber = new BigNumber(0).toRed(Point.red)
-  private static readonly b: BigNumber = new BigNumber(7).toRed(Point.red)
-  private static readonly zero: BigNumber = new BigNumber(0).toRed(Point.red)
   x: BigNumber | null
   y: BigNumber | null
   inf: boolean
@@ -269,13 +290,6 @@ export default class Point extends BasePoint {
     return Point.fromDER(bytes)
   }
 
-  static redSqrtOptimized (y2: BigNumber): BigNumber {
-    const red = Point.red
-    const p = red.m // The modulus
-    const exponent = p.addn(1).iushrn(2) // (p + 1) / 4
-    return y2.redPow(exponent)
-  }
-
   /**
    * Generates a point from an x coordinate and a boolean indicating whether the corresponding
    * y coordinate is odd.
@@ -292,66 +306,17 @@ export default class Point extends BasePoint {
    * const point = Point.fromX(xCoordinate, true);
    */
   static fromX (x: BigNumber | number | number[] | string, odd: boolean): Point {
-    function mod (a: bigint, n: bigint): bigint {
-      return ((a % n) + n) % n
-    }
-    function modPow (base: bigint, exponent: bigint, modulus: bigint): bigint {
-      let result = BigInt(1)
-      base = mod(base, modulus)
-      while (exponent > BigInt(0)) {
-        if ((exponent & BigInt(1)) === BigInt(1)) {
-          result = mod(result * base, modulus)
-        }
-        exponent >>= BigInt(1)
-        base = mod(base * base, modulus)
-      }
-      return result
-    }
-    function sqrtMod (a: bigint, p: bigint): bigint | null {
-      const exponent = (p + BigInt(1)) >> BigInt(2)
-      const sqrtCandidate = modPow(a, exponent, p)
-      if (mod(sqrtCandidate * sqrtCandidate, p) === mod(a, p)) {
-        return sqrtCandidate
-      } else {
-        return null
-      }
-    }
-
-    // Curve parameters for secp256k1
-    const p = BigInt(
-      '0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F'
-    )
-    const b = BigInt(7)
-
-    let xBigInt: bigint
-    if (x instanceof BigNumber) {
-      xBigInt = BigInt('0x' + x.toString(16))
-    } else if (typeof x === 'string') {
-      xBigInt = BigInt('0x' + x)
-    } else if (Array.isArray(x)) {
-      xBigInt = BigInt('0x' + toHex(x).padStart(64, '0'))
-    } else if (typeof x === 'number') {
-      xBigInt = BigInt(x)
-    } else {
-      throw new Error('Invalid x-coordinate type')
-    }
-
-    xBigInt = mod(xBigInt, p)
-
-    const y2 = mod(modPow(xBigInt, BigInt(3), p) + b, p)
-
-    let y = sqrtMod(y2, p)
-    if (y === null) {
-      throw new Error('Invalid point')
-    }
-
-    const isYOdd = y % BigInt(2) === BigInt(1)
-    if ((odd && !isYOdd) || (!odd && isYOdd)) {
-      y = p - y
+    let xBigInt = toBigInt(x)
+    xBigInt = biMod(xBigInt)
+    const y2 = biModAdd(biModMul(biModSqr(xBigInt), xBigInt), 7n)
+    const y = biModSqrt(y2)
+    if (y === null) throw new Error('Invalid point')
+    let yBig = y
+    if ((yBig & BI_ONE) !== (odd ? BI_ONE : BI_ZERO)) {
+      yBig = biModSub(P_BIGINT, yBig)
     }
-
     const xBN = new BigNumber(xBigInt.toString(16), 16)
-    const yBN = new BigNumber(y.toString(16), 16)
+    const yBN = new BigNumber(yBig.toString(16), 16)
     return new Point(xBN, yBN)
   }
 
@@ -622,26 +587,31 @@ export default class Point extends BasePoint {
 
     // P + (-P) = O
     if (this.neg().eq(p)) {
-      return new Point(new BigNumber(0), new BigNumber(0))
+      return new Point(null, null)
     }
 
     // P + Q = O
     if (this.x?.cmp(p.x ?? new BigNumber(0)) === 0) {
-      return new Point(new BigNumber(0), new BigNumber(0))
+      return new Point(null, null)
     }
 
-    const q = {
-      x: BigInt('0x' + (p.x as BigNumber).fromRed().toString(16)),
-      y: BigInt('0x' + (p.y as BigNumber).fromRed().toString(16))
+    const P1 = {
+      X: BigInt('0x' + (this.x as BigNumber).fromRed().toString(16)),
+      Y: BigInt('0x' + (this.y as BigNumber).fromRed().toString(16)),
+      Z: BI_ONE
     }
-    const t = {
-      x: BigInt('0x' + (this.x as BigNumber).fromRed().toString(16)),
-      y: BigInt('0x' + (this.y as BigNumber).fromRed().toString(16))
+    const Q1 = {
+      X: BigInt('0x' + (p.x as BigNumber).fromRed().toString(16)),
+      Y: BigInt('0x' + (p.y as BigNumber).fromRed().toString(16)),
+      Z: BI_ONE
     }
-    const λ = biModMul(biModSub(q.y, t.y), biModInv(biModSub(q.x, t.x)))
-    const rx = biModSub(biModSub(biModSqr(λ), t.x), q.x)
-    const ry = biModSub(biModMul(λ, biModSub(t.x, rx)), t.y)
-    return new Point(rx.toString(16), ry.toString(16))
+    const R = jpAdd(P1, Q1)
+    if (R.Z === BI_ZERO) return new Point(null, null)
+    const zInv = biModInv(R.Z)
+    const zInv2 = biModMul(zInv, zInv)
+    const xRes = biModMul(R.X, zInv2)
+    const yRes = biModMul(R.Y, biModMul(zInv2, zInv))
+    return new Point(xRes.toString(16), yRes.toString(16))
   }
 
   /**
@@ -654,25 +624,21 @@ export default class Point extends BasePoint {
    * const result = P.dbl();
    * */
   dbl (): Point {
-    if (this.inf) {
-      return this
-    }
-
-    // 2P = O
-    const ys1 = (this.y ?? new BigNumber(0)).redAdd(this.y ?? new BigNumber(0))
-    if (ys1.cmpn(0) === 0) {
-      return new Point(new BigNumber(0), new BigNumber(0))
+    if (this.inf) return this
+    if (this.x === null || this.y === null) {
+      throw new Error('Point coordinates cannot be null')
     }
 
-    const a = this.curve.a
-    const x2 = (this.x ?? new BigNumber(0)).redSqr()
-    const dyinv = ys1.redInvm()
-    const c = x2.redAdd(x2).redIAdd(x2).redIAdd(a).redMul(dyinv)
+    const X = BigInt('0x' + this.x.fromRed().toString(16))
+    const Y = BigInt('0x' + this.y.fromRed().toString(16))
+    if (Y === BI_ZERO) return new Point(null, null)
 
-    const nx = c.redSqr().redISub((this.x ?? new BigNumber(0)).redAdd(this.x ?? new BigNumber(0)))
-    const ny = c.redMul((this.x ?? new BigNumber(0)).redSub(nx)).redISub(this.y ?? new BigNumber(0))
-
-    return new Point(nx, ny)
+    const R = jpDouble({ X, Y, Z: BI_ONE })
+    const zInv = biModInv(R.Z)
+    const zInv2 = biModMul(zInv, zInv)
+    const xRes = biModMul(R.X, zInv2)
+    const yRes = biModMul(R.Y, biModMul(zInv2, zInv))
+    return new Point(xRes.toString(16), yRes.toString(16))
   }
 
   /**
@@ -1134,7 +1100,7 @@ export default class Point extends BasePoint {
     for (i = 0; i < points.length; i++) {
       const split = this.curve._endoSplit(coeffs[i])
       let p = points[i]
-      let beta: Point = p._getBeta() ?? new Point(new BigNumber(0), new BigNumber(0))
+      let beta: Point = p._getBeta() ?? new Point(null, null)
 
       if (split.k1.negative !== 0) {
         split.k1.ineg()

package/src/script/ScriptEvaluationError.ts

@@ -0,0 +1,44 @@
+import { toHex } from '../primitives/utils.js'
+export default class ScriptEvaluationError extends Error {
+  txid: string
+  outputIndex: number
+  context: 'UnlockingScript' | 'LockingScript'
+  programCounter: number
+  stackState: number[][]
+  altStackState: number[][]
+  ifStackState: boolean[]
+  stackMem: number
+  altStackMem: number
+
+  constructor (params: {
+    message: string
+    txid: string
+    outputIndex: number
+    context: 'UnlockingScript' | 'LockingScript'
+    programCounter: number
+    stackState: number[][]
+    altStackState: number[][]
+    ifStackState: boolean[]
+    stackMem: number
+    altStackMem: number
+  }) {
+    const stackHex = params.stackState.map(s => s != null && typeof s.length !== 'undefined' ? toHex(s) : (s === null || s === undefined ? 'null/undef' : 'INVALID_STACK_ITEM')).join(', ')
+    const altStackHex = params.altStackState.map(s => s != null && typeof s.length !== 'undefined' ? toHex(s) : (s === null || s === undefined ? 'null/undef' : 'INVALID_STACK_ITEM')).join(', ')
+    const pcInfo = `Context: ${params.context}, PC: ${params.programCounter}`
+    const stackInfo = `Stack: [${stackHex}] (len: ${params.stackState.length}, mem: ${params.stackMem})`
+    const altStackInfo = `AltStack: [${altStackHex}] (len: ${params.altStackState.length}, mem: ${params.altStackMem})`
+    const ifStackInfo = `IfStack: [${params.ifStackState.join(', ')}]`
+    const fullMessage = `Script evaluation error: ${params.message}\nTXID: ${params.txid}, OutputIdx: ${params.outputIndex}\n${pcInfo}\n${stackInfo}\n${altStackInfo}\n${ifStackInfo}`
+    super(fullMessage)
+    this.name = this.constructor.name
+    this.txid = params.txid
+    this.outputIndex = params.outputIndex
+    this.context = params.context
+    this.programCounter = params.programCounter
+    this.stackState = params.stackState.map(s => s.slice())
+    this.altStackState = params.altStackState.map(s => s.slice())
+    this.ifStackState = params.ifStackState.slice()
+    this.stackMem = params.stackMem
+    this.altStackMem = params.altStackMem
+  }
+}

package/src/script/Spend.ts

@@ -4,7 +4,8 @@ import Script from './Script.js'
 import BigNumber from '../primitives/BigNumber.js'
 import OP from './OP.js'
 import ScriptChunk from './ScriptChunk.js'
-import { toHex, minimallyEncode } from '../primitives/utils.js'
+import { minimallyEncode } from '../primitives/utils.js'
+import ScriptEvaluationError from './ScriptEvaluationError.js'
 import * as Hash from '../primitives/Hash.js'
 import TransactionSignature from '../primitives/TransactionSignature.js'
 import PublicKey from '../primitives/PublicKey.js'
@@ -1054,16 +1055,17 @@ export default class Spend {
   }
 
   private scriptEvaluationError (str: string): void {
-    const pcInfo = `Context: ${this.context}, PC: ${this.programCounter}`
-    const stackHex = this.stack.map(s => (s != null && typeof s.length !== 'undefined') ? toHex(s) : (s === null || s === undefined ? 'null/undef' : 'INVALID_STACK_ITEM')).join(', ')
-    const altStackHex = this.altStack.map(s => (s != null && typeof s.length !== 'undefined') ? toHex(s) : (s === null || s === undefined ? 'null/undef' : 'INVALID_STACK_ITEM')).join(', ')
-
-    const stackInfo = `Stack: [${stackHex}] (len: ${this.stack.length}, mem: ${this.stackMem})`
-    const altStackInfo = `AltStack: [${altStackHex}] (len: ${this.altStack.length}, mem: ${this.altStackMem})`
-    const ifStackInfo = `IfStack: [${this.ifStack.join(', ')}]`
-
-    throw new Error(
-      `Script evaluation error: ${str}\nTXID: ${this.sourceTXID}, OutputIdx: ${this.sourceOutputIndex}\n${pcInfo}\n${stackInfo}\n${altStackInfo}\n${ifStackInfo}`
-    )
+    throw new ScriptEvaluationError({
+      message: str,
+      txid: this.sourceTXID,
+      outputIndex: this.sourceOutputIndex,
+      context: this.context,
+      programCounter: this.programCounter,
+      stackState: this.stack,
+      altStackState: this.altStack,
+      ifStackState: this.ifStack,
+      stackMem: this.stackMem,
+      altStackMem: this.altStackMem
+    })
   }
 }

package/src/script/index.ts

@@ -4,6 +4,7 @@ export { default as LockingScript } from './LockingScript.js'
 export { default as UnlockingScript } from './UnlockingScript.js'
 export { default as Spend } from './Spend.js'
 export type { default as ScriptTemplateUnlock } from './ScriptTemplateUnlock.js'
+export { default as ScriptEvaluationError } from './ScriptEvaluationError.js'
 export type { default as ScriptTemplate } from './ScriptTemplate.js'
 export * from './templates/index.js'
 export type { default as ScriptChunk } from './ScriptChunk.js'