@btc-vision/bitcoin 7.0.0-alpha.1 → 7.0.0-alpha.10

package/src/psbt/PsbtSigner.ts

@@ -0,0 +1,302 @@
+import type { Bip32Derivation, PsbtInput } from 'bip174';
+import { checkForInput } from 'bip174';
+import { equals, toHex } from '../io/index.js';
+import * as payments from '../payments/index.js';
+import { tapleafHash } from '../payments/bip341.js';
+import { toXOnly } from '../pubkey.js';
+import { isP2WPKH, pubkeyInScript } from './psbtutils.js';
+import { getMeaningfulScript, sighashTypeToString } from './utils.js';
+import { checkScriptForPubkey } from './validation.js';
+import type { Output } from '../transaction.js';
+import { Transaction } from '../transaction.js';
+import type { Bytes20, Bytes32, MessageHash, PublicKey, Satoshi, Script } from '../types.js';
+import type { PsbtCache } from './PsbtCache.js';
+import type { HDSigner, HDSignerAsync } from './types.js';
+
+export interface HashForSig {
+    readonly pubkey: PublicKey;
+    readonly hash: MessageHash;
+    readonly leafHash?: Bytes32;
+}
+
+/**
+ * Class wrapping all signing-related logic for PSBT.
+ */
+export class PsbtSigner {
+    readonly #cache: PsbtCache;
+    readonly #txFromBuffer: (buf: Uint8Array) => Transaction;
+
+    public constructor(cache: PsbtCache, txFromBuffer: (buf: Uint8Array) => Transaction) {
+        this.#cache = cache;
+        this.#txFromBuffer = txFromBuffer;
+    }
+
+    public getHashAndSighashType(
+        inputs: PsbtInput[],
+        inputIndex: number,
+        pubkey: Uint8Array,
+        sighashTypes: number[],
+    ): { hash: MessageHash; sighashType: number } {
+        const input = checkForInput(inputs, inputIndex);
+        const { hash, sighashType, script } = this.getHashForSig(
+            inputIndex,
+            input,
+            false,
+            sighashTypes,
+        );
+
+        checkScriptForPubkey(pubkey as PublicKey, script, 'sign');
+        return { hash, sighashType };
+    }
+
+    public getHashForSig(
+        inputIndex: number,
+        input: PsbtInput,
+        forValidate: boolean,
+        sighashTypes?: number[],
+    ): { script: Script; hash: MessageHash; sighashType: number } {
+        const unsignedTx = this.#cache.tx;
+        const sighashType = input.sighashType || Transaction.SIGHASH_ALL;
+        checkSighashTypeAllowed(sighashType, sighashTypes);
+
+        let hash: MessageHash;
+        let prevout: Output;
+
+        if (input.nonWitnessUtxo) {
+            const nonWitnessUtxoTx = this.#cache.getNonWitnessUtxoTx(
+                input,
+                inputIndex,
+                this.#txFromBuffer,
+            );
+
+            const prevoutHash = unsignedTx.ins[inputIndex]!.hash;
+            const utxoHash = nonWitnessUtxoTx.getHash();
+
+            if (!equals(prevoutHash, utxoHash)) {
+                throw new Error(
+                    `Non-witness UTXO hash for input #${inputIndex} doesn't match the hash specified in the prevout`,
+                );
+            }
+
+            const prevoutIndex = unsignedTx.ins[inputIndex]!.index;
+            prevout = nonWitnessUtxoTx.outs[prevoutIndex]!;
+        } else if (input.witnessUtxo) {
+            prevout = {
+                script: input.witnessUtxo.script as Script,
+                value: input.witnessUtxo.value as Satoshi,
+            };
+        } else {
+            throw new Error('Need a Utxo input item for signing');
+        }
+
+        const { meaningfulScript, type } = getMeaningfulScript(
+            prevout.script,
+            inputIndex,
+            'input',
+            input.redeemScript,
+            input.witnessScript,
+        );
+
+        const script = meaningfulScript as Script;
+
+        if (['p2sh-p2wsh', 'p2wsh'].includes(type)) {
+            hash = unsignedTx.hashForWitnessV0(inputIndex, script, prevout.value, sighashType);
+        } else if (isP2WPKH(meaningfulScript)) {
+            const p2pkhPayment = payments.p2pkh({
+                hash: meaningfulScript.subarray(2) as Bytes20,
+            });
+            if (!p2pkhPayment.output) throw new Error('Unable to create signing script');
+            hash = unsignedTx.hashForWitnessV0(
+                inputIndex,
+                p2pkhPayment.output,
+                prevout.value,
+                sighashType,
+            );
+        } else {
+            // non-segwit
+            if (input.nonWitnessUtxo === undefined && !this.#cache.unsafeSignNonSegwit)
+                throw new Error(
+                    `Input #${inputIndex} has witnessUtxo but non-segwit script: ` +
+                        toHex(meaningfulScript),
+                );
+            if (!forValidate && this.#cache.unsafeSignNonSegwit)
+                console.warn(
+                    'Warning: Signing non-segwit inputs without the full parent transaction ' +
+                        'means there is a chance that a miner could feed you incorrect information ' +
+                        "to trick you into paying large fees. This behavior is the same as Psbt's predecessor " +
+                        '(TransactionBuilder - now removed) when signing non-segwit scripts. You are not ' +
+                        'able to export this Psbt with toBuffer|toBase64|toHex since it is not ' +
+                        'BIP174 compliant.\n*********************\nPROCEED WITH CAUTION!\n' +
+                        '*********************',
+                );
+            hash = unsignedTx.hashForSignature(inputIndex, script, sighashType);
+        }
+
+        return { script, sighashType, hash };
+    }
+
+    public getTaprootHashesForSig(
+        inputIndex: number,
+        input: PsbtInput,
+        inputs: PsbtInput[],
+        pubkey: Uint8Array,
+        tapLeafHashToSign?: Uint8Array,
+        allowedSighashTypes?: number[],
+    ): HashForSig[] {
+        const unsignedTx = this.#cache.tx;
+        const sighashType = input.sighashType || Transaction.SIGHASH_DEFAULT;
+        checkSighashTypeAllowed(sighashType, allowedSighashTypes);
+
+        if (!this.#cache.prevOuts) {
+            const prevOuts = inputs.map((i, index) =>
+                this.#cache.getScriptAndAmountFromUtxo(index, i, this.#txFromBuffer),
+            );
+            this.#cache.prevOuts = prevOuts;
+            this.#cache.signingScripts = prevOuts.map((o) => o.script);
+            this.#cache.values = prevOuts.map((o) => o.value);
+        }
+        const signingScripts = this.#cache.signingScripts as readonly Script[];
+        const values = this.#cache.values as readonly Satoshi[];
+
+        if (!this.#cache.taprootHashCache) {
+            this.#cache.taprootHashCache = unsignedTx.getTaprootHashCache(signingScripts, values);
+        }
+        const taprootCache = this.#cache.taprootHashCache;
+
+        const hashes: HashForSig[] = [];
+        if (input.tapInternalKey && !tapLeafHashToSign) {
+            const outputKey =
+                this.#cache.getPrevoutTaprootKey(inputIndex, input, this.#txFromBuffer) ||
+                new Uint8Array(0);
+            if (equals(toXOnly(pubkey as PublicKey), outputKey)) {
+                const tapKeyHash = unsignedTx.hashForWitnessV1(
+                    inputIndex,
+                    signingScripts,
+                    values,
+                    sighashType,
+                    undefined,
+                    undefined,
+                    taprootCache,
+                );
+                hashes.push({ pubkey: pubkey as PublicKey, hash: tapKeyHash });
+            }
+        }
+
+        const tapLeafHashes = (input.tapLeafScript || [])
+            .filter((tapLeaf) => pubkeyInScript(pubkey, tapLeaf.script))
+            .map((tapLeaf) => {
+                const hash = tapleafHash({
+                    output: tapLeaf.script,
+                    version: tapLeaf.leafVersion,
+                });
+                return Object.assign({ hash }, tapLeaf);
+            })
+            .filter((tapLeaf) => !tapLeafHashToSign || equals(tapLeafHashToSign, tapLeaf.hash))
+            .map((tapLeaf) => {
+                const tapScriptHash = unsignedTx.hashForWitnessV1(
+                    inputIndex,
+                    signingScripts,
+                    values,
+                    sighashType,
+                    tapLeaf.hash,
+                    undefined,
+                    taprootCache,
+                );
+
+                return {
+                    pubkey: pubkey as PublicKey,
+                    hash: tapScriptHash,
+                    leafHash: tapLeaf.hash,
+                };
+            });
+
+        return hashes.concat(tapLeafHashes);
+    }
+
+    public getAllTaprootHashesForSig(
+        inputIndex: number,
+        input: PsbtInput,
+        inputs: PsbtInput[],
+    ): HashForSig[] {
+        const allPublicKeys: Uint8Array[] = [];
+        if (input.tapInternalKey) {
+            const key = this.#cache.getPrevoutTaprootKey(inputIndex, input, this.#txFromBuffer);
+            if (key) {
+                allPublicKeys.push(key);
+            }
+        }
+
+        if (input.tapScriptSig) {
+            const tapScriptPubkeys = input.tapScriptSig.map((tss) => tss.pubkey);
+            allPublicKeys.push(...tapScriptPubkeys);
+        }
+
+        const allHashes = allPublicKeys.map((pubicKey) =>
+            this.getTaprootHashesForSig(inputIndex, input, inputs, pubicKey),
+        );
+
+        return allHashes.flat();
+    }
+
+    public trimTaprootSig(signature: Uint8Array): Uint8Array {
+        return signature.length === 64 ? signature : signature.subarray(0, 64);
+    }
+
+    public getSignersFromHD<T extends HDSigner | HDSignerAsync>(
+        inputIndex: number,
+        inputs: PsbtInput[],
+        hdKeyPair: T,
+    ): T[] {
+        const input = checkForInput(inputs, inputIndex);
+        if (!input.bip32Derivation || input.bip32Derivation.length === 0) {
+            throw new Error('Need bip32Derivation to sign with HD');
+        }
+        const myDerivations = input.bip32Derivation
+            .map((bipDv) => {
+                if (equals(bipDv.masterFingerprint, hdKeyPair.fingerprint)) {
+                    return bipDv;
+                } else {
+                    return;
+                }
+            })
+            .filter((v) => !!v);
+        if (myDerivations.length === 0) {
+            throw new Error(
+                'Need one bip32Derivation masterFingerprint to match the HDSigner fingerprint',
+            );
+        }
+
+        return myDerivations.map((bipDv) => {
+            const node = hdKeyPair.derivePath(bipDv.path) as T;
+            if (!equals(bipDv.pubkey, node.publicKey)) {
+                throw new Error('pubkey did not match bip32Derivation');
+            }
+            return node;
+        });
+    }
+
+    public bip32DerivationIsMine(root: HDSigner): (d: Bip32Derivation) => boolean {
+        return (d: Bip32Derivation): boolean => {
+            const fingerprint =
+                root.fingerprint instanceof Uint8Array
+                    ? root.fingerprint
+                    : new Uint8Array(root.fingerprint);
+            if (!equals(d.masterFingerprint, fingerprint)) return false;
+            const derivedPubkey = root.derivePath(d.path).publicKey;
+            const pubkey =
+                derivedPubkey instanceof Uint8Array ? derivedPubkey : new Uint8Array(derivedPubkey);
+            if (!equals(pubkey, d.pubkey)) return false;
+            return true;
+        };
+    }
+}
+
+function checkSighashTypeAllowed(sighashType: number, sighashTypes?: number[]): void {
+    if (sighashTypes && !sighashTypes.includes(sighashType)) {
+        const str = sighashTypeToString(sighashType);
+        throw new Error(
+            `Sighash type is not allowed. Retry the sign method passing the ` +
+                `sighashTypes array of whitelisted types. Sighash type: ${str}`,
+        );
+    }
+}

package/src/psbt/PsbtTransaction.ts

@@ -0,0 +1,82 @@
+import type { Transaction as ITransaction, TransactionFromBuffer } from 'bip174';
+import { fromHex, reverse } from '../io/index.js';
+import { Transaction } from '../transaction.js';
+import type { Bytes32 } from '../types.js';
+import { checkTxEmpty } from './validation.js';
+import type { TransactionInput, TransactionOutput } from './types.js';
+
+/**
+ * Empty version-2 transaction with zero inputs and zero outputs.
+ * Used as the default buffer when constructing a new PsbtTransaction.
+ *
+ * Layout: [version(4LE)] [inputCount(varint)] [outputCount(varint)] [locktime(4LE)]
+ *         [02 00 00 00]  [00]                 [00]                  [00 00 00 00]
+ */
+const EMPTY_TX_V2 = new Uint8Array([2, 0, 0, 0, 0, 0, 0, 0, 0, 0]);
+
+/**
+ * This class implements the Transaction interface from bip174 library.
+ * It contains a bitcoinjs-lib Transaction object.
+ */
+export class PsbtTransaction implements ITransaction {
+    public tx: Transaction;
+
+    public constructor(buffer: Uint8Array = EMPTY_TX_V2) {
+        this.tx = Transaction.fromBuffer(buffer);
+        checkTxEmpty(this.tx);
+        Object.defineProperty(this, 'tx', {
+            enumerable: false,
+            writable: true,
+        });
+    }
+
+    public getInputOutputCounts(): {
+        inputCount: number;
+        outputCount: number;
+    } {
+        return {
+            inputCount: this.tx.ins.length,
+            outputCount: this.tx.outs.length,
+        };
+    }
+
+    public addInput(input: TransactionInput): void {
+        if (
+            input.hash === undefined ||
+            input.index === undefined ||
+            (!(input.hash instanceof Uint8Array) && typeof input.hash !== 'string') ||
+            typeof input.index !== 'number'
+        ) {
+            throw new Error('Error adding input.');
+        }
+        const hash = (
+            typeof input.hash === 'string' ? reverse(fromHex(input.hash)) : input.hash
+        ) as Bytes32;
+
+        this.tx.addInput(hash, input.index, input.sequence);
+    }
+
+    public addOutput(output: TransactionOutput): void {
+        if (
+            output.script === undefined ||
+            output.value === undefined ||
+            !(output.script instanceof Uint8Array) ||
+            typeof output.value !== 'bigint'
+        ) {
+            throw new Error('Error adding output.');
+        }
+        this.tx.addOutput(output.script, output.value);
+    }
+
+    public toBuffer(): Uint8Array {
+        return this.tx.toBuffer();
+    }
+}
+
+/**
+ * This function is needed to pass to the bip174 base class's fromBuffer.
+ * It takes the "transaction buffer" portion of the psbt buffer and returns a
+ * Transaction (From the bip174 library) interface.
+ */
+export const transactionFromBuffer: TransactionFromBuffer = (buffer: Uint8Array): ITransaction =>
+    new PsbtTransaction(buffer);

package/src/psbt/types.ts

@@ -6,7 +6,7 @@
 import type { Psbt as PsbtBase, PsbtGlobal, PsbtInput, PsbtOutput } from 'bip174';
 import type { Network } from '../networks.js';
 import type { TaprootHashCache, Transaction } from '../transaction.js';
-import type { Bytes32, PublicKey, Satoshi, SchnorrSignature, Script, Signature } from '../types.js';
+import type { Bytes32, MessageHash, PublicKey, Satoshi, Script } from '../types.js';
 
 /**
  * Transaction input interface for PSBT.
@@ -45,7 +45,7 @@ export interface PsbtTxOutput extends TransactionOutput {
  */
 export type ValidateSigFunction = (
     pubkey: PublicKey,
-    msghash: Bytes32,
+    msghash: MessageHash,
     signature: Uint8Array,
 ) => boolean;
 
@@ -102,89 +102,7 @@ export interface PsbtOutputExtendedScript extends PsbtOutput {
     readonly value: Satoshi;
 }
 
-/**
- * Base interface for HD signers.
- */
-interface HDSignerBase {
-    /**
-     * DER format compressed publicKey Uint8Array
-     */
-    readonly publicKey: PublicKey;
-    /**
-     * The first 4 bytes of the sha256-ripemd160 of the publicKey
-     */
-    readonly fingerprint: Uint8Array;
-}
-
-/**
- * HD signer interface for synchronous signing.
- */
-export interface HDSigner extends HDSignerBase {
-    /**
-     * The path string must match /^m(\/\d+'?)+$/
-     * ex. m/44'/0'/0'/1/23 levels with ' must be hard derivations
-     */
-    derivePath(path: string): HDSigner;
-
-    /**
-     * Input hash (the "message digest") for the signature algorithm
-     * Return a 64 byte signature (32 byte r and 32 byte s in that order)
-     */
-    sign(hash: Bytes32): Uint8Array;
-}
-
-/**
- * HD signer interface for asynchronous signing.
- */
-export interface HDSignerAsync extends HDSignerBase {
-    derivePath(path: string): HDSignerAsync;
-
-    sign(hash: Bytes32): Promise<Uint8Array>;
-}
-
-/**
- * Alternative signer interface with lowR support.
- */
-export interface SignerAlternative {
-    readonly publicKey: PublicKey;
-    readonly lowR: boolean;
-
-    sign(hash: Bytes32, lowR?: boolean): Signature;
-
-    verify(hash: Bytes32, signature: Signature): boolean;
-
-    signSchnorr(hash: Bytes32): SchnorrSignature;
-
-    verifySchnorr(hash: Bytes32, signature: SchnorrSignature): boolean;
-}
-
-/**
- * Basic signer interface for synchronous signing.
- */
-export interface Signer {
-    readonly publicKey: PublicKey;
-    readonly network?: Network | undefined;
-
-    sign(hash: Bytes32, lowR?: boolean): Signature;
-
-    signSchnorr?(hash: Bytes32): SchnorrSignature;
-
-    getPublicKey?(): PublicKey;
-}
-
-/**
- * Basic signer interface for asynchronous signing.
- */
-export interface SignerAsync {
-    readonly publicKey: PublicKey;
-    readonly network?: Network | undefined;
-
-    sign(hash: Bytes32, lowR?: boolean): Promise<Signature>;
-
-    signSchnorr?(hash: Bytes32): Promise<SchnorrSignature>;
-
-    getPublicKey?(): PublicKey;
-}
+export type { Signer, SignerAsync, HDSigner, HDSignerAsync } from '@btc-vision/ecpair';
 
 /**
  * Minimal key pair interface for checking Taproot hashes.
@@ -199,7 +117,7 @@ export interface TaprootHashCheckSigner {
 /**
  * Internal PSBT cache for computed values.
  */
-export interface PsbtCache {
+export interface PsbtCacheInterface {
     nonWitnessUtxoTxCache: Transaction[];
     nonWitnessUtxoBufCache: Uint8Array[];
     txInCache: TxInCacheMap;

package/src/psbt/validation.ts

@@ -11,7 +11,7 @@ import { checkTaprootInputForSigs, isTaprootInput } from './bip371.js';
 import { checkInputForSig, pubkeyInScript } from './psbtutils.js';
 import * as bscript from '../script.js';
 import type { Transaction } from '../transaction.js';
-import type { PsbtCache } from './types.js';
+import type { PsbtCacheInterface as PsbtCache } from './types.js';
 import type { PublicKey, Script } from '../types.js';
 
 /**