@btc-vision/btc-runtime 1.8.1 → 1.9.0

package/runtime/script/Opcodes.ts

@@ -0,0 +1,155 @@
+import { Revert } from '../types/Revert';
+
+@final
+export class BitcoinOpcodes {
+    public static readonly OP_FALSE: u8 = 0;
+    public static readonly OP_0: u8 = 0;
+    public static readonly OP_PUSHDATA1: u8 = 76;
+    public static readonly OP_PUSHDATA2: u8 = 77;
+    public static readonly OP_PUSHDATA4: u8 = 78;
+    public static readonly OP_1NEGATE: u8 = 79;
+    public static readonly OP_RESERVED: u8 = 80;
+    public static readonly OP_TRUE: u8 = 81;
+    public static readonly OP_1: u8 = 81;
+    public static readonly OP_2: u8 = 82;
+    public static readonly OP_3: u8 = 83;
+    public static readonly OP_4: u8 = 84;
+    public static readonly OP_5: u8 = 85;
+    public static readonly OP_6: u8 = 86;
+    public static readonly OP_7: u8 = 87;
+    public static readonly OP_8: u8 = 88;
+    public static readonly OP_9: u8 = 89;
+    public static readonly OP_10: u8 = 90;
+    public static readonly OP_11: u8 = 91;
+    public static readonly OP_12: u8 = 92;
+    public static readonly OP_13: u8 = 93;
+    public static readonly OP_14: u8 = 94;
+    public static readonly OP_15: u8 = 95;
+    public static readonly OP_16: u8 = 96;
+    public static readonly OP_NOP: u8 = 97;
+    public static readonly OP_VER: u8 = 98;
+    public static readonly OP_IF: u8 = 99;
+    public static readonly OP_NOTIF: u8 = 100;
+    public static readonly OP_VERIF: u8 = 101;
+    public static readonly OP_VERNOTIF: u8 = 102;
+    public static readonly OP_ELSE: u8 = 103;
+    public static readonly OP_ENDIF: u8 = 104;
+    public static readonly OP_VERIFY: u8 = 105;
+    public static readonly OP_RETURN: u8 = 106;
+    public static readonly OP_TOALTSTACK: u8 = 107;
+    public static readonly OP_FROMALTSTACK: u8 = 108;
+    public static readonly OP_2DROP: u8 = 109;
+    public static readonly OP_2DUP: u8 = 110;
+    public static readonly OP_3DUP: u8 = 111;
+    public static readonly OP_2OVER: u8 = 112;
+    public static readonly OP_2ROT: u8 = 113;
+    public static readonly OP_2SWAP: u8 = 114;
+    public static readonly OP_IFDUP: u8 = 115;
+    public static readonly OP_DEPTH: u8 = 116;
+    public static readonly OP_DROP: u8 = 117;
+    public static readonly OP_DUP: u8 = 118;
+    public static readonly OP_NIP: u8 = 119;
+    public static readonly OP_OVER: u8 = 120;
+    public static readonly OP_PICK: u8 = 121;
+    public static readonly OP_ROLL: u8 = 122;
+    public static readonly OP_ROT: u8 = 123;
+    public static readonly OP_SWAP: u8 = 124;
+    public static readonly OP_TUCK: u8 = 125;
+    public static readonly OP_CAT: u8 = 126;
+    public static readonly OP_SUBSTR: u8 = 127;
+    public static readonly OP_LEFT: u8 = 128;
+    public static readonly OP_RIGHT: u8 = 129;
+    public static readonly OP_SIZE: u8 = 130;
+    public static readonly OP_INVERT: u8 = 131;
+    public static readonly OP_AND: u8 = 132;
+    public static readonly OP_OR: u8 = 133;
+    public static readonly OP_XOR: u8 = 134;
+    public static readonly OP_EQUAL: u8 = 135;
+    public static readonly OP_EQUALVERIFY: u8 = 136;
+    public static readonly OP_RESERVED1: u8 = 137;
+    public static readonly OP_RESERVED2: u8 = 138;
+    public static readonly OP_1ADD: u8 = 139;
+    public static readonly OP_1SUB: u8 = 140;
+    public static readonly OP_2MUL: u8 = 141;
+    public static readonly OP_2DIV: u8 = 142;
+    public static readonly OP_NEGATE: u8 = 143;
+    public static readonly OP_ABS: u8 = 144;
+    public static readonly OP_NOT: u8 = 145;
+    public static readonly OP_0NOTEQUAL: u8 = 146;
+    public static readonly OP_ADD: u8 = 147;
+    public static readonly OP_SUB: u8 = 148;
+    public static readonly OP_MUL: u8 = 149;
+    public static readonly OP_DIV: u8 = 150;
+    public static readonly OP_MOD: u8 = 151;
+    public static readonly OP_LSHIFT: u8 = 152;
+    public static readonly OP_RSHIFT: u8 = 153;
+    public static readonly OP_BOOLAND: u8 = 154;
+    public static readonly OP_BOOLOR: u8 = 155;
+    public static readonly OP_NUMEQUAL: u8 = 156;
+    public static readonly OP_NUMEQUALVERIFY: u8 = 157;
+    public static readonly OP_NUMNOTEQUAL: u8 = 158;
+    public static readonly OP_LESSTHAN: u8 = 159;
+    public static readonly OP_GREATERTHAN: u8 = 160;
+    public static readonly OP_LESSTHANOREQUAL: u8 = 161;
+    public static readonly OP_GREATERTHANOREQUAL: u8 = 162;
+    public static readonly OP_MIN: u8 = 163;
+    public static readonly OP_MAX: u8 = 164;
+    public static readonly OP_WITHIN: u8 = 165;
+    public static readonly OP_RIPEMD160: u8 = 166;
+    public static readonly OP_SHA1: u8 = 167;
+    public static readonly OP_SHA256: u8 = 168;
+    public static readonly OP_HASH160: u8 = 169;
+    public static readonly OP_HASH256: u8 = 170;
+    public static readonly OP_CODESEPARATOR: u8 = 171;
+    public static readonly OP_CHECKSIG: u8 = 172;
+    public static readonly OP_CHECKSIGVERIFY: u8 = 173;
+    public static readonly OP_CHECKMULTISIG: u8 = 174;
+    public static readonly OP_CHECKMULTISIGVERIFY: u8 = 175;
+    public static readonly OP_NOP1: u8 = 176;
+    public static readonly OP_NOP2: u8 = 177;
+    public static readonly OP_CHECKLOCKTIMEVERIFY: u8 = 177;
+    public static readonly OP_NOP3: u8 = 178;
+    public static readonly OP_CHECKSEQUENCEVERIFY: u8 = 178;
+    public static readonly OP_NOP4: u8 = 179;
+    public static readonly OP_NOP5: u8 = 180;
+    public static readonly OP_NOP6: u8 = 181;
+    public static readonly OP_NOP7: u8 = 182;
+    public static readonly OP_NOP8: u8 = 183;
+    public static readonly OP_NOP9: u8 = 184;
+    public static readonly OP_NOP10: u8 = 185;
+    public static readonly OP_CHECKSIGADD: u8 = 186;
+    public static readonly OP_PUBKEYHASH: u8 = 253;
+    public static readonly OP_PUBKEY: u8 = 254;
+    public static readonly OP_INVALIDOPCODE: u8 = 255;
+
+    public static opN(n: i32): u8 {
+        if (n == 0) return 0;
+        if (n < 0 || n > 16) throw new Revert('OP_N out of range');
+        return <u8>(0x50 + n);
+    }
+
+    public static isPushdataOpcode(op: u8): bool {
+        // true for explicit data-push opcodes: 0x01..0x4b, OP_PUSHDATA1/2/4
+        if (op >= <u8>1 && op <= <u8>75) return true;
+        return (
+            op == BitcoinOpcodes.OP_PUSHDATA1 ||
+            op == BitcoinOpcodes.OP_PUSHDATA2 ||
+            op == BitcoinOpcodes.OP_PUSHDATA4
+        );
+    }
+
+    public static isOpSuccessTaproot(op: u8): bool {
+        // BIP342 OP_SUCCESSx set for Tapscript (witness v1)
+        if (op == BitcoinOpcodes.OP_RESERVED /* 0x50 */) return true;
+        if (op == BitcoinOpcodes.OP_VER /* 0x62 */) return true;
+
+        // Disabled legacy ops that become OP_SUCCESSx in Tapscript
+        if (op >= BitcoinOpcodes.OP_CAT && op <= BitcoinOpcodes.OP_RIGHT) return true;
+        if (op >= BitcoinOpcodes.OP_INVERT && op <= BitcoinOpcodes.OP_XOR) return true;
+        if (op >= BitcoinOpcodes.OP_2MUL && op <= BitcoinOpcodes.OP_2DIV) return true;
+        if (op >= <u8>149 && op <= <u8>153) return true;
+
+        // Unknown/reserved range that is OP_SUCCESSx in Tapscript
+        return op >= <u8>187 && op <= <u8>254;
+    }
+}

package/runtime/script/Script.ts

@@ -0,0 +1,463 @@
+import { BytesWriter } from '../buffer/BytesWriter';
+import { BitcoinOpcodes } from './Opcodes';
+import { ScriptReader } from './reader/ScriptReader';
+import { CsvRecognize, MultisigRecognize } from './ScriptUtils';
+import { Revert } from '../types/Revert';
+
+/**
+ * ScriptNumber handles Bitcoin Script's unique number encoding format
+ * Bitcoin uses a variable-length, little-endian encoding with a sign bit
+ */
+@final
+export class ScriptNumber {
+    /**
+     * Calculate how many bytes are needed to encode a number
+     * in Bitcoin Script format
+     */
+    public static encodedLen(x: i64): i32 {
+        if (x == 0) return 0;
+
+        // Work with absolute value to count bytes
+        let n = x < 0 ? -x : x;
+        let bytes = 0;
+
+        while (n > 0) {
+            bytes++;
+            n >>= 8;
+        }
+
+        // Check if we need an extra byte for the sign bit
+        // This happens when the most significant bit is already set
+        const msb: u8 = <u8>(((x < 0 ? -x : x) >> (<i64>((bytes - 1) * 8))) & 0xff);
+        return (msb & 0x80) != 0 ? bytes + 1 : bytes;
+    }
+
+    /**
+     * Encode a number into Bitcoin Script format
+     * Returns a little-endian byte array with sign in the MSB
+     */
+    public static encode(x: i64): Uint8Array {
+        const L = ScriptNumber.encodedLen(x);
+        if (L == 0) return new Uint8Array(0);
+
+        const neg = x < 0;
+        let n = neg ? -x : x;
+        const out = new Uint8Array(L);
+
+        // Write bytes in little-endian order
+        for (let i = 0; i < L; i++) {
+            out[i] = <u8>(n & 0xff);
+            n >>= 8;
+        }
+
+        // Handle sign bit
+        if (neg) {
+            out[L - 1] |= 0x80;
+        } else if ((out[L - 1] & 0x80) != 0) {
+            // If MSB is set on a positive number, we need an extra byte
+            out[L - 1] = 0x00;
+        }
+
+        return out;
+    }
+
+    /**
+     * Decode result type for safe error handling
+     */
+    static decodeResult(data: Uint8Array, minimal: bool = true): DecodeNumberResult {
+        const L = data.length;
+        if (L == 0) return DecodeNumberResult.ok(0);
+
+        // Script numbers are limited to 4 bytes
+        if (L > 4) return DecodeNumberResult.err('ScriptNumber too large');
+
+        // Check minimal encoding if required
+        if (minimal) {
+            const msb = data[L - 1];
+            if ((msb & 0x7f) == 0) {
+                if (L == 1) return DecodeNumberResult.err('non-minimal zero');
+                if ((data[L - 2] & 0x80) == 0) {
+                    return DecodeNumberResult.err('non-minimal sign byte');
+                }
+            }
+        }
+
+        // Decode the number
+        let res: i64 = 0;
+        for (let i = 0; i < L; i++) {
+            res |= (<i64>((<i64>data[i]) & 0xff)) << (<i64>8 * i);
+        }
+
+        // Handle negative numbers
+        const neg = (data[L - 1] & 0x80) != 0;
+        if (neg) {
+            // Clear the sign bit and negate
+            const mask: i64 = ~((<i64>0x80) << (<i64>8 * (L - 1)));
+            res &= mask;
+            res = -res;
+        }
+
+        return DecodeNumberResult.ok(res);
+    }
+
+    /**
+     * Consider using decodeResult for safe decoding
+     * This method will throw an error if decoding fails
+     */
+    public static decode(data: Uint8Array, minimal: bool = true): i64 {
+        const result = ScriptNumber.decodeResult(data, minimal);
+        if (!result.success) {
+            if (!result.error) {
+                throw new Revert('Unexpected error in ScriptNumber.decode');
+            }
+
+            throw new Revert(result.error);
+        }
+        return result.value;
+    }
+}
+
+/**
+ * Result type for number decoding operations
+ */
+@final
+export class DecodeNumberResult {
+    public readonly success: bool;
+    public readonly value: i64;
+    public readonly error: string | null;
+
+    public constructor(success: bool, value: i64, error: string | null) {
+        this.success = success;
+        this.value = value;
+        this.error = error;
+    }
+
+    static ok(value: i64): DecodeNumberResult {
+        return new DecodeNumberResult(true, value, null);
+    }
+
+    static err(error: string): DecodeNumberResult {
+        return new DecodeNumberResult(false, 0, error);
+    }
+}
+
+/**
+ * ScriptIO handles the serialization of Script operations
+ * It knows how to write push operations in the most efficient format
+ */
+@final
+export class ScriptIO {
+    /**
+     * Calculate the size needed for a push operation
+     * This includes the opcode and any length prefixes
+     */
+    public static pushPrefixSize(len: i32): i32 {
+        if (len == 0) return 1; // OP_0
+        if (len <= 75) return 1; // Direct push
+        if (len < 0x100) return 2; // OP_PUSHDATA1 + 1 byte length
+        if (len < 0x10000) return 3; // OP_PUSHDATA2 + 2 byte length
+        return 5; // OP_PUSHDATA4 + 4 byte length
+    }
+
+    /**
+     * Write a push operation in the most efficient format
+     * Bitcoin Script has several ways to push data onto the stack
+     */
+    public static writePush(w: BytesWriter, data: Uint8Array): void {
+        const len = data.length;
+
+        if (len == 0) {
+            // Empty pushes use OP_0
+            w.writeU8(BitcoinOpcodes.OP_0);
+            return;
+        }
+
+        if (len <= 75) {
+            // Small pushes: the length itself is the opcode
+            w.writeU8(<u8>len);
+            w.writeBytes(data);
+            return;
+        }
+
+        if (len < 0x100) {
+            // Medium pushes: OP_PUSHDATA1 followed by 1-byte length
+            w.writeU8(BitcoinOpcodes.OP_PUSHDATA1);
+            w.writeU8(<u8>len);
+            w.writeBytes(data);
+            return;
+        }
+
+        if (len < 0x10000) {
+            // Large pushes: OP_PUSHDATA2 followed by 2-byte length
+            w.writeU8(BitcoinOpcodes.OP_PUSHDATA2);
+            w.writeU8(<u8>len);
+            w.writeU8(<u8>(len >>> 8));
+            w.writeBytes(data);
+            return;
+        }
+
+        // Very large pushes: OP_PUSHDATA4 followed by 4-byte length
+        w.writeU8(BitcoinOpcodes.OP_PUSHDATA4);
+        w.writeU8(<u8>len);
+        w.writeU8(<u8>(len >>> 8));
+        w.writeU8(<u8>(len >>> 16));
+        w.writeU8(<u8>(len >>> 24));
+        w.writeBytes(data);
+    }
+}
+
+@final
+export class BitcoinScript {
+    /**
+     * Create a CSV (CheckSequenceVerify) timelock script
+     * This allows coins to be locked for a certain number of blocks
+     */
+    public static csvTimelock(pubkey: Uint8Array, csvBlocks: i32): Uint8Array {
+        // Validate inputs
+        if (csvBlocks < 0) throw new Revert('csvBlocks must be >= 0');
+        if (csvBlocks > 65535) throw new Revert('csvBlocks exceeds 16-bit BIP-68 field');
+
+        const pubLen = pubkey.length;
+
+        // Calculate size needed for the number part
+        let nPartSize = 0;
+        if (csvBlocks == 0) {
+            nPartSize = 1; // OP_0
+        } else if (csvBlocks <= 16) {
+            nPartSize = 1; // OP_1 through OP_16
+        } else {
+            // Need to encode as a push operation
+            const nBytes = ScriptNumber.encodedLen(csvBlocks);
+            nPartSize = ScriptIO.pushPrefixSize(nBytes) + nBytes;
+        }
+
+        // Calculate total script size
+        const sz =
+            nPartSize +
+            1 + // OP_CHECKSEQUENCEVERIFY
+            1 + // OP_DROP
+            ScriptIO.pushPrefixSize(pubLen) +
+            pubLen + // pubkey push
+            1; // OP_CHECKSIG
+
+        if (sz > 10000) throw new Revert('script too large');
+
+        // Build the script
+        const w = new BytesWriter(sz);
+
+        // Write the CSV blocks value
+        if (csvBlocks == 0) {
+            w.writeU8(BitcoinOpcodes.OP_0);
+        } else if (csvBlocks <= 16) {
+            w.writeU8(BitcoinOpcodes.opN(csvBlocks));
+        } else {
+            const enc = ScriptNumber.encode(csvBlocks);
+            ScriptIO.writePush(w, enc);
+        }
+
+        // Write the rest of the script
+        w.writeU8(BitcoinOpcodes.OP_CHECKSEQUENCEVERIFY);
+        w.writeU8(BitcoinOpcodes.OP_DROP);
+        ScriptIO.writePush(w, pubkey);
+        w.writeU8(BitcoinOpcodes.OP_CHECKSIG);
+
+        return w.getBuffer().subarray(0, <i32>w.getOffset());
+    }
+
+    /**
+     * Create a multisig script
+     * Requires m-of-n signatures to spend
+     */
+    public static multisig(m: i32, pubkeys: Array<Uint8Array>): Uint8Array {
+        const n = pubkeys.length;
+
+        // Validate parameters
+        if (m < 1 || m > 16) throw new Revert('m out of range');
+        if (n < m || n > 16) throw new Revert('n out of range');
+
+        // Calculate total size
+        let sz = 1; // OP_m
+        for (let i = 0; i < n; i++) {
+            const L = pubkeys[i].length;
+            sz += ScriptIO.pushPrefixSize(L) + L;
+        }
+        sz += 1 + 1; // OP_n + OP_CHECKMULTISIG
+
+        if (sz > 10000) throw new Revert('script too large');
+
+        // Build the script
+        const w = new BytesWriter(sz);
+        w.writeU8(BitcoinOpcodes.opN(m));
+
+        for (let i = 0; i < n; i++) {
+            ScriptIO.writePush(w, pubkeys[i]);
+        }
+
+        w.writeU8(BitcoinOpcodes.opN(n));
+        w.writeU8(BitcoinOpcodes.OP_CHECKMULTISIG);
+
+        return w.getBuffer().subarray(0, <i32>w.getOffset());
+    }
+
+    /**
+     * Recognize and parse a CSV timelock script
+     * Returns the CSV blocks and pubkey if the script matches the pattern
+     */
+    public static recognizeCsvTimelock(
+        script: Uint8Array,
+        strictMinimal: bool = true,
+    ): CsvRecognize {
+        const r = new ScriptReader(script);
+
+        if (r.done()) return new CsvRecognize(false, -1, null);
+
+        // Read the CSV blocks value
+        let result = r.nextSafe(strictMinimal);
+        if (!result.success) return new CsvRecognize(false, -1, null);
+
+        let t = result.value!;
+        let csvBlocks: i64 = -1;
+        let pubkey: Uint8Array | null = null;
+
+        // Parse the number from the first instruction
+        if (t.data !== null) {
+            // It's a push operation - decode the number
+            const numResult = ScriptNumber.decodeResult(t.data as Uint8Array, strictMinimal);
+            if (!numResult.success || numResult.value < 0) {
+                return new CsvRecognize(false, -1, null);
+            }
+            csvBlocks = numResult.value;
+        } else {
+            // It's a direct opcode
+            const op = t.op;
+            if (op == <i32>BitcoinOpcodes.OP_1NEGATE) {
+                return new CsvRecognize(false, -1, null);
+            }
+            if (op >= <i32>BitcoinOpcodes.OP_1 && op <= <i32>BitcoinOpcodes.OP_16) {
+                csvBlocks = <i64>(op - 0x50);
+            } else if (op == <i32>BitcoinOpcodes.OP_0) {
+                csvBlocks = 0;
+            } else {
+                return new CsvRecognize(false, -1, null);
+            }
+        }
+
+        // Check for OP_CHECKSEQUENCEVERIFY
+        if (r.done()) return new CsvRecognize(false, -1, null);
+        result = r.nextSafe(strictMinimal);
+        if (!result.success) return new CsvRecognize(false, -1, null);
+        t = result.value!;
+        if (t.op != <i32>BitcoinOpcodes.OP_CHECKSEQUENCEVERIFY) {
+            return new CsvRecognize(false, -1, null);
+        }
+
+        // Check for OP_DROP
+        if (r.done()) return new CsvRecognize(false, -1, null);
+        result = r.nextSafe(strictMinimal);
+        if (!result.success) return new CsvRecognize(false, -1, null);
+        t = result.value!;
+        if (t.op != <i32>BitcoinOpcodes.OP_DROP) {
+            return new CsvRecognize(false, -1, null);
+        }
+
+        // Read the pubkey
+        if (r.done()) return new CsvRecognize(false, -1, null);
+        result = r.nextSafe(strictMinimal);
+        if (!result.success) return new CsvRecognize(false, -1, null);
+        t = result.value!;
+        if (t.data === null) return new CsvRecognize(false, -1, null);
+
+        const pk = t.data as Uint8Array;
+        const Lpk = pk.length;
+        // Valid pubkeys are either 33 bytes (compressed) or 65 bytes (uncompressed)
+        if (Lpk != 33 && Lpk != 65) return new CsvRecognize(false, -1, null);
+        pubkey = pk;
+
+        // Check for OP_CHECKSIG
+        if (r.done()) return new CsvRecognize(false, -1, null);
+        result = r.nextSafe(strictMinimal);
+        if (!result.success) return new CsvRecognize(false, -1, null);
+        t = result.value!;
+        if (t.op != <i32>BitcoinOpcodes.OP_CHECKSIG) {
+            return new CsvRecognize(false, -1, null);
+        }
+
+        // Script should be exactly consumed
+        if (!r.done()) return new CsvRecognize(false, -1, null);
+
+        return new CsvRecognize(true, csvBlocks, pubkey);
+    }
+
+    /**
+     * Recognize and parse a multisig script
+     * Returns m, n, and the list of pubkeys if the script matches
+     */
+    public static recognizeMultisig(
+        script: Uint8Array,
+        strictMinimal: bool = true,
+    ): MultisigRecognize {
+        const r = new ScriptReader(script);
+
+        if (r.done()) return new MultisigRecognize(false, 0, 0, null);
+
+        // Read m value
+        let result = r.nextSafe(strictMinimal);
+        if (!result.success) return new MultisigRecognize(false, 0, 0, null);
+
+        let t = result.value!;
+        const opm = t.op;
+        if (opm < <i32>BitcoinOpcodes.OP_1 || opm > <i32>BitcoinOpcodes.OP_16) {
+            return new MultisigRecognize(false, 0, 0, null);
+        }
+        const m = opm - 0x50;
+
+        // Collect pubkeys
+        const keys = new Array<Uint8Array>();
+
+        while (!r.done()) {
+            result = r.nextSafe(strictMinimal);
+            if (!result.success) return new MultisigRecognize(false, 0, 0, null);
+            t = result.value!;
+
+            if (t.data !== null) {
+                // This is a pubkey
+                const pk = t.data as Uint8Array;
+                const L = pk.length;
+                if (L != 33 && L != 65) {
+                    return new MultisigRecognize(false, 0, 0, null);
+                }
+                keys.push(pk);
+                continue;
+            }
+
+            // Must be the n value
+            if (t.op < <i32>BitcoinOpcodes.OP_1 || t.op > <i32>BitcoinOpcodes.OP_16) {
+                return new MultisigRecognize(false, 0, 0, null);
+            }
+            const n = t.op - 0x50;
+
+            // Validate n
+            if (n != keys.length || n < m) {
+                return new MultisigRecognize(false, 0, 0, null);
+            }
+
+            // Next must be OP_CHECKMULTISIG
+            if (r.done()) return new MultisigRecognize(false, 0, 0, null);
+
+            const result2 = r.nextSafe(strictMinimal);
+            if (!result2.success) return new MultisigRecognize(false, 0, 0, null);
+            const t2 = result2.value!;
+
+            if (t2.op != <i32>BitcoinOpcodes.OP_CHECKMULTISIG) {
+                return new MultisigRecognize(false, 0, 0, null);
+            }
+
+            // Script should be fully consumed
+            if (!r.done()) return new MultisigRecognize(false, 0, 0, null);
+
+            return new MultisigRecognize(true, m, n, keys);
+        }
+
+        return new MultisigRecognize(false, 0, 0, null);
+    }
+}