@btc-vision/transaction 1.6.19 → 1.7.0

package/build/keypair/Address.js

@@ -9,7 +9,7 @@ var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (
     if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
     return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
 };
-var _Address_p2tr, _Address_p2op, _Address_network, _Address_originalPublicKey, _Address_keyPair, _Address_uncompressed, _Address_tweakedUncompressed, _Address_p2wda;
+var _Address_p2tr, _Address_p2op, _Address_network, _Address_originalPublicKey, _Address_keyPair, _Address_uncompressed, _Address_tweakedUncompressed, _Address_p2wda, _Address_mldsaPublicKey;
 import { decompressPublicKey, toXOnly } from '@btc-vision/bitcoin';
 import { ADDRESS_BYTE_LENGTH } from '../utils/lengths.js';
 import { AddressVerificator } from './AddressVerificator.js';
@@ -18,8 +18,9 @@ import { ContractAddress } from '../transaction/ContractAddress.js';
 import { BitcoinUtils } from '../utils/BitcoinUtils.js';
 import { TimeLockGenerator } from '../transaction/mineable/TimelockGenerator.js';
 import { P2WDADetector } from '../p2wda/P2WDADetector.js';
+import { sha256 } from '@noble/hashes/sha2';
 export class Address extends Uint8Array {
-    constructor(bytes) {
+    constructor(mldsaPublicKey, publicKeyOrTweak) {
         super(ADDRESS_BYTE_LENGTH);
         _Address_p2tr.set(this, void 0);
         _Address_p2op.set(this, void 0);
@@ -29,37 +30,52 @@ export class Address extends Uint8Array {
         _Address_uncompressed.set(this, void 0);
         _Address_tweakedUncompressed.set(this, void 0);
         _Address_p2wda.set(this, void 0);
-        if (!bytes) {
+        _Address_mldsaPublicKey.set(this, void 0);
+        if (!mldsaPublicKey) {
             return;
         }
-        this.set(bytes);
+        if (publicKeyOrTweak) {
+            this.classicPublicKey = new Uint8Array(publicKeyOrTweak.length);
+            this.classicPublicKey.set(publicKeyOrTweak);
+        }
+        this.set(mldsaPublicKey);
     }
     get originalPublicKey() {
         return __classPrivateFieldGet(this, _Address_originalPublicKey, "f");
     }
+    get mldsaPublicKey() {
+        return __classPrivateFieldGet(this, _Address_mldsaPublicKey, "f");
+    }
     get keyPair() {
         if (!__classPrivateFieldGet(this, _Address_keyPair, "f")) {
-            throw new Error('Public key not set for address');
+            throw new Error('Classical public key not set for address');
         }
         return __classPrivateFieldGet(this, _Address_keyPair, "f");
     }
     static dead() {
-        return Address.fromString('0x04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f');
+        return Address.fromString('0x0000000000000000000000000000000000000000000000000000000000000000', '0x04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f');
     }
-    static zero() {
-        return new Address();
-    }
-    static fromString(pubKey) {
-        if (!pubKey) {
+    static fromString(mldsaPublicKey, classicPublicKey) {
+        if (!mldsaPublicKey) {
             throw new Error('Invalid public key');
         }
-        if (pubKey.startsWith('0x')) {
-            pubKey = pubKey.slice(2);
+        if (mldsaPublicKey.startsWith('0x')) {
+            mldsaPublicKey = mldsaPublicKey.slice(2);
         }
-        if (!BitcoinUtils.isValidHex(pubKey)) {
+        if (!BitcoinUtils.isValidHex(mldsaPublicKey)) {
             throw new Error('You must only pass public keys in hexadecimal format. If you have an address such as bc1q... you must convert it to a public key first. Please refer to await provider.getPublicKeyInfo("bc1q..."). If the public key associated with the address is not found, you must force the user to enter the destination public key. It looks like: 0x020373626d317ae8788ce3280b491068610d840c23ecb64c14075bbb9f670af52c.');
         }
-        return new Address(Buffer.from(pubKey, 'hex'));
+        let classicBuffer;
+        if (classicPublicKey) {
+            if (classicPublicKey.startsWith('0x')) {
+                classicPublicKey = classicPublicKey.slice(2);
+            }
+            if (!BitcoinUtils.isValidHex(classicPublicKey)) {
+                throw new Error('You must only pass classical public keys in hexadecimal format. If you have an address such as bc1q... you must convert it to a public key first. Please refer to await provider.getPublicKeyInfo("bc1q..."). If the public key associated with the address is not found, you must force the user to enter the destination public key. It looks like: 0x020373626d317ae8788ce3280b491068610d840c23ecb64c14075bbb9f670af52c.');
+            }
+            classicBuffer = Buffer.from(classicPublicKey, 'hex');
+        }
+        return new Address(Buffer.from(mldsaPublicKey, 'hex'), classicBuffer);
     }
     static wrap(bytes) {
         return new Address(bytes);
@@ -76,36 +92,48 @@ export class Address extends Uint8Array {
     toHex() {
         return '0x' + Buffer.from(this).toString('hex');
     }
+    tweakedToHex() {
+        if (!this.classicPublicKey) {
+            throw new Error('Classical public key not set');
+        }
+        return '0x' + Buffer.from(this.classicPublicKey).toString('hex');
+    }
     toBuffer() {
         return Buffer.from(this);
     }
+    tweakedPublicKeyToBuffer() {
+        if (!this.classicPublicKey) {
+            throw new Error('Classical public key not set');
+        }
+        return Buffer.from(this.classicPublicKey);
+    }
     toUncompressedHex() {
         if (!__classPrivateFieldGet(this, _Address_uncompressed, "f")) {
-            throw new Error('Public key not set');
+            throw new Error('Classical public key not set');
         }
         return '0x' + __classPrivateFieldGet(this, _Address_uncompressed, "f").uncompressed.toString('hex');
     }
     toUncompressedBuffer() {
         if (!__classPrivateFieldGet(this, _Address_uncompressed, "f")) {
-            throw new Error('Public key not set');
+            throw new Error('Classical public key not set');
         }
         return __classPrivateFieldGet(this, _Address_uncompressed, "f").uncompressed;
     }
     toHybridPublicKeyHex() {
         if (!__classPrivateFieldGet(this, _Address_uncompressed, "f")) {
-            throw new Error('Public key not set');
+            throw new Error('Classical public key not set');
         }
         return '0x' + __classPrivateFieldGet(this, _Address_uncompressed, "f").hybrid.toString('hex');
     }
     toHybridPublicKeyBuffer() {
         if (!__classPrivateFieldGet(this, _Address_uncompressed, "f")) {
-            throw new Error('Public key not set');
+            throw new Error('Classical public key not set');
         }
         return __classPrivateFieldGet(this, _Address_uncompressed, "f").hybrid;
     }
     originalPublicKeyBuffer() {
         if (!__classPrivateFieldGet(this, _Address_originalPublicKey, "f")) {
-            throw new Error('Public key not set');
+            throw new Error('Classical public key not set');
         }
         return Buffer.from(__classPrivateFieldGet(this, _Address_originalPublicKey, "f"));
     }
@@ -149,19 +177,38 @@ export class Address extends Uint8Array {
         }
         return false;
     }
-    set(publicKey) {
-        const validLengths = [ADDRESS_BYTE_LENGTH, 33, 65];
-        if (!validLengths.includes(publicKey.length)) {
-            throw new Error(`Invalid public key length ${publicKey.length}`);
+    set(mldsaPublicKey) {
+        if (this.classicPublicKey) {
+            const validLengths = [ADDRESS_BYTE_LENGTH, 33, 65];
+            if (!validLengths.includes(this.classicPublicKey.length)) {
+                throw new Error(`Invalid public key length ${this.classicPublicKey.length}`);
+            }
+            if (this.classicPublicKey.length === ADDRESS_BYTE_LENGTH) {
+                const buf = Buffer.alloc(ADDRESS_BYTE_LENGTH);
+                buf.set(this.classicPublicKey);
+                __classPrivateFieldSet(this, _Address_tweakedUncompressed, ContractAddress.generateHybridKeyFromHash(buf), "f");
+            }
+            else {
+                this.autoFormat(this.classicPublicKey);
+            }
         }
-        if (publicKey.length === ADDRESS_BYTE_LENGTH) {
-            const buf = Buffer.alloc(ADDRESS_BYTE_LENGTH);
-            buf.set(publicKey);
-            __classPrivateFieldSet(this, _Address_tweakedUncompressed, ContractAddress.generateHybridKeyFromHash(buf), "f");
-            super.set(publicKey);
+        if (mldsaPublicKey.length === ADDRESS_BYTE_LENGTH) {
+            const buf = new Uint8Array(ADDRESS_BYTE_LENGTH);
+            buf.set(mldsaPublicKey);
+            super.set(buf);
         }
         else {
-            this.autoFormat(publicKey);
+            const validMLDSALengths = [1312, 1952, 2592];
+            if (!validMLDSALengths.includes(mldsaPublicKey.length)) {
+                throw new Error(`Invalid ML-DSA public key length: ${mldsaPublicKey.length}. ` +
+                    `Expected 1312 (ML-DSA-44/LEVEL2), 1952 (ML-DSA-65/LEVEL3), or 2592 (ML-DSA-87/LEVEL5) bytes.`);
+            }
+            __classPrivateFieldSet(this, _Address_mldsaPublicKey, new Uint8Array(mldsaPublicKey.length), "f");
+            __classPrivateFieldGet(this, _Address_mldsaPublicKey, "f").set(mldsaPublicKey);
+            const hashedPublicKey = sha256(new Uint8Array(mldsaPublicKey));
+            const buf = new Uint8Array(ADDRESS_BYTE_LENGTH);
+            buf.set(hashedPublicKey);
+            super.set(buf);
         }
     }
     isValid(network) {
@@ -186,16 +233,19 @@ export class Address extends Uint8Array {
         return this.toHex();
     }
     p2tr(network) {
+        if (!this.classicPublicKey) {
+            throw new Error('Classical public key not set');
+        }
         if (__classPrivateFieldGet(this, _Address_p2tr, "f") && __classPrivateFieldGet(this, _Address_network, "f") === network) {
             return __classPrivateFieldGet(this, _Address_p2tr, "f");
         }
-        const p2trAddy = EcKeyPair.tweakedPubKeyBufferToAddress(this, network);
+        const p2trAddy = EcKeyPair.tweakedPubKeyBufferToAddress(this.classicPublicKey, network);
         if (p2trAddy) {
             __classPrivateFieldSet(this, _Address_network, network, "f");
             __classPrivateFieldSet(this, _Address_p2tr, p2trAddy, "f");
             return p2trAddy;
         }
-        throw new Error('Public key not set');
+        throw new Error('Classical public key not set');
     }
     p2wda(network) {
         if (__classPrivateFieldGet(this, _Address_p2wda, "f") && __classPrivateFieldGet(this, _Address_network, "f") === network) {
@@ -242,17 +292,17 @@ export class Address extends Uint8Array {
             __classPrivateFieldSet(this, _Address_p2op, p2opAddy, "f");
             return p2opAddy;
         }
-        throw new Error('Public key not set');
+        throw new Error('ML-DSA public key not set');
     }
     toTweakedHybridPublicKeyHex() {
         if (!__classPrivateFieldGet(this, _Address_tweakedUncompressed, "f")) {
-            throw new Error('Public key not set');
+            throw new Error('Classical public key not set');
         }
         return '0x' + __classPrivateFieldGet(this, _Address_tweakedUncompressed, "f").toString('hex');
     }
     toTweakedHybridPublicKeyBuffer() {
         if (!__classPrivateFieldGet(this, _Address_tweakedUncompressed, "f")) {
-            throw new Error('Public key not set');
+            throw new Error('Classical public key not set');
         }
         return __classPrivateFieldGet(this, _Address_tweakedUncompressed, "f");
     }
@@ -268,7 +318,8 @@ export class Address extends Uint8Array {
         __classPrivateFieldSet(this, _Address_uncompressed, decompressPublicKey(__classPrivateFieldGet(this, _Address_originalPublicKey, "f")), "f");
         const tweakedBytes = toXOnly(EcKeyPair.tweakPublicKey(Buffer.from(__classPrivateFieldGet(this, _Address_originalPublicKey, "f"))));
         __classPrivateFieldSet(this, _Address_tweakedUncompressed, ContractAddress.generateHybridKeyFromHash(tweakedBytes), "f");
-        super.set(tweakedBytes);
+        this.classicPublicKey = new Uint8Array(ADDRESS_BYTE_LENGTH);
+        this.classicPublicKey.set(tweakedBytes);
     }
 }
-_Address_p2tr = new WeakMap(), _Address_p2op = new WeakMap(), _Address_network = new WeakMap(), _Address_originalPublicKey = new WeakMap(), _Address_keyPair = new WeakMap(), _Address_uncompressed = new WeakMap(), _Address_tweakedUncompressed = new WeakMap(), _Address_p2wda = new WeakMap();
+_Address_p2tr = new WeakMap(), _Address_p2op = new WeakMap(), _Address_network = new WeakMap(), _Address_originalPublicKey = new WeakMap(), _Address_keyPair = new WeakMap(), _Address_uncompressed = new WeakMap(), _Address_tweakedUncompressed = new WeakMap(), _Address_p2wda = new WeakMap(), _Address_mldsaPublicKey = new WeakMap();

package/build/keypair/AddressVerificator.d.ts

@@ -1,4 +1,5 @@
 import { Network } from '@btc-vision/bitcoin';
+import { MLDSASecurityLevel } from '@btc-vision/bip32';
 export declare enum AddressTypes {
     P2PKH = "P2PKH",
     P2OP = "P2OP",
@@ -22,6 +23,8 @@ export declare class AddressVerificator {
     static isP2WDAWitnessScript(witnessScript: Buffer): boolean;
     static isP2PKHOrP2SH(addy: string, network: Network): boolean;
     static isValidPublicKey(input: string, network: Network): boolean;
+    static isValidMLDSAPublicKey(input: string | Buffer | Uint8Array): MLDSASecurityLevel | null;
+    static isValidP2OPAddress(inAddress: string, network: Network): boolean;
     static requireRedeemScript(addy: string, network: Network): boolean;
     static detectAddressType(addy: string, network: Network): AddressTypes | null;
     static detectAddressTypeWithWitnessScript(addy: string, network: Network, witnessScript?: Buffer): AddressTypes | null;

package/build/keypair/AddressVerificator.js

@@ -3,6 +3,7 @@ import * as ecc from '@bitcoinerlab/secp256k1';
 import { EcKeyPair } from './EcKeyPair.js';
 import { BitcoinUtils } from '../utils/BitcoinUtils.js';
 import { P2WDADetector } from '../p2wda/P2WDADetector.js';
+import { MLDSASecurityLevel } from '@btc-vision/bip32';
 initEccLib(ecc);
 export var AddressTypes;
 (function (AddressTypes) {
@@ -81,6 +82,52 @@ export class AddressVerificator {
         }
         return false;
     }
+    static isValidMLDSAPublicKey(input) {
+        try {
+            let byteLength;
+            if (Buffer.isBuffer(input) || input instanceof Uint8Array) {
+                byteLength = input.length;
+            }
+            else {
+                if (input.startsWith('0x')) {
+                    input = input.slice(2);
+                }
+                if (!BitcoinUtils.isValidHex(input)) {
+                    return null;
+                }
+                byteLength = input.length / 2;
+            }
+            switch (byteLength) {
+                case 1312:
+                    return MLDSASecurityLevel.LEVEL2;
+                case 1952:
+                    return MLDSASecurityLevel.LEVEL3;
+                case 2592:
+                    return MLDSASecurityLevel.LEVEL5;
+                default:
+                    return null;
+            }
+        }
+        catch (e) {
+            return null;
+        }
+    }
+    static isValidP2OPAddress(inAddress, network) {
+        if (!inAddress || inAddress.length < 20)
+            return false;
+        try {
+            const decodedAddress = address.fromBech32(inAddress);
+            const validPrefix = decodedAddress.prefix === network.bech32 ||
+                decodedAddress.prefix === network.bech32Opnet;
+            if (!validPrefix) {
+                return false;
+            }
+            return decodedAddress.version === 16 && decodedAddress.data.length === 21;
+        }
+        catch {
+            return false;
+        }
+    }
     static requireRedeemScript(addy, network) {
         try {
             const decodedBase58 = address.fromBase58Check(addy);
@@ -111,7 +158,8 @@ export class AddressVerificator {
             const decodedBech32 = address.fromBech32(addy);
             if ((decodedBech32.prefix === network.bech32Opnet ||
                 decodedBech32.prefix === network.bech32) &&
-                decodedBech32.version === 16) {
+                decodedBech32.version === 16 &&
+                decodedBech32.data.length === 21) {
                 return AddressTypes.P2OP;
             }
             if (decodedBech32.prefix === network.bech32) {

package/build/keypair/EcKeyPair.d.ts

@@ -1,4 +1,4 @@
-import { BIP32API, BIP32Interface } from 'bip32';
+import { BIP32API, BIP32Interface, MLDSAKeyPair, MLDSASecurityLevel } from '@btc-vision/bip32';
 import { Network, Signer } from '@btc-vision/bitcoin';
 import { ECPairAPI, ECPairInterface } from 'ecpair';
 import { IWallet } from './interfaces/IWallet.js';
@@ -17,7 +17,8 @@ export declare class EcKeyPair {
     static xOnlyTweakedPubKeyToAddress(tweakedPubKeyHex: string, network: Network): string;
     static tweakPublicKey(pub: Uint8Array | Buffer | string): Buffer;
     static tweakBatchSharedT(pubkeys: readonly Uint8Array[], tweakScalar: bigint): Uint8Array[];
-    static generateWallet(network?: Network): IWallet;
+    static generateWallet(network?: Network, securityLevel?: MLDSASecurityLevel): IWallet;
+    static generateQuantumKeyPair(securityLevel?: MLDSASecurityLevel, network?: Network): MLDSAKeyPair;
     static verifyContractAddress(contractAddress: string, network?: Network): boolean;
     static getLegacySegwitAddress(keyPair: ECPairInterface, network?: Network): string;
     static getLegacyAddress(keyPair: ECPairInterface, network?: Network): string;

package/build/keypair/EcKeyPair.js

@@ -1,11 +1,11 @@
 import * as ecc from '@bitcoinerlab/secp256k1';
-import bip32, { BIP32Factory } from 'bip32';
+import bip32, { BIP32Factory, MLDSASecurityLevel, QuantumBIP32Factory, } from '@btc-vision/bip32';
 import bitcoin, { address, fromOutputScript, initEccLib, networks, opcodes, payments, script, toXOnly, } from '@btc-vision/bitcoin';
 import { ECPairFactory } from 'ecpair';
 import { secp256k1 } from '@noble/curves/secp256k1';
 import { mod } from '@noble/curves/abstract/modular';
 import { sha256 } from '@noble/hashes/sha2';
-import { bytesToNumberBE, concatBytes, utf8ToBytes } from '@noble/curves/utils.js';
+import { bytesToNumberBE, concatBytes, randomBytes, utf8ToBytes } from '@noble/curves/utils.js';
 initEccLib(ecc);
 const BIP32factory = typeof bip32 === 'function' ? bip32 : BIP32Factory;
 if (!BIP32factory) {
@@ -128,7 +128,7 @@ export class EcKeyPair {
             return Q.toBytes(true);
         });
     }
-    static generateWallet(network = networks.bitcoin) {
+    static generateWallet(network = networks.bitcoin, securityLevel = MLDSASecurityLevel.LEVEL2) {
         const keyPair = this.ECPair.makeRandom({
             network: network,
         });
@@ -136,10 +136,24 @@ export class EcKeyPair {
         if (!wallet) {
             throw new Error('Failed to generate wallet');
         }
+        const quantumKeyPair = this.generateQuantumKeyPair(securityLevel, network);
         return {
             address: wallet,
             privateKey: keyPair.toWIF(),
             publicKey: Buffer.from(keyPair.publicKey).toString('hex'),
+            quantumPrivateKey: Buffer.from(quantumKeyPair.privateKey).toString('hex'),
+            quantumPublicKey: Buffer.from(quantumKeyPair.publicKey).toString('hex'),
+        };
+    }
+    static generateQuantumKeyPair(securityLevel = MLDSASecurityLevel.LEVEL2, network = networks.bitcoin) {
+        const randomSeed = randomBytes(64);
+        const quantumRoot = QuantumBIP32Factory.fromSeed(Buffer.from(randomSeed), network, securityLevel);
+        if (!quantumRoot.privateKey || !quantumRoot.publicKey) {
+            throw new Error('Failed to generate quantum keypair');
+        }
+        return {
+            privateKey: Buffer.from(quantumRoot.privateKey),
+            publicKey: Buffer.from(quantumRoot.publicKey),
         };
     }
     static verifyContractAddress(contractAddress, network = networks.bitcoin) {

package/build/keypair/MessageSigner.d.ts

@@ -1,15 +1,24 @@
 import { ECPairInterface } from 'ecpair';
 import { Network } from '@btc-vision/bitcoin';
+import { MLDSASecurityLevel, QuantumBIP32Interface } from '@btc-vision/bip32';
 export interface SignedMessage {
     readonly signature: Uint8Array;
     readonly message: Uint8Array;
 }
+export interface MLDSASignedMessage {
+    readonly signature: Uint8Array;
+    readonly message: Uint8Array;
+    readonly publicKey: Uint8Array;
+    readonly securityLevel: MLDSASecurityLevel;
+}
 declare class MessageSignerBase {
     sha256(message: Buffer | Uint8Array): Buffer;
     tweakAndSignMessage(keypair: ECPairInterface, message: Uint8Array | Buffer | string, network: Network): SignedMessage;
     signMessage(keypair: ECPairInterface, message: Uint8Array | Buffer | string): SignedMessage;
     verifySignature(publicKey: Uint8Array | Buffer, message: Uint8Array | Buffer | string, signature: Uint8Array | Buffer): boolean;
     tweakAndVerifySignature(publicKey: Uint8Array | Buffer, message: Uint8Array | Buffer | string, signature: Uint8Array | Buffer): boolean;
+    signMLDSAMessage(mldsaKeypair: QuantumBIP32Interface, message: Uint8Array | Buffer | string): MLDSASignedMessage;
+    verifyMLDSASignature(mldsaKeypair: QuantumBIP32Interface, message: Uint8Array | Buffer | string, signature: Uint8Array | Buffer): boolean;
 }
 export declare const MessageSigner: MessageSignerBase;
 export {};

package/build/keypair/MessageSigner.js

@@ -39,5 +39,28 @@ class MessageSignerBase {
         const tweakedPublicKey = EcKeyPair.tweakPublicKey(Buffer.from(publicKey));
         return this.verifySignature(tweakedPublicKey, message, signature);
     }
+    signMLDSAMessage(mldsaKeypair, message) {
+        if (typeof message === 'string') {
+            message = Buffer.from(message, 'utf-8');
+        }
+        if (!mldsaKeypair.privateKey) {
+            throw new Error('ML-DSA private key not found in keypair.');
+        }
+        const hashedMessage = this.sha256(message);
+        const signature = mldsaKeypair.sign(hashedMessage);
+        return {
+            signature: Buffer.from(signature),
+            message: hashedMessage,
+            publicKey: Buffer.from(mldsaKeypair.publicKey),
+            securityLevel: mldsaKeypair.securityLevel,
+        };
+    }
+    verifyMLDSASignature(mldsaKeypair, message, signature) {
+        if (typeof message === 'string') {
+            message = Buffer.from(message, 'utf-8');
+        }
+        const hashedMessage = this.sha256(message);
+        return mldsaKeypair.verify(hashedMessage, signature);
+    }
 }
 export const MessageSigner = new MessageSignerBase();

package/build/keypair/Wallet.d.ts

@@ -2,9 +2,13 @@ import { ECPairInterface } from 'ecpair';
 import { Network } from '@btc-vision/bitcoin';
 import { Address } from './Address.js';
 import { IP2WSHAddress } from '../transaction/mineable/IP2WSHAddress.js';
+import { MLDSASecurityLevel, QuantumBIP32Interface } from '@btc-vision/bip32';
 export declare class Wallet {
     readonly network: Network;
     private readonly _keypair;
+    private readonly _mldsaKeypair;
+    private readonly _securityLevel;
+    private readonly _chainCode;
     private readonly _p2wpkh;
     private readonly _p2tr;
     private readonly _p2wda;
@@ -13,10 +17,13 @@ export declare class Wallet {
     private readonly _bufferPubKey;
     private readonly _tweakedKey;
     private readonly _address;
-    constructor(privateKeyOrWif: string, network?: Network);
+    constructor(privateKeyOrWif: string, mldsaPrivateKeyOrBase58: string, network?: Network, securityLevel?: MLDSASecurityLevel, chainCode?: Buffer);
     get address(): Address;
     get tweakedPubKeyKey(): Buffer;
     get keypair(): ECPairInterface;
+    get mldsaKeypair(): QuantumBIP32Interface;
+    get securityLevel(): MLDSASecurityLevel;
+    get chainCode(): Buffer;
     get p2wpkh(): string;
     get p2tr(): string;
     get p2wda(): IP2WSHAddress;
@@ -24,7 +31,17 @@ export declare class Wallet {
     get addresses(): string[];
     get segwitLegacy(): string;
     get publicKey(): Buffer;
+    get quantumPublicKey(): Buffer;
+    get quantumPrivateKey(): Buffer;
+    get quantumPublicKeyHex(): string;
+    get quantumPrivateKeyHex(): string;
     get xOnly(): Buffer;
-    static fromWif(wif: string, network?: Network): Wallet;
-    static new(network?: Network): Wallet;
+    static fromWif(wif: string, quantumPrivateKeyHex: string, network?: Network, securityLevel?: MLDSASecurityLevel, chainCode?: Buffer): Wallet;
+    static generate(network?: Network, securityLevel?: MLDSASecurityLevel): Wallet;
+    static fromPrivateKeys(privateKeyHexOrWif: string, mldsaPrivateKeyOrBase58: string, network?: Network, securityLevel?: MLDSASecurityLevel, chainCode?: Buffer): Wallet;
+    toWIF(): string;
+    toPrivateKeyHex(): string;
+    toPublicKeyHex(): string;
+    toQuantumBase58(): string;
+    derivePath(path: string): Wallet;
 }

package/build/keypair/Wallet.js

@@ -1,10 +1,15 @@
 import { EcKeyPair } from './EcKeyPair.js';
-import { networks, toXOnly } from '@btc-vision/bitcoin';
+import { initEccLib, networks, toXOnly } from '@btc-vision/bitcoin';
 import { Address } from './Address.js';
 import { BitcoinUtils } from '../utils/BitcoinUtils.js';
+import * as ecc from '@bitcoinerlab/secp256k1';
+import { getMLDSAConfig, MLDSASecurityLevel, QuantumBIP32Factory, } from '@btc-vision/bip32';
+import { randomBytes } from 'crypto';
+initEccLib(ecc);
 export class Wallet {
-    constructor(privateKeyOrWif, network = networks.bitcoin) {
+    constructor(privateKeyOrWif, mldsaPrivateKeyOrBase58, network = networks.bitcoin, securityLevel = MLDSASecurityLevel.LEVEL2, chainCode) {
         this.network = network;
+        this._securityLevel = securityLevel;
         const parsedPrivateKey = privateKeyOrWif.startsWith('0x')
             ? privateKeyOrWif.replace('0x', '')
             : privateKeyOrWif;
@@ -14,14 +19,44 @@ export class Wallet {
         else {
             this._keypair = EcKeyPair.fromWIF(parsedPrivateKey, this.network);
         }
+        const parsedMLDSAKey = mldsaPrivateKeyOrBase58.startsWith('0x')
+            ? mldsaPrivateKeyOrBase58.replace('0x', '')
+            : mldsaPrivateKeyOrBase58;
+        if (BitcoinUtils.isValidHex(parsedMLDSAKey)) {
+            const mldsaBuffer = Buffer.from(parsedMLDSAKey, 'hex');
+            const config = getMLDSAConfig(securityLevel, this.network);
+            const privateKeySize = config.privateKeySize;
+            const publicKeySize = config.publicKeySize;
+            const combinedSize = privateKeySize + publicKeySize;
+            let mldsaPrivateKeyBuffer;
+            if (mldsaBuffer.length === privateKeySize) {
+                mldsaPrivateKeyBuffer = mldsaBuffer;
+            }
+            else if (mldsaBuffer.length === combinedSize) {
+                mldsaPrivateKeyBuffer = mldsaBuffer.subarray(0, privateKeySize);
+            }
+            else {
+                throw new Error(`Invalid ML-DSA key length for security level ${securityLevel}. Expected ${privateKeySize} bytes (private only) or ${combinedSize} bytes (private+public), got ${mldsaBuffer.length} bytes.`);
+            }
+            if (chainCode && chainCode.length !== 32) {
+                throw new Error('Chain code must be 32 bytes');
+            }
+            this._chainCode = chainCode || randomBytes(32);
+            this._mldsaKeypair = QuantumBIP32Factory.fromPrivateKey(mldsaPrivateKeyBuffer, this._chainCode, this.network, securityLevel);
+        }
+        else {
+            this._mldsaKeypair = QuantumBIP32Factory.fromBase58(parsedMLDSAKey);
+            this._chainCode = Buffer.from(this._mldsaKeypair.chainCode);
+            this._securityLevel = this._mldsaKeypair.securityLevel;
+        }
         this._bufferPubKey = this._keypair.publicKey;
-        this._address = new Address(this._keypair.publicKey);
+        this._address = new Address(this._mldsaKeypair.publicKey, this._keypair.publicKey);
         this._p2tr = this._address.p2tr(this.network);
         this._p2wpkh = this._address.p2wpkh(this.network);
         this._legacy = this._address.p2pkh(this.network);
-        this._segwitLegacy = this._address.p2wpkh(this.network);
+        this._segwitLegacy = this._address.p2shp2wpkh(this.network);
         this._p2wda = this._address.p2wda(this.network);
-        this._tweakedKey = this._address.toBuffer();
+        this._tweakedKey = this._address.tweakedPublicKeyToBuffer();
     }
     get address() {
         return this._address;
@@ -34,6 +69,15 @@ export class Wallet {
             throw new Error('Keypair not set');
         return this._keypair;
     }
+    get mldsaKeypair() {
+        return this._mldsaKeypair;
+    }
+    get securityLevel() {
+        return this._securityLevel;
+    }
+    get chainCode() {
+        return this._chainCode;
+    }
     get p2wpkh() {
         return this._p2wpkh;
     }
@@ -57,15 +101,70 @@ export class Wallet {
             throw new Error('Public key not set');
         return this._bufferPubKey;
     }
+    get quantumPublicKey() {
+        return Buffer.from(this._mldsaKeypair.publicKey);
+    }
+    get quantumPrivateKey() {
+        if (!this._mldsaKeypair.privateKey) {
+            throw new Error('Quantum private key not set');
+        }
+        return Buffer.from(this._mldsaKeypair.privateKey);
+    }
+    get quantumPublicKeyHex() {
+        return Buffer.from(this._mldsaKeypair.publicKey).toString('hex');
+    }
+    get quantumPrivateKeyHex() {
+        if (!this._mldsaKeypair.privateKey) {
+            throw new Error('Quantum private key not set');
+        }
+        return Buffer.from(this._mldsaKeypair.privateKey).toString('hex');
+    }
     get xOnly() {
         if (!this.keypair)
             throw new Error('Keypair not set');
         return toXOnly(this._bufferPubKey);
     }
-    static fromWif(wif, network = networks.bitcoin) {
-        return new Wallet(wif, network);
+    static fromWif(wif, quantumPrivateKeyHex, network = networks.bitcoin, securityLevel = MLDSASecurityLevel.LEVEL2, chainCode) {
+        return new Wallet(wif, quantumPrivateKeyHex, network, securityLevel, chainCode);
     }
-    static new(network = networks.bitcoin) {
-        return new Wallet(EcKeyPair.generateWallet(network).privateKey, network);
+    static generate(network = networks.bitcoin, securityLevel = MLDSASecurityLevel.LEVEL2) {
+        const walletData = EcKeyPair.generateWallet(network, securityLevel);
+        if (!walletData.quantumPrivateKey) {
+            throw new Error('Failed to generate quantum keys');
+        }
+        return new Wallet(walletData.privateKey, walletData.quantumPrivateKey, network, securityLevel);
+    }
+    static fromPrivateKeys(privateKeyHexOrWif, mldsaPrivateKeyOrBase58, network = networks.bitcoin, securityLevel = MLDSASecurityLevel.LEVEL2, chainCode) {
+        return new Wallet(privateKeyHexOrWif, mldsaPrivateKeyOrBase58, network, securityLevel, chainCode);
+    }
+    toWIF() {
+        return this._keypair.toWIF();
+    }
+    toPrivateKeyHex() {
+        if (!this._keypair.privateKey) {
+            throw new Error('Private key not available');
+        }
+        return this._keypair.privateKey.toString('hex');
+    }
+    toPublicKeyHex() {
+        return this._bufferPubKey.toString('hex');
+    }
+    toQuantumBase58() {
+        return this._mldsaKeypair.toBase58();
+    }
+    derivePath(path) {
+        const derivedQuantum = this._mldsaKeypair.derivePath(path);
+        if (!this._keypair.privateKey) {
+            throw new Error('Cannot derive from a watch-only wallet (no private key available)');
+        }
+        const bip32Root = EcKeyPair.BIP32.fromPrivateKey(this._keypair.privateKey, this._chainCode, this.network);
+        const derivedClassical = bip32Root.derivePath(path);
+        if (!derivedClassical.privateKey) {
+            throw new Error('Failed to derive classical private key');
+        }
+        if (!derivedClassical.chainCode) {
+            throw new Error('Failed to derive classical chain code');
+        }
+        return new Wallet(Buffer.from(derivedClassical.privateKey).toString('hex'), derivedQuantum.toBase58(), this.network, this._securityLevel, Buffer.from(derivedClassical.chainCode));
     }
 }

package/build/keypair/interfaces/IWallet.d.ts

@@ -2,4 +2,6 @@ export interface IWallet {
     readonly address: string;
     readonly privateKey: string;
     readonly publicKey: string;
+    readonly quantumPrivateKey: string;
+    readonly quantumPublicKey: string;
 }