@btc-vision/transaction 1.6.4 → 1.6.5

package/doc/addresses/P2WDA.md

@@ -0,0 +1,240 @@
+# Pay-to-Witness-Data-Authentication (P2WDA)
+
+## Executive Summary
+
+Bitcoin makes arbitrary authenticated data inclusion expensive unless you exploit the SegWit witness discount, where
+every witness byte weighs 1 unit instead of 4. P2WDA is a spend template that deliberately carries authenticated
+application data in witness stack items and then drops them before a standard signature check. This preserves standard
+Bitcoin validation while letting applications verify the attached data out-of-band.
+
+In this implementation, the witness stack reserves **10 data slots** per P2WDA input, each **≤80 bytes** to respect
+default relay policy. The data (after compression) is prefixed by a **BIP340 Schnorr** signature over
+`(tx_signature || uncompressed_data)`, then split across those slots. Applications reassemble and verify the signed
+data, making any miner tampering detectable. On-chain validation remains standard and cheap thanks to the witness
+discount.
+
+## 1. Problem Space
+
+### 1.1 The Traditional Dilemma
+
+OP_RETURN is simple but tiny: **80 bytes max** per output under standard policy. Anything larger forces many outputs and
+multiple transactions, compounding base (non-witness) bytes that weigh 4× witness bytes. For realistic payloads (
+airdrops, rich metadata), this is cost-prohibitive.
+
+Importantly, even if OP_RETURN size limits were completely removed, it would not solve the fundamental economic problem.
+OP_RETURN data is stored in the transaction's output section, which means every byte counts as non-witness data and
+incurs the full 4× weight penalty. A hypothetical uncapped OP_RETURN storing 800 bytes would cost 3,200 weight units,
+while P2WDA achieves the same data storage for only 800 weight units in the witness section. The economic disadvantage
+of OP_RETURN is architectural, not merely a policy limitation.
+
+Commit-reveal styles fix integrity but double touches the chain (commit tx, reveal tx) and fragment UX.
+
+### 1.2 The Witness Discount Opportunity
+
+SegWit introduced **weight**: non-witness bytes weigh 4 units each; witness bytes weigh **1**. Fees are proportional to
+weight (vbytes ≈ weight/4). Packing authenticated data into witness can be ~75% cheaper than encoding the same data in
+base tx bytes.
+
+## 2. Technical Architecture
+
+### 2.1 Spend Template
+
+P2WDA uses a **P2WSH** spend whose script pre-drops a fixed number of stack items (the data slots), then performs a
+standard single-sig check.
+
+The witness script consists of:
+
+- 5 consecutive `OP_2DROP` operations (dropping 10 items total)
+- A 33-byte compressed public key
+- An `OP_CHECKSIG` operation
+
+This creates a script of approximately 40 bytes that validates like any standard single-signature P2WSH spend, but with
+space for our data payload in the witness stack.
+
+### 2.2 Authentication & Packing
+
+The authentication and packing process ensures data integrity while maximizing compression efficiency. Here's how it
+works:
+
+**Step 1: Prepare the data**
+
+- Start with your uncompressed payload data (application bytes)
+- Get the transaction signature (the DER signature that authorizes spending this input)
+
+**Step 2: Create authentication signature**
+
+- Compute a BIP340 Schnorr signature over the hash of (transaction_signature || payload_data)
+- This signature proves authorship and binds the data to this specific spend
+
+**Step 3: Combine and compress**
+
+```ts
+// Combine the authentication signature with the payload
+const combined_bytes = data_signature + payload_data;
+
+// Compress everything using DEFLATE or similar
+const compressed_bytes = COMPRESS(combined_bytes);
+
+// Split into chunks of max 80 bytes each
+const chunks = SPLIT_INTO_80_BYTE_CHUNKS(compressed_bytes);
+
+// Ensure we don't exceed 10 chunks
+if (chunks.length > 10) {
+    throw Error("Payload too large")
+}
+```
+
+**Step 4: Build the witness stack**
+The witness stack must contain exactly 12 items in this order:
+
+1. Data slot 0 (up to 80 bytes, or empty)
+2. Data slot 1 (up to 80 bytes, or empty)
+3. ... through Data slot 9
+4. Transaction signature (DER encoded, ~72 bytes)
+5. Witness script (~40 bytes)
+
+Any unused data slots are filled with empty byte arrays (length 0) to maintain the expected stack structure.
+
+**Verification Process for Indexers:**
+
+When an indexer encounters a P2WDA spend, it:
+
+1. Extracts and concatenates the first 10 witness items
+2. Decompresses the result to get (data_signature || original_data)
+3. Verifies the Schnorr signature against hash(tx_signature || original_data)
+4. If valid, passes the original_data to the application layer
+
+This design ensures that while Bitcoin consensus never inspects the data, any tampering is cryptographically detectable
+by applications.
+
+### 2.3 Input Placement Rules
+
+To simplify parsing and minimize duplication:
+
+* **All application data must be injected in the first P2WDA input by index** (the lowest-index input spending a P2WDA
+  UTXO)
+* Any **additional P2WDA inputs** in the same tx must supply **10 empty data items** (length=0) in their witness
+* Non-P2WDA inputs are unaffected
+* If a transaction flagged as `InteractionTransactionP2WDA` spends **no** P2WDA UTXOs, **throw an error**
+
+## 3. Economics
+
+### 3.1 OP_RETURN Baseline
+
+Standard OP_RETURN script is ≤83 bytes total, allowing ≤80 bytes data. All bytes are non-witness, costing **1 vbyte per
+byte**. For 80 bytes of data you typically consume ~91 vbytes including script overhead and output framing.
+
+### 3.2 P2WDA Spend
+
+The witness bytes calculation for a P2WDA input includes:
+
+- 1 byte for item count
+- 10 bytes for length prefixes (one per data slot)
+- The actual compressed data bytes
+- ~73 bytes for the transaction signature (including length prefix)
+- ~41 bytes for the witness script (including length prefix)
+
+Since all of this is witness data, it costs only 1/4 the weight of equivalent non-witness bytes.
+
+**Example with 512 bytes of incompressible data:**
+
+- Data + signature = 576 bytes total
+- Split across 8 slots (72 bytes each)
+- Total witness bytes ≈ 701
+- Cost in vbytes ≈ 175
+
+Compare to OP_RETURN which would need 7 outputs at ~91 vbytes each ≈ 637 vbytes.
+**Result: ~72% savings** while keeping everything in a single transaction.
+
+## 4. Security Model
+
+The security model separates on-chain authorization from off-chain data authentication:
+
+* **On-chain authorization**: The transaction signature proves spend authorization exactly like any P2WSH single-sig
+  spend
+* **Off-chain authorship**: The Schnorr signature authenticates the data and binds it to this spend via the transaction
+  signature
+* **Malleability handling**: SegWit allows witness data modification without changing the txid. The Schnorr signature
+  ensures any tampering is detectable
+
+Practical outcomes:
+
+- Funds cannot be redirected (protected by transaction signature)
+- Data forgery is detectable at the application layer (Schnorr signature fails)
+- Miners could theoretically replace data with garbage, but applications will reject it
+
+## 5. Operational Capabilities
+
+P2WDA works well for:
+
+* Mints
+* Airdrops
+* NFTs
+* Batch updates and state checkpoints
+* Governance votes and attestations
+* Swap listings (like nativeswap) but **NOT TRADES**, a miner could cancel your transaction!
+* etc.
+
+The 10 slots serve as a transport layer; keep application formats versioned and compact.
+
+## 6. Advanced Considerations
+
+### 6.1 Why 10 Slots of ≤80 Bytes?
+
+Default relay policy limits:
+
+- Maximum 100 stack items for P2WSH
+- Maximum 80 bytes per non-script witness item
+- Maximum 3600 bytes for the witness script itself
+
+Ten slots provides headroom while keeping scripts simple (5 * OP_2DROP). You can scale by using multiple P2WDA inputs,
+keeping data only in the first P2WDA input and zeros in the rest.
+
+### 6.2 Domain Separation (Recommended)
+
+To harden against cross-protocol attacks, consider using domain separation:
+
+```
+message = Hash("P2WDA/v1" || txid || input_index || tx_signature || data)
+data_signature = Schnorr.Sign(auth_private_key, message)
+```
+
+This prevents signatures from being reused across different protocols or transactions.
+
+### 6.3 Compression
+
+Use a standard compression algorithm like DEFLATE to maximize data packing efficiency. Ensure your application layer
+can handle decompression and verify the integrity of the decompressed data.
+
+### 6.4 Why SegWit Instead of Taproot?
+
+A common question is why P2WDA uses SegWit's P2WSH instead of the newer Taproot technology. This decision is deliberate
+and based on fundamental economics of block space usage. Understanding this choice illuminates the elegant design of
+P2WDA.
+
+#### The Block Space Reality
+
+When people first hear about P2WDA, they might assume it should use Taproot since it's Bitcoin's newest upgrade.
+However, Taproot would actually consume more block space for our use case, making it less efficient. This
+counterintuitive reality stems from how these technologies were designed for different purposes.
+
+Taproot offers two spending paths. The key path is remarkably efficient, requiring only a 64-byte Schnorr signature, but
+it cannot carry arbitrary data. To include data, you must use the script path, which requires a control block containing
+the internal public key, parity information, and Merkle proof of your script's inclusion in the taproot tree. Even with
+the simplest possible tree structure, this control block adds approximately 65 bytes of pure overhead.
+
+Let's examine the concrete numbers for storing 500 bytes of authenticated data:
+
+With P2WSH (what P2WDA uses), the witness contains the transaction signature (~72 bytes), your data (500 bytes), and the
+witness script (~40 bytes), totaling approximately 612 bytes, which equals 612 weight units.
+
+With Taproot's script path, you would need a Schnorr signature (64 bytes), your data (500 bytes), the tapscript (~40
+bytes), and the control block (~65 bytes), totaling approximately 669 bytes, which equals 669 weight units.
+
+This represents about 10% more block space consumption for identical functionality. When your goal is cost-efficient
+data storage, every byte matters, and this overhead directly translates to higher fees for users.
+
+### 6.4 Future Extensions
+
+- Use annexes (BIP490) to carry larger payloads if needed and stop requiring another signature in the witness stack
+- Explore multi-signature variants for collaborative data signing

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@btc-vision/transaction",
     "type": "module",
-    "version": "1.6.4",
+    "version": "1.6.5",
     "author": "BlobMaster41",
     "description": "OPNet transaction library allows you to create and sign transactions for the OPNet network.",
     "engines": {

package/src/_version.ts

@@ -1 +1 @@
-export const version = '1.6.4';
+export const version = '1.6.5';

package/src/generators/builders/P2WDAGenerator.ts

@@ -0,0 +1,174 @@
+import { Network, networks } from '@btc-vision/bitcoin';
+import { BinaryWriter } from '../../buffer/BinaryWriter.js';
+import { Feature, Features } from '../Features.js';
+import { Generator } from '../Generator.js';
+import { ChallengeSolution } from '../../epoch/ChallengeSolution.js';
+
+export class P2WDAGenerator extends Generator {
+    private static readonly P2WDA_VERSION = 0x01;
+
+    constructor(
+        senderPubKey: Buffer,
+        contractSaltPubKey: Buffer,
+        network: Network = networks.bitcoin,
+    ) {
+        super(senderPubKey, contractSaltPubKey, network);
+    }
+
+    /**
+     * Validate that operation data will fit in P2WDA witness fields
+     *
+     * @param dataSize Size of the operation data
+     * @param maxWitnessFields Maximum number of witness fields (default 10)
+     * @param maxBytesPerWitness Maximum bytes per witness field (default 80)
+     * @returns true if data will fit, false otherwise
+     */
+    public static validateWitnessSize(
+        dataSize: number,
+        maxWitnessFields: number = 10,
+        maxBytesPerWitness: number = 80,
+    ): boolean {
+        // Account for Schnorr signature (64 bytes) and compression
+        // Assume 30% compression ratio (conservative estimate)
+
+        const signatureSize = 64;
+        const compressionRatio = 0.7;
+
+        const totalSize = dataSize + signatureSize;
+        const compressedSize = Math.ceil(totalSize * compressionRatio);
+
+        const requiredFields = Math.ceil(compressedSize / maxBytesPerWitness);
+
+        return requiredFields <= maxWitnessFields;
+    }
+
+    /**
+     * Compile operation data for P2WDA witness embedding
+     *
+     * This creates a binary structure containing all operation information
+     * without Bitcoin script opcodes. The structure is:
+     *
+     * [version(1)] [header(12)] [contract(32)] [challenge_pubkey(33)] [challenge_solution(32)]
+     * [calldata_length(4)] [calldata] [features_length(2)] [features_data]
+     *
+     * @param calldata The compressed calldata for the contract interaction
+     * @param contractSecret The 32-byte contract secret
+     * @param challenge The challenge solution for epoch rewards
+     * @param maxPriority Maximum priority fee in satoshis
+     * @param features Optional features like access lists
+     * @returns Raw operation data ready for signing and compression
+     */
+    public compile(
+        calldata: Buffer,
+        contractSecret: Buffer,
+        challenge: ChallengeSolution,
+        maxPriority: bigint,
+        features: Feature<Features>[] = [],
+    ): Buffer {
+        if (!this.contractSaltPubKey) {
+            throw new Error('Contract salt public key not set');
+        }
+
+        if (contractSecret.length !== 32) {
+            throw new Error('Contract secret must be exactly 32 bytes');
+        }
+
+        const writer = new BinaryWriter();
+
+        // Version byte
+        writer.writeU8(P2WDAGenerator.P2WDA_VERSION);
+
+        // Header
+        writer.writeBytes(
+            this.getHeader(
+                maxPriority,
+                features.map((f) => f.opcode),
+            ),
+        );
+
+        // Contract secret
+        writer.writeBytes(contractSecret);
+
+        // Challenge components for epoch rewards
+        writer.writeBytes(challenge.publicKey.originalPublicKeyBuffer());
+        writer.writeBytes(challenge.solution);
+
+        // Calldata with length prefix
+        writer.writeU32(calldata.length);
+        writer.writeBytes(calldata);
+
+        // Features
+        this.writeFeatures(writer, features);
+
+        return Buffer.from(writer.getBuffer());
+    }
+
+    /**
+     * Create a minimal header for P2WDA operations
+     *
+     * The header contains essential transaction metadata in a compact format:
+     * [sender_pubkey_prefix(1)] [feature_flags(3)] [max_priority(8)]
+     *
+     * @param maxPriority Maximum priority fee
+     * @param features Feature opcodes to set in flags
+     * @returns 12-byte header
+     */
+    public override getHeader(maxPriority: bigint, features: Features[] = []): Buffer {
+        return super.getHeader(maxPriority, features);
+    }
+
+    /**
+     * Write features section to the operation data
+     *
+     * Features are encoded as:
+     * [feature_count(2)] [feature1_opcode(1)] [feature1_length(4)] [feature1_data] ...
+     *
+     * @param writer Binary writer to write to
+     * @param features Array of features to encode
+     */
+    private writeFeatures(writer: BinaryWriter, features: Feature<Features>[]): void {
+        // Write feature count
+        writer.writeU16(features.length);
+
+        for (const feature of features) {
+            // Write feature opcode
+            writer.writeU8(feature.opcode);
+
+            // Encode feature data
+            const encodedData = this.encodeFeatureData(feature);
+
+            // Write feature data with length prefix
+            writer.writeU32(encodedData.length);
+            writer.writeBytes(encodedData);
+        }
+    }
+
+    /**
+     * Encode a single feature's data
+     *
+     * Unlike the base Generator class, we don't split into chunks here
+     * since P2WDA handles chunking at the witness level
+     *
+     * @param feature The feature to encode
+     * @returns Encoded feature data
+     */
+    private encodeFeatureData(feature: Feature<Features>): Buffer {
+        switch (feature.opcode) {
+            case Features.ACCESS_LIST: {
+                // Access lists are already encoded efficiently by the parent class
+                const chunks = this.encodeFeature(feature);
+                // Flatten chunks since P2WDA doesn't need script-level chunking
+                return Buffer.concat(chunks.flat());
+            }
+
+            case Features.EPOCH_SUBMISSION: {
+                // Epoch submissions are also handled by parent
+                const chunks = this.encodeFeature(feature);
+                return Buffer.concat(chunks.flat());
+            }
+
+            default:
+                throw new Error(`Unknown feature type: ${feature.opcode}`);
+        }
+    }
+}

package/src/keypair/Address.ts

@@ -5,7 +5,9 @@ import { AddressVerificator } from './AddressVerificator.js';
 import { EcKeyPair } from './EcKeyPair.js';
 import { ContractAddress } from '../transaction/ContractAddress.js';
 import { BitcoinUtils } from '../utils/BitcoinUtils.js';
-import { ITimeLockOutput, TimeLockGenerator } from '../transaction/mineable/TimelockGenerator.js';
+import { TimeLockGenerator } from '../transaction/mineable/TimelockGenerator.js';
+import { IP2WSHAddress } from '../transaction/mineable/IP2WSHAddress.js';
+import { P2WDADetector } from '../p2wda/P2WDADetector.js';
 
 /**
  * Objects of type "Address" are the representation of tweaked public keys. They can be converted to different address formats.
@@ -19,6 +21,7 @@ export class Address extends Uint8Array {
     #keyPair: ECPairInterface | undefined;
     #uncompressed: UncompressedPublicKey | undefined;
     #tweakedUncompressed: Buffer | undefined;
+    #p2wda: IP2WSHAddress | undefined;
 
     public constructor(bytes?: ArrayLike<number>) {
         super(ADDRESS_BYTE_LENGTH);
@@ -318,6 +321,58 @@ export class Address extends Uint8Array {
         throw new Error('Public key not set');
     }
 
+    /**
+     * Generate a P2WDA (Pay-to-Witness-Data-Authentication) address
+     *
+     * P2WDA addresses are a special type of P2WSH address that allows embedding
+     * authenticated data directly in the witness field, achieving 75% cost reduction
+     * through Bitcoin's witness discount.
+     *
+     * The witness script pattern is: (OP_2DROP * 5) <pubkey> OP_CHECKSIG
+     * This allows up to 10 witness data fields (5 * 2 = 10), where each field
+     * can hold up to 80 bytes of data due to relay rules.
+     *
+     * @param {Network} network - The Bitcoin network to use
+     * @returns {IP2WSHAddress} The P2WDA address
+     * @throws {Error} If the public key is not set or address generation fails
+     *
+     * @example
+     * ```typescript
+     * const address = Address.fromString('0x02...');
+     * const p2wdaAddress = address.p2wda(networks.bitcoin);
+     * console.log(p2wdaAddress); // bc1q...
+     * ```
+     */
+    public p2wda(network: Network): IP2WSHAddress {
+        if (this.#p2wda && this.#network === network) {
+            return this.#p2wda;
+        }
+
+        if (!this.#originalPublicKey) {
+            throw new Error('Cannot create P2WDA address: public key not set');
+        }
+
+        const publicKeyBuffer = Buffer.from(this.#originalPublicKey);
+
+        if (publicKeyBuffer.length !== 33) {
+            throw new Error('P2WDA requires a compressed public key (33 bytes)');
+        }
+
+        try {
+            const p2wdaInfo = P2WDADetector.generateP2WDAAddress(publicKeyBuffer, network);
+
+            this.#network = network;
+            this.#p2wda = p2wdaInfo;
+
+            return {
+                address: p2wdaInfo.address,
+                witnessScript: p2wdaInfo.witnessScript,
+            };
+        } catch (error) {
+            throw new Error(`Failed to generate P2WDA address: ${(error as Error).message}`);
+        }
+    }
+
     /**
      * Generate a P2WSH address with CSV (CheckSequenceVerify) timelock
      * The resulting address can only be spent after the specified number of blocks
@@ -325,10 +380,10 @@ export class Address extends Uint8Array {
      *
      * @param {bigint | number | string} duration - The number of blocks that must pass before spending (1-65535)
      * @param {Network} network - The Bitcoin network to use
-     * @returns {ITimeLockOutput} The timelocked address and its witness script
+     * @returns {IP2WSHAddress} The timelocked address and its witness script
      * @throws {Error} If the block number is out of range or public key is not available
      */
-    public toCSV(duration: bigint | number | string, network: Network): ITimeLockOutput {
+    public toCSV(duration: bigint | number | string, network: Network): IP2WSHAddress {
         const n = Number(duration);
 
         // First, let's validate the block number to ensure it's within the valid range

package/src/keypair/AddressVerificator.ts

@@ -1,7 +1,8 @@
-import { address, initEccLib, Network } from '@btc-vision/bitcoin';
+import { address, initEccLib, Network, payments } from '@btc-vision/bitcoin';
 import * as ecc from '@bitcoinerlab/secp256k1';
 import { EcKeyPair } from './EcKeyPair.js';
 import { BitcoinUtils } from '../utils/BitcoinUtils.js';
+import { P2WDADetector } from '../p2wda/P2WDADetector.js';
 
 initEccLib(ecc);
 
@@ -13,6 +14,15 @@ export enum AddressTypes {
     P2TR = 'P2TR',
     P2WPKH = 'P2WPKH',
     P2WSH = 'P2WSH',
+    P2WDA = 'P2WDA',
+}
+
+export interface ValidatedP2WDAAddress {
+    readonly isValid: boolean;
+    readonly isPotentiallyP2WDA: boolean;
+    readonly isDefinitelyP2WDA: boolean;
+    readonly publicKey?: Buffer;
+    readonly error?: string;
 }
 
 export class AddressVerificator {
@@ -63,6 +73,22 @@ export class AddressVerificator {
         return isValidSegWitAddress;
     }
 
+    /**
+     * Check if a given witness script is a P2WDA witness script
+     *
+     * P2WDA witness scripts have a specific pattern:
+     * (OP_2DROP * 5) <pubkey> OP_CHECKSIG
+     *
+     * This pattern allows for 10 witness data fields (5 * 2 = 10),
+     * which can be used to embed authenticated operation data.
+     *
+     * @param witnessScript The witness script to check
+     * @returns true if this is a valid P2WDA witness script
+     */
+    public static isP2WDAWitnessScript(witnessScript: Buffer): boolean {
+        return P2WDADetector.isP2WDAWitnessScript(witnessScript);
+    }
+
     /**
      * Checks if the given address is a valid P2PKH or P2SH address.
      * @param addy - The address to check.
@@ -213,4 +239,117 @@ export class AddressVerificator {
 
         return null; // Not a valid or recognized Bitcoin address type
     }
+
+    /**
+     * Enhanced detectAddressType that provides hints about P2WDA
+     *
+     * Note: P2WDA addresses cannot be distinguished from regular P2WSH
+     * addresses without the witness script. When a P2WSH address is detected,
+     * it could potentially be P2WDA if it has the correct witness script.
+     *
+     * @param addy The address to analyze
+     * @param network The Bitcoin network
+     * @param witnessScript Optional witness script for P2WSH addresses
+     * @returns The address type, with P2WDA detection if witness script provided
+     */
+    public static detectAddressTypeWithWitnessScript(
+        addy: string,
+        network: Network,
+        witnessScript?: Buffer,
+    ): AddressTypes | null {
+        const baseType = AddressVerificator.detectAddressType(addy, network);
+
+        if (baseType === AddressTypes.P2WSH && witnessScript) {
+            if (AddressVerificator.isP2WDAWitnessScript(witnessScript)) {
+                return AddressTypes.P2WDA;
+            }
+        }
+
+        return baseType;
+    }
+
+    /**
+     * Validate a P2WDA address and extract information
+     *
+     * This method validates that an address is a properly formatted P2WSH
+     * address and, if a witness script is provided, verifies it matches
+     * the P2WDA pattern and corresponds to the address.
+     *
+     * @param address The address to validate
+     * @param network The Bitcoin network
+     * @param witnessScript Optional witness script to verify
+     * @returns Validation result with extracted information
+     */
+    public static validateP2WDAAddress(
+        address: string,
+        network: Network,
+        witnessScript?: Buffer,
+    ): ValidatedP2WDAAddress {
+        try {
+            const addressType = AddressVerificator.detectAddressType(address, network);
+            if (addressType !== AddressTypes.P2WSH) {
+                return {
+                    isValid: false,
+                    isPotentiallyP2WDA: false,
+                    isDefinitelyP2WDA: false,
+                    error: 'Not a P2WSH address',
+                };
+            }
+
+            if (!witnessScript) {
+                return {
+                    isValid: true,
+                    isPotentiallyP2WDA: true,
+                    isDefinitelyP2WDA: false,
+                };
+            }
+
+            if (!AddressVerificator.isP2WDAWitnessScript(witnessScript)) {
+                return {
+                    isValid: true,
+                    isPotentiallyP2WDA: true,
+                    isDefinitelyP2WDA: false,
+                    error: 'Witness script does not match P2WDA pattern',
+                };
+            }
+
+            const p2wsh = payments.p2wsh({
+                redeem: { output: witnessScript },
+                network,
+            });
+
+            if (p2wsh.address !== address) {
+                return {
+                    isValid: false,
+                    isPotentiallyP2WDA: false,
+                    isDefinitelyP2WDA: false,
+                    error: 'Witness script does not match address',
+                };
+            }
+
+            const publicKey = P2WDADetector.extractPublicKeyFromP2WDA(witnessScript);
+            if (!publicKey) {
+                return {
+                    isValid: false,
+                    isPotentiallyP2WDA: false,
+                    isDefinitelyP2WDA: false,
+                    error: 'Failed to extract public key from witness script',
+                };
+            }
+
+            return {
+                isValid: true,
+                isPotentiallyP2WDA: true,
+                isDefinitelyP2WDA: true,
+                publicKey,
+            };
+        } catch (error) {
+            return {
+                isValid: false,
+                isPotentiallyP2WDA: false,
+                isDefinitelyP2WDA: false,
+                error: (error as Error).message,
+            };
+        }
+    }
 }