@caravan/psbt 1.4.3 → 1.6.0

package/dist/index.d.ts

@@ -209,6 +209,65 @@ declare class PsbtV2 extends PsbtV2Maps {
      * validate the current state of the psbt.
      */
     private validate;
+    /**
+     * Sets the sequence number for a specific input in the transaction.
+     *
+     * This private helper method is crucial for implementing RBF and other
+     * sequence-based transaction features. It writes the provided sequence
+     * number as a 32-bit little-endian unsigned integer and stores it in the
+     * appropriate input's map using the PSBT_IN_SEQUENCE key.
+     *
+     * The sequence number has multiple uses in Bitcoin transactions:
+     * 1. Signaling RBF (values < 0xfffffffe)
+     * 2. Enabling nLockTime (values < 0xffffffff)
+     * 3. Relative timelock with BIP68 (if bit 31 is not set)
+     *
+     * According to BIP125 (Opt-in Full Replace-by-Fee Signaling):
+     *
+     * - For a transaction to be considered opt-in RBF, it must have at least
+     *   one input with a sequence number < 0xfffffffe.
+     * - The recommended sequence for RBF is 0xffffffff-2 (0xfffffffd).
+     *
+     * Sequence number meanings:
+     * - = 0xffffffff: Then the transaction is final no matter the nLockTime.
+     * - < 0xfffffffe: Transaction signals for RBF.
+     * - < 0xefffffff : Then the transaction signals BIP68 relative locktime.
+     *
+     * For using nLocktime along with Opt-in RBF, the sequence value
+     * should be between 0xf0000000 and 0xfffffffd.
+     *
+     * Care should be taken when setting sequence numbers to ensure the desired
+     * transaction properties are correctly signaled. Improper use can lead to
+     * unexpected transaction behavior or rejection by the network.
+     *
+     * References:
+     * - BIP125: Opt-in Full Replace-by-Fee Signaling
+     *   https://github.com/bitcoin/bips/blob/master/bip-0125.mediawiki
+     * - BIP68: Relative lock-time using consensus-enforced sequence numbers
+     *   https://github.com/bitcoin/bips/blob/master/bip-0068.mediawiki
+     */
+    setInputSequence(inputIndex: number, sequence: number): void;
+    /**
+     * Checks if the transaction signals Replace-by-Fee (RBF).
+     *
+     * This method determines whether the transaction is eligible for RBF by
+     * examining the sequence numbers of all inputs. As per BIP125, a transaction
+     * is considered to have opted in to RBF if it contains at least one input
+     * with a sequence number less than (0xffffffff - 1).
+     *
+     * Return value:
+     * - true: If any input has a sequence number < 0xfffffffe, indicating RBF.
+     * - false: If all inputs have sequence numbers >= 0xfffffffe, indicating no RBF.
+     *
+     * This method is useful for wallets, block explorers, or any service that
+     * needs to determine if a transaction can potentially be replaced before
+     * confirmation.
+     *
+     * References:
+     * - BIP125: Opt-in Full Replace-by-Fee Signaling
+     *   https://github.com/bitcoin/bips/blob/master/bip-0125.mediawiki
+     */
+    get isRBFSignaled(): boolean;
     /**
      * This method is provided for compatibility issues and probably shouldn't be
      * used since a PsbtV2 with PSBT_GLOBAL_TX_VERSION = 1 is BIP0370

package/dist/index.js

@@ -789,6 +789,81 @@ var PsbtV2 = class _PsbtV2 extends PsbtV2Maps {
       }
     }
   }
+  /**
+   * Sets the sequence number for a specific input in the transaction.
+   *
+   * This private helper method is crucial for implementing RBF and other
+   * sequence-based transaction features. It writes the provided sequence
+   * number as a 32-bit little-endian unsigned integer and stores it in the
+   * appropriate input's map using the PSBT_IN_SEQUENCE key.
+   *
+   * The sequence number has multiple uses in Bitcoin transactions:
+   * 1. Signaling RBF (values < 0xfffffffe)
+   * 2. Enabling nLockTime (values < 0xffffffff)
+   * 3. Relative timelock with BIP68 (if bit 31 is not set)
+   *
+   * According to BIP125 (Opt-in Full Replace-by-Fee Signaling):
+   *
+   * - For a transaction to be considered opt-in RBF, it must have at least
+   *   one input with a sequence number < 0xfffffffe.
+   * - The recommended sequence for RBF is 0xffffffff-2 (0xfffffffd).
+   *
+   * Sequence number meanings:
+   * - = 0xffffffff: Then the transaction is final no matter the nLockTime.
+   * - < 0xfffffffe: Transaction signals for RBF.
+   * - < 0xefffffff : Then the transaction signals BIP68 relative locktime.
+   *
+   * For using nLocktime along with Opt-in RBF, the sequence value
+   * should be between 0xf0000000 and 0xfffffffd.
+   *
+   * Care should be taken when setting sequence numbers to ensure the desired
+   * transaction properties are correctly signaled. Improper use can lead to
+   * unexpected transaction behavior or rejection by the network.
+   *
+   * References:
+   * - BIP125: Opt-in Full Replace-by-Fee Signaling
+   *   https://github.com/bitcoin/bips/blob/master/bip-0125.mediawiki
+   * - BIP68: Relative lock-time using consensus-enforced sequence numbers
+   *   https://github.com/bitcoin/bips/blob/master/bip-0068.mediawiki
+   */
+  setInputSequence(inputIndex, sequence) {
+    if (!this.isReadyForUpdater) {
+      throw new Error(
+        "PSBT is not ready for the Updater role. Sequence cannot be changed."
+      );
+    }
+    if (inputIndex < 0 || inputIndex >= this.PSBT_GLOBAL_INPUT_COUNT) {
+      throw new Error(`Input at index ${inputIndex} does not exist.`);
+    }
+    const bw = new import_bufio3.BufferWriter();
+    bw.writeU32(sequence);
+    this.inputMaps[inputIndex].set("10" /* PSBT_IN_SEQUENCE */, bw.render());
+  }
+  /**
+   * Checks if the transaction signals Replace-by-Fee (RBF).
+   *
+   * This method determines whether the transaction is eligible for RBF by
+   * examining the sequence numbers of all inputs. As per BIP125, a transaction
+   * is considered to have opted in to RBF if it contains at least one input
+   * with a sequence number less than (0xffffffff - 1).
+   *
+   * Return value:
+   * - true: If any input has a sequence number < 0xfffffffe, indicating RBF.
+   * - false: If all inputs have sequence numbers >= 0xfffffffe, indicating no RBF.
+   *
+   * This method is useful for wallets, block explorers, or any service that
+   * needs to determine if a transaction can potentially be replaced before
+   * confirmation.
+   *
+   * References:
+   * - BIP125: Opt-in Full Replace-by-Fee Signaling
+   *   https://github.com/bitcoin/bips/blob/master/bip-0125.mediawiki
+   */
+  get isRBFSignaled() {
+    return this.PSBT_IN_SEQUENCE.some(
+      (seq) => seq !== null && seq < 4294967294
+    );
+  }
   /**
    * This method is provided for compatibility issues and probably shouldn't be
    * used since a PsbtV2 with PSBT_GLOBAL_TX_VERSION = 1 is BIP0370
@@ -93949,11 +94024,6 @@ var getHashForSignature = (psbt, inputIndex, inputAmount, sigHashFlag = import_b
   throw new Error("No redeem or witness script found for input.");
 };
 function translatePSBT(network, addressType, psbt, signingKeyDetails) {
-  if (addressType !== import_bitcoin4.P2SH) {
-    throw new Error(
-      "Unsupported addressType -- only P2SH is supported right now"
-    );
-  }
   const localPSBT = autoLoadPSBT(psbt, { network: (0, import_bitcoin4.networkData)(network) });
   if (localPSBT === null)
     return null;
@@ -93976,12 +94046,17 @@ function translatePSBT(network, addressType, psbt, signingKeyDetails) {
 function getUnchainedInputsFromPSBT(network, addressType, psbt) {
   return psbt.txInputs.map((input, index) => {
     const dataInput = psbt.data.inputs[index];
+    const spendingScript = dataInput.witnessScript || dataInput.redeemScript;
+    if (!dataInput?.nonWitnessUtxo && addressType === import_bitcoin4.P2WSH) {
+      throw new Error(`Non-witness UTXO now required for P2WSH
+inputs to protect against large fee attack`);
+    }
     const fundingTxHex = dataInput.nonWitnessUtxo.toString("hex");
     const fundingTx = import_bitcoinjs_lib_v63.Transaction.fromHex(fundingTxHex);
     const multisig = (0, import_bitcoin4.generateMultisigFromHex)(
       network,
       addressType,
-      dataInput.redeemScript.toString("hex")
+      spendingScript.toString("hex")
     );
     return {
       amountSats: fundingTx.outs[input.index].value,

package/dist/index.mjs

@@ -748,6 +748,81 @@ var PsbtV2 = class _PsbtV2 extends PsbtV2Maps {
       }
     }
   }
+  /**
+   * Sets the sequence number for a specific input in the transaction.
+   *
+   * This private helper method is crucial for implementing RBF and other
+   * sequence-based transaction features. It writes the provided sequence
+   * number as a 32-bit little-endian unsigned integer and stores it in the
+   * appropriate input's map using the PSBT_IN_SEQUENCE key.
+   *
+   * The sequence number has multiple uses in Bitcoin transactions:
+   * 1. Signaling RBF (values < 0xfffffffe)
+   * 2. Enabling nLockTime (values < 0xffffffff)
+   * 3. Relative timelock with BIP68 (if bit 31 is not set)
+   *
+   * According to BIP125 (Opt-in Full Replace-by-Fee Signaling):
+   *
+   * - For a transaction to be considered opt-in RBF, it must have at least
+   *   one input with a sequence number < 0xfffffffe.
+   * - The recommended sequence for RBF is 0xffffffff-2 (0xfffffffd).
+   *
+   * Sequence number meanings:
+   * - = 0xffffffff: Then the transaction is final no matter the nLockTime.
+   * - < 0xfffffffe: Transaction signals for RBF.
+   * - < 0xefffffff : Then the transaction signals BIP68 relative locktime.
+   *
+   * For using nLocktime along with Opt-in RBF, the sequence value
+   * should be between 0xf0000000 and 0xfffffffd.
+   *
+   * Care should be taken when setting sequence numbers to ensure the desired
+   * transaction properties are correctly signaled. Improper use can lead to
+   * unexpected transaction behavior or rejection by the network.
+   *
+   * References:
+   * - BIP125: Opt-in Full Replace-by-Fee Signaling
+   *   https://github.com/bitcoin/bips/blob/master/bip-0125.mediawiki
+   * - BIP68: Relative lock-time using consensus-enforced sequence numbers
+   *   https://github.com/bitcoin/bips/blob/master/bip-0068.mediawiki
+   */
+  setInputSequence(inputIndex, sequence) {
+    if (!this.isReadyForUpdater) {
+      throw new Error(
+        "PSBT is not ready for the Updater role. Sequence cannot be changed."
+      );
+    }
+    if (inputIndex < 0 || inputIndex >= this.PSBT_GLOBAL_INPUT_COUNT) {
+      throw new Error(`Input at index ${inputIndex} does not exist.`);
+    }
+    const bw = new BufferWriter3();
+    bw.writeU32(sequence);
+    this.inputMaps[inputIndex].set("10" /* PSBT_IN_SEQUENCE */, bw.render());
+  }
+  /**
+   * Checks if the transaction signals Replace-by-Fee (RBF).
+   *
+   * This method determines whether the transaction is eligible for RBF by
+   * examining the sequence numbers of all inputs. As per BIP125, a transaction
+   * is considered to have opted in to RBF if it contains at least one input
+   * with a sequence number less than (0xffffffff - 1).
+   *
+   * Return value:
+   * - true: If any input has a sequence number < 0xfffffffe, indicating RBF.
+   * - false: If all inputs have sequence numbers >= 0xfffffffe, indicating no RBF.
+   *
+   * This method is useful for wallets, block explorers, or any service that
+   * needs to determine if a transaction can potentially be replaced before
+   * confirmation.
+   *
+   * References:
+   * - BIP125: Opt-in Full Replace-by-Fee Signaling
+   *   https://github.com/bitcoin/bips/blob/master/bip-0125.mediawiki
+   */
+  get isRBFSignaled() {
+    return this.PSBT_IN_SEQUENCE.some(
+      (seq) => seq !== null && seq < 4294967294
+    );
+  }
   /**
    * This method is provided for compatibility issues and probably shouldn't be
    * used since a PsbtV2 with PSBT_GLOBAL_TX_VERSION = 1 is BIP0370
@@ -1166,6 +1241,7 @@ import {
   multisigSignatureBuffer,
   networkData,
   P2SH as P2SH2,
+  P2WSH as P2WSH2,
   signatureNoSighashType
 } from "@caravan/bitcoin";
 import { Psbt as Psbt3, Transaction } from "bitcoinjs-lib-v6";
@@ -93927,11 +94003,6 @@ var getHashForSignature = (psbt, inputIndex, inputAmount, sigHashFlag = Transact
   throw new Error("No redeem or witness script found for input.");
 };
 function translatePSBT(network, addressType, psbt, signingKeyDetails) {
-  if (addressType !== P2SH2) {
-    throw new Error(
-      "Unsupported addressType -- only P2SH is supported right now"
-    );
-  }
   const localPSBT = autoLoadPSBT(psbt, { network: networkData(network) });
   if (localPSBT === null)
     return null;
@@ -93954,12 +94025,17 @@ function translatePSBT(network, addressType, psbt, signingKeyDetails) {
 function getUnchainedInputsFromPSBT(network, addressType, psbt) {
   return psbt.txInputs.map((input, index) => {
     const dataInput = psbt.data.inputs[index];
+    const spendingScript = dataInput.witnessScript || dataInput.redeemScript;
+    if (!dataInput?.nonWitnessUtxo && addressType === P2WSH2) {
+      throw new Error(`Non-witness UTXO now required for P2WSH
+inputs to protect against large fee attack`);
+    }
     const fundingTxHex = dataInput.nonWitnessUtxo.toString("hex");
     const fundingTx = Transaction.fromHex(fundingTxHex);
     const multisig = generateMultisigFromHex(
       network,
       addressType,
-      dataInput.redeemScript.toString("hex")
+      spendingScript.toString("hex")
     );
     return {
       amountSats: fundingTx.outs[input.index].value,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@caravan/psbt",
-  "version": "1.4.3",
+  "version": "1.6.0",
   "description": "typescript library for working with PSBTs",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -51,6 +51,7 @@
   "author": "unchained capital",
   "license": "ISC",
   "devDependencies": {
+    "@caravan/bip32": "*",
     "@caravan/eslint-config": "*",
     "@caravan/multisig": "*",
     "@caravan/typescript-config": "*",