@dynamic-labs-wallet/btc 0.0.0-pr506.0 → 0.0.0-pr534.2

package/index.cjs.js

@@ -1,5 +1,1226 @@
 'use strict';
 
-const version = '0.0.1';
+var browser = require('@dynamic-labs-wallet/browser');
+var bitcoin = require('bitcoinjs-lib');
+var ecc = require('@bitcoinerlab/secp256k1');
+var bip322Js = require('bip322-js');
+var bs58 = require('bs58');
+var sha256 = require('@noble/hashes/sha256');
 
-exports.version = version;
+function _interopNamespaceDefault(e) {
+    var n = Object.create(null);
+    if (e) {
+        Object.keys(e).forEach(function (k) {
+            if (k !== 'default') {
+                var d = Object.getOwnPropertyDescriptor(e, k);
+                Object.defineProperty(n, k, d.get ? d : {
+                    enumerable: true,
+                    get: function () { return e[k]; }
+                });
+            }
+        });
+    }
+    n.default = e;
+    return Object.freeze(n);
+}
+
+var bitcoin__namespace = /*#__PURE__*/_interopNamespaceDefault(bitcoin);
+
+function _extends() {
+    _extends = Object.assign || function assign(target) {
+        for(var i = 1; i < arguments.length; i++){
+            var source = arguments[i];
+            for(var key in source)if (Object.prototype.hasOwnProperty.call(source, key)) target[key] = source[key];
+        }
+        return target;
+    };
+    return _extends.apply(this, arguments);
+}
+
+/**
+ * Helper to handle Buffer/Uint8Array compatibility issues
+ *
+ * @param data - The data to convert to a Buffer
+ * @returns The Buffer representation of the data
+ */ const toBuffer = (data)=>{
+    if (Buffer.isBuffer(data)) return data;
+    return Buffer.from(data);
+};
+
+/**
+ * Maps a BitcoinNetwork string to a bitcoinjs-lib Network object.
+ *
+ * @param network - The network identifier ('mainnet' or 'testnet').
+ * @returns The corresponding bitcoinjs-lib Network object. Defaults to bitcoin mainnet if the network is not recognized.
+ */ function getBitcoinNetwork(network) {
+    switch(network){
+        case 'mainnet':
+            return bitcoin__namespace.networks.bitcoin;
+        case 'testnet':
+            return bitcoin__namespace.networks.testnet;
+        default:
+            return bitcoin__namespace.networks.bitcoin;
+    }
+}
+
+/**
+ * Creates a native SegWit P2WPKH address
+ *
+ * @param pubKey - The public key
+ * @param networkName - The network name
+ * @returns The native SegWit address
+ */ const createNativeSegWitAddress = (pubKey, networkName)=>{
+    const network = getBitcoinNetwork(networkName);
+    // Convert to Uint8Array
+    let pubKeyArray = Uint8Array.from(pubKey);
+    // If it's an uncompressed key (65 bytes), compress it (33 bytes)
+    if (pubKeyArray.length === 65) {
+        // Uncompressed format: 0x04 || x (32 bytes) || y (32 bytes)
+        // Compressed format: 0x02 or 0x03 || x (32 bytes)
+        const y = pubKeyArray[64];
+        const compressedX = pubKeyArray.slice(1, 33); // Skip the 0x04 prefix, take x (32 bytes)
+        const compressed = new Uint8Array(33);
+        compressed[0] = y % 2 === 0 ? 0x02 : 0x03; // Even y -> 0x02, Odd y -> 0x03
+        compressed.set(compressedX, 1);
+        pubKeyArray = compressed;
+    }
+    const { address } = bitcoin.payments.p2wpkh({
+        pubkey: toBuffer(pubKeyArray),
+        network
+    });
+    return address || '';
+};
+
+let isInitialized = false;
+/**
+ * Initializes the ECC library if not already initialized
+ */ const initEccLib = ()=>{
+    if (isInitialized) return;
+    bitcoin.initEccLib(ecc);
+    isInitialized = true;
+};
+
+/**
+ * Creates a Taproot P2TR address
+ *
+ * @param pubKey - The public key
+ * @param networkName - The network name
+ * @returns The Taproot address
+ */ const createTaprootAddress = (pubKey, networkName)=>{
+    initEccLib();
+    const network = getBitcoinNetwork(networkName);
+    // For Taproot, we need the 32-byte x-only public key
+    const xOnlyPubKey = pubKey.subarray(-32);
+    const xOnlyPubKeyArray = Uint8Array.from(xOnlyPubKey);
+    const { address } = bitcoin.payments.p2tr({
+        internalPubkey: toBuffer(xOnlyPubKeyArray),
+        network
+    });
+    if (!address) {
+        throw new Error('Failed to create Taproot address');
+    }
+    return address;
+};
+
+/**
+ * Converts a public key to a Bitcoin address
+ *
+ * @param publicKey - The public key
+ * @param addressType - The address type (default: TAPROOT)
+ * @param network - The Bitcoin network (default: 'mainnet')
+ * @returns The Bitcoin address
+ */ const publicKeyToBitcoinAddress = (publicKey, addressType = browser.BitcoinAddressType.TAPROOT, network = 'mainnet')=>{
+    initEccLib();
+    // Convert to Uint8Array to Buffer if needed
+    const pubKeyBuffer = toBuffer(publicKey);
+    switch(addressType){
+        case browser.BitcoinAddressType.NATIVE_SEGWIT:
+            return createNativeSegWitAddress(pubKeyBuffer, network);
+        case browser.BitcoinAddressType.TAPROOT:
+            return createTaprootAddress(pubKeyBuffer, network);
+        default:
+            throw new Error(`Unsupported address type: ${addressType}`);
+    }
+};
+
+/**
+ * Converts a public key input (various formats) to a Buffer.
+ * Handles objects with `pubkey` property, numeric key maps, `serializeUncompressed` methods, etc.
+ *
+ * @param pubkey - The raw public key input
+ * @returns The public key as a Buffer
+ */ const convertPublicKeyToBuffer = (pubkey)=>{
+    const actualPubkey = pubkey;
+    if (Buffer.isBuffer(actualPubkey)) {
+        return actualPubkey;
+    }
+    if (actualPubkey instanceof Uint8Array) {
+        return Buffer.from(actualPubkey);
+    }
+    if (typeof actualPubkey === 'string') {
+        const result = Buffer.from(actualPubkey, 'hex');
+        if (result.length === 0) {
+            throw new Error('Invalid public key format');
+        }
+        return result;
+    }
+    if (typeof actualPubkey === 'object' && actualPubkey !== null) {
+        return convertObjectToBuffer(actualPubkey);
+    }
+    throw new Error('Invalid public key format');
+};
+const convertObjectToBuffer = (actualPubkey)=>{
+    if ('pubkey' in actualPubkey) {
+        return convertPublicKeyToBuffer(actualPubkey.pubkey);
+    }
+    if ('serializeUncompressed' in actualPubkey && typeof actualPubkey.serializeUncompressed === 'function') {
+        return Buffer.from(actualPubkey.serializeUncompressed());
+    }
+    const keys = Object.keys(actualPubkey).map(Number).filter((k)=>!Number.isNaN(k)).sort((a, b)=>a - b);
+    if (keys.length > 0) {
+        return Buffer.from(keys.map((k)=>actualPubkey[k]));
+    }
+    throw new Error('Invalid public key object');
+};
+
+/**
+ * Normalizes a public key buffer for Taproot (P2TR).
+ * Ensures the result is a 32-byte x-only key.
+ *
+ * @param buffer - The public key buffer
+ * @returns The 32-byte x-only public key buffer
+ */ const normalizeForTaproot = (buffer)=>{
+    if (buffer.length === 32) return buffer;
+    if (buffer.length === 33) return buffer.subarray(1, 33);
+    if (buffer.length === 65) return buffer.subarray(1, 33);
+    if (buffer.length === 64) return buffer.subarray(0, 32);
+    throw new Error(`Unexpected public key length for Taproot: ${buffer.length}`);
+};
+
+/**
+ * Normalizes a public key buffer for Compressed formats (Legacy, SegWit, Native SegWit).
+ * Ensures the result is a 33-byte compressed key.
+ *
+ * @param buffer - The public key buffer
+ * @returns The 33-byte compressed public key buffer
+ */ const normalizeForCompressed = (buffer)=>{
+    if (buffer.length === 33) {
+        return buffer;
+    }
+    if (buffer.length === 65 && buffer[0] === 0x04) {
+        // Uncompressed standard (04 + X + Y)
+        const x = buffer.subarray(1, 33);
+        const yLastByte = buffer[64];
+        return compressPublicKey(x, yLastByte);
+    }
+    if (buffer.length === 64) {
+        // Raw X + Y (missing 04 prefix)
+        const x = buffer.subarray(0, 32);
+        const yLastByte = buffer[63];
+        return compressPublicKey(x, yLastByte);
+    }
+    throw new Error(`Unexpected public key length: ${buffer.length}`);
+};
+const compressPublicKey = (x, yLastByte)=>{
+    const prefix = yLastByte % 2 === 0 ? 0x02 : 0x03;
+    return Buffer.concat([
+        Buffer.from([
+            prefix
+        ]),
+        x
+    ]);
+};
+
+/**
+ * Normalizes a public key to a standard Buffer format
+ * Handles various input types (Uint8Array, Buffer, object with pubKeyAsHex, etc.)
+ * and formats (32-byte x-only, 33-byte compressed, 65-byte uncompressed)
+ * based on the target address type.
+ *
+ * @param pubkey - The raw public key input
+ * @param addressType - The target Bitcoin address type
+ * @returns The normalized public key as a Buffer
+ */ const normalizePublicKey = (pubkey, addressType)=>{
+    const buffer = convertPublicKeyToBuffer(pubkey);
+    if (addressType === browser.BitcoinAddressType.TAPROOT) {
+        return normalizeForTaproot(buffer);
+    }
+    return normalizeForCompressed(buffer);
+};
+
+/**
+ * Infers the Bitcoin address type from a BIP-44 derivation path
+ *
+ * @param derivationPathStr - The derivation path string (e.g. "m/44'/0'/0'/0/0" as JSON or string)
+ * @returns The inferred BitcoinAddressType
+ */ const getAddressTypeFromDerivationPath = (derivationPathStr)=>{
+    const derivationPathObj = JSON.parse(derivationPathStr);
+    const path = Object.values(derivationPathObj).map(Number);
+    if (path.length < 2) throw new Error('Invalid derivation path length');
+    const purpose = path[0];
+    // Handle both raw and hardened just in case, or just raw if strictly non-hardened
+    // 44 = 0x2C (Legacy), 49 = 0x31 (SegWit P2SH), 84 = 0x54 (Native SegWit), 86 = 0x56 (Taproot)
+    const purposeIndex = purpose >= 0x80000000 ? purpose - 0x80000000 : purpose;
+    let addressType;
+    switch(purposeIndex){
+        case 84:
+            addressType = browser.BitcoinAddressType.NATIVE_SEGWIT;
+            break;
+        case 86:
+            addressType = browser.BitcoinAddressType.TAPROOT;
+            break;
+        default:
+            throw new Error(`Unknown derivation path purpose: ${purposeIndex}`);
+    }
+    return addressType;
+};
+
+/**
+ * Calculates the hash to be signed for a BIP-322 message verification
+ *
+ * @param message - The message to sign
+ * @param pubKey - The public key of the signer
+ * @param addressType - The address type (e.g. TAPROOT, SEGWIT)
+ * @param network - The Bitcoin network
+ * @returns The formatted message hash and the PSBT to be signed
+ */ const calculateBip322Hash = (message, pubKey, addressType, network)=>{
+    // Normalize key and derive address
+    const normalizedKey = normalizePublicKey(pubKey, addressType);
+    const address = publicKeyToBitcoinAddress(normalizedKey, addressType, network);
+    if (!address) {
+        throw new Error('Failed to generate address for BIP-322');
+    }
+    const scriptPubKey = bip322Js.Address.convertAdressToScriptPubkey(address);
+    const toSpendTx = bip322Js.BIP322.buildToSpendTx(message, scriptPubKey);
+    const toSignPsbt = bip322Js.BIP322.buildToSignTx(toSpendTx.getId(), scriptPubKey);
+    // Calculate Hash to Sign
+    const txToSign = toSignPsbt.__CACHE.__TX; // Access underlying TX like prototype
+    let hashToSign;
+    if (addressType === browser.BitcoinAddressType.TAPROOT) {
+        // Taproot (BIP-341) Signing
+        const prevOutScripts = [
+            scriptPubKey
+        ];
+        const values = [
+            0
+        ]; // BIP-322 value
+        // Cast to any to avoid type issues if definition is missing
+        hashToSign = Buffer.from(txToSign.hashForWitnessV1(0, prevOutScripts, values, bitcoin__namespace.Transaction.SIGHASH_DEFAULT // Default sighash for Taproot
+        ));
+    } else {
+        // SegWit (BIP-143) Signing (P2WPKH)
+        const txToSignSegwit = new bitcoin__namespace.Transaction();
+        txToSignSegwit.version = 0;
+        txToSignSegwit.locktime = 0;
+        const prevTxId = toSpendTx.getId();
+        const prevHash = Buffer.from(prevTxId, 'hex').reverse();
+        txToSignSegwit.addInput(prevHash, 0, 0);
+        txToSignSegwit.addOutput(Buffer.from([
+            0x6a
+        ]), BigInt(0));
+        const p2pkh = bitcoin__namespace.payments.p2pkh({
+            pubkey: normalizedKey,
+            network: network === 'testnet' ? bitcoin__namespace.networks.testnet : bitcoin__namespace.networks.bitcoin
+        });
+        const scriptCode = p2pkh.output;
+        if (!scriptCode) throw new Error('Failed to generate scriptCode');
+        hashToSign = txToSignSegwit.hashForWitnessV0(0, scriptCode, BigInt(0), bitcoin__namespace.Transaction.SIGHASH_ALL);
+    }
+    return {
+        formattedMessage: new Uint8Array(hashToSign),
+        toSignPsbt
+    };
+};
+
+/**
+ * Encodes the signature into the BIP-322 witness format
+ *
+ * @param toSignPsbt - The PSBT that was signed
+ * @param pubKey - The public key of the signer
+ * @param signature - The signature produced by the signer
+ * @param addressType - The address type
+ * @returns The base64 encoded BIP-322 signature
+ */ const encodeBip322Signature = (toSignPsbt, pubKey, signature, addressType)=>{
+    const normalizedKey = normalizePublicKey(pubKey, addressType);
+    if (addressType === browser.BitcoinAddressType.TAPROOT) {
+        // Prototype logic: direct update
+        // Signature from MPC should be 64 bytes (r|s)
+        let sigBuffer;
+        if (signature instanceof Uint8Array || Buffer.isBuffer(signature)) {
+            sigBuffer = Buffer.from(signature);
+        } else {
+            // ECDSA signature object? Should be raw bytes for Schnorr/BIP340
+            // If it's EcdsaSignature (r,s), concat them.
+            const r = signature.r;
+            const s = signature.s;
+            const rBuf = Buffer.isBuffer(r) ? r : Buffer.from(r);
+            const sBuf = Buffer.isBuffer(s) ? s : Buffer.from(s);
+            sigBuffer = Buffer.concat([
+                rBuf,
+                sBuf
+            ]);
+        }
+        toSignPsbt.updateInput(0, {
+            tapKeySig: sigBuffer
+        });
+    } else {
+        // Serialize the signature (COMPACT SIGNATURE)
+        const r = signature.r;
+        const s = signature.s;
+        const compactSignature = Buffer.concat([
+            Buffer.from(r),
+            Buffer.from(s)
+        ]);
+        // Apply Signature
+        const mpcSignerForPsbt = {
+            publicKey: normalizedKey,
+            sign: (_hash)=>{
+                return compactSignature;
+            }
+        };
+        // Sign the input
+        toSignPsbt.signInput(0, mpcSignerForPsbt);
+    }
+    // Finalize the inputs
+    toSignPsbt.finalizeAllInputs();
+    // Encode Final Result
+    return bip322Js.BIP322.encodeWitness(toSignPsbt);
+};
+
+initEccLib();
+/**
+ * Converts a private key (hex string) to Bitcoin WIF (Wallet Import Format)
+ * WIF is the standard format that Bitcoin wallets expect for importing private keys
+ * 
+ * WIF encoding steps:
+ * 1. Add network prefix (0x80 for mainnet, 0xef for testnet/regtest)
+ * 2. Add compression flag (0x01) for compressed public keys (used for SegWit)
+ * 3. Calculate checksum (double SHA-256, take first 4 bytes)
+ * 4. Base58 encode the result
+ * 
+ * @param privateKey - Private key as hex string (with or without 0x prefix)
+ * @param network - Bitcoin network (mainnet, testnet)
+ * @param options - Optional configuration
+ * @param options.compressed - Whether to use compressed format (default: true for SegWit compatibility)
+ * @param options.onWarning - Optional callback for warnings (e.g., unexpected key length)
+ * @returns WIF-encoded private key string
+ * @throws Error if conversion fails
+ */ const privateKeyToWIF = (privateKey, network = 'mainnet', options)=>{
+    const { compressed = true, onWarning } = options || {};
+    try {
+        // Remove 0x prefix if present
+        const cleanPrivateKey = privateKey.startsWith('0x') ? privateKey.slice(2) : privateKey;
+        // Validate hex string length (should be 64 characters = 32 bytes)
+        if (cleanPrivateKey.length !== 64) {
+            onWarning == null ? void 0 : onWarning('Unexpected private key length', {
+                length: cleanPrivateKey.length,
+                expected: 64
+            });
+        }
+        // Convert hex to Uint8Array
+        const privateKeyBytes = new Uint8Array(cleanPrivateKey.match(/.{1,2}/g).map((byte)=>Number.parseInt(byte, 16)));
+        // Step 1: Get network prefix from bitcoinjs-lib network
+        const networkConfig = getBitcoinNetwork(network);
+        const networkPrefix = networkConfig.wif;
+        // Step 2: Build extended key with network prefix and optional compression flag
+        // For Native SegWit and SegWit, we use compressed format (0x01 flag)
+        const extendedKeyLength = compressed ? 34 : 33; // 1 byte prefix + 32 bytes key + (optional) 1 byte compression
+        const extendedKey = new Uint8Array(extendedKeyLength);
+        extendedKey[0] = networkPrefix;
+        extendedKey.set(privateKeyBytes, 1);
+        if (compressed) {
+            extendedKey[33] = 0x01; // Compression flag for SegWit addresses
+        }
+        // Step 3: Calculate checksum (double SHA-256, take first 4 bytes)
+        const firstHash = sha256.sha256(extendedKey);
+        const secondHash = sha256.sha256(firstHash);
+        const checksum = secondHash.slice(0, 4);
+        // Step 4: Append checksum and Base58 encode
+        const wifBytes = new Uint8Array(extendedKey.length + checksum.length);
+        wifBytes.set(extendedKey, 0);
+        wifBytes.set(checksum, extendedKey.length);
+        const wif = bs58.encode(wifBytes);
+        return wif;
+    } catch (error) {
+        // Re-throw with more context
+        throw new Error(`Failed to convert private key to WIF: ${error instanceof Error ? error.message : String(error)}`);
+    }
+};
+
+/**
+ * Converts an ECDSA signature to DER format
+ *
+ * @param signature - The ECDSA signature
+ * @returns The DER encoded signature
+ */ const convertSignatureToDER = (signature)=>{
+    // Construct raw 64-byte signature (r + s) using Uint8Array to ensure compatibility
+    const r = signature.r instanceof Uint8Array ? signature.r : new Uint8Array(signature.r);
+    const s = signature.s instanceof Uint8Array ? signature.s : new Uint8Array(signature.s);
+    // Enforce 32-byte length (padding or slicing if needed)
+    const r32 = new Uint8Array(32);
+    const rSource = r.length > 32 ? r.slice(-32) : r;
+    r32.set(rSource, 32 - rSource.length);
+    const s32 = new Uint8Array(32);
+    const sSource = s.length > 32 ? s.slice(-32) : s;
+    s32.set(sSource, 32 - sSource.length);
+    const rawSignature = new Uint8Array(64);
+    rawSignature.set(r32, 0);
+    rawSignature.set(s32, 32);
+    const derSignature = bitcoin__namespace.script.signature.encode(rawSignature, bitcoin__namespace.Transaction.SIGHASH_ALL);
+    return derSignature;
+};
+
+/**
+ * Helper to get the default RPC URL
+ *
+ * @param network - The Bitcoin network
+ * @returns The default RPC URL
+ */ const getDefaultRpcUrl = (network)=>{
+    return network === 'mainnet' ? 'https://mempool.space/api' : 'https://mempool.space/testnet/api';
+};
+
+/**
+ * Fetches UTXOs for a given address using mempool.space API
+ *
+ * @param address - The address to fetch UTXOs for
+ * @param network - The Bitcoin network (default: 'mainnet')
+ * @param rpcUrl - Optional custom RPC URL
+ * @returns The list of UTXOs
+ */ const getUTXOs = async ({ address, network = 'mainnet', rpcUrl })=>{
+    const baseUrl = rpcUrl || getDefaultRpcUrl(network);
+    try {
+        const response = await fetch(`${baseUrl}/address/${address}/utxo`);
+        if (!response.ok) {
+            throw new Error(`Failed to fetch UTXOs: ${response.statusText}`);
+        }
+        const utxos = await response.json();
+        return utxos.map((utxo)=>({
+                txid: utxo.txid,
+                vout: utxo.vout,
+                value: BigInt(utxo.value)
+            }));
+    } catch (error) {
+        throw new Error(`Error fetching UTXOs: ${error}`);
+    }
+};
+
+/**
+ * Simple greedy coin selection
+ *
+ * @param utxos - The list of UTXOs to select from
+ * @param amount - The amount to spend
+ * @param feeRate - The fee rate in sat/vByte
+ * @returns The selected inputs, change amount, and fee
+ */ const selectUTXOs = ({ utxos, amount, feeRate })=>{
+    // Sort by value descending
+    const sorted = [
+        ...utxos
+    ].sort((a, b)=>Number(b.value - a.value));
+    const inputs = [];
+    let totalInput = 0n;
+    // Basic fee estimation constants
+    // Optimized for Native SegWit (P2WPKH) only
+    // P2WPKH: ~68 vbytes per input, ~31 vbytes per output
+    // Overhead: ~10 vbytes
+    const INPUT_SIZE = 68;
+    const OUTPUT_SIZE = 31;
+    const OVERHEAD = 10;
+    for (const utxo of sorted){
+        inputs.push(utxo);
+        totalInput += utxo.value;
+        // Calculate fee for current set + 2 outputs (recipient + change)
+        const vbytes = OVERHEAD + inputs.length * INPUT_SIZE + 2 * OUTPUT_SIZE;
+        const fee = BigInt(Math.ceil(vbytes * feeRate));
+        if (totalInput >= amount + fee) {
+            return {
+                inputs,
+                change: totalInput - amount - fee,
+                fee
+            };
+        }
+    }
+    throw new Error('Insufficient funds');
+};
+
+/**
+ * Fetches current fee rates from mempool.space
+ * Returns fees in sat/vByte
+ *
+ * @param network - The Bitcoin network (default: 'mainnet')
+ * @param rpcUrl - Optional custom RPC URL
+ * @returns The fee rates for fast, medium, and slow transactions
+ */ const getFeeRates = async ({ network = 'mainnet', rpcUrl })=>{
+    const baseUrl = rpcUrl || getDefaultRpcUrl(network);
+    const response = await fetch(`${baseUrl}/v1/fees/recommended`);
+    if (!response.ok) {
+        throw new Error(`Failed to fetch fee rates: ${response.statusText}`);
+    }
+    const fees = await response.json();
+    return {
+        fast: fees.fastestFee,
+        medium: fees.halfHourFee,
+        slow: fees.hourFee
+    };
+};
+
+/**
+ * Calculates the Taproot tweak hash for BIP340 signing
+ * @param pubKey - The normalized public key (32-byte x-only for Taproot)
+ * @returns The tweak hash as a hex string (64 hex chars = 32 bytes)
+ */ const calculateTaprootTweak = (pubKey)=>{
+    const tweakHash = bitcoin__namespace.crypto.taggedHash('TapTweak', pubKey);
+    return Buffer.from(tweakHash).toString('hex');
+};
+
+/**
+ * Converts a signature to a Buffer format suitable for Taproot (BIP340/Schnorr)
+ * Taproot signatures are 64 bytes (r|s concatenated)
+ * @param signature - The signature from MPC (can be Uint8Array, Buffer, or EcdsaSignature object)
+ * @returns A Buffer containing the 64-byte Schnorr signature
+ */ const convertSignatureToTaprootBuffer = (signature)=>{
+    if (signature instanceof Uint8Array || Buffer.isBuffer(signature)) {
+        return Buffer.from(signature);
+    }
+    // ECDSA signature object - concat r and s for Schnorr
+    const r = signature.r;
+    const s = signature.s;
+    const rBuf = Buffer.isBuffer(r) ? r : Buffer.from(r);
+    const sBuf = Buffer.isBuffer(s) ? s : Buffer.from(s);
+    return Buffer.concat([
+        rBuf,
+        sBuf
+    ]);
+};
+
+/**
+ * Collects prevOutScripts and values from all PSBT inputs
+ * Required for Taproot (BIP-341) hashForWitnessV1 calculation
+ * @param psbt - The PSBT to collect input data from
+ * @returns An object containing arrays of prevOutScripts and values
+ * @throws Error if any input is missing witnessUtxo
+ */ const collectPSBTInputData = (psbt)=>{
+    const prevOutScripts = [];
+    const values = [];
+    psbt.data.inputs.forEach((input, index)=>{
+        if (!input.witnessUtxo) {
+            throw new Error(`Input ${index} missing witnessUtxo`);
+        }
+        prevOutScripts.push(Buffer.isBuffer(input.witnessUtxo.script) ? input.witnessUtxo.script : Buffer.from(input.witnessUtxo.script));
+        values.push(input.witnessUtxo.value);
+    });
+    return {
+        prevOutScripts,
+        values
+    };
+};
+
+class DynamicBtcWalletClient extends browser.DynamicWalletClient {
+    /**
+   * Creates a Bitcoin wallet account
+   * @param thresholdSignatureScheme - The threshold signature scheme to use for the wallet
+   * @param password - The password to use for the wallet
+   * @param onError - The function to call if an error occurs
+   * @param signedSessionId - The signed session ID to use for the wallet
+   * @param addressType - The type of address to use for the wallet
+   * @returns The account address, public key hex, and raw public key
+   */ async createWalletAccount({ thresholdSignatureScheme, password = undefined, onError, signedSessionId, bitcoinConfig }) {
+        const network = browser.BitcoinNetwork.MAINNET;
+        const { addressType } = bitcoinConfig;
+        if (!addressType) {
+            throw new Error('addressType is required for BTC');
+        }
+        this.logger.debug('[BTC Client] Creating wallet account', {
+            package: 'packages/btc/src/client/client.ts',
+            method: 'createWalletAccount',
+            addressType,
+            network,
+            thresholdSignatureScheme,
+            signedSessionId
+        });
+        try {
+            // Create a promise that will resolve when the ceremony is complete
+            let ceremonyCompleteResolver;
+            const ceremonyCompletePromise = new Promise((resolve)=>{
+                ceremonyCompleteResolver = resolve;
+            });
+            // Validate address type is provided
+            if (!addressType) {
+                throw new Error('Address type is required for BTC');
+            }
+            const buildBitcoinConfig = {
+                addressType,
+                network
+            };
+            // Use 'BTC' as chain name, derivation path and signing algorithm will be resolved from addressType
+            const { rawPublicKey, clientKeyShares } = await this.keyGen({
+                chainName: this.chainName,
+                thresholdSignatureScheme,
+                bitcoinConfig: buildBitcoinConfig,
+                onError: (error)=>{
+                    this.logger.error(browser.ERROR_CREATE_WALLET_ACCOUNT, error);
+                    onError == null ? void 0 : onError(error);
+                },
+                onCeremonyComplete: (accountAddress, walletId)=>{
+                    const chainConfig = browser.getMPCChainConfig(this.chainName, bitcoinConfig);
+                    // Update wallet map with the derived account address
+                    this.walletMap[accountAddress] = _extends({}, this.walletMap[accountAddress], {
+                        accountAddress: accountAddress,
+                        walletId,
+                        chainName: this.chainName,
+                        thresholdSignatureScheme,
+                        derivationPath: JSON.stringify(Object.fromEntries(chainConfig.derivationPath.map((value, index)=>[
+                                index,
+                                value
+                            ]))),
+                        addressType: addressType,
+                        clientKeySharesBackupInfo: browser.getClientKeyShareBackupInfo()
+                    });
+                    this.logger.debug('[BTC Client] Updated walletMap in onCeremonyComplete', {
+                        accountAddress: accountAddress,
+                        walletId,
+                        addressType: addressType
+                    });
+                    // Resolve the promise when ceremony is complete
+                    ceremonyCompleteResolver(undefined);
+                }
+            });
+            // Wait for the ceremony to complete before proceeding
+            await ceremonyCompletePromise;
+            if (!rawPublicKey || !clientKeyShares) {
+                throw new Error('Key generation failed');
+            }
+            // Derive account address from raw public key
+            const { accountAddress } = this.deriveAccountAddress({
+                rawPublicKey,
+                addressType: addressType,
+                network
+            });
+            // Store client key shares to localStorage
+            await this.setClientKeySharesToLocalStorage({
+                accountAddress,
+                clientKeyShares,
+                overwriteOrMerge: 'overwrite'
+            });
+            // Store encrypted backup
+            await this.storeEncryptedBackupByWalletWithRetry({
+                accountAddress,
+                clientKeyShares,
+                password,
+                signedSessionId
+            });
+            const publicKeyHex = this.extractPublicKeyHex(rawPublicKey);
+            return {
+                accountAddress,
+                publicKeyHex,
+                rawPublicKey
+            };
+        } catch (error) {
+            if (onError) {
+                onError(error);
+            }
+            throw new Error(browser.ERROR_CREATE_WALLET_ACCOUNT);
+        }
+    }
+    /**
+   * Automatically determines the chain config based on address type
+   * @param rawPublicKey - The raw public key from the server
+   * @returns The public key hex
+   */ extractPublicKeyHex(rawPublicKey) {
+        if (rawPublicKey instanceof Uint8Array) {
+            return Buffer.from(rawPublicKey).toString('hex');
+        }
+        if (rawPublicKey && typeof rawPublicKey === 'object' && typeof rawPublicKey.pubKeyAsHex === 'function') {
+            return rawPublicKey.pubKeyAsHex();
+        }
+        if (typeof rawPublicKey === 'string') {
+            return rawPublicKey;
+        }
+        throw new Error('Invalid public key format');
+    }
+    /**
+   * Derives the Bitcoin account address
+   * - BIP340 keys (32 bytes x-only): Only for Taproot addresses
+   * - ECDSA keys (33/65 bytes): For all other address types (Legacy, SegWit, Native SegWit)
+   * - Algorithm selection is automatic based on addressType
+   * @param rawPublicKey - The raw public key to derive the account address from
+   * @param addressType - The address type to derive the account address for
+   * @param network - The network to derive the account address for
+   * @returns The account address
+   */ deriveAccountAddress({ rawPublicKey, addressType, network }) {
+        // Derive address based on the chosen address type and network
+        const normalizedKey = normalizePublicKey(rawPublicKey, addressType);
+        const accountAddress = publicKeyToBitcoinAddress(normalizedKey, addressType, network);
+        return {
+            accountAddress
+        };
+    }
+    /**
+   * Signs a message (BIP-322)
+   * @param message - The message to sign
+   * @param accountAddress - The account address
+   * @param network - The network (mainnet/testnet)
+   * @param password - The wallet password (optional)
+   * @param signedSessionId - The signed session ID
+   * @param mfaToken - The MFA token (optional)
+   * @param context - Additional context
+   * @param onError - Error callback
+   * @returns The BIP-322 signature
+   */ async signMessage({ message, accountAddress, network, password = undefined, signedSessionId, mfaToken, context, onError }) {
+        await this.verifyPassword({
+            accountAddress,
+            password,
+            walletOperation: browser.WalletOperation.SIGN_MESSAGE,
+            signedSessionId
+        });
+        try {
+            if (!accountAddress) {
+                throw new Error(browser.ERROR_ACCOUNT_ADDRESS_REQUIRED);
+            }
+            const walletProperties = this.walletMap[accountAddress];
+            if (!walletProperties) {
+                throw new Error('Wallet not found in walletMap');
+            }
+            const derivationPath = walletProperties.derivationPath;
+            if (!derivationPath) {
+                throw new Error('Derivation path missing in walletMap');
+            }
+            let addressType = walletProperties.addressType;
+            if (!addressType) {
+                addressType = getAddressTypeFromDerivationPath(derivationPath);
+            }
+            const clientKeyShares = await this.getClientKeySharesFromLocalStorage({
+                accountAddress
+            });
+            if (!clientKeyShares || clientKeyShares.length === 0) {
+                throw new Error('No key shares found');
+            }
+            const bitcoinConfig = {
+                addressType,
+                network
+            };
+            const derivedPublicKey = await this.derivePublicKey({
+                chainName: this.chainName,
+                keyShare: clientKeyShares[0],
+                derivationPath: new Uint32Array(Object.values(JSON.parse(derivationPath))),
+                bitcoinConfig
+            });
+            if (!derivedPublicKey) {
+                throw new Error('Failed to derive public key');
+            }
+            const pubKey = normalizePublicKey(derivedPublicKey, addressType);
+            this.verifyWalletAddress(derivedPublicKey, addressType, network, accountAddress);
+            // Prepare BIP-322 Transactions and calculate hash
+            const { formattedMessage, toSignPsbt } = calculateBip322Hash(message, pubKey, addressType, network);
+            // Prepare tweak for Taproot in case of BIP340
+            let tweak;
+            if (addressType === browser.BitcoinAddressType.TAPROOT) {
+                tweak = calculateTaprootTweak(pubKey);
+            }
+            // Build complete bitcoinConfig with addressType and tweak
+            const completeBitcoinConfig = _extends({}, bitcoinConfig, {
+                addressType: addressType,
+                tweak
+            });
+            // Sign the message using MPC
+            const signature = await this.sign({
+                message: formattedMessage,
+                accountAddress,
+                chainName: this.chainName,
+                password,
+                signedSessionId,
+                mfaToken,
+                isFormatted: true,
+                context: context != null ? context : {
+                    btcMessage: message
+                },
+                bitcoinConfig: completeBitcoinConfig,
+                onError
+            });
+            // Encode Final Result
+            const bip322Signature = encodeBip322Signature(toSignPsbt, pubKey, signature, addressType);
+            this.logger.debug('[BTC Client] signMessage - bip322Signature', {
+                bip322Signature
+            });
+            return bip322Signature;
+        } catch (error) {
+            if (onError) {
+                onError(error);
+            }
+            throw new Error(browser.ERROR_SIGN_MESSAGE);
+        }
+    }
+    /**
+   * Verifies that the derived address matches the expected address
+   * @param rawPublicKey - The raw public key
+   * @param addressType - The address type
+   * @param network - The network
+   * @param expectedAddress - The expected address
+   */ verifyWalletAddress(rawPublicKey, addressType, network, expectedAddress) {
+        const normalizedKey = normalizePublicKey(rawPublicKey, addressType);
+        const derivedAddress = publicKeyToBitcoinAddress(normalizedKey, addressType, network);
+        if (derivedAddress !== expectedAddress) {
+            throw new Error(`Address verification failed: expected ${expectedAddress}, got ${derivedAddress}`);
+        }
+    }
+    /**
+   * Exports the private key for a given account
+   * @param accountAddress - The account address to export the private key for
+   * @param password - The password to use for the private key
+   * @param signedSessionId - The signed session ID to use for the private key
+   * @param mfaToken - The MFA token to use for the private key
+   * @param network - The network to use for the private key
+   * @returns The private key
+   */ async exportPrivateKey({ accountAddress, password = undefined, signedSessionId, mfaToken }) {
+        await this.verifyPassword({
+            accountAddress,
+            password,
+            walletOperation: browser.WalletOperation.EXPORT_PRIVATE_KEY,
+            signedSessionId
+        });
+        // Get wallet properties to determine addressType
+        const walletProperties = this.walletMap[accountAddress];
+        if (!walletProperties) {
+            throw new Error('Wallet not found in walletMap');
+        }
+        const derivationPath = walletProperties.derivationPath;
+        if (!derivationPath) {
+            throw new Error('Derivation path missing in walletMap');
+        }
+        let addressType = walletProperties.addressType;
+        if (!addressType && walletProperties.derivationPath) {
+            try {
+                addressType = getAddressTypeFromDerivationPath(walletProperties.derivationPath);
+            } catch (e) {
+                this.logger.warn('Failed to infer address type from derivation path', e);
+            }
+        }
+        if (!addressType) {
+            throw new Error('Address type not found in walletMap');
+        }
+        const { derivedPrivateKey } = await this.exportKey({
+            accountAddress: accountAddress,
+            chainName: this.chainName,
+            bitcoinConfig: {
+                addressType
+            },
+            password,
+            signedSessionId,
+            mfaToken
+        });
+        if (!derivedPrivateKey) {
+            throw new Error('Failed to derive private key');
+        }
+        // Convert MPC private key to Bitcoin WIF format
+        return this.convertPrivateKeyToBitcoinFormat(derivedPrivateKey, browser.BitcoinNetwork.MAINNET);
+    }
+    /**
+   * Converts MPC private key to Bitcoin WIF (Wallet Import Format)
+   * Uses the utility function from utils.ts for the core conversion logic
+   * @param privateKey - The private key to convert to a Bitcoin WIF format
+   * @param network - The network to convert the private key to a Bitcoin WIF format for
+   * @returns The Bitcoin WIF format
+   */ convertPrivateKeyToBitcoinFormat(privateKey, network) {
+        try {
+            const wif = privateKeyToWIF(privateKey, network, {
+                compressed: true,
+                onWarning: (message, data)=>{
+                    this.logger.warn(`[BTC Client] convertPrivateKeyToBitcoinFormat - ${message}`, data);
+                }
+            });
+            this.logger.debug('[BTC Client] convertPrivateKeyToBitcoinFormat - converted to WIF', {
+                network,
+                wifLength: wif.length,
+                wifPrefix: wif.substring(0, 1)
+            });
+            return wif;
+        } catch (error) {
+            this.logger.error('[BTC Client] convertPrivateKeyToBitcoinFormat - error converting to WIF', {
+                error,
+                privateKeyLength: privateKey.length,
+                network
+            });
+            const cleanPrivateKey = privateKey.startsWith('0x') ? privateKey.slice(2) : privateKey;
+            return cleanPrivateKey;
+        }
+    }
+    /**
+   * Sign a Bitcoin Transaction (PSBT)
+   *
+   * @param transaction - The PSBT to sign in hex format
+   * @param senderAddress - The address of the sender
+   * @param password - The password to use for the transaction
+   * @param signedSessionId - The signed session ID to use for the transaction
+   * @param authToken - The auth token to use for the transaction
+   * @param mfaToken - The MFA token to use for the transaction
+   * @param context - The context to use for the transaction
+   * @param onError - The error handler
+   * @returns The signed PSBT
+   */ async signTransaction({ transaction, senderAddress, network, password, signedSessionId, mfaToken, context, onError }) {
+        try {
+            await this.verifyPassword({
+                accountAddress: senderAddress,
+                password,
+                walletOperation: browser.WalletOperation.SIGN_TRANSACTION,
+                signedSessionId
+            });
+            if (!senderAddress) {
+                throw new Error(browser.ERROR_ACCOUNT_ADDRESS_REQUIRED);
+            }
+            const walletProperties = this.walletMap[senderAddress];
+            if (!walletProperties) {
+                throw new Error('Wallet not found in walletMap');
+            }
+            const derivationPath = walletProperties.derivationPath;
+            if (!derivationPath) {
+                throw new Error('Derivation path missing in walletMap');
+            }
+            let addressType = walletProperties.addressType;
+            if (!addressType) {
+                addressType = getAddressTypeFromDerivationPath(derivationPath);
+            }
+            const bitcoinConfig = {
+                addressType,
+                network
+            };
+            const psbt = bitcoin__namespace.Psbt.fromBase64(transaction);
+            const clientKeyShares = await this.getClientKeySharesFromLocalStorage({
+                accountAddress: senderAddress
+            });
+            if (!clientKeyShares || clientKeyShares.length === 0) {
+                throw new Error('No key shares found');
+            }
+            const derivedPublicKey = await this.derivePublicKey({
+                chainName: this.chainName,
+                keyShare: clientKeyShares[0],
+                derivationPath: new Uint32Array(Object.values(JSON.parse(derivationPath))),
+                bitcoinConfig
+            });
+            if (!derivedPublicKey) {
+                throw new Error('Failed to derive public key');
+            }
+            const pubKey = normalizePublicKey(derivedPublicKey, addressType);
+            const tx = psbt.__CACHE.__TX;
+            if (addressType === browser.BitcoinAddressType.TAPROOT) {
+                const tweak = calculateTaprootTweak(pubKey);
+                const completeBitcoinConfig = _extends({}, bitcoinConfig, {
+                    addressType: addressType,
+                    tweak
+                });
+                const { prevOutScripts, values } = collectPSBTInputData(psbt);
+                await Promise.all(psbt.data.inputs.map(async (input, i)=>{
+                    if (!input.witnessUtxo) {
+                        throw new Error(`Input ${i} missing witnessUtxo`);
+                    }
+                    const hash = Buffer.from(tx.hashForWitnessV1(i, prevOutScripts, values, bitcoin__namespace.Transaction.SIGHASH_DEFAULT));
+                    const signature = await this.sign({
+                        message: new Uint8Array(hash),
+                        accountAddress: senderAddress,
+                        chainName: this.chainName,
+                        password,
+                        signedSessionId,
+                        mfaToken,
+                        isFormatted: true,
+                        context: context,
+                        bitcoinConfig: completeBitcoinConfig,
+                        onError
+                    });
+                    const sigBuffer = convertSignatureToTaprootBuffer(signature);
+                    psbt.updateInput(i, {
+                        tapKeySig: sigBuffer
+                    });
+                }));
+            } else {
+                // Native SegWit (P2WPKH) or other ECDSA-based signing
+                // Build bitcoinConfig without tweak (not needed for ECDSA)
+                const completeBitcoinConfig = _extends({}, bitcoinConfig, {
+                    addressType: addressType
+                });
+                // Iterate and sign inputs in parallel for better performance
+                await Promise.all(psbt.data.inputs.map(async (input, i)=>{
+                    if (!input.witnessUtxo) {
+                        throw new Error(`Input ${i} missing witnessUtxo`);
+                    }
+                    const { script, value } = input.witnessUtxo;
+                    // For Native SegWit (P2WPKH), use p2wpkh
+                    const p2wpkh = bitcoin__namespace.payments.p2wpkh({
+                        output: script,
+                        network: getBitcoinNetwork(network)
+                    });
+                    const scriptCode = p2wpkh.output || script;
+                    if (!scriptCode) throw new Error('Failed to generate scriptCode');
+                    const hash = tx.hashForWitnessV0(i, scriptCode, value, bitcoin__namespace.Transaction.SIGHASH_ALL);
+                    const signature = await this.sign({
+                        message: new Uint8Array(hash),
+                        accountAddress: senderAddress,
+                        chainName: this.chainName,
+                        password,
+                        signedSessionId,
+                        mfaToken,
+                        isFormatted: true,
+                        context: context,
+                        bitcoinConfig: completeBitcoinConfig,
+                        onError
+                    });
+                    const derSignature = convertSignatureToDER(signature);
+                    psbt.updateInput(i, {
+                        partialSig: [
+                            {
+                                pubkey: pubKey,
+                                signature: new Uint8Array(derSignature)
+                            }
+                        ]
+                    });
+                }));
+            }
+            // Return signed PSBT in base64 format (not finalized)
+            // This allows users to review, add additional signatures, or finalize themselves
+            const signedPsbtBase64 = psbt.toBase64();
+            this.logger.debug('[BTC Client] signTransaction - signedPsbtBase64', {
+                signedPsbtBase64
+            });
+            return signedPsbtBase64;
+        } catch (error) {
+            if (onError) {
+                onError(error);
+            }
+            throw error;
+        }
+    }
+    /**
+   * Creates a PSBT for a transaction
+   * @param receiverAddress - The address to send funds to
+   * @param amount - The amount to send in satoshis
+   * @param senderAddress - The address to send funds from
+   * @param network - The network to use (mainnet/testnet)
+   * @param feeRateLevel - The fee rate level to use (fast, medium, slow)
+   * @returns The PSBT in hex format
+   */ async createTransaction({ receiverAddress, amount, senderAddress, network, feeRateLevel = 'medium' }) {
+        this.logger.debug('[BTC Client] Creating transaction', {
+            receiverAddress,
+            amount,
+            senderAddress,
+            network,
+            feeRateLevel
+        });
+        if (!senderAddress) {
+            throw new Error(browser.ERROR_ACCOUNT_ADDRESS_REQUIRED);
+        }
+        const walletProperties = this.walletMap[senderAddress];
+        if (!walletProperties) {
+            throw new Error('Wallet not found in walletMap');
+        }
+        let addressType = walletProperties.addressType;
+        if (!addressType && walletProperties.derivationPath) {
+            addressType = getAddressTypeFromDerivationPath(walletProperties.derivationPath);
+        }
+        if (!addressType) {
+            throw new Error('Address type not determined');
+        }
+        if (addressType === browser.BitcoinAddressType.TAPROOT) {
+            throw new Error('Taproot transaction creation not yet supported');
+        }
+        const bitcoinNetwork = network === 'testnet' ? bitcoin__namespace.networks.testnet : bitcoin__namespace.networks.bitcoin;
+        // Fetch fee rates
+        const feeRates = await getFeeRates({
+            network
+        });
+        const feeRate = feeRates[feeRateLevel];
+        // Fetch UTXOs
+        const utxos = await getUTXOs({
+            address: senderAddress,
+            network
+        });
+        // Select UTXOs
+        const { inputs, change, fee } = selectUTXOs({
+            utxos,
+            amount: BigInt(amount),
+            feeRate
+        });
+        const psbt = new bitcoin__namespace.Psbt({
+            network: bitcoinNetwork
+        });
+        // Prepare inputs
+        await Promise.all(inputs.map(async (utxo)=>{
+            const txHex = await this.getTxHex(utxo.txid, network);
+            const inputData = {
+                hash: utxo.txid,
+                index: utxo.vout,
+                nonWitnessUtxo: Buffer.from(txHex, 'hex')
+            };
+            if (addressType === browser.BitcoinAddressType.NATIVE_SEGWIT) {
+                const p2wpkh = bitcoin__namespace.payments.p2wpkh({
+                    address: senderAddress,
+                    network: bitcoinNetwork
+                });
+                if (!p2wpkh.output) {
+                    throw new Error('Failed to generate scriptCode for P2WPKH');
+                }
+                inputData.witnessUtxo = {
+                    script: p2wpkh.output,
+                    value: BigInt(utxo.value)
+                };
+            } else if (addressType === browser.BitcoinAddressType.TAPROOT) {
+                throw new Error('Taproot transaction creation not yet supported');
+            }
+            psbt.addInput(inputData);
+        }));
+        // Add Receiver Output
+        psbt.addOutput({
+            address: receiverAddress,
+            value: BigInt(amount)
+        });
+        // Add Change Output
+        if (change > 0n) {
+            psbt.addOutput({
+                address: senderAddress,
+                value: change
+            });
+        }
+        this.logger.debug('[BTC Client] Transaction created', {
+            fee,
+            change,
+            inputCount: inputs.length
+        });
+        return psbt.toHex();
+    }
+    /**
+   * Fetches the raw transaction hex for a given transaction ID
+   * @param txid - The transaction ID
+   * @param network - The network
+   * @returns The transaction hex
+   */ async getTxHex(txid, network) {
+        const baseUrl = getDefaultRpcUrl(network);
+        const response = await fetch(`${baseUrl}/tx/${txid}/hex`);
+        if (!response.ok) {
+            throw new Error(`Failed to fetch TX hex: ${response.statusText}`);
+        }
+        return await response.text();
+    }
+    /**
+   * Gets the Bitcoin wallets
+   * @returns The Bitcoin wallets
+   */ async getBitcoinWallets() {
+        const wallets = await this.getWallets();
+        const btcWallets = wallets.filter((wallet)=>wallet.chainName === 'bitcoin');
+        return btcWallets;
+    }
+    /**
+   * Creates a new instance of DynamicBtcWalletClient
+   * @param props - The client properties
+   */ constructor({ environmentId, authToken, baseApiUrl, baseMPCRelayApiUrl, storageKey, debug, featureFlags, authMode = browser.AuthMode.HEADER, sdkVersion, forwardMPCClient }){
+        super({
+            environmentId,
+            authToken,
+            baseApiUrl,
+            baseMPCRelayApiUrl,
+            storageKey,
+            debug,
+            featureFlags,
+            authMode,
+            sdkVersion,
+            forwardMPCClient
+        }), this.chainName = 'BTC';
+    }
+}
+
+exports.DynamicBtcWalletClient = DynamicBtcWalletClient;