@exodus/bip322-js 1.1.0-exodus.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Ken Sze <acken2@outlook.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,56 @@
+# BIP322-JS
+
+![Unit Test Status](https://github.com/ACken2/bip322-js/actions/workflows/unit_test.yml/badge.svg)
+[![Coverage Status](https://coveralls.io/repos/github/ACken2/bip322-js/badge.svg?branch=main)](https://coveralls.io/github/ACken2/bip322-js?branch=main)
+
+A Javascript library that provides utility functions related to the BIP-322 signature scheme.
+**This is a fork of https://github.com/ACken2/bip322-js with dependencies change in order to reduce audit load.**
+No API changes present at the moment.
+
+## Current status
+
+**What else can be improved**:
+- We decided to keep using `bitcoinjs-lib` and take an audit from scratch. ~~Update `@exodus/bitcoinjs-lib` so that the skipped tests in `Verifier.test.js` work. 
+A description of the existing challenges available in https://exodusio.slack.com/archives/C05DQN4DW4D/p1695295752637329.~~
+- Replace `@bitcoinerlab/secp256k1` with an audited library.
+
+## Limitations
+
+Only P2PKH, P2SH-P2WPKH, P2WPKH, and single-key-spend P2TR are supported in this library.
+
+## Documentation
+
+Available at https://acken2.github.io/bip322-js/
+
+## Supported Features
+
+1. Generate raw toSpend and toSign BIP-322 transactions
+2. Sign a BIP-322 signature using a private key
+3. Verify a simple BIP-322 signature
+
+## Example
+
+```js
+// Import modules that are useful to you
+const { BIP322, Signer, Verifier } = require('bip322-js');
+
+// Signing a BIP-322 signature with a private key
+const privateKey = 'L3VFeEujGtevx9w18HD1fhRbCH67Az2dpCymeRE1SoPK6XQtaN2k';
+const address = 'bc1q9vza2e8x573nczrlzms0wvx3gsqjx7vavgkx0l';
+const message = 'Hello World';
+const signature = Signer.sign(privateKey, address, message);
+console.log(signature);
+
+// Verifying a simple BIP-322 signature
+const validity = Verifier.verifySignature(address, message, signature);
+console.log(validity); // True
+
+// You can also get the raw unsigned BIP-322 toSpend and toSign transaction directly
+const scriptPubKey = Buffer.from('00142b05d564e6a7a33c087f16e0f730d1440123799d', 'hex');
+const toSpend = BIP322.buildToSpendTx(message, scriptPubKey); // bitcoin.Transaction
+const toSpendTxId = toSpend.getId();
+const toSign = BIP322.buildToSignTx(toSpendTxId, scriptPubKey); // bitcoin.Psbt
+// Do whatever you want to do with the PSBT
+```
+
+More working examples can be found within the unit test for BIP322, Signer, and Verifier.

package/dist/BIP322.d.ts

@@ -0,0 +1,40 @@
+/// <reference types="node" />
+import * as bitcoin from 'bitcoinjs-lib';
+/**
+ * Class that handles BIP-322 related operations.
+ * Reference: https://github.com/LegReq/bip0322-signatures/blob/master/BIP0322_signing.ipynb
+ */
+declare class BIP322 {
+    static TAG: Buffer;
+    /**
+     * Compute the message hash as specified in the BIP-322.
+     * The standard is specified in BIP-340 as:
+     *      The function hashtag(x) where tag is a UTF-8 encoded tag name and x is a byte array returns the 32-byte hash SHA256(SHA256(tag) || SHA256(tag) || x).
+     * @param message Message to be hashed
+     * @returns Hashed message
+     */
+    static hashMessage(message: string): any;
+    /**
+     * Build a to_spend transaction using simple signature in accordance to the BIP-322.
+     * @param message Message to be signed using BIP-322
+     * @param scriptPublicKey The script public key for the signing wallet
+     * @returns Bitcoin transaction that correspond to the to_spend transaction
+     */
+    static buildToSpendTx(message: string, scriptPublicKey: Buffer): bitcoin.Transaction;
+    /**
+     * Build a to_sign transaction using simple signature in accordance to the BIP-322.
+     * @param toSpendTxId Transaction ID of the to_spend transaction as constructed by buildToSpendTx
+     * @param witnessScript The script public key for the signing wallet, or the redeemScript for P2SH-P2WPKH address
+     * @param isRedeemScript Set to true if the provided witnessScript is a redeemScript for P2SH-P2WPKH address, default to false
+     * @param tapInternalKey Used to set the taproot internal public key of a taproot signing address when provided, default to undefined
+     * @returns Ready-to-be-signed bitcoinjs.Psbt transaction
+     */
+    static buildToSignTx(toSpendTxId: string, witnessScript: Buffer, isRedeemScript?: boolean, tapInternalKey?: Buffer): bitcoin.Psbt;
+    /**
+     * Encode witness stack in a signed BIP-322 PSBT into its base-64 encoded format.
+     * @param signedPsbt Signed PSBT
+     * @returns Base-64 encoded witness data
+     */
+    static encodeWitness(signedPsbt: bitcoin.Psbt): string;
+}
+export default BIP322;

package/dist/BIP322.js

@@ -0,0 +1,155 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+// Import dependencies
+const create_hash_1 = __importDefault(require("create-hash"));
+const bitcoin = __importStar(require("bitcoinjs-lib"));
+/**
+ * Class that handles BIP-322 related operations.
+ * Reference: https://github.com/LegReq/bip0322-signatures/blob/master/BIP0322_signing.ipynb
+ */
+class BIP322 {
+    /**
+     * Compute the message hash as specified in the BIP-322.
+     * The standard is specified in BIP-340 as:
+     *      The function hashtag(x) where tag is a UTF-8 encoded tag name and x is a byte array returns the 32-byte hash SHA256(SHA256(tag) || SHA256(tag) || x).
+     * @param message Message to be hashed
+     * @returns Hashed message
+     */
+    static hashMessage(message) {
+        // Compute the message hash - SHA256(SHA256(tag) || SHA256(tag) || message)
+        const tagHasher = (0, create_hash_1.default)('sha256');
+        tagHasher.update(this.TAG);
+        const tagHash = tagHasher.digest();
+        const messageHasher = (0, create_hash_1.default)('sha256');
+        messageHasher.update(tagHash);
+        messageHasher.update(tagHash);
+        messageHasher.update(Buffer.from(message));
+        const messageHash = messageHasher.digest();
+        return messageHash;
+    }
+    /**
+     * Build a to_spend transaction using simple signature in accordance to the BIP-322.
+     * @param message Message to be signed using BIP-322
+     * @param scriptPublicKey The script public key for the signing wallet
+     * @returns Bitcoin transaction that correspond to the to_spend transaction
+     */
+    static buildToSpendTx(message, scriptPublicKey) {
+        // Create PSBT object for constructing the transaction
+        const psbt = new bitcoin.Psbt();
+        // Set default value for nVersion and nLockTime
+        psbt.setVersion(0); // nVersion = 0
+        psbt.setLocktime(0); // nLockTime = 0
+        // Compute the message hash - SHA256(SHA256(tag) || SHA256(tag) || message)
+        const messageHash = this.hashMessage(message);
+        // Construct the scriptSig - OP_0 PUSH32[ message_hash ]
+        const scriptSigPartOne = new Uint8Array([0x00, 0x20]); // OP_0 PUSH32
+        const scriptSig = new Uint8Array(scriptSigPartOne.length + messageHash.length);
+        scriptSig.set(scriptSigPartOne);
+        scriptSig.set(messageHash, scriptSigPartOne.length);
+        // Set the input
+        psbt.addInput({
+            hash: '0'.repeat(64),
+            index: 0xFFFFFFFF,
+            sequence: 0,
+            finalScriptSig: Buffer.from(scriptSig),
+            witnessScript: Buffer.from([]) // vin[0].scriptWitness = []
+        });
+        // Set the output
+        psbt.addOutput({
+            value: 0,
+            script: scriptPublicKey // vout[0].scriptPubKey = message_challenge
+        });
+        // Return transaction
+        return psbt.extractTransaction();
+    }
+    /**
+     * Build a to_sign transaction using simple signature in accordance to the BIP-322.
+     * @param toSpendTxId Transaction ID of the to_spend transaction as constructed by buildToSpendTx
+     * @param witnessScript The script public key for the signing wallet, or the redeemScript for P2SH-P2WPKH address
+     * @param isRedeemScript Set to true if the provided witnessScript is a redeemScript for P2SH-P2WPKH address, default to false
+     * @param tapInternalKey Used to set the taproot internal public key of a taproot signing address when provided, default to undefined
+     * @returns Ready-to-be-signed bitcoinjs.Psbt transaction
+     */
+    static buildToSignTx(toSpendTxId, witnessScript, isRedeemScript = false, tapInternalKey = undefined) {
+        // Create PSBT object for constructing the transaction
+        const psbt = new bitcoin.Psbt();
+        // Set default value for nVersion and nLockTime
+        psbt.setVersion(0); // nVersion = 0
+        psbt.setLocktime(0); // nLockTime = 0
+        // Set the input
+        psbt.addInput({
+            hash: toSpendTxId,
+            index: 0,
+            sequence: 0,
+            witnessUtxo: {
+                script: witnessScript,
+                value: 0
+            }
+        });
+        // Set redeemScript as witnessScript if isRedeemScript
+        if (isRedeemScript) {
+            psbt.updateInput(0, {
+                redeemScript: witnessScript
+            });
+        }
+        // Set tapInternalKey if provided
+        if (tapInternalKey) {
+            psbt.updateInput(0, {
+                tapInternalKey: tapInternalKey
+            });
+        }
+        // Set the output
+        psbt.addOutput({
+            value: 0,
+            script: Buffer.from([0x6a]) // vout[0].scriptPubKey = OP_RETURN
+        });
+        return psbt;
+    }
+    /**
+     * Encode witness stack in a signed BIP-322 PSBT into its base-64 encoded format.
+     * @param signedPsbt Signed PSBT
+     * @returns Base-64 encoded witness data
+     */
+    static encodeWitness(signedPsbt) {
+        // Obtain the signed witness data
+        const witness = signedPsbt.data.inputs[0].finalScriptWitness;
+        // Check if the witness data is present
+        if (witness) {
+            // Return the base-64 encoded witness stack
+            return witness.toString('base64');
+        }
+        else {
+            throw new Error('Cannot encode empty witness stack.');
+        }
+    }
+}
+// BIP322 message tag
+BIP322.TAG = Buffer.from("BIP0322-signed-message");
+exports.default = BIP322;
+//# sourceMappingURL=BIP322.js.map

package/dist/BIP322.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"BIP322.js","sourceRoot":"","sources":["../src/BIP322.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sBAAsB;AACtB,8DAAqC;AACrC,uDAAyC;AAEzC;;;GAGG;AACH,MAAM,MAAM;IAKR;;;;;;OAMG;IACI,MAAM,CAAC,WAAW,CAAC,OAAe;QACrC,2EAA2E;QAC3E,MAAM,SAAS,GAAG,IAAA,qBAAU,EAAC,QAAQ,CAAC,CAAA;QACtC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3B,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC;QACnC,MAAM,aAAa,GAAG,IAAA,qBAAU,EAAC,QAAQ,CAAC,CAAA;QAC1C,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC9B,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC9B,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3C,MAAM,WAAW,GAAG,aAAa,CAAC,MAAM,EAAE,CAAC;QAC3C,OAAO,WAAW,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,cAAc,CAAC,OAAe,EAAE,eAAuB;QACjE,sDAAsD;QACtD,MAAM,IAAI,GAAG,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QAChC,+CAA+C;QAC/C,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;QACnC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACrC,2EAA2E;QAC3E,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAC9C,wDAAwD;QACxD,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,cAAc;QACrE,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,gBAAgB,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;QAC/E,SAAS,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAChC,SAAS,CAAC,GAAG,CAAC,WAAW,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACpD,gBAAgB;QAChB,IAAI,CAAC,QAAQ,CAAC;YACV,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACpB,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,CAAC;YACX,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC;YACtC,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,4BAA4B;SAC9D,CAAC,CAAC;QACH,iBAAiB;QACjB,IAAI,CAAC,SAAS,CAAC;YACX,KAAK,EAAE,CAAC;YACR,MAAM,EAAE,eAAe,CAAC,2CAA2C;SACtE,CAAC,CAAC;QACH,qBAAqB;QACrB,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC;IACrC,CAAC;IAED;;;;;;;OAOG;IACI,MAAM,CAAC,aAAa,CAAC,WAAmB,EAAE,aAAqB,EAAE,iBAA0B,KAAK,EAAE,iBAAyB,SAAS;QACvI,sDAAsD;QACtD,MAAM,IAAI,GAAG,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QAChC,+CAA+C;QAC/C,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;QACnC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACrC,gBAAgB;QAChB,IAAI,CAAC,QAAQ,CAAC;YACV,IAAI,EAAE,WAAW;YACjB,KAAK,EAAE,CAAC;YACR,QAAQ,EAAE,CAAC;YACX,WAAW,EAAE;gBACT,MAAM,EAAE,aAAa;gBACrB,KAAK,EAAE,CAAC;aACX;SACJ,CAAC,CAAC;QACH,sDAAsD;QACtD,IAAI,cAAc,EAAE;YAChB,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE;gBAChB,YAAY,EAAE,aAAa;aAC9B,CAAC,CAAC;SACN;QACD,iCAAiC;QACjC,IAAI,cAAc,EAAE;YAChB,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE;gBAChB,cAAc,EAAE,cAAc;aACjC,CAAC,CAAC;SACN;QACD,iBAAiB;QACjB,IAAI,CAAC,SAAS,CAAC;YACX,KAAK,EAAE,CAAC;YACR,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,mCAAmC;SAClE,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACI,MAAM,CAAC,aAAa,CAAC,UAAwB;QAChD,iCAAiC;QACjC,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,kBAAkB,CAAC;QAC7D,uCAAuC;QACvC,IAAI,OAAO,EAAE;YACT,2CAA2C;YAC3C,OAAO,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;SACrC;aACI;YACD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACzD;IACL,CAAC;;AAvHD,qBAAqB;AACd,UAAG,GAAG,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;AA0HvD,kBAAe,MAAM,CAAC"}

package/dist/Signer.d.ts

@@ -0,0 +1,25 @@
+/// <reference types="node" />
+import * as bitcoin from 'bitcoinjs-lib';
+/**
+ * Class that signs BIP-322 signature using a private key.
+ * Reference: https://github.com/LegReq/bip0322-signatures/blob/master/BIP0322_signing.ipynb
+ */
+declare class Signer {
+    /**
+     * Sign a BIP-322 signature from P2WPKH, P2SH-P2WPKH, and single-key-spend P2TR address and its corresponding private key.
+     * @param privateKey Private key used to sign the message
+     * @param address Address to be signing the message
+     * @param message message_challenge to be signed by the address
+     * @param network Network that the address is located, defaults to the Bitcoin mainnet
+     * @returns BIP-322 simple signature, encoded in base-64
+     */
+    static sign(privateKey: string, address: string, message: string, network?: bitcoin.Network): string | Buffer;
+    /**
+     * Check if a given public key is the public key for a claimed address.
+     * @param publicKey Public key to be tested
+     * @param claimedAddress Address claimed to be derived based on the provided public key
+     * @returns True if the claimedAddress can be derived by the provided publicKey, false if otherwise
+     */
+    private static checkPubKeyCorrespondToAddress;
+}
+export default Signer;

package/dist/Signer.js

@@ -0,0 +1,130 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+// Import dependencies
+const BIP322_1 = __importDefault(require("./BIP322"));
+const ecpair_1 = __importDefault(require("ecpair"));
+const helpers_1 = require("./helpers");
+const bitcoin = __importStar(require("bitcoinjs-lib"));
+const secp256k1_1 = __importDefault(require("@bitcoinerlab/secp256k1"));
+const bitcoinMessage = __importStar(require("bitcoinjs-message"));
+/**
+ * Class that signs BIP-322 signature using a private key.
+ * Reference: https://github.com/LegReq/bip0322-signatures/blob/master/BIP0322_signing.ipynb
+ */
+class Signer {
+    /**
+     * Sign a BIP-322 signature from P2WPKH, P2SH-P2WPKH, and single-key-spend P2TR address and its corresponding private key.
+     * @param privateKey Private key used to sign the message
+     * @param address Address to be signing the message
+     * @param message message_challenge to be signed by the address
+     * @param network Network that the address is located, defaults to the Bitcoin mainnet
+     * @returns BIP-322 simple signature, encoded in base-64
+     */
+    static sign(privateKey, address, message, network = bitcoin.networks.bitcoin) {
+        // Initialize private key used to sign the transaction
+        const ECPair = (0, ecpair_1.default)(secp256k1_1.default);
+        let signer = ECPair.fromWIF(privateKey, network);
+        // Check if the private key can sign message for the given address
+        if (!this.checkPubKeyCorrespondToAddress(signer.publicKey, address)) {
+            throw new Error(`Invalid private key provided for signing message for ${address}.`);
+        }
+        // Handle legacy P2PKH signature
+        if (helpers_1.Address.isP2PKH(address)) {
+            // For P2PKH address, sign a legacy signature
+            // Reference: https://github.com/bitcoinjs/bitcoinjs-message/blob/c43430f4c03c292c719e7801e425d887cbdf7464/README.md?plain=1#L21
+            return bitcoinMessage.sign(message, signer.privateKey, signer.compressed);
+        }
+        // Convert address into corresponding script pubkey
+        const scriptPubKey = helpers_1.Address.convertAdressToScriptPubkey(address);
+        // Draft corresponding toSpend using the message and script pubkey
+        const toSpendTx = BIP322_1.default.buildToSpendTx(message, scriptPubKey);
+        // Draft corresponding toSign transaction based on the address type
+        let toSignTx;
+        if (helpers_1.Address.isP2SH(address)) {
+            // P2SH-P2WPKH signing path
+            // Derive the P2SH-P2WPKH redeemScript from the corresponding hashed public key
+            const redeemScript = bitcoin.payments.p2wpkh({
+                hash: bitcoin.crypto.hash160(signer.publicKey),
+                network: network
+            }).output;
+            toSignTx = BIP322_1.default.buildToSignTx(toSpendTx.getId(), redeemScript, true);
+        }
+        else if (helpers_1.Address.isP2WPKH(address)) {
+            // P2WPKH signing path
+            toSignTx = BIP322_1.default.buildToSignTx(toSpendTx.getId(), scriptPubKey);
+        }
+        else {
+            // P2TR signing path
+            // Extract the taproot internal public key
+            const internalPublicKey = signer.publicKey.subarray(1, 33);
+            // Tweak the private key for signing, since the output and address uses tweaked key
+            // Reference: https://github.com/bitcoinjs/bitcoinjs-lib/blob/1a9119b53bcea4b83a6aa8b948f0e6370209b1b4/test/integration/taproot.spec.ts#L55
+            signer = signer.tweak(bitcoin.crypto.taggedHash('TapTweak', signer.publicKey.subarray(1, 33)));
+            // Draft a toSign transaction that spends toSpend transaction
+            toSignTx = BIP322_1.default.buildToSignTx(toSpendTx.getId(), scriptPubKey, false, internalPublicKey);
+            // Set the sighashType to bitcoin.Transaction.SIGHASH_ALL since it defaults to SIGHASH_DEFAULT
+            toSignTx.updateInput(0, {
+                sighashType: bitcoin.Transaction.SIGHASH_ALL
+            });
+        }
+        // Sign the toSign transaction
+        const toSignTxSigned = toSignTx.signAllInputs(signer, [bitcoin.Transaction.SIGHASH_ALL]).finalizeAllInputs();
+        // Extract and return the signature
+        return BIP322_1.default.encodeWitness(toSignTxSigned);
+    }
+    /**
+     * Check if a given public key is the public key for a claimed address.
+     * @param publicKey Public key to be tested
+     * @param claimedAddress Address claimed to be derived based on the provided public key
+     * @returns True if the claimedAddress can be derived by the provided publicKey, false if otherwise
+     */
+    static checkPubKeyCorrespondToAddress(publicKey, claimedAddress) {
+        // Derive the same address type from the provided public key
+        let derivedAddresses;
+        if (helpers_1.Address.isP2PKH(claimedAddress)) {
+            derivedAddresses = helpers_1.Address.convertPubKeyIntoAddress(publicKey, 'p2pkh');
+        }
+        else if (helpers_1.Address.isP2SH(claimedAddress)) {
+            derivedAddresses = helpers_1.Address.convertPubKeyIntoAddress(publicKey, 'p2sh-p2wpkh');
+        }
+        else if (helpers_1.Address.isP2WPKH(claimedAddress)) {
+            derivedAddresses = helpers_1.Address.convertPubKeyIntoAddress(publicKey, 'p2wpkh');
+        }
+        else if (helpers_1.Address.isP2TR(claimedAddress)) {
+            derivedAddresses = helpers_1.Address.convertPubKeyIntoAddress(publicKey, 'p2tr');
+        }
+        else {
+            throw new Error('Unable to sign BIP-322 message for unsupported address type.'); // Unsupported address type
+        }
+        // Check if the derived address correspond to the claimedAddress
+        return (derivedAddresses.mainnet === claimedAddress) || (derivedAddresses.testnet === claimedAddress);
+    }
+}
+exports.default = Signer;
+//# sourceMappingURL=Signer.js.map

package/dist/Signer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"Signer.js","sourceRoot":"","sources":["../src/Signer.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sBAAsB;AACtB,sDAA8B;AAC9B,oDAAmC;AACnC,uCAAoC;AACpC,uDAAyC;AACzC,wEAA0C;AAC1C,kEAAoD;AAEpD;;;GAGG;AACH,MAAM,MAAM;IAER;;;;;;;OAOG;IACI,MAAM,CAAC,IAAI,CAAC,UAAkB,EAAE,OAAe,EAAE,OAAe,EAAE,UAA2B,OAAO,CAAC,QAAQ,CAAC,OAAO;QACxH,sDAAsD;QACtD,MAAM,MAAM,GAAG,IAAA,gBAAa,EAAC,mBAAG,CAAC,CAAC;QAClC,IAAI,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACjD,kEAAkE;QAClE,IAAI,CAAC,IAAI,CAAC,8BAA8B,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE;YACjE,MAAM,IAAI,KAAK,CAAC,wDAAwD,OAAO,GAAG,CAAC,CAAC;SACvF;QACD,gCAAgC;QAChC,IAAI,iBAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;YAC1B,6CAA6C;YAC7C,gIAAgI;YAChI,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;SAC7E;QACD,mDAAmD;QACnD,MAAM,YAAY,GAAG,iBAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC,CAAC;QAClE,kEAAkE;QAClE,MAAM,SAAS,GAAG,gBAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAC/D,mEAAmE;QACnE,IAAI,QAAsB,CAAC;QAC3B,IAAI,iBAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE;YACzB,2BAA2B;YAC3B,+EAA+E;YAC/E,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC;gBAC9C,OAAO,EAAE,OAAO;aACnB,CAAC,CAAC,MAAgB,CAAC;YACpB,QAAQ,GAAG,gBAAM,CAAC,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;SAC1E;aACI,IAAI,iBAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE;YAChC,sBAAsB;YACtB,QAAQ,GAAG,gBAAM,CAAC,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,YAAY,CAAC,CAAC;SACpE;aACI;YACD,oBAAoB;YACpB,0CAA0C;YAC1C,MAAM,iBAAiB,GAAG,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3D,mFAAmF;YACnF,2IAA2I;YAC3I,MAAM,GAAG,MAAM,CAAC,KAAK,CACjB,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAC1E,CAAC;YACF,6DAA6D;YAC7D,QAAQ,GAAG,gBAAM,CAAC,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,iBAAiB,CAAC,CAAC;YAC3F,8FAA8F;YAC9F,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE;gBACpB,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,WAAW;aAC/C,CAAC,CAAC;SACN;QACD,8BAA8B;QAC9B,MAAM,cAAc,GAAG,QAAQ,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,iBAAiB,EAAE,CAAC;QAC7G,mCAAmC;QACnC,OAAO,gBAAM,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;IAChD,CAAC;IAED;;;;;OAKG;IACK,MAAM,CAAC,8BAA8B,CAAC,SAAiB,EAAE,cAAsB;QACnF,4DAA4D;QAC5D,IAAI,gBAAsD,CAAC;QAC3D,IAAI,iBAAO,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;YACjC,gBAAgB,GAAG,iBAAO,CAAC,wBAAwB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;SAC3E;aACI,IAAI,iBAAO,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;YACrC,gBAAgB,GAAG,iBAAO,CAAC,wBAAwB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;SACjF;aACI,IAAI,iBAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE;YACvC,gBAAgB,GAAG,iBAAO,CAAC,wBAAwB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;SAC5E;aACI,IAAI,iBAAO,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;YACrC,gBAAgB,GAAG,iBAAO,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;SAC1E;aACI;YACD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC,CAAC,2BAA2B;SAC/G;QACD,gEAAgE;QAChE,OAAO,CAAC,gBAAgB,CAAC,OAAO,KAAK,cAAc,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,KAAK,cAAc,CAAC,CAAC;IAC1G,CAAC;CAEJ;AAED,kBAAe,MAAM,CAAC"}

package/dist/Verifier.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Class that handles BIP-322 signature verification.
+ * Reference: https://github.com/LegReq/bip0322-signatures/blob/master/BIP0322_verification.ipynb
+ */
+declare class Verifier {
+    /**
+     * Verify a BIP-322 signature from P2WPKH, P2SH-P2WPKH, and single-key-spend P2TR address.
+     * @param signerAddress Address of the signing address
+     * @param message message_challenge signed by the address
+     * @param signatureBase64 Signature produced by the signing address
+     * @returns True if the provided signature is a valid BIP-322 signature for the given message and address, false if otherwise
+     * @throws If the provided signature fails basic validation, or if unsupported address and signature are provided
+     */
+    static verifySignature(signerAddress: string, message: string, signatureBase64: string): boolean;
+    /**
+     * Verify a legacy BIP-137 signature.
+     * Note that a signature is considered valid for all types of addresses that can be derived from the recovered public key.
+     * @param signerAddress Address of the signing address
+     * @param message message_challenge signed by the address
+     * @param signatureBase64 Signature produced by the signing address
+     * @returns True if the provided signature is a valid BIP-137 signature for the given message and address, false if otherwise
+     * @throws If the provided signature fails basic validation, or if unsupported address and signature are provided
+     */
+    private static verifyBIP137Signature;
+    /**
+     * Compute the hash to be signed for a given P2WPKH BIP-322 toSign transaction.
+     * @param toSignTx PSBT instance of the toSign transaction
+     * @returns Computed transaction hash that requires signing
+     */
+    private static getHashForSigP2WPKH;
+    /**
+     * Compute the hash to be signed for a given P2SH-P2WPKH BIP-322 toSign transaction.
+     * @param toSignTx PSBT instance of the toSign transaction
+     * @param hashedPubkey Hashed public key of the signing address
+     * @returns Computed transaction hash that requires signing
+     */
+    private static getHashForSigP2SHInP2WPKH;
+    /**
+     * Compute the hash to be signed for a given P2TR BIP-322 toSign transaction.
+     * @param toSignTx PSBT instance of the toSign transaction
+     * @param hashType Hash type used to sign the toSign transaction, must be either 0x00 or 0x01
+     * @returns Computed transaction hash that requires signing
+     * @throws Error if hashType is anything other than 0x00 or 0x01
+     */
+    private static getHashForSigP2TR;
+}
+export default Verifier;