@exodus/bitcoin-api 1.0.0 → 1.0.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@exodus/bitcoin-api",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "Exodus bitcoin-api",
   "main": "src/index.js",
   "files": [
@@ -31,9 +31,12 @@
     "ecpair": "2.0.1",
     "querystring": "0.2.0",
     "socket.io-client": "2.1.1",
+    "tiny-secp256k1": "1.1.3",
     "url-join": "4.0.0"
   },
   "devDependencies": {
+    "@exodus/bip-schnorr": "0.6.6-fork-1",
     "@noble/secp256k1": "~1.5.3"
-  }
+  },
+  "gitHead": "6bbd1f431656185196b2dbe74a9347a29e6bb3b1"
 }

package/src/bitcoinjs-lib/ecc/desktop.js

@@ -23,6 +23,7 @@ export const desktopEcc: TinySecp256k1Interface = {
 
   // The underlying library does not expose sync functions for Schnorr sign and verify.
   // These function are explicitly defined here as `null` for documentation purposes.
+  // Update, latest version of https://github.com/paulmillr/noble-secp256k1 does support SYNC
   signSchnorr: null,
   verifySchnorr: null,
 

package/src/bitcoinjs-lib/ecc/index.js

@@ -1,2 +1,9 @@
-export const eccFactory = (useDesktopEcc) =>
-  useDesktopEcc ? require('./desktop').desktopEcc : require('./mobile').mobileEcc
+export const eccFactory = (useDesktopEcc, useSchnorrEcc) => {
+  if (useDesktopEcc) {
+    return require('./desktop').desktopEcc
+  }
+  if (useSchnorrEcc) {
+    return require('./mobile-schnorr').mobileSchnorrEcc
+  }
+  return require('./mobile').mobileEcc
+}

package/src/bitcoinjs-lib/ecc/index.native.js

@@ -0,0 +1,9 @@
+import assert from 'minimalistic-assert'
+
+export const eccFactory = (useDesktopEcc, useSchnorrEcc) => {
+  assert(!useDesktopEcc, 'useDesktopEcc must be false on mobile!!')
+  if (useSchnorrEcc) {
+    return require('./mobile-schnorr').mobileSchnorrEcc
+  }
+  return require('./mobile').mobileEcc
+}

package/src/bitcoinjs-lib/ecc/mobile-schnorr.js

@@ -0,0 +1,58 @@
+import { TinySecp256k1Interface } from '@exodus/bitcoinjs-lib'
+import secp256k1 from '@exodus/secp256k1'
+// TODO: temp import until '@noble/secp256k1' can be used
+import { isPoint } from 'tiny-secp256k1'
+import { common, toPubKey } from './common'
+import schnorr from '@exodus/bip-schnorr'
+
+/**
+ * Wrapper around `secp256k1` in order to follow the bitcoinjs-lib `TinySecp256k1Interface`
+ * Schnorr signatures are offered by @exodus/bip-schnorr
+ *
+ */
+
+export const mobileSchnorrEcc: TinySecp256k1Interface = {
+  ...common,
+
+  signAsync: async (h: Uint8Array, d: Uint8Array, extraEntropy?: Uint8Array): Uint8Array =>
+    secp256k1.ecdsaSign(h, d, { data: extraEntropy }).signature,
+
+  signSchnorr: (h: Uint8Array, d: Uint8Array, e?: Uint8Array): Uint8Array =>
+    schnorr.sign(d.toString('hex'), h, e),
+
+  signSchnorrAsync: async (h: Uint8Array, d: Uint8Array, e?: Uint8Array): Uint8Array =>
+    mobileSchnorrEcc.signSchnorr(h, d, e),
+
+  verifySchnorr: (h: Uint8Array, Q: Uint8Array, signature: Uint8Array): boolean => {
+    try {
+      schnorr.verify(Q, h, signature)
+      return true
+    } catch (e) {
+      return false
+    }
+  },
+
+  verifySchnorrAsync: async (h: Uint8Array, Q: Uint8Array, signature: Uint8Array): boolean =>
+    mobileSchnorrEcc.verifySchnorr(h, Q, signature),
+
+  isPoint: (p: Uint8Array): boolean => {
+    try {
+      // temp solution secp256k1 does not actually verify the value range, only the data length
+      return isPoint(Buffer.from(p))
+    } catch (err) {
+      return false
+    }
+  },
+
+  isXOnlyPoint: (p: Uint8Array): boolean => {
+    try {
+      // temp solution secp256k1 does not actually verify the value range, only the data length
+      return isPoint(Buffer.from(toPubKey(p)))
+    } catch (err) {
+      return false
+    }
+  },
+
+  pointCompress: (p: Uint8Array, compressed?: boolean): Uint8Array =>
+    secp256k1.publicKeyConvert(p, compressed),
+}

package/src/bitcoinjs-lib/ecc/mobile.js

@@ -1,7 +1,7 @@
 import { TinySecp256k1Interface } from '@exodus/bitcoinjs-lib'
 import secp256k1 from '@exodus/secp256k1'
 // TODO: temp import until '@noble/secp256k1' can be used
-import tinySecp256k1 from 'tiny-secp256k1'
+import { isPoint } from 'tiny-secp256k1'
 import { common, toPubKey } from './common'
 
 /**
@@ -28,8 +28,8 @@ export const mobileEcc: TinySecp256k1Interface = {
   isPoint: (p: Uint8Array): boolean => {
     try {
       // temp solution secp256k1 does not actually verify the value range, only the data length
-      return tinySecp256k1.isPoint(Buffer.from(p))
-    } catch {
+      return isPoint(Buffer.from(p))
+    } catch (err) {
       return false
     }
   },
@@ -37,7 +37,7 @@ export const mobileEcc: TinySecp256k1Interface = {
   isXOnlyPoint: (p: Uint8Array): boolean => {
     try {
       // temp solution secp256k1 does not actually verify the value range, only the data length
-      return tinySecp256k1.isPoint(Buffer.from(toPubKey(p)))
+      return isPoint(Buffer.from(toPubKey(p)))
     } catch (err) {
       return false
     }

package/src/fee/fee-estimator.js

@@ -1,6 +1,5 @@
 // @flow
 import assert from 'minimalistic-assert'
-import { get } from 'lodash'
 import * as varuint from 'varuint-bitcoin'
 import { UtxoCollection } from '@exodus/models'
 
@@ -53,13 +52,16 @@ const scriptPubKeyLengths = {
 // 10 = version: 4, locktime: 4, inputs and outputs count: 1
 // 148 = txId: 32, vout: 4, count: 1, script: 107 (max), sequence: 4
 // 34 = value: 8, count: 1, scriptPubKey: 25 (P2PKH) and 23 (P2SH)
-export const getSizeFactory = ({ ecc }) => (
+export const getSizeFactory = ({ ecc, defaultOutputType, addressApi }) => (
   asset: Object,
   inputs: Array | UtxoCollection,
   outputs: Array,
   { compressed = true } = {}
 ) => {
   assert(ecc, 'ecc is required')
+  assert(defaultOutputType, 'defaultOutputType is required')
+  assert(addressApi, 'addressApi is required')
+  const assetName = asset.name
   if (inputs instanceof UtxoCollection) {
     inputs = Array.from(inputs).map((utxo) => utxo.script || null)
   }
@@ -78,7 +80,7 @@ export const getSizeFactory = ({ ecc }) => (
       const scriptBuffer = Buffer.from(script, 'hex')
       const scriptType = classifyOutput(scriptBuffer)
 
-      const supportedTypes = supportedInputTypes[asset.name] || supportedInputTypes.default
+      const supportedTypes = supportedInputTypes[assetName] || supportedInputTypes.default
       assert(
         supportedTypes.includes(scriptType),
         `Only ${supportedTypes.join(', ')} inputs supported right now`
@@ -93,19 +95,21 @@ export const getSizeFactory = ({ ecc }) => (
     varuint.encodingLength(outputs.length) + // outputs_len
     // output[]
     outputs.reduce((t, output) => {
-      if (output === null) output = get(asset, 'address.versions.bech32') ? 'P2WSH' : 'P2PKH'
+      // if (output === null) output = get(asset, 'address.versions.bech32') ? 'P2WSH' : 'P2PKH'
+
+      if (output === null) output = defaultOutputType
 
       let scriptType = scriptClassify.types[output]
-      const supportedTypes = supportedOutputTypes[asset.name] || supportedOutputTypes.default
+      const supportedTypes = supportedOutputTypes[assetName] || supportedOutputTypes.default
 
       if (!supportedTypes.includes(scriptType)) {
-        if (asset.address.isP2PKH(output)) scriptType = P2PKH
-        else if (asset.address.isP2SH(output)) scriptType = P2SH
-        else if (asset.address.isP2WPKH && asset.address.isP2WPKH(output)) scriptType = P2WPKH
-        else if (asset.address.isP2TR && asset.address.isP2TR(output)) scriptType = P2TR
-        else if (asset.address.isP2WSH && asset.address.isP2WSH(output)) scriptType = P2WSH
+        if (addressApi.isP2PKH(output)) scriptType = P2PKH
+        else if (addressApi.isP2SH(output)) scriptType = P2SH
+        else if (addressApi.isP2WPKH && addressApi.isP2WPKH(output)) scriptType = P2WPKH
+        else if (addressApi.isP2TR && addressApi.isP2TR(output)) scriptType = P2TR
+        else if (addressApi.isP2WSH && addressApi.isP2WSH(output)) scriptType = P2WSH
         else {
-          scriptType = classifyOutput(asset.address.toScriptPubKey(output))
+          scriptType = classifyOutput(addressApi.toScriptPubKey(output))
         }
       }
       assert(
@@ -160,5 +164,8 @@ export const getSizeFactory = ({ ecc }) => (
   return Math.ceil(weight / 4)
 }
 
-const getFeeEstimatorFactory = ({ ecc }) => createDefaultFeeEstimator(getSizeFactory({ ecc }))
+const getFeeEstimatorFactory = ({ ecc, defaultOutputType, addressApi }) => {
+  const getSize = getSizeFactory({ ecc, defaultOutputType, addressApi })
+  return createDefaultFeeEstimator(getSize)
+}
 export default getFeeEstimatorFactory

package/src/index.js

@@ -15,3 +15,4 @@ export * from './tx-log'
 export * from './unconfirmed-ancestor-data'
 export * from './parse-unsigned-tx'
 export * from './insight-api-client/util'
+export * from './move-funds'

package/src/move-funds.js

@@ -0,0 +1,172 @@
+import wif from 'wif'
+import { UtxoCollection, Address } from '@exodus/models'
+import { createInputs, createOutput, getNonWitnessTxs } from './tx-send'
+import assert from 'minimalistic-assert'
+import assets from '@exodus/assets'
+
+export const moveFundsFactory = ({ insightClient, getFeeEstimator, keys, signTx, address }) => {
+  assert(insightClient, 'insightClient is required')
+  assert(getFeeEstimator, 'getFeeEstimator is required')
+  assert(address, 'address is required')
+  assert(keys, 'keys is required')
+  assert(signTx, 'signTx is required')
+  async function prepareFunds(assetName, input, options = {}) {
+    const asset = assets[assetName]
+    const { toAddress, assetClientInterface, MoveFundsError, walletAccount } = options
+    assert(MoveFundsError, 'MoveFundsError is required') // should we move MoveFundsError to asset libs?
+    assert(toAddress, 'toAddress is required')
+    assert(assetClientInterface, 'assetClientInterface is required')
+    assert(walletAccount, 'walletAccount is required')
+
+    const formatProps = {
+      asset,
+      input,
+    }
+    const privateKey = input
+
+    if (!isValidPrivateKey(privateKey)) {
+      throw new MoveFundsError('private-key-invalid', formatProps)
+    }
+
+    const { compressed } = wif.decode(privateKey)
+    const addresses = getAllAddressesFromWIF(privateKey)
+
+    const receiveAddresses = await assetClientInterface.getReceiveAddresses({
+      walletAccount,
+      assetName,
+      multiAddressMode: true,
+    })
+
+    let found, address, utxos
+    for (address of addresses) {
+      const selfSend = receiveAddresses.some(
+        (receiveAddress) => String(receiveAddress) === String(address)
+      )
+      if (selfSend) {
+        throw new MoveFundsError('private-key-own-key', formatProps)
+      }
+
+      utxos = await getUtxos({ asset, address })
+
+      if (!utxos.value.isZero) {
+        found = true
+        break
+      }
+    }
+    if (!found) {
+      formatProps.fromAddress = addresses.join(' or ')
+      throw new MoveFundsError('balance-zero', formatProps)
+    }
+    const fromAddress = address
+    formatProps.fromAddress = fromAddress
+
+    const feeData = await assetClientInterface.getFeeConfig({ assetName })
+    const fee = getFee({ asset, feeData, utxos, compressed })
+
+    let amount = utxos.value.sub(fee)
+    if (amount.isNegative) {
+      throw new MoveFundsError('balance-negative', formatProps)
+    }
+
+    return { fromAddress, toAddress, amount, fee, utxos, privateKey }
+  }
+
+  const sendFunds = async (
+    assetName,
+    { fromAddress, toAddress, amount, fee, utxos, privateKey }
+  ) => {
+    assert(fromAddress, 'fromAddress is required')
+    assert(toAddress, 'toAddress is required')
+    assert(fee, 'fee is required')
+    assert(utxos, 'utxos is required')
+    assert(privateKey, 'privateKey is required')
+    const selected = utxos
+    const privateKeysAddressMap = {
+      [fromAddress]: privateKey,
+    }
+    const unsignedTx = {
+      txData: {
+        inputs: createInputs(assetName, selected.toArray()),
+        outputs: [createOutput(assetName, toAddress, amount)],
+      },
+      txMeta: {
+        addressPathsMap: selected.getAddressPathsMap(),
+      },
+    }
+    const nonWitnessTxs = await getNonWitnessTxs(
+      { name: assetName, address }, // pretty ugly hack!
+      selected,
+      insightClient
+    )
+    Object.assign(unsignedTx.txMeta, { rawTxs: nonWitnessTxs })
+
+    const { rawTx, txId } = await signTx({ unsignedTx, privateKeysAddressMap })
+
+    await insightClient.broadcastTx(rawTx.toString('hex'))
+
+    return { txId, fromAddress, toAddress, amount, fee }
+  }
+
+  function getAllAddressesFromWIF(privateKeyWIF) {
+    const { compressed } = wif.decode(privateKeyWIF)
+    const legacyAddress = keys.encodePublicFromWIF(privateKeyWIF)
+    // TODO: support nested segwit address, right now we don't support send
+    // const nestedSegwitAddress = encodeNestedSegwitFromWIF(privateKeyWIF, { asset })
+    const nativeSegwitAddress = keys.encodePublicBech32FromWIF(privateKeyWIF)
+
+    if (compressed) {
+      return [nativeSegwitAddress, legacyAddress]
+    } else {
+      return [legacyAddress]
+    }
+  }
+
+  /*
+function getPublicFromWIF(privateKeyWIF, { asset }) {
+  const { versions } = asset.coinInfo
+  const { privateKey, compressed } = wif.decode(privateKeyWIF, versions.private)
+  return secp256k1.pointFromScalar(privateKey, compressed)
+}
+
+function encodeNestedSegwitFromWIF(privateKeyWIF, { asset }) {
+  const publicKey = getPublicFromWIF(privateKeyWIF, { asset })
+  const witnessProgram = bitcoinjs.payments.p2wpkh({ pubkey: publicKey }).output
+  const witnessProgramHash = bitcoinjs.crypto.hash160(witnessProgram)
+  return bitcoinjs.address.toBase58Check(witnessProgramHash, asset.coinInfo.versions.scripthash)
+}
+*/
+
+  async function getUtxos({ asset, address }) {
+    const rawUtxos = await insightClient.fetchUTXOs([address])
+    return UtxoCollection.fromArray(
+      rawUtxos.map((utxo) => ({
+        txId: utxo.txId,
+        vout: utxo.vout,
+        value: asset.currency.defaultUnit(utxo.value),
+        address: Address.create(utxo.address, { path: 'm/0/0' }),
+        script: utxo.script,
+      })),
+      { currency: asset.currency }
+    )
+  }
+
+  function getFee({ asset, feeData, utxos, compressed }) {
+    const { feePerKB } = feeData
+    const feeEstimator = getFeeEstimator(asset, feePerKB, { compressed })
+    return feeEstimator({ inputs: utxos, outputs: [null] }).toDefault()
+  }
+
+  function isValidPrivateKey(privateKey) {
+    try {
+      wif.decode(privateKey)
+      return true
+    } catch (err) {
+      return false
+    }
+  }
+
+  return {
+    prepareFunds,
+    sendFunds,
+  }
+}

package/src/tx-sign/default-create-tx.js

@@ -18,9 +18,10 @@ export const signTxFactory = ({ assetName, resolvePurpose, keys, coinInfo, netwo
   assert(keys, 'keys is required')
   assert(coinInfo, 'coinInfo is required')
   assert(ecc, 'ecc is required')
-  return async ({ unsignedTx, hdkeys }): Object => {
+  return async ({ unsignedTx, hdkeys, privateKeysAddressMap }): Object => {
     assert(unsignedTx, 'unsignedTx is required')
-    const { privateKeysAddressMap, addressPathsMap, rawTxs } = unsignedTx.txMeta
+    assert(hdkeys || privateKeysAddressMap, 'hdkeys or privateKeysAddressMap is required')
+    const { addressPathsMap, rawTxs } = unsignedTx.txMeta
     const { inputs, outputs } = unsignedTx.txData
     const networkInfo = { ...coinInfo.toBitcoinJS(), messagePrefix: '' }
 
@@ -36,9 +37,12 @@ export const signTxFactory = ({ assetName, resolvePurpose, keys, coinInfo, netwo
 
     const getKeyAndPurpose = lodash.memoize((address) => {
       // TODO: Consider using privateKeysAddressMap for other assets
-      if (privateKeysAddressMap) return ECPair.fromWIF(privateKeysAddressMap[address], networkInfo)
-      const path = addressPathsMap[address]
       const purpose = resolvePurpose(address)
+      if (privateKeysAddressMap) {
+        const key = ECPair.fromWIF(privateKeysAddressMap[address], networkInfo)
+        return { key, purpose }
+      }
+      const path = addressPathsMap[address]
       assert(hdkeys, 'hdkeys must be provided')
       assert(purpose, `purpose for address ${address} could not be resolved`)
       const hdkey = hdkeys[purpose]
@@ -76,7 +80,7 @@ export const signTxFactory = ({ assetName, resolvePurpose, keys, coinInfo, netwo
       const { address } = inputs[index]
       const { key, purpose } = getKeyAndPurpose(address)
       if (ecc.signSchnorrAsync) {
-        // desktop / BE signing
+        // desktop / BE / mobile with bip-schnorr signing
         const isTaprootAddress = purpose === 86
         const signingKey = isTaprootAddress
           ? tweakSigner({ signer: key, ECPair, ecc, network })

package/src/utxos-utils.js

@@ -2,7 +2,6 @@
 import { UtxoCollection } from '@exodus/models'
 import { findLargeUnconfirmedTxs } from './tx-utils'
 import assert from 'minimalistic-assert'
-import { mapValues } from '@exodus/basic-utils'
 
 export function getUtxos({ accountState, asset }) {
   return (
@@ -28,19 +27,18 @@ export const getBalancesFactory = ({ taprootEnabled, feeData }) => {
       feeData,
       taprootEnabled,
     }).value
-    return mapValues({ balance, spendableBalance }, (balance) => (balance.isZero ? null : balance))
+    return { balance, spendableBalance }
   }
 }
 
-const isTaprootUtxo = (asset, utxo) =>
-  String(utxo.address).startsWith(asset.address.versions.taproot)
+const isTaprootUtxo = ({ utxo }) => String(utxo.address).length === 62
 
 export function getSpendableUtxos({ asset, utxos, feeData, txSet, taprootEnabled }) {
   if (!['bitcoin', 'bitcointestnet', 'bitcoinregtest'].includes(asset.name)) return utxos
 
   if (!taprootEnabled) {
     utxos = UtxoCollection.fromArray(
-      utxos.toArray().filter((utxo) => !isTaprootUtxo(asset, utxo)),
+      utxos.toArray().filter((utxo) => !isTaprootUtxo({ utxo })),
       { currency: asset.currency }
     )
   }