@neuraiproject/neurai-message 0.8.1 → 0.9.1

package/src/legacy-message.ts

@@ -0,0 +1,140 @@
+import { Buffer } from "buffer";
+import { hmac } from "@noble/hashes/hmac.js";
+import { sha256 as nobleSha256 } from "@noble/hashes/sha2.js";
+import * as secp256k1 from "@noble/secp256k1";
+import { bech32 } from "bech32";
+import bs58check from "bs58check";
+import createHash from "create-hash";
+import varuint from "varuint-bitcoin";
+
+secp256k1.hashes.hmacSha256 = (key, msg) => hmac(nobleSha256, key, msg);
+secp256k1.hashes.sha256 = nobleSha256;
+
+function sha256(bytes: Uint8Array) {
+  return createHash("sha256").update(bytes).digest();
+}
+
+function hash256(bytes: Uint8Array) {
+  return sha256(sha256(bytes));
+}
+
+function hash160(bytes: Uint8Array) {
+  return createHash("ripemd160").update(sha256(bytes)).digest();
+}
+
+function encodeCompactSignature(
+  signature: Uint8Array,
+  recovery: number,
+  compressed: boolean
+) {
+  let header = recovery + 27;
+  if (compressed) {
+    header += 4;
+  }
+  return Buffer.concat([Buffer.from([header]), Buffer.from(signature)]);
+}
+
+function decodeCompactSignature(buffer: Buffer) {
+  if (buffer.length !== 65) {
+    throw new Error("Invalid signature length");
+  }
+
+  const flagByte = buffer.readUInt8(0) - 27;
+  if (flagByte < 0 || flagByte > 15) {
+    throw new Error("Invalid signature parameter");
+  }
+
+  return {
+    compressed: !!(flagByte & 12),
+    recovery: flagByte & 3,
+    signature: buffer.subarray(1),
+    segwitType: !(flagByte & 8)
+      ? null
+      : !(flagByte & 4)
+        ? "p2sh(p2wpkh)"
+        : "p2wpkh",
+  };
+}
+
+function decodeBech32Address(address: string) {
+  const result = bech32.decode(address);
+  return Buffer.from(bech32.fromWords(result.words.slice(1)));
+}
+
+function segwitRedeemHash(publicKeyHash: Uint8Array) {
+  const redeemScript = Buffer.concat([
+    Buffer.from("0014", "hex"),
+    Buffer.from(publicKeyHash),
+  ]);
+  return hash160(redeemScript);
+}
+
+export function magicHash(message: string | Buffer, messagePrefix: string | Buffer) {
+  const prefix = Buffer.isBuffer(messagePrefix)
+    ? messagePrefix
+    : Buffer.from(messagePrefix, "utf8");
+  const payload = Buffer.isBuffer(message)
+    ? message
+    : Buffer.from(message, "utf8");
+  const messageVISize = varuint.encodingLength(payload.length);
+  const buffer = Buffer.allocUnsafe(prefix.length + messageVISize + payload.length);
+
+  prefix.copy(buffer, 0);
+  varuint.encode(payload.length, buffer, prefix.length);
+  payload.copy(buffer, prefix.length + messageVISize);
+
+  return hash256(buffer);
+}
+
+export function signLegacyMessage(
+  message: string,
+  privateKey: Uint8Array,
+  compressed: boolean,
+  messagePrefix: string | Buffer
+) {
+  const hash = magicHash(message, messagePrefix);
+  const recoveredSignature = secp256k1.sign(hash, Buffer.from(privateKey), {
+    prehash: false,
+    format: "recovered",
+  });
+  return encodeCompactSignature(
+    recoveredSignature.subarray(1),
+    recoveredSignature[0],
+    compressed
+  );
+}
+
+export function verifyLegacyCompactMessage(
+  message: string,
+  address: string,
+  signature: Uint8Array,
+  messagePrefix: string | Buffer
+) {
+  const parsed = decodeCompactSignature(Buffer.from(signature));
+  const hash = magicHash(message, messagePrefix);
+  const recoveredSignature = Buffer.concat([
+    Buffer.from([parsed.recovery]),
+    Buffer.from(parsed.signature),
+  ]);
+  const publicKey = Buffer.from(
+    secp256k1.recoverPublicKey(recoveredSignature, hash, {
+      prehash: false,
+    })
+  );
+  const normalizedPublicKey = parsed.compressed
+    ? publicKey
+    : Buffer.from(secp256k1.Point.fromBytes(publicKey).toBytes(false));
+  const publicKeyHash = hash160(normalizedPublicKey);
+
+  if (parsed.segwitType === "p2sh(p2wpkh)") {
+    return segwitRedeemHash(publicKeyHash).equals(
+      Buffer.from(bs58check.decode(address).slice(1))
+    );
+  }
+
+  if (parsed.segwitType === "p2wpkh") {
+    return publicKeyHash.equals(decodeBech32Address(address));
+  }
+
+  return publicKeyHash.equals(Buffer.from(bs58check.decode(address).slice(1)));
+}

package/test.spec.js

@@ -0,0 +1,110 @@
+const { createHash } = require("crypto");
+const { bech32m } = require("bech32");
+const {
+  sign,
+  signPQMessage,
+  verifyMessage,
+  verifyPQMessage,
+} = require("./dist/index.cjs");
+
+const compressed = true;
+const privateKey = Buffer.from(
+  "79b4c20524324622cacbf7a7b428542e90d674274b99e3f54816d447e57412ae",
+  "hex"
+);
+const address = "RVDUQTULaceEudDsgqCQBT6bfcdqUSvJPV";
+const message = "Hello world";
+const signature = sign(message, privateKey, compressed);
+
+function sha256(bytes) {
+  return createHash("sha256").update(bytes).digest();
+}
+
+function taggedHash(tag, bytes) {
+  const tagHash = sha256(Buffer.from(tag, "utf8"));
+  return sha256(Buffer.concat([tagHash, tagHash, Buffer.from(bytes)]));
+}
+
+function createDefaultPQAuthScriptAddress(hrp, serializedPublicKey) {
+  const authDescriptor = Buffer.concat([
+    Buffer.from([0x01]),
+    createHash("ripemd160").update(sha256(serializedPublicKey)).digest(),
+  ]);
+  const witnessScriptHash = sha256(Buffer.from([0x51]));
+  const commitment = taggedHash(
+    "NeuraiAuthScript",
+    Buffer.concat([Buffer.from([0x01]), authDescriptor, witnessScriptHash])
+  );
+  const words = bech32m.toWords(commitment);
+  words.unshift(1);
+  return bech32m.encode(hrp, words);
+}
+
+test("Verify valid message signature", () => {
+  const result = verifyMessage(message, address, signature);
+
+  expect(result).toBe(true);
+});
+
+test("Verify unvalid message signature", () => {
+  const result = verifyMessage(
+    message + " change the message",
+    address,
+    signature
+  );
+  expect(result).toBe(false);
+});
+
+test("Verify valid PQ message signature", async () => {
+  const { ml_dsa44 } = await import("@noble/post-quantum/ml-dsa.js");
+  const seed = Buffer.alloc(32, 7);
+  const keys = ml_dsa44.keygen(seed);
+  const serializedPublicKey = Buffer.concat([
+    Buffer.from([0x05]),
+    Buffer.from(keys.publicKey),
+  ]);
+  const pqAddress = createDefaultPQAuthScriptAddress("tnq", serializedPublicKey);
+  const pqMessage = "Hello from PQ";
+  const pqSignature = signPQMessage(pqMessage, keys.secretKey, keys.publicKey);
+
+  expect(verifyPQMessage(pqMessage, pqAddress, pqSignature)).toBe(true);
+  expect(verifyMessage(pqMessage, pqAddress, pqSignature)).toBe(true);
+});
+
+test("Reject invalid PQ message signature", async () => {
+  const { ml_dsa44 } = await import("@noble/post-quantum/ml-dsa.js");
+  const seed = Buffer.alloc(32, 9);
+  const keys = ml_dsa44.keygen(seed);
+  const serializedPublicKey = Buffer.concat([
+    Buffer.from([0x05]),
+    Buffer.from(keys.publicKey),
+  ]);
+  const pqAddress = createDefaultPQAuthScriptAddress("tnq", serializedPublicKey);
+  const pqMessage = "Hello from PQ";
+  const pqSignature = signPQMessage(pqMessage, keys.secretKey, keys.publicKey);
+
+  expect(verifyMessage(pqMessage + " changed", pqAddress, pqSignature)).toBe(
+    false
+  );
+});
+
+test("Reject old PQ witness-v1 keyhash addresses", async () => {
+  const { ml_dsa44 } = await import("@noble/post-quantum/ml-dsa.js");
+  const seed = Buffer.alloc(32, 11);
+  const keys = ml_dsa44.keygen(seed);
+  const serializedPublicKey = Buffer.concat([
+    Buffer.from([0x05]),
+    Buffer.from(keys.publicKey),
+  ]);
+  const oldProgram = createHash("ripemd160")
+    .update(sha256(serializedPublicKey))
+    .digest();
+  const words = bech32m.toWords(oldProgram);
+  words.unshift(1);
+  const oldPqAddress = bech32m.encode("tnq", words);
+  const pqMessage = "Hello from PQ";
+  const pqSignature = signPQMessage(pqMessage, keys.secretKey, keys.publicKey);
+
+  expect(verifyPQMessage(pqMessage, oldPqAddress, pqSignature)).toBe(false);
+  expect(verifyMessage(pqMessage, oldPqAddress, pqSignature)).toBe(false);
+});

package/tsconfig.json

@@ -12,5 +12,5 @@
     "emitDeclarationOnly": true,
     "outDir": "dist"
   },
-  "include": ["index.ts"]
-}
+  "include": ["index.ts", "src/**/*.ts"]
+}

package/vitest.config.mjs

@@ -0,0 +1,7 @@
+import { defineConfig } from "vitest/config";
+
+export default defineConfig({
+  test: {
+    globals: true,
+  },
+});

package/test.js

@@ -1,77 +0,0 @@
-const { createHash } = require("crypto");
-const { bech32m } = require("bech32");
-const {
-  sign,
-  signPQMessage,
-  verifyMessage,
-  verifyPQMessage,
-} = require("./dist/main");
-
-const compressed = true;
-const privateKey = Buffer.from(
-  "79b4c20524324622cacbf7a7b428542e90d674274b99e3f54816d447e57412ae",
-  "hex"
-);
-const address = "RVDUQTULaceEudDsgqCQBT6bfcdqUSvJPV";
-const message = "Hello world";
-const signature = sign(message, privateKey, compressed);
-
-test("Verify valid message signature", () => {
-  const result = verifyMessage(message, address, signature);
-
-  expect(result).toBe(true);
-});
-
-test("Verify unvalid message signature", () => {
-  const result = verifyMessage(
-    message + " change the message",
-    address,
-    signature
-  );
-  expect(result).toBe(false);
-});
-
-test("Verify valid PQ message signature", () => {
-  return import("@noble/post-quantum/ml-dsa.js").then(({ ml_dsa44 }) => {
-  const seed = Buffer.alloc(32, 7);
-  const keys = ml_dsa44.keygen(seed);
-  const serializedPublicKey = Buffer.concat([
-    Buffer.from([0x05]),
-    Buffer.from(keys.publicKey),
-  ]);
-  const program = createHash("ripemd160")
-    .update(createHash("sha256").update(serializedPublicKey).digest())
-    .digest();
-  const words = bech32m.toWords(program);
-  words.unshift(1);
-  const pqAddress = bech32m.encode("tnq", words);
-  const pqMessage = "Hello from PQ";
-  const pqSignature = signPQMessage(pqMessage, keys.secretKey, keys.publicKey);
-
-  expect(verifyPQMessage(pqMessage, pqAddress, pqSignature)).toBe(true);
-  expect(verifyMessage(pqMessage, pqAddress, pqSignature)).toBe(true);
-  });
-});
-
-test("Reject invalid PQ message signature", () => {
-  return import("@noble/post-quantum/ml-dsa.js").then(({ ml_dsa44 }) => {
-  const seed = Buffer.alloc(32, 9);
-  const keys = ml_dsa44.keygen(seed);
-  const serializedPublicKey = Buffer.concat([
-    Buffer.from([0x05]),
-    Buffer.from(keys.publicKey),
-  ]);
-  const program = createHash("ripemd160")
-    .update(createHash("sha256").update(serializedPublicKey).digest())
-    .digest();
-  const words = bech32m.toWords(program);
-  words.unshift(1);
-  const pqAddress = bech32m.encode("tnq", words);
-  const pqMessage = "Hello from PQ";
-  const pqSignature = signPQMessage(pqMessage, keys.secretKey, keys.publicKey);
-
-  expect(verifyMessage(pqMessage + " changed", pqAddress, pqSignature)).toBe(
-    false
-  );
-  });
-});