@notabene/verify-proof 1.11.0 → 1.11.1-next.1

package/README.md

@@ -32,16 +32,28 @@ async function checkProof(proof: OwnershipProof) {
 }
 ```
 
+### SSR/ESM Compatibility
+
+This library is fully compatible with modern SSR frameworks like SvelteKit, Next.js, and others. It uses dynamic imports to ensure that cryptographic dependencies (especially Bitcoin libraries) are loaded on-demand, preventing `Buffer is not defined` errors in SSR environments.
+
+The library automatically sets up a `Buffer` polyfill for browser/SSR environments before any crypto code executes. No additional configuration is required in your consuming application.
+
 ## Supported Proof Types
 
-- Checkbox Confirmation (`ProofTypes.CheckboxConfirmation`)
+- Self Declaration (`ProofTypes.SelfDeclaration`)
 - Screenshot (`ProofTypes.Screenshot`)
-- Personal Sign EIP191 (`ProofTypes.EIP191`)
-- Personal Sign EIP712 (`ProofTypes.EIP712`)
-- Personal Sign BIP137 (`ProofTypes.BIP137`)
-- BIP322 Signature (`ProofTypes.BIP322`)
-- Personal Sign XPUB (`ProofTypes.XPUB`)
-- Micro Transfer (`ProofTypes.MicroTransfer`)
+- Ethereum EIP191 (`ProofTypes.EIP191`)
+- Ethereum EIP712 (`ProofTypes.EIP712`)
+- Bitcoin BIP137 (`ProofTypes.BIP137`)
+- Bitcoin BIP322 (`ProofTypes.BIP322`)
+- Solana ED25519 (`ProofTypes.ED25519`)
+- Solana SIWS (`ProofTypes.SOL_SIWX`)
+- Cardano CIP8 (`ProofTypes.CIP8`)
+- XRPL ED25519 (`ProofTypes.XRP_ED25519`)
+- Stellar XLM ED25519 (`ProofTypes.XLM_ED25519`)
+- Concordium (`ProofTypes.CONCORDIUM`)
+- Cosmos (`ProofTypes.COSMOS`)
+- Tron TIP191 (`ProofTypes.TIP191`)
 
 ## Development
 
@@ -53,16 +65,10 @@ To set up the development environment:
 
 ## Scripts
 
-- `yarn dev`: Start development server
 - `yarn build`: Build the project
 - `yarn lint`: Run linter
-- `yarn test`: Run tests
-
-## Dependencies
-
-- `@notabene/javascript-sdk`: Notabene JavaScript SDK
-- `viem`: Ethereum utility library
-- `bitcoinjs-message`: Bitcoin message signing and verification
+- `yarn test:unit`: Run tests
+- `yarn test:coverage`: Run tests with coverage
 
 ## License
 

package/dist/bitcoin-3CW4MNAW.cjs

@@ -0,0 +1,314 @@
+'use strict';
+
+var buffer = require('buffer');
+require('./chunk-OAXNH5XR.cjs');
+var javascriptSdk = require('@notabene/javascript-sdk');
+var varuintBitcoin = require('varuint-bitcoin');
+var base = require('@scure/base');
+var ox = require('ox');
+var secp256k1 = require('@noble/curves/secp256k1');
+var bip322Js = require('bip322-js');
+
+if (typeof globalThis !== 'undefined' && !globalThis.Buffer) { globalThis.Buffer = buffer.Buffer; }
+var CHAIN_CONFIGS = {
+  bitcoin: {
+    messagePrefix: "Bitcoin Signed Message:\n",
+    pubKeyHashVersion: 0,
+    // 1...
+    scriptHashVersion: 5,
+    // 3...
+    bech32Prefix: "bc",
+    isTestnet: false
+  },
+  bitcoincash: {
+    messagePrefix: "Bitcoin Signed Message:\n",
+    pubKeyHashVersion: 0,
+    // 1...
+    scriptHashVersion: 5,
+    // 3...
+    bech32Prefix: "bc",
+    isTestnet: false
+  },
+  litecoin: {
+    messagePrefix: "Litecoin Signed Message:\n",
+    pubKeyHashVersion: 48,
+    // L... or M...
+    scriptHashVersion: 50,
+    // 3... or M...
+    bech32Prefix: "ltc",
+    isTestnet: false
+  },
+  dogecoin: {
+    messagePrefix: "Dogecoin Signed Message:\n",
+    pubKeyHashVersion: 30,
+    // D...
+    scriptHashVersion: 22,
+    // A...
+    isTestnet: false
+  },
+  dash: {
+    messagePrefix: "DarkCoin Signed Message:\n",
+    pubKeyHashVersion: 76,
+    // X...
+    scriptHashVersion: 16,
+    // 7...
+    isTestnet: false
+  },
+  zcash: {
+    messagePrefix: "Zcash Signed Message:\n",
+    pubKeyHashVersion: Uint8Array.from([28, 184]),
+    // <-- FIXED
+    scriptHashVersion: Uint8Array.from([28, 189]),
+    isTestnet: false
+  },
+  testnet: {
+    messagePrefix: "Bitcoin Signed Message:\n",
+    pubKeyHashVersion: 111,
+    // m or n
+    scriptHashVersion: 196,
+    // 2
+    bech32Prefix: "tb",
+    isTestnet: true
+  }
+};
+async function verifyBTCSignature(proof) {
+  const [ns, , address] = proof.address.split(/:/);
+  if (ns !== "bip122") return { ...proof, status: javascriptSdk.ProofStatus.FAILED };
+  const chainConfig = getChainConfig(address);
+  if (!chainConfig) return { ...proof, status: javascriptSdk.ProofStatus.FAILED };
+  const isZcash = address.startsWith("t1") || address.startsWith("t3");
+  if (isZcash) {
+    return verifyBIP137(address, proof, chainConfig);
+  }
+  if (chainConfig.isTestnet) {
+    return verifyBIP322(address, proof);
+  }
+  const isTaproot = address.startsWith("bc1p") || address.startsWith("tb1p");
+  if (isTaproot && proof.type === javascriptSdk.ProofTypes.BIP137) {
+    return verifyBIP322(address, proof);
+  }
+  try {
+    switch (proof.type) {
+      case javascriptSdk.ProofTypes.BIP137:
+        return verifyBIP137(address, proof, chainConfig);
+      case javascriptSdk.ProofTypes.BIP322:
+        return verifyBIP322(address, proof);
+      default:
+        return {
+          ...proof,
+          status: javascriptSdk.ProofStatus.FAILED
+        };
+    }
+  } catch {
+    return {
+      ...proof,
+      status: javascriptSdk.ProofStatus.FAILED
+    };
+  }
+}
+function getChainConfig(address) {
+  if (address.startsWith("1") || address.startsWith("3") || address.startsWith("bc1")) {
+    return CHAIN_CONFIGS["bitcoin"];
+  }
+  if (address.startsWith("t1") || address.startsWith("t3")) {
+    return CHAIN_CONFIGS["zcash"];
+  }
+  if (address.startsWith("L") || address.startsWith("M") || address.startsWith("ltc1")) {
+    return CHAIN_CONFIGS["litecoin"];
+  }
+  if (address.startsWith("D") || address.startsWith("A")) {
+    return CHAIN_CONFIGS["dogecoin"];
+  }
+  if (address.startsWith("X") || address.startsWith("7")) {
+    return CHAIN_CONFIGS["dash"];
+  }
+  if (address.startsWith("q")) {
+    return CHAIN_CONFIGS["bitcoincash"];
+  }
+  if (address.startsWith("tb1")) {
+    return CHAIN_CONFIGS["testnet"];
+  }
+  return CHAIN_CONFIGS["bitcoin"];
+}
+function verifyBIP322(address, proof) {
+  const { attestation, proof: signatureProof } = proof;
+  const verified = bip322Js.Verifier.verifySignature(
+    address,
+    attestation,
+    signatureProof
+  );
+  return {
+    ...proof,
+    status: verified ? javascriptSdk.ProofStatus.VERIFIED : javascriptSdk.ProofStatus.FAILED
+  };
+}
+function verifyBIP137(address, proof, chainConfig) {
+  const derivationMode = getDerivationMode(address);
+  const useSegwitEncoding = Boolean(
+    chainConfig.bech32Prefix && (derivationMode === "Native SegWit" /* NATIVE */ || derivationMode === "SegWit" /* SEGWIT */ && !address.startsWith("1"))
+  );
+  const verified = verify(
+    proof.attestation,
+    address,
+    proof.proof,
+    useSegwitEncoding,
+    chainConfig
+  );
+  return {
+    ...proof,
+    status: verified ? javascriptSdk.ProofStatus.VERIFIED : javascriptSdk.ProofStatus.FAILED
+  };
+}
+function getDerivationMode(address) {
+  if (address.match("^(bc1|tb1|ltc1).*")) {
+    return "Native SegWit" /* NATIVE */;
+  } else if (address.match("^[32M].*")) {
+    return "SegWit" /* SEGWIT */;
+  } else if (address.match("^[1nmL].*")) {
+    return "Legacy" /* LEGACY */;
+  } else if (address.match("^(D).*")) {
+    return "Dogecoin" /* DOGECOIN */;
+  } else if (address.match("^(q).*")) {
+    return "Bitcoin Cash" /* BCH */;
+  } else if (address.match("^(t1|t3).*")) {
+    return "Legacy" /* LEGACY */;
+  } else if (address.match("^[X7].*")) {
+    return "Legacy" /* LEGACY */;
+  } else {
+    throw new Error(
+      "INVALID ADDRESS: ".concat(address).concat(" is not a valid or a supported address")
+    );
+  }
+}
+function decodeSignature(proof) {
+  const sigbytes = base.base64.decode(proof);
+  if (sigbytes.length !== 65) throw new Error("Invalid signature length");
+  const flagByte = sigbytes[0] - 27;
+  if (flagByte > 15 || flagByte < 0) {
+    throw new Error("Invalid signature parameter");
+  }
+  const compressed = !!(flagByte & 12);
+  const recovery = flagByte & 3;
+  const signature = secp256k1.secp256k1.Signature.fromCompact(sigbytes.slice(1));
+  return {
+    compressed,
+    segwitType: !(flagByte & 8) ? void 0 : !(flagByte & 4) ? "p2sh(p2wpkh)" /* P2SH_P2WPKH */ : "p2wpkh" /* P2WPKH */,
+    signature: signature.addRecoveryBit(recovery)
+  };
+}
+function verify(attestation, address, proof, checkSegwitAlways, chainConfig) {
+  const { compressed, segwitType, signature } = decodeSignature(proof);
+  if (checkSegwitAlways && !compressed) {
+    throw new Error(
+      "checkSegwitAlways can only be used with a compressed pubkey signature flagbyte"
+    );
+  }
+  const hash = magicHash(attestation, chainConfig.messagePrefix);
+  const publicKey = signature.recoverPublicKey(hash);
+  const publicKeyBytes = publicKey.toRawBytes(compressed);
+  const publicKeyHash = hash160(publicKeyBytes);
+  let actual = "";
+  if (address.startsWith("q")) {
+    actual = encodeBase58AddressFormat(
+      chainConfig.pubKeyHashVersion,
+      publicKeyHash
+    );
+    return actual.startsWith("1");
+  }
+  if (segwitType) {
+    if (segwitType === "p2sh(p2wpkh)" /* P2SH_P2WPKH */) {
+      actual = encodeBase58AddressFormat(
+        chainConfig.scriptHashVersion,
+        publicKeyHash
+      );
+    } else {
+      if (chainConfig.bech32Prefix) {
+        actual = encodeBech32Address(publicKeyHash, chainConfig.bech32Prefix);
+      } else {
+        actual = encodeBase58AddressFormat(
+          chainConfig.scriptHashVersion,
+          publicKeyHash
+        );
+      }
+    }
+  } else {
+    if (address.startsWith("3") && !segwitType) {
+      const redeemScript = new Uint8Array(22);
+      redeemScript[0] = 0;
+      redeemScript[1] = 20;
+      redeemScript.set(publicKeyHash, 2);
+      const redeemScriptHash = hash160(redeemScript);
+      const p2shP2wpkh = encodeBase58AddressFormat(
+        chainConfig.scriptHashVersion,
+        redeemScriptHash
+      );
+      const legacyP2sh = encodeBase58AddressFormat(
+        chainConfig.scriptHashVersion,
+        publicKeyHash
+      );
+      if (address === p2shP2wpkh || address === legacyP2sh) {
+        return true;
+      }
+      actual = legacyP2sh;
+    } else if (address.startsWith("bc1q") || address.startsWith("tb1q") || address.startsWith("ltc1q")) {
+      if (chainConfig.bech32Prefix) {
+        actual = encodeBech32Address(publicKeyHash, chainConfig.bech32Prefix);
+      } else {
+        actual = encodeBase58AddressFormat(
+          chainConfig.pubKeyHashVersion,
+          publicKeyHash
+        );
+      }
+    } else if (checkSegwitAlways && chainConfig.bech32Prefix) {
+      try {
+        actual = encodeBech32Address(publicKeyHash, chainConfig.bech32Prefix);
+      } catch (e) {
+        actual = encodeBase58AddressFormat(
+          chainConfig.scriptHashVersion,
+          publicKeyHash
+        );
+      }
+    } else {
+      actual = encodeBase58AddressFormat(
+        chainConfig.pubKeyHashVersion,
+        publicKeyHash
+      );
+    }
+  }
+  return actual === address;
+}
+var base58check = base.createBase58check(ox.Hash.sha256);
+function encodeBase58AddressFormat(version, publicKeyHash) {
+  const prefixBytes = typeof version === "number" ? Uint8Array.of(version) : version;
+  const payload = new Uint8Array(prefixBytes.length + publicKeyHash.length);
+  payload.set(prefixBytes);
+  payload.set(publicKeyHash, prefixBytes.length);
+  return base58check.encode(payload);
+}
+function magicHash(attestation, messagePrefix) {
+  const prefix = new TextEncoder().encode(messagePrefix);
+  const message = new TextEncoder().encode(attestation);
+  const length = varuintBitcoin.encode(message.length).buffer;
+  const buffer = new Uint8Array(
+    prefix.length + length.byteLength + message.length
+  );
+  buffer.set(prefix);
+  buffer.set(new Uint8Array(length), prefix.length);
+  buffer.set(message, prefix.length + length.byteLength);
+  return hash256(buffer);
+}
+function encodeBech32Address(publicKeyHash, prefix = "bc") {
+  const bwords = base.bech32.toWords(publicKeyHash);
+  bwords.unshift(0);
+  return base.bech32.encode(prefix, bwords);
+}
+function hash256(buffer) {
+  return ox.Hash.sha256(ox.Hash.sha256(buffer));
+}
+function hash160(buffer) {
+  return ox.Hash.ripemd160(ox.Hash.sha256(buffer));
+}
+
+exports.verifyBTCSignature = verifyBTCSignature;
+//# sourceMappingURL=bitcoin-3CW4MNAW.cjs.map
+//# sourceMappingURL=bitcoin-3CW4MNAW.cjs.map

package/dist/bitcoin-3CW4MNAW.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/bitcoin.ts"],"names":["ProofStatus","ProofTypes","Verifier","base64","secp256k1","createBase58check","Hash","encodeLength","bech32"],"mappings":";;;;;;;;;;;;AA0BA,IAAM,aAAA,GAA6C;AAAA,EACjD,OAAA,EAAS;AAAA,IACP,aAAA,EAAe,4BAAA;AAAA,IACf,iBAAA,EAAmB,CAAA;AAAA;AAAA,IACnB,iBAAA,EAAmB,CAAA;AAAA;AAAA,IACnB,YAAA,EAAc,IAAA;AAAA,IACd,SAAA,EAAW;AAAA,GACb;AAAA,EACA,WAAA,EAAa;AAAA,IACX,aAAA,EAAe,4BAAA;AAAA,IACf,iBAAA,EAAmB,CAAA;AAAA;AAAA,IACnB,iBAAA,EAAmB,CAAA;AAAA;AAAA,IACnB,YAAA,EAAc,IAAA;AAAA,IACd,SAAA,EAAW;AAAA,GACb;AAAA,EACA,QAAA,EAAU;AAAA,IACR,aAAA,EAAe,6BAAA;AAAA,IACf,iBAAA,EAAmB,EAAA;AAAA;AAAA,IACnB,iBAAA,EAAmB,EAAA;AAAA;AAAA,IACnB,YAAA,EAAc,KAAA;AAAA,IACd,SAAA,EAAW;AAAA,GACb;AAAA,EACA,QAAA,EAAU;AAAA,IACR,aAAA,EAAe,6BAAA;AAAA,IACf,iBAAA,EAAmB,EAAA;AAAA;AAAA,IACnB,iBAAA,EAAmB,EAAA;AAAA;AAAA,IACnB,SAAA,EAAW;AAAA,GACb;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,aAAA,EAAe,6BAAA;AAAA,IACf,iBAAA,EAAmB,EAAA;AAAA;AAAA,IACnB,iBAAA,EAAmB,EAAA;AAAA;AAAA,IACnB,SAAA,EAAW;AAAA,GACb;AAAA,EACA,KAAA,EAAO;AAAA,IACL,aAAA,EAAe,0BAAA;AAAA,IACf,mBAAmB,UAAA,CAAW,IAAA,CAAK,CAAC,EAAA,EAAM,GAAI,CAAC,CAAA;AAAA;AAAA,IAC/C,mBAAmB,UAAA,CAAW,IAAA,CAAK,CAAC,EAAA,EAAM,GAAI,CAAC,CAAA;AAAA,IAC/C,SAAA,EAAW;AAAA,GACb;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,aAAA,EAAe,4BAAA;AAAA,IACf,iBAAA,EAAmB,GAAA;AAAA;AAAA,IACnB,iBAAA,EAAmB,GAAA;AAAA;AAAA,IACnB,YAAA,EAAc,IAAA;AAAA,IACd,SAAA,EAAW;AAAA;AAEf,CAAA;AAaA,eAAsB,mBACpB,KAAA,EACyB;AACzB,EAAA,MAAM,CAAC,MAAM,OAAO,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC/C,EAAA,IAAI,EAAA,KAAO,UAAU,OAAO,EAAE,GAAG,KAAA,EAAO,MAAA,EAAQA,0BAAY,MAAA,EAAO;AAGnE,EAAA,MAAM,WAAA,GAAc,eAAe,OAAO,CAAA;AAC1C,EAAA,IAAI,CAAC,aAAa,OAAO,EAAE,GAAG,KAAA,EAAO,MAAA,EAAQA,0BAAY,MAAA,EAAO;AAEhE,EAAA,MAAM,UAAU,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,IAAK,OAAA,CAAQ,WAAW,IAAI,CAAA;AACnE,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO,YAAA,CAAa,OAAA,EAAS,KAAA,EAAO,WAAW,CAAA;AAAA,EACjD;AAGA,EAAA,IAAI,YAAY,SAAA,EAAW;AACzB,IAAA,OAAO,YAAA,CAAa,SAAS,KAAK,CAAA;AAAA,EACpC;AAGA,EAAA,MAAM,YAAY,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,IAAK,OAAA,CAAQ,WAAW,MAAM,CAAA;AAIzE,EAAA,IAAI,SAAA,IAAa,KAAA,CAAM,IAAA,KAASC,wBAAA,CAAW,MAAA,EAAQ;AACjD,IAAA,OAAO,YAAA,CAAa,SAAS,KAAK,CAAA;AAAA,EACpC;AAEA,EAAA,IAAI;AACF,IAAA,QAAQ,MAAM,IAAA;AAAM,MAClB,KAAKA,wBAAA,CAAW,MAAA;AACd,QAAA,OAAO,YAAA,CAAa,OAAA,EAAS,KAAA,EAAO,WAAW,CAAA;AAAA,MACjD,KAAKA,wBAAA,CAAW,MAAA;AACd,QAAA,OAAO,YAAA,CAAa,SAAS,KAAK,CAAA;AAAA,MACpC;AACE,QAAA,OAAO;AAAA,UACL,GAAG,KAAA;AAAA,UACH,QAAQD,yBAAA,CAAY;AAAA,SACtB;AAAA;AACJ,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,GAAG,KAAA;AAAA,MACH,QAAQA,yBAAA,CAAY;AAAA,KACtB;AAAA,EACF;AACF;AAEA,SAAS,eAAe,OAAA,EAA8B;AACpD,EAAA,IACE,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,IACtB,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,IACtB,OAAA,CAAQ,UAAA,CAAW,KAAK,CAAA,EACxB;AACA,IAAA,OAAO,cAAc,SAAS,CAAA;AAAA,EAChC;AACA,EAAA,IAAI,QAAQ,UAAA,CAAW,IAAI,KAAK,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG;AACxD,IAAA,OAAO,cAAc,OAAO,CAAA;AAAA,EAC9B;AACA,EAAA,IACE,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,IACtB,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,IACtB,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,EACzB;AACA,IAAA,OAAO,cAAc,UAAU,CAAA;AAAA,EACjC;AACA,EAAA,IAAI,QAAQ,UAAA,CAAW,GAAG,KAAK,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,EAAG;AACtD,IAAA,OAAO,cAAc,UAAU,CAAA;AAAA,EACjC;AACA,EAAA,IAAI,QAAQ,UAAA,CAAW,GAAG,KAAK,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,EAAG;AACtD,IAAA,OAAO,cAAc,MAAM,CAAA;AAAA,EAC7B;AACA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,EAAG;AAC3B,IAAA,OAAO,cAAc,aAAa,CAAA;AAAA,EACpC;AACA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,KAAK,CAAA,EAAG;AAC7B,IAAA,OAAO,cAAc,SAAS,CAAA;AAAA,EAChC;AAEA,EAAA,OAAO,cAAc,SAAS,CAAA;AAChC;AAEA,SAAS,YAAA,CAAa,SAAiB,KAAA,EAAuB;AAC5D,EAAA,MAAM,EAAE,WAAA,EAAa,KAAA,EAAO,cAAA,EAAe,GAAI,KAAA;AAC/C,EAAA,MAAM,WAAWE,iBAAA,CAAS,eAAA;AAAA,IACxB,OAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,OAAO;AAAA,IACL,GAAG,KAAA;AAAA,IACH,MAAA,EAAQ,QAAA,GAAWF,yBAAA,CAAY,QAAA,GAAWA,yBAAA,CAAY;AAAA,GACxD;AACF;AAEA,SAAS,YAAA,CACP,OAAA,EACA,KAAA,EACA,WAAA,EACA;AACA,EAAA,MAAM,cAAA,GAAiB,kBAAkB,OAAO,CAAA;AAKhD,EAAA,MAAM,iBAAA,GAAoB,OAAA;AAAA,IACxB,WAAA,CAAY,iBACT,cAAA,KAAmB,eAAA,iBACjB,mBAAmB,QAAA,iBAAyB,CAAC,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AAAA,GAC1E;AAEA,EAAA,MAAM,QAAA,GAAW,MAAA;AAAA,IACf,KAAA,CAAM,WAAA;AAAA,IACN,OAAA;AAAA,IACA,KAAA,CAAM,KAAA;AAAA,IACN,iBAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,OAAO;AAAA,IACL,GAAG,KAAA;AAAA,IACH,MAAA,EAAQ,QAAA,GAAWA,yBAAA,CAAY,QAAA,GAAWA,yBAAA,CAAY;AAAA,GACxD;AACF;AAEA,SAAS,kBAAkB,OAAA,EAAiB;AAC1C,EAAA,IAAI,OAAA,CAAQ,KAAA,CAAM,mBAAmB,CAAA,EAAG;AACtC,IAAA,OAAO,eAAA;AAAA,EACT,CAAA,MAAA,IAAW,OAAA,CAAQ,KAAA,CAAM,UAAU,CAAA,EAAG;AACpC,IAAA,OAAO,QAAA;AAAA,EACT,CAAA,MAAA,IAAW,OAAA,CAAQ,KAAA,CAAM,WAAW,CAAA,EAAG;AACrC,IAAA,OAAO,QAAA;AAAA,EACT,CAAA,MAAA,IAAW,OAAA,CAAQ,KAAA,CAAM,QAAQ,CAAA,EAAG;AAClC,IAAA,OAAO,UAAA;AAAA,EACT,CAAA,MAAA,IAAW,OAAA,CAAQ,KAAA,CAAM,QAAQ,CAAA,EAAG;AAClC,IAAA,OAAO,cAAA;AAAA,EACT,CAAA,MAAA,IAAW,OAAA,CAAQ,KAAA,CAAM,YAAY,CAAA,EAAG;AACtC,IAAA,OAAO,QAAA;AAAA,EACT,CAAA,MAAA,IAAW,OAAA,CAAQ,KAAA,CAAM,SAAS,CAAA,EAAG;AACnC,IAAA,OAAO,QAAA;AAAA,EACT,CAAA,MAAO;AACL,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,mBAAA,CACG,MAAA,CAAO,OAAO,CAAA,CACd,OAAO,wCAAwC;AAAA,KACpD;AAAA,EACF;AACF;AAQA,SAAS,gBAAgB,KAAA,EAAiC;AACxD,EAAA,MAAM,QAAA,GAAWG,WAAA,CAAO,MAAA,CAAO,KAAK,CAAA;AACpC,EAAA,IAAI,SAAS,MAAA,KAAW,EAAA,EAAI,MAAM,IAAI,MAAM,0BAA0B,CAAA;AACtE,EAAA,MAAM,QAAA,GAAW,QAAA,CAAS,CAAC,CAAA,GAAI,EAAA;AAC/B,EAAA,IAAI,QAAA,GAAW,EAAA,IAAM,QAAA,GAAW,CAAA,EAAG;AACjC,IAAA,MAAM,IAAI,MAAM,6BAA6B,CAAA;AAAA,EAC/C;AACA,EAAA,MAAM,UAAA,GAAa,CAAC,EAAE,QAAA,GAAW,EAAA,CAAA;AACjC,EAAA,MAAM,WAAW,QAAA,GAAW,CAAA;AAC5B,EAAA,MAAM,YAAYC,mBAAA,CAAU,SAAA,CAAU,YAAY,QAAA,CAAS,KAAA,CAAM,CAAC,CAAC,CAAA;AAEnE,EAAA,OAAO;AAAA,IACL,UAAA;AAAA,IACA,UAAA,EAAY,EAAE,QAAA,GAAW,CAAA,CAAA,GACrB,SACA,EAAE,QAAA,GAAW,KACb,cAAA,qBACA,QAAA;AAAA,IACJ,SAAA,EAAW,SAAA,CAAU,cAAA,CAAe,QAAQ;AAAA,GAC9C;AACF;AAEA,SAAS,MAAA,CACP,WAAA,EACA,OAAA,EACA,KAAA,EACA,mBACA,WAAA,EACA;AACA,EAAA,MAAM,EAAE,UAAA,EAAY,UAAA,EAAY,SAAA,EAAU,GAAI,gBAAgB,KAAK,CAAA;AACnE,EAAA,IAAI,iBAAA,IAAqB,CAAC,UAAA,EAAY;AACpC,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,KACF;AAAA,EACF;AACA,EAAA,MAAM,IAAA,GAAO,SAAA,CAAU,WAAA,EAAa,WAAA,CAAY,aAAa,CAAA;AAC7D,EAAA,MAAM,SAAA,GAAY,SAAA,CAAU,gBAAA,CAAiB,IAAI,CAAA;AACjD,EAAA,MAAM,cAAA,GAAiB,SAAA,CAAU,UAAA,CAAW,UAAU,CAAA;AACtD,EAAA,MAAM,aAAA,GAAgB,QAAQ,cAAc,CAAA;AAC5C,EAAA,IAAI,MAAA,GAAiB,EAAA;AAGrB,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,EAAG;AAG3B,IAAA,MAAA,GAAS,yBAAA;AAAA,MACP,WAAA,CAAY,iBAAA;AAAA,MACZ;AAAA,KACF;AAGA,IAAA,OAAO,MAAA,CAAO,WAAW,GAAG,CAAA;AAAA,EAC9B;AAEA,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,IAAI,eAAe,cAAA,oBAA0B;AAC3C,MAAA,MAAA,GAAS,yBAAA;AAAA,QACP,WAAA,CAAY,iBAAA;AAAA,QACZ;AAAA,OACF;AAAA,IACF,CAAA,MAAO;AAEL,MAAA,IAAI,YAAY,YAAA,EAAc;AAC5B,QAAA,MAAA,GAAS,mBAAA,CAAoB,aAAA,EAAe,WAAA,CAAY,YAAY,CAAA;AAAA,MACtE,CAAA,MAAO;AAEL,QAAA,MAAA,GAAS,yBAAA;AAAA,UACP,WAAA,CAAY,iBAAA;AAAA,UACZ;AAAA,SACF;AAAA,MAEF;AAAA,IACF;AAAA,EACF,CAAA,MAAO;AAEL,IAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,IAAK,CAAC,UAAA,EAAY;AAE1C,MAAA,MAAM,YAAA,GAAe,IAAI,UAAA,CAAW,EAAE,CAAA;AACtC,MAAA,YAAA,CAAa,CAAC,CAAA,GAAI,CAAA;AAClB,MAAA,YAAA,CAAa,CAAC,CAAA,GAAI,EAAA;AAClB,MAAA,YAAA,CAAa,GAAA,CAAI,eAAe,CAAC,CAAA;AACjC,MAAA,MAAM,gBAAA,GAAmB,QAAQ,YAAY,CAAA;AAC7C,MAAA,MAAM,UAAA,GAAa,yBAAA;AAAA,QACjB,WAAA,CAAY,iBAAA;AAAA,QACZ;AAAA,OACF;AAEA,MAAA,MAAM,UAAA,GAAa,yBAAA;AAAA,QACjB,WAAA,CAAY,iBAAA;AAAA,QACZ;AAAA,OACF;AACA,MAAA,IAAI,OAAA,KAAY,UAAA,IAAc,OAAA,KAAY,UAAA,EAAY;AACpD,QAAA,OAAO,IAAA;AAAA,MACT;AACA,MAAA,MAAA,GAAS,UAAA;AAAA,IACX,CAAA,MAAA,IAAW,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,IAAK,OAAA,CAAQ,UAAA,CAAW,MAAM,CAAA,IAAK,OAAA,CAAQ,UAAA,CAAW,OAAO,CAAA,EAAG;AAGlG,MAAA,IAAI,YAAY,YAAA,EAAc;AAC5B,QAAA,MAAA,GAAS,mBAAA,CAAoB,aAAA,EAAe,WAAA,CAAY,YAAY,CAAA;AAAA,MACtE,CAAA,MAAO;AACL,QAAA,MAAA,GAAS,yBAAA;AAAA,UACP,WAAA,CAAY,iBAAA;AAAA,UACZ;AAAA,SACF;AAAA,MACF;AAAA,IACF,CAAA,MAAA,IAAW,iBAAA,IAAqB,WAAA,CAAY,YAAA,EAAc;AACxD,MAAA,IAAI;AACF,QAAA,MAAA,GAAS,mBAAA,CAAoB,aAAA,EAAe,WAAA,CAAY,YAAY,CAAA;AAAA,MAGtE,SAAS,CAAA,EAAG;AACV,QAAA,MAAA,GAAS,yBAAA;AAAA,UACP,WAAA,CAAY,iBAAA;AAAA,UACZ;AAAA,SACF;AAAA,MAEF;AAAA,IACF,CAAA,MAAO;AACL,MAAA,MAAA,GAAS,yBAAA;AAAA,QACP,WAAA,CAAY,iBAAA;AAAA,QACZ;AAAA,OACF;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA,KAAW,OAAA;AACpB;AAEA,IAAM,WAAA,GAAcC,sBAAA,CAAkBC,OAAA,CAAK,MAAM,CAAA;AAEjD,SAAS,yBAAA,CACP,SACA,aAAA,EACA;AACA,EAAA,MAAM,cACJ,OAAO,OAAA,KAAY,WAAW,UAAA,CAAW,EAAA,CAAG,OAAO,CAAA,GAAI,OAAA;AAEzD,EAAA,MAAM,UAAU,IAAI,UAAA,CAAW,WAAA,CAAY,MAAA,GAAS,cAAc,MAAM,CAAA;AACxE,EAAA,OAAA,CAAQ,IAAI,WAAW,CAAA;AACvB,EAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe,WAAA,CAAY,MAAM,CAAA;AAC7C,EAAA,OAAO,WAAA,CAAY,OAAO,OAAO,CAAA;AACnC;AAEA,SAAS,SAAA,CAAU,aAAqB,aAAA,EAAuB;AAC7D,EAAA,MAAM,MAAA,GAAS,IAAI,WAAA,EAAY,CAAE,OAAO,aAAa,CAAA;AACrD,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY,CAAE,OAAO,WAAW,CAAA;AACpD,EAAA,MAAM,MAAA,GAASC,qBAAA,CAAa,OAAA,CAAQ,MAAM,CAAA,CAAE,MAAA;AAC5C,EAAA,MAAM,SAAS,IAAI,UAAA;AAAA,IACjB,MAAA,CAAO,MAAA,GAAS,MAAA,CAAO,UAAA,GAAa,OAAA,CAAQ;AAAA,GAC9C;AACA,EAAA,MAAA,CAAO,IAAI,MAAM,CAAA;AACjB,EAAA,MAAA,CAAO,IAAI,IAAI,UAAA,CAAW,MAAM,CAAA,EAAG,OAAO,MAAM,CAAA;AAChD,EAAA,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,MAAA,CAAO,MAAA,GAAS,OAAO,UAAU,CAAA;AACrD,EAAA,OAAO,QAAQ,MAAM,CAAA;AACvB;AAEA,SAAS,mBAAA,CACP,aAAA,EACA,MAAA,GAAiB,IAAA,EACT;AACR,EAAA,MAAM,MAAA,GAASC,WAAA,CAAO,OAAA,CAAQ,aAAa,CAAA;AAC3C,EAAA,MAAA,CAAO,QAAQ,CAAC,CAAA;AAChB,EAAA,OAAOA,WAAA,CAAO,MAAA,CAAO,MAAA,EAAQ,MAAM,CAAA;AACrC;AAEA,SAAS,QAAQ,MAAA,EAAgC;AAC/C,EAAA,OAAOF,OAAA,CAAK,MAAA,CAAOA,OAAA,CAAK,MAAA,CAAO,MAAM,CAAC,CAAA;AACxC;AAEA,SAAS,QAAQ,MAAA,EAAgC;AAC/C,EAAA,OAAOA,OAAA,CAAK,SAAA,CAAUA,OAAA,CAAK,MAAA,CAAO,MAAM,CAAC,CAAA;AAC3C","file":"bitcoin-3CW4MNAW.cjs","sourcesContent":["import {\n  ProofStatus,\n  ProofTypes,\n  SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n  P2WPKH = \"p2wpkh\",\n  P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\ninterface ChainConfig {\n  messagePrefix: string;\n  pubKeyHashVersion: number | Uint8Array;\n  scriptHashVersion: number | Uint8Array;\n  bech32Prefix?: string;\n  isTestnet?: boolean;\n}\n\nconst CHAIN_CONFIGS: Record<string, ChainConfig> = {\n  bitcoin: {\n    messagePrefix: \"\\u0018Bitcoin Signed Message:\\n\",\n    pubKeyHashVersion: 0x00, // 1...\n    scriptHashVersion: 0x05, // 3...\n    bech32Prefix: \"bc\",\n    isTestnet: false,\n  },\n  bitcoincash: {\n    messagePrefix: \"\\u0018Bitcoin Signed Message:\\n\",\n    pubKeyHashVersion: 0x00, // 1...\n    scriptHashVersion: 0x05, // 3...\n    bech32Prefix: \"bc\",\n    isTestnet: false,\n  },\n  litecoin: {\n    messagePrefix: \"\\u0019Litecoin Signed Message:\\n\",\n    pubKeyHashVersion: 0x30, // L... or M...\n    scriptHashVersion: 0x32, // 3... or M...\n    bech32Prefix: \"ltc\",\n    isTestnet: false,\n  },\n  dogecoin: {\n    messagePrefix: \"\\u0019Dogecoin Signed Message:\\n\",\n    pubKeyHashVersion: 0x1e, // D...\n    scriptHashVersion: 0x16, // A...\n    isTestnet: false,\n  },\n  dash: {\n    messagePrefix: \"\\u0019DarkCoin Signed Message:\\n\",\n    pubKeyHashVersion: 0x4c, // X...\n    scriptHashVersion: 0x10, // 7...\n    isTestnet: false,\n  },\n  zcash: {\n    messagePrefix: \"\\u0018Zcash Signed Message:\\n\",\n    pubKeyHashVersion: Uint8Array.from([0x1c, 0xb8]), // <-- FIXED\n    scriptHashVersion: Uint8Array.from([0x1c, 0xbd]),\n    isTestnet: false,\n  },\n\n  testnet: {\n    messagePrefix: \"\\u0018Bitcoin Signed Message:\\n\",\n    pubKeyHashVersion: 0x6f, // m or n\n    scriptHashVersion: 0xc4, // 2\n    bech32Prefix: \"tb\",\n    isTestnet: true,\n  },\n};\n\nenum DerivationMode {\n  LEGACY = \"Legacy\",\n  NATIVE = \"Native SegWit\",\n  SEGWIT = \"SegWit\",\n  P2SH_SEGWIT = \"p2sh\",\n  BCH = \"Bitcoin Cash\",\n  ETHEREUM = \"Ethereum\",\n  DOGECOIN = \"Dogecoin\",\n  UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n  proof: SignatureProof\n): Promise<SignatureProof> {\n  const [ns, , address] = proof.address.split(/:/);\n  if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n\n  // Map chainId to our chain configuration\n  const chainConfig = getChainConfig(address);\n  if (!chainConfig) return { ...proof, status: ProofStatus.FAILED };\n\n  const isZcash = address.startsWith(\"t1\") || address.startsWith(\"t3\");\n  if (isZcash) {\n    return verifyBIP137(address, proof, chainConfig);\n  }\n\n  // Use BIP322 for testnet addresses\n  if (chainConfig.isTestnet) {\n    return verifyBIP322(address, proof);\n  }\n\n  // Check if this is a Taproot address (bc1p or tb1p)\n  const isTaproot = address.startsWith(\"bc1p\") || address.startsWith(\"tb1p\");\n\n  // For Taproot addresses with BIP-137 proof type, use BIP-322 verification\n  // since BIP-137 doesn't officially support Taproot\n  if (isTaproot && proof.type === ProofTypes.BIP137) {\n    return verifyBIP322(address, proof);\n  }\n\n  try {\n    switch (proof.type) {\n      case ProofTypes.BIP137:\n        return verifyBIP137(address, proof, chainConfig);\n      case ProofTypes.BIP322:\n        return verifyBIP322(address, proof);\n      default:\n        return {\n          ...proof,\n          status: ProofStatus.FAILED,\n        };\n    }\n  } catch {\n    return {\n      ...proof,\n      status: ProofStatus.FAILED,\n    };\n  }\n}\n\nfunction getChainConfig(address: string): ChainConfig {\n  if (\n    address.startsWith(\"1\") ||\n    address.startsWith(\"3\") ||\n    address.startsWith(\"bc1\")\n  ) {\n    return CHAIN_CONFIGS[\"bitcoin\"];\n  }\n  if (address.startsWith(\"t1\") || address.startsWith(\"t3\")) {\n    return CHAIN_CONFIGS[\"zcash\"];\n  }\n  if (\n    address.startsWith(\"L\") ||\n    address.startsWith(\"M\") ||\n    address.startsWith(\"ltc1\")\n  ) {\n    return CHAIN_CONFIGS[\"litecoin\"];\n  }\n  if (address.startsWith(\"D\") || address.startsWith(\"A\")) {\n    return CHAIN_CONFIGS[\"dogecoin\"];\n  }\n  if (address.startsWith(\"X\") || address.startsWith(\"7\")) {\n    return CHAIN_CONFIGS[\"dash\"];\n  }\n  if (address.startsWith(\"q\")) {\n    return CHAIN_CONFIGS[\"bitcoincash\"];\n  }\n  if (address.startsWith(\"tb1\")) {\n    return CHAIN_CONFIGS[\"testnet\"];\n  }\n\n  return CHAIN_CONFIGS[\"bitcoin\"];\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n  const { attestation, proof: signatureProof } = proof;\n  const verified = Verifier.verifySignature(\n    address,\n    attestation,\n    signatureProof\n  );\n  return {\n    ...proof,\n    status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n  };\n}\n\nfunction verifyBIP137(\n  address: string,\n  proof: SignatureProof,\n  chainConfig: ChainConfig\n) {\n  const derivationMode = getDerivationMode(address);\n\n  // For legacy addresses (starting with \"1\"), never use SegWit encoding\n  // For P2SH addresses (starting with \"3\"), use SegWit encoding if they have bech32 support\n  // For native SegWit addresses (bc1, tb1, ltc1), always use SegWit encoding\n  const useSegwitEncoding = Boolean(\n    chainConfig.bech32Prefix &&\n      (derivationMode === DerivationMode.NATIVE ||\n        (derivationMode === DerivationMode.SEGWIT && !address.startsWith(\"1\")))\n  );\n\n  const verified = verify(\n    proof.attestation,\n    address,\n    proof.proof,\n    useSegwitEncoding,\n    chainConfig\n  );\n\n  return {\n    ...proof,\n    status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n  };\n}\n\nfunction getDerivationMode(address: string) {\n  if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n    return DerivationMode.NATIVE;\n  } else if (address.match(\"^[32M].*\")) {\n    return DerivationMode.SEGWIT;\n  } else if (address.match(\"^[1nmL].*\")) {\n    return DerivationMode.LEGACY;\n  } else if (address.match(\"^(D).*\")) {\n    return DerivationMode.DOGECOIN;\n  } else if (address.match(\"^(q).*\")) {\n    return DerivationMode.BCH;\n  } else if (address.match(\"^(t1|t3).*\")) {\n    return DerivationMode.LEGACY; // Zcash addresses\n  } else if (address.match(\"^[X7].*\")) {\n    return DerivationMode.LEGACY; // Dash addresses\n  } else {\n    throw new Error(\n      \"INVALID ADDRESS: \"\n        .concat(address)\n        .concat(\" is not a valid or a supported address\")\n    );\n  }\n}\n\ntype DecodedSignature = {\n  compressed: boolean;\n  segwitType?: SEGWIT_TYPES;\n  signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n  const sigbytes = base64.decode(proof);\n  if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n  const flagByte = sigbytes[0] - 27;\n  if (flagByte > 15 || flagByte < 0) {\n    throw new Error(\"Invalid signature parameter\");\n  }\n  const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n  const recovery = flagByte & 3;\n  const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n  return {\n    compressed,\n    segwitType: !(flagByte & 8)\n      ? undefined\n      : !(flagByte & 4)\n      ? SEGWIT_TYPES.P2SH_P2WPKH\n      : SEGWIT_TYPES.P2WPKH,\n    signature: signature.addRecoveryBit(recovery),\n  };\n}\n\nfunction verify(\n  attestation: string,\n  address: string,\n  proof: string,\n  checkSegwitAlways: boolean,\n  chainConfig: ChainConfig\n) {\n  const { compressed, segwitType, signature } = decodeSignature(proof);\n  if (checkSegwitAlways && !compressed) {\n    throw new Error(\n      \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n    );\n  }\n  const hash = magicHash(attestation, chainConfig.messagePrefix);\n  const publicKey = signature.recoverPublicKey(hash);\n  const publicKeyBytes = publicKey.toRawBytes(compressed);\n  const publicKeyHash = hash160(publicKeyBytes);\n  let actual: string = \"\";\n\n  // Special handling for Bitcoin Cash addresses\n  if (address.startsWith(\"q\")) {\n    // For BCH, we'll compare the public key hash directly since we're getting a CashAddr\n    // Convert the CashAddr to legacy format for comparison\n    actual = encodeBase58AddressFormat(\n      chainConfig.pubKeyHashVersion,\n      publicKeyHash\n    );\n    // Legacy P2PKH addresses in BCH start with '1' just like BTC\n    // Source: https://reference.cash/protocol/blockchain/encoding/cashaddr#legacy-address-format\n    return actual.startsWith(\"1\");\n  }\n\n  if (segwitType) {\n    if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n      actual = encodeBase58AddressFormat(\n        chainConfig.scriptHashVersion,\n        publicKeyHash\n      );\n    } else {\n      // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n      if (chainConfig.bech32Prefix) {\n        actual = encodeBech32Address(publicKeyHash, chainConfig.bech32Prefix);\n      } else {\n        // Fallback to legacy if bech32 not supported\n        actual = encodeBase58AddressFormat(\n          chainConfig.scriptHashVersion,\n          publicKeyHash\n        );\n        // base58 can be p2pkh or p2sh-p2wpkh\n      }\n    }\n  } else {\n    // For addresses starting with \"3\" (P2SH), try both P2SH-P2WPKH and legacy P2SH encodings if segwitType is undefined\n    if (address.startsWith(\"3\") && !segwitType) {\n      // P2SH-P2WPKH: script hash of the redeem script (OP_0 <pubkeyhash>)\n      const redeemScript = new Uint8Array(22);\n      redeemScript[0] = 0x00; // OP_0\n      redeemScript[1] = 0x14; // push 20 bytes\n      redeemScript.set(publicKeyHash, 2);\n      const redeemScriptHash = hash160(redeemScript);\n      const p2shP2wpkh = encodeBase58AddressFormat(\n        chainConfig.scriptHashVersion,\n        redeemScriptHash\n      );\n      // Legacy P2SH: script hash of the public key\n      const legacyP2sh = encodeBase58AddressFormat(\n        chainConfig.scriptHashVersion,\n        publicKeyHash\n      );\n      if (address === p2shP2wpkh || address === legacyP2sh) {\n        return true;\n      }\n      actual = legacyP2sh; // fallback for error reporting\n    } else if (address.startsWith(\"bc1q\") || address.startsWith(\"tb1q\") || address.startsWith(\"ltc1q\")) {\n      // For native SegWit P2WPKH addresses (bc1q/tb1q/ltc1q), always encode as bech32\n      // This handles Ledger wallets that sign without segwit flags\n      if (chainConfig.bech32Prefix) {\n        actual = encodeBech32Address(publicKeyHash, chainConfig.bech32Prefix);\n      } else {\n        actual = encodeBase58AddressFormat(\n          chainConfig.pubKeyHashVersion,\n          publicKeyHash\n        );\n      }\n    } else if (checkSegwitAlways && chainConfig.bech32Prefix) {\n      try {\n        actual = encodeBech32Address(publicKeyHash, chainConfig.bech32Prefix);\n        // if address is bech32 it is not p2sh\n        // eslint-disable-next-line @typescript-eslint/no-unused-vars\n      } catch (e) {\n        actual = encodeBase58AddressFormat(\n          chainConfig.scriptHashVersion,\n          publicKeyHash\n        );\n        // base58 can be p2pkh or p2sh-p2wpkh\n      }\n    } else {\n      actual = encodeBase58AddressFormat(\n        chainConfig.pubKeyHashVersion,\n        publicKeyHash\n      );\n    }\n  }\n\n  return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(\n  version: number | Uint8Array,\n  publicKeyHash: Uint8Array\n) {\n  const prefixBytes =\n    typeof version === \"number\" ? Uint8Array.of(version) : version; // Accept raw Uint8Array for Zcash\n\n  const payload = new Uint8Array(prefixBytes.length + publicKeyHash.length);\n  payload.set(prefixBytes);\n  payload.set(publicKeyHash, prefixBytes.length);\n  return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string, messagePrefix: string) {\n  const prefix = new TextEncoder().encode(messagePrefix);\n  const message = new TextEncoder().encode(attestation);\n  const length = encodeLength(message.length).buffer;\n  const buffer = new Uint8Array(\n    prefix.length + length.byteLength + message.length\n  );\n  buffer.set(prefix);\n  buffer.set(new Uint8Array(length), prefix.length);\n  buffer.set(message, prefix.length + length.byteLength);\n  return hash256(buffer);\n}\n\nfunction encodeBech32Address(\n  publicKeyHash: Uint8Array,\n  prefix: string = \"bc\"\n): string {\n  const bwords = bech32.toWords(publicKeyHash);\n  bwords.unshift(0);\n  return bech32.encode(prefix, bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n  return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n  return Hash.ripemd160(Hash.sha256(buffer));\n}\n"]}