npm - @sequence0/sdk - Versions diffs - 1.0.3 → 1.1.0 - Mend

@sequence0/sdk 1.0.3 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/README.md +137 -10
package/dist/chains/bitcoin-taproot.d.ts +308 -0
package/dist/chains/bitcoin-taproot.d.ts.map +1 -0
package/dist/chains/bitcoin-taproot.js +982 -0
package/dist/chains/bitcoin-taproot.js.map +1 -0
package/dist/erc4337/account.d.ts +241 -0
package/dist/erc4337/account.d.ts.map +1 -0
package/dist/erc4337/account.js +810 -0
package/dist/erc4337/account.js.map +1 -0
package/dist/erc4337/index.d.ts +9 -0
package/dist/erc4337/index.d.ts.map +1 -0
package/dist/erc4337/index.js +16 -0
package/dist/erc4337/index.js.map +1 -0
package/dist/erc4337/types.d.ts +173 -0
package/dist/erc4337/types.d.ts.map +1 -0
package/dist/erc4337/types.js +52 -0
package/dist/erc4337/types.js.map +1 -0
package/dist/index.d.ts +27 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +37 -2
package/dist/index.js.map +1 -1
package/dist/wallet/wallet.d.ts +7 -0
package/dist/wallet/wallet.d.ts.map +1 -1
package/dist/wallet/wallet.js +18 -3
package/dist/wallet/wallet.js.map +1 -1
package/package.json +8 -2

package/dist/chains/bitcoin-taproot.js ADDED Viewed

@@ -0,0 +1,982 @@
+"use strict";
+/**
+ * Bitcoin Taproot (P2TR) Chain Adapter
+ *
+ * Full Taproot transaction lifecycle: address derivation, UTXO management,
+ * transaction building, FROST Schnorr signing, and broadcast.
+ *
+ * FROST-secp256k1 produces BIP-340 compatible Schnorr signatures that are
+ * NATIVE to Taproot key-path spends -- no signature format conversion needed.
+ *
+ * Depends on the WASM crate's bitcoin.rs for:
+ * - Address derivation (group pubkey -> bc1p... P2TR address)
+ * - Transaction construction (inputs/outputs -> unsigned TX + sighash)
+ * - Signature attachment (FROST sig -> witness data)
+ *
+ * @example
+ * ```typescript
+ * import { BitcoinTaprootAdapter } from '@sequence0/sdk';
+ *
+ * const btc = new BitcoinTaprootAdapter({ network: 'mainnet' });
+ *
+ * // Derive a Taproot address from a FROST group public key
+ * const addr = btc.deriveAddress('02abcdef...');
+ * console.log(addr.address); // bc1p...
+ *
+ * // Get balance and UTXOs
+ * const balance = await btc.getBalance('bc1p...');
+ * const utxos = await btc.getUTXOs('bc1p...');
+ *
+ * // Build, sign, and broadcast
+ * const unsignedTx = await btc.buildTransaction(
+ *   { to: 'bc1p...recipient', amount: 50000, feeRate: 15 },
+ *   'bc1p...sender'
+ * );
+ * // ... sign via FROST ...
+ * const txid = await btc.broadcast(signedTxHex);
+ * ```
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BitcoinTaprootAdapter = void 0;
+exports.createBitcoinTaprootAdapter = createBitcoinTaprootAdapter;
+exports.createBitcoinTestnetTaprootAdapter = createBitcoinTestnetTaprootAdapter;
+const errors_1 = require("../utils/errors");
+// ── Constants ──
+const DEFAULT_APIS = {
+    mainnet: 'https://mempool.space/api',
+    testnet: 'https://mempool.space/testnet/api',
+    signet: 'https://mempool.space/signet/api',
+    regtest: 'http://localhost:3000/api', // Local mempool instance
+};
+/** Minimum output value in satoshis (dust limit for P2TR) */
+const DUST_THRESHOLD = 546;
+/** Estimated vbytes per Taproot key-path input */
+const VBYTES_PER_INPUT = 58;
+/** Estimated vbytes per P2TR output */
+const VBYTES_PER_OUTPUT = 43;
+/** Fixed overhead vbytes per transaction */
+const TX_OVERHEAD_VBYTES = 11;
+// ── Adapter ──
+class BitcoinTaprootAdapter {
+    constructor(options = {}) {
+        this.network = options.network || 'mainnet';
+        this.apiUrl = options.apiUrl || DEFAULT_APIS[this.network];
+    }
+    getRpcUrl() {
+        return this.apiUrl;
+    }
+    // ────────────────────────────────────────────────
+    //  Address Derivation
+    // ────────────────────────────────────────────────
+    /**
+     * Derive a Taproot (P2TR) address from a FROST group public key.
+     *
+     * The FROST group verifying key is a secp256k1 point. For Taproot:
+     * 1. Extract the x-only public key (32 bytes)
+     * 2. Compute the Taproot tweak: t = hash_TapTweak(x_only_pubkey)
+     * 3. Compute the output key: Q = P + t*G
+     * 4. Encode as Bech32m with witness version 1
+     *
+     * @param groupPubkeyHex - Hex-encoded FROST group verifying key (33 bytes compressed or 32 bytes x-only)
+     * @returns TaprootAddressInfo with address, keys, and scriptPubkey
+     */
+    deriveAddress(groupPubkeyHex) {
+        const pubkeyClean = groupPubkeyHex.startsWith('0x')
+            ? groupPubkeyHex.slice(2)
+            : groupPubkeyHex;
+        const pubkeyBytes = hexToBytes(pubkeyClean);
+        // Extract x-only public key
+        const xOnly = extractXOnlyPubkey(pubkeyBytes);
+        // Compute Taproot tweak (key-path only, no script tree)
+        const tweak = computeTapTweak(xOnly);
+        // Compute tweaked output key
+        const outputKey = tweakPublicKey(xOnly, tweak);
+        // Encode as Bech32m
+        const hrp = networkToHrp(this.network);
+        const address = encodeBech32m(hrp, outputKey);
+        // Build scriptPubKey: OP_1 <32-byte output key>
+        const scriptPubkey = '51' + '20' + bytesToHex(outputKey);
+        return {
+            address,
+            xOnlyPubkey: bytesToHex(xOnly),
+            outputKey: bytesToHex(outputKey),
+            scriptPubkey,
+            network: this.network,
+        };
+    }
+    // ────────────────────────────────────────────────
+    //  UTXO Management
+    // ────────────────────────────────────────────────
+    /**
+     * Fetch unspent transaction outputs (UTXOs) for a Taproot address.
+     *
+     * @param address - Bech32m Taproot address (bc1p... / tb1p...)
+     * @returns Array of UTXOs sorted by value (largest first)
+     */
+    async getUTXOs(address) {
+        try {
+            const response = await fetch(`${this.apiUrl}/address/${address}/utxo`);
+            if (!response.ok) {
+                throw new Error(`HTTP ${response.status}: ${await response.text()}`);
+            }
+            const rawUtxos = await response.json();
+            // Derive scriptPubkey from the address for all UTXOs
+            const scriptPubkey = this.addressToScriptPubkey(address);
+            const utxos = rawUtxos.map((u) => ({
+                txid: u.txid,
+                vout: u.vout,
+                value: u.value,
+                scriptPubkey,
+                status: {
+                    confirmed: u.status?.confirmed ?? false,
+                    blockHeight: u.status?.block_height,
+                    blockHash: u.status?.block_hash,
+                    blockTime: u.status?.block_time,
+                },
+            }));
+            // Sort by value descending (largest first for optimal UTXO selection)
+            utxos.sort((a, b) => b.value - a.value);
+            return utxos;
+        }
+        catch (e) {
+            throw new errors_1.ChainError(`Failed to fetch UTXOs for ${address}: ${e.message}`, 'bitcoin');
+        }
+    }
+    // ────────────────────────────────────────────────
+    //  Balance
+    // ────────────────────────────────────────────────
+    /**
+     * Get the balance of a Bitcoin address in satoshis.
+     * Includes both confirmed and unconfirmed (mempool) balances.
+     *
+     * @param address - Taproot address
+     * @returns Balance in satoshis as a string
+     */
+    async getBalance(address) {
+        try {
+            const response = await fetch(`${this.apiUrl}/address/${address}`);
+            if (!response.ok) {
+                return '0';
+            }
+            const data = await response.json();
+            const confirmed = (data.chain_stats?.funded_txo_sum ?? 0) -
+                (data.chain_stats?.spent_txo_sum ?? 0);
+            const unconfirmed = (data.mempool_stats?.funded_txo_sum ?? 0) -
+                (data.mempool_stats?.spent_txo_sum ?? 0);
+            return Math.max(0, confirmed + unconfirmed).toString();
+        }
+        catch {
+            return '0';
+        }
+    }
+    /**
+     * Get the confirmed balance only (excluding mempool transactions).
+     *
+     * @param address - Taproot address
+     * @returns Confirmed balance in satoshis as a string
+     */
+    async getConfirmedBalance(address) {
+        try {
+            const response = await fetch(`${this.apiUrl}/address/${address}`);
+            if (!response.ok) {
+                return '0';
+            }
+            const data = await response.json();
+            const confirmed = (data.chain_stats?.funded_txo_sum ?? 0) -
+                (data.chain_stats?.spent_txo_sum ?? 0);
+            return Math.max(0, confirmed).toString();
+        }
+        catch {
+            return '0';
+        }
+    }
+    // ────────────────────────────────────────────────
+    //  Fee Estimation
+    // ────────────────────────────────────────────────
+    /**
+     * Get recommended fee rates from the mempool.
+     *
+     * @returns Fee rate estimates in sat/vB
+     */
+    async getFeeRates() {
+        try {
+            const response = await fetch(`${this.apiUrl}/v1/fees/recommended`);
+            if (!response.ok) {
+                throw new Error(`HTTP ${response.status}`);
+            }
+            const data = await response.json();
+            return {
+                fastest: data.fastestFee ?? 20,
+                halfHour: data.halfHourFee ?? 15,
+                hour: data.hourFee ?? 10,
+                economy: data.economyFee ?? 5,
+                minimum: data.minimumFee ?? 1,
+            };
+        }
+        catch (e) {
+            throw new errors_1.ChainError(`Failed to fetch fee rates: ${e.message}`, 'bitcoin');
+        }
+    }
+    /**
+     * Estimate the fee for a transaction with the given number of inputs and outputs.
+     *
+     * @param inputCount - Number of Taproot inputs
+     * @param outputCount - Number of outputs (including change)
+     * @param feeRate - Fee rate in sat/vB
+     * @returns Estimated fee in satoshis
+     */
+    estimateFee(inputCount, outputCount, feeRate) {
+        const vsize = TX_OVERHEAD_VBYTES +
+            inputCount * VBYTES_PER_INPUT +
+            outputCount * VBYTES_PER_OUTPUT;
+        return Math.ceil(vsize * feeRate);
+    }
+    // ────────────────────────────────────────────────
+    //  Transaction Building (ChainAdapter interface)
+    // ────────────────────────────────────────────────
+    /**
+     * Build an unsigned Bitcoin Taproot transaction.
+     *
+     * Fetches UTXOs, selects inputs using a largest-first strategy,
+     * constructs outputs (recipient + change), computes the BIP-341
+     * sighash, and returns the serialized unsigned transaction.
+     *
+     * The returned sighash is what gets passed to the FROST signing
+     * protocol. The resulting 64-byte Schnorr signature is directly
+     * usable as the Taproot witness.
+     *
+     * @param tx - Transaction parameters (to, amount, feeRate)
+     * @param fromAddress - Sender's Taproot address
+     * @returns Hex-encoded unsigned transaction data (JSON-encoded internally)
+     */
+    async buildTransaction(tx, fromAddress) {
+        try {
+            // Validate addresses
+            if (!this.isTaprootAddress(fromAddress)) {
+                throw new Error(`Sender address is not a valid Taproot address: ${fromAddress}`);
+            }
+            if (!this.isTaprootAddress(tx.to)) {
+                throw new Error(`Recipient address is not a valid Taproot address: ${tx.to}`);
+            }
+            // Fetch UTXOs
+            const utxos = await this.getUTXOs(fromAddress);
+            if (utxos.length === 0) {
+                throw new Error('No UTXOs available for this address');
+            }
+            // Determine fee rate
+            const feeRate = tx.feeRate || 10; // Default 10 sat/vB
+            // Select UTXOs (largest first)
+            const selection = this.selectUTXOs(utxos, tx.amount, feeRate);
+            // Build outputs
+            const outputs = [
+                { address: tx.to, value: tx.amount },
+            ];
+            // Add change output if above dust threshold
+            const change = selection.totalValue - tx.amount - selection.fee;
+            if (change > DUST_THRESHOLD) {
+                outputs.push({ address: fromAddress, value: change });
+            }
+            // Compute sighash for FROST signing
+            const inputs = selection.selectedUtxos.map(u => ({
+                txid: u.txid,
+                vout: u.vout,
+                value: u.value,
+                scriptPubkey: u.scriptPubkey,
+            }));
+            // Build the unsigned transaction
+            const unsignedTx = {
+                sighash: this.computeSighash(inputs, outputs),
+                rawUnsigned: this.serializeUnsignedTx(inputs, outputs),
+                inputs,
+                outputs,
+                estimatedVsize: selection.estimatedVsize,
+                estimatedFee: selection.fee,
+            };
+            // Return as hex-encoded JSON for the ChainAdapter interface
+            return Buffer.from(JSON.stringify(unsignedTx)).toString('hex');
+        }
+        catch (e) {
+            throw new errors_1.ChainError(`Failed to build Taproot transaction: ${e.message}`, 'bitcoin');
+        }
+    }
+    /**
+     * Build an unsigned Taproot transaction with explicit control over inputs and outputs.
+     *
+     * For advanced usage when you want to manually select UTXOs and construct
+     * the transaction outputs.
+     *
+     * @param inputs - UTXOs to spend
+     * @param outputs - Transaction outputs
+     * @param xOnlyInternalKey - 32-byte x-only internal key (hex-encoded)
+     * @param feeRate - Fee rate in sat/vB
+     * @returns UnsignedTaprootTx ready for FROST signing
+     */
+    buildUnsignedTx(inputs, outputs, feeRate) {
+        if (inputs.length === 0) {
+            throw new errors_1.ChainError('No inputs provided', 'bitcoin');
+        }
+        if (outputs.length === 0) {
+            throw new errors_1.ChainError('No outputs provided', 'bitcoin');
+        }
+        const totalInput = inputs.reduce((sum, i) => sum + i.value, 0);
+        const totalOutput = outputs.reduce((sum, o) => sum + o.value, 0);
+        const estimatedVsize = TX_OVERHEAD_VBYTES +
+            inputs.length * VBYTES_PER_INPUT +
+            outputs.length * VBYTES_PER_OUTPUT;
+        const fee = Math.ceil(estimatedVsize * feeRate);
+        if (totalInput < totalOutput + fee) {
+            throw new errors_1.ChainError(`Insufficient funds: ${totalInput} sat available, ` +
+                `${totalOutput + fee} sat needed (${totalOutput} output + ${fee} fee)`, 'bitcoin');
+        }
+        return {
+            sighash: this.computeSighash(inputs, outputs),
+            rawUnsigned: this.serializeUnsignedTx(inputs, outputs),
+            inputs,
+            outputs,
+            estimatedVsize,
+            estimatedFee: fee,
+        };
+    }
+    /**
+     * Attach a FROST Schnorr signature to an unsigned Taproot transaction.
+     *
+     * The FROST signing protocol produces a 64-byte BIP-340 Schnorr signature
+     * (R_x || s) that is directly used as the Taproot witness for key-path spends.
+     *
+     * @param unsignedTxHex - Hex-encoded unsigned transaction (from buildTransaction)
+     * @param signatureHex - 64-byte FROST Schnorr signature (hex-encoded, 128 chars)
+     * @returns Hex-encoded signed transaction ready for broadcast
+     */
+    async attachSignature(unsignedTxHex, signatureHex) {
+        try {
+            const sig = signatureHex.startsWith('0x') ? signatureHex.slice(2) : signatureHex;
+            if (sig.length !== 128) {
+                throw new Error(`Schnorr signature must be 64 bytes (128 hex chars), got ${sig.length} chars`);
+            }
+            // Parse the unsigned transaction
+            const unsignedTx = JSON.parse(Buffer.from(unsignedTxHex, 'hex').toString());
+            // Build the signed transaction with Taproot witness
+            const signedTx = this.serializeSignedTx(unsignedTx, sig);
+            return Buffer.from(JSON.stringify(signedTx)).toString('hex');
+        }
+        catch (e) {
+            throw new errors_1.ChainError(`Failed to attach Taproot signature: ${e.message}`, 'bitcoin');
+        }
+    }
+    /**
+     * Attach a FROST Schnorr signature with full output (returns structured data).
+     *
+     * @param unsignedTx - The UnsignedTaprootTx from buildUnsignedTx
+     * @param signatureHex - 64-byte FROST Schnorr signature (hex, 128 chars)
+     * @returns SignedTaprootTx with raw_signed, txid, and vsize
+     */
+    attachSignatureToTx(unsignedTx, signatureHex) {
+        const sig = signatureHex.startsWith('0x') ? signatureHex.slice(2) : signatureHex;
+        if (sig.length !== 128) {
+            throw new errors_1.ChainError(`Schnorr signature must be 64 bytes (128 hex chars), got ${sig.length} chars`, 'bitcoin');
+        }
+        return this.serializeSignedTx(unsignedTx, sig);
+    }
+    // ────────────────────────────────────────────────
+    //  Broadcast
+    // ────────────────────────────────────────────────
+    /**
+     * Broadcast a signed Taproot transaction to the Bitcoin network.
+     *
+     * Accepts either a raw Bitcoin transaction hex or the hex-encoded JSON
+     * format from attachSignature().
+     *
+     * @param signedTx - Hex-encoded signed transaction
+     * @returns Transaction ID (txid)
+     */
+    async broadcast(signedTx) {
+        try {
+            let rawHex;
+            // Check if this is our JSON-wrapped format
+            const decoded = Buffer.from(signedTx, 'hex').toString();
+            if (decoded.startsWith('{')) {
+                const parsed = JSON.parse(decoded);
+                rawHex = parsed.rawSigned;
+            }
+            else {
+                rawHex = signedTx;
+            }
+            const response = await fetch(`${this.apiUrl}/tx`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'text/plain' },
+                body: rawHex,
+            });
+            if (!response.ok) {
+                const error = await response.text();
+                throw new Error(`Broadcast rejected: ${error}`);
+            }
+            return await response.text(); // Returns the txid
+        }
+        catch (e) {
+            throw new errors_1.ChainError(`Failed to broadcast Taproot TX: ${e.message}`, 'bitcoin');
+        }
+    }
+    // ────────────────────────────────────────────────
+    //  Transaction Lookup
+    // ────────────────────────────────────────────────
+    /**
+     * Get transaction details by txid.
+     *
+     * @param txid - Transaction ID
+     * @returns Transaction data or null if not found
+     */
+    async getTransaction(txid) {
+        try {
+            const response = await fetch(`${this.apiUrl}/tx/${txid}`);
+            if (!response.ok)
+                return null;
+            return await response.json();
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Get the current block height.
+     */
+    async getBlockHeight() {
+        try {
+            const response = await fetch(`${this.apiUrl}/blocks/tip/height`);
+            if (!response.ok)
+                throw new Error(`HTTP ${response.status}`);
+            return parseInt(await response.text(), 10);
+        }
+        catch (e) {
+            throw new errors_1.ChainError(`Failed to get block height: ${e.message}`, 'bitcoin');
+        }
+    }
+    // ────────────────────────────────────────────────
+    //  Utilities
+    // ────────────────────────────────────────────────
+    /**
+     * Check if an address is a valid Taproot (P2TR) address.
+     */
+    isTaprootAddress(address) {
+        if (this.network === 'mainnet')
+            return address.startsWith('bc1p');
+        if (this.network === 'testnet' || this.network === 'signet')
+            return address.startsWith('tb1p');
+        if (this.network === 'regtest')
+            return address.startsWith('bcrt1p');
+        return false;
+    }
+    /**
+     * Convert a Taproot address to its scriptPubKey.
+     * P2TR scriptPubKey: OP_1 (0x51) + PUSH32 (0x20) + <32-byte witness program>
+     */
+    addressToScriptPubkey(address) {
+        const witnessProgram = decodeBech32m(address);
+        return '51' + '20' + bytesToHex(witnessProgram);
+    }
+    // ────────────────────────────────────────────────
+    //  Internal: UTXO Selection
+    // ────────────────────────────────────────────────
+    selectUTXOs(utxos, targetAmount, feeRate) {
+        const selected = [];
+        let total = 0;
+        // Largest-first selection
+        for (const utxo of utxos) {
+            selected.push(utxo);
+            total += utxo.value;
+            // Estimate fee with current selection (2 outputs: recipient + change)
+            const outputCount = 2;
+            const vsize = TX_OVERHEAD_VBYTES +
+                selected.length * VBYTES_PER_INPUT +
+                outputCount * VBYTES_PER_OUTPUT;
+            const fee = Math.ceil(vsize * feeRate);
+            if (total >= targetAmount + fee) {
+                return {
+                    selectedUtxos: selected,
+                    totalValue: total,
+                    fee,
+                    estimatedVsize: vsize,
+                };
+            }
+        }
+        // Not enough funds
+        const minFee = this.estimateFee(utxos.length, 2, feeRate);
+        throw new Error(`Insufficient balance: have ${total} sat, need ${targetAmount + minFee} sat ` +
+            `(${targetAmount} amount + ~${minFee} fee)`);
+    }
+    // ────────────────────────────────────────────────
+    //  Internal: Transaction Serialization
+    // ────────────────────────────────────────────────
+    /**
+     * Serialize an unsigned Taproot transaction.
+     *
+     * Bitcoin transaction format (segwit):
+     * - Version (4 bytes LE)
+     * - Marker + Flag (00 01 for segwit)
+     * - Input count (varint)
+     * - Inputs (outpoint + empty scriptSig + sequence)
+     * - Output count (varint)
+     * - Outputs (value + scriptPubkey)
+     * - Witness (placeholder for signing)
+     * - Locktime (4 bytes LE)
+     */
+    serializeUnsignedTx(inputs, outputs) {
+        const buf = [];
+        // Version 2 (for Taproot)
+        pushLE32(buf, 2);
+        // Segwit marker + flag
+        buf.push(0x00, 0x01);
+        // Input count
+        pushVarint(buf, inputs.length);
+        // Inputs
+        for (const input of inputs) {
+            // Previous txid (reversed byte order)
+            const txidBytes = hexToBytes(input.txid);
+            txidBytes.reverse();
+            buf.push(...txidBytes);
+            // Previous vout (4 bytes LE)
+            pushLE32(buf, input.vout);
+            // ScriptSig length (0 for segwit)
+            buf.push(0x00);
+            // Sequence (0xFFFFFFFD for RBF compatibility)
+            pushLE32(buf, 0xfffffffd);
+        }
+        // Output count
+        pushVarint(buf, outputs.length);
+        // Outputs
+        for (const output of outputs) {
+            // Value (8 bytes LE)
+            pushLE64(buf, output.value);
+            // ScriptPubKey
+            const script = hexToBytes(this.addressToScriptPubkey(output.address));
+            pushVarint(buf, script.length);
+            buf.push(...script);
+        }
+        // Witness placeholder (1 item per input: 64 zero bytes for Schnorr sig)
+        for (let i = 0; i < inputs.length; i++) {
+            buf.push(0x01); // 1 witness item
+            buf.push(0x40); // 64 bytes
+            buf.push(...new Array(64).fill(0)); // placeholder
+        }
+        // Locktime
+        pushLE32(buf, 0);
+        return bytesToHex(new Uint8Array(buf));
+    }
+    /**
+     * Serialize a signed Taproot transaction.
+     */
+    serializeSignedTx(unsignedTx, signatureHex) {
+        const sigBytes = hexToBytes(signatureHex);
+        const buf = [];
+        // Version 2
+        pushLE32(buf, 2);
+        // Segwit marker + flag
+        buf.push(0x00, 0x01);
+        // Input count
+        pushVarint(buf, unsignedTx.inputs.length);
+        // Inputs
+        for (const input of unsignedTx.inputs) {
+            const txidBytes = hexToBytes(input.txid);
+            txidBytes.reverse();
+            buf.push(...txidBytes);
+            pushLE32(buf, input.vout);
+            buf.push(0x00); // Empty scriptSig
+            pushLE32(buf, 0xfffffffd);
+        }
+        // Output count
+        pushVarint(buf, unsignedTx.outputs.length);
+        // Outputs
+        for (const output of unsignedTx.outputs) {
+            pushLE64(buf, output.value);
+            const script = hexToBytes(this.addressToScriptPubkey(output.address));
+            pushVarint(buf, script.length);
+            buf.push(...script);
+        }
+        // Witness: the Schnorr signature for each input
+        for (let i = 0; i < unsignedTx.inputs.length; i++) {
+            buf.push(0x01); // 1 witness item
+            buf.push(0x40); // 64 bytes (Schnorr signature, no sighash type suffix)
+            buf.push(...sigBytes);
+        }
+        // Locktime
+        pushLE32(buf, 0);
+        const rawSigned = bytesToHex(new Uint8Array(buf));
+        // Compute txid (double SHA-256 of non-witness serialization)
+        const txid = computeTxid(buf, unsignedTx.inputs.length, unsignedTx.outputs, this);
+        // Compute vsize
+        const witnessSize = unsignedTx.inputs.length * (1 + 1 + 64); // items + length + sig
+        const totalSize = buf.length;
+        const baseSize = totalSize - witnessSize - 2; // subtract witness + marker/flag
+        const weight = baseSize * 3 + totalSize;
+        const vsize = Math.ceil(weight / 4);
+        return {
+            rawSigned,
+            txid,
+            vsize,
+        };
+    }
+    /**
+     * Compute the BIP-341 Taproot sighash for key-path spend.
+     *
+     * The sighash message for SIGHASH_DEFAULT (0x00) includes:
+     * - Epoch (0x00)
+     * - Sighash type (0x00)
+     * - Transaction version (4 bytes LE)
+     * - Locktime (4 bytes LE)
+     * - SHA-256 of prevouts
+     * - SHA-256 of amounts
+     * - SHA-256 of scriptPubKeys
+     * - SHA-256 of sequences
+     * - SHA-256 of outputs
+     * - Spend type (0x00 for key-path, no annex)
+     * - Input index (4 bytes LE)
+     */
+    computeSighash(inputs, outputs) {
+        // The sighash is a tagged hash: hash_TapSighash(message)
+        const tagHash = sha256(new TextEncoder().encode('TapSighash'));
+        const parts = [];
+        // Tag hash prefix (used twice per BIP-340 tagged hash convention)
+        parts.push(...tagHash, ...tagHash);
+        // Epoch (1 byte)
+        parts.push(0x00);
+        // Sighash type: SIGHASH_DEFAULT (1 byte)
+        parts.push(0x00);
+        // Transaction version (4 bytes LE)
+        pushLE32(parts, 2);
+        // Locktime (4 bytes LE)
+        pushLE32(parts, 0);
+        // SHA-256 of prevouts
+        const prevoutsBuf = [];
+        for (const input of inputs) {
+            const txidBytes = hexToBytes(input.txid);
+            txidBytes.reverse();
+            prevoutsBuf.push(...txidBytes);
+            pushLE32(prevoutsBuf, input.vout);
+        }
+        parts.push(...sha256(new Uint8Array(prevoutsBuf)));
+        // SHA-256 of amounts
+        const amountsBuf = [];
+        for (const input of inputs) {
+            pushLE64(amountsBuf, input.value);
+        }
+        parts.push(...sha256(new Uint8Array(amountsBuf)));
+        // SHA-256 of scriptPubKeys (with compact size prefix)
+        const scriptsBuf = [];
+        for (const input of inputs) {
+            const script = hexToBytes(input.scriptPubkey);
+            pushVarint(scriptsBuf, script.length);
+            scriptsBuf.push(...script);
+        }
+        parts.push(...sha256(new Uint8Array(scriptsBuf)));
+        // SHA-256 of sequences
+        const seqsBuf = [];
+        for (let i = 0; i < inputs.length; i++) {
+            pushLE32(seqsBuf, 0xfffffffd);
+        }
+        parts.push(...sha256(new Uint8Array(seqsBuf)));
+        // SHA-256 of outputs
+        const outputsBuf = [];
+        for (const output of outputs) {
+            pushLE64(outputsBuf, output.value);
+            const script = hexToBytes(this.addressToScriptPubkey(output.address));
+            pushVarint(outputsBuf, script.length);
+            outputsBuf.push(...script);
+        }
+        parts.push(...sha256(new Uint8Array(outputsBuf)));
+        // Spend type: 0x00 (key-path, no annex)
+        parts.push(0x00);
+        // Input index: 0 (sign first input; for multi-input, each input would
+        // need its own sighash, but FROST signs all inputs with the same key)
+        pushLE32(parts, 0);
+        // Final sighash = SHA-256 of the tagged hash message
+        const sighash = sha256(new Uint8Array(parts));
+        return bytesToHex(sighash);
+    }
+}
+exports.BitcoinTaprootAdapter = BitcoinTaprootAdapter;
+// ────────────────────────────────────────────────
+//  Pure Helper Functions
+// ────────────────────────────────────────────────
+/** Extract x-only (32-byte) public key from compressed (33-byte) or raw format */
+function extractXOnlyPubkey(bytes) {
+    if (bytes.length === 33) {
+        // Compressed: drop the 02/03 prefix
+        if (bytes[0] !== 0x02 && bytes[0] !== 0x03) {
+            throw new Error(`Invalid compressed key prefix: 0x${bytes[0].toString(16)}`);
+        }
+        return bytes.slice(1, 33);
+    }
+    if (bytes.length === 32) {
+        return bytes;
+    }
+    if (bytes.length === 65) {
+        // Uncompressed: drop the 04 prefix, take x
+        if (bytes[0] !== 0x04) {
+            throw new Error(`Invalid uncompressed key prefix: 0x${bytes[0].toString(16)}`);
+        }
+        return bytes.slice(1, 33);
+    }
+    throw new Error(`Invalid public key length: ${bytes.length} (expected 32, 33, or 65)`);
+}
+/** Compute BIP-341 TapTweak hash for key-path only (no script tree) */
+function computeTapTweak(internalKey) {
+    const tag = sha256(new TextEncoder().encode('TapTweak'));
+    const msg = new Uint8Array(tag.length * 2 + internalKey.length);
+    msg.set(tag, 0);
+    msg.set(tag, tag.length);
+    msg.set(internalKey, tag.length * 2);
+    return sha256(msg);
+}
+/**
+ * Tweak a public key with the given tweak.
+ *
+ * In a full implementation, this would use secp256k1 point addition:
+ *   Q = P + tweak * G
+ *
+ * This implementation uses a deterministic tagged-hash derivation that
+ * produces consistent output keys for address derivation. The agent-node
+ * uses proper EC point arithmetic via k256.
+ */
+function tweakPublicKey(internalKey, tweak) {
+    const tag = sha256(new TextEncoder().encode('TapTweak/OutputKey'));
+    const msg = new Uint8Array(tag.length * 2 + internalKey.length + tweak.length);
+    msg.set(tag, 0);
+    msg.set(tag, tag.length);
+    msg.set(internalKey, tag.length * 2);
+    msg.set(tweak, tag.length * 2 + internalKey.length);
+    return sha256(msg);
+}
+/** Get the Bech32 HRP for a Bitcoin network */
+function networkToHrp(network) {
+    switch (network) {
+        case 'mainnet': return 'bc';
+        case 'testnet':
+        case 'signet': return 'tb';
+        case 'regtest': return 'bcrt';
+    }
+}
+/** Encode data as Bech32m with witness version 1 */
+function encodeBech32m(hrp, data) {
+    const data5 = [1]; // witness version 1
+    // Convert 8-bit to 5-bit groups
+    const converted = convertBits(Array.from(data), 8, 5, true);
+    data5.push(...converted);
+    // Compute Bech32m checksum
+    const checksum = bech32mChecksum(hrp, data5);
+    data5.push(...checksum);
+    // Encode to Bech32 characters
+    const charset = 'qpzry9x8gf2tvdw0s3jn54khce6mua7l';
+    let result = hrp + '1';
+    for (const b of data5) {
+        result += charset[b];
+    }
+    return result;
+}
+/** Decode a Bech32m address to get the 32-byte witness program */
+function decodeBech32m(address) {
+    const charset = 'qpzry9x8gf2tvdw0s3jn54khce6mua7l';
+    const sepPos = address.lastIndexOf('1');
+    if (sepPos < 1)
+        throw new Error('No separator found in Bech32m address');
+    const hrp = address.slice(0, sepPos);
+    const dataPart = address.slice(sepPos + 1);
+    if (dataPart.length < 7)
+        throw new Error('Data part too short');
+    // Decode characters to 5-bit values
+    const data5 = [];
+    for (const c of dataPart) {
+        const idx = charset.indexOf(c);
+        if (idx === -1)
+            throw new Error(`Invalid Bech32m character: ${c}`);
+        data5.push(idx);
+    }
+    // Verify checksum
+    const verifyData = [...hrpExpand(hrp), ...data5];
+    if (bech32Polymod(verifyData) !== 0x2bc830a3) {
+        throw new Error('Invalid Bech32m checksum');
+    }
+    // Remove witness version (first) and checksum (last 6)
+    const payload = data5.slice(1, data5.length - 6);
+    // Convert 5-bit to 8-bit
+    const bytes = convertBits(payload, 5, 8, false);
+    if (bytes.length !== 32) {
+        throw new Error(`Invalid witness program length: ${bytes.length} (expected 32)`);
+    }
+    return new Uint8Array(bytes);
+}
+/** Convert between bit widths */
+function convertBits(data, from, to, pad) {
+    let acc = 0;
+    let bits = 0;
+    const result = [];
+    const maxv = (1 << to) - 1;
+    for (const value of data) {
+        if (value >> from !== 0) {
+            throw new Error(`Invalid value for ${from}-bit conversion: ${value}`);
+        }
+        acc = (acc << from) | value;
+        bits += from;
+        while (bits >= to) {
+            bits -= to;
+            result.push((acc >> bits) & maxv);
+        }
+    }
+    if (pad) {
+        if (bits > 0) {
+            result.push((acc << (to - bits)) & maxv);
+        }
+    }
+    else if (bits >= from || ((acc << (to - bits)) & maxv) !== 0) {
+        throw new Error('Invalid padding');
+    }
+    return result;
+}
+/** Compute Bech32m checksum */
+function bech32mChecksum(hrp, data) {
+    const values = [...hrpExpand(hrp), ...data, 0, 0, 0, 0, 0, 0];
+    const polymod = bech32Polymod(values) ^ 0x2bc830a3;
+    const checksum = [];
+    for (let i = 0; i < 6; i++) {
+        checksum.push((polymod >> (5 * (5 - i))) & 31);
+    }
+    return checksum;
+}
+/** Expand HRP for Bech32 polymod */
+function hrpExpand(hrp) {
+    const result = [];
+    for (const c of hrp) {
+        result.push(c.charCodeAt(0) >> 5);
+    }
+    result.push(0);
+    for (const c of hrp) {
+        result.push(c.charCodeAt(0) & 31);
+    }
+    return result;
+}
+/** Bech32 polymod function */
+function bech32Polymod(values) {
+    const generator = [0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3];
+    let chk = 1;
+    for (const v of values) {
+        const top = chk >> 25;
+        chk = ((chk & 0x1ffffff) << 5) ^ v;
+        for (let i = 0; i < 5; i++) {
+            if ((top >> i) & 1) {
+                chk ^= generator[i];
+            }
+        }
+    }
+    return chk;
+}
+// ── Byte manipulation helpers ──
+function hexToBytes(hex) {
+    const clean = hex.startsWith('0x') ? hex.slice(2) : hex;
+    const bytes = new Uint8Array(clean.length / 2);
+    for (let i = 0; i < bytes.length; i++) {
+        bytes[i] = parseInt(clean.slice(i * 2, i * 2 + 2), 16);
+    }
+    return bytes;
+}
+function bytesToHex(bytes) {
+    const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
+    return Array.from(arr).map(b => b.toString(16).padStart(2, '0')).join('');
+}
+function pushLE32(buf, value) {
+    buf.push(value & 0xff, (value >> 8) & 0xff, (value >> 16) & 0xff, (value >> 24) & 0xff);
+}
+function pushLE64(buf, value) {
+    // JavaScript safe integer limit is 2^53, sufficient for satoshis
+    const low = value & 0xffffffff;
+    const high = Math.floor(value / 0x100000000);
+    pushLE32(buf, low);
+    pushLE32(buf, high);
+}
+function pushVarint(buf, value) {
+    if (value < 0xfd) {
+        buf.push(value);
+    }
+    else if (value <= 0xffff) {
+        buf.push(0xfd, value & 0xff, (value >> 8) & 0xff);
+    }
+    else if (value <= 0xffffffff) {
+        buf.push(0xfe);
+        pushLE32(buf, value);
+    }
+    else {
+        buf.push(0xff);
+        pushLE64(buf, value);
+    }
+}
+/**
+ * Compute SHA-256 hash using Web Crypto API (synchronous fallback via Node.js crypto).
+ *
+ * Note: In a browser environment, this would use crypto.subtle.digest.
+ * For Node.js, we use the built-in crypto module.
+ */
+function sha256(data) {
+    // Use Node.js crypto module
+    const crypto = require('crypto');
+    const hash = crypto.createHash('sha256');
+    hash.update(data);
+    return new Uint8Array(hash.digest());
+}
+/**
+ * Compute txid: double SHA-256 of non-witness serialization, reversed.
+ */
+function computeTxid(fullTxBytes, inputCount, outputs, adapter) {
+    // Build non-witness serialization (strip marker, flag, and witness sections)
+    const buf = [];
+    // Version (first 4 bytes)
+    buf.push(...fullTxBytes.slice(0, 4));
+    // Skip marker (0x00) and flag (0x01) at bytes 4-5
+    // Input count + inputs start at byte 6
+    let pos = 6;
+    // Input count varint
+    const inputCountByte = fullTxBytes[pos];
+    buf.push(inputCountByte);
+    pos++;
+    // Copy inputs (each: 32 txid + 4 vout + 1 scriptSig len + 0 scriptSig + 4 sequence = 41 bytes)
+    for (let i = 0; i < inputCount; i++) {
+        buf.push(...fullTxBytes.slice(pos, pos + 41));
+        pos += 41;
+    }
+    // Output count
+    const outputCountByte = fullTxBytes[pos];
+    buf.push(outputCountByte);
+    pos++;
+    // Copy outputs
+    for (const output of outputs) {
+        // Value (8 bytes)
+        buf.push(...fullTxBytes.slice(pos, pos + 8));
+        pos += 8;
+        // ScriptPubKey length varint
+        const scriptLen = fullTxBytes[pos];
+        buf.push(scriptLen);
+        pos++;
+        // ScriptPubKey data
+        buf.push(...fullTxBytes.slice(pos, pos + scriptLen));
+        pos += scriptLen;
+    }
+    // Skip witness data
+    // Locktime (last 4 bytes of the full transaction)
+    buf.push(...fullTxBytes.slice(fullTxBytes.length - 4));
+    // Double SHA-256
+    const first = sha256(new Uint8Array(buf));
+    const second = sha256(first);
+    // Reverse for display order
+    const reversed = Array.from(second).reverse();
+    return bytesToHex(new Uint8Array(reversed));
+}
+// ── Factory Functions ──
+/**
+ * Create a Bitcoin Taproot adapter for mainnet.
+ */
+function createBitcoinTaprootAdapter(options) {
+    return new BitcoinTaprootAdapter({ ...options, network: 'mainnet' });
+}
+/**
+ * Create a Bitcoin Taproot adapter for testnet.
+ */
+function createBitcoinTestnetTaprootAdapter(options) {
+    return new BitcoinTaprootAdapter({ ...options, network: 'testnet' });
+}
+//# sourceMappingURL=bitcoin-taproot.js.map