npm - @smartledger/bsv - Versions diffs - 1.5.6-fix1 → 3.0.2 - Mend

@smartledger/bsv 1.5.6-fix1 → 3.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/CHANGELOG.md +111 -0
package/README.md +38 -10
package/bsv.min.js +8 -8
package/index.js +10 -0
package/lib/crypto/ecdsa.js +57 -38
package/lib/crypto/smartledger_verify.js +42 -11
package/lib/script/interpreter.js +8 -8
package/lib/smartminer.js +169 -0
package/lib/smartutxo.js +200 -0
package/lib/transaction/transaction.js +39 -0
package/package.json +29 -4
package/utilities/README.md +132 -0
package/utilities/blockchain-state.js +332 -0
package/utilities/blockchain-state.json +41 -0
package/utilities/miner-simulator.js +620 -0
package/utilities/mock-utxo-generator.js +149 -0
package/utilities/raw-tx-examples.js +213 -0
package/utilities/success-demo.js +193 -0
package/utilities/transaction-examples.js +328 -0
package/utilities/utxo-manager.js +162 -0
package/utilities/wallet-setup.js +167 -0
package/utilities/wallet.json +30 -0
package/utilities/working-signature-demo.js +181 -0
package/validation_test.js +97 -0

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,111 @@
+# Changelog
+All notable changes to SmartLedger-BSV will be documented in this file.
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [3.0.2] - 2025-10-19
+### 🔧 Fixed
+- **CRITICAL**: Fixed signature verification bug that caused all ECDSA.verify() calls to return false
+- **CRITICAL**: Fixed SmartVerify.smartVerify() failure when processing DER-encoded signatures
+- Fixed ECDSA.set() method to automatically parse DER buffers to Signature objects for compatibility
+- Fixed double canonicalization issue in ECDSA.sigError() that corrupted signature verification
+- Fixed SmartVerify.isCanonical() to properly handle DER buffer inputs
+- Enhanced backward compatibility for both canonical and non-canonical signature inputs
+### ✨ Added
+- **NEW**: SmartUTXO - Comprehensive UTXO management system for BSV development and testing
+- **NEW**: SmartMiner - BSV blockchain miner simulator with full transaction validation
+- **NEW**: Signature verification validation test suite (`npm run test:signatures`)
+- **NEW**: Blockchain state management with persistent JSON storage
+- **NEW**: Mock UTXO generation for testing and development
+- **NEW**: Transaction mempool simulation and block mining
+- **NEW**: Enhanced development tools for BSV application testing
+### 🚀 Enhanced
+- Improved signature verification pipeline for external developer compatibility
+- Enhanced DER buffer parsing throughout the crypto modules
+- Added comprehensive logging and debugging capabilities for development tools
+- Improved error handling and validation in signature processing
+- Added compatibility layer for mixed signature formats (DER buffers + Signature objects)
+### 📦 Developer Experience
+- Added `validation_test.js` for signature verification testing
+- Exposed `bsv.SmartUTXO` and `bsv.SmartMiner` modules in main API
+- Enhanced npm scripts with signature testing capabilities
+- Added comprehensive documentation for new UTXO management features
+- Included utilities/ directory in npm package for developer access
+### 🐛 Bug Impact
+- **Before**: External developers importing smartledger-bsv experienced 100% signature verification failure
+- **After**: All signature verification methods now work correctly with 100% success rate
+- **Affected Methods**: ECDSA.verify(), SmartVerify.smartVerify(), SmartVerify.isCanonical()
+- **Root Cause**: Double canonicalization and improper DER buffer handling in verification pipeline
+- **Solution**: Enhanced signature object parsing and canonical verification logic
+### 📊 Validation Results
+```
+Test Results: 14/14 tests passed (100% success rate)
+✅ ECDSA.verify(hash, derSig, publicKey): true
+✅ ECDSA.verify(hash, canonicalDer, publicKey): true
+✅ ECDSA.verify(hash, signature, publicKey): true
+✅ SmartVerify.smartVerify(hash, derSig, publicKey): true
+✅ SmartVerify.smartVerify(hash, canonicalDer, publicKey): true
+✅ SmartVerify.isCanonical(derSig): true
+✅ SmartVerify.isCanonical(canonicalDer): true
+```
+## [3.0.1] - 2025-10-19
+### 🔒 Security
+- Security-hardened Bitcoin SV library with zero known vulnerabilities
+- Enhanced signature canonicalization and malleability protection
+- Fixed elliptic curve vulnerabilities from upstream dependencies
+- Implemented SmartVerify hardened verification module
+### 🏗️ Infrastructure
+- Complete drop-in replacement for bsv@1.5.6
+- Maintained full API compatibility while enhancing security
+- Added comprehensive security feature documentation
+- Enhanced error handling and input validation
+---
+## Migration Guide
+### From v3.0.1 to v3.0.2
+**No Breaking Changes** - This is a bug fix release that maintains full backward compatibility.
+**New Features Available:**
+```javascript
+const bsv = require('smartledger-bsv');
+// New UTXO Management System
+const utxoManager = new bsv.SmartUTXO();
+const balance = utxoManager.getBalance('1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa');
+// New Miner Simulator
+const miner = new bsv.SmartMiner(bsv);
+const accepted = miner.acceptTransaction(transaction);
+const block = miner.mineBlock();
+// Signature verification now works correctly
+const verified = bsv.crypto.ECDSA.verify(hash, derSig, publicKey); // Now returns true
+const smartVerified = bsv.SmartVerify.smartVerify(hash, derSig, publicKey); // Now returns true
+```
+**Testing Your Integration:**
+```bash
+npm run test:signatures  # Validates signature verification works correctly
+```
+---
+## Support
+- **GitHub**: https://github.com/codenlighten/smartledger-bsv
+- **Issues**: https://github.com/codenlighten/smartledger-bsv/issues
+- **Email**: hello@smartledger.technology

package/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
-# SmartLedger BSV v1.5.6-fix1
+# SmartLedger BSV v3.0
 ### Security-Hardened Bitcoin SV Library
-[![npm version](https://img.shields.io/npm/v/@smartledger/bsv.svg)](https://www.npmjs.com/package/@smartledger/bsv)
+[![npm version](https://img.shields.io/npm/v/smartledger-bsv.svg)](https://www.npmjs.com/package/smartledger-bsv)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 [![Node.js CI](https://img.shields.io/badge/Node.js-✓-green.svg)]()
 [![Browser Compatible](https://img.shields.io/badge/Browser-✓-green.svg)]()
@@ -12,12 +12,12 @@ A **complete drop-in replacement** for BSV@1.5.6 with critical security vulnerab
 ## 🚀 Quick Start
 ```bash
-npm install @smartledger/bsv
+npm install smartledger-bsv
 ```
 ```javascript
 // Drop-in replacement - no code changes required
-const bsv = require('@smartledger/bsv');
+const bsv = require('smartledger-bsv');
 const privateKey = bsv.PrivateKey();
 const message = bsv.Message('hello world');
@@ -61,13 +61,36 @@ console.log(signature.validate());    // comprehensive validation
 - `bsv-ecies.min.js` - Encryption support (71KB)
 ### CDN Usage
+#### unpkg CDN
 ```html
 <!-- Security-hardened BSV library -->
-<script src="https://cdn.jsdelivr.net/npm/@smartledger/bsv@1.5.6-fix1/bsv.min.js"></script>
+<script src="https://unpkg.com/smartledger-bsv@3.0.0/bsv.min.js"></script>
 <!-- Optional modules -->
-<script src="https://cdn.jsdelivr.net/npm/@smartledger/bsv@1.5.6-fix1/bsv-message.min.js"></script>
-<script src="https://cdn.jsdelivr.net/npm/@smartledger/bsv@1.5.6-fix1/bsv-mnemonic.min.js"></script>
+<script src="https://unpkg.com/smartledger-bsv@3.0.0/bsv-message.min.js"></script>
+<script src="https://unpkg.com/smartledger-bsv@3.0.0/bsv-mnemonic.min.js"></script>
+<script src="https://unpkg.com/smartledger-bsv@3.0.0/bsv-ecies.min.js"></script>
+<!-- Always latest version -->
+<script src="https://unpkg.com/smartledger-bsv/bsv.min.js"></script>
+```
+#### jsDelivr CDN
+```html
+<script src="https://cdn.jsdelivr.net/npm/smartledger-bsv@3.0.0/bsv.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/smartledger-bsv@3.0.0/bsv-message.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/smartledger-bsv@3.0.0/bsv-mnemonic.min.js"></script>
+```
+#### ES6 Module CDN
+```html
+<script type="module">
+  import bsv from 'https://unpkg.com/smartledger-bsv@3.0.0/bsv.min.js';
+  const privateKey = new bsv.PrivateKey();
+  console.log('BSV Address:', privateKey.toAddress().toString());
+</script>
 ```
 ## 🧪 Validation & Testing
@@ -93,7 +116,7 @@ console.log(signature.validate());    // comprehensive validation
 const bsv = require('bsv');
 // After (security-hardened)
-const bsv = require('@smartledger/bsv');
+const bsv = require('smartledger-bsv');
 // All existing code works unchanged
 const tx = new bsv.Transaction()
@@ -134,14 +157,19 @@ Full browser support with proper Buffer handling and crypto compatibility:
 <!DOCTYPE html>
 <html>
 <head>
-  <script src="https://cdn.jsdelivr.net/npm/@smartledger/bsv@1.5.6-fix1/bsv.min.js"></script>
+  <!-- Using unpkg CDN -->
+  <script src="https://unpkg.com/smartledger-bsv@3.0.0/bsv.min.js"></script>
 </head>
 <body>
 <script>
   // Works in all modern browsers
-  const privateKey = bsv.PrivateKey();
+  const privateKey = new bsv.PrivateKey();
   const address = privateKey.toAddress().toString();
   console.log('BSV Address:', address);
+  // SmartLedger security features available
+  console.log('Security Features:', bsv.SmartLedger.securityFeatures);
+  console.log('Hardened by:', bsv.SmartLedger.hardenedBy);
 </script>
 </body>
 </html>