@vbyte/btc-dev 2.0.0 → 2.1.0

package/CHANGELOG.md

@@ -1,5 +1,38 @@
 # CHANGELOG
 
+## [2.1.0] - 2026-01-26
+
+### License
+
+- **Changed license to MIT**: Updated from CC-BY-1.0/CC0 to MIT license for broader compatibility.
+
+### New Features
+
+- **Custom error classes**: Added `ValidationError`, `DecodingError`, and `ConfigError` for better error handling.
+  - `ValidationError`: Invalid input format, out of range values, type mismatches
+  - `DecodingError`: Malformed data during decode/parse operations
+  - `ConfigError`: Invalid configuration (unknown network, invalid sighash, etc.)
+- **Standardized error types**: All modules now throw appropriate custom error classes instead of generic `Error`.
+
+### Documentation
+
+- **Restructured security documentation**: Moved security best practices into GUIDE.md, expanded FAQ.md security section.
+- **New SECURITY.md**: Added vulnerability reporting policy at project root.
+- **Fixed documentation errors**: Corrected `tweak_seckey` references in GUIDE.md and FAQ.md to use `@vbyte/crypto/ecc`.
+
+### Packaging
+
+- **Docs included in package**: Added `docs/` to package files for npm distribution.
+- **Fixed package script**: Changed from pipe to `&&` so test failures prevent builds.
+
+### Testing
+
+- Added 190 new tests (total: 1253 tests passing)
+- **Custom error tests**: Full coverage for ValidationError, DecodingError, and ConfigError
+- **Scribe tests**: Inscription encoding/decoding, rune labels
+- **Verify-tx tests**: Multi-input transaction verification scenarios
+- **Taproot tests**: Control block creation/verification, tree depth limits
+
 ## [2.0.0] - 2026-01-23
 
 ### Security Fixes

package/LICENSE

@@ -1,121 +1,21 @@
-Creative Commons Legal Code
-
-CC0 1.0 Universal
-
-    CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE
-    LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN
-    ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS
-    INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES
-    REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS
-    PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM
-    THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED
-    HEREUNDER.
-
-Statement of Purpose
-
-The laws of most jurisdictions throughout the world automatically confer
-exclusive Copyright and Related Rights (defined below) upon the creator
-and subsequent owner(s) (each and all, an "owner") of an original work of
-authorship and/or a database (each, a "Work").
-
-Certain owners wish to permanently relinquish those rights to a Work for
-the purpose of contributing to a commons of creative, cultural and
-scientific works ("Commons") that the public can reliably and without fear
-of later claims of infringement build upon, modify, incorporate in other
-works, reuse and redistribute as freely as possible in any form whatsoever
-and for any purposes, including without limitation commercial purposes.
-These owners may contribute to the Commons to promote the ideal of a free
-culture and the further production of creative, cultural and scientific
-works, or to gain reputation or greater distribution for their Work in
-part through the use and efforts of others.
-
-For these and/or other purposes and motivations, and without any
-expectation of additional consideration or compensation, the person
-associating CC0 with a Work (the "Affirmer"), to the extent that he or she
-is an owner of Copyright and Related Rights in the Work, voluntarily
-elects to apply CC0 to the Work and publicly distribute the Work under its
-terms, with knowledge of his or her Copyright and Related Rights in the
-Work and the meaning and intended legal effect of CC0 on those rights.
-
-1. Copyright and Related Rights. A Work made available under CC0 may be
-protected by copyright and related or neighboring rights ("Copyright and
-Related Rights"). Copyright and Related Rights include, but are not
-limited to, the following:
-
-  i. the right to reproduce, adapt, distribute, perform, display,
-     communicate, and translate a Work;
- ii. moral rights retained by the original author(s) and/or performer(s);
-iii. publicity and privacy rights pertaining to a person's image or
-     likeness depicted in a Work;
- iv. rights protecting against unfair competition in regards to a Work,
-     subject to the limitations in paragraph 4(a), below;
-  v. rights protecting the extraction, dissemination, use and reuse of data
-     in a Work;
- vi. database rights (such as those arising under Directive 96/9/EC of the
-     European Parliament and of the Council of 11 March 1996 on the legal
-     protection of databases, and under any national implementation
-     thereof, including any amended or successor version of such
-     directive); and
-vii. other similar, equivalent or corresponding rights throughout the
-     world based on applicable law or treaty, and any national
-     implementations thereof.
-
-2. Waiver. To the greatest extent permitted by, but not in contravention
-of, applicable law, Affirmer hereby overtly, fully, permanently,
-irrevocably and unconditionally waives, abandons, and surrenders all of
-Affirmer's Copyright and Related Rights and associated claims and causes
-of action, whether now known or unknown (including existing as well as
-future claims and causes of action), in the Work (i) in all territories
-worldwide, (ii) for the maximum duration provided by applicable law or
-treaty (including future time extensions), (iii) in any current or future
-medium and for any number of copies, and (iv) for any purpose whatsoever,
-including without limitation commercial, advertising or promotional
-purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each
-member of the public at large and to the detriment of Affirmer's heirs and
-successors, fully intending that such Waiver shall not be subject to
-revocation, rescission, cancellation, termination, or any other legal or
-equitable action to disrupt the quiet enjoyment of the Work by the public
-as contemplated by Affirmer's express Statement of Purpose.
-
-3. Public License Fallback. Should any part of the Waiver for any reason
-be judged legally invalid or ineffective under applicable law, then the
-Waiver shall be preserved to the maximum extent permitted taking into
-account Affirmer's express Statement of Purpose. In addition, to the
-extent the Waiver is so judged Affirmer hereby grants to each affected
-person a royalty-free, non transferable, non sublicensable, non exclusive,
-irrevocable and unconditional license to exercise Affirmer's Copyright and
-Related Rights in the Work (i) in all territories worldwide, (ii) for the
-maximum duration provided by applicable law or treaty (including future
-time extensions), (iii) in any current or future medium and for any number
-of copies, and (iv) for any purpose whatsoever, including without
-limitation commercial, advertising or promotional purposes (the
-"License"). The License shall be deemed effective as of the date CC0 was
-applied by Affirmer to the Work. Should any part of the License for any
-reason be judged legally invalid or ineffective under applicable law, such
-partial invalidity or ineffectiveness shall not invalidate the remainder
-of the License, and in such case Affirmer hereby affirms that he or she
-will not (i) exercise any of his or her remaining Copyright and Related
-Rights in the Work or (ii) assert any associated claims and causes of
-action with respect to the Work, in either case contrary to Affirmer's
-express Statement of Purpose.
-
-4. Limitations and Disclaimers.
-
- a. No trademark or patent rights held by Affirmer are waived, abandoned,
-    surrendered, licensed or otherwise affected by this document.
- b. Affirmer offers the Work as-is and makes no representations or
-    warranties of any kind concerning the Work, express, implied,
-    statutory or otherwise, including without limitation warranties of
-    title, merchantability, fitness for a particular purpose, non
-    infringement, or the absence of latent or other defects, accuracy, or
-    the present or absence of errors, whether or not discoverable, all to
-    the greatest extent permissible under applicable law.
- c. Affirmer disclaims responsibility for clearing rights of other persons
-    that may apply to the Work or any use thereof, including without
-    limitation any person's Copyright and Related Rights in the Work.
-    Further, Affirmer disclaims responsibility for obtaining any necessary
-    consents, permissions or other rights required for any use of the
-    Work.
- d. Affirmer understands and acknowledges that Creative Commons is not a
-    party to this document and has no duty or obligation with respect to
-    this CC0 or use of the Work.
+MIT License
+
+Copyright (c) 2024 Christopher Scott
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -1,18 +1,10 @@
 # @vbyte/btc-dev
 
-A batteries-included TypeScript toolset for Bitcoin development. Create, sign, and verify Bitcoin transactions with full support for segwit and taproot.
-
-## Features
+[![npm version](https://img.shields.io/npm/v/@vbyte/btc-dev.svg)](https://www.npmjs.com/package/@vbyte/btc-dev)
+[![License: CC-BY-1.0](https://img.shields.io/badge/License-CC--BY--1.0-blue.svg)](LICENSE)
+[![TypeScript](https://img.shields.io/badge/TypeScript-5.0+-blue.svg)](https://www.typescriptlang.org/)
 
-- **Full Address Support**: P2PKH, P2SH, P2WPKH, P2WSH, P2TR (taproot)
-- **Transaction Building**: Create, encode, decode, and parse Bitcoin transactions
-- **Signature Hashing**: BIP-143 (segwit) and BIP-341 (taproot) sighash calculation
-- **Signing & Verification**: ECDSA (segwit) and Schnorr (taproot) signatures
-- **Taproot Scripts**: Merkle tree construction, control blocks, and script-path spends
-- **Script Handling**: Encode/decode Bitcoin scripts, lock script detection
-- **Metadata Utilities**: Locktime, sequence (BIP-68), outpoints, rune IDs, inscription IDs
-- **Type Safety**: Full TypeScript support with strict types
-- **Tree-shakeable**: Import only what you need
+A batteries-included TypeScript toolset for Bitcoin development. Create, sign, and verify Bitcoin transactions with full support for segwit and taproot.
 
 ## Installation
 
@@ -20,243 +12,60 @@ A batteries-included TypeScript toolset for Bitcoin development. Create, sign, a
 npm install @vbyte/btc-dev
 ```
 
-## Quick Start
+## Quick Example
 
 ```typescript
 import { ADDRESS, TX, SIGNER } from '@vbyte/btc-dev'
 
-// Create a P2WPKH address from a public key
+// Create a P2WPKH address
 const address = ADDRESS.p2wpkh(pubkey, 'main')
 console.log(address.data)  // bc1q...
 
-// Parse a raw transaction
-const tx = TX.parse(txhex)
-console.log(tx.vin.length, 'inputs')
-console.log(tx.vout.length, 'outputs')
+// Parse a transaction
+const tx = TX.parse(rawTxHex)
 
-// Sign a segwit transaction
-const signature = SIGNER.sign_segwit_tx(secretKey, txdata, {
+// Sign and verify
+const signature = SIGNER.sign_segwit_tx(secretKey, tx, {
   txindex: 0,
-  pubkey: publicKey,
-  sigflag: 0x01  // SIGHASH_ALL
+  pubkey,
+  sigflag: 0x01
 })
+const result = SIGNER.verify_tx(tx)
 ```
 
-## Module Overview
+## Modules
 
 | Module | Description |
 |--------|-------------|
-| `ADDRESS` | Create and parse Bitcoin addresses (P2PKH, P2SH, P2WPKH, P2WSH, P2TR) |
-| `TX` | Transaction creation, encoding, decoding, parsing, and validation |
-| `SCRIPT` | Bitcoin script encoding, decoding, and lock script detection |
-| `SIGHASH` | Signature hash calculation for segwit (BIP-143) and taproot (BIP-341) |
-| `SIGNER` | Sign and verify transactions using ECDSA and Schnorr |
-| `TAPROOT` | Taproot tree construction, control blocks, and tweaking |
-| `WITNESS` | Parse and analyze witness data |
-| `META` | Locktime, sequence, outpoints, and reference IDs |
-
-## Import Patterns
-
-```typescript
-// Import all namespaces
-import { ADDRESS, TX, SCRIPT, SIGHASH, SIGNER, TAPROOT, WITNESS, META } from '@vbyte/btc-dev'
-
-// Tree-shaking: import specific modules
-import { p2wpkh, p2tr } from '@vbyte/btc-dev/address'
-import { parse_tx, encode_tx } from '@vbyte/btc-dev/tx'
-import { sign_segwit_tx, sign_taproot_tx, verify_tx } from '@vbyte/btc-dev/signer'
-```
-
-## API Highlights
-
-### Address Creation
-
-```typescript
-import { ADDRESS } from '@vbyte/btc-dev'
-
-// P2PKH (legacy)
-const p2pkh = ADDRESS.p2pkh(pubkey, 'main')
-
-// P2WPKH (native segwit)
-const p2wpkh = ADDRESS.p2wpkh(pubkey, 'main')
-
-// P2WSH (segwit script hash)
-const p2wsh = ADDRESS.p2wsh(redeemScript, 'main')
-
-// P2TR (taproot)
-const p2tr = ADDRESS.p2tr(xOnlyPubkey, 'main')
-```
-
-### Transaction Parsing
+| `ADDRESS` | Create and parse addresses (P2PKH, P2SH, P2WPKH, P2WSH, P2TR) |
+| `TX` | Transaction creation, encoding, decoding, parsing |
+| `SCRIPT` | Script encoding, decoding, type detection |
+| `SIGHASH` | Signature hash calculation (BIP-143, BIP-341) |
+| `SIGNER` | Sign and verify transactions (ECDSA, Schnorr) |
+| `TAPROOT` | Taproot trees, control blocks, tweaking |
+| `WITNESS` | Witness data parsing and analysis |
+| `META` | Locktime, sequence, reference IDs |
 
-```typescript
-import { TX } from '@vbyte/btc-dev'
-
-// Parse raw transaction hex
-const tx = TX.parse(rawTxHex)
-
-// Access transaction data
-console.log(tx.version)      // Transaction version
-console.log(tx.vin)          // Inputs array
-console.log(tx.vout)         // Outputs array
-console.log(tx.locktime)     // Locktime
-
-// Encode transaction back to hex
-const encoded = TX.encode(tx)
-```
-
-### Signing Transactions
+## Documentation
 
-```typescript
-import { SIGNER } from '@vbyte/btc-dev'
-
-// Sign segwit (v0) transaction input
-const segwitSig = SIGNER.sign_segwit_tx(secretKey, txdata, {
-  txindex: 0,           // Input index to sign
-  pubkey: compressedPubkey,  // For P2WPKH
-  sigflag: 0x01         // SIGHASH_ALL
-})
+- **[Guide](docs/GUIDE.md)** - Complete tutorial covering addresses, transactions, signing, and taproot
+- **[API Reference](docs/API.md)** - Full function reference for all modules
+- **[Security](docs/SECURITY.md)** - Best practices for production use
+- **[FAQ](docs/FAQ.md)** - Common questions and troubleshooting
+- **[Conventions](docs/CONVENTIONS.md)** - Coding conventions for contributors
 
-// Sign taproot (v1) transaction input
-const taprootSig = SIGNER.sign_taproot_tx(secretKey, txdata, {
-  txindex: 0,
-  sigflag: 0x00         // SIGHASH_DEFAULT (taproot)
-})
-
-// Verify all signatures in a transaction
-const result = SIGNER.verify_tx(txdata)
-if (result.valid) {
-  console.log('All signatures valid')
-} else {
-  console.log('Verification failed:', result.error)
-  result.inputs.forEach(input => {
-    if (!input.valid) console.log(`Input ${input.index}: ${input.error}`)
-  })
-}
-```
-
-### Taproot Scripts
-
-```typescript
-import { TAPROOT } from '@vbyte/btc-dev'
-
-// Create a taproot output with scripts
-const taprootCtx = TAPROOT.create({
-  pubkey: internalPubkey,
-  leaves: [tapleaf1, tapleaf2]  // Script leaves
-})
+## Contributing
 
-console.log(taprootCtx.tapkey)    // Tweaked public key
-console.log(taprootCtx.cblock)    // Control block for script-path
-console.log(taprootCtx.taptweak)  // Tweak value
-
-// Verify control block
-const isValid = TAPROOT.verify(tapkey, target, cblock)
-```
-
-### Script Detection
-
-```typescript
-import { SCRIPT } from '@vbyte/btc-dev'
-
-// Detect lock script type
-const type = SCRIPT.get_lock_script_type(scriptPubKey)
-// Returns: 'p2pkh' | 'p2sh' | 'p2wpkh' | 'p2wsh' | 'p2tr' | 'opreturn' | null
-
-// Check specific types
-SCRIPT.is_p2wpkh_script(script)  // true/false
-SCRIPT.is_p2tr_script(script)    // true/false
-
-// Get witness version
-const version = SCRIPT.get_lock_script_version(script)
-// Returns: 0 (segwit v0), 1 (taproot), or null (legacy)
-```
-
-### Witness Parsing
-
-```typescript
-import { WITNESS } from '@vbyte/btc-dev'
-
-// Parse witness data from transaction input
-const witnessData = WITNESS.parse(witness)
-
-console.log(witnessData.type)     // 'p2wpkh' | 'p2wsh' | 'p2tr' | 'p2ts' | null
-console.log(witnessData.version)  // 0 | 1 | null
-console.log(witnessData.params)   // Signature and other params
-console.log(witnessData.script)   // Witness script (if p2wsh/p2ts)
-console.log(witnessData.cblock)   // Control block (if p2ts)
-console.log(witnessData.annex)    // Annex data (if present)
-```
-
-### Metadata Utilities
-
-```typescript
-import { META } from '@vbyte/btc-dev'
-
-// Encode/decode locktime (BIP-65)
-const locktime = META.encode_locktime({ type: 'heightlock', height: 800000 })
-const decoded = META.decode_locktime(locktime)
-
-// Encode/decode sequence (BIP-68)
-const sequence = META.encode_sequence({ mode: 'height', height: 144 })  // ~24 hours
-const decodedSeq = META.decode_sequence(sequence)
-
-// Reference pointers
-const outpoint = META.RefPointer.outpoint.encode(txid, vout)
-const inscriptionId = META.RefPointer.record_id.encode(txid, 0)
-const runeId = META.RefPointer.rune_id.encode(840000, 15)
-```
-
-## Security Considerations
-
-- Always validate inputs before signing transactions
-- Never log or expose secret keys
-- Use secure random number generation for key generation
-- Verify signatures after signing to ensure correctness
-- Be aware of sighash flag implications (ANYONECANPAY, SINGLE, NONE)
-
-See [SECURITY.md](./docs/SECURITY.md) for detailed security guidelines.
-
-## Type Definitions
-
-All types are exported from the main module:
-
-```typescript
-import type {
-  TxData,
-  TxInput,
-  TxOutput,
-  SigHashOptions,
-  AddressData,
-  WitnessData,
-  TaprootContext
-} from '@vbyte/btc-dev'
-```
+See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup and guidelines.
 
 ## Dependencies
 
-- `@noble/curves` - Elliptic curve cryptography
-- `@noble/hashes` - Cryptographic hash functions
-- `@scure/btc-signer` - Bitcoin signing utilities
-- `@vbyte/buff` - Buffer manipulation utilities
-- `zod` - Runtime validation schemas
-
-## Development
-
-```bash
-# Run tests
-npm test
-
-# Run specific test file
-npm run script test/path/to/file.ts
-
-# Build the package
-npm run build
-
-# Build and test
-npm run package
-```
+- [@noble/curves](https://github.com/paulmillr/noble-curves) - Elliptic curve cryptography
+- [@noble/hashes](https://github.com/paulmillr/noble-hashes) - Cryptographic hash functions
+- [@scure/btc-signer](https://github.com/paulmillr/scure-btc-signer) - Bitcoin signing utilities
+- [@vbyte/buff](https://www.npmjs.com/package/@vbyte/buff) - Buffer manipulation
+- [zod](https://zod.dev) - Runtime validation
 
 ## License
 
-CC-BY-1.0
+[CC-BY-1.0](LICENSE)

package/dist/error.d.ts

@@ -0,0 +1,11 @@
+export declare class ValidationError extends Error {
+    field?: string;
+    constructor(message: string, field?: string);
+}
+export declare class DecodingError extends Error {
+    position?: number;
+    constructor(message: string, position?: number);
+}
+export declare class ConfigError extends Error {
+    constructor(message: string);
+}

package/dist/error.js

@@ -0,0 +1,20 @@
+export class ValidationError extends Error {
+    constructor(message, field) {
+        super(message);
+        this.name = "ValidationError";
+        this.field = field;
+    }
+}
+export class DecodingError extends Error {
+    constructor(message, position) {
+        super(message);
+        this.name = "DecodingError";
+        this.position = position;
+    }
+}
+export class ConfigError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "ConfigError";
+    }
+}

package/dist/index.d.ts

@@ -8,4 +8,5 @@ export * as TAPROOT from "./lib/taproot/index.js";
 export * as TX from "./lib/tx/index.js";
 export * as WITNESS from "./lib/witness/index.js";
 export * as SCHEMA from "./schema/index.js";
+export { ValidationError, DecodingError, ConfigError } from "./error.js";
 export type * from "./types/index.js";

package/dist/index.js

@@ -8,3 +8,4 @@ export * as TAPROOT from "./lib/taproot/index.js";
 export * as TX from "./lib/tx/index.js";
 export * as WITNESS from "./lib/witness/index.js";
 export * as SCHEMA from "./schema/index.js";
+export { ValidationError, DecodingError, ConfigError } from "./error.js";

package/dist/lib/address/api.js

@@ -1,5 +1,6 @@
 import { Buff } from "@vbyte/buff";
 import { LOCK_SCRIPT_TYPE } from "../../const.js";
+import { ConfigError } from "../../error.js";
 import { get_lock_script_type } from "../../lib/script/lock.js";
 import { P2PKH } from "./p2pkh.js";
 import { P2SH } from "./p2sh.js";
@@ -11,7 +12,7 @@ export function get_address(script, network = "main") {
     const bytes = Buff.bytes(script);
     const type = get_lock_script_type(bytes);
     if (type === null)
-        throw new Error("Unknown or unsupported locking script type");
+        throw new ConfigError("Unknown or unsupported locking script type");
     switch (type) {
         case LOCK_SCRIPT_TYPE.P2PKH:
             return P2PKH.encode_address(script, network);
@@ -24,7 +25,7 @@ export function get_address(script, network = "main") {
         case LOCK_SCRIPT_TYPE.P2TR:
             return P2TR.encode_address(script, network);
         default:
-            throw new Error(`unknown script type: ${type}`);
+            throw new ConfigError(`unknown script type: ${type}`);
     }
 }
 export function parse_address(address) {

package/dist/lib/address/encode.js

@@ -1,5 +1,7 @@
 import { Buff } from "@vbyte/buff";
-import { Assert, B58chk, Bech32, Bech32m } from "@vbyte/micro-lib";
+import { Assert } from "@vbyte/util";
+import { B58chk, Bech32, Bech32m } from "@vbyte/crypto";
+import { ValidationError } from "../../error.js";
 const ENCODING_REGEX = {
     base58: /^[13mn2][a-km-zA-HJ-NP-Z1-9]{25,34}$/,
     bech32: /^(bc|tb|bcrt)1q[ac-hj-np-z02-9]{6,87}$/,
@@ -12,14 +14,14 @@ const VERSION = {
 export function decode_address(address) {
     const format = get_address_format(address);
     if (format === null)
-        throw new Error(`unrecognized address format: ${address}`);
+        throw new ValidationError(`unrecognized address format: ${address}`, "address");
     if (format === "base58")
         return base58_decode(address);
     if (format === "bech32")
         return bech32_decode(address);
     if (format === "bech32m")
         return bech32m_decode(address);
-    throw new Error("unable to find a matching address configuration");
+    throw new ValidationError("unable to find a matching address configuration", "address");
 }
 export function encode_address(config) {
     if (config.format === "base58")
@@ -28,7 +30,7 @@ export function encode_address(config) {
         return bech32_encode(config);
     if (config.format === "bech32m")
         return bech32m_encode(config);
-    throw new Error(`unrecognized encoding format: ${config.format}`);
+    throw new ValidationError(`unrecognized encoding format: ${config.format}`, "format");
 }
 function get_address_format(address) {
     for (const [format, regex] of Object.entries(ENCODING_REGEX)) {

package/dist/lib/address/p2pkh.js

@@ -1,6 +1,6 @@
 import { Buff } from "@vbyte/buff";
-import { Assert } from "@vbyte/micro-lib";
-import { hash160 } from "@vbyte/micro-lib/hash";
+import { Assert } from "@vbyte/util";
+import { hash160 } from "@vbyte/crypto/hash";
 import { LOCK_SCRIPT_TYPE } from "../../const.js";
 import { is_p2pkh_script } from "../../lib/script/lock.js";
 import { encode_address } from "./encode.js";
@@ -21,7 +21,7 @@ function create_p2pkh_address(pubkey, network = "main") {
 }
 function create_p2pkh_script(pubkey) {
     const bytes = Buff.bytes(pubkey);
-    Assert.size(bytes, 33, "invalid pubkey size");
+    Assert.ok(bytes.length === 33, "invalid pubkey size");
     const hash = hash160(bytes);
     return encode_p2pkh_script(hash);
 }
@@ -32,7 +32,7 @@ function encode_p2pkh_address(script, network = "main") {
     const pk_hash = decode_p2pkh_script(script);
     const config = get_address_config(network, ADDRESS_TYPE);
     Assert.exists(config, `unrecognized address config: ${ADDRESS_TYPE} on ${network}`);
-    Assert.size(pk_hash, config.size, `invalid payload size: ${pk_hash.length} !== ${config.size}`);
+    Assert.ok(pk_hash.length === config.size, `invalid payload size: ${pk_hash.length} !== ${config.size}`);
     return encode_address({
         data: pk_hash,
         format: "base58",

package/dist/lib/address/p2sh.js

@@ -1,6 +1,6 @@
 import { Buff } from "@vbyte/buff";
-import { Assert } from "@vbyte/micro-lib";
-import { hash160 } from "@vbyte/micro-lib/hash";
+import { Assert } from "@vbyte/util";
+import { hash160 } from "@vbyte/crypto/hash";
 import { LOCK_SCRIPT_TYPE } from "../../const.js";
 import { is_p2sh_script } from "../../lib/script/lock.js";
 import { encode_address } from "./encode.js";
@@ -33,7 +33,7 @@ function encode_p2sh_address(script_pk, network = "main") {
     const script_hash = decode_p2sh_script(script_pk);
     const config = get_address_config(network, ADDRESS_TYPE);
     Assert.exists(config, `unrecognized address config: ${ADDRESS_TYPE} on ${network}`);
-    Assert.size(script_hash, config.size, `invalid payload size: ${script_hash.length} !== ${config.size}`);
+    Assert.ok(script_hash.length === config.size, `invalid payload size: ${script_hash.length} !== ${config.size}`);
     return encode_address({
         data: script_hash,
         format: "base58",

package/dist/lib/address/p2tr.js

@@ -1,5 +1,5 @@
 import { Buff } from "@vbyte/buff";
-import { Assert } from "@vbyte/micro-lib";
+import { Assert } from "@vbyte/util";
 import { LOCK_SCRIPT_TYPE } from "../../const.js";
 import { is_p2tr_script } from "../../lib/script/lock.js";
 import { encode_address } from "./encode.js";
@@ -20,7 +20,7 @@ function create_p2tr_address(pubkey, network = "main") {
 }
 function create_p2tr_script(pubkey) {
     const bytes = Buff.bytes(pubkey);
-    Assert.size(bytes, 32, "invalid pubkey size");
+    Assert.ok(bytes.length === 32, "invalid pubkey size");
     return encode_p2tr_script(bytes);
 }
 function encode_p2tr_script(pubkey) {
@@ -30,7 +30,7 @@ function encode_p2tr_address(script_pk, network = "main") {
     const pubkey = decode_p2tr_script(script_pk);
     const config = get_address_config(network, ADDRESS_TYPE);
     Assert.exists(config, `unrecognized address config: ${ADDRESS_TYPE} on ${network}`);
-    Assert.size(pubkey, config.size, `invalid payload size: ${pubkey.length} !== ${config.size}`);
+    Assert.ok(pubkey.length === config.size, `invalid payload size: ${pubkey.length} !== ${config.size}`);
     return encode_address({
         data: pubkey,
         format: "bech32m",