bip388 1.0.0

package/dist/index.js

@@ -0,0 +1,1305 @@
+// src/miniscript.ts
+function pk(key) {
+  return {
+    type: "pk",
+    key,
+    toString() {
+      return `pk(${this.key})`;
+    }
+  };
+}
+function pkh(key) {
+  return {
+    type: "pkh",
+    key,
+    toString() {
+      return `pkh(${this.key})`;
+    }
+  };
+}
+function sha256(hash) {
+  validateHash(hash, 64, "sha256");
+  return {
+    type: "sha256",
+    hash,
+    toString() {
+      return `sha256(${this.hash})`;
+    }
+  };
+}
+function hash256(hash) {
+  validateHash(hash, 64, "hash256");
+  return {
+    type: "hash256",
+    hash,
+    toString() {
+      return `hash256(${this.hash})`;
+    }
+  };
+}
+function hash160(hash) {
+  validateHash(hash, 40, "hash160");
+  return {
+    type: "hash160",
+    hash,
+    toString() {
+      return `hash160(${this.hash})`;
+    }
+  };
+}
+function ripemd160(hash) {
+  validateHash(hash, 40, "ripemd160");
+  return {
+    type: "ripemd160",
+    hash,
+    toString() {
+      return `ripemd160(${this.hash})`;
+    }
+  };
+}
+function older(blocks) {
+  validateTimelock(blocks, "older");
+  return {
+    type: "older",
+    blocks,
+    toString() {
+      return `older(${this.blocks})`;
+    }
+  };
+}
+function after(time) {
+  validateTimelock(time, "after");
+  return {
+    type: "after",
+    time,
+    toString() {
+      return `after(${this.time})`;
+    }
+  };
+}
+function and_v(left, right) {
+  return {
+    type: "and_v",
+    left,
+    right,
+    toString() {
+      return `and_v(${this.left.toString()},${this.right.toString()})`;
+    }
+  };
+}
+function or_d(left, right) {
+  return {
+    type: "or_d",
+    left,
+    right,
+    toString() {
+      return `or_d(${this.left.toString()},${this.right.toString()})`;
+    }
+  };
+}
+function or_i(left, right) {
+  return {
+    type: "or_i",
+    left,
+    right,
+    toString() {
+      return `or_i(${this.left.toString()},${this.right.toString()})`;
+    }
+  };
+}
+function v(inner) {
+  return {
+    type: "v",
+    inner,
+    toString() {
+      return `v:${this.inner.toString()}`;
+    }
+  };
+}
+function multi(threshold, keys) {
+  validateMultisig(threshold, keys.length, "multi");
+  return {
+    type: "multi",
+    threshold,
+    keys,
+    toString() {
+      return `multi(${this.threshold},${this.keys.join(",")})`;
+    }
+  };
+}
+function sortedmulti(threshold, keys) {
+  validateMultisig(threshold, keys.length, "sortedmulti");
+  return {
+    type: "sortedmulti",
+    threshold,
+    keys,
+    toString() {
+      return `sortedmulti(${this.threshold},${this.keys.join(",")})`;
+    }
+  };
+}
+function multi_a(threshold, keys) {
+  validateMultisig(threshold, keys.length, "multi_a");
+  return {
+    type: "multi_a",
+    threshold,
+    keys,
+    toString() {
+      return `multi_a(${this.threshold},${this.keys.join(",")})`;
+    }
+  };
+}
+function sortedmulti_a(threshold, keys) {
+  validateMultisig(threshold, keys.length, "sortedmulti_a");
+  return {
+    type: "sortedmulti_a",
+    threshold,
+    keys,
+    toString() {
+      return `sortedmulti_a(${this.threshold},${this.keys.join(",")})`;
+    }
+  };
+}
+function validateHash(hash, expectedLength, name) {
+  if (!hash || typeof hash !== "string") {
+    throw new Error(`${name} must be a hex string`);
+  }
+  if (hash.length !== expectedLength) {
+    throw new Error(
+      `${name} must be ${expectedLength / 2} bytes (${expectedLength} hex chars), got ${hash.length}`
+    );
+  }
+  if (!/^[0-9a-fA-F]+$/.test(hash)) {
+    throw new Error(`${name} must be a valid hex string`);
+  }
+}
+function validateTimelock(value, name) {
+  if (!Number.isInteger(value) || value <= 0) {
+    throw new Error(`${name} must be a positive integer`);
+  }
+  if (value > 2147483647) {
+    throw new Error(`${name} exceeds maximum value (2^31-1)`);
+  }
+}
+function validateMultisig(threshold, numKeys, name) {
+  if (!Number.isInteger(threshold) || threshold <= 0) {
+    throw new Error(`${name} threshold must be a positive integer`);
+  }
+  if (numKeys < 1) {
+    throw new Error(`${name} requires at least one key`);
+  }
+  if (threshold > numKeys) {
+    throw new Error(
+      `${name} threshold (${threshold}) cannot exceed number of keys (${numKeys})`
+    );
+  }
+  if (numKeys > 20 && (name === "multi" || name === "sortedmulti")) {
+    throw new Error(`${name} is limited to 20 keys in SegWit`);
+  }
+}
+
+// src/bip388.ts
+function keyPlaceholder(index) {
+  if (!Number.isInteger(index) || index < 0) {
+    throw new Error(`Key index must be a non-negative integer, got: ${index}`);
+  }
+  return `@${index}/**`;
+}
+function trDescriptor(internalKeyIndex, tree) {
+  const internalKey = keyPlaceholder(internalKeyIndex);
+  if (!tree) {
+    return `tr(${internalKey})`;
+  }
+  const treeStr = serializeTapTree(tree);
+  return `tr(${internalKey},${treeStr})`;
+}
+function wshDescriptor(script) {
+  return `wsh(${script.toString()})`;
+}
+function wpkhDescriptor(keyIndex) {
+  return `wpkh(${keyPlaceholder(keyIndex)})`;
+}
+function buildTaprootPolicy(internalKeyIndex, tree, options) {
+  validatePolicyOptions(options);
+  return {
+    name: options.name,
+    template: trDescriptor(internalKeyIndex, tree),
+    keys: options.keys
+  };
+}
+function buildSegwitPolicy(script, options) {
+  validatePolicyOptions(options);
+  return {
+    name: options.name,
+    template: wshDescriptor(script),
+    keys: options.keys
+  };
+}
+function formatKeyInfo(info) {
+  let result = "";
+  if (info.fingerprint || info.originPath) {
+    result += "[";
+    if (info.fingerprint) {
+      result += info.fingerprint;
+    }
+    if (info.originPath) {
+      result += "/" + info.originPath;
+    }
+    result += "]";
+  }
+  result += info.xpub;
+  return result;
+}
+function bareKey(xpub) {
+  return { xpub };
+}
+function validatePolicyOptions(options) {
+  if (!options.name || typeof options.name !== "string") {
+    throw new Error("Policy name is required");
+  }
+  if (options.name.length > 64) {
+    throw new Error("Policy name should not exceed 64 characters");
+  }
+  if (!Array.isArray(options.keys) || options.keys.length === 0) {
+    throw new Error("At least one key is required");
+  }
+}
+function serializeTapTree(tree) {
+  if (Array.isArray(tree)) {
+    const [left, right] = tree;
+    return `{${serializeTapTree(left)},${serializeTapTree(right)}}`;
+  }
+  return tree.toString();
+}
+
+// src/patterns/htlc.ts
+function buildTaprootHtlcPolicy(params) {
+  const { name, secretHash, timelock, numsKey, payeeKey, payerKey } = params;
+  validateHash2(secretHash, 64, "secretHash");
+  validateTimelock2(timelock, "timelock");
+  const secretLeaf = and_v(v(sha256(secretHash)), pk(keyPlaceholder(1)));
+  const timeoutLeaf = and_v(v(after(timelock)), pk(keyPlaceholder(2)));
+  const tree = [secretLeaf, timeoutLeaf];
+  return {
+    name,
+    template: trDescriptor(0, tree),
+    keys: [numsKey, payeeKey, payerKey]
+  };
+}
+function buildSegwitHtlcPolicy(params) {
+  const { name, secretHash, timelock, payeeKey, payerKey } = params;
+  validateHash2(secretHash, 64, "secretHash");
+  validateTimelock2(timelock, "timelock");
+  const secretPath = and_v(v(sha256(secretHash)), pk(keyPlaceholder(0)));
+  const timeoutPath = and_v(v(pk(keyPlaceholder(1))), after(timelock));
+  const script = or_i(secretPath, timeoutPath);
+  return {
+    name,
+    template: wshDescriptor(script),
+    keys: [payeeKey, payerKey]
+  };
+}
+function validateHash2(hash, expectedLength, name) {
+  if (!hash || typeof hash !== "string") {
+    throw new Error(`${name} must be a hex string`);
+  }
+  if (hash.length !== expectedLength) {
+    throw new Error(
+      `${name} must be ${expectedLength / 2} bytes (${expectedLength} hex chars), got ${hash.length}`
+    );
+  }
+  if (!/^[0-9a-fA-F]+$/.test(hash)) {
+    throw new Error(`${name} must be a valid hex string`);
+  }
+}
+function validateTimelock2(value, name) {
+  if (!Number.isInteger(value) || value <= 0) {
+    throw new Error(`${name} must be a positive integer`);
+  }
+  if (value > 2147483647) {
+    throw new Error(`${name} exceeds maximum value (2^31-1)`);
+  }
+}
+
+// src/patterns/multisig.ts
+function buildSegwitMultisigPolicy(params) {
+  const { name, threshold, keys, sorted = true } = params;
+  if (keys.length === 0) {
+    throw new Error("At least one key is required");
+  }
+  const keyPlaceholders = keys.map((_, i) => keyPlaceholder(i));
+  const script = sorted ? sortedmulti(threshold, keyPlaceholders) : multi(threshold, keyPlaceholders);
+  return {
+    name,
+    template: wshDescriptor(script),
+    keys
+  };
+}
+function buildTaprootMultisigPolicy(params) {
+  const { name, threshold, keys, sorted = true } = params;
+  if (keys.length < 2) {
+    throw new Error(
+      "Taproot multisig requires at least 2 keys (internal key + script key)"
+    );
+  }
+  const scriptKeyPlaceholders = keys.slice(1).map((_, i) => keyPlaceholder(i + 1));
+  const script = sorted ? sortedmulti_a(threshold, scriptKeyPlaceholders) : multi_a(threshold, scriptKeyPlaceholders);
+  return {
+    name,
+    template: trDescriptor(0, script),
+    keys
+  };
+}
+
+// src/scripts/pk.ts
+import { script as bscript, opcodes } from "bitcoinjs-lib";
+function pkScript(pubkey) {
+  if (pubkey.length !== 33 && pubkey.length !== 32) {
+    throw new Error(
+      `Invalid pubkey length: ${pubkey.length} (expected 32 or 33 bytes)`
+    );
+  }
+  return Buffer.from(bscript.compile([pubkey, opcodes.OP_CHECKSIG]));
+}
+
+// src/scripts/pkh.ts
+import { script as bscript2, opcodes as opcodes2, crypto } from "bitcoinjs-lib";
+function pkhScript(pubkey) {
+  if (pubkey.length !== 33) {
+    throw new Error(
+      `Invalid pubkey length: ${pubkey.length} (expected 33 bytes for compressed pubkey)`
+    );
+  }
+  const pubkeyHash = crypto.hash160(pubkey);
+  return Buffer.from(
+    bscript2.compile([
+      opcodes2.OP_DUP,
+      opcodes2.OP_HASH160,
+      pubkeyHash,
+      opcodes2.OP_EQUALVERIFY,
+      opcodes2.OP_CHECKSIG
+    ])
+  );
+}
+function pkhScriptFromHash(pubkeyHash) {
+  if (pubkeyHash.length !== 20) {
+    throw new Error(
+      `Invalid pubkey hash length: ${pubkeyHash.length} (expected 20 bytes)`
+    );
+  }
+  return Buffer.from(
+    bscript2.compile([
+      opcodes2.OP_DUP,
+      opcodes2.OP_HASH160,
+      pubkeyHash,
+      opcodes2.OP_EQUALVERIFY,
+      opcodes2.OP_CHECKSIG
+    ])
+  );
+}
+
+// src/scripts/multi.ts
+import { script as bscript3, opcodes as opcodes3 } from "bitcoinjs-lib";
+function encodeScriptInt(n) {
+  if (n === 0) return opcodes3.OP_0;
+  if (n >= 1 && n <= 16) return opcodes3.OP_1 - 1 + n;
+  return Buffer.from(bscript3.number.encode(n));
+}
+function multiScript(threshold, pubkeys, sorted = false) {
+  if (threshold <= 0 || !Number.isInteger(threshold)) {
+    throw new Error("threshold must be a positive integer");
+  }
+  if (pubkeys.length === 0) {
+    throw new Error("At least one pubkey is required");
+  }
+  if (threshold > pubkeys.length) {
+    throw new Error(
+      `threshold (${threshold}) cannot exceed number of pubkeys (${pubkeys.length})`
+    );
+  }
+  if (pubkeys.length > 20) {
+    throw new Error("SegWit multisig is limited to 20 keys");
+  }
+  for (const pk2 of pubkeys) {
+    if (pk2.length !== 33) {
+      throw new Error(
+        `Invalid pubkey length: ${pk2.length} (expected 33 bytes for SegWit)`
+      );
+    }
+  }
+  const keys = sorted ? [...pubkeys].sort(Buffer.compare) : pubkeys;
+  return Buffer.from(
+    bscript3.compile([
+      encodeScriptInt(threshold),
+      ...keys,
+      encodeScriptInt(keys.length),
+      opcodes3.OP_CHECKMULTISIG
+    ])
+  );
+}
+function sortedMultiScript(threshold, pubkeys) {
+  return multiScript(threshold, pubkeys, true);
+}
+function bareMultiScript(threshold, pubkeys, sorted = false) {
+  if (threshold <= 0 || !Number.isInteger(threshold)) {
+    throw new Error("threshold must be a positive integer");
+  }
+  if (pubkeys.length === 0) {
+    throw new Error("At least one pubkey is required");
+  }
+  if (threshold > pubkeys.length) {
+    throw new Error(
+      `threshold (${threshold}) cannot exceed number of pubkeys (${pubkeys.length})`
+    );
+  }
+  for (const pk2 of pubkeys) {
+    if (pk2.length !== 33 && pk2.length !== 65) {
+      throw new Error(
+        `Invalid pubkey length: ${pk2.length} (expected 33 or 65 bytes)`
+      );
+    }
+  }
+  const keys = sorted ? [...pubkeys].sort(Buffer.compare) : pubkeys;
+  return Buffer.from(
+    bscript3.compile([
+      encodeScriptInt(threshold),
+      ...keys,
+      encodeScriptInt(keys.length),
+      opcodes3.OP_CHECKMULTISIG
+    ])
+  );
+}
+function sortedBareMultiScript(threshold, pubkeys) {
+  return bareMultiScript(threshold, pubkeys, true);
+}
+
+// src/scripts/hashlock.ts
+import { script as bscript4, opcodes as opcodes4 } from "bitcoinjs-lib";
+function getHashOpcode(hashType) {
+  switch (hashType) {
+    case "sha256":
+      return opcodes4.OP_SHA256;
+    case "hash256":
+      return opcodes4.OP_HASH256;
+    case "hash160":
+      return opcodes4.OP_HASH160;
+    case "ripemd160":
+      return opcodes4.OP_RIPEMD160;
+  }
+}
+function getHashLength(hashType) {
+  switch (hashType) {
+    case "sha256":
+    case "hash256":
+      return 32;
+    case "hash160":
+    case "ripemd160":
+      return 20;
+  }
+}
+function hashlockScript(hash, pubkey, hashType = "sha256") {
+  const expectedLen = getHashLength(hashType);
+  if (hash.length !== expectedLen) {
+    throw new Error(
+      `Invalid hash length for ${hashType}: ${hash.length} (expected ${expectedLen} bytes)`
+    );
+  }
+  if (pubkey.length !== 32 && pubkey.length !== 33) {
+    throw new Error(
+      `Invalid pubkey length: ${pubkey.length} (expected 32 or 33 bytes)`
+    );
+  }
+  return Buffer.from(
+    bscript4.compile([
+      // v:sha256(H) - verify wrapper with SIZE check for preimage length
+      opcodes4.OP_SIZE,
+      bscript4.number.encode(expectedLen),
+      opcodes4.OP_EQUALVERIFY,
+      // Hash check
+      getHashOpcode(hashType),
+      hash,
+      opcodes4.OP_EQUALVERIFY,
+      // pk(K)
+      pubkey,
+      opcodes4.OP_CHECKSIG
+    ])
+  );
+}
+function simpleHashlockScript(hash, hashType = "sha256") {
+  const expectedLen = getHashLength(hashType);
+  if (hash.length !== expectedLen) {
+    throw new Error(
+      `Invalid hash length for ${hashType}: ${hash.length} (expected ${expectedLen} bytes)`
+    );
+  }
+  return Buffer.from(
+    bscript4.compile([
+      opcodes4.OP_SIZE,
+      bscript4.number.encode(expectedLen),
+      opcodes4.OP_EQUALVERIFY,
+      getHashOpcode(hashType),
+      hash,
+      opcodes4.OP_EQUAL
+    ])
+  );
+}
+
+// src/scripts/timelock.ts
+import { script as bscript5, opcodes as opcodes5 } from "bitcoinjs-lib";
+function encodeScriptNumber(n) {
+  if (n === 0) {
+    return opcodes5.OP_0;
+  }
+  if (n >= 1 && n <= 16) {
+    return opcodes5.OP_1 - 1 + n;
+  }
+  return Buffer.from(bscript5.number.encode(n));
+}
+function cltvScript(locktime, pubkey, useDrop = false) {
+  if (locktime <= 0) {
+    throw new Error("locktime must be a positive number");
+  }
+  if (locktime > 2147483647) {
+    throw new Error("locktime exceeds maximum value (2^31-1)");
+  }
+  if (pubkey.length !== 32 && pubkey.length !== 33) {
+    throw new Error(
+      `Invalid pubkey length: ${pubkey.length} (expected 32 or 33 bytes)`
+    );
+  }
+  return Buffer.from(
+    bscript5.compile([
+      encodeScriptNumber(locktime),
+      opcodes5.OP_CHECKLOCKTIMEVERIFY,
+      useDrop ? opcodes5.OP_DROP : opcodes5.OP_VERIFY,
+      pubkey,
+      opcodes5.OP_CHECKSIG
+    ])
+  );
+}
+function csvScript(sequence, pubkey, useDrop = false) {
+  if (sequence <= 0) {
+    throw new Error("sequence must be a positive number");
+  }
+  if (sequence > 2147483647) {
+    throw new Error("sequence exceeds maximum value (2^31-1)");
+  }
+  if (pubkey.length !== 32 && pubkey.length !== 33) {
+    throw new Error(
+      `Invalid pubkey length: ${pubkey.length} (expected 32 or 33 bytes)`
+    );
+  }
+  return Buffer.from(
+    bscript5.compile([
+      encodeScriptNumber(sequence),
+      opcodes5.OP_CHECKSEQUENCEVERIFY,
+      useDrop ? opcodes5.OP_DROP : opcodes5.OP_VERIFY,
+      pubkey,
+      opcodes5.OP_CHECKSIG
+    ])
+  );
+}
+function simpleCltvScript(locktime) {
+  if (locktime <= 0) {
+    throw new Error("locktime must be a positive number");
+  }
+  if (locktime > 2147483647) {
+    throw new Error("locktime exceeds maximum value (2^31-1)");
+  }
+  return Buffer.from(
+    bscript5.compile([
+      encodeScriptNumber(locktime),
+      opcodes5.OP_CHECKLOCKTIMEVERIFY,
+      opcodes5.OP_DROP,
+      opcodes5.OP_TRUE
+    ])
+  );
+}
+
+// src/keys.ts
+import * as ecc from "@bitcoinerlab/secp256k1";
+import BIP32Factory from "bip32";
+import { networks } from "bitcoinjs-lib";
+
+// src/types.ts
+function isXpubKey(key) {
+  return "xpub" in key;
+}
+function isRawKey(key) {
+  return "pubkey" in key;
+}
+
+// src/keys.ts
+var bip32 = BIP32Factory(ecc);
+function getNetwork(name) {
+  switch (name) {
+    case "mainnet":
+      return networks.bitcoin;
+    case "testnet":
+      return networks.testnet;
+    case "regtest":
+      return networks.regtest;
+  }
+}
+function deriveFromXpub(xpub, change, index, network) {
+  const node = bip32.fromBase58(xpub, network);
+  return node.derive(change).derive(index);
+}
+function resolveCompressedPubkey(key, network) {
+  if (isXpubKey(key)) {
+    const net = getNetwork(network);
+    const child = deriveFromXpub(
+      key.xpub,
+      key.change ?? 0,
+      key.index ?? 0,
+      net
+    );
+    return Buffer.from(child.publicKey);
+  } else {
+    return parsePublicKey(key.pubkey);
+  }
+}
+function resolveXOnlyPubkey(key, network) {
+  const compressed = resolveCompressedPubkey(key, network);
+  return toXOnly(compressed);
+}
+function toXOnly(pubkey) {
+  if (pubkey.length === 32) {
+    return pubkey;
+  }
+  if (pubkey.length === 33) {
+    return pubkey.subarray(1, 33);
+  }
+  if (pubkey.length === 65) {
+    return pubkey.subarray(1, 33);
+  }
+  throw new Error(`Invalid public key length: ${pubkey.length}`);
+}
+function parsePublicKey(pubkeyHex) {
+  const buf = Buffer.from(pubkeyHex, "hex");
+  if (buf.length === 33) {
+    if (buf[0] !== 2 && buf[0] !== 3) {
+      throw new Error("Compressed public key must start with 02 or 03");
+    }
+    if (!isValidPoint(buf)) {
+      throw new Error("Invalid public key: not a valid curve point");
+    }
+    return buf;
+  }
+  if (buf.length === 32) {
+    const compressed = Buffer.concat([Buffer.from([2]), buf]);
+    if (!isValidPoint(compressed)) {
+      throw new Error("Invalid x-only public key: not a valid curve point");
+    }
+    return compressed;
+  }
+  if (buf.length === 65) {
+    if (buf[0] !== 4) {
+      throw new Error("Uncompressed public key must start with 04");
+    }
+    const prefix = (buf[64] & 1) === 0 ? 2 : 3;
+    const compressed = Buffer.concat([
+      Buffer.from([prefix]),
+      buf.subarray(1, 33)
+    ]);
+    if (!isValidPoint(compressed)) {
+      throw new Error("Invalid public key: not a valid curve point");
+    }
+    return compressed;
+  }
+  throw new Error(
+    `Invalid public key length: ${buf.length} bytes (expected 32, 33, or 65)`
+  );
+}
+function isValidPoint(pubkey) {
+  try {
+    return ecc.isPoint(pubkey);
+  } catch {
+    return false;
+  }
+}
+function toKeyInfo(key) {
+  return {
+    fingerprint: key.fingerprint,
+    originPath: key.originPath,
+    xpub: key.xpub
+  };
+}
+function extractKeyInfos(keys) {
+  const infos = [];
+  for (const key of keys) {
+    if (!isXpubKey(key)) {
+      return null;
+    }
+    infos.push(toKeyInfo(key));
+  }
+  return infos;
+}
+
+// src/patterns/taproot/htlc.ts
+import * as ecc3 from "@bitcoinerlab/secp256k1";
+import {
+  initEccLib,
+  payments,
+  opcodes as opcodes7,
+  script as bscript7
+} from "bitcoinjs-lib";
+import { sha256 as sha2562 } from "@noble/hashes/sha2.js";
+
+// src/patterns/taproot/nums.ts
+var NUMS = {
+  /** Compressed public key (33 bytes as hex) */
+  pubkey: "0250929b74c1a04954b78b4b6035e97a5e078a5a0f28ec96d547bfee9ace803ac0",
+  /** X-only public key (32 bytes as hex) - for taproot internal key */
+  xonly: "50929b74c1a04954b78b4b6035e97a5e078a5a0f28ec96d547bfee9ace803ac0",
+  /** X-only as Buffer */
+  get xonlyBuffer() {
+    return Buffer.from(this.xonly, "hex");
+  },
+  /** Compressed as Buffer */
+  get pubkeyBuffer() {
+    return Buffer.from(this.pubkey, "hex");
+  },
+  /**
+   * Get NUMS xpub for a specific network.
+   * Constructed with:
+   * - Public key: NUMS point
+   * - Chain code: 32 zero bytes
+   * - Depth/parent/index: all zeros (acts like master key)
+   */
+  xpub(network) {
+    switch (network) {
+      case "mainnet":
+        return "xpub661MyMwAqRbcEYS8w7XLSVeEsBXy79zSzH1J8vCdxAZningWLdN3zgtU6QgnecKFpJFPpdzxKrwoaZoV44qAJewsc4kX9vGaCaBExuvJH57";
+      case "testnet":
+      case "regtest":
+        return "tpubD6NzVbkrYhZ4WLczPJWReQycCJdd6YVWXubbVUFnJ5KgU5MDQrD998ZJLSmaB7GVcCnJSDWprxmrGkJ6SvgQC6QAffVpqSvonXmeizXcrkN";
+    }
+  }
+};
+
+// src/patterns/taproot/script.ts
+import * as ecc2 from "@bitcoinerlab/secp256k1";
+import { crypto as crypto2, script as bscript6 } from "bitcoinjs-lib";
+var LEAF_VERSION = 192;
+function tapLeafHash(script) {
+  return Buffer.from(
+    crypto2.taggedHash(
+      "TapLeaf",
+      Buffer.concat([Buffer.from([LEAF_VERSION]), serializeScript(script)])
+    )
+  );
+}
+function tapBranchHash(left, right) {
+  const [first, second] = Buffer.compare(left, right) <= 0 ? [left, right] : [right, left];
+  return Buffer.from(
+    crypto2.taggedHash("TapBranch", Buffer.concat([first, second]))
+  );
+}
+function tapTweak(internalPubkey, merkleRoot) {
+  return Buffer.from(
+    crypto2.taggedHash("TapTweak", Buffer.concat([internalPubkey, merkleRoot]))
+  );
+}
+function serializeScript(script) {
+  const len = varintEncode(script.length);
+  return Buffer.concat([len, script]);
+}
+function buildControlBlock(internalPubkey, leafVersion, merklePath) {
+  const parityByte = leafVersion;
+  return Buffer.concat([
+    Buffer.from([parityByte]),
+    internalPubkey,
+    ...merklePath
+  ]);
+}
+function varintEncode(n) {
+  if (n < 253) {
+    const buf = Buffer.allocUnsafe(1);
+    buf.writeUInt8(n, 0);
+    return buf;
+  } else if (n <= 65535) {
+    const buf = Buffer.allocUnsafe(3);
+    buf.writeUInt8(253, 0);
+    buf.writeUInt16LE(n, 1);
+    return buf;
+  } else if (n <= 4294967295) {
+    const buf = Buffer.allocUnsafe(5);
+    buf.writeUInt8(254, 0);
+    buf.writeUInt32LE(n, 1);
+    return buf;
+  } else {
+    const buf = Buffer.allocUnsafe(9);
+    buf.writeUInt8(255, 0);
+    buf.writeUInt32LE(n >>> 0, 1);
+    buf.writeUInt32LE(n / 4294967296 | 0, 5);
+    return buf;
+  }
+}
+function encodeScriptNumber2(n) {
+  return Buffer.from(bscript6.number.encode(n));
+}
+function buildP2TROutput(outputKey) {
+  return Buffer.concat([
+    Buffer.from([81, 32]),
+    // OP_1, push 32 bytes
+    outputKey
+  ]);
+}
+
+// src/patterns/taproot/htlc.ts
+initEccLib(ecc3);
+function taprootHtlc(params) {
+  const { payee, payer, secretHash, timelock, network, name } = params;
+  if (!secretHash || secretHash.length !== 64) {
+    throw new Error("secretHash must be 32 bytes (64 hex chars)");
+  }
+  if (timelock <= 0) {
+    throw new Error("timelock must be a positive number");
+  }
+  const payeeXOnly = resolveXOnlyPubkey(payee, network);
+  const payerXOnly = resolveXOnlyPubkey(payer, network);
+  const hashBuffer = Buffer.from(secretHash, "hex");
+  const secretScript = buildHashLockScript(hashBuffer, payeeXOnly);
+  const timeoutScript = buildTimelockScript(timelock, payerXOnly);
+  const secretLeafHash = tapLeafHash(secretScript);
+  const timeoutLeafHash = tapLeafHash(timeoutScript);
+  const merkleRoot = tapBranchHash(secretLeafHash, timeoutLeafHash);
+  const net = getNetwork(network);
+  const numsXpub = NUMS.xpub(network);
+  const derivedNums = deriveFromXpub(numsXpub, 0, 0, net);
+  const internalPubkey = toXOnly(Buffer.from(derivedNums.publicKey));
+  const tweak = tapTweak(internalPubkey, merkleRoot);
+  const tweakedKey = ecc3.xOnlyPointAddTweak(internalPubkey, tweak);
+  if (!tweakedKey) {
+    throw new Error("Failed to tweak internal key");
+  }
+  const outputKey = Buffer.from(tweakedKey.xOnlyPubkey);
+  const scriptPubkey = buildP2TROutput(outputKey);
+  const address = payments.p2tr({
+    pubkey: outputKey,
+    network: net
+  }).address;
+  const secretControlBlock = buildControlBlock(
+    internalPubkey,
+    192 | (tweakedKey.parity ? 1 : 0),
+    [timeoutLeafHash]
+    // path to sibling
+  );
+  const timeoutControlBlock = buildControlBlock(
+    internalPubkey,
+    192 | (tweakedKey.parity ? 1 : 0),
+    [secretLeafHash]
+    // path to sibling
+  );
+  let policy = null;
+  if (isXpubKey(payee) && isXpubKey(payer)) {
+    policy = buildTaprootHtlcPolicy({
+      name: name || "HTLC",
+      secretHash,
+      timelock,
+      numsKey: bareKey(NUMS.xpub(network)),
+      payeeKey: toKeyInfo(payee),
+      payerKey: toKeyInfo(payer)
+    });
+  }
+  return {
+    address,
+    scriptPubkey,
+    internalPubkey,
+    merkleRoot,
+    tweak,
+    outputKey,
+    timelock,
+    secretLeaf: {
+      script: secretScript,
+      hash: secretLeafHash
+    },
+    timeoutLeaf: {
+      script: timeoutScript,
+      hash: timeoutLeafHash
+    },
+    controlBlock(leaf) {
+      return leaf === "secret" ? secretControlBlock : timeoutControlBlock;
+    },
+    witness: {
+      secret(signature, preimage) {
+        return [signature, preimage, secretScript, secretControlBlock];
+      },
+      timeout(signature) {
+        return [signature, timeoutScript, timeoutControlBlock];
+      }
+    },
+    policy
+  };
+}
+function extractSecret(witness, secretHash) {
+  if (!witness || witness.length < 4) {
+    return null;
+  }
+  const preimage = witness[1];
+  if (preimage.length !== 32) {
+    return null;
+  }
+  if (secretHash) {
+    const computed = Buffer.from(sha2562(preimage)).toString("hex");
+    if (computed !== secretHash) {
+      return null;
+    }
+  }
+  return preimage.toString("hex");
+}
+function buildHashLockScript(hash, pubkey, hashOp = opcodes7.OP_SHA256) {
+  return Buffer.from(
+    bscript7.compile([
+      // v:sha256(H) - verify wrapper adds SIZE check for 32-byte preimage
+      opcodes7.OP_SIZE,
+      bscript7.number.encode(32),
+      // Push number 32
+      opcodes7.OP_EQUALVERIFY,
+      // sha256(H)
+      hashOp,
+      hash,
+      opcodes7.OP_EQUALVERIFY,
+      // pk(K)
+      pubkey,
+      opcodes7.OP_CHECKSIG
+    ])
+  );
+}
+function buildTimelockScript(timelock, pubkey) {
+  return Buffer.from(
+    bscript7.compile([
+      encodeScriptNumber2(timelock),
+      opcodes7.OP_CHECKLOCKTIMEVERIFY,
+      opcodes7.OP_VERIFY,
+      pubkey,
+      opcodes7.OP_CHECKSIG
+    ])
+  );
+}
+
+// src/patterns/taproot/multisig.ts
+import * as ecc4 from "@bitcoinerlab/secp256k1";
+import {
+  initEccLib as initEccLib2,
+  payments as payments2,
+  opcodes as opcodes8,
+  script as bscript8
+} from "bitcoinjs-lib";
+initEccLib2(ecc4);
+function taprootMultisig(params) {
+  const { threshold, keys, sorted = true, network, name } = params;
+  if (threshold <= 0 || !Number.isInteger(threshold)) {
+    throw new Error("threshold must be a positive integer");
+  }
+  if (keys.length === 0) {
+    throw new Error("At least one key is required");
+  }
+  if (threshold > keys.length) {
+    throw new Error(
+      `threshold (${threshold}) cannot exceed number of keys (${keys.length})`
+    );
+  }
+  const net = getNetwork(network);
+  let pubkeys = keys.map((key) => resolveXOnlyPubkey(key, network));
+  let sortedIndexes = pubkeys.map((_, i) => i);
+  if (sorted) {
+    const indexed = pubkeys.map((pk2, i) => ({ pk: pk2, i }));
+    indexed.sort(
+      (a, b) => Buffer.compare(a.pk, b.pk)
+    );
+    pubkeys = indexed.map((x) => x.pk);
+    sortedIndexes = indexed.map((x) => x.i);
+  }
+  const scriptParts = [];
+  scriptParts.push(pubkeys[0]);
+  scriptParts.push(opcodes8.OP_CHECKSIG);
+  for (let i = 1; i < pubkeys.length; i++) {
+    scriptParts.push(pubkeys[i]);
+    scriptParts.push(opcodes8.OP_CHECKSIGADD);
+  }
+  scriptParts.push(encodeScriptNumber(threshold));
+  scriptParts.push(opcodes8.OP_NUMEQUAL);
+  const multisigScript = Buffer.from(bscript8.compile(scriptParts));
+  const leafHash = tapLeafHash(multisigScript);
+  const internalPubkey = NUMS.xonlyBuffer;
+  const merkleRoot = leafHash;
+  const tweak = tapTweak(internalPubkey, merkleRoot);
+  const tweakedKey = ecc4.xOnlyPointAddTweak(internalPubkey, tweak);
+  if (!tweakedKey) {
+    throw new Error("Failed to tweak internal key");
+  }
+  const outputKey = Buffer.from(tweakedKey.xOnlyPubkey);
+  const scriptPubkey = buildP2TROutput(outputKey);
+  const address = payments2.p2tr({
+    pubkey: outputKey,
+    network: net
+  }).address;
+  const controlBlock = buildControlBlock(
+    internalPubkey,
+    192 | (tweakedKey.parity ? 1 : 0),
+    []
+    // No sibling for single-leaf tree
+  );
+  let policy = null;
+  const keyInfos = extractKeyInfos(keys);
+  if (keyInfos) {
+    policy = buildTaprootMultisigPolicy({
+      name: name || `${threshold}-of-${keys.length} Taproot Multisig`,
+      threshold,
+      keys: [bareKey(NUMS.xpub(network)), ...keyInfos],
+      sorted
+    });
+  }
+  return {
+    address,
+    scriptPubkey,
+    internalPubkey,
+    merkleRoot,
+    tweak,
+    outputKey,
+    scriptLeaf: {
+      script: multisigScript,
+      hash: leafHash
+    },
+    controlBlock,
+    policy,
+    /**
+     * Build witness stack for script path spend.
+     *
+     * For multi_a, signatures must be provided in the same order as keys appear
+     * in the script. Use empty Buffer for keys that don't sign.
+     *
+     * @param signatures Array of signatures (length must equal number of keys)
+     *                   Use Buffer.alloc(0) for non-signing keys
+     * @returns Witness stack: [sig1, sig2, ..., sigN, script, control_block]
+     */
+    witness(signatures) {
+      if (signatures.length !== keys.length) {
+        throw new Error(
+          `Expected ${keys.length} signature slots (use empty Buffer for non-signers), got ${signatures.length}`
+        );
+      }
+      const sigCount = signatures.filter((s) => s.length > 0).length;
+      if (sigCount !== threshold) {
+        throw new Error(`Expected ${threshold} signatures, got ${sigCount}`);
+      }
+      const orderedSigs = sorted ? sortedIndexes.map((origIdx) => signatures[origIdx]) : signatures;
+      return [...orderedSigs.reverse(), multisigScript, controlBlock];
+    }
+  };
+}
+
+// src/patterns/segwit/htlc.ts
+import { script as bscript9, opcodes as opcodes9, payments as payments3 } from "bitcoinjs-lib";
+import { sha256 as sha2563 } from "@noble/hashes/sha2.js";
+function segwitHtlc(params) {
+  const { payee, payer, secretHash, timelock, network, name } = params;
+  if (!secretHash || secretHash.length !== 64) {
+    throw new Error("secretHash must be 32 bytes (64 hex chars)");
+  }
+  if (timelock <= 0) {
+    throw new Error("timelock must be a positive number");
+  }
+  const payeePubkey = resolveCompressedPubkey(payee, network);
+  const payerPubkey = resolveCompressedPubkey(payer, network);
+  const secretHashBuffer = Buffer.from(secretHash, "hex");
+  const witnessScript = Buffer.from(
+    bscript9.compile([
+      opcodes9.OP_IF,
+      // and_v(v:sha256(H), pk(@0)) - secret path
+      opcodes9.OP_SIZE,
+      bscript9.number.encode(32),
+      opcodes9.OP_EQUALVERIFY,
+      opcodes9.OP_SHA256,
+      secretHashBuffer,
+      opcodes9.OP_EQUALVERIFY,
+      payeePubkey,
+      opcodes9.OP_CHECKSIG,
+      opcodes9.OP_ELSE,
+      // and_v(v:pk(@1), after(N)) - timeout path
+      payerPubkey,
+      opcodes9.OP_CHECKSIGVERIFY,
+      bscript9.number.encode(timelock),
+      opcodes9.OP_CHECKLOCKTIMEVERIFY,
+      opcodes9.OP_ENDIF
+    ])
+  );
+  const net = getNetwork(network);
+  const scriptHash = sha2563(witnessScript);
+  const p2wsh = payments3.p2wsh({
+    redeem: { output: witnessScript, network: net },
+    network: net
+  });
+  if (!p2wsh.address || !p2wsh.output) {
+    throw new Error("Failed to create P2WSH output");
+  }
+  let policy = null;
+  if (isXpubKey(payee) && isXpubKey(payer)) {
+    policy = buildSegwitHtlcPolicy({
+      name: name || "HTLC",
+      secretHash,
+      timelock,
+      payeeKey: toKeyInfo(payee),
+      payerKey: toKeyInfo(payer)
+    });
+  }
+  return {
+    address: p2wsh.address,
+    scriptPubkey: Buffer.from(p2wsh.output),
+    witnessScript,
+    scriptHash: Buffer.from(scriptHash),
+    timelock,
+    witness: {
+      secret(signature, preimage) {
+        return [signature, preimage, Buffer.from([1]), witnessScript];
+      },
+      timeout(signature) {
+        return [signature, Buffer.alloc(0), witnessScript];
+      }
+    },
+    policy
+  };
+}
+function extractSecret2(witness, secretHash) {
+  if (!witness || witness.length < 4) {
+    return null;
+  }
+  const preimage = witness[1];
+  if (preimage.length !== 32) {
+    return null;
+  }
+  if (secretHash) {
+    const computed = Buffer.from(sha2563(preimage)).toString("hex");
+    if (computed !== secretHash) {
+      return null;
+    }
+  }
+  return preimage.toString("hex");
+}
+
+// src/patterns/segwit/multisig.ts
+import { payments as payments4 } from "bitcoinjs-lib";
+import { sha256 as sha2564 } from "@noble/hashes/sha2.js";
+function segwitMultisig(params) {
+  const { threshold, keys, sorted = true, network, name } = params;
+  if (threshold <= 0 || !Number.isInteger(threshold)) {
+    throw new Error("threshold must be a positive integer");
+  }
+  if (keys.length === 0) {
+    throw new Error("At least one key is required");
+  }
+  if (threshold > keys.length) {
+    throw new Error(
+      `threshold (${threshold}) cannot exceed number of keys (${keys.length})`
+    );
+  }
+  if (keys.length > 20) {
+    throw new Error("SegWit multisig is limited to 20 keys");
+  }
+  const net = getNetwork(network);
+  const pubkeys = keys.map((key) => resolveCompressedPubkey(key, network));
+  const witnessScript = multiScript(threshold, pubkeys, sorted);
+  const scriptHash = sha2564(witnessScript);
+  const p2wsh = payments4.p2wsh({
+    redeem: { output: witnessScript, network: net },
+    network: net
+  });
+  if (!p2wsh.address || !p2wsh.output) {
+    throw new Error("Failed to create P2WSH output");
+  }
+  let policy = null;
+  const keyInfos = extractKeyInfos(keys);
+  if (keyInfos) {
+    policy = buildSegwitMultisigPolicy({
+      name: name || `${threshold}-of-${keys.length} Multisig`,
+      threshold,
+      keys: keyInfos,
+      sorted
+    });
+  }
+  return {
+    address: p2wsh.address,
+    scriptPubkey: Buffer.from(p2wsh.output),
+    witnessScript,
+    scriptHash: Buffer.from(scriptHash),
+    policy,
+    /**
+     * Build witness stack for spending.
+     * @param signatures Array of signatures (must have exactly `threshold` signatures)
+     * @returns Witness stack: [OP_0, sig1, sig2, ..., witnessScript]
+     */
+    witness(signatures) {
+      if (signatures.length !== threshold) {
+        throw new Error(
+          `Expected ${threshold} signatures, got ${signatures.length}`
+        );
+      }
+      return [Buffer.alloc(0), ...signatures, witnessScript];
+    }
+  };
+}
+export {
+  NUMS,
+  after,
+  and_v,
+  bareKey,
+  bareMultiScript,
+  buildSegwitHtlcPolicy,
+  buildSegwitMultisigPolicy,
+  buildSegwitPolicy,
+  buildTaprootHtlcPolicy,
+  buildTaprootMultisigPolicy,
+  buildTaprootPolicy,
+  cltvScript,
+  csvScript,
+  deriveFromXpub,
+  encodeScriptInt,
+  encodeScriptNumber,
+  extractKeyInfos,
+  extractSecret2 as extractSegwitSecret,
+  extractSecret as extractTaprootSecret,
+  formatKeyInfo,
+  getNetwork,
+  hash160,
+  hash256,
+  hashlockScript,
+  isRawKey,
+  isValidPoint,
+  isXpubKey,
+  keyPlaceholder,
+  multi,
+  multiScript,
+  multi_a,
+  older,
+  or_d,
+  or_i,
+  parsePublicKey,
+  pk,
+  pkScript,
+  pkh,
+  pkhScript,
+  pkhScriptFromHash,
+  resolveCompressedPubkey,
+  resolveXOnlyPubkey,
+  ripemd160,
+  segwitHtlc,
+  segwitMultisig,
+  sha256,
+  simpleCltvScript,
+  simpleHashlockScript,
+  sortedBareMultiScript,
+  sortedMultiScript,
+  sortedmulti,
+  sortedmulti_a,
+  taprootHtlc,
+  taprootMultisig,
+  toKeyInfo,
+  toXOnly,
+  trDescriptor,
+  v,
+  wpkhDescriptor,
+  wshDescriptor
+};
+//# sourceMappingURL=index.js.map