minimal-xec-wallet 2.2.1 → 2.2.3

package/CHANGES.md

@@ -1,5 +1,47 @@
 # Changelog
 
+## [2.2.3] - 2025-02-10
+
+### Fixed
+
+#### Message Signing BigInt Error (CRITICAL)
+
+Fixed `signMessage()` crashing in the browser with `Cannot mix BigInt and other types, use explicit conversions`.
+
+**The Problem:**
+The `signRecoverable` method in `initBrowser-shim.js` called `secp256k1.sign()` and accessed `.r`, `.s`, `.recovery` on the result. But `@noble/curves` v2 `sign()` returns a `Uint8Array`, not a Signature object. Accessing `.r` on a Uint8Array yields `undefined`, and `bigIntToBytes(undefined, 32)` triggers the BigInt TypeError.
+
+The same issue affected `recoverSig()` which manually reconstructed a Signature via `new Signature(r, s, recoveryId)` — functional but unnecessarily complex.
+
+**The Fix:**
+- `signRecoverable`: use `format: 'recovered'` option which makes `sign()` return the 65-byte `[recovery_id, r(32), s(32)]` format directly
+- `recoverSig`: use `secp256k1.recoverPublicKey(sig, msg)` which natively parses the recovered format and returns compressed public key bytes
+
+**Note:** The CLI wallet was unaffected because it runs in Node.js where ecash-lib uses native WASM — the browser shim is never invoked.
+
+### Files Updated
+- `browser-shims/initBrowser-shim.js` — Fix signRecoverable and recoverSig for noble curves v2 API
+
+## [2.2.2] - 2025-02-10
+
+### Added
+
+#### Message Signing & Verification
+New public API methods for the eCash message signing protocol (compatible with ecash-lib's `signMsg`/`verifyMsg`):
+
+- `signMessage(msg)` — Sign a message with the wallet's private key, returns base64 signature
+- `verifyMessage(msg, signature, address)` — Verify a message signature against an address, returns boolean
+- `_magicHash(msg)` (static) — Internal: compute sha256d of prefixed message (`"\x16eCash Signed Message:\n" + varint(len) + msg`)
+
+These methods use the already-shimmed pure-JS crypto (via `@noble/curves`) and work in both Node.js and browser environments without WASM.
+
+**New test file:** `test/unit/a15-sign-verify-message-unit.js` — 15 unit tests covering validation, happy paths, and edge cases
+
+**New example:** `examples/key-management/sign-verify-message.js` — Demonstrates sign + verify round-trip
+
+### Fixed
+- Removed stray `console.error` in `verifyMessage()` (missed during v2.2.1 cleanup)
+
 ## [2.2.1] - 2025-02-10
 
 ### Changed

package/dist/minimal-xec-wallet.esm.js

@@ -32074,26 +32074,11 @@ class NobleEcc {
   }
 
   signRecoverable (seckey, msg) {
-    const sig = secp256k1.sign(msg, seckey, { lowS: true, prehash: false });
-    const r = sig.r;
-    const s = sig.s;
-    const recovery = sig.recovery;
-    // 65 bytes: [recovery_id, r(32), s(32)]
-    const result = new Uint8Array(65);
-    result[0] = recovery;
-    result.set(bigIntToBytes(r, 32), 1);
-    result.set(bigIntToBytes(s, 32), 33);
-    return result
+    return secp256k1.sign(msg, seckey, { lowS: true, prehash: false, format: 'recovered' })
   }
 
   recoverSig (sig, msg) {
-    const recoveryId = sig[0];
-    const r = bytesToBigInt(sig.slice(1, 33));
-    const s = bytesToBigInt(sig.slice(33, 65));
-    const Signature = secp256k1.Signature;
-    const recSig = new Signature(r, s, recoveryId);
-    const point = recSig.recoverPublicKey(msg);
-    return point.toRawBytes(true)
+    return secp256k1.recoverPublicKey(sig, msg, { prehash: false })
   }
 }
 
@@ -45879,6 +45864,9 @@ function requireMinimalXecWallet () {
 	const ConsolidateUtxos = requireConsolidateUtxos();
 	const KeyDerivation = requireKeyDerivation();
 	const HybridTokenManager = requireHybridTokenManager();
+	const { Ecc, fromHex } = requireIndexBrowser();
+	const { sha256d: ecashSha256d, shaRmd160: ecashShaRmd160 } = requireHash();
+	const { decodeCashAddress } = requireCashaddr();
 
 	// let this
 
@@ -45988,6 +45976,8 @@ function requireMinimalXecWallet () {
 	    this._secureWalletInfo = this._secureWalletInfo.bind(this);
 	    this.exportPrivateKeyAsWIF = this.exportPrivateKeyAsWIF.bind(this);
 	    this.validateWIF = this.validateWIF.bind(this);
+	    this.signMessage = this.signMessage.bind(this);
+	    this.verifyMessage = this.verifyMessage.bind(this);
 	  }
 
 	  // Private method to validate XEC addresses
@@ -46937,6 +46927,95 @@ function requireMinimalXecWallet () {
 	      return false
 	    }
 	  }
+
+	  // Sign a message using the eCash message signing protocol
+	  signMessage (msg) {
+	    try {
+	      if (!this.walletInfo || !this.walletInfo.privateKey) {
+	        throw new Error('Wallet not initialized or no private key available')
+	      }
+	      if (!msg || typeof msg !== 'string') {
+	        throw new Error('Message must be a non-empty string')
+	      }
+
+	      const sk = fromHex(this.walletInfo.privateKey);
+	      const hash = MinimalXECWallet._magicHash(msg);
+	      const sig = new Ecc().signRecoverable(sk, hash);
+
+	      // Convert Uint8Array to base64
+	      const binaryString = String.fromCharCode.apply(null, sig);
+	      return globalThis.btoa(binaryString)
+	    } catch (err) {
+	      throw this._sanitizeError(err, 'Message signing failed')
+	    }
+	  }
+
+	  // Verify a message signature against an address
+	  verifyMessage (msg, signature, address) {
+	    try {
+	      if (!msg || typeof msg !== 'string') {
+	        throw new Error('Message must be a non-empty string')
+	      }
+	      if (!signature || typeof signature !== 'string') {
+	        throw new Error('Signature must be a non-empty string')
+	      }
+	      if (!address || typeof address !== 'string') {
+	        throw new Error('Address must be a non-empty string')
+	      }
+
+	      const hash = MinimalXECWallet._magicHash(msg);
+
+	      // Decode base64 signature to Uint8Array
+	      const binaryString = globalThis.atob(signature);
+	      const sig = new Uint8Array(binaryString.length);
+	      for (let i = 0; i < binaryString.length; i++) {
+	        sig[i] = binaryString.charCodeAt(i);
+	      }
+
+	      const recoveredPk = new Ecc().recoverSig(sig, hash);
+
+	      // Get hash160 of recovered public key as hex
+	      const recoveredHash = Array.from(ecashShaRmd160(recoveredPk))
+	        .map(b => b.toString(16).padStart(2, '0')).join('');
+
+	      // Get hash from the address
+	      const decoded = decodeCashAddress(address);
+	      const testedHash = decoded.hash;
+
+	      return recoveredHash === testedHash
+	    } catch (err) {
+	      return false
+	    }
+	  }
+
+	  // Prepare message hash per eCash message signing protocol
+	  static _magicHash (msg) {
+	    const encoder = new TextEncoder();
+	    const prefix = encoder.encode('\x16eCash Signed Message:\n');
+	    const messageBytes = encoder.encode(msg);
+
+	    // Write varint for message length
+	    const len = messageBytes.length;
+	    let varintBytes;
+	    if (len < 0xfd) {
+	      varintBytes = new Uint8Array([len]);
+	    } else if (len <= 0xffff) {
+	      varintBytes = new Uint8Array([0xfd, len & 0xff, (len >> 8) & 0xff]);
+	    } else {
+	      varintBytes = new Uint8Array([
+	        0xfe, len & 0xff, (len >> 8) & 0xff,
+	        (len >> 16) & 0xff, (len >> 24) & 0xff
+	      ]);
+	    }
+
+	    // Concatenate: prefix + varint + message
+	    const data = new Uint8Array(prefix.length + varintBytes.length + messageBytes.length);
+	    data.set(prefix, 0);
+	    data.set(varintBytes, prefix.length);
+	    data.set(messageBytes, prefix.length + varintBytes.length);
+
+	    return ecashSha256d(data)
+	  }
 	}
 
 	minimalXecWallet = MinimalXECWallet;

package/dist/minimal-xec-wallet.js

@@ -32080,26 +32080,11 @@
 	  }
 
 	  signRecoverable (seckey, msg) {
-	    const sig = secp256k1.sign(msg, seckey, { lowS: true, prehash: false });
-	    const r = sig.r;
-	    const s = sig.s;
-	    const recovery = sig.recovery;
-	    // 65 bytes: [recovery_id, r(32), s(32)]
-	    const result = new Uint8Array(65);
-	    result[0] = recovery;
-	    result.set(bigIntToBytes(r, 32), 1);
-	    result.set(bigIntToBytes(s, 32), 33);
-	    return result
+	    return secp256k1.sign(msg, seckey, { lowS: true, prehash: false, format: 'recovered' })
 	  }
 
 	  recoverSig (sig, msg) {
-	    const recoveryId = sig[0];
-	    const r = bytesToBigInt(sig.slice(1, 33));
-	    const s = bytesToBigInt(sig.slice(33, 65));
-	    const Signature = secp256k1.Signature;
-	    const recSig = new Signature(r, s, recoveryId);
-	    const point = recSig.recoverPublicKey(msg);
-	    return point.toRawBytes(true)
+	    return secp256k1.recoverPublicKey(sig, msg, { prehash: false })
 	  }
 	}
 
@@ -45885,6 +45870,9 @@ zoo`.split('\n');
 		const ConsolidateUtxos = requireConsolidateUtxos();
 		const KeyDerivation = requireKeyDerivation();
 		const HybridTokenManager = requireHybridTokenManager();
+		const { Ecc, fromHex } = requireIndexBrowser();
+		const { sha256d: ecashSha256d, shaRmd160: ecashShaRmd160 } = requireHash();
+		const { decodeCashAddress } = requireCashaddr();
 
 		// let this
 
@@ -45994,6 +45982,8 @@ zoo`.split('\n');
 		    this._secureWalletInfo = this._secureWalletInfo.bind(this);
 		    this.exportPrivateKeyAsWIF = this.exportPrivateKeyAsWIF.bind(this);
 		    this.validateWIF = this.validateWIF.bind(this);
+		    this.signMessage = this.signMessage.bind(this);
+		    this.verifyMessage = this.verifyMessage.bind(this);
 		  }
 
 		  // Private method to validate XEC addresses
@@ -46943,6 +46933,95 @@ zoo`.split('\n');
 		      return false
 		    }
 		  }
+
+		  // Sign a message using the eCash message signing protocol
+		  signMessage (msg) {
+		    try {
+		      if (!this.walletInfo || !this.walletInfo.privateKey) {
+		        throw new Error('Wallet not initialized or no private key available')
+		      }
+		      if (!msg || typeof msg !== 'string') {
+		        throw new Error('Message must be a non-empty string')
+		      }
+
+		      const sk = fromHex(this.walletInfo.privateKey);
+		      const hash = MinimalXECWallet._magicHash(msg);
+		      const sig = new Ecc().signRecoverable(sk, hash);
+
+		      // Convert Uint8Array to base64
+		      const binaryString = String.fromCharCode.apply(null, sig);
+		      return globalThis.btoa(binaryString)
+		    } catch (err) {
+		      throw this._sanitizeError(err, 'Message signing failed')
+		    }
+		  }
+
+		  // Verify a message signature against an address
+		  verifyMessage (msg, signature, address) {
+		    try {
+		      if (!msg || typeof msg !== 'string') {
+		        throw new Error('Message must be a non-empty string')
+		      }
+		      if (!signature || typeof signature !== 'string') {
+		        throw new Error('Signature must be a non-empty string')
+		      }
+		      if (!address || typeof address !== 'string') {
+		        throw new Error('Address must be a non-empty string')
+		      }
+
+		      const hash = MinimalXECWallet._magicHash(msg);
+
+		      // Decode base64 signature to Uint8Array
+		      const binaryString = globalThis.atob(signature);
+		      const sig = new Uint8Array(binaryString.length);
+		      for (let i = 0; i < binaryString.length; i++) {
+		        sig[i] = binaryString.charCodeAt(i);
+		      }
+
+		      const recoveredPk = new Ecc().recoverSig(sig, hash);
+
+		      // Get hash160 of recovered public key as hex
+		      const recoveredHash = Array.from(ecashShaRmd160(recoveredPk))
+		        .map(b => b.toString(16).padStart(2, '0')).join('');
+
+		      // Get hash from the address
+		      const decoded = decodeCashAddress(address);
+		      const testedHash = decoded.hash;
+
+		      return recoveredHash === testedHash
+		    } catch (err) {
+		      return false
+		    }
+		  }
+
+		  // Prepare message hash per eCash message signing protocol
+		  static _magicHash (msg) {
+		    const encoder = new TextEncoder();
+		    const prefix = encoder.encode('\x16eCash Signed Message:\n');
+		    const messageBytes = encoder.encode(msg);
+
+		    // Write varint for message length
+		    const len = messageBytes.length;
+		    let varintBytes;
+		    if (len < 0xfd) {
+		      varintBytes = new Uint8Array([len]);
+		    } else if (len <= 0xffff) {
+		      varintBytes = new Uint8Array([0xfd, len & 0xff, (len >> 8) & 0xff]);
+		    } else {
+		      varintBytes = new Uint8Array([
+		        0xfe, len & 0xff, (len >> 8) & 0xff,
+		        (len >> 16) & 0xff, (len >> 24) & 0xff
+		      ]);
+		    }
+
+		    // Concatenate: prefix + varint + message
+		    const data = new Uint8Array(prefix.length + varintBytes.length + messageBytes.length);
+		    data.set(prefix, 0);
+		    data.set(varintBytes, prefix.length);
+		    data.set(messageBytes, prefix.length + varintBytes.length);
+
+		    return ecashSha256d(data)
+		  }
 		}
 
 		minimalXecWallet = MinimalXECWallet;