xpi-ts 0.2.13 → 0.2.15

package/dist/cjs/lib/bitcore/script/interpreter/script-num.js

@@ -0,0 +1,200 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ScriptNum = exports.ScriptNumError = void 0;
+const buffer_1 = require("../../util/buffer");
+const types_1 = require("./types");
+class ScriptNumError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'ScriptNumError';
+    }
+}
+exports.ScriptNumError = ScriptNumError;
+class ScriptNum {
+    static INT64_MAX = (1n << 63n) - 1n;
+    static INT64_MIN_EXCLUSIVE = -(1n << 63n) + 1n;
+    value;
+    constructor(value) {
+        this.value = value;
+    }
+    static fromBuffer(buf, requireMinimal = true, maxSize = types_1.SCRIPTNUM_MAX_ELEMENT_SIZE) {
+        if (buf.length > maxSize) {
+            throw new ScriptNumError('script number overflow');
+        }
+        if (requireMinimal && !ScriptNum.isMinimallyEncoded(buf, maxSize)) {
+            throw new ScriptNumError('non-minimally encoded script number');
+        }
+        return new ScriptNum(ScriptNum.decode(buf));
+    }
+    static isMinimallyEncoded(buf, maxSize = types_1.SCRIPTNUM_MAX_ELEMENT_SIZE) {
+        if (buf.length > maxSize) {
+            return false;
+        }
+        if (buf.length === 0) {
+            return true;
+        }
+        if ((buf[buf.length - 1] & 0x7f) === 0) {
+            if (buf.length <= 1 || (buf[buf.length - 2] & 0x80) === 0) {
+                return false;
+            }
+        }
+        return true;
+    }
+    static minimallyEncode(data) {
+        if (data.length === 0) {
+            return data;
+        }
+        let last = data[data.length - 1];
+        if ((last & 0x7f) !== 0) {
+            return data;
+        }
+        let i = data.length - 1;
+        while (i > 0 && data[i] === 0) {
+            i--;
+        }
+        if (i === 0 && data[0] === 0) {
+            return buffer_1.BufferUtil.alloc(0);
+        }
+        const result = buffer_1.BufferUtil.alloc(i + 1 + ((data[i] & 0x80) !== 0 ? 1 : 0));
+        data.copy(result, 0, 0, i + 1);
+        if ((data[i] & 0x80) !== 0) {
+            result[result.length - 1] = last & 0x80;
+        }
+        else {
+            result[i] |= last & 0x80;
+        }
+        return result;
+    }
+    static decode(buf) {
+        if (buf.length === 0) {
+            return 0n;
+        }
+        let result = 0n;
+        for (let i = 0; i < buf.length; i++) {
+            result |= BigInt(buf[i]) << BigInt(8 * i);
+        }
+        if (buf[buf.length - 1] & 0x80) {
+            const mask = 0x80n << BigInt(8 * (buf.length - 1));
+            return -(result & ~mask);
+        }
+        return result;
+    }
+    toBuffer() {
+        return ScriptNum.serialize(this.value);
+    }
+    static serialize(value) {
+        if (value === 0n) {
+            return buffer_1.BufferUtil.alloc(0);
+        }
+        const neg = value < 0n;
+        let absvalue = neg ? -value : value;
+        const result = [];
+        while (absvalue > 0n) {
+            result.push(Number(absvalue & 0xffn));
+            absvalue >>= 8n;
+        }
+        if (result[result.length - 1] & 0x80) {
+            result.push(neg ? 0x80 : 0x00);
+        }
+        else if (neg) {
+            result[result.length - 1] |= 0x80;
+        }
+        return buffer_1.BufferUtil.from(result);
+    }
+    toNumber() {
+        const MAX_INT = 2_147_483_647;
+        const MIN_INT = -2_147_483_648;
+        if (this.value > BigInt(MAX_INT)) {
+            return MAX_INT;
+        }
+        if (this.value < BigInt(MIN_INT)) {
+            return MIN_INT;
+        }
+        return Number(this.value);
+    }
+    add(other) {
+        const result = this.value + other.value;
+        ScriptNum.checkOverflow(result);
+        return new ScriptNum(result);
+    }
+    sub(other) {
+        const result = this.value - other.value;
+        ScriptNum.checkOverflow(result);
+        return new ScriptNum(result);
+    }
+    negate() {
+        return new ScriptNum(-this.value);
+    }
+    abs() {
+        return this.value < 0n ? this.negate() : this;
+    }
+    div(other) {
+        return new ScriptNum(this.value / other.value);
+    }
+    mod(other) {
+        return new ScriptNum(this.value % other.value);
+    }
+    mulpow2(shift) {
+        if (this.value === 0n) {
+            return new ScriptNum(0n);
+        }
+        const sign = this.value > 0n ? 1n : -1n;
+        const absval = this.value > 0n ? this.value : -this.value;
+        if (shift.value > 0n) {
+            if (shift.value >= 63n) {
+                throw new ScriptNumError('script number mulpow2 non-zero shift >= 63');
+            }
+            const overflowMask = ~((1n << (63n - shift.value)) - 1n) & ((1n << 64n) - 1n);
+            if ((absval & overflowMask) !== 0n) {
+                throw new ScriptNumError('script number mulpow2 overflow');
+            }
+            return new ScriptNum(sign * (absval << shift.value));
+        }
+        else {
+            const rshift = -shift.value;
+            if (rshift >= 63n) {
+                return new ScriptNum(0n);
+            }
+            return new ScriptNum(sign * (absval >> rshift));
+        }
+    }
+    bitwiseAnd(mask) {
+        return new ScriptNum(this.value & mask);
+    }
+    isZero() {
+        return this.value === 0n;
+    }
+    isNegative() {
+        return this.value < 0n;
+    }
+    lt(other) {
+        const val = other instanceof ScriptNum ? other.value : other;
+        return this.value < val;
+    }
+    gt(other) {
+        const val = other instanceof ScriptNum ? other.value : other;
+        return this.value > val;
+    }
+    lte(other) {
+        const val = other instanceof ScriptNum ? other.value : other;
+        return this.value <= val;
+    }
+    gte(other) {
+        const val = other instanceof ScriptNum ? other.value : other;
+        return this.value >= val;
+    }
+    eq(other) {
+        const val = other instanceof ScriptNum ? other.value : other;
+        return this.value === val;
+    }
+    neq(other) {
+        const val = other instanceof ScriptNum ? other.value : other;
+        return this.value !== val;
+    }
+    static checkOverflow(value) {
+        if (value > ScriptNum.INT64_MAX || value < ScriptNum.INT64_MIN_EXCLUSIVE) {
+            throw new ScriptNumError('script number overflow');
+        }
+    }
+}
+exports.ScriptNum = ScriptNum;

package/dist/cjs/lib/bitcore/script/interpreter/types.js

@@ -0,0 +1,96 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NULL_SIGNATURE_CHECKER = exports.ScriptError = exports.STANDARD_SCRIPT_VERIFY_FLAGS = exports.ScriptFlags = exports.SCRIPTNUM_MAX_ELEMENT_SIZE = exports.LOCKTIME_THRESHOLD = exports.MAX_NUM2BIN_SIZE = exports.MAX_STACK_SIZE = exports.MAX_SCRIPT_SIZE = exports.MAX_PUBKEYS_PER_MULTISIG = exports.MAX_OPS_PER_SCRIPT = exports.MAX_SCRIPT_ELEMENT_SIZE = void 0;
+exports.MAX_SCRIPT_ELEMENT_SIZE = 520;
+exports.MAX_OPS_PER_SCRIPT = 400;
+exports.MAX_PUBKEYS_PER_MULTISIG = 20;
+exports.MAX_SCRIPT_SIZE = 10_000;
+exports.MAX_STACK_SIZE = 1_000;
+exports.MAX_NUM2BIN_SIZE = 68;
+exports.LOCKTIME_THRESHOLD = 500_000_000;
+exports.SCRIPTNUM_MAX_ELEMENT_SIZE = 8;
+var ScriptFlags;
+(function (ScriptFlags) {
+    ScriptFlags[ScriptFlags["VERIFY_NONE"] = 0] = "VERIFY_NONE";
+    ScriptFlags[ScriptFlags["TAPROOT_KEY_SPEND_PATH"] = 1] = "TAPROOT_KEY_SPEND_PATH";
+    ScriptFlags[ScriptFlags["DISABLE_TAPROOT_SIGHASH_LOTUS"] = 2] = "DISABLE_TAPROOT_SIGHASH_LOTUS";
+    ScriptFlags[ScriptFlags["VERIFY_DISCOURAGE_UPGRADABLE_NOPS"] = 128] = "VERIFY_DISCOURAGE_UPGRADABLE_NOPS";
+    ScriptFlags[ScriptFlags["VERIFY_CLEANSTACK"] = 256] = "VERIFY_CLEANSTACK";
+    ScriptFlags[ScriptFlags["VERIFY_MINIMALIF"] = 8192] = "VERIFY_MINIMALIF";
+    ScriptFlags[ScriptFlags["ENABLE_SIGHASH_FORKID"] = 65536] = "ENABLE_SIGHASH_FORKID";
+    ScriptFlags[ScriptFlags["ENABLE_REPLAY_PROTECTION"] = 131072] = "ENABLE_REPLAY_PROTECTION";
+    ScriptFlags[ScriptFlags["VERIFY_INPUT_SIGCHECKS"] = 4194304] = "VERIFY_INPUT_SIGCHECKS";
+})(ScriptFlags || (exports.ScriptFlags = ScriptFlags = {}));
+exports.STANDARD_SCRIPT_VERIFY_FLAGS = ScriptFlags.VERIFY_CLEANSTACK |
+    ScriptFlags.VERIFY_DISCOURAGE_UPGRADABLE_NOPS |
+    ScriptFlags.VERIFY_MINIMALIF |
+    ScriptFlags.ENABLE_SIGHASH_FORKID |
+    ScriptFlags.VERIFY_INPUT_SIGCHECKS;
+var ScriptError;
+(function (ScriptError) {
+    ScriptError["OK"] = "OK";
+    ScriptError["UNKNOWN"] = "UNKNOWN";
+    ScriptError["EVAL_FALSE"] = "EVAL_FALSE";
+    ScriptError["OP_RETURN"] = "OP_RETURN";
+    ScriptError["SCRIPT_SIZE"] = "SCRIPT_SIZE";
+    ScriptError["PUSH_SIZE"] = "PUSH_SIZE";
+    ScriptError["OP_COUNT"] = "OP_COUNT";
+    ScriptError["STACK_SIZE"] = "STACK_SIZE";
+    ScriptError["SIG_COUNT"] = "SIG_COUNT";
+    ScriptError["PUBKEY_COUNT"] = "PUBKEY_COUNT";
+    ScriptError["INPUT_SIGCHECKS"] = "INPUT_SIGCHECKS";
+    ScriptError["INVALID_OPERAND_SIZE"] = "INVALID_OPERAND_SIZE";
+    ScriptError["INVALID_NUMBER_RANGE"] = "INVALID_NUMBER_RANGE";
+    ScriptError["IMPOSSIBLE_ENCODING"] = "IMPOSSIBLE_ENCODING";
+    ScriptError["INVALID_SPLIT_RANGE"] = "INVALID_SPLIT_RANGE";
+    ScriptError["INVALID_BIT_COUNT"] = "INVALID_BIT_COUNT";
+    ScriptError["VERIFY"] = "VERIFY";
+    ScriptError["EQUALVERIFY"] = "EQUALVERIFY";
+    ScriptError["CHECKMULTISIGVERIFY"] = "CHECKMULTISIGVERIFY";
+    ScriptError["CHECKSIGVERIFY"] = "CHECKSIGVERIFY";
+    ScriptError["CHECKDATASIGVERIFY"] = "CHECKDATASIGVERIFY";
+    ScriptError["NUMEQUALVERIFY"] = "NUMEQUALVERIFY";
+    ScriptError["BAD_OPCODE"] = "BAD_OPCODE";
+    ScriptError["DISABLED_OPCODE"] = "DISABLED_OPCODE";
+    ScriptError["INVALID_STACK_OPERATION"] = "INVALID_STACK_OPERATION";
+    ScriptError["INVALID_ALTSTACK_OPERATION"] = "INVALID_ALTSTACK_OPERATION";
+    ScriptError["UNBALANCED_CONDITIONAL"] = "UNBALANCED_CONDITIONAL";
+    ScriptError["DIV_BY_ZERO"] = "DIV_BY_ZERO";
+    ScriptError["MOD_BY_ZERO"] = "MOD_BY_ZERO";
+    ScriptError["INVALID_BITFIELD_SIZE"] = "INVALID_BITFIELD_SIZE";
+    ScriptError["INVALID_BIT_RANGE"] = "INVALID_BIT_RANGE";
+    ScriptError["NEGATIVE_LOCKTIME"] = "NEGATIVE_LOCKTIME";
+    ScriptError["UNSATISFIED_LOCKTIME"] = "UNSATISFIED_LOCKTIME";
+    ScriptError["SIG_HASHTYPE"] = "SIG_HASHTYPE";
+    ScriptError["SIG_DER"] = "SIG_DER";
+    ScriptError["MINIMALDATA"] = "MINIMALDATA";
+    ScriptError["SIG_PUSHONLY"] = "SIG_PUSHONLY";
+    ScriptError["SIG_HIGH_S"] = "SIG_HIGH_S";
+    ScriptError["PUBKEYTYPE"] = "PUBKEYTYPE";
+    ScriptError["CLEANSTACK"] = "CLEANSTACK";
+    ScriptError["MINIMALIF"] = "MINIMALIF";
+    ScriptError["SIG_NULLFAIL"] = "SIG_NULLFAIL";
+    ScriptError["SIG_BADLENGTH"] = "SIG_BADLENGTH";
+    ScriptError["SIG_NONSCHNORR"] = "SIG_NONSCHNORR";
+    ScriptError["DISCOURAGE_UPGRADABLE_NOPS"] = "DISCOURAGE_UPGRADABLE_NOPS";
+    ScriptError["ILLEGAL_FORKID"] = "ILLEGAL_FORKID";
+    ScriptError["MUST_USE_FORKID"] = "MUST_USE_FORKID";
+    ScriptError["INVALID_NUM2BIN_SIZE"] = "INVALID_NUM2BIN_SIZE";
+    ScriptError["INVALID_OP_SCRIPTTYPE"] = "INVALID_OP_SCRIPTTYPE";
+    ScriptError["SCRIPTTYPE_INVALID_TYPE"] = "SCRIPTTYPE_INVALID_TYPE";
+    ScriptError["SCRIPTTYPE_MALFORMED_SCRIPT"] = "SCRIPTTYPE_MALFORMED_SCRIPT";
+    ScriptError["TAPROOT_KEY_SPEND_MUST_USE_LOTUS_SIGHASH"] = "TAPROOT_KEY_SPEND_MUST_USE_LOTUS_SIGHASH";
+    ScriptError["TAPROOT_KEY_SPEND_MUST_USE_SCHNORR_SIG"] = "TAPROOT_KEY_SPEND_MUST_USE_SCHNORR_SIG";
+    ScriptError["TAPROOT_VERIFY_SIGNATURE_FAILED"] = "TAPROOT_VERIFY_SIGNATURE_FAILED";
+    ScriptError["TAPROOT_ANNEX_NOT_SUPPORTED"] = "TAPROOT_ANNEX_NOT_SUPPORTED";
+    ScriptError["TAPROOT_WRONG_CONTROL_SIZE"] = "TAPROOT_WRONG_CONTROL_SIZE";
+    ScriptError["TAPROOT_VERIFY_COMMITMENT_FAILED"] = "TAPROOT_VERIFY_COMMITMENT_FAILED";
+    ScriptError["TAPROOT_LEAF_VERSION_NOT_SUPPORTED"] = "TAPROOT_LEAF_VERSION_NOT_SUPPORTED";
+    ScriptError["TAPROOT_PHASEOUT"] = "TAPROOT_PHASEOUT";
+})(ScriptError || (exports.ScriptError = ScriptError = {}));
+exports.NULL_SIGNATURE_CHECKER = {
+    verifySignature: () => false,
+    checkSignature: () => false,
+    checkLockTime: () => false,
+    checkSequence: () => false,
+};

package/dist/cjs/lib/bitcore/{taproot.js → script/taproot.js}

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.TAPROOT_ANNEX_TAG = exports.TAPROOT_SIGHASH_TYPE = exports.TAPROOT_SIZE_WITH_STATE = exports.TAPROOT_SIZE_WITHOUT_STATE = exports.TAPROOT_INTRO_SIZE = exports.TAPROOT_SCRIPTTYPE = exports.TAPROOT_CONTROL_MAX_SIZE = exports.TAPROOT_CONTROL_MAX_NODE_COUNT = exports.TAPROOT_CONTROL_NODE_SIZE = exports.TAPROOT_CONTROL_BASE_SIZE = exports.TAPROOT_LEAF_TAPSCRIPT = exports.TAPROOT_LEAF_MASK = void 0;
+exports.TAPROOT_TAG_TAPTWEAK = exports.TAPROOT_TAG_TAPBRANCH = exports.TAPROOT_TAG_TAPLEAF = exports.TAPROOT_ANNEX_TAG = exports.TAPROOT_SIGHASH_TYPE = exports.TAPROOT_SIZE_WITH_STATE = exports.TAPROOT_SIZE_WITHOUT_STATE = exports.TAPROOT_STATE_PUSH_SIZE = exports.SHA256_HASH_SIZE = exports.PUBKEY_XCOORD_SIZE = exports.PUBKEY_UNCOMPRESSED_SIZE = exports.PUBKEY_COMPRESSED_SIZE = exports.TAPROOT_INTRO_SIZE = exports.TAPROOT_SCRIPTTYPE = exports.TAPROOT_CONTROL_MAX_SIZE = exports.TAPROOT_CONTROL_MAX_NODE_COUNT = exports.TAPROOT_CONTROL_NODE_SIZE = exports.TAPROOT_CONTROL_BASE_SIZE = exports.TAPROOT_LEAF_TAPSCRIPT = exports.TAPROOT_LEAF_MASK = void 0;
 exports.taggedHash = taggedHash;
 exports.calculateTapTweak = calculateTapTweak;
 exports.calculateTapLeaf = calculateTapLeaf;
@@ -11,23 +11,25 @@ exports.isTapLeafNode = isTapLeafNode;
 exports.isTapBranchNode = isTapBranchNode;
 exports.buildTapTree = buildTapTree;
 exports.createControlBlock = createControlBlock;
+exports.applyTweakToPublicKey = applyTweakToPublicKey;
 exports.verifyTaprootCommitment = verifyTaprootCommitment;
-exports.isPayToTaproot = isPayToTaproot;
 exports.extractTaprootCommitment = extractTaprootCommitment;
 exports.extractTaprootState = extractTaprootState;
 exports.buildPayToTaproot = buildPayToTaproot;
 exports.buildKeyPathTaproot = buildKeyPathTaproot;
 exports.buildScriptPathTaproot = buildScriptPathTaproot;
 exports.verifyTaprootScriptPath = verifyTaprootScriptPath;
+exports.verifyTaprootScriptPathFromControlBlock = verifyTaprootScriptPathFromControlBlock;
 exports.verifyTaprootSpend = verifyTaprootSpend;
-const hash_js_1 = require("./crypto/hash.js");
-const publickey_js_1 = require("./publickey.js");
-const privatekey_js_1 = require("./privatekey.js");
-const script_js_1 = require("./script.js");
-const opcode_js_1 = require("./opcode.js");
-const bn_js_1 = require("./crypto/bn.js");
-const bufferwriter_js_1 = require("./encoding/bufferwriter.js");
-const signature_js_1 = require("./crypto/signature.js");
+const hash_1 = require("../crypto/hash");
+const publickey_1 = require("../publickey");
+const privatekey_1 = require("../privatekey");
+const script_1 = require("../script");
+const opcode_1 = require("../opcode");
+const bn_1 = require("../crypto/bn");
+const bufferwriter_1 = require("../encoding/bufferwriter");
+const buffer_1 = require("../util/buffer");
+const signature_1 = require("../crypto/signature");
 exports.TAPROOT_LEAF_MASK = 0xfe;
 exports.TAPROOT_LEAF_TAPSCRIPT = 0xc0;
 exports.TAPROOT_CONTROL_BASE_SIZE = 33;
@@ -35,47 +37,53 @@ exports.TAPROOT_CONTROL_NODE_SIZE = 32;
 exports.TAPROOT_CONTROL_MAX_NODE_COUNT = 128;
 exports.TAPROOT_CONTROL_MAX_SIZE = exports.TAPROOT_CONTROL_BASE_SIZE +
     exports.TAPROOT_CONTROL_NODE_SIZE * exports.TAPROOT_CONTROL_MAX_NODE_COUNT;
-exports.TAPROOT_SCRIPTTYPE = opcode_js_1.Opcode.OP_1;
+exports.TAPROOT_SCRIPTTYPE = opcode_1.Opcode.OP_1;
 exports.TAPROOT_INTRO_SIZE = 3;
-exports.TAPROOT_SIZE_WITHOUT_STATE = exports.TAPROOT_INTRO_SIZE + 33;
-exports.TAPROOT_SIZE_WITH_STATE = exports.TAPROOT_INTRO_SIZE + 33 + 33;
-exports.TAPROOT_SIGHASH_TYPE = signature_js_1.Signature.SIGHASH_ALL | signature_js_1.Signature.SIGHASH_LOTUS;
+exports.PUBKEY_COMPRESSED_SIZE = 33;
+exports.PUBKEY_UNCOMPRESSED_SIZE = 65;
+exports.PUBKEY_XCOORD_SIZE = 32;
+exports.SHA256_HASH_SIZE = 32;
+exports.TAPROOT_STATE_PUSH_SIZE = 32;
+exports.TAPROOT_SIZE_WITHOUT_STATE = exports.TAPROOT_INTRO_SIZE + exports.PUBKEY_COMPRESSED_SIZE;
+exports.TAPROOT_SIZE_WITH_STATE = exports.TAPROOT_INTRO_SIZE + exports.PUBKEY_COMPRESSED_SIZE + 1 + exports.SHA256_HASH_SIZE;
+exports.TAPROOT_SIGHASH_TYPE = signature_1.Signature.SIGHASH_ALL | signature_1.Signature.SIGHASH_LOTUS;
 exports.TAPROOT_ANNEX_TAG = 0x50;
+exports.TAPROOT_TAG_TAPLEAF = 'TapLeaf';
+exports.TAPROOT_TAG_TAPBRANCH = 'TapBranch';
+exports.TAPROOT_TAG_TAPTWEAK = 'TapTweak';
 function taggedHash(tag, data) {
-    const tagHash = hash_js_1.Hash.sha256(Buffer.from(tag, 'utf8'));
-    const combined = Buffer.concat([tagHash, tagHash, data]);
-    return hash_js_1.Hash.sha256(combined);
+    const tagHash = hash_1.Hash.sha256(buffer_1.BufferUtil.from(tag, 'utf8'));
+    const combined = buffer_1.BufferUtil.concat([tagHash, tagHash, data]);
+    return hash_1.Hash.sha256(combined);
 }
-function calculateTapTweak(internalPubKey, merkleRoot = Buffer.alloc(32)) {
-    const pubKeyBytes = internalPubKey.toBuffer();
-    const data = Buffer.concat([pubKeyBytes, merkleRoot]);
-    return taggedHash('TapTweak', data);
+function calculateTapTweak(internalPubKey, merkleRoot = buffer_1.BufferUtil.alloc(exports.SHA256_HASH_SIZE)) {
+    return taggedHash(exports.TAPROOT_TAG_TAPTWEAK, buffer_1.BufferUtil.concat([internalPubKey.toBuffer(), merkleRoot]));
 }
 function calculateTapLeaf(script, leafVersion = exports.TAPROOT_LEAF_TAPSCRIPT) {
-    const scriptBuf = Buffer.isBuffer(script) ? script : script.toBuffer();
-    const writer = new bufferwriter_js_1.BufferWriter();
+    const scriptBuf = buffer_1.BufferUtil.isBuffer(script) ? script : script.toBuffer();
+    const writer = new bufferwriter_1.BufferWriter();
     writer.writeUInt8(leafVersion);
     writer.writeVarintNum(scriptBuf.length);
     writer.write(scriptBuf);
-    return taggedHash('TapLeaf', writer.toBuffer());
+    return taggedHash(exports.TAPROOT_TAG_TAPLEAF, writer.toBuffer());
 }
 function calculateTapBranch(left, right) {
-    const ordered = Buffer.compare(left, right) < 0
-        ? Buffer.concat([left, right])
-        : Buffer.concat([right, left]);
-    return taggedHash('TapBranch', ordered);
+    const ordered = buffer_1.BufferUtil.compare(left, right) < 0
+        ? buffer_1.BufferUtil.concat([left, right])
+        : buffer_1.BufferUtil.concat([right, left]);
+    return taggedHash(exports.TAPROOT_TAG_TAPBRANCH, ordered);
 }
-function tweakPublicKey(internalPubKey, merkleRoot = Buffer.alloc(32)) {
+function tweakPublicKey(internalPubKey, merkleRoot = buffer_1.BufferUtil.alloc(exports.SHA256_HASH_SIZE)) {
     const tweak = calculateTapTweak(internalPubKey, merkleRoot);
     return internalPubKey.addScalar(tweak);
 }
-function tweakPrivateKey(internalPrivKey, merkleRoot = Buffer.alloc(32)) {
+function tweakPrivateKey(internalPrivKey, merkleRoot = buffer_1.BufferUtil.alloc(exports.SHA256_HASH_SIZE)) {
     const internalPubKey = internalPrivKey.publicKey;
     const tweak = calculateTapTweak(internalPubKey, merkleRoot);
-    const tweakBN = new bn_js_1.BN(tweak);
+    const tweakBN = new bn_1.BN(tweak);
     const privKeyBN = internalPrivKey.bn;
-    const tweakedBN = privKeyBN.add(tweakBN).umod(publickey_js_1.PublicKey.getN());
-    return new privatekey_js_1.PrivateKey(tweakedBN);
+    const tweakedBN = privKeyBN.add(tweakBN).umod(publickey_1.PublicKey.getN());
+    return new privatekey_1.PrivateKey(tweakedBN);
 }
 function isTapLeafNode(node) {
     return 'script' in node;
@@ -87,7 +95,7 @@ function buildTapTree(tree) {
     if (isTapLeafNode(tree)) {
         const leafNode = tree;
         const leafVersion = leafNode.leafVersion || exports.TAPROOT_LEAF_TAPSCRIPT;
-        const scriptBuf = Buffer.isBuffer(leafNode.script)
+        const scriptBuf = buffer_1.BufferUtil.isBuffer(leafNode.script)
             ? leafNode.script
             : leafNode.script.toBuffer();
         const leafHash = calculateTapLeaf(scriptBuf, leafVersion);
@@ -95,7 +103,7 @@ function buildTapTree(tree) {
             merkleRoot: leafHash,
             leaves: [
                 {
-                    script: script_js_1.Script.fromBuffer(scriptBuf),
+                    script: script_1.Script.fromBuffer(scriptBuf),
                     leafVersion,
                     leafHash,
                     merklePath: [],
@@ -126,83 +134,83 @@ function createControlBlock(internalPubKey, leafIndex, tree) {
     }
     const leaf = treeResult.leaves[leafIndex];
     const pubKeyBytes = internalPubKey.toBuffer();
-    const parity = pubKeyBytes[0] === 0x03 ? 1 : 0;
+    const parity = pubKeyBytes[0] === publickey_1.PUBKEY_PREFIX_ODD ? 1 : 0;
     const controlByte = (leaf.leafVersion & exports.TAPROOT_LEAF_MASK) | parity;
-    const writer = new bufferwriter_js_1.BufferWriter();
+    const writer = new bufferwriter_1.BufferWriter();
     writer.writeUInt8(controlByte);
-    writer.write(pubKeyBytes.slice(1, 33));
+    writer.write(pubKeyBytes.slice(1, exports.PUBKEY_COMPRESSED_SIZE));
     for (const node of leaf.merklePath) {
         writer.write(node);
     }
     return writer.toBuffer();
 }
-function verifyTaprootCommitment(commitmentPubKey, internalPubKey, merkleRoot) {
-    const expectedCommitment = tweakPublicKey(internalPubKey, merkleRoot);
-    return commitmentPubKey.toString() === expectedCommitment.toString();
+function applyTweakToPublicKey(internalPubKey, tweak) {
+    return internalPubKey.addScalar(tweak);
 }
-function isPayToTaproot(script) {
-    const buf = script.toBuffer();
-    if (buf.length < exports.TAPROOT_SIZE_WITHOUT_STATE) {
-        return false;
-    }
-    if (buf[0] !== opcode_js_1.Opcode.OP_SCRIPTTYPE || buf[1] !== exports.TAPROOT_SCRIPTTYPE) {
-        return false;
-    }
-    if (buf[2] !== 33) {
-        return false;
+function verifyTaprootCommitment(controlBlock, commitment, script) {
+    try {
+        if (controlBlock.length < exports.TAPROOT_CONTROL_BASE_SIZE) {
+            return { tapleafHash: buffer_1.BufferUtil.alloc(exports.SHA256_HASH_SIZE), success: false };
+        }
+        const pathLen = Math.floor((controlBlock.length - exports.TAPROOT_CONTROL_BASE_SIZE) /
+            exports.TAPROOT_CONTROL_NODE_SIZE);
+        const leafVersion = controlBlock[0] & exports.TAPROOT_LEAF_MASK;
+        let leafHash = calculateTapLeaf(script, leafVersion);
+        let merkleHash = leafHash;
+        for (let i = 0; i < pathLen; i++) {
+            const nodeOffset = exports.TAPROOT_CONTROL_BASE_SIZE + i * exports.TAPROOT_CONTROL_NODE_SIZE;
+            const node = controlBlock.slice(nodeOffset, nodeOffset + exports.TAPROOT_CONTROL_NODE_SIZE);
+            if (buffer_1.BufferUtil.compare(merkleHash, node) < 0) {
+                merkleHash = calculateTapBranch(merkleHash, node);
+            }
+            else {
+                merkleHash = calculateTapBranch(node, merkleHash);
+            }
+        }
+        const pubkeyBytes = controlBlock.slice(0, exports.TAPROOT_CONTROL_BASE_SIZE);
+        const pubkeyBuffer = buffer_1.BufferUtil.from(pubkeyBytes);
+        pubkeyBuffer[0] =
+            pubkeyBuffer[0] & 1 ? publickey_1.PUBKEY_PREFIX_ODD : publickey_1.PUBKEY_PREFIX_EVEN;
+        const internalPubKey = new publickey_1.PublicKey(pubkeyBuffer);
+        const tweakHash = calculateTapTweak(internalPubKey, merkleHash);
+        const commitmentKey = new publickey_1.PublicKey(commitment);
+        const expectedCommitment = applyTweakToPublicKey(internalPubKey, tweakHash);
+        return {
+            tapleafHash: leafHash,
+            success: commitmentKey.toString() === expectedCommitment.toString(),
+        };
     }
-    if (buf.length === exports.TAPROOT_SIZE_WITHOUT_STATE) {
-        return true;
+    catch (e) {
+        return { tapleafHash: buffer_1.BufferUtil.alloc(exports.SHA256_HASH_SIZE), success: false };
     }
-    return (buf.length === exports.TAPROOT_SIZE_WITH_STATE &&
-        buf[exports.TAPROOT_SIZE_WITHOUT_STATE] === 32);
 }
 function extractTaprootCommitment(script) {
-    if (!isPayToTaproot(script)) {
+    if (!script.isTaprootOut()) {
         throw new Error('Not a valid Pay-To-Taproot script');
     }
-    const buf = script.toBuffer();
-    const commitmentBytes = buf.subarray(3, 3 + 33);
-    return publickey_js_1.PublicKey.fromBuffer(commitmentBytes);
+    return publickey_1.PublicKey.fromBuffer(script.chunks[2].buf);
 }
 function extractTaprootState(script) {
-    const buf = script.toBuffer();
-    if (buf.length !== exports.TAPROOT_SIZE_WITH_STATE) {
+    if (!script.isTaprootOut()) {
         return null;
     }
-    return buf.subarray(exports.TAPROOT_SIZE_WITHOUT_STATE + 1, exports.TAPROOT_SIZE_WITH_STATE);
-}
-function buildPayToTaproot(commitment, state) {
-    if (state && state.length !== 32) {
-        throw new Error('Taproot state must be exactly 32 bytes');
-    }
-    const commitmentBytes = commitment.toBuffer();
-    if (commitmentBytes.length !== 33) {
-        throw new Error('Commitment must be 33-byte compressed public key');
-    }
-    if (state) {
-        return new script_js_1.Script()
-            .add(opcode_js_1.Opcode.OP_SCRIPTTYPE)
-            .add(exports.TAPROOT_SCRIPTTYPE)
-            .add(commitmentBytes)
-            .add(state);
-    }
-    else {
-        return new script_js_1.Script()
-            .add(opcode_js_1.Opcode.OP_SCRIPTTYPE)
-            .add(exports.TAPROOT_SCRIPTTYPE)
-            .add(commitmentBytes);
+    if (script.chunks.length !== 4) {
+        return null;
     }
+    return script.chunks[3].buf;
+}
+function buildPayToTaproot(_commitment, _state) {
+    throw new Error('This function has been deprecated. Used Script.buildTaprootOut instead');
 }
-function buildKeyPathTaproot(internalPubKey, state) {
-    const merkleRoot = Buffer.alloc(32);
+function buildKeyPathTaproot(internalPubKey) {
+    const merkleRoot = buffer_1.BufferUtil.alloc(exports.SHA256_HASH_SIZE);
     const commitment = tweakPublicKey(internalPubKey, merkleRoot);
-    return buildPayToTaproot(commitment, state);
+    return script_1.Script.buildTaprootOut(commitment);
 }
 function buildScriptPathTaproot(internalPubKey, tree, state) {
     const treeInfo = buildTapTree(tree);
     const commitment = tweakPublicKey(internalPubKey, treeInfo.merkleRoot);
-    const script = buildPayToTaproot(commitment, state);
+    const script = script_1.Script.buildTaprootOut(commitment, state);
     return {
         script,
         commitment,
@@ -212,23 +220,23 @@ function buildScriptPathTaproot(internalPubKey, tree, state) {
 }
 function verifyTaprootScriptPath(internalPubKey, script, commitmentPubKey, leafVersion, merklePath, parity) {
     try {
-        const pubkeyPrefix = parity === 0 ? 0x02 : 0x03;
-        const fullPubkey = Buffer.concat([
-            Buffer.from([pubkeyPrefix]),
+        const pubkeyPrefix = parity === 0 ? publickey_1.PUBKEY_PREFIX_EVEN : publickey_1.PUBKEY_PREFIX_ODD;
+        const fullPubkey = buffer_1.BufferUtil.concat([
+            buffer_1.BufferUtil.from([pubkeyPrefix]),
             internalPubKey,
         ]);
         let leafHash = calculateTapLeaf(script, leafVersion);
         for (const pathNode of merklePath) {
-            if (Buffer.compare(leafHash, pathNode) < 0) {
+            if (buffer_1.BufferUtil.compare(leafHash, pathNode) < 0) {
                 leafHash = calculateTapBranch(leafHash, pathNode);
             }
             else {
                 leafHash = calculateTapBranch(pathNode, leafHash);
             }
         }
-        const internalKey = new publickey_js_1.PublicKey(fullPubkey);
+        const internalKey = new publickey_1.PublicKey(fullPubkey);
         const expectedCommitment = tweakPublicKey(internalKey, leafHash);
-        const actualCommitment = new publickey_js_1.PublicKey(commitmentPubKey);
+        const actualCommitment = new publickey_1.PublicKey(commitmentPubKey);
         if (expectedCommitment.toString() !== actualCommitment.toString()) {
             return false;
         }
@@ -238,6 +246,10 @@ function verifyTaprootScriptPath(internalPubKey, script, commitmentPubKey, leafV
         return false;
     }
 }
+function verifyTaprootScriptPathFromControlBlock(controlBlock, commitment, script) {
+    const result = verifyTaprootCommitment(controlBlock, commitment, script);
+    return result.success;
+}
 function verifyTaprootSpend(scriptPubkey, stack, flags) {
     const SCRIPT_DISABLE_TAPROOT_SIGHASH_LOTUS = 1 << 22;
     const SCRIPT_TAPROOT_KEY_SPEND_PATH = 1 << 23;
@@ -245,7 +257,7 @@ function verifyTaprootSpend(scriptPubkey, stack, flags) {
     if (flags & SCRIPT_DISABLE_TAPROOT_SIGHASH_LOTUS) {
         return { success: false, error: 'SCRIPT_ERR_TAPROOT_PHASEOUT' };
     }
-    if (!isPayToTaproot(scriptPubkey)) {
+    if (!scriptPubkey.isTaprootOut()) {
         return { success: false, error: 'SCRIPT_ERR_SCRIPTTYPE_MALFORMED_SCRIPT' };
     }
     const scriptBuf = scriptPubkey.toBuffer();
@@ -266,7 +278,7 @@ function verifyTaprootSpend(scriptPubkey, stack, flags) {
     }
     const controlBlock = stack[stack.length - 1];
     const scriptBytes = stack[stack.length - 2];
-    const execScript = new script_js_1.Script(scriptBytes);
+    const execScript = new script_1.Script(scriptBytes);
     const newStack = stack.slice(0, stack.length - 2);
     const sizeRemainder = (controlBlock.length - exports.TAPROOT_CONTROL_BASE_SIZE) %
         exports.TAPROOT_CONTROL_NODE_SIZE;