bitcoinjs#1552 testing stuff

Author: motorina0

p2tr-witness.js renamed to play/p2tr-witness.js

@@ -1,7 +1,7 @@
-const bscript = require('./src/script');
+const bscript = require('../src/script');
 const {
     Transaction
-} = require('./src/transaction')
+} = require('../src/transaction')
 
 const hex = '4da5fbaa000000002251206d1cb3f7811934f57a680ce8cabda34527cbcebf218a0fdc833b7a8e7df361ee';
 const prevout = Buffer.from(hex, 'hex');

play.js renamed to play/play.js

@@ -0,0 +1,5 @@
+const ecpair = require('../src/ecpair')
+
+const x = Buffer.from('79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798', 'hex');
+const point = ecpair.liftX(x)
+console.log('point', point.toString('hex'))

play/test-liftx.js

@@ -3,9 +3,21 @@ Object.defineProperty(exports, '__esModule', { value: true });
 const NETWORKS = require('./networks');
 const types = require('./types');
 const ecc = require('tiny-secp256k1');
+const BN = require('bn.js');
 const randomBytes = require('randombytes');
 const typeforce = require('typeforce');
 const wif = require('wif');
+const EC_P = new BN(
+  Buffer.from(
+    'fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f',
+    'hex',
+  ),
+);
+const EC_P_REDUCTION = BN.red(EC_P);
+const EC_P_QUADRATIC_RESIDUE = EC_P.addn(1).divn(4);
+const BN_2 = new BN(2);
+const BN_3 = new BN(3);
+const BN_7 = new BN(7);
 const isOptions = typeforce.maybe(
   typeforce.compile({
     compressed: types.maybe(types.Boolean),
@@ -71,6 +83,26 @@ function fromPublicKey(buffer, options) {
   return new ECPair(undefined, buffer, options);
 }
 exports.fromPublicKey = fromPublicKey;
+function liftX(buffer) {
+  typeforce(types.Buffer256bit, buffer);
+  const x = new BN(buffer);
+  if (x.gte(EC_P)) return null;
+  const xRed = x.toRed(EC_P_REDUCTION);
+  const ySq = xRed
+    .redPow(BN_3)
+    .add(BN_7)
+    .mod(EC_P);
+  const y = ySq.redPow(EC_P_QUADRATIC_RESIDUE);
+  if (!ySq.eq(y.redPow(BN_2))) {
+    return null;
+  }
+  const y1 = (y & 1) === 0 ? y : EC_P.sub(y);
+  return Buffer.concat([
+    Buffer.from(x.toBuffer('be')),
+    Buffer.from(y1.toBuffer('be')),
+  ]);
+}
+exports.liftX = liftX;
 function fromWIF(wifString, network) {
   const decoded = wif.decode(wifString);
   const version = decoded.version;

src/ecpair.js

@@ -0,0 +1,208 @@
+'use strict';
+Object.defineProperty(exports, '__esModule', { value: true });
+const bcrypto = require('../crypto');
+const networks_1 = require('../networks');
+const bscript = require('../script');
+const lazy = require('./lazy');
+const typef = require('typeforce');
+const OPS = bscript.OPS;
+const ecc = require('tiny-secp256k1');
+const { bech32, bech32m } = require('bech32');
+const EMPTY_BUFFER = Buffer.alloc(0);
+function stacksEqual(a, b) {
+  if (a.length !== b.length) return false;
+  return a.every((x, i) => {
+    return x.equals(b[i]);
+  });
+}
+function chunkHasUncompressedPubkey(chunk) {
+  if (
+    Buffer.isBuffer(chunk) &&
+    chunk.length === 65 &&
+    chunk[0] === 0x04 &&
+    ecc.isPoint(chunk)
+  ) {
+    return true;
+  } else {
+    return false;
+  }
+}
+// input: <>
+// witness: [redeemScriptSig ...] {redeemScript}
+// output: OP_1 {publicKey}
+function p2tr(a, opts) {
+  if (!a.address && !a.hash && !a.output && !a.redeem && !a.witness)
+    throw new TypeError('Not enough data');
+  opts = Object.assign({ validate: true }, opts || {});
+  typef(
+    {
+      network: typef.maybe(typef.Object),
+      address: typef.maybe(typef.String),
+      hash: typef.maybe(typef.BufferN(32)),
+      output: typef.maybe(typef.BufferN(34)),
+      redeem: typef.maybe({
+        input: typef.maybe(typef.Buffer),
+        network: typef.maybe(typef.Object),
+        output: typef.maybe(typef.Buffer),
+        witness: typef.maybe(typef.arrayOf(typef.Buffer)),
+      }),
+      input: typef.maybe(typef.BufferN(0)),
+      witness: typef.maybe(typef.arrayOf(typef.Buffer)),
+    },
+    a,
+  );
+  const _address = lazy.value(() => {
+    const result = bech32m.decode(a.address);
+    const version = result.words.shift();
+    const data = bech32m.fromWords(result.words);
+    return {
+      version,
+      prefix: result.prefix,
+      data: Buffer.from(data),
+    };
+  });
+  const _rchunks = lazy.value(() => {
+    return bscript.decompile(a.redeem.input);
+  });
+  let network = a.network;
+  if (!network) {
+    network = (a.redeem && a.redeem.network) || networks_1.bitcoin;
+  }
+  const o = { network };
+  lazy.prop(o, 'address', () => {
+    if (!o.hash) return;
+    const words = bech32.toWords(o.hash);
+    words.unshift(0x00);
+    return bech32.encode(network.bech32, words);
+  });
+  lazy.prop(o, 'hash', () => {
+    if (a.output) return a.output.slice(2);
+    if (a.address) return _address().data;
+    if (o.redeem && o.redeem.output) return bcrypto.sha256(o.redeem.output);
+  });
+  lazy.prop(o, 'output', () => {
+    if (!o.hash) return;
+    return bscript.compile([OPS.OP_1, o.hash]);
+  });
+  lazy.prop(o, 'redeem', () => {
+    if (!a.witness) return;
+    return {
+      output: a.witness[a.witness.length - 1],
+      input: EMPTY_BUFFER,
+      witness: a.witness.slice(0, -1),
+    };
+  });
+  lazy.prop(o, 'input', () => {
+    if (!o.witness) return;
+    return EMPTY_BUFFER;
+  });
+  lazy.prop(o, 'witness', () => {
+    // transform redeem input to witness stack?
+    if (
+      a.redeem &&
+      a.redeem.input &&
+      a.redeem.input.length > 0 &&
+      a.redeem.output &&
+      a.redeem.output.length > 0
+    ) {
+      const stack = bscript.toStack(_rchunks());
+      // assign, and blank the existing input
+      o.redeem = Object.assign({ witness: stack }, a.redeem);
+      o.redeem.input = EMPTY_BUFFER;
+      return [].concat(stack, a.redeem.output);
+    }
+    if (!a.redeem) return;
+    if (!a.redeem.output) return;
+    if (!a.redeem.witness) return;
+    return [].concat(a.redeem.witness, a.redeem.output);
+  });
+  lazy.prop(o, 'name', () => {
+    const nameParts = ['p2wsh'];
+    if (o.redeem !== undefined && o.redeem.name !== undefined)
+      nameParts.push(o.redeem.name);
+    return nameParts.join('-');
+  });
+  // extended validation
+  if (opts.validate) {
+    let hash = Buffer.from([]);
+    if (a.address) {
+      if (_address().prefix !== network.bech32)
+        throw new TypeError('Invalid prefix or Network mismatch');
+      if (_address().version !== 0x00)
+        throw new TypeError('Invalid address version');
+      if (_address().data.length !== 32)
+        throw new TypeError('Invalid address data');
+      hash = _address().data;
+    }
+    if (a.hash) {
+      if (hash.length > 0 && !hash.equals(a.hash))
+        throw new TypeError('Hash mismatch');
+      else hash = a.hash;
+    }
+    if (a.output) {
+      if (
+        a.output.length !== 34 ||
+        a.output[0] !== OPS.OP_0 ||
+        a.output[1] !== 0x20
+      )
+        throw new TypeError('Output is invalid');
+      const hash2 = a.output.slice(2);
+      if (hash.length > 0 && !hash.equals(hash2))
+        throw new TypeError('Hash mismatch');
+      else hash = hash2;
+    }
+    if (a.redeem) {
+      if (a.redeem.network && a.redeem.network !== network)
+        throw new TypeError('Network mismatch');
+      // is there two redeem sources?
+      if (
+        a.redeem.input &&
+        a.redeem.input.length > 0 &&
+        a.redeem.witness &&
+        a.redeem.witness.length > 0
+      )
+        throw new TypeError('Ambiguous witness source');
+      // is the redeem output non-empty?
+      if (a.redeem.output) {
+        if (bscript.decompile(a.redeem.output).length === 0)
+          throw new TypeError('Redeem.output is invalid');
+        // match hash against other sources
+        const hash2 = bcrypto.sha256(a.redeem.output);
+        if (hash.length > 0 && !hash.equals(hash2))
+          throw new TypeError('Hash mismatch');
+        else hash = hash2;
+      }
+      if (a.redeem.input && !bscript.isPushOnly(_rchunks()))
+        throw new TypeError('Non push-only scriptSig');
+      if (
+        a.witness &&
+        a.redeem.witness &&
+        !stacksEqual(a.witness, a.redeem.witness)
+      )
+        throw new TypeError('Witness and redeem.witness mismatch');
+      if (
+        (a.redeem.input && _rchunks().some(chunkHasUncompressedPubkey)) ||
+        (a.redeem.output &&
+          (bscript.decompile(a.redeem.output) || []).some(
+            chunkHasUncompressedPubkey,
+          ))
+      ) {
+        throw new TypeError(
+          'redeem.input or redeem.output contains uncompressed pubkey',
+        );
+      }
+    }
+    if (a.witness && a.witness.length > 0) {
+      const wScript = a.witness[a.witness.length - 1];
+      if (a.redeem && a.redeem.output && !a.redeem.output.equals(wScript))
+        throw new TypeError('Witness and redeem.output mismatch');
+      if (
+        a.witness.some(chunkHasUncompressedPubkey) ||
+        (bscript.decompile(wScript) || []).some(chunkHasUncompressedPubkey)
+      )
+        throw new TypeError('Witness contains uncompressed pubkey');
+    }
+  }
+  return Object.assign(o, a);
+}
+exports.p2tr = p2tr;

src/payments/p2tr.js

@@ -39,6 +39,7 @@ declare class ECPair implements ECPairInterface {
 }
 declare function fromPrivateKey(buffer: Buffer, options?: ECPairOptions): ECPair;
 declare function fromPublicKey(buffer: Buffer, options?: ECPairOptions): ECPair;
+declare function liftX(buffer: Buffer): Buffer | null;
 declare function fromWIF(wifString: string, network?: Network | Network[]): ECPair;
 declare function makeRandom(options?: ECPairOptions): ECPair;
-export { makeRandom, fromPrivateKey, fromPublicKey, fromWIF };
+export { makeRandom, fromPrivateKey, fromPublicKey, fromWIF, liftX };

types/ecpair.d.ts

@@ -21,6 +21,7 @@ export interface Payment {
     address?: string;
     hash?: Buffer;
     redeem?: Payment;
+    taprootRedeems?: Payment[];
     witness?: Buffer[];
 }
 export declare type PaymentCreator = (a: Payment, opts?: PaymentOpts) => Payment;

types/payments/index.d.ts

@@ -0,0 +1,2 @@
+import { Payment, PaymentOpts } from './index';
+export declare function p2tr(a: Payment, opts?: PaymentOpts): Payment;