add support for Bitcash signatures

Reviewers: benchan, alex

Reviewed By: alex

Subscribers: ben

Differential Revision: https://phabricator.bitgo.com/D6112

Author: Arik Sosman

package.json

@@ -1,6 +1,6 @@
 {
   "name": "bitgo",
-  "version": "3.4.12",
+  "version": "3.4.13",
   "description": "BitGo Javascript SDK",
   "main": "./src/index.js",
   "keywords": [
@@ -72,6 +72,7 @@
     "bigi": "1.4.0",
     "bignumber.js": "~4.0.2",
     "bitcoinjs-lib": "2.1.4",
+    "bitgoinjs-lib": "git+ssh://[email protected]:BitGo/bitgoinjs-lib.git#pr-831",
     "body-parser": "~1.17.2",
     "bs58": "2.0.1",
     "bs58check": "1.0.4",

src/bitgo.js

@@ -6,6 +6,7 @@
 
 var superagent = require('superagent');
 var bitcoin = require('./bitcoin');
+require('./bitgoin'); // this amends hdPath capabilities
 var sanitizeHtml = require('sanitize-html');
 var eol = require('eol');
 var BaseCoin = require('./v2/baseCoin');
@@ -38,7 +39,9 @@ if (!process.browser) {
 var _end = superagent.Request.prototype.end;
 superagent.Request.prototype.end = function(cb) {
   var self = this;
-  if (typeof cb === 'function') return _end.call(self, cb);
+  if (typeof cb === 'function') {
+    return _end.call(self, cb);
+  }
 
   return new Q.Promise(function(resolve, reject) {
     var error;
@@ -68,7 +71,7 @@ var handleResponseResult = function(optionalField) {
       return optionalField ? res.body[optionalField] : res.body;
     }
     throw errFromResponse(res);
-  }
+  };
 };
 
 var errFromResponse = function(res) {
@@ -153,7 +156,7 @@ var BitGo = function(params) {
   // Deprecate useProduction in the future
   if (params.useProduction) {
     if (params.env && params.env !== 'prod') {
-      throw new Error("Cannot set test environment and use production");
+      throw new Error('Cannot set test environment and use production');
     }
     params.env = 'prod';
   }
@@ -272,7 +275,7 @@ var BitGo = function(params) {
             var contentType = this.getHeader('Content-Type');
             // Parse out just the content type from the header (ignore the charset)
             if (contentType) {
-              contentType = contentType.split(';')[0]
+              contentType = contentType.split(';')[0];
             }
             var serialize = superagent.serialize[contentType];
             if (!serialize && isJSON(contentType)) {
@@ -1013,15 +1016,15 @@ BitGo.prototype.addAccessToken = function(params, callback) {
       throw new Error('txValueLimit must be a number');
     }
     if (params.txValueLimit < 0) {
-      throw new Error('txValueLimit must be a non-negative number')
+      throw new Error('txValueLimit must be a non-negative number');
     }
   }
-  if(params.scope && params.scope.length > 0) {
-    if(!_.isArray(params.scope)) {
+  if (params.scope && params.scope.length > 0) {
+    if (!_.isArray(params.scope)) {
       throw new Error('scope must be an array');
-    } 
+    }
   } else {
-      throw new Error('must specify scope for token')
+    throw new Error('must specify scope for token');
   }
 
   var bitgo = this;
@@ -1080,7 +1083,7 @@ BitGo.prototype.removeAccessToken = function(params, callback) {
   common.validateParams(params, [], ['id', 'label'], callback);
   var exactlyOne = !!params.id ^ !!params.label;
   if (!exactlyOne) {
-    throw new Error('must provide exactly one of id or label')
+    throw new Error('must provide exactly one of id or label');
   }
 
   var self = this;

src/bitgoin.js

@@ -0,0 +1,177 @@
+var common = require('./common');
+var bitcoin = require('bitgoinjs-lib');
+var ecurve = require('ecurve');
+var curve = ecurve.getCurveByName('secp256k1');
+var BigInteger = require('bigi');
+var createHmac = require('create-hmac');
+var HDNode = bitcoin.HDNode;
+
+var secp256k1;
+
+try {
+  secp256k1 = require('secp256k1');
+} catch (err) {
+  console.log('running without secp256k1 acceleration');
+}
+
+// Check for IE, and disable secp256k1, due to:
+// https://github.com/indutny/bn.js/issues/133
+var isIE = (({}).constructor.name === undefined);
+if (isIE) {
+  secp256k1 = undefined;
+}
+
+bitcoin.getNetwork = function(network) {
+  network = network || common.getNetwork();
+  return bitcoin.networks[network];
+};
+
+bitcoin.makeRandomKey = function() {
+  return bitcoin.ECPair.makeRandom({ network: bitcoin.getNetwork() });
+};
+
+HDNode.prototype.getKey = function(network) {
+  network = network || bitcoin.getNetwork();
+  var k = this.keyPair;
+  var result = new bitcoin.ECPair(k.d, k.d ? null : k.Q, { network: network, compressed: k.compressed });
+  // Creating Q from d takes ~25ms, so if it's not created, use native bindings to pre-compute
+  if (!result.__Q && secp256k1) {
+    result.__Q = ecurve.Point.decodeFrom(curve, secp256k1.publicKeyCreate(k.d.toBuffer(32), false));
+  }
+  return result;
+};
+
+/**
+ * Derive a child HDNode from a parent HDNode and index. Uses secp256k1 to speed
+ * up public key derivations by 100x vs. bitcoinjs-lib implementation.
+ *
+ * @param   {HDNode} hdnode  parent HDNode
+ * @param   {Number} index   child index
+ * @returns {HDNode}         derived HDNode
+ */
+var deriveFast = function (hdnode, index) {
+  // no fast path for private key derivations -- delegate to standard method
+  if (!secp256k1 || hdnode.keyPair.d) {
+    return hdnode.derive(index);
+  }
+
+  var isHardened = index >= bitcoin.HDNode.HIGHEST_BIT;
+  if (isHardened) {
+    throw new Error('cannot derive hardened key from public key');
+  }
+
+  var indexBuffer = new Buffer(4);
+  indexBuffer.writeUInt32BE(index, 0);
+
+  var data;
+
+  // data = serP(point(kpar)) || ser32(index)
+  //      = serP(Kpar) || ser32(index)
+  data = Buffer.concat([
+    hdnode.keyPair.getPublicKeyBuffer(),
+    indexBuffer
+  ]);
+
+  var I = createHmac('sha512', hdnode.chainCode).update(data).digest();
+  var IL = I.slice(0, 32);
+  var IR = I.slice(32);
+
+  var pIL = BigInteger.fromBuffer(IL);
+
+  // In case parse256(IL) >= n, proceed with the next value for i
+  if (pIL.compareTo(curve.n) >= 0) {
+    return deriveFast(hdnode, index + 1);
+  }
+
+  // Private parent key -> private child key
+  var hd;
+  // Ki = point(parse256(IL)) + Kpar
+  //    = G*IL + Kpar
+
+  // The expensive op is the point multiply -- use secp256k1 lib to do that
+  var Ki = ecurve.Point.decodeFrom(curve, secp256k1.publicKeyCreate(IL, false)).add(hdnode.keyPair.Q);
+
+  // In case Ki is the point at infinity, proceed with the next value for i
+  if (curve.isInfinity(Ki)) {
+    return deriveFast(hdnode, index + 1);
+  }
+
+  var keyPair = new bitcoin.ECPair(null, Ki, { network: hdnode.keyPair.network });
+  hd = new bitcoin.HDNode(keyPair, IR);
+
+  hd.depth = hdnode.depth + 1;
+  hd.index = index;
+  hd.parentFingerprint = hdnode.getFingerprint().readUInt32BE(0);
+
+  return hd;
+};
+
+if (secp256k1) {
+  bitcoin.ECPair.prototype.sign = function (hash) {
+    if (!this.d) {
+      throw new Error('Missing private key');
+    }
+    var sig = secp256k1.sign(hash, this.d.toBuffer(32)).signature;
+    return bitcoin.ECSignature.fromDER(secp256k1.signatureExport(sig));
+  };
+
+  bitcoin.ECPair.prototype.verify = function (hash, signature) {
+    signature = new bitcoin.ECSignature(signature.r, signature.s);
+    signature = secp256k1.signatureNormalize(secp256k1.signatureImport(signature.toDER()));
+    return secp256k1.verify(hash, signature, this.getPublicKeyBuffer());
+  };
+}
+
+/**
+ *  Derive a BIP32 path, given a root key
+ *  We cache keys at each level of hierarchy we derive, to avoid re-deriving (approx 25ms per derivation)
+ * @param rootKey key to derive off
+ * @param path the path, e.g. 'm/0/0/0/1'
+ * @returns {*} the derived hd key
+ */
+bitcoin.hdPath = function(rootKey) {
+  var cache = {};
+  var derive = function (path) {
+    var components = path.split('/').filter(function (c) {
+      return c !== '';
+    });
+    // strip any extraneous / characters
+    path = components.join('/');
+    if (cache[path]) {
+      return cache[path];
+    }
+    var len = components.length;
+    if (len === 0 || len === 1 && components[0] === 'm') {
+      return rootKey;
+    }
+    var parentPath = components.slice(0, len - 1).join('/');
+    var parentKey = derive(parentPath);
+    var el = components[len - 1];
+
+    var hardened = false;
+    if (el[el.length - 1] === "'") {
+      hardened = true;
+    }
+    var index = parseInt(el);
+    var derived;
+    if (hardened) {
+      derived = parentKey.deriveHardened(index);
+    } else {
+      derived = deriveFast(parentKey, index);
+    }
+    cache[path] = derived;
+    return derived;
+  };
+
+  var deriveKey = function(path) {
+    var hdNode = this.derive(path);
+    return hdNode.keyPair;
+  };
+
+  return {
+    derive: derive,
+    deriveKey: deriveKey
+  };
+};
+
+module.exports = bitcoin;

src/v2/baseCoin.js

@@ -16,8 +16,8 @@ var BaseCoin = function(bitgo, coin) {
   var self = this;
   this.type = coin;
 
-  this.url = function(suffix) {
-    return bitgo._baseUrl + '/api/v2/' + coin + suffix;
+  this.url = (suffix) => {
+    return bitgo._baseUrl + '/api/v2/' + this.getChain() + suffix;
   };
 
   this.wallets = function() {
@@ -48,7 +48,7 @@ var BaseCoin = function(bitgo, coin) {
       self.coinPendingApprovals = new PendingApprovals(bitgo, this);
     }
     return self.coinPendingApprovals;
-  }
+  };
 };
 
 BaseCoin.prototype.initializeCoin = function(coin) {
@@ -58,6 +58,7 @@ BaseCoin.prototype.initializeCoin = function(coin) {
       btc: require('./coins/btc'),
       tbtc: require('./coins/tbtc'),
       bch: require('./coins/bch'),
+      tbch: require('./coins/tbch'),
       ltc: require('./coins/ltc'),
       tltc: require('./coins/tltc'),
       eth: require('./coins/eth'),
@@ -137,7 +138,7 @@ BaseCoin.prototype.initiateRecovery = function(params) {
       const userHDNode = prova.HDNode.fromBase58(userKey);
       return Q(userHDNode);
     } catch (e) {
-      throw new Error("Failed to decrypt user key with passcode - try again!");
+      throw new Error('Failed to decrypt user key with passcode - try again!');
     }
   };
 
@@ -156,20 +157,20 @@ BaseCoin.prototype.initiateRecovery = function(params) {
       const backupHDNode = prova.HDNode.fromBase58(backupKey);
       keys.push(backupHDNode);
     } catch (e) {
-      throw new Error("Failed to decrypt backup key with passcode - try again!");
+      throw new Error('Failed to decrypt backup key with passcode - try again!');
     }
     try {
       const bitgoHDNode = prova.HDNode.fromBase58(bitgoXpub);
       keys.push(bitgoHDNode);
     } catch (e) {
       if (self.getFamily() !== 'xrp') {
         // in XRP recoveries, the BitGo xpub is optional
-        throw new Error("Failed to parse bitgo xpub!");
+        throw new Error('Failed to parse bitgo xpub!');
       }
     }
     // Validate the destination address
     if (!self.isValidAddress(destinationAddress)) {
-      throw new Error("Invalid destination address!");
+      throw new Error('Invalid destination address!');
     }
 
     return keys;