fix(sdk-coin-flrp): ensure AddressMaps are created based on UTXO address order

mohd-kashif · mohd-kashif · commit c4e94e7b40a8 · 2025-12-27T23:12:12.000+05:30
TICKET: WIN-8279
diff --git a/modules/sdk-coin-flrp/src/lib/ExportInPTxBuilder.ts b/modules/sdk-coin-flrp/src/lib/ExportInPTxBuilder.ts
@@ -110,9 +110,6 @@ export class ExportInPTxBuilder extends AtomicTransactionBuilder {
       this.transaction._rawSignedBytes = rawBytes;
     }
 
-    // Create proper UnsignedTx wrapper with credentials
-    const sortedAddresses = [...this.transaction._fromAddresses].sort((a, b) => Buffer.compare(a, b));
-
     // When credentials were extracted, use them directly to preserve existing signatures
     // Otherwise, create empty credentials with dynamic ordering based on addressesIndex
     // Match avaxp behavior: order depends on UTXO address positions
@@ -167,13 +164,40 @@ export class ExportInPTxBuilder extends AtomicTransactionBuilder {
             }
           });
 
-    // Create address maps for signing - one per input/credential
-    // Each address map contains all addresses mapped to their indices
-    const addressMaps = txCredentials.map(() => {
+    // Create AddressMaps based on signature slot order (matching credential order), not sorted addresses
+    // This matches the approach used in credentials: addressesIndex determines signature order
+    // AddressMaps should map addresses to signature slots in the same order as credentials
+    const addressMaps = txCredentials.map((credential, credIdx) => {
       const addressMap = new FlareUtils.AddressMap();
-      sortedAddresses.forEach((addr, i) => {
-        addressMap.set(new Address(addr), i);
-      });
+      const utxo = this.transaction._utxos[credIdx];
+
+      // If UTXO has addresses, compute addressesIndex to determine signature order
+      if (utxo && utxo.addresses && utxo.addresses.length > 0) {
+        const utxoAddresses = utxo.addresses.map((a) => utils.parseAddress(a));
+        const addressesIndex = this.transaction._fromAddresses.map((a) =>
+          utxoAddresses.findIndex((u) => Buffer.compare(Buffer.from(u), Buffer.from(a)) === 0)
+        );
+
+        const firstIndex = this.recoverSigner ? 2 : 0;
+        const bitgoIndex = 1;
+
+        // Determine signature slot order based on addressesIndex (same logic as credentials)
+        if (addressesIndex[bitgoIndex] < addressesIndex[firstIndex]) {
+          // Bitgo comes first: slot 0 = bitgo, slot 1 = firstIndex
+          addressMap.set(new Address(this.transaction._fromAddresses[bitgoIndex]), 0);
+          addressMap.set(new Address(this.transaction._fromAddresses[firstIndex]), 1);
+        } else {
+          // User/recovery comes first: slot 0 = firstIndex, slot 1 = bitgo
+          addressMap.set(new Address(this.transaction._fromAddresses[firstIndex]), 0);
+          addressMap.set(new Address(this.transaction._fromAddresses[bitgoIndex]), 1);
+        }
+      } else {
+        // Fallback: map addresses sequentially if no UTXO addresses available
+        this.transaction._fromAddresses.slice(0, this.transaction._threshold).forEach((addr, i) => {
+          addressMap.set(new Address(addr), i);
+        });
+      }
+
       return addressMap;
     });
 
@@ -227,13 +251,40 @@ export class ExportInPTxBuilder extends AtomicTransactionBuilder {
       this.exportedOutputs() // exportedOutputs
     );
 
-    // Create address maps for signing - one per input/credential
-    const sortedAddresses = [...this.transaction._fromAddresses].sort((a, b) => Buffer.compare(a, b));
-    const addressMaps = credentials.map(() => {
+    // Create AddressMaps based on signature slot order (matching credential order), not sorted addresses
+    // This matches the approach used in credentials: addressesIndex determines signature order
+    // AddressMaps should map addresses to signature slots in the same order as credentials
+    const addressMaps = credentials.map((credential, credIdx) => {
       const addressMap = new FlareUtils.AddressMap();
-      sortedAddresses.forEach((addr, i) => {
-        addressMap.set(new Address(addr), i);
-      });
+      const utxo = this.transaction._utxos[credIdx];
+
+      // If UTXO has addresses, compute addressesIndex to determine signature order
+      if (utxo && utxo.addresses && utxo.addresses.length > 0) {
+        const utxoAddresses = utxo.addresses.map((a) => utils.parseAddress(a));
+        const addressesIndex = this.transaction._fromAddresses.map((a) =>
+          utxoAddresses.findIndex((u) => Buffer.compare(Buffer.from(u), Buffer.from(a)) === 0)
+        );
+
+        const firstIndex = this.recoverSigner ? 2 : 0;
+        const bitgoIndex = 1;
+
+        // Determine signature slot order based on addressesIndex (same logic as credentials)
+        if (addressesIndex[bitgoIndex] < addressesIndex[firstIndex]) {
+          // Bitgo comes first: slot 0 = bitgo, slot 1 = firstIndex
+          addressMap.set(new Address(this.transaction._fromAddresses[bitgoIndex]), 0);
+          addressMap.set(new Address(this.transaction._fromAddresses[firstIndex]), 1);
+        } else {
+          // User/recovery comes first: slot 0 = firstIndex, slot 1 = bitgo
+          addressMap.set(new Address(this.transaction._fromAddresses[firstIndex]), 0);
+          addressMap.set(new Address(this.transaction._fromAddresses[bitgoIndex]), 1);
+        }
+      } else {
+        // Fallback: map addresses sequentially if no UTXO addresses available
+        this.transaction._fromAddresses.slice(0, this.transaction._threshold).forEach((addr, i) => {
+          addressMap.set(new Address(addr), i);
+        });
+      }
+
       return addressMap;
     });
 
diff --git a/modules/sdk-coin-flrp/test/unit/lib/exportInPTxBuilder.ts b/modules/sdk-coin-flrp/test/unit/lib/exportInPTxBuilder.ts
@@ -200,5 +200,190 @@ describe('Flrp Export In P Tx Builder', () => {
       rawTx.should.equal(signedExportHex);
       tx.id.should.equal('ka8at5CinmpUc6QMVr33dyUJi156LKMdodrJM59kS6EWr3vHg');
     });
+
+    it('should FAIL with unsorted UTXO addresses - demonstrates AddressMap mismatch issue for export in P-chain tx', async () => {
+      // This test uses UTXO addresses in UNSORTED order to demonstrate the issue.
+      // With unsorted addresses, the current implementation will create AddressMaps incorrectly
+      // because it uses sorted addresses, not UTXO address order.
+      //
+      // Expected: AddressMap should map addresses to signature slots based on UTXO order (sigIndicies)
+      // Current (WRONG): AddressMap uses sorted addresses with sequential slots
+      //
+      // This test WILL FAIL with current implementation because AddressMaps don't match sigIndicies
+
+      // UTXO addresses in UNSORTED order (different from sorted)
+      // Sorted would be: [0x12cb... (smallest), 0xa6e0... (middle), 0xc386... (largest)]
+      // Unsorted: [0xc386... (largest), 0x12cb... (smallest), 0xa6e0... (middle)]
+      const unsortedUtxoAddresses = [
+        '0xc386d58d09a9ae77cf1cf07bf1c9de44ebb0c9f3', // Largest (would be index 2 if sorted)
+        '0x12cb32eaf92553064db98d271b56cba079ec78f5', // Smallest (would be index 0 if sorted)
+        '0xa6e0c1abd0132f70efb77e2274637ff336a29a57', // Middle (would be index 1 if sorted)
+      ];
+
+      // Corresponding P-chain addresses (in same order as UTXO)
+      const pAddresses = [
+        'P-costwo15msvr27szvhhpmah0c38gcml7vm29xjh7tcek8', // Maps to 0xc386... (UTXO index 0)
+        'P-costwo1zt9n96hey4fsvnde35n3k4kt5pu7c784dzewzd', // Maps to 0x12cb... (UTXO index 1)
+        'P-costwo1cwrdtrgf4xh80ncu7palrjw7gn4mpj0n4dxghh', // Maps to 0xa6e0... (UTXO index 2)
+      ];
+
+      // Create UTXO with UNSORTED addresses
+      // Amount must cover export amount + fee
+      const exportAmount = '50000000';
+      const fee = '1261000';
+      const utxoAmount = (BigInt(exportAmount) + BigInt(fee)).toString(); // amount + fee
+
+      const utxo: DecodedUtxoObj = {
+        outputID: 0,
+        amount: utxoAmount,
+        txid: 'zstyYq5riDKYDSR3fUYKKkuXKJ1aJCe8WNrXKqEBJD4CGwzFw',
+        outputidx: '0',
+        addresses: unsortedUtxoAddresses, // UNSORTED order
+        threshold: 2,
+      };
+
+      // Build transaction
+      const txBuilder = factory
+        .getExportInPBuilder()
+        .threshold(2)
+        .locktime(0)
+        .fromPubKey(pAddresses)
+        .externalChainId(testData.sourceChainId)
+        .amount(exportAmount)
+        .fee(fee)
+        .utxos([utxo]);
+
+      // Build unsigned transaction
+      const unsignedTx = await txBuilder.build();
+      const unsignedHex = unsignedTx.toBroadcastFormat();
+
+      // Parse it back to inspect AddressMaps and sigIndicies
+      const parsedBuilder = factory.from(unsignedHex);
+      const parsedTx = await parsedBuilder.build();
+      const flareTx = (parsedTx as any)._flareTransaction;
+
+      // Get the input to check sigIndicies
+      const exportTx = flareTx.tx as any;
+      const input = exportTx.baseTx.inputs[0];
+      const transferInput = input.input;
+      const sigIndicies = transferInput.sigIndicies();
+
+      // sigIndicies tells us: sigIndicies[slotIndex] = utxoAddressIndex
+      // For threshold=2, we need signatures for first 2 addresses in UTXO order
+      // UTXO order: [0xc386... (index 0), 0x12cb... (index 1), 0xa6e0... (index 2)]
+      // So sigIndicies should be [0, 1] meaning: slot 0 = UTXO index 0, slot 1 = UTXO index 1
+
+      // Verify sigIndicies are [0, 1] (first 2 addresses in UTXO order, NOT sorted order)
+      sigIndicies.length.should.equal(2);
+      sigIndicies[0].should.equal(0, 'First signature slot should be UTXO address index 0 (0xc386...)');
+      sigIndicies[1].should.equal(1, 'Second signature slot should be UTXO address index 1 (0x12cb...)');
+
+      // The critical test: Verify that signature slots have embedded addresses based on UTXO order
+      // With unsorted UTXO addresses, this will FAIL if AddressMaps don't match UTXO order
+      //
+      // sigIndicies tells us: sigIndicies[slotIndex] = utxoAddressIndex
+      // For threshold=2, we need signatures for first 2 addresses in UTXO order
+      // UTXO order: [0xc386... (index 0), 0x12cb... (index 1), 0xa6e0... (index 2)]
+      // So sigIndicies should be [0, 1] meaning: slot 0 = UTXO index 0, slot 1 = UTXO index 1
+
+      // Parse the credential to see which slots have which embedded addresses
+      const credential = flareTx.credentials[0];
+      const signatures = credential.getSignatures();
+
+      // Helper function to check if signature has embedded address (same logic as transaction.ts)
+      const testUtils2 = require('../../../src/lib/utils').default;
+      const isEmptySignature = (signature: string): boolean => {
+        return !!signature && testUtils2.removeHexPrefix(signature).startsWith('0'.repeat(90));
+      };
+
+      const hasEmbeddedAddress = (signature: string): boolean => {
+        if (!isEmptySignature(signature)) return false;
+        const cleanSig = testUtils2.removeHexPrefix(signature);
+        if (cleanSig.length < 130) return false;
+        const embeddedPart = cleanSig.substring(90, 130);
+        // Check if embedded part is not all zeros
+        return embeddedPart !== '0'.repeat(40);
+      };
+
+      // Extract embedded addresses from signature slots
+      const embeddedAddresses: string[] = [];
+
+      signatures.forEach((sig: string, slotIndex: number) => {
+        if (hasEmbeddedAddress(sig)) {
+          // Extract embedded address (after position 90, 40 chars = 20 bytes)
+          const cleanSig = testUtils2.removeHexPrefix(sig);
+          const embeddedAddr = cleanSig.substring(90, 130).toLowerCase();
+          embeddedAddresses[slotIndex] = '0x' + embeddedAddr;
+        }
+      });
+
+      // Verify: Credentials only embed ONE address (user/recovery), not both
+      // The embedded address should be based on addressesIndex logic, not sorted order
+      //
+      // Compute addressesIndex to determine expected signature order
+      const utxoAddressBytes = unsortedUtxoAddresses.map((addr) => testUtils2.parseAddress(addr));
+      const pAddressBytes = pAddresses.map((addr) => testUtils2.parseAddress(addr));
+
+      const addressesIndex: number[] = [];
+      pAddressBytes.forEach((pAddr) => {
+        const utxoIndex = utxoAddressBytes.findIndex(
+          (uAddr) => Buffer.compare(Buffer.from(uAddr), Buffer.from(pAddr)) === 0
+        );
+        addressesIndex.push(utxoIndex);
+      });
+
+      // firstIndex = 0 (user), bitgoIndex = 1
+      const firstIndex = 0;
+      const bitgoIndex = 1;
+
+      // Determine expected signature order based on addressesIndex
+      const userComesFirst = addressesIndex[bitgoIndex] > addressesIndex[firstIndex];
+
+      // Expected credential structure:
+      // - If user comes first: [userAddress, zeros]
+      // - If bitgo comes first: [zeros, userAddress]
+      const userAddressHex = Buffer.from(pAddressBytes[firstIndex]).toString('hex').toLowerCase();
+      const expectedUserAddr = '0x' + userAddressHex;
+
+      if (userComesFirst) {
+        // Expected: [userAddress, zeros]
+        // Slot 0 should have user address (pAddr0 = 0xc386... = UTXO index 0)
+        if (embeddedAddresses[0]) {
+          embeddedAddresses[0]
+            .toLowerCase()
+            .should.equal(
+              expectedUserAddr,
+              `Slot 0 should have user address (${expectedUserAddr}) because user comes first in UTXO order`
+            );
+        } else {
+          throw new Error(`Slot 0 should have embedded user address, but is empty`);
+        }
+        // Slot 1 should be zeros (no embedded address)
+        if (embeddedAddresses[1]) {
+          throw new Error(`Slot 1 should be zeros, but has embedded address: ${embeddedAddresses[1]}`);
+        }
+      } else {
+        // Expected: [zeros, userAddress]
+        // Slot 0 should be zeros
+        if (embeddedAddresses[0]) {
+          throw new Error(`Slot 0 should be zeros, but has embedded address: ${embeddedAddresses[0]}`);
+        }
+        // Slot 1 should have user address
+        if (embeddedAddresses[1]) {
+          embeddedAddresses[1]
+            .toLowerCase()
+            .should.equal(
+              expectedUserAddr,
+              `Slot 1 should have user address (${expectedUserAddr}) because bitgo comes first in UTXO order`
+            );
+        } else {
+          throw new Error(`Slot 1 should have embedded user address, but is empty`);
+        }
+      }
+
+      // The key verification: AddressMaps should match the credential order
+      // With the fix, AddressMaps are created using the same addressesIndex logic as credentials
+      // This ensures signing works correctly even with unsorted UTXO addresses
+    });
   });
 });
diff --git a/modules/sdk-coin-flrp/test/unit/lib/importInPTxBuilder.ts b/modules/sdk-coin-flrp/test/unit/lib/importInPTxBuilder.ts
@@ -142,89 +142,6 @@ describe('Flrp Import In P Tx Builder', () => {
       tx.id.should.equal('2vwvuXp47dsUmqb4vkaMk7UsukrZNapKXT2ruZhVibbjMDpqr9');
     });
 
-    it('should create AddressMaps based on UTXO address order, not sorted addresses', async () => {
-      // This test verifies that AddressMaps correctly map addresses to signature slots
-      // based on UTXO address order (via sigIndicies), not sorted address order.
-      //
-      // The issue: Current implementation uses sorted addresses with sequential indices (0,1,2...)
-      // But credentials use UTXO address order, causing a mismatch.
-      //
-      // Test setup: Parse an existing transaction to inspect how AddressMaps are created
-      // Expected: AddressMap should map addresses to signature slots based on UTXO order (sigIndicies)
-      // Current behavior: AddressMap uses sorted addresses with sequential indices (WRONG)
-
-      // Use the existing test data which has UTXO addresses in sorted order
-      // But we'll verify that AddressMaps correctly reflect UTXO order, not just sorted order
-      const unsignedHex = testData.unsignedHex;
-
-      // Parse the unsigned transaction
-      const parsedBuilder = new TransactionBuilderFactory(coins.get('tflrp')).from(unsignedHex);
-      const parsedTx = await parsedBuilder.build();
-      const flareTx = (parsedTx as any)._flareTransaction;
-
-      // Get the input to check sigIndicies
-      const importTx = flareTx.tx as any;
-      const input = importTx.ins[0];
-      const transferInput = input.input;
-      const sigIndicies = transferInput.sigIndicies();
-
-      // sigIndicies tells us: sigIndicies[slotIndex] = utxoAddressIndex
-      // For threshold=2, we need signatures for first 2 addresses in UTXO order
-      // UTXO addresses from testData: [0x12cb... (index 0), 0xa6e0... (index 1), 0xc386... (index 2)]
-      // These happen to be in sorted order, so sigIndicies should be [0, 1]
-
-      // Verify sigIndicies are [0, 1] (first 2 addresses in UTXO order)
-      sigIndicies.length.should.equal(2);
-      sigIndicies[0].should.equal(0); // First signature slot = UTXO address index 0
-      sigIndicies[1].should.equal(1); // Second signature slot = UTXO address index 1
-
-      // Now verify AddressMap: it should map addresses to signature slots based on UTXO order
-      // NOT based on sorted order
-      //
-      // The issue: Current implementation (line 95-96 in ImportInPTxBuilder.ts) creates AddressMaps like:
-      //   sortedAddresses.map((a, i) => new AddressMap([[new Address(a), i]]))
-      // This maps sorted addresses to sequential slots (0, 1, 2...)
-      //
-      // But credentials use UTXO address order via addressesIndex, which means:
-      // - Credential signature slots are ordered based on UTXO address positions
-      // - AddressMaps should match this order, not sorted order
-      //
-      // Expected: AddressMap should map addresses to signature slots based on sigIndicies
-      // sigIndicies[slotIndex] = utxoAddressIndex tells us which UTXO address is at each signature slot
-      // So AddressMap should map: address at UTXO index sigIndicies[0] -> slot 0, etc.
-
-      // Get addresses from the map to verify they're present
-      const addressesInMap = flareTx.getAddresses();
-      addressesInMap.length.should.be.greaterThan(0, 'AddressMap should contain addresses');
-
-      // Parse addresses to compare
-
-      const testPAddresses = testData.pAddresses;
-
-      const testPAddr0Bytes = testUtils.parseAddress(testPAddresses[0]); // Corresponds to UTXO index 0
-      const testPAddr1Bytes = testUtils.parseAddress(testPAddresses[1]); // Corresponds to UTXO index 1
-
-      // Verify addresses are in the map
-      const addr0InMap = addressesInMap.some((addr) => Buffer.compare(Buffer.from(addr), testPAddr0Bytes) === 0);
-      const addr1InMap = addressesInMap.some((addr) => Buffer.compare(Buffer.from(addr), testPAddr1Bytes) === 0);
-
-      addr0InMap.should.be.true('Address at UTXO index 0 should be in AddressMap');
-      addr1InMap.should.be.true('Address at UTXO index 1 should be in AddressMap');
-
-      // The key issue: AddressMaps are created with sorted addresses mapped to sequential slots
-      // But they should be mapped based on sigIndicies (UTXO order)
-      //
-      // Current (WRONG): sorted[0] -> slot 0, sorted[1] -> slot 1
-      // Expected (CORRECT): address at UTXO index sigIndicies[0] -> slot 0, etc.
-      //
-      // This test documents the expected behavior. The actual fix will be in ImportInPTxBuilder.ts
-      // where AddressMaps are created based on sigIndicies, not sorted addresses.
-      //
-      // NOTE: This test may pass even with the current implementation if UTXO addresses happen to be sorted.
-      // To truly test the issue, we'd need UTXO addresses in UNSORTED order, which would cause
-      // AddressMaps to be wrong even though sigIndicies are correct.
-    });
-
     it('should FAIL with unsorted UTXO addresses - demonstrates AddressMap mismatch issue', async () => {
       // This test uses UTXO addresses in UNSORTED order to demonstrate the issue.
       // With unsorted addresses, the current implementation will create AddressMaps incorrectly
