feat(utxo-coredao): parse and verify op-return

TICKET: BTC-1578

Author: davidkaplanbitgo

modules/utxo-coredao/src/transaction.ts

@@ -176,3 +176,80 @@ export function createCoreDaoOpReturnOutputScript({
     timelockBuffer,
   ]);
 }
+
+/**
+ * Parse a CoreDAO OP_RETURN output script into the constituent parts
+ * @param script
+ * @returns OpReturnParams
+ */
+export function parseCoreDaoOpReturnOutputScript(script: Buffer): OpReturnParams {
+  // OP_RETURN
+  let offset = 0;
+  if (!script.subarray(0, 1).equals(OP_RETURN_IDENTIFIER)) {
+    throw new Error('First byte must be an OP_RETURN');
+  }
+  offset += 1;
+
+  // Decode Length
+  const { length, offset: lengthOffset } = decodeOpReturnLength(script.subarray(offset));
+  // Do not include the OP_RETURN identifier and the length bytes itself in the length
+  if (script.length - lengthOffset - 1 !== length) {
+    throw new Error(`Length ${length} does not match script length (${script.length})`);
+  }
+  offset += lengthOffset;
+
+  // Decode satoshi+ identifier
+  if (!script.subarray(offset, offset + 4).equals(CORE_DAO_SATOSHI_PLUS_IDENTIFIER)) {
+    throw new Error('Invalid satoshi+ identifier');
+  }
+  offset += 4;
+
+  // Decode version
+  const version = script[offset];
+  offset += 1;
+
+  // Decode chainId
+  const chainId = Buffer.from(script.subarray(offset, offset + 2));
+  if (!(chainId.equals(CORE_DAO_TESTNET_CHAIN_ID) || chainId.equals(CORE_DAO_MAINNET_CHAIN_ID))) {
+    throw new Error(
+      `Invalid ChainID: ${chainId.toString('hex')}. Must be either 0x1115 (testnet) or 0x1116 (mainnet).`
+    );
+  }
+  offset += 2;
+
+  // Decode delegator
+  const delegator = Buffer.from(script.subarray(offset, offset + 20));
+  offset += 20;
+
+  // Decode validator
+  const validator = Buffer.from(script.subarray(offset, offset + 20));
+  offset += 20;
+
+  // Decode fee
+  const fee = script[offset];
+  offset += 1;
+
+  const baseParams = { version, chainId, delegator, validator, fee };
+
+  // Decode redeemScript or timelock
+  if (offset === script.length - 4) {
+    return { ...baseParams, timelock: decodeTimelock(script.subarray(offset)) };
+  } else {
+    return { ...baseParams, redeemScript: Buffer.from(script.subarray(offset)) };
+  }
+}
+
+/**
+ * Check that the params are valid and that they make the given script
+ * @param script
+ * @param params
+ */
+export function verifyCoreDaoOpReturnOutputScript(script: Buffer, params: OpReturnParams): boolean {
+  try {
+    parseCoreDaoOpReturnOutputScript(script);
+    const inferredScript = createCoreDaoOpReturnOutputScript(params);
+    return inferredScript.equals(script);
+  } catch (e) {
+    return false;
+  }
+}

modules/utxo-coredao/test/unit/transaction.ts

@@ -2,9 +2,12 @@ import * as assert from 'assert';
 import {
   CORE_DAO_MAINNET_CHAIN_ID,
   CORE_DAO_SATOSHI_PLUS_IDENTIFIER,
+  CORE_DAO_TESTNET_CHAIN_ID,
   createCoreDaoOpReturnOutputScript,
   decodeTimelock,
   encodeTimelock,
+  parseCoreDaoOpReturnOutputScript,
+  verifyCoreDaoOpReturnOutputScript,
 } from '../../src';
 import { testutil } from '@bitgo/utxo-lib';
 
@@ -232,4 +235,121 @@ describe('OP_RETURN', function () {
       assert.strictEqual(scriptPushdata4.readInt32BE(2), scriptPushdata4.length - 6);
     });
   });
+
+  describe('parseCoreDaoOpReturnOutputScript', function () {
+    it('should parse a valid script with a timelock', function () {
+      const script = createCoreDaoOpReturnOutputScript({
+        version: validVersion,
+        chainId: validChainId,
+        delegator: validDelegator,
+        validator: validValidator,
+        fee: validFee,
+        timelock: validTimelock,
+      });
+      const parsed = parseCoreDaoOpReturnOutputScript(script);
+      assert.strictEqual(parsed.version, validVersion);
+      assert.deepStrictEqual(parsed.chainId, validChainId);
+      assert.deepStrictEqual(parsed.delegator, validDelegator);
+      assert.deepStrictEqual(parsed.validator, validValidator);
+      assert.strictEqual(parsed.fee, validFee);
+      assert('timelock' in parsed);
+      assert.deepStrictEqual(parsed.timelock, validTimelock);
+    });
+
+    it('should parse a valid script with a redeem script', function () {
+      const script = createCoreDaoOpReturnOutputScript({
+        version: validVersion,
+        chainId: validChainId,
+        delegator: validDelegator,
+        validator: validValidator,
+        fee: validFee,
+        redeemScript: validRedeemScript,
+      });
+      const parsed = parseCoreDaoOpReturnOutputScript(script);
+      assert.strictEqual(parsed.version, validVersion);
+      assert.deepStrictEqual(parsed.chainId, validChainId);
+      assert.deepStrictEqual(parsed.delegator, validDelegator);
+      assert.deepStrictEqual(parsed.validator, validValidator);
+      assert.strictEqual(parsed.fee, validFee);
+      assert('redeemScript' in parsed);
+      assert.deepStrictEqual(parsed.redeemScript, validRedeemScript);
+    });
+
+    it('should fail if there is an invalid op-return', function () {
+      const script = defaultScript.replace('6a4c50', '6b4c50');
+      assert.throws(() => parseCoreDaoOpReturnOutputScript(Buffer.from(script, 'hex')));
+    });
+
+    it('should fail if the length is incorrect', function () {
+      const script = defaultScript.replace('4c50', '4c51');
+      assert.throws(() => parseCoreDaoOpReturnOutputScript(Buffer.from(script, 'hex')));
+    });
+
+    it('should fail if the satoshi+ identifier is incorrect', function () {
+      const script = defaultScript.replace('5341542b', '5341532b');
+      assert.throws(() => parseCoreDaoOpReturnOutputScript(Buffer.from(script, 'hex')));
+    });
+
+    it('should fail if the chainId is incorrect', function () {
+      const script = defaultScript.replace('045b', '0454');
+      assert.throws(() => parseCoreDaoOpReturnOutputScript(Buffer.from(script, 'hex')));
+    });
+  });
+
+  describe('verifyCoreDaoOpReturnOutputScript', function () {
+    it('should return true for a valid script with a redeem script', function () {
+      const params = {
+        version: validVersion,
+        chainId: validChainId,
+        delegator: validDelegator,
+        validator: validValidator,
+        fee: validFee,
+        redeemScript: validRedeemScript,
+      };
+      const script = createCoreDaoOpReturnOutputScript(params);
+      assert.strictEqual(verifyCoreDaoOpReturnOutputScript(script, params), true);
+    });
+
+    it('should return true for a valid script with a timelock', function () {
+      const params = {
+        version: validVersion,
+        chainId: validChainId,
+        delegator: validDelegator,
+        validator: validValidator,
+        fee: validFee,
+        timelock: validTimelock,
+      };
+      const script = createCoreDaoOpReturnOutputScript(params);
+      assert.strictEqual(verifyCoreDaoOpReturnOutputScript(script, params), true);
+    });
+
+    it('should return false when they are not equivalent', function () {
+      const params = {
+        version: validVersion,
+        chainId: validChainId,
+        delegator: validDelegator,
+        validator: validValidator,
+        fee: validFee,
+        redeemScript: validRedeemScript,
+      };
+      const script = createCoreDaoOpReturnOutputScript(params);
+      // Change the version
+      params.version = 3;
+      assert.strictEqual(verifyCoreDaoOpReturnOutputScript(script, params), false);
+    });
+
+    it('should fail if they one is mainnet and one is testnet', function () {
+      const params = {
+        version: validVersion,
+        chainId: CORE_DAO_MAINNET_CHAIN_ID,
+        delegator: validDelegator,
+        validator: validValidator,
+        fee: validFee,
+        timelock: validTimelock,
+      };
+      const script = createCoreDaoOpReturnOutputScript(params);
+      params.chainId = CORE_DAO_TESTNET_CHAIN_ID;
+      assert.strictEqual(verifyCoreDaoOpReturnOutputScript(script, params), false);
+    });
+  });
 });