feat(wasm-utxo): refactor key handling with XprvTriple

OttoAllmendinger · llm-git · OttoAllmendinger · commit 2e6c5a4de673 · 2025-11-05T12:00:16.000+01:00
Improves wallet key management by adding XprvTriple struct to replace loose vector handling of extended private keys. This provides: - Type safety with fixed array instead of Vec - Named accessor methods for keys (user, backup, bitgo) - Conversion utility to RootWalletKeys - Simplifies test fixtures with direct key access Issue: BTC-2652 Co-authored-by: llm-git <llm-git@ttll.de>
diff --git a/packages/wasm-utxo/src/fixed_script_wallet/test_utils/fixtures.rs b/packages/wasm-utxo/src/fixed_script_wallet/test_utils/fixtures.rs
@@ -16,7 +16,7 @@
 //!     .expect("Failed to decode PSBT");
 //!
 //! // Parse wallet keys (xprv)
-//! let xprvs = parse_wallet_keys(&fixture)
+//! let xprvs = fixture.get_wallet_xprvs()
 //!     .expect("Failed to parse wallet keys");
 //!
 //! // Access fixture data
@@ -38,10 +38,50 @@
 //! }
 //! ```
 
+use std::str::FromStr;
+
+use crate::{bitcoin::bip32::Xpriv, fixed_script_wallet::RootWalletKeys};
+use miniscript::bitcoin::bip32::Xpub;
 use serde::{Deserialize, Serialize};
 
 use crate::Network;
 
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct XprvTriple([Xpriv; 3]);
+
+impl XprvTriple {
+    pub fn new(xprvs: [Xpriv; 3]) -> Self {
+        Self(xprvs)
+    }
+
+    pub fn from_strings(strings: Vec<String>) -> Result<Self, Box<dyn std::error::Error>> {
+        let xprvs = strings
+            .iter()
+            .map(|s| Xpriv::from_str(s).map_err(|e| Box::new(e) as Box<dyn std::error::Error>))
+            .collect::<Result<Vec<_>, _>>()?;
+        Ok(Self::new(
+            xprvs.try_into().expect("Expected exactly 3 xprvs"),
+        ))
+    }
+
+    pub fn user_key(&self) -> &Xpriv {
+        &self.0[0]
+    }
+
+    pub fn backup_key(&self) -> &Xpriv {
+        &self.0[1]
+    }
+
+    pub fn bitgo_key(&self) -> &Xpriv {
+        &self.0[2]
+    }
+
+    pub fn to_root_wallet_keys(&self) -> RootWalletKeys {
+        let secp = crate::bitcoin::secp256k1::Secp256k1::new();
+        RootWalletKeys::new(self.0.map(|x| Xpub::from_priv(&secp, &x)))
+    }
+}
+
 // Basic helper types (no dependencies on other types in this file)
 
 #[derive(Debug, Clone, Deserialize, Serialize)]
@@ -511,23 +551,18 @@ impl PsbtStages {
             tx_format,
         )
         .expect("Failed to load fullsigned fixture");
-        let wallet_keys_unsigned =
-            parse_wallet_keys(&unsigned).expect("Failed to parse wallet keys");
-        let wallet_keys_halfsigned =
-            parse_wallet_keys(&halfsigned).expect("Failed to parse wallet keys");
-        let wallet_keys_fullsigned =
-            parse_wallet_keys(&fullsigned).expect("Failed to parse wallet keys");
+        let wallet_keys_unsigned = unsigned
+            .get_wallet_xprvs()
+            .expect("Failed to parse wallet keys");
+        let wallet_keys_halfsigned = halfsigned
+            .get_wallet_xprvs()
+            .expect("Failed to parse wallet keys");
+        let wallet_keys_fullsigned = fullsigned
+            .get_wallet_xprvs()
+            .expect("Failed to parse wallet keys");
         assert_eq!(wallet_keys_unsigned, wallet_keys_halfsigned);
         assert_eq!(wallet_keys_unsigned, wallet_keys_fullsigned);
-        let secp = crate::bitcoin::secp256k1::Secp256k1::new();
-        let wallet_keys = crate::fixed_script_wallet::RootWalletKeys::new(
-            wallet_keys_unsigned
-                .iter()
-                .map(|x| crate::bitcoin::bip32::Xpub::from_priv(&secp, x))
-                .collect::<Vec<_>>()
-                .try_into()
-                .expect("Failed to convert to XpubTriple"),
-        );
+        let wallet_keys = wallet_keys_unsigned.to_root_wallet_keys();
 
         Ok(Self {
             network,
@@ -614,6 +649,11 @@ impl PsbtFixture {
         Ok(psbt)
     }
 
+    /// Parse wallet keys from fixture (xprv strings)
+    pub fn get_wallet_xprvs(&self) -> Result<XprvTriple, Box<dyn std::error::Error>> {
+        XprvTriple::from_strings(self.wallet_keys.clone())
+    }
+
     pub fn find_input_with_script_type(
         &self,
         script_type: ScriptType,
@@ -807,19 +847,6 @@ pub fn decode_psbt_from_fixture(
     Ok(psbt)
 }
 
-/// Parse wallet keys from fixture (xprv strings)
-pub fn parse_wallet_keys(
-    fixture: &PsbtFixture,
-) -> Result<Vec<crate::bitcoin::bip32::Xpriv>, Box<dyn std::error::Error>> {
-    use std::str::FromStr;
-
-    fixture
-        .wallet_keys
-        .iter()
-        .map(|key_str| crate::bitcoin::bip32::Xpriv::from_str(key_str).map_err(|e| e.into()))
-        .collect()
-}
-
 // Helper functions for validation
 
 /// Compares a generated hex string with an expected hex string
@@ -1382,10 +1409,6 @@ mod tests {
         let psbt = decode_psbt_from_fixture(&fixture).expect("Failed to decode PSBT");
         assert_eq!(psbt.inputs.len(), 7);
         assert_eq!(psbt.outputs.len(), 5);
-
-        // Parse wallet keys
-        let xprvs = parse_wallet_keys(&fixture).expect("Failed to parse wallet keys");
-        assert_eq!(xprvs.len(), 3);
     }
 
     #[test]
diff --git a/packages/wasm-utxo/src/fixed_script_wallet/wallet_keys.rs b/packages/wasm-utxo/src/fixed_script_wallet/wallet_keys.rs
@@ -32,6 +32,12 @@ pub fn to_pub_triple(xpubs: &XpubTriple) -> PubTriple {
         .expect("could not convert vec to array")
 }
 
+pub fn derivation_path(prefix: &DerivationPath, chain: u32, index: u32) -> DerivationPath {
+    prefix
+        .child(ChildNumber::Normal { index: chain })
+        .child(ChildNumber::Normal { index })
+}
+
 #[derive(Debug, Clone)]
 pub struct RootWalletKeys {
     xpubs: XpubTriple,
@@ -68,10 +74,7 @@ impl RootWalletKeys {
         let paths: Vec<DerivationPath> = self
             .derivation_prefixes
             .iter()
-            .map(|p| {
-                p.child(ChildNumber::Normal { index: chain })
-                    .child(ChildNumber::Normal { index })
-            })
+            .map(|p| derivation_path(p, chain, index))
             .collect::<Vec<_>>();
 
         let ctx = Secp256k1::new();
diff --git a/packages/wasm-utxo/src/fixed_script_wallet/wallet_scripts/singlesig.rs b/packages/wasm-utxo/src/fixed_script_wallet/wallet_scripts/singlesig.rs
@@ -31,11 +31,11 @@ impl ScriptP2shP2pk {
 
 #[cfg(test)]
 mod tests {
+    use miniscript::bitcoin::bip32::Xpub;
+
     use super::*;
     use crate::bitcoin::secp256k1::Secp256k1;
-    use crate::fixed_script_wallet::test_utils::fixtures::{
-        load_psbt_fixture, parse_wallet_keys, SignatureState,
-    };
+    use crate::fixed_script_wallet::test_utils::fixtures::{load_psbt_fixture, SignatureState};
 
     #[test]
     fn test_p2sh_p2pk_script_generation_from_fixture() {
@@ -63,26 +63,11 @@ mod tests {
             .expect("No partial signature found");
 
         // Parse the wallet keys
-        let xprvs = parse_wallet_keys(&fixture).expect("Failed to parse wallet keys");
+        let xprvs = fixture
+            .get_wallet_xprvs()
+            .expect("Failed to parse wallet keys");
         let secp = Secp256k1::new();
-
-        // Find which key matches the expected pubkey
-        let mut matching_key = None;
-        for xprv in &xprvs {
-            let xpub = crate::bitcoin::bip32::Xpub::from_priv(&secp, xprv);
-            // Convert secp256k1::PublicKey to bitcoin::PublicKey
-            let bitcoin_pubkey = crate::bitcoin::PublicKey::new(xpub.public_key);
-            let compressed_pubkey = CompressedPublicKey::try_from(bitcoin_pubkey)
-                .expect("Failed to convert to compressed pubkey");
-            let pubkey_hex = hex::encode(compressed_pubkey.to_bytes());
-
-            if pubkey_hex == *expected_pubkey {
-                matching_key = Some(compressed_pubkey);
-                break;
-            }
-        }
-
-        let pubkey = matching_key.expect("Could not find matching pubkey in wallet keys");
+        let pubkey = Xpub::from_priv(&secp, xprvs.user_key()).to_pub();
 
         // Build the p2sh-p2pk script
         let script = ScriptP2shP2pk::new(pubkey);
