feat(wasm-utxo): add network parameter to output script validation

OttoAllmendinger · llm-git · OttoAllmendinger · commit 9f72bb33a7eb · 2025-10-29T10:49:16.000+01:00
Add proper validation for supported script types based on network capabilities. This adds checks for SegWit and Taproot support in the output script generation methods, ensuring scripts are only created for networks that support them. - Add OutputScriptSupport struct to verify script compatibility - Add network parameter to outputScript function - Implement per-network script validation logic - Document supported features across different networks Issue: BTC-2652 Co-authored-by: llm-git <llm-git@ttll.de>
diff --git a/packages/wasm-utxo/js/fixedScriptWallet.ts b/packages/wasm-utxo/js/fixedScriptWallet.ts
@@ -12,8 +12,8 @@ export type WalletKeys =
 /**
  * Create the output script for a given wallet keys and chain and index
  */
-export function outputScript(keys: WalletKeys, chain: number, index: number): Uint8Array {
-  return FixedScriptWalletNamespace.output_script(keys, chain, index);
+export function outputScript(keys: WalletKeys, chain: number, index: number, network: UtxolibNetwork): Uint8Array {
+  return FixedScriptWalletNamespace.output_script(keys, chain, index, network);
 }
 
 /**
diff --git a/packages/wasm-utxo/src/address/networks.rs b/packages/wasm-utxo/src/address/networks.rs
@@ -71,12 +71,106 @@ impl AddressFormat {
     }
 }
 
+pub struct OutputScriptSupport {
+    pub segwit: bool,
+    pub taproot: bool,
+}
+
+impl OutputScriptSupport {
+    pub(crate) fn assert_legacy(&self) -> Result<()> {
+        // all coins support legacy scripts
+        Ok(())
+    }
+
+    pub(crate) fn assert_segwit(&self) -> Result<()> {
+        if !self.segwit {
+            return Err(AddressError::UnsupportedScriptType(
+                "Network does not support segwit".to_string(),
+            ));
+        }
+        Ok(())
+    }
+
+    pub(crate) fn assert_taproot(&self) -> Result<()> {
+        if !self.taproot {
+            return Err(AddressError::UnsupportedScriptType(
+                "Network does not support taproot".to_string(),
+            ));
+        }
+        Ok(())
+    }
+
+    pub fn assert_support(&self, script: &Script) -> Result<()> {
+        match script.witness_version() {
+            None => {
+                // all coins support legacy scripts
+            }
+            Some(WitnessVersion::V0) => {
+                self.assert_segwit()?;
+            }
+            Some(WitnessVersion::V1) => {
+                self.assert_taproot()?;
+            }
+            _ => {
+                return Err(AddressError::UnsupportedScriptType(
+                    "Unsupported witness version".to_string(),
+                ));
+            }
+        }
+        Ok(())
+    }
+}
+
+impl Network {
+    pub fn output_script_support(&self) -> OutputScriptSupport {
+        // SegWit support:
+        // Bitcoin: SegWit activated August 24, 2017 at block 481,824
+        // - Consensus rules: https://github.com/bitcoin/bitcoin/blob/v28.0/src/consensus/tx_verify.cpp
+        // - Witness validation: https://github.com/bitcoin/bitcoin/blob/v28.0/src/script/interpreter.cpp
+        // - BIP141 (SegWit): https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki
+        // - BIP143 (Signature verification): https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki
+        // - BIP144 (P2P changes): https://github.com/bitcoin/bips/blob/master/bip-0144.mediawiki
+        //
+        // Litecoin: SegWit activated May 10, 2017 at block 1,201,536
+        // - Consensus implementation: https://github.com/litecoin-project/litecoin/blob/v0.21.4/src/consensus/tx_verify.cpp
+        // - Script interpreter: https://github.com/litecoin-project/litecoin/blob/v0.21.4/src/script/interpreter.cpp
+        //
+        // Bitcoin Gold: Launched with SegWit support in October 2017
+        // - Implementation: https://github.com/BTCGPU/BTCGPU/blob/v0.17.3/src/consensus/tx_verify.cpp
+        let segwit = matches!(
+            self.mainnet(),
+            Network::Bitcoin | Network::Litecoin | Network::BitcoinGold
+        );
+
+        // Taproot support:
+        // Bitcoin: Taproot activated November 14, 2021 at block 709,632
+        // - Taproot validation: https://github.com/bitcoin/bitcoin/blob/v28.0/src/script/interpreter.cpp
+        //   (see VerifyWitnessProgram, WITNESS_V1_TAPROOT)
+        // - Schnorr signature verification: https://github.com/bitcoin/bitcoin/blob/v28.0/src/pubkey.cpp
+        //   (see XOnlyPubKey::VerifySchnorr)
+        // - Deployment params: https://github.com/bitcoin/bitcoin/blob/v28.0/src/kernel/chainparams.cpp
+        //   (see Consensus::DeploymentPos::DEPLOYMENT_TAPROOT)
+        // - BIP340 (Schnorr signatures): https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki
+        // - BIP341 (Taproot): https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki
+        // - BIP342 (Tapscript): https://github.com/bitcoin/bips/blob/master/bip-0342.mediawiki
+        //
+        // Litecoin: has apparent taproot support, but we have not enabled it in this library yet.
+        // - https://github.com/litecoin-project/litecoin/blob/v0.21.4/src/chainparams.cpp#L89-L92
+        // - https://github.com/litecoin-project/litecoin/blob/v0.21.4/src/script/interpreter.h#L129-L131
+        let taproot = segwit && matches!(self.mainnet(), Network::Bitcoin);
+
+        OutputScriptSupport { segwit, taproot }
+    }
+}
+
 /// Get codec for encoding an address for a given network and script type.
 fn get_encode_codec(
     network: Network,
     script: &Script,
     format: AddressFormat,
 ) -> Result<&'static dyn AddressCodec> {
+    network.output_script_support().assert_support(script)?;
+
     let is_witness = script.is_p2wpkh() || script.is_p2wsh() || script.is_p2tr();
     let is_legacy = script.is_p2pkh() || script.is_p2sh();
 
@@ -208,6 +302,7 @@ pub fn from_output_script_with_coin_and_format(
     from_output_script_with_network_and_format(script, network, format)
 }
 
+use miniscript::bitcoin::WitnessVersion;
 // WASM bindings
 use wasm_bindgen::prelude::*;
 
diff --git a/packages/wasm-utxo/src/address/utxolib_compat.rs b/packages/wasm-utxo/src/address/utxolib_compat.rs
@@ -3,7 +3,7 @@
 /// but for now we need to keep this compatibility layer.
 use wasm_bindgen::JsValue;
 
-use crate::address::networks::AddressFormat;
+use crate::address::networks::{AddressFormat, OutputScriptSupport};
 use crate::address::{bech32, cashaddr, Base58CheckCodec};
 use crate::bitcoin::{Script, ScriptBuf};
 
@@ -31,6 +31,19 @@ impl Network {
         Network::try_from_js_value(js_network)
             .map_err(|e| AddressError::InvalidAddress(e.to_string()))
     }
+    pub fn output_script_support(&self) -> OutputScriptSupport {
+        let segwit = self.bech32.is_some();
+
+        // In the context of this library, only bitcoin supports taproot
+        // See output_script_support in networks.rs for detailed references
+        let taproot = segwit
+            && self
+                .bech32
+                .as_ref()
+                .is_some_and(|bech32| bech32 == "bc" || bech32 == "tb");
+
+        OutputScriptSupport { segwit, taproot }
+    }
 }
 
 /// Convert output script to address string using a utxolib Network object
@@ -39,6 +52,8 @@ pub fn from_output_script_with_network(
     network: &Network,
     format: AddressFormat,
 ) -> Result<String> {
+    network.output_script_support().assert_support(script)?;
+
     // Handle cashaddr format if requested
     if matches!(format, AddressFormat::Cashaddr) {
         if let Some(ref cash_addr) = network.cash_addr {
diff --git a/packages/wasm-utxo/src/fixed_script_wallet/mod.rs b/packages/wasm-utxo/src/fixed_script_wallet/mod.rs
@@ -12,7 +12,7 @@ pub use wallet_keys::*;
 pub use wallet_scripts::*;
 use wasm_bindgen::prelude::*;
 
-use crate::address::networks::AddressFormat;
+use crate::address::networks::{AddressFormat};
 use crate::error::WasmMiniscriptError;
 use crate::try_from_js_value::TryFromJsValue;
 use crate::utxolib_compat::Network;
@@ -27,12 +27,14 @@ impl FixedScriptWalletNamespace {
         keys: JsValue,
         chain: u32,
         index: u32,
+        network: JsValue,
     ) -> Result<Vec<u8>, WasmMiniscriptError> {
+        let network = Network::try_from_js_value(&network)?;
         let chain = Chain::try_from(chain)
             .map_err(|e| WasmMiniscriptError::new(&format!("Invalid chain: {}", e)))?;
 
         let wallet_keys = RootWalletKeys::from_jsvalue(&keys)?;
-        let scripts = WalletScripts::from_wallet_keys(&wallet_keys, chain, index);
+        let scripts = WalletScripts::from_wallet_keys(&wallet_keys, chain, index, &network.output_script_support())?;
         Ok(scripts.output_script().to_bytes())
     }
 
@@ -48,7 +50,7 @@ impl FixedScriptWalletNamespace {
         let wallet_keys = RootWalletKeys::from_jsvalue(&keys)?;
         let chain = Chain::try_from(chain)
             .map_err(|e| WasmMiniscriptError::new(&format!("Invalid chain: {}", e)))?;
-        let scripts = WalletScripts::from_wallet_keys(&wallet_keys, chain, index);
+        let scripts = WalletScripts::from_wallet_keys(&wallet_keys, chain, index, &network.output_script_support())?;
         let script = scripts.output_script();
         let address_format = AddressFormat::from_optional_str(address_format.as_deref())
             .map_err(|e| WasmMiniscriptError::new(&format!("Invalid address format: {}", e)))?;
diff --git a/packages/wasm-utxo/src/fixed_script_wallet/test_utils/mod.rs b/packages/wasm-utxo/src/fixed_script_wallet/test_utils/mod.rs
@@ -7,7 +7,7 @@ use super::wallet_scripts::{Chain, WalletScripts};
 use crate::bitcoin::bip32::{DerivationPath, Fingerprint, Xpriv, Xpub};
 use crate::bitcoin::psbt::{Input as PsbtInput, Output as PsbtOutput, Psbt};
 use crate::bitcoin::{Transaction, TxIn, TxOut};
-use crate::RootWalletKeys;
+use crate::{Network, RootWalletKeys};
 use std::collections::BTreeMap;
 use std::str::FromStr;
 
@@ -32,8 +32,12 @@ pub fn get_test_wallet_keys(seed: &str) -> XpubTriple {
 /// Create a PSBT output for an external wallet (different keys)
 pub fn create_external_output(seed: &str) -> PsbtOutput {
     let xpubs = get_test_wallet_keys(seed);
-    let _scripts =
-        WalletScripts::from_wallet_keys(&RootWalletKeys::new(xpubs), Chain::P2wshExternal, 0);
+    let _scripts = WalletScripts::from_wallet_keys(
+        &RootWalletKeys::new(xpubs),
+        Chain::P2wshExternal,
+        0,
+        &Network::Bitcoin.output_script_support(),
+    ).unwrap();
     PsbtOutput {
         bip32_derivation: BTreeMap::new(),
         // witness_script: scripts.witness_script,
diff --git a/packages/wasm-utxo/src/fixed_script_wallet/wallet_scripts/mod.rs b/packages/wasm-utxo/src/fixed_script_wallet/wallet_scripts/mod.rs
@@ -12,8 +12,10 @@ pub use checkmultisig::{
 pub use checksigverify::{build_p2tr_ns_script, ScriptP2tr};
 pub use singlesig::{build_p2pk_script, ScriptP2shP2pk};
 
+use crate::address::networks::OutputScriptSupport;
 use crate::bitcoin::bip32::{ChildNumber, DerivationPath};
 use crate::bitcoin::ScriptBuf;
+use crate::error::WasmMiniscriptError;
 use crate::fixed_script_wallet::wallet_keys::{to_pub_triple, PubTriple, XpubTriple};
 use crate::RootWalletKeys;
 use std::convert::TryFrom;
@@ -51,32 +53,41 @@ impl std::fmt::Display for WalletScripts {
 }
 
 impl WalletScripts {
-    pub fn new(keys: &PubTriple, chain: Chain) -> WalletScripts {
+    pub fn new(
+        keys: &PubTriple,
+        chain: Chain,
+        script_support: &OutputScriptSupport,
+    ) -> Result<WalletScripts, WasmMiniscriptError> {
         match chain {
             Chain::P2shExternal | Chain::P2shInternal => {
+                script_support.assert_legacy()?;
                 let script = build_multisig_script_2_of_3(keys);
-                WalletScripts::P2sh(ScriptP2sh {
+                Ok(WalletScripts::P2sh(ScriptP2sh {
                     redeem_script: script,
-                })
+                }))
             }
             Chain::P2shP2wshExternal | Chain::P2shP2wshInternal => {
+                script_support.assert_segwit()?;
                 let script = build_multisig_script_2_of_3(keys);
-                WalletScripts::P2shP2wsh(ScriptP2shP2wsh {
+                Ok(WalletScripts::P2shP2wsh(ScriptP2shP2wsh {
                     redeem_script: script.clone().to_p2wsh(),
                     witness_script: script,
-                })
+                }))
             }
             Chain::P2wshExternal | Chain::P2wshInternal => {
+                script_support.assert_segwit()?;
                 let script = build_multisig_script_2_of_3(keys);
-                WalletScripts::P2wsh(ScriptP2wsh {
+                Ok(WalletScripts::P2wsh(ScriptP2wsh {
                     witness_script: script,
-                })
+                }))
             }
             Chain::P2trInternal | Chain::P2trExternal => {
-                WalletScripts::P2trLegacy(ScriptP2tr::new(keys, false))
+                script_support.assert_taproot()?;
+                Ok(WalletScripts::P2trLegacy(ScriptP2tr::new(keys, false)))
             }
             Chain::P2trMusig2Internal | Chain::P2trMusig2External => {
-                WalletScripts::P2trMusig2(ScriptP2tr::new(keys, true))
+                script_support.assert_taproot()?;
+                Ok(WalletScripts::P2trMusig2(ScriptP2tr::new(keys, true)))
             }
         }
     }
@@ -85,11 +96,12 @@ impl WalletScripts {
         wallet_keys: &RootWalletKeys,
         chain: Chain,
         index: u32,
-    ) -> WalletScripts {
+        script_support: &OutputScriptSupport,
+    ) -> Result<WalletScripts, WasmMiniscriptError> {
         let derived_keys = wallet_keys
             .derive_for_chain_and_index(chain as u32, index)
             .unwrap();
-        WalletScripts::new(&to_pub_triple(&derived_keys), chain)
+        WalletScripts::new(&to_pub_triple(&derived_keys), chain, script_support)
     }
 
     pub fn output_script(&self) -> ScriptBuf {
@@ -199,9 +211,16 @@ mod tests {
     use super::*;
     use crate::fixed_script_wallet::test_utils::fixtures;
     use crate::fixed_script_wallet::wallet_keys::tests::get_test_wallet_keys;
+    use crate::Network;
 
     fn assert_output_script(keys: &RootWalletKeys, chain: Chain, expected_script: &str) {
-        let scripts = WalletScripts::from_wallet_keys(keys, chain, 0);
+        let scripts = WalletScripts::from_wallet_keys(
+            keys,
+            chain,
+            0,
+            &Network::Bitcoin.output_script_support(),
+        )
+        .unwrap();
         let output_script = scripts.output_script();
         assert_eq!(output_script.to_hex_string(), expected_script);
     }
@@ -382,7 +401,13 @@ mod tests {
 
         let (chain, index) =
             parse_fixture_paths(input_fixture).expect("Failed to parse fixture paths");
-        let scripts = WalletScripts::from_wallet_keys(&wallet_keys, chain, index);
+        let scripts = WalletScripts::from_wallet_keys(
+            &wallet_keys,
+            chain,
+            index,
+            &Network::Bitcoin.output_script_support(),
+        )
+        .expect("Failed to create wallet scripts");
 
         // Use the new helper methods for validation
         match (scripts, input_fixture) {
