feat: extract tiny-secp256k1 out of the Psbt module

- the Psbt() constructor options accept an eccLib
- `tweakSigner()` is a public helper method
- `tiny-secp256k1` is only a dev dependency now

Author: motorina0

package-lock.json

@@ -53,7 +53,6 @@
     "bip174": "^2.0.1",
     "bs58check": "^2.1.2",
     "create-hash": "^1.1.0",
-    "tiny-secp256k1": "^2.2.0",
     "typeforce": "^1.11.3",
     "varuint-bitcoin": "^1.1.2",
     "wif": "^2.0.1"
@@ -84,6 +83,7 @@
     "randombytes": "^2.1.0",
     "regtest-client": "0.2.0",
     "rimraf": "^2.6.3",
+    "tiny-secp256k1": "^2.2.0",
     "ts-node": "^8.3.0",
     "tslint": "^6.1.3",
     "typescript": "^4.4.4"

package.json

@@ -6,7 +6,7 @@ import * as script from './script';
 export { address, crypto, networks, payments, script };
 export { Block } from './block';
 export { TaggedHashPrefix } from './crypto';
-export { Psbt, PsbtTxInput, PsbtTxOutput, Signer, SignerAsync, HDSigner, HDSignerAsync, } from './psbt';
+export { Psbt, PsbtTxInput, PsbtTxOutput, Signer, SignerAsync, HDSigner, HDSignerAsync, tweakSigner, } from './psbt';
 export { OPS as opcodes } from './ops';
 export { Transaction } from './transaction';
 export { Network } from './networks';

src/index.d.ts

@@ -1,6 +1,6 @@
 'use strict';
 Object.defineProperty(exports, '__esModule', { value: true });
-exports.Transaction = exports.opcodes = exports.Psbt = exports.Block = exports.script = exports.payments = exports.networks = exports.crypto = exports.address = void 0;
+exports.Transaction = exports.opcodes = exports.tweakSigner = exports.Psbt = exports.Block = exports.script = exports.payments = exports.networks = exports.crypto = exports.address = void 0;
 const address = require('./address');
 exports.address = address;
 const crypto = require('./crypto');
@@ -25,6 +25,12 @@ Object.defineProperty(exports, 'Psbt', {
     return psbt_1.Psbt;
   },
 });
+Object.defineProperty(exports, 'tweakSigner', {
+  enumerable: true,
+  get: function() {
+    return psbt_1.tweakSigner;
+  },
+});
 var ops_1 = require('./ops');
 Object.defineProperty(exports, 'opcodes', {
   enumerable: true,

src/index.js

@@ -17,7 +17,6 @@ function p2tr(a, opts) {
     !a.address &&
     !a.output &&
     !a.pubkey &&
-    !a.output &&
     !a.internalPubkey &&
     !(a.witness && a.witness.length > 1)
   )
@@ -115,6 +114,7 @@ function p2tr(a, opts) {
       return witness[witness.length - 1].slice(1, 33);
   });
   lazy.prop(o, 'signature', () => {
+    if (a.signature) return a.signature;
     if (!a.witness || a.witness.length !== 1) return;
     return a.witness[0];
   });
@@ -192,9 +192,6 @@ function p2tr(a, opts) {
         // key spending
         if (a.signature && !a.signature.equals(witness[0]))
           throw new TypeError('Signature mismatch');
-        // todo: recheck
-        // if (!bscript.isSchnorSignature(a.pubkey, a.witness[0]))
-        // throw new TypeError('Witness has invalid signature');
       } else {
         // script path spending
         const controlBlock = witness[witness.length - 1];

src/payments/p2tr.js

@@ -1,8 +1,10 @@
 /// <reference types="node" />
 import { Psbt as PsbtBase } from 'bip174';
 import { KeyValue, PsbtGlobalUpdate, PsbtInput, PsbtInputUpdate, PsbtOutput, PsbtOutputUpdate } from 'bip174/src/lib/interfaces';
+import { TinySecp256k1Interface as ECPairTinySecp256k1Interface } from 'ecpair';
 import { Network } from './networks';
 import { Transaction } from './transaction';
+import { TinySecp256k1Interface } from './types';
 export interface TransactionInput {
     hash: string | Buffer;
     index: number;
@@ -56,17 +58,6 @@ export declare class Psbt {
     static fromBase64(data: string, opts?: PsbtOptsOptional): Psbt;
     static fromHex(data: string, opts?: PsbtOptsOptional): Psbt;
     static fromBuffer(buffer: Buffer, opts?: PsbtOptsOptional): Psbt;
-    /**
-     * Helper method for converting a normal Signer into a Taproot Signer.
-     * Note that this helper method requires the Private Key of the Signer to be present.
-     * Steps:
-     *  - if the Y coordinate of the Signer Public Key is odd then negate the Private Key
-     *  - tweak the private key with the provided hash (should be empty for key-path spending)
-     * @param signer - a taproot signer object, the Private Key must be present
-     * @param opts - tweak options
-     * @returns a Signer having the Private and Public keys tweaked
-     */
-    static tweakSigner(signer: Signer, opts?: TaprootSignerOpts): Signer;
     private __CACHE;
     private opts;
     constructor(opts?: PsbtOptsOptional, data?: PsbtBase);
@@ -118,9 +109,21 @@ export declare class Psbt {
     addUnknownKeyValToOutput(outputIndex: number, keyVal: KeyValue): this;
     clearFinalizedInput(inputIndex: number): this;
 }
+/**
+ * Helper method for converting a normal Signer into a Taproot Signer.
+ * Note that this helper method requires the Private Key of the Signer to be present.
+ * Steps:
+ *  - if the Y coordinate of the Signer Public Key is odd then negate the Private Key
+ *  - tweak the private key with the provided hash (should be empty for key-path spending)
+ * @param signer - a taproot signer object, the Private Key must be present
+ * @param opts - tweak options
+ * @returns a Signer having the Private and Public keys tweaked
+ */
+export declare function tweakSigner(signer: Signer, opts: TaprootSignerOpts): Signer;
 interface PsbtOptsOptional {
     network?: Network;
     maximumFeeRate?: number;
+    eccLib?: TinySecp256k1Interface;
 }
 interface PsbtInputExtended extends PsbtInput, TransactionInput {
 }
@@ -181,7 +184,7 @@ export interface Signer {
  */
 export interface TaprootSignerOpts {
     network?: Network;
-    eccLib?: any;
+    eccLib: TinySecp256k1Interface & ECPairTinySecp256k1Interface;
     /** The hash used to tweak the Signer */
     tweakHash?: Buffer;
 }

src/psbt.d.ts

@@ -1,7 +1,6 @@
 'use strict';
 Object.defineProperty(exports, '__esModule', { value: true });
-exports.Psbt = void 0;
-const ecc = require('tiny-secp256k1'); // TODO: extract
+exports.tweakSigner = exports.Psbt = void 0;
 const ecpair_1 = require('ecpair');
 const bip174_1 = require('bip174');
 const varuint = require('bip174/src/lib/converter/varint');
@@ -81,6 +80,7 @@ class Psbt {
       // We will disable exporting the Psbt when unsafe sign is active.
       // because it is not BIP174 compliant.
       __UNSAFE_SIGN_NONSEGWIT: false,
+      __EC_LIB: opts.eccLib,
     };
     if (this.data.inputs.length === 0) this.setVersion(2);
     // Make data hidden when enumerating
@@ -106,39 +106,6 @@ class Psbt {
     checkTxForDupeIns(psbt.__CACHE.__TX, psbt.__CACHE);
     return psbt;
   }
-  /**
-   * Helper method for converting a normal Signer into a Taproot Signer.
-   * Note that this helper method requires the Private Key of the Signer to be present.
-   * Steps:
-   *  - if the Y coordinate of the Signer Public Key is odd then negate the Private Key
-   *  - tweak the private key with the provided hash (should be empty for key-path spending)
-   * @param signer - a taproot signer object, the Private Key must be present
-   * @param opts - tweak options
-   * @returns a Signer having the Private and Public keys tweaked
-   */
-  static tweakSigner(signer, opts = {}) {
-    let privateKey = signer.privateKey;
-    if (!privateKey) {
-      throw new Error('Private key is required for tweaking signer!');
-    }
-    if (signer.publicKey[0] === 3) {
-      privateKey = ecc.privateNegate(privateKey);
-    }
-    const tweakedPrivateKey = ecc.privateAdd(
-      privateKey,
-      (0, taprootutils_1.tapTweakHash)(
-        signer.publicKey.slice(1, 33),
-        opts.tweakHash,
-      ),
-    );
-    if (!tweakedPrivateKey) {
-      throw new Error('Invalid tweaked private key!');
-    }
-    const ECPair = (0, ecpair_1.ECPairFactory)(ecc);
-    return ECPair.fromPrivateKey(Buffer.from(tweakedPrivateKey), {
-      network: opts.network,
-    });
-  }
   get inputCount() {
     return this.data.inputs.length;
   }
@@ -307,7 +274,7 @@ class Psbt {
     range(this.data.inputs.length).forEach(idx => this.finalizeInput(idx));
     return this;
   }
-  finalizeInput(inputIndex, finalScriptsFunc = getFinalScripts) {
+  finalizeInput(inputIndex, finalScriptsFunc) {
     const input = (0, utils_1.checkForInput)(this.data.inputs, inputIndex);
     const { script, isP2SH, isP2WSH, isSegwit } = getScriptFromInput(
       inputIndex,
@@ -316,13 +283,15 @@ class Psbt {
     );
     if (!script) throw new Error(`No script found for input #${inputIndex}`);
     checkPartialSigSighashes(input);
-    const { finalScriptSig, finalScriptWitness } = finalScriptsFunc(
+    const fn = finalScriptsFunc || getFinalScripts;
+    const { finalScriptSig, finalScriptWitness } = fn(
       inputIndex,
       input,
       script,
       isSegwit,
       isP2SH,
       isP2WSH,
+      this.__CACHE.__EC_LIB,
     );
     if (finalScriptSig) this.data.updateInput(inputIndex, { finalScriptSig });
     if (finalScriptWitness)
@@ -348,7 +317,10 @@ class Psbt {
         redeemFromFinalWitnessScript(input.finalScriptWitness),
     );
     const type = result.type === 'raw' ? '' : result.type + '-';
-    const mainType = classifyScript(result.meaningfulScript);
+    const mainType = classifyScript(
+      result.meaningfulScript,
+      this.__CACHE.__EC_LIB,
+    );
     return type + mainType;
   }
   inputHasPubkey(inputIndex, pubkey) {
@@ -676,6 +648,41 @@ class Psbt {
   }
 }
 exports.Psbt = Psbt;
+/**
+ * Helper method for converting a normal Signer into a Taproot Signer.
+ * Note that this helper method requires the Private Key of the Signer to be present.
+ * Steps:
+ *  - if the Y coordinate of the Signer Public Key is odd then negate the Private Key
+ *  - tweak the private key with the provided hash (should be empty for key-path spending)
+ * @param signer - a taproot signer object, the Private Key must be present
+ * @param opts - tweak options
+ * @returns a Signer having the Private and Public keys tweaked
+ */
+function tweakSigner(signer, opts) {
+  // todo: test ecc??
+  let privateKey = signer.privateKey;
+  if (!privateKey) {
+    throw new Error('Private key is required for tweaking signer!');
+  }
+  if (signer.publicKey[0] === 3) {
+    privateKey = opts.eccLib.privateNegate(privateKey);
+  }
+  const tweakedPrivateKey = opts.eccLib.privateAdd(
+    privateKey,
+    (0, taprootutils_1.tapTweakHash)(
+      signer.publicKey.slice(1, 33),
+      opts.tweakHash,
+    ),
+  );
+  if (!tweakedPrivateKey) {
+    throw new Error('Invalid tweaked private key!');
+  }
+  const ECPair = (0, ecpair_1.ECPairFactory)(opts.eccLib);
+  return ECPair.fromPrivateKey(Buffer.from(tweakedPrivateKey), {
+    network: opts.network,
+  });
+}
+exports.tweakSigner = tweakSigner;
 /**
  * This function is needed to pass to the bip174 base class's fromBuffer.
  * It takes the "transaction buffer" portion of the psbt buffer and returns a
@@ -928,8 +935,16 @@ function getTxCacheValue(key, name, inputs, c) {
   if (key === '__FEE_RATE') return c.__FEE_RATE;
   else if (key === '__FEE') return c.__FEE;
 }
-function getFinalScripts(inputIndex, input, script, isSegwit, isP2SH, isP2WSH) {
-  const scriptType = classifyScript(script);
+function getFinalScripts(
+  inputIndex,
+  input,
+  script,
+  isSegwit,
+  isP2SH,
+  isP2WSH,
+  eccLib,
+) {
+  const scriptType = classifyScript(script, eccLib);
   if (!canFinalize(input, script, scriptType))
     throw new Error(`Can not finalize input #${inputIndex}`);
   return prepareFinalScripts(
@@ -1063,7 +1078,7 @@ function getHashForSig(
       prevout.value,
       sighashType,
     );
-  } else if (isP2TR(meaningfulScript, ecc)) {
+  } else if (isP2TR(meaningfulScript, cache.__EC_LIB)) {
     const prevOuts = inputs.map((i, index) =>
       getScriptAndAmountFromUtxo(index, i, cache),
     );
@@ -1143,7 +1158,7 @@ function getPayment(script, scriptType, partialSig) {
           output: script,
           signature: partialSig[0].signature,
         },
-        { eccLib: ecc },
+        { validate: false },
       );
       break;
   }
@@ -1190,7 +1205,11 @@ function getScriptFromInput(inputIndex, input, cache) {
       res.script = input.witnessUtxo.script;
     }
   }
-  if (input.witnessScript || isP2WPKH(res.script) || isP2TR(res.script, ecc)) {
+  if (
+    input.witnessScript ||
+    isP2WPKH(res.script) ||
+    isP2TR(res.script, cache.__EC_LIB)
+  ) {
     res.isSegwit = true;
   }
   return res;
@@ -1504,12 +1523,12 @@ function pubkeyInScript(pubkey, script) {
     );
   });
 }
-function classifyScript(script) {
+function classifyScript(script, eccLib) {
   if (isP2WPKH(script)) return 'witnesspubkeyhash';
   if (isP2PKH(script)) return 'pubkeyhash';
   if (isP2MS(script)) return 'multisig';
   if (isP2PK(script)) return 'pubkey';
-  if (isP2TR(script, ecc)) return 'taproot';
+  if (isP2TR(script, eccLib)) return 'taproot';
   return 'nonstandard';
 }
 function range(n) {

src/psbt.js

@@ -21,6 +21,8 @@ export interface TaprootLeaf {
 export interface TinySecp256k1Interface {
     isXOnlyPoint(p: Uint8Array): boolean;
     xOnlyPointAddTweak(p: Uint8Array, tweak: Uint8Array): XOnlyPointAddTweakResult | null;
+    privateAdd(d: Uint8Array, tweak: Uint8Array): Uint8Array | null;
+    privateNegate(d: Uint8Array): Uint8Array;
 }
 export declare const Buffer256bit: any;
 export declare const Hash160bit: any;

src/types.d.ts

@@ -281,6 +281,7 @@
       {
         "description": "Sign PSBT with 3 inputs [P2PKH, P2TR, P2WPKH] and two outputs [P2TR, P2WPKH]",
         "psbt": "cHNidP8BAM8CAAAAAwPzd9k+uLSN1rgF01xY1TIA/8N+YytNZ4VP9gKFP4MyAAAAAAD/////ZtAAqL2E1fKcmGo+7xuqS+nSQeKFVKGRYaHfIvLXn4sAAAAAAP////9+h+SlCwIx1MUDT7Bek0NrWXS7xnSPi5LbYbDc9sxYIgAAAAAA/////wIgKRsAAAAAACJRIEb2SXyy8Z1Qw+npgqlQ3MhiFLAfzOQ3pCBhx72xIw0zuAUBAAAAAAAWABTJijE0v48z5ZmmfEAADXdCBcG0FAAAAAAAAQDiAgAAAAABAUfY2D1t0dyMeEH39C1yOdIxigpqm7XJNqHVT3Lc+FkiAAAAAAD+////AhIsGwAAAAAAGXapFJ5+8XZ3ZP80oFldvEwrcNsBftBmiKyYdK6xAAAAABepFLDBn59UffGbX7u/olyFDG0eG1UJhwJHMEQCIDAd3s05C61flXVFqOtov0NoHRGr8KFcOpH6R/81F46EAiBt+j9hHyvT2hYEyf8fdYsM9IgbnybtPV+kRTHDa6Rj0AEhAmmZfwmoHsmCkEOn9AfRTh+863mURelmE8hSqL4MG1EydJwgAAABASu4BQEAAAAAACJRIJQh5zSw+dLEZ+p90ZfGGstEZ83LyfTLDFcfi2OlxAyuAAEBHxAnAAAAAAAAFgAUT6KsoSi2+d7lMJxPcAUeScZf1zIAAAA=",
+        "isTaproot": true,
         "keys": [
           {
             "inputToSign": 0,