Merge pull request #60 from BitGo/BTC-1826.signWithPrvTaprootPlain

feat: add plain EC key signing for taproot descriptors

Author: OttoAllmendinger

packages/wasm-miniscript/Cargo.lock

@@ -11,6 +11,9 @@ wasm-bindgen = "0.2"
 js-sys = "0.3"
 miniscript = { version = "12.3.0" }
 
+[dev-dependencies]
+base64 = "0.22.1"
+
 [profile.release]
 # this is required to make webpack happy
 # https://github.com/webpack/webpack/issues/15566#issuecomment-2558347645

packages/wasm-miniscript/Cargo.toml

@@ -103,17 +103,3 @@ impl From<Miniscript<PublicKey, Legacy>> for WrapMiniscript {
         WrapMiniscript(WrapMiniscriptEnum::Legacy(miniscript))
     }
 }
-
-#[test]
-pub fn panic_xprv() {
-    use miniscript::bitcoin::secp256k1::Secp256k1;
-    use miniscript::Descriptor;
-    let (d,m) = Descriptor::parse_descriptor(
-        &Secp256k1::new(),
-        "wsh(multi(2,xprv9s21ZrQH143K31xYSDQpPDxsXRTUcvj2iNHm5NUtrGiGG5e2DtALGdso3pGz6ssrdK4PFmM8NSpSBHNqPqm55Qn3LqFtT2emdEXVYsCzC2U/2147483647'/0,xprv9vHkqa6EV4sPZHYqZznhT2NPtPCjKuDKGY38FBWLvgaDx45zo9WQRUT3dKYnjwih2yJD9mkrocEZXo1ex8G81dwSM1fwqWpWkeS3v86pgKt/1/2/*,xprv9s21ZrQH143K3QTDL4LXw2F7HEK3wJUD2nW2nRk4stbPy6cq3jPPqjiChkVvvNKmPGJxWUtg6LnF5kejMRNNU3TGtRBeJgk33yuGBxrMPHi/10/20/30/40/*'))",
-    ).unwrap();
-
-    let dd = d.at_derivation_index(0).unwrap();
-
-    let _ = dd.explicit_script().unwrap();
-}

packages/wasm-miniscript/src/miniscript.rs

@@ -1,15 +1,78 @@
 use crate::descriptor::WrapDescriptorEnum;
 use crate::try_into_js_value::TryIntoJsValue;
 use crate::WrapDescriptor;
-use miniscript::bitcoin::secp256k1::Secp256k1;
-use miniscript::bitcoin::Psbt;
+use miniscript::bitcoin::bip32::Fingerprint;
+use miniscript::bitcoin::secp256k1::{Context, Secp256k1, Signing};
+use miniscript::bitcoin::{bip32, psbt, secp256k1, PublicKey, XOnlyPublicKey};
+use miniscript::bitcoin::{PrivateKey, Psbt};
+use miniscript::descriptor::{SinglePub, SinglePubKey};
 use miniscript::psbt::PsbtExt;
-use miniscript::ToPublicKey;
+use miniscript::{DescriptorPublicKey, ToPublicKey};
 use std::collections::HashMap;
 use std::str::FromStr;
 use wasm_bindgen::prelude::wasm_bindgen;
 use wasm_bindgen::{JsError, JsValue};
 
+#[derive(Debug)]
+struct SingleKeySigner {
+    privkey: PrivateKey,
+    pubkey: PublicKey,
+    pubkey_xonly: XOnlyPublicKey,
+    fingerprint: Fingerprint,
+    fingerprint_xonly: Fingerprint,
+}
+
+impl SingleKeySigner {
+    fn fingerprint(key: SinglePubKey) -> Fingerprint {
+        DescriptorPublicKey::Single(SinglePub { origin: None, key }).master_fingerprint()
+    }
+
+    fn from_privkey<C: Signing>(privkey: PrivateKey, secp: &Secp256k1<C>) -> SingleKeySigner {
+        let pubkey = privkey.public_key(secp);
+        let pubkey_xonly = pubkey.to_x_only_pubkey();
+        SingleKeySigner {
+            privkey,
+            pubkey,
+            pubkey_xonly,
+            fingerprint: SingleKeySigner::fingerprint(SinglePubKey::FullKey(pubkey)),
+            fingerprint_xonly: SingleKeySigner::fingerprint(SinglePubKey::XOnly(pubkey_xonly)),
+        }
+    }
+}
+
+impl psbt::GetKey for SingleKeySigner {
+    type Error = String;
+
+    fn get_key<C: Signing>(
+        &self,
+        key_request: psbt::KeyRequest,
+        secp: &Secp256k1<C>,
+    ) -> Result<Option<PrivateKey>, Self::Error> {
+        match key_request {
+            // NOTE: this KeyRequest does not occur for taproot signatures
+            // even if the descriptor keys are definite, we will receive a bip32 request
+            // instead based on `DescriptorPublicKey::Single(SinglePub { origin: None, key, })`
+            psbt::KeyRequest::Pubkey(req_pubkey) => {
+                if req_pubkey == self.pubkey {
+                    Ok(Some(self.privkey.clone()))
+                } else {
+                    Ok(None)
+                }
+            }
+
+            psbt::KeyRequest::Bip32((fingerprint, path)) => {
+                if fingerprint.eq(&self.fingerprint) || fingerprint.eq(&self.fingerprint_xonly) {
+                    Ok(Some(self.privkey.clone()))
+                } else {
+                    Ok(None)
+                }
+            }
+
+            _ => Ok(None),
+        }
+    }
+}
+
 #[wasm_bindgen]
 pub struct WrapPsbt(Psbt);
 
@@ -69,8 +132,7 @@ impl WrapPsbt {
 
     #[wasm_bindgen(js_name = signWithXprv)]
     pub fn sign_with_xprv(&mut self, xprv: String) -> Result<JsValue, JsError> {
-        let key = miniscript::bitcoin::bip32::Xpriv::from_str(&xprv)
-            .map_err(|_| JsError::new("Invalid xprv"))?;
+        let key = bip32::Xpriv::from_str(&xprv).map_err(|_| JsError::new("Invalid xprv"))?;
         self.0
             .sign(&key, &Secp256k1::new())
             .map_err(|(_, errors)| JsError::new(&format!("{} errors: {:?}", errors.len(), errors)))
@@ -79,24 +141,12 @@ impl WrapPsbt {
 
     #[wasm_bindgen(js_name = signWithPrv)]
     pub fn sign_with_prv(&mut self, prv: Vec<u8>) -> Result<JsValue, JsError> {
-        let privkey = miniscript::bitcoin::PrivateKey::from_slice(
-            &prv,
-            miniscript::bitcoin::network::Network::Bitcoin,
-        )
-        .map_err(|_| JsError::new("Invalid private key"))?;
-        let mut map: HashMap<miniscript::bitcoin::PublicKey, miniscript::bitcoin::PrivateKey> =
-            std::collections::HashMap::new();
-        map.insert(privkey.public_key(&Secp256k1::new()), privkey);
-        map.insert(
-            privkey
-                .public_key(&Secp256k1::new())
-                .to_x_only_pubkey()
-                .to_public_key(),
-            privkey,
-        );
+        let privkey = PrivateKey::from_slice(&prv, miniscript::bitcoin::network::Network::Bitcoin)
+            .map_err(|_| JsError::new("Invalid private key"))?;
+        let secp = Secp256k1::new();
         self.0
-            .sign(&map, &Secp256k1::new())
-            .map_err(|(_, errors)| JsError::new(&format!("{} errors: {:?}", errors.len(), errors)))
+            .sign(&SingleKeySigner::from_privkey(privkey, &secp), &secp)
+            .map_err(|(r, errors)| JsError::new(&format!("{} errors: {:?}", errors.len(), errors)))
             .and_then(|r| r.try_to_js_value())
     }
 
@@ -107,3 +157,61 @@ impl WrapPsbt {
             .map_err(|vec_err| JsError::new(&format!("{} errors: {:?}", vec_err.len(), vec_err)))
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use crate::psbt::SingleKeySigner;
+    use base64::prelude::*;
+    use miniscript::bitcoin::bip32::{DerivationPath, Fingerprint, KeySource};
+    use miniscript::bitcoin::psbt::{SigningKeys, SigningKeysMap};
+    use miniscript::bitcoin::secp256k1::Secp256k1;
+    use miniscript::bitcoin::{PrivateKey, Psbt};
+    use miniscript::psbt::PsbtExt;
+    use miniscript::{DefiniteDescriptorKey, Descriptor, DescriptorPublicKey, ToPublicKey};
+    use std::str::FromStr;
+
+    fn psbt_from_base64(s: &str) -> Psbt {
+        let psbt = BASE64_STANDARD.decode(s.as_bytes()).unwrap();
+        Psbt::deserialize(&psbt).unwrap()
+    }
+
+    #[test]
+    pub fn test_wrap_privkey() {
+        let desc = "tr(039ab0771c5f88913208a26f81ab8223e98d25176e4648a5a2bb8ff79cf1c5198b,pk(039ab0771c5f88913208a26f81ab8223e98d25176e4648a5a2bb8ff79cf1c5198b))";
+        let desc = Descriptor::<DefiniteDescriptorKey>::from_str(desc).unwrap();
+        let psbt = "cHNidP8BAKYCAAAAAgEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAAD9////AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAP3///8CgBoGAAAAAAAWABRTtvjcap+5t7odMosMnHl97YJClYAaBgAAAAAAIlEg1S2GuUvFU+Ve4XFLV65ffhuYsGeDkpaER6lQFjONAmEAAAAAAAEBK0BCDwAAAAAAIlEg1S2GuUvFU+Ve4XFLV65ffhuYsGeDkpaER6lQFjONAmEAAQErQEIPAAAAAAAiUSDVLYa5S8VT5V7hcUtXrl9+G5iwZ4OSloRHqVAWM40CYQAAAA==";
+        let mut psbt = psbt_from_base64(psbt);
+        psbt.update_input_with_descriptor(0, &desc).unwrap();
+        println!("{:?}", psbt.inputs[0].tap_key_origins);
+        let prv =
+            PrivateKey::from_str("KzEGYtKcbhYwUWcZygbsqmF31f3iV7HC3iUQug7MBecwCz9hm1Tv").unwrap();
+        let pk = prv.public_key(&Secp256k1::new()).to_x_only_pubkey();
+        let secp = Secp256k1::new();
+        let sks = SingleKeySigner::from_privkey(prv, &secp);
+        psbt.inputs[0]
+            .tap_key_origins
+            .values()
+            .for_each(|key_source| {
+                let key_source_ref: KeySource = (
+                    Fingerprint::from_hex(&"aeee1e6a").unwrap(),
+                    DerivationPath::from(vec![]),
+                );
+                assert_eq!(key_source.1, key_source_ref);
+                assert_eq!(sks.fingerprint, key_source.1 .0,);
+            });
+        let mut expected_keys = SigningKeysMap::new();
+        expected_keys.insert(0, SigningKeys::Schnorr(vec![pk]));
+        expected_keys.insert(1, SigningKeys::Schnorr(vec![]));
+        assert_eq!(psbt.sign(&sks, &secp).unwrap(), expected_keys);
+    }
+
+    #[test]
+    fn test_tr_xpub() {
+        let d = "tr(xpub661MyMwAqRbcEv1i36otFUwWZRcQBJHjdCoQvqykteW4sMHP3m4h9TzvPhK9q7rtkkWMMTJB4jFxCgVki9GwB9GvfHf366dpXDAaHHHdad2/*,{pk(xpub661MyMwAqRbcFod8uqcC3G2jub4McRVKZsZrvWZXAUFBjeuyMT2UqDFkw3TAUebQRAE7XQKFFhvLRW2mWvmKC2KzNuCkzVkFucWapGqnkXj/*),pk(xpub661MyMwAqRbcFVAMsxk7PkfGh66U9K9qWh2dvS5s4kL4JaDHdZdBbb4CbzQxZMC2MAUcKZudSk86RxeaTQctKa6tpSCPEkKGYfMEFDKWJu9/*)})";
+        let desc = Descriptor::<DescriptorPublicKey>::from_str(d).unwrap();
+        let psbt = "cHNidP8BAKYCAAAAAgEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAAD9////AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAAAAAP3///8CgBoGAAAAAAAWABRTtvjcap+5t7odMosMnHl97YJClYAaBgAAAAAAIlEgBBlsh6bt3RStSy0egEjFHML8bVhqFYO8knG5OLcA/zcAAAAAAAEBK0BCDwAAAAAAIlEgBBlsh6bt3RStSy0egEjFHML8bVhqFYO8knG5OLcA/zcAAQErQEIPAAAAAAAiUSDFpFC16pT0pXIHKzV7teFiXul3DtlyYj9DdCpF1CHVQAAAAA==";
+        let mut psbt = psbt_from_base64(psbt);
+        psbt.update_input_with_descriptor(0, &desc.at_derivation_index(0).unwrap())
+            .unwrap();
+    }
+}