Merge pull request #615 from bitcoinjs/hltc
Add another CLTV test, isolate tests and cleanup
This commit is contained in:
commit
da6aea4039
5 changed files with 199 additions and 139 deletions
13
README.md
13
README.md
|
@ -91,7 +91,7 @@ Definitions for [Flow typechecker](https://flowtype.org/) are available in flow-
|
|||
|
||||
# npm install -g flow-typed
|
||||
$ flow-typed install -f 0.27 bitcoinjs-lib@2.2.0 # 0.27 for flow version, 2.2.0 for bitcoinjs-lib version
|
||||
|
||||
|
||||
The definitions are complete and up to date with version 2.2.0. The definitions are maintained by [@runn1ng](https://github.com/runn1ng).
|
||||
|
||||
## Examples
|
||||
|
@ -108,10 +108,13 @@ The below examples are implemented as integration tests, they should be very eas
|
|||
- [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24)
|
||||
- [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9)
|
||||
- [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25)
|
||||
- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14)
|
||||
- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L53)
|
||||
- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L55)
|
||||
- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L102)
|
||||
- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L11)
|
||||
- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L48)
|
||||
- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14)
|
||||
- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L60)
|
||||
- [Create a CLTV locked transaction where the expiry is past](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L36)
|
||||
- [Create a CLTV locked transaction where the parties bypass the expiry](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L70)
|
||||
- [Create a CLTV locked transaction which fails due to expiry in the future](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L102)
|
||||
|
||||
If you have a use case that you feel could be listed here, please [ask for it](https://github.com/bitcoinjs/bitcoinjs-lib/issues/new)!
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* global describe, it, beforeEach */
|
||||
/* global describe, it */
|
||||
|
||||
var assert = require('assert')
|
||||
var bitcoin = require('../../')
|
||||
|
@ -43,97 +43,4 @@ describe('bitcoinjs-lib (advanced)', function () {
|
|||
blockchain.t.transactions.propagate(txRaw.toHex(), done)
|
||||
})
|
||||
})
|
||||
|
||||
describe('can create transactions using OP_CHECKLOCKTIMEVERIFY', function (done) {
|
||||
var network = bitcoin.networks.testnet
|
||||
var alice = bitcoin.ECPair.fromWIF('cScfkGjbzzoeewVWmU2hYPUHeVGJRDdFt7WhmrVVGkxpmPP8BHWe', network)
|
||||
var bob = bitcoin.ECPair.fromWIF('cMkopUXKWsEzAjfa1zApksGRwjVpJRB3831qM9W4gKZsLwjHXA9x', network)
|
||||
|
||||
// now - 3 hours
|
||||
var threeHoursAgo = Math.floor(Date.now() / 1000) - (3600 * 3)
|
||||
var redeemScript = bitcoin.script.compile([
|
||||
bitcoin.opcodes.OP_IF,
|
||||
|
||||
bitcoin.script.number.encode(threeHoursAgo),
|
||||
bitcoin.opcodes.OP_CHECKLOCKTIMEVERIFY,
|
||||
bitcoin.opcodes.OP_DROP,
|
||||
|
||||
bitcoin.opcodes.OP_ELSE,
|
||||
|
||||
bob.getPublicKeyBuffer(),
|
||||
bitcoin.opcodes.OP_CHECKSIGVERIFY,
|
||||
|
||||
bitcoin.opcodes.OP_ENDIF,
|
||||
|
||||
alice.getPublicKeyBuffer(),
|
||||
bitcoin.opcodes.OP_CHECKSIG
|
||||
])
|
||||
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
|
||||
|
||||
var txId
|
||||
beforeEach(function (done) {
|
||||
this.timeout(10000)
|
||||
|
||||
blockchain.t.faucet(alice.getAddress(), 2e4, function (err, unspent) {
|
||||
if (err) return done(err)
|
||||
|
||||
// build the transaction
|
||||
var tx = new bitcoin.TransactionBuilder(network)
|
||||
tx.addInput(unspent.txId, unspent.vout)
|
||||
tx.addOutput(scriptPubKey, 1e4)
|
||||
tx.sign(0, alice)
|
||||
var txRaw = tx.build()
|
||||
|
||||
txId = txRaw.getId()
|
||||
|
||||
blockchain.t.transactions.propagate(txRaw.toHex(), done)
|
||||
})
|
||||
})
|
||||
|
||||
// expiry past, {Alice's signature} OP_TRUE
|
||||
it('where Alice can redeem after the expiry is past', function (done) {
|
||||
this.timeout(30000)
|
||||
|
||||
var tx2 = new bitcoin.TransactionBuilder(network)
|
||||
tx2.setLockTime(threeHoursAgo)
|
||||
tx2.addInput(txId, 0, 0xfffffffe)
|
||||
tx2.addOutput(alice.getAddress(), 1000)
|
||||
|
||||
var tx2Raw = tx2.buildIncomplete()
|
||||
var hashType = bitcoin.Transaction.SIGHASH_ALL
|
||||
var signatureHash = tx2Raw.hashForSignature(0, redeemScript, hashType)
|
||||
var signature = alice.sign(signatureHash)
|
||||
|
||||
var redeemScriptSig = bitcoin.script.scriptHashInput([
|
||||
signature.toScriptSignature(hashType), bitcoin.opcodes.OP_TRUE
|
||||
], redeemScript)
|
||||
|
||||
tx2Raw.setInputScript(0, redeemScriptSig)
|
||||
|
||||
blockchain.t.transactions.propagate(tx2Raw.toHex(), done)
|
||||
})
|
||||
|
||||
// {Bob's signature} {Alice's signature} OP_FALSE
|
||||
it('where Alice and Bob can redeem at any time', function (done) {
|
||||
this.timeout(30000)
|
||||
|
||||
var tx2 = new bitcoin.TransactionBuilder(network)
|
||||
tx2.setLockTime(threeHoursAgo)
|
||||
tx2.addInput(txId, 0, 0xfffffffe)
|
||||
tx2.addOutput(alice.getAddress(), 1000)
|
||||
|
||||
var tx2Raw = tx2.buildIncomplete()
|
||||
var hashType = bitcoin.Transaction.SIGHASH_ALL
|
||||
var signatureHash = tx2Raw.hashForSignature(0, redeemScript, hashType)
|
||||
var signatureA = alice.sign(signatureHash)
|
||||
var signatureB = bob.sign(signatureHash)
|
||||
var redeemScriptSig = bitcoin.script.scriptHashInput([
|
||||
signatureA.toScriptSignature(hashType), signatureB.toScriptSignature(hashType), bitcoin.opcodes.OP_FALSE
|
||||
], redeemScript)
|
||||
|
||||
tx2Raw.setInputScript(0, redeemScriptSig)
|
||||
|
||||
blockchain.t.transactions.propagate(tx2Raw.toHex(), done)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
|
140
test/integration/cltv.js
Normal file
140
test/integration/cltv.js
Normal file
|
@ -0,0 +1,140 @@
|
|||
/* global describe, it */
|
||||
|
||||
var assert = require('assert')
|
||||
var bitcoin = require('../../')
|
||||
var blockchain = require('./_blockchain')
|
||||
|
||||
var network = bitcoin.networks.testnet
|
||||
var alice = bitcoin.ECPair.fromWIF('cScfkGjbzzoeewVWmU2hYPUHeVGJRDdFt7WhmrVVGkxpmPP8BHWe', network)
|
||||
var bob = bitcoin.ECPair.fromWIF('cMkopUXKWsEzAjfa1zApksGRwjVpJRB3831qM9W4gKZsLwjHXA9x', network)
|
||||
|
||||
describe('bitcoinjs-lib (CLTV)', function () {
|
||||
var hashType = bitcoin.Transaction.SIGHASH_ALL
|
||||
|
||||
function cltvCheckSigInput (aQ, bQ, utcSeconds) {
|
||||
return bitcoin.script.compile([
|
||||
bitcoin.opcodes.OP_IF,
|
||||
bitcoin.script.number.encode(utcSeconds),
|
||||
bitcoin.opcodes.OP_CHECKLOCKTIMEVERIFY,
|
||||
bitcoin.opcodes.OP_DROP,
|
||||
|
||||
bitcoin.opcodes.OP_ELSE,
|
||||
bQ.getPublicKeyBuffer(),
|
||||
bitcoin.opcodes.OP_CHECKSIGVERIFY,
|
||||
bitcoin.opcodes.OP_ENDIF,
|
||||
|
||||
aQ.getPublicKeyBuffer(),
|
||||
bitcoin.opcodes.OP_CHECKSIG
|
||||
])
|
||||
}
|
||||
|
||||
function utcNow () {
|
||||
return Math.floor(Date.now() / 1000)
|
||||
}
|
||||
|
||||
// expiry past, {Alice's signature} OP_TRUE
|
||||
it('where Alice can redeem after the expiry is past', function (done) {
|
||||
this.timeout(30000)
|
||||
|
||||
// three hours ago
|
||||
var timeUtc = utcNow() - (3600 * 3)
|
||||
var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
|
||||
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
|
||||
var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
|
||||
|
||||
// fund the P2SH(CLTV) address
|
||||
blockchain.t.faucet(address, 2e4, function (err, unspent) {
|
||||
if (err) return done(err)
|
||||
|
||||
var tx = new bitcoin.TransactionBuilder(network)
|
||||
tx.setLockTime(timeUtc)
|
||||
tx.addInput(unspent.txId, 0, 0xfffffffe)
|
||||
tx.addOutput(alice.getAddress(), 1000)
|
||||
|
||||
var txRaw = tx.buildIncomplete()
|
||||
var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
|
||||
|
||||
// {Alice's signature} OP_TRUE
|
||||
var redeemScriptSig = bitcoin.script.scriptHashInput([
|
||||
alice.sign(signatureHash).toScriptSignature(hashType),
|
||||
bitcoin.opcodes.OP_TRUE
|
||||
], redeemScript)
|
||||
|
||||
txRaw.setInputScript(0, redeemScriptSig)
|
||||
|
||||
blockchain.t.transactions.propagate(txRaw.toHex(), done)
|
||||
})
|
||||
})
|
||||
|
||||
// expiry ignored, {Bob's signature} {Alice's signature} OP_FALSE
|
||||
it('where Alice and Bob can redeem at any time', function (done) {
|
||||
this.timeout(30000)
|
||||
|
||||
// two hours ago
|
||||
var timeUtc = utcNow() - (3600 * 2)
|
||||
var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
|
||||
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
|
||||
var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
|
||||
|
||||
// fund the P2SH(CLTV) address
|
||||
blockchain.t.faucet(address, 2e4, function (err, unspent) {
|
||||
if (err) return done(err)
|
||||
|
||||
var tx = new bitcoin.TransactionBuilder(network)
|
||||
tx.addInput(unspent.txId, 0, 0xfffffffe)
|
||||
tx.addOutput(alice.getAddress(), 1000)
|
||||
|
||||
var txRaw = tx.buildIncomplete()
|
||||
var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
|
||||
var redeemScriptSig = bitcoin.script.scriptHashInput([
|
||||
alice.sign(signatureHash).toScriptSignature(hashType),
|
||||
bob.sign(signatureHash).toScriptSignature(hashType),
|
||||
bitcoin.opcodes.OP_FALSE
|
||||
], redeemScript)
|
||||
|
||||
txRaw.setInputScript(0, redeemScriptSig)
|
||||
|
||||
blockchain.t.transactions.propagate(txRaw.toHex(), done)
|
||||
})
|
||||
})
|
||||
|
||||
// expiry in the future, {Alice's signature} OP_TRUE
|
||||
it('fails when still time-locked', function (done) {
|
||||
this.timeout(30000)
|
||||
|
||||
// two hours from now
|
||||
var timeUtc = utcNow() + (3600 * 2)
|
||||
var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
|
||||
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
|
||||
var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
|
||||
|
||||
// fund the P2SH(CLTV) address
|
||||
blockchain.t.faucet(address, 2e4, function (err, unspent) {
|
||||
if (err) return done(err)
|
||||
|
||||
var tx = new bitcoin.TransactionBuilder(network)
|
||||
tx.setLockTime(timeUtc)
|
||||
tx.addInput(unspent.txId, 0, 0xfffffffe)
|
||||
tx.addOutput(alice.getAddress(), 1000)
|
||||
|
||||
var txRaw = tx.buildIncomplete()
|
||||
var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
|
||||
|
||||
// {Alice's signature} OP_TRUE
|
||||
var redeemScriptSig = bitcoin.script.scriptHashInput([
|
||||
alice.sign(signatureHash).toScriptSignature(hashType),
|
||||
bitcoin.opcodes.OP_TRUE
|
||||
], redeemScript)
|
||||
|
||||
txRaw.setInputScript(0, redeemScriptSig)
|
||||
|
||||
blockchain.t.transactions.propagate(txRaw.toHex(), function (err) {
|
||||
assert.throws(function () {
|
||||
if (err) throw err
|
||||
}, /Error: 64: non-final/)
|
||||
|
||||
done()
|
||||
})
|
||||
})
|
||||
})
|
||||
})
|
|
@ -11,46 +11,7 @@ var ecurve = require('ecurve')
|
|||
var secp256k1 = ecurve.getCurveByName('secp256k1')
|
||||
|
||||
describe('bitcoinjs-lib (crypto)', function () {
|
||||
it('can generate a single-key stealth address', function () {
|
||||
var G = secp256k1.G
|
||||
var n = secp256k1.n
|
||||
|
||||
function stealthSend (Q) {
|
||||
var noncePair = bitcoin.ECPair.makeRandom()
|
||||
var e = noncePair.d
|
||||
var eQ = Q.multiply(e) // shared secret
|
||||
var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
|
||||
var cG = G.multiply(c)
|
||||
var Qprime = Q.add(cG)
|
||||
|
||||
return {
|
||||
shared: new bitcoin.ECPair(null, Qprime),
|
||||
nonce: noncePair.Q
|
||||
}
|
||||
}
|
||||
|
||||
function stealthReceive (d, P) {
|
||||
var dP = P.multiply(d) // shared secret
|
||||
var c = bigi.fromBuffer(bitcoin.crypto.sha256(dP.getEncoded()))
|
||||
return new bitcoin.ECPair(d.add(c).mod(n))
|
||||
}
|
||||
|
||||
// receiver private key
|
||||
var receiver = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
|
||||
|
||||
var stealthS = stealthSend(receiver.Q) // public, done by sender
|
||||
// ... sender now reveals nonce to receiver
|
||||
|
||||
var stealthR = stealthReceive(receiver.d, stealthS.nonce) // private, done by receiver
|
||||
|
||||
// and check that we derived both sides correctly
|
||||
assert.equal(stealthS.shared.getAddress(), stealthR.getAddress())
|
||||
})
|
||||
|
||||
// TODO
|
||||
it.skip('can generate a dual-key stealth address', function () {})
|
||||
|
||||
it("can recover a parent private key from the parent's public key and a derived non-hardened child private key", function () {
|
||||
it('can recover a BIP32 parent private key from the parent public key, and a derived, non-hardened child private key', function () {
|
||||
function recoverParent (master, child) {
|
||||
assert(!master.keyPair.d, 'You already have the parent private key')
|
||||
assert(child.keyPair.d, 'Missing child private key')
|
||||
|
|
49
test/integration/stealth.js
Normal file
49
test/integration/stealth.js
Normal file
|
@ -0,0 +1,49 @@
|
|||
/* global describe, it */
|
||||
|
||||
var assert = require('assert')
|
||||
var bigi = require('bigi')
|
||||
var bitcoin = require('../../')
|
||||
|
||||
var ecurve = require('ecurve')
|
||||
var secp256k1 = ecurve.getCurveByName('secp256k1')
|
||||
|
||||
describe('bitcoinjs-lib (crypto)', function () {
|
||||
it('can generate a single-key stealth address', function () {
|
||||
var G = secp256k1.G
|
||||
var n = secp256k1.n
|
||||
|
||||
function stealthSend (Q) {
|
||||
var noncePair = bitcoin.ECPair.makeRandom()
|
||||
var e = noncePair.d
|
||||
var eQ = Q.multiply(e) // shared secret
|
||||
var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
|
||||
var cG = G.multiply(c)
|
||||
var Qprime = Q.add(cG)
|
||||
|
||||
return {
|
||||
shared: new bitcoin.ECPair(null, Qprime),
|
||||
nonce: noncePair.Q
|
||||
}
|
||||
}
|
||||
|
||||
function stealthReceive (d, P) {
|
||||
var dP = P.multiply(d) // shared secret
|
||||
var c = bigi.fromBuffer(bitcoin.crypto.sha256(dP.getEncoded()))
|
||||
return new bitcoin.ECPair(d.add(c).mod(n))
|
||||
}
|
||||
|
||||
// receiver private key
|
||||
var receiver = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
|
||||
|
||||
var stealthS = stealthSend(receiver.Q) // public, done by sender
|
||||
// ... sender now reveals nonce to receiver
|
||||
|
||||
var stealthR = stealthReceive(receiver.d, stealthS.nonce) // private, done by receiver
|
||||
|
||||
// and check that we derived both sides correctly
|
||||
assert.equal(stealthS.shared.getAddress(), stealthR.getAddress())
|
||||
})
|
||||
|
||||
// TODO
|
||||
it.skip('can generate a dual-key stealth address', function () {})
|
||||
})
|
Loading…
Reference in a new issue