Merge pull request #615 from bitcoinjs/hltc

Add another CLTV test,  isolate tests and cleanup
This commit is contained in:
Daniel Cousens 2016-08-17 11:07:40 +10:00 committed by GitHub
commit da6aea4039
5 changed files with 199 additions and 139 deletions

View file

@ -108,10 +108,13 @@ The below examples are implemented as integration tests, they should be very eas
- [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24)
- [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9)
- [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25)
- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14)
- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L53)
- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L55)
- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L102)
- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L11)
- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L48)
- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14)
- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L60)
- [Create a CLTV locked transaction where the expiry is past](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L36)
- [Create a CLTV locked transaction where the parties bypass the expiry](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L70)
- [Create a CLTV locked transaction which fails due to expiry in the future](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L102)
If you have a use case that you feel could be listed here, please [ask for it](https://github.com/bitcoinjs/bitcoinjs-lib/issues/new)!

View file

@ -1,4 +1,4 @@
/* global describe, it, beforeEach */
/* global describe, it */
var assert = require('assert')
var bitcoin = require('../../')
@ -43,97 +43,4 @@ describe('bitcoinjs-lib (advanced)', function () {
blockchain.t.transactions.propagate(txRaw.toHex(), done)
})
})
describe('can create transactions using OP_CHECKLOCKTIMEVERIFY', function (done) {
var network = bitcoin.networks.testnet
var alice = bitcoin.ECPair.fromWIF('cScfkGjbzzoeewVWmU2hYPUHeVGJRDdFt7WhmrVVGkxpmPP8BHWe', network)
var bob = bitcoin.ECPair.fromWIF('cMkopUXKWsEzAjfa1zApksGRwjVpJRB3831qM9W4gKZsLwjHXA9x', network)
// now - 3 hours
var threeHoursAgo = Math.floor(Date.now() / 1000) - (3600 * 3)
var redeemScript = bitcoin.script.compile([
bitcoin.opcodes.OP_IF,
bitcoin.script.number.encode(threeHoursAgo),
bitcoin.opcodes.OP_CHECKLOCKTIMEVERIFY,
bitcoin.opcodes.OP_DROP,
bitcoin.opcodes.OP_ELSE,
bob.getPublicKeyBuffer(),
bitcoin.opcodes.OP_CHECKSIGVERIFY,
bitcoin.opcodes.OP_ENDIF,
alice.getPublicKeyBuffer(),
bitcoin.opcodes.OP_CHECKSIG
])
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
var txId
beforeEach(function (done) {
this.timeout(10000)
blockchain.t.faucet(alice.getAddress(), 2e4, function (err, unspent) {
if (err) return done(err)
// build the transaction
var tx = new bitcoin.TransactionBuilder(network)
tx.addInput(unspent.txId, unspent.vout)
tx.addOutput(scriptPubKey, 1e4)
tx.sign(0, alice)
var txRaw = tx.build()
txId = txRaw.getId()
blockchain.t.transactions.propagate(txRaw.toHex(), done)
})
})
// expiry past, {Alice's signature} OP_TRUE
it('where Alice can redeem after the expiry is past', function (done) {
this.timeout(30000)
var tx2 = new bitcoin.TransactionBuilder(network)
tx2.setLockTime(threeHoursAgo)
tx2.addInput(txId, 0, 0xfffffffe)
tx2.addOutput(alice.getAddress(), 1000)
var tx2Raw = tx2.buildIncomplete()
var hashType = bitcoin.Transaction.SIGHASH_ALL
var signatureHash = tx2Raw.hashForSignature(0, redeemScript, hashType)
var signature = alice.sign(signatureHash)
var redeemScriptSig = bitcoin.script.scriptHashInput([
signature.toScriptSignature(hashType), bitcoin.opcodes.OP_TRUE
], redeemScript)
tx2Raw.setInputScript(0, redeemScriptSig)
blockchain.t.transactions.propagate(tx2Raw.toHex(), done)
})
// {Bob's signature} {Alice's signature} OP_FALSE
it('where Alice and Bob can redeem at any time', function (done) {
this.timeout(30000)
var tx2 = new bitcoin.TransactionBuilder(network)
tx2.setLockTime(threeHoursAgo)
tx2.addInput(txId, 0, 0xfffffffe)
tx2.addOutput(alice.getAddress(), 1000)
var tx2Raw = tx2.buildIncomplete()
var hashType = bitcoin.Transaction.SIGHASH_ALL
var signatureHash = tx2Raw.hashForSignature(0, redeemScript, hashType)
var signatureA = alice.sign(signatureHash)
var signatureB = bob.sign(signatureHash)
var redeemScriptSig = bitcoin.script.scriptHashInput([
signatureA.toScriptSignature(hashType), signatureB.toScriptSignature(hashType), bitcoin.opcodes.OP_FALSE
], redeemScript)
tx2Raw.setInputScript(0, redeemScriptSig)
blockchain.t.transactions.propagate(tx2Raw.toHex(), done)
})
})
})

140
test/integration/cltv.js Normal file
View file

@ -0,0 +1,140 @@
/* global describe, it */
var assert = require('assert')
var bitcoin = require('../../')
var blockchain = require('./_blockchain')
var network = bitcoin.networks.testnet
var alice = bitcoin.ECPair.fromWIF('cScfkGjbzzoeewVWmU2hYPUHeVGJRDdFt7WhmrVVGkxpmPP8BHWe', network)
var bob = bitcoin.ECPair.fromWIF('cMkopUXKWsEzAjfa1zApksGRwjVpJRB3831qM9W4gKZsLwjHXA9x', network)
describe('bitcoinjs-lib (CLTV)', function () {
var hashType = bitcoin.Transaction.SIGHASH_ALL
function cltvCheckSigInput (aQ, bQ, utcSeconds) {
return bitcoin.script.compile([
bitcoin.opcodes.OP_IF,
bitcoin.script.number.encode(utcSeconds),
bitcoin.opcodes.OP_CHECKLOCKTIMEVERIFY,
bitcoin.opcodes.OP_DROP,
bitcoin.opcodes.OP_ELSE,
bQ.getPublicKeyBuffer(),
bitcoin.opcodes.OP_CHECKSIGVERIFY,
bitcoin.opcodes.OP_ENDIF,
aQ.getPublicKeyBuffer(),
bitcoin.opcodes.OP_CHECKSIG
])
}
function utcNow () {
return Math.floor(Date.now() / 1000)
}
// expiry past, {Alice's signature} OP_TRUE
it('where Alice can redeem after the expiry is past', function (done) {
this.timeout(30000)
// three hours ago
var timeUtc = utcNow() - (3600 * 3)
var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
// fund the P2SH(CLTV) address
blockchain.t.faucet(address, 2e4, function (err, unspent) {
if (err) return done(err)
var tx = new bitcoin.TransactionBuilder(network)
tx.setLockTime(timeUtc)
tx.addInput(unspent.txId, 0, 0xfffffffe)
tx.addOutput(alice.getAddress(), 1000)
var txRaw = tx.buildIncomplete()
var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
// {Alice's signature} OP_TRUE
var redeemScriptSig = bitcoin.script.scriptHashInput([
alice.sign(signatureHash).toScriptSignature(hashType),
bitcoin.opcodes.OP_TRUE
], redeemScript)
txRaw.setInputScript(0, redeemScriptSig)
blockchain.t.transactions.propagate(txRaw.toHex(), done)
})
})
// expiry ignored, {Bob's signature} {Alice's signature} OP_FALSE
it('where Alice and Bob can redeem at any time', function (done) {
this.timeout(30000)
// two hours ago
var timeUtc = utcNow() - (3600 * 2)
var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
// fund the P2SH(CLTV) address
blockchain.t.faucet(address, 2e4, function (err, unspent) {
if (err) return done(err)
var tx = new bitcoin.TransactionBuilder(network)
tx.addInput(unspent.txId, 0, 0xfffffffe)
tx.addOutput(alice.getAddress(), 1000)
var txRaw = tx.buildIncomplete()
var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
var redeemScriptSig = bitcoin.script.scriptHashInput([
alice.sign(signatureHash).toScriptSignature(hashType),
bob.sign(signatureHash).toScriptSignature(hashType),
bitcoin.opcodes.OP_FALSE
], redeemScript)
txRaw.setInputScript(0, redeemScriptSig)
blockchain.t.transactions.propagate(txRaw.toHex(), done)
})
})
// expiry in the future, {Alice's signature} OP_TRUE
it('fails when still time-locked', function (done) {
this.timeout(30000)
// two hours from now
var timeUtc = utcNow() + (3600 * 2)
var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
// fund the P2SH(CLTV) address
blockchain.t.faucet(address, 2e4, function (err, unspent) {
if (err) return done(err)
var tx = new bitcoin.TransactionBuilder(network)
tx.setLockTime(timeUtc)
tx.addInput(unspent.txId, 0, 0xfffffffe)
tx.addOutput(alice.getAddress(), 1000)
var txRaw = tx.buildIncomplete()
var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
// {Alice's signature} OP_TRUE
var redeemScriptSig = bitcoin.script.scriptHashInput([
alice.sign(signatureHash).toScriptSignature(hashType),
bitcoin.opcodes.OP_TRUE
], redeemScript)
txRaw.setInputScript(0, redeemScriptSig)
blockchain.t.transactions.propagate(txRaw.toHex(), function (err) {
assert.throws(function () {
if (err) throw err
}, /Error: 64: non-final/)
done()
})
})
})
})

View file

@ -11,46 +11,7 @@ var ecurve = require('ecurve')
var secp256k1 = ecurve.getCurveByName('secp256k1')
describe('bitcoinjs-lib (crypto)', function () {
it('can generate a single-key stealth address', function () {
var G = secp256k1.G
var n = secp256k1.n
function stealthSend (Q) {
var noncePair = bitcoin.ECPair.makeRandom()
var e = noncePair.d
var eQ = Q.multiply(e) // shared secret
var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
var cG = G.multiply(c)
var Qprime = Q.add(cG)
return {
shared: new bitcoin.ECPair(null, Qprime),
nonce: noncePair.Q
}
}
function stealthReceive (d, P) {
var dP = P.multiply(d) // shared secret
var c = bigi.fromBuffer(bitcoin.crypto.sha256(dP.getEncoded()))
return new bitcoin.ECPair(d.add(c).mod(n))
}
// receiver private key
var receiver = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
var stealthS = stealthSend(receiver.Q) // public, done by sender
// ... sender now reveals nonce to receiver
var stealthR = stealthReceive(receiver.d, stealthS.nonce) // private, done by receiver
// and check that we derived both sides correctly
assert.equal(stealthS.shared.getAddress(), stealthR.getAddress())
})
// TODO
it.skip('can generate a dual-key stealth address', function () {})
it("can recover a parent private key from the parent's public key and a derived non-hardened child private key", function () {
it('can recover a BIP32 parent private key from the parent public key, and a derived, non-hardened child private key', function () {
function recoverParent (master, child) {
assert(!master.keyPair.d, 'You already have the parent private key')
assert(child.keyPair.d, 'Missing child private key')

View file

@ -0,0 +1,49 @@
/* global describe, it */
var assert = require('assert')
var bigi = require('bigi')
var bitcoin = require('../../')
var ecurve = require('ecurve')
var secp256k1 = ecurve.getCurveByName('secp256k1')
describe('bitcoinjs-lib (crypto)', function () {
it('can generate a single-key stealth address', function () {
var G = secp256k1.G
var n = secp256k1.n
function stealthSend (Q) {
var noncePair = bitcoin.ECPair.makeRandom()
var e = noncePair.d
var eQ = Q.multiply(e) // shared secret
var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
var cG = G.multiply(c)
var Qprime = Q.add(cG)
return {
shared: new bitcoin.ECPair(null, Qprime),
nonce: noncePair.Q
}
}
function stealthReceive (d, P) {
var dP = P.multiply(d) // shared secret
var c = bigi.fromBuffer(bitcoin.crypto.sha256(dP.getEncoded()))
return new bitcoin.ECPair(d.add(c).mod(n))
}
// receiver private key
var receiver = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
var stealthS = stealthSend(receiver.Q) // public, done by sender
// ... sender now reveals nonce to receiver
var stealthR = stealthReceive(receiver.d, stealthS.nonce) // private, done by receiver
// and check that we derived both sides correctly
assert.equal(stealthS.shared.getAddress(), stealthR.getAddress())
})
// TODO
it.skip('can generate a dual-key stealth address', function () {})
})