From 93af5afe67dbc491e36bdfc8d48a00179093f7d1 Mon Sep 17 00:00:00 2001
From: junderw <junderwood@bitcoinbank.co.jp>
Date: Sat, 27 Nov 2021 08:35:19 +0900
Subject: [PATCH 1/3] Add warning to future segwit version address
generation/parsing
---
src/address.js | 10 +++++++++-
ts_src/address.ts | 12 +++++++++++-
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/src/address.js b/src/address.js
index 12938fc..164bf7e 100644
--- a/src/address.js
+++ b/src/address.js
@@ -13,6 +13,11 @@ const FUTURE_SEGWIT_MIN_SIZE = 2;
const FUTURE_SEGWIT_MAX_VERSION = 16;
const FUTURE_SEGWIT_MIN_VERSION = 1;
const FUTURE_SEGWIT_VERSION_DIFF = 0x50;
+const FUTURE_SEGWIT_VERSION_WARNING =
+ 'WARNING: Sending to a future segwit version address can lead to loss of funds. ' +
+ 'End users MUST be warned carefully in the GUI and asked if they wish to proceed ' +
+ 'with caution. Wallets should verify the segwit version from the output of fromBech32, ' +
+ 'then decide when it is safe to use which version of segwit.';
function _toFutureSegwitAddress(output, network) {
const data = output.slice(2);
if (
@@ -28,6 +33,7 @@ function _toFutureSegwitAddress(output, network) {
throw new TypeError('Invalid version for segwit address');
if (output[1] !== data.length)
throw new TypeError('Invalid script for segwit address');
+ console.warn(FUTURE_SEGWIT_VERSION_WARNING);
return toBech32(data, version, network.bech32);
}
function fromBase58Check(address) {
@@ -128,11 +134,13 @@ function toOutputScript(address, network) {
decodeBech32.version <= FUTURE_SEGWIT_MAX_VERSION &&
decodeBech32.data.length >= FUTURE_SEGWIT_MIN_SIZE &&
decodeBech32.data.length <= FUTURE_SEGWIT_MAX_SIZE
- )
+ ) {
+ console.warn(FUTURE_SEGWIT_VERSION_WARNING);
return bscript.compile([
decodeBech32.version + FUTURE_SEGWIT_VERSION_DIFF,
decodeBech32.data,
]);
+ }
}
}
throw new Error(address + ' has no matching Script');
diff --git a/ts_src/address.ts b/ts_src/address.ts
index d8111a7..753589d 100644
--- a/ts_src/address.ts
+++ b/ts_src/address.ts
@@ -23,6 +23,11 @@ const FUTURE_SEGWIT_MIN_SIZE: number = 2;
const FUTURE_SEGWIT_MAX_VERSION: number = 16;
const FUTURE_SEGWIT_MIN_VERSION: number = 1;
const FUTURE_SEGWIT_VERSION_DIFF: number = 0x50;
+const FUTURE_SEGWIT_VERSION_WARNING: string =
+ 'WARNING: Sending to a future segwit version address can lead to loss of funds. ' +
+ 'End users MUST be warned carefully in the GUI and asked if they wish to proceed ' +
+ 'with caution. Wallets should verify the segwit version from the output of fromBech32, ' +
+ 'then decide when it is safe to use which version of segwit.';
function _toFutureSegwitAddress(output: Buffer, network: Network): string {
const data = output.slice(2);
@@ -44,6 +49,8 @@ function _toFutureSegwitAddress(output: Buffer, network: Network): string {
if (output[1] !== data.length)
throw new TypeError('Invalid script for segwit address');
+ console.warn(FUTURE_SEGWIT_VERSION_WARNING);
+
return toBech32(data, version, network.bech32);
}
@@ -163,11 +170,14 @@ export function toOutputScript(address: string, network?: Network): Buffer {
decodeBech32.version <= FUTURE_SEGWIT_MAX_VERSION &&
decodeBech32.data.length >= FUTURE_SEGWIT_MIN_SIZE &&
decodeBech32.data.length <= FUTURE_SEGWIT_MAX_SIZE
- )
+ ) {
+ console.warn(FUTURE_SEGWIT_VERSION_WARNING);
+
return bscript.compile([
decodeBech32.version + FUTURE_SEGWIT_VERSION_DIFF,
decodeBech32.data,
]);
+ }
}
}
From 11202eb74cc9d9a7338ef4aa04c78061f0544289 Mon Sep 17 00:00:00 2001
From: junderw <junderwood@bitcoinbank.co.jp>
Date: Sat, 27 Nov 2021 08:42:12 +0900
Subject: [PATCH 2/3] 6.0.1
---
package-lock.json | 2 +-
package.json | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index d6b9ce8..2ea42ae 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
{
"name": "bitcoinjs-lib",
- "version": "6.0.0",
+ "version": "6.0.1",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
diff --git a/package.json b/package.json
index 36d9003..dc93c53 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "bitcoinjs-lib",
- "version": "6.0.0",
+ "version": "6.0.1",
"description": "Client-side Bitcoin JavaScript library",
"main": "./src/index.js",
"types": "./src/index.d.ts",
From 2edfb992fa09761e09490b5efa27ba13a77de374 Mon Sep 17 00:00:00 2001
From: Vlad Stan <stan.v.vlad@gmail.com>
Date: Fri, 17 Dec 2021 13:27:35 +0200
Subject: [PATCH 3/3] test: upgrade ecpair lib to version 2.0.1
---
package-lock.json | 123 ++------------------------
package.json | 4 +-
test/integration/addresses.spec.ts | 5 +-
test/integration/cltv.spec.ts | 5 +-
test/integration/csv.spec.ts | 5 +-
test/integration/payments.spec.ts | 5 +-
test/integration/transactions.spec.ts | 4 +-
test/psbt.spec.ts | 3 +-
8 files changed, 32 insertions(+), 122 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 2ea42ae..3e5bd51 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -541,15 +541,6 @@
"integrity": "sha512-Phlt0plgpIIBOGTT/ehfFnbNlfsDEiqmzE2KRXoX1bLIlir4X/MR+zSyBEkL05ffWgnRSf/DXv+WrUAVr93/ow==",
"dev": true
},
- "bindings": {
- "version": "1.5.0",
- "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz",
- "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==",
- "dev": true,
- "requires": {
- "file-uri-to-path": "1.0.0"
- }
- },
"bip174": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/bip174/-/bip174-2.0.1.tgz",
@@ -640,12 +631,6 @@
"fill-range": "^7.0.1"
}
},
- "brorand": {
- "version": "1.1.0",
- "resolved": "https://registry.npmjs.org/brorand/-/brorand-1.1.0.tgz",
- "integrity": "sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=",
- "dev": true
- },
"browser-stdout": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz",
@@ -931,59 +916,14 @@
"dev": true
},
"ecpair": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/ecpair/-/ecpair-1.0.0.tgz",
- "integrity": "sha512-1L+P/ivLC3eKHgqcX1M9tFYQWXDoqwJ3zQnN7zDaTtLpiCQKpFTaAZvnsPC5PkWB4q3EPFAHffCLvjfCqRjuwQ==",
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/ecpair/-/ecpair-2.0.1.tgz",
+ "integrity": "sha512-iT3wztQMeE/nDTlfnAg8dAFUfBS7Tq2BXzq3ae6L+pWgFU0fQ3l0woTzdTBrJV3OxBjxbzjq8EQhAbEmJNWFSw==",
"dev": true,
"requires": {
- "randombytes": "^2.0.1",
- "tiny-secp256k1": "^1.1.6",
- "typeforce": "^1.11.3",
- "wif": "^2.0.1"
- },
- "dependencies": {
- "tiny-secp256k1": {
- "version": "1.1.6",
- "resolved": "https://registry.npmjs.org/tiny-secp256k1/-/tiny-secp256k1-1.1.6.tgz",
- "integrity": "sha512-FmqJZGduTyvsr2cF3375fqGHUovSwDi/QytexX1Se4BPuPZpTE5Ftp5fg+EFSuEf3lhZqgCRjEG3ydUQ/aNiwA==",
- "dev": true,
- "requires": {
- "bindings": "^1.3.0",
- "bn.js": "^4.11.8",
- "create-hmac": "^1.1.7",
- "elliptic": "^6.4.0",
- "nan": "^2.13.2"
- }
- }
- }
- },
- "elliptic": {
- "version": "6.5.4",
- "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz",
- "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==",
- "dev": true,
- "requires": {
- "bn.js": "^4.11.9",
- "brorand": "^1.1.0",
- "hash.js": "^1.0.0",
- "hmac-drbg": "^1.0.1",
- "inherits": "^2.0.4",
- "minimalistic-assert": "^1.0.1",
- "minimalistic-crypto-utils": "^1.0.1"
- },
- "dependencies": {
- "bn.js": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
- "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==",
- "dev": true
- },
- "inherits": {
- "version": "2.0.4",
- "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
- "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
- "dev": true
- }
+ "randombytes": "^2.1.0",
+ "typeforce": "^1.18.0",
+ "wif": "^2.0.6"
}
},
"emoji-regex": {
@@ -1040,12 +980,6 @@
"integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==",
"dev": true
},
- "file-uri-to-path": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz",
- "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==",
- "dev": true
- },
"fill-keys": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/fill-keys/-/fill-keys-1.0.2.tgz",
@@ -1218,16 +1152,6 @@
"safe-buffer": "^5.0.1"
}
},
- "hash.js": {
- "version": "1.1.7",
- "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.7.tgz",
- "integrity": "sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==",
- "dev": true,
- "requires": {
- "inherits": "^2.0.3",
- "minimalistic-assert": "^1.0.1"
- }
- },
"hasha": {
"version": "5.2.2",
"resolved": "https://registry.npmjs.org/hasha/-/hasha-5.2.2.tgz",
@@ -1244,17 +1168,6 @@
"integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==",
"dev": true
},
- "hmac-drbg": {
- "version": "1.0.1",
- "resolved": "https://registry.npmjs.org/hmac-drbg/-/hmac-drbg-1.0.1.tgz",
- "integrity": "sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=",
- "dev": true,
- "requires": {
- "hash.js": "^1.0.3",
- "minimalistic-assert": "^1.0.0",
- "minimalistic-crypto-utils": "^1.0.1"
- }
- },
"hoodwink": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/hoodwink/-/hoodwink-2.0.0.tgz",
@@ -1640,18 +1553,6 @@
"pushdata-bitcoin": "^1.0.1"
}
},
- "minimalistic-assert": {
- "version": "1.0.1",
- "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz",
- "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==",
- "dev": true
- },
- "minimalistic-crypto-utils": {
- "version": "1.0.1",
- "resolved": "https://registry.npmjs.org/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz",
- "integrity": "sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=",
- "dev": true
- },
"minimatch": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
@@ -1720,12 +1621,6 @@
"integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==",
"dev": true
},
- "nan": {
- "version": "2.15.0",
- "resolved": "https://registry.npmjs.org/nan/-/nan-2.15.0.tgz",
- "integrity": "sha512-8ZtvEnA2c5aYCZYd1cvgdnU6cqwixRoYg70xPLWUws5ORTa/lnw+u4amixRS/Ac5U5mQVgp9pnlSUnbNWFaWZQ==",
- "dev": true
- },
"node-environment-flags": {
"version": "1.0.6",
"resolved": "https://registry.npmjs.org/node-environment-flags/-/node-environment-flags-1.0.6.tgz",
@@ -2479,9 +2374,9 @@
}
},
"tiny-secp256k1": {
- "version": "2.1.1",
- "resolved": "https://registry.npmjs.org/tiny-secp256k1/-/tiny-secp256k1-2.1.1.tgz",
- "integrity": "sha512-pdENPcbI4l3Br6sPVuC5RWONHojcPjBiXljIBvQ5UIN/MD6wPzmJ8mpDnkps3O7FFfT+fLqGXo2MdFdRQaPWUg==",
+ "version": "2.1.2",
+ "resolved": "https://registry.npmjs.org/tiny-secp256k1/-/tiny-secp256k1-2.1.2.tgz",
+ "integrity": "sha512-8qPw7zDK6Hco2tVGYGQeOmOPp/hZnREwy2iIkcq0ygAuqc9WHo29vKN94lNymh1QbB3nthtAMF6KTIrdbsIotA==",
"dev": true,
"requires": {
"uint8array-tools": "0.0.6"
diff --git a/package.json b/package.json
index dc93c53..c5553d5 100644
--- a/package.json
+++ b/package.json
@@ -73,7 +73,7 @@
"bn.js": "^4.11.8",
"bs58": "^4.0.0",
"dhttp": "^3.0.0",
- "ecpair": "^1.0.0",
+ "ecpair": "^2.0.1",
"hoodwink": "^2.0.0",
"minimaldata": "^1.0.2",
"mocha": "^7.1.1",
@@ -84,7 +84,7 @@
"randombytes": "^2.1.0",
"regtest-client": "0.2.0",
"rimraf": "^2.6.3",
- "tiny-secp256k1": "^2.1.1",
+ "tiny-secp256k1": "^2.1.2",
"ts-node": "^8.3.0",
"tslint": "^6.1.3",
"typescript": "^4.4.4"
diff --git a/test/integration/addresses.spec.ts b/test/integration/addresses.spec.ts
index 2b24ef5..d6e758b 100644
--- a/test/integration/addresses.spec.ts
+++ b/test/integration/addresses.spec.ts
@@ -1,8 +1,11 @@
import * as assert from 'assert';
-import { ECPair } from 'ecpair';
+import ECPairFactory from 'ecpair';
+import * as ecc from 'tiny-secp256k1';
import { describe, it } from 'mocha';
import * as bitcoin from '../..';
import { regtestUtils } from './_regtest';
+
+const ECPair = ECPairFactory(ecc);
const dhttp = regtestUtils.dhttp;
const TESTNET = bitcoin.networks.testnet;
diff --git a/test/integration/cltv.spec.ts b/test/integration/cltv.spec.ts
index c1a52de..04944eb 100644
--- a/test/integration/cltv.spec.ts
+++ b/test/integration/cltv.spec.ts
@@ -1,8 +1,11 @@
import * as assert from 'assert';
-import { ECPair } from 'ecpair';
+import ECPairFactory from 'ecpair';
+import * as ecc from 'tiny-secp256k1';
import { before, describe, it } from 'mocha';
import * as bitcoin from '../..';
import { regtestUtils } from './_regtest';
+
+const ECPair = ECPairFactory(ecc);
const regtest = regtestUtils.network;
const bip65 = require('bip65');
diff --git a/test/integration/csv.spec.ts b/test/integration/csv.spec.ts
index 9993d5c..742d68f 100644
--- a/test/integration/csv.spec.ts
+++ b/test/integration/csv.spec.ts
@@ -1,9 +1,12 @@
import * as assert from 'assert';
import { PsbtInput } from 'bip174/src/lib/interfaces';
-import { ECPair } from 'ecpair';
+import ECPairFactory from 'ecpair';
+import * as ecc from 'tiny-secp256k1';
import { before, describe, it } from 'mocha';
import * as bitcoin from '../..';
import { regtestUtils } from './_regtest';
+
+const ECPair = ECPairFactory(ecc);
const regtest = regtestUtils.network;
const bip68 = require('bip68');
const varuint = require('varuint-bitcoin');
diff --git a/test/integration/payments.spec.ts b/test/integration/payments.spec.ts
index ea7294e..d9d7fde 100644
--- a/test/integration/payments.spec.ts
+++ b/test/integration/payments.spec.ts
@@ -1,7 +1,10 @@
-import { ECPair } from 'ecpair';
+import ECPairFactory from 'ecpair';
+import * as ecc from 'tiny-secp256k1';
import { describe, it } from 'mocha';
import * as bitcoin from '../..';
import { regtestUtils } from './_regtest';
+
+const ECPair = ECPairFactory(ecc);
const NETWORK = regtestUtils.network;
const keyPairs = [
ECPair.makeRandom({ network: NETWORK }),
diff --git a/test/integration/transactions.spec.ts b/test/integration/transactions.spec.ts
index 51e44a0..ba7f2fe 100644
--- a/test/integration/transactions.spec.ts
+++ b/test/integration/transactions.spec.ts
@@ -1,10 +1,12 @@
import * as assert from 'assert';
import BIP32Factory from 'bip32';
import * as ecc from 'tiny-secp256k1';
-import { ECPair } from 'ecpair';
+import ECPairFactory from 'ecpair';
import { describe, it } from 'mocha';
import * as bitcoin from '../..';
import { regtestUtils } from './_regtest';
+
+const ECPair = ECPairFactory(ecc);
const rng = require('randombytes');
const regtest = regtestUtils.network;
const bip32 = BIP32Factory(ecc);
diff --git a/test/psbt.spec.ts b/test/psbt.spec.ts
index 32d81ba..f583e80 100644
--- a/test/psbt.spec.ts
+++ b/test/psbt.spec.ts
@@ -2,10 +2,11 @@ import * as assert from 'assert';
import BIP32Factory from 'bip32';
import * as ecc from 'tiny-secp256k1';
import * as crypto from 'crypto';
-import { ECPair } from 'ecpair';
+import ECPairFactory from 'ecpair';
import { describe, it } from 'mocha';
const bip32 = BIP32Factory(ecc);
+const ECPair = ECPairFactory(ecc);
import { networks as NETWORKS, payments, Psbt, Signer, SignerAsync } from '..';