UNPKG

@covenance/dlc

Version:

Crypto and Bitcoin functions for Covenance DLC implementation

207 lines (175 loc) 7.32 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
import { expect } from 'chai'; import { Transaction, Address, PrivateKey, Script, Networks } from '../../src/btc'; import { Point, utils } from '../../src/crypto/secp256k1'; import { signCetWithAdaptorSig, verifyCetAdaptorSig, verifyCetSignature, sigToTaprootBuf } from '../../src/cet/signature'; import { createCet } from '../../src/cet/transactions'; import { adaptSig } from '../../src/crypto/counterparty'; import { commitToEvent, attestEventOutcome } from '../../src'; describe('CET Signature', () => { let borrowerKey: PrivateKey; let lenderKey: PrivateKey; let borrowerAddress: Address; let lenderAddress: Address; let dlcUtxo: any; let cet: Transaction; let oraclePrivKey: Uint8Array; let oraclePubKey: Point; let eventOutcomeHashes: Uint8Array[]; before(async () => { // Generate test keys oraclePrivKey = utils.randomPrivateKey(); oraclePubKey = Point.fromPrivateKey(oraclePrivKey); borrowerKey = new PrivateKey(); lenderKey = new PrivateKey(); borrowerAddress = new Address(borrowerKey.toPublicKey(), Networks.testnet, 'taproot'); lenderAddress = new Address(lenderKey.toPublicKey(), Networks.testnet, 'taproot'); // Generate test event outcome hashes eventOutcomeHashes = [ new Uint8Array([1, 2, 3]), new Uint8Array([4, 5, 6]) ]; // Create mock DLC UTXO dlcUtxo = { txId: 'a'.repeat(64), outputIndex: 0, satoshis: 100000, // 0.001 BTC script: new Script('') }; cet = createCet(dlcUtxo, 60000, 40000, borrowerAddress, lenderAddress); }); describe('signCetWithAdaptorSig and verifyCetAdaptorSig', () => { it('should create and verify a valid adaptor signature', async () => { const { signaturePoints, nonce } = await commitToEvent(eventOutcomeHashes, oraclePubKey); const outcomeIndex = 0; const counterpartyPrivKey = utils.randomPrivateKey(); const counterpartyPubKey = Point.fromPrivateKey(counterpartyPrivKey); const adaptorSig = await signCetWithAdaptorSig( counterpartyPrivKey, signaturePoints[outcomeIndex], cet, 0, Buffer.from('') ); expect(adaptorSig).to.be.instanceOf(Object); expect(adaptorSig).to.have.property('R_prime'); expect(adaptorSig).to.have.property('s_prime'); expect(adaptorSig.R_prime).to.be.instanceOf(Point); expect(typeof adaptorSig.s_prime).to.equal('bigint'); const isAdaptorSigValid = await verifyCetAdaptorSig( adaptorSig, counterpartyPubKey, signaturePoints[outcomeIndex], cet, 0, Buffer.from('') ); expect(isAdaptorSigValid).to.be.true; const oracleSig = await attestEventOutcome( oraclePrivKey, nonce, eventOutcomeHashes[outcomeIndex] ); const completedSig = adaptSig(adaptorSig, oracleSig.s); const isValid = await verifyCetSignature(completedSig, counterpartyPubKey, cet, 0, Buffer.from('')); expect(isValid).to.be.true; }); it('should detect invalid completed signatures', async () => { const { signaturePoints, nonce } = await commitToEvent(eventOutcomeHashes, oraclePubKey); const outcomeIndex = 0; const counterpartyPrivKey = utils.randomPrivateKey(); const counterpartyPubKey = Point.fromPrivateKey(counterpartyPrivKey); const adaptorSig = await signCetWithAdaptorSig( counterpartyPrivKey, signaturePoints[outcomeIndex], cet, 0, Buffer.from('') ); const isAdaptorSigValid = await verifyCetAdaptorSig( adaptorSig, counterpartyPubKey, signaturePoints[outcomeIndex], cet, 0, Buffer.from('') ); expect(isAdaptorSigValid).to.be.true; const oracleSig = await attestEventOutcome( oraclePrivKey, nonce, eventOutcomeHashes[1] // Different outcome ); const completedSig = adaptSig(adaptorSig, oracleSig.s); const isValid = await verifyCetSignature(completedSig, counterpartyPubKey, cet, 0, Buffer.from('')); expect(isValid).to.be.false; }); it('should detect signatures for wrong messages', async () => { const { signaturePoints, nonce } = await commitToEvent(eventOutcomeHashes, oraclePubKey); const outcomeIndex = 0; const counterpartyPrivKey = utils.randomPrivateKey(); const counterpartyPubKey = Point.fromPrivateKey(counterpartyPrivKey); const adaptorSig = await signCetWithAdaptorSig( counterpartyPrivKey, signaturePoints[outcomeIndex], cet, 0, Buffer.from('') ); const isAdaptorSigValid = await verifyCetAdaptorSig( adaptorSig, counterpartyPubKey, signaturePoints[outcomeIndex], cet, 0, Buffer.from('') ); expect(isAdaptorSigValid).to.be.true; const oracleSig = await attestEventOutcome( oraclePrivKey, nonce, eventOutcomeHashes[outcomeIndex] ); const completedSig = adaptSig(adaptorSig, oracleSig.s); const differentCet = createCet(dlcUtxo, 70000, 30000, borrowerAddress, lenderAddress); const isValid = await verifyCetSignature(completedSig, counterpartyPubKey, differentCet, 0, Buffer.from('')); expect(isValid).to.be.false; }); }); describe('sigToTaprootBuf', () => { it('should correctly serialize a Taproot signature with default sighash', () => { // Test vector from BIP341 test cases const R = new Point( BigInt('0x8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983'), BigInt('0x78fd9f664e274c9c2a2744197da522fdf1e3aba999b318e2587be098d90d4533') ); const signature = { R, s: BigInt('0x8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983') }; const serialized = sigToTaprootBuf(signature); expect(serialized.length).to.equal(64); expect(Buffer.from(serialized.slice(0, 32)).toString('hex')) .to.equal('8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983'); expect(Buffer.from(serialized.slice(32, 64)).toString('hex')) .to.equal('8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983'); }); it('should correctly serialize a Taproot signature with custom sighash', () => { const R = new Point( BigInt('0x8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983'), BigInt('0x78fd9f664e274c9c2a2744197da522fdf1e3aba999b318e2587be098d90d4533') ); const signature = { R, s: BigInt('0x8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983') }; const sighash = 0x01; // SIGHASH_ALL const serialized = sigToTaprootBuf(signature, sighash); expect(serialized.length).to.equal(65); expect(Buffer.from(serialized.slice(0, 32)).toString('hex')) .to.equal('8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983'); expect(Buffer.from(serialized.slice(32, 64)).toString('hex')) .to.equal('8608a76e87a5be42162284e8d7efc6cf71470351b36e07914fd0cfcb7beae983'); expect(serialized[64]).to.equal(0x01); }); }); });