Merge pull request #8 from BoostyLabs/vs/signer_append

bitcoin/signer: SignTaprootMultiAppend implemented

Author: gutmann03

bitcoin/signer/signer.go

@@ -35,6 +35,16 @@ type SignTaprootMultiParams struct {
 	TapScriptPrivateKeys []*btcec.PrivateKey // holds private keys needed to unlock MultiSig tapScript. Key-spend path will be used in case of empty array.
 }
 
+// SignTaprootMultiAppendParams defines parameters for SignTaprootMultiAppend method.
+//
+// NOTE: TapScriptPrivateKey must be used in reverse order relatively to public keys in locking script!!!
+// See [SignTaprootMultiParams].
+type SignTaprootMultiAppendParams struct {
+	SerializedPSBT      []byte
+	Inputs              []int             // inputs indexes.
+	TapScriptPrivateKey *btcec.PrivateKey // holds the next private key needed to unlock MultiSig tapScript
+}
+
 // signTaprootInputParams defines parameters for signTaprootInput method.
 type signTaprootInputParams struct {
 	packet               *psbt.Packet
@@ -140,6 +150,16 @@ func (signer *Signer) SignTaprootMulti(params SignTaprootMultiParams) ([]byte, e
 	return w.Bytes(), nil
 }
 
+// SignTaprootMultiAppend appends provided psbt with signature taproot inputs by provided indexes using one (the next) private keys, returns updated serialized PSBT.
+// NOTE: See [SignTaprootMultiParams] comments for valid signature processing (the order must be the same).
+func (signer *Signer) SignTaprootMultiAppend(params SignTaprootMultiAppendParams) ([]byte, error) {
+	return signer.SignTaprootMulti(SignTaprootMultiParams{
+		SerializedPSBT:       params.SerializedPSBT,
+		Inputs:               params.Inputs,
+		TapScriptPrivateKeys: []*btcec.PrivateKey{params.TapScriptPrivateKey},
+	})
+}
+
 // signTaprootInput signs taproot input with or without witness script with provided private keys.
 func (signer *Signer) signTaprootInput(params signTaprootInputParams) error {
 	var (

bitcoin/signer/signer_test.go

@@ -154,15 +154,15 @@ func TestSignerMulti(t *testing.T) {
 	}
 
 	// INFO: Build MultiSig 4 of 4.
-	leafTapScript, err := utils.NewTaprootMultiSigLeafTapScript(tapScriptPrivateKey1, tapScriptPrivateKey2,
-		tapScriptPrivateKey3, tapScriptPrivateKey4)
+	leafTapScript, err := utils.NewTaprootMultiSigLeafTapScript(tapScriptPrivateKey1.PubKey(), tapScriptPrivateKey2.PubKey(),
+		tapScriptPrivateKey3.PubKey(), tapScriptPrivateKey4.PubKey())
 	require.NoErrorf(t, err, "leaf tapScript building")
 
 	leafTapScriptUnspendable, err := utils.NewUnspendableScript([]byte("really_unspendable_!")...)
 	require.NoErrorf(t, err, "leaf tapScript unspendable building")
 
 	// INFO: Generate Taproot address.
-	taprootAddress, err := utils.NewTaprootAddressFromScripts(chainParams, masterPrivateKey, leafTapScript, leafTapScriptUnspendable)
+	taprootAddress, err := utils.NewTaprootAddressFromScripts(chainParams, masterPrivateKey.PubKey(), leafTapScript, leafTapScriptUnspendable)
 	require.NoErrorf(t, err, "taproot address generation")
 
 	// INFO: Generate TapScript tree.
@@ -257,6 +257,127 @@ func TestSignerMulti(t *testing.T) {
 	}
 }
 
+func TestSignerMultiAppend(t *testing.T) {
+	chainParams := &chaincfg.MainNetParams
+	s := signer.NewSigner(chainParams)
+
+	var (
+		masterPrivateKey,
+		tapScriptPrivateKey1, tapScriptPrivateKey2,
+		tapScriptPrivateKey3, tapScriptPrivateKey4,
+		invalidPrivateKey1, invalidPrivateKey2 *btcec.PrivateKey
+		err error
+	)
+	for _, privateKeyP := range []**btcec.PrivateKey{
+		&masterPrivateKey, &tapScriptPrivateKey1, &tapScriptPrivateKey2,
+		&tapScriptPrivateKey3, &tapScriptPrivateKey4, &invalidPrivateKey1, &invalidPrivateKey2,
+	} {
+		*privateKeyP, err = btcec.NewPrivateKey()
+		require.NoError(t, err)
+	}
+
+	// INFO: Build MultiSig 4 of 4.
+	leafTapScript, err := utils.NewTaprootMultiSigLeafTapScript(tapScriptPrivateKey1.PubKey(), tapScriptPrivateKey2.PubKey(),
+		tapScriptPrivateKey3.PubKey(), tapScriptPrivateKey4.PubKey())
+	require.NoErrorf(t, err, "leaf tapScript building")
+
+	leafTapScriptUnspendable, err := utils.NewUnspendableScript([]byte("really_unspendable_!")...)
+	require.NoErrorf(t, err, "leaf tapScript unspendable building")
+
+	// INFO: Generate Taproot address.
+	taprootAddress, err := utils.NewTaprootAddressFromScripts(chainParams, masterPrivateKey.PubKey(), leafTapScript, leafTapScriptUnspendable)
+	require.NoErrorf(t, err, "taproot address generation")
+
+	// INFO: Generate TapScript tree.
+	tapScriptTree, err := utils.NewTapScriptTreeFromRawScripts(leafTapScript, leafTapScriptUnspendable)
+	require.NoErrorf(t, err, "tapScript tree generation")
+
+	invalidTapScriptTree, err := utils.NewTapScriptTreeFromRawScripts(leafTapScript)
+	require.NoErrorf(t, err, "tapScript tree invalid generation")
+
+	masterPublicKeyXOnly := masterPrivateKey.PubKey().SerializeCompressed()[1:]
+
+	tests := []struct {
+		name                 string
+		tapScriptPrivateKeys []*btcec.PrivateKey
+		tapScriptTree        *txscript.IndexedTapScriptTree
+		err                  error
+	}{
+		{
+			name:                 "valid 4 of 4 signature",
+			tapScriptPrivateKeys: []*btcec.PrivateKey{tapScriptPrivateKey4, tapScriptPrivateKey3, tapScriptPrivateKey2, tapScriptPrivateKey1},
+			tapScriptTree:        tapScriptTree,
+		},
+		{
+			name:                 "not enough signatures (3 of 4 private keys for leaf signatures)",
+			tapScriptPrivateKeys: []*btcec.PrivateKey{tapScriptPrivateKey3, tapScriptPrivateKey2, tapScriptPrivateKey1},
+			tapScriptTree:        tapScriptTree,
+			err:                  txscript.Error{ErrorCode: txscript.ErrInvalidStackOperation, Description: "index 0 is invalid for stack size 0"},
+		},
+		{
+			name:                 "private keys invalid order",
+			tapScriptPrivateKeys: []*btcec.PrivateKey{tapScriptPrivateKey1, tapScriptPrivateKey2, tapScriptPrivateKey3, tapScriptPrivateKey4},
+			tapScriptTree:        tapScriptTree,
+			err:                  txscript.Error{ErrorCode: txscript.ErrNullFail, Description: "signature not empty on failed checksig"},
+		},
+		{
+			name:                 "invalid leaf keys",
+			tapScriptPrivateKeys: []*btcec.PrivateKey{invalidPrivateKey1, tapScriptPrivateKey3, tapScriptPrivateKey2, invalidPrivateKey2},
+			tapScriptTree:        tapScriptTree,
+			err:                  txscript.Error{ErrorCode: txscript.ErrNullFail, Description: "signature not empty on failed checksig"},
+		},
+		{
+			name:                 "unable to unlock by script spend path without correct script tree",
+			tapScriptPrivateKeys: []*btcec.PrivateKey{tapScriptPrivateKey4, tapScriptPrivateKey3, tapScriptPrivateKey2, tapScriptPrivateKey1},
+			err:                  txscript.Error{ErrorCode: txscript.ErrTaprootMerkleProofInvalid},
+		},
+		{
+			name:                 "unable to unlock by script spend path with incorrect script tree",
+			tapScriptPrivateKeys: []*btcec.PrivateKey{tapScriptPrivateKey4, tapScriptPrivateKey3, tapScriptPrivateKey2, tapScriptPrivateKey1},
+			tapScriptTree:        invalidTapScriptTree,
+			err:                  txscript.Error{ErrorCode: txscript.ErrTaprootMerkleProofInvalid},
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			var signedPSBTs [2][]byte
+			t.Run("group signature", func(t *testing.T) {
+				packetBytes := prepareTxPacketBytes(t, taprootAddress, masterPublicKeyXOnly, leafTapScript, test.tapScriptTree)
+
+				signedPSBTs[0], err = s.SignTaprootMulti(signer.SignTaprootMultiParams{
+					SerializedPSBT:       packetBytes,
+					Inputs:               []int{0},
+					TapScriptPrivateKeys: test.tapScriptPrivateKeys,
+				})
+				require.NoError(t, err)
+
+				err = prepareMultiSigEngine(t, signedPSBTs[0]).Execute()
+				require.ErrorIs(t, err, test.err)
+			})
+
+			t.Run("append signature", func(t *testing.T) {
+				packetBytes := prepareTxPacketBytes(t, taprootAddress, masterPublicKeyXOnly, leafTapScript, test.tapScriptTree)
+
+				signParams := signer.SignTaprootMultiAppendParams{
+					SerializedPSBT: packetBytes,
+					Inputs:         []int{0},
+				}
+				for _, tapScriptPrivateKey := range test.tapScriptPrivateKeys {
+					signParams.TapScriptPrivateKey = tapScriptPrivateKey
+					signParams.SerializedPSBT, err = s.SignTaprootMultiAppend(signParams)
+					require.NoError(t, err)
+				}
+
+				signedPSBTs[1] = signParams.SerializedPSBT
+				err = prepareMultiSigEngine(t, signedPSBTs[1]).Execute()
+				require.ErrorIs(t, err, test.err)
+			})
+
+			require.EqualValues(t, signedPSBTs[0], signedPSBTs[1])
+		})
+	}
+}
+
 func mustHex(s string) []byte {
 	b, _ := hex.DecodeString(s)
 

bitcoin/txbuilder/insufficienterror.go

@@ -8,8 +8,10 @@ import (
 	"math/big"
 )
 
+// BalanceErrorType defines currency specification type for balance errors.
 type BalanceErrorType string
 
+// CauserSign defines causer specification type for balances errors.
 type CauserSign string
 
 const (

bitcoin/txbuilder/txbuilder.go

@@ -47,7 +47,7 @@ var (
 	nonDustBitcoinAmount = big.NewInt(546)
 )
 
-// NonDustBitcoinAmount provides public usage of variable nonDustBitcoinAmount
+// NonDustBitcoinAmount provides public usage of variable nonDustBitcoinAmount.
 func NonDustBitcoinAmount() *big.Int { return big.NewInt(546) }
 
 const (

bitcoin/utils/addresses.go

@@ -13,18 +13,18 @@ import (
 
 // NewTaprootAddressWithMultiSig generates taproot address with one leaf tapScript that holds multi-sig locking script build on provided privateKeys.
 // NOTE: At least 2 private keys for multi-sig script generation is required.
-func NewTaprootAddressWithMultiSig(chainParams *chaincfg.Params, masterPrivateKey *btcec.PrivateKey, privateKeys ...*btcec.PrivateKey) (*btcutil.AddressTaproot, error) {
-	leafTapScript, err := NewTaprootMultiSigLeafTapScript(privateKeys...)
+func NewTaprootAddressWithMultiSig(chainParams *chaincfg.Params, masterPublicKey *btcec.PublicKey, publicKeys ...*btcec.PublicKey) (*btcutil.AddressTaproot, error) {
+	leafTapScript, err := NewTaprootMultiSigLeafTapScript(publicKeys...)
 	if err != nil {
 		return nil, err
 	}
 
-	return NewTaprootAddressFromScripts(chainParams, masterPrivateKey, leafTapScript)
+	return NewTaprootAddressFromScripts(chainParams, masterPublicKey, leafTapScript)
 }
 
 // MustTaprootAddressWithMultiSig uses NewTaprootAddressWithMultiSig, panics in case of error.
-func MustTaprootAddressWithMultiSig(chainParams *chaincfg.Params, masterPrivateKey *btcec.PrivateKey, privateKeys ...*btcec.PrivateKey) *btcutil.AddressTaproot {
-	address, err := NewTaprootAddressWithMultiSig(chainParams, masterPrivateKey, privateKeys...)
+func MustTaprootAddressWithMultiSig(chainParams *chaincfg.Params, masterPublicKey *btcec.PublicKey, publicKeys ...*btcec.PublicKey) *btcutil.AddressTaproot {
+	address, err := NewTaprootAddressWithMultiSig(chainParams, masterPublicKey, publicKeys...)
 	if err != nil {
 		panic(err)
 	}
@@ -33,21 +33,21 @@ func MustTaprootAddressWithMultiSig(chainParams *chaincfg.Params, masterPrivateK
 }
 
 // NewTaprootAddressFromScripts generates taproot address with tree built from provided leaf scripts.
-func NewTaprootAddressFromScripts(chainParams *chaincfg.Params, masterPrivateKey *btcec.PrivateKey, leafScripts ...[]byte) (*btcutil.AddressTaproot, error) {
+func NewTaprootAddressFromScripts(chainParams *chaincfg.Params, masterPublicKey *btcec.PublicKey, leafScripts ...[]byte) (*btcutil.AddressTaproot, error) {
 	tapScriptTree, err := NewTapScriptTreeFromRawScripts(leafScripts...)
 	if err != nil {
 		return nil, err
 	}
 
 	tapScriptRootHash := tapScriptTree.RootNode.TapHash()
-	outputKey := txscript.ComputeTaprootOutputKey(masterPrivateKey.PubKey(), tapScriptRootHash[:])
+	outputKey := txscript.ComputeTaprootOutputKey(masterPublicKey, tapScriptRootHash[:])
 
 	return btcutil.NewAddressTaproot(schnorr.SerializePubKey(outputKey), chainParams)
 }
 
 // MustTaprootAddressFromScripts uses NewTaprootAddressFromScripts, panics in case of error.
-func MustTaprootAddressFromScripts(chainParams *chaincfg.Params, masterPrivateKey *btcec.PrivateKey, leafScripts ...[]byte) *btcutil.AddressTaproot {
-	address, err := NewTaprootAddressFromScripts(chainParams, masterPrivateKey, leafScripts...)
+func MustTaprootAddressFromScripts(chainParams *chaincfg.Params, masterPublicKey *btcec.PublicKey, leafScripts ...[]byte) *btcutil.AddressTaproot {
+	address, err := NewTaprootAddressFromScripts(chainParams, masterPublicKey, leafScripts...)
 	if err != nil {
 		panic(err)
 	}

bitcoin/utils/scripts.go

@@ -13,36 +13,38 @@ import (
 )
 
 // NewTaprootMultiSigLeafTapScript generates N of N multi-sig locking script for taproot leaf.
+//
 // INFO: Script will have the next format: {<pubKey1> OP_CHECKSIG [<pubKey2> OP_CHECKSIG_ADD [<pubKey3> OP_CHECKSIG_ADD ...]] <signListSize> OP_EQUAL}.
-// NOTE: At least 2 private keys for multi-sig script generation is required.
-func NewTaprootMultiSigLeafTapScript(privateKeys ...*btcec.PrivateKey) ([]byte, error) {
-	if len(privateKeys) < 2 {
-		return nil, errors.New("at least 2 private keys are required")
+//
+// NOTE: At least 2 keys for multi-sig script generation is required.
+func NewTaprootMultiSigLeafTapScript(keys ...*btcec.PublicKey) ([]byte, error) {
+	if len(keys) < 2 {
+		return nil, errors.New("at least 2 keys are required")
 	}
-	if len(privateKeys) > 999 {
-		return nil, errors.New("max allowed private keys: 999")
+	if len(keys) > 999 {
+		return nil, errors.New("max allowed keys: 999")
 	}
 
 	checkSigOp := byte(txscript.OP_CHECKSIG)
 	scriptBuilder := txscript.NewScriptBuilder()
-	for i, privateKey := range privateKeys {
+	for i, key := range keys {
 		scriptBuilder.
-			AddData(privateKey.PubKey().SerializeCompressed()[1:]).
+			AddData(key.SerializeCompressed()[1:]).
 			AddOp(checkSigOp)
 		if i == 0 {
 			checkSigOp = txscript.OP_CHECKSIGADD
 		}
 	}
 
 	return scriptBuilder.
-		AddInt64(int64(len(privateKeys))).
+		AddInt64(int64(len(keys))).
 		AddOp(txscript.OP_EQUAL).
 		Script()
 }
 
 // MustTaprootMultiSigLeafTapScript uses NewTaprootMultiSigLeafTapScript, panics in case of error.
-func MustTaprootMultiSigLeafTapScript(privateKeys ...*btcec.PrivateKey) []byte {
-	script, err := NewTaprootMultiSigLeafTapScript(privateKeys...)
+func MustTaprootMultiSigLeafTapScript(keys ...*btcec.PublicKey) []byte {
+	script, err := NewTaprootMultiSigLeafTapScript(keys...)
 	if err != nil {
 		panic(err)
 	}