poolscript

package
v0.6.4-beta Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 5, 2023 License: MIT Imports: 15 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// VersionWitnessScript is the legacy script version that used a single
	// p2wsh script for both spend paths.
	VersionWitnessScript Version = 0

	// VersionTaprootMuSig2 is the script version that uses a MuSig2
	// combined key of the auctioneer's and trader's public keys as the
	// internal key and a single script leaf of the expiry path as the
	// taproot script tree merkle root.
	VersionTaprootMuSig2 Version = 1

	// VersionTaprootMuSig2V100RC2 is the script version that uses the
	// MuSig2 protocol v1.0.0-rc2 for creating the MuSig2 combined internal
	// key but is otherwise identical to VersionTaprootMuSig2.
	VersionTaprootMuSig2V100RC2 Version = 2

	// AccountKeyFamily is the key family used to derive keys which will be
	// used in the 2 of 2 multi-sig construction of a CLM account.
	AccountKeyFamily keychain.KeyFamily = 220

	// MaxWitnessSigLen is the maximum length of a DER encoded signature and
	// is when both R and S are 33 bytes each and the sighash flag is
	// appended to it. R and S can be 33 bytes because a 256-bit integer
	// requires 32 bytes and an additional leading null byte might be
	// required if the high bit is set in the value.
	//
	// 0x30 + <1-byte> + 0x02 + 0x21 + <33 bytes> + 0x2 + 0x21 + <33 bytes>.
	MaxWitnessSigLen = 72 + 1

	// AccountWitnessScriptSize evaluates to 79 bytes:
	//	- OP_DATA: 1 byte (trader_key length)
	//	- <trader_key>: 33 bytes
	//	- OP_CHECKSIGVERIFY: 1 byte
	//	- OP_DATA: 1 byte (auctioneer_key length)
	//	- <auctioneer_key>: 33 bytes
	//	- OP_CHECKSIG: 1 byte
	//	- OP_IFDUP: 1 byte
	//	- OP_NOTIF: 1 byte
	//	- OP_DATA: 1 byte (account_expiry length)
	//	- <account_expiry>: 4 bytes
	//	- OP_CHECKLOCKTIMEVERIFY: 1 byte
	//	- OP_ENDIF: 1 byte
	AccountWitnessScriptSize = 1 + 33 + 1 + 1 + 33 + 1 + 1 + 1 + 1 + 4 + 1 + 1

	// MultiSigWitnessSize evaluates to 227 bytes:
	//	- num_witness_elements: 1 byte
	//	- trader_sig_varint_len: 1 byte
	//	- <trader_sig>: 73 bytes
	//	- auctioneer_sig_varint_len: 1 byte
	//	- <auctioneer_sig>: 73 bytes
	//	- witness_script_varint_len: 1 byte
	//	- <witness_script>: 79 bytes
	MultiSigWitnessSize = 1 + 1 + MaxWitnessSigLen + 1 + MaxWitnessSigLen +
		1 + AccountWitnessScriptSize

	// ExpiryWitnessSize evaluates to 154 bytes:
	//	- num_witness_elements: 1 byte
	//	- trader_sig_varint_len: 1 byte (trader_sig length)
	//	- <trader_sig>: 73 bytes
	//	- witness_script_varint_len: 1 byte (nil length)
	//	- <witness_script>: 79 bytes
	ExpiryWitnessSize = 1 + 1 + MaxWitnessSigLen +
		1 + AccountWitnessScriptSize

	// TaprootMultiSigWitnessSize evaluates to 66 bytes:
	//	- num_witness_elements: 1 byte
	//	- sig_varint_len: 1 byte
	//	- <sig>: 64 bytes
	TaprootMultiSigWitnessSize = 1 + 1 + 64

	// TaprootExpiryScriptSize evaluates to 39 bytes:
	//	- OP_DATA: 1 byte (trader_key length)
	//	- <trader_key>: 32 bytes
	//	- OP_CHECKSIGVERIFY: 1 byte
	//	- <account_expiry>: 4 bytes
	//	- OP_CHECKLOCKTIMEVERIFY: 1 byte
	TaprootExpiryScriptSize = 1 + 32 + 1 + 4 + 1

	// TaprootExpiryWitnessSize evaluates to 140 bytes:
	//	- num_witness_elements: 1 byte
	//	- trader_sig_varint_len: 1 byte (trader_sig length)
	//	- <trader_sig>: 64 bytes
	//	- witness_script_varint_len: 1 byte (script length)
	//	- <witness_script>: 39 bytes
	//	- control_block_varint_len: 1 byte (control block length)
	//	- <control_block>: 33 bytes
	TaprootExpiryWitnessSize = 1 + 1 + 64 + 1 + TaprootExpiryScriptSize + 1 + 33
)
View Source 
const Subsystem = "SCRP"

Variables

This section is empty.

Functions

func AccountScript 

func AccountScript(version Version, expiry uint32, traderKey, auctioneerKey,
	batchKey *btcec.PublicKey, secret [32]byte) ([]byte, error)

AccountScript returns the output script of an account on-chain.

For version 0 (p2wsh) this returns the hash of the following script: 

<trader_key> OP_CHECKSIGVERIFY
<auctioneer_key> OP_CHECKSIG OP_IFDUP OP_NOTIF
        <account_expiry> OP_CHECKLOCKTIMEVERIFY
OP_ENDIF

For version 1 (p2tr) this returns the taproot key of a MuSig2 combined key of the auctioneer's and trader's public keys as the internal key, tweaked with the hash of a single script leaf that has the following script: <trader_key> OP_CHECKSIGVERIFY <account_expiry> OP_CHECKLOCKTIMEVERIFY.

func AccountWitnessScript 

func AccountWitnessScript(expiry uint32, traderKey, auctioneerKey,
	batchKey *btcec.PublicKey, secret [32]byte) ([]byte, error)

AccountWitnessScript returns the witness script of an account.

func AuctioneerKeyTweak 

func AuctioneerKeyTweak(traderKey, auctioneerKey, batchKey *btcec.PublicKey,
	secret [32]byte) []byte

AuctioneerKeyTweak computes the tweak based on the tweaked trader's key that should be applied to an account's auctioneer base key. The tweak is computed as the following: 

traderKeyTweak = sha256(batchKey || secret || traderKey)
tweakedTraderKey = (traderKey + traderKeyTweak) * G
auctioneerKeyTweak = sha256(tweakedTraderKey || auctioneerKey)

func DecrementKey 

func DecrementKey(pubKey *btcec.PublicKey) *btcec.PublicKey

DecrementKey is the opposite of IncrementKey, it "subtracts one" from the current key to arrive at the key used before the IncrementKey operation.

func IncludesPreviousOutPoint 

func IncludesPreviousOutPoint(tx *wire.MsgTx, output wire.OutPoint) bool

IncludesPreviousOutPoint determines whether a transaction includes a given OutPoint as a txIn PreviousOutpoint.

func IncrementKey 

func IncrementKey(pubKey *btcec.PublicKey) *btcec.PublicKey

IncrementKey increments the given key by the backing curve's base point.

func IsExpirySpend 

func IsExpirySpend(witness wire.TxWitness) bool

IsExpirySpend determines whether the provided witness corresponds to the expiration script path of an account.

func IsMultiSigSpend 

func IsMultiSigSpend(witness wire.TxWitness) bool

IsMultiSigSpend determines whether the provided witness corresponds to the multi-sig script path of an account.

func IsTaprootExpirySpend 

func IsTaprootExpirySpend(witness wire.TxWitness) bool

IsTaprootExpirySpend determines whether the provided witness corresponds to the expiration script path of a Taproot enabled (version 1) account.

func IsTaprootMultiSigSpend 

func IsTaprootMultiSigSpend(witness wire.TxWitness) bool

IsTaprootMultiSigSpend determines whether the provided witness corresponds to the MuSig2 multi-sig key spend path of a Taproot enabled (version 1) account.

func LocateOutputScript 

func LocateOutputScript(tx *wire.MsgTx, script []byte) (uint32, bool)

LocateOutputScript determines whether a transaction includes an output with a specific script. If it does, the output index is returned.

func MatchPreviousOutPoint 

func MatchPreviousOutPoint(op wire.OutPoint, txs []*wire.MsgTx) (*wire.MsgTx,
	bool)

MatchPreviousOutPoint determines whether or not a PreviousOutPoint appears in any of the provided transactions.

func SpendExpiry 

func SpendExpiry(witnessScript, traderSig []byte) wire.TxWitness

SpendExpiry returns the witness required to spend an account through the expiration script path.

func SpendExpiryTaproot 

func SpendExpiryTaproot(witnessScript, traderSig,
	serializedControlBlock []byte) wire.TxWitness

SpendExpiryTaproot returns the witness required to spend an account through the expiration script path of a tapscript spend.

func SpendMuSig2Taproot 

func SpendMuSig2Taproot(combinedSig []byte) wire.TxWitness

SpendMuSig2Taproot returns the witness required to spend an account through the internal key which is a MuSig2 combined key that requires a single Schnorr signature.

func SpendMultiSig 

func SpendMultiSig(witnessScript, traderSig, auctioneerSig []byte) wire.TxWitness

SpendMultiSig returns the witness required to spend an account through the multi-sig script path.

func TaprootExpiryScript 

func TaprootExpiryScript(expiry uint32, traderKey, batchKey *btcec.PublicKey,
	secret [32]byte) (*txscript.TapLeaf, error)

TaprootExpiryScript returns the leaf script of the expiry script path.

<trader_key> OP_CHECKSIGVERIFY <account_expiry> OP_CHECKLOCKTIMEVERIFY.

func TaprootKey 

func TaprootKey(scriptVersion Version, expiry uint32, traderKey, auctioneerKey,
	batchKey *btcec.PublicKey, secret [32]byte) (*musig2.AggregateKey,
	*txscript.TapLeaf, error)

TaprootKey returns the aggregated MuSig2 combined internal key and the tweaked Taproot key of an account output, as well as the expiry script tap leaf.

func TaprootMuSig2Sign 

func TaprootMuSig2Sign(ctx context.Context, inputIdx int,
	sessionInfo *input.MuSig2SessionInfo, signer lndclient.SignerClient,
	spendTx *wire.MsgTx, previousOutputs []*wire.TxOut,
	remoteNonces *MuSig2Nonces,
	remotePartialSig *[input.MuSig2PartialSigSize]byte) ([]byte, error)

TaprootMuSig2Sign creates a partial MuSig2 signature for a Taproot account spend. If remoteSigs is not empty, we expect to be the second (and last) signer and will also attempt to combine the signatures. The return value in that case is the full, final signature instead of the partial signature.

func TaprootMuSig2SigningSession 

func TaprootMuSig2SigningSession(ctx context.Context, version Version,
	expiry uint32, traderKey, batchKey *btcec.PublicKey,
	sharedSecret [32]byte, auctioneerKey *btcec.PublicKey,
	signer lndclient.SignerClient, localKeyLocator *keychain.KeyLocator,
	remoteNonces *MuSig2Nonces) (*input.MuSig2SessionInfo, func(), error)

TaprootMuSig2SigningSession creates a MuSig2 signing session for a Taproot account spend.

func TraderKeyTweak 

func TraderKeyTweak(batchKey *btcec.PublicKey, secret [32]byte,
	traderKey *btcec.PublicKey) []byte

TraderKeyTweak computes the tweak based on the current per-batch key and shared secret that should be applied to an account's base trader key. The tweak is computed as the following: 

tweak = sha256(batchKey || secret || traderKey)

func UseLogger 

func UseLogger(logger btclog.Logger)

UseLogger uses a specified Logger to output package logging info. This should be used in preference to SetLogWriter if the caller is also using btclog.

Types

type MuSig2Nonces 

type MuSig2Nonces [musig2.PubNonceSize]byte

MuSig2Nonces is a type for a MuSig2 nonce pair (2 times 33-byte).

type RecoveryHelper 

type RecoveryHelper struct {
	// TraderKey is the trader's public key.
	TraderKey *btcec.PublicKey

	// AuctioneerKey is the auctioneer's public key.
	AuctioneerKey *btcec.PublicKey

	// BatchKey is the current batch key.
	BatchKey *btcec.PublicKey

	// Secret is the shared secret between trader and auctioneer.
	Secret [32]byte
	// contains filtered or unexported fields
}

RecoveryHelper is a type that helps speed up account recovery by caching the tweaked trader and auctioneer keys for faster script lookups.

func (*RecoveryHelper) LocateAnyOutput 

func (r *RecoveryHelper) LocateAnyOutput(expiry uint32,
	txns []*wire.MsgTx) (*wire.MsgTx, uint32, bool, error)

LocateAnyOutput looks for an account output in and of the given transactions that corresponds to a script derived with the current settings of the helper and the given account expiry.

func (*RecoveryHelper) LocateOutput 

func (r *RecoveryHelper) LocateOutput(expiry uint32, tx *wire.MsgTx) (uint32,
	bool, error)

LocateOutput looks for an account output in the given transaction that corresponds to a script derived with the current settings of the helper and the given account expiry.

func (*RecoveryHelper) NextAccount 

func (r *RecoveryHelper) NextAccount(traderKey *btcec.PublicKey,
	secret [32]byte)

NextAccount sets a fresh trader key and secret, then re-calculates the tweaked keys.

func (*RecoveryHelper) NextBatchKey 

func (r *RecoveryHelper) NextBatchKey()

NextBatchKey increments the currently used batch key and re-calculates the tweaked keys.

type Version 

type Version uint8

Version represents the type of Pool account script that is used for either the trader or auctioneer accounts.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.