1 | var baddress = require('./address')
|
2 | var bcrypto = require('./crypto')
|
3 | var bscript = require('./script')
|
4 | var bufferReverse = require('buffer-reverse')
|
5 | var networks = require('./networks')
|
6 | var ops = require('./opcodes.json')
|
7 | var typeforce = require('typeforce')
|
8 | var types = require('./types')
|
9 |
|
10 | var ECPair = require('./ecpair')
|
11 | var ECSignature = require('./ecsignature')
|
12 | var Transaction = require('./transaction')
|
13 |
|
14 |
|
15 |
|
16 | function expandInput (scriptSig, redeemScript) {
|
17 | var scriptSigChunks = bscript.decompile(scriptSig)
|
18 | var prevOutType = bscript.classifyInput(scriptSigChunks, true)
|
19 | var pubKeys, signatures, prevOutScript
|
20 |
|
21 | switch (prevOutType) {
|
22 | case 'scripthash':
|
23 |
|
24 | if (redeemScript) throw new Error('Recursive P2SH script')
|
25 |
|
26 | var redeemScriptSig = scriptSigChunks.slice(0, -1)
|
27 | redeemScript = scriptSigChunks[scriptSigChunks.length - 1]
|
28 |
|
29 | var result = expandInput(redeemScriptSig, redeemScript)
|
30 | result.redeemScript = redeemScript
|
31 | result.redeemScriptType = result.prevOutType
|
32 | result.prevOutScript = bscript.scriptHashOutput(bcrypto.hash160(redeemScript))
|
33 | result.prevOutType = 'scripthash'
|
34 | return result
|
35 |
|
36 | case 'pubkeyhash':
|
37 |
|
38 | pubKeys = scriptSigChunks.slice(1)
|
39 | signatures = scriptSigChunks.slice(0, 1)
|
40 |
|
41 | if (redeemScript) break
|
42 | prevOutScript = bscript.pubKeyHashOutput(bcrypto.hash160(pubKeys[0]))
|
43 | break
|
44 |
|
45 | case 'pubkey':
|
46 | if (redeemScript) {
|
47 | pubKeys = bscript.decompile(redeemScript).slice(0, 1)
|
48 | }
|
49 |
|
50 | signatures = scriptSigChunks.slice(0, 1)
|
51 | break
|
52 |
|
53 | case 'multisig':
|
54 | if (redeemScript) {
|
55 | pubKeys = bscript.decompile(redeemScript).slice(1, -2)
|
56 | }
|
57 |
|
58 | signatures = scriptSigChunks.slice(1).map(function (chunk) {
|
59 | return chunk === ops.OP_0 ? undefined : chunk
|
60 | })
|
61 | break
|
62 | }
|
63 |
|
64 | return {
|
65 | pubKeys: pubKeys,
|
66 | signatures: signatures,
|
67 | prevOutScript: prevOutScript,
|
68 | prevOutType: prevOutType
|
69 | }
|
70 | }
|
71 |
|
72 |
|
73 | function fixMultisigOrder (input, transaction, vin) {
|
74 | if (input.redeemScriptType !== 'multisig' || !input.redeemScript) return
|
75 | if (input.pubKeys.length === input.signatures.length) return
|
76 |
|
77 | var unmatched = input.signatures.concat()
|
78 |
|
79 | input.signatures = input.pubKeys.map(function (pubKey, y) {
|
80 | var keyPair = ECPair.fromPublicKeyBuffer(pubKey)
|
81 | var match
|
82 |
|
83 |
|
84 | unmatched.some(function (signature, i) {
|
85 |
|
86 | if (!signature) return false
|
87 |
|
88 |
|
89 | var parsed = ECSignature.parseScriptSignature(signature)
|
90 | var hash = transaction.hashForSignature(vin, input.redeemScript, parsed.hashType)
|
91 |
|
92 |
|
93 | if (!keyPair.verify(hash, parsed.signature)) return false
|
94 |
|
95 |
|
96 | unmatched[i] = undefined
|
97 | match = signature
|
98 |
|
99 | return true
|
100 | })
|
101 |
|
102 | return match
|
103 | })
|
104 | }
|
105 |
|
106 | function expandOutput (script, scriptType, ourPubKey) {
|
107 | typeforce(types.Buffer, script)
|
108 |
|
109 | var scriptChunks = bscript.decompile(script)
|
110 | if (!scriptType) {
|
111 | scriptType = bscript.classifyOutput(scriptChunks)
|
112 | }
|
113 |
|
114 | var pubKeys = []
|
115 |
|
116 | switch (scriptType) {
|
117 |
|
118 | case 'pubkeyhash':
|
119 | if (!ourPubKey) break
|
120 |
|
121 | var pkh1 = scriptChunks[2]
|
122 | var pkh2 = bcrypto.hash160(ourPubKey)
|
123 | if (pkh1.equals(pkh2)) pubKeys = [ourPubKey]
|
124 | break
|
125 |
|
126 | case 'pubkey':
|
127 | pubKeys = scriptChunks.slice(0, 1)
|
128 | break
|
129 |
|
130 | case 'multisig':
|
131 | pubKeys = scriptChunks.slice(1, -2)
|
132 | break
|
133 |
|
134 | default: return { scriptType: scriptType }
|
135 | }
|
136 |
|
137 | return {
|
138 | pubKeys: pubKeys,
|
139 | scriptType: scriptType,
|
140 | signatures: pubKeys.map(function () { return undefined })
|
141 | }
|
142 | }
|
143 |
|
144 | function prepareInput (input, kpPubKey, redeemScript) {
|
145 | if (redeemScript) {
|
146 | var redeemScriptHash = bcrypto.hash160(redeemScript)
|
147 |
|
148 |
|
149 |
|
150 | if (input.prevOutType) {
|
151 | if (input.prevOutType !== 'scripthash') throw new Error('PrevOutScript must be P2SH')
|
152 |
|
153 | var prevOutScriptScriptHash = bscript.decompile(input.prevOutScript)[1]
|
154 | if (!prevOutScriptScriptHash.equals(redeemScriptHash)) throw new Error('Inconsistent hash160(RedeemScript)')
|
155 | }
|
156 |
|
157 | var expanded = expandOutput(redeemScript, undefined, kpPubKey)
|
158 | if (!expanded.pubKeys) throw new Error('RedeemScript not supported "' + bscript.toASM(redeemScript) + '"')
|
159 |
|
160 | input.pubKeys = expanded.pubKeys
|
161 | input.signatures = expanded.signatures
|
162 | input.redeemScript = redeemScript
|
163 | input.redeemScriptType = expanded.scriptType
|
164 | input.prevOutScript = input.prevOutScript || bscript.scriptHashOutput(redeemScriptHash)
|
165 | input.prevOutType = 'scripthash'
|
166 |
|
167 |
|
168 | } else if (input.prevOutType) {
|
169 |
|
170 | if (input.prevOutType === 'scripthash') throw new Error('PrevOutScript is P2SH, missing redeemScript')
|
171 |
|
172 |
|
173 | expanded = expandOutput(input.prevOutScript, input.prevOutType, kpPubKey)
|
174 | if (!expanded.pubKeys) return
|
175 |
|
176 | input.pubKeys = expanded.pubKeys
|
177 | input.signatures = expanded.signatures
|
178 |
|
179 |
|
180 | } else {
|
181 | input.prevOutScript = bscript.pubKeyHashOutput(bcrypto.hash160(kpPubKey))
|
182 | input.prevOutType = 'pubkeyhash'
|
183 | input.pubKeys = [kpPubKey]
|
184 | input.signatures = [undefined]
|
185 | }
|
186 | }
|
187 |
|
188 | function buildInput (input, allowIncomplete) {
|
189 | var signatures = input.signatures
|
190 | var scriptType = input.redeemScriptType || input.prevOutType
|
191 | var scriptSig
|
192 |
|
193 | switch (scriptType) {
|
194 | case 'pubkeyhash':
|
195 | case 'pubkey':
|
196 | if (signatures.length < 1 || !signatures[0]) throw new Error('Not enough signatures provided')
|
197 | if (scriptType === 'pubkeyhash') {
|
198 | scriptSig = bscript.pubKeyHashInput(signatures[0], input.pubKeys[0])
|
199 | } else {
|
200 | scriptSig = bscript.pubKeyInput(signatures[0])
|
201 | }
|
202 |
|
203 | break
|
204 |
|
205 |
|
206 | case 'multisig':
|
207 | signatures = signatures.map(function (signature) {
|
208 | return signature || ops.OP_0
|
209 | })
|
210 |
|
211 | if (!allowIncomplete) {
|
212 |
|
213 | signatures = signatures.filter(function (x) { return x !== ops.OP_0 })
|
214 | }
|
215 |
|
216 | scriptSig = bscript.multisigInput(signatures, allowIncomplete ? undefined : input.redeemScript)
|
217 | break
|
218 |
|
219 | default: return
|
220 | }
|
221 |
|
222 |
|
223 | if (input.prevOutType === 'scripthash') {
|
224 | scriptSig = bscript.scriptHashInput(scriptSig, input.redeemScript)
|
225 | }
|
226 |
|
227 | return scriptSig
|
228 | }
|
229 |
|
230 | function TransactionBuilder (network) {
|
231 | this.prevTxMap = {}
|
232 | this.network = network || networks.bitcoin
|
233 |
|
234 | this.inputs = []
|
235 | this.tx = new Transaction()
|
236 | }
|
237 |
|
238 | TransactionBuilder.prototype.setLockTime = function (locktime) {
|
239 | typeforce(types.UInt32, locktime)
|
240 |
|
241 |
|
242 | if (this.inputs.some(function (input) {
|
243 | if (!input.signatures) return false
|
244 |
|
245 | return input.signatures.some(function (s) { return s })
|
246 | })) {
|
247 | throw new Error('No, this would invalidate signatures')
|
248 | }
|
249 |
|
250 | this.tx.locktime = locktime
|
251 | }
|
252 |
|
253 | TransactionBuilder.prototype.setVersion = function (version) {
|
254 | typeforce(types.UInt32, version)
|
255 |
|
256 |
|
257 | this.tx.version = version
|
258 | }
|
259 |
|
260 | TransactionBuilder.fromTransaction = function (transaction, network) {
|
261 | var txb = new TransactionBuilder(network)
|
262 |
|
263 |
|
264 | txb.setVersion(transaction.version)
|
265 | txb.setLockTime(transaction.locktime)
|
266 |
|
267 |
|
268 | transaction.outs.forEach(function (txOut) {
|
269 | txb.addOutput(txOut.script, txOut.value)
|
270 | })
|
271 |
|
272 |
|
273 | transaction.ins.forEach(function (txIn) {
|
274 | txb.__addInputUnsafe(txIn.hash, txIn.index, txIn.sequence, txIn.script)
|
275 | })
|
276 |
|
277 |
|
278 | txb.inputs.forEach(function (input, i) {
|
279 | fixMultisigOrder(input, transaction, i)
|
280 | })
|
281 |
|
282 | return txb
|
283 | }
|
284 |
|
285 | TransactionBuilder.prototype.addInput = function (txHash, vout, sequence, prevOutScript) {
|
286 | if (!this.__canModifyInputs()) {
|
287 | throw new Error('No, this would invalidate signatures')
|
288 | }
|
289 |
|
290 |
|
291 | if (typeof txHash === 'string') {
|
292 |
|
293 | txHash = bufferReverse(new Buffer(txHash, 'hex'))
|
294 |
|
295 |
|
296 | } else if (txHash instanceof Transaction) {
|
297 | prevOutScript = txHash.outs[vout].script
|
298 | txHash = txHash.getHash()
|
299 | }
|
300 |
|
301 | return this.__addInputUnsafe(txHash, vout, sequence, null, prevOutScript)
|
302 | }
|
303 |
|
304 | TransactionBuilder.prototype.__addInputUnsafe = function (txHash, vout, sequence, scriptSig, prevOutScript) {
|
305 | if (Transaction.isCoinbaseHash(txHash)) {
|
306 | throw new Error('coinbase inputs not supported')
|
307 | }
|
308 |
|
309 | var prevTxOut = txHash.toString('hex') + ':' + vout
|
310 | if (this.prevTxMap[prevTxOut]) throw new Error('Duplicate TxOut: ' + prevTxOut)
|
311 |
|
312 | var input = {}
|
313 |
|
314 |
|
315 | if (scriptSig) {
|
316 | input = expandInput(scriptSig)
|
317 | }
|
318 |
|
319 |
|
320 | if (!input.prevOutScript && prevOutScript) {
|
321 | var prevOutType
|
322 |
|
323 | if (!input.pubKeys && !input.signatures) {
|
324 | var expanded = expandOutput(prevOutScript)
|
325 |
|
326 | if (expanded.pubKeys) {
|
327 | input.pubKeys = expanded.pubKeys
|
328 | input.signatures = expanded.signatures
|
329 | }
|
330 |
|
331 | prevOutType = expanded.scriptType
|
332 | }
|
333 |
|
334 | input.prevOutScript = prevOutScript
|
335 | input.prevOutType = prevOutType || bscript.classifyOutput(prevOutScript)
|
336 | }
|
337 |
|
338 | var vin = this.tx.addInput(txHash, vout, sequence, scriptSig)
|
339 | this.inputs[vin] = input
|
340 | this.prevTxMap[prevTxOut] = true
|
341 |
|
342 | return vin
|
343 | }
|
344 |
|
345 | TransactionBuilder.prototype.addOutput = function (scriptPubKey, value) {
|
346 | if (!this.__canModifyOutputs()) {
|
347 | throw new Error('No, this would invalidate signatures')
|
348 | }
|
349 |
|
350 |
|
351 | if (typeof scriptPubKey === 'string') {
|
352 | scriptPubKey = baddress.toOutputScript(scriptPubKey, this.network)
|
353 | }
|
354 |
|
355 | return this.tx.addOutput(scriptPubKey, value)
|
356 | }
|
357 |
|
358 | TransactionBuilder.prototype.build = function () {
|
359 | return this.__build(false)
|
360 | }
|
361 | TransactionBuilder.prototype.buildIncomplete = function () {
|
362 | return this.__build(true)
|
363 | }
|
364 |
|
365 | TransactionBuilder.prototype.__build = function (allowIncomplete) {
|
366 | if (!allowIncomplete) {
|
367 | if (!this.tx.ins.length) throw new Error('Transaction has no inputs')
|
368 | if (!this.tx.outs.length) throw new Error('Transaction has no outputs')
|
369 | }
|
370 |
|
371 | var tx = this.tx.clone()
|
372 |
|
373 |
|
374 | this.inputs.forEach(function (input, i) {
|
375 | var scriptType = input.redeemScriptType || input.prevOutType
|
376 | if (!scriptType && !allowIncomplete) throw new Error('Transaction is not complete')
|
377 |
|
378 |
|
379 | var scriptSig = buildInput(input, allowIncomplete)
|
380 |
|
381 |
|
382 | if (!scriptSig) {
|
383 | if (!allowIncomplete) throw new Error(scriptType + ' not supported')
|
384 | return
|
385 | }
|
386 |
|
387 | tx.setInputScript(i, scriptSig)
|
388 | })
|
389 |
|
390 | return tx
|
391 | }
|
392 |
|
393 | function canSign (input) {
|
394 | return input.prevOutScript !== undefined &&
|
395 | input.pubKeys !== undefined &&
|
396 | input.signatures !== undefined &&
|
397 | input.signatures.length === input.pubKeys.length &&
|
398 | input.pubKeys.length > 0
|
399 | }
|
400 |
|
401 | TransactionBuilder.prototype.sign = function (vin, keyPair, redeemScript, hashType) {
|
402 | if (keyPair.network !== this.network) throw new Error('Inconsistent network')
|
403 | if (!this.inputs[vin]) throw new Error('No input at index: ' + vin)
|
404 | hashType = hashType || Transaction.SIGHASH_ALL
|
405 |
|
406 | var input = this.inputs[vin]
|
407 |
|
408 |
|
409 | if (input.redeemScript !== undefined &&
|
410 | redeemScript &&
|
411 | !input.redeemScript.equals(redeemScript)) {
|
412 | throw new Error('Inconsistent redeemScript')
|
413 | }
|
414 |
|
415 | var kpPubKey = keyPair.getPublicKeyBuffer()
|
416 | if (!canSign(input)) {
|
417 | prepareInput(input, kpPubKey, redeemScript)
|
418 |
|
419 | if (!canSign(input)) throw Error(input.prevOutType + ' not supported')
|
420 | }
|
421 |
|
422 |
|
423 | var hashScript = input.redeemScript || input.prevOutScript
|
424 | var signatureHash = this.tx.hashForSignature(vin, hashScript, hashType)
|
425 |
|
426 |
|
427 | var signed = input.pubKeys.some(function (pubKey, i) {
|
428 | if (!kpPubKey.equals(pubKey)) return false
|
429 | if (input.signatures[i]) throw new Error('Signature already exists')
|
430 |
|
431 | input.signatures[i] = keyPair.sign(signatureHash).toScriptSignature(hashType)
|
432 | return true
|
433 | })
|
434 |
|
435 | if (!signed) throw new Error('Key pair cannot sign for this input')
|
436 | }
|
437 |
|
438 | function signatureHashType (buffer) {
|
439 | return buffer.readUInt8(buffer.length - 1)
|
440 | }
|
441 |
|
442 | TransactionBuilder.prototype.__canModifyInputs = function () {
|
443 | return this.inputs.every(function (input) {
|
444 |
|
445 | if (input.signatures === undefined) return true
|
446 |
|
447 | return input.signatures.every(function (signature) {
|
448 | if (!signature) return true
|
449 | var hashType = signatureHashType(signature)
|
450 |
|
451 |
|
452 |
|
453 | return hashType & Transaction.SIGHASH_ANYONECANPAY
|
454 | })
|
455 | })
|
456 | }
|
457 |
|
458 | TransactionBuilder.prototype.__canModifyOutputs = function () {
|
459 | var nInputs = this.tx.ins.length
|
460 | var nOutputs = this.tx.outs.length
|
461 |
|
462 | return this.inputs.every(function (input) {
|
463 | if (input.signatures === undefined) return true
|
464 |
|
465 | return input.signatures.every(function (signature) {
|
466 | if (!signature) return true
|
467 | var hashType = signatureHashType(signature)
|
468 |
|
469 | var hashTypeMod = hashType & 0x1f
|
470 | if (hashTypeMod === Transaction.SIGHASH_NONE) return true
|
471 | if (hashTypeMod === Transaction.SIGHASH_SINGLE) {
|
472 |
|
473 |
|
474 |
|
475 | return nInputs <= nOutputs
|
476 | }
|
477 | })
|
478 | })
|
479 | }
|
480 |
|
481 | module.exports = TransactionBuilder
|