taproot address 1st draft done but address is different from core

karask · karask · commit 8e648eee3611 · 2023-04-05T22:15:35.000+03:00
diff --git a/TODO b/TODO
@@ -1,7 +1,14 @@
+
 ******
 0.5.10 is current working copy -- HAVEN'T TAGGED IT YET, will refactor PrivateKey first
 
 
+CLEAN UP 
+-- use sha256 rather than hashlib.sha256
+-- will use ecpy lib for ECSchorr (point mul, signing, etc) - use ecpy for ECDSA to remove ecdsa lib
+-- internally everything should be handled in bytes -- and converted to hex when displayed
+
+
 IMPROVE
 - why does bitcoinlib.services.service worked for connecting and proxy didn't for some students? (services probably has some redundancy code)
 
diff --git a/bitcoinutils/keys.py b/bitcoinutils/keys.py
@@ -19,13 +19,15 @@
 from ecdsa import SigningKey, VerifyingKey, SECP256k1, ellipticcurve, numbertheory
 from ecdsa.util import sigencode_string, sigdecode_string, sigencode_der
 from sympy.ntheory import sqrt_mod
+from ecpy.curves import Curve, Point
 
 from bitcoinutils.constants import NETWORK_WIF_PREFIXES, \
         NETWORK_P2PKH_PREFIXES, NETWORK_P2SH_PREFIXES, SIGHASH_ALL, \
         P2PKH_ADDRESS, P2SH_ADDRESS, P2WPKH_ADDRESS_V0, P2WSH_ADDRESS_V0, \
         P2TR_ADDRESS_V1, NETWORK_SEGWIT_PREFIXES
 from bitcoinutils.setup import get_network
-from bitcoinutils.utils import bytes_from_int, encode_varint, add_magic_prefix
+from bitcoinutils.utils import bytes_from_int, encode_varint, add_magic_prefix, \
+                               tagged_hash, hex_str_to_int
 from bitcoinutils.ripemd160 import ripemd160
 import bitcoinutils.script
 import bitcoinutils.bech32
@@ -59,6 +61,10 @@ class EcdsaParams:
     _G = ellipticcurve.Point( _curve, _Gx, _Gy, _order )
 
 
+class SchnorrParams:
+    pass
+
+
 
 class PrivateKey:
     """Represents an ECDSA private key.
@@ -370,7 +376,6 @@ def _sign_taproot_input(self, tx_digest, sighash=SIGHASH_ALL):
         pass
 
     # TODO AAAAA IS PUBLIC KEY size is 32!!!! -- get_public_key needs to be modified appr.
-
     def get_public_key(self):
         """Returns the corresponding PublicKey"""
 
@@ -483,30 +488,31 @@ def to_hex(self, compressed=True, taproot=False):
 
         key_hex = hexlify(self.key.to_string())
 
-        if compressed:
-            # check if y is even or odd (02 even, 03 odd)
-            if int(key_hex[-2:], 16) % 2 == 0:
-                key_str = b'02' + key_hex[:64]
-            else:
-                key_str = b'03' + key_hex[:64]
-        else:
-            # uncompressed starts with 04
-            key_str = b'04' + key_hex
-
-	# this was added for taproot but will be refactored!
+        # OLD w/o taproot
         #if compressed:
-        #    if not taproot:
-        #        # check if y is even or odd (02 even, 03 odd)
-        #        if int(key_hex[-2:], 16) % 2 == 0:
-        #            key_str = b'02' + key_hex[:64]
-        #        else:
-        #            key_str = b'03' + key_hex[:64]
+        #    # check if y is even or odd (02 even, 03 odd)
+        #    if int(key_hex[-2:], 16) % 2 == 0:
+        #        key_str = b'02' + key_hex[:64]
         #    else:
-        #        key_str = key_hex[:64]
+        #        key_str = b'03' + key_hex[:64]
         #else:
         #    # uncompressed starts with 04
         #    key_str = b'04' + key_hex
 
+	    # this was added for taproot but will be refactored!
+        if compressed:
+            if not taproot:
+                # check if y is even or odd (02 even, 03 odd)
+                if int(key_hex[-2:], 16) % 2 == 0:
+                    key_str = b'02' + key_hex[:64]
+                else:
+                    key_str = b'03' + key_hex[:64]
+            else:
+                key_str = key_hex[:64]
+        else:
+            # uncompressed starts with 04
+            key_str = b'04' + key_hex
+
         return key_str.decode('utf-8')
 
 
@@ -657,16 +663,32 @@ def get_segwit_address(self):
         return P2wpkhAddress(witness_program=addr_string_hex)
 
 
-    def get_taproot_address(self):
+    def get_taproot_address(self, tagged=True):
         """Returns the corresponding P2TR address
 
         Only compressed is allowed. Taproot does not hash the public key
-        so we store it directly.
+        so we store it directly. By default tagged_hashes are used.
         """
 
-        # Note that in taproot it is not really the hash.. just the compressed
-        # public key without a prefix!
-        pubkey = self.to_hex(compressed=True, taproot=True) 
+        # Tweak public key (BIP340)
+        # https://bitcoin.stackexchange.com/a/116391/31844
+        if tagged:
+            th = tagged_hash(b'TapTweak', self.key.to_string())
+            th_as_int = hex_str_to_int( th.hexdigest() )
+
+            # compute the tweaked public key Q = P + (t * G)
+            curve = Curve.get_curve('secp256k1')
+
+            # convert public key bytes to Point
+            x = hex_str_to_int( self.key.to_string()[:32].hex() )
+            y = hex_str_to_int( self.key.to_string()[32:].hex() )
+            P = Point(x, y, curve)
+            
+            Q = P + (th_as_int * curve.generator)
+            pubkey = hex(Q.x)[2:] + hex(Q.y)[2:]
+        else:
+            pubkey = self.to_hex(compressed=True, taproot=True) 
+
         return P2trAddress(witness_program=pubkey)
 
 
@@ -1065,7 +1087,11 @@ def to_string(self):
         """
 
         # convert hex string witness program to int array (required by bech32 lib)
-        hash_bytes = unhexlify( self.witness_program.encode('utf-8') )
+        # if taproot only the x coordinate is required
+        if self.segwit_num_version == 1:
+            hash_bytes = unhexlify( self.witness_program[:64].encode('utf-8') )
+        else:
+            hash_bytes = unhexlify( self.witness_program.encode('utf-8') )
         witness_int_array = memoryview(hash_bytes).tolist()
 
         return bitcoinutils.bech32.encode(NETWORK_SEGWIT_PREFIXES[get_network()],
diff --git a/bitcoinutils/utils.py b/bitcoinutils/utils.py
@@ -9,6 +9,7 @@
 # propagated, or distributed except according to the terms contained in the
 # LICENSE file.
 
+from hashlib import sha256
 from binascii import hexlify, unhexlify
 from bitcoinutils.constants import SATOSHIS_PER_BITCOIN
 
@@ -83,6 +84,7 @@ def vi_to_int(byteint):
     return int.from_bytes(byteint[1:1+size][::-1], 'big'), size + 1
 
 
+# TODO name hex_to_bytes ??
 def to_bytes(string, unhexlify=True):
     '''
 	Converts a hex string to bytes
@@ -131,3 +133,25 @@ def add_magic_prefix(message):
     return message_magic
 
 
+def tagged_hash(tag, data):
+    '''
+    Tagged hashes ensure that hashes used in one context can not be used in another.
+    It is used extensively in Taproot
+
+    A tagged hash is: SHA256( SHA256("TapTweak") || 
+                              SHA256("TapTweak") ||
+                              data
+                            )
+    Returns hashlib object (can then use .digest() or hexdigest())
+    '''
+
+    tag_digest = sha256(tag).digest()
+    return sha256( tag_digest + tag_digest + data )
+
+
+def hex_str_to_int(hex_str):
+    '''
+    Converts a string hexadecimal to a number (starting with 0x)
+    '''
+    return int(hex_str, base=16) 
+
diff --git a/examples/keys_taproot_addresses.py b/examples/keys_taproot_addresses.py
@@ -9,17 +9,18 @@
 # modified, propagated, or distributed except according to the terms contained
 # in the LICENSE file.
 
-
 from bitcoinutils.setup import setup
 from bitcoinutils.script import Script
 from bitcoinutils.keys import P2trAddress, PrivateKey, PublicKey
 
+
 def main():
     # always remember to setup the network
     setup('testnet')
 
     # could also instantiate from existing WIF key
-    priv = PrivateKey.from_wif('cVHcBHKydbbdqQtKWm2AdgF7LGrQdHzxa3yaABPa16wb5ZTqc3Np')
+    #priv = PrivateKey.from_wif('cQoDmhFk8Ei8hmoyDvEnLN4wTWaYPLCvNKBwYkj8t1yaQTmyfQfg')
+    priv = PrivateKey.from_wif('cSfna7riKJdNU7skpRUx17WYANNsyHTA2FmuzLpFzpp37xpytgob')
 
     # compressed is the default
     print("\nPrivate key WIF:", priv.to_wif())
@@ -35,15 +36,16 @@ def main():
 
     # print the address and hash - default is compressed address
     print("Native Address:", address.to_string())
-    taproot_pk = address.to_hash()
+    taproot_pk = address.to_witness_program()
     print("Taproot public key:", taproot_pk)
     print("Segwit Version:", address.get_type())
 
     # test to_string
-    addr2 = P2trAddress.from_hash(taproot_pk)
+    addr2 = P2trAddress.from_witness_program(taproot_pk)
     print("Created P2trAddress from public key and calculate address:")
     print("Native Address:", addr2.to_string())
 
+    assert(address.to_string() == 'tb1p3yfmr6sc448t2sya7f8n49y9h3gtg26fygg4jtpaem6pvptvc7jq423gxd')
 
 if __name__ == "__main__":
     main()
diff --git a/requirements.txt b/requirements.txt
@@ -2,3 +2,4 @@ base58check>=1.0.2,<2.0
 ecdsa==0.17.0
 sympy>=1.2,<2.0
 python-bitcoinrpc>=1.0,<2.0
+ecpy==1.2.5
diff --git a/setup.py b/setup.py
@@ -23,7 +23,8 @@
           'base58check>=1.0.2,<2.0',
           'ecdsa==0.17.0',
           'sympy>=1.2,<2.0',
-          'python-bitcoinrpc>=1.0,<2.0'
+          'python-bitcoinrpc>=1.0,<2.0',
+          'ECpy==1.2.5'
       ],
       packages=['bitcoinutils'],
       #package_data={
