Merge pull request bitcoinjs#615 from bitcoinjs/hltc

Add another CLTV test,  isolate tests and cleanup

Author: dcousens

README.md

@@ -91,7 +91,7 @@ Definitions for [Flow typechecker](https://flowtype.org/) are available in flow-
 
     # npm install -g flow-typed
     $ flow-typed install -f 0.27 [email protected] # 0.27 for flow version, 2.2.0 for bitcoinjs-lib version
-    
+
 The definitions are complete and up to date with version 2.2.0. The definitions are maintained by [@runn1ng](https://github.com/runn1ng).
 
 ## Examples
@@ -108,10 +108,13 @@ The below examples are implemented as integration tests, they should be very eas
 - [Create an OP RETURN transaction](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/advanced.js#L24)
 - [Create a 2-of-3 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L9)
 - [Spend from a 2-of-4 multisig P2SH address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/multisig.js#L25)
-- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14)
-- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L53)
-- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L55)
-- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L102)
+- [Generate a single-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L11)
+- [Generate a dual-key stealth address](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/stealth.js#L48)
+- [Recover a BIP32 parent private key from the parent public key and a derived non-hardened child private key](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14)
+- [Recover a Private key from duplicate R values in a signature](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L60)
+- [Create a CLTV locked transaction where the expiry is past](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L36)
+- [Create a CLTV locked transaction where the parties bypass the expiry](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L70)
+- [Create a CLTV locked transaction which fails due to expiry in the future](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/cltv.js#L102)
 
 If you have a use case that you feel could be listed here, please [ask for it](https://github.com/bitcoinjs/bitcoinjs-lib/issues/new)!
 

test/integration/advanced.js

@@ -1,4 +1,4 @@
-/* global describe, it, beforeEach */
+/* global describe, it */
 
 var assert = require('assert')
 var bitcoin = require('../../')
@@ -43,97 +43,4 @@ describe('bitcoinjs-lib (advanced)', function () {
       blockchain.t.transactions.propagate(txRaw.toHex(), done)
     })
   })
-
-  describe('can create transactions using OP_CHECKLOCKTIMEVERIFY', function (done) {
-    var network = bitcoin.networks.testnet
-    var alice = bitcoin.ECPair.fromWIF('cScfkGjbzzoeewVWmU2hYPUHeVGJRDdFt7WhmrVVGkxpmPP8BHWe', network)
-    var bob = bitcoin.ECPair.fromWIF('cMkopUXKWsEzAjfa1zApksGRwjVpJRB3831qM9W4gKZsLwjHXA9x', network)
-
-    // now - 3 hours
-    var threeHoursAgo = Math.floor(Date.now() / 1000) - (3600 * 3)
-    var redeemScript = bitcoin.script.compile([
-      bitcoin.opcodes.OP_IF,
-
-      bitcoin.script.number.encode(threeHoursAgo),
-      bitcoin.opcodes.OP_CHECKLOCKTIMEVERIFY,
-      bitcoin.opcodes.OP_DROP,
-
-      bitcoin.opcodes.OP_ELSE,
-
-      bob.getPublicKeyBuffer(),
-      bitcoin.opcodes.OP_CHECKSIGVERIFY,
-
-      bitcoin.opcodes.OP_ENDIF,
-
-      alice.getPublicKeyBuffer(),
-      bitcoin.opcodes.OP_CHECKSIG
-    ])
-    var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
-
-    var txId
-    beforeEach(function (done) {
-      this.timeout(10000)
-
-      blockchain.t.faucet(alice.getAddress(), 2e4, function (err, unspent) {
-        if (err) return done(err)
-
-        // build the transaction
-        var tx = new bitcoin.TransactionBuilder(network)
-        tx.addInput(unspent.txId, unspent.vout)
-        tx.addOutput(scriptPubKey, 1e4)
-        tx.sign(0, alice)
-        var txRaw = tx.build()
-
-        txId = txRaw.getId()
-
-        blockchain.t.transactions.propagate(txRaw.toHex(), done)
-      })
-    })
-
-    // expiry past, {Alice's signature} OP_TRUE
-    it('where Alice can redeem after the expiry is past', function (done) {
-      this.timeout(30000)
-
-      var tx2 = new bitcoin.TransactionBuilder(network)
-      tx2.setLockTime(threeHoursAgo)
-      tx2.addInput(txId, 0, 0xfffffffe)
-      tx2.addOutput(alice.getAddress(), 1000)
-
-      var tx2Raw = tx2.buildIncomplete()
-      var hashType = bitcoin.Transaction.SIGHASH_ALL
-      var signatureHash = tx2Raw.hashForSignature(0, redeemScript, hashType)
-      var signature = alice.sign(signatureHash)
-
-      var redeemScriptSig = bitcoin.script.scriptHashInput([
-        signature.toScriptSignature(hashType), bitcoin.opcodes.OP_TRUE
-      ], redeemScript)
-
-      tx2Raw.setInputScript(0, redeemScriptSig)
-
-      blockchain.t.transactions.propagate(tx2Raw.toHex(), done)
-    })
-
-    // {Bob's signature} {Alice's signature} OP_FALSE
-    it('where Alice and Bob can redeem at any time', function (done) {
-      this.timeout(30000)
-
-      var tx2 = new bitcoin.TransactionBuilder(network)
-      tx2.setLockTime(threeHoursAgo)
-      tx2.addInput(txId, 0, 0xfffffffe)
-      tx2.addOutput(alice.getAddress(), 1000)
-
-      var tx2Raw = tx2.buildIncomplete()
-      var hashType = bitcoin.Transaction.SIGHASH_ALL
-      var signatureHash = tx2Raw.hashForSignature(0, redeemScript, hashType)
-      var signatureA = alice.sign(signatureHash)
-      var signatureB = bob.sign(signatureHash)
-      var redeemScriptSig = bitcoin.script.scriptHashInput([
-        signatureA.toScriptSignature(hashType), signatureB.toScriptSignature(hashType), bitcoin.opcodes.OP_FALSE
-      ], redeemScript)
-
-      tx2Raw.setInputScript(0, redeemScriptSig)
-
-      blockchain.t.transactions.propagate(tx2Raw.toHex(), done)
-    })
-  })
 })

test/integration/cltv.js

@@ -0,0 +1,140 @@
+/* global describe, it */
+
+var assert = require('assert')
+var bitcoin = require('../../')
+var blockchain = require('./_blockchain')
+
+var network = bitcoin.networks.testnet
+var alice = bitcoin.ECPair.fromWIF('cScfkGjbzzoeewVWmU2hYPUHeVGJRDdFt7WhmrVVGkxpmPP8BHWe', network)
+var bob = bitcoin.ECPair.fromWIF('cMkopUXKWsEzAjfa1zApksGRwjVpJRB3831qM9W4gKZsLwjHXA9x', network)
+
+describe('bitcoinjs-lib (CLTV)', function () {
+  var hashType = bitcoin.Transaction.SIGHASH_ALL
+
+  function cltvCheckSigInput (aQ, bQ, utcSeconds) {
+    return bitcoin.script.compile([
+      bitcoin.opcodes.OP_IF,
+      bitcoin.script.number.encode(utcSeconds),
+      bitcoin.opcodes.OP_CHECKLOCKTIMEVERIFY,
+      bitcoin.opcodes.OP_DROP,
+
+      bitcoin.opcodes.OP_ELSE,
+      bQ.getPublicKeyBuffer(),
+      bitcoin.opcodes.OP_CHECKSIGVERIFY,
+      bitcoin.opcodes.OP_ENDIF,
+
+      aQ.getPublicKeyBuffer(),
+      bitcoin.opcodes.OP_CHECKSIG
+    ])
+  }
+
+  function utcNow () {
+    return Math.floor(Date.now() / 1000)
+  }
+
+  // expiry past, {Alice's signature} OP_TRUE
+  it('where Alice can redeem after the expiry is past', function (done) {
+    this.timeout(30000)
+
+    // three hours ago
+    var timeUtc = utcNow() - (3600 * 3)
+    var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
+    var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
+    var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
+
+    // fund the P2SH(CLTV) address
+    blockchain.t.faucet(address, 2e4, function (err, unspent) {
+      if (err) return done(err)
+
+      var tx = new bitcoin.TransactionBuilder(network)
+      tx.setLockTime(timeUtc)
+      tx.addInput(unspent.txId, 0, 0xfffffffe)
+      tx.addOutput(alice.getAddress(), 1000)
+
+      var txRaw = tx.buildIncomplete()
+      var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
+
+      // {Alice's signature} OP_TRUE
+      var redeemScriptSig = bitcoin.script.scriptHashInput([
+        alice.sign(signatureHash).toScriptSignature(hashType),
+        bitcoin.opcodes.OP_TRUE
+      ], redeemScript)
+
+      txRaw.setInputScript(0, redeemScriptSig)
+
+      blockchain.t.transactions.propagate(txRaw.toHex(), done)
+    })
+  })
+
+  // expiry ignored, {Bob's signature} {Alice's signature} OP_FALSE
+  it('where Alice and Bob can redeem at any time', function (done) {
+    this.timeout(30000)
+
+    // two hours ago
+    var timeUtc = utcNow() - (3600 * 2)
+    var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
+    var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
+    var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
+
+    // fund the P2SH(CLTV) address
+    blockchain.t.faucet(address, 2e4, function (err, unspent) {
+      if (err) return done(err)
+
+      var tx = new bitcoin.TransactionBuilder(network)
+      tx.addInput(unspent.txId, 0, 0xfffffffe)
+      tx.addOutput(alice.getAddress(), 1000)
+
+      var txRaw = tx.buildIncomplete()
+      var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
+      var redeemScriptSig = bitcoin.script.scriptHashInput([
+        alice.sign(signatureHash).toScriptSignature(hashType),
+        bob.sign(signatureHash).toScriptSignature(hashType),
+        bitcoin.opcodes.OP_FALSE
+      ], redeemScript)
+
+      txRaw.setInputScript(0, redeemScriptSig)
+
+      blockchain.t.transactions.propagate(txRaw.toHex(), done)
+    })
+  })
+
+  // expiry in the future, {Alice's signature} OP_TRUE
+  it('fails when still time-locked', function (done) {
+    this.timeout(30000)
+
+    // two hours from now
+    var timeUtc = utcNow() + (3600 * 2)
+    var redeemScript = cltvCheckSigInput(alice, bob, timeUtc)
+    var scriptPubKey = bitcoin.script.scriptHashOutput(bitcoin.crypto.hash160(redeemScript))
+    var address = bitcoin.address.fromOutputScript(scriptPubKey, network)
+
+    // fund the P2SH(CLTV) address
+    blockchain.t.faucet(address, 2e4, function (err, unspent) {
+      if (err) return done(err)
+
+      var tx = new bitcoin.TransactionBuilder(network)
+      tx.setLockTime(timeUtc)
+      tx.addInput(unspent.txId, 0, 0xfffffffe)
+      tx.addOutput(alice.getAddress(), 1000)
+
+      var txRaw = tx.buildIncomplete()
+      var signatureHash = txRaw.hashForSignature(0, redeemScript, hashType)
+
+      // {Alice's signature} OP_TRUE
+      var redeemScriptSig = bitcoin.script.scriptHashInput([
+        alice.sign(signatureHash).toScriptSignature(hashType),
+        bitcoin.opcodes.OP_TRUE
+      ], redeemScript)
+
+      txRaw.setInputScript(0, redeemScriptSig)
+
+      blockchain.t.transactions.propagate(txRaw.toHex(), function (err) {
+        assert.throws(function () {
+          if (err) throw err
+        }, /Error: 64: non-final/)
+
+        done()
+      })
+    })
+  })
+})

test/integration/crypto.js

@@ -11,46 +11,7 @@ var ecurve = require('ecurve')
 var secp256k1 = ecurve.getCurveByName('secp256k1')
 
 describe('bitcoinjs-lib (crypto)', function () {
-  it('can generate a single-key stealth address', function () {
-    var G = secp256k1.G
-    var n = secp256k1.n
-
-    function stealthSend (Q) {
-      var noncePair = bitcoin.ECPair.makeRandom()
-      var e = noncePair.d
-      var eQ = Q.multiply(e) // shared secret
-      var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
-      var cG = G.multiply(c)
-      var Qprime = Q.add(cG)
-
-      return {
-        shared: new bitcoin.ECPair(null, Qprime),
-        nonce: noncePair.Q
-      }
-    }
-
-    function stealthReceive (d, P) {
-      var dP = P.multiply(d) // shared secret
-      var c = bigi.fromBuffer(bitcoin.crypto.sha256(dP.getEncoded()))
-      return new bitcoin.ECPair(d.add(c).mod(n))
-    }
-
-    // receiver private key
-    var receiver = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
-
-    var stealthS = stealthSend(receiver.Q) // public, done by sender
-    // ... sender now reveals nonce to receiver
-
-    var stealthR = stealthReceive(receiver.d, stealthS.nonce) // private, done by receiver
-
-    // and check that we derived both sides correctly
-    assert.equal(stealthS.shared.getAddress(), stealthR.getAddress())
-  })
-
-  // TODO
-  it.skip('can generate a dual-key stealth address', function () {})
-
-  it("can recover a parent private key from the parent's public key and a derived non-hardened child private key", function () {
+  it('can recover a BIP32 parent private key from the parent public key, and a derived, non-hardened child private key', function () {
     function recoverParent (master, child) {
       assert(!master.keyPair.d, 'You already have the parent private key')
       assert(child.keyPair.d, 'Missing child private key')

test/integration/stealth.js

@@ -0,0 +1,49 @@
+/* global describe, it */
+
+var assert = require('assert')
+var bigi = require('bigi')
+var bitcoin = require('../../')
+
+var ecurve = require('ecurve')
+var secp256k1 = ecurve.getCurveByName('secp256k1')
+
+describe('bitcoinjs-lib (crypto)', function () {
+  it('can generate a single-key stealth address', function () {
+    var G = secp256k1.G
+    var n = secp256k1.n
+
+    function stealthSend (Q) {
+      var noncePair = bitcoin.ECPair.makeRandom()
+      var e = noncePair.d
+      var eQ = Q.multiply(e) // shared secret
+      var c = bigi.fromBuffer(bitcoin.crypto.sha256(eQ.getEncoded()))
+      var cG = G.multiply(c)
+      var Qprime = Q.add(cG)
+
+      return {
+        shared: new bitcoin.ECPair(null, Qprime),
+        nonce: noncePair.Q
+      }
+    }
+
+    function stealthReceive (d, P) {
+      var dP = P.multiply(d) // shared secret
+      var c = bigi.fromBuffer(bitcoin.crypto.sha256(dP.getEncoded()))
+      return new bitcoin.ECPair(d.add(c).mod(n))
+    }
+
+    // receiver private key
+    var receiver = bitcoin.ECPair.fromWIF('5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss')
+
+    var stealthS = stealthSend(receiver.Q) // public, done by sender
+    // ... sender now reveals nonce to receiver
+
+    var stealthR = stealthReceive(receiver.d, stealthS.nonce) // private, done by receiver
+
+    // and check that we derived both sides correctly
+    assert.equal(stealthS.shared.getAddress(), stealthR.getAddress())
+  })
+
+  // TODO
+  it.skip('can generate a dual-key stealth address', function () {})
+})