chore: added test for paygo addr and moved generate paygo proof to other pr

TICKET: BTC-2047

chore: determined msg to sign and verify

Issue: BTC-2047

TICKET: BTC-2047

chore(utxo-lib): modified verify function and tests

Issue: BTC-2047

TICKET: BTC-2047

chore(utxo-core): moved util functions to uxto-core

TICKET: BTC-2047

chore: got tests to work

BTC-2047

TICKET: BTC-2047

feat(utxo-core): cleaned up comments

TICKET: BTC-2047

chore(utxo-core): added bitcoinjs-message to deps and fixed import

TICKET: BTC-2047

chore(utxo-core): used new helper functions for prop kv func and removed old

TICKET: BTC-2047

Author: christopher-fong

modules/utxo-core/src/paygo/index.ts

@@ -1 +1,2 @@
 export * from './ExtractAddressPayGoAttestation';
+export * from './psbt';

modules/utxo-core/src/paygo/psbt/PayGoUtils.ts

@@ -0,0 +1,125 @@
+import * as utxolib from '@bitgo/utxo-lib';
+import * as bitcoinMessage from 'bitcoinjs-message';
+import { checkForOutput } from 'bip174/src/lib/utils';
+
+import { extractAddressBufferFromPayGoAttestationProof } from '../ExtractAddressPayGoAttestation';
+
+/** The function consumes the signature as a parameter and adds the PayGo address to the
+ * PSBT output at the output index where the signature is of the format:
+ * 0x18Bitcoin Signed Message:\n<varint_length><ENTROPY><ADDRESS><UUID> signed by
+ * the HSM beforehand.
+ *
+ * @param psbt - PSBT that we need to encode our paygo address into
+ * @param outputIndex - the index of the address in our output
+ * @param sig - the signature that we want to encode
+ */
+export function addPaygoAddressProof(
+  psbt: utxolib.bitgo.UtxoPsbt,
+  outputIndex: number,
+  sig: Buffer,
+  pub: Buffer
+): void {
+  utxolib.bitgo.addProprietaryKeyValuesFromUnknownKeyValues(psbt, 'output', outputIndex, {
+    key: {
+      identifier: utxolib.bitgo.PSBT_PROPRIETARY_IDENTIFIER,
+      subtype: utxolib.bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
+      keydata: pub,
+    },
+    value: sig,
+  });
+}
+
+/** Verify the paygo address signature is valid using BitGoJs statics
+ *
+ * @param psbt - PSBT we want to verify that the paygo address is in
+ * @param outputIndex - we have the output index that address is in
+ * @param pub - The public key that we want to verify the proof with
+ * @param message - The message we want to verify corresponding to sig
+ * @returns
+ */
+export function verifyPaygoAddressProof(
+  psbt: utxolib.bitgo.UtxoPsbt,
+  outputIndex: number,
+  message: Buffer,
+  attestationPubKey: Buffer
+): void {
+  const psbtOutputs = checkForOutput(psbt.data.outputs, outputIndex);
+  const stored = utxolib.bitgo.getProprietaryKeyValuesFromUnknownKeyValues(psbtOutputs, {
+    identifier: utxolib.bitgo.PSBT_PROPRIETARY_IDENTIFIER,
+    subtype: utxolib.bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
+  });
+  if (!stored) {
+    throw new Error(`No address proof.`);
+  }
+
+  // assert stored length is 0 or 1
+  if (stored.length === 0) {
+    throw new Error(`There is no paygo address proof encoded in the PSBT at output ${outputIndex}.`);
+  } else if (stored.length > 1) {
+    throw new Error('There are multiple paygo address proofs encoded in the PSBT. Something went wrong.');
+  }
+
+  const signature = stored[0].value;
+  const pub = stored[0].key.keydata;
+
+  // Check that the keydata pubkey is the same as the one we are verifying against
+  if (Buffer.compare(pub, attestationPubKey) !== 0) {
+    throw new Error('The public key in the PSBT does not match the provided public key.');
+  }
+
+  // It doesn't matter that this is bitcoin or not, we just need to convert the public key buffer into an address format
+  // for the verification
+  const messageToVerify = utxolib.address.toBase58Check(
+    utxolib.crypto.hash160(pub),
+    utxolib.networks.bitcoin.pubKeyHash,
+    utxolib.networks.bitcoin
+  );
+
+  if (!bitcoinMessage.verify(message, messageToVerify, signature, utxolib.networks.bitcoin.messagePrefix)) {
+    throw new Error('Cannot verify the paygo address signature with the provided pubkey.');
+  }
+  // We should be verifying the address that was encoded into our message.
+  const addressFromProof = extractAddressBufferFromPayGoAttestationProof(message).toString();
+
+  // Check that the address from the proof matches what is in the PSBT
+  const txOutputs = psbt.txOutputs;
+  if (outputIndex >= txOutputs.length) {
+    throw new Error(`Output index ${outputIndex} is out of bounds for PSBT outputs.`);
+  }
+  const output = txOutputs[outputIndex];
+  const addressFromOutput = utxolib.address.fromOutputScript(output.script, psbt.network);
+
+  if (addressFromProof !== addressFromOutput) {
+    throw new Error(
+      `The address from the output (${addressFromOutput}) does not match the address that is in the proof (${addressFromProof}).`
+    );
+  }
+}
+
+/** Get the output index of the paygo output if there is one. It does this by
+ * checking if the metadata is on one of the outputs of the PSBT. If there is
+ * no paygo output, return undefined
+ *
+ * @param psbt
+ * @returns number - the index of the output address
+ */
+export function getPaygoAddressProofOutputIndex(psbt: utxolib.bitgo.UtxoPsbt): number | undefined {
+  const res = psbt.data.outputs.flatMap((output, outputIndex) => {
+    const proprietaryKeyVals = utxolib.bitgo.getPsbtOutputProprietaryKeyVals(output, {
+      identifier: utxolib.bitgo.PSBT_PROPRIETARY_IDENTIFIER,
+      subtype: utxolib.bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
+    });
+
+    if (proprietaryKeyVals.length > 1) {
+      throw new Error(`There are multiple PayGo addresses in the PSBT output ${outputIndex}.`);
+    }
+
+    return proprietaryKeyVals.length === 0 ? [] : [outputIndex];
+  });
+
+  return res.length === 0 ? undefined : res[0];
+}
+
+export function psbtOutputIncludesPaygoAddressProof(psbt: utxolib.bitgo.UtxoPsbt): boolean {
+  return getPaygoAddressProofOutputIndex(psbt) !== undefined;
+}

modules/utxo-core/src/paygo/psbt/index.ts

@@ -0,0 +1 @@
+export * from './PayGoUtils';

modules/utxo-core/test/paygo/psbt/PayGoUtils.ts

@@ -0,0 +1,142 @@
+import assert from 'assert';
+
+import * as utxolib from '@bitgo/utxo-lib';
+import * as bitcoinMessage from 'bitcoinjs-message';
+import { decodeProprietaryKey } from 'bip174/src/lib/proprietaryKeyVal';
+import { KeyValue } from 'bip174/src/lib/interfaces';
+import { checkForOutput } from 'bip174/src/lib/utils';
+
+import {
+  addPaygoAddressProof,
+  getPaygoAddressProofOutputIndex,
+  psbtOutputIncludesPaygoAddressProof,
+  verifyPaygoAddressProof,
+} from '../../../src/paygo/psbt/PayGoUtils';
+import { generatePayGoAttestationProof } from '../../../src/testutil/generatePayGoAttestationProof.utils';
+
+// To construct our PSBTs
+const network = utxolib.networks.bitcoin;
+const keys = [1, 2, 3].map((v) => utxolib.bip32.fromSeed(Buffer.alloc(16, `test/2/${v}`), network));
+const rootWalletKeys = new utxolib.bitgo.RootWalletKeys([keys[0], keys[1], keys[2]]);
+
+// PSBT INPUTS AND OUTPUTS
+const psbtInputs = utxolib.testutil.inputScriptTypes.map((scriptType) => ({
+  scriptType,
+  value: BigInt(1000),
+}));
+const psbtOutputs = utxolib.testutil.outputScriptTypes.map((scriptType) => ({
+  scriptType,
+  value: BigInt(900),
+}));
+
+// wallet pub and priv key for tbtc
+const dummyPub1 = rootWalletKeys.deriveForChainAndIndex(50, 200);
+const attestationPubKey = dummyPub1.user.publicKey;
+const attestationPrvKey = dummyPub1.user.privateKey!;
+
+// UUID structure
+const nilUUID = '00000000-0000-0000-0000-000000000000';
+
+// our xpub converted to base58 address
+const addressToVerify = utxolib.address.toBase58Check(
+  utxolib.crypto.hash160(Buffer.from(dummyPub1.backup.publicKey)),
+  utxolib.networks.bitcoin.pubKeyHash,
+  utxolib.networks.bitcoin
+);
+
+// this should be retuning a Buffer
+const addressProofBuffer = generatePayGoAttestationProof(nilUUID, Buffer.from(addressToVerify));
+// signature with the given msg addressProofBuffer
+const sig = bitcoinMessage.sign(addressProofBuffer, attestationPrvKey!, true, network.messagePrefix);
+
+function getTestPsbt() {
+  return utxolib.testutil.constructPsbt(psbtInputs, psbtOutputs, network, rootWalletKeys, 'unsigned');
+}
+
+describe('addPaygoAddressProof and verifyPaygoAddressProof', () => {
+  function getPaygoProprietaryKey(proprietaryKeyVals: KeyValue[]) {
+    return proprietaryKeyVals
+      .map(({ key, value }) => {
+        return { key: decodeProprietaryKey(key), value };
+      })
+      .filter((keyValue) => {
+        return (
+          keyValue.key.identifier === utxolib.bitgo.PSBT_PROPRIETARY_IDENTIFIER &&
+          keyValue.key.subtype === utxolib.bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF
+        );
+      });
+  }
+
+  it("should fail a proof verification if the proof isn't valid", () => {
+    const outputIndex = 0;
+    const psbt = getTestPsbt();
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    const output = checkForOutput(psbt.data.outputs, outputIndex);
+    const proofInPsbt = getPaygoProprietaryKey(output.unknownKeyVals!);
+    assert(proofInPsbt.length === 1);
+    assert.throws(
+      () => verifyPaygoAddressProof(psbt, 0, Buffer.from('Random Signed Message'), attestationPubKey),
+      (e: any) => e.message === 'Cannot verify the paygo address signature with the provided pubkey.'
+    );
+  });
+
+  it('should add and verify a valid paygo address proof on the PSBT', () => {
+    const psbt = getTestPsbt();
+    psbt.addOutput({ script: utxolib.address.toOutputScript(addressToVerify, network), value: BigInt(10000) });
+    const outputIndex = psbt.data.outputs.length - 1;
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    verifyPaygoAddressProof(psbt, outputIndex, Buffer.from(addressProofBuffer), attestationPubKey);
+  });
+
+  it('should throw an error if there are multiple PayGo proprietary keys in the PSBT', () => {
+    const outputIndex = 0;
+    const psbt = getTestPsbt();
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    addPaygoAddressProof(psbt, outputIndex, Buffer.from('signature2'), Buffer.from('fakepubkey2s'));
+    const output = checkForOutput(psbt.data.outputs, outputIndex);
+    const proofInPsbt = getPaygoProprietaryKey(output.unknownKeyVals!);
+    assert(proofInPsbt.length !== 0);
+    assert(proofInPsbt.length > 1);
+    assert.throws(
+      () => verifyPaygoAddressProof(psbt, outputIndex, addressProofBuffer, attestationPubKey),
+      (e: any) => e.message === 'There are multiple paygo address proofs encoded in the PSBT. Something went wrong.'
+    );
+  });
+});
+
+describe('verifyPaygoAddressProof', () => {
+  it('should throw an error if there is no PayGo address in PSBT', () => {
+    const psbt = getTestPsbt();
+    assert.throws(
+      () => verifyPaygoAddressProof(psbt, 0, addressProofBuffer, attestationPubKey),
+      (e: any) => e.message === 'There is no paygo address proof encoded in the PSBT at output 0.'
+    );
+  });
+});
+
+describe('getPaygoAddressProofIndex', () => {
+  it('should get PayGo address proof index from PSBT if there is one', () => {
+    const psbt = getTestPsbt();
+    const outputIndex = 0;
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    assert(psbtOutputIncludesPaygoAddressProof(psbt));
+    assert(getPaygoAddressProofOutputIndex(psbt) === 0);
+  });
+
+  it('should return undefined if there is no PayGo address proof in PSBT', () => {
+    const psbt = getTestPsbt();
+    assert(getPaygoAddressProofOutputIndex(psbt) === undefined);
+    assert(!psbtOutputIncludesPaygoAddressProof(psbt));
+  });
+
+  it('should return an error and fail if we have multiple PayGo address in the PSBT in the same output index', () => {
+    const psbt = getTestPsbt();
+    const outputIndex = 0;
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from('xpub12345abcdef29a028510d3b2d4'));
+    assert.throws(
+      () => getPaygoAddressProofOutputIndex(psbt),
+      (e: any) => e.message === 'There are multiple PayGo addresses in the PSBT output 0.'
+    );
+  });
+});

modules/utxo-lib/src/bitgo/PsbtUtil.ts

@@ -20,6 +20,7 @@ export enum ProprietaryKeySubtype {
   MUSIG2_PARTICIPANT_PUB_KEYS = 0x01,
   MUSIG2_PUB_NONCE = 0x02,
   MUSIG2_PARTIAL_SIG = 0x03,
+  PAYGO_ADDRESS_ATTESTATION_PROOF = 0x04,
 }
 
 /**

modules/utxo-lib/src/bitgo/UtxoPsbt.ts

@@ -7,7 +7,7 @@ import {
   Transaction as ITransaction,
   TransactionFromBuffer,
 } from 'bip174/src/lib/interfaces';
-import { checkForInput, checkForOutput } from 'bip174/src/lib/utils';
+import { checkForInput } from 'bip174/src/lib/utils';
 import { BufferWriter, varuint } from 'bitcoinjs-lib/src/bufferutils';
 import { SessionKey } from '@brandonblack/musig';
 import { BIP32Factory, BIP32Interface } from 'bip32';