chore: added test for paygo addr and moved generate paygo proof to other pr

TICKET: BTC-2047

chore: determined msg to sign and verify

Issue: BTC-2047

TICKET: BTC-2047

chore(utxo-lib): modified verify function and tests

Issue: BTC-2047

TICKET: BTC-2047

chore(utxo-core): moved util functions to uxto-core

TICKET: BTC-2047

Author: christopher-fong

modules/utxo-core/src/paygo/index.ts

@@ -1 +1,2 @@
 export * from './ExtractAddressPayGoAttestation';
+export * from './psbt';

modules/utxo-lib/src/bitgo/psbt/paygoAddressProof.ts renamed to modules/utxo-core/src/paygo/psbt/PayGoUtils.ts

@@ -1,14 +1,11 @@
-import * as assert from 'assert';
 import * as bitcoinMessage from 'bitcoinjs-message';
 import { crypto } from 'bitcoinjs-lib';
+import { networks, bitgo } from '@bitgo/utxo-lib';
+import { toBase58Check } from '@bitgo/utxo-lib/src/address';
 
-import { address } from '../..';
-import { networks } from '../../networks';
-import { toBase58Check } from '../../address';
-import { getPsbtOutputProprietaryKeyVals, ProprietaryKeySubtype, PSBT_PROPRIETARY_IDENTIFIER } from '../PsbtUtil';
-import { UtxoPsbt } from '../UtxoPsbt';
+import { extractAddressBufferFromPayGoAttestationProof } from '../ExtractAddressPayGoAttestation';
 
-/** The function consumes the signature as a parameter and adds the PayGo address to the 
+/** The function consumes the signature as a parameter and adds the PayGo address to the
  * PSBT output at the output index where the signature is of the format:
  * 0x18Bitcoin Signed Message:\n<varint_length><ENTROPY><ADDRESS><UUID> signed by
  * the HSM beforehand.
@@ -17,12 +14,12 @@ import { UtxoPsbt } from '../UtxoPsbt';
  * @param outputIndex - the index of the address in our output
  * @param sig - the signature that we want to encode
  */
-export function addPaygoAddressProof(psbt: UtxoPsbt, outputIndex: number, sig: Buffer, pub: Buffer): void {
+export function addPaygoAddressProof(psbt: bitgo.UtxoPsbt, outputIndex: number, sig: Buffer, pub: Buffer): void {
   psbt.addProprietaryKeyValToOutput(outputIndex, {
     key: {
-      identifier: PSBT_PROPRIETARY_IDENTIFIER,
-      subtype: ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
-      keydata: Buffer.from(pub)
+      identifier: bitgo.PSBT_PROPRIETARY_IDENTIFIER,
+      subtype: bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
+      keydata: pub,
     },
     value: sig,
   });
@@ -33,15 +30,16 @@ export function addPaygoAddressProof(psbt: UtxoPsbt, outputIndex: number, sig: B
  * @param psbt - PSBT we want to verify that the paygo address is in
  * @param outputIndex - we have the output index that address is in
  * @param pub - The public key that we want to verify the proof with
+ * @param message - The message we want to verify corresponding to sig
  * @returns
  */
-export function verifyPaygoAddressProof(psbt: UtxoPsbt, outputIndex: number, pub: Buffer): void {
+export function verifyPaygoAddressProof(psbt: bitgo.UtxoPsbt, outputIndex: number, message: Buffer): void {
   const stored = psbt.getOutputProprietaryKeyVals(outputIndex, {
-    identifier: PSBT_PROPRIETARY_IDENTIFIER,
-    subtype: ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
+    identifier: bitgo.PSBT_PROPRIETARY_IDENTIFIER,
+    subtype: bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
   });
   if (!stored) {
-    throw new Error('No address proof');
+    throw new Error(`No address proof.`);
   }
 
   // assert stored length is 0 or 1
@@ -52,23 +50,23 @@ export function verifyPaygoAddressProof(psbt: UtxoPsbt, outputIndex: number, pub
   }
 
   const signature = stored[0].value;
+  const pub = stored[0].key.keydata;
   // It doesn't matter that this is bitcoin or not, we just need to convert the public key buffer into an address format
   // for the verification
   const messageToVerify = toBase58Check(crypto.hash160(pub), networks.bitcoin.pubKeyHash, networks.bitcoin);
 
-  // TODO: need to figure out what the message is in this context
-  // Are we verifying the address of the PayGo? we can call getAddressFromScript given output index.
   if (!bitcoinMessage.verify(message, messageToVerify, signature)) {
     throw new Error('Cannot verify the paygo address signature with the provided pubkey.');
   }
+  // We should be verifying the address that was encoded into our message, not from our transaction output.
+  // We already do this because our message should be signed with our address
+  // which is the same one we used to verify the authenticity of the message given its signature as well.
+  const addressFromProof = extractAddressBufferFromPayGoAttestationProof(message);
 
-  const out = psbt.txOutputs[outputIndex];
-  assert(out);
-  const addressFromOutput = address.fromOutputScript(out.script, psbt.network);
-  const addressFromProof = extractAddressFromPayGoAttestationProof(message, addressFromOutput.length);
-  
-  if (addressFromProof !== addressFromOutput) {
-    throw new Error(`The address from the output (${addressFromOutput}) does not match the address that is in the proof (${addressFromProof}).`)
+  if (Buffer.compare(addressFromProof, Buffer.from(messageToVerify)) !== 0) {
+    throw new Error(
+      `The address from the output (${messageToVerify}) does not match the address that is in the proof (${addressFromProof}).`
+    );
   }
 }
 
@@ -79,19 +77,23 @@ export function verifyPaygoAddressProof(psbt: UtxoPsbt, outputIndex: number, pub
  * @param psbt
  * @returns number - the index of the output address
  */
-export function getPaygoAddressProofOutputIndex(psbt: UtxoPsbt): number | undefined {
+export function getPaygoAddressProofOutputIndex(psbt: bitgo.UtxoPsbt): number | undefined {
   const res = psbt.data.outputs.flatMap((output, outputIndex) => {
-    const proprietaryKeyVals = getPsbtOutputProprietaryKeyVals(output, {
-      identifier: PSBT_PROPRIETARY_IDENTIFIER,
-      subtype: ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
+    const proprietaryKeyVals = bitgo.getPsbtOutputProprietaryKeyVals(output, {
+      identifier: bitgo.PSBT_PROPRIETARY_IDENTIFIER,
+      subtype: bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
     });
 
+    if (proprietaryKeyVals.length > 1) {
+      throw new Error(`There are multiple PayGo addresses in the PSBT output ${outputIndex}.`);
+    }
+
     return proprietaryKeyVals.length === 0 ? [] : [outputIndex];
   });
 
   return res.length === 0 ? undefined : res[0];
 }
 
-export function psbtOutputIncludesPaygoAddressProof(psbt: UtxoPsbt): boolean {
+export function psbtOutputIncludesPaygoAddressProof(psbt: bitgo.UtxoPsbt): boolean {
   return getPaygoAddressProofOutputIndex(psbt) !== undefined;
 }

modules/utxo-core/src/paygo/psbt/index.ts

@@ -0,0 +1 @@
+export * from './PayGoUtils';

modules/utxo-core/test/paygo/psbt/PayGoUtils.ts

@@ -0,0 +1,136 @@
+import assert from 'assert';
+
+import * as bitcoinMessage from 'bitcoinjs-message';
+import { decodeProprietaryKey } from 'bip174/src/lib/proprietaryKeyVal';
+import { KeyValue } from 'bip174/src/lib/interfaces';
+import { checkForOutput } from 'bip174/src/lib/utils';
+import { bitgo, networks, testutil, bip32, crypto, address } from '@bitgo/utxo-lib';
+
+import {
+  addPaygoAddressProof,
+  getPaygoAddressProofOutputIndex,
+  psbtOutputIncludesPaygoAddressProof,
+  verifyPaygoAddressProof,
+} from '../../../src/paygo/psbt/PayGoUtils';
+import { generatePayGoAttestationProof } from '../../../src/testutil/generatePayGoAttestationProof.utils';
+
+// To construct our PSBTs
+const network = networks.bitcoin;
+const keys = [1, 2, 3].map((v) => bip32.fromSeed(Buffer.alloc(16, `test/2/${v}`), network));
+const rootWalletKeys = new bitgo.RootWalletKeys([keys[0], keys[1], keys[2]]);
+const psbtInputs = testutil.inputScriptTypes.map((scriptType) => ({ scriptType, value: BigInt(1000) }));
+const psbtOutputs = testutil.outputScriptTypes.map((scriptType) => ({ scriptType, value: BigInt(900) }));
+const dummyPub1 = rootWalletKeys.deriveForChainAndIndex(50, 200);
+// wallet pub and priv key for tbtc
+const attestationPubKey = dummyPub1.user.publicKey;
+const attestationPrvKey = dummyPub1.user.privateKey!;
+// const attestationPubKey =
+//   'xpub661MyMwAqRbcFU2Qx7pvGmmiQpVj8NcR7dSVpgqNChMkQyobpVWWERcrTb47WicmXwkhAY2VrC3hb29s18FDQWJf5pLm3saN6uLXAXpw1GV';
+// const attestationPrvKey = '3FlzrW1WuPbab2GWGyx+k/pHUNefDlw3SV0NQHLrWA+YEzqbvEQmosFGXMslYqtgpeIy6HiEoEvKzbNKM7yGY8GQHv7E++/sQRFDprOyklaW7GVyC2yEZe/LdaEfBvxf2VHBmu2hYubjsdHYF5+RQ3FhnyaNT+0=';
+// const keypair = ECPair.fromPrivateKey(Buffer.from(attestationPrvKey));
+
+// UUID structure
+const nilUUID = '00000000-0000-0000-0000-000000000000';
+
+// our xpub converted to base58 address
+const addressFromPubkey = address.toBase58Check(
+  crypto.hash160(Buffer.from(attestationPubKey)),
+  networks.bitcoin.pubKeyHash,
+  networks.bitcoin
+);
+// this should be retuning a Buffer
+const addressProofBuffer = generatePayGoAttestationProof(nilUUID, Buffer.from(addressFromPubkey));
+// signature with the given msg addressProofBuffer
+// console.log(attestationPrvKey)
+const sig = bitcoinMessage.sign(addressProofBuffer, attestationPrvKey!);
+
+function getTestPsbt() {
+  return testutil.constructPsbt(psbtInputs, psbtOutputs, network, rootWalletKeys, 'unsigned');
+}
+
+describe('addPaygoAddressProof and verifyPaygoAddressProof', () => {
+  function getPaygoProprietaryKey(proprietaryKeyVals: KeyValue[]) {
+    return proprietaryKeyVals
+      .map(({ key, value }) => {
+        return { key: decodeProprietaryKey(key), value };
+      })
+      .filter((keyValue) => {
+        return (
+          keyValue.key.identifier === bitgo.PSBT_PROPRIETARY_IDENTIFIER &&
+          keyValue.key.subtype === bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF
+        );
+      });
+  }
+
+  it("should fail a proof verification if the proof isn't valid", () => {
+    const outputIndex = 0;
+    const psbt = getTestPsbt();
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    const output = checkForOutput(psbt.data.outputs, outputIndex);
+    const proofInPsbt = getPaygoProprietaryKey(output.unknownKeyVals!);
+    assert(proofInPsbt.length === 1);
+    assert.throws(
+      () => verifyPaygoAddressProof(psbt, 0, Buffer.from('Random Signed Message')),
+      (e: any) => e.message === 'Cannot verify the paygo address signature with the provided pubkey.'
+    );
+  });
+
+  it('should add and verify a valid paygo address proof on the PSBT', () => {
+    const outputIndex = 0;
+    const psbt = getTestPsbt();
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    verifyPaygoAddressProof(psbt, outputIndex, Buffer.from(addressProofBuffer));
+  });
+
+  it('should throw an error if there are multiple PayGo proprietary keys in the PSBT', () => {
+    const outputIndex = 0;
+    const psbt = getTestPsbt();
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    addPaygoAddressProof(psbt, outputIndex, Buffer.from('signature2'), Buffer.from('fakepubkey2s'));
+    const output = checkForOutput(psbt.data.outputs, outputIndex);
+    const proofInPsbt = getPaygoProprietaryKey(output.unknownKeyVals!);
+    assert(proofInPsbt.length !== 0);
+    assert(proofInPsbt.length > 1);
+    assert.throws(
+      () => verifyPaygoAddressProof(psbt, outputIndex, addressProofBuffer),
+      (e: any) => e.message === 'There are multiple paygo address proofs encoded in the PSBT. Something went wrong.'
+    );
+  });
+});
+
+describe('verifyPaygoAddressProof', () => {
+  it('should throw an error if there is no PayGo address in PSBT', () => {
+    const psbt = getTestPsbt();
+    assert.throws(
+      () => verifyPaygoAddressProof(psbt, 0, addressProofBuffer),
+      (e: any) => e.message === 'There is no paygo address proof encoded in the PSBT at output 0.'
+    );
+  });
+});
+
+describe('getPaygoAddressProofIndex', () => {
+  it('should get PayGo address proof index from PSBT if there is one', () => {
+    const psbt = getTestPsbt();
+    const outputIndex = 0;
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    assert(psbtOutputIncludesPaygoAddressProof(psbt));
+    assert(getPaygoAddressProofOutputIndex(psbt) === 0);
+  });
+
+  it('should return undefined if there is no PayGo address proof in PSBT', () => {
+    const psbt = getTestPsbt();
+    assert(getPaygoAddressProofOutputIndex(psbt) === undefined);
+    assert(!psbtOutputIncludesPaygoAddressProof(psbt));
+  });
+
+  it('should return an error and fail if we have multiple PayGo address in the PSBT in the same output index', () => {
+    const psbt = getTestPsbt();
+    const outputIndex = 0;
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    addPaygoAddressProof(psbt, outputIndex, sig, Buffer.from('xpub12345abcdef29a028510d3b2d4'));
+    assert.throws(
+      () => getPaygoAddressProofOutputIndex(psbt),
+      (e: any) => e.message === 'There are multiple PayGo addresses in the PSBT output 0.'
+    );
+  });
+});

modules/utxo-lib/src/testutil/psbt.ts

@@ -261,26 +261,3 @@ export function verifyFullySignedSignatures(
     }
   });
 }
-
-/** We generate the PayGo attestation proof based on the private key, UUID, and address of our PayGo.
- * We create a random entropy of 64 bytes encoded to base58 and used to create the attestation proof
- * in the format 0x18Bitcoin Signed Message:\n<varint_length><ENTROPY><ADDRESS><UUID>
- * 
- * @param attestationPrvKey 
- * @param uuid 
- * @param address 
- */
-export function generatePayGoAttestationProof(attestationPrvKey: Buffer, uuid: string, address: Buffer): Buffer {
-  // This is our prefix to our bitcoin signed message
-  const prefixByte = Buffer.from([0x18]);
-  const signedMessagePrefix = Buffer.from('Bitcoin Signed Message:\n', 'utf8');
-  // We always create a 32 byte buffer array but we can implement a random
-  // function to generate between two ranges of our length of entropy
-  const entropy = Buffer.allocUnsafe(32);
-  crypto.getRandomValues(entropy);
-  const uuidToBuffer = Buffer.from(uuid, 'hex');
-  const signedMessageBufferRaw = Buffer.concat([prefixByte, signedMessagePrefix, entropy, address, uuidToBuffer]);
-  const varInt = Buffer.from([signedMessageBufferRaw.length]);
-  const fullResMessageBuffer = Buffer.concat([prefixByte, signedMessagePrefix, varInt, entropy, address, uuidToBuffer])l
-
-}