Merge pull request #46 from coderofstuff/support-p2sh

Support P2SH send address

Author: coderofstuff

doc/COMMANDS.md

@@ -83,7 +83,7 @@ Transactions signed with ECDSA are currently not supported.
 | P1 Value | Usage | CData |
 | --- | --- | --- |
 | 0x00 | Sending transaction metadata | `version (2)` \|\| `output_len (1)` \|\| `input_len (1)` |
-| 0x01 | Sending a tx output | `value (8)` \|\| `script_public_key (32/33)` |
+| 0x01 | Sending a tx output | `value (8)` \|\| `script_public_key (34/35)` |
 | 0x02 | Sending a tx input | `value (8)` \|\| `tx_id (32)` \|\| `address_type (1)` \|\| `address_index (4)` \|\| `outpoint_index (1)` |
 | 0x03 | Requesting for next signature | - |
 

doc/TRANSACTION.md

@@ -10,7 +10,7 @@ The base unit in Kaspa is the KAS and the smallest unit used in raw transaction
 
 ## Address format
 
-Kaspa addresses begin with `kaspa:` followed by 61 base32 characters for a total of `67` bytes for Schnorr-signed addresses.
+Kaspa addresses begin with `kaspa:` followed by 61 base32 characters for a total of `67` bytes for Schnorr-signed and P2SH addresses. P2SH addresses are supported only as a send address by this app.
 
 For ECDSA-signed addresses (supported by this app only as a send address), it begins with `kaspa:` followed by 63 bytes for a total of `69` bytes.
 
@@ -54,7 +54,7 @@ Total bytes: 43 (max)
 | Field | Size (bytes) | Description |
 | --- | --- | --- |
 | `value` | 8 | The amount of KAS in sompi that will go send to the address |
-| `script_public_key` | 35 | Schnorr: `20` + public_key (32 bytes) + `ac` <br/> ECDSA: `20` + public_key (33 bytes) + `ab` |
+| `script_public_key` | 35 | Schnorr: `20` + public_key (32 bytes) + `ac` <br/> ECDSA: `20` + public_key (33 bytes) + `ab` <br/> P2SH: `aa20` + public_key (32 bytes) + `87` |
 
 ### Transaction Requirements
 - Fee = (total inputs amount) - (total outputs amount)

src/address.c

@@ -35,15 +35,17 @@ size_t compress_public_key(const uint8_t public_key[static 64],
                            address_type_e address_type,
                            uint8_t *out) {
     size_t compressed_pub_size = 0;
-    if (address_type == SCHNORR) {
+    if (address_type == SCHNORR || address_type == P2SH) {
         compressed_pub_size = 32;
         memmove(out, public_key, 32);
-    } else {
+    } else if (address_type == ECDSA) {
         compressed_pub_size = 33;
         // If Y coord is even, first byte is 0x02. if odd then 0x03
         out[0] = public_key[63] % 2 == 0 ? 0x02 : 0x03;
         // We copy starting from the 2nd byte
         memmove(out + 1, public_key, 32);
+    } else {
+        return 0;
     }
 
     return compressed_pub_size;
@@ -61,6 +63,9 @@ bool address_from_pubkey(const uint8_t public_key[static 64],
     if (address_type == ECDSA) {
         address_len = ECDSA_ADDRESS_LEN;
         version = 1;
+    } else if (address_type == P2SH) {
+        address_len = SCHNORR_ADDRESS_LEN;
+        version = 8;
     }
 
     if (out_len < address_len) {
@@ -79,6 +84,10 @@ bool address_from_pubkey(const uint8_t public_key[static 64],
     size_t compressed_pub_size =
         compress_public_key(public_key, address_type, compressed_public_key);
 
+    if (compressed_pub_size == 0) {
+        return false;
+    }
+
     // First part of the address is "kaspa:"
     memmove(address, hrp, sizeof(hrp));
     address[5] = ':';

src/sighash.c

@@ -122,12 +122,21 @@ static void calc_outputs_hash(transaction_t* tx, uint8_t* out_hash) {
                     inner_buffer,
                     2);  // Write the output script version, assume 0
 
-        // First byte is always the length of the following public key
-        // Last byte is always 0xac (op code for normal transactions)
-        uint8_t script_len = tx->tx_outputs[i].script_public_key[0] + 2;
-        write_u64_le(inner_buffer,
-                     0,
-                     script_len);  // Write the number of bytes of the script public key
+        uint8_t script_len = 0;
+        if (tx->tx_outputs[i].script_public_key[0] == 0xaa) {
+            // P2SH script public key is always 35 bytes,
+            // always begins with 0xaa and ends with 0x87
+            script_len = 35;
+            write_u64_le(inner_buffer, 0, 35);
+        } else {
+            // First byte is always the length of the following public key
+            // Last byte is always 0xac (op code for normal transactions)
+            script_len = tx->tx_outputs[i].script_public_key[0] + 2;
+            write_u64_le(inner_buffer,
+                         0,
+                         script_len);  // Write the number of bytes of the script public key
+        }
+
         hash_update(&inner_hash_writer, inner_buffer, 8);
         hash_update(&inner_hash_writer, tx->tx_outputs[i].script_public_key, script_len);
     }

src/transaction/deserialize.c

@@ -34,8 +34,30 @@ parser_status_e transaction_output_deserialize(buffer_t *buf, transaction_output
     }
 
     size_t script_len = (size_t) * (buf->ptr + buf->offset);
-    // Can only be length 32 or 33. Fail it otherwise:
-    if (script_len == 0x20 || script_len == 0x21) {
+
+    if (script_len == OP_BLAKE2B) {
+        // P2SH = 0xaa + 0x20 + (pubkey) + 0x87
+        // script len is actually the second byte if the first one is 0xaa
+        script_len = (size_t) * (buf->ptr + buf->offset + 1);
+
+        if (!buffer_can_read(buf, script_len + 3)) {
+            return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
+        }
+
+        uint8_t sig_op_code = *(buf->ptr + buf->offset + script_len + 2);
+
+        if (script_len == 0x20 && sig_op_code != OP_EQUAL) {
+            return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
+        }
+
+        memcpy(txout->script_public_key, buf->ptr + buf->offset, script_len + 3);
+
+        if (!buffer_seek_cur(buf, script_len + 3)) {
+            return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
+        }
+    } else if (script_len == 0x20 || script_len == 0x21) {
+        // P2PK
+        // Can only be length 32 or 33. Fail it otherwise:
         if (!buffer_can_read(buf, script_len + 2)) {
             return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
         }
@@ -48,11 +70,11 @@ parser_status_e transaction_output_deserialize(buffer_t *buf, transaction_output
         }
 
         memcpy(txout->script_public_key, buf->ptr + buf->offset, script_len + 2);
-    } else {
-        return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
-    }
 
-    if (!buffer_seek_cur(buf, script_len + 2)) {
+        if (!buffer_seek_cur(buf, script_len + 2)) {
+            return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
+        }
+    } else {
         return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
     }
 

src/transaction/serialize.c

@@ -82,11 +82,19 @@ int transaction_output_serialize(const transaction_output_t *txout, uint8_t *out
     write_u64_be(out, offset, txout->value);
     offset += 8;
 
-    size_t script_len = txout->script_public_key[0];
+    if (txout->script_public_key[0] == OP_BLAKE2B) {
+        size_t script_len = txout->script_public_key[1];
 
-    memcpy(out + offset, txout->script_public_key, script_len + 2);
+        memcpy(out + offset, txout->script_public_key, script_len + 3);
 
-    offset += script_len + 2;
+        offset += script_len + 3;
+    } else {
+        size_t script_len = txout->script_public_key[0];
+
+        memcpy(out + offset, txout->script_public_key, script_len + 2);
+
+        offset += script_len + 2;
+    }
 
     return (int) offset;
 }

src/transaction/types.h

@@ -60,8 +60,10 @@ typedef enum {
  * Enumeration of op codes
  */
 typedef enum {
-    OP_CHECKSIG = 0xac,      // Used for SCHNORR output
-    OP_CHECKSIGECDSA = 0xab  // Used for ECDSA output
+    OP_CHECKSIG = 0xac,       // Used for SCHNORR output
+    OP_CHECKSIGECDSA = 0xab,  // Used for ECDSA output
+    OP_BLAKE2B = 0xaa,        // Used for P2SH (start)
+    OP_EQUAL = 0x87           // Used for P2SH (end)
 } op_code_e;
 
 typedef struct {
@@ -75,7 +77,7 @@ typedef struct {
 
 typedef struct {
     uint64_t value;
-    uint8_t script_public_key[35];  // In hex: 20 + public_key_hex + ac (34/35 bytes total)
+    uint8_t script_public_key[40];  // In hex: 20 + public_key_hex + ac (34/35 bytes total)
 } transaction_output_t;
 
 typedef struct {

src/transaction/utils.c

@@ -41,11 +41,15 @@ bool transaction_utils_check_encoding(const uint8_t* memo, uint64_t memo_len) {
 void script_public_key_to_address(uint8_t* out_address, uint8_t* in_script_public_key) {
     uint8_t public_key[64] = {0};
     // public script keys begin with the length, followed by the amount of data
-    size_t data_len = (size_t) in_script_public_key[0];
+    size_t first_byte = (size_t) in_script_public_key[0];
     address_type_e type = SCHNORR;
     size_t address_len = SCHNORR_ADDRESS_LEN;
 
-    if (data_len == 0x21) {
+    if (first_byte == 0xaa) {
+        type = P2SH;
+        address_len = SCHNORR_ADDRESS_LEN;
+        memmove(public_key, in_script_public_key + 2, 32);
+    } else if (first_byte == 0x21) {
         // We're dealing with ECDSA instead:
         type = ECDSA;
         address_len = ECDSA_ADDRESS_LEN;

src/types.h

@@ -75,7 +75,8 @@ typedef enum {
 
 typedef enum {
     SCHNORR,  // Display the 61 byte address for schnorr
-    ECDSA     // Display the 63 byte address for ecdsa
+    ECDSA,    // Display the 63 byte address for ecdsa
+    P2SH      // Display the 61 byte address for p2sh (also schnorr)
 } address_type_e;
 
 /**

tests/application_client/kaspa_transaction.py

@@ -179,7 +179,11 @@ def _calc_outputs_hash(self) -> bytes:
         for txout in self.tx.outputs:
             inner_hash.update(txout.value.to_bytes(8, "little"))
             inner_hash.update((0).to_bytes(2, "little")) # assume script version 0
-            inner_hash.update((txout.script_public_key[0] + 2).to_bytes(8, "little"))
+            if txout.script_public_key[0] == 0xaa:
+                inner_hash.update((35).to_bytes(8, "little"))
+            else:
+                inner_hash.update((txout.script_public_key[0] + 2).to_bytes(8, "little"))
+
             inner_hash.update(txout.script_public_key)
 
         return inner_hash.digest()