@samouraiwallet/bitcoinjs-message

@samouraiwallet/bitcoinjs-message

This is a fork of the original bitcoinjs-message library with minor changes:

• codebase updated to use UInt8Array instead of Buffer - thus making this library browser-compatible without any shims
• package type changed to ESModule instead of CommonJS
• source rewritten to Typescript
• accepting ecc library as an argument for factory function
• updated tests to reflect these changes

Usage

import * as ecc from 'tiny-secp256k1';
import { bitcoinMessageFactory, magicHash } from '@samouraiwallet/bitcoinjs-message'

// You must wrap a tiny-secp256k1 compatible implementation
const { sign, signAsync, verify } = bitcoinMessageFactory(ecc);

Original Readme

Examples (Note about Electrum support at the bottom)

var bitcoin = require('bitcoinjs-lib') // v4.x.x
var bitcoinMessage = require('bitcoinjs-message')

sign(message, privateKey, compressed[, network.messagePrefix, sigOptions])

• If you pass the sigOptions arg instead of messagePrefix it will dynamically replace.
• sigOptions contains two attributes
  • segwitType should be one of 'p2sh(p2wpkh)' or 'p2wpkh'
  • extraEntropy will be used to create non-deterministic signatures using the RFC6979 extra entropy parameter. R value reuse is not an issue.

Sign a Bitcoin message

var keyPair = bitcoin.ECPair.fromWIF('L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1')
var privateKey = keyPair.privateKey
var message = 'This is an example of a signed message.'

var signature = bitcoinMessage.sign(message, privateKey, keyPair.compressed)
console.log(signature.toString('base64'))
// => 'H9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk='

To produce non-deterministic signatures you can pass an extra option to sign()

var { randomBytes } = require('crypto')
var keyPair = bitcoin.ECPair.fromWIF('L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1')
var privateKey = keyPair.privateKey
var message = 'This is an example of a signed message.'

var signature = bitcoinMessage.sign(message, privateKey, keyPair.compressed, { extraEntropy: randomBytes(32) })
console.log(signature.toString('base64'))
// => different (but valid) signature each time

Sign a Bitcoin message (with segwit addresses)

// P2SH(P2WPKH) address 'p2sh(p2wpkh)'
var signature = bitcoinMessage.sign(message, privateKey, keyPair.compressed, { segwitType: 'p2sh(p2wpkh)' })
console.log(signature.toString('base64'))
// => 'I9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk='

// P2WPKH address 'p2wpkh'
var signature = bitcoinMessage.sign(message, privateKey, keyPair.compressed, { segwitType: 'p2wpkh' })
console.log(signature.toString('base64'))
// => 'J9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk='

Sign a Bitcoin message using a Signer interface.

var keyPair = bitcoin.ECPair.fromWIF('L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1')
var privateKey = keyPair.privateKey
var message = 'This is an example of a signed message.'

var secp256k1 = require('secp256k1')
// Notice we are using the privateKey var from the outer scope inside the sign function.
var signer = { sign: (hash, extraData) => secp256k1.sign(hash, privateKey, { data: extraData }) }

var signature = bitcoinMessage.sign(message, signer, keyPair.compressed)
console.log(signature.toString('base64'))
// => 'H9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk='

signAsync(message, privateKey, compressed[, network.messagePrefix, sigOptions]) Same as sign, except returns a promise, and can accept a SignerAsync interface instead of privateKey

Sign a Bitcoin message asynchronously

var keyPair = bitcoin.ECPair.fromWIF('L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1')
var privateKey = keyPair.privateKey
var message = 'This is an example of a signed message.'

bitcoinMessage.signAsync(message, privateKey, keyPair.compressed).then(signature => {
  console.log(signature.toString('base64'))
})
// => 'H9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk='

Sign a Bitcoin message asynchronously using SignerAsync interface

var keyPair = bitcoin.ECPair.fromWIF('L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1')
var privateKey = keyPair.privateKey
var message = 'This is an example of a signed message.'

var secp256k1 = require('secp256k1')
// Note that a Signer will also work
var signerAsync = { sign: (hash, extraData) => Promise.resolve(secp256k1.sign(hash, privateKey, { data: extraData })) }
var signer = { sign: (hash, extraData) => secp256k1.sign(hash, privateKey, { data: extraData }) }

bitcoinMessage.signAsync(message, signerAsync, keyPair.compressed).then(signature => {
  console.log(signature.toString('base64'))
})
// => 'H9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk='
bitcoinMessage.signAsync(message, signer, keyPair.compressed).then(signature => {
  console.log(signature.toString('base64'))
})
// => 'H9L5yLFjti0QTHhPyFrZCT1V/MMnBtXKmoiKDZ78NDBjERki6ZTQZdSMCtkgoNmp17By9ItJr8o7ChX0XxY91nk='

verify(message, address, signature[, network.messagePrefix, checkSegwitAlways])

Verify a Bitcoin message

var address = '1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV'

console.log(bitcoinMessage.verify(message, address, signature))
// => true

About Electrum segwit signature support

• For Signing: Use the non-segwit compressed signing parameters for both segwit types (p2sh-p2wpkh and p2wpkh)
• For Verifying: Pass the checkSegwitAlways argument as true. (messagePrefix should be set to null to default to Bitcoin messagePrefix)

LICENSE MIT