chore(utxo-core): refactored functions and debug tests

TICKET: BTC-2047

Author: christopher-fong

modules/utxo-core/src/paygo/psbt/PayGoUtils.ts

@@ -1,22 +1,18 @@
 import * as utxolib from '@bitgo/utxo-lib';
+import * as bitcoinMessage from 'bitcoinjs-message';
 import { checkForOutput } from 'bip174/src/lib/utils';
 
-import { extractAddressBufferFromPayGoAttestationProof } from '../ExtractAddressPayGoAttestation';
-import { verifyMessage } from '../../bip32utils';
-
 import {
   ErrorMultiplePayGoProof,
   ErrorMultiplePayGoProofAtPsbtIndex,
   ErrorNoPayGoProof,
   ErrorOutputIndexOutOfBounds,
   ErrorPayGoAddressProofFailedVerification,
-  ErrorProofAddressMismatchOutputAdress,
 } from './Errors';
 
-/** The function consumes the signature as a parameter and adds the PayGo address to the
- * PSBT output at the output index where the signature is of the format:
- * 0x18Bitcoin Signed Message:\n<varint_length><ENTROPY><ADDRESS><UUID> signed by
- * the HSM beforehand.
+/** This function adds the entropy and signature into the PSBT output unknown key vals.
+ * We store the entropy so that we reconstruct the message <varint_len><entropy><address><uuid>
+ * to later verify.
  *
  * @param psbt - PSBT that we need to encode our paygo address into
  * @param outputIndex - the index of the address in our output
@@ -26,13 +22,13 @@ export function addPayGoAddressProof(
   psbt: utxolib.bitgo.UtxoPsbt,
   outputIndex: number,
   sig: Buffer,
-  pub: Buffer
+  entropy: Buffer
 ): void {
   utxolib.bitgo.addProprietaryKeyValuesFromUnknownKeyValues(psbt, 'output', outputIndex, {
     key: {
       identifier: utxolib.bitgo.PSBT_PROPRIETARY_IDENTIFIER,
       subtype: utxolib.bitgo.ProprietaryKeySubtype.PAYGO_ADDRESS_ATTESTATION_PROOF,
-      keydata: pub,
+      keydata: entropy,
     },
     value: sig,
   });
@@ -42,15 +38,14 @@ export function addPayGoAddressProof(
  *
  * @param psbt - PSBT we want to verify that the paygo address is in
  * @param outputIndex - we have the output index that address is in
- * @param pub - The public key that we want to verify the proof with
- * @param message - The message we want to verify corresponding to sig
+ * @param uuid
  * @returns
  */
 export function verifyPayGoAddressProof(
   psbt: utxolib.bitgo.UtxoPsbt,
   outputIndex: number,
-  message: Buffer,
-  attestationPubKey: Buffer
+  uuid: string,
+  msg?: Buffer
 ): void {
   const psbtOutputs = checkForOutput(psbt.data.outputs, outputIndex);
   const stored = utxolib.bitgo.getProprietaryKeyValuesFromUnknownKeyValues(psbtOutputs, {
@@ -65,33 +60,23 @@ export function verifyPayGoAddressProof(
     throw new ErrorMultiplePayGoProof();
   }
 
+  // We get the signature and entropy from our PSBT unknown key vals
   const signature = stored[0].value;
-  const pub = stored[0].key.keydata;
-
-  // Check that the keydata pubkey is the same as the one we are verifying against
-  if (Buffer.compare(pub, attestationPubKey) !== 0) {
-    throw new Error('The public key in the PSBT does not match the provided public key.');
-  }
+  const entropy = stored[0].key.keydata;
 
-  // It doesn't matter that this is bitcoin or not, we just need to convert the public key buffer into an address format
-  // for the verification
-  if (!verifyMessage(message.toString(), pub, signature, utxolib.networks.bitcoin)) {
-    throw new ErrorPayGoAddressProofFailedVerification();
-  }
-
-  // We should be verifying the address that was encoded into our message.
-  const addressFromProof = extractAddressBufferFromPayGoAttestationProof(message).toString();
-
-  // Check that the address from the proof matches what is in the PSBT
+  // Get the the PayGo address from the txOutputs
   const txOutputs = psbt.txOutputs;
   if (outputIndex >= txOutputs.length) {
     throw new ErrorOutputIndexOutOfBounds(outputIndex);
   }
   const output = txOutputs[outputIndex];
   const addressFromOutput = utxolib.address.fromOutputScript(output.script, psbt.network);
 
-  if (addressFromProof !== addressFromOutput) {
-    throw new ErrorProofAddressMismatchOutputAdress(addressFromProof, addressFromOutput);
+  // We construct our message <ENTROPY><ADDRESS><UUID>
+  const message = Buffer.concat([entropy, Buffer.from(addressFromOutput), Buffer.from(uuid)]);
+
+  if (!bitcoinMessage.verify(message, addressFromOutput, signature, utxolib.networks.bitcoin.messagePrefix)) {
+    throw new ErrorPayGoAddressProofFailedVerification();
   }
 }
 

modules/utxo-core/src/testutil/index.ts

@@ -2,3 +2,4 @@ export * from './fixtures.utils';
 export * from './key.utils';
 export * from './toPlainObject.utils';
 export * from './generatePayGoAttestationProof.utils';
+export * from './parseVaspProof';

modules/utxo-core/src/testutil/parseVaspProof.ts

@@ -0,0 +1,25 @@
+import * as utxolib from '@bitgo/utxo-lib';
+
+/** We receive a proof in the form:
+ * 0x18Bitcoin Signed Message:\n<varint_length><ENTROPY><ADDRESS><UUID>
+ * and when verifying our message in our PayGo utils we want to only verify
+ * the message portion of our proof. This helps to pare our proof in that format,
+ * and returns a Buffer.
+ *
+ * @param proof
+ * @returns
+ */
+export function parseVaspProof(proof: Buffer): Buffer {
+  const prefix = '\u0018Bitcoin Signed Message:\n';
+  if (proof.toString().startsWith(prefix)) {
+    proof = proof.slice(Buffer.from(prefix).length);
+    utxolib.bufferutils.varuint.decode(proof, 0);
+    // Determines how many bytes were consumed during our last varuint.decode(Buffer, offset)
+    // So if varuint.decode(0xfd) then varuint.decode.bytes = 3
+    // varuint.decode(0xfe) then varuint.decode.bytes = 5, etc.
+    const varintBytesLength = utxolib.bufferutils.varuint.decode.bytes;
+
+    proof.slice(varintBytesLength);
+  }
+  return proof;
+}

modules/utxo-core/test/paygo/psbt/PayGoUtils.ts

@@ -1,6 +1,8 @@
 import assert from 'assert';
+import crypto from 'crypto';
 
 import * as utxolib from '@bitgo/utxo-lib';
+import * as bitcoinMessage from 'bitcoinjs-message';
 import { decodeProprietaryKey } from 'bip174/src/lib/proprietaryKeyVal';
 import { KeyValue } from 'bip174/src/lib/interfaces';
 import { checkForOutput } from 'bip174/src/lib/utils';
@@ -12,7 +14,8 @@ import {
   verifyPayGoAddressProof,
 } from '../../../src/paygo/psbt/PayGoUtils';
 import { generatePayGoAttestationProof } from '../../../src/testutil/generatePayGoAttestationProof.utils';
-import { signMessage } from '../../../src/bip32utils';
+import { parseVaspProof } from '../../../src/testutil/parseVaspProof';
+// import { signMessage } from '../../../src/bip32utils';
 
 // To construct our PSBTs
 const network = utxolib.networks.bitcoin;
@@ -46,8 +49,12 @@ const addressToVerify = utxolib.address.toBase58Check(
 
 // this should be retuning a Buffer
 const addressProofBuffer = generatePayGoAttestationProof(nilUUID, Buffer.from(addressToVerify));
+const addressProofMsgBuffer = parseVaspProof(addressProofBuffer);
+// We know that that the entropy is a set 64 bytes.
+const addressProofEntropy = addressProofMsgBuffer.subarray(0, 65);
+
 // signature with the given msg addressProofBuffer
-const sig = signMessage(addressProofBuffer.toString(), attestationPrvKey!, network);
+const sig = bitcoinMessage.sign(addressProofMsgBuffer, attestationPrvKey!, true);
 
 function getTestPsbt() {
   return utxolib.testutil.constructPsbt(psbtInputs, psbtOutputs, network, rootWalletKeys, 'unsigned');
@@ -67,15 +74,15 @@ describe('addPaygoAddressProof and verifyPaygoAddressProof', () => {
       });
   }
 
-  it("should fail a proof verification if the proof isn't valid", () => {
+  it('should fail a proof verification with wrong UUID', () => {
     const outputIndex = 0;
     const psbt = getTestPsbt();
-    addPayGoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
+    addPayGoAddressProof(psbt, outputIndex, sig, addressProofEntropy);
     const output = checkForOutput(psbt.data.outputs, outputIndex);
     const proofInPsbt = getPaygoProprietaryKey(output.unknownKeyVals!);
     assert(proofInPsbt.length === 1);
     assert.throws(
-      () => verifyPayGoAddressProof(psbt, 0, Buffer.from('Random Signed Message'), attestationPubKey),
+      () => verifyPayGoAddressProof(psbt, 0, '00000000-0000-0000-0000-000000000001'),
       (e: any) => e.message === 'Cannot verify the paygo address signature with the provided pubkey.'
     );
   });
@@ -84,21 +91,21 @@ describe('addPaygoAddressProof and verifyPaygoAddressProof', () => {
     const psbt = getTestPsbt();
     psbt.addOutput({ script: utxolib.address.toOutputScript(addressToVerify, network), value: BigInt(10000) });
     const outputIndex = psbt.data.outputs.length - 1;
-    addPayGoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
-    verifyPayGoAddressProof(psbt, outputIndex, Buffer.from(addressProofBuffer), attestationPubKey);
+    addPayGoAddressProof(psbt, outputIndex, sig, addressProofEntropy);
+    verifyPayGoAddressProof(psbt, outputIndex, nilUUID, Buffer.from(addressToVerify));
   });
 
   it('should throw an error if there are multiple PayGo proprietary keys in the PSBT', () => {
     const outputIndex = 0;
     const psbt = getTestPsbt();
-    addPayGoAddressProof(psbt, outputIndex, sig, Buffer.from(attestationPubKey));
-    addPayGoAddressProof(psbt, outputIndex, Buffer.from('signature2'), Buffer.from('fakepubkey2s'));
+    addPayGoAddressProof(psbt, outputIndex, sig, addressProofEntropy);
+    addPayGoAddressProof(psbt, outputIndex, Buffer.from('signature2'), crypto.randomBytes(64));
     const output = checkForOutput(psbt.data.outputs, outputIndex);
     const proofInPsbt = getPaygoProprietaryKey(output.unknownKeyVals!);
     assert(proofInPsbt.length !== 0);
     assert(proofInPsbt.length > 1);
     assert.throws(
-      () => verifyPayGoAddressProof(psbt, outputIndex, addressProofBuffer, attestationPubKey),
+      () => verifyPayGoAddressProof(psbt, outputIndex, nilUUID),
       (e: any) => e.message === 'There are multiple paygo address proofs encoded in the PSBT. Something went wrong.'
     );
   });
@@ -108,7 +115,7 @@ describe('verifyPaygoAddressProof', () => {
   it('should throw an error if there is no PayGo address in PSBT', () => {
     const psbt = getTestPsbt();
     assert.throws(
-      () => verifyPayGoAddressProof(psbt, 0, addressProofBuffer, attestationPubKey),
+      () => verifyPayGoAddressProof(psbt, 0, nilUUID),
       (e: any) => e.message === 'There is no paygo address proof encoded in the PSBT at output 0.'
     );
   });