# README
txscript
Package txscript implements the bitcoin transaction script language. There is a comprehensive test suite.
This package has intentionally been designed so it can be used as a standalone package for any projects needing to use or validate bitcoin transaction scripts.
Bitcoin Scripts
Bitcoin provides a stack-based, FORTH-like language for the scripts in the bitcoin transactions. This language is not turing complete although it is still fairly powerful. A description of the language can be found at https://en.bitcoin.it/wiki/Script
Installation and Updating
$ go get -u github.com/bitweb-project/bted/txscript
Examples
-
Standard Pay-to-pubkey-hash Script
Demonstrates creating a script which pays to a bitcoin address. It also prints the created script hex and uses the DisasmString function to display the disassembled script. -
Extracting Details from Standard Scripts
Demonstrates extracting information from a standard public key script. -
Manually Signing a Transaction Output
Demonstrates manually creating and signing a redeem transaction. -
Counting Opcodes in Scripts
Demonstrates creating a script tokenizer instance and using it to count the number of opcodes a script contains.
GPG Verification Key
All official release tags are signed by Conformal so users can ensure the code has not been tampered with and is coming from the bitweb-project developers. To verify the signature perform the following:
-
Download the public key from the Conformal website at https://opensource.conformal.com/GIT-GPG-KEY-conformal.txt
-
Import the public key into your GPG keyring:
gpg --import GIT-GPG-KEY-conformal.txt -
Verify the release tag with the following command where
TAG_NAMEis a placeholder for the specific tag:git tag -v TAG_NAME
License
Package txscript is licensed under the copyfree ISC License.
# Functions
AssembleTaprootScriptTree constructs a new fully indexed tapscript tree given a series of leaf nodes.
AsSmallInt returns the passed opcode, which must be true according to IsSmallInt(), as an integer.
CalcMultiSigStats returns the number of public keys and signatures from a multi-signature transaction script.
CalcScriptInfo returns a structure providing data about the provided script pair.
CalcSignatureHash will, given a script and hash type for the current script engine instance, calculate the signature hash to be used for signing and verification.
CalcTaprootSignatureHash computes the sighash digest of a transaction's taproot-spending input using the new sighash digest algorithm described in BIP 341.
CalcTaprootSignatureHash is similar to CalcTaprootSignatureHash but for _tapscript_ spends instead.
CalcWitnessSigHash computes the sighash digest for the specified input of the target transaction observing the desired sig hash type.
ComputePkScript computes the script of an output by looking at the spending input's signature script or witness.
ComputeTaprootKeyNoScript calculates the top-level taproot output key given an internal key, and a desire that the only way an output can be spent is with the keyspend path.
ComputeTaprootOutputKey calculates a top-level taproot output key given an internal key, and tapscript merkle root.
DisableLog disables all library log output.
DisasmString formats a disassembled script for one line printing.
ExtractAtomicSwapDataPushes returns the data pushes from an atomic swap contract.
ExtractPkScriptAddrs returns the type of script, addresses and required signatures associated with the passed PkScript.
ExtractWitnessProgramInfo attempts to extract the witness program version, as well as the witness program itself from the passed script.
GetPreciseSigOpCount returns the number of signature operations in scriptPubKey.
GetScriptClass returns the class of the script passed.
GetSigOpCount provides a quick count of the number of signature operations in a script.
GetWitnessSigOpCount returns the number of signature operations generated by spending the passed pkScript with the specified witness, or sigScript.
IsErrorCode returns whether or not the provided error is a script error with the provided error code.
IsMultisigScript returns whether or not the passed script is a standard multisignature script.
IsMultisigSigScript returns whether or not the passed script appears to be a signature script which consists of a pay-to-script-hash multi-signature redeem script.
IsNullData returns true if the passed script is a null data script, false otherwise.
IsPayToPubKey returns true if the script is in the standard pay-to-pubkey (P2PK) format, false otherwise.
IsPayToPubKeyHash returns true if the script is in the standard pay-to-pubkey-hash (P2PKH) format, false otherwise.
IsPayToScriptHash returns true if the script is in the standard pay-to-script-hash (P2SH) format, false otherwise.
IsPayToTaproot returns true if if the passed script is a standard pay-to-taproot (PTTR) scripts, and false otherwise.
IsPayToWitnessPubKeyHash returns true if the is in the standard pay-to-witness-pubkey-hash (P2WKH) format, false otherwise.
IsPayToWitnessScriptHash returns true if the is in the standard pay-to-witness-script-hash (P2WSH) format, false otherwise.
IsPushOnlyScript returns whether or not the passed script only pushes data according to the consensus definition of pushing data.
IsSmallInt returns whether or not the opcode is considered a small integer, which is an OP_0, or OP_1 through OP_16.
IsUnspendable returns whether the passed public key script is unspendable, or guaranteed to fail at execution.
IsWitnessProgram returns true if the passed script is a valid witness program which is encoded according to the passed witness program version.
MakeScriptNum interprets the passed serialized bytes as an encoded integer and returns the result as a script number.
MakeScriptTokenizer returns a new instance of a script tokenizer.
MultiSigScript returns a valid script for a multisignature redemption where nrequired of the keys in pubkeys are required to have signed the transaction for success.
NewBaseTapLeaf returns a new TapLeaf for the specified script, using the current base leaf version (BIP 342).
NewCannedPrevOutputFetcher returns an instance of a CannedPrevOutputFetcher that can only return the TxOut defined by the passed script and amount.
NewEngine returns a new script engine for the provided public key script, transaction, and input index.
NewHashCache returns a new instance of the HashCache given a maximum number of entries which may exist within it at anytime.
NewIndexedTapScriptTree creates a new empty tapscript tree that has enough space to hold information for the specified amount of leaves.
NewMultiPrevOutFetcher returns an instance of a PrevOutputFetcher that's backed by an optional map which is used as an input source.
NewScriptBuilder returns a new instance of a script builder.
NewScriptClass returns the ScriptClass corresponding to the string name provided as argument.
NewSigCache creates and initializes a new instance of SigCache.
NewTapBranch creates a new internal branch from a left and right node.
NewTapLeaf returns a new TapLeaf with the given leaf version and script to be committed to.
NewTxSigHashes computes, and returns the cached sighashes of the given transaction.
NullDataScript creates a provably-prunable script containing OP_RETURN followed by the passed data.
ParseControlBlock attempts to parse the raw bytes of a control block.
ParsePkScript parses an output script into the PkScript struct.
PayToAddrScript creates a new script to pay a transaction output to a the specified address.
PayToTaprootScript creates a pk script for a pay-to-taproot output key.
PushedData returns an array of byte slices containing any pushed data found in the passed script.
RawTxInSignature returns the serialized ECDSA signature for the input idx of the given transaction, with hashType appended to it.
RawTxInTaprootSignature returns a valid schnorr signature required to perform a taproot key-spend of the specified input.
RawTxInTapscriptSignature computes a raw schnorr signature for a signature generated from a tapscript leaf.
RawTxInWitnessSignature returns the serialized ECDA signature for the input idx of the given transaction, with the hashType appended to it.
ScriptHasOpSuccess returns true if any op codes in the script contain an OP_SUCCESS op code.
SignatureScript creates an input signature script for tx to spend BTE sent from a previous output to the owner of privKey.
SignTxOutput signs output idx of the given tx to resolve the script given in pkScript with a signature type of hashType.
TaprootWitnessSignature returns a valid witness stack that can be used to spend the key-spend path of a taproot input as specified in BIP 342 and BIP 86.
TweakTaprootPrivKey applies the same operation as ComputeTaprootOutputKey, but on the private key instead.
UseLogger uses a specified Logger to output package logging info.
VerifyTaprootKeySpend attempts to verify a top-level taproot key spend, returning a non-nil error if the passed signature is invalid.
VerifyTaprootLeafCommitment attempts to verify a taproot commitment of the revealed script within the taprootWitnessProgram (a schnorr public key) given the required information included in the control block.
WithAnnex is a functional option that allows the caller to specify the existence of an annex in the final witness stack for the taproot/tapscript spends.
WithBaseTapscriptVersion is a functional option that specifies that the sighash digest should include the extra information included as part of the base tapscript version.
WithScriptAllocSize specifies the initial size of the backing array for the script builder.
WitnessSignature creates an input witness stack for tx to spend BTE sent from a previous output to the owner of privKey using the p2wkh script template.
# Constants
BaseLeafVersion is the base tapscript leaf version.
BaseSegwitWitnessVersion is the original witness version that defines the initial set of segwit validation logic.
ControlBlockBaseSize is the base size of a control block.
ControlBlockMaxNodeCount is the max number of nodes that can be included in a control block.
ControlBlockMaxSize is the max possible size of a control block.
ControlBlockNodeSize is the size of a given merkle branch hash in the control block.
ErrCheckSigVerify is returned when OP_CHECKMULTISIGVERIFY is encountered in a script and the top item on the data stack does not evaluate to true.
ErrCheckSigVerify is returned when OP_CHECKSIGVERIFY is encountered in a script and the top item on the data stack does not evaluate to true.
ErrCleanStack is returned when the ScriptVerifyCleanStack flag is set, and after evalution, the stack does not contain only a single element.
ErrControlBlockInvalidLength is returned when the control block, without the public key isn't a multiple of 32.
ErrControlBlockTooLarge is returned when the control block is larger than the largest possible proof for a merkle script tree.
ErrControlBlockTooSmall is returned when a parsed control block is less than 33 bytes.
ErrDisabledOpcode is returned when a disabled opcode is encountered in a script.
ErrDiscourageOpSuccess is returned if ScriptVerifyDiscourageOpSuccess is active, and a OP_SUCCESS op code is encountered during tapscript validation.
ErrDiscourageUpgradableNOPs is returned when the ScriptDiscourageUpgradableNops flag is set and a NOP opcode is encountered in a script.
ErrDiscourageUpgradableWitnessProgram is returned if ScriptVerifyWitness is set and the versino of an executing witness program is outside the set of currently defined witness program vesions.
ErrDiscourageUpgradeableTaprootVersion is returned if during tapscript execution, we encoutner a public key that isn't 0 or 32 bytes.
ErrDiscourageUpgradeableTaprootVersion is returned if ScriptVerifyDiscourageUpgradeableTaprootVersion is active and a leaf version encountered isn't the base leaf version.
ErrEarlyReturn is returned when OP_RETURN is executed in the script.
ErrElementTooBig is returned if the size of an element to be pushed to the stack is over MaxScriptElementSize.
ErrEmptyStack is returned when the script evaluated without error, but terminated with an empty top stack element.
ErrEqualVerify is returned when OP_EQUALVERIFY is encountered in a script and the top item on the data stack does not evaluate to true.
ErrEvalFalse is returned when the script evaluated without error but terminated with a false top stack element.
ErrInternal is returned if internal consistency checks fail.
ErrInvalidFlags is returned when the passed flags to NewEngine contain an invalid combination.
ErrInvalidIndex is returned when an out-of-bounds index is passed to a function.
ErrScriptDone is returned when an attempt to execute an opcode is made once all of them have already been executed.
ErrInvalidPubKeyCount is returned when the number of public keys specified for a multsig is either negative or greater than MaxPubKeysPerMultiSig.
ErrInvalidSigHashType is returned when a signature hash type is not one of the supported types.
ErrInvalidSignatureCount is returned when the number of signatures specified for a multisig is either negative or greater than the number of public keys.
ErrInvalidStackOperation is returned when a stack operation is attempted with a number that is invalid for the current stack size.
ErrInvalidTaprootSigLen is returned when taproot signature isn't 64 or 65 bytes.
ErrMalformedPush is returned when a data push opcode tries to push more bytes than are left in the script.
ErrMinimalData is returned when the ScriptVerifyMinimalData flag is set and the script contains push operations that do not use the minimal opcode required.
ErrMinimalIf is returned if ScriptVerifyWitness is set and the operand of an OP_IF/OP_NOF_IF are not either an empty vector or [0x01].
ErrNegativeLockTime is returned when a script contains an opcode that interprets a negative lock time.
ErrNotMultisigScript is returned from CalcMultiSigStats when the provided script is not a multisig script.
ErrNotPushOnly is returned when a script that is required to only push data to the stack performs other operations.
ErrNullFail is returned when the ScriptVerifyNullFail flag is set and signatures are not empty on failed checksig or checkmultisig operations.
ErrNumberTooBig is returned when the argument for an opcode that expects numeric input is larger than the expected maximum number of bytes.
ErrNumEqualVerify is returned when OP_NUMEQUALVERIFY is encountered in a script and the top item on the data stack does not evaluate to true.
ErrPubKeyType is returned when the ScriptVerifyStrictEncoding flag is set and the script contains invalid public keys.
ErrReservedOpcode is returned when an opcode marked as reserved is encountered in a script.
ErrScriptTooBig is returned if a script is larger than MaxScriptSize.
ErrScriptUnfinished is returned when CheckErrorCondition is called on a script that has not finished executing.
ErrSigHighS is returned when the ScriptVerifyLowS flag is set and the script contains any signatures whose S values are higher than the half order.
ErrSigInvalidDataLen is returned a signature that should be a canonically-encoded DER signature does not specify the correct number of remaining bytes for the R and S portions.
ErrSigInvalidRIntID is returned when a signature that should be a canonically-encoded DER signature does not have the expected ASN.1 integer ID for R.
ErrSigInvalidSeqID is returned when a signature that should be a canonically-encoded DER signature does not have the expected ASN.1 sequence ID.
ErrSigInvalidSIntID is returned when a signature that should be a canonically-encoded DER signature does not have the expected ASN.1 integer ID for S.
ErrSigInvalidSLen is returned a signature that should be a canonically-encoded DER signature does not specify the correct number of bytes for the S portion.
ErrSigMissingSLen is returned when a signature that should be a canonically-encoded DER signature does not provide the length of S.
ErrSigMissingSTypeID is returned a signature that should be a canonically-encoded DER signature does not provide the ASN.1 type ID for S.
ErrSigNegativeR is returned when a signature that should be a canonically-encoded DER signature has a negative value for R.
ErrSigNegativeS is returned when a signature that should be a canonically-encoded DER signature has a negative value for S.
ErrSigNullDummy is returned when the ScriptStrictMultiSig flag is set and a multisig script has anything other than 0 for the extra dummy argument.
ErrSigTooLong is returned when a signature that should be a canonically-encoded DER signature is too long.
ErrSigTooMuchRPadding is returned when a signature that should be a canonically-encoded DER signature has too much padding for R.
ErrSigTooMuchSPadding is returned when a signature that should be a canonically-encoded DER signature has too much padding for S.
ErrSigTooShort is returned when a signature that should be a canonically-encoded DER signature is too short.
ErrSigZeroRLen is returned when a signature that should be a canonically-encoded DER signature has an R length of zero.
ErrSigZeroSLen is returned when a signature that should be a canonically-encoded DER signature has an S length of zero.
ErrStackOverflow is returned when stack and altstack combined depth is over the limit.
ErrTaprootMaxSigOps is returned when the number of allotted sig ops is exceeded during taproot execution.
ErrTaprootMerkleProofInvalid is returned when the revealed script merkle proof for a taproot spend is found to be invalid.
ErrTaprootOutputKeyParityMismatch is returned when the control block proof is valid, but the parity of the y-coordinate of the derived key doesn't match the value encoded in the control block.
ErrTaprootPubkeyIsEmpty is returned when a signature checking op code encounters an empty public key.
ErrTaprootSigInvalid is returned when an invalid taproot key spend signature is encountered.
ErrTapscriptCheckMultisig is returned if a script attempts to use OP_CHECKMULTISIGVERIFY or OP_CHECKMULTISIG during tapscript execution.
ErrTooManyOperations is returned if a script has more than MaxOpsPerScript opcodes that do not push data.
ErrTooManyRequiredSigs is returned from MultiSigScript when the specified number of required signatures is larger than the number of provided public keys.
ErrTooMuchNullData is returned from NullDataScript when the length of the provided data exceeds MaxDataCarrierSize.
ErrUnbalancedConditional is returned when an OP_ELSE or OP_ENDIF is encountered in a script without first having an OP_IF or OP_NOTIF or the end of script is reached without encountering an OP_ENDIF when an OP_IF or OP_NOTIF was previously encountered.
ErrUnsatisfiedLockTime is returned when a script contains an opcode that involves a lock time and the required lock time has not been reached.
ErrUnsupportedAddress is returned when a concrete type that implements a bteutil.Address is not a supported type.
ErrUnsupportedScriptVersion is returned when an unsupported script version is passed to a function which deals with script analysis.
ErrVerify is returned when OP_VERIFY is encountered in a script and the top item on the data stack does not evaluate to true.
ErrWitnessHasNoAnnex is returned when a caller attempts to extract an annex, but the witness has no annex present.
ErrWitnessMalleated is returned if ScriptVerifyWitness is set and a native p2wsh program is encountered which has a non-empty sigScript.
ErrWitnessMalleatedP2SH is returned if ScriptVerifyWitness if set and the validation logic for nested p2sh encounters a sigScript which isn't *exactyl* a datapush of the witness program.
ErrWitnessProgramEmpty is returned if ScriptVerifyWitness is set and the witness stack itself is empty.
ErrWitnessProgramMismatch is returned if ScriptVerifyWitness is set and the witness itself for a p2wkh witness program isn't *exactly* 2 items or if the witness for a p2wsh isn't the sha255 of the witness script.
ErrWitnessProgramWrongLength is returned if ScriptVerifyWitness is set and the length of the witness program violates the length as dictated by the current witness version.
ErrWitnessPubKeyType is returned if ScriptVerifyWitness is set and the public key used in either a check-sig or check-multi-sig isn't serialized in a compressed format.
ErrWitnessUnexpected is returned if ScriptVerifyWitness is set and a transaction includes witness data but doesn't spend an which is a witness program (nested or native).
Tue Nov 5 00:53:20 1985 UTC.
MaxDataCarrierSize is the maximum number of bytes allowed in pushed data to be considered a nulldata transaction.
Max number of non-push operations.
Multisig can't have more sigs than this.
Max bytes pushable to the stack.
MaxScriptSize is the maximum allowed length of a raw script.
MaxStackSize is the maximum combined height of stack and alt stack during execution.
Multi signature.
None of the recognized forms.
Empty data-only (provably prunable).
0.
146.
81 - AKA OP_TRUE.
90.
91.
92.
93.
94.
95.
96.
139.
79.
140.
82.
142.
109.
110.
141.
112.
113.
114.
83.
111.
84.
85.
86.
87.
88.
89.
144.
147.
132.
154.
155.
126.
177 - AKA OP_NOP2.
174.
175.
178 - AKA OP_NOP3.
172.
186.
173.
171.
1.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
2.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
3.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
4.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
5.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
6.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
7.
70.
71.
72.
73.
74.
75.
8.
9.
116.
150.
117.
118.
103.
104.
135.
136.
0 - AKA OP_0.
108.
160.
162.
169.
170.
99.
115.
255 - bitcoin core internal.
131.
128.
159.
161.
152.
164.
163.
151.
149.
143.
119.
97.
176.
185.
177.
178.
179.
180.
181.
182.
183.
184.
145.
100.
156.
157.
158.
133.
120.
121.
254 - bitcoin core internal.
253 - bitcoin core internal.
251 - bitcoin core internal.
76.
77.
78.
80.
137.
138.
106.
129.
166.
122.
123.
153.
167.
168.
130.
250 - bitcoin core internal.
148.
127.
124.
107.
81.
125.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
252.
98.
101.
105.
102.
165.
134.
Conditional execution constants.
Conditional execution constants.
Conditional execution constants.
Pay pubkey hash.
Pay pubkey.
ScriptBip16 defines whether the bip16 threshold has passed and thus pay-to-script hash transactions will be fully validated.
ScriptDiscourageUpgradableNops defines whether to verify that NOP1 through NOP10 are reserved for future soft-fork upgrades.
Pay to script hash.
ScriptStrictMultiSig defines whether to verify the stack item used by CHECKMULTISIG is zero length.
ScriptVerifyCheckLockTimeVerify defines whether to verify that a transaction output is spendable based on the locktime.
ScriptVerifyCheckSequenceVerify defines whether to allow execution pathways of a script to be restricted based on the age of the output being spent.
ScriptVerifyCleanStack defines that the stack must contain only one stack element after evaluation and that the element must be true if interpreted as a boolean.
ScriptVerifyDERSignatures defines that signatures are required to compily with the DER format.
ScriptVerifyDiscourageOpSuccess defines whether or not to consider usage of OP_SUCCESS op codes during tapscript execution as non-standard.
ScriptVerifyDiscourageUpgradeablePubkeyType defines if unknown public key versions (during tapscript execution) is non-standard.
ScriptVerifyDiscourageUpgradeableWitnessProgram defines whether or not to consider any new/unknown taproot leaf versions as non-standard.
ScriptVerifyDiscourageUpgradeableWitnessProgram makes witness program with versions 2-16 non-standard.
ScriptVerifyLowS defines that signtures are required to comply with the DER format and whose S value is <= order / 2.
ScriptVerifyMinimalData defines that signatures must use the smallest push operator.
ScriptVerifyMinimalIf makes a script with an OP_IF/OP_NOTIF whose operand is anything other than empty vector or [0x01] non-standard.
ScriptVerifyNullFail defines that signatures must be empty if a CHECKSIG or CHECKMULTISIG operation fails.
ScriptVerifySigPushOnly defines that signature scripts must contain only pushed data.
ScriptVerifyStrictEncoding defines that signature scripts and public keys must follow the strict encoding requirements.
ScriptVerifyTaproot defines whether or not to verify a transaction output using the new taproot validation rules.
ScriptVerifyWitness defines whether or not to verify a transaction output using a witness program template.
ScriptVerifyWitnessPubKeyType makes a script within a check-sig operation whose public key isn't serialized in a compressed format non-standard.
Hash type bits from the end of a signature.
Hash type bits from the end of a signature.
Hash type bits from the end of a signature.
Hash type bits from the end of a signature.
Hash type bits from the end of a signature.
Hash type bits from the end of a signature.
StandardVerifyFlags are the script flags which are used when executing transaction scripts to enforce additional checks which are required for the script to be considered standard.
TaprootAnnexTag is the tag for an annex.
TaprootLeafMask is the mask applied to the control block to extract the leaf version and parity of the y-coordinate of the output key if the taproot script leaf being spent.
TaprootWitnessVersion is the witness version that defines the new taproot verification logic.
Witness unknown.
Pay witness pubkey hash.
Pay to witness script hash.
Taproot output.
# Variables
Bip16Activation is the timestamp where BIP0016 is valid to use in the blockchain.
ErrUnsupportedScriptType is an error returned when we attempt to parse/re-compute an output script into a PkScript struct.
OpcodeByName is a map that can be used to lookup an opcode by its human-readable name (OP_CHECKMULTISIG, OP_CHECKSIG, etc).
# Structs
AtomicSwapDataPushes houses the data pushes found in atomic swap contracts.
CannedPrevOutputFetcher is an implementation of PrevOutputFetcher that only is able to return information for a single previous output.
ControlBlock houses the structured witness input for a taproot spend.
Engine is the virtual machine that executes scripts.
Error identifies a script-related error.
HashCache houses a set of partial sighashes keyed by txid.
IndexedTapScriptTree reprints a fully contracted tapscript tree.
MultiPrevOutFetcher is a custom implementation of the PrevOutputFetcher backed by a key-value map of prevouts to outputs.
PkScript is a wrapper struct around a byte array, allowing it to be used as a map index.
ScriptBuilder provides a facility for building custom scripts.
ScriptInfo houses information about a script pair that is determined by CalcScriptInfo.
ScriptTokenizer provides a facility for easily and efficiently tokenizing transaction scripts without creating allocations.
SegwitSigHashMidstate is the sighash midstate used in the base segwit sighash calculation as defined in BIP 143.
SigCache implements an Schnorr+ECDSA signature verification cache with a randomized entry eviction policy.
TapBranch represents an internal branch in the tapscript tree.
TapLeaf represents a leaf in a tapscript tree.
TaprootSigHashMidState is the sighash midstate used to compute taproot and tapscript signatures as defined in BIP 341.
TapscriptProof is a proof of inclusion that a given leaf (a script and leaf version) is included within a top-level taproot output commitment.
TxSigHashes houses the partial set of sighashes introduced within BIP0143.
# Interfaces
KeyDB is an interface type provided to SignTxOutput, it encapsulates any user state required to get the private keys for an address.
PrevOutputFetcher is an interface used to supply the sighash cache with the previous output information needed to calculate the pre-computed sighash midstate for taproot transactions.
ScriptDB is an interface type provided to SignTxOutput, it encapsulates any user state required to get the scripts for an pay-to-script-hash address.
TapNode represents an abstract node in a tapscript merkle tree.
# Type aliases
ErrorCode identifies a kind of script error.
ErrScriptNotCanonical identifies a non-canonical script.
KeyClosure implements KeyDB with a closure.
ScriptBuilderOpt is a functional option type which is used to modify the initialization of a ScriptBuilder.
ScriptClass is an enumeration for the list of standard types of script.
ScriptClosure implements ScriptDB with a closure.
ScriptFlags is a bitmask defining additional operations or tests that will be done when executing a script pair.
SigHashType represents hash type bits at the end of a signature.
TaprootSigHashOption defines a set of functional param options that can be used to modify the base sighash message with optional extensions.
TapscriptLeafVersion represents the various possible versions of a tapscript leaf version.