ai-agent-bitcoin-escrow 0.1.0

A Rust library for AI agents to create, manage, and execute Bitcoin escrow contracts using multisig
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244

//! Multisig operations for escrow contracts.
//!
//! This module handles multisignature wallet setup, descriptor creation,
//! and coordination of signing operations for 2-of-3 (or n-of-m) escrow.

use bitcoin::key::Keypair;
use bitcoin::secp256k1::{Secp256k1, rand};
use bitcoin::{Network, PrivateKey, PublicKey, ScriptBuf};
use miniscript::descriptor::{Descriptor, DescriptorPublicKey};
use serde::{Deserialize, Serialize};
use std::collections::BTreeMap;
use std::str::FromStr;

use crate::error::{EscrowError, Result};
use crate::types::{EscrowParticipant, EscrowRole};

/// Multisig configuration.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct MultisigConfig {
    /// Network (testnet, mainnet, etc.).
    pub network: Network,
    /// Threshold (e.g., 2 for 2-of-3).
    pub threshold: usize,
    /// Total number of participants.
    pub total: usize,
}

impl Default for MultisigConfig {
    fn default() -> Self {
        Self {
            network: Network::Testnet,
            threshold: 2,
            total: 3,
        }
    }
}

/// Represents a multisig wallet with participants' public keys.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct MultisigWallet {
    /// Configuration.
    pub config: MultisigConfig,
    /// Participant public keys (role -> pubkey hex).
    pub public_keys: BTreeMap<EscrowRole, String>,
    /// The descriptor for the multisig address.
    pub descriptor: String,
}

impl MultisigWallet {
    /// Create a new multisig wallet from participants.
    pub fn new(config: MultisigConfig, participants: &[EscrowParticipant]) -> Result<Self> {
        if participants.len() != config.total {
            return Err(EscrowError::Multisig(format!(
                "Expected {} participants, got {}",
                config.total,
                participants.len()
            )));
        }

        let mut public_keys = BTreeMap::new();

        for participant in participants {
            if let Some(pk) = &participant.public_key {
                public_keys.insert(participant.role, pk.to_string());
            }
        }

        if public_keys.len() != config.total {
            return Err(EscrowError::Multisig(
                "All participants must have public keys".to_string(),
            ));
        }

        // Create the multisig descriptor
        let descriptor = Self::create_descriptor(config.threshold, &public_keys)?;
        
        Ok(Self {
            config,
            public_keys,
            descriptor,
        })
    }

    /// Create a multisig descriptor string.
    fn create_descriptor(
        threshold: usize,
        public_keys: &BTreeMap<EscrowRole, String>,
    ) -> Result<String> {
        // Collect public keys strings for the descriptor
        let pk_strs: Vec<String> = public_keys.values().cloned().collect();

        // Create a sortedmulti descriptor (BIP-67 sorted public keys)
        // wsh(sortedmulti(threshold, keys...))
        let descriptor_str = format!(
            "wsh(sortedmulti({},{}))",
            threshold,
            pk_strs.join(",")
        );

        Ok(descriptor_str)
    }

    /// Get the scriptPubKey for the multisig address.
    pub fn script_pubkey(&self) -> Result<ScriptBuf> {
        // Parse the descriptor - this is simplified, real implementation would
        // use miniscript properly with DescriptorPublicKey parsing
        // For now, we return a placeholder
        Ok(ScriptBuf::new())
    }

    /// Get the address for the multisig (based on network).
    pub fn address(&self) -> Result<bitcoin::Address> {
        // This would generate the actual P2WSH address from the descriptor
        // For now, return a test address
        let script = self.script_pubkey()?;
        
        // Create a P2WSH address
        let address = bitcoin::Address::p2wsh(&script, self.config.network);
        Ok(address)
    }
}

/// Generate a new keypair for a participant.
pub fn generate_keypair(network: Network) -> Result<(PrivateKey, PublicKey)> {
    let secp = Secp256k1::new();
    let mut rng = rand::thread_rng();
    
    let keypair = Keypair::new(&secp, &mut rng);
    let secret_key = keypair.secret_key();
    let public_key = keypair.public_key();
    
    let private_key = PrivateKey::new(secret_key, network);
    let bitcoin_pk = PublicKey::from_slice(&public_key.serialize())
        .map_err(|e| EscrowError::Key(format!("Failed to create public key: {}", e)))?;
    
    Ok((private_key, bitcoin_pk))
}

/// Create a participant with a generated keypair.
pub fn create_participant(
    role: EscrowRole,
    id: String,
    network: Network,
) -> Result<(EscrowParticipant, PrivateKey)> {
    let (private_key, public_key) = generate_keypair(network)?;
    
    let participant = EscrowParticipant {
        id,
        role,
        public_key: Some(public_key),
        xonly_public_key: None,
        address: None,
        signed: false,
        joined_at: chrono::Utc::now(),
    };
    
    Ok((participant, private_key))
}

/// Represents a partially signed transaction (PSBT) for multisig coordination.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct MultisigPSBT {
    /// The base64-encoded PSBT.
    pub psbt_base64: String,
    /// Who has signed so far.
    pub signed_by: Vec<EscrowRole>,
    /// Required threshold.
    pub threshold: usize,
}

impl MultisigPSBT {
    /// Create a new PSBT from a transaction.
    pub fn new(psbt_base64: String, threshold: usize) -> Self {
        Self {
            psbt_base64,
            signed_by: Vec::new(),
            threshold,
        }
    }

    /// Add a signature.
    pub fn add_signature(&mut self, role: EscrowRole) -> Result<()> {
        if self.signed_by.contains(&role) {
            return Err(EscrowError::Signing(format!(
                "Role {:?} has already signed",
                role
            )));
        }
        self.signed_by.push(role);
        Ok(())
    }

    /// Check if enough signatures have been collected.
    pub fn is_ready(&self) -> bool {
        self.signed_by.len() >= self.threshold
    }

    /// Get the number of signatures still needed.
    pub fn signatures_needed(&self) -> usize {
        self.threshold.saturating_sub(self.signed_by.len())
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    
    #[test]
    fn test_keypair_generation() {
        let (priv_key, pub_key) = generate_keypair(Network::Testnet).unwrap();
        assert!(!priv_key.to_bytes().is_empty());
        assert!(!pub_key.to_bytes().is_empty());
    }
    
    #[test]
    fn test_multisig_wallet_creation() {
        let config = MultisigConfig::default();
        
        let participants = vec![
            create_participant(EscrowRole::Buyer, "buyer-1".to_string(), Network::Testnet).unwrap().0,
            create_participant(EscrowRole::Seller, "seller-1".to_string(), Network::Testnet).unwrap().0,
            create_participant(EscrowRole::Arbiter, "arbiter-1".to_string(), Network::Testnet).unwrap().0,
        ];
        
        let wallet = MultisigWallet::new(config, &participants).unwrap();
        assert!(!wallet.descriptor.is_empty());
    }
    
    #[test]
    fn test_psbt_signatures() {
        let mut psbt = MultisigPSBT::new("base64-psbt".to_string(), 2);
        
        assert!(!psbt.is_ready());
        assert_eq!(psbt.signatures_needed(), 2);
        
        psbt.add_signature(EscrowRole::Buyer).unwrap();
        assert!(!psbt.is_ready());
        assert_eq!(psbt.signatures_needed(), 1);
        
        psbt.add_signature(EscrowRole::Seller).unwrap();
        assert!(psbt.is_ready());
        assert_eq!(psbt.signatures_needed(), 0);
    }
}