blvm-protocol 0.1.5

Bitcoin Commons BLVM: Bitcoin protocol abstraction layer for multiple variants and evolution
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749

//! BIP70: Payment Protocol (P2P Variant)
//!
//! Specification: https://github.com/bitcoin/bips/blob/master/bip-0070.mediawiki
//!
//! This is a P2P-based variant of BIP70 that addresses security concerns:
//! - Uses Bitcoin P2P network instead of HTTP/HTTPS (privacy-preserving)
//! - Uses Bitcoin public key signatures instead of X.509 certificates (decentralized)
//! - Supports signed refund addresses (prevents refund attacks)
//! - Works with TCP, Iroh, and QUIC transports
//!
//! Core messages:
//! - PaymentRequest: Merchant payment details signed with Bitcoin key
//! - Payment: Customer payment transaction(s)
//! - PaymentACK: Merchant confirmation of payment
//!
//! Security enhancements:
//! - Merchant authentication via Bitcoin public keys (on-chain verifiable)
//! - Signed refund addresses prevent refund attacks
//! - P2P routing preserves customer privacy (no direct merchant connection)

use hex;
use secp256k1::ecdsa::Signature;
use secp256k1::{Message, Secp256k1};
use serde::{Deserialize, Serialize};
use sha2::{Digest, Sha256};

/// BIP70 Payment Protocol version
pub const PAYMENT_PROTOCOL_VERSION: u32 = 1;

/// Payment Details - Core payment information
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PaymentDetails {
    /// Network identifier (mainnet, testnet, regtest)
    pub network: String,
    /// Payment outputs (address, amount)
    pub outputs: Vec<PaymentOutput>,
    /// Payment expiration time (Unix timestamp)
    pub time: u64,
    /// Payment expiration time
    pub expires: Option<u64>,
    /// Memo for merchant
    pub memo: Option<String>,
    /// Memo for customer
    pub payment_url: Option<String>,
    /// Merchant data (opaque to customer)
    pub merchant_data: Option<Vec<u8>>,
}

/// Payment Output - Address and amount
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct PaymentOutput {
    /// Bitcoin address or script
    pub script: Vec<u8>,
    /// Amount in satoshis (None = all available)
    pub amount: Option<u64>,
}

/// Signed refund address - Pre-authorized refund address with merchant signature
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SignedRefundAddress {
    /// Refund address/script
    pub address: PaymentOutput,
    /// Merchant signature over address (prevents refund attacks)
    pub signature: Vec<u8>,
}

/// Payment Request - Main payment protocol message
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PaymentRequest {
    /// Payment details
    pub payment_details: PaymentDetails,
    /// Merchant's Bitcoin public key (compressed, 33 bytes)
    /// Replaces X.509 certificates with on-chain verifiable keys
    pub merchant_pubkey: Option<Vec<u8>>,
    /// Signature over payment_details by merchant's Bitcoin key
    pub signature: Option<Vec<u8>>,
    /// Pre-authorized refund addresses (signed by merchant)
    /// Prevents refund address attacks by requiring merchant signature
    pub authorized_refund_addresses: Option<Vec<SignedRefundAddress>>,
}

/// Payment - Customer payment transaction(s)
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Payment {
    /// Serialized transaction(s)
    pub transactions: Vec<Vec<u8>>,
    /// Refund addresses (if change needed)
    pub refund_to: Option<Vec<PaymentOutput>>,
    /// Merchant data (echo back from PaymentRequest)
    pub merchant_data: Option<Vec<u8>>,
    /// Memo from customer
    pub memo: Option<String>,
}

/// Payment ACK - Merchant confirmation
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PaymentACK {
    /// Original payment message
    pub payment: Payment,
    /// Confirmation memo from merchant
    pub memo: Option<String>,
    /// Merchant signature over PaymentACK (optional)
    pub signature: Option<Vec<u8>>,
}

impl PaymentACK {
    /// Sign PaymentACK with merchant's private key
    pub fn sign(&mut self, private_key: &secp256k1::SecretKey) -> Result<(), Bip70Error> {
        // Serialize PaymentACK for signing (excluding signature field)
        let mut ack_for_signing = self.clone();
        ack_for_signing.signature = None;

        let serialized = bincode::serialize(&ack_for_signing)
            .map_err(|e| Bip70Error::SerializationError(e.to_string()))?;

        // Hash PaymentACK
        let mut hasher = Sha256::new();
        hasher.update(&serialized);
        let hash = hasher.finalize();

        // Create message for signing
        let message = Message::from_digest(hash.into());

        // Sign with secp256k1
        let secp = Secp256k1::new();
        let signature = secp.sign_ecdsa(&message, private_key);

        // Store signature
        self.signature = Some(signature.serialize_compact().to_vec());

        Ok(())
    }

    /// Verify PaymentACK signature
    pub fn verify_signature(&self, merchant_pubkey: &[u8]) -> Result<(), Bip70Error> {
        let signature_bytes = self
            .signature
            .as_ref()
            .ok_or_else(|| Bip70Error::SignatureError("No signature".to_string()))?;

        // Parse public key
        let pubkey = secp256k1::PublicKey::from_slice(merchant_pubkey)
            .map_err(|e| Bip70Error::SignatureError(format!("Invalid public key: {e}")))?;

        // Parse signature
        let signature = Signature::from_compact(signature_bytes)
            .map_err(|e| Bip70Error::SignatureError(format!("Invalid signature: {e}")))?;

        // Serialize PaymentACK for verification (excluding signature)
        let mut ack_for_verification = self.clone();
        ack_for_verification.signature = None;

        let serialized = bincode::serialize(&ack_for_verification)
            .map_err(|e| Bip70Error::SerializationError(e.to_string()))?;

        // Hash PaymentACK
        let mut hasher = Sha256::new();
        hasher.update(&serialized);
        let hash = hasher.finalize();

        // Create message for verification
        let message = Message::from_digest(hash.into());

        // Verify signature
        let secp = Secp256k1::new();
        secp.verify_ecdsa(&message, &signature, &pubkey)
            .map_err(|_| {
                Bip70Error::SignatureError("PaymentACK signature verification failed".to_string())
            })?;

        Ok(())
    }
}

impl PaymentRequest {
    /// Create a new payment request
    pub fn new(network: String, outputs: Vec<PaymentOutput>, time: u64) -> Self {
        Self {
            payment_details: PaymentDetails {
                network,
                outputs,
                time,
                expires: None,
                memo: None,
                payment_url: None,
                merchant_data: None,
            },
            merchant_pubkey: None,
            signature: None,
            authorized_refund_addresses: None,
        }
    }

    /// Set merchant public key
    pub fn with_merchant_key(mut self, pubkey: [u8; 33]) -> Self {
        self.merchant_pubkey = Some(pubkey.to_vec());
        self
    }

    /// Add authorized refund address (signed by merchant)
    pub fn with_authorized_refund(mut self, signed_refund: SignedRefundAddress) -> Self {
        if self.authorized_refund_addresses.is_none() {
            self.authorized_refund_addresses = Some(Vec::new());
        }
        self.authorized_refund_addresses
            .as_mut()
            .unwrap()
            .push(signed_refund);
        self
    }

    /// Set expiration time
    pub fn with_expires(mut self, expires: u64) -> Self {
        self.payment_details.expires = Some(expires);
        self
    }

    /// Set memo for merchant
    pub fn with_memo(mut self, memo: String) -> Self {
        self.payment_details.memo = Some(memo);
        self
    }

    /// Set payment URL (where to send Payment message)
    pub fn with_payment_url(mut self, url: String) -> Self {
        self.payment_details.payment_url = Some(url);
        self
    }

    /// Set merchant data (opaque customer data)
    pub fn with_merchant_data(mut self, data: Vec<u8>) -> Self {
        self.payment_details.merchant_data = Some(data);
        self
    }

    /// Sign payment request with merchant's private key
    pub fn sign(&mut self, private_key: &secp256k1::SecretKey) -> Result<(), Bip70Error> {
        // Serialize payment_details for signing
        let serialized = bincode::serialize(&self.payment_details)
            .map_err(|e| Bip70Error::SerializationError(e.to_string()))?;

        // Hash payment_details
        let mut hasher = Sha256::new();
        hasher.update(&serialized);
        let hash = hasher.finalize();

        // Create message for signing
        let message = Message::from_digest(hash.into());

        // Sign with secp256k1
        let secp = Secp256k1::new();
        let signature = secp.sign_ecdsa(&message, private_key);
        let pubkey = secp256k1::PublicKey::from_secret_key(&secp, private_key);
        let pubkey_serialized = pubkey.serialize();

        // Store signature and public key
        self.signature = Some(signature.serialize_compact().to_vec());
        self.merchant_pubkey = Some(pubkey_serialized.to_vec());

        Ok(())
    }

    /// Verify payment request signature
    pub fn verify_signature(&self) -> Result<(), Bip70Error> {
        let pubkey = self
            .merchant_pubkey
            .as_ref()
            .ok_or_else(|| Bip70Error::SignatureError("No merchant public key".to_string()))?;
        let signature_bytes = self
            .signature
            .as_ref()
            .ok_or_else(|| Bip70Error::SignatureError("No signature".to_string()))?;

        // Parse public key
        let pubkey = secp256k1::PublicKey::from_slice(pubkey)
            .map_err(|e| Bip70Error::SignatureError(format!("Invalid public key: {e}")))?;

        // Parse signature
        let signature = Signature::from_compact(signature_bytes)
            .map_err(|e| Bip70Error::SignatureError(format!("Invalid signature: {e}")))?;

        // Serialize payment_details for verification
        let serialized = bincode::serialize(&self.payment_details)
            .map_err(|e| Bip70Error::SerializationError(e.to_string()))?;

        // Hash payment_details
        let mut hasher = Sha256::new();
        hasher.update(&serialized);
        let hash = hasher.finalize();

        // Create message for verification
        let message = Message::from_digest(hash.into());

        // Verify signature
        let secp = Secp256k1::new();
        secp.verify_ecdsa(&message, &signature, &pubkey)
            .map_err(|_| Bip70Error::SignatureError("Signature verification failed".to_string()))?;

        Ok(())
    }

    /// Validate payment request
    pub fn validate(&self) -> Result<(), Bip70Error> {
        // Check expiration
        if let Some(expires) = self.payment_details.expires {
            let now = crate::time::current_timestamp();
            if now > expires {
                return Err(Bip70Error::Expired);
            }
        }

        // Validate outputs
        if self.payment_details.outputs.is_empty() {
            return Err(Bip70Error::InvalidRequest("No payment outputs".to_string()));
        }

        // Validate network
        let valid_networks = ["main", "test", "regtest"];
        if !valid_networks.contains(&self.payment_details.network.as_str()) {
            return Err(Bip70Error::InvalidRequest(format!(
                "Invalid network: {}",
                self.payment_details.network
            )));
        }

        Ok(())
    }
}

impl Payment {
    /// Create a new payment
    pub fn new(transactions: Vec<Vec<u8>>) -> Self {
        Self {
            transactions,
            refund_to: None,
            merchant_data: None,
            memo: None,
        }
    }

    /// Add refund address (must be pre-authorized in PaymentRequest)
    pub fn with_refund_to(mut self, outputs: Vec<PaymentOutput>) -> Self {
        self.refund_to = Some(outputs);
        self
    }

    /// Validate refund addresses against PaymentRequest authorized list
    pub fn validate_refund_addresses(
        &self,
        authorized_refunds: &[SignedRefundAddress],
    ) -> Result<(), Bip70Error> {
        if let Some(ref refund_to) = self.refund_to {
            for refund_addr in refund_to {
                // Check if refund address is in authorized list
                let is_authorized = authorized_refunds.iter().any(|auth| {
                    auth.address.script == refund_addr.script
                        && auth.address.amount == refund_addr.amount
                });

                if !is_authorized {
                    return Err(Bip70Error::InvalidPayment(format!(
                        "Refund address not authorized: {:?}",
                        refund_addr.script
                    )));
                }
            }
        }
        Ok(())
    }

    /// Set merchant data (echo from PaymentRequest)
    pub fn with_merchant_data(mut self, data: Vec<u8>) -> Self {
        self.merchant_data = Some(data);
        self
    }

    /// Set customer memo
    pub fn with_memo(mut self, memo: String) -> Self {
        self.memo = Some(memo);
        self
    }

    /// Validate payment
    pub fn validate(&self) -> Result<(), Bip70Error> {
        if self.transactions.is_empty() {
            return Err(Bip70Error::InvalidPayment("No transactions".to_string()));
        }

        Ok(())
    }
}

/// BIP70 Error types
#[derive(Debug, thiserror::Error)]
pub enum Bip70Error {
    #[error("Payment request expired")]
    Expired,

    #[error("Invalid payment request: {0}")]
    InvalidRequest(String),

    #[error("Invalid payment: {0}")]
    InvalidPayment(String),

    #[error("Certificate validation failed: {0}")]
    CertificateError(String),

    #[error("Signature verification failed: {0}")]
    SignatureError(String),

    #[error("HTTP error: {0}")]
    HttpError(String),

    #[error("Serialization error: {0}")]
    SerializationError(String),

    #[error("Validation error: {0}")]
    ValidationError(String),
}

/// BIP70 Payment Protocol client (for making payments via P2P)
///
/// Note: Node-specific message creation functions are in blvm-node.
/// This struct provides protocol-level validation only.
pub struct PaymentProtocolClient;

impl PaymentProtocolClient {
    /// Validate a PaymentRequest (protocol-level validation)
    pub fn validate_payment_request(
        payment_request: &PaymentRequest,
        expected_merchant_pubkey: Option<&[u8]>,
    ) -> Result<(), Bip70Error> {
        // Verify signature
        payment_request.verify_signature()?;

        // Validate payment request
        payment_request.validate()?;

        // Verify merchant pubkey matches if provided
        if let Some(expected_pubkey) = expected_merchant_pubkey {
            if let Some(ref req_pubkey) = payment_request.merchant_pubkey {
                if req_pubkey.as_slice() != expected_pubkey {
                    return Err(Bip70Error::SignatureError(
                        "PaymentRequest pubkey mismatch".to_string(),
                    ));
                }
            }
        }

        Ok(())
    }

    /// Validate PaymentACK from merchant (protocol-level validation)
    ///
    /// This is a legacy method for backward compatibility.
    /// Prefer using PaymentACK::verify_signature() directly.
    pub fn validate_payment_ack(
        payment_ack: &PaymentACK,
        merchant_signature: &[u8],
        merchant_pubkey: &[u8],
    ) -> Result<(), Bip70Error> {
        // If PaymentACK has embedded signature, use that
        if let Some(ref sig) = payment_ack.signature {
            if !sig.is_empty() {
                return payment_ack.verify_signature(merchant_pubkey);
            }
        }

        // Legacy: Verify external signature (for backward compatibility)
        if !merchant_signature.is_empty() {
            let pubkey = secp256k1::PublicKey::from_slice(merchant_pubkey)
                .map_err(|e| Bip70Error::SignatureError(format!("Invalid pubkey: {e}")))?;

            // Serialize payment_ack for verification (excluding signature field)
            let mut ack_for_verification = payment_ack.clone();
            ack_for_verification.signature = None;

            let serialized = bincode::serialize(&ack_for_verification)
                .map_err(|e| Bip70Error::SerializationError(e.to_string()))?;

            let mut hasher = Sha256::new();
            hasher.update(&serialized);
            let hash = hasher.finalize();

            let message = Message::from_digest(hash.into());

            let signature = Signature::from_compact(merchant_signature)
                .map_err(|e| Bip70Error::SignatureError(format!("Invalid signature: {e}")))?;

            let secp = Secp256k1::new();
            secp.verify_ecdsa(&message, &signature, &pubkey)
                .map_err(|_| {
                    Bip70Error::SignatureError(
                        "PaymentACK signature verification failed".to_string(),
                    )
                })?;
        }

        Ok(())
    }
}

/// BIP70 Payment Protocol server (for receiving payments via P2P)
///
/// Note: Node-specific message creation functions are in blvm-node.
/// This struct provides protocol-level processing only.
pub struct PaymentProtocolServer;

impl PaymentProtocolServer {
    /// Create signed payment request (protocol-level)
    pub fn create_signed_payment_request(
        details: PaymentDetails,
        merchant_private_key: &secp256k1::SecretKey,
        authorized_refunds: Option<Vec<SignedRefundAddress>>,
    ) -> Result<PaymentRequest, Bip70Error> {
        let mut payment_request = PaymentRequest {
            payment_details: details,
            merchant_pubkey: None,
            signature: None,
            authorized_refund_addresses: authorized_refunds,
        };

        // Sign payment request
        payment_request.sign(merchant_private_key)?;

        Ok(payment_request)
    }

    /// Process incoming payment (protocol-level validation and ACK creation)
    pub fn process_payment(
        payment: &Payment,
        original_request: &PaymentRequest,
        merchant_private_key: Option<&secp256k1::SecretKey>,
    ) -> Result<PaymentACK, Bip70Error> {
        // Validate payment
        payment.validate()?;

        // Validate refund addresses if provided
        if let Some(ref authorized_refunds) = original_request.authorized_refund_addresses {
            payment.validate_refund_addresses(authorized_refunds)?;
        }

        // Validate merchant_data matches original request
        if let Some(ref payment_merchant_data) = payment.merchant_data {
            if let Some(ref request_merchant_data) = original_request.payment_details.merchant_data
            {
                if payment_merchant_data != request_merchant_data {
                    return Err(Bip70Error::ValidationError(
                        "Merchant data mismatch".to_string(),
                    ));
                }
            }
        } else if original_request.payment_details.merchant_data.is_some() {
            return Err(Bip70Error::ValidationError(
                "Payment missing merchant data".to_string(),
            ));
        }

        // Verify transactions match PaymentRequest outputs
        Self::verify_payment_transactions(payment, original_request)?;

        // Create payment ACK
        let mut payment_ack = PaymentACK {
            payment: payment.clone(),
            memo: Some("Payment received".to_string()),
            signature: None, // Will be set by sign() method
        };

        // Sign PaymentACK if merchant key provided
        if let Some(private_key) = merchant_private_key {
            payment_ack.sign(private_key)?;
        }

        Ok(payment_ack)
    }

    /// Verify that payment transactions match PaymentRequest outputs
    fn verify_payment_transactions(
        payment: &Payment,
        original_request: &PaymentRequest,
    ) -> Result<(), Bip70Error> {
        use crate::Transaction;

        // Deserialize all transactions
        let mut all_outputs = Vec::new();
        for tx_bytes in &payment.transactions {
            let tx: Transaction = bincode::deserialize(tx_bytes)
                .map_err(|e| Bip70Error::SerializationError(format!("Invalid transaction: {e}")))?;

            // Collect all outputs from this transaction
            for output in &tx.outputs {
                all_outputs.push(PaymentOutput {
                    script: output.script_pubkey.clone(),
                    amount: Some(output.value as u64), // Convert i64 to u64
                });
            }
        }

        // Check that all requested outputs are present
        // Note: Payment may include additional outputs (change, refunds), but must include all requested
        for requested_output in &original_request.payment_details.outputs {
            let found = all_outputs.iter().any(|output| {
                output.script == requested_output.script
                    && match (output.amount, requested_output.amount) {
                        (Some(amt), Some(req_amt)) => amt >= req_amt, // Allow overpayment
                        (Some(_), None) => true,                      // Requested "all available"
                        (None, Some(_)) => false, // Output has no amount but request requires one
                        (None, None) => true,     // Both "all available"
                    }
            });

            if !found {
                return Err(Bip70Error::ValidationError(format!(
                    "Payment missing required output: script={}, amount={:?}",
                    hex::encode(&requested_output.script),
                    requested_output.amount
                )));
            }
        }

        Ok(())
    }

    /// Sign a refund address for inclusion in PaymentRequest
    pub fn sign_refund_address(
        address: PaymentOutput,
        merchant_private_key: &secp256k1::SecretKey,
    ) -> Result<SignedRefundAddress, Bip70Error> {
        // Serialize address for signing
        let serialized = bincode::serialize(&address)
            .map_err(|e| Bip70Error::SerializationError(e.to_string()))?;

        // Hash address
        let mut hasher = Sha256::new();
        hasher.update(&serialized);
        let hash = hasher.finalize();

        // Sign
        let message = Message::from_digest(hash.into());

        let secp = Secp256k1::new();
        let signature = secp.sign_ecdsa(&message, merchant_private_key);

        Ok(SignedRefundAddress {
            address,
            signature: signature.serialize_compact().to_vec(),
        })
    }

    /// Verify signed refund address
    pub fn verify_refund_address(
        signed_refund: &SignedRefundAddress,
        merchant_pubkey: &[u8],
    ) -> Result<(), Bip70Error> {
        let pubkey = secp256k1::PublicKey::from_slice(merchant_pubkey)
            .map_err(|e| Bip70Error::SignatureError(format!("Invalid pubkey: {e}")))?;

        let serialized = bincode::serialize(&signed_refund.address)
            .map_err(|e| Bip70Error::SerializationError(e.to_string()))?;

        let mut hasher = Sha256::new();
        hasher.update(&serialized);
        let hash = hasher.finalize();

        let message = Message::from_digest(hash.into());

        let signature = Signature::from_compact(&signed_refund.signature)
            .map_err(|e| Bip70Error::SignatureError(format!("Invalid signature: {e}")))?;

        let secp = Secp256k1::new();
        secp.verify_ecdsa(&message, &signature, &pubkey)
            .map_err(|_| {
                Bip70Error::SignatureError(
                    "Refund address signature verification failed".to_string(),
                )
            })?;

        Ok(())
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_payment_request_creation() {
        let output = PaymentOutput {
            script: vec![blvm_consensus::opcodes::OP_1],
            amount: Some(100000), // 0.001 BTC
        };

        let request = PaymentRequest::new("main".to_string(), vec![output], 1234567890);

        assert_eq!(request.payment_details.network, "main");
        assert_eq!(request.payment_details.outputs.len(), 1);
        assert_eq!(request.payment_details.time, 1234567890);
    }

    #[test]
    fn test_payment_request_validation() {
        let request = PaymentRequest::new(
            "main".to_string(),
            vec![PaymentOutput {
                script: vec![blvm_consensus::opcodes::OP_1],
                amount: Some(100000),
            }],
            1234567890,
        );

        assert!(request.validate().is_ok());
    }

    #[test]
    fn test_payment_request_expired() {
        let expired_time = 1000;
        let request = PaymentRequest::new(
            "main".to_string(),
            vec![PaymentOutput {
                script: vec![blvm_consensus::opcodes::OP_1],
                amount: Some(100000),
            }],
            expired_time,
        )
        .with_expires(1001);

        // Should fail validation (expired)
        let result = request.validate();
        assert!(result.is_err());
    }

    #[test]
    fn test_payment_creation() {
        let tx = vec![0x01, 0x00, 0x00, 0x00]; // Arbitrary bytes for Payment::new structure test (not a valid tx)
        let payment = Payment::new(vec![tx.clone()]);

        assert_eq!(payment.transactions.len(), 1);
        assert_eq!(payment.transactions[0], tx);
    }

    #[test]
    fn test_payment_validation() {
        let payment = Payment::new(vec![vec![0x01, 0x02, 0x03]]);
        assert!(payment.validate().is_ok());

        let empty_payment = Payment::new(vec![]);
        assert!(empty_payment.validate().is_err());
    }
}