关于使用 xpub 和 Zcash 路径自动派生地址的问题

Question

I'm currently developing an API for my company which utilizes xpub and path to generate an address.

Thing is, I managed to do that for all cryptocurrencies we require except for Zcash. We're using trezor hardware wallet and Trezor connect doesn't work for us, since we need the flow to be detached from device itself.

Generally, I'm using bitcoinjs library for all other coins, yet I couldn't derive the right address format for zcash. Spent quite a lot of time searching in github issues, but no luck. A word of help would be really great, thanks guys: My code currently looks like this:

xpub = process.env.ZEC_PUB_KEY;
network = {
messagePrefix: '\x18ZCash Signed Message:\n',
bech32: 't1',
bip32: {
public: 0x0488b21e,
private: 0x0488ade4
},
pubKeyHash: 0x1cb8,
scriptHash: 0x1cbd,
wif: 0x80
};
p2wpkh = bjs.payments.p2wpkh({ pubkey: bjs.bip32.fromBase58(xpub, network).derive(0).derive(pathNumber).publicKey, network });
payment = bjs.payments.p2sh({ redeem: p2wpkh, network });
address = payment.address;

Answer 1

So, turns out I've found the answer, required some reading on weird resources. Hope this will help you.

First thing, zcash is not SegWit compatible, therefore the p2wpkh function won't work for this, you should use p2pkh. The p2sh method call is also redundant here, so the code will look something like this:

network = {
messagePrefix: '\x18ZCash Signed Message:\n',
bech32: 't1',
bip32: {
public: 0x0488b21e,
private: 0x0488ade4
},
pubKeyHash: 0x1cb8,
scriptHash: 0x1cbd,
wif: 0x80
};
payment= bjs.payments.p2pkh({ pubkey: bjs.bip32.fromBase58(xpub, network).derive(0).derive(pathNumber).publicKey, network });
address = payment.address;

Also, bitcoinjs-lib library doesn't support altcoins in some ways. In this case, the p2pkh function utilizes toUint8 in it's core, so you can basically fork the repo and update that method to use a data type of broader boundaries, toUint16LE.

Afterwards, the function will return a bitcoin address, but we need zcash. We can easily convert it by using the following function:

function baddrToTaddr(baddr_str) {
var baddr = bs58check.decode(baddr_str).slice(1);  // discard type byte
var taddr = new Uint8Array(22);
taddr.set(baddr, 2);
taddr.set([0x1c,0xb8], 0);  // set zcash type bytes
return bs58check.encode(Buffer.from(taddr));
}

That's it.

Answer 2

I used the solution first posted by Lasha Lomidze and built on top of that a little bit. I had a requirement to keep the default package the same, so I had to recreate the hash160 function used. I was then able to simplify the P2PKH address script function a little bit see below. Notice I use writeUInt16BE to correctly write the pubKeyHash vs writeUInt16LE due to the order in which the bytes are written:

function getP2PKHAddress2BytePubKeyHash(pubkey: Buffer, network: Network): string{
    // allocate 22 bytes instead of bitcoinlib-js 21
    const payload = Buffer.allocUnsafe(22)
    // write UInt16BE to make use of the network
    // pubKeyHash
    payload.writeUInt16BE(network.pubKeyHash, 0)
    
    // hash the pubkey and copy starting at position 2
    // because the writeUInt16BE writes to two bytes
    const hashVal = crypto.hash160(pubkey)
    hashVal.copy(payload, 2)

    // return payload with bs58 encoding
    return bs58check.encode(payload)
}

The below items I put in a file called crypto.ts and exported the hash160 function to be used by the above function.

export {}
const createHash = require('create-hash')

function ripemd160(buffer: Buffer): Buffer {
    try {
      return createHash('rmd160').update(buffer).digest()
    } catch (err) {
      return createHash('ripemd160').update(buffer).digest()
    }
}
function sha256(buffer: Buffer): Buffer {
    return createHash('sha256').update(buffer).digest()
}

export function hash160(buffer: Buffer): Buffer {
    return ripemd160(sha256(buffer))
}