search

paulmillr / scure-base

Secure, audited & 0-deps implementation of bech32, base64, base32, base16 & base58
https://paulmillr.com/noble/#scure
MIT License
106 stars 13 forks source link

Bech32 library fails my BIP 173 test vectors #17

Closed cmdruid closed 1 year ago

cmdruid commented 1 year ago

Hello Paul, I hope all is well with you!

I am running your bech32 library through a list of test vectors that I have lifted from Bitcoin BIP 173.

It passes most tests, but fails on a number of edge cases (such as weird version numbers).

I had previously been using another bech32 implementation written by Pieter Wuille. That implementation passes the test vectors and had been previously working okay, but it is not designed to handle longer bech32 strings.

The bech32 format is a mess, and I'm not sure if these failing test vectors are that important, but I'd like to hear your feedback.

P.S I converted the test vectors to JSON for easier use.

Pass vectors:

[
  ["BC1QW508D6QEJXTDG4Y5R3ZARVARY0C5XW7KV8F3T4", "751e76e8199196d454941c45d1b3a323f1433bd6"],
  ["tb1qrp33g0q5c5txsp9arysrx4k6zdkfs4nce4xj0gdcccefvpysxf3q0sl5k7", "1863143c14c5166804bd19203356da136c985678cd4d27a1b8c6329604903262"],
  ["BC1SW50QA3JX3S", "751e"],
  ["bc1zw508d6qejxtdg4y5r3zarvaryvg6kdaj", "751e76e8199196d454941c45d1b3a323"],
  ["tb1qqqqqp399et2xygdj5xreqhjjvcmzhxw4aywxecjdzew6hylgvsesrxh6hy", "000000c4a5cad46221b2a187905e5266362b99d5e91c6ce24d165dab93e86433"]
]

Fail vectors:

[
  ["an84characterslonghumanreadablepartthatcontainsthenumber1andtheexcludedcharactersbio1569pvx", "overall max length exceeded"],
  ["pzry9x0s0muk", "No separator character"],
  ["1pzry9x0s0muk", "Empty HRP"],
  ["x1b4n0q5v", "Invalid data character"],
  ["li1dgmt3", "Too short checksum"],
  ["A1G7SGD8", "checksum calculated with uppercase form of HRP"],
  ["10a06t8", "empty HRP"],
  ["1qzzfhee", "empty HRP"],
  ["bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t5", "Invalid checksum"],
  ["BC13W508D6QEJXTDG4Y5R3ZARVARY0C5XW7KN40WF2", "Invalid witness version"],
  ["bc1rw5uspcuh", "Invalid program length"],
  ["bc10w508d6qejxtdg4y5r3zarvary0c5xw7kw508d6qejxtdg4y5r3zarvary0c5xw7kw5rljs90", "Invalid program length"],
  ["bc1zw508d6qejxtdg4y5r3zarvaryvqyzf3du", "zero padding of more than 4 bits"],
  ["tb1qrp33g0q5c5txsp9arysrx4k6zdkfs4nce4xj0gdcccefvpysxf3pjxtptv", "Non-zero padding in 8-to-5 conversion"],
  ["bc1gmk9yu", "Empty data section"]
]
paulmillr commented 1 year ago

will take a look at these.

paulmillr commented 1 year ago

You are using the library in a wrong way. All tests actually pass.

Please take a look at the new README section: https://github.com/paulmillr/scure-base#bech32-bech32m-and-bitcoin