feat(core): multisig signer now detects mustMatch public keys

Hanssen0 · Hanssen0 · commit d4a31880f3d6 · 2026-03-19T01:14:39.000+08:00
diff --git a/packages/core/src/hasher/hasherCkb.ts b/packages/core/src/hasher/hasherCkb.ts
@@ -81,3 +81,7 @@ export function hashCkb(...data: BytesLike[]): Hex {
   data.forEach((d) => hasher.update(d));
   return hasher.digest();
 }
+
+export function hashCkbShort(...data: BytesLike[]): Hex {
+  return hashCkb(...data).slice(0, HASH_CKB_SHORT_LENGTH * 2 + 2) as Hex;
+}
diff --git a/packages/core/src/signer/ckb/signerCkbPublicKey.ts b/packages/core/src/signer/ckb/signerCkbPublicKey.ts
@@ -2,7 +2,7 @@ import { Address } from "../../address/index.js";
 import { bytesFrom } from "../../bytes/index.js";
 import { Script, Transaction, TransactionLike } from "../../ckb/index.js";
 import { CellDepInfo, Client, KnownScript } from "../../client/index.js";
-import { HASH_CKB_SHORT_LENGTH, hashCkb } from "../../hasher/index.js";
+import { hashCkbShort } from "../../hasher/index.js";
 import { Hex, HexLike, hexFrom } from "../../hex/index.js";
 import { Signer, SignerSignType, SignerType } from "../signer/index.js";
 import { SECP256K1_SIGNATURE_LENGTH } from "./secp256k1Signing.js";
@@ -48,7 +48,7 @@ export class SignerCkbPublicKey extends Signer {
     return Address.fromKnownScript(
       this.client,
       KnownScript.Secp256k1Blake160,
-      bytesFrom(hashCkb(this.publicKey)).slice(0, HASH_CKB_SHORT_LENGTH),
+      hashCkbShort(this.publicKey),
     );
   }
 
diff --git a/packages/core/src/signer/ckb/signerMultisigCkb.test.ts b/packages/core/src/signer/ckb/signerMultisigCkb.test.ts
@@ -2,6 +2,8 @@ import { describe, expect, it } from "vitest";
 import { ccc } from "../../index.js";
 
 const client = new ccc.ClientPublicTestnet();
+const ZERO_HASH =
+  "0x0000000000000000000000000000000000000000000000000000000000000000";
 
 describe("MultisigCkbWitness", () => {
   it("should encode and decode correctly", () => {
@@ -57,6 +59,52 @@ describe("MultisigCkbWitness", () => {
       "0x6418f118e94d8dff7d9b0b59a4d837c4e201c5a9",
     );
   });
+
+  describe("signature matching logic", () => {
+    const privKey1 =
+      "0x0000000000000000000000000000000000000000000000000000000000000001";
+    const privKey2 =
+      "0x0000000000000000000000000000000000000000000000000000000000000002";
+    const privKey3 =
+      "0x0000000000000000000000000000000000000000000000000000000000000003";
+    const signer1 = new ccc.SignerCkbPrivateKey(client, privKey1);
+    const signer2 = new ccc.SignerCkbPrivateKey(client, privKey2);
+    const signer3 = new ccc.SignerCkbPrivateKey(client, privKey3);
+
+    const message = ccc.hashCkb("0x0123456789abcdef");
+
+    it("should count signatures when required signers signed", async () => {
+      const sig1 = await signer1._signMessage(message);
+      const sig2 = await signer2._signMessage(message);
+
+      const witness = ccc.MultisigCkbWitness.from({
+        publicKeys: [signer1.publicKey, signer2.publicKey, signer3.publicKey],
+        threshold: 2,
+        mustMatch: 1, // signer1 is required
+        signatures: [sig1, sig2],
+      });
+
+      const counts = witness.calcMatchedSignaturesCount(message);
+      expect(counts.required).toBe(1);
+      expect(counts.flexible).toBe(1);
+    });
+
+    it("should count signatures when only flexible signers signed", async () => {
+      const sig2 = await signer2._signMessage(message);
+      const sig3 = await signer3._signMessage(message);
+
+      const witness = ccc.MultisigCkbWitness.from({
+        publicKeys: [signer1.publicKey, signer2.publicKey, signer3.publicKey],
+        threshold: 2,
+        mustMatch: 1,
+        signatures: [sig2, sig3],
+      });
+
+      const counts = witness.calcMatchedSignaturesCount(message);
+      expect(counts.required).toBe(0);
+      expect(counts.flexible).toBe(2);
+    });
+  });
 });
 
 describe("SignerMultisigCkbReadonly", () => {
@@ -74,5 +122,199 @@ describe("SignerMultisigCkbReadonly", () => {
 
     expect(await signer.getMemberCount()).toBe(2);
     expect(await signer.getMemberThreshold()).toBe(1);
+    expect(await signer.getMemberRequiredCount()).toBe(0);
+  });
+
+  describe("getSignaturesCount with mustMatch", () => {
+    const privKey1 =
+      "0x0000000000000000000000000000000000000000000000000000000000000001";
+    const privKey2 =
+      "0x0000000000000000000000000000000000000000000000000000000000000002";
+    const privKey3 =
+      "0x0000000000000000000000000000000000000000000000000000000000000003";
+    const signer1 = new ccc.SignerCkbPrivateKey(client, privKey1);
+    const signer2 = new ccc.SignerCkbPrivateKey(client, privKey2);
+    const signer3 = new ccc.SignerCkbPrivateKey(client, privKey3);
+
+    const multisigSigner = new ccc.SignerMultisigCkbReadonly(client, {
+      publicKeys: [signer1.publicKey, signer2.publicKey, signer3.publicKey],
+      threshold: 2,
+      mustMatch: 1, // signer1 is required
+    });
+
+    const message = ccc.hashCkb("0x0123456789abcdef");
+    multisigSigner.getSignInfo = async () => ({
+      message: message,
+      position: 0,
+    });
+
+    const getTx = (signatures: string[]) =>
+      ccc.Transaction.from({
+        inputs: [{ previousOutput: { txHash: ZERO_HASH, index: 0 }, since: 0 }],
+        witnesses: [
+          ccc.WitnessArgs.from({
+            lock: ccc.MultisigCkbWitness.from({
+              publicKeyHashes: multisigSigner.multisigInfo.publicKeyHashes,
+              threshold: 2,
+              mustMatch: 1,
+              signatures,
+            }).toBytes(),
+          }).toBytes(),
+        ],
+      });
+
+    it("should return 1 when only required signer signed", async () => {
+      const sig1 = await signer1._signMessage(message);
+      const tx = getTx([sig1]);
+      expect(await multisigSigner.getSignaturesCount(tx)).toBe(1);
+      expect(await multisigSigner.needMoreSignatures(tx)).toBe(true);
+    });
+
+    it("should return 1 when only flexible signers signed", async () => {
+      const sig2 = await signer2._signMessage(message);
+      const sig3 = await signer3._signMessage(message);
+      const tx = getTx([sig2, sig3]);
+      expect(await multisigSigner.getSignaturesCount(tx)).toBe(1);
+      expect(await multisigSigner.needMoreSignatures(tx)).toBe(true);
+    });
+
+    it("should return 2 when required and flexible signers signed", async () => {
+      const sig1 = await signer1._signMessage(message);
+      const sig2 = await signer2._signMessage(message);
+      const tx = getTx([sig1, sig2]);
+      expect(await multisigSigner.getSignaturesCount(tx)).toBe(2);
+      expect(await multisigSigner.needMoreSignatures(tx)).toBe(false);
+    });
+  });
+
+  describe("aggregateTransactions with mustMatch", () => {
+    const privKey1 =
+      "0x0000000000000000000000000000000000000000000000000000000000000001";
+    const privKey2 =
+      "0x0000000000000000000000000000000000000000000000000000000000000002";
+    const privKey3 =
+      "0x0000000000000000000000000000000000000000000000000000000000000003";
+    const signer1 = new ccc.SignerCkbPrivateKey(client, privKey1);
+    const signer2 = new ccc.SignerCkbPrivateKey(client, privKey2);
+    const signer3 = new ccc.SignerCkbPrivateKey(client, privKey3);
+
+    const multisigSigner = new ccc.SignerMultisigCkbReadonly(client, {
+      publicKeys: [signer1.publicKey, signer2.publicKey, signer3.publicKey],
+      threshold: 2,
+      mustMatch: 1, // signer1 is required
+    });
+
+    const message = ccc.hashCkb("0x0123456789abcdef");
+    multisigSigner.getSignInfo = async () => ({
+      message: message,
+      position: 0,
+    });
+
+    it("should aggregate required signatures from different transactions", async () => {
+      const sig1 = await signer1._signMessage(message);
+      const sig2 = await signer2._signMessage(message);
+      const sig3 = await signer3._signMessage(message);
+
+      const tx1 = ccc.Transaction.from({
+        inputs: [{ previousOutput: { txHash: ZERO_HASH, index: 0 }, since: 0 }],
+        witnesses: [
+          ccc.WitnessArgs.from({
+            lock: ccc.MultisigCkbWitness.from({
+              publicKeyHashes: multisigSigner.multisigInfo.publicKeyHashes,
+              threshold: 2,
+              mustMatch: 1,
+              signatures: [sig2, sig3], // Missing required
+            }).toBytes(),
+          }).toBytes(),
+        ],
+      });
+
+      const tx2 = ccc.Transaction.from({
+        inputs: [{ previousOutput: { txHash: ZERO_HASH, index: 0 }, since: 0 }],
+        witnesses: [
+          ccc.WitnessArgs.from({
+            lock: ccc.MultisigCkbWitness.from({
+              publicKeyHashes: multisigSigner.multisigInfo.publicKeyHashes,
+              threshold: 2,
+              mustMatch: 1,
+              signatures: [sig1], // Contains required
+            }).toBytes(),
+          }).toBytes(),
+        ],
+      });
+
+      const aggregatedTx = await multisigSigner.aggregateTransactions([
+        tx1,
+        tx2,
+      ]);
+      const decodedWitness = multisigSigner.decodeWitnessArgsAt(
+        aggregatedTx,
+        0,
+      )!;
+
+      const { required, flexible } =
+        decodedWitness.calcMatchedSignaturesCount(message);
+      expect(required).toBe(1);
+      expect(flexible).toBe(1);
+      expect(decodedWitness.signatures.length).toBe(2);
+    });
+  });
+});
+
+describe("SignerMultisigCkbPrivateKey", () => {
+  const privKey1 =
+    "0x0000000000000000000000000000000000000000000000000000000000000001";
+  const privKey2 =
+    "0x0000000000000000000000000000000000000000000000000000000000000002";
+  const privKey3 =
+    "0x0000000000000000000000000000000000000000000000000000000000000003";
+  const signer1 = new ccc.SignerCkbPrivateKey(client, privKey1);
+  const signer2 = new ccc.SignerCkbPrivateKey(client, privKey2);
+  const signer3 = new ccc.SignerCkbPrivateKey(client, privKey3);
+
+  const multisigWitness: ccc.MultisigCkbWitnessLike = {
+    publicKeys: [signer1.publicKey, signer2.publicKey, signer3.publicKey],
+    threshold: 2,
+    mustMatch: 1, // signer1 is required
+  };
+
+  const message = ccc.hashCkb("0x0123456789abcdef");
+
+  it("should replace a flexible signature with a required one if threshold reached", async () => {
+    const sig2 = await signer2._signMessage(message);
+    const sig3 = await signer3._signMessage(message);
+
+    const multisigSigner1 = new ccc.SignerMultisigCkbPrivateKey(
+      client,
+      privKey1,
+      multisigWitness,
+    );
+    multisigSigner1.getSignInfo = async () => ({
+      message: message,
+      position: 0,
+    });
+
+    const tx = ccc.Transaction.from({
+      inputs: [{ previousOutput: { txHash: ZERO_HASH, index: 0 }, since: 0 }],
+      witnesses: [
+        ccc.WitnessArgs.from({
+          lock: ccc.MultisigCkbWitness.from({
+            publicKeyHashes: multisigSigner1.multisigInfo.publicKeyHashes,
+            threshold: 2,
+            mustMatch: 1,
+            signatures: [sig2, sig3],
+          }).toBytes(),
+        }).toBytes(),
+      ],
+    });
+
+    const signedTx = await multisigSigner1.signOnlyTransaction(tx);
+    const decodedWitness = multisigSigner1.decodeWitnessArgsAt(signedTx, 0)!;
+
+    const { required, flexible } =
+      decodedWitness.calcMatchedSignaturesCount(message);
+    expect(required).toBe(1);
+    expect(flexible).toBe(1);
+    expect(decodedWitness.signatures.length).toBe(2);
   });
 });
diff --git a/packages/core/src/signer/ckb/signerMultisigCkbPrivateKey.ts b/packages/core/src/signer/ckb/signerMultisigCkbPrivateKey.ts
@@ -1,10 +1,8 @@
 import { SinceLike, Transaction, TransactionLike } from "../../ckb/index.js";
 import { Client, KnownScript, ScriptInfoLike } from "../../client/index.js";
+import { hashCkbShort } from "../../hasher/index.js";
 import { Hex, hexFrom, HexLike } from "../../hex/index.js";
-import {
-  signMessageSecp256k1,
-  verifyMessageSecp256k1,
-} from "./secp256k1Signing.js";
+import { signMessageSecp256k1 } from "./secp256k1Signing.js";
 import { SignerCkbPrivateKey } from "./signerCkbPrivateKey.js";
 import {
   MultisigCkbWitnessLike,
@@ -51,6 +49,14 @@ export class SignerMultisigCkbPrivateKey extends SignerMultisigCkbReadonly {
   async signOnlyTransaction(txLike: TransactionLike): Promise<Transaction> {
     let tx = Transaction.from(txLike);
 
+    const thisPubkeyHash = hashCkbShort(this.signer.publicKey);
+
+    const index = this.multisigInfo.publicKeyHashes.indexOf(thisPubkeyHash);
+    if (index === -1) {
+      return tx;
+    }
+    const isSelfRequired = index < this.multisigInfo.mustMatch;
+
     for (const { script } of await this.scriptInfos) {
       const info = await this.getSignInfo(tx, script);
       if (!info) {
@@ -62,31 +68,47 @@ export class SignerMultisigCkbPrivateKey extends SignerMultisigCkbReadonly {
         tx,
         info.position,
         async (witness) => {
-          if (
-            witness.signatures.some(
-              (sig) =>
-                sig !== SignerMultisigCkbPrivateKey.EmptySignature &&
-                verifyMessageSecp256k1(
-                  info.message,
-                  sig,
-                  this.signer.publicKey,
-                ),
-            )
-          ) {
-            // Has signed
-            return;
-          }
+          // We re-evaluate the signatures to filter invalid / excessive signatures
+          const signatures: Hex[] = [];
+          let requiredCount = 0;
 
-          const empty = witness.signatures.findIndex(
-            (sig) => sig === SignerMultisigCkbPrivateKey.EmptySignature,
-          );
-          if (empty === -1) {
-            return;
-          }
+          // === Returns if: ===
+          // === 1. This signer already signed the transaction ===
+          // === 2. The transaction already has enough flexible signatures, and this signer is not required ===
+          // === 3. `mustMatch` equals to `threshold` but we have more this signer is not required.
+          for (const {
+            pubkeyHash,
+            signature,
+            isRequired,
+          } of witness.generatePublicKeyHashesFromSignatures(info.message)) {
+            if (pubkeyHash === thisPubkeyHash) {
+              // Has signed
+              return;
+            }
 
-          const signature = signMessageSecp256k1(info.message, this.privateKey);
+            if (isRequired) {
+              requiredCount += 1;
+            } else if (
+              signatures.length - requiredCount >=
+              this.multisigInfo.flexibleThreshold
+            ) {
+              // Too many flexible signatures
+              if (!isSelfRequired) {
+                return;
+              }
+              continue;
+            }
+
+            signatures.push(signature);
+            if (signatures.length >= this.multisigInfo.threshold) {
+              // Too many signatures and the flexible detect doesn't work. Only happens if all signatures are required.
+              return;
+            }
+          }
+          // === This signature is required or it's flexible but we don't have enough flexible signatures ===
 
-          witness.signatures[empty] = signature;
+          signatures.push(signMessageSecp256k1(info.message, this.privateKey));
+          witness.signatures = signatures;
         },
       );
     }
diff --git a/packages/core/src/signer/ckb/signerMultisigCkbReadonly.ts b/packages/core/src/signer/ckb/signerMultisigCkbReadonly.ts
diff --git a/packages/core/src/signer/signer/index.ts b/packages/core/src/signer/signer/index.ts

Original file line number	Diff line number	Diff line change
`@@ -81,3 +81,7 @@ export function hashCkb(...data: BytesLike[]): Hex {`
`81`	`81`	`data.forEach((d) => hasher.update(d));`
`82`	`82`	`return hasher.digest();`
`83`	`83`	`}`
	`84`	`+`
	`85`	`+export function hashCkbShort(...data: BytesLike[]): Hex {`
	`86`	`+ return hashCkb(...data).slice(0, HASH_CKB_SHORT_LENGTH * 2 + 2) as Hex;`
	`87`	`+}`