Javascript Taproot Address Generator for Browser

[cfbtcman]

Testnet or mainnet, 1st we need the code and we can look to a script that somebody have and learn step by step.

Somebody have a nodejs script working that creates tweaked taproot addresses with "dummy" script that could share here?

[witcher_sense]

Somebody have a nodejs script working that creates tweaked taproot addresses with "dummy" script that could share here?

Here is a NodeJS implementation of both bech32 and bech32m: https://github.com/sipa/bech32/tree/master/ref/javascript
You can test it with the following test vectors: https://github.com/bitcoin/bips/blob/master/bip-0341/wallet-test-vectors.json

An older version of the script can be installed with npm: https://www.npmjs.com/package/bech32

[pooya87]

I have another doubt in the hands, after google and ChatGPt the doubt subsist, is there any hashed Taproot address that protects the public key identity until 1st transaction be done as in Legacy and Segwit addresses or every Taproot address simple or with tweak never protect the public key identity ?

All Taproot addresses are always encoding a 32 byte data called the "witness program" that is always an x-only public key whether it is a single pubkey address like I explained above or if it is using the script spending route with a TapScript.
To put simply there no longer is hashing involved like P2PKH, P2WPKH, etc addresses.

Somebody have a nodejs script working that creates tweaked taproot addresses with "dummy" script that could share here?

Here is a NodeJS implementation of both bech32 and bech32m: https://github.com/sipa/bech32/tree/master/ref/javascript
You can test it with the following test vectors: https://github.com/bitcoin/bips/blob/master/bip-0341/wallet-test-vectors.json

An older version of the script can be installed with npm: https://www.npmjs.com/package/bech32

That's only the encoding part though. It doesn't have the code to Tweak public keys to create the address.

[cfbtcman]

All Taproot addresses are always encoding a 32 byte data called the "witness program" that is always an x-only public key whether it is a single pubkey address like I explained above or if it is using the script spending route with a TapScript.
To put simply there no longer is hashing involved like P2PKH, P2WPKH, etc addresses.

I don't care about if it is P2PKH or something else, the only thing I care about is if our x-only keep private if we use a tweaked bitcoin taproot address or it can be calculated by the address as in normal taproot addresses without tweak?

For many guys it seem it is not important to hide the public key, but for Satoshi it was important, so, I keep on Satoshi line, Taproot addresses YES, but need to be possible to hide the public key, if not, no thanks.

Ok, they can be used for hot wallets and many applications but never for cold wallets, it's the first protection against a possible future attack.

[cfbtcman]

Some words of ChatGPT about the subject:

According to the web search results, it is possible to revert a tweaked Taproot address to the x-only public key, but it requires some knowledge of elliptic curve cryptography and the Taproot protocol. Here is a brief explanation of how to do it:

•  A Taproot address is derived from a tweaked public key Q, which is the result of adding an internal public key P and a tweak value T. The tweak value T is the hash of the x-only public key P and an optional script path c. The formula is: Q = P + T, where T = H (P|c)G and G is the generator point of the secp256k1 curve.

•  To revert a tweaked Taproot address to the x-only public key, you need to subtract the tweak value T from the tweaked public key Q. The formula is: P = Q - T, where T = H (P|c)G.

•  However, you cannot directly compute T from Q, because you do not know P or c. You need to guess or obtain these values from some other source, such as the owner of the address or a transaction that spends from it.

•  If you know or guess c, you can compute T by hashing P and c and multiplying by G. Then you can subtract T from Q and get P. The formula is: P = Q - H (P|c)G.

What I think that is wrong, because if we know "c" we can't compute T by hashing P because we still don't know P, so, how can we use it to hash?

For my first interpretation I think tweaked taproot addresses really keep our public key private, but there is a lot of info on internet and even ChatGPT says the opposite, so, this post can help to clear the doubts for newbies like me.

Can the "legendary" guys comment it?

[pooya87]

I don't care about if it is P2PKH or something else, the only thing I care about is if our x-only keep private if we use a tweaked bitcoin taproot address or it can be calculated by the address as in normal taproot addresses without tweak?

If we use the second method of creating the Taproot address (explained here) then no we can't know the public key that was used, we only see the "tweaked" public key.

For many guys it seem it is not important to hide the public key, but for Satoshi it was important, so, I keep on Satoshi line, Taproot addresses YES, but need to be possible to hide the public key, if not, no thanks.

In asymmetric cryptography the public key needs to be public! otherwise the algorithm is useless.

What I think that is wrong, because if we know "c" we can't compute T by hashing P because we still don't know P, so, how can we use it to hash?

ChatGPT is not suitable to answer anything technical. A simple Google search would give you better results in most cases.
In this case you are correct, by having the Tweaked pubkey alone we can not reverse it to get the original pubkey because the last step is adding two pubkeys which is not reversible (pub_tweak = pub + (t * G)).

[cfbtcman]

I don't care about if it is P2PKH or something else, the only thing I care about is if our x-only keep private if we use a tweaked bitcoin taproot address or it can be calculated by the address as in normal taproot addresses without tweak?

If we use the second method of creating the Taproot address (explained here) then no we can't know the public key that was used, we only see the "tweaked" public key.

For many guys it seem it is not important to hide the public key, but for Satoshi it was important, so, I keep on Satoshi line, Taproot addresses YES, but need to be possible to hide the public key, if not, no thanks.

In asymmetric cryptography the public key needs to be public! otherwise the algorithm is useless.

What I think that is wrong, because if we know "c" we can't compute T by hashing P because we still don't know P, so, how can we use it to hash?

ChatGPT is not suitable to answer anything technical. A simple Google search would give you better results in most cases.
In this case you are correct, by having the Tweaked pubkey alone we can not reverse it to get the original pubkey because the last step is adding two pubkeys which is not reversible (pub_tweak = pub + (t * G)).

Thank you very much for your time on this, you really help me to go in the right direction,