feat(wasm-utxo): implement ExtParamsConfig for descriptor parsing

Add ExtParamsConfig struct to enable fine-grained control over
miniscript analysis checks when parsing descriptors. This allows
callers to selectively enable non-standard behaviors like drop
operations, timelock mixing, or malleability.

The configuration uses camelCase field names for JavaScript
compatibility and defaults all flags to false for sane behavior.

Issue: BTC-3357

Co-authored-by: llm-git <llm-git@ttll.de>

Author: OttoAllmendinger

packages/wasm-utxo/js/index.ts

@@ -38,6 +38,16 @@ export type DescriptorPkType = "derivable" | "definite" | "string";
 
 export type ScriptContext = "tap" | "segwitv0" | "legacy";
 
+export interface ExtParamsConfig {
+  drop?: boolean;
+  topUnsafe?: boolean;
+  resourceLimitations?: boolean;
+  timelockMixing?: boolean;
+  malleability?: boolean;
+  repeatedPk?: boolean;
+  rawPkh?: boolean;
+}
+
 declare module "./wasm/wasm_utxo.js" {
   interface WrapDescriptor {
     /** These are not the same types of nodes as in the ast module */
@@ -48,6 +58,11 @@ declare module "./wasm/wasm_utxo.js" {
   namespace WrapDescriptor {
     function fromString(descriptor: string, pkType: DescriptorPkType): WrapDescriptor;
     function fromStringDetectType(descriptor: string): WrapDescriptor;
+    function fromStringExt(
+      descriptor: string,
+      pkType: "definite",
+      extParams: ExtParamsConfig,
+    ): WrapDescriptor;
   }
 
   interface WrapMiniscript {

packages/wasm-utxo/src/wasm/descriptor.rs

@@ -1,4 +1,5 @@
 use crate::error::WasmUtxoError;
+use crate::wasm::try_from_js_value::get_field;
 use crate::wasm::try_into_js_value::TryIntoJsValue;
 use miniscript::bitcoin::secp256k1::{Secp256k1, Signing};
 use miniscript::bitcoin::ScriptBuf;
@@ -156,6 +157,83 @@ impl WrapDescriptor {
         }
     }
 
+    fn from_string_definite_ext(
+        descriptor: &str,
+        ext_params: &miniscript::miniscript::analyzable::ExtParams,
+    ) -> Result<WrapDescriptor, WasmUtxoError> {
+        let desc = Descriptor::<DefiniteDescriptorKey>::from_str_ext(descriptor, ext_params)?;
+        Ok(WrapDescriptor(WrapDescriptorEnum::Definite(desc)))
+    }
+
+    /// Parse a descriptor string with custom ExtParams for taproot leaf validation.
+    ///
+    /// This allows control over which miniscript analysis checks are applied to
+    /// taproot leaves. All options default to false (sane behavior).
+    ///
+    /// # Arguments
+    /// * `descriptor` - A string containing the descriptor to parse
+    /// * `pk_type` - The type of public key ("definite" only for now)
+    /// * `ext_params_config` - JavaScript object with optional boolean flags:
+    ///   - `drop`: Allow drop operations (r: wrapper)
+    ///   - `topUnsafe`: Allow scripts without signatures on all paths
+    ///   - `resourceLimitations`: Allow scripts exceeding resource limits
+    ///   - `timelockMixing`: Allow CSV + CLTV mixing
+    ///   - `malleability`: Allow malleable scripts
+    ///   - `repeatedPk`: Allow repeated public keys
+    ///   - `rawPkh`: Allow raw pubkey hash fragments
+    ///
+    /// # Example
+    /// ```javascript
+    /// // Allow r:older() only (for sBTC)
+    /// Descriptor.fromStringExt(desc, "definite", { drop: true })
+    ///
+    /// // Allow multiple extensions
+    /// Descriptor.fromStringExt(desc, "definite", { drop: true, malleability: true })
+    ///
+    /// // All sane (default)
+    /// Descriptor.fromStringExt(desc, "definite", {})
+    /// ```
+    #[wasm_bindgen(js_name = fromStringExt, skip_typescript)]
+    pub fn from_string_ext(
+        descriptor: &str,
+        pk_type: &str,
+        ext_params_config: JsValue,
+    ) -> Result<WrapDescriptor, WasmUtxoError> {
+        let flag = |key| -> Result<bool, WasmUtxoError> {
+            Ok(get_field::<Option<bool>>(&ext_params_config, key)?.unwrap_or(false))
+        };
+
+        let mut params = miniscript::miniscript::analyzable::ExtParams::sane();
+        if flag("drop")? {
+            params = params.drop();
+        }
+        if flag("topUnsafe")? {
+            params = params.top_unsafe();
+        }
+        if flag("resourceLimitations")? {
+            params = params.exceed_resource_limitations();
+        }
+        if flag("timelockMixing")? {
+            params = params.timelock_mixing();
+        }
+        if flag("malleability")? {
+            params = params.malleability();
+        }
+        if flag("repeatedPk")? {
+            params = params.repeated_pk();
+        }
+        if flag("rawPkh")? {
+            params = params.raw_pkh();
+        }
+
+        match pk_type {
+            "definite" => WrapDescriptor::from_string_definite_ext(descriptor, &params),
+            _ => Err(WasmUtxoError::new(
+                "fromStringExt only supports 'definite' pk_type",
+            )),
+        }
+    }
+
     /// Parse a descriptor string, automatically detecting the appropriate public key type.
     /// This will check if the descriptor contains wildcards to determine if it should be
     /// parsed as derivable or definite.

packages/wasm-utxo/src/wasm/try_from_js_value.rs

@@ -78,6 +78,14 @@ impl TryFromJsValue for u8 {
     }
 }
 
+impl TryFromJsValue for bool {
+    fn try_from_js_value(value: &JsValue) -> Result<Self, WasmUtxoError> {
+        value
+            .as_bool()
+            .ok_or_else(|| WasmUtxoError::new("Expected a boolean"))
+    }
+}
+
 impl TryFromJsValue for u32 {
     fn try_from_js_value(value: &JsValue) -> Result<Self, WasmUtxoError> {
         value