def __init__(self, tx: SignTx, keychain: seed.Keychain,
coin: coininfo.CoinInfo) -> None:
self.coin = coin
self.tx = helpers.sanitize_sign_tx(tx, coin)
self.keychain = keychain
# checksum of multisig inputs, used to validate change-output
self.multisig_fingerprint = MultisigFingerprintChecker()
# common prefix of input paths, used to validate change-output
self.wallet_path = WalletPathChecker()
# set of indices of inputs which are segwit
self.segwit = set() # type: Set[int]
# set of indices of inputs which are external
self.external = set() # type: Set[int]
# amounts
self.total_in = 0 # sum of input amounts
self.external_in = 0 # sum of external input amounts
self.total_out = 0 # sum of output amounts
self.change_out = 0 # change output amount
self.change_count = 0 # the number of change-outputs
self.weight = tx_weight.TxWeightCalculator(tx.inputs_count,
tx.outputs_count)
# transaction and signature serialization
self.serialized_tx = writers.empty_bytearray(
_MAX_SERIALIZED_CHUNK_SIZE)
self.tx_req = TxRequest()
self.tx_req.details = TxRequestDetailsType()
self.tx_req.serialized = TxRequestSerializedType()
self.tx_req.serialized.serialized_tx = self.serialized_tx
# h_confirmed is used to make sure that the inputs and outputs streamed for
# confirmation in Steps 1 and 2 are the same as the ones streamed for signing
# legacy inputs in Step 5.
self.h_confirmed = self.create_hash_writer() # not a real tx hash
# h_external is used to make sure that the signed external inputs streamed for
# confirmation in Step 1 are the same as the ones streamed for verification
# in Step 3.
self.h_external = self.create_hash_writer()
# BIP-0143 transaction hashing
self.init_hash143()
progress.init(self.tx.inputs_count, self.tx.outputs_count)
def __init__(
self,
tx: SignTx,
keychain: Keychain,
coin: CoinInfo,
approver: approvers.Approver,
) -> None:
self.tx = helpers.sanitize_sign_tx(tx, coin)
self.keychain = keychain
self.coin = coin
self.approver = approver
# checksum of multisig inputs, used to validate change-output
self.multisig_fingerprint = MultisigFingerprintChecker()
# common prefix of input paths, used to validate change-output
self.wallet_path = WalletPathChecker()
# set of indices of inputs which are segwit
self.segwit = set() # type: Set[int]
# set of indices of inputs which are external
self.external = set() # type: Set[int]
# transaction and signature serialization
self.serialized_tx = writers.empty_bytearray(
_MAX_SERIALIZED_CHUNK_SIZE)
self.tx_req = TxRequest()
self.tx_req.details = TxRequestDetailsType()
self.tx_req.serialized = TxRequestSerializedType()
self.tx_req.serialized.serialized_tx = self.serialized_tx
# h_approved is used to make sure that the inputs and outputs streamed for
# approval in Steps 1 and 2 are the same as the ones streamed for signing
# legacy inputs in Step 4.
self.h_approved = self.create_hash_writer() # not a real tx hash
# h_inputs is a digest of the inputs streamed for approval in Step 1, which
# is used to ensure that the inputs streamed for verification in Step 3 are
# the same as those in Step 1.
self.h_inputs = None # type: Optional[bytes]
# BIP-0143 transaction hashing
self.init_hash143()
progress.init(self.tx.inputs_count, self.tx.outputs_count)
def __init__(
self,
tx: SignTx,
keychain: Keychain,
coin: CoinInfo,
approver: approvers.Approver | None,
) -> None:
self.tx_info = TxInfo(self, helpers.sanitize_sign_tx(tx, coin))
self.keychain = keychain
self.coin = coin
if approver is not None:
self.approver = approver
else:
self.approver = approvers.BasicApprover(tx, coin)
# set of indices of inputs which are segwit
self.segwit: set[int] = set()
# set of indices of inputs which are external
self.external: set[int] = set()
# transaction and signature serialization
self.serialized_tx = writers.empty_bytearray(
_MAX_SERIALIZED_CHUNK_SIZE)
self.tx_req = TxRequest()
self.tx_req.details = TxRequestDetailsType()
self.tx_req.serialized = TxRequestSerializedType()
self.tx_req.serialized.serialized_tx = self.serialized_tx
# List of original transactions which are being replaced by the current transaction.
# Note: A List is better than a Dict of TXID -> OriginalTxInfo. Dict ordering is
# undefined so we would need to convert to a sorted list in several places to ensure
# stable device tests.
self.orig_txs: list[OriginalTxInfo] = []
# h_inputs is a digest of the inputs streamed for approval in Step 1, which
# is used to ensure that the inputs streamed for verification in Step 3 are
# the same as those in Step 1.
self.h_inputs: bytes | None = None
progress.init(tx.inputs_count, tx.outputs_count)
def test_purchase_ticket(self):
inp1 = TxInput(
address_n=[44 | 0x80000000, 42 | 0x80000000, 0 | 0x80000000, 0, 0],
prev_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
prev_index=0,
amount=390000,
multisig=None,
sequence=0xFFFF_FFFF,
)
out1 = TxOutput(
address="DsaHnKa418BeeQmyhpQEGG4cxGAPrneydfv",
amount=390000 - 10000,
script_type=OutputScriptType.PAYTOADDRESS,
multisig=None,
)
out2 = TxOutput(
address_n=[44 | 0x80000000, 42 | 0x80000000, 0 | 0x80000000, 0, 0],
amount=390000,
script_type=OutputScriptType.PAYTOADDRESS,
multisig=None,
)
out3 = TxOutput(
address="DsQxuVRvS4eaJ42dhQEsCXauMWjvopWgrVg",
amount=0,
script_type=OutputScriptType.PAYTOADDRESS,
multisig=None,
)
tx = SignTx(coin_name="Decred",
version=1,
lock_time=0,
inputs_count=1,
outputs_count=3,
decred_staking_ticket=True)
messages = [
None,
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify("0100000001")),
),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(serialized_tx=unhexlify(
"4ac247307a054c37525169a78d690a7a7f87d709bef7d722aae85584f59c8fdf0000000000ffffffff03"
)),
),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmDecredSSTXSubmission(out1, coin_decred,
AmountUnit.BITCOIN),
True,
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(serialized_tx=unhexlify(
"60cc05000000000000001aba76a914664b0cd46741a695a38f8ed37db2a20327471beb88ac"
)),
),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=2, tx_hash=None),
serialized=TxRequestSerializedType(serialized_tx=unhexlify(
"00000000000000000000206a1e762e46655536d93ad13f88a49bde9a2df45fe62e70f30500000000000058"
)),
),
TxAckOutput(tx=TxAckOutputWrapper(output=out3)),
helpers.UiConfirmTotal(380000 + 10000, 10000, coin_decred,
AmountUnit.BITCOIN),
True,
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(serialized_tx=unhexlify(
"000000000000000000001abd76a914000000000000000000000000000000000000000088ac0000000000000000"
)),
),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXMETA,
details=TxRequestDetailsType(
request_index=None,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevMeta(tx=ptx1),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=1,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp2)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify("01")),
),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
signature_index=0,
signature=unhexlify(
"3045022100d2a6baadc88ea67ec94a1f6dca70882e647e9af68d24e1bc72f9c27359e5e6ff02207b8a939e7cf82e79e2947e8fe59a14c11ee0b3a9cd1ff084d9bd54e23291b6be"
),
serialized_tx=unhexlify(
"70f305000000000000000000ffffffff6b483045022100d2a6baadc88ea67ec94a1f6dca70882e647e9af68d24e1bc72f9c27359e5e6ff02207b8a939e7cf82e79e2947e8fe59a14c11ee0b3a9cd1ff084d9bd54e23291b6be012103fc15aa2f684457332c0ef1fe44d908ab97208102a1792caa13bcc5e886c4b321"
)),
),
]
seed = bip39.seed(
"alcohol woman abuse must during monitor noble actual mixed trade anger aisle",
"",
)
ns = get_schemas_for_coin(coin_decred)
keychain = Keychain(seed, coin_decred.curve_name, ns)
signer = decred.Decred(tx, keychain, coin_decred, None).signer()
for request, response in chunks(messages, 2):
res = signer.send(request)
if isinstance(res, tuple):
_, res = res
self.assertEqual(res, response)
with self.assertRaises(StopIteration):
signer.send(None)
async def check_tx_fee(tx: SignTx, keychain: seed.Keychain, coin: coininfo.CoinInfo):
# h_first is used to make sure the inputs and outputs streamed in Phase 1
# are the same as in Phase 2. it is thus not required to fully hash the
# tx, as the SignTx info is streamed only once
h_first = utils.HashWriter(sha256()) # not a real tx hash
if not utils.BITCOIN_ONLY and coin.decred:
hash143 = decred.DecredPrefixHasher(tx) # pseudo BIP-0143 prefix hashing
tx_ser = TxRequestSerializedType()
elif not utils.BITCOIN_ONLY and coin.overwintered:
if tx.version == 3:
branch_id = tx.branch_id or 0x5BA81B19 # Overwinter
hash143 = zcash.Zip143(branch_id) # ZIP-0143 transaction hashing
elif tx.version == 4:
branch_id = tx.branch_id or 0x76B809BB # Sapling
hash143 = zcash.Zip243(branch_id) # ZIP-0243 transaction hashing
else:
raise SigningError(
FailureType.DataError,
"Unsupported version for overwintered transaction",
)
else:
hash143 = segwit_bip143.Bip143() # BIP-0143 transaction hashing
multisig_fp = multisig.MultisigFingerprint() # control checksum of multisig inputs
weight = tx_weight.TxWeightCalculator(tx.inputs_count, tx.outputs_count)
total_in = 0 # sum of input amounts
bip143_in = 0 # sum of segwit input amounts
total_out = 0 # sum of output amounts
change_out = 0 # change output amount
wallet_path = [] # common prefix of input paths
segwit = {} # dict of booleans stating if input is segwit
# output structures
txo_bin = TxOutputBinType()
tx_req = TxRequest()
tx_req.details = TxRequestDetailsType()
for i in range(tx.inputs_count):
progress.advance()
# STAGE_REQUEST_1_INPUT
txi = await helpers.request_tx_input(tx_req, i, coin)
wallet_path = input_extract_wallet_path(txi, wallet_path)
writers.write_tx_input_check(h_first, txi)
weight.add_input(txi)
hash143.add_prevouts(txi) # all inputs are included (non-segwit as well)
hash143.add_sequence(txi)
if not addresses.validate_full_path(txi.address_n, coin, txi.script_type):
await helpers.confirm_foreign_address(txi.address_n)
if txi.multisig:
multisig_fp.add(txi.multisig)
else:
multisig_fp.mismatch = True
if txi.script_type in (
InputScriptType.SPENDWITNESS,
InputScriptType.SPENDP2SHWITNESS,
):
if not coin.segwit:
raise SigningError(
FailureType.DataError, "Segwit not enabled on this coin"
)
if not txi.amount:
raise SigningError(FailureType.DataError, "Segwit input without amount")
segwit[i] = True
bip143_in += txi.amount
total_in += txi.amount
elif txi.script_type in (
InputScriptType.SPENDADDRESS,
InputScriptType.SPENDMULTISIG,
):
if not utils.BITCOIN_ONLY and (coin.force_bip143 or coin.overwintered):
if not txi.amount:
raise SigningError(
FailureType.DataError, "Expected input with amount"
)
segwit[i] = False
bip143_in += txi.amount
total_in += txi.amount
else:
segwit[i] = False
total_in += await get_prevtx_output_value(
coin, tx_req, txi.prev_hash, txi.prev_index
)
else:
raise SigningError(FailureType.DataError, "Wrong input script type")
if not utils.BITCOIN_ONLY and coin.decred:
w_txi = writers.empty_bytearray(8 if i == 0 else 0 + 9 + len(txi.prev_hash))
if i == 0: # serializing first input => prepend headers
# decred doesn't support segwit
write_tx_header(w_txi, coin, tx, False)
writers.write_tx_input_decred(w_txi, txi)
tx_ser.serialized_tx = w_txi
tx_req.serialized = tx_ser
if not utils.BITCOIN_ONLY and coin.decred:
hash143.add_output_count(tx)
for o in range(tx.outputs_count):
# STAGE_REQUEST_3_OUTPUT
txo = await helpers.request_tx_output(tx_req, o, coin)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, keychain)
weight.add_output(txo_bin.script_pubkey)
if change_out == 0 and output_is_change(txo, wallet_path, multisig_fp):
# output is change and does not need confirmation
change_out = txo.amount
elif not await helpers.confirm_output(txo, coin):
raise SigningError(FailureType.ActionCancelled, "Output cancelled")
if not utils.BITCOIN_ONLY and coin.decred:
if txo.decred_script_version is not None and txo.decred_script_version != 0:
raise SigningError(
FailureType.ActionCancelled,
"Cannot send to output with script version != 0",
)
txo_bin.decred_script_version = txo.decred_script_version
w_txo_bin = writers.empty_bytearray(
4 + 8 + 2 + 4 + len(txo_bin.script_pubkey)
)
if o == 0: # serializing first output => prepend outputs count
writers.write_varint(w_txo_bin, tx.outputs_count)
writers.write_tx_output(w_txo_bin, txo_bin)
tx_ser.serialized_tx = w_txo_bin
tx_req.serialized = tx_ser
hash143.set_last_output_bytes(w_txo_bin)
writers.write_tx_output(h_first, txo_bin)
hash143.add_output(txo_bin)
total_out += txo_bin.amount
fee = total_in - total_out
if not utils.BITCOIN_ONLY and coin.negative_fee:
pass # bypass check for negative fee coins, required for reward TX
else:
if fee < 0:
raise SigningError(FailureType.NotEnoughFunds, "Not enough funds")
# fee > (coin.maxfee per byte * tx size)
if fee > (coin.maxfee_kb / 1000) * (weight.get_total() / 4):
if not await helpers.confirm_feeoverthreshold(fee, coin):
raise SigningError(FailureType.ActionCancelled, "Signing cancelled")
if tx.lock_time > 0:
if not await helpers.confirm_nondefault_locktime(tx.lock_time):
raise SigningError(FailureType.ActionCancelled, "Locktime cancelled")
if not await helpers.confirm_total(total_in - change_out, fee, coin):
raise SigningError(FailureType.ActionCancelled, "Total cancelled")
if not utils.BITCOIN_ONLY and coin.decred:
hash143.add_locktime_expiry(tx)
return h_first, hash143, segwit, bip143_in, wallet_path, multisig_fp
from trezor.messages.TxInputType import TxInputType
from trezor.messages.TxOutputType import TxOutputType
from trezor.messages.TxOutputBinType import TxOutputBinType
from trezor.messages.TxRequest import TxRequest
from trezor.messages.TxAck import TxAck
from trezor.messages.TransactionType import TransactionType
from trezor.messages.RequestType import TXINPUT, TXOUTPUT, TXMETA
from trezor.messages.TxRequestDetailsType import TxRequestDetailsType
from trezor.messages.TxRequestSerializedType import TxRequestSerializedType
from trezor.messages import OutputScriptType
from apps.common import coins
from apps.common.keychain import Keychain
from apps.bitcoin.sign_tx import bitcoin, helpers
EMPTY_SERIALIZED = TxRequestSerializedType(serialized_tx=bytearray())
class TestSignTxFeeThreshold(unittest.TestCase):
# pylint: disable=C0301
# the following test is disabled, because there are not enough
# inputs to trigger the excessive threshold warning
#
# this is being tested in the device test:
# test_msg_signtx.test_testnet_fee_too_high
"""
def test_over_fee_threshold(self):
coin_bitcoin = coins.by_name('Bitcoin')
ptx1 = TransactionType(version=1, lock_time=0, inputs_cnt=2, outputs_cnt=1, extra_data_len=0)
def test_send_p2wpkh_in_p2sh_attack_amount(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInput(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=10,
prev_hash=unhexlify(
'20912f98ea3ed849042efed0fdac8cb4fc301961c5988cba56902d8ffb61c337'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xffffffff,
multisig=None,
)
ptx1 = PrevTx(version=1,
lock_time=0,
inputs_count=1,
outputs_count=2,
extra_data_len=0)
pinp1 = PrevInput(
script_sig=unhexlify(
'4730440220548e087d0426b20b8a571b03b9e05829f7558b80c53c12143e342f56ab29e51d02205b68cb7fb223981d4c999725ac1485a982c4259c4f50b8280f137878c232998a012102794a25b254a268e59a5869da57fbae2fadc6727cb3309321dab409b12b2fa17c'
),
prev_hash=unhexlify(
'802cabf0843b945eabe136d7fc7c89f41021658abf56cba000acbce88c41143a'
),
prev_index=0,
sequence=4294967295)
pout1 = PrevOutput(script_pubkey=unhexlify(
'a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'),
amount=123456789)
pout2 = PrevOutput(script_pubkey=unhexlify(
'76a914b84bacdcd8f4cc59274a5bfb73f804ca10f7fd1488ac'),
amount=865519308)
inpattack = TxInput(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=9, # modified!
prev_hash=unhexlify(
'20912f98ea3ed849042efed0fdac8cb4fc301961c5988cba56902d8ffb61c337'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xffffffff,
multisig=None,
)
out1 = TxOutput(
address='mhRx1CeVfaayqRwq5zgRQmD7W5aWBfD5mC',
amount=8,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutput(
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
script_type=OutputScriptType.PAYTOP2SHWITNESS,
amount=1,
address=None,
multisig=None,
)
tx = SignTx(coin_name='Testnet',
version=1,
lock_time=0,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inpattack)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
helpers.UiConfirmTotal(9 - 1, 9 - 8 - 1, coin),
True,
# check prev tx
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXMETA,
details=TxRequestDetailsType(request_index=None,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevMeta(tx=ptx1),
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout2)),
# sign tx
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'), )),
]
ns = get_namespaces_for_coin(coin)
keychain = Keychain(seed, coin.curve_name, ns)
approver = BasicApprover(tx, coin)
signer = bitcoin.Bitcoin(tx, keychain, coin, approver).signer()
i = 0
messages_count = int(len(messages) / 2)
for request, expected_response in chunks(messages, 2):
if i == messages_count - 1: # last message should throw wire.Error
self.assertRaises(wire.DataError, signer.send, request)
else:
response = signer.send(request)
if isinstance(response, tuple):
_, response = response
self.assertEqual(response, expected_response)
i += 1
with self.assertRaises(StopIteration):
signer.send(None)
async def check_tx_fee(tx: SignTx, root: bip32.HDNode):
coin = coins.by_name(tx.coin_name)
# h_first is used to make sure the inputs and outputs streamed in Phase 1
# are the same as in Phase 2. it is thus not required to fully hash the
# tx, as the SignTx info is streamed only once
h_first = HashWriter(sha256()) # not a real tx hash
if coin.decred:
hash143 = DecredPrefixHasher(tx) # pseudo bip143 prefix hashing
tx_ser = TxRequestSerializedType()
elif tx.overwintered:
if tx.version == 3:
hash143 = Zip143() # ZIP-0143 transaction hashing
elif tx.version == 4:
hash143 = Zip243() # ZIP-0243 transaction hashing
else:
raise SigningError(
FailureType.DataError,
"Unsupported version for overwintered transaction",
)
else:
hash143 = Bip143() # BIP-0143 transaction hashing
multifp = MultisigFingerprint() # control checksum of multisig inputs
weight = TxWeightCalculator(tx.inputs_count, tx.outputs_count)
total_in = 0 # sum of input amounts
segwit_in = 0 # sum of segwit input amounts
total_out = 0 # sum of output amounts
change_out = 0 # change output amount
wallet_path = [] # common prefix of input paths
segwit = {} # dict of booleans stating if input is segwit
# output structures
txo_bin = TxOutputBinType()
tx_req = TxRequest()
tx_req.details = TxRequestDetailsType()
for i in range(tx.inputs_count):
progress.advance()
# STAGE_REQUEST_1_INPUT
txi = await request_tx_input(tx_req, i)
wallet_path = input_extract_wallet_path(txi, wallet_path)
write_tx_input_check(h_first, txi)
weight.add_input(txi)
hash143.add_prevouts(
txi) # all inputs are included (non-segwit as well)
hash143.add_sequence(txi)
if not address_n_matches_coin(txi.address_n, coin):
await confirm_foreign_address(txi.address_n, coin)
if txi.multisig:
multifp.add(txi.multisig)
if txi.script_type in (
InputScriptType.SPENDWITNESS,
InputScriptType.SPENDP2SHWITNESS,
):
if not coin.segwit:
raise SigningError(FailureType.DataError,
"Segwit not enabled on this coin")
if not txi.amount:
raise SigningError(FailureType.DataError,
"Segwit input without amount")
segwit[i] = True
segwit_in += txi.amount
total_in += txi.amount
elif txi.script_type in (
InputScriptType.SPENDADDRESS,
InputScriptType.SPENDMULTISIG,
):
if coin.force_bip143 or tx.overwintered:
if not txi.amount:
raise SigningError(FailureType.DataError,
"Expected input with amount")
segwit[i] = False
segwit_in += txi.amount
total_in += txi.amount
else:
segwit[i] = False
total_in += await get_prevtx_output_value(
coin, tx_req, txi.prev_hash, txi.prev_index)
else:
raise SigningError(FailureType.DataError,
"Wrong input script type")
if coin.decred:
w_txi = empty_bytearray(8 if i == 0 else 0 + 9 +
len(txi.prev_hash))
if i == 0: # serializing first input => prepend headers
write_bytes(w_txi, get_tx_header(coin, tx))
write_tx_input_decred(w_txi, txi)
tx_ser.serialized_tx = w_txi
tx_req.serialized = tx_ser
if coin.decred:
hash143.add_output_count(tx)
for o in range(tx.outputs_count):
# STAGE_REQUEST_3_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
weight.add_output(txo_bin.script_pubkey)
if change_out == 0 and is_change(txo, wallet_path, segwit_in, multifp):
# output is change and does not need confirmation
change_out = txo.amount
elif not await confirm_output(txo, coin):
raise SigningError(FailureType.ActionCancelled, "Output cancelled")
if coin.decred:
if txo.decred_script_version is not None and txo.decred_script_version != 0:
raise SigningError(
FailureType.ActionCancelled,
"Cannot send to output with script version != 0",
)
txo_bin.decred_script_version = txo.decred_script_version
w_txo_bin = empty_bytearray(4 + 8 + 2 + 4 +
len(txo_bin.script_pubkey))
if o == 0: # serializing first output => prepend outputs count
write_varint(w_txo_bin, tx.outputs_count)
write_tx_output(w_txo_bin, txo_bin)
tx_ser.serialized_tx = w_txo_bin
tx_req.serialized = tx_ser
hash143.set_last_output_bytes(w_txo_bin)
write_tx_output(h_first, txo_bin)
hash143.add_output(txo_bin)
total_out += txo_bin.amount
fee = total_in - total_out
if fee < 0:
raise SigningError(FailureType.NotEnoughFunds, "Not enough funds")
# fee > (coin.maxfee per byte * tx size)
if fee > (coin.maxfee_kb / 1000) * (weight.get_total() / 4):
if not await confirm_feeoverthreshold(fee, coin):
raise SigningError(FailureType.ActionCancelled,
"Signing cancelled")
if not await confirm_total(total_in - change_out, fee, coin):
raise SigningError(FailureType.ActionCancelled, "Total cancelled")
if coin.decred:
hash143.add_locktime_expiry(tx)
return h_first, hash143, segwit, total_in, wallet_path
def test_send_p2wpkh_in_p2sh(self):
coin = coins.by_name('Groestlcoin Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInputType(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZYBtBZ7
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=123456789,
prev_hash=unhexlify(
'09a48bce2f9d5c6e4f0cb9ea1b32d0891855e8acfe5334f9ebd72b9ad2de60cf'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xfffffffe,
multisig=None,
)
out1 = TxOutputType(
address='mvbu1Gdy8SUjTenqerxUaZyYjmvedc787y',
amount=12300000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutputType(
address='2N1LGaGg836mqSQqiuUBLfcyGBhyZYBtBZ7',
script_type=OutputScriptType.PAYTOADDRESS,
amount=123456789 - 11000 - 12300000,
address_n=[],
multisig=None,
)
tx = SignTx(coin_name='Groestlcoin Testnet',
version=None,
lock_time=650756,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out1])),
helpers.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out2])),
helpers.UiConfirmOutput(out2, coin),
True,
helpers.UiConfirmNonDefaultLocktime(tx.lock_time),
True,
helpers.UiConfirmTotal(123445789 + 11000, 11000, coin),
True,
# sign tx
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'), )),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify(
'cf60ded29a2bd7ebf93453feace8551889d0321beab90c4f6e5c9d2fce8ba4090000000017160014d16b8c0680c61fc6ed2e407455715055e41052f5feffffff02'
), )),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'e0aebb00000000001976a914a579388225827d9f2fe9014add644487808c695d88ac'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(outputs=[out2])),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'3df39f060000000017a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify(
'02483045022100b7ce2972bcbc3a661fe320ba901e680913b2753fcb47055c9c6ba632fc4acf81022001c3cfd6c2fe92eb60f5176ce0f43707114dd7223da19c56f2df89c13c2fef80012103e7bfe10708f715e8538c92d46ca50db6f657bbc455b7494e6a0303ccdb868b7904ee0900'
),
signature_index=0,
signature=unhexlify(
'3045022100b7ce2972bcbc3a661fe320ba901e680913b2753fcb47055c9c6ba632fc4acf81022001c3cfd6c2fe92eb60f5176ce0f43707114dd7223da19c56f2df89c13c2fef80'
),
)),
]
ns = get_namespaces_for_coin(coin)
keychain = Keychain(seed, ns)
signer = bitcoinlike.Bitcoinlike(tx, keychain, coin).signer()
for request, response in chunks(messages, 2):
self.assertEqual(signer.send(request), response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_send_p2wpkh_in_p2sh_attack_amount(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
root = bip32.from_seed(seed, 'secp256k1')
inp1 = TxInputType(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=10,
prev_hash=unhexlify(
'20912f98ea3ed849042efed0fdac8cb4fc301961c5988cba56902d8ffb61c337'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xffffffff,
multisig=None,
)
inpattack = TxInputType(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=9, # modified!
prev_hash=unhexlify(
'20912f98ea3ed849042efed0fdac8cb4fc301961c5988cba56902d8ffb61c337'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xffffffff,
multisig=None,
)
out1 = TxOutputType(
address='mhRx1CeVfaayqRwq5zgRQmD7W5aWBfD5mC',
amount=8,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=None,
)
out2 = TxOutputType(
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
script_type=OutputScriptType.PAYTOP2SHWITNESS,
amount=1,
address=None,
)
tx = SignTx(coin_name='Testnet',
version=None,
lock_time=None,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None)),
TxAck(tx=TransactionType(inputs=[inpattack])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(outputs=[out1])),
signing.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(outputs=[out2])),
signing.UiConfirmTotal(8, 0, coin),
True,
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inpattack
serialized_tx=unhexlify(
'0100000000010137c361fb8f2d9056ba8c98c5611930fcb48cacfdd0fe2e0449d83eea982f91200000000017160014d16b8c0680c61fc6ed2e407455715055e41052f5ffffffff'
), )),
# the out has to be cloned not to send the same object which was modified
TxAck(tx=TransactionType(outputs=[TxOutputType(**out1.__dict__)])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'0208000000000000001976a91414fdede0ddc3be652a0ce1afbc1b509a55b6b94888ac'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(outputs=[TxOutputType(**out2.__dict__)])),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'010000000000000017a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXFINISHED, details=None)
]
signer = signing.sign_tx(tx, root)
i = 0
messages_count = int(len(messages) / 2)
for request, response in chunks(messages, 2):
if i == messages_count - 1: # last message should throw SigningError
self.assertRaises(signing.SigningError, signer.send, request)
else:
self.assertEqualEx(signer.send(request), response)
i += 1
with self.assertRaises(StopIteration):
signer.send(None)
def test_send_p2wpkh_in_p2sh(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
root = bip32.from_seed(seed, 'secp256k1')
inp1 = TxInputType(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=123456789,
prev_hash=unhexlify(
'20912f98ea3ed849042efed0fdac8cb4fc301961c5988cba56902d8ffb61c337'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xffffffff,
multisig=None,
)
out1 = TxOutputType(
address='mhRx1CeVfaayqRwq5zgRQmD7W5aWBfD5mC',
amount=12300000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=None,
)
out2 = TxOutputType(
address='2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX',
script_type=OutputScriptType.PAYTOADDRESS,
amount=123456789 - 11000 - 12300000,
address_n=None,
)
tx = SignTx(coin_name='Testnet',
version=None,
lock_time=None,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(outputs=[out1])),
signing.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(outputs=[out2])),
signing.UiConfirmOutput(out2, coin),
True,
signing.UiConfirmTotal(123445789, 11000, coin),
True,
# sign tx
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify(
'0100000000010137c361fb8f2d9056ba8c98c5611930fcb48cacfdd0fe2e0449d83eea982f91200000000017160014d16b8c0680c61fc6ed2e407455715055e41052f5ffffffff'
), )),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'02e0aebb00000000001976a91414fdede0ddc3be652a0ce1afbc1b509a55b6b94888ac'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(outputs=[out2])),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'3df39f060000000017a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXFINISHED,
details=None,
serialized=TxRequestSerializedType(
serialized_tx=unhexlify(
'02483045022100ccd253bfdf8a5593cd7b6701370c531199f0f05a418cd547dfc7da3f21515f0f02203fa08a0753688871c220648f9edadbdb98af42e5d8269364a326572cf703895b012103e7bfe10708f715e8538c92d46ca50db6f657bbc455b7494e6a0303ccdb868b7900000000'
),
signature_index=0,
signature=unhexlify(
'3045022100ccd253bfdf8a5593cd7b6701370c531199f0f05a418cd547dfc7da3f21515f0f02203fa08a0753688871c220648f9edadbdb98af42e5d8269364a326572cf703895b'
),
)),
]
signer = signing.sign_tx(tx, root)
for request, response in chunks(messages, 2):
self.assertEqualEx(signer.send(request), response)
with self.assertRaises(StopIteration):
signer.send(None)
async def sign_tx(tx: SignTx, root):
tx = sanitize_sign_tx(tx)
coin = coins.by_name(tx.coin_name)
# Phase 1
# - check inputs, previous transactions, and outputs
# - ask for confirmations
# - check fee
total_in = 0 # sum of input amounts
total_out = 0 # sum of output amounts
change_out = 0 # change output amount
# h_first is used to make sure the inputs and outputs streamed in Phase 1
# are the same as in Phase 2. it is thus not required to fully hash the
# tx, as the SignTx info is streamed only once
h_first = HashWriter(sha256) # not a real tx hash
txo_bin = TxOutputBinType()
tx_req = TxRequest()
tx_req.details = TxRequestDetailsType()
for i in range(tx.inputs_count):
# STAGE_REQUEST_1_INPUT
txi = await request_tx_input(tx_req, i)
write_tx_input_check(h_first, txi)
total_in += await get_prevtx_output_value(
tx_req, txi.prev_hash, txi.prev_index)
for o in range(tx.outputs_count):
# STAGE_REQUEST_3_OUTPUT
txo = await request_tx_output(tx_req, o)
if output_is_change(txo):
if change_out != 0:
raise SigningError(FailureType.ProcessError,
'Only one change output is valid')
change_out = txo.amount
else:
if not await confirm_output(txo, coin):
raise SigningError(FailureType.ActionCancelled,
'Output cancelled')
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
write_tx_output(h_first, txo_bin)
total_out += txo_bin.amount
fee = total_in - total_out
if fee < 0:
raise SigningError(FailureType.NotEnoughFunds,
'Not enough funds')
if fee > coin.maxfee_kb * ((estimate_tx_size(tx.inputs_count, tx.outputs_count) + 999) // 1000):
if not await confirm_feeoverthreshold(fee, coin):
raise SigningError(FailureType.ActionCancelled,
'Signing cancelled')
if not await confirm_total(total_out - change_out, fee, coin):
raise SigningError(FailureType.ActionCancelled,
'Total cancelled')
# Phase 2
# - sign inputs
# - check that nothing changed
tx_ser = TxRequestSerializedType()
for i_sign in range(tx.inputs_count):
# hash of what we are signing with this input
h_sign = HashWriter(sha256)
# same as h_first, checked at the end of this iteration
h_second = HashWriter(sha256)
txi_sign = None
key_sign = None
key_sign_pub = None
write_uint32(h_sign, tx.version)
write_varint(h_sign, tx.inputs_count)
for i in range(tx.inputs_count):
# STAGE_REQUEST_4_INPUT
txi = await request_tx_input(tx_req, i)
write_tx_input_check(h_second, txi)
if i == i_sign:
txi_sign = txi
key_sign = node_derive(root, txi.address_n)
key_sign_pub = key_sign.public_key()
txi.script_sig = input_derive_script(txi, key_sign_pub)
else:
txi.script_sig = bytes()
write_tx_input(h_sign, txi)
write_varint(h_sign, tx.outputs_count)
for o in range(tx.outputs_count):
# STAGE_REQUEST_4_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
write_tx_output(h_second, txo_bin)
write_tx_output(h_sign, txo_bin)
write_uint32(h_sign, tx.lock_time)
write_uint32(h_sign, 0x00000001) # SIGHASH_ALL hash_type
# check the control digests
if get_tx_hash(h_first, False) != get_tx_hash(h_second, False):
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
# compute the signature from the tx digest
signature = ecdsa_sign(key_sign, get_tx_hash(h_sign, True))
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
txi_sign.script_sig = input_derive_script(
txi_sign, key_sign_pub, signature)
w_txi_sign = bytearray_with_cap(
len(txi_sign.prev_hash) + 4 + 5 + len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend tx version and inputs count
write_uint32(w_txi_sign, tx.version)
write_varint(w_txi_sign, tx.inputs_count)
write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
for o in range(tx.outputs_count):
# STAGE_REQUEST_5_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
# serialize output
w_txo_bin = bytearray_with_cap(
5 + 8 + 5 + len(txo_bin.script_pubkey) + 4)
if o == 0: # serializing first output => prepend outputs count
write_varint(w_txo_bin, tx.outputs_count)
write_tx_output(w_txo_bin, txo_bin)
if o == tx.outputs_count - 1: # serializing last output => append tx lock_time
write_uint32(w_txo_bin, tx.lock_time)
tx_ser.signature_index = None
tx_ser.signature = None
tx_ser.serialized_tx = w_txo_bin
tx_req.serialized = tx_ser
await request_tx_finish(tx_req)
async def sign_tx(tx: SignTx, root):
tx = sanitize_sign_tx(tx)
# Phase 1
h_first, bip143, segwit, authorized_in, wallet_path = await check_tx_fee(
tx, root)
# Phase 2
# - sign inputs
# - check that nothing changed
coin = coins.by_name(tx.coin_name)
tx_ser = TxRequestSerializedType()
txo_bin = TxOutputBinType()
tx_req = TxRequest()
tx_req.details = TxRequestDetailsType()
tx_req.serialized = None
for i_sign in range(tx.inputs_count):
txi_sign = None
key_sign = None
key_sign_pub = None
if segwit[i_sign]:
# STAGE_REQUEST_SEGWIT_INPUT
txi_sign = await request_tx_input(tx_req, i_sign)
is_segwit = (txi_sign.script_type == InputScriptType.SPENDWITNESS
or txi_sign.script_type
== InputScriptType.SPENDP2SHWITNESS)
if not is_segwit:
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
input_check_wallet_path(txi_sign, wallet_path)
key_sign = node_derive(root, txi_sign.address_n)
key_sign_pub = key_sign.public_key()
txi_sign.script_sig = input_derive_script(txi_sign, key_sign_pub)
w_txi = bytearray_with_cap(7 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi, get_tx_header(tx, True))
write_tx_input(w_txi, txi_sign)
tx_ser.serialized_tx = w_txi
tx_req.serialized = tx_ser
else:
# hash of what we are signing with this input
h_sign = HashWriter(sha256)
# same as h_first, checked before signing the digest
h_second = HashWriter(sha256)
write_uint32(h_sign, tx.version)
write_varint(h_sign, tx.inputs_count)
for i in range(tx.inputs_count):
# STAGE_REQUEST_4_INPUT
txi = await request_tx_input(tx_req, i)
input_check_wallet_path(txi, wallet_path)
write_tx_input_check(h_second, txi)
if i == i_sign:
txi_sign = txi
key_sign = node_derive(root, txi.address_n)
key_sign_pub = key_sign.public_key()
txi_sign.script_sig = output_script_p2pkh(
ecdsa_hash_pubkey(key_sign_pub))
else:
txi.script_sig = bytes()
write_tx_input(h_sign, txi)
write_varint(h_sign, tx.outputs_count)
for o in range(tx.outputs_count):
# STAGE_REQUEST_4_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
write_tx_output(h_second, txo_bin)
write_tx_output(h_sign, txo_bin)
write_uint32(h_sign, tx.lock_time)
write_uint32(h_sign, 0x00000001) # SIGHASH_ALL hash_type
# check the control digests
if get_tx_hash(h_first, False) != get_tx_hash(h_second, False):
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
# compute the signature from the tx digest
signature = ecdsa_sign(key_sign, get_tx_hash(h_sign, True))
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
txi_sign.script_sig = input_derive_script(txi_sign, key_sign_pub,
signature)
w_txi_sign = bytearray_with_cap(5 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi_sign, get_tx_header(tx))
write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
for o in range(tx.outputs_count):
# STAGE_REQUEST_5_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
# serialize output
w_txo_bin = bytearray_with_cap(5 + 8 + 5 + len(txo_bin.script_pubkey) +
4)
if o == 0: # serializing first output => prepend outputs count
write_varint(w_txo_bin, tx.outputs_count)
write_tx_output(w_txo_bin, txo_bin)
tx_ser.signature_index = None
tx_ser.signature = None
tx_ser.serialized_tx = w_txo_bin
tx_req.serialized = tx_ser
any_segwit = True in segwit.values()
for i in range(tx.inputs_count):
if segwit[i]:
# STAGE_REQUEST_SEGWIT_WITNESS
txi = await request_tx_input(tx_req, i)
input_check_wallet_path(txi, wallet_path)
is_segwit = (txi.script_type == InputScriptType.SPENDWITNESS or
txi.script_type == InputScriptType.SPENDP2SHWITNESS)
if not is_segwit or txi.amount > authorized_in:
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
authorized_in -= txi.amount
key_sign = node_derive(root, txi.address_n)
key_sign_pub = key_sign.public_key()
bip143_hash = bip143.preimage_hash(tx, txi,
ecdsa_hash_pubkey(key_sign_pub))
signature = ecdsa_sign(key_sign, bip143_hash)
witness = get_p2wpkh_witness(signature, key_sign_pub)
tx_ser.serialized_tx = witness
tx_ser.signature_index = i
tx_ser.signature = signature
elif any_segwit:
tx_ser.serialized_tx = bytearray(
1) # empty witness for non-segwit inputs
tx_ser.signature_index = None
tx_ser.signature = None
tx_req.serialized = tx_ser
write_uint32(tx_ser.serialized_tx, tx.lock_time)
await request_tx_finish(tx_req)
def test_one_one_fee(self):
# tx: d5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882
# input 0: 0.0039 BTC
coin_bitcoin = coins.by_name('Bitcoin')
ptx1 = TransactionType(version=1,
lock_time=0,
inputs_cnt=2,
outputs_cnt=1,
extra_data_len=0)
pinp1 = TxInputType(
script_sig=unhexlify(
'483045022072ba61305fe7cb542d142b8f3299a7b10f9ea61f6ffaab5dca8142601869d53c0221009a8027ed79eb3b9bc13577ac2853269323434558528c6b6a7e542be46e7e9a820141047a2d177c0f3626fc68c53610b0270fa6156181f46586c679ba6a88b34c6f4874686390b4d92e5769fbb89c8050b984f4ec0b257a0e5c4ff8bd3b035a51709503'
),
prev_hash=unhexlify(
'c16a03f1cf8f99f6b5297ab614586cacec784c2d259af245909dedb0e39eddcf'
),
prev_index=1,
script_type=None,
sequence=None)
pinp2 = TxInputType(
script_sig=unhexlify(
'48304502200fd63adc8f6cb34359dc6cca9e5458d7ea50376cbd0a74514880735e6d1b8a4c0221008b6ead7fe5fbdab7319d6dfede3a0bc8e2a7c5b5a9301636d1de4aa31a3ee9b101410486ad608470d796236b003635718dfc07c0cac0cfc3bfc3079e4f491b0426f0676e6643a39198e8e7bdaffb94f4b49ea21baa107ec2e237368872836073668214'
),
prev_hash=unhexlify(
'1ae39a2f8d59670c8fc61179148a8e61e039d0d9e8ab08610cb69b4a19453eaf'
),
prev_index=1,
script_type=None,
sequence=None)
pout1 = TxOutputBinType(script_pubkey=unhexlify(
'76a91424a56db43cf6f2b02e838ea493f95d8d6047423188ac'),
amount=390000)
inp1 = TxInputType(
address_n=[44 | 0x80000000, 0 | 0x80000000, 0 | 0x80000000, 0, 0],
# amount=390000,
prev_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
),
prev_index=0,
amount=None,
script_type=None,
multisig=None,
sequence=None)
out1 = TxOutputType(address='1MJ2tj2ThBE62zXbBYA5ZaN3fdve5CPAz1',
amount=390000 - 10000,
script_type=OutputScriptType.PAYTOADDRESS,
multisig=None)
tx = SignTx(coin_name=None,
version=None,
lock_time=None,
inputs_count=1,
outputs_count=1)
messages = [
None,
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXMETA,
details=TxRequestDetailsType(
request_index=None,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=ptx1),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[pinp1])),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=1,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[pinp2])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(bin_outputs=[pout1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out1])),
helpers.UiConfirmOutput(out1, coin_bitcoin),
True,
helpers.UiConfirmTotal(380000 + 10000, 10000, coin_bitcoin),
True,
# ButtonRequest(code=ButtonRequest_ConfirmOutput),
# ButtonRequest(code=ButtonRequest_SignTx),
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify('0100000001'))),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
signature_index=0,
signature=unhexlify(
'30440220198146fa987da8d78c4c7a471614fceb54d161ede244412f3369f436a7aec386022066bbede7644baa38abbdb4b1f3037f8db225c04e107099b625339a55614c3db3'
),
serialized_tx=unhexlify(
'82488650ef25a58fef6788bd71b8212038d7f2bbe4750bc7bcb44701e85ef6d5000000006a4730440220198146fa987da8d78c4c7a471614fceb54d161ede244412f3369f436a7aec386022066bbede7644baa38abbdb4b1f3037f8db225c04e107099b625339a55614c3db30121027a4cebff51c97c047637cda66838e8b64421a4af6bf8ef3c99717f92d09b3c1dffffffff01'
))),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
signature_index=None,
signature=None,
serialized_tx=unhexlify(
'60cc0500000000001976a914de9b2a8da088824e8fe51debea566617d851537888ac00000000'
),
)),
]
seed = bip39.seed(
'alcohol woman abuse must during monitor noble actual mixed trade anger aisle',
'')
ns = get_namespaces_for_coin(coin_bitcoin)
keychain = Keychain(seed, ns)
signer = bitcoin.Bitcoin(tx, keychain, coin_bitcoin).signer()
for request, response in chunks(messages, 2):
res = signer.send(request)
self.assertEqual(res, response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_one_one_fee(self):
inp1 = TxInput(
address_n=[44 | 0x80000000, 42 | 0x80000000, 0 | 0x80000000, 0, 0],
prev_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
prev_index=0,
amount=390000,
multisig=None,
sequence=0xFFFF_FFFF,
)
out1 = TxOutput(
address="DsaHnKa418BeeQmyhpQEGG4cxGAPrneydfv",
amount=390000 - 10000,
script_type=OutputScriptType.PAYTOADDRESS,
multisig=None,
)
tx = SignTx(coin_name="Decred",
version=1,
lock_time=0,
inputs_count=1,
outputs_count=1)
messages = [
None,
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify("0100000001")),
),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(serialized_tx=unhexlify(
"4ac247307a054c37525169a78d690a7a7f87d709bef7d722aae85584f59c8fdf0000000000ffffffff01"
)),
),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmOutput(out1, coin_decred, AmountUnit.BITCOIN),
True,
helpers.UiConfirmTotal(380000 + 10000, 10000, coin_decred,
AmountUnit.BITCOIN),
True,
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(serialized_tx=unhexlify(
"60cc05000000000000001976a914664b0cd46741a695a38f8ed37db2a20327471beb88ac0000000000000000"
)),
),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXMETA,
details=TxRequestDetailsType(
request_index=None,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevMeta(tx=ptx1),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=1,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp2)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
"df8f9cf58455e8aa22d7f7be09d7877f7a0a698da7695152374c057a3047c24a"
),
),
serialized=EMPTY_SERIALIZED,
),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify("01")),
),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(request_index=None, tx_hash=None),
serialized=TxRequestSerializedType(
signature_index=0,
signature=unhexlify(
"3044022078a5c388838796562eb9dad176b00e6d9425bc360083f633a14948685ca8a5ce02202a1b49cd44104a9d40aee8f988281a8aac94a497b5bc7337c77cc7ddbab16f23"
),
serialized_tx=unhexlify(
"70f305000000000000000000ffffffff6a473044022078a5c388838796562eb9dad176b00e6d9425bc360083f633a14948685ca8a5ce02202a1b49cd44104a9d40aee8f988281a8aac94a497b5bc7337c77cc7ddbab16f23012103fc15aa2f684457332c0ef1fe44d908ab97208102a1792caa13bcc5e886c4b321"
),
),
),
]
seed = bip39.seed(
"alcohol woman abuse must during monitor noble actual mixed trade anger aisle",
"",
)
ns = get_schemas_for_coin(coin_decred)
keychain = Keychain(seed, coin_decred.curve_name, ns)
signer = decred.Decred(tx, keychain, coin_decred, None).signer()
for request, response in chunks(messages, 2):
res = signer.send(request)
if isinstance(res, tuple):
_, res = res
self.assertEqual(res, response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_send_native_p2wpkh(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInput(
# 49'/1'/0'/0/0" - tb1qqzv60m9ajw8drqulta4ld4gfx0rdh82un5s65s
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 0, 0],
amount=12300000,
prev_hash=unhexlify(
'09144602765ce3dd8f4329445b20e3684e948709c5cdcaf12da3bb079c99448a'
),
prev_index=0,
script_type=InputScriptType.SPENDWITNESS,
sequence=0xffffffff,
multisig=None,
)
ptx1 = PrevTx(version=1,
lock_time=0,
inputs_count=1,
outputs_count=2,
extra_data_len=0)
pinp1 = PrevInput(
script_sig=unhexlify(
'160014d16b8c0680c61fc6ed2e407455715055e41052f5'),
prev_hash=unhexlify(
'20912f98ea3ed849042efed0fdac8cb4fc301961c5988cba56902d8ffb61c337'
),
prev_index=0,
sequence=4294967295)
pout1 = PrevOutput(script_pubkey=unhexlify(
'00140099a7ecbd938ed1839f5f6bf6d50933c6db9d5c'),
amount=12300000)
pout2 = PrevOutput(script_pubkey=unhexlify(
'a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'),
amount=111145789)
out1 = TxOutput(
address='2N4Q5FhU2497BryFfUgbqkAJE87aKHUhXMp',
amount=5000000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutput(
address='tb1q694ccp5qcc0udmfwgp692u2s2hjpq5h407urtu',
script_type=OutputScriptType.PAYTOADDRESS,
amount=12300000 - 11000 - 5000000,
address_n=[],
multisig=None,
)
tx = SignTx(coin_name='Testnet',
version=1,
lock_time=0,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
helpers.UiConfirmForeignAddress(address_n=inp1.address_n),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
helpers.UiConfirmOutput(out2, coin),
True,
helpers.UiConfirmTotal(12300000, 11000, coin),
True,
# check prev tx
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXMETA,
details=TxRequestDetailsType(request_index=None,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevMeta(tx=ptx1),
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout2)),
# sign tx
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'), )),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify(
'8a44999c07bba32df1cacdc50987944e68e3205b4429438fdde35c76024614090000000000ffffffff02'
), )),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'404b4c000000000017a9147a55d61848e77ca266e79a39bfc85c580a6426c987'
),
signature_index=None,
signature=None,
)),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'a8386f0000000000160014d16b8c0680c61fc6ed2e407455715055e41052f5'
),
signature_index=None,
signature=None,
)),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify(
'02483045022100a7ca8f097525f9044e64376dc0a0f5d4aeb8d15d66808ba97979a0475b06b66502200597c8ebcef63e047f9aeef1a8001d3560470cf896c12f6990eec4faec599b950121033add1f0e8e3c3136f7428dd4a4de1057380bd311f5b0856e2269170b4ffa65bf00000000'
),
signature_index=0,
signature=unhexlify(
'3045022100a7ca8f097525f9044e64376dc0a0f5d4aeb8d15d66808ba97979a0475b06b66502200597c8ebcef63e047f9aeef1a8001d3560470cf896c12f6990eec4faec599b95'
),
)),
]
ns = get_schemas_for_coin(coin)
keychain = Keychain(seed, coin.curve_name, ns)
approver = BasicApprover(tx, coin)
signer = bitcoin.Bitcoin(tx, keychain, coin, approver).signer()
for request, response in chunks(messages, 2):
res = signer.send(request)
if isinstance(res, tuple):
_, res = res
self.assertEqual(res, response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_one_one_fee(self):
# http://groestlsight.groestlcoin.org/tx/f56521b17b828897f72b30dd21b0192fd942342e89acbb06abf1d446282c30f5
# ptx1: http://groestlsight.groestlcoin.org/api/tx/cb74c8478c5814742c87cffdb4a21231869888f8042fb07a90e015a9db1f9d4a
coin = coins.by_name('Groestlcoin')
ptx1 = PrevTx(version=1, lock_time=2160993, inputs_count=1, outputs_count=1, extra_data_len=0)
pinp1 = PrevInput(script_sig=unhexlify('48304502210096a287593b1212a188e778596eb8ecd4cc169b93a4d115226460d8e3deae431c02206c78ec09b3df977f04a6df5eb53181165c4ea5a0b35f826551349130f879d6b8012102cf5126ff54e38a80a919579d7091cafe24840eab1d30fe2b4d59bdd9d267cad8'),
prev_hash=unhexlify('7dc74a738c50c2ae1228ce9890841e5355fd6d7f2c1367e0a74403ab60db3224'),
prev_index=0,
sequence=4294967294)
pout1 = PrevOutput(script_pubkey=unhexlify('76a914172b4e06e9b7881a48d2ee8062b495d0b2517fe888ac'),
amount=210016)
inp1 = TxInput(address_n=[44 | 0x80000000, 17 | 0x80000000, 0 | 0x80000000, 0, 2], # FXHDsC5ZqWQHkDmShzgRVZ1MatpWhwxTAA
prev_hash=unhexlify('cb74c8478c5814742c87cffdb4a21231869888f8042fb07a90e015a9db1f9d4a'),
prev_index=0,
amount=210016)
out1 = TxOutput(address='FtM4zAn9aVYgHgxmamWBgWPyZsb6RhvkA9',
amount=210016 - 192,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[])
tx = SignTx(coin_name='Groestlcoin', version=1, lock_time=0, inputs_count=1, outputs_count=1)
messages = [
None,
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmOutput(out1, coin),
True,
helpers.UiConfirmTotal(210016, 192, coin),
True,
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXMETA, details=TxRequestDetailsType(request_index=None, tx_hash=unhexlify('cb74c8478c5814742c87cffdb4a21231869888f8042fb07a90e015a9db1f9d4a')), serialized=EMPTY_SERIALIZED),
TxAckPrevMeta(tx=ptx1),
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=unhexlify('cb74c8478c5814742c87cffdb4a21231869888f8042fb07a90e015a9db1f9d4a')), serialized=EMPTY_SERIALIZED),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=unhexlify('cb74c8478c5814742c87cffdb4a21231869888f8042fb07a90e015a9db1f9d4a')), serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
# ButtonRequest(code=ButtonRequest_ConfirmOutput),
# ButtonRequest(code=ButtonRequest_SignTx),
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=TxRequestSerializedType(
signature_index=None,
signature=None,
serialized_tx=unhexlify('0100000001'))),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=TxRequestSerializedType(
signature_index=0,
signature=unhexlify('304402201fb96d20d0778f54520ab59afe70d5fb20e500ecc9f02281cf57934e8029e8e10220383d5a3e80f2e1eb92765b6da0f23d454aecbd8236f083d483e9a74302368761'),
serialized_tx=unhexlify('4a9d1fdba915e0907ab02f04f88898863112a2b4fdcf872c7414588c47c874cb000000006a47304402201fb96d20d0778f54520ab59afe70d5fb20e500ecc9f02281cf57934e8029e8e10220383d5a3e80f2e1eb92765b6da0f23d454aecbd8236f083d483e9a7430236876101210331693756f749180aeed0a65a0fab0625a2250bd9abca502282a4cf0723152e67ffffffff01'))),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
TxRequest(request_type=TXFINISHED, details=TxRequestDetailsType(), serialized=TxRequestSerializedType(
signature_index=None,
signature=None,
serialized_tx=unhexlify('a0330300000000001976a914fe40329c95c5598ac60752a5310b320cb52d18e688ac00000000'),
)),
]
seed = bip39.seed(' '.join(['all'] * 12), '')
ns = get_schemas_for_coin(coin)
keychain = Keychain(seed, coin.curve_name, ns)
approver = BasicApprover(tx, coin)
signer = bitcoinlike.Bitcoinlike(tx, keychain, coin, approver).signer()
for request, expected_response in chunks(messages, 2):
response = signer.send(request)
if isinstance(response, tuple):
_, response = response
self.assertEqual(response, expected_response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_send_native_p2wpkh_change(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
root = bip32.from_seed(seed, 'secp256k1')
inp1 = TxInputType(
# 49'/1'/0'/0/0" - tb1qqzv60m9ajw8drqulta4ld4gfx0rdh82un5s65s
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 0, 0],
amount=12300000,
prev_hash=unhexlify('09144602765ce3dd8f4329445b20e3684e948709c5cdcaf12da3bb079c99448a'),
prev_index=0,
script_type=InputScriptType.SPENDWITNESS,
sequence=0xffffffff,
multisig=None,
)
out1 = TxOutputType(
address='2N4Q5FhU2497BryFfUgbqkAJE87aKHUhXMp',
amount=5000000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutputType(
address=None,
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
script_type=OutputScriptType.PAYTOWITNESS,
amount=12300000 - 11000 - 5000000,
multisig=None,
)
tx = SignTx(coin_name='Testnet', version=None, lock_time=None, inputs_count=1, outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=None),
TxAck(tx=TransactionType(outputs=[out1])),
signing.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=1, tx_hash=None), serialized=None),
TxAck(tx=TransactionType(outputs=[out2])),
signing.UiConfirmTotal(5000000, 11000, coin),
True,
# sign tx
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=None),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify('010000000001018a44999c07bba32df1cacdc50987944e68e3205b4429438fdde35c76024614090000000000ffffffff'),
)),
# the out has to be cloned not to send the same object which was modified
TxAck(tx=TransactionType(outputs=[TxOutputType(**out1.__dict__)])),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=1, tx_hash=None), serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify('02404b4c000000000017a9147a55d61848e77ca266e79a39bfc85c580a6426c987'),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(outputs=[TxOutputType(**out2.__dict__)])),
# segwit
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify('a8386f0000000000160014d16b8c0680c61fc6ed2e407455715055e41052f5'),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXFINISHED, details=None, serialized=TxRequestSerializedType(
serialized_tx=unhexlify('02483045022100a7ca8f097525f9044e64376dc0a0f5d4aeb8d15d66808ba97979a0475b06b66502200597c8ebcef63e047f9aeef1a8001d3560470cf896c12f6990eec4faec599b950121033add1f0e8e3c3136f7428dd4a4de1057380bd311f5b0856e2269170b4ffa65bf00000000'),
signature_index=0,
signature=unhexlify('3045022100a7ca8f097525f9044e64376dc0a0f5d4aeb8d15d66808ba97979a0475b06b66502200597c8ebcef63e047f9aeef1a8001d3560470cf896c12f6990eec4faec599b95'),
)),
]
signer = signing.sign_tx(tx, root)
for request, response in chunks(messages, 2):
self.assertEqualEx(signer.send(request), response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_one_one_fee(self):
# tx: d5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882
# input 0: 0.0039 BTC
coin_bitcoin = coins.by_name('Bitcoin')
ptx1 = TransactionType(version=1,
lock_time=0,
inputs_cnt=2,
outputs_cnt=1)
pinp1 = TxInputType(
script_sig=unhexlify(
'483045022072ba61305fe7cb542d142b8f3299a7b10f9ea61f6ffaab5dca8142601869d53c0221009a8027ed79eb3b9bc13577ac2853269323434558528c6b6a7e542be46e7e9a820141047a2d177c0f3626fc68c53610b0270fa6156181f46586c679ba6a88b34c6f4874686390b4d92e5769fbb89c8050b984f4ec0b257a0e5c4ff8bd3b035a51709503'
),
prev_hash=unhexlify(
'c16a03f1cf8f99f6b5297ab614586cacec784c2d259af245909dedb0e39eddcf'
),
prev_index=1,
script_type=None,
sequence=None)
pinp2 = TxInputType(
script_sig=unhexlify(
'48304502200fd63adc8f6cb34359dc6cca9e5458d7ea50376cbd0a74514880735e6d1b8a4c0221008b6ead7fe5fbdab7319d6dfede3a0bc8e2a7c5b5a9301636d1de4aa31a3ee9b101410486ad608470d796236b003635718dfc07c0cac0cfc3bfc3079e4f491b0426f0676e6643a39198e8e7bdaffb94f4b49ea21baa107ec2e237368872836073668214'
),
prev_hash=unhexlify(
'1ae39a2f8d59670c8fc61179148a8e61e039d0d9e8ab08610cb69b4a19453eaf'
),
prev_index=1,
script_type=None,
sequence=None)
pout1 = TxOutputBinType(script_pubkey=unhexlify(
'76a91424a56db43cf6f2b02e838ea493f95d8d6047423188ac'),
amount=390000,
address_n=None)
inp1 = TxInputType(
address_n=[0], # 14LmW5k4ssUrtbAB4255zdqv3b4w1TuX9e
# amount=390000,
prev_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
),
prev_index=0,
script_type=None,
sequence=None)
out1 = TxOutputType(address='1MJ2tj2ThBE62zXbBYA5ZaN3fdve5CPAz1',
amount=390000 - 10000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=None)
tx = SignTx(coin_name=None,
version=None,
lock_time=None,
inputs_count=1,
outputs_count=1)
messages = [
None,
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXMETA,
details=TxRequestDetailsType(
request_index=None,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=None),
TxAck(tx=ptx1),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=None),
TxAck(tx=TransactionType(inputs=[pinp1])),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=1,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=None),
TxAck(tx=TransactionType(inputs=[pinp2])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=None),
TxAck(tx=TransactionType(bin_outputs=[pout1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(outputs=[out1])),
signing.UiConfirmOutput(out1, coin_bitcoin),
True,
signing.UiConfirmTotal(380000, 10000, coin_bitcoin),
True,
# ButtonRequest(code=ButtonRequest_ConfirmOutput),
# ButtonRequest(code=ButtonRequest_SignTx),
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=None),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
signature_index=0,
signature=unhexlify(
'30450221009a0b7be0d4ed3146ee262b42202841834698bb3ee39c24e7437df208b8b7077102202b79ab1e7736219387dffe8d615bbdba87e11477104b867ef47afed1a5ede781'
),
serialized_tx=unhexlify(
'010000000182488650ef25a58fef6788bd71b8212038d7f2bbe4750bc7bcb44701e85ef6d5000000006b4830450221009a0b7be0d4ed3146ee262b42202841834698bb3ee39c24e7437df208b8b7077102202b79ab1e7736219387dffe8d615bbdba87e11477104b867ef47afed1a5ede7810121023230848585885f63803a0a8aecdd6538792d5c539215c91698e315bf0253b43dffffffff'
))),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(
request_type=TXFINISHED,
details=None,
serialized=TxRequestSerializedType(
signature_index=None,
signature=None,
serialized_tx=unhexlify(
'0160cc0500000000001976a914de9b2a8da088824e8fe51debea566617d851537888ac00000000'
),
)),
]
seed = bip39.seed(
'alcohol woman abuse must during monitor noble actual mixed trade anger aisle',
'')
root = bip32.from_seed(seed, 'secp256k1')
signer = signing.sign_tx(tx, root)
for request, response in chunks(messages, 2):
self.assertEqualEx(signer.send(request), response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_send_native_p2wpkh(self):
coin = coins.by_name('Groestlcoin Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInputType(
# 84'/1'/0'/0/0" - tgrs1qkvwu9g3k2pdxewfqr7syz89r3gj557l3ued7ja
address_n=[84 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 0, 0],
amount=12300000,
prev_hash=unhexlify(
'4f2f857f39ed1afe05542d058fb0be865a387446e32fc876d086203f483f61d1'
),
prev_index=0,
script_type=InputScriptType.SPENDWITNESS,
sequence=0xfffffffe,
multisig=None,
)
out1 = TxOutputType(
address='2N4Q5FhU2497BryFfUgbqkAJE87aKDv3V3e',
amount=5000000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutputType(
address='tgrs1qejqxwzfld7zr6mf7ygqy5s5se5xq7vmt9lkd57',
script_type=OutputScriptType.PAYTOADDRESS,
amount=12300000 - 11000 - 5000000,
address_n=[],
multisig=None,
)
tx = SignTx(coin_name='Groestlcoin Testnet',
version=None,
lock_time=650713,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out1])),
helpers.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out2])),
helpers.UiConfirmOutput(out2, coin),
True,
helpers.UiConfirmNonDefaultLocktime(tx.lock_time),
True,
helpers.UiConfirmTotal(12300000, 11000, coin),
True,
# sign tx
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'), )),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify(
'd1613f483f2086d076c82fe34674385a86beb08f052d5405fe1aed397f852f4f0000000000feffffff02'
), )),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'404b4c000000000017a9147a55d61848e77ca266e79a39bfc85c580a6426c987'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(outputs=[out2])),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'a8386f0000000000160014cc8067093f6f843d6d3e22004a4290cd0c0f336b'
),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify(
'02483045022100ea8780bc1e60e14e945a80654a41748bbf1aa7d6f2e40a88d91dfc2de1f34bd10220181a474a3420444bd188501d8d270736e1e9fe379da9970de992ff445b0972e3012103adc58245cf28406af0ef5cc24b8afba7f1be6c72f279b642d85c48798685f862d9ed0900'
),
signature_index=0,
signature=unhexlify(
'3045022100ea8780bc1e60e14e945a80654a41748bbf1aa7d6f2e40a88d91dfc2de1f34bd10220181a474a3420444bd188501d8d270736e1e9fe379da9970de992ff445b0972e3'
),
)),
]
keychain = Keychain(seed, [[coin.curve_name]])
signer = bitcoinlike.Bitcoinlike(tx, keychain, coin).signer()
for request, response in chunks(messages, 2):
self.assertEqual(signer.send(request), response)
with self.assertRaises(StopIteration):
signer.send(None)
async def sign_tx(tx: SignTx, root: bip32.HDNode):
tx = sanitize_sign_tx(tx)
progress.init(tx.inputs_count, tx.outputs_count)
# Phase 1
h_first, hash143, segwit, authorized_in, wallet_path = await check_tx_fee(
tx, root)
# Phase 2
# - sign inputs
# - check that nothing changed
coin = coins.by_name(tx.coin_name)
tx_ser = TxRequestSerializedType()
txo_bin = TxOutputBinType()
tx_req = TxRequest()
tx_req.details = TxRequestDetailsType()
tx_req.serialized = None
if coin.decred:
prefix_hash = hash143.prefix_hash()
for i_sign in range(tx.inputs_count):
progress.advance()
txi_sign = None
key_sign = None
key_sign_pub = None
if segwit[i_sign]:
# STAGE_REQUEST_SEGWIT_INPUT
txi_sign = await request_tx_input(tx_req, i_sign)
is_segwit = (txi_sign.script_type == InputScriptType.SPENDWITNESS
or txi_sign.script_type
== InputScriptType.SPENDP2SHWITNESS)
if not is_segwit:
raise SigningError(FailureType.ProcessError,
"Transaction has changed during signing")
input_check_wallet_path(txi_sign, wallet_path)
key_sign = node_derive(root, txi_sign.address_n)
key_sign_pub = key_sign.public_key()
txi_sign.script_sig = input_derive_script(coin, txi_sign,
key_sign_pub)
w_txi = empty_bytearray(7 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi, get_tx_header(coin, tx, True))
write_tx_input(w_txi, txi_sign)
tx_ser.serialized_tx = w_txi
tx_req.serialized = tx_ser
elif coin.force_bip143 or tx.overwintered:
# STAGE_REQUEST_SEGWIT_INPUT
txi_sign = await request_tx_input(tx_req, i_sign)
input_check_wallet_path(txi_sign, wallet_path)
is_bip143 = (txi_sign.script_type == InputScriptType.SPENDADDRESS
or txi_sign.script_type
== InputScriptType.SPENDMULTISIG)
if not is_bip143 or txi_sign.amount > authorized_in:
raise SigningError(FailureType.ProcessError,
"Transaction has changed during signing")
authorized_in -= txi_sign.amount
key_sign = node_derive(root, txi_sign.address_n)
key_sign_pub = key_sign.public_key()
hash143_hash = hash143.preimage_hash(
coin,
tx,
txi_sign,
ecdsa_hash_pubkey(key_sign_pub, coin),
get_hash_type(coin),
)
# if multisig, check if singing with a key that is included in multisig
if txi_sign.multisig:
multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
signature = ecdsa_sign(key_sign, hash143_hash)
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
txi_sign.script_sig = input_derive_script(coin, txi_sign,
key_sign_pub, signature)
w_txi_sign = empty_bytearray(5 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi_sign, get_tx_header(coin, tx))
write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
elif coin.decred:
txi_sign = await request_tx_input(tx_req, i_sign)
input_check_wallet_path(txi_sign, wallet_path)
key_sign = node_derive(root, txi_sign.address_n)
key_sign_pub = key_sign.public_key()
if txi_sign.script_type == InputScriptType.SPENDMULTISIG:
prev_pkscript = output_script_multisig(
multisig_get_pubkeys(txi_sign.multisig),
txi_sign.multisig.m)
elif txi_sign.script_type == InputScriptType.SPENDADDRESS:
prev_pkscript = output_script_p2pkh(
ecdsa_hash_pubkey(key_sign_pub, coin))
else:
raise ValueError("Unknown input script type")
h_witness = HashWriter(blake256())
write_uint32(h_witness,
tx.version | DECRED_SERIALIZE_WITNESS_SIGNING)
write_varint(h_witness, tx.inputs_count)
for ii in range(tx.inputs_count):
if ii == i_sign:
write_varint(h_witness, len(prev_pkscript))
write_bytes(h_witness, prev_pkscript)
else:
write_varint(h_witness, 0)
witness_hash = get_tx_hash(h_witness,
double=coin.sign_hash_double,
reverse=False)
h_sign = HashWriter(blake256())
write_uint32(h_sign, DECRED_SIGHASHALL)
write_bytes(h_sign, prefix_hash)
write_bytes(h_sign, witness_hash)
sig_hash = get_tx_hash(h_sign, double=coin.sign_hash_double)
signature = ecdsa_sign(key_sign, sig_hash)
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
txi_sign.script_sig = input_derive_script(coin, txi_sign,
key_sign_pub, signature)
w_txi_sign = empty_bytearray(
8 + 4 +
len(hash143.get_last_output_bytes()) if i_sign == 0 else 0 +
16 + 4 + len(txi_sign.script_sig))
if i_sign == 0:
write_bytes(w_txi_sign, hash143.get_last_output_bytes())
write_uint32(w_txi_sign, tx.lock_time)
write_uint32(w_txi_sign, tx.expiry)
write_varint(w_txi_sign, tx.inputs_count)
write_tx_input_decred_witness(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
else:
# hash of what we are signing with this input
h_sign = HashWriter(sha256())
# same as h_first, checked before signing the digest
h_second = HashWriter(sha256())
if tx.overwintered:
write_uint32(h_sign, tx.version
| OVERWINTERED) # nVersion | fOverwintered
write_uint32(h_sign, tx.version_group_id) # nVersionGroupId
else:
write_uint32(h_sign, tx.version) # nVersion
write_varint(h_sign, tx.inputs_count)
for i in range(tx.inputs_count):
# STAGE_REQUEST_4_INPUT
txi = await request_tx_input(tx_req, i)
input_check_wallet_path(txi, wallet_path)
write_tx_input_check(h_second, txi)
if i == i_sign:
txi_sign = txi
key_sign = node_derive(root, txi.address_n)
key_sign_pub = key_sign.public_key()
# for the signing process the script_sig is equal
# to the previous tx's scriptPubKey (P2PKH) or a redeem script (P2SH)
if txi_sign.script_type == InputScriptType.SPENDMULTISIG:
txi_sign.script_sig = output_script_multisig(
multisig_get_pubkeys(txi_sign.multisig),
txi_sign.multisig.m)
elif txi_sign.script_type == InputScriptType.SPENDADDRESS:
txi_sign.script_sig = output_script_p2pkh(
ecdsa_hash_pubkey(key_sign_pub, coin))
if coin.bip115:
txi_sign.script_sig += script_replay_protection_bip115(
txi_sign.prev_block_hash_bip115,
txi_sign.prev_block_height_bip115,
)
else:
raise SigningError(FailureType.ProcessError,
"Unknown transaction type")
else:
txi.script_sig = bytes()
write_tx_input(h_sign, txi)
write_varint(h_sign, tx.outputs_count)
for o in range(tx.outputs_count):
# STAGE_REQUEST_4_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
write_tx_output(h_second, txo_bin)
write_tx_output(h_sign, txo_bin)
write_uint32(h_sign, tx.lock_time)
if tx.overwintered:
write_uint32(h_sign, tx.expiry) # expiryHeight
write_varint(h_sign, 0) # nJoinSplit
write_uint32(h_sign, get_hash_type(coin))
# check the control digests
if get_tx_hash(h_first, False) != get_tx_hash(h_second):
raise SigningError(FailureType.ProcessError,
"Transaction has changed during signing")
# if multisig, check if singing with a key that is included in multisig
if txi_sign.multisig:
multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
# compute the signature from the tx digest
signature = ecdsa_sign(
key_sign, get_tx_hash(h_sign, double=coin.sign_hash_double))
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
txi_sign.script_sig = input_derive_script(coin, txi_sign,
key_sign_pub, signature)
w_txi_sign = empty_bytearray(5 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi_sign, get_tx_header(coin, tx))
write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
if coin.decred:
return await request_tx_finish(tx_req)
for o in range(tx.outputs_count):
progress.advance()
# STAGE_REQUEST_5_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
# serialize output
w_txo_bin = empty_bytearray(5 + 8 + 5 + len(txo_bin.script_pubkey) + 4)
if o == 0: # serializing first output => prepend outputs count
write_varint(w_txo_bin, tx.outputs_count)
write_tx_output(w_txo_bin, txo_bin)
tx_ser.signature_index = None
tx_ser.signature = None
tx_ser.serialized_tx = w_txo_bin
tx_req.serialized = tx_ser
any_segwit = True in segwit.values()
for i in range(tx.inputs_count):
progress.advance()
if segwit[i]:
# STAGE_REQUEST_SEGWIT_WITNESS
txi = await request_tx_input(tx_req, i)
input_check_wallet_path(txi, wallet_path)
is_segwit = (txi.script_type == InputScriptType.SPENDWITNESS or
txi.script_type == InputScriptType.SPENDP2SHWITNESS)
if not is_segwit or txi.amount > authorized_in:
raise SigningError(FailureType.ProcessError,
"Transaction has changed during signing")
authorized_in -= txi.amount
key_sign = node_derive(root, txi.address_n)
key_sign_pub = key_sign.public_key()
hash143_hash = hash143.preimage_hash(
coin,
tx,
txi,
ecdsa_hash_pubkey(key_sign_pub, coin),
get_hash_type(coin),
)
signature = ecdsa_sign(key_sign, hash143_hash)
if txi.multisig:
# find out place of our signature based on the pubkey
signature_index = multisig_pubkey_index(
txi.multisig, key_sign_pub)
witness = witness_p2wsh(txi.multisig, signature,
signature_index, get_hash_type(coin))
else:
witness = witness_p2wpkh(signature, key_sign_pub,
get_hash_type(coin))
tx_ser.serialized_tx = witness
tx_ser.signature_index = i
tx_ser.signature = signature
elif any_segwit:
tx_ser.serialized_tx = bytearray(
1) # empty witness for non-segwit inputs
tx_ser.signature_index = None
tx_ser.signature = None
tx_req.serialized = tx_ser
write_uint32(tx_ser.serialized_tx, tx.lock_time)
if tx.overwintered:
if tx.version == 3:
write_uint32(tx_ser.serialized_tx, tx.expiry) # expiryHeight
write_varint(tx_ser.serialized_tx, 0) # nJoinSplit
elif tx.version == 4:
write_uint32(tx_ser.serialized_tx, tx.expiry) # expiryHeight
write_uint64(tx_ser.serialized_tx, 0) # valueBalance
write_varint(tx_ser.serialized_tx, 0) # nShieldedSpend
write_varint(tx_ser.serialized_tx, 0) # nShieldedOutput
write_varint(tx_ser.serialized_tx, 0) # nJoinSplit
else:
raise SigningError(
FailureType.DataError,
"Unsupported version for overwintered transaction",
)
await request_tx_finish(tx_req)
def test_send_native_p2wpkh(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInputType(
# 49'/1'/0'/0/0" - tb1qqzv60m9ajw8drqulta4ld4gfx0rdh82un5s65s
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 0, 0],
amount=12300000,
prev_hash=unhexlify('09144602765ce3dd8f4329445b20e3684e948709c5cdcaf12da3bb079c99448a'),
prev_index=0,
script_type=InputScriptType.SPENDWITNESS,
sequence=0xffffffff,
multisig=None,
)
out1 = TxOutputType(
address='2N4Q5FhU2497BryFfUgbqkAJE87aKHUhXMp',
amount=5000000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutputType(
address='tb1q694ccp5qcc0udmfwgp692u2s2hjpq5h407urtu',
script_type=OutputScriptType.PAYTOADDRESS,
amount=12300000 - 11000 - 5000000,
address_n=[],
multisig=None,
)
tx = SignTx(coin_name='Testnet', version=None, lock_time=None, inputs_count=1, outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[inp1])),
helpers.UiConfirmForeignAddress(address_n=inp1.address_n),
True,
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out1])),
helpers.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=1, tx_hash=None), serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out2])),
helpers.UiConfirmOutput(out2, coin),
True,
helpers.UiConfirmTotal(12300000, 11000, coin),
True,
# sign tx
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'),
)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify('8a44999c07bba32df1cacdc50987944e68e3205b4429438fdde35c76024614090000000000ffffffff02'),
)),
TxAck(tx=TransactionType(outputs=[out1])),
TxRequest(request_type=TXOUTPUT, details=TxRequestDetailsType(request_index=1, tx_hash=None), serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify('404b4c000000000017a9147a55d61848e77ca266e79a39bfc85c580a6426c987'),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(outputs=[out2])),
# segwit
TxRequest(request_type=TXINPUT, details=TxRequestDetailsType(request_index=0, tx_hash=None), serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify('a8386f0000000000160014d16b8c0680c61fc6ed2e407455715055e41052f5'),
signature_index=None,
signature=None,
)),
TxAck(tx=TransactionType(inputs=[inp1])),
TxRequest(request_type=TXFINISHED, details=TxRequestDetailsType(), serialized=TxRequestSerializedType(
serialized_tx=unhexlify('02483045022100a7ca8f097525f9044e64376dc0a0f5d4aeb8d15d66808ba97979a0475b06b66502200597c8ebcef63e047f9aeef1a8001d3560470cf896c12f6990eec4faec599b950121033add1f0e8e3c3136f7428dd4a4de1057380bd311f5b0856e2269170b4ffa65bf00000000'),
signature_index=0,
signature=unhexlify('3045022100a7ca8f097525f9044e64376dc0a0f5d4aeb8d15d66808ba97979a0475b06b66502200597c8ebcef63e047f9aeef1a8001d3560470cf896c12f6990eec4faec599b95'),
)),
]
ns = get_namespaces_for_coin(coin)
keychain = Keychain(seed, ns)
signer = bitcoin.Bitcoin(tx, keychain, coin).signer()
for request, response in chunks(messages, 2):
res = signer.send(request)
self.assertEqual(res, response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_send_p2wpkh_in_p2sh(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInput(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=123456789,
prev_hash=unhexlify(
'20912f98ea3ed849042efed0fdac8cb4fc301961c5988cba56902d8ffb61c337'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xffffffff,
multisig=None,
)
ptx1 = PrevTx(version=1,
lock_time=0,
inputs_count=1,
outputs_count=2,
extra_data_len=0)
pinp1 = PrevInput(
script_sig=unhexlify(
'4730440220548e087d0426b20b8a571b03b9e05829f7558b80c53c12143e342f56ab29e51d02205b68cb7fb223981d4c999725ac1485a982c4259c4f50b8280f137878c232998a012102794a25b254a268e59a5869da57fbae2fadc6727cb3309321dab409b12b2fa17c'
),
prev_hash=unhexlify(
'802cabf0843b945eabe136d7fc7c89f41021658abf56cba000acbce88c41143a'
),
prev_index=0,
sequence=4294967295)
pout1 = PrevOutput(script_pubkey=unhexlify(
'a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'),
amount=123456789)
pout2 = PrevOutput(script_pubkey=unhexlify(
'76a914b84bacdcd8f4cc59274a5bfb73f804ca10f7fd1488ac'),
amount=865519308)
out1 = TxOutput(
address='mhRx1CeVfaayqRwq5zgRQmD7W5aWBfD5mC',
amount=12300000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutput(
address='2N1LGaGg836mqSQqiuUBLfcyGBhyZbremDX',
script_type=OutputScriptType.PAYTOADDRESS,
amount=123456789 - 11000 - 12300000,
address_n=[],
multisig=None,
)
tx = SignTx(coin_name='Testnet',
version=1,
lock_time=0,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
helpers.UiConfirmOutput(out2, coin),
True,
helpers.UiConfirmTotal(123445789 + 11000, 11000, coin),
True,
# check prev tx
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXMETA,
details=TxRequestDetailsType(request_index=None,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevMeta(tx=ptx1),
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout2)),
# sign tx
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'), )),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify(
'37c361fb8f2d9056ba8c98c5611930fcb48cacfdd0fe2e0449d83eea982f91200000000017160014d16b8c0680c61fc6ed2e407455715055e41052f5ffffffff02'
), )),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'e0aebb00000000001976a91414fdede0ddc3be652a0ce1afbc1b509a55b6b94888ac'
),
signature_index=None,
signature=None,
)),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'3df39f060000000017a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'
),
signature_index=None,
signature=None,
)),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify(
'02483045022100ccd253bfdf8a5593cd7b6701370c531199f0f05a418cd547dfc7da3f21515f0f02203fa08a0753688871c220648f9edadbdb98af42e5d8269364a326572cf703895b012103e7bfe10708f715e8538c92d46ca50db6f657bbc455b7494e6a0303ccdb868b7900000000'
),
signature_index=0,
signature=unhexlify(
'3045022100ccd253bfdf8a5593cd7b6701370c531199f0f05a418cd547dfc7da3f21515f0f02203fa08a0753688871c220648f9edadbdb98af42e5d8269364a326572cf703895b'
),
)),
]
ns = get_namespaces_for_coin(coin)
keychain = Keychain(seed, coin.curve_name, ns)
approver = BasicApprover(tx, coin)
signer = bitcoin.Bitcoin(tx, keychain, coin, approver).signer()
for request, expected_response in chunks(messages, 2):
response = signer.send(request)
if isinstance(response, tuple):
_, response = response
self.assertEqual(response, expected_response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_send_p2wpkh_in_p2sh(self):
coin = coins.by_name('Groestlcoin Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInput(
# 49'/1'/0'/1/0" - 2N1LGaGg836mqSQqiuUBLfcyGBhyZYBtBZ7
address_n=[49 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 1, 0],
amount=123456789,
prev_hash=unhexlify(
'09a48bce2f9d5c6e4f0cb9ea1b32d0891855e8acfe5334f9ebd72b9ad2de60cf'
),
prev_index=0,
script_type=InputScriptType.SPENDP2SHWITNESS,
sequence=0xfffffffe,
multisig=None,
)
ptx1 = PrevTx(version=1,
lock_time=650749,
inputs_count=1,
outputs_count=2,
extra_data_len=0)
pinp1 = PrevInput(
script_sig=unhexlify(
'47304402201f8f57f708144c3a11da322546cb37bd385aa825d940c37e8016f0efd6ec3e9402202a41bc02c29e4f3f13efd4bededbcd4308a6393279111d614ee1f7635cf3e65701210371546a36bdf6bc82087301b3f6e759736dc8790150673d2e7e2715d2ad72f3a4'
),
prev_hash=unhexlify(
'4f2f857f39ed1afe05542d058fb0be865a387446e32fc876d086203f483f61d1'
),
prev_index=1,
sequence=4294967294)
pout1 = PrevOutput(script_pubkey=unhexlify(
'a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'),
amount=123456789)
pout2 = PrevOutput(script_pubkey=unhexlify(
'76a91435528b20e9a793cf2c3a1cf9cff1f2127ad377da88ac'),
amount=9764242764)
out1 = TxOutput(
address='mvbu1Gdy8SUjTenqerxUaZyYjmvedc787y',
amount=12300000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutput(
address='2N1LGaGg836mqSQqiuUBLfcyGBhyZYBtBZ7',
script_type=OutputScriptType.PAYTOADDRESS,
amount=123456789 - 11000 - 12300000,
address_n=[],
multisig=None,
)
tx = SignTx(coin_name='Groestlcoin Testnet',
version=1,
lock_time=650756,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmOutput(out1, coin),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
helpers.UiConfirmOutput(out2, coin),
True,
helpers.UiConfirmNonDefaultLocktime(tx.lock_time,
lock_time_disabled=False),
True,
helpers.UiConfirmTotal(123445789 + 11000, 11000, coin),
True,
# check prev tx
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXMETA,
details=TxRequestDetailsType(request_index=None,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevMeta(tx=ptx1),
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout2)),
# sign tx
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'), )),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify(
'cf60ded29a2bd7ebf93453feace8551889d0321beab90c4f6e5c9d2fce8ba4090000000017160014d16b8c0680c61fc6ed2e407455715055e41052f5feffffff02'
), )),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'e0aebb00000000001976a914a579388225827d9f2fe9014add644487808c695d88ac'
),
signature_index=None,
signature=None,
)),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'3df39f060000000017a91458b53ea7f832e8f096e896b8713a8c6df0e892ca87'
),
signature_index=None,
signature=None,
)),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify(
'02483045022100b7ce2972bcbc3a661fe320ba901e680913b2753fcb47055c9c6ba632fc4acf81022001c3cfd6c2fe92eb60f5176ce0f43707114dd7223da19c56f2df89c13c2fef80012103e7bfe10708f715e8538c92d46ca50db6f657bbc455b7494e6a0303ccdb868b7904ee0900'
),
signature_index=0,
signature=unhexlify(
'3045022100b7ce2972bcbc3a661fe320ba901e680913b2753fcb47055c9c6ba632fc4acf81022001c3cfd6c2fe92eb60f5176ce0f43707114dd7223da19c56f2df89c13c2fef80'
),
)),
]
ns = get_namespaces_for_coin(coin)
keychain = Keychain(seed, coin.curve_name, ns)
approver = BasicApprover(tx, coin)
signer = bitcoinlike.Bitcoinlike(tx, keychain, coin, approver).signer()
for request, expected_response in chunks(messages, 2):
response = signer.send(request)
if isinstance(response, tuple):
_, response = response
self.assertEqual(response, expected_response)
with self.assertRaises(StopIteration):
signer.send(None)
async def sign_tx(tx: SignTx, root: bip32.HDNode):
tx = sanitize_sign_tx(tx)
progress.init(tx.inputs_count, tx.outputs_count)
# Phase 1
h_first, bip143, segwit, authorized_in, wallet_path = await check_tx_fee(
tx, root)
# Phase 2
# - sign inputs
# - check that nothing changed
coin = coins.by_name(tx.coin_name)
tx_ser = TxRequestSerializedType()
txo_bin = TxOutputBinType()
tx_req = TxRequest()
tx_req.details = TxRequestDetailsType()
tx_req.serialized = None
for i_sign in range(tx.inputs_count):
progress.advance()
txi_sign = None
key_sign = None
key_sign_pub = None
if segwit[i_sign]:
# STAGE_REQUEST_SEGWIT_INPUT
txi_sign = await request_tx_input(tx_req, i_sign)
is_segwit = (txi_sign.script_type == InputScriptType.SPENDWITNESS
or txi_sign.script_type
== InputScriptType.SPENDP2SHWITNESS)
if not is_segwit:
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
input_check_wallet_path(txi_sign, wallet_path)
key_sign = node_derive(root, txi_sign.address_n)
key_sign_pub = key_sign.public_key()
txi_sign.script_sig = input_derive_script(coin, txi_sign,
key_sign_pub)
w_txi = bytearray_with_cap(7 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi, get_tx_header(tx, True))
write_tx_input(w_txi, txi_sign)
tx_ser.serialized_tx = w_txi
tx_req.serialized = tx_ser
elif coin.force_bip143:
# STAGE_REQUEST_SEGWIT_INPUT
txi_sign = await request_tx_input(tx_req, i_sign)
input_check_wallet_path(txi_sign, wallet_path)
is_bip143 = (txi_sign.script_type == InputScriptType.SPENDADDRESS
or txi_sign.script_type
== InputScriptType.SPENDMULTISIG)
if not is_bip143 or txi_sign.amount > authorized_in:
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
authorized_in -= txi_sign.amount
key_sign = node_derive(root, txi_sign.address_n)
key_sign_pub = key_sign.public_key()
bip143_hash = bip143.preimage_hash(tx, txi_sign,
ecdsa_hash_pubkey(key_sign_pub),
get_hash_type(coin))
# if multisig, check if singing with a key that is included in multisig
if txi_sign.multisig:
multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
signature = ecdsa_sign(key_sign, bip143_hash)
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
txi_sign.script_sig = input_derive_script(coin, txi_sign,
key_sign_pub, signature)
w_txi_sign = bytearray_with_cap(5 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi_sign, get_tx_header(tx))
write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
else:
# hash of what we are signing with this input
h_sign = HashWriter(sha256)
# same as h_first, checked before signing the digest
h_second = HashWriter(sha256)
write_uint32(h_sign, tx.version)
write_varint(h_sign, tx.inputs_count)
for i in range(tx.inputs_count):
# STAGE_REQUEST_4_INPUT
txi = await request_tx_input(tx_req, i)
input_check_wallet_path(txi, wallet_path)
write_tx_input_check(h_second, txi)
if i == i_sign:
txi_sign = txi
key_sign = node_derive(root, txi.address_n)
key_sign_pub = key_sign.public_key()
# for the signing process the script_sig is equal
# to the previous tx's scriptPubKey (P2PKH) or a redeem script (P2SH)
if txi_sign.script_type == InputScriptType.SPENDMULTISIG:
txi_sign.script_sig = output_script_multisig(
multisig_get_pubkeys(txi_sign.multisig),
txi_sign.multisig.m)
elif txi_sign.script_type == InputScriptType.SPENDADDRESS:
txi_sign.script_sig = output_script_p2pkh(
ecdsa_hash_pubkey(key_sign_pub))
else:
raise SigningError(FailureType.ProcessError,
'Unknown transaction type')
else:
txi.script_sig = bytes()
write_tx_input(h_sign, txi)
write_varint(h_sign, tx.outputs_count)
for o in range(tx.outputs_count):
# STAGE_REQUEST_4_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
write_tx_output(h_second, txo_bin)
write_tx_output(h_sign, txo_bin)
write_uint32(h_sign, tx.lock_time)
write_uint32(h_sign, get_hash_type(coin))
# check the control digests
if get_tx_hash(h_first, False) != get_tx_hash(h_second, False):
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
# if multisig, check if singing with a key that is included in multisig
if txi_sign.multisig:
multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
# compute the signature from the tx digest
signature = ecdsa_sign(key_sign, get_tx_hash(h_sign, True))
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
txi_sign.script_sig = input_derive_script(coin, txi_sign,
key_sign_pub, signature)
w_txi_sign = bytearray_with_cap(5 + len(txi_sign.prev_hash) + 4 +
len(txi_sign.script_sig) + 4)
if i_sign == 0: # serializing first input => prepend headers
write_bytes(w_txi_sign, get_tx_header(tx))
write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
for o in range(tx.outputs_count):
progress.advance()
# STAGE_REQUEST_5_OUTPUT
txo = await request_tx_output(tx_req, o)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, root)
# serialize output
w_txo_bin = bytearray_with_cap(5 + 8 + 5 + len(txo_bin.script_pubkey) +
4)
if o == 0: # serializing first output => prepend outputs count
write_varint(w_txo_bin, tx.outputs_count)
write_tx_output(w_txo_bin, txo_bin)
tx_ser.signature_index = None
tx_ser.signature = None
tx_ser.serialized_tx = w_txo_bin
tx_req.serialized = tx_ser
any_segwit = True in segwit.values()
for i in range(tx.inputs_count):
progress.advance()
if segwit[i]:
# STAGE_REQUEST_SEGWIT_WITNESS
txi = await request_tx_input(tx_req, i)
input_check_wallet_path(txi, wallet_path)
is_segwit = (txi.script_type == InputScriptType.SPENDWITNESS or
txi.script_type == InputScriptType.SPENDP2SHWITNESS)
if not is_segwit or txi.amount > authorized_in:
raise SigningError(FailureType.ProcessError,
'Transaction has changed during signing')
authorized_in -= txi.amount
key_sign = node_derive(root, txi.address_n)
key_sign_pub = key_sign.public_key()
bip143_hash = bip143.preimage_hash(tx, txi,
ecdsa_hash_pubkey(key_sign_pub),
get_hash_type(coin))
signature = ecdsa_sign(key_sign, bip143_hash)
if txi.multisig:
# find out place of our signature based on the pubkey
signature_index = multisig_pubkey_index(
txi.multisig, key_sign_pub)
witness = witness_p2wsh(txi.multisig, signature,
signature_index, get_hash_type(coin))
else:
witness = witness_p2wpkh(signature, key_sign_pub,
get_hash_type(coin))
tx_ser.serialized_tx = witness
tx_ser.signature_index = i
tx_ser.signature = signature
elif any_segwit:
tx_ser.serialized_tx = bytearray(
1) # empty witness for non-segwit inputs
tx_ser.signature_index = None
tx_ser.signature = None
tx_req.serialized = tx_ser
write_uint32(tx_ser.serialized_tx, tx.lock_time)
await request_tx_finish(tx_req)
def test_send_native_p2wpkh(self):
coin = coins.by_name('Groestlcoin Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
inp1 = TxInput(
# 84'/1'/0'/0/0" - tgrs1qkvwu9g3k2pdxewfqr7syz89r3gj557l3ued7ja
address_n=[84 | 0x80000000, 1 | 0x80000000, 0 | 0x80000000, 0, 0],
amount=12300000,
prev_hash=unhexlify(
'4f2f857f39ed1afe05542d058fb0be865a387446e32fc876d086203f483f61d1'
),
prev_index=0,
script_type=InputScriptType.SPENDWITNESS,
sequence=0xfffffffe,
multisig=None,
)
ptx1 = PrevTx(version=1,
lock_time=650645,
inputs_count=1,
outputs_count=2,
extra_data_len=0)
pinp1 = PrevInput(
script_sig=unhexlify(
'483045022100d9615361c044e91f6dd7bb4455f3ad686cd5a663d7800bb74c448b2706500ccb022026bed24b81a501e8398411c5a9a793741d9bfe39617d51c363dde0a84f44f4f9012102659a6eefcc72d6f2eff92e57095388b17db0b06034946ecd44120e5e7a830ff4'
),
prev_hash=unhexlify(
'1c92508b38239e5c10b23fb46dcf765ee2f3a95b835edbf0943ec21b21711160'
),
prev_index=1,
sequence=4294967293)
pout1 = PrevOutput(script_pubkey=unhexlify(
'0014b31dc2a236505a6cb9201fa0411ca38a254a7bf1'),
amount=12300000)
pout2 = PrevOutput(script_pubkey=unhexlify(
'76a91438cc090e4a4b2e458c33fe35af1c5c0094699ac288ac'),
amount=9887699777)
out1 = TxOutput(
address='2N4Q5FhU2497BryFfUgbqkAJE87aKDv3V3e',
amount=5000000,
script_type=OutputScriptType.PAYTOADDRESS,
address_n=[],
multisig=None,
)
out2 = TxOutput(
address='tgrs1qejqxwzfld7zr6mf7ygqy5s5se5xq7vmt9lkd57',
script_type=OutputScriptType.PAYTOADDRESS,
amount=12300000 - 11000 - 5000000,
address_n=[],
multisig=None,
)
tx = SignTx(coin_name='Groestlcoin Testnet',
version=1,
lock_time=650713,
inputs_count=1,
outputs_count=2)
messages = [
None,
# check fee
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
helpers.UiConfirmOutput(out1, coin, AmountUnit.BITCOIN),
True,
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
helpers.UiConfirmOutput(out2, coin, AmountUnit.BITCOIN),
True,
helpers.UiConfirmNonDefaultLocktime(tx.lock_time,
lock_time_disabled=False),
True,
helpers.UiConfirmTotal(12300000, 11000, coin, AmountUnit.BITCOIN),
True,
# check prev tx
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(request_type=TXMETA,
details=TxRequestDetailsType(request_index=None,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevMeta(tx=ptx1),
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevInput(tx=TxAckPrevInputWrapper(input=pinp1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout1)),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1,
tx_hash=inp1.prev_hash),
serialized=EMPTY_SERIALIZED),
TxAckPrevOutput(tx=TxAckPrevOutputWrapper(output=pout2)),
# sign tx
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized header
serialized_tx=unhexlify('01000000000101'), )),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized inp1
serialized_tx=unhexlify(
'd1613f483f2086d076c82fe34674385a86beb08f052d5405fe1aed397f852f4f0000000000feffffff02'
), )),
TxAckOutput(tx=TxAckOutputWrapper(output=out1)),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=1, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out1
serialized_tx=unhexlify(
'404b4c000000000017a9147a55d61848e77ca266e79a39bfc85c580a6426c987'
),
signature_index=None,
signature=None,
)),
TxAckOutput(tx=TxAckOutputWrapper(output=out2)),
# segwit
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0, tx_hash=None),
serialized=TxRequestSerializedType(
# returned serialized out2
serialized_tx=unhexlify(
'a8386f0000000000160014cc8067093f6f843d6d3e22004a4290cd0c0f336b'
),
signature_index=None,
signature=None,
)),
TxAckInput(tx=TxAckInputWrapper(input=inp1)),
TxRequest(
request_type=TXFINISHED,
details=TxRequestDetailsType(),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify(
'02483045022100ea8780bc1e60e14e945a80654a41748bbf1aa7d6f2e40a88d91dfc2de1f34bd10220181a474a3420444bd188501d8d270736e1e9fe379da9970de992ff445b0972e3012103adc58245cf28406af0ef5cc24b8afba7f1be6c72f279b642d85c48798685f862d9ed0900'
),
signature_index=0,
signature=unhexlify(
'3045022100ea8780bc1e60e14e945a80654a41748bbf1aa7d6f2e40a88d91dfc2de1f34bd10220181a474a3420444bd188501d8d270736e1e9fe379da9970de992ff445b0972e3'
),
)),
]
ns = get_schemas_for_coin(coin)
keychain = Keychain(seed, coin.curve_name, ns)
approver = BasicApprover(tx, coin)
signer = bitcoinlike.Bitcoinlike(tx, keychain, coin, approver).signer()
for request, expected_response in chunks(messages, 2):
response = signer.send(request)
if isinstance(response, tuple):
_, response = response
self.assertEqual(response, expected_response)
with self.assertRaises(StopIteration):
signer.send(None)
def test_under_threshold(self):
coin_bitcoin = coins.by_name('Bitcoin')
ptx1 = TransactionType(version=1,
lock_time=0,
inputs_cnt=2,
outputs_cnt=1,
extra_data_len=0)
pinp1 = TxInputType(
script_sig=unhexlify(
'483045022072ba61305fe7cb542d142b8f3299a7b10f9ea61f6ffaab5dca8142601869d53c0221009a8027ed79eb3b9bc13577ac2853269323434558528c6b6a7e542be46e7e9a820141047a2d177c0f3626fc68c53610b0270fa6156181f46586c679ba6a88b34c6f4874686390b4d92e5769fbb89c8050b984f4ec0b257a0e5c4ff8bd3b035a51709503'
),
prev_hash=unhexlify(
'c16a03f1cf8f99f6b5297ab614586cacec784c2d259af245909dedb0e39eddcf'
),
prev_index=1,
script_type=None,
multisig=None,
sequence=None)
pinp2 = TxInputType(
script_sig=unhexlify(
'48304502200fd63adc8f6cb34359dc6cca9e5458d7ea50376cbd0a74514880735e6d1b8a4c0221008b6ead7fe5fbdab7319d6dfede3a0bc8e2a7c5b5a9301636d1de4aa31a3ee9b101410486ad608470d796236b003635718dfc07c0cac0cfc3bfc3079e4f491b0426f0676e6643a39198e8e7bdaffb94f4b49ea21baa107ec2e237368872836073668214'
),
prev_hash=unhexlify(
'1ae39a2f8d59670c8fc61179148a8e61e039d0d9e8ab08610cb69b4a19453eaf'
),
prev_index=1,
multisig=None,
script_type=None,
sequence=None)
pout1 = TxOutputBinType(script_pubkey=unhexlify(
'76a91424a56db43cf6f2b02e838ea493f95d8d6047423188ac'),
amount=390000)
inp1 = TxInputType(
address_n=[0], # 14LmW5k4ssUrtbAB4255zdqv3b4w1TuX9e
# amount=390000,
prev_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
),
prev_index=0,
amount=None,
multisig=None,
script_type=None,
sequence=None)
out1 = TxOutputType(
address='1MJ2tj2ThBE62zXbBYA5ZaN3fdve5CPAz1',
amount=390000 -
90000, # fee increased to 90000, slightly less than the threshold
script_type=OutputScriptType.PAYTOADDRESS,
multisig=None,
address_n=[])
tx = SignTx(coin_name=None,
version=None,
lock_time=None,
inputs_count=1,
outputs_count=1)
messages = [
None,
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[inp1])),
helpers.UiConfirmForeignAddress(address_n=inp1.address_n),
True,
TxRequest(
request_type=TXMETA,
details=TxRequestDetailsType(
request_index=None,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=ptx1),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[pinp1])),
TxRequest(
request_type=TXINPUT,
details=TxRequestDetailsType(
request_index=1,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(inputs=[pinp2])),
TxRequest(
request_type=TXOUTPUT,
details=TxRequestDetailsType(
request_index=0,
tx_hash=unhexlify(
'd5f65ee80147b4bcc70b75e4bbf2d7382021b871bd8867ef8fa525ef50864882'
)),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(bin_outputs=[pout1])),
TxRequest(request_type=TXOUTPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=EMPTY_SERIALIZED),
TxAck(tx=TransactionType(outputs=[out1])),
helpers.UiConfirmOutput(out1, coin_bitcoin),
True,
helpers.UiConfirmTotal(300000 + 90000, 90000, coin_bitcoin),
True,
TxRequest(request_type=TXINPUT,
details=TxRequestDetailsType(request_index=0,
tx_hash=None),
serialized=TxRequestSerializedType(
serialized_tx=unhexlify('0100000001'))),
]
seed = bip39.seed(
'alcohol woman abuse must during monitor noble actual mixed trade anger aisle',
'')
keychain = Keychain(seed, coin_bitcoin.curve_name, [[]])
signer = bitcoin.Bitcoin(tx, keychain, coin_bitcoin).signer()
for request, response in chunks(messages, 2):
res = signer.send(request)
self.assertEqual(res, response)
async def sign_tx(tx: SignTx, keychain: seed.Keychain):
coin_name = tx.coin_name if tx.coin_name is not None else "Bitcoin"
coin = coins.by_name(coin_name)
tx = helpers.sanitize_sign_tx(tx, coin)
progress.init(tx.inputs_count, tx.outputs_count)
# Phase 1
(
h_first,
hash143,
segwit,
authorized_bip143_in,
wallet_path,
multisig_fp,
) = await check_tx_fee(tx, keychain, coin)
# Phase 2
# - sign inputs
# - check that nothing changed
any_segwit = True in segwit.values()
tx_ser = TxRequestSerializedType()
txo_bin = TxOutputBinType()
tx_req = TxRequest()
tx_req.details = TxRequestDetailsType()
tx_req.serialized = None
if not utils.BITCOIN_ONLY and coin.decred:
prefix_hash = hash143.prefix_hash()
for i_sign in range(tx.inputs_count):
progress.advance()
txi_sign = None
key_sign = None
key_sign_pub = None
if segwit[i_sign]:
# STAGE_REQUEST_SEGWIT_INPUT
txi_sign = await helpers.request_tx_input(tx_req, i_sign, coin)
if not input_is_segwit(txi_sign):
raise SigningError(
FailureType.ProcessError, "Transaction has changed during signing"
)
input_check_wallet_path(txi_sign, wallet_path)
# NOTE: No need to check the multisig fingerprint, because we won't be signing
# the script here. Signatures are produced in STAGE_REQUEST_SEGWIT_WITNESS.
key_sign = keychain.derive(txi_sign.address_n, coin.curve_name)
key_sign_pub = key_sign.public_key()
txi_sign.script_sig = input_derive_script(coin, txi_sign, key_sign_pub)
w_txi = writers.empty_bytearray(
7 + len(txi_sign.prev_hash) + 4 + len(txi_sign.script_sig) + 4
)
if i_sign == 0: # serializing first input => prepend headers
write_tx_header(w_txi, coin, tx, True)
writers.write_tx_input(w_txi, txi_sign)
tx_ser.serialized_tx = w_txi
tx_ser.signature_index = None
tx_ser.signature = None
tx_req.serialized = tx_ser
elif not utils.BITCOIN_ONLY and (coin.force_bip143 or coin.overwintered):
# STAGE_REQUEST_SEGWIT_INPUT
txi_sign = await helpers.request_tx_input(tx_req, i_sign, coin)
input_check_wallet_path(txi_sign, wallet_path)
input_check_multisig_fingerprint(txi_sign, multisig_fp)
is_bip143 = (
txi_sign.script_type == InputScriptType.SPENDADDRESS
or txi_sign.script_type == InputScriptType.SPENDMULTISIG
)
if not is_bip143 or txi_sign.amount > authorized_bip143_in:
raise SigningError(
FailureType.ProcessError, "Transaction has changed during signing"
)
authorized_bip143_in -= txi_sign.amount
key_sign = keychain.derive(txi_sign.address_n, coin.curve_name)
key_sign_pub = key_sign.public_key()
hash143_hash = hash143.preimage_hash(
coin,
tx,
txi_sign,
addresses.ecdsa_hash_pubkey(key_sign_pub, coin),
get_hash_type(coin),
)
# if multisig, check if signing with a key that is included in multisig
if txi_sign.multisig:
multisig.multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
signature = ecdsa_sign(key_sign, hash143_hash)
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
gc.collect()
txi_sign.script_sig = input_derive_script(
coin, txi_sign, key_sign_pub, signature
)
w_txi_sign = writers.empty_bytearray(
5 + len(txi_sign.prev_hash) + 4 + len(txi_sign.script_sig) + 4
)
if i_sign == 0: # serializing first input => prepend headers
write_tx_header(w_txi_sign, coin, tx, any_segwit)
writers.write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
elif not utils.BITCOIN_ONLY and coin.decred:
txi_sign = await helpers.request_tx_input(tx_req, i_sign, coin)
input_check_wallet_path(txi_sign, wallet_path)
input_check_multisig_fingerprint(txi_sign, multisig_fp)
key_sign = keychain.derive(txi_sign.address_n, coin.curve_name)
key_sign_pub = key_sign.public_key()
if txi_sign.script_type == InputScriptType.SPENDMULTISIG:
prev_pkscript = scripts.output_script_multisig(
multisig.multisig_get_pubkeys(txi_sign.multisig),
txi_sign.multisig.m,
)
elif txi_sign.script_type == InputScriptType.SPENDADDRESS:
prev_pkscript = scripts.output_script_p2pkh(
addresses.ecdsa_hash_pubkey(key_sign_pub, coin)
)
else:
raise SigningError("Unsupported input script type")
h_witness = utils.HashWriter(blake256())
writers.write_uint32(
h_witness, tx.version | decred.DECRED_SERIALIZE_WITNESS_SIGNING
)
writers.write_varint(h_witness, tx.inputs_count)
for ii in range(tx.inputs_count):
if ii == i_sign:
writers.write_bytes_prefixed(h_witness, prev_pkscript)
else:
writers.write_varint(h_witness, 0)
witness_hash = writers.get_tx_hash(
h_witness, double=coin.sign_hash_double, reverse=False
)
h_sign = utils.HashWriter(blake256())
writers.write_uint32(h_sign, decred.DECRED_SIGHASHALL)
writers.write_bytes_fixed(h_sign, prefix_hash, writers.TX_HASH_SIZE)
writers.write_bytes_fixed(h_sign, witness_hash, writers.TX_HASH_SIZE)
sig_hash = writers.get_tx_hash(h_sign, double=coin.sign_hash_double)
signature = ecdsa_sign(key_sign, sig_hash)
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
gc.collect()
txi_sign.script_sig = input_derive_script(
coin, txi_sign, key_sign_pub, signature
)
w_txi_sign = writers.empty_bytearray(
8 + 4 + len(hash143.get_last_output_bytes())
if i_sign == 0
else 0 + 16 + 4 + len(txi_sign.script_sig)
)
if i_sign == 0:
writers.write_bytes_unchecked(
w_txi_sign, hash143.get_last_output_bytes()
)
writers.write_uint32(w_txi_sign, tx.lock_time)
writers.write_uint32(w_txi_sign, tx.expiry)
writers.write_varint(w_txi_sign, tx.inputs_count)
writers.write_tx_input_decred_witness(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
else:
# hash of what we are signing with this input
h_sign = utils.HashWriter(sha256())
# same as h_first, checked before signing the digest
h_second = utils.HashWriter(sha256())
writers.write_uint32(h_sign, tx.version) # nVersion
if not utils.BITCOIN_ONLY and coin.timestamp:
writers.write_uint32(h_sign, tx.timestamp)
writers.write_varint(h_sign, tx.inputs_count)
for i in range(tx.inputs_count):
# STAGE_REQUEST_4_INPUT
txi = await helpers.request_tx_input(tx_req, i, coin)
input_check_wallet_path(txi, wallet_path)
writers.write_tx_input_check(h_second, txi)
if i == i_sign:
txi_sign = txi
input_check_multisig_fingerprint(txi_sign, multisig_fp)
key_sign = keychain.derive(txi.address_n, coin.curve_name)
key_sign_pub = key_sign.public_key()
# for the signing process the script_sig is equal
# to the previous tx's scriptPubKey (P2PKH) or a redeem script (P2SH)
if txi_sign.script_type == InputScriptType.SPENDMULTISIG:
txi_sign.script_sig = scripts.output_script_multisig(
multisig.multisig_get_pubkeys(txi_sign.multisig),
txi_sign.multisig.m,
)
elif txi_sign.script_type == InputScriptType.SPENDADDRESS:
txi_sign.script_sig = scripts.output_script_p2pkh(
addresses.ecdsa_hash_pubkey(key_sign_pub, coin)
)
else:
raise SigningError(
FailureType.ProcessError, "Unknown transaction type"
)
else:
txi.script_sig = bytes()
writers.write_tx_input(h_sign, txi)
writers.write_varint(h_sign, tx.outputs_count)
for o in range(tx.outputs_count):
# STAGE_REQUEST_4_OUTPUT
txo = await helpers.request_tx_output(tx_req, o, coin)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, keychain)
writers.write_tx_output(h_second, txo_bin)
writers.write_tx_output(h_sign, txo_bin)
writers.write_uint32(h_sign, tx.lock_time)
writers.write_uint32(h_sign, get_hash_type(coin))
# check the control digests
if writers.get_tx_hash(h_first, False) != writers.get_tx_hash(h_second):
raise SigningError(
FailureType.ProcessError, "Transaction has changed during signing"
)
# if multisig, check if signing with a key that is included in multisig
if txi_sign.multisig:
multisig.multisig_pubkey_index(txi_sign.multisig, key_sign_pub)
# compute the signature from the tx digest
signature = ecdsa_sign(
key_sign, writers.get_tx_hash(h_sign, double=coin.sign_hash_double)
)
tx_ser.signature_index = i_sign
tx_ser.signature = signature
# serialize input with correct signature
gc.collect()
txi_sign.script_sig = input_derive_script(
coin, txi_sign, key_sign_pub, signature
)
w_txi_sign = writers.empty_bytearray(
5 + len(txi_sign.prev_hash) + 4 + len(txi_sign.script_sig) + 4
)
if i_sign == 0: # serializing first input => prepend headers
write_tx_header(w_txi_sign, coin, tx, any_segwit)
writers.write_tx_input(w_txi_sign, txi_sign)
tx_ser.serialized_tx = w_txi_sign
tx_req.serialized = tx_ser
if not utils.BITCOIN_ONLY and coin.decred:
return await helpers.request_tx_finish(tx_req)
for o in range(tx.outputs_count):
progress.advance()
# STAGE_REQUEST_5_OUTPUT
txo = await helpers.request_tx_output(tx_req, o, coin)
txo_bin.amount = txo.amount
txo_bin.script_pubkey = output_derive_script(txo, coin, keychain)
# serialize output
w_txo_bin = writers.empty_bytearray(5 + 8 + 5 + len(txo_bin.script_pubkey) + 4)
if o == 0: # serializing first output => prepend outputs count
writers.write_varint(w_txo_bin, tx.outputs_count)
writers.write_tx_output(w_txo_bin, txo_bin)
tx_ser.signature_index = None
tx_ser.signature = None
tx_ser.serialized_tx = w_txo_bin
tx_req.serialized = tx_ser
for i in range(tx.inputs_count):
progress.advance()
if segwit[i]:
# STAGE_REQUEST_SEGWIT_WITNESS
txi = await helpers.request_tx_input(tx_req, i, coin)
input_check_wallet_path(txi, wallet_path)
input_check_multisig_fingerprint(txi, multisig_fp)
if not input_is_segwit(txi) or txi.amount > authorized_bip143_in:
raise SigningError(
FailureType.ProcessError, "Transaction has changed during signing"
)
authorized_bip143_in -= txi.amount
key_sign = keychain.derive(txi.address_n, coin.curve_name)
key_sign_pub = key_sign.public_key()
hash143_hash = hash143.preimage_hash(
coin,
tx,
txi,
addresses.ecdsa_hash_pubkey(key_sign_pub, coin),
get_hash_type(coin),
)
signature = ecdsa_sign(key_sign, hash143_hash)
if txi.multisig:
# find out place of our signature based on the pubkey
signature_index = multisig.multisig_pubkey_index(
txi.multisig, key_sign_pub
)
witness = scripts.witness_p2wsh(
txi.multisig, signature, signature_index, get_hash_type(coin)
)
else:
witness = scripts.witness_p2wpkh(
signature, key_sign_pub, get_hash_type(coin)
)
tx_ser.serialized_tx = witness
tx_ser.signature_index = i
tx_ser.signature = signature
elif any_segwit:
tx_ser.serialized_tx += bytearray(1) # empty witness for non-segwit inputs
tx_ser.signature_index = None
tx_ser.signature = None
tx_req.serialized = tx_ser
writers.write_uint32(tx_ser.serialized_tx, tx.lock_time)
if not utils.BITCOIN_ONLY and coin.overwintered:
if tx.version == 3:
writers.write_uint32(tx_ser.serialized_tx, tx.expiry) # expiryHeight
writers.write_varint(tx_ser.serialized_tx, 0) # nJoinSplit
elif tx.version == 4:
writers.write_uint32(tx_ser.serialized_tx, tx.expiry) # expiryHeight
writers.write_uint64(tx_ser.serialized_tx, 0) # valueBalance
writers.write_varint(tx_ser.serialized_tx, 0) # nShieldedSpend
writers.write_varint(tx_ser.serialized_tx, 0) # nShieldedOutput
writers.write_varint(tx_ser.serialized_tx, 0) # nJoinSplit
else:
raise SigningError(
FailureType.DataError,
"Unsupported version for overwintered transaction",
)
await helpers.request_tx_finish(tx_req)
