def test_preimage_testdata(self):
seed = bip39.seed(
'alcohol woman abuse must during monitor noble actual mixed trade anger aisle',
'')
coin = coins.by_name(self.tx.coin_name)
bip143 = Bip143Hash()
bip143.add_input(self.inp1)
bip143.add_input(self.inp2)
for txo in [self.out1, self.out2]:
script_pubkey = output_derive_script(txo.address, coin)
txo_bin = PrevOutput(amount=txo.amount,
script_pubkey=script_pubkey)
bip143.add_output(txo_bin, script_pubkey)
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema])
node = keychain.derive(self.inp2.address_n)
# test data public key hash
# only for input 2 - input 1 is not segwit
result = bip143.preimage_hash(self.inp2, [node.public_key()], 1,
self.tx, coin, SIGHASH_ALL)
self.assertEqual(
hexlify(result),
b'2fa3f1351618b2532228d7182d3221d95c21fd3d496e7e22e9ded873cf022a8b'
)
def test_p2pkh_gen_proof(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), 'TREZOR')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([44 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = node.address(coin.address_type)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("ccc49ac5fede0efc80725fbda8b763d4e62a221c51cc5425076cffa7722c0bda"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDADDRESS,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("304402206682f40a12f3609a308acb872888470a07760f2f4790ee4ff62665a39c02a5fc022026f3f38a7c2b2668c2eff9cc1e712c7f254926a482bae411ad18947eba9fd21c"))
self.assertEqual(proof, unhexlify("534c00190001ccc49ac5fede0efc80725fbda8b763d4e62a221c51cc5425076cffa7722c0bda6a47304402206682f40a12f3609a308acb872888470a07760f2f4790ee4ff62665a39c02a5fc022026f3f38a7c2b2668c2eff9cc1e712c7f254926a482bae411ad18947eba9fd21c012102f63159e21fbcb54221ec993def967ad2183a9c243c8bff6e7d60f4d5ed3b386500"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2wpkh_in_p2sh_gen_proof(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([49 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = address_p2wpkh_in_p2sh(node.public_key(), coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("92caf0b8daf78f1d388dbbceaec34bd2dabc31b217e32343663667f6694a3f46"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDP2SHWITNESS,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("3045022100a37330dca699725db613dd1b30059843d1248340642162a0adef114509c9849402201126c9044b998065d40b44fd2399b52c409794bbc3bfdd358cd5fb450c94316d"))
self.assertEqual(proof, unhexlify("534c0019000192caf0b8daf78f1d388dbbceaec34bd2dabc31b217e32343663667f6694a3f4617160014e0cffbee1925a411844f44c3b8d81365ab51d03602483045022100a37330dca699725db613dd1b30059843d1248340642162a0adef114509c9849402201126c9044b998065d40b44fd2399b52c409794bbc3bfdd358cd5fb450c94316d012103a961687895a78da9aef98eed8e1f2a3e91cfb69d2f3cf11cbd0bb1773d951928"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2tr_gen_proof(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([86 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = address_p2tr(node.public_key(), coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("dc18066224b9e30e306303436dc18ab881c7266c13790350a3fe415e438135ec"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDTAPROOT,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("6cd08474ea019c9ab4b9b7b76ec03c4dd4db76abc3a460434a91cfc1b190174949eb7111c8e762407730a215421a0da0b5e01f48de62d7ccea0abea046e2a496"))
self.assertEqual(proof, unhexlify("534c00190001dc18066224b9e30e306303436dc18ab881c7266c13790350a3fe415e438135ec0001406cd08474ea019c9ab4b9b7b76ec03c4dd4db76abc3a460434a91cfc1b190174949eb7111c8e762407730a215421a0da0b5e01f48de62d7ccea0abea046e2a496"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2wpkh_gen_proof(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([84 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = address_p2wpkh(node.public_key(), coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("a122407efc198211c81af4450f40b235d54775efd934d16b9e31c6ce9bad5707"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDWITNESS,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("3045022100e5eaf2cb0a473b4545115c7b85323809e75cb106175ace38129fd62323d73df30220363dbc7acb7afcda022b1f8d97acb8f47c42043cfe0595583aa26e30bc8b3bb5"))
self.assertEqual(proof, unhexlify("534c00190001a122407efc198211c81af4450f40b235d54775efd934d16b9e31c6ce9bad57070002483045022100e5eaf2cb0a473b4545115c7b85323809e75cb106175ace38129fd62323d73df30220363dbc7acb7afcda022b1f8d97acb8f47c42043cfe0595583aa26e30bc8b3bb50121032ef68318c8f6aaa0adec0199c69901f0db7d3485eb38d9ad235221dc3d61154b"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2wpkh_gen_proof(self):
# SLIP-0019 test vector 1
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([84 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = address_p2wpkh(node.public_key(), coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("a122407efc198211c81af4450f40b235d54775efd934d16b9e31c6ce9bad5707"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDWITNESS,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("3045022100c0dc28bb563fc5fea76cacff75dba9cb4122412faae01937cdebccfb065f9a7002202e980bfbd8a434a7fc4cd2ca49da476ce98ca097437f8159b1a386b41fcdfac5"))
self.assertEqual(proof, unhexlify("534c00190001a122407efc198211c81af4450f40b235d54775efd934d16b9e31c6ce9bad57070002483045022100c0dc28bb563fc5fea76cacff75dba9cb4122412faae01937cdebccfb065f9a7002202e980bfbd8a434a7fc4cd2ca49da476ce98ca097437f8159b1a386b41fcdfac50121032ef68318c8f6aaa0adec0199c69901f0db7d3485eb38d9ad235221dc3d61154b"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2wpkh_in_p2sh_gen_proof(self):
# SLIP-0019 test vector 2
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([49 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = address_p2wpkh_in_p2sh(node.public_key(), coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("92caf0b8daf78f1d388dbbceaec34bd2dabc31b217e32343663667f6694a3f46"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDP2SHWITNESS,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("30440220484072ca317663dd685d372115a9d2ff43d9afc6d352c10445a94e555e12154602202d3ffee5f780dbc74e67fcc4bcbc75a9816ed00df1142d571014724af9959355"))
self.assertEqual(proof, unhexlify("534c0019000192caf0b8daf78f1d388dbbceaec34bd2dabc31b217e32343663667f6694a3f4617160014e0cffbee1925a411844f44c3b8d81365ab51d036024730440220484072ca317663dd685d372115a9d2ff43d9afc6d352c10445a94e555e12154602202d3ffee5f780dbc74e67fcc4bcbc75a9816ed00df1142d571014724af9959355012103a961687895a78da9aef98eed8e1f2a3e91cfb69d2f3cf11cbd0bb1773d951928"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2tr_gen_proof(self):
# SLIP-0019 test vector 5
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([86 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = address_p2tr(node.public_key(), coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("dc18066224b9e30e306303436dc18ab881c7266c13790350a3fe415e438135ec"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDTAPROOT,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("647d6af883107a870417e808abe424882bd28ee04a28ba85a7e99400e1b9485075733695964c2a0fa02d4439ab80830e9566ccbd10f2597f5513eff9f03a0497"))
self.assertEqual(proof, unhexlify("534c00190001dc18066224b9e30e306303436dc18ab881c7266c13790350a3fe415e438135ec000140647d6af883107a870417e808abe424882bd28ee04a28ba85a7e99400e1b9485075733695964c2a0fa02d4439ab80830e9566ccbd10f2597f5513eff9f03a0497"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2pkh_gen_proof(self):
# SLIP-0019 test vector 3
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), 'TREZOR')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b""
node = keychain.derive([44 | HARDENED, 0 | HARDENED, 0 | HARDENED, 1, 0])
address = node.address(coin.address_type)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
self.assertEqual(ownership_id, unhexlify("ccc49ac5fede0efc80725fbda8b763d4e62a221c51cc5425076cffa7722c0bda"))
proof, signature = ownership.generate_proof(
node=node,
script_type=InputScriptType.SPENDADDRESS,
multisig=None,
coin=coin,
user_confirmed=False,
ownership_ids=[ownership_id],
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("3045022100e818002d0a85438a7f2140503a6aa0a6af6002fa956d0101fd3db24e776e546f0220430fd59dc1498bc96ab6e71a4829b60224828cf1fc35edc98e0973db203ca3f0"))
self.assertEqual(proof, unhexlify("534c00190001ccc49ac5fede0efc80725fbda8b763d4e62a221c51cc5425076cffa7722c0bda6b483045022100e818002d0a85438a7f2140503a6aa0a6af6002fa956d0101fd3db24e776e546f0220430fd59dc1498bc96ab6e71a4829b60224828cf1fc35edc98e0973db203ca3f0012102f63159e21fbcb54221ec993def967ad2183a9c243c8bff6e7d60f4d5ed3b386500"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2sh_gen_proof(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b"TREZOR"
nodes = []
for index in range(1, 3):
node = keychain.derive([48 | HARDENED, 0 | HARDENED, index | HARDENED])
nodes.append(HDNodeType(
depth=node.depth(),
child_num=node.child_num(),
fingerprint=node.fingerprint(),
chain_code=node.chain_code(),
public_key=node.public_key(),
))
multisig = MultisigRedeemScriptType(
nodes=nodes,
address_n=[0, 0],
signatures=[b"", b""],
m=2,
)
pubkeys = multisig_get_pubkeys(multisig)
address = address_multisig_p2sh(pubkeys, multisig.m, coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
ownership_ids = [b'\x00' * 32, ownership_id]
self.assertEqual(ownership_id, unhexlify("ce4ee8298ad105c3495a1d2b620343133521ab34de2450deeb32eec39475fef4"))
# Sign with the first key.
_, signature = ownership.generate_proof(
node=keychain.derive([48 | HARDENED, 0 | HARDENED, 1 | HARDENED, 0, 0]),
script_type=InputScriptType.SPENDMULTISIG,
multisig=multisig,
coin=coin,
user_confirmed=False,
ownership_ids=ownership_ids,
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("3045022100bc63486f167b911dc8ef2414c4bca6dcfac999797b67159957802a9c49c2179402201cec0d53fee78fcfde496e30be35bd855d93a5be89604c55dcfdbdc515fbb41a"))
multisig.signatures[0] = signature
# Sign with the third key.
proof, signature = ownership.generate_proof(
node=keychain.derive([48 | HARDENED, 0 | HARDENED, 2 | HARDENED, 0, 0]),
script_type=InputScriptType.SPENDMULTISIG,
multisig=multisig,
coin=coin,
user_confirmed=False,
ownership_ids=ownership_ids,
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("3045022100d9d5966eb7858cc1a600a9c05be252c1df11d662f319a107d04e219a27c1386c02200674523e50e89164d6d5683dfbe9a50594b08011e11c18813b56cf855755afde"))
self.assertEqual(proof, unhexlify("534c001900020000000000000000000000000000000000000000000000000000000000000000ce4ee8298ad105c3495a1d2b620343133521ab34de2450deeb32eec39475fef4db00483045022100bc63486f167b911dc8ef2414c4bca6dcfac999797b67159957802a9c49c2179402201cec0d53fee78fcfde496e30be35bd855d93a5be89604c55dcfdbdc515fbb41a01483045022100d9d5966eb7858cc1a600a9c05be252c1df11d662f319a107d04e219a27c1386c02200674523e50e89164d6d5683dfbe9a50594b08011e11c18813b56cf855755afde014752210203ed6187880ae932660086e55d4561a57952dd200aa3ed2aa66b73e5723a0ce7210360e7f32fd3c8dee27a166f6614c598929699ee66acdcbda5fb24571bf2ae1ca052ae00"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2wsh_gen_proof(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b"TREZOR"
nodes = []
for index in range(1, 4):
node = keychain.derive([84 | HARDENED, 0 | HARDENED, index | HARDENED])
nodes.append(HDNodeType(
depth=node.depth(),
child_num=node.child_num(),
fingerprint=node.fingerprint(),
chain_code=node.chain_code(),
public_key=node.public_key(),
))
multisig = MultisigRedeemScriptType(
nodes=nodes,
address_n=[0, 1],
signatures=[b"", b"", b""],
m=2,
)
pubkeys = multisig_get_pubkeys(multisig)
address = address_multisig_p2wsh(pubkeys, multisig.m, coin.bech32_prefix)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
ownership_ids = [b'\x00' * 32, ownership_id, b'\x01' * 32]
self.assertEqual(ownership_id, unhexlify("9c27411da79a23811856f897da890452ab9e17086038c4a3e70e9efa875cb3ef"))
# Sign with the first key.
_, signature = ownership.generate_proof(
node=keychain.derive([84 | HARDENED, 0 | HARDENED, 1 | HARDENED, 0, 1]),
script_type=InputScriptType.SPENDWITNESS,
multisig=multisig,
coin=coin,
user_confirmed=False,
ownership_ids=ownership_ids,
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("304402207568cf003ff548c52ce8e3a46a1c1e681462ca8f1651b0c82f688d41280753b4022024f977fa96fd23cf71e35d4d3c5087c375fcf1b6eed6d11ab00d552817d39ba4"))
multisig.signatures[0] = signature
# Sign with the third key.
proof, signature = ownership.generate_proof(
node=keychain.derive([84 | HARDENED, 0 | HARDENED, 3 | HARDENED, 0, 1]),
script_type=InputScriptType.SPENDWITNESS,
multisig=multisig,
coin=coin,
user_confirmed=False,
ownership_ids=ownership_ids,
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("304402203c4fedba34aebd213aba5b5af1ae26240a10a05cfc1c5b75c629275aa21560bb02203b90b4079c20f792f4ec533c72af31435b1e5f648ca8302730c309690133a710"))
self.assertEqual(proof, unhexlify("534c0019000300000000000000000000000000000000000000000000000000000000000000009c27411da79a23811856f897da890452ab9e17086038c4a3e70e9efa875cb3ef010101010101010101010101010101010101010101010101010101010101010100040047304402207568cf003ff548c52ce8e3a46a1c1e681462ca8f1651b0c82f688d41280753b4022024f977fa96fd23cf71e35d4d3c5087c375fcf1b6eed6d11ab00d552817d39ba40147304402203c4fedba34aebd213aba5b5af1ae26240a10a05cfc1c5b75c629275aa21560bb02203b90b4079c20f792f4ec533c72af31435b1e5f648ca8302730c309690133a71001695221022aff3e39acd2d510c661e097a9657962ad6bf75a977c2c905152d2eb2cd58c7b210241ec073f3bb3f701a87b78fbc5f7b4daec140b87da38303173eddd0860ac55e321030205585a3eb01cbebbbb7b9138f7796117cca8e30eba5cd143ff4e3e617d221553ae"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_p2sh_gen_proof(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema], slip21_namespaces=[[b"SLIP-0019"]])
commitment_data = b"TREZOR"
nodes = []
for index in range(1, 3):
node = keychain.derive([48 | HARDENED, 0 | HARDENED, index | HARDENED])
nodes.append(HDNodeType(
depth=node.depth(),
child_num=node.child_num(),
fingerprint=node.fingerprint(),
chain_code=node.chain_code(),
public_key=node.public_key(),
))
multisig = MultisigRedeemScriptType(
nodes=nodes,
address_n=[0, 0],
signatures=[b"", b""],
m=2,
)
pubkeys = multisig_get_pubkeys(multisig)
address = address_multisig_p2sh(pubkeys, multisig.m, coin)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = ownership.get_identifier(script_pubkey, keychain)
ownership_ids = [b'\x00' * 32, ownership_id]
self.assertEqual(ownership_id, unhexlify("ce4ee8298ad105c3495a1d2b620343133521ab34de2450deeb32eec39475fef4"))
# Sign with the first key.
_, signature = ownership.generate_proof(
node=keychain.derive([48 | HARDENED, 0 | HARDENED, 1 | HARDENED, 0, 0]),
script_type=InputScriptType.SPENDMULTISIG,
multisig=multisig,
coin=coin,
user_confirmed=False,
ownership_ids=ownership_ids,
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("3044022058091b367ab67281963029435046abcb51057d143077a36737780a7cbcd6c1af02202f54147645b970c60b5b631b233ed93c15304294a4214b2c44b57db84815ca14"))
multisig.signatures[0] = signature
# Sign with the third key.
proof, signature = ownership.generate_proof(
node=keychain.derive([48 | HARDENED, 0 | HARDENED, 2 | HARDENED, 0, 0]),
script_type=InputScriptType.SPENDMULTISIG,
multisig=multisig,
coin=coin,
user_confirmed=False,
ownership_ids=ownership_ids,
script_pubkey=script_pubkey,
commitment_data=commitment_data,
)
self.assertEqual(signature, unhexlify("304402200d8f270ea9a80678f266b3fbe6e4aa59aab46b440d8066dcf46fb46a4beaf58202201198d73e355158ebf532ca6527e28ea97b79594e016a65c7a0c68813c26271ff"))
self.assertEqual(proof, unhexlify("534c001900020000000000000000000000000000000000000000000000000000000000000000ce4ee8298ad105c3495a1d2b620343133521ab34de2450deeb32eec39475fef4d900473044022058091b367ab67281963029435046abcb51057d143077a36737780a7cbcd6c1af02202f54147645b970c60b5b631b233ed93c15304294a4214b2c44b57db84815ca140147304402200d8f270ea9a80678f266b3fbe6e4aa59aab46b440d8066dcf46fb46a4beaf58202201198d73e355158ebf532ca6527e28ea97b79594e016a65c7a0c68813c26271ff014752210203ed6187880ae932660086e55d4561a57952dd200aa3ed2aa66b73e5723a0ce7210360e7f32fd3c8dee27a166f6614c598929699ee66acdcbda5fb24571bf2ae1ca052ae00"))
self.assertFalse(ownership.verify_nonownership(proof, script_pubkey, commitment_data, keychain, coin))
def test_verify_path_empty_namespace(self):
k = Keychain(b"", "secp256k1", [[]])
correct = (
[],
[1, 2, 3, 4],
[44 | HARDENED, 11 | HARDENED],
[44 | HARDENED, 11 | HARDENED, 12],
)
for c in correct:
k.verify_path(c)
def test_verify_path(self):
schemas = (
PathSchema("m/44'/coin_type'", slip44_id=134),
PathSchema("m/44'/coin_type'", slip44_id=11),
)
keychain = Keychain(b"", "secp256k1", schemas)
correct = (
[H_(44), H_(134)],
[H_(44), H_(11)],
)
for path in correct:
keychain.verify_path(path)
fails = (
[H_(44), 134], # path does not match
[44, 134], # path does not match (non-hardened items)
[H_(44), H_(13)], # invalid second item
)
for f in fails:
with self.assertRaises(wire.DataError):
keychain.verify_path(f)
# turn off restrictions
safety_checks.apply_setting(SafetyCheckLevel.PromptTemporarily)
for path in correct + fails:
keychain.verify_path(path)
def test_verify_path(self):
n = [
[44 | HARDENED, 134 | HARDENED],
[44 | HARDENED, 11 | HARDENED],
]
keychain = Keychain(b"", "secp256k1", n)
correct = (
[44 | HARDENED, 134 | HARDENED],
[44 | HARDENED, 11 | HARDENED],
[44 | HARDENED, 11 | HARDENED, 12],
)
for path in correct:
keychain.verify_path(path)
fails = (
[44 | HARDENED, 134], # path does not match
[44, 134], # path does not match (non-hardened items)
[44 | HARDENED, 13 | HARDENED], # invalid second item
)
for f in fails:
with self.assertRaises(wire.DataError):
keychain.verify_path(f)
# turn off restrictions
storage.device.set_unsafe_prompts_allowed(True)
for path in correct + fails:
keychain.verify_path(path)
def test_verify_path(self):
n = [
[44 | HARDENED, 134 | HARDENED],
[44 | HARDENED, 11 | HARDENED],
]
keychain = Keychain(b"", "secp256k1", n)
correct = (
[44 | HARDENED, 134 | HARDENED],
[44 | HARDENED, 11 | HARDENED],
[44 | HARDENED, 11 | HARDENED, 12],
)
for path in correct:
keychain.verify_path(path)
fails = (
[44 | HARDENED, 134], # path does not match
[44, 134], # path does not match (non-hardened items)
[44 | HARDENED, 13 | HARDENED], # invalid second item
)
for f in fails:
with self.assertRaises(wire.DataError):
keychain.verify_path(f)
# turn off restrictions
safety_checks.apply_setting(SafetyCheckLevel.PromptTemporarily)
for path in correct + fails:
keychain.verify_path(path)
# turn on restrictions
safety_checks.apply_setting(SafetyCheckLevel.Strict)
def test_legacy_multisig_txweight(self):
coin = coins.by_name('Bitcoin')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema])
nodes = []
for index in range(1, 4):
node = keychain.derive([
48 | 0x80000000, 0 | 0x80000000, index | 0x80000000,
0 | 0x80000000
])
nodes.append(
HDNodeType(
depth=node.depth(),
child_num=node.child_num(),
fingerprint=node.fingerprint(),
chain_code=node.chain_code(),
public_key=node.public_key(),
))
multisig = MultisigRedeemScriptType(nodes=nodes,
address_n=[0, 0],
signatures=[b"", b"", b""],
m=2)
inp1 = TxInput(
address_n=[48 | 0x80000000, 0 | 0x80000000, 1 | 0x80000000, 0, 0],
amount=100000,
prev_hash=unhexlify(
'c6091adf4c0c23982a35899a6e58ae11e703eacd7954f588ed4b9cdefc4dba52'
),
prev_index=1,
script_type=InputScriptType.SPENDMULTISIG,
multisig=multisig,
)
out1 = TxOutput(
address="12iyMbUb4R2K3gre4dHSrbu5azG5KaqVss",
amount=100000,
script_type=OutputScriptType.PAYTOADDRESS,
)
calculator = TxWeightCalculator()
calculator.add_input(inp1)
calculator.add_output(output_derive_script(out1.address, coin))
# 010000000152ba4dfcde9c4bed88f55479cdea03e711ae586e9a89352a98230c4cdf1a09c601000000fdfe00004830450221009276eea820aa54a24bd9f1a056cb09a15f50c0816570a7c7878bd1c5ee7248540220677d200aec5e2f25bcf4000bdfab3faa9e1746d7f80c4ae4bfa1f5892eb5dcbf01483045022100c2a9fbfbff1be87036d8a6a22745512b158154f7f3d8f4cad4ba7ed130b37b83022058f5299b4c26222588dcc669399bd88b6f2bc6e04b48276373683853187a4fd6014c69522103dc0ff15b9c85c0d2c87099758bf47d36229c2514aeefcf8dea123f0f93c679762102bfe426e8671601ad46d54d09ee15aa035610d36d411961c87474908d403fbc122102a5d57129c6c96df663ad29492aa18605dad97231e043be8a92f9406073815c5d53aeffffffff01a0860100000000001976a91412e8391ad256dcdc023365978418d658dfecba1c88ac00000000
self.assertEqual(calculator.get_total(), 4 * 341)
async def get_ownership_id(
ctx, msg: GetOwnershipId, keychain: Keychain, coin: coininfo.CoinInfo
) -> OwnershipId:
await validate_path(
ctx,
addresses.validate_full_path,
keychain,
msg.address_n,
coin.curve_name,
coin=coin,
script_type=msg.script_type,
)
if msg.script_type not in common.INTERNAL_INPUT_SCRIPT_TYPES:
raise wire.DataError("Invalid script type")
if msg.script_type in common.SEGWIT_INPUT_SCRIPT_TYPES and not coin.segwit:
raise wire.DataError("Segwit not enabled on this coin")
node = keychain.derive(msg.address_n)
address = addresses.get_address(msg.script_type, coin, node, msg.multisig)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = get_identifier(script_pubkey, keychain)
return OwnershipId(ownership_id=ownership_id)
async def sign_message(ctx: wire.Context, msg: SignMessage, keychain: Keychain,
coin: CoinInfo) -> MessageSignature:
message = msg.message
address_n = msg.address_n
script_type = msg.script_type or 0
await require_confirm_sign_message(ctx, coin.coin_shortcut, message)
await validate_path(
ctx,
validate_full_path,
keychain,
msg.address_n,
coin.curve_name,
coin=coin,
script_type=msg.script_type,
validate_script_type=False,
)
node = keychain.derive(address_n)
seckey = node.private_key()
address = get_address(script_type, coin, node)
digest = message_digest(coin, message)
signature = secp256k1.sign(seckey, digest)
if script_type == SPENDADDRESS:
pass
elif script_type == SPENDP2SHWITNESS:
signature = bytes([signature[0] + 4]) + signature[1:]
elif script_type == SPENDWITNESS:
signature = bytes([signature[0] + 8]) + signature[1:]
else:
raise wire.ProcessError("Unsupported script type")
return MessageSignature(address=address, signature=signature)
async def sign_tx(ctx: Context, msg: RippleSignTx,
keychain: Keychain) -> RippleSignedTx:
validate(msg)
await paths.validate_path(ctx, keychain, msg.address_n)
node = keychain.derive(msg.address_n)
source_address = helpers.address_from_public_key(node.public_key())
set_canonical_flag(msg)
tx = serialize(msg, source_address, pubkey=node.public_key())
to_sign = get_network_prefix() + tx
check_fee(msg.fee)
if msg.payment.destination_tag is not None:
await layout.require_confirm_destination_tag(
ctx, msg.payment.destination_tag)
await layout.require_confirm_fee(ctx, msg.fee)
await layout.require_confirm_tx(ctx, msg.payment.destination,
msg.payment.amount)
signature = ecdsa_sign(node.private_key(), first_half_of_sha512(to_sign))
tx = serialize(msg,
source_address,
pubkey=node.public_key(),
signature=signature)
return RippleSignedTx(signature=signature, serialized_tx=tx)
def test_bip143_preimage_testdata(self):
seed = bip39.seed('alcohol woman abuse must during monitor noble actual mixed trade anger aisle', '')
coin = coins.by_name(self.tx.coin_name)
bip143 = Bip143Hash()
bip143.add_input(self.inp1)
for txo in [self.out1, self.out2]:
script_pubkey = output_derive_script(txo.address, coin)
txo_bin = PrevOutput(amount=txo.amount, script_pubkey=script_pubkey)
bip143.add_output(txo_bin, script_pubkey)
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema])
node = keychain.derive(self.inp1.address_n)
# test data public key hash
result = bip143.preimage_hash(self.inp1, [node.public_key()], 1, self.tx, coin, SIGHASH_ALL)
self.assertEqual(hexlify(result), b'6e28aca7041720995d4acf59bbda64eef5d6f23723d23f2e994757546674bbd9')
async def sign_message(ctx: wire.Context, msg: SignMessage, keychain: Keychain,
coin: CoinInfo) -> MessageSignature:
message = msg.message
address_n = msg.address_n
script_type = msg.script_type or InputScriptType.SPENDADDRESS
await validate_path(ctx, keychain, address_n)
await confirm_signverify(ctx, coin.coin_shortcut, decode_message(message))
node = keychain.derive(address_n)
seckey = node.private_key()
address = get_address(script_type, coin, node)
digest = message_digest(coin, message)
signature = secp256k1.sign(seckey, digest)
if script_type == InputScriptType.SPENDADDRESS:
pass
elif script_type == InputScriptType.SPENDP2SHWITNESS:
signature = bytes([signature[0] + 4]) + signature[1:]
elif script_type == InputScriptType.SPENDWITNESS:
signature = bytes([signature[0] + 8]) + signature[1:]
else:
raise wire.ProcessError("Unsupported script type")
return MessageSignature(address=address, signature=signature)
async def sign_tx(ctx, envelope, keychain: Keychain):
# create transaction message -> sign it -> create signature/pubkey message -> serialize all
if envelope.msg_count > 1:
raise wire.DataError("Multiple messages not supported.")
await paths.validate_path(ctx, keychain, envelope.address_n)
node = keychain.derive(envelope.address_n)
tx_req = BinanceTxRequest()
msg = await ctx.call_any(
tx_req,
MessageType.BinanceCancelMsg,
MessageType.BinanceOrderMsg,
MessageType.BinanceTransferMsg,
)
if envelope.source is None or envelope.source < 0:
raise wire.DataError("Source missing or invalid.")
msg_json = helpers.produce_json_for_signing(envelope, msg)
if isinstance(msg, BinanceTransferMsg):
await layout.require_confirm_transfer(ctx, msg)
elif isinstance(msg, BinanceOrderMsg):
await layout.require_confirm_order(ctx, msg)
elif isinstance(msg, BinanceCancelMsg):
await layout.require_confirm_cancel(ctx, msg)
else:
raise ValueError("input message unrecognized, is of type " + type(msg).__name__)
signature_bytes = generate_content_signature(msg_json.encode(), node.private_key())
return BinanceSignedTx(signature=signature_bytes, public_key=node.public_key())
async def get_ownership_id(
ctx: wire.Context, msg: GetOwnershipId, keychain: Keychain, coin: CoinInfo
) -> OwnershipId:
await validate_path(
ctx,
keychain,
msg.address_n,
validate_path_against_script_type(coin, msg),
)
if msg.script_type not in common.INTERNAL_INPUT_SCRIPT_TYPES:
raise wire.DataError("Invalid script type")
if msg.script_type in common.SEGWIT_INPUT_SCRIPT_TYPES and not coin.segwit:
raise wire.DataError("Segwit not enabled on this coin")
if msg.script_type == InputScriptType.SPENDTAPROOT and not coin.taproot:
raise wire.DataError("Taproot not enabled on this coin")
node = keychain.derive(msg.address_n)
address = addresses.get_address(msg.script_type, coin, node, msg.multisig)
script_pubkey = scripts.output_derive_script(address, coin)
ownership_id = get_identifier(script_pubkey, keychain)
return OwnershipId(ownership_id=ownership_id)
def test_address_mac(self):
from apps.common.address_mac import check_address_mac, get_address_mac
from apps.common.keychain import Keychain
from apps.common.paths import AlwaysMatchingSchema
VECTORS = ((
'Bitcoin', '1DyHzbQUoQEsLxJn6M7fMD8Xdt1XvNiwNE',
'9cf7c230041d6ed95b8273bd32e023d3f227ec8c44257f6463c743a4b4add028'
), ('Testnet', 'mm6kLYbGEL1tGe4ZA8xacfgRPdW1NLjCbZ',
'4375089e50423505dc3480e6e85b0ba37a52bd1e009db5d260b6329f22c950d9')
)
seed = bip39.seed(' '.join(['all'] * 12), '')
for coin_name, address, mac in VECTORS:
coin = coins.by_name(coin_name)
mac = unhexlify(mac)
keychain = Keychain(seed,
coin.curve_name, [AlwaysMatchingSchema],
slip21_namespaces=[[b"SLIP-0024"]])
self.assertEqual(get_address_mac(address, coin.slip44, keychain),
mac)
check_address_mac(address, mac, coin.slip44, keychain)
with self.assertRaises(wire.DataError):
mac = bytes([mac[0] ^ 1]) + mac[1:]
check_address_mac(address, mac, coin.slip44, keychain)
def test_segwit_multisig_txweight(self):
coin = coins.by_name('Testnet')
seed = bip39.seed(' '.join(['all'] * 12), '')
keychain = Keychain(seed, coin.curve_name, [AlwaysMatchingSchema])
nodes = []
for index in range(1, 4):
node = keychain.derive(
[49 | 0x80000000, 1 | 0x80000000, index | 0x80000000])
nodes.append(
HDNodeType(
depth=node.depth(),
child_num=node.child_num(),
fingerprint=node.fingerprint(),
chain_code=node.chain_code(),
public_key=node.public_key(),
))
multisig = MultisigRedeemScriptType(nodes=nodes,
address_n=[0, 0],
signatures=[b"", b"", b""],
m=2)
inp1 = TxInput(
address_n=[49 | 0x80000000, 1 | 0x80000000, 1 | 0x80000000, 0, 0],
prev_hash=unhexlify(
'c9348040bbc2024e12dcb4a0b4806b0398646b91acf314da028c3f03dd0179fc'
),
prev_index=1,
script_type=InputScriptType.SPENDP2SHWITNESS,
multisig=multisig,
amount=1610436,
)
out1 = TxOutput(
address=
"tb1qch62pf820spe9mlq49ns5uexfnl6jzcezp7d328fw58lj0rhlhasge9hzy",
amount=1605000,
script_type=OutputScriptType.PAYTOADDRESS,
)
calculator = TxWeightCalculator()
calculator.add_input(inp1)
calculator.add_output(output_derive_script(out1.address, coin))
# 01000000000101be0210025c5be68a473f6a38bf53b53bc88d5c46567616026dc056e72b92319c01000000232200208d398cfb58a1d9cdb59ccbce81559c095e8c6f4a3e64966ca385078d9879f95effffffff01887d180000000000220020c5f4a0a4ea7c0392efe0a9670a73264cffa90b19107cd8a8e9750ff93c77fdfb0400483045022100dd6342c65197af27d7894d8b8b88b16b568ee3b5ebfdc55fdfb7caa9650e3b4c02200c7074a5bcb0068f63d9014c7cd2b0490aba75822d315d41aad444e9b86adf5201483045022100e7e6c2d21109512ba0609e93903e84bfb7731ac3962ee2c1cad54a7a30ff99a20220421497930226c39fc3834e8d6da3fc876516239518b0e82e2dc1e3c46271a17c01695221021630971f20fa349ba940a6ba3706884c41579cd760c89901374358db5dd545b92102f2ff4b353702d2bb03d4c494be19d77d0ab53d16161b53fbcaf1afeef4ad0cb52103e9b6b1c691a12ce448f1aedbbd588e064869c79fbd760eae3b8cd8a5f1a224db53ae00000000
self.assertEqual(calculator.get_total(), 4 * 129 + 256)
async def get_address(ctx: wire.Context, msg: GetAddress, keychain: Keychain,
coin: CoinInfo) -> Address:
if msg.show_display:
# skip soft-validation for silent calls
await validate_path(
ctx,
keychain,
msg.address_n,
validate_path_against_script_type(coin, msg),
)
node = keychain.derive(msg.address_n)
address = addresses.get_address(msg.script_type, coin, node, msg.multisig)
address_short = addresses.address_short(coin, address)
if coin.segwit and msg.script_type == InputScriptType.SPENDWITNESS:
address_qr = address.upper() # bech32 address
elif coin.cashaddr_prefix is not None:
address_qr = address.upper() # cashaddr address
else:
address_qr = address # base58 address
if msg.multisig:
multisig_xpub_magic = coin.xpub_magic
if coin.segwit and not msg.ignore_xpub_magic:
if (msg.script_type == InputScriptType.SPENDWITNESS
and coin.xpub_magic_multisig_segwit_native is not None):
multisig_xpub_magic = coin.xpub_magic_multisig_segwit_native
elif (msg.script_type == InputScriptType.SPENDP2SHWITNESS
and coin.xpub_magic_multisig_segwit_p2sh is not None):
multisig_xpub_magic = coin.xpub_magic_multisig_segwit_p2sh
if msg.show_display:
if msg.multisig:
if msg.multisig.nodes:
pubnodes = msg.multisig.nodes
else:
pubnodes = [hd.node for hd in msg.multisig.pubkeys]
multisig_index = multisig_pubkey_index(msg.multisig,
node.public_key())
desc = "Multisig %d of %d" % (msg.multisig.m, len(pubnodes))
await show_address(
ctx,
address=address_short,
address_qr=address_qr,
desc=desc,
multisig_index=multisig_index,
xpubs=_get_xpubs(coin, multisig_xpub_magic, pubnodes),
)
else:
desc = address_n_to_str(msg.address_n)
await show_address(ctx,
address=address_short,
address_qr=address_qr,
desc=desc)
return Address(address=address)
async def get_public_key(ctx, msg: BinanceGetPublicKey, keychain: Keychain):
await paths.validate_path(ctx, keychain, msg.address_n)
node = keychain.derive(msg.address_n)
pubkey = node.public_key()
if msg.show_display:
await require(show_pubkey(ctx, hexlify(pubkey).decode()))
return BinancePublicKey(public_key=pubkey)
async def get_public_key(ctx: wire.Context, msg: EosGetPublicKey,
keychain: Keychain) -> EosPublicKey:
await paths.validate_path(ctx, keychain, msg.address_n)
node = keychain.derive(msg.address_n)
wif, public_key = _get_public_key(node)
if msg.show_display:
await require_get_public_key(ctx, wif)
return EosPublicKey(wif_public_key=wif, raw_public_key=public_key)
async def get_public_key(ctx, msg: BinanceGetPublicKey, keychain: Keychain):
await paths.validate_path(ctx, helpers.validate_full_path, keychain,
msg.address_n, CURVE)
node = keychain.derive(msg.address_n)
pubkey = node.public_key()
if msg.show_display:
await layout.show_pubkey(ctx, pubkey)
return BinancePublicKey(pubkey)
