def test_p2wpkh_p2sh() -> None:
"Test generation of a p2wpkh-p2sh wallet."
# https://bitcoinelectrum.com/creating-a-p2sh-segwit-wallet-with-electrum/
# https://www.youtube.com/watch?v=-1DBJWwA2Cw
p2wpkh_p2sh_xkey_version = NETWORKS["mainnet"].slip132_p2wpkh_p2sh_prv
mnemonics = [
"matrix fitness cook logic peace mercy dinosaur sign measure rescue alert turtle",
"chief popular furnace myth decline subject actual toddler plunge rug mixed unlock",
]
versions = ["segwit", "standard"]
addresses = [
"38Ysa2TRwGAGLEE1pgV2HCX7MAw6XsP6BJ",
"3A5u2RTjs3t33Kyc48zHA7Dfsr8Zsfwkoo",
]
for mnemonic, version, p2wpkh_p2sh_address in zip(mnemonics, versions,
addresses):
# this is an electrum mnemonic
assert electrum.version_from_mnemonic(mnemonic)[0] == version
# of course, it is invalid as BIP39 mnemonic
with pytest.raises(BTClibValueError, match="invalid checksum: "):
bip39.mxprv_from_mnemonic(mnemonic, "")
# nonetheless, let's use it as BIP39 mnemonic
rootxprv = bip39.mxprv_from_mnemonic(mnemonic,
"",
verify_checksum=False)
# and force the xkey version to p2wpkh_p2sh
mxprv = bip32.derive(rootxprv, "m/49h/0h/0h", p2wpkh_p2sh_xkey_version)
mxpub = bip32.xpub_from_xprv(mxprv)
# finally, verify the first receiving address
xpub = bip32.derive_from_account(mxpub, 0, 0)
assert p2wpkh_p2sh_address == slip132.address_from_xkey(xpub)
def test_slip132_test_vectors() -> None:
"""SLIP132 test vector
https://github.com/satoshilabs/slips/blob/master/slip-0132.md
"""
mnemonic = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about"
kpath = "m/0/0"
test_vectors: List[Tuple[bytes, str, str, str, str]] = [
(
NETWORKS["mainnet"].bip32_prv,
"m / 44h / 0h / 0h",
"xprv9xpXFhFpqdQK3TmytPBqXtGSwS3DLjojFhTGht8gwAAii8py5X6pxeBnQ6ehJiyJ6nDjWGJfZ95WxByFXVkDxHXrqu53WCRGypk2ttuqncb",
"xpub6BosfCnifzxcFwrSzQiqu2DBVTshkCXacvNsWGYJVVhhawA7d4R5WSWGFNbi8Aw6ZRc1brxMyWMzG3DSSSSoekkudhUd9yLb6qx39T9nMdj",
"1LqBGSKuX5yYUonjxT5qGfpUsXKYYWeabA",
),
(
NETWORKS["mainnet"].slip132_p2wpkh_p2sh_prv,
"m / 49h / 0h / 0h",
"yprvAHwhK6RbpuS3dgCYHM5jc2ZvEKd7Bi61u9FVhYMpgMSuZS613T1xxQeKTffhrHY79hZ5PsskBjcc6C2V7DrnsMsNaGDaWev3GLRQRgV7hxF",
"ypub6Ww3ibxVfGzLrAH1PNcjyAWenMTbbAosGNB6VvmSEgytSER9azLDWCxoJwW7Ke7icmizBMXrzBx9979FfaHxHcrArf3zbeJJJUZPf663zsP",
"37VucYSaXLCAsxYyAPfbSi9eh4iEcbShgf",
),
(
NETWORKS["mainnet"].slip132_p2wpkh_prv,
"m / 84h / 0h / 0h",
"zprvAdG4iTXWBoARxkkzNpNh8r6Qag3irQB8PzEMkAFeTRXxHpbF9z4QgEvBRmfvqWvGp42t42nvgGpNgYSJA9iefm1yYNZKEm7z6qUWCroSQnE",
"zpub6rFR7y4Q2AijBEqTUquhVz398htDFrtymD9xYYfG1m4wAcvPhXNfE3EfH1r1ADqtfSdVCToUG868RvUUkgDKf31mGDtKsAYz2oz2AGutZYs",
"bc1qcr8te4kr609gcawutmrza0j4xv80jy8z306fyu",
),
]
for version, der_path, prv, pub, addr in test_vectors:
rxprv = bip39.mxprv_from_mnemonic(mnemonic, "")
mxprv = bip32.derive(rxprv, der_path, version)
assert prv == mxprv
mxpub = bip32.xpub_from_xprv(mxprv)
assert pub == mxpub
xpub = bip32.derive(mxpub, kpath)
address = slip132.address_from_xpub(xpub)
assert addr == address
address = slip132.address_from_xkey(xpub)
assert addr == address
xprv = bip32.derive(mxprv, kpath)
address = slip132.address_from_xkey(xprv)
assert addr == address
if version == NETWORKS["mainnet"].bip32_prv:
address = b58.p2pkh(xpub)
assert addr == address
address = b58.p2pkh(xprv)
assert addr == address
elif version == NETWORKS["mainnet"].slip132_p2wpkh_p2sh_prv:
address = b58.p2wpkh_p2sh(xpub)
assert addr == address
address = b58.p2wpkh_p2sh(xprv)
assert addr == address
elif version == NETWORKS["mainnet"].slip132_p2wpkh_prv:
address = b32.p2wpkh(xpub)
assert addr == address
address = b32.p2wpkh(xprv)
assert addr == address
def test_slip132() -> None:
mnemonic = "enough regret erode news field main wild jar erupt bronze velvet ugly"
mxprv = bip39.mxprv_from_mnemonic(mnemonic)
xprv = slip132.p2pkh_xkey(mxprv)
assert (
xprv
== "xprv9y7Yxxyy7wn5ktGVzAmgatW1vu7daX4V8ddWMcSbKJyK6TzkBbZDimAMCLoogpf4GEp2ThmBZ476vwe7xVC9sPsNfJcyu5isQixgF95HS31"
)
with pytest.raises(BTClibValueError, match="not a public key: "):
slip132.address_from_xpub(xprv)
xpub = bip32.xpub_from_xprv(xprv)
assert (
xpub
== "xpub6C6uNUWrxKLNyNLy6CJgx2SkUvx7yynLVrZ79zrCseWHyGKtj8sUGZUq3dw9fqJGETSEeX1iztXAfRvxh6Gk2m7yVjDCx5cbRP2So559Hb5"
)
address = slip132.address_from_xpub(xpub)
assert slip132.address_from_xkey(xprv) == address
assert address == "1DjfiAgNyvRXhYXiDgE9K7bfB82hVUPTm1"
with pytest.raises(BTClibValueError, match="not a root key: "):
slip132.p2pkh_xkey(xprv)
yprv = slip132.p2wpkh_p2sh_xkey(mxprv)
assert (
yprv
== "yprvAJstKLzg5g8RzxfPiX4UT5vH6y5FJkK2yVNkxrzG92WagSCu2PnAxT34JPGCT9Wh5LJCXZi1wB7fd6FUA9veMf2kig7A6cTxD4GMjSbcrqv"
)
with pytest.raises(BTClibValueError, match="not a public key: "):
slip132.address_from_xpub(yprv)
ypub = bip32.xpub_from_xprv(yprv)
assert (
ypub
== "ypub6XsEirXZv3gjDSjrpYbUpDs1ezujiD2tLiJMmFPshN3ZZEY3Zw6RWFMY9grBtrN88Qan7FAVmtPQnLfuepRy7ZVDNQkkDTMGzYoCJpQdwt4"
)
address = slip132.address_from_xpub(ypub)
assert slip132.address_from_xkey(yprv) == address
assert address == "3QnhAKhuuwSf2bEFKpgvDKUHNe3rpZr6PG"
with pytest.raises(BTClibValueError, match="not a root key: "):
slip132.p2wpkh_p2sh_xkey(xprv)
zprv = slip132.p2wpkh_xkey(mxprv)
assert (
zprv
== "zprvAceWp8rDBfL7EJ4Mz5p76v6ZmFQ3UyftmmHqfdUidHoTPoFwjApHYCXPhdWNsxLv6ozzauk8LQXNjNn2CcxLaLzezH7QTQ3rk9tn8GmzaXT"
)
with pytest.raises(BTClibValueError, match="not a public key: "):
slip132.address_from_xpub(zprv)
zpub = bip32.xpub_from_xprv(zprv)
assert (
zpub
== "zpub6qdsDeP722tQSn8q67M7U43JKHEXtSPk8zDSU1tLBdLSGbb6Gi8Y5zqsYuYPhxprjsxc4ZdqvjC86iuv1SXmmvCkJgZJmoCPbDZdHwUaKbX"
)
address = slip132.address_from_xpub(zpub)
assert slip132.address_from_xkey(zprv) == address
assert address == "bc1qcne7y6yae0lz3kceg80aunmafu0rwm3uzmf7v6"
with pytest.raises(BTClibValueError, match="not a root key: "):
slip132.p2wpkh_xkey(xprv)
def test_ledger() -> None:
"""Hybrid ECDSA Bitcoin message signature generated by Ledger"""
mnemonic = (
"barely sun snack this snack relief pipe attack disease boss enlist lawsuit"
)
# non-standard leading 31 in DER serialization
derivation_path = "m/1"
msg = b"\xfb\xa3\x1f\x8cd\x85\xe29#K\xb3{\xfd\xa7<?\x95oL\xee\x19\xb2'oh\xa7]\xd9A\xfeU\xd8"
dersig_hex_str = "3144022012ec0c174936c2a46dc657252340b2e6e6dd8c31dd059b6f9f33a90c21af2fba022030e6305b3ccf88009d419bf7651afcfcc0a30898b93ae9de9aa6ac03cf8ec56b"
# pub_key derivation
rprv = bip39.mxprv_from_mnemonic(mnemonic)
xprv = bip32.derive(rprv, derivation_path)
# the actual message being signed
magic_msg = magic_message(msg)
# save key_id and patch dersig
dersig = bytes.fromhex(dersig_hex_str)
key_id = dersig[0]
dsa_sig = dsa.Sig.parse(b"\x30" + dersig[1:])
# ECDSA signature verification of the patched dersig
dsa.assert_as_valid(magic_msg, xprv, dsa_sig)
assert dsa.verify(magic_msg, xprv, dsa_sig)
# compressed address
addr = b58.p2pkh(xprv)
# equivalent Bitcoin Message Signature
rec_flag = 27 + 4 + (key_id & 0x01)
bms_sig = bms.Sig(rec_flag, dsa_sig)
# Bitcoin Message Signature verification
bms.assert_as_valid(msg, addr, bms_sig)
assert bms.verify(msg, addr, bms_sig)
assert not bms.verify(magic_msg, addr, bms_sig)
bms.sign(msg, xprv)
# standard leading 30 in DER serialization
derivation_path = "m/0/0"
msg_str = "hello world".encode()
dersig_hex_str = "3045022100967dac3262b4686e89638c8219c5761017f05cd87a855edf034f4a3ec6b59d3d0220108a4ef9682b71a45979d8c75c393382d9ccb8eb561d73b8c5fc0b87a47e7d27"
# pub_key derivation
rprv = bip39.mxprv_from_mnemonic(mnemonic)
xprv = bip32.derive(rprv, derivation_path)
# the actual message being signed
magic_msg = magic_message(msg_str)
# save key_id and patch dersig
dersig = bytes.fromhex(dersig_hex_str)
key_id = dersig[0]
dsa_sig = dsa.Sig.parse(b"\x30" + dersig[1:])
# ECDSA signature verification of the patched dersig
dsa.assert_as_valid(magic_msg, xprv, dsa_sig, lower_s=True)
assert dsa.verify(magic_msg, xprv, dsa_sig)
# compressed address
addr = b58.p2pkh(xprv)
# equivalent Bitcoin Message Signature
rec_flag = 27 + 4 + (key_id & 0x01)
bms_sig = bms.Sig(rec_flag, dsa_sig)
# Bitcoin Message Signature verification
bms.assert_as_valid(msg_str, addr, bms_sig)
assert bms.verify(msg_str, addr, bms_sig)
assert not bms.verify(magic_msg, addr, bms_sig)
def test_mxprv_from_mnemonic() -> None:
mnemonic = "abandon abandon atom trust ankle walnut oil across awake bunker divorce abstract"
rootxprv = bip39.mxprv_from_mnemonic(mnemonic, "")
exp = "xprv9s21ZrQH143K3ZxBCax3Wu25iWt3yQJjdekBuGrVa5LDAvbLeCT99U59szPSFdnMe5szsWHbFyo8g5nAFowWJnwe8r6DiecBXTVGHG124G1"
assert rootxprv == exp
seed_bytes = mnemo.to_seed(words, passphrase)
#seed_bytes = mnemo.to_seed(words, passphrase="")
# print("mnemo.to_seed = seed_bytes: ", seed_bytes)
print(seed_bytes.hex()) # hexadecimal_string = some_bytes.hex()
print()
print("--- BIP32 Root Key ---")
root_key = create_root_key(seed_bytes)
print("create_root_key(): ", root_key)
xprv = mnemo.to_hd_master_key(seed_bytes)
print("-mnemo_20-")
print("to_hd_master_key: ", xprv)
rootxprv = bip39.mxprv_from_mnemonic(words, passphrase)
print("-btclib_21-")
print("mxprv_from_mnemonic: ", rootxprv)
print("-" * TW)
print()
##print(mnemo.to_mnemonic(hdmk))
entropy = mnemo.to_entropy(words)
print("entropy: ", entropy)
print("-" * TW)
print("-" * TW)
print()
print("Derivation Path")
print("BIP32 | BIP44 | BIP49 | BIP84 | BIP141")
def test_addresses() -> None:
# data cross-checked with Electrum and
# https://jlopp.github.io/xpub-converter/
# 128 bits
raw_entr = bytes.fromhex("6" * 32)
# 12 words
mnemonic = bip39.mnemonic_from_entropy(raw_entr, "en")
# m / purpose h / coin_type h / account h / change / address_index
test_vectors: List[Tuple[str, str, str]] = [
# coin_type = 0 -> mainnet
(
"m/44h/0h/0h",
"bip32_prv", # p2pkh or p2sh
"xpub6C3uWu5Go5q62JzJpbjyCLYRGLYvexFeiepZTsYZ6SRexARkNfjG7GKtQVuGR3KHsyKsAwv7Hz3iNucPp6pfHiLvBczyK1j5CtBtpHB3NKx",
),
(
"m/49h/0h/0h",
"slip132_p2wpkh_p2sh_prv", # p2wpkh-p2sh (i.e., p2sh-wrapped p2wpkh)
"ypub6YBGdYufCVeoPVmNXfdrWhaBCXsQoLKNetNmD9bPTrKmnKVmiyU8f1uJqwGdmBb8kbAZpHoYfXQTLbWpkXc4skQDAreeCUXdbX9k8vtiHsN",
),
(
"m/49h/0h/0h",
"slip132_p2wsh_p2sh_prv", # p2wsh-p2sh (i.e., p2sh-wrapped p2wsh)
"Ypub6j5Mkne6mTDAp4vkUL6qLmuyvKug1gzxyA2S8QrvqdABQW4gVNrQk8mEeeE7Kcp2z4EYgsofYjnxTm8b3km22EWt1Km3bszdVFRcipc6rXu",
),
(
"m/84h/0h/0h",
"slip132_p2wpkh_prv", # p2wpkh
"zpub6qg3Uc1BAQkQvcBUYMmZHSzbsshSon3FvJ8yvH3ZZMjFNvJkwSji8UUwghiF3wvpvSvcNWVP8kfUhc2V2RwGp6pTC3ouj6njj956f26TniN",
),
(
"m/84h/0h/0h",
"slip132_p2wsh_prv", # p2wsh
"Zpub72a8bqjcjNJnMBLrV2EY7XLQbfji28irEZneqYK6w8Zf16sfhr7zDbLsVQficP9j9uzbF6VW1y3ypmeFKf6Dxaw82WvK8WFjcsLyEvMNZjF",
),
# coin_type = 1 -> testnet
(
"m/44h/1h/0h",
"bip32_prv", # p2pkh or p2sh
"tpubDChqWo2Xi2wNsxyJBE8ipcTJHLKWcqeeNUKBVTpUCNPZkHzHTm3qKAeHqgCou1t8PAY5ZnJ9QDa6zXSZxmjDnhiBpgZ7f6Yv88wEm5HXVbm",
),
(
"m/49h/1h/0h",
"slip132_p2wpkh_p2sh_prv", # p2wpkh-p2sh (i.e., p2sh-wrapped p2wpkh)
"upub5Dj8j7YrwodV68mt58QmNpSzjqjso2WMXEpLGLSvskKccGuXhCh3dTedkzVLAePA617UyXAg2vdswJXTYjU4qjMJaHU79GJVVJCAiy9ezZ2",
),
(
"m/49h/1h/0h",
"slip132_p2wsh_p2sh_prv", # p2wsh-p2sh (i.e., p2sh-wrapped p2wsh)
"Upub5QdDrMHJWmBrWhwG1nskCtnoTdn91PBwqWU1BbiUFXA2ETUSTc5KiaWZZhSoj5c4KUBTr7Anv92P4U9Dqxd1zDTyQkaWYfmVP2U3Js1W5cG",
),
(
"m/84h/1h/0h",
"slip132_p2wpkh_prv", # p2wpkh
"vpub5ZhJmduYY7M5J2qCJgSW7hunX6zJrr5WuNg2kKt321HseZEYxqJc6Zso47aNXQw3Wf3sA8kppbfsxnLheUNXcL3xhzeBHLNp8fTVBN6DnJF",
),
(
"m/84h/1h/0h",
"slip132_p2wsh_prv", # p2wsh
"Vpub5kbPtsdz74uSibzaFLuUwnFbEu2a5Cm7DeKhfb9aPn8HGjoTjEgtBgjirpXr5r9wk87r2ikwhp4P5wxTwhXUkpAdYTkagjqp2PjMmGPBESU",
),
]
for der_path, addr_type, mxpub in test_vectors:
der_path_elements = der_path.split("/")
network = "testnet" if der_path_elements[2] == "1h" else "mainnet"
rootprv = bip39.mxprv_from_mnemonic(mnemonic, "", network)
version = getattr(NETWORKS[network], addr_type)
xprv = bip32.derive(rootprv, der_path, version)
assert mxpub == bip32.xpub_from_xprv(xprv)
err_msg = "invalid version forced on the extended key"
# a non-private version cannot be forced on a private key
pub_version = NETWORKS[network].bip32_pub
with pytest.raises(BTClibValueError, match=err_msg):
bip32.derive(rootprv, der_path, pub_version)
# just changing the public version with no derivation does work
bip32.derive(mxpub, "m", pub_version)
with pytest.raises(BTClibValueError, match=err_msg):
bip32.derive(mxpub, "m", version)