def calculate_preimages(tx_obj, inputs_parameters):
"""Calculates preimages for provided transaction structure and input
values.
:param tx_obj: The transaction object used to calculate preimage from using
a transaction digest algorithm, such as BIP-143 for Segwit
inputs. This transaction object must hence have scriptCodes
filled into the corresponding scriptSigs in the inputs.
:type tx_obj: :object:`~bit.transaction.TxObj`
:param inputs_parameters: A list of tuples with input index as integer,
hash type as integer and a boolean flag to denote
if the input is spending from a Segwit output.
For example: [(0, 1, True), (2, 1, False), (...)]
:type inputs_parameters: A `list` of `tuple`
"""
# Tx object data:
input_count = int_to_varint(len(tx_obj.TxIn))
output_count = int_to_varint(len(tx_obj.TxOut))
output_block = b''.join([bytes(o) for o in tx_obj.TxOut])
hashPrevouts = double_sha256(b''.join(
[i.txid + i.txindex for i in tx_obj.TxIn]))
hashSequence = double_sha256(b''.join([i.sequence for i in tx_obj.TxIn]))
hashOutputs = double_sha256(output_block)
preimages = []
for input_index, hash_type, segwit_input in inputs_parameters:
# We can only handle hashType == 1:
if hash_type != HASH_TYPE:
raise ValueError('Bit only support hashType of value 1.')
# Calculate prehashes:
if segwit_input:
# BIP-143 preimage:
hashed = sha256(
tx_obj.version + hashPrevouts + hashSequence +
tx_obj.TxIn[input_index].txid +
tx_obj.TxIn[input_index].txindex +
tx_obj.TxIn[input_index].script_sig_len +
tx_obj.TxIn[input_index].script_sig # scriptCode length
+ tx_obj.TxIn[input_index].
sequence # scriptCode (includes amount)
+ hashOutputs + tx_obj.locktime + hash_type)
else:
hashed = sha256(
tx_obj.version + input_count +
b''.join(ti.txid + ti.txindex + OP_0 + ti.sequence
for ti in islice(tx_obj.TxIn, input_index)) +
tx_obj.TxIn[input_index].txid +
tx_obj.TxIn[input_index].txindex +
tx_obj.TxIn[input_index].script_sig_len +
tx_obj.TxIn[input_index].script_sig # scriptCode length
+ tx_obj.TxIn[input_index].sequence # scriptCode
+ b''.join(
ti.txid + ti.txindex + OP_0 + ti.sequence
for ti in islice(tx_obj.TxIn, input_index + 1, None)) +
output_count + output_block + tx_obj.locktime + hash_type)
preimages.append(hashed)
return preimages
def maybe(i, length):
try:
test_key(
Key.from_bytes(
double_sha256(i.to_bytes(length=length, byteorder='big'))))
test_key(
Key.from_bytes(
double_sha256(i.to_bytes(length=length, byteorder='little'))))
test_key(
Key.from_bytes(sha256(i.to_bytes(length=length, byteorder='big'))))
test_key(
Key.from_bytes(
sha256(i.to_bytes(length=length, byteorder='little'))))
except Exception as err:
print('ERROR: i={} length={}'.format(i, length))
pass
def calc_txid(tx_hex):
tx_obj = deserialize(tx_hex)
return bytes_to_hex(double_sha256(tx_obj.legacy_repr())[::-1])
def calc_txid(tx_hex):
return bytes_to_hex(double_sha256(hex_to_bytes(tx_hex))[::-1])
def sign_tx(
private_key,
tx,
j=-1
): # Future-TODO: add sw_dict to allow override of segwit input dictionary?
# j is the input to be signed and can be a single index, a list of indices, or denote all inputs (-1)
if not isinstance(tx, TxObj):
# Add sw_dict containing unspent segwit txid:txindex and amount to deserialize tx:
sw_dict = {}
unspents = private_key.unspents
for u in unspents:
if u.segwit:
tx_input = u.txid + ':' + str(u.txindex)
sw_dict[tx_input] = u.amount
tx = deserialize(tx, sw_dict, private_key.sw_scriptcode)
version = tx.version
marker = b'\x00'
flag = b'\x01'
lock_time = tx.locktime
hash_type = HASH_TYPE
input_count = int_to_varint(tx.input_count)
output_count = int_to_varint(tx.output_count)
output_block = b''
for i in range(tx.output_count):
output_block += tx.TxOut[i].value
output_block += tx.TxOut[i].script_len
output_block += tx.TxOut[i].script
hashPrevouts = double_sha256(b''.join(
[i.txid + i.txindex for i in tx.TxIn]))
hashSequence = double_sha256(b''.join([i.sequence for i in tx.TxIn]))
hashOutputs = double_sha256(b''.join([bytes(o) for o in tx.TxOut]))
if j < 0: # Sign all inputs
j = range(len(tx.TxIn))
elif not isinstance(j, list): # Sign a single input
j = [j]
segwit = False # Global check if at least one input is segwit
for i in j:
# Check if input is segwit or non-segwit:
sw = tx.TxIn[i].segwit
segwit = segwit or sw # Global check if at least one input is segwit => Transaction must be of segwit-format
public_key = private_key.public_key
public_key_len = script_push(len(public_key))
scriptCode = private_key.scriptcode
scriptCode_len = int_to_varint(len(scriptCode))
if sw == False:
hashed = sha256(version + input_count +
b''.join(ti.txid + ti.txindex + OP_0 + ti.sequence
for ti in islice(tx.TxIn, i)) +
tx.TxIn[i].txid + tx.TxIn[i].txindex +
scriptCode_len + scriptCode + tx.TxIn[i].sequence +
b''.join(ti.txid + ti.txindex + OP_0 + ti.sequence
for ti in islice(tx.TxIn, i + 1, None)) +
output_count + output_block + lock_time +
hash_type)
input_script_field = tx.TxIn[i].script
else:
hashed = sha256( # BIP-143: Used for Segwit
version + hashPrevouts + hashSequence + tx.TxIn[i].txid +
tx.TxIn[i].txindex + scriptCode_len + scriptCode +
tx.TxIn[i].amount + tx.TxIn[i].sequence + hashOutputs +
lock_time + hash_type)
input_script_field = tx.TxIn[i].witness
signature = private_key.sign(hashed) + b'\x01'
# ------------------------------------------------------------------
if private_key.instance == 'MultiSig' or private_key.instance == 'MultiSigTestnet':
# P2(W)SH input
script_blob = b''
sigs = {}
if input_script_field: # If tx is already partially signed: Make a dictionary of the provided signatures with public-keys as key-values
sig_list = get_signatures_from_script(input_script_field)
if len(sig_list) > private_key.m:
raise TypeError(
'Transaction is already signed with {} of {} needed signatures.'
).format(len(sig_list), private_key.m)
for sig in sig_list:
for pub in private_key.public_keys:
if verify_sig(sig[:-1], hashed, hex_to_bytes(pub)):
sigs[pub] = sig
script_blob += b'\x00' * (
private_key.m - len(sig_list) - 1
) # Bitcoin Core convention: Every missing signature is denoted by 0x00. Only used for already partially-signed scriptSigs.
sigs[bytes_to_hex(public_key)] = signature
witness = b''
witness_count = 2 # count number of witness items (OP_0 + each signature + redeemscript).
for pub in private_key.public_keys: # Sort the signatures according to the public-key list:
if pub in sigs:
sig = sigs[pub]
length = int_to_varint(
len(sig)) if sw == True else script_push(len(sig))
witness += length + sig
witness_count += 1
script_sig = b'\x22' + private_key.sw_scriptcode
witness = (witness_count.to_bytes(1, byteorder='little') if sw
== True else b'') + b'\x00' + witness + script_blob
witness += (int_to_varint(len(
private_key.redeemscript)) if sw == True else script_push(
len(private_key.redeemscript))) + private_key.redeemscript
script_sig = witness if sw == False else script_sig
witness = b'\x00' if sw == False else witness
# ------------------------------------------------------------------
else:
# P2(W)PKH input
script_sig = b'\x16' + private_key.sw_scriptcode
witness = ((b'\x02' if sw == True else b'') + # witness counter
len(signature).to_bytes(1, byteorder='little') +
signature + public_key_len + public_key)
script_sig = witness if sw == False else script_sig
witness = b'\x00' if sw == False else witness
tx.TxIn[i].script = script_sig
tx.TxIn[i].script_len = int_to_varint(len(script_sig))
tx.TxIn[i].witness = witness
return bytes_to_hex(
version + (marker if segwit == True else b'') +
(flag if segwit == True else b'') + input_count +
construct_input_block(tx.TxIn) + output_count + output_block +
(construct_witness_block(tx.TxIn) if segwit == True else b'') +
lock_time)
def sign_tx(private_key, tx, *, unspents):
"""Signs inputs in provided transaction object for which unspents
are provided and can be signed by the private key.
:param private_key: Private key
:type private_key: ``PrivateKey`` or ``MultiSig``
:param tx: Transaction object
:type tx: ``TxObj``
:param unspents: For inputs to be signed their corresponding Unspent objects
must be provided.
:returns: The signed transaction as hex.
:rtype: ``str``
"""
# input_dict contains those unspents that can be signed by private_key,
# providing additional information for segwit-inputs (the amount to spend)
input_dict = {}
try:
for unspent in unspents:
if not private_key.can_sign_unspent(unspent):
continue
tx_input = hex_to_bytes(unspent.txid)[::-1] + \
unspent.txindex.to_bytes(4, byteorder='little')
input_dict[tx_input] = unspent.to_dict()
except TypeError:
raise ValueError('Please provide as unspents at least all inputs to '
'be signed with the function call.')
# Determine input indices to sign from input_dict (allows for transaction batching)
sign_inputs = [j for j, i in enumerate(tx.TxIn) if i.txid+i.txindex in input_dict]
segwit_tx = TxObj.is_segwit(tx)
version = tx.version
lock_time = tx.locktime
hash_type = HASH_TYPE
input_count = int_to_varint(len(tx.TxIn))
output_count = int_to_varint(len(tx.TxOut))
output_block = b''.join([bytes(o) for o in tx.TxOut])
hashPrevouts = double_sha256(b''.join([i.txid+i.txindex for i in tx.TxIn]))
hashSequence = double_sha256(b''.join([i.sequence for i in tx.TxIn]))
hashOutputs = double_sha256(output_block)
for i in sign_inputs:
tx_input = tx.TxIn[i].txid + tx.TxIn[i].txindex
segwit_input = input_dict[tx_input]['segwit']
tx.TxIn[i].segwit_input = segwit_input
public_key = private_key.public_key
public_key_push = script_push(len(public_key))
script_code = private_key.scriptcode
script_code_len = int_to_varint(len(script_code))
if not segwit_input:
hashed = sha256(
version +
input_count +
b''.join(ti.txid + ti.txindex + OP_0 + ti.sequence
for ti in islice(tx.TxIn, i)) +
tx.TxIn[i].txid +
tx.TxIn[i].txindex +
script_code_len +
script_code +
tx.TxIn[i].sequence +
b''.join(ti.txid + ti.txindex + OP_0 + ti.sequence
for ti in islice(tx.TxIn, i + 1, None)) +
output_count +
output_block +
lock_time +
hash_type
)
input_script_field = tx.TxIn[i].script_sig
elif segwit_input:
try:
tx.TxIn[i].amount = input_dict[tx_input]['amount']\
.to_bytes(8, byteorder='little')
except Attributerror:
raise ValueError(
'Cannot sign a segwit input when the input\'s amount is '
'unknown. Maybe no network connection or the input is '
'already spent? Then please provide all inputs to sign as '
'`Unspent` objects to the function call.')
hashed = sha256( # BIP-143: Used for Segwit
version +
hashPrevouts +
hashSequence +
tx.TxIn[i].txid +
tx.TxIn[i].txindex +
script_code_len +
script_code +
tx.TxIn[i].amount +
tx.TxIn[i].sequence +
hashOutputs +
lock_time +
hash_type
)
input_script_field = tx.TxIn[i].witness
signature = private_key.sign(hashed) + b'\x01'
# ------------------------------------------------------------------
if (private_key.instance == 'MultiSig' or
private_key.instance == 'MultiSigTestnet'):
# P2(W)SH input
script_blob = b''
sigs = {}
# Initial number of witness items (OP_0 + one signature + redeemscript).
witness_count = 3
if input_script_field:
sig_list = get_signatures_from_script(input_script_field)
# Bitcoin Core convention: Every missing signature is denoted
# by 0x00. Only used for already partially-signed scriptSigs:
script_blob += b'\x00' * (private_key.m - len(sig_list)-1)
# Total number of witness items when partially or fully signed:
witness_count = private_key.m + 2
# For a partially signed input make a dictionary containing
# all the provided signatures with public-keys as keys:
for sig in sig_list:
for pub in private_key.public_keys:
if verify_sig(sig[:-1], hashed, hex_to_bytes(pub)):
# If we already found a valid signature for pubkey
# we just overwrite it and don't care.
sigs[pub] = sig
if len(sigs) == private_key.m:
raise TypeError('Transaction is already signed with '
'sufficiently needed signatures.')
elif len(sigs) > private_key.m:
raise TypeError('Transaction already contains {} '
'signatures, but only {} needed.').format(
len(sigs), private_key.m)
sigs[bytes_to_hex(public_key)] = signature
witness = b''
# Sort ingthe signatures according to the public-key list:
for pub in private_key.public_keys:
if pub in sigs:
sig = sigs[pub]
length = int_to_varint(len(sig)) if segwit_input else \
script_push(len(sig))
witness += length + sig
script_sig = b'\x22' + private_key.segwit_scriptcode
witness = (int_to_varint(witness_count) if segwit_input else b'') \
+ b'\x00' + witness + script_blob
witness += (int_to_varint(len(private_key.redeemscript)) if
segwit_input else script_push(len(private_key.redeemscript))) \
+ private_key.redeemscript
script_sig = script_sig if segwit_input else witness
witness = witness if segwit_input else b'\x00' if segwit_tx else b''
# ------------------------------------------------------------------
else:
# P2(W)PKH input
script_sig = b'\x16' + private_key.segwit_scriptcode
witness = (
(b'\x02' if segwit_input else b'') + # witness counter
len(signature).to_bytes(1, byteorder='little') +
signature +
public_key_push +
public_key
)
script_sig = script_sig if segwit_input else witness
witness = witness if segwit_input else b'\x00' if segwit_tx else b''
# Providing the signature(s) to the input
tx.TxIn[i].script_sig = script_sig
tx.TxIn[i].script_sig_len = int_to_varint(len(script_sig))
tx.TxIn[i].witness = witness
return tx.to_hex()
