async def post(self):
key_or_wif = self.get_secure_cookie("key_or_wif")
if not key_or_wif and self.jwt.get('key_or_wif') != 'true':
return self.render_as_json({'error': 'not authorized'})
config = self.config
mongo = self.config.mongo
body = json.loads(self.request.body.decode('utf-8'))
try:
fg = FastGraph.from_dict(0, body.get('txn'), raw=True)
fg.verify()
except:
raise
return 'invalid transaction', 400
res = mongo.db.signed_transactions.find_one({'hash': body.get('hash')})
if res:
return 'no', 400
try:
rid = TU.generate_rid(config, body.get('bulletin_secret'))
my_entry_for_relationship = GU().get_transaction_by_rid(
rid,
config.wif,
rid=True,
my=True,
public_key=config.public_key)
their_entry_for_relationship = GU().get_transaction_by_rid(
rid,
rid=True,
raw=True,
theirs=True,
public_key=config.public_key)
verified = verify_signature(
base64.b64decode(body.get('bulletin_secret')),
my_entry_for_relationship['relationship']
['their_username'].encode(),
bytes.fromhex(their_entry_for_relationship['public_key']))
if not verified:
return 'no', 400
verified = verify_signature(
base64.b64decode(body.get('id')),
body.get('hash').encode('utf-8'),
bytes.fromhex(their_entry_for_relationship['public_key']))
address = str(
P2PKHBitcoinAddress.from_pubkey(
bytes.fromhex(their_entry_for_relationship['public_key'])))
found = False
async for x in self.config.BU.get_wallet_unspent_transactions(
address, [body.get('input')]):
if body.get('input') == x['id']:
found = True
if not found:
for x in self.config.BU.get_wallet_unspent_fastgraph_transactions(
address):
if body.get('input') == x['id']:
found = True
if found:
signature = mongo.db.signed_transactions.find_one({
'input':
body.get('input'),
'txn.public_key':
body['txn']['public_key']
})
if signature:
already_spent = mongo.db.fastgraph_transactions.find_one({
'txn.inputs.id':
body['input'],
'txn.public_key':
body['txn']['public_key']
})
if already_spent:
self.set_status(400)
self.write('already spent!')
self.finish()
return True
else:
signature['txn']['signatures'] = [
signature['signature']
]
fastgraph = FastGraph.from_dict(0, signature['txn'])
try:
fastgraph.verify()
except Exception as e:
raise
return 'did not verify', 400
result = mongo.db.fastgraph_transactions.find_one(
{'txn.hash': fastgraph.hash})
if result:
return 'duplicate transaction found', 400
spent_check = mongo.db.fastgraph_transactions.find_one(
{
'txn.inputs.id': {
'$in': [x.id for x in fastgraph.inputs]
}
})
if spent_check:
return 'already spent input', 400
fastgraph.save()
else:
return 'no transactions with this input found', 400
if verified:
transaction_signature = TU.generate_signature_with_private_key(
config.private_key, body.get('hash'))
signature = {
'signature': transaction_signature,
'hash': body.get('hash'),
'bulletin_secret': body.get('bulletin_secret'),
'input': body.get('input'),
'id': body.get('id'),
'txn': body.get('txn')
}
mongo.db.signed_transactions.insert(signature)
if '_id' in signature:
del signature['_id']
self.render_as_json(signature, indent=4)
else:
return 'no', 400
except Exception as e:
raise
self.render_as_json({'status': 'error', 'msg': e})
async def generate(cls,
bulletin_secret='',
username='',
value=0,
fee=0.0,
rid='',
requester_rid='',
requested_rid='',
public_key='',
dh_public_key='',
private_key='',
dh_private_key='',
to='',
inputs='',
outputs='',
coinbase=False,
chattext=None,
signin=None,
relationship='',
no_relationship=False,
exact_match=False):
cls_inst = cls()
cls_inst.config = get_config()
cls_inst.mongo = cls_inst.config.mongo
cls_inst.app_log = getLogger('tornado.application')
cls_inst.bulletin_secret = bulletin_secret
cls_inst.username = username
cls_inst.rid = rid
cls_inst.requester_rid = requester_rid
cls_inst.requested_rid = requested_rid
cls_inst.public_key = public_key
cls_inst.dh_public_key = dh_public_key
cls_inst.private_key = private_key
cls_inst.value = value
cls_inst.fee = float(fee)
cls_inst.dh_private_key = dh_private_key
cls_inst.to = to
cls_inst.time = str(int(time.time()))
cls_inst.outputs = []
cls_inst.relationship = relationship
cls_inst.no_relationship = no_relationship
cls_inst.exact_match = exact_match
for x in outputs:
cls_inst.outputs.append(Output.from_dict(x))
cls_inst.inputs = []
for x in inputs:
if 'signature' in x and 'public_key' in x and 'address' in x:
cls_inst.inputs.append(ExternalInput.from_dict(x))
else:
cls_inst.inputs.append(Input.from_dict(x))
cls_inst.coinbase = coinbase
cls_inst.chattext = chattext
cls_inst.signin = signin
await cls_inst.do_money()
inputs_concat = ''.join([
x.id for x in sorted(cls_inst.inputs, key=lambda x: x.id.lower())
])
outputs_concat = cls_inst.get_output_hashes()
if bulletin_secret or rid:
if not cls_inst.rid:
cls_inst.rid = cls_inst.generate_rid()
if cls_inst.chattext:
cls_inst.relationship = json.dumps(
{"chatText": cls_inst.chattext})
cls_inst.encrypted_relationship = cls_inst.config.cipher.encrypt(
cls_inst.relationship)
elif cls_inst.signin:
for shared_secret in cls_inst.config.GU.get_shared_secrets_by_rid(
cls_inst.rid):
cls_inst.relationship = SignIn(cls_inst.signin)
cls_inst.cipher = Crypt(shared_secret.hex(), shared=True)
cls_inst.encrypted_relationship = cls_inst.cipher.shared_encrypt(
cls_inst.relationship.to_json())
break
elif cls_inst.relationship:
cls_inst.encrypted_relationship = cls_inst.relationship
elif cls_inst.no_relationship:
cls_inst.encrypted_relationship = ''
else:
if not cls_inst.dh_public_key or not cls_inst.dh_private_key:
a = os.urandom(32).decode('latin1')
cls_inst.dh_public_key = scalarmult_base(a).encode(
'latin1').hex()
cls_inst.dh_private_key = a.encode().hex()
cls_inst.relationship = cls_inst.generate_relationship()
if not private_key:
raise Exception('missing private key')
cls_inst.encrypted_relationship = cls_inst.config.cipher.encrypt(
cls_inst.relationship.to_json().encode())
else:
cls_inst.rid = ''
cls_inst.encrypted_relationship = ''
cls_inst.header = (cls_inst.public_key + cls_inst.time +
cls_inst.dh_public_key + cls_inst.rid +
cls_inst.encrypted_relationship +
"{0:.8f}".format(cls_inst.fee) +
cls_inst.requester_rid + cls_inst.requested_rid +
inputs_concat + outputs_concat)
cls_inst.hash = hashlib.sha256(
cls_inst.header.encode('utf-8')).digest().hex()
if cls_inst.private_key:
cls_inst.transaction_signature = TU.generate_signature_with_private_key(
private_key, cls_inst.hash)
else:
cls_inst.transaction_signature = ''
return cls(cls_inst.time,
cls_inst.rid,
cls_inst.transaction_signature,
cls_inst.encrypted_relationship,
cls_inst.public_key,
cls_inst.dh_public_key,
float(cls_inst.fee),
cls_inst.requester_rid,
cls_inst.requested_rid,
cls_inst.hash,
inputs=[x.to_dict() for x in cls_inst.inputs],
outputs=[x.to_dict() for x in cls_inst.outputs],
coinbase=cls_inst.coinbase)