def _derive_and_print(master_key: str, *path: int, derive_pub_key: bool = True, magicbyte: int = 0): master_pub_key = bitcoin.bip32_privtopub(master_key) derived_key = _derived_key(master_key, *path) if derive_pub_key: derived_bip32_pub_key = _derived_key(master_pub_key, *path) derived_pub_key = bitcoin.bip32_extract_key(derived_bip32_pub_key) else: derived_bip32_pub_key = derived_pub_key = 'N.A.' derived_pub_key_from_key = bitcoin.bip32_privtopub(derived_key) print(''' Derivation path: ({}), Derived BIP32 key: {}, Derived BIP32 public key: {}, BIP32 public key from derived BIP32 private: {}, Derived key: {}, Derived public key: {}, Public key from derived key: {}, BTC address: {} '''.format( ', '.join( str(x) if x <= 2**31 else str(x - 2**31) + '\'' for x in path), derived_key, derived_bip32_pub_key, derived_pub_key_from_key, bitcoin.bip32_extract_key(derived_key), derived_pub_key, bitcoin.privtopub(bitcoin.bip32_extract_key(derived_key)), bitcoin.pubtoaddr(bitcoin.privtopub( bitcoin.bip32_extract_key(derived_key)), magicbyte=magicbyte)))
def test_finalize_gas(self): r_priv = tester.keys[9] r_pub = bitcoin.privtopub(r_priv) r_addr = tester.accounts[9] p_priv = tester.keys[2] p_pub = bitcoin.privtopub(p_priv) p_addr = tester.accounts[2] swap_contract_addr, _ = self.deploy_swap(p_addr) random.seed(0) kdf_seed = random.getrandbits(32 * 8) i = random.randint(1, 100) def cpack(n, bts): import struct fmt = "!{}B".format(n) return struct.pack( fmt, *[bts >> i & 0xff for i in reversed(range(0, n * 8, 8))]) # secret represents partial evaluation of KDF derivation function # where KDF(kdf_seed, i) = sha3(kdf_seed ++ i) secret = cpack(30, kdf_seed) + cpack(2, i) assert len(secret) == 32 value = random.randint(1, 1000000000) # in Solidity: sha3(sha3(secret), bytes32(_value)): msghash = utils.sha3(utils.sha3(secret) + cpack(32, value)) (V, R, S) = sign_btc(msghash, r_priv, r_pub) assert (V, R, S) == sign_eth(msghash, r_priv) ER = cpack(32, R) ES = cpack(32, S) self.s.finalize(secret, value, ER, ES, V, sender=p_priv)
def generate_keyfiles(n, m, vf, sf): '''Generate a set of public and private keys for testing. n - the number of OR loops m - the number of keys per loop (note: constant in this crude version) vf - the file path to which to write the verification keys sf - the file path to which to write the signing (private) keys ''' signing_indices = [random.choice(range(m)) for _ in range(n)] priv = [] with open(sf, 'wb') as f: for i in range(n): priv.append(os.urandom(32)) f.write(binascii.hexlify(priv[i]) + '\n') with open(vf, 'wb') as f: for i in range(n): pubkeys = [] for j in range(m): if j == signing_indices[i]: p = btc.privtopub(priv[i]) else: p = btc.privtopub(os.urandom(32)) p = btc.decode_pubkey(p) p = btc.encode_pubkey(p, 'bin_compressed') pubkeys.append(binascii.hexlify(p)) f.write(','.join(pubkeys) + '\n')
def generate_keyfiles(n, m, vf, sf): '''Generate a set of public and private keys for testing. n - the number of OR loops m - the number of keys per loop (note: constant in this crude version) vf - the file path to which to write the verification keys sf - the file path to which to write the signing (private) keys ''' signing_indices = [random.choice(range(m)) for _ in range(n)] priv=[] with open(sf,'wb') as f: for i in range(n): priv.append(os.urandom(32)) f.write(binascii.hexlify(priv[i])+'\n') with open(vf,'wb') as f: for i in range(n): pubkeys = [] for j in range(m): if j==signing_indices[i]: p = btc.privtopub(priv[i]) else: p = btc.privtopub(os.urandom(32)) p = btc.decode_pubkey(p) p = btc.encode_pubkey(p,'bin_compressed') pubkeys.append(binascii.hexlify(p)) f.write(','.join(pubkeys)+'\n')
def sign_tx(private_key, hex_data): public_address = pubtoaddr(privtopub(private_key)) pubkey = privtopub(private_key) split_data = hex_data.split("00ffffffff") input_stubs = split_data[:-1] output_stub = split_data[-1] pre_sig_script = '1976a914'+b58check_to_hex(public_address)+'88acffffffff' sig_stubs = [] for i in range(len(input_stubs)): signing_message = '' for j in range(i): signing_message += input_stubs[j]+'00ffffffff' signing_message += input_stubs[i] + pre_sig_script for k in range(i+1, len(input_stubs)): signing_message += input_stubs[k]+'00ffffffff' signing_message += output_stub+'01000000' hashed_message = hashlib.sha256(hashlib.sha256(signing_message.decode('hex')).digest()).digest() signingkey = ecdsa.SigningKey.from_string(b58check_to_hex(private_key).decode('hex'), curve=ecdsa.SECP256k1) SIG = binascii.hexlify(signingkey.sign_digest(hashed_message, sigencode=ecdsa.util.sigencode_der_canonize)) ScriptSig = hex(len(SIG+'01')/2)[2:] + SIG + '01' + hex(len(pubkey)/2)[2:] + pubkey ScriptLength = hex(len(ScriptSig)/2)[2:] sig_stub = ScriptLength+ScriptSig+'ffffffff' sig_stubs.append(sig_stub) bytes_ = '' for q in range(len(sig_stubs)): bytes_ += input_stubs[q]+sig_stubs[q] bytes_ += output_stub return bytes_
def ringsig_sign_substitute(msghash, priv, pub_xs, pub_ys): # Number of pubkeys n = len(pub_xs) # Create list of pubkeys as (x, y) points pubs = [(pub_xs[i], recover_y(pub_xs[i], bit(pub_ys, i))) for i in range(n)] # My pubkey my_pub = b.decode_pubkey(b.privtopub(priv)) # Compute my index in the pubkey list my_index = 0 while my_index < n: if pubs[my_index] == my_pub: break my_index += 1 assert my_index < n # Compute the signer's I value I = b.multiply(hash_to_pubkey(list(my_pub)), priv) # Select a random ephemeral key k = b.hash_to_int(b.random_key()) # Store the list of intermediate values in the "ring" e = [None] * n # Compute the entry in the ring corresponding to the signer's index kpub = b.privtopub(k) kmulpub = b.multiply(hash_to_pubkey(list(my_pub)), k) orig_left = hash_array([msghash, kpub[0], kpub[1], kmulpub[0], kmulpub[1]]) orig_right = hash_value(orig_left) e[my_index] = {"left": orig_left, "right": orig_right} # Map of intermediate s values (part of the signature) s = [None] * n for i in list(range(my_index + 1, n)) + list(range(my_index + 1)): prev_i = (i - 1) % n # In your position in the ring, set the s value based on your private # knowledge of k; this lets you "invert" the hash function in order to # ensure a consistent ring. At all other positions, select a random s if i == my_index: s[prev_i] = b.add_privkeys( k, b.mul_privkeys(e[prev_i]["right"], priv)) else: s[prev_i] = b.hash_to_int(b.random_key()) # Create the next values in the ring based on the chosen s value pub1 = b.subtract_pubkeys(b.privtopub(s[prev_i]), b.multiply(pubs[i], e[prev_i]["right"])) pub2 = b.subtract_pubkeys( b.multiply(hash_to_pubkey(list(pubs[i])), s[prev_i]), b.multiply(I, e[prev_i]["right"])) left = hash_array([msghash, pub1[0], pub1[1], pub2[0], pub2[1]]) right = hash_value(left) e[i] = {"left": left, "right": right} # Check that the ring is consistent assert (left, right) == (orig_left, orig_right) # Return the first value in the ring, the s values, and the signer's # I value in compressed form return (e[0]["left"], s, I[0], I[1] % 2)
def test_native_P2WSH_SIGHASH_SINGLE(self): tx = TEST_CASES[1] deserialized = deserialize(tx['unsigned']) serialized = serialize(deserialized) self.assertEqual(serialized, tx['unsigned']) self.assertEqual(deserialized['locktime'], tx['locktime']) ins = self.get_pybtc_vins(tx) outs = self.get_pybtc_outs(tx) generated_tx = mktx(ins, outs) stripped_tx = strip_witness_data(generated_tx) self.assertEqual(stripped_tx, serialized) partially_signed = p2pk_sign(stripped_tx, 0, self.append_compressed_flag_to_privkey( tx['ins'][0]['privkey']), hashcode=SIGHASH_ALL) priv0 = self.append_compressed_flag_to_privkey( tx['ins'][1]['privkeys'][0]) priv1 = self.append_compressed_flag_to_privkey( tx['ins'][1]['privkeys'][1]) pub0 = privtopub(priv0) pub1 = privtopub(priv1) REDEEM_SCRIPT_STRUCTURE = { 'keys': [pub0, pub1], 'schema': [{ 'reqs': 1, 'keys': [0], }, { 'reqs': 1, 'keys': [1], }] } witness_script = mk_OPCS_multisig_script(REDEEM_SCRIPT_STRUCTURE) sign1 = segwit_multisign(partially_signed, 1, witness_script, priv0, 49 * 10**8, hashcode=SIGHASH_SINGLE) sign2 = segwit_multisign(partially_signed, 1, witness_script, priv1, 49 * 10**8, hashcode=SIGHASH_SINGLE, separator_index=1) signed = apply_segwit_multisignatures(partially_signed, 1, witness_script, [sign2, sign1], dummy=False) self.assertEqual(signed, tx['signed']) print('[Native P2WSH] SIGHASH_SINGLE OK')
def test_native_P2WSH_SIGHASH_SINGLE(self): tx = TEST_CASES[1] deserialized = deserialize(tx['unsigned']) serialized = serialize(deserialized) self.assertEqual(serialized, tx['unsigned']) self.assertEqual(deserialized['locktime'], tx['locktime']) ins = self.get_pybtc_vins(tx) outs = self.get_pybtc_outs(tx) generated_tx = mktx(ins, outs) stripped_tx = strip_witness_data(generated_tx) self.assertEqual(stripped_tx, serialized) partially_signed = p2pk_sign(stripped_tx, 0, self.append_compressed_flag_to_privkey(tx['ins'][0]['privkey']), hashcode=SIGHASH_ALL) priv0 = self.append_compressed_flag_to_privkey(tx['ins'][1]['privkeys'][0]) priv1 = self.append_compressed_flag_to_privkey(tx['ins'][1]['privkeys'][1]) pub0 = privtopub(priv0) pub1 = privtopub(priv1) REDEEM_SCRIPT_STRUCTURE = { 'keys': [ pub0, pub1 ], 'schema': [ { 'reqs': 1, 'keys': [0], }, { 'reqs': 1, 'keys': [1], } ] } witness_script = mk_OPCS_multisig_script(REDEEM_SCRIPT_STRUCTURE) sign1 = segwit_multisign(partially_signed, 1, witness_script, priv0, 49 * 10**8, hashcode=SIGHASH_SINGLE) sign2 = segwit_multisign(partially_signed, 1, witness_script, priv1, 49 * 10 ** 8, hashcode=SIGHASH_SINGLE, separator_index=1) signed = apply_segwit_multisignatures(partially_signed, 1, witness_script, [sign2, sign1], dummy=False) self.assertEqual(signed, tx['signed']) print('[Native P2WSH] SIGHASH_SINGLE OK')
def test_key(): priv, pub = gen_key_pair() assert pub == privtopub(priv) priv, pub = gen_key_pair() assert pub == privtopub(priv) priv, pub = gen_key_pair() assert pub == privtopub(priv) priv, pub = gen_key_pair() assert pub == privtopub(priv) priv, pub = gen_key_pair() assert pub == privtopub(priv)
def ringsig_sign_substitute(msghash, priv, pub_xs, pub_ys): # Number of pubkeys n = len(pub_xs) # Create list of pubkeys as (x, y) points pubs = [(pub_xs[i], recover_y(pub_xs[i], bit(pub_ys, i))) for i in range(n)] # My pubkey my_pub = b.decode_pubkey(b.privtopub(priv)) # Compute my index in the pubkey list my_index = 0 while my_index < n: if pubs[my_index] == my_pub: break my_index += 1 assert my_index < n # Compute the signer's I value I = b.multiply(hash_to_pubkey(list(my_pub)), priv) # Select a random ephemeral key k = b.hash_to_int(b.random_key()) # Store the list of intermediate values in the "ring" e = [None] * n # Compute the entry in the ring corresponding to the signer's index kpub = b.privtopub(k) kmulpub = b.multiply(hash_to_pubkey(list(my_pub)), k) orig_left = hash_array([msghash, kpub[0], kpub[1], kmulpub[0], kmulpub[1]]) orig_right = hash_value(orig_left) e[my_index] = {"left": orig_left, "right": orig_right} # Map of intermediate s values (part of the signature) s = [None] * n for i in list(range(my_index + 1, n)) + list(range(my_index + 1)): prev_i = (i - 1) % n # In your position in the ring, set the s value based on your private # knowledge of k; this lets you "invert" the hash function in order to # ensure a consistent ring. At all other positions, select a random s if i == my_index: s[prev_i] = b.add_privkeys(k, b.mul_privkeys(e[prev_i]["right"], priv)) else: s[prev_i] = b.hash_to_int(b.random_key()) # Create the next values in the ring based on the chosen s value pub1 = b.subtract_pubkeys(b.privtopub(s[prev_i]), b.multiply(pubs[i], e[prev_i]["right"])) pub2 = b.subtract_pubkeys(b.multiply(hash_to_pubkey(list(pubs[i])), s[prev_i]), b.multiply(I, e[prev_i]["right"])) left = hash_array([msghash, pub1[0], pub1[1], pub2[0], pub2[1]]) right = hash_value(left) e[i] = {"left": left, "right": right} # Check that the ring is consistent assert (left, right) == (orig_left, orig_right) # Return the first value in the ring, the s values, and the signer's # I value in compressed form return (e[0]["left"], s, I[0], I[1] % 2)
def _bake(self): self.privates = [ hashlib.sha256('priv{}'.format(i).encode()).hexdigest() + '01' for i in range(0, 18) ] self._scripts = [ bitcoin.mk_multisig_script(bitcoin.privtopub(self.privates[x]), bitcoin.privtopub(self.privates[x + 1]), bitcoin.privtopub(self.privates[x + 2]), 2) for x in range(0, 18, 3) ] self.addresses = [ bitcoin.p2sh_scriptaddr(script, magicbyte=196) for script in self._scripts ]
def create_key(crypto): private_key = bitcoin.random_key() public_key = bitcoin.privtopub(private_key) c.execute('INSERT INTO crypto_key (crypto,public_key,private_key,encrypted_private_key,timestamp) VALUES(?,?,?,?,?)', (crypto,public_key,private_key,0,datetime.datetime.now())) conn.commit() return public_key
def get_next_public_key( ): settings = Settings.Instance().get_settings_json() if( settings['bip32master'] is None ): raise RuntimeError( "Master key has not been set up yet" ) account_number, account_key, key_number = KeyHelper.get_account_number_and_chain( settings ) return_key = bitcoin.bip32_ckd( account_key, key_number ) return_key = bitcoin.bip32_extract_key( return_key ) return_key = bitcoin.privtopub( return_key ) #save key for later if 'keys' not in settings['accounts'][account_number]: settings['accounts'][account_number]['keys'] = [] settings['accounts'][account_number]['keys'].append( (key_number, return_key, False ) ) #we increment the key counter after making the key #because the chain code is 0 indexed, making the 0th key #the first one we use key_number += 1 #remember to save our new key settings['accounts'][account_number]['numKeys'] = key_number Settings.Instance().save_config_file( settings ) return return_key
def get_bip32_key( public_keys ): settings = Settings.Instance().get_settings_json() if( settings['bip32master'] is None ): return None account_number, account_key, key_number = KeyHelper.get_account_number_and_chain( settings ) #see if we already have this cached, and I can just get the key fast cached = set( settings['accounts'][account_number].get(keys,[]) ) pub_set = set( public_keys ) hits = cached & pub_set if len(hits) > 0: return KeyHelper.get_private_for_chain( account_number, hits[0][0], settings ) #drat, didn't find it! at least we can only need to test the ones that #we didn't already check missed = set(range(key_number)) - set([cache[0] for cache in cached]) for i in missed: priv = bitcoin.bip32_ckd( account_key, i ) priv = bitcoin.bip32_extract_key( priv ) canidate = bitcoin.privtopub( priv ) if( canidate in public_keys ): return priv return None
def pushPayment(self): #compliantScript = bitcoin.mk_multisig_script([bitcoin.privtopub(self.privS), self.pubKeyClient], 2,2) # inversion!!!! compliantScript = bitcoin.mk_multisig_script([self.pubKeyClient, bitcoin.privtopub(self.privS)], 2,2) sigServer = bitcoin.multisign(self.lastpayment, 0, compliantScript, self.privS) signedPtx = bitcoin.apply_multisignatures(self.lastpayment, 0, compliantScript, [self.lastsig, sigServer]) print 'Broadcast the very last payment. Just got richer. Tx hash:', bitcoin.txhash(signedPtx) bitcoin.pushtx(signedPtx)
def perf(rounds=1000): privkeys = [rand32bytes() for i in range(rounds)] messages = [rand32bytes() for i in range(rounds)] # test sign signatures = [] st = time.time() for priv, msg in zip(privkeys, messages): s = c_ecdsa_sign_compact(msg32, priv) signatures.append(s) elapsed = time.time() - st print 'cffi took: %.2fsecs / %dμs per op / %d signs per sec' % \ (elapsed, elapsed / rounds * 10**6, rounds / elapsed) # test recover pubs = [] st = time.time() for sig, msg in zip(signatures, messages): p = c_ecdsa_recover_compact(msg32, sig) pubs.append(p) elapsed = time.time() - st print 'cffi took: %.2fsecs / %dμs per op / %d recovers per sec' % \ (elapsed, elapsed / rounds * 10**6, rounds / elapsed) # check for pub, privkey in zip(pubs, privkeys)[:100]: assert privtopub(privkey) == pub
def cosign(master_xpriv, recovery_package): raw_txs = recovery_package['txs'] print "Signing %d transactions" % len(raw_txs) for tx_index, tx_raw in enumerate(raw_txs): print "\nTransaction #", tx_index hex_tx = tx_raw['bytes'] tx = bitcoin.transaction.deserialize(unhexlify(hex_tx)) keypaths = tx_raw['input_paths'] keypairs = {} for p in keypaths: xpriv = seedlib.bip32_child(master_xpriv, p) priv = bitcoin.bip32_extract_key(xpriv) pub = bitcoin.privtopub(priv) keypairs[pub] = priv for i, inp in enumerate(tx['ins']): (sigs, pubkeys, redeemScript, M, N) = multisig.decode_multisig_script(inp['script']) for p in pubkeys: if p in keypairs: sig_new = bitcoin.multisign(hex_tx, i, redeemScript, keypairs[p]) sigs.append(sig_new) tx_new = bitcoin.apply_multisignatures( unhexlify(hex_tx), i, redeemScript, sigs) print "Signed transaction %d input %d" % (tx_index, i) # replace tx with newly signed transaction hex_tx = hexlify(tx_new) recovery_package['txs'][tx_index]['bytes'] = hex_tx return recovery_package
def regenerate_keys(account_key, needed_keys, key_list): for key in needed_keys: return_key = bitcoin.bip32_ckd(account_key, key) return_key = bitcoin.bip32_extract_key(return_key) return_key = bitcoin.privtopub(return_key) key_list.append((key, return_key, False)) return
def get_next_public_key(): settings = Settings.Instance().get_settings_json() if (settings['bip32master'] is None): raise RuntimeError("Master key has not been set up yet") account_number, account_key, key_number = KeyHelper.get_account_number_and_chain( settings) return_key = bitcoin.bip32_ckd(account_key, key_number) return_key = bitcoin.bip32_extract_key(return_key) return_key = bitcoin.privtopub(return_key) #save key for later if 'keys' not in settings['accounts'][account_number]: settings['accounts'][account_number]['keys'] = [] settings['accounts'][account_number]['keys'].append( (key_number, return_key, False)) #we increment the key counter after making the key #because the chain code is 0 indexed, making the 0th key #the first one we use key_number += 1 #remember to save our new key settings['accounts'][account_number]['numKeys'] = key_number Settings.Instance().save_config_file(settings) return return_key
def generate_keypair(crypto, seed, password=None): """ Generate a private key and publickey for any currency, given a seed. That seed can be random, or a brainwallet phrase. """ pub_byte, priv_byte = get_magic_bytes(crypto) priv = sha256(seed) pub = privtopub(priv) priv_wif = encode_privkey(priv, 'wif_compressed', vbyte=priv_byte) if password: # pycrypto etc. must be installed or this will raise ImportError, hence inline import. from .bip38 import Bip38EncryptedPrivateKey priv_wif = str(Bip38EncryptedPrivateKey.encrypt(crypto, priv_wif, password)) compressed_pub = encode_pubkey(pub, 'hex_compressed') ret = { 'public': { 'hex_uncompressed': pub, 'hex': compressed_pub, 'address': pubtoaddr(compressed_pub, pub_byte) }, 'private': { 'wif': priv_wif } } if not password: # only these are valid when no bip38 password is supplied ret['private']['hex'] = encode_privkey(priv, 'hex_compressed', vbyte=priv_byte) ret['private']['hex_uncompressed'] = encode_privkey(priv, 'hex', vbyte=priv_byte) ret['private']['wif_uncompressed'] = encode_privkey(priv, 'wif', vbyte=priv_byte) return ret
def prestart(self): super().prestart() # geth is locked to user home home = os.path.expanduser("~") dagfile = os.path.join(home, '.ethash', 'full-R23-0000000000000000') if not os.path.exists(dagfile): raise Exception("Missing DAG {}. run {} makedag 0 {} to initialise ethminer before tests can be run".format( dagfile, self.geth_server, os.path.join(home, '.ethash'))) if self.settings['rpcport'] is None: self.settings['rpcport'] = get_unused_port() if self.settings['node_key'] is None: self.settings['node_key'] = "{:0>64}".format(binascii.b2a_hex(os.urandom(32)).decode('ascii')) if self.settings['ws'] is not None: self.settings['wsport'] = get_unused_port() self.public_key = "{:0>128}".format(binascii.b2a_hex(bitcoin.privtopub(binascii.a2b_hex(self.settings['node_key']))[1:]).decode('ascii')) # write chain file write_chain_file(self.version, self.chainfile, self.author, self.difficulty) p = subprocess.Popen([self.geth_server, '--datadir', self.get_data_directory(), 'init', self.chainfile], stdout=subprocess.PIPE, stderr=subprocess.PIPE) outs, errs = p.communicate(timeout=15) with open(os.path.join(self.get_data_directory(), 'keystore', 'UTC--2017-02-06T16-16-34.720321115Z--de3d2d9dd52ea80f7799ef4791063a5458d13913'), 'w') as inf: inf.write('''{"address":"de3d2d9dd52ea80f7799ef4791063a5458d13913","crypto":{"cipher":"aes-128-ctr","ciphertext":"8d6528acfb366722d9c98f64435bb151f5671f9e4623e546cc7206382a1d54f7","cipherparams":{"iv":"de95c854face9aa50686370cc47d6025"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"6baa74518f9cc34575c981e027154e9c714b400710478c587043c900a37a89b8"},"mac":"37b6d35ea394b129f07e9a90a09b8cc1356d731590201e84405f4592013b4333"},"id":"ce658bd4-6910-4eef-aa39-b32000c38ccc","version":3}''')
def get_bip32_key(public_keys): settings = Settings.Instance().get_settings_json() if (settings['bip32master'] is None): return None account_number, account_key, key_number = KeyHelper.get_account_number_and_chain( settings) #see if we already have this cached, and I can just get the key fast cached = set(settings['accounts'][account_number].get(keys, [])) pub_set = set(public_keys) hits = cached & pub_set if len(hits) > 0: return KeyHelper.get_private_for_chain(account_number, hits[0][0], settings) #drat, didn't find it! at least we can only need to test the ones that #we didn't already check missed = set(range(key_number)) - set([cache[0] for cache in cached]) for i in missed: priv = bitcoin.bip32_ckd(account_key, i) priv = bitcoin.bip32_extract_key(priv) canidate = bitcoin.privtopub(priv) if (canidate in public_keys): return priv return None
def sign(self, key): """Sign this transaction with a private key. A potentially already existing signature would be overridden. """ if not is_bitcoin_available() or not is_secp256k1_available(): raise ImportError( "In order to sign transactions the " "`bitcoin` and `secp256k1` packages must be installed.") from bitcoin import privtopub from secp256k1 import PrivateKey if key in (0, b'', b'\x00' * 32, b'0' * 64): raise ValueError("Zero privkey cannot sign") rawhash = decode_hex(sha3(rlp.encode(self, UnsignedTransaction))) if len(key) in {64, 66}: # we need a binary key key = decode_hex(key) pk = PrivateKey(key, raw=True) sig_bytes, rec_id = pk.ecdsa_recoverable_serialize( pk.ecdsa_sign_recoverable(rawhash, raw=True)) signature = sig_bytes + force_bytes(chr(rec_id)) self.v = (ord(signature[64]) if is_string(signature[64]) else signature[64]) + 27 self.r = decode_big_endian_int(signature[0:32]) self.s = decode_big_endian_int(signature[32:64]) self.sender = to_address(sha3(privtopub(key)[1:])[-40:]) return self
def sign(self, key): """Sign this transaction with a private key. A potentially already existing signature would be overridden. """ if not is_bitcoin_available() or not is_secp256k1_available(): raise ImportError( "In order to sign transactions the " "`bitcoin` and `secp256k1` packages must be installed." ) from bitcoin import privtopub from secp256k1 import PrivateKey if key in (0, b'', b'\x00' * 32, b'0' * 64): raise ValueError("Zero privkey cannot sign") rawhash = decode_hex(sha3(rlp.encode(self, UnsignedTransaction))) if len(key) in {64, 66}: # we need a binary key key = decode_hex(key) pk = PrivateKey(key, raw=True) sig_bytes, rec_id = pk.ecdsa_recoverable_serialize( pk.ecdsa_sign_recoverable(rawhash, raw=True) ) signature = sig_bytes + force_bytes(chr(rec_id)) self.v = (ord(signature[64]) if is_string(signature[64]) else signature[64]) + 27 self.r = decode_big_endian_int(signature[0:32]) self.s = decode_big_endian_int(signature[32:64]) self.sender = to_address(sha3(privtopub(key)[1:])[-40:]) return self
def generate_keypair(crypto, seed, password=None): """ Generate a private key and publickey for any currency, given a seed. That seed can be random, or a brainwallet phrase. """ pub_byte, priv_byte = get_magic_bytes(crypto) priv = sha256(seed) pub = privtopub(priv) if priv_byte >= 128: priv_byte -= 128 #pybitcointools bug priv_wif = encode_privkey(priv, 'wif_compressed', vbyte=priv_byte) if password: priv_wif = bip38_encrypt(priv_wif, password) compressed_pub = encode_pubkey(pub, 'hex_compressed') ret = { 'public': { 'hex_uncompressed': pub, 'hex': compressed_pub, 'address': pubtoaddr(compressed_pub, pub_byte) }, 'private': { 'wif': priv_wif } } if not password: # only these are valid when no bip38 password is supplied ret['private']['hex'] = encode_privkey(priv, 'hex_compressed', vbyte=priv_byte) ret['private']['hex_uncompressed'] = encode_privkey(priv, 'hex', vbyte=priv_byte) ret['private']['wif_uncompressed'] = encode_privkey(priv, 'wif', vbyte=priv_byte) return ret
def ringsig_verify_substitute(msghash, x0, s, Ix, Iy, pub_xs, pub_ys): # Number of pubkeys n = len(pub_xs) # Create list of pubkeys as (x, y) points pubs = [(pub_xs[i], recover_y(pub_xs[i], bit(pub_ys, i))) for i in range(n)] # Decompress the provided I value I = Ix, recover_y(Ix, Iy) # Store the list of intermediate values in the "ring" e = [None] * (n + 1) # Set the first value in the ring to that provided in the signature e[0] = [x0, hash_value(x0)] i = 1 while i < n + 1: prev_i = (i - 1) % n # Create the next values in the ring based on the provided s value pub1 = b.subtract_pubkeys(b.privtopub(s[prev_i]), b.multiply(pubs[i % n], e[prev_i][1])) pub2 = b.subtract_pubkeys(b.multiply(hash_to_pubkey(list(pubs[i % n])), s[prev_i]), b.multiply(I, e[prev_i][1])) left = hash_array([msghash, pub1[0], pub1[1], pub2[0], pub2[1]]) right = hash_value(left) # FOR DEBUGGING # if i >= 1: # print 'pre', pubs[i % n] # print 'pub1', pub1 # print 'pub2', pub2 # print 'left', left # print 'right', right e[i] = [left, right] i += 1 # Check that the ring is consistent return(e[n][0] == e[0][0] and e[n][1] == e[0][1])
def test_valid_sigs(setup_ecc): for v in vectors['vectors']: msg = v['msg'] sig = v['sig'] priv = v['privkey'] assert sig == btc.ecdsa_raw_sign(msg, priv, True, rawmsg=True) + '01' #check that the signature verifies against the key(pair) pubkey = btc.privtopub(priv) assert btc.ecdsa_raw_verify(msg, pubkey, sig[:-2], True, rawmsg=True) #check that it fails to verify against corrupted signatures for i in [0, 1, 2, 4, 7, 25, 55]: #corrupt one byte binsig = binascii.unhexlify(sig) checksig = binascii.hexlify(binsig[:i] + chr((ord(binsig[i]) + 1) % 256) + binsig[i + 1:-1]) #this kind of corruption will sometimes lead to an assert #failure (if the DER format is corrupted) and sometimes lead #to a signature verification failure. try: res = btc.ecdsa_raw_verify(msg, pubkey, checksig, True, rawmsg=True) except: continue assert res == False
def test_ecrecover(): s = tester.state() c = s.abi_contract(ecrecover_code) priv = utils.sha3('some big long brainwallet password') pub = bitcoin.privtopub(priv) msghash = utils.sha3('the quick brown fox jumps over the lazy dog') pk = PrivateKey(priv, raw=True) signature = pk.ecdsa_recoverable_serialize( pk.ecdsa_sign_recoverable(msghash, raw=True) ) signature = signature[0] + utils.bytearray_to_bytestr([signature[1]]) V = utils.safe_ord(signature[64]) + 27 R = big_endian_to_int(signature[0:32]) S = big_endian_to_int(signature[32:64]) assert bitcoin.ecdsa_raw_verify(msghash, (V, R, S), pub) addr = utils.big_endian_to_int(utils.sha3(bitcoin.encode_pubkey(pub, 'bin')[1:])[12:]) assert utils.big_endian_to_int(utils.privtoaddr(priv)) == addr result = c.test_ecrecover(utils.big_endian_to_int(msghash), V, R, S) assert result == addr
def test_ecrecover(): s = tester.state() c = s.abi_contract(ecrecover_code) priv = utils.sha3('some big long brainwallet password') pub = bitcoin.privtopub(priv) msghash = utils.sha3('the quick brown fox jumps over the lazy dog') pk = PrivateKey(priv, raw=True) signature = pk.ecdsa_recoverable_serialize( pk.ecdsa_sign_recoverable(msghash, raw=True)) signature = signature[0] + utils.bytearray_to_bytestr([signature[1]]) V = utils.safe_ord(signature[64]) + 27 R = big_endian_to_int(signature[0:32]) S = big_endian_to_int(signature[32:64]) assert bitcoin.ecdsa_raw_verify(msghash, (V, R, S), pub) addr = utils.big_endian_to_int( utils.sha3(bitcoin.encode_pubkey(pub, 'bin')[1:])[12:]) assert utils.big_endian_to_int(utils.privtoaddr(priv)) == addr result = c.test_ecrecover(utils.big_endian_to_int(msghash), V, R, S) assert result == addr
def ringsig_verify_substitute(msghash, x0, s, Ix, Iy, pub_xs, pub_ys): # Number of pubkeys n = len(pub_xs) # Create list of pubkeys as (x, y) points pubs = [(pub_xs[i], recover_y(pub_xs[i], bit(pub_ys, i))) for i in range(n)] # Decompress the provided I value I = Ix, recover_y(Ix, Iy) # Store the list of intermediate values in the "ring" e = [None] * (n + 1) # Set the first value in the ring to that provided in the signature e[0] = [x0, hash_value(x0)] i = 1 while i < n + 1: prev_i = (i - 1) % n # Create the next values in the ring based on the provided s value pub1 = b.subtract_pubkeys(b.privtopub(s[prev_i]), b.multiply(pubs[i % n], e[prev_i][1])) pub2 = b.subtract_pubkeys( b.multiply(hash_to_pubkey(list(pubs[i % n])), s[prev_i]), b.multiply(I, e[prev_i][1])) left = hash_array([msghash, pub1[0], pub1[1], pub2[0], pub2[1]]) right = hash_value(left) # FOR DEBUGGING # if i >= 1: # print 'pre', pubs[i % n] # print 'pub1', pub1 # print 'pub2', pub2 # print 'left', left # print 'right', right e[i] = [left, right] i += 1 # Check that the ring is consistent return (e[n][0] == e[0][0] and e[n][1] == e[0][1])
def regenerate_keys( account_key, needed_keys, key_list ): for key in needed_keys: return_key = bitcoin.bip32_ckd(account_key, key) return_key = bitcoin.bip32_extract_key(return_key) return_key = bitcoin.privtopub(return_key) key_list.append( ( key, return_key, False ) ) return
def test_cccoin_mc_write(mc_node_url, cccoin_core): cccoin_core.mcq = MediachainQueue(mc_api_url=mc_node_url, default_namespace='cccoin') the_pw = 'some big long brainwallet password' priv = btc.sha256(the_pw) pub = btc.privtopub(priv) blind_post, unblind_post = client_post( 'http://foo', 'The Title ', priv, pub, ) cccoin_core.submit_blind_action(blind_post) cccoin_core.submit_unblind_action(unblind_post) cccoin_core.cw.loop_once() start_block = cccoin_core.cw.latest_block_num while cccoin_core.cw.latest_block_num < start_block + 3: # not sure why / if this is the magic number, but it WFM... cccoin_core.cw.loop_once() sleep(0.1) cccoin_core.mcq.wait_for_completion() client = MediachainClient(mc_api_url=mc_node_url) results = IOLoop.current().run_sync( lambda: client.query('SELECT * FROM cccoin')) assert (len(results) > 0)
def warp(passphrase, salt=""): s1 = scrypt.hash(passphrase + "\x01", salt+"\x01", N=2**18, r=8, p=1, buflen=32) s2 = pbkdf2(passphrase + "\x02", salt=salt+"\x02", keylen=32, rounds=2**16, prf="hmac-sha256") key = binascii.hexlify(xor(s1, s2)) return key, bitcoin.pubtoaddr(bitcoin.privtopub(key))
def save(self, *args, **kwargs): created = not self.pk if created: self.public_key = privtopub(self.private_key) self.address = pubtoaddr(self.public_key) super().save(*args, **kwargs)
def foo(f): result.append(f.result()) if len(result) == len(futures): key = binascii.hexlify(xor(*result)) pub = bitcoin.pubtoaddr(bitcoin.privtopub(key)) if pub == _pub_key: print "Found passphrase: ", passphrase print key , "->", pub
def mine(cls, min_value=1): seckey = os.urandom(32) while True: seckey = utils.sha3(seckey) pubkey = utils.sha3(b.privtopub(seckey)[1:])[12:] value = 2**difficulty(utils.sha3(pubkey)) if value >= min_value: return cls(pubkey, seckey)
def foo(f): result.append(f.result()) if len(result) == len(futures): key = binascii.hexlify(xor(*result)) pub = bitcoin.pubtoaddr(bitcoin.privtopub(key)) if pub == _pub_key: print "Found passphrase: ", passphrase print key, "->", pub
def run(self): print 'Initialisation of MPC...' # exchange public keys pubKeyServer = bitcoin.privtopub(self.privS) print 'pubKeyServer: ', pubKeyServer self.pubKeyClient = txUtils.exchangePubKey(pubKeyServer, self.c) print 30 * '#', 'Handshake', 30 * '#' print 'Public Key received from client is: ', self.pubKeyClient # receive the signed Dtx and signedDtx = self.c.jrecv() print 'SignedDtx:', signedDtx #print pprint(bitcoin.deserialize(signedDtx)) scriptDtx = self.c.jrecv() print 'ScriptDtx: ', scriptDtx own = bitcoin.mk_multisig_script( [self.pubKeyClient, bitcoin.privtopub(self.privS)], 2, 2) # inversion!!!! if own != scriptDtx: print 'Anomalous ScriptDtx. Own is:', own # broadcast D bitcoin.pushtx(signedDtx) print 35 * '#', ' MPC initialised ', 35 * '#' self.balance += 1000000 # authorize use of the internet: hpUtils.allowFwd(self.ipClient) # set up Cashier (observed) self.cashier = cashier(self.c) self.cashier.addObserver(self) # obviously not the right way self.cashier.start() # start control spin self.controlSpin() # broadcast payment print 'Manager broadcasts payment' self.pushPayment() # terminate cashier print "Manager waiting for cashier's termination" self.cashier.join() #self.c.close() print 'Manager terminating'
def create_key(crypto): private_key = bitcoin.random_key() public_key = bitcoin.privtopub(private_key) c.execute( 'INSERT INTO crypto_key (crypto,public_key,private_key,encrypted_private_key,timestamp) VALUES(?,?,?,?,?)', (crypto, public_key, private_key, 0, datetime.datetime.now())) conn.commit() return public_key
def compute_adr_P2SH(args): try: (priv_num, pubs, nkr, nkt) = args pub = bitcoin.privtopub(hexa(priv_num)) mscript = bitcoin.mk_multisig_script([pub] + pubs[1:], nkr, nkt) return bitcoin.p2sh_scriptaddr(mscript) except KeyboardInterrupt: return "x"
def sign(data: bytes, private_key_seed_ascii: str, hash_function=bitcoin.bin_sha256): """Sign data using Ethereum private key. :param private_key_seed_ascii: Private key seed as ASCII string """ msghash = hash_function(data) priv = utils.sha3(private_key_seed_ascii) pub = bitcoin.privtopub(priv) # Based on ethereum/tesrt_contracts.py test_ecrecover pk = PrivateKey(priv, raw=True) signature = pk.ecdsa_recoverable_serialize( pk.ecdsa_sign_recoverable(msghash, raw=True)) signature = signature[0] + utils.bytearray_to_bytestr([signature[1]]) # Enforce non-tightly-packed arguments for signing # (0x00 left pad) # https://github.com/ethereum/web3.py/issues/466 v = utils.safe_ord(signature[64]) + 27 r_bytes = signature[0:32] r_bytes = pad_left(r_bytes, 32, b"\0") r = big_endian_to_int(r_bytes) s_bytes = signature[32:64] s_bytes = pad_left(s_bytes, 32, b"\0") s = big_endian_to_int(s_bytes) # Make sure we use bytes data and zero padding stays # good across different systems r_hex = binascii.hexlify(r_bytes).decode("ascii") s_hex = binascii.hexlify(s_bytes).decode("ascii") # Convert to Etheruem address format addr = utils.big_endian_to_int( utils.sha3(bitcoin.encode_pubkey(pub, 'bin')[1:])[12:]) # Return various bits about signing so it's easier to debug return { "signature": signature, "v": v, "r": r, "s": s, "r_bytes": r_bytes, "s_bytes": s_bytes, "r_hex": "0x" + r_hex, "s_hex": "0x" + s_hex, "address_bitcoin": addr, "address_ethereum": get_ethereum_address_from_private_key(priv), "public_key": pub, "hash": msghash, "payload": binascii.hexlify(bytes([v] + list(r_bytes) + list(s_bytes, ))) }
def _compute_keys(self):#, field_name, args): res={} for c in self:#.browse(ids): pub_key = bitcoin.privtopub(c.secret_key) val={'public_key': 'x', #pub_key, 'code_fnct': '', #bitcoin.pubtoaddr( pub_key ), } res[c.id]=val return res
def __init__(self, private_key=None, outputs=None, previous_n=0): if not private_key: self.private_key = bitcoin.electrum_privkey(current_app.config.get('BITCOIN_KEY_SEED'), previous_n+1) else: self.private_key = private_key self.public_key = bitcoin.privtopub(self.private_key) self.address = bitcoin.pubtoaddr(self.public_key) self.outputs = outputs self.created = datetime.datetime.utcnow()
def secure_privtopub(priv): if len(priv) == 64: return encode_hex(secure_privtopub(decode_hex(priv))) if openssl: k = openssl.CKey() k.generate(priv) return k.get_pubkey() else: return bitcoin.privtopub(priv)
def pvkey2adr(pvkey, network=5): pub_hex = bitcoin.privtopub(pvkey) pub_bin = bitcoin.encode_pubkey(pub_hex, "bin_compressed") PKH = bitcoin.bin_hash160(pub_bin) # script = "\0" + PKH # address_bin = bitcoin.bin_hash160(script) address = bitcoin.bin_to_b58check(PKH, 0) #assert bitcoin.p2sh_scriptaddr(script,network) == address return address
def create_encrypted_key(crypto,password): private_key = bitcoin.random_key() public_key = bitcoin.privtopub(private_key) # encrypt private key here encrypted_private_key=simplecrypt.encrypt(password=password,data=private_key) c.execute('INSERT INTO crypto_key (crypto,public_key,private_key,encrypted_private_key,timestamp) VALUES(?,?,?,?,?)', (crypto,public_key,0,encrypted_private_key,datetime.datetime.now())) conn.commit() return public_key
def run(self): print 'Initialisation of MPC...' # exchange public keys pubKeyServer = bitcoin.privtopub(self.privS) print 'pubKeyServer: ', pubKeyServer self.pubKeyClient = txUtils.exchangePubKey(pubKeyServer, self.c) print 30*'#', 'Handshake', 30*'#' print 'Public Key received from client is: ', self.pubKeyClient # receive the signed Dtx and signedDtx = self.c.jrecv() print 'SignedDtx:' , signedDtx #print pprint(bitcoin.deserialize(signedDtx)) scriptDtx = self.c.jrecv() print 'ScriptDtx: ', scriptDtx own = bitcoin.mk_multisig_script([self.pubKeyClient, bitcoin.privtopub(self.privS)], 2,2) # inversion!!!! if own != scriptDtx: print 'Anomalous ScriptDtx. Own is:', own # broadcast D bitcoin.pushtx(signedDtx) print 35*'#',' MPC initialised ', 35*'#' self.balance += 1000000 # authorize use of the internet: hpUtils.allowFwd(self.ipClient) # set up Cashier (observed) self.cashier = cashier(self.c) self.cashier.addObserver(self) # obviously not the right way self.cashier.start() # start control spin self.controlSpin() # broadcast payment print 'Manager broadcasts payment' self.pushPayment() # terminate cashier print "Manager waiting for cashier's termination" self.cashier.join() #self.c.close() print 'Manager terminating'
def showDetails(mnemonic, passphrase="", i=1): myMnemonic = mnemonic passphrase = passphrase mnemo = Mnemonic('english') seed = hexlify(mnemo.to_seed(myMnemonic, passphrase=passphrase)) print 'Seed:\t\t\t\t', seed priv = bitcoin.bip32_master_key(unhexlify(seed)) print 'Xpriv:\t\t\t\t', priv key = bitcoin.encode_privkey(bitcoin.bip32_extract_key(priv), 'wif_compressed') print 'Key:\t\t\t\t', key pub = bitcoin.bip32_privtopub(priv) print 'Derived public key:\t', pub pubHex = bitcoin.bip32_extract_key(pub) print 'public key (hex):\t', pubHex print 'Master Key address:\t', bitcoin.pubtoaddr(pubHex) print "" print "TREZOR Keys:" account = 0 derivedPrivateKey = bitcoin.bip32_ckd( bitcoin.bip32_ckd(bitcoin.bip32_ckd(priv, 44 + HARDENED), HARDENED), HARDENED + account) print 'Derived private key:', derivedPrivateKey privateKey = bitcoin.encode_privkey( bitcoin.bip32_extract_key(derivedPrivateKey), 'wif_compressed') print 'private key (wif):\t', privateKey derivedPublicKey = bitcoin.bip32_privtopub(derivedPrivateKey) print 'Derived public key:', derivedPublicKey publicKeyHex = bitcoin.privtopub(privateKey) print 'public key (hex):\t', publicKeyHex address = bitcoin.pubtoaddr(publicKeyHex) print 'address:\t\t\t', address print "" print "Account public keys (XPUB)" xpubs = [] for i in range(0, i): derivedPrivateKey = bitcoin.bip32_ckd( bitcoin.bip32_ckd(bitcoin.bip32_ckd(priv, 44 + HARDENED), HARDENED), HARDENED + i) xpub = bitcoin.bip32_privtopub(derivedPrivateKey) print 'Account', i, 'xpub:', xpub xpubs.append(xpub) return xpubs
def auth_counterparty(self, nick, cr): #deserialize the commitment revelation cr_dict = btc.PoDLE.deserialize_revelation(cr) #check the validity of the proof of discrete log equivalence tries = jm_single().config.getint("POLICY", "taker_utxo_retries") def reject(msg): log.info("Counterparty commitment not accepted, reason: " + msg) return False if not btc.verify_podle(cr_dict['P'], cr_dict['P2'], cr_dict['sig'], cr_dict['e'], self.maker.commit, index_range=range(tries)): reason = "verify_podle failed" return reject(reason) #finally, check that the proffered utxo is real, old enough, large enough, #and corresponds to the pubkey res = jm_single().bc_interface.query_utxo_set([cr_dict['utxo']], includeconf=True) if len(res) != 1 or not res[0]: reason = "authorizing utxo is not valid" return reject(reason) age = jm_single().config.getint("POLICY", "taker_utxo_age") if res[0]['confirms'] < age: reason = "commitment utxo not old enough: " + str(res[0]['confirms']) return reject(reason) reqd_amt = int(self.cj_amount * jm_single().config.getint( "POLICY", "taker_utxo_amtpercent") / 100.0) if res[0]['value'] < reqd_amt: reason = "commitment utxo too small: " + str(res[0]['value']) return reject(reason) if res[0]['address'] != btc.pubkey_to_address(cr_dict['P'], get_p2pk_vbyte()): reason = "Invalid podle pubkey: " + str(cr_dict['P']) return reject(reason) # authorisation of taker passed # Send auth request to taker # Need to choose an input utxo pubkey to sign with # (no longer using the coinjoin pubkey from 0.2.0) # Just choose the first utxo in self.utxos and retrieve key from wallet. auth_address = self.utxos[self.utxos.keys()[0]]['address'] auth_key = self.maker.wallet.get_key_from_addr(auth_address) auth_pub = btc.privtopub(auth_key) btc_sig = btc.ecdsa_sign(self.kp.hex_pk(), auth_key) self.maker.msgchan.send_ioauth(nick, self.utxos.keys(), auth_pub, self.cj_addr, self.change_addr, btc_sig) #In case of *blacklisted (ie already used) commitments, we already #broadcasted them on receipt; in case of valid, and now used commitments, #we broadcast them here, and not early - to avoid accidentally #blacklisting commitments that are broadcast between makers in real time #for the same transaction. self.maker.transfer_commitment(self.maker.commit) #now persist the fact that the commitment is actually used. check_utxo_blacklist(self.maker.commit, persist=True) return True
def import_key(crypto,private_key): c.execute('SELECT * FROM crypto_key WHERE private_key = ?',(private_key,)) out=c.fetchall() if len(out) != 0: return None public_key=bitcoin.privtopub(private_key) c.execute('INSERT INTO crypto_key (crypto,public_key,private_key,encrypted_private_key,timestamp) VALUES(?,?,?,?,?)', (crypto,public_key,private_key,0,datetime.datetime.now())) conn.commit() return public_key
def showDetails(mnemonic, passphrase="", i=1): myMnemonic = mnemonic passphrase = passphrase mnemo = Mnemonic('english') seed = hexlify(mnemo.to_seed(myMnemonic, passphrase=passphrase)) print 'Seed:\t\t\t\t', seed priv = bitcoin.bip32_master_key(unhexlify(seed)) print 'Xpriv:\t\t\t\t', priv key = bitcoin.encode_privkey(bitcoin.bip32_extract_key(priv), 'wif_compressed') print 'Key:\t\t\t\t', key pub = bitcoin.bip32_privtopub(priv) print 'Derived public key:\t', pub pubHex = bitcoin.bip32_extract_key(pub) print 'public key (hex):\t', pubHex print 'Master Key address:\t', bitcoin.pubtoaddr(pubHex) print "" print "TREZOR Keys:" account = 0 derivedPrivateKey = bitcoin.bip32_ckd(bitcoin.bip32_ckd(bitcoin.bip32_ckd(priv, 44+HARDENED), HARDENED), HARDENED+account) print 'Derived private key:', derivedPrivateKey privateKey = bitcoin.encode_privkey(bitcoin.bip32_extract_key(derivedPrivateKey), 'wif_compressed') print 'private key (wif):\t', privateKey derivedPublicKey = bitcoin.bip32_privtopub(derivedPrivateKey) print 'Derived public key:', derivedPublicKey publicKeyHex = bitcoin.privtopub(privateKey) print 'public key (hex):\t', publicKeyHex address = bitcoin.pubtoaddr(publicKeyHex) print 'address:\t\t\t', address print "" print "Account public keys (XPUB)" xpubs = [] for i in range(0, i): derivedPrivateKey = bitcoin.bip32_ckd(bitcoin.bip32_ckd(bitcoin.bip32_ckd(priv, 44+HARDENED), HARDENED), HARDENED+i) xpub = bitcoin.bip32_privtopub(derivedPrivateKey) print 'Account', i, 'xpub:', xpub xpubs.append(xpub) return xpubs
def eth_privtoaddr(priv) -> str: """Generate Ethereum address from a private key. God, it was hard to find how this happens. https://github.com/ethereum/pyethsaletool/blob/master/pyethsaletool.py#L111 :return: 0x prefixed hex string """ pub = bitcoin.encode_pubkey(bitcoin.privtopub(priv), 'bin_electrum') return "0x" + binascii.hexlify(sha3(pub)[12:]).decode("ascii")
def start_encryption(self, nick, maker_pk): if nick not in self.active_orders.keys(): raise Exception("Counterparty not part of this transaction.") self.crypto_boxes[nick] = [maker_pk, enc_wrapper.as_init_encryption(\ self.kp, enc_wrapper.init_pubkey(maker_pk))] #send authorisation request my_btc_addr = self.input_utxos.itervalues().next()['address'] my_btc_priv = self.wallet.get_key_from_addr(my_btc_addr) my_btc_pub = btc.privtopub(my_btc_priv) my_btc_sig = btc.ecdsa_sign(self.kp.hex_pk(), my_btc_priv) self.msgchan.send_auth(nick, my_btc_pub, my_btc_sig)
def private_key_to_address(self, pk): """ Convert a private key (in hex format) into an address. """ pub = privtopub(pk) pub_byte, priv_byte = get_magic_bytes(self.crypto) if priv_byte >= 128: priv_byte -= 128 #pybitcointools bug return pubtoaddr(pub, pub_byte)
def donation_address(reusable_donation_pubkey=None): if not reusable_donation_pubkey: reusable_donation_pubkey = ('02be838257fbfddabaea03afbb9f16e852' '9dfe2de921260a5c46036d97b5eacf2a') sign_k = binascii.hexlify(os.urandom(32)) c = btc.sha256(btc.multiply(sign_k, reusable_donation_pubkey, True)) sender_pubkey = btc.add_pubkeys([reusable_donation_pubkey, btc.privtopub(c+'01', True)], True) sender_address = btc.pubtoaddr(sender_pubkey, get_p2pk_vbyte()) log.info('sending coins to ' + sender_address) return sender_address, sign_k
def test_ecrecover(self): priv = b.sha256('some big long brainwallet password') pub = b.privtopub(priv) msghash = b.sha256('the quick brown fox jumps over the lazy dog') V, R, S = b.ecdsa_raw_sign(msghash, priv) assert b.ecdsa_raw_verify(msghash, (V, R, S), pub) addr = utils.sha3(b.encode_pubkey(pub, 'bin')[1:])[12:] assert utils.privtoaddr(priv) == addr result = self.c.test_ecrecover(utils.big_endian_to_int(msghash.decode('hex')), V, R, S) assert result == utils.big_endian_to_int(addr)
def bip38_decrypt(encrypted_privkey, passphrase, wif=False): """ BIP0038 non-ec-multiply decryption. Returns hex privkey. """ passphrase = normalize('NFC', unicode(passphrase)) if is_py2: passphrase = passphrase.encode('utf8') d = unhexlify(changebase(encrypted_privkey, 58, 16, 86)) d = d[2:] flagbyte = d[0:1] d = d[1:] # respect flagbyte, return correct pair if flagbyte == b'\xc0': compressed = False if flagbyte == b'\xe0': compressed = True addresshash = d[0:4] d = d[4:-4] key = scrypt.hash(passphrase,addresshash, 16384, 8, 8) derivedhalf1 = key[0:32] derivedhalf2 = key[32:64] encryptedhalf1 = d[0:16] encryptedhalf2 = d[16:32] aes = AES.new(derivedhalf2) decryptedhalf2 = aes.decrypt(encryptedhalf2) decryptedhalf1 = aes.decrypt(encryptedhalf1) priv = decryptedhalf1 + decryptedhalf2 priv = unhexlify('%064x' % (long(hexlify(priv), 16) ^ long(hexlify(derivedhalf1), 16))) pub = privtopub(priv) if compressed: pub = encode_pubkey(pub,'hex_compressed') addr = pubtoaddr(pub) if is_py2: ascii_key = addr else: ascii_key = bytes(addr,'ascii') if sha256(sha256(ascii_key).digest()).digest()[0:4] != addresshash: raise Exception('Bip38 password decrypt failed: Wrong password?') else: formatt = 'wif' if wif else 'hex' if compressed: return encode_privkey(priv, formatt + '_compressed') else: return encode_privkey(priv, formatt)