def do_test(exp_hex, wif, c_wif, public_pair_sec, c_public_pair_sec, address_b58, c_address_b58): secret_exponent = int(exp_hex, 16) sec = h2b(public_pair_sec) c_sec = h2b(c_public_pair_sec) self.assertEqual( secret_exponent_to_wif(secret_exponent, compressed=False), wif) self.assertEqual( secret_exponent_to_wif(secret_exponent, compressed=True), c_wif) key = BitcoinMainnet.ui.parse(wif) exponent = key.secret_exponent() compressed = not key._use_uncompressed() self.assertEqual(exponent, secret_exponent) self.assertFalse(compressed) key = BitcoinMainnet.ui.parse(c_wif) exponent = key.secret_exponent() compressed = not key._use_uncompressed() self.assertEqual(exponent, secret_exponent) self.assertTrue(compressed) public_pair = secret_exponent * secp256k1_generator pk_public_pair = sec_to_public_pair(sec, secp256k1_generator) compressed = is_sec_compressed(sec) self.assertEqual(pk_public_pair, public_pair) self.assertFalse(is_sec_compressed(sec)) self.assertEqual( public_pair_to_sec(pk_public_pair, compressed=False), sec) pk_public_pair = sec_to_public_pair(c_sec, secp256k1_generator) compressed = is_sec_compressed(c_sec) self.assertEqual(pk_public_pair, public_pair) self.assertTrue(compressed) self.assertEqual( public_pair_to_sec(pk_public_pair, compressed=True), c_sec) bca = public_pair_to_bitcoin_address(pk_public_pair, compressed=True) self.assertEqual(bca, c_address_b58) self.assertEqual( bitcoin_address_to_hash160_sec(c_address_b58), public_pair_to_hash160_sec(pk_public_pair, compressed=True)) bca = public_pair_to_bitcoin_address(pk_public_pair, compressed=False) self.assertEqual(bca, address_b58) self.assertEqual( bitcoin_address_to_hash160_sec(address_b58), public_pair_to_hash160_sec(pk_public_pair, compressed=False))
def test_signature_hash(self): compressed = False exponent_2 = int( "137f3276686959c82b454eea6eefc9ab1b9e45bd4636fb9320262e114e321da1", 16) address_2 = public_pair_to_bitcoin_address(exponent_2 * secp256k1_generator, compressed=compressed) key = BitcoinMainnet.ui.parse( "5JMys7YfK72cRVTrbwkq5paxU7vgkMypB55KyXEtN5uSnjV7K8Y") exponent = key.secret_exponent() public_key_sec = public_pair_to_sec(exponent * secp256k1_generator, compressed=compressed) the_coinbase_tx = Tx.coinbase_tx(public_key_sec, int(50 * 1e8), COINBASE_BYTES_FROM_80971) coins_from = [(the_coinbase_tx.hash(), 0, the_coinbase_tx.txs_out[0])] coins_to = [(int(50 * 1e8), address_2)] unsigned_coinbase_spend_tx = standard_tx(coins_from, coins_to) tx_out_script_to_check = the_coinbase_tx.txs_out[0].script idx = 0 solution_checker = BitcoinSolutionChecker(unsigned_coinbase_spend_tx) actual_hash = solution_checker._signature_hash(tx_out_script_to_check, idx, hash_type=SIGHASH_ALL) self.assertEqual( actual_hash, 29819170155392455064899446505816569230970401928540834591675173488544269166940 )
def do_test(exp_hex, wif, c_wif, public_pair_sec, c_public_pair_sec, address_b58, c_address_b58): secret_exponent = int(exp_hex, 16) sec = h2b(public_pair_sec) c_sec = h2b(c_public_pair_sec) self.assertEqual(secret_exponent_to_wif(secret_exponent, compressed=False), wif) self.assertEqual(secret_exponent_to_wif(secret_exponent, compressed=True), c_wif) key = network.parse.wif(wif) exponent = key.secret_exponent() compressed = key.is_compressed() self.assertEqual(exponent, secret_exponent) self.assertFalse(compressed) key = network.parse.wif(c_wif) exponent = key.secret_exponent() compressed = key.is_compressed() self.assertEqual(exponent, secret_exponent) self.assertTrue(compressed) public_pair = secret_exponent * key._generator pk_public_pair = sec_to_public_pair(sec, key._generator) compressed = is_sec_compressed(sec) self.assertEqual(pk_public_pair, public_pair) self.assertFalse(is_sec_compressed(sec)) self.assertEqual(public_pair_to_sec(pk_public_pair, compressed=False), sec) pk_public_pair = sec_to_public_pair(c_sec, key._generator) compressed = is_sec_compressed(c_sec) self.assertEqual(pk_public_pair, public_pair) self.assertTrue(compressed) self.assertEqual(public_pair_to_sec(pk_public_pair, compressed=True), c_sec) bca = public_pair_to_bitcoin_address(pk_public_pair, compressed=True) self.assertEqual(bca, c_address_b58) self.assertEqual(bitcoin_address_to_hash160_sec(c_address_b58), public_pair_to_hash160_sec(pk_public_pair, compressed=True)) bca = public_pair_to_bitcoin_address(pk_public_pair, compressed=False) self.assertEqual(bca, address_b58) self.assertEqual(bitcoin_address_to_hash160_sec(address_b58), public_pair_to_hash160_sec(pk_public_pair, compressed=False))
def sec(self, use_uncompressed=None): """ Return the SEC representation of this key, if available. If use_uncompressed is not set, the preferred representation is returned. """ public_pair = self.public_pair() if public_pair is None: return None return public_pair_to_sec(public_pair, compressed=not self._use_uncompressed(use_uncompressed))
def sec(self, is_compressed=None): """ Return the SEC representation of this key, if available. """ if is_compressed is None: is_compressed = self.is_compressed() public_pair = self.public_pair() if public_pair is None: return None return public_pair_to_sec(public_pair, compressed=is_compressed)
def do_test(as_public_pair, as_sec, is_compressed, as_hash160_sec, as_bitcoin_address): self.assertEqual(sec_to_public_pair(as_sec, secp256k1_generator), as_public_pair) self.assertEqual(public_pair_to_sec(as_public_pair, compressed=is_compressed), as_sec) self.assertEqual(is_sec_compressed(as_sec), is_compressed) self.assertEqual(public_pair_to_hash160_sec(as_public_pair, compressed=is_compressed), as_hash160_sec) self.assertEqual(BitcoinMainnet.ui.address_for_p2pkh(as_hash160_sec), as_bitcoin_address) self.assertTrue(is_address_valid(as_bitcoin_address)) bad_address = as_bitcoin_address[:17] + chr(ord(as_bitcoin_address[17]) + 1) + as_bitcoin_address[18:] self.assertFalse(is_address_valid(bad_address))
def sec(self, use_uncompressed=None): """ Return the SEC representation of this key, if available. If use_uncompressed is not set, the preferred representation is returned. """ public_pair = self.public_pair() if public_pair is None: return None return public_pair_to_sec( public_pair, compressed=not self._use_uncompressed(use_uncompressed))
def ascend_bip32(bip32_pub_node, secret_exponent, child): """ Given a BIP32Node with public derivation child "child" with a known private key, return the secret exponent for the bip32_pub_node. """ i_as_bytes = struct.pack(">l", child) sec = public_pair_to_sec(bip32_pub_node.public_pair(), compressed=True) data = sec + i_as_bytes I64 = hmac.HMAC(key=bip32_pub_node._chain_code, msg=data, digestmod=hashlib.sha512).digest() I_left_as_exponent = from_bytes_32(I64[:32]) return (secret_exponent - I_left_as_exponent) % bip32_pub_node._generator.order()
def f(solved_values, **kwargs): the_hash = m["the_hash"] db = kwargs.get("hash160_lookup", {}) result = db.get(the_hash) if result is None: result = kwargs.get("sec_hints", {}).get(the_hash) if result: return {m["1"]: result} if result is None: raise SolvingError("can't find public pair for %s" % b2h(the_hash)) sec = public_pair_to_sec(result[1], compressed=result[2]) return {m["1"]: sec}
def ascend_bip32(bip32_pub_node, secret_exponent, child): """ Given a BIP32Node with public derivation child "child" with a known private key, return the secret exponent for the bip32_pub_node. """ i_as_bytes = struct.pack(">l", child) sec = public_pair_to_sec(bip32_pub_node.public_pair(), compressed=True) data = sec + i_as_bytes I64 = hmac.HMAC(key=bip32_pub_node._chain_code, msg=data, digestmod=hashlib.sha512).digest() I_left_as_exponent = from_bytes_32(I64[:32]) return (secret_exponent - I_left_as_exponent) % ORDER
def test_build_spends(self): # first, here is the tx database TX_DB = {} # create a coinbase Tx where we know the public & private key key = network.ui.parse("5JMys7YfK72cRVTrbwkq5paxU7vgkMypB55KyXEtN5uSnjV7K8Y") exponent = key.secret_exponent() compressed = False public_key_sec = public_pair_to_sec(exponent * secp256k1_generator, compressed=compressed) the_coinbase_tx = Tx.coinbase_tx(public_key_sec, int(50 * 1e8), COINBASE_BYTES_FROM_80971) TX_DB[the_coinbase_tx.hash()] = the_coinbase_tx # now create a Tx that spends the coinbase compressed = False exponent_2 = int("137f3276686959c82b454eea6eefc9ab1b9e45bd4636fb9320262e114e321da1", 16) address_2 = public_pair_to_bitcoin_address(exponent_2 * secp256k1_generator, compressed=compressed) self.assertEqual("12WivmEn8AUth6x6U8HuJuXHaJzDw3gHNZ", address_2) coins_from = [(the_coinbase_tx.hash(), 0, the_coinbase_tx.txs_out[0])] coins_to = [(int(50 * 1e8), address_2)] unsigned_coinbase_spend_tx = standard_tx(coins_from, coins_to) solver = build_hash160_lookup([exponent], [secp256k1_generator]) coinbase_spend_tx = unsigned_coinbase_spend_tx.sign(solver) TX_DB[coinbase_spend_tx.hash()] = coinbase_spend_tx # now try to respend from priv_key_2 to priv_key_3 compressed = True exponent_3 = int("f8d39b8ecd0e1b6fee5a340519f239097569d7a403a50bb14fb2f04eff8db0ff", 16) address_3 = public_pair_to_bitcoin_address(exponent_3 * secp256k1_generator, compressed=compressed) self.assertEqual("13zzEHPCH2WUZJzANymow3ZrxcZ8iFBrY5", address_3) coins_from = [(coinbase_spend_tx.hash(), 0, coinbase_spend_tx.txs_out[0])] unsigned_spend_tx = standard_tx(coins_from, [(int(50 * 1e8), address_3)]) solver.update(build_hash160_lookup([exponent_2], [secp256k1_generator])) spend_tx = unsigned_spend_tx.sign(solver) # now check that it validates self.assertEqual(spend_tx.bad_solution_count(), 0)
def do_test(as_public_pair, as_sec, is_compressed, as_hash160_sec, as_bitcoin_address): self.assertEqual(sec_to_public_pair(as_sec, secp256k1_generator), as_public_pair) self.assertEqual( public_pair_to_sec(as_public_pair, compressed=is_compressed), as_sec) self.assertEqual(is_sec_compressed(as_sec), is_compressed) self.assertEqual( public_pair_to_hash160_sec(as_public_pair, compressed=is_compressed), as_hash160_sec) self.assertEqual(network.address.for_p2pkh(as_hash160_sec), as_bitcoin_address) self.assertIsNotNone(network.parse.address(as_bitcoin_address)) bad_address = as_bitcoin_address[:17] + chr( ord(as_bitcoin_address[17]) + 1) + as_bitcoin_address[18:] self.assertIsNone(network.parse.address(bad_address))
def do_test(as_public_pair, as_sec, is_compressed, as_hash160_sec, as_bitcoin_address): self.assertEqual(sec_to_public_pair(as_sec, secp256k1_generator), as_public_pair) self.assertEqual( public_pair_to_sec(as_public_pair, compressed=is_compressed), as_sec) self.assertEqual(is_sec_compressed(as_sec), is_compressed) self.assertEqual( public_pair_to_hash160_sec(as_public_pair, compressed=is_compressed), as_hash160_sec) self.assertEqual( BitcoinMainnet.ui.address_for_p2pkh(as_hash160_sec), as_bitcoin_address) self.assertTrue(is_address_valid(as_bitcoin_address)) bad_address = as_bitcoin_address[:17] + chr( ord(as_bitcoin_address[17]) + 1) + as_bitcoin_address[18:] self.assertFalse(is_address_valid(bad_address))
def coinbase_tx(secret_exponent): public_pair = ecdsa.public_pair_for_secret_exponent( ecdsa.secp256k1.generator_secp256k1, secret_exponent) public_key_sec = public_pair_to_sec(public_pair) return Tx.coinbase_tx(public_key_sec, 2500000000)
from sys import stdin from pycoin.ecdsa import secp256r1 as p256 from pycoin.encoding import sec, hexbytes from pycoin.satoshi import der from secrets import randbelow from hashlib import sha256 generator = p256.secp256r1_generator privKey = randbelow(generator.order()) pubKey = generator * privKey sec_pub = sec.public_pair_to_sec(pubKey, compressed=False) print("pub: ", hexbytes.b2h(sec_pub)) # message = stdin.read() # message = "Hello, world!" message = "{{\n \"email\": \"[email protected]\",\n \"pubkey\": \"{}\",\n \"scheme\": \"secp256r1\",\n \"nonce\": \"d425dadb98c32e0d23ee3664d4aad64b57debbc062653102b59bd74ce4f64ad7\"\n}}".format( hexbytes.b2h(sec_pub)) digest = sha256(message.encode("utf-8")).digest() msg_hash = int.from_bytes(digest, byteorder="big") signature = generator.sign(privKey, msg_hash) print("message: ", message) # print("priv: ", privKey) der = der.sigencode_der(signature[0], signature[1]) # print("r:", signature[0]) # print("s:", signature[1]) print("sig: ", hexbytes.b2h(der)) valid = generator.verify(pubKey, msg_hash, signature) print("valid: ", valid)