#!/usr/bin/env python # # Electrum - lightweight bitcoinprivate client # Copyright (C) 2011 Thomas Voegtlin # # Permission is hereby granted, free of charge, to any person # obtaining a copy of this software and associated documentation files # (the "Software"), to deal in the Software without restriction, # including without limitation the rights to use, copy, modify, merge, # publish, distribute, sublicense, and/or sell copies of the Software, # and to permit persons to whom the Software is furnished to do so, # subject to the following conditions: # # The above copyright notice and this permission notice shall be # included in all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS # BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN # ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. # Note: The deserialization code originally comes from ABE. from .util import print_error, profiler from . import bitcoin from .bitcoin import * import struct import traceback import sys # # Workalike python implementation of bitcoinprivate's CDataStream class. # from .keystore import xpubkey_to_address, xpubkey_to_pubkey from pyblake2 import blake2b NO_SIGNATURE = 'ff' OVERWINTERED_VERSION_GROUP_ID = 0x03C48270 OVERWINTER_BRANCH_ID = 0x5BA81B19 SAPLING_VERSION_GROUP_ID = 0x892F2085 SAPLING_BRANCH_ID = 0x76B809BB BUBBLES_BRANCH_ID = 0x821A451C DIFFADJ_BRANCH_ID = 0x930B540D class TransactionVersionError(Exception): """ Thrown when there's a problem with transaction versioning """ class SerializationError(Exception): """ Thrown when there's a problem deserializing or serializing """ class UnknownTxinType(Exception): pass class NotRecognizedRedeemScript(Exception): pass class BCDataStream(object): def __init__(self): self.input = None self.read_cursor = 0 def clear(self): self.input = None self.read_cursor = 0 def write(self, _bytes): # Initialize with string of _bytes if self.input is None: self.input = bytearray(_bytes) else: self.input += bytearray(_bytes) def read_string(self, encoding='ascii'): # Strings are encoded depending on length: # 0 to 252 : 1-byte-length followed by bytes (if any) # 253 to 65,535 : byte'253' 2-byte-length followed by bytes # 65,536 to 4,294,967,295 : byte '254' 4-byte-length followed by bytes # ... and the bitcoinprivate client is coded to understand: # greater than 4,294,967,295 : byte '255' 8-byte-length followed by bytes of string # ... but I don't think it actually handles any strings that big. if self.input is None: raise SerializationError("call write(bytes) before trying to deserialize") length = self.read_compact_size() return self.read_bytes(length).decode(encoding) def write_string(self, string, encoding='ascii'): string = to_bytes(string, encoding) # Length-encoded as with read-string self.write_compact_size(len(string)) self.write(string) def read_bytes(self, length): try: result = self.input[self.read_cursor:self.read_cursor+length] self.read_cursor += length return result except IndexError: raise SerializationError("attempt to read past end of buffer") return '' def read_boolean(self): return self.read_bytes(1)[0] != chr(0) def read_int16(self): return self._read_num(' 0: result += " " if opcode <= opcodes.OP_PUSHDATA4: result += "%d:"%(opcode,) result += short_hex(vch) else: result += script_GetOpName(opcode) return result def match_decoded(decoded, to_match): if len(decoded) != len(to_match): return False; for i in range(len(decoded)): if to_match[i] == opcodes.OP_PUSHDATA4 and decoded[i][0] <= opcodes.OP_PUSHDATA4 and decoded[i][0]>0: continue # Opcodes below OP_PUSHDATA4 all just push data onto stack, and are equivalent. if to_match[i] != decoded[i][0]: return False return True def parse_sig(x_sig): return [None if x == NO_SIGNATURE else x for x in x_sig] def safe_parse_pubkey(x): try: return xpubkey_to_pubkey(x) except: return x def parse_scriptSig(d, _bytes): try: decoded = [ x for x in script_GetOp(_bytes) ] except Exception as e: # coinbase transactions raise an exception print_error("parse_scriptSig: cannot find address in input script (coinbase?)", bh2u(_bytes)) return match = [ opcodes.OP_PUSHDATA4 ] if match_decoded(decoded, match): item = decoded[0][1] if item[0] != 0: # assert item[0] == 0x30 # pay-to-pubkey d['type'] = 'p2pk' d['address'] = "(pubkey)" d['signatures'] = [bh2u(item)] d['num_sig'] = 1 d['x_pubkeys'] = ["(pubkey)"] d['pubkeys'] = ["(pubkey)"] return # p2pkh TxIn transactions push a signature # (71-73 bytes) and then their public key # (33 or 65 bytes) onto the stack: match = [ opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4 ] if match_decoded(decoded, match): sig = bh2u(decoded[0][1]) x_pubkey = bh2u(decoded[1][1]) try: signatures = parse_sig([sig]) pubkey, address = xpubkey_to_address(x_pubkey) except: print_error("parse_scriptSig: cannot find address in input script (p2pkh?)", bh2u(_bytes)) return d['type'] = 'p2pkh' d['signatures'] = signatures d['x_pubkeys'] = [x_pubkey] d['num_sig'] = 1 d['pubkeys'] = [pubkey] d['address'] = address return # p2sh transaction, m of n match = [ opcodes.OP_0 ] + [ opcodes.OP_PUSHDATA4 ] * (len(decoded) - 1) if match_decoded(decoded, match): x_sig = [bh2u(x[1]) for x in decoded[1:-1]] try: m, n, x_pubkeys, pubkeys, redeemScript = parse_redeemScript(decoded[-1][1]) except NotRecognizedRedeemScript: print_error("parse_scriptSig: cannot find address in input script (p2sh?)", bh2u(_bytes)) # we could still guess: # d['address'] = hash160_to_p2sh(hash_160(decoded[-1][1])) return # write result in d d['type'] = 'p2sh' d['num_sig'] = m d['signatures'] = parse_sig(x_sig) d['x_pubkeys'] = x_pubkeys d['pubkeys'] = pubkeys d['redeemScript'] = redeemScript d['address'] = hash160_to_p2sh(hash_160(bfh(redeemScript))) return print_error("parse_scriptSig: cannot find address in input script (unknown)", bh2u(_bytes)) def parse_redeemScript(s): dec2 = [ x for x in script_GetOp(s) ] try: m = dec2[0][0] - opcodes.OP_1 + 1 n = dec2[-2][0] - opcodes.OP_1 + 1 except IndexError: raise NotRecognizedRedeemScript() op_m = opcodes.OP_1 + m - 1 op_n = opcodes.OP_1 + n - 1 match_multisig = [ op_m ] + [opcodes.OP_PUSHDATA4]*n + [ op_n, opcodes.OP_CHECKMULTISIG ] if not match_decoded(dec2, match_multisig): raise NotRecognizedRedeemScript() x_pubkeys = [bh2u(x[1]) for x in dec2[1:-2]] pubkeys = [safe_parse_pubkey(x) for x in x_pubkeys] redeemScript = multisig_script(pubkeys, m) return m, n, x_pubkeys, pubkeys, redeemScript def get_address_from_output_script(_bytes, *, net=None): decoded = [x for x in script_GetOp(_bytes)] # The Genesis Block, self-payments, and pay-by-IP-address payments look like: # 65 BYTES:... CHECKSIG match = [ opcodes.OP_PUSHDATA4, opcodes.OP_CHECKSIG ] if match_decoded(decoded, match): return TYPE_PUBKEY, bh2u(decoded[0][1]) # Pay-by-bitcoinprivate-address TxOuts look like: # DUP HASH160 20 BYTES:... EQUALVERIFY CHECKSIG match = [ opcodes.OP_DUP, opcodes.OP_HASH160, opcodes.OP_PUSHDATA4, opcodes.OP_EQUALVERIFY, opcodes.OP_CHECKSIG ] if match_decoded(decoded, match): return TYPE_ADDRESS, hash160_to_p2pkh(decoded[2][1], net=net) # p2sh match = [ opcodes.OP_HASH160, opcodes.OP_PUSHDATA4, opcodes.OP_EQUAL ] if match_decoded(decoded, match): return TYPE_ADDRESS, hash160_to_p2sh(decoded[1][1], net=net) return TYPE_SCRIPT, bh2u(_bytes) def parse_input(vds): d = {} prevout_hash = hash_encode(vds.read_bytes(32)) prevout_n = vds.read_uint32() scriptSig = vds.read_bytes(vds.read_compact_size()) sequence = vds.read_uint32() d['prevout_hash'] = prevout_hash d['prevout_n'] = prevout_n d['sequence'] = sequence d['x_pubkeys'] = [] d['pubkeys'] = [] d['signatures'] = {} d['address'] = None d['num_sig'] = 0 if prevout_hash == '00'*32: d['type'] = 'coinbase' d['scriptSig'] = bh2u(scriptSig) else: d['type'] = 'unknown' if scriptSig: d['scriptSig'] = bh2u(scriptSig) try: parse_scriptSig(d, scriptSig) except BaseException: traceback.print_exc(file=sys.stderr) print_error('failed to parse scriptSig', bh2u(scriptSig)) else: d['scriptSig'] = '' return d def parse_output(vds, i): d = {} d['value'] = vds.read_int64() scriptPubKey = vds.read_bytes(vds.read_compact_size()) d['type'], d['address'] = get_address_from_output_script(scriptPubKey) d['scriptPubKey'] = bh2u(scriptPubKey) d['prevout_n'] = i return d def parse_join_split(vds): d = {} d['vpub_old'] = vds.read_uint64() d['vpub_new'] = vds.read_uint64() d['anchor'] = vds.read_bytes(32) d['nullifiers'] = vds.read_bytes(64) d['commitments'] = vds.read_bytes(64) d['ephemeralKey'] = vds.read_bytes(32) d['randomSeed'] = vds.read_bytes(32) d['vmacs'] = vds.read_bytes(64) d['zkproof'] = vds.read_bytes(296) d['encCiphertexts'] = vds.read_bytes(1202) return d def deserialize(raw): len_raw = len(raw) / 2 vds = BCDataStream() vds.write(bfh(raw)) d = {} start = vds.read_cursor header = vds.read_uint32() overwintered = True if header & 0x80000000 else False version = header & 0x7FFFFFFF if overwintered: if version not in [3, 4]: raise TransactionVersionError('Overwintered transaction' ' with invalid version=%d' % version) ver_group_id = vds.read_uint32() if (version == 3 and ver_group_id != OVERWINTERED_VERSION_GROUP_ID or version == 4 and ver_group_id != SAPLING_VERSION_GROUP_ID): raise TransactionVersionError('Overwintered transaction with wrong' ' versionGroupId=%X' % ver_group_id) d['versionGroupId'] = ver_group_id d['overwintered'] = overwintered d['version'] = version n_vin = vds.read_compact_size() d['inputs'] = [parse_input(vds) for i in range(n_vin)] n_vout = vds.read_compact_size() d['outputs'] = [parse_output(vds, i) for i in range(n_vout)] d['lockTime'] = vds.read_uint32() if overwintered: d['expiryHeight'] = vds.read_uint32() if version == 4: d['valueBalance'] = vds.read_int64() n_sh_sp = vds.read_compact_size() if n_sh_sp > 0: d['shieldedSpends'] = vds.read_bytes(n_sh_sp*384) n_sh_out = vds.read_compact_size() if n_sh_out > 0: d['shieldedOutputs'] = vds.read_bytes(n_sh_out*948) n_js = vds.read_compact_size() if n_js > 0: if version == 3: d['joinSplits'] = [parse_join_split(vds) for i in range(n_js)] else: d['joinSplits'] = vds.read_bytes(n_js*1698) d['joinSplitPubKey'] = vds.read_bytes(32) d['joinSplitSig'] = vds.read_bytes(64) if version == 4: d['bindingSig'] = vds.read_bytes(64) return d # pay & redeem scripts def multisig_script(public_keys, m): n = len(public_keys) assert n <= 15 assert m <= n op_m = format(opcodes.OP_1 + m - 1, 'x') op_n = format(opcodes.OP_1 + n - 1, 'x') keylist = [op_push(len(k)//2) + k for k in public_keys] return op_m + ''.join(keylist) + op_n + 'ae' class Transaction: def __str__(self): if self.raw is None: self.raw = self.serialize() return self.raw def __init__(self, raw): if raw is None: self.raw = None elif isinstance(raw, str): self.raw = raw.strip() if raw else None elif isinstance(raw, dict): self.raw = raw['hex'] else: raise Exception("cannot initialize transaction", raw) self._inputs = None self._outputs = None self.locktime = 0 self.version = 4 self.overwintered = True self.versionGroupId = SAPLING_VERSION_GROUP_ID self.expiryHeight = 0 self.valueBalance = 0 self.shieldedSpends = None self.shieldedOutputs = None self.joinSplits = None self.joinSplitPubKey = None self.joinSplitSig = None self.bindingSig = None def update(self, raw): self.raw = raw self._inputs = None self.deserialize() def inputs(self): if self._inputs is None: self.deserialize() return self._inputs def outputs(self): if self._outputs is None: self.deserialize() return self._outputs @classmethod def get_sorted_pubkeys(self, txin): # sort pubkeys and x_pubkeys, using the order of pubkeys if txin['type'] == 'coinbase': return [], [] x_pubkeys = txin['x_pubkeys'] pubkeys = txin.get('pubkeys') if pubkeys is None: pubkeys = [xpubkey_to_pubkey(x) for x in x_pubkeys] pubkeys, x_pubkeys = zip(*sorted(zip(pubkeys, x_pubkeys))) txin['pubkeys'] = pubkeys = list(pubkeys) txin['x_pubkeys'] = x_pubkeys = list(x_pubkeys) return pubkeys, x_pubkeys def update_signatures(self, raw): """Add new signatures to a transaction""" d = deserialize(raw) for i, txin in enumerate(self.inputs()): pubkeys, x_pubkeys = self.get_sorted_pubkeys(txin) sigs1 = txin.get('signatures') sigs2 = d['inputs'][i].get('signatures') for sig in sigs2: if sig in sigs1: continue pre_hash = Hash(bfh(self.serialize_preimage(i))) # der to string order = ecdsa.ecdsa.generator_secp256k1.order() r, s = ecdsa.util.sigdecode_der(bfh(sig[:-2]), order) sig_string = ecdsa.util.sigencode_string(r, s, order) compressed = True for recid in range(4): public_key = MyVerifyingKey.from_signature(sig_string, recid, pre_hash, curve = SECP256k1) pubkey = bh2u(point_to_ser(public_key.pubkey.point, compressed)) if pubkey in pubkeys: public_key.verify_digest(sig_string, pre_hash, sigdecode = ecdsa.util.sigdecode_string) j = pubkeys.index(pubkey) print_error("adding sig", i, j, pubkey, sig) self._inputs[i]['signatures'][j] = sig #self._inputs[i]['x_pubkeys'][j] = pubkey break # redo raw self.raw = self.serialize() def deserialize(self): if self.raw is None: return #self.raw = self.serialize() if self._inputs is not None: return d = deserialize(self.raw) self._inputs = d['inputs'] self._outputs = [(x['type'], x['address'], x['value']) for x in d['outputs']] self.locktime = d['lockTime'] self.version = d['version'] self.overwintered = d['overwintered'] self.versionGroupId = d.get('versionGroupId') self.expiryHeight = d.get('expiryHeight', 0) self.valueBalance = d.get('valueBalance', 0) self.shieldedSpends = d.get('shieldedSpends') self.shieldedOutputs = d.get('shieldedOutputs') self.joinSplits = d.get('joinSplits') self.joinSplitPubKey = d.get('joinSplitPubKey') self.joinSplitSig = d.get('joinSplitSig') self.bindingSig = d.get('bindingSig') return d @classmethod def from_io(klass, inputs, outputs, locktime=0): self = klass(None) self._inputs = inputs self._outputs = outputs self.locktime = locktime return self @classmethod def pay_script(self, output_type, addr): if output_type == TYPE_SCRIPT: return addr elif output_type == TYPE_ADDRESS: return bitcoin.address_to_script(addr) elif output_type == TYPE_PUBKEY: return bitcoin.public_key_to_p2pk_script(addr) else: raise TypeError('Unknown output type') @classmethod def estimate_pubkey_size_from_x_pubkey(cls, x_pubkey): try: if x_pubkey[0:2] in ['02', '03']: # compressed pubkey return 0x21 elif x_pubkey[0:2] == '04': # uncompressed pubkey return 0x41 elif x_pubkey[0:2] == 'ff': # bip32 extended pubkey return 0x21 elif x_pubkey[0:2] == 'fe': # old electrum extended pubkey return 0x41 except Exception as e: pass return 0x21 # just guess it is compressed @classmethod def estimate_pubkey_size_for_txin(cls, txin): pubkeys = txin.get('pubkeys', []) x_pubkeys = txin.get('x_pubkeys', []) if pubkeys and len(pubkeys) > 0: return cls.estimate_pubkey_size_from_x_pubkey(pubkeys[0]) elif x_pubkeys and len(x_pubkeys) > 0: return cls.estimate_pubkey_size_from_x_pubkey(x_pubkeys[0]) else: return 0x21 # just guess it is compressed @classmethod def get_siglist(self, txin, estimate_size=False): # if we have enough signatures, we use the actual pubkeys # otherwise, use extended pubkeys (with bip32 derivation) if txin['type'] == 'coinbase': return [], [] num_sig = txin.get('num_sig', 1) if estimate_size: pubkey_size = self.estimate_pubkey_size_for_txin(txin) pk_list = ["00" * pubkey_size] * len(txin.get('x_pubkeys', [None])) # we assume that signature will be 0x48 bytes long sig_list = [ "00" * 0x48 ] * num_sig else: pubkeys, x_pubkeys = self.get_sorted_pubkeys(txin) x_signatures = txin['signatures'] signatures = list(filter(None, x_signatures)) is_complete = len(signatures) == num_sig if is_complete: pk_list = pubkeys sig_list = signatures else: pk_list = x_pubkeys sig_list = [sig if sig else NO_SIGNATURE for sig in x_signatures] return pk_list, sig_list @classmethod def input_script(self, txin, estimate_size=False): _type = txin['type'] if _type == 'coinbase': return txin['scriptSig'] pubkeys, sig_list = self.get_siglist(txin, estimate_size) script = ''.join(push_script(x) for x in sig_list) if _type == 'p2pk': pass elif _type == 'p2sh': # put op_0 before script script = '00' + script redeem_script = multisig_script(pubkeys, txin['num_sig']) script += push_script(redeem_script) elif _type == 'p2pkh': script += push_script(pubkeys[0]) elif _type == 'address': script += push_script(pubkeys[0]) elif _type == 'unknown': return txin['scriptSig'] return script @classmethod def is_txin_complete(cls, txin): if txin['type'] == 'coinbase': return True num_sig = txin.get('num_sig', 1) x_signatures = txin['signatures'] signatures = list(filter(None, x_signatures)) return len(signatures) == num_sig @classmethod def get_preimage_script(self, txin): pubkeys, x_pubkeys = self.get_sorted_pubkeys(txin) if txin['type'] == 'p2pkh': return bitcoin.address_to_script(txin['address']) elif txin['type'] in ['p2sh']: return multisig_script(pubkeys, txin['num_sig']) elif txin['type'] == 'p2pk': pubkey = pubkeys[0] return bitcoin.public_key_to_p2pk_script(pubkey) else: raise TypeError('Unknown txin type', txin['type']) @classmethod def serialize_outpoint(self, txin): return bh2u(bfh(txin['prevout_hash'])[::-1]) + int_to_hex(txin['prevout_n'], 4) @classmethod def get_outpoint_from_txin(cls, txin): if txin['type'] == 'coinbase': return None prevout_hash = txin['prevout_hash'] prevout_n = txin['prevout_n'] return prevout_hash + ':%d' % prevout_n @classmethod def serialize_input(self, txin, script): # Prev hash and index s = self.serialize_outpoint(txin) # Script length, script, sequence s += var_int(len(script)//2) s += script s += int_to_hex(txin.get('sequence', 0xffffffff - 1), 4) return s def BIP_LI01_sort(self): # See https://github.com/kristovatlas/rfc/blob/master/bips/bip-li01.mediawiki self._inputs.sort(key = lambda i: (i['prevout_hash'], i['prevout_n'])) self._outputs.sort(key = lambda o: (o[2], self.pay_script(o[0], o[1]))) def serialize_output(self, output): output_type, addr, amount = output s = int_to_hex(amount, 8) script = self.pay_script(output_type, addr) s += var_int(len(script)//2) s += script return s def serialize_join_split(self, js): s = int_to_hex(js['vpub_old'], 8) s += int_to_hex(js['vpub_new'], 8) s += js['anchor'] s += js['nullifiers'] s += js['commitments'] s += js['ephemeralKey'] s += js['randomSeed'] s += js['vmacs'] s += js['zkproof'] s += js['encCiphertexts'] return s def serialize_preimage(self, i): overwintered = self.overwintered version = self.version nHashType = int_to_hex(1, 4) nLocktime = int_to_hex(self.locktime, 4) inputs = self.inputs() outputs = self.outputs() txin = inputs[i] # TODO: py3 hex if overwintered: nHeader = int_to_hex(0x80000000 | version, 4) nVersionGroupId = int_to_hex(self.versionGroupId, 4) s_prevouts = bfh(''.join(self.serialize_outpoint(txin) for txin in inputs)) hashPrevouts = blake2b(s_prevouts, digest_size=32, person=b'ZcashPrevoutHash').hexdigest() s_sequences = bfh(''.join(int_to_hex(txin.get('sequence', 0xffffffff - 1), 4) for txin in inputs)) hashSequence = blake2b(s_sequences, digest_size=32, person=b'ZcashSequencHash').hexdigest() s_outputs = bfh(''.join(self.serialize_output(o) for o in outputs)) hashOutputs = blake2b(s_outputs, digest_size=32, person=b'ZcashOutputsHash').hexdigest() joinSplits = self.joinSplits #if joinSplits is None: # hashJoinSplits = '00'*32 #else: # s_joinSplits = bfh(''.join(self.serialize_join_split(j) for j in joinSplits)) # s_joinSplits += self.joinSplitPubKey # hashJoinSplits = blake2b(s_joinSplits, digest_size=32, person=b'bitcoinprivateJSplitsHash').hexdigest() hashJoinSplits = '00'*32 hashShieldedSpends = '00'*32 hashShieldedOutputs = '00'*32 nExpiryHeight = int_to_hex(self.expiryHeight, 4) nValueBalance = int_to_hex(self.valueBalance, 8) txin = inputs[i] preimage_script = self.get_preimage_script(txin) scriptCode = var_int(len(preimage_script) // 2) + preimage_script preimage = ( nHeader + nVersionGroupId + hashPrevouts + hashSequence + hashOutputs + hashJoinSplits + hashShieldedSpends + hashShieldedOutputs + nLocktime + nExpiryHeight + nValueBalance + nHashType + self.serialize_outpoint(txin) + scriptCode + int_to_hex(txin['value'], 8) + int_to_hex(txin.get('sequence', 0xffffffff - 1), 4) ) else: nVersion = int_to_hex(version, 4) txins = var_int(len(inputs)) + ''.join(self.serialize_input(txin, self.get_preimage_script(txin) if i==k else '') for k, txin in enumerate(inputs)) txouts = var_int(len(outputs)) + ''.join(self.serialize_output(o) for o in outputs) preimage = nVersion + txins + txouts + nLocktime + nHashType return preimage def serialize(self, estimate_size=False): nVersion = int_to_hex(self.version, 4) nLocktime = int_to_hex(self.locktime, 4) inputs = self.inputs() outputs = self.outputs() txins = var_int(len(inputs)) + ''.join(self.serialize_input(txin, self.input_script(txin, estimate_size)) for txin in inputs) txouts = var_int(len(outputs)) + ''.join(self.serialize_output(o) for o in outputs) if self.overwintered: nVersion = int_to_hex(0x80000000 | self.version, 4) nVersionGroupId = int_to_hex(self.versionGroupId, 4) nExpiryHeight = int_to_hex(self.expiryHeight, 4) nValueBalance = int_to_hex(self.valueBalance, 8) return (nVersion + nVersionGroupId + txins + txouts + nLocktime + nExpiryHeight + nValueBalance + '00' + '00' + '00') else: return nVersion + txins + txouts + nLocktime def hash(self): print("warning: deprecated tx.hash()") return self.txid() def txid(self): if not self.is_complete(): return None ser = self.serialize() return bh2u(Hash(bfh(ser))[::-1]) def add_inputs(self, inputs): self._inputs.extend(inputs) self.raw = None def add_outputs(self, outputs): self._outputs.extend(outputs) self.raw = None def input_value(self): return sum(x['value'] for x in self.inputs()) def output_value(self): return sum(val for tp, addr, val in self.outputs()) def get_fee(self): return self.input_value() - self.output_value() def is_final(self): return not any([x.get('sequence', 0xffffffff - 1) < 0xffffffff - 1 for x in self.inputs()]) @profiler def estimated_size(self): """Return an estimated virtual tx size in vbytes. BIP-0141 defines 'Virtual transaction size' to be weight/4 rounded up. This definition is only for humans, and has little meaning otherwise. If we wanted sub-byte precision, fee calculation should use transaction weights, but for simplicity we approximate that with (virtual_size)x4 """ weight = self.estimated_weight() return self.virtual_size_from_weight(weight) @classmethod def estimated_input_weight(cls, txin): '''Return an estimate of serialized input weight in weight units.''' script = cls.input_script(txin, True) input_size = len(cls.serialize_input(txin, script)) // 2 return 4 * input_size @classmethod def estimated_output_size(cls, address): """Return an estimate of serialized output size in bytes.""" script = bitcoin.address_to_script(address) # 8 byte value + 1 byte script len + script return 9 + len(script) // 2 @classmethod def virtual_size_from_weight(cls, weight): return weight // 4 + (weight % 4 > 0) def estimated_total_size(self): """Return an estimated total transaction size in bytes.""" return len(self.serialize(True)) // 2 if not self.is_complete() or self.raw is None else len(self.raw) // 2 # ASCII hex string def estimated_base_size(self): """Return an estimated base transaction size in bytes.""" return self.estimated_total_size() def estimated_weight(self): """Return an estimate of transaction weight.""" total_tx_size = self.estimated_total_size() base_tx_size = self.estimated_base_size() return 3 * base_tx_size + total_tx_size def signature_count(self): r = 0 s = 0 for txin in self.inputs(): if txin['type'] == 'coinbase': continue signatures = list(filter(None, txin.get('signatures',[]))) s += len(signatures) r += txin.get('num_sig',-1) return s, r def is_complete(self): s, r = self.signature_count() return r == s def sign(self, keypairs): for i, txin in enumerate(self.inputs()): num = txin['num_sig'] pubkeys, x_pubkeys = self.get_sorted_pubkeys(txin) for j, x_pubkey in enumerate(x_pubkeys): signatures = list(filter(None, txin['signatures'])) if len(signatures) == num: # txin is complete break if x_pubkey in keypairs.keys(): print_error("adding signature for", x_pubkey) sec, compressed = keypairs.get(x_pubkey) pubkey = public_key_from_private_key(sec, compressed) # add signature if self.overwintered: data = bfh(self.serialize_preimage(i)) person = b'ZcashSigHash' + DIFFADJ_BRANCH_ID.to_bytes(4, 'little') pre_hash = blake2b(data, digest_size=32, person=person).digest() else: pre_hash = Hash(bfh(self.serialize_preimage(i))) pkey = regenerate_key(sec) secexp = pkey.secret private_key = bitcoin.MySigningKey.from_secret_exponent(secexp, curve = SECP256k1) public_key = private_key.get_verifying_key() sig = private_key.sign_digest_deterministic(pre_hash, hashfunc=hashlib.sha256, sigencode = ecdsa.util.sigencode_der_canonize) if not public_key.verify_digest(sig, pre_hash, sigdecode = ecdsa.util.sigdecode_der): raise Exception('Sanity check verifying our own signature failed.') txin['signatures'][j] = bh2u(sig) + '01' #txin['x_pubkeys'][j] = pubkey txin['pubkeys'][j] = pubkey # needed for fd keys self._inputs[i] = txin print_error("is_complete", self.is_complete()) self.raw = self.serialize() def get_outputs(self): """convert pubkeys to addresses""" o = [] for type, x, v in self.outputs(): if type == TYPE_ADDRESS: addr = x elif type == TYPE_PUBKEY: addr = bitcoin.public_key_to_p2pkh(bfh(x)) else: addr = 'SCRIPT ' + x o.append((addr,v)) # consider using yield (addr, v) return o def get_output_addresses(self): return [addr for addr, val in self.get_outputs()] def has_address(self, addr): return (addr in self.get_output_addresses()) or (addr in (tx.get("address") for tx in self.inputs())) def as_dict(self): if self.raw is None: self.raw = self.serialize() self.deserialize() out = { 'hex': self.raw, 'complete': self.is_complete(), 'final': self.is_final(), } return out def tx_from_str(txt): "json or raw hexadecimal" import json txt = txt.strip() if not txt: raise ValueError("empty string") try: bfh(txt) is_hex = True except: is_hex = False if is_hex: return txt tx_dict = json.loads(str(txt)) assert "hex" in tx_dict.keys() return tx_dict["hex"]