Example #1
0
// Generate a new stealth address
func new_stealth_address(prv_key []byte) {
	sk, er := hex.DecodeString(*scankey)
	if er != nil {
		println(er.Error())
		os.Exit(1)
	}
	if len(sk) != 33 || sk[0] != 2 && sk[0] != 3 {
		println("scankey must be a compressed public key (33 bytes long)")
		os.Exit(1)
	}

	if *prefix > 16 {
		if *prefix > 24 {
			fmt.Println("The stealth prefix cannot be bigger than 32", *prefix)
			os.Exit(1)
		}
		fmt.Println("WARNING: You chose a prifix length of", *prefix)
		fmt.Println("WARNING: Big prefixes endanger your anonymity.")
	}

	pub := btc.PublicFromPrivate(prv_key, true)
	if pub == nil {
		println("PublicFromPrivate error 2")
		os.Exit(1)
	}

	sa := new(btc.StealthAddr)
	sa.Version = btc.StealthAddressVersion(*testnet)
	sa.Options = 0
	copy(sa.ScanKey[:], sk)
	sa.SpendKeys = make([][33]byte, 1)
	copy(sa.SpendKeys[0][:], pub)
	sa.Sigs = 1
	sa.Prefix = make([]byte, 1+(byte(*prefix)+7)>>3)
	if *prefix > 0 {
		sa.Prefix[0] = byte(*prefix)
		rand.Read(sa.Prefix[1:])
	}
	fmt.Println(sa.String())
}
Example #2
0
func newAddressInfoFromWord(word string) *AddressInfo {
	sha256Hash := sha256.New()
	_, err := sha256Hash.Write([]byte(word))
	if err != nil {
		panic(err)
	}
	privateKey := sha256Hash.Sum(nil)

	publicKey, err := btc.PublicFromPrivate(privateKey, false)
	if err != nil {
		panic(err)
	}

	address := btc.NewAddrFromPubkey(publicKey, btc.ADDRVER_BTC).String()

	resp, err := http.Get("http://blockchain.info/address/" + address + "?format=json")
	if err != nil {
		panic(err)
	}
	defer resp.Body.Close()

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		panic(err)
	}

	var addressInfo AddressInfo
	err = json.Unmarshal(body, &addressInfo)
	if err != nil {
		panic(err)
	}

	addressInfo.Word = word
	addressInfo.Key = hex.EncodeToString(privateKey)

	return &addressInfo
}
Example #3
0
func do_scan_stealth(p string, ignore_prefix bool) {
	sa, _ := btc.NewStealthAddrFromString(p)
	if sa == nil {
		fmt.Println("Specify base58 encoded stealth address")
		return
	}
	if sa.Version != btc.StealthAddressVersion(common.CFG.Testnet) {
		fmt.Println("Incorrect version of the stealth address")
		return
	}
	if len(sa.SpendKeys) != 1 {
		fmt.Println("Currently only single spend keys are supported. This address has", len(sa.SpendKeys))
		return
	}

	//fmt.Println("scankey", hex.EncodeToString(sa.ScanKey[:]))
	if ignore_prefix {
		sa.Prefix = []byte{0}
		fmt.Println("Ignoring Prefix inside the address")
	} else if len(sa.Prefix) == 0 {
		fmt.Println("Prefix not present in the address")
	} else {
		fmt.Println("Prefix", sa.Prefix[0], hex.EncodeToString(sa.Prefix[1:]))
	}

	ds := wallet.FetchStealthKeys()
	if len(ds) == 0 {
		return
	}

	defer func() {
		for i := range ds {
			utils.ClearBuffer(ds[i])
		}
	}() // clear the keys in mem after all

	var d []byte

	for i := range ds {
		if bytes.Equal(btc.PublicFromPrivate(ds[i], true), sa.ScanKey[:]) {
			d = ds[i]
		}
	}

	if d == nil {
		fmt.Println("No matching secret found your wallet/stealth folder")
		return
	}

	var pos []*btc.TxPrevOut
	cs := make(map[uint64][]byte)
	as := make(map[uint64]*btc.BtcAddr)
	var ncnt uint

	common.BlockChain.Unspent.ScanStealth(sa, func(eth, txid []byte, vout uint32, scr []byte) bool {
		if len(scr) == 25 && scr[0] == 0x76 && scr[1] == 0xa9 && scr[2] == 0x14 && scr[23] == 0x88 && scr[24] == 0xac {
			var h160 [20]byte
			//yes := btc.NewUint256(txid).String()=="9cc90ff2528b49dfd9c53e5e90c98a1fd45d577af7f3a9e7a9f8a86b52fb0280"
			c := btc.StealthDH(eth, d)
			spen_exp := btc.DeriveNextPublic(sa.SpendKeys[0][:], c)
			btc.RimpHash(spen_exp, h160[:])
			if bytes.Equal(scr[3:23], h160[:]) {
				po := new(btc.TxPrevOut)
				copy(po.Hash[:], txid)
				po.Vout = vout
				pos = append(pos, po)
				cs[po.UIdx()] = c
				as[po.UIdx()] = btc.NewAddrFromHash160(h160[:], btc.AddrVerPubkey(common.CFG.Testnet))
			}
			ncnt++
			/*fmt.Printf("%s with c=%s",
				btc.NewAddrFromHash160(h160[:], btc.AddrVerPubkey(common.CFG.Testnet)).String(),
				hex.EncodeToString(c))
			fmt.Println()*/
			return true
		} else {
			return false
		}
	})

	fmt.Println(len(pos), "outputs, out of", ncnt, "notifications belonged to our wallet")

	var unsp btc.AllUnspentTx
	for i := range pos {
		po, e := common.BlockChain.Unspent.UnspentGet(pos[i])
		if e != nil {
			println("UnspentGet:", e.Error())
			println("This should not happen - please, report a bug.")
			println("You can probably fix it by launching the client with -rescan")
			os.Exit(1)
		}
		//fmt.Println(btc.NewUint256(pos[i].Hash[:]), pos[i].Vout+1, hex.EncodeToString(cs[pos[i].UIdx()]))
		one := &btc.OneUnspentTx{
			TxPrevOut: *pos[i],
			Value:     po.Value,
			MinedAt:   po.BlockHeight,
			BtcAddr:   as[pos[i].UIdx()],
			StealthC:  cs[pos[i].UIdx()]}
		unsp = append(unsp, one)
	}
	sort.Sort(unsp)
	os.RemoveAll("balance")
	os.MkdirAll("balance/", 0770)
	utxt, _ := os.Create("balance/unspent.txt")
	fmt.Print(wallet.DumpBalance(unsp, utxt, true, false))
}
Example #4
0
func load_others() {
	f, e := os.Open(RawKeysFilename)
	if e == nil {
		defer f.Close()
		td := bufio.NewReader(f)
		for {
			li, _, _ := td.ReadLine()
			if li == nil {
				break
			}
			pk := strings.SplitN(strings.Trim(string(li), " "), " ", 2)
			if pk[0][0] == '#' {
				continue // Just a comment-line
			}

			pkb := btc.Decodeb58(pk[0])

			if pkb == nil {
				println("Decodeb58 failed:", pk[0][:6])
				continue
			}

			if len(pkb) != 37 && len(pkb) != 38 {
				println(pk[0][:6], "has wrong key", len(pkb))
				println(hex.EncodeToString(pkb))
				continue
			}

			if pkb[0] != privver {
				println(pk[0][:6], "has version", pkb[0], "while we expect", privver)
				if pkb[0] == 0xef {
					fmt.Println("You probably meant testnet, so use -t switch")
					os.Exit(0)
				} else {
					continue
				}
			}

			var sh [32]byte
			var compr bool

			if len(pkb) == 37 {
				// compressed key
				sh = btc.Sha2Sum(pkb[0:33])
				if !bytes.Equal(sh[:4], pkb[33:37]) {
					println(pk[0][:6], "checksum error")
					continue
				}
				compr = false
			} else {
				if pkb[33] != 1 {
					println(pk[0][:6], "a key of length 38 bytes must be compressed")
					continue
				}

				sh = btc.Sha2Sum(pkb[0:34])
				if !bytes.Equal(sh[:4], pkb[34:38]) {
					println(pk[0][:6], "checksum error")
					continue
				}
				compr = true
			}

			key := pkb[1:33]
			pub, er := btc.PublicFromPrivate(key, compr)
			if er != nil {
				println("PublicFromPrivate:", e.Error())
				os.Exit(1)
			}

			priv_keys = append(priv_keys, key)
			publ_addrs = append(publ_addrs, btc.NewAddrFromPubkey(pub, verbyte))
			if len(pk) > 1 {
				labels = append(labels, pk[1])
			} else {
				labels = append(labels, fmt.Sprint("Other ", len(priv_keys)))
			}
		}
		if *verbose {
			fmt.Println(len(priv_keys), "keys imported from", RawKeysFilename)
		}
	} else {
		if *verbose {
			fmt.Println("You can also have some dumped (b58 encoded) priv keys in file", RawKeysFilename)
		}
	}
}
Example #5
0
// Get the secret seed and generate "*keycnt" key pairs (both private and public)
func make_wallet() {
	var lab string

	if *testnet {
		verbyte = 0x6f
		privver = 0xef
	} else {
		// verbyte is be zero by definition
		privver = 0x80
	}
	load_others()

	pass := getpass()
	seed_key := make([]byte, 32)
	btc.ShaHash([]byte(pass), seed_key)
	if *waltype == 3 {
		lab = "TypC"
	} else if *waltype == 2 {
		if *type2sec != "" {
			d, e := hex.DecodeString(*type2sec)
			if e != nil {
				println("t2sec error:", e.Error())
				os.Exit(1)
			}
			type2_secret = new(big.Int).SetBytes(d)
		} else {
			var buf [32]byte
			btc.ShaHash([]byte(pass+pass), buf[:])
			type2_secret = new(big.Int).SetBytes(buf[:])
		}
		lab = "TypB"
	} else {
		lab = "TypA"
	}
	if pass != "" {
		if *verbose {
			fmt.Println("Generating", *keycnt, "keys, version", verbyte, "...")
		}
		for i := uint(0); i < *keycnt; {
			prv_key := make([]byte, 32)
			if *waltype == 3 {
				btc.ShaHash(seed_key, prv_key)
				seed_key = append(seed_key, byte(i))
			} else if *waltype == 2 {
				seed_key = btc.DeriveNextPrivate(new(big.Int).SetBytes(seed_key), type2_secret).Bytes()
				copy(prv_key, seed_key)
			} else {
				btc.ShaHash(seed_key, prv_key)
				copy(seed_key, prv_key)
			}
			priv_keys = append(priv_keys, prv_key)
			pub, er := btc.PublicFromPrivate(prv_key, !*uncompressed)
			if er == nil {
				publ_addrs = append(publ_addrs, btc.NewAddrFromPubkey(pub, verbyte))
				labels = append(labels, fmt.Sprint(lab, " ", i+1))
				i++
			} else {
				println("PublicFromPrivate:", er.Error())
			}
		}
		if *verbose {
			fmt.Println("Private keys re-generated")
		}
	}
}
Example #6
0
// load the content of the "balance/" folder
func load_balance(showbalance bool) {
	var unknownInputs, multisigInputs int
	f, e := os.Open("balance/unspent.txt")
	if e != nil {
		println(e.Error())
		return
	}
	rd := bufio.NewReader(f)
	for {
		l, _, e := rd.ReadLine()
		if len(l) == 0 && e != nil {
			break
		}
		if l[64] == '-' {
			txid := btc.NewUint256FromString(string(l[:64]))
			rst := strings.SplitN(string(l[65:]), " ", 2)
			vout, _ := strconv.ParseUint(rst[0], 10, 32)
			uns := new(btc.TxPrevOut)
			copy(uns.Hash[:], txid.Hash[:])
			uns.Vout = uint32(vout)
			lab := ""
			if len(rst) > 1 {
				lab = rst[1]
			}

			str := string(l)
			if sti := strings.Index(str, "_StealthC:"); sti != -1 {
				c, e := hex.DecodeString(str[sti+10 : sti+10+64])
				if e != nil {
					fmt.Println("ERROR at stealth", txid.String(), vout, e.Error())
				} else {
					// add a new key to the wallet
					sec := btc.DeriveNextPrivate(first_seed[:], c)
					is_stealth[len(priv_keys)] = true
					priv_keys = append(priv_keys, sec)
					labels = append(labels, lab)
					pub_key := btc.PublicFromPrivate(sec, true)
					publ_addrs = append(publ_addrs, btc.NewAddrFromPubkey(pub_key, btc.AddrVerPubkey(*testnet)))
					compressed_key = append(compressed_key, true) // stealth keys are always compressed
				}
			}

			if _, ok := loadedTxs[txid.Hash]; !ok {
				tf, _ := os.Open("balance/" + txid.String() + ".tx")
				if tf != nil {
					siz, _ := tf.Seek(0, os.SEEK_END)
					tf.Seek(0, os.SEEK_SET)
					buf := make([]byte, siz)
					tf.Read(buf)
					tf.Close()
					th := btc.Sha2Sum(buf)
					if bytes.Equal(th[:], txid.Hash[:]) {
						tx, _ := btc.NewTx(buf)
						if tx != nil {
							loadedTxs[txid.Hash] = tx
						} else {
							println("transaction is corrupt:", txid.String())
						}
					} else {
						println("transaction file is corrupt:", txid.String())
						os.Exit(1)
					}
				} else {
					println("transaction file not found:", txid.String())
					os.Exit(1)
				}
			}

			// Sum up all the balance and check if we have private key for this input
			uo := UO(uns)

			add_it := true

			if !btc.IsP2SH(uo.Pk_script) {
				fnd := false
				for j := range publ_addrs {
					if publ_addrs[j].Owns(uo.Pk_script) {
						fnd = true
						break
					}
				}

				if !fnd {
					if *onlvalid {
						add_it = false
					}
					if showbalance {
						unknownInputs++
						if *verbose {
							ss := uns.String()
							ss = ss[:8] + "..." + ss[len(ss)-12:]
							fmt.Println(ss, "does not belong to your wallet (cannot sign it)")
						}
					}
				}
			} else {
				if *onlvalid {
					add_it = false
				}
				if *verbose {
					ss := uns.String()
					ss = ss[:8] + "..." + ss[len(ss)-12:]
					fmt.Println(ss, "belongs to a multisig address")
				}
				multisigInputs++
			}

			if add_it {
				unspentOuts = append(unspentOuts, uns)
				unspentOutsLabel = append(unspentOutsLabel, lab)
				totBtc += UO(uns).Value
			}
		}
	}
	f.Close()
	fmt.Printf("You have %.8f BTC in %d unspent outputs. %d inputs are multisig type\n",
		float64(totBtc)/1e8, len(unspentOuts), multisigInputs)
	if showbalance {
		if unknownInputs > 0 {
			fmt.Printf("WARNING: Some inputs (%d) cannot be spent with this password (-v to print them)\n", unknownInputs)
		}
	}
}
Example #7
0
// Get the secret seed and generate "*keycnt" key pairs (both private and public)
func make_wallet() {
	var lab string

	if *testnet {
		verbyte = 0x6f
		privver = 0xef
	} else {
		// verbyte is be zero by definition
		privver = 0x80
	}
	load_others()

	seed_key := make([]byte, 32)
	if !getseed(seed_key) {
		os.Exit(0)
	}

	defer func() {
		utils.ClearBuffer(seed_key)
	}()

	if *waltype == 3 {
		lab = "TypC"
	} else if *waltype == 2 {
		if *type2sec != "" {
			d, e := hex.DecodeString(*type2sec)
			if e != nil {
				println("t2sec error:", e.Error())
				os.Exit(1)
			}
			type2_secret = d
		} else {
			type2_secret = make([]byte, 20)
			btc.RimpHash(seed_key, type2_secret)
		}
		lab = "TypB"
	} else {
		lab = "TypA"
	}

	if *verbose {
		fmt.Println("Generating", *keycnt, "keys, version", verbyte, "...")
	}
	for i := uint(0); i < *keycnt; {
		prv_key := make([]byte, 32)
		if *waltype == 3 {
			btc.ShaHash(seed_key, prv_key)
			seed_key = append(seed_key, byte(i))
		} else if *waltype == 2 {
			seed_key = btc.DeriveNextPrivate(seed_key, type2_secret)
			copy(prv_key, seed_key)
		} else {
			btc.ShaHash(seed_key, prv_key)
			copy(seed_key, prv_key)
		}
		priv_keys = append(priv_keys, prv_key)
		if *scankey != "" {
			new_stealth_address(prv_key)
			return
		}

		// for stealth keys
		if i == 0 {
			copy(first_seed[:], prv_key)
		}
		compressed_key = append(compressed_key, !*uncompressed)
		pub := btc.PublicFromPrivate(prv_key, !*uncompressed)
		if pub != nil {
			adr := btc.NewAddrFromPubkey(pub, verbyte)

			if *pubkey != "" && *pubkey == adr.String() {
				fmt.Println(adr.String(), "=>", hex.EncodeToString(pub))
				return
			}
			publ_addrs = append(publ_addrs, adr)
			labels = append(labels, fmt.Sprint(lab, " ", i+1))
			i++
		} else {
			println("PublicFromPrivate error 3")
		}
	}
	if *verbose {
		fmt.Println("Private keys re-generated")
	}
}
Example #8
0
// Thanks @dabura667 - https://bitcointalk.org/index.php?topic=590349.msg6560332#msg6560332
func stealth_txout(sa *btc.StealthAddr, value uint64) (res []*btc.TxOut) {
	if sa.Version != btc.StealthAddressVersion(*testnet) {
		fmt.Println("ERROR: Unsupported version of a stealth address", sa.Version)
		os.Exit(1)
	}

	if len(sa.SpendKeys) != 1 {
		fmt.Println("ERROR: Currently only non-multisig stealth addresses are supported",
			len(sa.SpendKeys))
		os.Exit(1)
	}

	// Make two outpus
	res = make([]*btc.TxOut, 2)
	var e, ephemkey, pkscr []byte
	var nonce, nonce_from uint32
	var look4pref bool
	sha := sha256.New()

	// 6. create a new pub/priv keypair (lets call its pubkey "ephemkey" and privkey "e")
pick_different_e:
	e = make([]byte, 32)
	rand.Read(e)
	defer utils.ClearBuffer(e)
	ephemkey = btc.PublicFromPrivate(e, true)
	if *verbose {
		fmt.Println("e", hex.EncodeToString(e))
		fmt.Println("ephemkey", hex.EncodeToString(ephemkey))
	}

	// 7. IF there is a prefix in the stealth address, brute force a nonce such
	// that SHA256(nonce.concate(ephemkey)) first 4 bytes are equal to the prefix.
	// IF NOT, then just run through the loop once and pickup a random nonce.
	// (probably make the while condition include "or prefix = null" or something to that nature.
	look4pref = len(sa.Prefix) > 0 && sa.Prefix[0] > 0
	if look4pref {
		fmt.Print("Prefix is ", sa.Prefix[0], ":", hex.EncodeToString(sa.Prefix[1:]), " - looking for nonce...")
	}
	binary.Read(rand.Reader, binary.LittleEndian, &nonce_from)
	nonce = nonce_from
	for {
		binary.Write(sha, binary.LittleEndian, nonce)
		sha.Write(ephemkey)

		if sa.CheckPrefix(sha.Sum(nil)[:4]) {
			break
		}
		sha.Reset()

		nonce++
		if nonce == nonce_from {
			fmt.Println("EOF")
			goto pick_different_e
		}

		if (nonce & 0xfffff) == 0 {
			fmt.Print(".")
		}
	}
	if look4pref {
		fmt.Println(uint32(nonce - nonce_from))
	}

	// 8. Once you have the nonce and the ephemkey, you can create the first output, which is
	pkscr = make([]byte, 40)
	pkscr[0] = 0x6a // OP_RETURN
	pkscr[1] = 38   // length
	pkscr[2] = 0x06 // always 6
	binary.LittleEndian.PutUint32(pkscr[3:7], nonce)
	copy(pkscr[7:40], ephemkey)
	res[0] = &btc.TxOut{Pk_script: pkscr}

	// 9. Now use ECC multiplication to calculate e*Q where Q = scan_pubkey
	// an e = privkey to ephemkey and then hash it.
	c := btc.StealthDH(sa.ScanKey[:], e)
	if *verbose {
		fmt.Println("c", hex.EncodeToString(c))
	}

	// 10. That hash is now "c". use ECC multiplication and addition to
	// calculate D + (c*G) where D = spend_pubkey, and G is the reference
	// point for secp256k1. This will give you a new pubkey. (we'll call it D')
	Dpr := btc.DeriveNextPublic(sa.SpendKeys[0][:], c)
	if *verbose {
		fmt.Println("Dpr", hex.EncodeToString(Dpr))
	}

	// 11. Create a normal P2KH output spending to D' as public key.
	adr := btc.NewAddrFromPubkey(Dpr, btc.AddrVerPubkey(*testnet))
	res[1] = &btc.TxOut{Value: value, Pk_script: adr.OutScript()}
	fmt.Println("Sending to stealth", adr.String())

	return
}