3 # Electrum - lightweight Bitcoin client
4 # Copyright (C) 2011 thomasv@gitorious
6 # This program is free software: you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation, either version 3 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
20 # Note: The deserialization code originally comes from ABE.
24 from util import print_error
29 # Workalike python implementation of Bitcoin's CDataStream class.
35 class SerializationError(Exception):
36 """ Thrown when there's a problem deserializing or serializing """
38 class BCDataStream(object):
47 def write(self, bytes): # Initialize with string of bytes
48 if self.input is None:
53 def map_file(self, file, start): # Initialize with bytes from file
54 self.input = mmap.mmap(file.fileno(), 0, access=mmap.ACCESS_READ)
55 self.read_cursor = start
57 def seek_file(self, position):
58 self.read_cursor = position
63 def read_string(self):
64 # Strings are encoded depending on length:
65 # 0 to 252 : 1-byte-length followed by bytes (if any)
66 # 253 to 65,535 : byte'253' 2-byte-length followed by bytes
67 # 65,536 to 4,294,967,295 : byte '254' 4-byte-length followed by bytes
68 # ... and the Bitcoin client is coded to understand:
69 # greater than 4,294,967,295 : byte '255' 8-byte-length followed by bytes of string
70 # ... but I don't think it actually handles any strings that big.
71 if self.input is None:
72 raise SerializationError("call write(bytes) before trying to deserialize")
75 length = self.read_compact_size()
77 raise SerializationError("attempt to read past end of buffer")
79 return self.read_bytes(length)
81 def write_string(self, string):
82 # Length-encoded as with read-string
83 self.write_compact_size(len(string))
86 def read_bytes(self, length):
88 result = self.input[self.read_cursor:self.read_cursor+length]
89 self.read_cursor += length
92 raise SerializationError("attempt to read past end of buffer")
96 def read_boolean(self): return self.read_bytes(1)[0] != chr(0)
97 def read_int16(self): return self._read_num('<h')
98 def read_uint16(self): return self._read_num('<H')
99 def read_int32(self): return self._read_num('<i')
100 def read_uint32(self): return self._read_num('<I')
101 def read_int64(self): return self._read_num('<q')
102 def read_uint64(self): return self._read_num('<Q')
104 def write_boolean(self, val): return self.write(chr(1) if val else chr(0))
105 def write_int16(self, val): return self._write_num('<h', val)
106 def write_uint16(self, val): return self._write_num('<H', val)
107 def write_int32(self, val): return self._write_num('<i', val)
108 def write_uint32(self, val): return self._write_num('<I', val)
109 def write_int64(self, val): return self._write_num('<q', val)
110 def write_uint64(self, val): return self._write_num('<Q', val)
112 def read_compact_size(self):
113 size = ord(self.input[self.read_cursor])
114 self.read_cursor += 1
116 size = self._read_num('<H')
118 size = self._read_num('<I')
120 size = self._read_num('<Q')
123 def write_compact_size(self, size):
125 raise SerializationError("attempt to write size < 0")
127 self.write(chr(size))
130 self._write_num('<H', size)
133 self._write_num('<I', size)
136 self._write_num('<Q', size)
138 def _read_num(self, format):
139 (i,) = struct.unpack_from(format, self.input, self.read_cursor)
140 self.read_cursor += struct.calcsize(format)
143 def _write_num(self, format, num):
144 s = struct.pack(format, num)
149 # From the Python Cookbook, downloaded from http://code.activestate.com/recipes/67107/
151 import types, string, exceptions
153 class EnumException(exceptions.Exception):
157 def __init__(self, name, enumList):
165 if type(x) == types.TupleType:
167 if type(x) != types.StringType:
168 raise EnumException, "enum name is not a string: " + x
169 if type(i) != types.IntType:
170 raise EnumException, "enum value is not an integer: " + i
172 raise EnumException, "enum name is not unique: " + x
173 if i in uniqueValues:
174 raise EnumException, "enum value is not unique for " + x
175 uniqueNames.append(x)
176 uniqueValues.append(i)
181 self.reverseLookup = reverseLookup
182 def __getattr__(self, attr):
183 if not self.lookup.has_key(attr):
185 return self.lookup[attr]
186 def whatis(self, value):
187 return self.reverseLookup[value]
190 # This function comes from bitcointools, bct-LICENSE.txt.
192 return bytes.encode('hex_codec')
194 # This function comes from bitcointools, bct-LICENSE.txt.
195 def short_hex(bytes):
196 t = bytes.encode('hex_codec')
199 return t[0:4]+"..."+t[-4:]
204 def parse_redeemScript(bytes):
205 dec = [ x for x in script_GetOp(bytes.decode('hex')) ]
208 match = [ opcodes.OP_2, opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4, opcodes.OP_2, opcodes.OP_CHECKMULTISIG ]
209 if match_decoded(dec, match):
210 pubkeys = [ dec[1][1].encode('hex'), dec[2][1].encode('hex') ]
214 match = [ opcodes.OP_2, opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4, opcodes.OP_3, opcodes.OP_CHECKMULTISIG ]
215 if match_decoded(dec, match):
216 pubkeys = [ dec[1][1].encode('hex'), dec[2][1].encode('hex'), dec[3][1].encode('hex') ]
221 opcodes = Enumeration("Opcodes", [
222 ("OP_0", 0), ("OP_PUSHDATA1",76), "OP_PUSHDATA2", "OP_PUSHDATA4", "OP_1NEGATE", "OP_RESERVED",
223 "OP_1", "OP_2", "OP_3", "OP_4", "OP_5", "OP_6", "OP_7",
224 "OP_8", "OP_9", "OP_10", "OP_11", "OP_12", "OP_13", "OP_14", "OP_15", "OP_16",
225 "OP_NOP", "OP_VER", "OP_IF", "OP_NOTIF", "OP_VERIF", "OP_VERNOTIF", "OP_ELSE", "OP_ENDIF", "OP_VERIFY",
226 "OP_RETURN", "OP_TOALTSTACK", "OP_FROMALTSTACK", "OP_2DROP", "OP_2DUP", "OP_3DUP", "OP_2OVER", "OP_2ROT", "OP_2SWAP",
227 "OP_IFDUP", "OP_DEPTH", "OP_DROP", "OP_DUP", "OP_NIP", "OP_OVER", "OP_PICK", "OP_ROLL", "OP_ROT",
228 "OP_SWAP", "OP_TUCK", "OP_CAT", "OP_SUBSTR", "OP_LEFT", "OP_RIGHT", "OP_SIZE", "OP_INVERT", "OP_AND",
229 "OP_OR", "OP_XOR", "OP_EQUAL", "OP_EQUALVERIFY", "OP_RESERVED1", "OP_RESERVED2", "OP_1ADD", "OP_1SUB", "OP_2MUL",
230 "OP_2DIV", "OP_NEGATE", "OP_ABS", "OP_NOT", "OP_0NOTEQUAL", "OP_ADD", "OP_SUB", "OP_MUL", "OP_DIV",
231 "OP_MOD", "OP_LSHIFT", "OP_RSHIFT", "OP_BOOLAND", "OP_BOOLOR",
232 "OP_NUMEQUAL", "OP_NUMEQUALVERIFY", "OP_NUMNOTEQUAL", "OP_LESSTHAN",
233 "OP_GREATERTHAN", "OP_LESSTHANOREQUAL", "OP_GREATERTHANOREQUAL", "OP_MIN", "OP_MAX",
234 "OP_WITHIN", "OP_RIPEMD160", "OP_SHA1", "OP_SHA256", "OP_HASH160",
235 "OP_HASH256", "OP_CODESEPARATOR", "OP_CHECKSIG", "OP_CHECKSIGVERIFY", "OP_CHECKMULTISIG",
236 "OP_CHECKMULTISIGVERIFY",
237 ("OP_SINGLEBYTE_END", 0xF0),
238 ("OP_DOUBLEBYTE_BEGIN", 0xF000),
239 "OP_PUBKEY", "OP_PUBKEYHASH",
240 ("OP_INVALIDOPCODE", 0xFFFF),
244 def script_GetOp(bytes):
246 while i < len(bytes):
248 opcode = ord(bytes[i])
250 if opcode >= opcodes.OP_SINGLEBYTE_END:
252 opcode |= ord(bytes[i])
255 if opcode <= opcodes.OP_PUSHDATA4:
257 if opcode == opcodes.OP_PUSHDATA1:
258 nSize = ord(bytes[i])
260 elif opcode == opcodes.OP_PUSHDATA2:
261 (nSize,) = struct.unpack_from('<H', bytes, i)
263 elif opcode == opcodes.OP_PUSHDATA4:
264 (nSize,) = struct.unpack_from('<I', bytes, i)
266 vch = bytes[i:i+nSize]
269 yield (opcode, vch, i)
272 def script_GetOpName(opcode):
273 return (opcodes.whatis(opcode)).replace("OP_", "")
276 def decode_script(bytes):
278 for (opcode, vch, i) in script_GetOp(bytes):
279 if len(result) > 0: result += " "
280 if opcode <= opcodes.OP_PUSHDATA4:
281 result += "%d:"%(opcode,)
282 result += short_hex(vch)
284 result += script_GetOpName(opcode)
288 def match_decoded(decoded, to_match):
289 if len(decoded) != len(to_match):
291 for i in range(len(decoded)):
292 if to_match[i] == opcodes.OP_PUSHDATA4 and decoded[i][0] <= opcodes.OP_PUSHDATA4 and decoded[i][0]>0:
293 continue # Opcodes below OP_PUSHDATA4 all just push data onto stack, and are equivalent.
294 if to_match[i] != decoded[i][0]:
298 def get_address_from_input_script(bytes):
300 decoded = [ x for x in script_GetOp(bytes) ]
302 # coinbase transactions raise an exception
303 print_error("cannot find address in input script", bytes.encode('hex'))
304 return [], [], "(None)"
307 match = [ opcodes.OP_PUSHDATA4 ]
308 if match_decoded(decoded, match):
309 return None, None, "(pubkey)"
311 # non-generated TxIn transactions push a signature
312 # (seventy-something bytes) and then their public key
313 # (65 bytes) onto the stack:
314 match = [ opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4 ]
315 if match_decoded(decoded, match):
316 return None, None, public_key_to_bc_address(decoded[1][1])
318 # p2sh transaction, 2 of n
319 match = [ opcodes.OP_0 ]
320 while len(match) < len(decoded):
321 match.append(opcodes.OP_PUSHDATA4)
323 if match_decoded(decoded, match):
325 redeemScript = decoded[-1][1]
327 signatures = map(lambda x:x[1][:-1].encode('hex'), decoded[1:-1])
329 dec2 = [ x for x in script_GetOp(redeemScript) ]
332 match2 = [ opcodes.OP_2, opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4, opcodes.OP_2, opcodes.OP_CHECKMULTISIG ]
333 if match_decoded(dec2, match2):
334 pubkeys = [ dec2[1][1].encode('hex'), dec2[2][1].encode('hex') ]
335 return pubkeys, signatures, hash_160_to_bc_address(hash_160(redeemScript), 5)
338 match2 = [ opcodes.OP_2, opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4, opcodes.OP_PUSHDATA4, opcodes.OP_3, opcodes.OP_CHECKMULTISIG ]
339 if match_decoded(dec2, match2):
340 pubkeys = [ dec2[1][1].encode('hex'), dec2[2][1].encode('hex'), dec2[3][1].encode('hex') ]
341 return pubkeys, signatures, hash_160_to_bc_address(hash_160(redeemScript), 5)
343 print_error("cannot find address in input script", bytes.encode('hex'))
344 return [], [], "(None)"
348 def get_address_from_output_script(bytes):
349 decoded = [ x for x in script_GetOp(bytes) ]
351 # The Genesis Block, self-payments, and pay-by-IP-address payments look like:
352 # 65 BYTES:... CHECKSIG
353 match = [ opcodes.OP_PUSHDATA4, opcodes.OP_CHECKSIG ]
354 if match_decoded(decoded, match):
355 return True, public_key_to_bc_address(decoded[0][1])
357 # Pay-by-Bitcoin-address TxOuts look like:
358 # DUP HASH160 20 BYTES:... EQUALVERIFY CHECKSIG
359 match = [ opcodes.OP_DUP, opcodes.OP_HASH160, opcodes.OP_PUSHDATA4, opcodes.OP_EQUALVERIFY, opcodes.OP_CHECKSIG ]
360 if match_decoded(decoded, match):
361 return False, hash_160_to_bc_address(decoded[2][1])
364 match = [ opcodes.OP_HASH160, opcodes.OP_PUSHDATA4, opcodes.OP_EQUAL ]
365 if match_decoded(decoded, match):
366 return False, hash_160_to_bc_address(decoded[1][1],5)
368 return False, "(None)"
373 def __init__(self, raw, is_complete = True):
376 self.inputs = self.d['inputs']
377 self.outputs = self.d['outputs']
378 self.outputs = map(lambda x: (x['address'],x['value']), self.outputs)
379 self.locktime = self.d['lockTime']
380 self.is_complete = is_complete
386 def from_io(klass, inputs, outputs):
387 raw = klass.serialize(inputs, outputs, for_sig = -1) # for_sig=-1 means do not sign
389 self.is_complete = False
391 self.outputs = outputs
395 def multisig_script(klass, public_keys, num=None):
397 if num is None: num = n
398 # supports only "2 of 2", and "2 of 3" transactions
399 assert num <= n and n in [2,3]
408 for k in public_keys:
409 s += var_int(len(k)/2)
422 def serialize( klass, inputs, outputs, for_sig = None ):
424 s = int_to_hex(1,4) # version
425 s += var_int( len(inputs) ) # number of inputs
426 for i in range(len(inputs)):
428 s += txin['prevout_hash'].decode('hex')[::-1].encode('hex') # prev hash
429 s += int_to_hex(txin['prevout_n'],4) # prev index
432 signatures = txin['signatures']
433 pubkeys = txin['pubkeys']
434 if not txin.get('redeemScript'):
439 sig = sig + '01' # hashtype
440 script += op_push(len(sig)/2)
442 script += op_push(len(pubkey)/2)
446 for sig in signatures:
448 script += op_push(len(sig)/2)
451 redeem_script = klass.multisig_script(pubkeys,2)
452 script += op_push(len(redeem_script)/2)
453 script += redeem_script
456 if txin.get('redeemScript'):
457 script = txin['redeemScript'] # p2sh uses the inner script
459 script = txin['scriptPubKey'] # scriptsig
462 s += var_int( len(script)/2 ) # script length
464 s += "ffffffff" # sequence
466 s += var_int( len(outputs) ) # number of outputs
467 for output in outputs:
468 addr, amount = output
469 s += int_to_hex( amount, 8) # amount
470 addrtype, hash_160 = bc_address_to_hash_160(addr)
472 script = '76a9' # op_dup, op_hash_160
473 script += '14' # push 0x14 bytes
474 script += hash_160.encode('hex')
475 script += '88ac' # op_equalverify, op_checksig
477 script = 'a9' # op_hash_160
478 script += '14' # push 0x14 bytes
479 script += hash_160.encode('hex')
480 script += '87' # op_equal
484 s += var_int( len(script)/2 ) # script length
486 s += int_to_hex(0,4) # lock time
487 if for_sig is not None and for_sig != -1:
488 s += int_to_hex(1, 4) # hash type
493 return self.serialize(self.inputs, self.outputs, for_sig = i)
497 return Hash(self.raw.decode('hex') )[::-1].encode('hex')
501 def sign(self, keypairs):
503 print_error("tx.sign(), keypairs:", keypairs)
505 for i, txin in enumerate(self.inputs):
507 # if the input is multisig, parse redeem script
508 redeem_script = txin.get('redeemScript')
509 num, redeem_pubkeys = parse_redeemScript(redeem_script) if redeem_script else (1, [txin.get('redeemPubkey')])
512 txin["pubkeys"] = redeem_pubkeys
513 # get list of already existing signatures
514 signatures = txin.get("signatures",[])
515 # continue if this txin is complete
516 if len(signatures) == num:
519 tx_for_sig = self.serialize( self.inputs, self.outputs, for_sig = i )
521 print_error("redeem pubkeys input %d"%i, redeem_pubkeys)
522 for pubkey in redeem_pubkeys:
523 # check if we have the corresponding private key
524 if pubkey in keypairs.keys():
526 sec = keypairs[pubkey]
527 compressed = is_compressed(sec)
528 pkey = regenerate_key(sec)
530 private_key = ecdsa.SigningKey.from_secret_exponent( secexp, curve = SECP256k1 )
531 public_key = private_key.get_verifying_key()
532 sig = private_key.sign_digest_deterministic( Hash( tx_for_sig.decode('hex') ), hashfunc=hashlib.sha256, sigencode = ecdsa.util.sigencode_der )
533 assert public_key.verify_digest( sig, Hash( tx_for_sig.decode('hex') ), sigdecode = ecdsa.util.sigdecode_der)
534 signatures.append( sig.encode('hex') )
535 print_error("adding signature for", pubkey)
537 txin["signatures"] = signatures
538 is_complete = is_complete and len(signatures) == num
540 print_error("is_complete", is_complete)
541 self.is_complete = is_complete
542 self.raw = self.serialize( self.inputs, self.outputs )
545 def deserialize(self):
547 vds.write(self.raw.decode('hex'))
549 start = vds.read_cursor
550 d['version'] = vds.read_int32()
551 n_vin = vds.read_compact_size()
553 for i in xrange(n_vin):
554 d['inputs'].append(self.parse_input(vds))
555 n_vout = vds.read_compact_size()
557 for i in xrange(n_vout):
558 d['outputs'].append(self.parse_output(vds, i))
559 d['lockTime'] = vds.read_uint32()
564 def parse_input(self, vds):
566 d['prevout_hash'] = hash_encode(vds.read_bytes(32))
567 d['prevout_n'] = vds.read_uint32()
568 scriptSig = vds.read_bytes(vds.read_compact_size())
569 d['sequence'] = vds.read_uint32()
572 pubkeys, signatures, address = get_address_from_input_script(scriptSig)
578 d['address'] = address
579 d['signatures'] = signatures
583 def parse_output(self, vds, i):
585 d['value'] = vds.read_int64()
586 scriptPubKey = vds.read_bytes(vds.read_compact_size())
587 is_pubkey, address = get_address_from_output_script(scriptPubKey)
588 d['is_pubkey'] = is_pubkey
589 d['address'] = address
590 d['scriptPubKey'] = scriptPubKey.encode('hex')
595 def add_extra_addresses(self, txlist):
596 for i in self.inputs:
597 if i.get("address") == "(pubkey)":
598 prev_tx = txlist.get(i.get('prevout_hash'))
600 address, value = prev_tx.outputs[i.get('prevout_n')]
601 print_error("found pay-to-pubkey address:", address)
602 i["address"] = address
605 def has_address(self, addr):
607 for txin in self.inputs:
608 if addr == txin.get('address'):
611 for txout in self.outputs:
618 def get_value(self, addresses, prevout_values):
619 # return the balance for that tx
624 v_in = v_out = v_out_mine = 0
626 for item in self.inputs:
627 addr = item.get('address')
628 if addr in addresses:
631 key = item['prevout_hash'] + ':%d'%item['prevout_n']
632 value = prevout_values.get( key )
640 if not is_send: is_partial = False
642 for item in self.outputs:
645 if addr in addresses:
650 # some inputs are mine:
653 v = v_out_mine - v_out
659 v = v_out_mine - v_in
662 # some inputs are mine, but not all
666 # all inputs are mine
669 return is_relevant, is_send, v, fee
672 def get_input_info(self):
674 for i in self.inputs:
676 'prevout_hash':i['prevout_hash'],
677 'prevout_n':i['prevout_n'],
678 'address':i.get('address'),
679 'KeyID':i.get('KeyID'),
680 'scriptPubKey':i.get('scriptPubKey'),
681 'redeemScript':i.get('redeemScript'),
682 'redeemPubkey':i.get('redeemPubkey'),
683 'pubkeys':i.get('pubkeys'),
684 'signatures':i.get('signatures',[]),
694 "complete":self.is_complete
697 if not self.is_complete:
698 input_info = self.get_input_info()
699 out['input_info'] = json.dumps(input_info).replace(' ','')
704 def requires_fee(self, verifier):
705 # see https://en.bitcoin.it/wiki/Transaction_fees
707 size = len(self.raw)/2
711 for o in self.outputs:
716 for i in self.inputs:
717 age = verifier.get_confirmations(i["prevout_hash"])[0]
718 sum += i["value"] * age
719 priority = sum / size
720 print_error(priority, threshold)
721 return priority < threshold
725 def add_input_info(self, input_info):
726 for i, txin in enumerate(self.inputs):
728 txin['address'] = item['address']
729 txin['signatures'] = item['signatures']
730 txin['scriptPubKey'] = item['scriptPubKey']
731 txin['redeemScript'] = item.get('redeemScript')
732 txin['redeemPubkey'] = item.get('redeemPubkey')
733 txin['KeyID'] = item.get('KeyID')