bitcoinrb 0.0.1

data/lib/bitcoin/script/tx_checker.rb

@@ -0,0 +1,44 @@
+module Bitcoin
+  class TxChecker
+
+    attr_reader :tx
+    attr_reader :input_index
+    attr_reader :amount
+
+    def initialize(tx: nil, amount: 0, input_index: nil)
+      @tx = tx
+      @amount = amount
+      @input_index = input_index
+    end
+
+    # check signature
+    # @param [String] script_sig
+    # @param [String] pubkey
+    # @param [Bitcoin::Script] script_code
+    # @param [Integer] sig_version
+    def check_sig(script_sig, pubkey, script_code, sig_version)
+      return false if script_sig.empty?
+      script_sig = script_sig.htb
+      hash_type = script_sig[-1].unpack('C').first
+      sig = script_sig[0..-2]
+      if sig_version == ScriptInterpreter::SIG_VERSION[:witness_v0]
+        sighash = tx.sighash_for_input(input_index: input_index, hash_type: hash_type,
+                                       script_code: script_code, amount: amount, sig_version: sig_version)
+      else
+        sighash = tx.sighash_for_input(input_index: input_index, hash_type: hash_type,
+                                       script_code: script_code, sig_version: sig_version)
+      end
+      key = Bitcoin::Key.new(pubkey: pubkey)
+      key.verify(sig, sighash)
+    end
+
+    def check_locktime
+      # TODO
+    end
+
+    def check_sequence
+      # TODO
+    end
+
+  end
+end

data/lib/bitcoin/script_witness.rb

@@ -0,0 +1,29 @@
+module Bitcoin
+
+  # witness
+  class ScriptWitness
+
+    attr_reader :stack
+
+    def initialize(stack = [])
+      @stack = stack
+    end
+
+    def empty?
+      stack.empty?
+    end
+
+    def to_payload
+      p = Bitcoin.pack_var_int(stack.size)
+      p << stack.map { |s|
+        Bitcoin.pack_var_int(s.bytesize) << s
+      }.join
+    end
+
+    def to_s
+      stack.map{|s|s.bth}.join(' ')
+    end
+
+  end
+
+end

data/lib/bitcoin/secp256k1.rb

@@ -0,0 +1,10 @@
+module Bitcoin
+
+  module Secp256k1
+
+    autoload :Ruby, 'bitcoin/secp256k1/ruby'
+    autoload :Native, 'bitcoin/secp256k1/native'
+
+  end
+
+end

data/lib/bitcoin/secp256k1/native.rb

@@ -0,0 +1,22 @@
+module Bitcoin
+  module Secp256k1
+
+    # secp256k1 module using libsecp256k1
+    module Native
+
+      def generate_key_pair(compressed: true)
+        # TODO
+      end
+
+      def generate_key(compressed: true)
+        # TODO
+      end
+
+      def sign_data(privkey, data)
+        # TODO
+      end
+
+    end
+
+  end
+end

data/lib/bitcoin/secp256k1/ruby.rb

@@ -0,0 +1,96 @@
+module Bitcoin
+  module Secp256k1
+
+    GROUP = ECDSA::Group::Secp256k1
+
+    # secp256 module using ecdsa gem
+    # https://github.com/DavidEGrayson/ruby_ecdsa
+    module Ruby
+
+      module_function
+
+      # generate ecdsa private key and public key
+      def generate_key_pair(compressed: true)
+        private_key = 1 + SecureRandom.random_number(GROUP.order - 1)
+        public_key = GROUP.generator.multiply_by_scalar(private_key)
+        privkey = ECDSA::Format::IntegerOctetString.encode(private_key, 32)
+        pubkey = ECDSA::Format::PointOctetString.encode(public_key, compression: compressed)
+        [privkey.bth, pubkey.bth]
+      end
+
+      # generate bitcoin key
+      def generate_key(compressed: true)
+        privkey, pubkey = generate_key_pair(compressed: compressed)
+        Bitcoin::Key.new(priv_key: privkey, pubkey: pubkey, compressed: compressed)
+      end
+
+      # generate publick key from private key
+      # @param [String] privkey a private key with string format
+      # @param [Boolean] compressed pubkey compressed?
+      # @return [String] a pubkey which generate from privkey
+      def generate_pubkey(privkey, compressed: true)
+        private_key = ECDSA::Format::IntegerOctetString.decode(privkey.htb)
+        public_key = GROUP.generator.multiply_by_scalar(private_key)
+        pubkey = ECDSA::Format::PointOctetString.encode(public_key, compression: compressed)
+        pubkey.bth
+      end
+
+      # sign data.
+      # @param [String] data a data to be signed
+      # @param [String] privkey a private key using sign
+      # @return [String] signature data with binary format
+      def sign_data(data, privkey)
+        digest = Digest::SHA2.digest(data)
+        private_key = ECDSA::Format::IntegerOctetString.decode(privkey.htb)
+        signature = nil
+        while signature.nil?
+          # TODO support rfc 6979 https://tools.ietf.org/html/rfc6979
+          temp_key = 1 + SecureRandom.random_number(GROUP.order - 1)
+          signature = ECDSA.sign(GROUP, private_key, digest, temp_key)
+        end
+        ECDSA::Format::SignatureDerString.encode(signature) # signature with DER format
+      end
+
+      # verify signature using public key
+      # @param [String] digest a SHA-256 message digest with binary format
+      # @param [String] sig a signature for +data+ with binary format
+      # @param [String] pubkey a public key corresponding to the private key used for sign
+      # @return [Boolean] verify result
+      def verify_sig(digest, sig, pubkey)
+        begin
+          k = ECDSA::Format::PointOctetString.decode(repack_pubkey(pubkey), GROUP)
+          signature = repack_sig(sig)
+          ECDSA.valid_signature?(k, digest, signature)
+        rescue Exception
+          false
+        end
+      end
+
+      # repack signature for OpenSSL 1.0.1k handling of DER signatures
+      # https://github.com/bitcoin/bitcoin/pull/5634/files
+      def repack_sig(sig)
+        sig_array = sig.unpack('C*')
+        len_r = sig_array[3]
+        r = sig_array[4...(len_r+4)].pack('C*').bth
+        len_s = sig_array[len_r + 5]
+        s = sig_array[(len_r + 6)...(len_r + 6 + len_s)].pack('C*').bth
+        ECDSA::Signature.new(r.to_i(16), s.to_i(16))
+      end
+
+      # if +pubkey+ is hybrid public key format, it convert uncompressed format.
+      # https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2012-June/001578.html
+      def repack_pubkey(pubkey)
+        p = pubkey.htb
+        case p[0]
+          when "\x06", "\x07"
+            p[0] = "\x04"
+            p
+          else
+            pubkey.htb
+        end
+      end
+
+    end
+
+  end
+end

data/lib/bitcoin/tx.rb

@@ -0,0 +1,191 @@
+module Bitcoin
+
+  # Transaction class
+  class Tx
+
+    MARKER = 0x00
+    FLAG = 0x01
+
+    attr_accessor :version
+    attr_accessor :marker
+    attr_accessor :flag
+    attr_reader :inputs
+    attr_reader :outputs
+    attr_accessor :lock_time
+
+    def initialize
+      @inputs = []
+      @outputs = []
+      @version = 1
+      @lock_time = 0
+    end
+
+    def self.parse_from_payload(payload)
+      buf = payload.is_a?(String) ? StringIO.new(payload) : payload
+      tx = new
+      tx.version = buf.read(4).unpack('V').first
+
+      in_count = Bitcoin.unpack_var_int_from_io(buf)
+      witness = false
+      if in_count.zero?
+        tx.marker = 0
+        tx.flag = buf.read(1).unpack('c').first
+        in_count = Bitcoin.unpack_var_int_from_io(buf)
+        witness = true
+      end
+
+      in_count.times do
+        tx.inputs << TxIn.parse_from_payload(buf)
+      end
+
+      out_count = Bitcoin.unpack_var_int_from_io(buf)
+      out_count.times do
+        tx.outputs << TxOut.parse_from_payload(buf)
+      end
+
+      if witness
+        in_count.times do |i|
+          witness_count = Bitcoin.unpack_var_int_from_io(buf)
+          witness_count.times do
+            size = Bitcoin.unpack_var_int_from_io(buf)
+            tx.inputs[i].script_witness.stack << buf.read(size)
+          end
+        end
+      end
+
+      tx.lock_time = buf.read(4).unpack('V').first
+
+      tx
+    end
+
+    def txid
+      Bitcoin.double_sha256(serialize_old_format).reverse.bth
+    end
+
+    def wtxid
+      Bitcoin.double_sha256(to_payload).reverse.bth
+    end
+
+    def to_payload
+      witness? ? serialize_witness_format : serialize_old_format
+    end
+
+    def coinbase_tx?
+      inputs.length == 1 && inputs.first.coinbase?
+    end
+
+    def witness?
+      !inputs.find { |i| !i.script_witness.empty? }.nil?
+    end
+
+    # serialize tx with old tx format
+    def serialize_old_format
+      buf = [version].pack('V')
+      buf << Bitcoin.pack_var_int(inputs.length) << inputs.map(&:to_payload).join
+      buf << Bitcoin.pack_var_int(outputs.length) << outputs.map(&:to_payload).join
+      buf << [lock_time].pack('V')
+      buf
+    end
+
+    # serialize tx with segwit tx format
+    # https://github.com/bitcoin/bips/blob/master/bip-0144.mediawiki
+    def serialize_witness_format
+      buf = [version, MARKER, FLAG].pack('Vcc')
+      buf << Bitcoin.pack_var_int(inputs.length) << inputs.map(&:to_payload).join
+      buf << Bitcoin.pack_var_int(outputs.length) << outputs.map(&:to_payload).join
+      buf << witness_payload << [lock_time].pack('V')
+      buf
+    end
+
+    def witness_payload
+      inputs.map { |i| i.script_witness.to_payload }.join
+    end
+
+    # get signature hash
+    # @param [Integer] input_index input index.
+    # @param [Integer] hash_type signature hash type
+    # @param [Bitcoin::Script] script_code script code
+    # @param [Integer] amount bitcoin amount locked in input. required for witness input only.
+    def sighash_for_input(input_index: nil, hash_type: Script::SIGHASH_TYPE[:all], script_code: nil,
+                          sig_version: ScriptInterpreter::SIG_VERSION[:base], amount: nil)
+      raise ArgumentError, 'input_index must be specified.' unless input_index
+      raise ArgumentError, 'does not exist input corresponding to input_index.' if input_index >= inputs.size
+      raise ArgumentError, 'script_pubkey must be specified.' unless script_code
+
+      if sig_version == ScriptInterpreter::SIG_VERSION[:witness_v0]
+        raise ArgumentError, 'amount must be specified.' unless amount
+        sighash_for_witness(input_index, script_code, hash_type, amount)
+      else
+        sighash_for_legacy(input_index, script_code, hash_type)
+      end
+    end
+
+    private
+
+    # generate sighash with legacy format
+    def sighash_for_legacy(index, script_code, hash_type)
+      ins = inputs.map.with_index do |i, idx|
+        if idx == index
+          i.to_payload(script_code)
+        else
+          case hash_type & 0x1f
+            when Script::SIGHASH_TYPE[:none], Script::SIGHASH_TYPE[:single]
+              i.to_payload(Bitcoin::Script.new, 0)
+            else
+              i.to_payload(Bitcoin::Script.new)
+          end
+        end
+      end
+
+      outs = outputs.map(&:to_payload)
+      out_size = Bitcoin.pack_var_int(outputs.size)
+
+      case hash_type & 0x1f
+        when Script::SIGHASH_TYPE[:none]
+          outs = ''
+          out_size = Bitcoin.pack_var_int(0)
+        when Script::SIGHASH_TYPE[:single]
+          return "\x01".ljust(32, "\x00") if index >= outputs.size
+          outs = outputs[0...(index + 1)].map.with_index { |o, idx| (idx == index) ? o.to_payload : o.to_empty_payload }.join
+          out_size = Bitcoin.pack_var_int(index + 1)
+      end
+
+      if hash_type & Script::SIGHASH_TYPE[:anyonecanpay] != 0
+        ins = [ins[index]]
+      end
+
+      buf = [[version].pack('V'), Bitcoin.pack_var_int(ins.size),
+          ins, out_size, outs, [lock_time, hash_type].pack('VV')].join
+
+      Bitcoin.double_sha256(buf)
+    end
+
+    # generate sighash with BIP-143 format
+    # https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki
+    def sighash_for_witness(index, script_code, hash_type, amount)
+      hash_prevouts = Bitcoin.double_sha256(inputs.map{|i|i.out_point.to_payload}.join)
+      hash_sequence = Bitcoin.double_sha256(inputs.map{|i|[i.sequence].pack('V')}.join)
+      outpoint = inputs[index].out_point.to_payload
+      amount = [amount].pack('Q')
+      nsequence = [inputs[index].sequence].pack('V')
+      hash_outputs = Bitcoin.double_sha256(outputs.map{|o|o.to_payload}.join)
+
+      case (hash_type & 0x1f)
+      when Script::SIGHASH_TYPE[:single]
+        hash_outputs = index >= outputs.size ? "\x00".ljust(32, "\x00") : Bitcoin.double_sha256(outputs[index].to_payload)
+        hash_sequence = "\x00".ljust(32, "\x00")
+      when Script::SIGHASH_TYPE[:none]
+        hash_sequence = hash_outputs = "\x00".ljust(32, "\x00")
+      end
+
+      if (hash_type & Script::SIGHASH_TYPE[:anyonecanpay]) != 0
+        hash_prevouts = hash_sequence ="\x00".ljust(32, "\x00")
+      end
+      buf = [ [version].pack('V'), hash_prevouts, hash_sequence, outpoint, Bitcoin::Script.pack_pushdata(script_code.to_payload),
+              amount, nsequence, hash_outputs, [@lock_time, hash_type].pack('VV')].join
+      Bitcoin.double_sha256(buf)
+    end
+
+  end
+
+end

data/lib/bitcoin/tx_in.rb

@@ -0,0 +1,45 @@
+module Bitcoin
+
+  # transaction input
+  class TxIn
+
+    attr_accessor :out_point
+    attr_accessor :script_sig
+    attr_accessor :sequence
+    attr_accessor :script_witness
+
+    DEFAULT_SEQUENCE = 0xFFFFFFFF
+
+    def initialize(out_point: nil, script_sig: nil, script_witness: ScriptWitness.new, sequence: DEFAULT_SEQUENCE)
+      @out_point = out_point
+      @script_sig = script_sig
+      @script_witness = script_witness
+      @sequence = sequence
+    end
+
+    def self.parse_from_payload(payload)
+      buf = payload.is_a?(String) ? StringIO.new(payload) : payload
+      i = new
+      hash, index = buf.read(36).unpack('a32V')
+      i.out_point = OutPoint.new(hash.reverse.bth, index)
+      sig_length = Bitcoin.unpack_var_int_from_io(buf)
+      sig = buf.read(sig_length)
+      i.script_sig = Script.new
+      i.script_sig.chunks[0] = sig
+      i.sequence = buf.read(4).unpack('V').first
+      i
+    end
+
+    def coinbase?
+      out_point.coinbase?
+    end
+
+    def to_payload(script_sig = @script_sig, sequence = @sequence)
+      p = out_point.to_payload
+      p << Bitcoin.pack_var_int(script_sig.to_payload.bytesize)
+      p << script_sig.to_payload << [sequence].pack('V')
+    end
+
+  end
+
+end

data/lib/bitcoin/tx_out.rb

@@ -0,0 +1,32 @@
+module Bitcoin
+
+  # transaction output
+  class TxOut
+
+    attr_accessor :value
+    attr_accessor :script_pubkey
+
+    def initialize(value: 0, script_pubkey: nil)
+      @value = value
+      @script_pubkey = script_pubkey
+    end
+
+    def self.parse_from_payload(payload)
+      buf = payload.is_a?(String) ? StringIO.new(payload) : payload
+      value = buf.read(8).unpack('Q').first
+      script_size = Bitcoin.unpack_var_int_from_io(buf)
+      new(value: value, script_pubkey: Script.parse_from_payload(buf.read(script_size)))
+    end
+
+    def to_payload
+      s = script_pubkey.to_payload
+      [value].pack('Q') << Bitcoin.pack_var_int(s.length) << s
+    end
+
+    def to_empty_payload
+      'ffffffffffffffff00'.htb
+    end
+
+  end
+
+end