RubyGems - block_io - Versions diffs - 2.0.0 → 3.0.3 - Mend

block_io 2.0.0 → 3.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (115) hide show

data/lib/block_io/client.rb CHANGED Viewed

@@ -16,20 +16,12 @@ module BlockIo
       raise "Must provide an API Key." unless args.key?(:api_key) and args[:api_key].to_s.size > 0
       @api_key = args[:api_key]
-      @encryption_key = Helper.pinToAesKey(args[:pin] || "") if args.key?(:pin)
+      @pin = args[:pin]
       @version = args[:version] || 2
       @hostname = args[:hostname] || "block.io"
       @proxy = args[:proxy] || {}
-      @keys = args[:keys] || []
-      @use_low_r = args[:use_low_r]
-      @raise_exception_on_error = args[:raise_exception_on_error] || false
+      @keys = {}
-      raise Exception.new("Keys must be provided as an array.") unless @keys.is_a?(Array)
-      raise Exception.new("Keys must be BlockIo::Key objects.") unless @keys.all?{|key| key.is_a?(BlockIo::Key)}
-      # make a hash of the keys we've been given
-      @keys = @keys.inject({}){|h,v| h[v.public_key] = v; h}
       raise Exception.new("Must specify hostname, port, username, password if using a proxy.") if @proxy.keys.size > 0 and [:hostname, :port, :username, :password].any?{|x| !@proxy.key?(x)}
       @conn = ConnectionPool.new(:size => args[:pool_size] || 5) { http = HTTP.headers(:accept => "application/json", :user_agent => "gem:block_io:#{VERSION}");
@@ -50,109 +42,176 @@ module BlockIo
       raise Exception.new("Parameter keys must be symbols. For instance: :label => 'default' instead of 'label' => 'default'") unless args[0].nil? or args[0].keys.all?{|x| x.is_a?(Symbol)}
       raise Exception.new("Cannot pass PINs to any calls. PINs can only be set when initiating this library.") if !args[0].nil? and args[0].key?(:pin)
       raise Exception.new("Do not specify API Keys here. Initiate a new BlockIo object instead if you need to use another API Key.") if !args[0].nil? and args[0].key?(:api_key)
-      if BlockIo::WITHDRAW_METHODS.key?(method_name) then
-        # it's a withdrawal call
-        withdraw(args[0], method_name)
-      elsif BlockIo::SWEEP_METHODS.key?(method_name) then
+      if method_name.eql?("prepare_sweep_transaction") then
+        # we need to ensure @network is set before we allow this
+        # we need to send only the public key, not the given private key
         # we're sweeping from an address
-        sweep(args[0], method_name)
-      elsif BlockIo::FINALIZE_SIGNATURE_METHODS.key?(method_name) then
-        # we're finalize the transaction signatures
-        finalize_signature(args[0], method_name)
+        internal_prepare_sweep_transaction(args[0], method_name)
       else
         api_call({:method_name => method_name, :params => args[0] || {}})
       end
     end
-    private
-    def withdraw(args = {}, method_name = "withdraw")
+    def summarize_prepared_transaction(data)
+      # takes the response from prepare_transaction/prepare_dtrust_transaction/prepare_sweep_transaction
+      # returns the network fee being paid, the blockio fee being paid, amounts being sent
-      response = api_call({:method_name => method_name, :params => args})
+      input_sum = data['data']['inputs'].map{|input| BigDecimal(input['input_value'])}.inject(:+)
-      if response["data"].key?("reference_id") then
-        # Block.io's asking us to provide client-side signatures
+      output_values = [BigDecimal(0)]
+      blockio_fees = [BigDecimal(0)]
+      change_amounts = [BigDecimal(0)]
-        encrypted_passphrase = response["data"]["encrypted_passphrase"]
+      data['data']['outputs'].each do |output|
+        if output['output_category'] == 'blockio-fee' then
+          blockio_fees << BigDecimal(output['output_value'])
+        elsif output['output_category'] == 'change' then
+          change_amounts << BigDecimal(output['output_value'])
+        else
+          # user-specified
+          output_values << BigDecimal(output['output_value'])
+        end
+      end
+      output_sum = output_values.inject(:+)
+      blockio_fee = blockio_fees.inject(:+)
+      change_amount = change_amounts.inject(:+)
+      network_fee = input_sum - output_sum - blockio_fee - change_amount
+      {
+        'network' => data['data']['network'],
+        'network_fee' => '%0.8f' % network_fee,
+        "blockio_fee" => '%0.8f' % blockio_fee,
+        "total_amount_to_send" => '%0.8f' % output_sum
+      }
+    end
+    def create_and_sign_transaction(data, keys = [])
+      # takes data from prepare_transaction, prepare_dtrust_transaction, prepare_sweep_transaction
+      # creates the transaction given the inputs and outputs from data
+      # signs the transaction using keys (if not provided, decrypts the key using the PIN)
+      set_network(data['data']['network']) if data['data'].key?('network')
-        if !encrypted_passphrase.nil? and !@keys.key?(encrypted_passphrase["signer_public_key"]) then
-          # encrypted passphrase was provided, and we do not have the signer's key, so let's extract it first
+      raise "Data must be contain one or more inputs" unless data['data']['inputs'].size > 0
+      raise "Data must contain one or more outputs" unless data['data']['outputs'].size > 0
+      raise "Data must contain information about addresses" unless data['data']['input_address_data'].size > 0 # TODO make stricter
-          raise Exception.new("PIN not set and no keys provided. Cannot execute withdrawal requests.") unless @encryption_key or @keys.size > 0
+      private_keys = keys.map{|x| Key.from_private_key_hex(x)}
-          key = Helper.extractKey(encrypted_passphrase["passphrase"], @encryption_key, @use_low_r)
-          raise Exception.new("Public key mismatch for requested signer and ourselves. Invalid Secret PIN detected.") unless key.public_key.eql?(encrypted_passphrase["signer_public_key"])
+      # TODO debug all of this
+      inputs = data['data']['inputs']
+      outputs = data['data']['outputs']
-          # store this key for later use
-          @keys[key.public_key] = key
+      tx = Bitcoin::Tx.new
-        end
+      # populate the inputs
+      inputs.each do |input|
+        tx.in << Bitcoin::TxIn.new(:out_point => Bitcoin::OutPoint.from_txid(input['previous_txid'], input['previous_output_index']))
+      end
-        if @keys.size > 0 then
-          # if we have at least one key available, try to send signatures back
-          # if a dtrust withdrawal is used without any keys stored in the BlockIo::Client object, the output of this call will be the previous response from Block.io
-          # we just need reference_id and inputs
-          response["data"] = {"reference_id" => response["data"]["reference_id"], "inputs" => response["data"]["inputs"]}
-          # let's sign all the inputs we can
-          signatures_added = (@keys.size == 0 ? false : Helper.signData(response["data"]["inputs"], @keys))
-          # the response object is now signed, let's stringify it and finalize this withdrawal
-          response = finalize_signature({:signature_data => response["data"]}, "sign_and_finalize_withdrawal") if signatures_added
-          # if we provided all the required signatures, this transaction went through
-          # otherwise Block.io responded with data asking for more signatures and recorded the signature we provided above
-          # the latter will be the case for dTrust addresses
-        end
+      # populate the outputs
+      outputs.each do |output|
+        tx.out << Bitcoin::TxOut.new(:value => (BigDecimal(output['output_value']) * BigDecimal(100000000)).to_i, :script_pubkey => Bitcoin::Script.parse_from_addr(output['receiving_address']))
       end
-      response
-    end
+      # some protection against misbehaving machines and/or code
+      raise Exception.new("Expected unsigned transaction ID mismatch. Please report this error to support@block.io.") unless (data['data']['expected_unsigned_txid'].nil? or
+                                                                                                                        data['data']['expected_unsigned_txid'] == tx.txid)
-    def sweep(args = {}, method_name = "sweep_from_address")
-      # sweep coins from a given address and key
+      # extract key
+      encrypted_key = data['data']['user_key']
-      raise Exception.new("No private_key provided.") unless args.key?(:private_key) and (args[:private_key] || "").size > 0
+      if !encrypted_key.nil? and !@keys.key?(encrypted_key['public_key']) then
+        # decrypt the key with PIN
-      key = Key.from_wif(args[:private_key], @use_low_r)
-      sanitized_args = args.merge({:public_key => key.public_key})
-      sanitized_args.delete(:private_key)
-      response = api_call({:method_name => method_name, :params => sanitized_args})
-      if response["data"].key?("reference_id") then
-        # Block.io's asking us to provide client-side signatures
+        raise Exception.new("PIN not set and no keys provided. Cannot sign transaction.") unless !@pin.nil? or @keys.size > 0
-        # we just need the reference_id and inputs
-        response["data"] = {"reference_id" => response["data"]["reference_id"], "inputs" => response["data"]["inputs"]}
-        # let's sign all the inputs we can
-        signatures_added = Helper.signData(response["data"]["inputs"], [key])
+        key = Helper.dynamicExtractKey(encrypted_key, @pin)
-        # the response object is now signed, let's stringify it and finalize this transaction
-        response = finalize_signature({:signature_data => response["data"]}, "sign_and_finalize_sweep") if signatures_added
+        raise Exception.new("Public key mismatch for requested signer and ourselves. Invalid Secret PIN detected.") unless key.public_key_hex.eql?(encrypted_key["public_key"])
-        # if we provided all the required signatures, this transaction went through
+        # store this key for later use
+        @keys[key.public_key_hex] = key
       end
-      response
+      # store the provided keys, if any, for later use
+      private_keys.each{|key| @keys[key.public_key_hex] = key}
+      signatures = []
+      if @keys.size > 0 then
+        # try to sign whatever we can here and give the user the data back
+        # Block.io will check to see if all signatures are present, or return an error otherwise saying insufficient signatures provided
+        i = 0
+        while i < inputs.size do
+          input = inputs[i]
+          input_address_data = data['data']['input_address_data'].detect{|d| d['address'] == input['spending_address']}
+          sighash_for_input = Helper.getSigHashForInput(tx, i, input, input_address_data) # in bytes
+          input_address_data['public_keys'].each do |signer_public_key|
+            # sign what we can and append signatures to the signatures object
+            next unless @keys.key?(signer_public_key)
+            signature = @keys[signer_public_key].sign(sighash_for_input).unpack("H*")[0] # in hex
+            signatures << {"input_index" => i, "public_key" => signer_public_key, "signature" => signature}
+          end
+          i += 1 # go to next input
+        end
+      end
+      # if we have everything we need for this transaction, just finalize the transaction
+      if Helper.allSignaturesPresent?(tx, inputs, signatures, data['data']['input_address_data']) then
+        Helper.finalizeTransaction(tx, inputs, signatures, data['data']['input_address_data'])
+        signatures = [] # no signatures left to append
+      end
+      # reset keys
+      @keys = {}
+      # the response for submitting the transaction
+      {"tx_type" => data['data']['tx_type'], "tx_hex" => tx.to_hex, "signatures" => (signatures.size == 0 ? nil : signatures)}
     end
-    def finalize_signature(args = {}, method_name = "sign_and_finalize_withdrawal")
+    private
+    def internal_prepare_sweep_transaction(args = {}, method_name = "prepare_sweep_transaction")
-      raise Exception.new("Object must have reference_id and inputs keys.") unless args.key?(:signature_data) and args[:signature_data].key?("inputs") and args[:signature_data].key?("reference_id")
+      # set the network first if not already known
+      api_call({:method_name => "get_balance", :params => {}}) if @network.nil?
-      signatures = {"reference_id" => args[:signature_data]["reference_id"], "inputs" => args[:signature_data]["inputs"]}
+      raise Exception.new("No private_key provided.") unless args.key?(:private_key) and (args[:private_key] || "").size > 0
-      response = api_call({:method_name => method_name, :params => {:signature_data => Oj.dump(signatures)}})
+      # ensure the private key never goes to Block.io
+      key = Key.from_wif(args[:private_key])
+      sanitized_args = args.merge({:public_key => key.public_key_hex})
+      sanitized_args.delete(:private_key)
+      @keys[key.public_key_hex] = key # store this in our set of keys for later use
+      api_call({:method_name => method_name, :params => sanitized_args})
     end
+    def set_network(network)
+      # load the chain_params for this network
+      @network ||= network
+      Bitcoin.chain_params = @network unless @network.to_s.size == 0
+    end
     def api_call(args)
@@ -166,9 +225,15 @@ module BlockIo
         body = {"status" => "fail", "data" => {"error_message" => "Unknown error occurred. Please report this to support@block.io. Status #{response.code}."}}
       end
-      raise Exception.new("#{body["data"]["error_message"]}") if !body["status"].eql?("success") and @raise_exception_on_error
+      if !body["status"].eql?("success") then
+        # raise an exception on error for easy handling
+        # user can extract raw response using e.raw_data
+        e = APIException.new("#{body["data"]["error_message"]}")
+        e.set_raw_data(body)
+        raise e
+      end
-      @network ||= body["data"]["network"] if body["data"].key?("network")
+      set_network(body['data']['network']) if body['data'].key?('network')
       body

data/lib/block_io/extended_bitcoinrb.rb ADDED Viewed

@@ -0,0 +1,132 @@
+require 'yaml'
+module Bitcoin
+  # set network chain params
+  def self.chain_params=(name)
+    raise "chain params for #{name} is not defined." unless %i(BTC DOGE LTC BTCTEST DOGETEST LTCTEST).include?(name.to_sym)
+    @current_chain = nil
+    @chain_param = name.to_sym
+  end
+  # current network chain params.
+  def self.chain_params
+    return @current_chain if @current_chain
+    return (@current_chain = Bitcoin::ChainParams.get(@chain_param.to_s))
+  end
+  class ChainParams
+    def self.get(network)
+      init(network)
+    end
+    def self.init(name)
+      i = YAML.load(File.open("#{__dir__}/chainparams/#{name}.yml"))
+      i.dust_relay_fee ||= Bitcoin::DUST_RELAY_TX_FEE
+      i
+    end
+  end
+  module Secp256k1
+    module Ruby
+      module_function
+      def sign_ecdsa(data, privkey, extra_entropy)
+        privkey = privkey.htb
+        private_key = ECDSA::Format::IntegerOctetString.decode(privkey)
+        extra_entropy ||= ''
+        nonce = RFC6979.generate_rfc6979_nonce(privkey + data, extra_entropy)
+        # port form ecdsa gem.
+        r_point = GROUP.new_point(nonce)
+        point_field = ECDSA::PrimeField.new(GROUP.order)
+        r = point_field.mod(r_point.x)
+        return nil if r.zero?
+        rec = r_point.y & 1
+        e = ECDSA.normalize_digest(data, GROUP.bit_length)
+        s = point_field.mod(point_field.inverse(nonce) * (e + r * private_key))
+        # covert to low-s
+        if s > (GROUP.order / 2)
+          s = GROUP.order - s
+          rec = r_point.y & 1
+        end
+        return nil if s.zero?
+        signature = ECDSA::Signature.new(r, s).to_der
+        # comment lines below lead to performance issues
+        #        public_key = Bitcoin::Key.new(priv_key: privkey.bth, :key_type => Bitcoin::Key::TYPES[:compressed]).pubkey # get rid of the key_type warning
+        #        raise 'Creation of signature failed.' unless Bitcoin::Secp256k1::Ruby.verify_sig(data, signature, public_key)
+        [signature, rec]
+      end
+    end
+  end
+  class Key
+    def initialize(priv_key: nil, pubkey: nil, key_type: nil, compressed: true, allow_hybrid: false)
+      # override so enforce compressed keys
+      raise "key_type must always be Bitcoin::KEY::TYPES[:compressed]" unless key_type == TYPES[:compressed]
+      puts "[Warning] Use key_type parameter instead of compressed. compressed parameter removed in the future." if key_type.nil? && !compressed.nil? && pubkey.nil?
+      if key_type
+        @key_type = key_type
+        compressed = @key_type != TYPES[:uncompressed]
+      else
+        @key_type = compressed ? TYPES[:compressed] : TYPES[:uncompressed]
+      end
+      @secp256k1_module =  Bitcoin.secp_impl
+      @priv_key = priv_key
+      if @priv_key
+        raise ArgumentError, Errors::Messages::INVALID_PRIV_KEY unless validate_private_key_range(@priv_key)
+      end
+      if pubkey
+        @pubkey = pubkey
+      else
+        @pubkey = generate_pubkey(priv_key, compressed: compressed) if priv_key
+      end
+      raise ArgumentError, Errors::Messages::INVALID_PUBLIC_KEY unless fully_valid_pubkey?(allow_hybrid)
+    end
+    def public_key_hex
+      @pubkey
+    end
+    def private_key_hex
+      @priv_key
+    end
+  end
+end
+module Bech32
+  # override so we can parse non-Bitcoin Bech32 addresses
+  class SegwitAddr
+    private
+    def parse_addr(addr)
+      @hrp, data, spec = Bech32.decode(addr)
+      raise 'Invalid address.' if hrp.nil? || data[0].nil? || !['bc', 'ltc', 'tb', 'tltc', 'doge', 'tdge'].include?(hrp) # HRP_MAINNET, HRP_TESTNET, HRP_REGTEST].include?(hrp)
+      @ver = data[0]
+      raise 'Invalid witness version' if @ver > 16
+      @prog = convert_bits(data[1..-1], 5, 8, false)
+      raise 'Invalid witness program' if @prog.nil? || @prog.length < 2 || @prog.length > 40
+      raise 'Invalid witness program with version 0' if @ver == 0 && (@prog.length != 20 && @prog.length != 32)
+      raise 'Witness version and encoding spec do not match' if (@ver == 0 && spec != Bech32::Encoding::BECH32) || (@ver != 0 && spec != Bech32::Encoding::BECH32M)
+    end
+  end
+end