eth-patched 0.4.13

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b994220aa8aea4194135f3f075c54cbc24d15f979b402522c3dca6b65a01f560
+  data.tar.gz: a9ebf1c8297d3f20c12d5918a02cc97b3e692bcb55e21861f2855d10519b378d
+SHA512:
+  metadata.gz: 9da62998d79e7cff2ee2c892389c9689712f9cce65dc24fcb910dcf4004bef6a0d7cb098e304000875186ac8a34ef69fd515af9d79ed505fe0e753ad41065799
+  data.tar.gz: a082d4cb0f1c915531b9f6a227686ef1c534844ae97be2de034dd526d28a00c596d6a0343f9b0647b8b26e50495237cca8ed2d26da2411a6bee9479c205a7d6d

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+.ruby-version

data/.gitmodules

@@ -0,0 +1,3 @@
+[submodule "spec/fixtures/ethereum_tests"]
+	path = spec/fixtures/ethereum_tests
+	url = https://github.com/ethereum/tests

data/.rspec

@@ -0,0 +1,4 @@
+--require pry
+--require spec_helper
+--format documentation
+--color

data/.travis.yml

@@ -0,0 +1,10 @@
+sudo: false
+dist: xenial
+language: ruby
+rvm:
+  - 2.2.0
+  - 2.3.0
+  - 2.4.0
+  - 2.5.3
+  - 2.6.0
+before_install: gem install bundler -v 1.12.3

data/CHANGELOG.md

@@ -0,0 +1,102 @@
+# Change Log
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/)
+and this project adheres to [Semantic Versioning](http://semver.org/).
+
+### Unreleased
+
+## [0.4.13] "eth-patched"
+
+### Changed
+- Bump digest-sha3-patched-ruby-3 version for ruby 3 support
+
+## [0.4.12]
+
+### Changed
+- Bump rake version because of security vulnerability
+
+## [0.4.11]
+
+### Added
+- Support for recovering signatures with a V value below 27 (like from Ledger hardware wallets)
+
+## [0.4.10]
+
+### Changed
+- Use updated sha3 dependency
+- Improved OpenSSL support
+
+### Changed
+- Changed Eth::Configuration.default_chain_id back to .chain_id for dependent libraries.
+
+## [0.4.9]
+
+### Changed
+- [escoffon](https://github.com/escoffon) added support for chain IDs larger than 120.
+
+## [0.4.8]
+
+### Added
+- [@buhrmi](https://github.com/buhrmi) added Eth::Key#personal_sign.
+- [@buhrmi](https://github.com/buhrmi) added Eth::Key#personal_recover.
+
+## [0.4.7]
+
+### Changed
+- Updated MoneyTree dependency.
+
+## [0.4.6]
+
+### Added
+- Support scrypt private key decryption
+
+## [0.4.5]
+
+### Changed
+- Further improve Open SSL configurability
+
+## [0.4.4]
+
+### Changed
+- Support old versions of SSL to help avoid preious breaking changes
+
+## [0.4.3]
+
+### Added
+- Eth::Key::Encrypter class to handle encrypting keys.
+- Eth::Key.encrypt as a nice wrapper around Encrypter class.
+- Eth::Key::Decrypter class to handle encrypting keys.
+- Eth::Key.decrypt as a nice wrapper around Decrypter class.
+
+## [0.4.2]
+
+### Added
+- Address#valid? to validate EIP55 checksums.
+- Address#checksummed to generate EIP55 checksums.
+- Utils.valid_address? to easily validate EIP55 checksums.
+- Utils.format_address to easily convert an address to EIP55 checksummed.
+
+### Changed
+- Dependencies no longer include Ethereum::Base. Eth now implements those helpers directly and includes ffi, digest-sha3, and rlp directly.
+
+
+## [0.4.1]
+
+### Changed
+- Tx#hash includes the '0x' hex prefix.
+
+## [0.4.0]
+
+### Added
+- Tx#data_bin returns the data field of a transaction in binary.
+- Tx#data_hex returns the data field of a transaction as a hexadecimal string.
+- Tx#id is an alias of Tx#hash
+
+### Changed
+- Tx#data is configurable to return either hex or binary: `config.tx_data_hex = true`.
+- Tx#hex includes the '0x' hex prefix.
+- Key#address getter is prepended by '0x'.
+- Extract public key to address method into Utils.public_key_to_address.
+- Tx#from returns an address instead of a public key.
+- Chain ID is updated to the later version of the spec.

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ethereum-tx.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Steve Ellis
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,145 @@
+# Eth [![Travis-CI](https://travis-ci.org/se3000/ruby-eth.svg?branch=master)](https://travis-ci.org/se3000/ruby-eth) [![Code Climate](https://codeclimate.com/github/se3000/ruby-eth/badges/gpa.svg)](https://codeclimate.com/github/se3000/ruby-eth) [![Gitter](https://badges.gitter.im/ruby-eth/Lobby.svg)](https://gitter.im/ruby-eth/Lobby)
+
+A simple library to build and sign Ethereum transactions. Allows separation of key and node management. Sign transactions and handle keys anywhere you can run ruby, broadcast transactions through any node.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'eth'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install eth
+
+## Usage
+
+### Keys
+
+Create a new public/private key and get its address:
+
+```ruby
+key = Eth::Key.new
+key.private_hex
+key.public_hex
+key.address # EIP55 checksummed address
+```
+
+Import an existing key:
+
+```ruby
+old_key = Eth::Key.new priv: private_key
+```
+
+Or decrypt an [encrypted key](https://github.com/ethereum/wiki/wiki/Web3-Secret-Storage-Definition):
+
+```ruby
+decrypted_key = Eth::Key.decrypt File.read('./some/path.json'), 'p455w0rD'
+```
+
+You can also encrypt your keys for use with other ethereum libraries:
+
+```ruby
+encrypted_key_info = Eth::Key.encrypt key, 'p455w0rD'
+```
+
+### Transactions
+
+Build a transaction from scratch:
+
+```ruby
+tx = Eth::Tx.new({
+  data: hex_data,
+  gas_limit: 21_000,
+  gas_price: 3_141_592,
+  nonce: 1,
+  to: key2.address,
+  value: 1_000_000_000_000,
+})
+```
+
+Or decode an encoded raw transaction:
+
+```ruby
+tx = Eth::Tx.decode hex
+```
+
+Then sign the transaction:
+
+```ruby
+tx.sign key
+```
+
+Get the raw transaction with `tx.hex`, and broadcast it through any Ethereum node. Or, just get the TXID with `tx.hash`.
+
+### Utils
+
+Validate an [EIP55](https://github.com/ethereum/EIPs/issues/55) checksummed address:
+
+```ruby
+Eth::Utils.valid_address? address
+```
+
+Or add a checksum to an existing address:
+
+```ruby
+Eth::Utils.format_address "0x4bc787699093f11316e819b5692be04a712c4e69" # => "0x4bc787699093f11316e819B5692be04A712C4E69"
+```
+
+### Personal Signatures
+
+You can recover public keys and generate web3/metamask-compatible signatures:
+
+```ruby
+# Generate signature
+key.personal_sign('hello world')
+
+# Recover signature
+message = 'test'
+signature = '0x3eb24bd327df8c2b614c3f652ec86efe13aa721daf203820241c44861a26d37f2bffc6e03e68fc4c3d8d967054c9cb230ed34339b12ef89d512b42ae5bf8c2ae1c'
+Eth::Key.personal_recover(message, signature) # => 043e5b33f0080491e21f9f5f7566de59a08faabf53edbc3c32aaacc438552b25fdde531f8d1053ced090e9879cbf2b0d1c054e4b25941dab9254d2070f39418afc
+```
+
+### Configure
+
+In order to prevent replay attacks, you must specify which Ethereum chain your transactions are created for. See [EIP 155](https://github.com/ethereum/EIPs/issues/155) for more detail.
+
+```ruby
+Eth.configure do |config|
+  config.chain_id = 1 # nil by default, meaning valid on any chain
+end
+```
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/se3000/ethereum-tx. Tests are encouraged.
+
+### Tests
+
+First install the [Ethereum common tests](https://github.com/ethereum/tests):
+
+```shell
+git submodule update --init
+```
+
+Then run the associated tests:
+
+```shell
+rspec
+```
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+
+## TODO
+
+* Better test suite.
+* Expose API for HD keys.
+* Support signing with [libsecp256k1](https://github.com/bitcoin-core/secp256k1).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "eth"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+require "pry"
+Pry.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/eth.gemspec

@@ -0,0 +1,31 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'eth/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "eth-patched"
+  spec.version       = Eth::VERSION
+  spec.authors       = ["Steve Ellis", "Afri Schoedon"]
+  spec.email         = ["email@steveell.is", "gems@q9f.cc"]
+
+  spec.summary       = %q{Simple API to sign Ethereum transactions.}
+  spec.description   = %q{Library to build, parse, and sign Ethereum transactions.}
+  spec.homepage      = "https://github.com/q9f/ruby-eth"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'digest-sha3-patched-ruby-3', '~> 1.1'
+  spec.add_dependency 'ffi', '~> 1.0'
+  spec.add_dependency 'money-tree', '~> 0.10.0'
+  spec.add_dependency 'rlp', '~> 0.7.3'
+  spec.add_dependency 'scrypt', '~> 3.0.6'
+
+  spec.add_development_dependency 'pry', '~> 0.1'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+end

data/lib/eth/address.rb

@@ -0,0 +1,62 @@
+module Eth
+  class Address
+
+    def initialize(address)
+      @address = Utils.prefix_hex(address)
+    end
+
+    def valid?
+      if !matches_any_format?
+        false
+      elsif not_checksummed?
+        true
+      else
+        checksum_matches?
+      end
+    end
+
+    def checksummed
+      raise "Invalid address: #{address}" unless matches_any_format?
+
+      cased = unprefixed.chars.zip(checksum.chars).map do |char, check|
+        check.match(/[0-7]/) ? char.downcase : char.upcase
+      end
+
+      Utils.prefix_hex(cased.join)
+    end
+
+
+    private
+
+    attr_reader :address
+
+    def checksum_matches?
+      address == checksummed
+    end
+
+    def not_checksummed?
+      all_uppercase? || all_lowercase?
+    end
+
+    def all_uppercase?
+      address.match(/(?:0[xX])[A-F0-9]{40}/)
+    end
+
+    def all_lowercase?
+      address.match(/(?:0[xX])[a-f0-9]{40}/)
+    end
+
+    def matches_any_format?
+      address.match(/\A(?:0[xX])[a-fA-F0-9]{40}\z/)
+    end
+
+    def checksum
+      Utils.bin_to_hex(Utils.keccak256 unprefixed.downcase)
+    end
+
+    def unprefixed
+      Utils.remove_hex_prefix address
+    end
+
+  end
+end

data/lib/eth/gas.rb

@@ -0,0 +1,9 @@
+module Eth
+  class Gas
+
+    GTXCOST = 21000       # TX BASE GAS COST
+    GTXDATANONZERO = 68   # TX DATA NON ZERO BYTE GAS COST
+    GTXDATAZERO = 4       # TX DATA ZERO BYTE GAS COST
+
+  end
+end

data/lib/eth/key/decrypter.rb

@@ -0,0 +1,113 @@
+require 'json'
+require 'scrypt'
+
+class Eth::Key::Decrypter
+  include Eth::Utils
+
+  def self.perform(data, password)
+    new(data, password).perform
+  end
+
+  def initialize(data, password)
+    @data = JSON.parse(data)
+    @password = password
+  end
+
+  def perform
+    derive_key password
+    check_macs
+    bin_to_hex decrypted_data
+  end
+
+
+  private
+
+  attr_reader :data, :key, :password
+
+  def derive_key(password)
+    case kdf
+    when 'pbkdf2'
+      @key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, key_length, digest)
+    when 'scrypt'
+      # OpenSSL 1.1 inclues OpenSSL::KDF.scrypt, but it is not available usually, otherwise we could do: OpenSSL::KDF.scrypt(password, salt: salt, N: n, r: r, p: p, length: key_length)
+      @key = SCrypt::Engine.scrypt(password, salt, n, r, p, key_length)
+    else
+      raise "Unsupported key derivation function: #{kdf}!"
+    end
+  end
+
+  def check_macs
+    mac1 = keccak256(key[(key_length/2), key_length] + ciphertext)
+    mac2 = hex_to_bin crypto_data['mac']
+
+    if mac1 != mac2
+      raise "Message Authentications Codes do not match!"
+    end
+  end
+
+  def decrypted_data
+    @decrypted_data ||= cipher.update(ciphertext) + cipher.final
+  end
+
+  def crypto_data
+    @crypto_data ||= data['crypto'] || data['Crypto']
+  end
+
+  def ciphertext
+    hex_to_bin crypto_data['ciphertext']
+  end
+
+  def cipher_name
+    "aes-128-ctr"
+  end
+
+  def cipher
+    @cipher ||= OpenSSL::Cipher.new(cipher_name).tap do |cipher|
+      cipher.decrypt
+      cipher.key = key[0, (key_length/2)]
+      cipher.iv = iv
+    end
+  end
+
+  def iv
+    hex_to_bin crypto_data['cipherparams']['iv']
+  end
+
+  def salt
+    hex_to_bin crypto_data['kdfparams']['salt']
+  end
+
+  def iterations
+    crypto_data['kdfparams']['c'].to_i
+  end
+
+  def kdf
+    crypto_data['kdf']
+  end
+
+  def key_length
+    crypto_data['kdfparams']['dklen'].to_i
+  end
+
+  def n
+    crypto_data['kdfparams']['n'].to_i
+  end
+
+  def r
+    crypto_data['kdfparams']['r'].to_i
+  end
+
+  def p
+    crypto_data['kdfparams']['p'].to_i
+  end
+
+  def digest
+    OpenSSL::Digest.new digest_name
+  end
+
+  def digest_name
+    "sha256"
+  end
+  
+
+end

data/lib/eth/key/encrypter.rb

@@ -0,0 +1,128 @@
+require 'json'
+require 'securerandom'
+
+class Eth::Key::Encrypter
+  include Eth::Utils
+
+  def self.perform(key, password, options = {})
+    new(key, options).perform(password)
+  end
+
+  def initialize(key, options = {})
+    @key = key
+    @options = options
+  end
+
+  def perform(password)
+    derive_key password
+    encrypt
+
+    data.to_json
+  end
+
+  def data
+    {
+      crypto: {
+        cipher: cipher_name,
+        cipherparams: {
+          iv: bin_to_hex(iv),
+        },
+        ciphertext: bin_to_hex(encrypted_key),
+        kdf: "pbkdf2",
+        kdfparams: {
+          c: iterations,
+          dklen: 32,
+          prf: prf,
+          salt: bin_to_hex(salt),
+        },
+        mac: bin_to_hex(mac),
+      },
+      id: id,
+      version: 3,
+    }.tap do |data|
+      data[:address] = address unless options[:skip_address]
+    end
+  end
+
+  def id
+    @id ||= options[:id] || SecureRandom.uuid
+  end
+
+
+  private
+
+  attr_reader :derived_key, :encrypted_key, :key, :options
+
+  def cipher
+    @cipher ||= OpenSSL::Cipher.new(cipher_name).tap do |cipher|
+      cipher.encrypt
+      cipher.iv = iv
+      cipher.key = derived_key[0, (key_length/2)]
+    end
+  end
+
+  def digest
+    @digest ||= OpenSSL::Digest.new digest_name
+  end
+
+  def derive_key(password)
+    @derived_key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, key_length, digest)
+  end
+
+  def encrypt
+    @encrypted_key = cipher.update(hex_to_bin key) + cipher.final
+  end
+
+  def mac
+    keccak256(derived_key[(key_length/2), key_length] + encrypted_key)
+  end
+
+  def cipher_name
+    "aes-128-ctr"
+  end
+
+  def digest_name
+    "sha256"
+  end
+
+  def prf
+    "hmac-#{digest_name}"
+  end
+
+  def key_length
+    32
+  end
+
+  def salt_length
+    32
+  end
+
+  def iv_length
+    16
+  end
+
+  def iterations
+    options[:iterations] || 262_144
+  end
+
+  def salt
+    @salt ||= if options[:salt]
+      hex_to_bin options[:salt]
+    else
+      SecureRandom.random_bytes(salt_length)
+    end
+  end
+
+  def iv
+    @iv ||= if options[:iv]
+      hex_to_bin options[:iv]
+    else
+      SecureRandom.random_bytes(iv_length)
+    end
+  end
+
+  def address
+    Eth::Key.new(priv: key).address
+  end
+
+end