eth-patched 0.4.13

data/lib/eth/key.rb

@@ -0,0 +1,79 @@
+module Eth
+  class Key
+    autoload :Decrypter, 'eth/key/decrypter'
+    autoload :Encrypter, 'eth/key/encrypter'
+
+    attr_reader :private_key, :public_key
+
+    def self.encrypt(key, password)
+      key = new(priv: key) unless key.is_a?(Key)
+
+      Encrypter.perform key.private_hex, password
+    end
+
+    def self.decrypt(data, password)
+      priv = Decrypter.perform data, password
+      new priv: priv
+    end
+
+    def self.personal_recover(message, signature)
+      bin_signature = Utils.hex_to_bin(signature).bytes.rotate(-1).pack('c*')
+      OpenSsl.recover_compact(Utils.keccak256(Utils.prefix_message(message)), bin_signature)
+    end
+
+    def initialize(priv: nil)
+      @private_key = MoneyTree::PrivateKey.new key: priv
+      @public_key = MoneyTree::PublicKey.new private_key, compressed: false
+    end
+
+    def private_hex
+      private_key.to_hex
+    end
+
+    def public_bytes
+      public_key.to_bytes
+    end
+
+    def public_hex
+      public_key.to_hex
+    end
+
+    def address
+      Utils.public_key_to_address public_hex
+    end
+    alias_method :to_address, :address
+
+    def sign(message)
+      sign_hash message_hash(message)
+    end
+
+    def sign_hash(hash)
+      loop do
+        signature = OpenSsl.sign_compact hash, private_hex, public_hex
+        return signature if valid_s? signature
+      end
+    end
+
+    def verify_signature(message, signature)
+      hash = message_hash(message)
+      public_hex == OpenSsl.recover_compact(hash, signature)
+    end
+
+    def personal_sign(message)
+      Utils.bin_to_hex(sign(Utils.prefix_message(message)).bytes.rotate(1).pack('c*'))
+    end
+
+
+    private
+
+    def message_hash(message)
+      Utils.keccak256 message
+    end
+
+    def valid_s?(signature)
+      s_value = Utils.v_r_s_for(signature).last
+      s_value <= Secp256k1::N/2 && s_value != 0
+    end
+
+  end
+end

data/lib/eth/open_ssl.rb

@@ -0,0 +1,264 @@
+# originally lifted from https://github.com/lian/bitcoin-ruby
+# thanks to everyone there for figuring this out
+
+module Eth
+  class OpenSsl
+    extend FFI::Library
+
+    if FFI::Platform.windows?
+      ffi_lib 'libeay32', 'ssleay32'
+    else
+      ffi_lib [
+        'libssl.so.1.1.0', 'libssl.so.1.1',
+        'libssl.so.1.0.0', 'libssl.so.10',
+        'ssl'
+      ]
+    end
+
+    NID_secp256k1 = 714
+    POINT_CONVERSION_COMPRESSED = 2
+    POINT_CONVERSION_UNCOMPRESSED = 4
+
+    # OpenSSL 1.1.0 version as a numerical version value as defined in:
+    # https://www.openssl.org/docs/man1.1.0/man3/OpenSSL_version.html
+    VERSION_1_1_0_NUM = 0x10100000
+
+    # OpenSSL 1.1.0 engine constants, taken from:
+    # https://github.com/openssl/openssl/blob/2be8c56a39b0ec2ec5af6ceaf729df154d784a43/include/openssl/crypto.h
+    OPENSSL_INIT_ENGINE_RDRAND = 0x00000200
+    OPENSSL_INIT_ENGINE_DYNAMIC = 0x00000400
+    OPENSSL_INIT_ENGINE_CRYPTODEV = 0x00001000
+    OPENSSL_INIT_ENGINE_CAPI = 0x00002000
+    OPENSSL_INIT_ENGINE_PADLOCK = 0x00004000
+    OPENSSL_INIT_ENGINE_ALL_BUILTIN = (
+      OPENSSL_INIT_ENGINE_RDRAND |
+      OPENSSL_INIT_ENGINE_DYNAMIC |
+      OPENSSL_INIT_ENGINE_CRYPTODEV |
+      OPENSSL_INIT_ENGINE_CAPI |
+      OPENSSL_INIT_ENGINE_PADLOCK
+    )
+
+    # OpenSSL 1.1.0 load strings constant, taken from:
+    # https://github.com/openssl/openssl/blob/c162c126be342b8cd97996346598ecf7db56130f/include/openssl/ssl.h
+    OPENSSL_INIT_LOAD_SSL_STRINGS = 0x00200000
+
+    # This is the very first function we need to use to determine what version
+    # of OpenSSL we are interacting with.
+    begin
+      attach_function :OpenSSL_version_num, [], :ulong
+    rescue FFI::NotFoundError
+      attach_function :SSLeay, [], :long
+    end
+
+    # Returns the version of SSL present.
+    #
+    # @return [Integer] version number as an integer.
+    def self.version
+      if self.respond_to?(:OpenSSL_version_num)
+        OpenSSL_version_num()
+      else
+        SSLeay()
+      end
+    end
+
+    if version >= VERSION_1_1_0_NUM
+      # Initialization procedure for the library was changed in OpenSSL 1.1.0
+      attach_function :OPENSSL_init_ssl, [:uint64, :pointer], :int
+    else
+      attach_function :SSL_library_init, [], :int
+      attach_function :ERR_load_crypto_strings, [], :void
+      attach_function :SSL_load_error_strings, [], :void
+    end
+
+    attach_function :RAND_poll, [], :int
+    attach_function :BN_CTX_free, [:pointer], :int
+    attach_function :BN_CTX_new, [], :pointer
+    attach_function :BN_add, [:pointer, :pointer, :pointer], :int
+    attach_function :BN_bin2bn, [:pointer, :int, :pointer], :pointer
+    attach_function :BN_bn2bin, [:pointer, :pointer], :int
+    attach_function :BN_cmp, [:pointer, :pointer], :int
+    attach_function :BN_dup, [:pointer], :pointer
+    attach_function :BN_free, [:pointer], :int
+    attach_function :BN_mod_inverse, [:pointer, :pointer, :pointer, :pointer], :pointer
+    attach_function :BN_mod_mul, [:pointer, :pointer, :pointer, :pointer, :pointer], :int
+    attach_function :BN_mod_sub, [:pointer, :pointer, :pointer, :pointer, :pointer], :int
+    attach_function :BN_mul_word, [:pointer, :int], :int
+    attach_function :BN_new, [], :pointer
+    attach_function :BN_num_bits, [:pointer], :int
+    attach_function :BN_rshift, [:pointer, :pointer, :int], :int
+    attach_function :BN_set_word, [:pointer, :int], :int
+    attach_function :ECDSA_SIG_free, [:pointer], :void
+    attach_function :ECDSA_do_sign, [:pointer, :uint, :pointer], :pointer
+    attach_function :EC_GROUP_get_curve_GFp, [:pointer, :pointer, :pointer, :pointer, :pointer], :int
+    attach_function :EC_GROUP_get_degree, [:pointer], :int
+    attach_function :EC_GROUP_get_order, [:pointer, :pointer, :pointer], :int
+    attach_function :EC_KEY_free, [:pointer], :int
+    attach_function :EC_KEY_get0_group, [:pointer], :pointer
+    attach_function :EC_KEY_new_by_curve_name, [:int], :pointer
+    attach_function :EC_KEY_set_conv_form, [:pointer, :int], :void
+    attach_function :EC_KEY_set_private_key, [:pointer, :pointer], :int
+    attach_function :EC_KEY_set_public_key,  [:pointer, :pointer], :int
+    attach_function :EC_POINT_free, [:pointer], :int
+    attach_function :EC_POINT_mul, [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer], :int
+    attach_function :EC_POINT_new, [:pointer], :pointer
+    attach_function :EC_POINT_set_compressed_coordinates_GFp, [:pointer, :pointer, :pointer, :int, :pointer], :int
+    attach_function :i2o_ECPublicKey, [:pointer, :pointer], :uint
+
+    class << self
+      def BN_num_bytes(ptr)
+        (BN_num_bits(ptr) + 7) / 8
+      end
+
+      def sign_compact(hash, private_key, public_key_hex)
+        private_key = [private_key].pack("H*") if private_key.bytesize >= 64
+        pubkey_compressed = false
+
+        init_ffi_ssl
+        eckey = EC_KEY_new_by_curve_name(NID_secp256k1)
+        priv_key = BN_bin2bn(private_key, private_key.bytesize, BN_new())
+
+        group, order, ctx = EC_KEY_get0_group(eckey), BN_new(), BN_CTX_new()
+        EC_GROUP_get_order(group, order, ctx)
+
+        pub_key = EC_POINT_new(group)
+        EC_POINT_mul(group, pub_key, priv_key, nil, nil, ctx)
+        EC_KEY_set_private_key(eckey, priv_key)
+        EC_KEY_set_public_key(eckey, pub_key)
+
+        signature = ECDSA_do_sign(hash, hash.bytesize, eckey)
+
+        BN_free(order)
+        BN_CTX_free(ctx)
+        EC_POINT_free(pub_key)
+        BN_free(priv_key)
+        EC_KEY_free(eckey)
+
+        buf, rec_id, head = FFI::MemoryPointer.new(:uint8, 32), nil, nil
+        r, s = signature.get_array_of_pointer(0, 2).map{|i| BN_bn2bin(i, buf); buf.read_string(BN_num_bytes(i)).rjust(32, "\x00") }
+
+        if signature.get_array_of_pointer(0, 2).all?{|i| BN_num_bits(i) <= 256 }
+          4.times{|i|
+            head = [ Eth.v_base + i ].pack("C")
+            if public_key_hex == recover_public_key_from_signature(hash, [head, r, s].join, i, pubkey_compressed)
+              rec_id = i; break
+            end
+          }
+        end
+
+        ECDSA_SIG_free(signature)
+
+        [ head, [r,s] ].join if rec_id
+      end
+
+      def recover_public_key_from_signature(message_hash, signature, rec_id, is_compressed)
+        return nil if rec_id < 0 or signature.bytesize != 65
+        init_ffi_ssl
+
+        signature = FFI::MemoryPointer.from_string(signature)
+        r = BN_bin2bn(signature[1], 32, BN_new())
+        s = BN_bin2bn(signature[33], 32, BN_new())
+
+        _n, i = 0, rec_id / 2
+        eckey = EC_KEY_new_by_curve_name(NID_secp256k1)
+
+        EC_KEY_set_conv_form(eckey, POINT_CONVERSION_COMPRESSED) if is_compressed
+
+        group = EC_KEY_get0_group(eckey)
+        order = BN_new()
+        EC_GROUP_get_order(group, order, nil)
+        x = BN_dup(order)
+        BN_mul_word(x, i)
+        BN_add(x, x, r)
+
+        field = BN_new()
+        EC_GROUP_get_curve_GFp(group, field, nil, nil, nil)
+
+        if BN_cmp(x, field) >= 0
+          bn_free_each r, s, order, x, field
+          EC_KEY_free(eckey)
+          return nil
+        end
+
+        big_r = EC_POINT_new(group)
+        EC_POINT_set_compressed_coordinates_GFp(group, big_r, x, rec_id % 2, nil)
+
+        big_q = EC_POINT_new(group)
+        n = EC_GROUP_get_degree(group)
+        e = BN_bin2bn(message_hash, message_hash.bytesize, BN_new())
+        BN_rshift(e, e, 8 - (n & 7)) if 8 * message_hash.bytesize > n
+
+        ctx = BN_CTX_new()
+        zero, rr, sor, eor = BN_new(), BN_new(), BN_new(), BN_new()
+        BN_set_word(zero, 0)
+        BN_mod_sub(e, zero, e, order, ctx)
+        BN_mod_inverse(rr, r, order, ctx)
+        BN_mod_mul(sor, s, rr, order, ctx)
+        BN_mod_mul(eor, e, rr, order, ctx)
+        EC_POINT_mul(group, big_q, eor, big_r, sor, ctx)
+        EC_KEY_set_public_key(eckey, big_q)
+        BN_CTX_free(ctx)
+
+        bn_free_each r, s, order, x, field, e, zero, rr, sor, eor
+        [big_r, big_q].each{|j| EC_POINT_free(j) }
+
+        recover_public_hex eckey
+      end
+
+      def recover_compact(hash, signature)
+        return false if signature.bytesize != 65
+
+        version = signature.unpack('C')[0]
+
+        # Version of signature should be 27 or 28, but 0 and 1 are also possible versions
+        # which can show up in Ledger hardwallet signings
+        if version < 27
+          version += 27
+        end
+
+        v_base = Eth.replayable_v?(version) ? Eth.replayable_chain_id : Eth.v_base
+
+        return false if version < v_base
+
+        recover_public_key_from_signature(hash, signature, (version - v_base), false)
+      end
+
+      def init_ffi_ssl
+        return if @ssl_loaded
+        if version >= VERSION_1_1_0_NUM
+          OPENSSL_init_ssl(
+            OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_ENGINE_ALL_BUILTIN,
+            nil
+          )
+        else
+          SSL_library_init()
+          ERR_load_crypto_strings()
+          SSL_load_error_strings()
+        end
+
+        RAND_poll()
+        @ssl_loaded = true
+      end
+
+
+      private
+
+      def bn_free_each(*list)
+        list.each{|j| BN_free(j) }
+      end
+
+      def recover_public_hex(eckey)
+        length = i2o_ECPublicKey(eckey, nil)
+        buf = FFI::MemoryPointer.new(:uint8, length)
+        ptr = FFI::MemoryPointer.new(:pointer).put_pointer(0, buf)
+        pub_hex = if i2o_ECPublicKey(eckey, ptr) == length
+          buf.read_string(length).unpack("H*")[0]
+        end
+
+        EC_KEY_free(eckey)
+
+        pub_hex
+      end
+    end
+
+  end
+end

data/lib/eth/secp256k1.rb

@@ -0,0 +1,7 @@
+module Eth
+  class Secp256k1
+
+    N = 115792089237316195423570985008687907852837564279074904382605163141518161494337
+
+  end
+end

data/lib/eth/sedes.rb

@@ -0,0 +1,40 @@
+module Eth
+  module Sedes
+    include RLP::Sedes
+
+    extend self
+
+    def address
+      Binary.fixed_length(20, allow_empty: true)
+    end
+
+    def int20
+      BigEndianInt.new(20)
+    end
+
+    def int32
+      BigEndianInt.new(32)
+    end
+
+    def int256
+      BigEndianInt.new(256)
+    end
+
+    def hash32
+      Binary.fixed_length(32)
+    end
+
+    def trie_root
+      Binary.fixed_length(32, allow_empty: true)
+    end
+
+    def big_endian_int
+      RLP::Sedes.big_endian_int
+    end
+
+    def binary
+      RLP::Sedes.binary
+    end
+
+  end
+end

data/lib/eth/tx.rb

@@ -0,0 +1,197 @@
+module Eth
+  class Tx
+
+    include RLP::Sedes::Serializable
+    extend Sedes
+
+    set_serializable_fields({
+      nonce: big_endian_int,
+      gas_price: big_endian_int,
+      gas_limit: big_endian_int,
+      to: address,
+      value: big_endian_int,
+      data_bin: binary,
+      v: big_endian_int,
+      r: big_endian_int,
+      s: big_endian_int
+    })
+
+    attr_writer :signature
+
+    def self.decode(data)
+      data = Utils.hex_to_bin(data) if data.match(/\A(?:0x)?\h+\Z/)
+      txh = deserialize(RLP.decode data).to_h
+
+      txh[:chain_id] = Eth.chain_id_from_signature(txh)
+
+      self.new txh
+    end
+
+    def initialize(params)
+      fields = {v: 0, r: 0, s: 0}.merge params
+      fields[:to] = Utils.normalize_address(fields[:to])
+
+      self.chain_id = (params[:chain_id]) ? params.delete(:chain_id) : Eth.chain_id
+
+      if params[:data]
+        self.data = params.delete(:data)
+        fields[:data_bin] = data_bin
+      end
+      serializable_initialize fields
+
+      check_transaction_validity
+    end
+
+    def unsigned_encoded
+      us = unsigned
+      RLP.encode(us, sedes: us.sedes)
+    end
+
+    def signing_data
+      Utils.bin_to_prefixed_hex unsigned_encoded
+    end
+
+    def encoded
+      RLP.encode self
+    end
+
+    def hex
+      Utils.bin_to_prefixed_hex encoded
+    end
+
+    def sign(key)
+      sig = key.sign(unsigned_encoded)
+      vrs = Utils.v_r_s_for sig
+      self.v = (self.chain_id) ? ((self.chain_id * 2) + vrs[0] + 8) : vrs[0]
+      self.r = vrs[1]
+      self.s = vrs[2]
+
+      clear_signature
+      self
+    end
+
+    def to_h
+      hash_keys.inject({}) do |hash, field|
+        hash[field] = send field
+        hash
+      end
+    end
+
+    def from
+      if ecdsa_signature
+        public_key = OpenSsl.recover_compact(signature_hash, ecdsa_signature)
+        Utils.public_key_to_address(public_key) if public_key
+      end
+    end
+
+    def signature
+      return @signature if @signature
+      @signature = { v: v, r: r, s: s } if [v, r, s].all? && (v > 0)
+    end
+
+    def ecdsa_signature
+      return @ecdsa_signature if @ecdsa_signature
+
+      if [v, r, s].all? && (v > 0)
+        s_v = (self.chain_id) ? (v - (self.chain_id * 2) - 8) : v
+        @ecdsa_signature = [
+          Utils.int_to_base256(s_v),
+          Utils.zpad_int(r),
+          Utils.zpad_int(s),
+        ].join
+      end
+    end
+
+    def hash
+      "0x#{Utils.bin_to_hex Utils.keccak256_rlp(self)}"
+    end
+    alias_method :id, :hash
+
+    def data_hex
+      Utils.bin_to_prefixed_hex data_bin
+    end
+
+    def data_hex=(hex)
+      self.data_bin = Utils.hex_to_bin(hex)
+    end
+
+    def data
+      Eth.tx_data_hex? ? data_hex : data_bin
+    end
+
+    def data=(string)
+      Eth.tx_data_hex? ? self.data_hex=(string) : self.data_bin=(string)
+    end
+
+    def chain_id
+      @chain_id
+    end
+
+    def chain_id=(cid)
+      if cid != @chain_id
+        self.v = 0
+        self.r = 0
+        self.s = 0
+
+        clear_signature
+      end
+
+      @chain_id = (cid == 0) ? nil : cid
+    end
+
+    def prevent_replays?
+      !self.chain_id.nil?
+    end
+
+    private
+
+    def clear_signature
+      @signature = nil
+      @ecdsa_signature = nil
+    end
+
+    def hash_keys
+      keys = self.class.serializable_fields.keys
+      keys.delete(:data_bin)
+      keys + [:data, :chain_id]
+    end
+
+    def check_transaction_validity
+      if [gas_price, gas_limit, value, nonce].max > UINT_MAX
+        raise InvalidTransaction, "Values way too high!"
+      elsif gas_limit < intrinsic_gas_used
+        raise InvalidTransaction, "Gas limit too low"
+      end
+    end
+
+    def intrinsic_gas_used
+      num_zero_bytes = data_bin.count(BYTE_ZERO)
+      num_non_zero_bytes = data_bin.size - num_zero_bytes
+
+      Gas::GTXCOST +
+        Gas::GTXDATAZERO * num_zero_bytes +
+        Gas::GTXDATANONZERO * num_non_zero_bytes
+    end
+
+    def signature_hash
+      Utils.keccak256 unsigned_encoded
+    end
+
+    def unsigned
+      Tx.new to_h.merge(v: (self.chain_id) ? self.chain_id : 0, r: 0, s: 0)
+    end
+
+    protected
+
+    def sedes
+      if self.prevent_replays? && !(Eth.replayable_v? v)
+        self.class
+      else
+        UnsignedTx
+      end
+    end
+
+  end
+
+  UnsignedTx = Tx.exclude([:v, :r, :s])
+end

data/lib/eth/utils.rb

@@ -0,0 +1,130 @@
+module Eth
+  module Utils
+
+    extend self
+
+    def normalize_address(address)
+      if address.nil? || address == ''
+        ''
+      elsif address.size == 40
+        hex_to_bin address
+      elsif address.size == 42 && address[0..1] == '0x'
+        hex_to_bin address[2..-1]
+      else
+        address
+      end
+    end
+
+    def bin_to_hex(string)
+      RLP::Utils.encode_hex string
+    end
+
+    def hex_to_bin(string)
+      RLP::Utils.decode_hex remove_hex_prefix(string)
+    end
+
+    def base256_to_int(str)
+      RLP::Sedes.big_endian_int.deserialize str.sub(/\A(\x00)+/, '')
+    end
+
+    def int_to_base256(int)
+      RLP::Sedes.big_endian_int.serialize int
+    end
+
+    def v_r_s_for(signature)
+      [
+        signature[0].bytes[0],
+        Utils.base256_to_int(signature[1..32]),
+        Utils.base256_to_int(signature[33..65]),
+      ]
+    end
+
+    def prefix_hex(hex)
+      hex.match(/\A0x/) ? hex : "0x#{hex}"
+    end
+
+    def remove_hex_prefix(s)
+      s[0,2] == '0x' ? s[2..-1] : s
+    end
+
+    def bin_to_prefixed_hex(binary)
+      prefix_hex bin_to_hex(binary)
+    end
+
+    def prefix_message(message)
+      "\x19Ethereum Signed Message:\n#{message.length}#{message}"
+    end
+
+    def public_key_to_address(hex)
+      bytes = hex_to_bin(hex)
+      address_bytes = Utils.keccak256(bytes[1..-1])[-20..-1]
+      format_address bin_to_prefixed_hex(address_bytes)
+    end
+
+    def sha256(x)
+      Digest::SHA256.digest x
+    end
+
+    def keccak256(x)
+      Digest::SHA3.new(256).digest(x)
+    end
+
+    def keccak512(x)
+      Digest::SHA3.new(512).digest(x)
+    end
+
+    def keccak256_rlp(x)
+      keccak256 RLP.encode(x)
+    end
+
+    def ripemd160(x)
+      Digest::RMD160.digest x
+    end
+
+    def hash160(x)
+      ripemd160 sha256(x)
+    end
+
+    def zpad(x, l)
+      lpad x, BYTE_ZERO, l
+    end
+
+    def zunpad(x)
+      x.sub(/\A\x00+/, '')
+    end
+
+    def zpad_int(n, l=32)
+      zpad encode_int(n), l
+    end
+
+    def zpad_hex(s, l=32)
+      zpad decode_hex(s), l
+    end
+
+    def valid_address?(address)
+      Address.new(address).valid?
+    end
+
+    def format_address(address)
+      Address.new(address).checksummed
+    end
+
+
+
+    private
+
+    def lpad(x, symbol, l)
+      return x if x.size >= l
+      symbol * (l - x.size) + x
+    end
+
+    def encode_int(n)
+      unless n.is_a?(Integer) && n >= 0 && n <= UINT_MAX
+        raise ArgumentError, "Integer invalid or out of range: #{n}"
+      end
+
+      int_to_base256 n
+    end
+
+  end
+end