money-tree-extended 0.11.0

data/lib/money-tree/key.rb

@@ -0,0 +1,265 @@
+# encoding ascii-8bit
+
+require 'openssl'
+
+module MoneyTree
+  class Key
+    include OpenSSL
+    include Support
+    extend Support
+    class KeyInvalid < StandardError; end
+    class KeyGenerationFailure < StandardError; end
+    class KeyImportFailure < StandardError; end
+    class KeyFormatNotFound < StandardError; end
+    class InvalidWIFFormat < StandardError; end
+    class InvalidBase64Format < StandardError; end
+
+    attr_reader :options, :key, :raw_key
+    attr_accessor :ec_key
+
+    GROUP_NAME = 'secp256k1'
+    ORDER = "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141".to_i(16)
+
+    def valid?(eckey = nil)
+      eckey ||= ec_key
+      eckey.nil? ? false : eckey.check_key
+    end
+
+    def to_bytes
+      hex_to_bytes to_hex
+    end
+
+    def to_i
+      bytes_to_int to_bytes
+    end
+  end
+
+  class PrivateKey < Key
+
+    def initialize(opts = {})
+      @options = opts
+      @ec_key = PKey::EC.new GROUP_NAME
+      if @options[:key]
+        @raw_key = @options[:key]
+        @key = parse_raw_key
+        import
+      else
+        generate
+        @key = to_hex
+      end
+    end
+
+    def generate
+      ec_key.generate_key
+    end
+
+    def import
+      ec_key.private_key = BN.new(key, 16)
+      set_public_key
+    end
+
+    def calculate_public_key(opts = {})
+      opts[:compressed] = true unless opts[:compressed] == false
+      group = ec_key.group
+      group.point_conversion_form = opts[:compressed] ? :compressed : :uncompressed
+      point = group.generator.mul ec_key.private_key
+    end
+
+    def set_public_key(opts = {})
+      ec_key.public_key = calculate_public_key(opts)
+    end
+
+    def parse_raw_key
+      result = if raw_key.is_a?(Integer) then from_integer
+      elsif hex_format? then from_hex
+      elsif base64_format? then from_base64
+      elsif compressed_wif_format? then from_wif
+      elsif uncompressed_wif_format? then from_wif
+      else
+        raise KeyFormatNotFound
+      end
+      result.downcase
+    end
+
+    def from_integer(bignum = raw_key)
+      # TODO: does this need a byte size specification?
+      int_to_hex(bignum)
+    end
+
+    def from_hex(hex = raw_key)
+      hex
+    end
+
+    def from_wif(wif = raw_key)
+      compressed = wif.length == 52
+      validate_wif(wif)
+      hex = decode_base58(wif)
+      last_char = compressed ? -11 : -9
+      hex.slice(2..last_char)
+    end
+
+    def from_base64(base64_key = raw_key)
+      raise InvalidBase64Format unless base64_format?(base64_key)
+      decode_base64(base64_key)
+    end
+
+    def compressed_wif_format?
+      wif_format?(:compressed)
+    end
+
+    def uncompressed_wif_format?
+      wif_format?(:uncompressed)
+    end
+
+    def wif_format?(compression)
+      length = compression == :compressed ? 52 : 51
+      wif_prefixes = MoneyTree::NETWORKS.map {|k, v| v["#{compression}_wif_chars".to_sym]}.flatten
+      raw_key.length == length && wif_prefixes.include?(raw_key.slice(0))
+    end
+
+    def base64_format?(base64_key = raw_key)
+      base64_key.length == 44 && base64_key =~ /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/
+    end
+
+    def hex_format?
+      raw_key.length == 64 && !raw_key[/\H/]
+    end
+
+    def to_hex
+      int_to_hex @ec_key.private_key, 64
+    end
+
+    def to_wif(compressed: true, network: :bitcoin)
+      source = NETWORKS[network][:privkey_version] + to_hex
+      source += NETWORKS[network][:privkey_compression_flag] if compressed
+      hash = sha256(source)
+      hash = sha256(hash)
+      checksum = hash.slice(0..7)
+      source_with_checksum = source + checksum
+      encode_base58(source_with_checksum)
+    end
+
+    def wif_valid?(wif)
+      hex = decode_base58(wif)
+      checksum = hex.chars.to_a.pop(8).join
+      source = hex.slice(0..-9)
+      hash = sha256(source)
+      hash = sha256(hash)
+      hash_checksum = hash.slice(0..7)
+      checksum == hash_checksum
+    end
+
+    def validate_wif(wif)
+      raise InvalidWIFFormat unless wif_valid?(wif)
+    end
+
+    def to_base64
+      encode_base64(to_hex)
+    end
+
+    def to_s(network: :bitcoin)
+      to_wif(network: network)
+    end
+
+  end
+
+  class PublicKey < Key
+    attr_reader :private_key, :point, :group, :key_int
+
+    def initialize(p_key, opts = {})
+      @options = opts
+      @options[:compressed] = true if @options[:compressed].nil?
+      if p_key.is_a?(PrivateKey)
+        @private_key = p_key
+        @point = @private_key.calculate_public_key(@options)
+        @group = @point.group
+        @key = @raw_key = to_hex
+      else
+        @raw_key = p_key
+        @group = PKey::EC::Group.new GROUP_NAME
+        @key = parse_raw_key
+      end
+
+      raise ArgumentError, "Must initialize with a MoneyTree::PrivateKey or a public key value" if @key.nil?
+    end
+
+    def compression
+      @group.point_conversion_form
+    end
+
+    def compression=(compression_type = :compressed)
+      @group.point_conversion_form = compression_type
+    end
+
+    def compressed
+      compressed_key = self.class.new raw_key, options # deep clone
+      compressed_key.set_point to_i, compressed: true
+      compressed_key
+    end
+
+    def uncompressed
+      uncompressed_key = self.class.new raw_key, options # deep clone
+      uncompressed_key.set_point to_i, compressed: false
+      uncompressed_key
+    end
+
+    def set_point(int = to_i, opts = {})
+      opts = options.merge(opts)
+      opts[:compressed] = true if opts[:compressed].nil?
+      self.compression = opts[:compressed] ? :compressed : :uncompressed
+      bn = BN.new int_to_hex(int), 16
+      @point = PKey::EC::Point.new group, bn
+      raise KeyInvalid, 'point is not on the curve' unless @point.on_curve?
+    end
+
+    def parse_raw_key
+      result = if raw_key.is_a?(Integer)
+        set_point raw_key
+      elsif hex_format?
+        set_point hex_to_int(raw_key), compressed: false
+      elsif compressed_hex_format?
+        set_point hex_to_int(raw_key), compressed: true
+      else
+        raise KeyFormatNotFound
+      end
+      to_hex
+    end
+
+    def hex_format?
+      raw_key.length == 130 && !raw_key[/\H/]
+    end
+
+    def compressed_hex_format?
+      raw_key.length == 66 && !raw_key[/\H/]
+    end
+
+    def to_hex
+      int_to_hex to_i, 66
+    end
+
+    def to_i
+      point.to_bn.to_i
+    end
+
+    def to_ripemd160
+      hash = sha256 to_hex
+      ripemd160 hash
+    end
+
+    def to_address(network: :bitcoin)
+      hash = to_ripemd160
+      address = NETWORKS[network][:address_version] + hash
+      to_serialized_base58 address
+    end
+    alias :to_s :to_address
+
+    def to_fingerprint
+      hash = to_ripemd160
+      hash.slice(0..7)
+    end
+
+    def to_bytes
+      int_to_bytes to_i
+    end
+  end
+end

data/lib/money-tree/networks.rb

@@ -0,0 +1,71 @@
+module MoneyTree
+  NETWORKS =
+    begin
+      hsh = Hash.new do |_, key|
+        raise "#{key} is not a valid network!"
+      end.merge(
+        bitcoin: {
+          address_version: '00',
+          p2sh_version: '05',
+          p2sh_char: '3',
+          privkey_version: '80',
+          privkey_compression_flag: '01',
+          extended_privkey_version: "0488ade4",
+          extended_pubkey_version: "0488b21e",
+          compressed_wif_chars: %w(K L),
+          uncompressed_wif_chars: %w(5),
+          protocol_version: 70001
+        },
+        bitcoin_testnet: {
+          address_version: '6f',
+          p2sh_version: 'c4',
+          p2sh_char: '2',
+          privkey_version: 'ef',
+          privkey_compression_flag: '01',
+          extended_privkey_version: "04358394",
+          extended_pubkey_version: "043587cf",
+          compressed_wif_chars: %w(c),
+          uncompressed_wif_chars: %w(9),
+          protocol_version: 70001
+        },
+        zcoin: {
+          address_version: '6f',
+          p2sh_version: 'c4',
+          p2sh_char: 'a',
+          privkey_version: 'ef',
+          privkey_compression_flag: '01',
+          extended_privkey_version: "04358394",
+          extended_pubkey_version: "043587cf",
+          compressed_wif_chars: %w(K L),
+          uncompressed_wif_chars: %w(5),
+          protocol_version: 70001
+        },
+        litecoin: {
+          address_version: '30',
+          p2sh_version: '32',
+          p2sh_char: 'L',
+          privkey_version: '80',
+          privkey_compression_flag: '01',
+          extended_privkey_version: "0488ade4",
+          extended_pubkey_version: "0488b21e",
+          compressed_wif_chars: %w(K L),
+          uncompressed_wif_chars: %w(5),
+          protocol_version: 70001
+        },
+        bitcoin_cash: {
+          address_version: '00',
+          p2sh_version: '05',
+          p2sh_char: '3',
+          privkey_version: '80',
+          privkey_compression_flag: '01',
+          extended_privkey_version: "0488ade4",
+          extended_pubkey_version: "0488b21e",
+          compressed_wif_chars: %w(K L),
+          uncompressed_wif_chars: %w(5),
+          protocol_version: 70001
+        }
+      )
+      hsh[:testnet3] = hsh[:bitcoin_testnet]
+      hsh
+    end
+end

data/lib/money-tree/node.rb

@@ -0,0 +1,297 @@
+module MoneyTree
+  class Node
+    include Support
+    extend Support
+    attr_reader :private_key, :public_key, :chain_code,
+      :is_private, :depth, :index, :parent
+
+    class PublicDerivationFailure < StandardError; end
+    class InvalidKeyForIndex < StandardError; end
+    class ImportError < StandardError; end
+    class PrivatePublicMismatch < StandardError; end
+
+    def initialize(opts = {})
+      opts.each { |k, v| instance_variable_set "@#{k}", v }
+    end
+
+    def self.from_bip32(address, has_version: true)
+      hex = from_serialized_base58 address
+      hex.slice!(0..7) if has_version
+      self.new({
+        depth: hex.slice!(0..1).to_i(16),
+        parent_fingerprint: hex.slice!(0..7),
+        index: hex.slice!(0..7).to_i(16),
+        chain_code: hex.slice!(0..63).to_i(16)
+      }.merge(parse_out_key(hex)))
+    end
+
+    def self.from_serialized_address(address)
+      puts 'Node.from_serialized_address is DEPRECATED. Please use .from_bip32 instead.'
+      from_bip32(address)
+    end
+
+    def self.parse_out_key(hex)
+      if hex.slice(0..1) == '00'
+        private_key = MoneyTree::PrivateKey.new(key: hex.slice(2..-1))
+        {
+          private_key: private_key,
+          public_key: MoneyTree::PublicKey.new(private_key)
+        }
+      elsif %w(02 03).include? hex.slice(0..1)
+        { public_key: MoneyTree::PublicKey.new(hex) }
+      else
+        raise ImportError, 'Public or private key data does not match version type'
+      end
+    end
+
+    def is_private?
+      index >= 0x80000000 || index < 0
+    end
+
+    def index_hex(i = index)
+      if i < 0
+        [i].pack('l>').unpack('H*').first
+      else
+        i.to_s(16).rjust(8, "0")
+      end
+    end
+
+    def depth_hex(depth)
+      depth.to_s(16).rjust(2, "0")
+    end
+
+    def private_derivation_message(i)
+      "\x00" + private_key.to_bytes + i_as_bytes(i)
+    end
+
+    def public_derivation_message(i)
+      public_key.to_bytes << i_as_bytes(i)
+    end
+
+    def i_as_bytes(i)
+      [i].pack('N')
+    end
+
+    def derive_private_key(i = 0)
+      message = i >= 0x80000000 || i < 0 ? private_derivation_message(i) : public_derivation_message(i)
+      hash = hmac_sha512 hex_to_bytes(chain_code_hex), message
+      left_int = left_from_hash(hash)
+      raise InvalidKeyForIndex, 'greater than or equal to order' if left_int >= MoneyTree::Key::ORDER # very low probability
+      child_private_key = (left_int + private_key.to_i) % MoneyTree::Key::ORDER
+      raise InvalidKeyForIndex, 'equal to zero' if child_private_key == 0 # very low probability
+      child_chain_code = right_from_hash(hash)
+      return child_private_key, child_chain_code
+    end
+
+    def derive_public_key(i = 0)
+      raise PrivatePublicMismatch if i >= 0x80000000
+      message = public_derivation_message(i)
+      hash = hmac_sha512 hex_to_bytes(chain_code_hex), message
+      left_int = left_from_hash(hash)
+      raise InvalidKeyForIndex, 'greater than or equal to order' if left_int >= MoneyTree::Key::ORDER # very low probability
+      factor = BN.new left_int.to_s
+      child_public_key = public_key.uncompressed.group.generator.mul(factor).add(public_key.uncompressed.point).to_bn.to_i
+      raise InvalidKeyForIndex, 'at infinity' if child_public_key == 1/0.0 # very low probability
+      child_chain_code = right_from_hash(hash)
+      return child_public_key, child_chain_code
+    end
+
+    def left_from_hash(hash)
+      bytes_to_int hash.bytes.to_a[0..31]
+    end
+
+    def right_from_hash(hash)
+      bytes_to_int hash.bytes.to_a[32..-1]
+    end
+
+    def to_serialized_hex(type = :public, network: :bitcoin)
+      raise PrivatePublicMismatch if type.to_sym == :private && private_key.nil?
+      version_key = type.to_sym == :private ? :extended_privkey_version : :extended_pubkey_version
+      hex = NETWORKS[network][version_key] # version (4 bytes)
+      hex += depth_hex(depth) # depth (1 byte)
+      hex += parent_fingerprint # fingerprint of key (4 bytes)
+      hex += index_hex(index) # child number i (4 bytes)
+      hex += chain_code_hex
+      hex += type.to_sym == :private ? "00#{private_key.to_hex}" : public_key.compressed.to_hex
+    end
+
+    def to_bip32(type = :public, network: :bitcoin)
+      raise PrivatePublicMismatch if type.to_sym == :private && private_key.nil?
+      to_serialized_base58 to_serialized_hex(type, network: network)
+    end
+
+    def to_serialized_address(type = :public, network: :bitcoin)
+      puts 'Node.to_serialized_address is DEPRECATED. Please use .to_bip32.'
+      to_bip32(type, network: network)
+    end
+
+    def to_identifier(compressed=true)
+      key = compressed ? public_key.compressed : public_key.uncompressed
+      key.to_ripemd160
+    end
+
+    def to_fingerprint
+      public_key.compressed.to_fingerprint
+    end
+
+    def parent_fingerprint
+      if @parent_fingerprint
+        @parent_fingerprint
+      else
+        depth.zero? ? '00000000' : parent.to_fingerprint
+      end
+    end
+
+    def to_address(compressed=true, network: :bitcoin)
+      address = NETWORKS[network][:address_version] + to_identifier(compressed)
+      to_serialized_base58 address
+    end
+
+    def subnode(i = 0, opts = {})
+      if private_key.nil?
+        child_public_key, child_chain_code = derive_public_key(i)
+        child_public_key = MoneyTree::PublicKey.new child_public_key
+      else
+        child_private_key, child_chain_code = derive_private_key(i)
+        child_private_key = MoneyTree::PrivateKey.new key: child_private_key
+        child_public_key = MoneyTree::PublicKey.new child_private_key
+      end
+
+      MoneyTree::Node.new( depth: depth+1,
+                          index: i,
+                          private_key: private_key.nil? ? nil : child_private_key,
+                          public_key: child_public_key,
+                          chain_code: child_chain_code,
+                          parent: self)
+    end
+
+    # path: a path of subkeys denoted by numbers and slashes. Use
+    #     p or i<0 for private key derivation. End with .pub to force
+    #     the key public.
+    #
+    # Examples:
+    #     1p/-5/2/1 would call subkey(i=1, is_prime=True).subkey(i=-5).
+    #         subkey(i=2).subkey(i=1) and then yield the private key
+    #     0/0/458.pub would call subkey(i=0).subkey(i=0).subkey(i=458) and
+    #         then yield the public key
+    #
+    # You should choose either the p or the negative number convention for private key derivation.
+    def node_for_path(path)
+      force_public = path[-4..-1] == '.pub'
+      path = path[0..-5] if force_public
+      parts = path.split('/')
+      nodes = []
+      parts.each_with_index do |part, depth|
+        if part =~ /m/i
+          nodes << self
+        else
+          i = parse_index(part)
+          node = nodes.last || self
+          nodes << node.subnode(i)
+        end
+      end
+      if force_public or parts.first == 'M'
+        node = nodes.last
+        node.strip_private_info!
+        node
+      else
+        nodes.last
+      end
+    end
+
+    def parse_index(path_part)
+      is_prime = %w(p ').include? path_part[-1]
+      i = path_part.to_i
+
+      i = if i < 0
+        i
+      elsif is_prime
+        i | 0x80000000
+      else
+        i & 0x7fffffff
+      end
+    end
+
+    def strip_private_info!
+      @private_key = nil
+    end
+
+    def chain_code_hex
+      int_to_hex chain_code, 64
+    end
+  end
+
+  class Master < Node
+    module SeedGeneration
+      class Failure < Exception; end
+      class RNGFailure < Failure; end
+      class LengthFailure < Failure; end
+      class ValidityError < Failure; end
+      class ImportError < Failure; end
+      class TooManyAttempts < Failure; end
+    end
+
+    HD_WALLET_BASE_KEY = "Bitcoin seed"
+    RANDOM_SEED_SIZE = 32
+
+    attr_reader :seed, :seed_hash
+
+    def initialize(opts = {})
+      @depth = 0
+      @index = 0
+      opts[:seed] = [opts[:seed_hex]].pack("H*") if opts[:seed_hex]
+      if opts[:seed]
+        @seed = opts[:seed]
+        @seed_hash = generate_seed_hash(@seed)
+        raise SeedGeneration::ImportError unless seed_valid?(@seed_hash)
+        set_seeded_keys
+      elsif opts[:private_key] || opts[:public_key]
+        raise ImportError, 'chain code required' unless opts[:chain_code]
+        @chain_code = opts[:chain_code]
+        if opts[:private_key]
+          @private_key = opts[:private_key]
+          @public_key = MoneyTree::PublicKey.new @private_key
+        else opts[:public_key]
+          @public_key = if opts[:public_key].is_a?(MoneyTree::PublicKey)
+            opts[:public_key]
+          else
+            MoneyTree::PublicKey.new(opts[:public_key])
+          end
+        end
+      else
+        generate_seed
+        set_seeded_keys
+      end
+    end
+
+    def is_private?
+      true
+    end
+
+    def generate_seed
+      @seed = OpenSSL::Random.random_bytes(32)
+      @seed_hash = generate_seed_hash(@seed)
+      raise SeedGeneration::ValidityError unless seed_valid?(@seed_hash)
+    end
+
+    def generate_seed_hash(seed)
+      hmac_sha512 HD_WALLET_BASE_KEY, seed
+    end
+
+    def seed_valid?(seed_hash)
+      return false unless seed_hash.bytesize == 64
+      master_key = left_from_hash(seed_hash)
+      !master_key.zero? && master_key < MoneyTree::Key::ORDER
+    end
+
+    def set_seeded_keys
+      @private_key = MoneyTree::PrivateKey.new key: left_from_hash(seed_hash)
+      @chain_code = right_from_hash(seed_hash)
+      @public_key = MoneyTree::PublicKey.new @private_key
+    end
+
+    def seed_hex
+      bytes_to_hex(seed)
+    end
+  end
+end