public void ReadWrite(BitcoinStream stream)
{
var bytes = _Signature?.ToBytes();
stream.ReadWriteAsVarString(ref bytes);
if (!stream.Serializing)
{
_Signature = new TransactionSignature(bytes);
}
}
public static Script CreateFulfillScript(TransactionSignature signature, SolutionKey[] keys)
{
if (keys == null)
{
throw new ArgumentNullException(nameof(keys));
}
List <Op> ops = new List <Op>();
ops.Add(signature == null ? Op.GetPushOp(TrustedBroadcastRequest.PlaceholderSignature) : Op.GetPushOp(signature.ToBytes()));
foreach (var key in keys.Reverse())
{
ops.Add(Op.GetPushOp(key.ToBytes(true)));
}
return(new Script(ops.ToList()));
}
public void script_combineSigs()
{
Key[] keys = new[] { new Key(), new Key(), new Key() };
var txFrom = CreateCreditingTransaction(keys[0].PubKey.Hash.ScriptPubKey);
var txTo = CreateSpendingTransaction(new Script(), txFrom);
Script scriptPubKey = txFrom.Outputs[0].ScriptPubKey;
Script scriptSig = txTo.Inputs[0].ScriptSig;
Script empty = new Script();
Script combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, empty);
Assert.True(combined.ToBytes().Length == 0);
// Single signature case:
SignSignature(keys, txFrom, txTo, 0); // changes scriptSig
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig);
Assert.True(combined == scriptSig);
Script scriptSigCopy = scriptSig.Clone();
// Signing again will give a different, valid signature:
SignSignature(keys, txFrom, txTo, 0);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig);
Assert.True(combined == scriptSigCopy || combined == scriptSig);
// P2SH, single-signature case:
Script pkSingle = PayToPubkeyTemplate.Instance.GenerateScriptPubKey(keys[0].PubKey);
scriptPubKey = pkSingle.Hash.ScriptPubKey;
txFrom.Outputs[0].ScriptPubKey = scriptPubKey;
txTo.Inputs[0].PrevOut = new OutPoint(txFrom, 0);
SignSignature(keys, txFrom, txTo, 0, pkSingle);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig);
scriptSig = txTo.Inputs[0].ScriptSig;
Assert.True(combined == scriptSig);
scriptSigCopy = scriptSig.Clone();
SignSignature(keys, txFrom, txTo, 0);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig);
Assert.True(combined == scriptSigCopy || combined == scriptSig);
// dummy scriptSigCopy with placeholder, should always choose non-placeholder:
scriptSigCopy = new Script(OpcodeType.OP_0, Op.GetPushOp(pkSingle.ToBytes()));
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, scriptSigCopy);
Assert.True(combined == scriptSig);
// Hardest case: Multisig 2-of-3
scriptPubKey = PayToMultiSigTemplate.Instance.GenerateScriptPubKey(2, keys.Select(k => k.PubKey).ToArray());
txFrom.Outputs[0].ScriptPubKey = scriptPubKey;
txTo.Inputs[0].PrevOut = new OutPoint(txFrom, 0);
SignSignature(keys, txFrom, txTo, 0);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig);
Assert.True(combined == scriptSig);
// A couple of partially-signed versions:
uint256 hash1 = scriptPubKey.SignatureHash(txTo, 0, SigHash.All);
var sig1 = new TransactionSignature(keys[0].Sign(hash1), SigHash.All);
uint256 hash2 = scriptPubKey.SignatureHash(txTo, 0, SigHash.None);
var sig2 = new TransactionSignature(keys[1].Sign(hash2), SigHash.None);
uint256 hash3 = scriptPubKey.SignatureHash(txTo, 0, SigHash.Single);
var sig3 = new TransactionSignature(keys[2].Sign(hash3), SigHash.Single);
// Not fussy about order (or even existence) of placeholders or signatures:
Script partial1a = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes()) + OpcodeType.OP_0;
Script partial1b = new Script() + OpcodeType.OP_0 + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes());
Script partial2a = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig2.ToBytes());
Script partial2b = new Script() + Op.GetPushOp(sig2.ToBytes()) + OpcodeType.OP_0;
Script partial3a = new Script() + Op.GetPushOp(sig3.ToBytes());
Script partial3b = new Script() + OpcodeType.OP_0 + OpcodeType.OP_0 + Op.GetPushOp(sig3.ToBytes());
Script partial3c = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig3.ToBytes()) + OpcodeType.OP_0;
Script complete12 = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes()) + Op.GetPushOp(sig2.ToBytes());
Script complete13 = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes()) + Op.GetPushOp(sig3.ToBytes());
Script complete23 = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig2.ToBytes()) + Op.GetPushOp(sig3.ToBytes());
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial1a, partial1b);
Assert.True(combined == partial1a);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial1a, partial2a);
Assert.True(combined == complete12);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial2a, partial1a);
Assert.True(combined == complete12);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial1b, partial2b);
Assert.True(combined == complete12);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial1b);
Assert.True(combined == complete13);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial2a, partial3a);
Assert.True(combined == complete23);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial2b);
Assert.True(combined == complete23);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial3a);
Assert.True(combined == partial3c);
}
public void script_combineSigs()
{
Key[] keys = new[] { new Key(), new Key(), new Key() };
var txFrom = CreateCreditingTransaction(keys[0].PubKey.Hash.ScriptPubKey);
var txTo = CreateSpendingTransaction(new Script(), txFrom);
Script scriptPubKey = txFrom.Outputs[0].ScriptPubKey;
Script scriptSig = txTo.Inputs[0].ScriptSig;
Script empty = new Script();
Script combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, empty);
Assert.True(combined.ToBytes().Length == 0);
// Single signature case:
SignSignature(keys, txFrom, txTo, 0); // changes scriptSig
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig);
Assert.True(combined == scriptSig);
Script scriptSigCopy = scriptSig.Clone();
// Signing again will give a different, valid signature:
SignSignature(keys, txFrom, txTo, 0);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig);
Assert.True(combined == scriptSigCopy || combined == scriptSig);
// P2SH, single-signature case:
Script pkSingle = PayToPubkeyTemplate.Instance.GenerateScriptPubKey(keys[0].PubKey);
scriptPubKey = pkSingle.Hash.ScriptPubKey;
txFrom.Outputs[0].ScriptPubKey = scriptPubKey;
txTo.Inputs[0].PrevOut = new OutPoint(txFrom, 0);
SignSignature(keys, txFrom, txTo, 0, pkSingle);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig);
scriptSig = txTo.Inputs[0].ScriptSig;
Assert.True(combined == scriptSig);
scriptSigCopy = scriptSig.Clone();
SignSignature(keys, txFrom, txTo, 0);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig);
Assert.True(combined == scriptSigCopy || combined == scriptSig);
// dummy scriptSigCopy with placeholder, should always choose non-placeholder:
scriptSigCopy = new Script(OpcodeType.OP_0, Op.GetPushOp(pkSingle.ToBytes()));
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSigCopy, scriptSig);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, scriptSigCopy);
Assert.True(combined == scriptSig);
// Hardest case: Multisig 2-of-3
scriptPubKey = PayToMultiSigTemplate.Instance.GenerateScriptPubKey(2, keys.Select(k => k.PubKey).ToArray());
txFrom.Outputs[0].ScriptPubKey = scriptPubKey;
txTo.Inputs[0].PrevOut = new OutPoint(txFrom, 0);
SignSignature(keys, txFrom, txTo, 0);
scriptSig = txTo.Inputs[0].ScriptSig;
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, scriptSig, empty);
Assert.True(combined == scriptSig);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, empty, scriptSig);
Assert.True(combined == scriptSig);
// A couple of partially-signed versions:
uint256 hash1 = scriptPubKey.SignatureHash(txTo, 0, SigHash.All);
var sig1 = new TransactionSignature(keys[0].Sign(hash1), SigHash.All);
uint256 hash2 = scriptPubKey.SignatureHash(txTo, 0, SigHash.None);
var sig2 = new TransactionSignature(keys[1].Sign(hash2), SigHash.None);
uint256 hash3 = scriptPubKey.SignatureHash(txTo, 0, SigHash.Single);
var sig3 = new TransactionSignature(keys[2].Sign(hash3), SigHash.Single);
// Not fussy about order (or even existence) of placeholders or signatures:
Script partial1a = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes()) + OpcodeType.OP_0;
Script partial1b = new Script() + OpcodeType.OP_0 + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes());
Script partial2a = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig2.ToBytes());
Script partial2b = new Script() + Op.GetPushOp(sig2.ToBytes()) + OpcodeType.OP_0;
Script partial3a = new Script() + Op.GetPushOp(sig3.ToBytes());
Script partial3b = new Script() + OpcodeType.OP_0 + OpcodeType.OP_0 + Op.GetPushOp(sig3.ToBytes());
Script partial3c = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig3.ToBytes()) + OpcodeType.OP_0;
Script complete12 = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes()) + Op.GetPushOp(sig2.ToBytes());
Script complete13 = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig1.ToBytes()) + Op.GetPushOp(sig3.ToBytes());
Script complete23 = new Script() + OpcodeType.OP_0 + Op.GetPushOp(sig2.ToBytes()) + Op.GetPushOp(sig3.ToBytes());
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial1a, partial1b);
Assert.True(combined == partial1a);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial1a, partial2a);
Assert.True(combined == complete12);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial2a, partial1a);
Assert.True(combined == complete12);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial1b, partial2b);
Assert.True(combined == complete12);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial1b);
Assert.True(combined == complete13);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial2a, partial3a);
Assert.True(combined == complete23);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial2b);
Assert.True(combined == complete23);
combined = Script.CombineSignatures(scriptPubKey, txTo, 0, partial3b, partial3a);
Assert.True(combined == partial3c);
}
/// <summary>
/// Generate atomic swap refund script for swap scheme with HTLC
/// </summary>
/// <param name="aliceRefundSig">Alice signature</param>
/// <param name="aliceRefundPubKey">Alice refund public key</param>
/// <returns>Atomic swap refund script</returns>
public static Script GenerateHtlcSwapRefund(
TransactionSignature aliceRefundSig,
byte[] aliceRefundPubKey)
{
return(GenerateHtlcSwapRefund(aliceRefundSig.ToBytes(), aliceRefundPubKey));
}
/// <summary>
/// Generate atomic swap P2PK redeem script
/// </summary>
/// <param name="sig">Bob signature</param>
/// <param name="secret">Secret</param>
/// <returns>Atomic swap redeem script</returns>
public static Script GenerateP2PkSwapRedeem(
TransactionSignature sig,
byte[] secret)
{
return(GenerateP2PkSwapRedeem(sig.ToBytes(), secret));
}
/// <summary>
/// Generate atomic swap refund script for swap scheme with multisig refund
/// </summary>
/// <param name="aliceRefundSig">Alice signature</param>
/// <param name="bobRefundSig">Bob signature</param>
/// <returns>Atomic swap refund script</returns>
public static Script GenerateSwapRefund(
TransactionSignature aliceRefundSig,
TransactionSignature bobRefundSig)
{
return(GenerateSwapRefund(aliceRefundSig.ToBytes(), bobRefundSig.ToBytes()));
}
public async Task <string> WithdrawBtc(string withdrawHash, string recipient, decimal amount)
{
var coins = new List <UTXO>();
var coinsUsed = new List <UTXO>();
var estimatedFee = await client.GetFeeRateAsync(3);
try
{
await locker.WaitAsync();
while (coinsUsed.Sum(c => c.AsCoin().Amount.ToDecimal(MoneyUnit.BTC)) <= amount)
{
var txOperations = await client.GetUTXOsAsync(TrackedSource.Create(pubKey.GetAddress(ScriptPubKeyType.Legacy, Network.Main)));
foreach (var op in txOperations.Confirmed.UTXOs)
{
if (!usedInputs.ContainsKey(op.TransactionHash.ToString() + op.Value.Satoshi.ToString()))
{
coins.Add(op);
}
}
coins.Sort(delegate(UTXO x, UTXO y)
{
return(-x.AsCoin().Amount.CompareTo(y.AsCoin().Amount));
});
foreach (var item in coins)
{
if (coinsUsed.Sum(c => c.AsCoin().Amount.ToDecimal(MoneyUnit.BTC)) <= amount)
{
coinsUsed.Add(item);
usedInputs.Add(item.TransactionHash.ToString() + item.Value.Satoshi.ToString(), item);
}
else
{
break;
}
}
if (coinsUsed.Sum(c => c.AsCoin().Amount.ToDecimal(MoneyUnit.BTC)) < amount)
{
await Task.Delay(5000);
}
}
TransactionBuilder builder = null;
BitcoinPubKeyAddress destination = null;
if (network == NetworkType.Testnet)
{
builder = Network.TestNet.CreateTransactionBuilder();
destination = new BitcoinPubKeyAddress(recipient, Network.TestNet);
}
else
{
builder = Network.Main.CreateTransactionBuilder();
destination = new BitcoinPubKeyAddress(recipient, Network.Main);
}
NBitcoin.Transaction tx = builder
.AddCoins(coinsUsed.Select(c => c.AsCoin() /* .ScriptPubKey.ToBytes()*/))
.Send(destination, Money.Coins(amount))
.Send(TxNullDataTemplate.Instance.GenerateScriptPubKey(Encoding.UTF8.GetBytes(withdrawHash)), Money.Zero)
.SetChange(pubKey.GetAddress(ScriptPubKeyType.Legacy, Network.Main))
.SendEstimatedFees((await client.GetFeeRateAsync(3)).FeeRate)
.BuildTransaction(sign: false);
// Specify the path to unmanaged PKCS#11 library provided by the cryptographic device vendor
string pkcs11LibraryPath = @"/opt/cloudhsm/lib/libcloudhsm_pkcs11_standard.so";
// Create factories used by Pkcs11Interop library
Net.Pkcs11Interop.HighLevelAPI.Pkcs11InteropFactories factories = new Net.Pkcs11Interop.HighLevelAPI.Pkcs11InteropFactories();
// Load unmanaged PKCS#11 library
using (Net.Pkcs11Interop.HighLevelAPI.IPkcs11Library pkcs11Library = factories.Pkcs11LibraryFactory.LoadPkcs11Library(factories, pkcs11LibraryPath, AppType.MultiThreaded))
{
// Show general information about loaded library
Net.Pkcs11Interop.HighLevelAPI.ILibraryInfo libraryInfo = pkcs11Library.GetInfo();
Console.WriteLine("Library");
Console.WriteLine(" Manufacturer: " + libraryInfo.ManufacturerId);
Console.WriteLine(" Description: " + libraryInfo.LibraryDescription);
Console.WriteLine(" Version: " + libraryInfo.LibraryVersion);
// Get list of all available slots
foreach (Net.Pkcs11Interop.HighLevelAPI.ISlot slot in pkcs11Library.GetSlotList(SlotsType.WithOrWithoutTokenPresent))
{
// Show basic information about slot
Net.Pkcs11Interop.HighLevelAPI.ISlotInfo slotInfo = slot.GetSlotInfo();
Console.WriteLine();
Console.WriteLine("Slot");
Console.WriteLine(" Manufacturer: " + slotInfo.ManufacturerId);
Console.WriteLine(" Description: " + slotInfo.SlotDescription);
Console.WriteLine(" Token present: " + slotInfo.SlotFlags.TokenPresent);
if (slotInfo.SlotFlags.TokenPresent)
{
// Show basic information about token present in the slot
Net.Pkcs11Interop.HighLevelAPI.ITokenInfo tokenInfo = slot.GetTokenInfo();
Console.WriteLine("Token");
Console.WriteLine(" Manufacturer: " + tokenInfo.ManufacturerId);
Console.WriteLine(" Model: " + tokenInfo.Model);
Console.WriteLine(" Serial number: " + tokenInfo.SerialNumber);
Console.WriteLine(" Label: " + tokenInfo.Label);
// Show list of mechanisms (algorithms) supported by the token
Console.WriteLine("Supported mechanisms: ");
foreach (CKM mechanism in slot.GetMechanismList())
{
Console.WriteLine(" " + mechanism);
}
}
using (Net.Pkcs11Interop.HighLevelAPI.ISession session = slot.OpenSession(SessionType.ReadWrite))
{
session.Login(CKU.CKU_USER, pkcsUser);
// Specify signing mechanism
Net.Pkcs11Interop.HighLevelAPI.IMechanism mechanism = session.Factories.MechanismFactory.Create(CKM.CKM_ECDSA);
List <Net.Pkcs11Interop.HighLevelAPI.IObjectAttribute> publicKeyAttributes = new List <Net.Pkcs11Interop.HighLevelAPI.IObjectAttribute>();
publicKeyAttributes.Add(new Net.Pkcs11Interop.HighLevelAPI80.ObjectAttribute(CKA.CKA_LABEL, hsmKey));
publicKeyAttributes.Add(new Net.Pkcs11Interop.HighLevelAPI80.ObjectAttribute(CKA.CKA_SIGN, true));
Net.Pkcs11Interop.HighLevelAPI.IObjectHandle key = session.FindAllObjects(publicKeyAttributes).FirstOrDefault();
uint i = 0;
foreach (var c in tx.Inputs.AsIndexedInputs())
{
byte[] sourceData = c.GetSignatureHash(coinsUsed.First(cu => cu.Outpoint.Hash == c.PrevOut.Hash).AsCoin()).ToBytes();
Console.WriteLine("sourceData: " + tx.ToHex());
byte[] signature = session.Sign(mechanism, key, sourceData);
Console.WriteLine("signature: " + BitConverter.ToString(signature));
var canSig = ECDSASignatureFactory.FromComponents(signature).MakeCanonical();
var sig = new NBitcoin.TransactionSignature(new NBitcoin.Crypto.ECDSASignature(new NBitcoin.BouncyCastle.Math.BigInteger(canSig.R.ToByteArray()), new NBitcoin.BouncyCastle.Math.BigInteger(canSig.S.ToByteArray())), SigHash.Single);
builder = builder.AddKnownSignature(pubKey, sig, c.PrevOut);
TransactionSignature sig2 = null;
if (builder.TrySignInput(tx, i, SigHash.Single, out sig2))
{
Console.WriteLine("Input Signed");
Console.WriteLine(BitConverter.ToString(sig2.ToBytes()));
}
else
{
Console.WriteLine("Input Not Signed");
}
Console.WriteLine("tx: " + tx);
i++;
tx = builder.SignTransactionInPlace(tx);
}
Console.WriteLine("tx: " + tx);
TransactionPolicyError[] errors = null;
if (builder.Verify(tx, out errors))
{
var broadcastResult = await client.BroadcastAsync(tx);
broadcastResult.ToString();
Console.WriteLine("broadcast: " + tx.GetHash().ToString());
session.Logout();
return(tx.GetHash().ToString());
}
else
{
Console.WriteLine("Verify transaction failed");
}
if (errors != null)
{
foreach (var e in errors)
{
Console.WriteLine(e.ToString());
}
}
session.Logout();
}
}
}
return(null);
}
catch (Exception e)
{
Log.Error("Failed to send BTC Withdraw" + e.ToString());
throw e;
}
finally
{
locker.Release();
}
}
public Script GenerateScriptSig(TransactionSignature signature)
{
return(new Script(
Op.GetPushOp(signature.ToBytes())
));
}
public Script RedeemOffer(TransactionSignature initiatorSignature)
{
return(new Script(new[] { Op.GetPushOp(initiatorSignature.ToBytes()) }));
}
public Script TakeOffer(TransactionSignature takerSignature, Preimage preimage)
{
return(new Script(new[] { Op.GetPushOp(takerSignature.ToBytes()), Op.GetPushOp(preimage.Bytes), Op.GetPushOp(CreateRedeemScript().ToBytes()) }));
}