public BitcoinBlindedAddress(PubKey blindingKey, TxDestination keyId, Network network)
: base(NotNull(keyId, nameof(keyId)) ??
NotNull(blindingKey, nameof(blindingKey)) ??
Network.CreateBase58(Base58Type.BLINDED_ADDRESS,
network.GetVersionBytes(((IBase58Data)keyId.GetAddress(network)).Type, true)
.Concat(blindingKey.ToBytes())
.Concat(keyId.ToBytes()), network), network)
{
_BlindingKey = blindingKey;
_Hash = keyId;
}
public Script GenerateScriptSig(TransactionSignature signature, PubKey publicKey)
{
if (publicKey == null)
{
throw new ArgumentNullException("publicKey");
}
return(new Script(
signature == null ? OpcodeType.OP_0 : Op.GetPushOp(signature.ToBytes()),
Op.GetPushOp(publicKey.ToBytes())
));
}
public static void ReadWriteC(this BitcoinStream bs, ref PubKey pubKey)
{
if (bs.Serializing)
{
var bytes = pubKey.ToBytes();
bs.Inner.Write(bytes, 0, 33);
}
else
{
pubKey = new PubKey(bs.Inner.ReadBytes(33));
}
}
public byte[] ToBytes()
{
var b = new byte[Length];
int i = 0;
b[i++] = nDepth;
Array.Copy(parentFingerprint.ToBytes(), 0, b, i, 4);
i += 4;
Array.Copy(Utils.ToBytes(nChild, false), 0, b, i, 4);
i += 4;
Array.Copy(vchChainCode, 0, b, i, 32);
i += 32;
Array.Copy(pubkey.ToBytes(), 0, b, i, 33);
return(b);
}
public Key Derivate(byte[] cc, uint nChild, out byte[] ccChild)
{
byte[] l = null;
byte[] ll = new byte[32];
byte[] lr = new byte[32];
if ((nChild >> 31) == 0)
{
var pubKey = PubKey.ToBytes();
l = Hashes.BIP32Hash(cc, nChild, pubKey[0], pubKey.Skip(1).ToArray());
}
else
{
l = Hashes.BIP32Hash(cc, nChild, 0, this.ToBytes());
}
Array.Copy(l, ll, 32);
Array.Copy(l, 32, lr, 0, 32);
ccChild = lr;
BigInteger parse256LL = new BigInteger(1, ll);
BigInteger kPar = new BigInteger(1, vch);
BigInteger N = ECKey.CURVE.N;
if (parse256LL.CompareTo(N) >= 0)
{
throw new InvalidOperationException("You won a prize ! this should happen very rarely. Take a screenshot, and roll the dice again.");
}
var key = parse256LL.Add(kPar).Mod(N);
if (key == BigInteger.Zero)
{
throw new InvalidOperationException("You won the big prize ! this would happen only 1 in 2^127. Take a screenshot, and roll the dice again.");
}
var keyBytes = key.ToByteArrayUnsigned();
if (keyBytes.Length < 32)
{
keyBytes = new byte[32 - keyBytes.Length].Concat(keyBytes).ToArray();
}
return(new Key(keyBytes));
}
byte[] Compress()
{
byte[] result = null;
KeyId keyID = GetKeyId();
if (keyID != null)
{
result = new byte[21];
result[0] = 0x00;
Array.Copy(keyID.ToBytes(), 0, result, 1, 20);
return(result);
}
ScriptId scriptID = GetScriptId();
if (scriptID != null)
{
result = new byte[21];
result[0] = 0x01;
Array.Copy(scriptID.ToBytes(), 0, result, 1, 20);
return(result);
}
PubKey pubkey = GetPubKey();
if (pubkey != null)
{
result = new byte[33];
var pubBytes = pubkey.ToBytes();
Array.Copy(pubBytes, 1, result, 1, 32);
if (pubBytes[0] == 0x02 || pubBytes[0] == 0x03)
{
result[0] = pubBytes[0];
return(result);
}
else if (pubBytes[0] == 0x04)
{
result[0] = (byte)(0x04 | (pubBytes[64] & 0x01));
return(result);
}
}
return(null);
}
public Key Derivate(byte[] cc, uint nChild, out byte[] ccChild)
{
AssertNotDisposed();
#if HAS_SPAN
if (!IsCompressed)
{
throw new InvalidOperationException("The key must be compressed");
}
Span <byte> vout = stackalloc byte[64];
vout.Clear();
if ((nChild >> 31) == 0)
{
Span <byte> pubkey = stackalloc byte[33];
this.PubKey.ToBytes(pubkey, out _);
Hashes.BIP32Hash(cc, nChild, pubkey[0], pubkey.Slice(1), vout);
}
else
{
Span <byte> privkey = stackalloc byte[32];
this._ECKey.WriteToSpan(privkey);
Hashes.BIP32Hash(cc, nChild, 0, privkey, vout);
privkey.Fill(0);
}
ccChild = new byte[32];
vout.Slice(32, 32).CopyTo(ccChild);
Secp256k1.ECPrivKey keyChild = _ECKey.TweakAdd(vout.Slice(0, 32));
vout.Clear();
return(new Key(keyChild, true));
#else
byte[]? l = null;
if ((nChild >> 31) == 0)
{
var pubKey = PubKey.ToBytes();
l = Hashes.BIP32Hash(cc, nChild, pubKey[0], pubKey.SafeSubarray(1));
}
else
{
l = Hashes.BIP32Hash(cc, nChild, 0, this.ToBytes());
}
var ll = l.SafeSubarray(0, 32);
var lr = l.SafeSubarray(32, 32);
ccChild = lr;
var parse256LL = new BigInteger(1, ll);
var kPar = new BigInteger(1, vch);
var N = ECKey.CURVE.N;
if (parse256LL.CompareTo(N) >= 0)
{
throw new InvalidOperationException("You won a prize ! this should happen very rarely. Take a screenshot, and roll the dice again.");
}
var key = parse256LL.Add(kPar).Mod(N);
if (key == BigInteger.Zero)
{
throw new InvalidOperationException("You won the big prize ! this has probability lower than 1 in 2^127. Take a screenshot, and roll the dice again.");
}
var keyBytes = key.ToByteArrayUnsigned();
if (keyBytes.Length < 32)
{
keyBytes = new byte[32 - keyBytes.Length].Concat(keyBytes).ToArray();
}
return(new Key(keyBytes));
#endif
}
public WitScript GenerateWitScript(TransactionSignature signature, PubKey publicKey)
{
if(publicKey == null)
throw new ArgumentNullException("publicKey");
return new WitScript(
signature == null ? OpcodeType.OP_0 : Op.GetPushOp(signature.ToBytes()),
Op.GetPushOp(publicKey.ToBytes())
);
}
public Script GenerateScriptPubKey(PubKey pubkey)
{
return new Script(
Op.GetPushOp(pubkey.ToBytes()),
OpcodeType.OP_CHECKSIG
);
}
Script Decompress(uint nSize, byte[] data)
{
switch(nSize)
{
case 0x00:
return new Script(OpcodeType.OP_DUP, OpcodeType.OP_HASH160, Op.GetPushOp(data.Take(20).ToArray()), OpcodeType.OP_EQUALVERIFY, OpcodeType.OP_CHECKSIG);
case 0x01:
return new Script(OpcodeType.OP_HASH160, Op.GetPushOp(data.Take(20).ToArray()), OpcodeType.OP_EQUAL);
case 0x02:
case 0x03:
return new Script(Op.GetPushOp(new byte[] { (byte)nSize }.Concat(data.Take(32)).ToArray()), OpcodeType.OP_CHECKSIG);
case 0x04:
case 0x05:
byte[] vch = new byte[33];
vch[0] = (byte)(nSize - 2);
Array.Copy(data, vch, 32);
PubKey pubkey = new PubKey(vch);
pubkey = pubkey.Decompress();
return new Script(Op.GetPushOp(pubkey.ToBytes()), OpcodeType.OP_CHECKSIG);
}
return null;
}
public Script GenerateScriptPubKey(PubKey pubkey)
{
return(GenerateScriptPubKey(pubkey.ToBytes(true)));
}
public Script GenerateScriptSig(TransactionSignature signature, PubKey publicKey)
{
if(signature == null)
throw new ArgumentNullException("signature");
if(publicKey == null)
throw new ArgumentNullException("publicKey");
return new Script(
Op.GetPushOp(signature.ToBytes()),
Op.GetPushOp(publicKey.ToBytes())
);
}
internal static byte[] GetStealthSharedSecret(Key priv, PubKey pub)
{
var curve = ECKey.CreateCurve();
var pubec = curve.Curve.DecodePoint(pub.ToBytes());
var p = pubec.Multiply(new BigInteger(1, priv.ToBytes()));
var pBytes = new PubKey(p.GetEncoded()).Compress().ToBytes();
var hash = Hashes.SHA256(pBytes);
return hash;
}