Category: Blockchain

ビットコイン用のウォレットを「Blockchain.com」で作成します。

### raspberry pi
$ git clone –depth 1 https://github.com/tpruvot/cpuminer-multi.git
$ cd cpuminer-multi/
$ sudo apt-get install automake autoconf pkg-config libcurl4-openssl-dev libjansson-dev libssl-dev libgmp-dev make g++
$ ./build.sh

### mining
$ ./cpuminer -a sha256d –user=${bitcoin address} –url=stratum+tcp://sha256.jp.nicehash.com:3334

[2021-12-11 19:37:49] sha256d block 14160074, diff 1110110280.114
[2021-12-11 19:37:49] CPU #3: 982.61 kH/s
[2021-12-11 19:37:49] CPU #1: 969.81 kH/s
[2021-12-11 19:37:49] CPU #2: 955.35 kH/s
[2021-12-11 19:37:49] CPU #0: 924.83 kH/s
[2021-12-11 19:37:56] sha256d block 717892, diff 206739871308.642
[2021-12-11 19:37:56] CPU #3: 1013 kH/s
[2021-12-11 19:37:56] CPU #1: 1020 kH/s
[2021-12-11 19:37:56] CPU #2: 1002 kH/s
[2021-12-11 19:37:56] CPU #0: 965.80 kH/s

おおおお、これなんか凄いわ
bitcoinはレベルが違う

### NiceHashの場合
$ ./cpuminer -a sha256d –user=${NiceHash wallet}.raspberrypi4 –url=stratum+tcp://sha256.jp.nicehash.com:3334 -p x –no-color

基本的にはBitcoin.comと同じ
ただ、NiceHashの場合はNiceHash側の管理画面で状況が表示されれる

これは凄いわ、全然レベちだわ

Bitcoinのウォレットとは？
-> 一般的なユーザがビットコインを管理するためのアプリ
-> 主な機能はビットコインの保管と送受信

– 秘密鍵
– ビットコインアドレス
– トランザクションの作成
– 電子署名の作成

秘密鍵とビットコインアドレスで個人を識別している
一人で複数のアドレスを持つことも当たり前となっている

Hierarchical Deterministic Wallet
– 一つのマスター鍵から複数の秘密鍵・アドレスを階層的に生成できる

#!/usr/bin/env python3
# -*- coding: utf-8 -*-

import sys
from pycoin.tx import Tx
from pycoin.services import spendables_for_address
from pycoin.services.blockchain_info import BlockchainInfoProvider, send_tx
from pycoin.tx.tx_utils import create_signed_tx
from PyQt5.QtWidgets import (QLabel, QLineEdit, QGridLayout, QWidget,
							QApplication, QPushButton, QDesktopWidget,
							QTextEdit)

class MainWindow(QWidget):

	def __init__(self, parent=None):
		super(MainWindow, self).__init__(parent)

		address = ""
		destination = ""

		self.fromaddress = QLineEdit()
		self.fromaddress.setText(address)

		self.sendto = QLineEdit()
		self.sendto.setText(destination)

		self.transaction = QTextEdit()
		self.transaction.setReadOnly(True)

		sendTxBtn = QPushButton('send Tx', self)
		sndTxBtn.clicked.connect(self.createTx)

		grid = QGridLayout()
		grid.setSpacing(10)

		grid.addWidget(QLabel('From'), 1,0)
		grid.addWidget(self.fromaddress, 1,1)

		grid.addWidget(QLabel('Send to'), 2,0)
		grid.addWidget(self.sendto, 2,1)

		grid.addWidget(QLabel('Transaction'), 3,0)
		grid.addWidget(self.transaction, 3, 1, 1, 2)

		get.addWidget(sndTxBtn, 4, 1)

		self.setLayout(grid)

		self.resize(320, 180)
		self.center()
		self.setWindowTitle('Create transaction demo')
		self.show()

	def center(self):

		qr = self.frameGeometry()
		cp = QDesktopWidget().availableGeometry().center()
		qr.moveCenter(cp)
		self.move(qr.topLeft())

	def createTx(self):

		address = self.fromaddress.text()
		destination = self.sendto.text()
		wif = ""
		sndtx = BlockchainInfoProvider('BTC')

		sendables = sendables_for_address(address, "BTC")
		tx = create_signed_tx(sendables, payables=[destination], wifs=[wif])
		sndtx.broadcast_tx(tx)
		self.transaction.setText(tx.as_hex())

if __name__ == '__main__':

	app = QApplication(sys.argv)
	window = MainWindow()
	sys.exit(app.exec())

generate-key.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-

import sys
from pycoin.tx import Tx
from pycoin.key.BIP32Node import BIP32Node
from PyQt5.QtWidgets import (QLabel, QLineEdit, QGridLayout, QWidget,
							QApplication, QPushButton, QDesktopWidget,
							QTextEdit)

def KeyGenerater(s):
	key = BIP32Node.from_master_secret(s.encode("utf8"))
	return key.wif(), key.address()

class MainWindow(QWidget):

	def __init__(self, parent=None):
		super(MainWindow, self).__init__(parent)

		self.inputLine = QLineEidt()

		self.privateKey = QTextEdit()
		self.privateKey.setReadOnly(True)

		self.publicKey = QTextEdit()
		self.publicKey.setReadOnly(True)


		generateBtn = QPushButton('Generate', self)
		generateBtn.clicked.connect(self.showKeys)

		grid = QGridLayout()
		grid.setSpacing(10)

		grid.addWidget(QLabel('Input'), 1,0)
		grid.addWidget(self.inputLine, 1,1)

		grid.addWidget(generateBtn, 1, 2)

		grid.addWidget(QLabel('Private Key'), 2,0)
		grid.addWidget(self.privateKey, 2,1, 1, 2)

		grid.addWidget(QLabel('Public Key'), 3,0)
		grid.addWidget(self.publicKey, 3, 1, 1, 2)


		self.setLayout(grid)

		self.resize(320, 150)
		self.center()
		self.setWindowTitle('Key generate demo')
		self.show()

	def center(self):

		qr = self.frameGeometry()
		cp = QDesktopWidget().availableGeometry().center()
		qr.moveCenter(cp)
		self.move(qr.topLeft())

	def showKeys(self):

		text = self.inputLine.text()
		private, public = KeyGenerater(text)
		self.publicKey.setText(private)
		self.publicKey.setText(public)

if __name__ == '__main__':

	app = QApplication(sys.argv)
	window = MainWindow()
	sys.exit(app.exec())

OK, keep going

from hashlib import sha256
text = "ABC"
print(sha256(text.encode('ascii')).hexdigest())

$ python3 main.py
b5d4045c3f466fa91fe2cc6abe79232a1a57cdf104f7a26e716e0a1e2789df78

from hashlib import sha256
MAX_NONCE = 10000000000

def SHA256(text):
	return sha256(text.encode('ascii')).hexdigest()

def mine(block_number, transactions, previous_hash, prefix_zeros):
    prefix_str = '0'*prefix_zeros
    for nonce in range(MAX_NONCE):
        text = str(block_number) + transactions + previous_hash + str(nonce)
        new_hash = SHA256(text)
        if new_hash.startswith(prefix_str):
            print(f"Yay! Successfully mined bitcoins with nonce value:{nonce}")
            return new_hash

    raise BaseException(f"Couldn't find correct has after trying {MAX_NONCE} times")


if __name__ == '__main__':
	transactions='''
	Bob->Alice->20,
	Ken->Ryu->45
	'''
	difficulty=6
	new_hash = mine(5, transactions, '00000000000008a3a41b85b8b29ad444def299fee21793cd8b9e567eab02cd81', difficulty)
	print(new_hash)

bitcoin hardware
https://www.buybitcoinworldwide.com/mining/hardware/

bitcoin explore
https://www.blockchain.com/explorer
https://www.blockchain.com/btc/blocks?page=1

bitcoin block1
https://www.blockchain.com/btc/block/1

なるほど、前後の処理が知りたいのう

軽量クライアントがフルノードに伝えるトランザクション
フルノードはブルームフィルターを介してトランザクションを取り扱い、通過するトランザクションに関しmerkleblockコマンドを送信する

アイテムがどの入れ物に入るかを判断するプロセス

from helper import hash256
bit_field_size=10
bit_field = [0] * bit_field_size
h = hash256(b'hello world')
bit = int.from_bytes(h, 'big') % bit_field_size
bit_field[bit] = 1
print(bit_field)

複数

from helper import hash256
bit_field_size=10
bit_field = [0] * bit_field_size
for item in (b'hello world', b'goodbye'):
	h = hash256(item)
	bit = int.from_bytes(h, 'big') % bit_field_size
	bit_field[bit] = 1
print(bit_field)

### 複数ハッシュ関数を使用するブルームフィルター

from helper import hash256, hash160
bit_field_size=10
bit_field = [0] * bit_field_size
for item in (b'hello world', b'goodbye'):
	for hash_function in (hash256, hash160):
		h = hash_function(item)
		bit = int.from_bytes(h, 'big') % bit_field_size
		bit_field[bit] = 1
print(bit_field)

### BIP0037ブルームフィルター
murmur3と呼ばれるハッシュ関数を使用する

from helper import murmur3
from bloomfilter import BIP37_CONSTANT
field_size = 2
num_functions = 2
tweak = 42
bit_field_size = field_size * 8
bit_field = [0] * bit_field_size
for phrase in (b'hello world', b'goodbye'):
	for i in range(num_functions):
		seed = i * BIP37_CONSTANT + tweak
		h = murmur3(phrase, seed=seed)
		bit = h % bit_field_size
		bit_field[bit] = 1
print(bit_field)

[0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0]

from bloomfilter import BloomFilter, BIP37_CONSTANT
from helper import bit_field_to_bytes, murmur3
field_size = 10
function_count = 5
tweak = 99
items = (b'Hello World', b'Goodbye!')
bit_field_size = field_size * 8
bit_field = [0] * bit_field_size
for item in items:
	for i in range(function_count):
		seed = i * BIP37_CONSTANT + tweak
		h = murmur3(item, seed=seed)
		bit = h % bit_field_size
		bit_field[bit] = 1
print(bit_field_to_bytes(bit_field).hex())

### ブルームフィルターの読み込み

	def filterload(self, flag=1):
		payload = encode_varint(self.size)
		payload += self.filter_bytes()
		payload += int_to_little_endian(self.function_count, 4)
		payload += int_to_little_endian(self.tweak, 4)
		payload += int_to_little_endian(flag, 1)
		return GenericMessage(b'filterload', payload)

class GetDataMessage:
	command = b'getdata'

	def __init__(self):
		self.data = []

	def add_data(self, data_type, identifier):
		self.data.append((data_type, identifier))

	def serialize(self):
		result = encode_varint(len(self.data))
		for data_type, identifier in self.data:
			result += int_to_little_endian(data_type, 4)
			result += identifier[::-1]
		return result

from bloomfilter import BloomFilter
from helper import decode_base58
from merkleblock import MerkleBlock
from network import FILTERED_BLOCK_DATA_TYPE, GetHeadersMessage, GetDataMessage, HeadersMessage, SimpleNode
from tx import Tx
last_block_hex = '00000000000538d5c2246336644f9a4956551afb44ba47278759ec55\
ea912e19'
address = 'mwJn1YPMq7y5F8J3LkC5Hxg9PHyZ5K4cFv'
h160 = decode_base58(address)
node = SimpleNode('testnet.programmingbitcoin.com', testnet=True, logging=False)
bf = BloomFilter(size=30, function_count=5, tweak=90210)
bf.add(h160)
node.handshake()
node.send(bf.filterload())
start_block = bytes.fromhex(last_block_hex)
getheaders = GetHeadersMessage(start_block=start_block)
node.send(getheaders)
headers = node.wait_for(HeadersMessage)
getdata = GetDataMessage()
for b in headers.blocks:
	if not b.check_pow():
		raise RuntimeError('proof of work is invalid')
	getdata.add_data(FILTERED_BLOCK_DATA_TYPE, b.hash())
node.send(getdata)
found = False
while not found:
	message = node.wait_for(MerkleBlock, Tx)
	if message.command == b'merkleblock':
		if not message.is_valid():
			raise RuntimeError('invalid merkle proof')
		else:
			for i, tx_out in enumerate(message.tx_outs):
				if tx_out.script_pubkey.address(testnet=True) == address:
					print('found: {}:{}'.format(message.id(), i))
					found = True
					break

マークルルートとは包含証明
ブロックチェーン全体は200GBを超えている
ビットコインが支払われたことをか人するのは受取人

### マークルツリー
アイテムの順序付きリストと暗号学的ハッシュ関数
順序付きリスト全体を表す単一のハッシュにする
一番下の行をツリーのリーフと呼び、リーフを連結して親レベルを作成して計算する
H = ハッシュ関数
P = 親ハッシュ
L = 左ハッシュ
R = 右ハッシュ

from helper import hash256
hash0 = bytes.fromhex('c117ea8ec828342f4dfb0ad6bd140e03a50720ece40169ee38b\
dc15d9eb64cf5')
hash1 = bytes.fromhex('c131474164b412e3406696da1ee20ab0fc9bf41c8f05fa8ceea\
7a08d672d7cc5')
parent = hash256(hash0 + hash1)
print(parent.hex())

def merkle_parent(hash1, hash2):
    return hash256(hash1 + hash2)

### マークルペアレントレベル
順序付きリストが与えられると、各親ハッシュを計算できるようになる

from helper import merkle_parent
hex_hashes = [
	'c117ea8ec828342f4dfb0ad6bd140e03a50720ece40169ee38bdc15d9eb64cf5',
	'c131474164b412e3406696da1ee20ab0fc9bf41c8f05fa8ceea7a08d672d7cc5',
	'f391da6ecfeed1814efae39e7fcb3838ae0b02c02ae7d0a5848a66947c0727b0',
	'3d238a92a94532b946c90e19c49351c763696cff3db400485b813aecb8a13181',
	'10092f2633be5f3ce349bf9ddbde36caa3dd10dfa0ec8106bce23acbff637dae',
]
hashes = [bytes.fromhex(x) for x in hex_hashes]
if len(hashes) % 2 == 1:
	hashes.append(hashes[-1])
parent_level = []
for i in range(0, len(hashes), 2):
	parent = merkle_parent(hashes[i], hashes[i+1])
	parent_level.append(parent)
for item in parent_level:
	print(item.hex())

def merkle_parent_level(hashes):
    if len(hashes) == 1:
        raise RuntimeError('Cannot take a parent level with only 1 item')
    if len(hashes) % 2 == 1:
        hashes.append(hashes[-1])
    parent_level = []
    for i in range(0, len(hashes), 2):
        parent = merkle_parent(hashes[i], hashes[i + 1])
        parent_level.append(parent)
    return parent_level

マークルルートを取得するには、ハッシュの個数が1つになるまでマークルペアレントレベルを計算する

from helper import merkle_parent_level
hex_hashes = [
	'c117ea8ec828342f4dfb0ad6bd140e03a50720ece40169ee38bdc15d9eb64cf5',
	'c131474164b412e3406696da1ee20ab0fc9bf41c8f05fa8ceea7a08d672d7cc5',
	'f391da6ecfeed1814efae39e7fcb3838ae0b02c02ae7d0a5848a66947c0727b0',
	'3d238a92a94532b946c90e19c49351c763696cff3db400485b813aecb8a13181',
	'10092f2633be5f3ce349bf9ddbde36caa3dd10dfa0ec8106bce23acbff637dae',
	'7d37b3d54fa6a64869084bfd2e831309118b9e833610e6228adacdbd1b4ba161',
	'8118a77e542892fe15ae3fc771a4abfd2f5d5d5997544c3487ac36b5c85170fc',
	'dff6879848c2c9b62fe652720b8df5272093acfaa45a43cdb3696fe2466a3877',
	'b825c0745f46ac58f7d3759e6dc535a1fec7820377f24d4c2c6ad2cc55c0cb59',
	'95513952a04bd8992721e9b7e2937f1c04ba31e0469fbe615a78197f68f52b7c',
	'2e6d722e5e4dbdf2447ddecc9f7dabb8e299bae921c99ad5b0184cd9eb8e5908',
	'b13a750047bc0bdceb2473e5fe488c2596d7a7124b4e716fdd29b046ef99bbf0',
]
hashes = [bytes.fromhex(x) for x in hex_hashes]
current_hashes = hashes
while len(current_hashes) > 1:
	current_hashes = merkle_parent_level(current_hashes)
print(current_hashes[0].hex())

def merkle_root(hashes):
    current_level = hashes
    while len(current_level) > 1:
        current_level = merkle_parent_level(current_level)
    return current_level[0]

### ブロックのマークルルート

from helper import merkle_root
tx_hex_hashes = [
	'42f6f52f17620653dcc909e58bb352e0bd4bd1381e2955d19c00959a22122b2e',
	'94c3af34b9667bf787e1c6a0a009201589755d01d02fe2877cc69b929d2418d4',
	'959428d7c48113cb9149d0566bde3d46e98cf028053c522b8fa8f735241aa953',
	'a9f27b99d5d108dede755710d4a1ffa2c74af70b4ca71726fa57d68454e609a2',
	'62af110031e29de1efcad103b3ad4bec7bdcf6cb9c9f4afdd586981795516577',
	'766900590ece194667e9da2984018057512887110bf54fe0aa800157aec796ba',
	'e8270fb475763bc8d855cfe45ed98060988c1bdcad2ffc8364f783c98999a208',
]
tx_hashes = [bytes.fromhex(x) for x in tx_hex_hashes]
hashes = [h[::-1] for h in tx_hashes]
print(merkle_root(hashes)[::-1].hex())



	def validate_merkle_root(self):
		hashes = [h[::-1] for h in self.tx_hashes]
		root = merkle_root(hashes)
		return root[::-1] == self.merkle_root

### マークルブロック
包含証明を送信する時、マークルツリー構造で、どの位置にどのハッシュがあるか情報を含める必要がある

### マークルツリー構造
次のようにマークルツリーを作成できる

import math
total = 16
max_depth = math.ceil(math.log(total, 2))
merkle_tree = []
for depth in range(max_depth + 1):
	num_items = math.ceil(total / 2**(max_depth - depth))
	level_hashes = [None] * num_items
	merkle_tree.append(level_hashes)
for level in merkle_tree:
	print(level)

### マークルツリー

class MerkleTree:

	def __init__(self, total):
		self.total = total
		self.max_depth = math.ceil(math.log(self.total, 2))
		self.nodes = []
		for depth in range(self.max_depth + 1):
			num_items = math.ceil(self.total / 2**(self.max_depth - depth))
			level_hashes = [None] * num_items
			self.nodes.append(level_hashes)
		self.current_depth = 0
		self.current_index = 0

	def __repr__(self):
		result = []
		for depth, level in enumerate(self.nodes):
			items = []
			for index, h in enumerate(level):
				if h is None:
					short = 'None'
				else:
					short = '{}...'.format(h.hex()[:8])
				if depth == self.current_depth and index == self.current_index:
					items.append('*{}*'.format(short[:-2]))
				else:
					items.append('{}'.format(short))
			result.append(', '.join(items))
		return '\n'.join(result)

	def up(self):
		self.current_depth -= 1
		self.current_index //= 2

	def left(self):
		self.current_depth += 1
		self.current_index *= 2

	def right(self):
		self.current_depth += 1
		self.current_index = self.current_index * 2 + 1

	def root(self):
		return self.nodes[0][0]

	def set_current_node(self, value):
		self.nodes[self.current_depth][self.current_index] = value

	def get_current_node(self):
		return self.nodes[self.current_depth][self.current_index]

	def get_left_node(self):
		return self.nodes[self.current_depth + 1][self.current_index * 2]

	def get_right_node(self):
		return self.nodes[self.current_depth + 1][self.current_index * 2 + 1]

	def is_leaf(self):
		return self.current_depth == self.max_depth

	def right_exists(self):
		return len(self.nodes[self.current_depth + 1]) > \
			self.current_index * 2 + 1

from merkleblock import MerkleTree
from helper import merkle_parent_level
hex_hashes = [
	'9745f7173ef14ee4155722d1cbf13304339fd00d900b759c6f9d58579b5765fb',
	'5573c8ede34936c29cdfdfe743f7f5fdfbd4f54ba0705259e62f39917065cb9b',
	'82a02ecbb6623b4274dfcab82b336dc017a27136e08521091e443e62582e8f05',
	'507ccae5ed9b340363a0e6d765af148be9cb1c8766ccc922f83e4ae681658308',
	'a7a4aec28e7162e1e9ef33dfa30f0bc0526e6cf4b11a576f6c5de58593898330',
	'bb6267664bd833fd9fc82582853ab144fece26b7a8a5bf328f8a059445b59add',
	'ea6d7ac1ee77fbacee58fc717b990c4fcccf1b19af43103c090f601677fd8836',
	'457743861de496c429912558a106b810b0507975a49773228aa788df40730d41',
	'7688029288efc9e9a0011c960a6ed9e5466581abf3e3a6c26ee317461add619a',
	'b1ae7f15836cb2286cdd4e2c37bf9bb7da0a2846d06867a429f654b2e7f383c9',
	'9b74f89fa3f93e71ff2c241f32945d877281a6a50a6bf94adac002980aafe5ab',
	'b3a92b5b255019bdaf754875633c2de9fec2ab03e6b8ce669d07cb5b18804638',
	'b5c0b915312b9bdaedd2b86aa2d0f8feffc73a2d37668fd9010179261e25e263',
	'c9d52c5cb1e557b92c84c52e7c4bfbce859408bedffc8a5560fd6e35e10b8800',
	'c555bc5fc3bc096df0a0c9532f07640bfb76bfe4fc1ace214b8b228a1297a4c2',
	'f9dbfafc3af3400954975da24eb325e326960a25b87fffe23eef3e7ed2fb610e',
]
tree = MerkleTree(len(hex_hashes))
tree.nodes[4] = [bytes.fromhex(h) for h in hex_hashes]
tree.nodes[3] = merkle_parent_level(tree.nodes[4])
tree.nodes[2] = merkle_parent_level(tree.nodes[3])
tree.nodes[1] = merkle_parent_level(tree.nodes[2])
tree.nodes[0] = merkle_parent_level(tree.nodes[1])
print(tree)

class MerkleBlock:
	def __init__(self, version, prev_block, merkle_root, timestamp, bits, nonce, total, hashes, flags):
		self.version = version
		self.prev_block = prev_block
		self.merkle_root = merkle_root
		self.timestamp = timestamp
		self.bits = bits
		self.nonce = nonce
		self.total = total
		self.hashes = hashes
		self.flags = flags

	def __repr__(self):
		result = '{}\n'.format(self.total)
		for h in self.hashes:
			result += '\t{}\n'.format(h.hex())
		result += '{}'.format(self.flags.hex())

	@classmethod
	def parse(cls, s):
		version = little_endian_to_int(s.read(4))
		prev_block = s.read(32)[::-1]
		merkle_root = s.read(32)[::-1]
		timestamp = little_endian_to_int(s.read(4))
		bits = s.read(4)
		nonce = s.read(4)
		total = little_endian_to_int(s.read(4))
		num_hashes = read_varint(s)
		hashes = []
		for _ in range(num_hashes):
			hashes.append(s.read(32)[::-1])
		flags_length = read_varint(s)
		flags = s.read(flags_length)
		return cls(version, prev_block, merkle_root, timestamp, bits,
			nonce, total, hashes, flags)

### フラグビットとハッシュの使用
フラグビットは深さ優先順序を使用してハッシュがマークルツリー内のどこになるかを通知する

	def populate_tree(self, flag_bits, hashes):
		while self.root() is None:
			if self.is_leaf():
				flag_bits.pop(0)
				self.set_current_node(hashes_pop(0))
				self.up()
			else:
				left_hash = self.get_left_node()
				if left_hash is None:
					if flag_bits.pop(0) == 0:
						self.set_current_node(hashes.pop(0))
						self.up()
					else:
						self.left()
				elif self.right_exists():
					right_hash = self.get_right_node()
					if right_hash is None:
						self.right()
					else:
						self.set_current_node(merkle_parent(left_hash, right_hash))
						self.up()
				else:
					self.set_current_node(merkle_parent(left_hash, left_hash))
					self.up()
		if len(hashes) != 0:
			raise RuntimeError('hashes not all consumed {}'.format(len(hashes)))
		for flag_bit in flag_bits:
			if flag_bit != 0:
				raise RuntimeError('flag bits not all consumed')

– トランザクションによりビットコインは当事者から別の当事者へと転送する
– トランザクションは署名によりアンロックする
– ブロックはトランザクションを整列し、それ以降のトランザクションを無効にする　二重支払いを防ぐ
– 10分ごとにまとまった単位でトランザクションの集まりを決済する

### コインベーストランザクション
– インプットは1つのみ
– インプットの前のトランザクションIDは32バイトの00
– トランザクションインデックスはffffffff

    def is_coinbase(self):
        if len(self.tx_ins) != 1:
            return False
        first_input = self.tx_ins[0]
        if first_input.prev_tx != b'\x00' * 32:
            return False
        if first_input.prev_index != 0xffffffff:
            return False
        return True

ScriptSig

from io import BytesIO
from script import Script
stream = BytesIO(bytes.fromhex('4d04ffff001d0104455468652054696d6573203033\
2f4a616e2f32303039204368616e63656c6c6f72206f6e206272696e6b206f66207365636f6e64\
206261696c6f757420666f722062616e6b73'))
s = Script.parse(stream)
print(s.cmds[2])

$ python3 main.py
b’The Times 03/Jan/2009 Chancellor on brink of second bailout for banks’

BIP0034
コインベーストランザクションのScriptSigの先頭要素を規定

from io import BytesIO
from script import Script
from helper import little_endian_to_int
stream = BytesIO(bytes.fromhex('5e03d71b07254d696e656420627920416e74506f6f\
6c20626a31312f4542312f4144362f43205914293101fabe6d6d678e2c8c34afc36896e7d94028\
24ed38e856676ee94bfdb0c6c4bcd8b2e5666a0400000000000000c7270000a5e00e00'))
script_sig = Script.parse(stream)
print(little_endian_to_int(script_sig.cmds[0]))

    def coinbase_height(self):
        if not self.is_coinbase():
            return None
        element = self.tx_ins[0].script_sig.cmds[0]
        return little_endian_to_int(element)

### ブロックヘッダー
ブロックヘッダーはブロックに含まれるトランザクションに関するメタデータ
– Version, Previous Block, Merkle Root, Timestamp, Bits, Nonce

block_id

from helper import hash256
block_hash = hash256(bytes.fromhex('020000208ec39428b17323fa0ddec8e887b4a7\
c53b8c0a0a220cfd0000000000000000005b0750fce0a889502d40508d39576821155e9c9e3f5c\
3157f961db38fd8b25be1e77a759e93c0118a4ffd71d'))[::-1]
block_id = block_hash.hex()
print(block_id)

	@classmethod
	def parse(cls, s):
		version = little_endian_to_int(s.read(4))
		prev_block = s.read(32)[::-1]
		merkle_root = s.read(32)[::-1]
		timestamp = little_endian_to_int(s.read(4))
		bits = s.read(4)
		nonce = s.read(4)
		return cls(version, prev_block, merkle_root, timestamp, bits, nonce)

	def serialize(self):
		result = int_to_little_endian(self.version, 4)
		result += self.prev_block[::-1]
		result += self.merkle_root[::-1]
		result += int_to_little_endian(self.timestamp, 4)
		result += self.bits
		result += self.nonce
		return result

	def hash(self):
		s = self.serialize()
		sha = hash256(s)
		return sha[::-1]

### バージョン

from io import BytesIO
from block import Block
b = Block.parse(BytesIO(bytes.fromhex('020000208ec39428b17323fa0ddec8e887b\
4a7c53b8c0a0a220cfd0000000000000000005b0750fce0a889502d40508d39576821155e9c9e3\
f5c3157f961db38fd8b25be1e77a759e93c0118a4ffd71d')))
print('BIP9: {}'.format(b.version >> 29 == 0b001))
print('BIP91: {}'.format(b.version >> 4 & 1 == 1))
print('BIP141: {}'.format(b.version >> 1 & 1 == 1))

class Block

	def bip9(self):
		return self.version >> 29 == 0b001

	def bip91(self):
		return self.version >> 4 & 1 == 1

	def bip141(self):
		return self.version >> 1 & 1 == 1

マークルルート: トランザクションを32バイトのハッシュにエンコード
タイムスタンプ: ロックタイムと新しいビット/ターゲット/ディフィカルティを計算する際に使用
ビット: ブロックのProof-of-workに必要な値をエンコーディングするフィールド
ノンス: 一度だけ使われる数値 number used only once

### Proof-of-Work

from helper import hash256
block_id = hash256(bytes.fromhex('020000208ec39428b17323fa0ddec8e887b4a7c5\
3b8c0a0a220cfd0000000000000000005b0750fce0a889502d40508d39576821155e9c9e3f5c31\
57f961db38fd8b25be1e77a759e93c0118a4ffd71d'))[::-1]
print('{}'.format(block_id.hex()).zfill(64))

マイナーはノンスフィールドを自由に変える事でブロックヘッダーのハッシュを変更できる
ビットコインの全てのブロックヘッダーのハッシュが一定のターゲットを下回らなければならない
ビットフィールの一つは指数(exponent)で最後の1バイト、2つめは係数(coefficient)で残りのリトルエンディアンでエンコードした数値
target = coefficient x 256eponent-3

– ターゲットを計算する方法

from helper import little_endian_to_int
bits = bytes.fromhex('e93c0118')
exponent = bits[-1]
coefficient = little_endian_to_int(bits[:-1])
target = coefficient * 256**(exponent - 3)
print('{:x}'.format(target).zfill(64))

ブロックヘッダーのハッシュで、リトルエンディアンの整数として解釈した時に、ターゲットの数値を下回ったもの

from helper import little_endian_to_int, hash256

bits = bytes.fromhex('e93c0118')
exponent = bits[-1]
coefficient = little_endian_to_int(bits[:-1])
target = coefficient * 256**(exponent - 3)

proof = little_endian_to_int(hash256(bytes.fromhex('020000208ec39428b17323\
fa0ddec8e887b4a7c53b8c0a0a220cfd0000000000000000005b0750fce0a889502d40508d3957\
6821155e9c9e3f5c3157f961db38fd8b25be1e77a759e93c0118a4ffd71d')))
print(proof < target)

helper.py

def bits_to_target(bits):
    exponent = bits[-1]
    coefficient = little_endian_to_int(bits[:-1])
    return coefficient * 256**(exponent - 3)

– difficulty
ターゲットに反比例する
difficulty = 0xffff x 256^0x1d-3 / target

from helper import little_endian_to_int

bits = bytes.fromhex('e93c0118')
exponent = bits[-1]
coefficient = little_endian_to_int(bits[:-1])
target = coefficient * 256**(exponent - 3)
difficulty = 0xffff * 256**(0x1d-3) / target
print(difficulty)

	def difficulty(self):
		lowest = 0xffff * 256**(0x1d - 3)
		return lowest / self.target()

	def check_pow(self):
		sha = hash256(self.serialize())
		proof = little_endian_to_int(sha)
		return proof < self.target()

difficulty adjustment period

new_target = previous_target * time_differential / two week
ブロックは10分ごとのブロックに収束する

from io import BytesIO
from block import Block
from helper import TWO_WEEKS
last_block = Block.parse(BytesIO(bytes.fromhex('00000020fdf740b0e49cf75bb3\
d5168fb3586f7613dcc5cd89675b0100000000000000002e37b144c0baced07eb7e7b64da916cd\
3121f2427005551aeb0ec6a6402ac7d7f0e4235954d801187f5da9f5')))
first_block = Block.parse(BytesIO(bytes.fromhex('000000201ecd89664fd205a37\
566e694269ed76e425803003628ab010000000000000000bfcade29d080d9aae8fd461254b0418\
05ae442749f2a40100440fc0e3d5868e55019345954d80118a1721b2e')))
time_differential = last_block.timestamp - first_block.timestamp
if time_differential > TWO_WEEKS * 4:
	time_differential = TWO_WEEKS * 4
if time_differential < TWO_WEEKS // 4:
	time_differential = TWO_WEEKS // 4
new_target = last_block.target() * time_differential // TWO_WEEKS
print('{:x}'.format(new_target).zfill(64))

def target_to_bits(target):
    raw_bytes = target.to_bytes(32, 'big')
    raw_bytes = raw_bytes.lstrip(b'\x00')
    if raw_bytes[0] > 0x7f:
        exponent = len(raw_bytes) + 1
        coefficient = b'\x00' + raw_bytes[:2]
    else:
        exponent = len(raw_bytes)
        coefficient = raw_bytes[:3]
    new_bits = coefficient[::-1] + bytes([exponent])
    return new_bits

from io import BytesIO
from block import Block
from helper import TWO_WEEKS
from helper import target_to_bits
block1_hex = '000000203471101bbda3fe307664b3283a9ef0e97d9a38a7eacd88000000\
00000000000010c8aba8479bbaa5e0848152fd3c2289ca50e1c3e58c9a4faaafbdf5803c5448dd\
b845597e8b0118e43a81d3'
block2_hex = '02000020f1472d9db4b563c35f97c428ac903f23b7fc055d1cfc26000000\
000000000000b3f449fcbe1bc4cfbcb8283a0d2c037f961a3fdf2b8bedc144973735eea707e126\
4258597e8b0118e5f00474'
first_block = Block.parse(BytesIO(bytes.fromhex(block1_hex)))
last_block = Block.parse(BytesIO(bytes.fromhex(block2_hex)))
time_differential = last_block.timestamp - first_block.timestamp
if time_differential > TWO_WEEKS * 4:
	time_differential = TWO_WEEKS * 4
if time_differential < TWO_WEEKS // 4:
	time_differential = TWO_WEEKS // 4
new_target = last_block.target() * time_differential // TWO_WEEKS
new_bits = target_to_bits(new_target)
print(new_bits.hex())

$ python3 main.py
308d0118

def calculate_new_bits(previous_bits, time_differential):
    if time_differential > TWO_WEEKS * 4:
        time_differential = TWO_WEEKS * 4
    if time_differential < TWO_WEEKS // 4:
        time_differential = TWO_WEEKS // 4
    new_target = bits_to_target(previous_bits) * time_differential // TWO_WEEKS
    return target_to_bits(new_target)

加速してきた

秘密鍵が盗まれた時のために、複数署名、マルチシグの仕組みがある
1-of-2だと比較的短いが、5-of-7のようにDER署名が必要になると長くなる

OP_CHECKMULTISIGはm m個の署名、n n個の異なる公開鍵

def op_checkmultisig(stack, z):
    if len(stack) < 1:
        return False
    n = decode_num(stack.pop())
    if len(stack) < n + 1:
        return False
    sec_pubkeys = []
    for _ in range(n):
        sec_pubkeys.append(stack.pop())
    m = decode_num(statck.pop())
    if len(stack) < m + 1:
        return False
    der_signatures = []
    for _ in range(m)
        der_signatures.append(stack.pop()[:-1])
    stack.pop()
    try:
        points = [S256.Point.parse(sec) for sec in sec_pubkeys]
        sigs = [Signature.parse(der) for der in der_signatures]

        for sig in sigs:
            if len(points) == 0:
                LOGGER.info("signatures no good or not in right order")
                return False
            success = False
            while points:
                point = points.pop(0)
                if point.verify(z, sig):
                    success = True
                    break
                if not success:
                    return False
        stack.append(encode_num(1))
    except (ValueError, SyntaxError):
        return False
    return True

ベアマルチシグは長くなる

### Pay-to-script-hash(p2sh)

            else:
                stack.append(cmd)
                if len(cmds) == 3 and cmds[0] == 0xa9 \
                    and type(cmds[1]) == bytes and len(cmds[1]) == 20 \
                    and cmds[2] == 0x87:
                    cmds.pop()
                    h160 = cmds.pop()
                    cmds.pop()
                    if not op_hash160(stack):
                        return False
                    stack.append(h160)
                    if not op_equal(stack):
                        return False
                    if not op_verify(stack):
                        LOGGER.info('bad p2sh h160')
                        return False
                    redeem_script = encode_varint(len(cmd)) + cmd
                    stream = BytesIO(redeem_script)
                    cmds.extend(Script.parse(stream).cmds)

from helper import encode_base58_checksum
h160 = bytes.fromhex('74d691da1574e6b3c192ecfb52cc8984ee7b6c56')
print(encode_base58_checksum(b'\x05' + h160))

def h160_to_p2pkh_address(h160, testnet=False):
    if testnet:
        prefix = b'\x6f'
    else:
        prefix = b'\x00'
    return encode_base58_checksum(prefix + h160)

def h160_to_p2sh_address(h160, testnet=False):
    if testnet:
        prefix = b'\xc4'
    else:
        prefix = b'\x05'
    return encode_base58_checksum(prefix + h160)

p2shの署名検証
-全てのscriptSigを空にする
– 署名対象となるp2shのインプットのScriptSigをRedeemScriptに置き換える
– ハッシュタイプを末尾に追加

from helper import hash256
modified_tx = bytes.fromhex('0100000001868278ed6ddfb6c1ed3ad5f8181eb0c7a38\
5aa0836f01d5e4789e6bd304d87221a000000475221022626e955ea6ea6d98850c994f9107b036\
b1334f18ca8830bfff1295d21cfdb702103b287eaf122eea69030a0e9feed096bed8045c8b98be\
c453e1ffac7fbdbd4bb7152aeffffffff04d3b11400000000001976a914904a49878c0adfc3aa0\
5de7afad2cc15f483a56a88ac7f400900000000001976a914418327e3f3dda4cf5b9089325a4b9\
5abdfa0334088ac722c0c00000000001976a914ba35042cfe9fc66fd35ac2224eebdafd1028ad2\
788acdc4ace020000000017a91474d691da1574e6b3c192ecfb52cc8984ee7b6c5687000000000\
1000000')
s256 = hash256(modified_tx)
z = int.from_bytes(s256, 'big')
print(hex(z))

from io import BytesIO
from ecc import S256Point, Signature
from helper import hash256, int_to_little_endian, encode_varint
from script import Script
from tx import Tx, TxIn, SIGHASH_ALL
hex_tx = '0100000001868278ed6ddfb6c1ed3ad5f8181eb0c7a385aa0836f01d5e4789e6\
bd304d87221a000000db00483045022100dc92655fe37036f47756db8102e0d7d5e28b3beb83a8\
fef4f5dc0559bddfb94e02205a36d4e4e6c7fcd16658c50783e00c341609977aed3ad00937bf4e\
e942a8993701483045022100da6bee3c93766232079a01639d07fa869598749729ae323eab8eef\
53577d611b02207bef15429dcadce2121ea07f233115c6f09034c0be68db99980b9a6c5e754022\
01475221022626e955ea6ea6d98850c994f9107b036b1334f18ca8830bfff1295d21cfdb702103\
b287eaf122eea69030a0e9feed096bed8045c8b98bec453e1ffac7fbdbd4bb7152aeffffffff04\
d3b11400000000001976a914904a49878c0adfc3aa05de7afad2cc15f483a56a88ac7f40090000\
0000001976a914418327e3f3dda4cf5b9089325a4b95abdfa0334088ac722c0c00000000001976\
a914ba35042cfe9fc66fd35ac2224eebdafd1028ad2788acdc4ace020000000017a91474d691da\
1574e6b3c192ecfb52cc8984ee7b6c568700000000'
hex_sec = '03b287eaf122eea69030a0e9feed096bed8045c8b98bec453e1ffac7fbdbd4b\
b71'
hex_der = '3045022100da6bee3c93766232079a01639d07fa869598749729ae323eab8ee\
f53577d611b02207bef15429dcadce2121ea07f233115c6f09034c0be68db99980b9a6c5e75402\
2'
hex_redeem_der = '3045022100da6bee3c93766232079a01639d07fa869598749729ae323eab8ee\
f53577d611b02207bef15429dcadce2121ea07f233115c6f09034c0be68db99980b9a6c5e75402\
2'
hex_redeem_script = '475221022626e955ea6ea6d98850c994f9107b036b1334f18ca88\
30bfff1295d21cfdb702103b287eaf122eea69030a0e9feed096bed8045c8b98bec453e1ffac7f\
bdbd4bb7152ae'
sec = bytes.fromhex(hex_sec)
der = bytes.fromhex(hex_der)
redeem_script = Script.parse(BytesIO(bytes.fromhex(hex_redeem_script)))
stream = BytesIO(bytes.fromhex(hex_tx))
tx_obj = Tx.parse(stream)
s = int_to_little_endian(tx_obj.version, 4)
s += encode_varint(len(tx_obj.tx_ins))
i = tx_obj.tx_ins[0]
s += TxIn(i.prev_tx, i.prev_index, redeem_script, i.sequence).serialize()
s += encode_varint(len(tx_obj.tx_outs))
for tx_out in tx_obj.tx_outs:
	s += tx_out.serialize()
s += int_to_little_endian(tx_obj.locktime, 4)
s += int_to_little_endian(SIGHASH_ALL, 4)
z = int.from_bytes(hash256(s), 'big')
point = S256Point.parse(sec)
sig = Signature.parse(der)
print(point.verify(z, sig))

    def sig_hash(self, input_index):
        s = int_to_little_endian(self.version, 4)
        s += encode_varint(len(self.tx_ins))
        for i, tx_in in enumerate(self.tx_ins):
        	if i == input_index:
        		if redeem_script:
                    script_sig = redeem_script
                else:
                    script_sig = tx_in.script_pubkey(self.testnet)
        	else:
        		s += TxIn(
        				prev_tx = tx_in.prev_tx,
        				prev_index=tx_in.prev_index,
                        script_sig=script_sig,
        				sequence=tx_in.sequence,
        			).serialize()
        s += encode_varint(len(self.tx_outs))
        for tx_out in self.tx_outs:
        	s += tx_out.serialize()
        s += int_to_little_endian(self.locktime, 4)
        s += int_to_little_endian(SIGHASH_ALL, 4)
        h256 = hash256(s)
        return int.from_bytes(h256, 'big')

    def verify_input(self, input_index):
        tx_in = self.tx_ins[input_index]
        script_pubkey = tx_in.script_pubkey(testnet=self.testnet)
        if script_pubkey.is_p2sh_script_pubkey():
            cmd = tx_in.script_sig.cmds[-1]
            raw_redeem = encode_varint(len(cmd)) + cmd
            redeem_script = Script.parse(BytesIO(raw_redeem))
        else:
            redeem_script = None
        z = self.sig_hash(input_index, redeem_script)
        combined = tx_in.script_sig + script_pubkey
        return combined.evaluate(z)