import struct
import time
from calendar import timegm
from binascii import hexlify, unhexlify
import hashlib
import ecdsa
from steembase.account import PrivateKey
from pprint import pprint
def varint(n) :
""" Varint encoding
data = b''
while n >= 0x80 :
data += bytes([(n & 0x7f) | 0x80])
n >>= 7
data += bytes([n])
return data
def recover_public_key(digest, signature, i) :
""" Recover the public key from the the signature
# See http : // section 4.1.6 primarily
curve = ecdsa.SECP256k1.curve
G = ecdsa.SECP256k1.generator
order = ecdsa.SECP256k1.order
yp = (i % 2)
r, s = ecdsa.util.sigdecode_string(signature, order)
# 1.1
x = r + (i // 2) * order
# 1.3. This actually calculates for either effectively 02||X or 03||X depending on 'k' instead of always for 02||X as specified.
# This substitutes for the lack of reversing R later on. -R actually is defined to be just flipping the y-coordinate in the elliptic curve.
alpha = ((x * x * x) + (curve.a() * x) + curve.b()) % curve.p()
beta = ecdsa.numbertheory.square_root_mod_prime(alpha, curve.p())
y = beta if (beta - yp) % 2 == 0 else curve.p() - beta
# 1.4 Constructor of Point is supposed to check if nR is at infinity.
R = ecdsa.ellipticcurve.Point(curve, x, y, order)
# 1.5 Compute e
e = ecdsa.util.string_to_number(digest)
# 1.6 Compute Q = r^-1(sR - eG)
Q = ecdsa.numbertheory.inverse_mod(r, order) * (s * R + (-e % order) * G)
# Not strictly necessary, but let's verify the message for paranoia's sake.
if not ecdsa.VerifyingKey.from_public_point(Q, curve=ecdsa.SECP256k1).verify_digest(signature, digest, sigdecode=ecdsa.util.sigdecode_string) :
return None
return ecdsa.VerifyingKey.from_public_point(Q, curve=ecdsa.SECP256k1)
def recoverPubkeyParameter(digest, signature, pubkey) :
""" Use to derive a number that allows to easily recover the
public key from the signature
for i in range(0, 4) :
p = recover_public_key(digest, signature, i)
if p.to_string() == pubkey.to_string() :
return i
return None
tx = {'ref_block_num': 36029,
'ref_block_prefix': 1164960351,
'expiration': '2016-08-08T12:24:17',
'operations': [['vote',
{'author': 'xeroc',
'permlink': 'piston',
'voter': 'xeroc',
'weight': 10000}]],
'extensions': [],
'signatures': [],
wifs = ["5JLw5dgQAx6rhZEgNN5C2ds1V47RweGshynFSWFbaMohsYsBvE8"]
# Operation types
operations = {}
operations["vote"] = 0
# ....
# Internal time format
timeformat = '%Y-%m-%dT%H:%M:%S%Z'
buf = b""
# ref_block_num
buf += struct.pack("<H", tx["ref_block_num"])
# ref_block_num
buf += struct.pack("<I", tx["ref_block_prefix"])
# expiration
buf += struct.pack("<I", timegm(time.strptime((tx["expiration"] + "UTC"), timeformat)))
# Operations
buf += bytes(varint(len(tx["operations"])))
for op in tx["operations"]:
# op[0] == "vote"
buf += varint(operations[op[0]])
if op[0] == "vote":
opdata = op[1]
buf += (varint(len(opdata["voter"])) +
bytes(opdata["voter"], "utf-8"))
buf += (varint(len(opdata["author"])) +
bytes(opdata["author"], "utf-8"))
buf += (varint(len(opdata["permlink"])) +
bytes(opdata["permlink"], "utf-8"))
buf += struct.pack("<h", int(opdata["weight"]))
# Signing
chainid = "0" * int(256 / 4)
message = unhexlify(chainid) + buf
digest = hashlib.sha256(message).digest()
sigs = []
for wif in wifs:
p = bytes(PrivateKey(wif)) # binary representation of private key
sk = ecdsa.SigningKey.from_string(p, curve=ecdsa.SECP256k1)
cnt = 0
i = 0
while 1 :
cnt += 1
# Deterministic k
k = ecdsa.rfc6979.generate_k(
hashlib.sha256(digest + bytes([cnt])).digest())
# Sign message
sigder = sk.sign_digest(
# Reformating of signature
r, s = ecdsa.util.sigdecode_der(sigder, sk.curve.generator.order())
signature = ecdsa.util.sigencode_string(r, s, sk.curve.generator.order())
# Make sure signature is canonical!
lenR = sigder[3]
lenS = sigder[5 + lenR]
if lenR is 32 and lenS is 32 :
# Derive the recovery parameter
i = recoverPubkeyParameter(digest, signature, sk.get_verifying_key())
i += 4 # compressed
i += 27 # compact
struct.pack("<B", i) +
from steembase import transactions
tx2 = transactions.Signed_Transaction(**tx)
pubkeys = [PrivateKey(p).pubkey for p in wifs]
tx2.verify(pubkeys, "STEEM")
