Lucas Ryan badmofo

## coinlist.py
'''
Copyright (c) 2020 Lucas Ryan

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so.

## qfxtocsv.py
from ofxparse import OfxParser
import sys
import csv

with open(sys.argv[1]) as f:
    ofx = OfxParser.parse(f)

account = ofx.account
statement = account.statement
institution = account.institution

## btc_to_btcp.py
import bitcoin

def btc_to_btcp(addr):
    assert addr[0] in ('1', '3') # we don't support bech32 addrs for now
    addr_prefix = b'\x13\x25' if addr[0] == '1' else b'\x13\xaf'
    pkh = bitcoin.b58check_to_bin(addr)
    assert len(pkh) == 20
    return bitcoin.bin_to_b58check(addr_prefix[1:2] + pkh, addr_prefix[0])

## bitstamp.py
import hmac
import hashlib
import requests
import time
import json
import re
import arrow
from decimal import Decimal

def to_bytes(s):

## 2fa_restore.py
# Re-enables Trustedcoin after restoring your 2FA Electrum wallet from seed.
# Pass your wallet file as the first argument:
#   python 2fa_restore.py ~/.electrum/wallets/default_wallet

import json
import sys

wallet = json.load(open(sys.argv[1]))
assert wallet['wallet_type'] == '2fa'
wallet['use_trustedcoin'] = True

## keygen.py
from __future__ import print_function
import bitcoin
privkey = bitcoin.encode_privkey(bitcoin.random_key(), 'wif_compressed')
pubkey = bitcoin.privtopub(privkey)
print('Private Key: ', privkey)
print('Public Key: ', pubkey)

## 2fa.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                badmofo
                / 2fa.md
            
            
              Last active
              October 21, 2015 01:27
            
              
                2FA Attack Scenarios
              
          
    2FA Attack Scenarios

Compromised seed: FATAL

Local malware before installation / registration: FATAL

There isn't anything we can do since all communication with Trustedcoin can be MITMed and more trivially malware can simply gank the seed.
Local malware introduced after installation / registration: POSSIBLY FATAL

Malware will be able to steal the 1/3 extended private key in the wallet upon a spend attempt and use the google authenticator code to sign a different transaction than the one the user entered - one that sweeps the wallet to the attacker's address.  If the 2nd factor is able to display the transaction details AND the malware is unable to simultaneously corrupt this 2nd factor AND the user notices the discrepancy then the attack will be thwarted.  Otherwise it will be fatal.

  
## borromean.py
'''
Pure Python Borromean Ring Signatures
DEPENDS ON: pip install ecdsa
WARNING: THIS IS A PEDAGOGICAL IMPLEMENTATION.
         PERFORMANCE IS HORRIBLE AND NON-CONSTANT.
         CORNER CASES ARE NOT PROPERLY CHECKED.
         FOR THE LOVE OF GOD USE THE CODE FROM THE ELEMENTS PROJECT.
         https://gist.github.com/badmofo/2d6e66630e4a6748edb7
'''
from hashlib import sha256

## disclaimer.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                badmofo
                / disclaimer.md
            
            
              Created
              June 24, 2015 18:38
            
              
                Standard Disclaimer
              
          
    Standard Disclaimer

This product is meant for educational purposes only. Any resemblance to real persons, living or dead is purely coincidental. Void where prohibited. Some assembly required. List each check separately by bank number. Batteries not included. Contents may settle during shipment. Use only as directed. No other warranty expressed or implied. Do not use while operating a motor vehicle or heavy equipment. Postage will be paid by addressee. Subject to CAB approval. This is not an offer to sell securities. Apply only to affected area. May be too intense for some viewers. Do not stamp. Use other side for additional listings. For recreational use only. Do not disturb. All models over 18 years of age. If condition persists, consult your physician. No user-serviceable parts inside. Freshest if eaten before date on carton. Subject to change without notice. Times approximate. Simulated picture. No postage necessary if mailed in the United States. Please remain seated until the ride has come to a compl

  
## brainGpg.groovy
// Similar in spirit to https://github.com/arttukasvio/deterministic
// It's a really bad idea to use this unless you absolutely know what
// you are doing.

@Grab(group='org.bouncycastle', module='bcpg-jdk15on', version='1.51')

import java.security.*;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.HashAlgorithmTags;
	'''
	Copyright (c) 2020 Lucas Ryan

	Permission is hereby granted, free of charge, to any person obtaining a copy
	of this software and associated documentation files (the "Software"), to deal
	in the Software without restriction, including without limitation the rights
	to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	copies of the Software, and to permit persons to whom the Software is
	furnished to do so.
	from ofxparse import OfxParser
	import sys
	import csv

	with open(sys.argv[1]) as f:
	ofx = OfxParser.parse(f)

	account = ofx.account
	statement = account.statement
	institution = account.institution
	import bitcoin

	def btc_to_btcp(addr):
	assert addr[0] in ('1', '3') # we don't support bech32 addrs for now
	addr_prefix = b'\x13\x25' if addr[0] == '1' else b'\x13\xaf'
	pkh = bitcoin.b58check_to_bin(addr)
	assert len(pkh) == 20
	return bitcoin.bin_to_b58check(addr_prefix[1:2] + pkh, addr_prefix[0])
	import hmac
	import hashlib
	import requests
	import time
	import json
	import re
	import arrow
	from decimal import Decimal

	def to_bytes(s):
	# Re-enables Trustedcoin after restoring your 2FA Electrum wallet from seed.
	# Pass your wallet file as the first argument:
	# python 2fa_restore.py ~/.electrum/wallets/default_wallet

	import json
	import sys

	wallet = json.load(open(sys.argv[1]))
	assert wallet['wallet_type'] == '2fa'
	wallet['use_trustedcoin'] = True
	from __future__ import print_function
	import bitcoin
	privkey = bitcoin.encode_privkey(bitcoin.random_key(), 'wif_compressed')
	pubkey = bitcoin.privtopub(privkey)
	print('Private Key: ', privkey)
	print('Public Key: ', pubkey)
	'''
	Pure Python Borromean Ring Signatures
	DEPENDS ON: pip install ecdsa
	WARNING: THIS IS A PEDAGOGICAL IMPLEMENTATION.
	PERFORMANCE IS HORRIBLE AND NON-CONSTANT.
	CORNER CASES ARE NOT PROPERLY CHECKED.
	FOR THE LOVE OF GOD USE THE CODE FROM THE ELEMENTS PROJECT.
	https://gist.github.com/badmofo/2d6e66630e4a6748edb7
	'''
	from hashlib import sha256
	// Similar in spirit to https://github.com/arttukasvio/deterministic
	// It's a really bad idea to use this unless you absolutely know what
	// you are doing.

	@Grab(group='org.bouncycastle', module='bcpg-jdk15on', version='1.51')

	import java.security.*;
	import org.bouncycastle.jce.provider.BouncyCastleProvider;
	import org.bouncycastle.bcpg.ArmoredOutputStream;
	import org.bouncycastle.bcpg.HashAlgorithmTags;