// Signs the first input of the transaction which must spend the multisig contract. private void signMultisigInput( Transaction tx, Transaction.SigHash hashType, boolean anyoneCanPay) { TransactionSignature signature = tx.calculateSignature(0, serverKey, multisigScript, hashType, anyoneCanPay); byte[] mySig = signature.encodeToBitcoin(); Script scriptSig = ScriptBuilder.createMultiSigInputScriptBytes(ImmutableList.of(bestValueSignature, mySig)); tx.getInput(0).setScriptSig(scriptSig); }
private WalletTransaction connectTransactionOutputs( org.bitcoinj.wallet.Protos.Transaction txProto) throws UnreadableWalletException { Transaction tx = txMap.get(txProto.getHash()); final WalletTransaction.Pool pool; switch (txProto.getPool()) { case DEAD: pool = WalletTransaction.Pool.DEAD; break; case PENDING: pool = WalletTransaction.Pool.PENDING; break; case SPENT: pool = WalletTransaction.Pool.SPENT; break; case UNSPENT: pool = WalletTransaction.Pool.UNSPENT; break; // Upgrade old wallets: inactive pool has been merged with the pending pool. // Remove this some time after 0.9 is old and everyone has upgraded. // There should not be any spent outputs in this tx as old wallets would not allow them to // be spent // in this state. case INACTIVE: case PENDING_INACTIVE: pool = WalletTransaction.Pool.PENDING; break; default: throw new UnreadableWalletException("Unknown transaction pool: " + txProto.getPool()); } for (int i = 0; i < tx.getOutputs().size(); i++) { TransactionOutput output = tx.getOutputs().get(i); final Protos.TransactionOutput transactionOutput = txProto.getTransactionOutput(i); if (transactionOutput.hasSpentByTransactionHash()) { final ByteString spentByTransactionHash = transactionOutput.getSpentByTransactionHash(); Transaction spendingTx = txMap.get(spentByTransactionHash); if (spendingTx == null) { throw new UnreadableWalletException( String.format( "Could not connect %s to %s", tx.getHashAsString(), byteStringToHash(spentByTransactionHash))); } final int spendingIndex = transactionOutput.getSpentByTransactionIndex(); TransactionInput input = checkNotNull(spendingTx.getInput(spendingIndex)); input.connect(output); } } if (txProto.hasConfidence()) { Protos.TransactionConfidence confidenceProto = txProto.getConfidence(); TransactionConfidence confidence = tx.getConfidence(); readConfidence(tx, confidenceProto, confidence); } return new WalletTransaction(pool, tx); }
/** * Called when the client provides the refund transaction. The refund transaction must have one * input from the multisig contract (that we don't have yet) and one output that the client * creates to themselves. This object will later be modified when we start getting paid. * * @param refundTx The refund transaction, this object will be mutated when payment is * incremented. * @param clientMultiSigPubKey The client's pubkey which is required for the multisig output * @return Our signature that makes the refund transaction valid * @throws VerificationException If the transaction isnt valid or did not meet the requirements of * a refund transaction. */ public synchronized byte[] provideRefundTransaction( Transaction refundTx, byte[] clientMultiSigPubKey) throws VerificationException { checkNotNull(refundTx); checkNotNull(clientMultiSigPubKey); checkState(state == State.WAITING_FOR_REFUND_TRANSACTION); log.info("Provided with refund transaction: {}", refundTx); // Do a few very basic syntax sanity checks. refundTx.verify(); // Verify that the refund transaction has a single input (that we can fill to sign the multisig // output). if (refundTx.getInputs().size() != 1) throw new VerificationException("Refund transaction does not have exactly one input"); // Verify that the refund transaction has a time lock on it and a sequence number of zero. if (refundTx.getInput(0).getSequenceNumber() != 0) throw new VerificationException("Refund transaction's input's sequence number is non-0"); if (refundTx.getLockTime() < minExpireTime) throw new VerificationException("Refund transaction has a lock time too soon"); // Verify the transaction has one output (we don't care about its contents, its up to the // client) // Note that because we sign with SIGHASH_NONE|SIGHASH_ANYOENCANPAY the client can later add // more outputs and // inputs, but we will need only one output later to create the paying transactions if (refundTx.getOutputs().size() != 1) throw new VerificationException("Refund transaction does not have exactly one output"); refundTransactionUnlockTimeSecs = refundTx.getLockTime(); // Sign the refund tx with the scriptPubKey and return the signature. We don't have the spending // transaction // so do the steps individually. clientKey = ECKey.fromPublicOnly(clientMultiSigPubKey); Script multisigPubKey = ScriptBuilder.createMultiSigOutputScript(2, ImmutableList.of(clientKey, serverKey)); // We are really only signing the fact that the transaction has a proper lock time and don't // care about anything // else, so we sign SIGHASH_NONE and SIGHASH_ANYONECANPAY. TransactionSignature sig = refundTx.calculateSignature(0, serverKey, multisigPubKey, Transaction.SigHash.NONE, true); log.info("Signed refund transaction."); this.clientOutput = refundTx.getOutput(0); state = State.WAITING_FOR_MULTISIG_CONTRACT; return sig.encodeToBitcoin(); }
/** * This is required for signatures which use a sigHashType which cannot be represented using * SigHash and anyoneCanPay See transaction * c99c49da4c38af669dea436d3e73780dfdb6c1ecf9958baa52960e8baee30e73, which has sigHashType 0 */ public static synchronized byte[] serializeForSignature( Transaction spendingTx, int inputIndex, byte[] connectedScript, byte sigHashType) { NetworkParameters params = TestNet3Params.get(); // The SIGHASH flags are used in the design of contracts, please see this page for a further // understanding of // the purposes of the code in this method: // // https://en.bitcoin.it/wiki/Contracts try { Transaction tx = new Transaction(params, spendingTx.bitcoinSerialize()); // Store all the input scripts and clear them in preparation for signing. If we're signing a // fresh // transaction that step isn't very helpful, but it doesn't add much cost relative to the // actual // EC math so we'll do it anyway. // // Also store the input sequence numbers in case we are clearing them with SigHash.NONE/SINGLE byte[][] inputScripts = new byte[tx.getInputs().size()][]; long[] inputSequenceNumbers = new long[tx.getInputs().size()]; for (int i = 0; i < tx.getInputs().size(); i++) { inputScripts[i] = tx.getInputs().get(i).getScriptBytes(); inputSequenceNumbers[i] = tx.getInputs().get(i).getSequenceNumber(); tx.getInput(i).setScriptSig(new Script(new byte[0])); } // This step has no purpose beyond being synchronized with the reference clients bugs. // OP_CODESEPARATOR // is a legacy holdover from a previous, broken design of executing scripts that shipped in // Bitcoin 0.1. // It was seriously flawed and would have let anyone take anyone elses money. Later versions // switched to // the design we use today where scripts are executed independently but share a stack. This // left the // OP_CODESEPARATOR instruction having no purpose as it was only meant to be used internally, // not actually // ever put into scripts. Deleting OP_CODESEPARATOR is a step that should never be required // but if we don't // do it, we could split off the main chain. connectedScript = Script.removeAllInstancesOfOp(connectedScript, ScriptOpCodes.OP_CODESEPARATOR); // Set the input to the script of its output. Satoshi does this but the step has no obvious // purpose as // the signature covers the hash of the prevout transaction which obviously includes the // output script // already. Perhaps it felt safer to him in some way, or is another leftover from how the code // was written. TransactionInput input = tx.getInputs().get(inputIndex); input.setScriptSig(new Script(connectedScript)); List<TransactionOutput> outputs = tx.getOutputs(); if ((sigHashType & 0x1f) == (Transaction.SigHash.NONE.ordinal() + 1)) { // SIGHASH_NONE means no outputs are signed at all - the signature is effectively for a // "blank cheque". // this.outputs = new ArrayList<TransactionOutput>(0); tx.clearOutputs(); // The signature isn't broken by new versions of the transaction issued by other parties. for (int i = 0; i < tx.getInputs().size(); i++) if (i != inputIndex) tx.getInputs().get(i).setSequenceNumber(0); } else if ((sigHashType & 0x1f) == (Transaction.SigHash.SINGLE.ordinal() + 1)) { // SIGHASH_SINGLE means only sign the output at the same index as the input (ie, my output). if (inputIndex >= tx.getOutputs().size()) { // The input index is beyond the number of outputs, it's a buggy signature made by a // broken // Bitcoin implementation. The reference client also contains a bug in handling this case: // any transaction output that is signed in this case will result in both the signed // output // and any future outputs to this public key being steal-able by anyone who has // the resulting signature and the public key (both of which are part of the signed tx // input). // Put the transaction back to how we found it. // // TODO: Only allow this to happen if we are checking a signature, not signing a // transactions for (int i = 0; i < tx.getInputs().size(); i++) { // tx.getInputs().get(i).setScriptSig(inputScripts[i]); /* tx.getInputs().get(i).setScriptSig(ScriptBuilder.createMultiSigInputScriptBytes( Arrays.asList(inputScripts[i])));*/ tx.getInput(i).setScriptSig(new Script(inputScripts[i])); tx.getInputs().get(i).setSequenceNumber(inputSequenceNumbers[i]); } // this.outputs = outputs; // Satoshis bug is that SignatureHash was supposed to return a hash and on this codepath // it // actually returns the constant "1" to indicate an error, which is never checked for. // Oops. return Utils.HEX.decode( "0100000000000000000000000000000000000000000000000000000000000000"); } // In SIGHASH_SINGLE the outputs after the matching input index are deleted, and the outputs // before // that position are "nulled out". Unintuitively, the value in a "null" transaction is set // to -1. /* this.outputs = new ArrayList<TransactionOutput>(this.outputs.subList(0, inputIndex + 1)); for (int i = 0; i < inputIndex; i++) this.outputs.set(i, new TransactionOutput(params, this, Coin.NEGATIVE_SATOSHI, new byte[] {})); // The signature isn't broken by new versions of the transaction issued by other parties. for (int i = 0; i < inputs.size(); i++) if (i != inputIndex) inputs.get(i).setSequenceNumber(0);*/ // In SIGHASH_SINGLE the outputs after the matching input index are deleted, and the outputs // before // that position are "nulled out". Unintuitively, the value in a "null" transaction is set // to -1. // tx.outputs = new ArrayList<TransactionOutput>(tx.getOutputs().subList(0, inputIndex + // 1)); tx.clearOutputs(); for (int i = 0; i <= inputIndex; i++) if (i == inputIndex) { // need to make sure the output at inputIndex stays the same tx.addOutput(spendingTx.getOutput(inputIndex)); } else { // this.outputs.set(i, new TransactionOutput(params, this, Coin.NEGATIVE_SATOSHI, new // byte[] {})); tx.addOutput(new TransactionOutput(params, tx, Coin.NEGATIVE_SATOSHI, new byte[] {})); } // The signature isn't broken by new versions of the transaction issued by other parties. for (int i = 0; i < tx.getInputs().size(); i++) if (i != inputIndex) tx.getInputs().get(i).setSequenceNumber(0); } List<TransactionInput> inputs = tx.getInputs(); if ((sigHashType & (byte) 0x80) == 0x80) { // SIGHASH_ANYONECANPAY means the signature in the input is not broken by // changes/additions/removals // of other inputs. For example, this is useful for building assurance contracts. tx.clearInputs(); tx.getInputs().add(input); } ByteArrayOutputStream bos = new UnsafeByteArrayOutputStream(256); tx.bitcoinSerialize(bos); // We also have to write a hash type (sigHashType is actually an unsigned char) uint32ToByteStreamLE(0x000000ff & sigHashType, bos); // Note that this is NOT reversed to ensure it will be signed correctly. If it were to be // printed out // however then we would expect that it is IS reversed. byte[] txSignatureBytes = bos.toByteArray(); bos.close(); // Put the transaction back to how we found it. // tx.inputs = inputs; tx.clearInputs(); for (int i = 0; i < inputs.size(); i++) { tx.addInput(inputs.get(i)); } for (int i = 0; i < inputs.size(); i++) { inputs.get(i).setScriptSig(new Script(inputScripts[i])); inputs.get(i).setSequenceNumber(inputSequenceNumbers[i]); } // this.outputs = outputs; tx.clearOutputs(); for (int i = 0; i < outputs.size(); i++) { tx.addOutput(outputs.get(i)); } return txSignatureBytes; } catch (IOException e) { throw new RuntimeException(e); // Cannot happen. } }
/** * function that updates debit/credit/balance/price in fiat and Transaction History table * * @param services */ private void updateWalletsSummary(List<WalletService> services) { Coin totalDebit = Coin.ZERO; Coin totalCredit = Coin.ZERO; Coin totalBalance = Coin.ZERO; double priceInFiat = 0.00d; String confidence = ""; // update debit/credit/balance and price in fiat List<TransactionWrapper> transactions = new ArrayList<>(); for (WalletService service : services) { try { Wallet wallet = service.getWallet(); totalBalance = totalBalance.add(wallet.getBalance()); for (Transaction trx : wallet.getTransactionsByTime()) { if (trx.getConfidence().equals(TransactionConfidence.ConfidenceType.DEAD)) continue; Coin amount = trx.getValue(wallet); if (amount.isPositive()) { totalCredit = totalCredit.add(amount); } else { totalDebit = totalDebit.add(amount); } transactions.add(new TransactionWrapper(trx, wallet, amount)); } } catch (Exception e) { logger.error("Unable to update wallet details"); } } pnlDashboardStats.setTotalBalance(MonetaryFormat.BTC.noCode().format(totalBalance).toString()); // pnlDashboardStats.setTotalDebit(MonetaryFormat.BTC.noCode().format(totalDebit).toString()); // pnlDashboardStats.setTotalCredit(MonetaryFormat.BTC.noCode().format(totalCredit).toString()); priceInFiat = Double.valueOf(MonetaryFormat.BTC.noCode().format(totalBalance).toString()); priceInFiat *= BitcoinCurrencyRateApi.get().getCurrentRateValue(); pnlDashboardStats.setPriceInFiat( String.format("%.2f", priceInFiat), "", ConfigManager.config().getSelectedCurrency()); pnlDashboardStats.setExchangeRate( ConfigManager.config().getSelectedCurrency(), String.format("%.2f", BitcoinCurrencyRateApi.get().getCurrentRateValue())); Collections.sort( transactions, new Comparator<TransactionWrapper>() { @Override public int compare(TransactionWrapper o1, TransactionWrapper o2) { return o2.getTransaction() .getUpdateTime() .compareTo(o1.getTransaction().getUpdateTime()); } }); // update Transaction History table DefaultTableModel model = (DefaultTableModel) tblTransactions.getModel(); model.setRowCount(0); for (TransactionWrapper wrapper : transactions) { Transaction transaction = wrapper.getTransaction(); if (transaction.getConfidence().getDepthInBlocks() > 6) confidence = "<html>6<sup>+</sup></html>"; else confidence = transaction.getConfidence().getDepthInBlocks() + ""; Coin amount = wrapper.getAmount(); Coin fee = transaction.getFee(); String amountString = MonetaryFormat.BTC.noCode().format(amount).toString(); String feeString = fee != null ? MonetaryFormat.BTC.noCode().format(fee).toString() : "0.00"; Address from = transaction.getInput(0).getFromAddress(); Address to = transaction .getOutput(0) .getAddressFromP2PKHScript(wrapper.getWallet().getNetworkParameters()); boolean credit = amount.isPositive(); model.addRow( new Object[] { Utils.formatTransactionDate(transaction.getUpdateTime()), from, to, credit ? "Credit" : "Debit", amountString, feeString, "", confidence }); } Coin balanceAfter = Coin.ZERO; for (int index = transactions.size() - 1; index >= 0; index--) { balanceAfter = balanceAfter.add(Coin.parseCoin((String) model.getValueAt(index, 4))); model.setValueAt(MonetaryFormat.BTC.noCode().format(balanceAfter).toString(), index, 6); } }