Latest posts of: ca333

Show Posts
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 [26]

501

Bitcoin / Development & Technical Discussion / Re: Check if your BTC-key is vulnerable

on: March 08, 2015, 02:01:01 PM

Quote from: FabioCarpi on March 08, 2015, 10:54:32 AM there how to run this script online? how you mean run online? you can run script in your computer. only install dependcies: python5 and then run make script executable (chmod 755) and then must only: Code: ./script.py OR Code: python script.py

502

Bitcoin / Development & Technical Discussion / Re: Check if your BTC-key is vulnerable

on: March 07, 2015, 01:09:14 PM

hi, some asked me because of r-value is not display correct, but you have to watch on r value length descriptor in input script i descriped format of inputs in above posts. and then you only change: the char-array indexes for your correct length. for example this is for 64 chars = 32byte lenght of r-value. Code: if inputs[xi][10:74] == inputs[x+zi][10:74]: when need help ask me. thank you

503

Alternate cryptocurrencies / Announcements (Altcoins) / Re: ★[ANN] [NAV] NAVAJO COIN - Anonymous Technology BETA STARTED ● CHAT ● Faucet!

on: March 07, 2015, 12:01:11 PM

Quote from: shahim on March 07, 2015, 11:54:58 AM Quote from: ca333 on March 07, 2015, 11:18:34 AM Hi, i have questions for developer. a friend asked here but nobody answered his questions. 1. Please list all subchain parameter and how you code sign data for the switch NAV-chain -> Anon-chain and what HASHING algorithm you used for the 2nd blockchain system. 2. How you generate and parse 2nd blockchain parameters(subchain)? (see zerocoin problem) 3. What happened with this premine blocks? https://github.com/sherlockcoin/navajocoin/blob/master/src/main.cpp#L1006 Code: if(pindexBest->nHeight < 1) { nSubsidy = 25232976 * COIN; } https://github.com/sherlockcoin/navajocoin/blob/master/src/main.cpp#L1010 Code: else if(pindexBest->nHeight >= 141350 && pindexBest->nHeight < 141351) { nSubsidy = 2600000 * COIN; } 4. and this is more rethorical question: Why is so many bugs/issue in sourcecodes of NAVAJO? example: parsing new blocks have issues, staking is broked (not working good)... and so and so.. (stake modifier must be fixed for health network because is vulnerable and staking parameters adapted) this are most important questions but many other question in my head..... thank you. Hi mate. Just to point 3. The first is the swap from sum1 to sum2. Second one has been generated to survive the double spend attack. There will be more information about the subchain network in future. And ifncourse many bugs will be solved with the next release. Regards Shahim thank you much for fast answer. ok i understand and then it was SUM2 this blockchain and rename to NAVAJO? where is it recorded the swap for sum1->sum2. so example: the list of amount(TXID: SUM1) ==> amount(TXID:SUM2)? and what double spending attack? can you explain please for what this 2.6 mio navajo?? my friends often lost money in cryptosscene so i want only ask and make sure its not to much risky for investing from my personal opinion. this is only reason i asked this. and thank you very much time to answer.

504

Alternate cryptocurrencies / Announcements (Altcoins) / Re: ★[ANN] [NAV] NAVAJO COIN - Anonymous Technology BETA STARTED ● CHAT ● Faucet!

on: March 07, 2015, 11:36:16 AM

Quote from: hashforce101 on March 07, 2015, 11:31:31 AM I am an Investor do not talking on behalf of anyone else - I personally DO NOT want Subchain algorithms to be broadcast to the world . This is what gives NavajoCoins its uniqueness and value. We aint going open source either which is a great decision to just give our technology away - that's my opinion anyway. This has all been announced in the past threads many times. We will achive ODA and we will be the first ANON to do so I am staking Perfect if it s legit project then developer must say what hashings algorithm its for subchain so sha256 or cpu-hash algorithm?? when you understand. and if technology is REAL decentralized then only opensource can proofe, still nobody can copy technology when serverside scripts is not publish. otherwise everybody can draw own image.... dev must proof transparency. this looks for me it s NOT subchain. it s normal tcp/udp communication for transfer of value through INTERNET. NOT through 2nd blockchain. and if it s so, then this must tell. also BETA release proofe nothing. it s normal wallet. NO sourcecode, NOTHING. this is not good development. ALL anon-technics can be publish in sourcecode, but parts for subchain generating is not published. so it s useless but good developer can have confirmation if its true. AND NO I NOT ASKING TO REVEAL ANYTHING. I ASK FOR PARAMETERS. it s mathematical answer! but you are investor you don't understand i think what this is all.

505

Alternate cryptocurrencies / Announcements (Altcoins) / Re: ★[ANN] [NAV] NAVAJO COIN - Anonymous Technology BETA STARTED ● CHAT ● Faucet!

on: March 07, 2015, 11:18:34 AM

Hi, i have questions for developer. a friend asked here but nobody answered his questions. 1. Please list all subchain parameter and how you code sign data for the switch NAV-chain -> Anon-chain and what HASHING algorithm you used for the 2nd blockchain system. 2. How you generate and parse 2nd blockchain parameters(subchain)? (see zerocoin problem) 3. What happened with this premine blocks? https://github.com/sherlockcoin/navajocoin/blob/master/src/main.cpp#L1006 Code: if(pindexBest->nHeight < 1) { nSubsidy = 25232976 * COIN; } https://github.com/sherlockcoin/navajocoin/blob/master/src/main.cpp#L1010 Code: else if(pindexBest->nHeight >= 141350 && pindexBest->nHeight < 141351) { nSubsidy = 2600000 * COIN; } 4. and this is more rethorical question: Why is so many bugs/issue in sourcecodes of NAVAJO? example: parsing new blocks have issues, staking is broked (not working good)... and so and so.. (stake modifier must be fixed for health network because is vulnerable and staking parameters adapted) this are most important questions but many other question in my head..... thank you.

506

Economy / Games and rounds / Re: 1BTC - Bitcoin Treasure Hunt - Can you crack the code?

on: March 06, 2015, 08:52:15 PM

Quote from: steveturk on March 06, 2015, 07:30:47 PM Quote from: Wendigo on March 06, 2015, 07:10:44 PM Quote from: steveturk on March 06, 2015, 07:08:22 PM Seems no one is reading previous clues eliminating their answers Could you give another clue because this is getting ridiculous {you want the solution before you ask 4 the key and bin it} only looked fast so not sure. will read all and try detailed sunday when nobody else wins. 100010000 or 100000010

507

Bitcoin / Bitcoin Technical Support / Re: using bitcoin blockchain with an external service (sidechain?)

on: March 06, 2015, 06:42:18 PM

Quote from: MithrilMan on March 02, 2015, 10:15:06 AM no one answered on developmet forum, so i try to ask here Hi, I'm sure this is possible but I'd like to have advices about where to look for informations. Basically, I have a nice idea i want to implement about a game. I could implement it on as a stand alone cryptocurrency but i don't see the point of creating another altcoin so i would like to use bitcoin blockchain as a base to implement my logics. Technically what i'd need is to store information linked to a bitcoin address and the bitcoin blocks would trigger some events in my game logic the things to store could take several KB of data, i could even need to upload some images/sounds, so i can't store them right into the bitcoin blockchain, so i think i should need something like external assets linked to bitcoin transactions. Now, i could easily implement a service that can be used to get/put assets but since it would be a proprietary server, there is the problem about the trust of information it holds, so what's the best practice for things like this? without entering in the game detail, i have in mind the workflow i need. the user should be able to do this: 1) store the (encrypted) information about his character (it's not really a character but for semplicity sake let call it this way) and be able to update it 2) subscribe to an event, sending a BTC amount to a specific address, plus a link to his subscribed character address 3) validate the subscribtion, sending the private key to decrypt his character 4) the external service will then execute the event, producing a result that would take a lot of space, so will be stored in the external server and a link to that result(asset?) need to be store in the bitcoin blockchain users can use their own clients to verify that the produced result is right (the concept is like the transaction validations that bitcoin nodes does, this is why i said that i could implement an altcoin) questions are: - what's the best practice for things like this? - how to grant that stored external asset doesn't change over time? (generate a CRC and put it on blockchain? any better ideas?) - how to handle the payment in BTC without running a sort of exchanger? (i was thinking about using RETURN_OP as a way to link informations) - would be nice to give to users the chance to store the same data stored in my server (sort of sidechain), is this possible actually? thanks, feel free to ask if i didn't explained well p.s. it seems that sidechains proposal would fit well but it's just a proposal (http://www.coindesk.com/bitcoin-core-developers-bitcoin-side-chains/) i would create secondary blockchain which is same specs of BTC-chain and then linked to your client, we call now "M[ithril]M[an]CLIENT". then its very easy when somebody own privkey he can use to sign also data-transfer and broadcast informations to this "sidechain" thourg "MMCLIENT". and in MMCLIENT network you can see with which BTCkey it s linked/signed so its connected to btc-chain (for owner verification....). but please remember not to allow transfer of images and multimedial data. chain-technology must save information on other clients. it s "everywhere". and when it s too big then you have problem. because somebody also will try to manipulate or say better destroy your project when ability is here (data-spam or flood). and unless it s not centralized technic (giving developer ability to ban keys) you can not do something again it. saving a reference or shortcode of the information is no problem like url added as tx-note in chain or with OP_return tx which is in my opinion best option because its lightweighter for the blockchain then other methods of putting information into blockchain. i hope this helps you for decision. when you need help for programming ask me i work on subchain-solution for other coin since 5 month i know how make. i can help you free.

508

Economy / Service Discussion / Re: Kipcoin lost 3000 btc and shutdown

on: March 06, 2015, 04:29:21 PM

this is not possible to be hacked. in my eyes ALL recent "hacks" = inside attack from employers. because when you run btc-wallet on secured enviroment it s practically impossible to hack funds. but you must keep safe (hardware in controlled location, alternative transport layer for broadcasting funds from cold storage, and so and so on).... it s very sad this is happening again and again. this is only point when i say maybe a little bit control/regulation for exchanges is good. (example - BTC foundation makes team for testing btc-exchanges and only when it s really secure it gets a certification for securement)... but there is 10000 ways for making it s all better and safer. (all is only my opinion) thank you

509

Economy / Speculation / Re: BTC DOWN continue? Why?

on: March 06, 2015, 04:17:32 PM

no. it s like the name of this board. all speculation. in recent time its not possible to make clear answer for question about reason of low btc-price. it can be 1000 factors. if the community can make userbase and other potential user to use bitcoin regularily (payments, donations, etc.) then it sure go up. but for now we can only speculate.

510

Bitcoin / Development & Technical Discussion / Re: Check if your BTC-key is vulnerable

on: March 06, 2015, 04:09:25 PM

Quote from: Evil-Knievel on March 06, 2015, 08:31:38 AM This software is great, but does not provide any value to the users. I am pretty sure, that reused R values will be detected within milliseconds and the private keys emptied immediately. So if your funds are gone, you have reused a R value ;-) not "any" because low balance keys are not interested for bad guys. i provided this for testing/educational purposes. if i find out it makes harm to users/btc-community i will delete all. also the services i finded out have rng vuln i directly imported balance and contacted developers. i think nobody with exsisting btc-service have rng issue anymore. also all pubkeys with more 50BTC or more balance are secured. and i extra only provided a lightweight script. so with this technology (json request http) no chance to scan fast. if ported into ansic and used on highend server with own blockchain i can scan/compare all chain inputs in no time. but i think this people who are able to do this, have a moral compass and do not do this... badguys most cases are not very inteligent. also if anybody interested in more things i start soon release my scriptbase and software on github. (ca333) it s all for btc-security and some cryptocurrencies security. thank you.

511

Bitcoin / Development & Technical Discussion / Re: Check if your BTC-key is vulnerable

on: March 05, 2015, 05:59:00 PM

Quote from: cr1776 on March 05, 2015, 05:23:56 PM Quote from: MakingMoneyHoney on March 05, 2015, 05:17:59 PM Quote from: ca333 on March 05, 2015, 04:47:09 PM Quote from: coinableS on March 05, 2015, 04:17:46 PM Thanks for that explanation and breaking it down so it's easy to understand. At least only addresses with spent outputs through a web wallet are possibly at risk, so that's good for me as I keep very small amounts in those. Keep your cold storage cold and only keep a small amount in your hot/spending wallets. yes mostly online wallets/service. but sadly not only online wallets. i saw many droid technologies with same issues. and most problematic is the clones of cryptocoins which use this old android wallet clones. i already warned developers but many don't understand whats not good. i recommend sandbox system for handling BTC and/or cold-storage (paper & CLEAN usb flash). example I have computer with my bitcoins and only can connect with self writed IR-module for datatranser of signed transactions. so only can go out via IR to my internet-connected computer. and this have script which accept IR data and make rest. all started with little adruino experiment i made with friend people often don't understand that enviroment must be secure. encryption and passwords is useless when enviroment is not secure. example you have super secured computer with sandbox (VM) and bitcoins safed here. but hacker goes in your computer with worm/expl/trojan and then waits for you type in password or keys and then all is stolen.. so most important thing is secure computer good or make it offline(no network communication i.e. rj45, wifi) when it s for bitcoin. Can you say which droid wallets use it? Thanks for posting this. Most of my bitcoins are already on paper wallets from a clean Ubunutu system (not connected to internet, old printer not connected to internet, etc). But I still have to use a hot wallet sometimes to pay people. Perhaps referring to the bad rng on android from about 18 months ago: https://bitcoin.org/en/alert/2013-08-11-android exactly. bad signing values issue like explained in the first post. Quote from: MakingMoneyHoney on March 05, 2015, 05:39:29 PM Quote from: cr1776 on March 05, 2015, 05:23:56 PM Quote from: MakingMoneyHoney on March 05, 2015, 05:17:59 PM Quote from: ca333 on March 05, 2015, 04:47:09 PM Quote from: coinableS on March 05, 2015, 04:17:46 PM Thanks for that explanation and breaking it down so it's easy to understand. At least only addresses with spent outputs through a web wallet are possibly at risk, so that's good for me as I keep very small amounts in those. Keep your cold storage cold and only keep a small amount in your hot/spending wallets. yes mostly online wallets/service. but sadly not only online wallets. i saw many droid technologies with same issues. and most problematic is the clones of cryptocoins which use this old android wallet clones. i already warned developers but many don't understand whats not good. i recommend sandbox system for handling BTC and/or cold-storage (paper & CLEAN usb flash). example I have computer with my bitcoins and only can connect with self writed IR-module for datatranser of signed transactions. so only can go out via IR to my internet-connected computer. and this have script which accept IR data and make rest. all started with little adruino experiment i made with friend people often don't understand that enviroment must be secure. encryption and passwords is useless when enviroment is not secure. example you have super secured computer with sandbox (VM) and bitcoins safed here. but hacker goes in your computer with worm/expl/trojan and then waits for you type in password or keys and then all is stolen.. so most important thing is secure computer good or make it offline(no network communication i.e. rj45, wifi) when it s for bitcoin. Can you say which droid wallets use it? Thanks for posting this. Most of my bitcoins are already on paper wallets from a clean Ubunutu system (not connected to internet, old printer not connected to internet, etc). But I still have to use a hot wallet sometimes to pay people. Perhaps referring to the bad rng on android from about 18 months ago: https://bitcoin.org/en/alert/2013-08-11-android But that page says it was fixed with the "current" updates as of 2013. And the OP is talking currently of 2015. not all forker adapted updates to their fork-branches and clones. the BTC wallet for android is fixed and "secure" regarding rng issue.

512

Economy / Speculation / Re: BTC DOWN continue? Why?

on: March 05, 2015, 05:06:35 PM

Quote from: virtapayseller666 on March 05, 2015, 05:00:49 PM BTC DOWN continue? last night bitcoin price is 281$ now price of 1 bitcoin is 264$ and lossing value continue see the price of 1 btc - http://preev.com/ What is the main reason the price is drop back to the same rate ? 230$ think for all the recent hacks which happened. many coins till unsold, or sold for fiat very cheap and then dumped online. and also most btc-services have to sell coins to pay all bills. as long as electricity and mining hardware so cheap in china it will stay low in my opinion. wait for 2016 when reward half again, then it will technically have more value. but for now is all demand/offer price, you can not say clearly why. it depend on market situation day by day.

513

Bitcoin / Development & Technical Discussion / Re: Check if your BTC-key is vulnerable

on: March 05, 2015, 04:47:09 PM

Quote from: coinableS on March 05, 2015, 04:17:46 PM Thanks for that explanation and breaking it down so it's easy to understand. At least only addresses with spent outputs through a web wallet are possibly at risk, so that's good for me as I keep very small amounts in those. Keep your cold storage cold and only keep a small amount in your hot/spending wallets. yes mostly online wallets/service. but sadly not only online wallets. i saw many droid technologies with same issues. and most problematic is the clones of cryptocoins which use this old android wallet clones. i already warned developers but many don't understand whats not good. i recommend sandbox system for handling BTC and/or cold-storage (paper & CLEAN usb flash). example I have computer with my bitcoins and only can connect with self writed IR-module for datatranser of signed transactions. so only can go out via IR to my internet-connected computer. and this have script which accept IR data and make rest. all started with little adruino experiment i made with friend people often don't understand that enviroment must be secure. encryption and passwords is useless when enviroment is not secure. example you have super secured computer with sandbox (VM) and bitcoins safed here. but hacker goes in your computer with worm/expl/trojan and then waits for you type in password or keys and then all is stolen.. so most important thing is secure computer good or make it offline(no network communication i.e. rj45, wifi) when it s for bitcoin.

514

Bitcoin / Development & Technical Discussion / Re: Backup bitcoind wallet for servers example.

on: March 05, 2015, 04:06:50 PM

Quote from: cheako911 on February 26, 2015, 11:11:55 PM

Replace the two occurrences of YOUREMAIL.

Code:

#!/usr/bin/env perl

use common::sense;

use Fcntl qw(O_RDONLY O_NONBLOCK);
use POSIX qw(mkfifo);
use File::Temp qw(mktemp);
use File::Copy qw(copy);

my ( undef, $api ) = do '/home/btc/.bitcoin/bitcoin.PL';

my @fh;
my $unopened_file = mktemp("/home/btc/.backup${$}XXXXX");
$SIG{INT} = sub { die };
END { unlink $unopened_file }

mkfifo( $unopened_file, 0600 ) || die "mkfifo $unopened_file failed: $!";

sysopen( $fh[0], $unopened_file, O_RDONLY | O_NONBLOCK )
  || die "open $unopened_file failed: $!";

open( $fh[1],
'|gpg --batch --trust-model always -e -a -r "YOUREMAIL"|mail -s Bitcoin_Backup YOUREMAIL'
) || die "|gpg|mail failed: $!";

$api->call( 'dumpwallet', "$unopened_file" );

copy($fh[0],$fh[1]) || die "copy $unopened_file |gpg|mail failed: $!";

bitcoin.PL contains.

Code:

use Finance::Bitcoin;
my $wallet = Finance::Bitcoin::Wallet->new(
'http://bitcoinrpc:blahblahblah@127.0.0.1:8332/'
);
( $wallet, $wallet->api );

thank you for sharing. i extended your script with parameters and config-file.
will upload/share when finished. will try add ssl config for wallet-connection too.

greetings!

515

Bitcoin / Development & Technical Discussion / Re: Check if your BTC-key is vulnerable

on: March 05, 2015, 03:47:52 PM

THIS IS ONLY FOR EDUCATIONAL PURPOSE. PLEASE DO NOT HARM OTHER! Quote from: coinableS on March 05, 2015, 02:03:20 PM Hmm very interesting thanks for sharing. Can you explain further how a private key get's leaked through a tx hash? i remember people talking about this was a counter-party bug and other online wallets, but I never actually understood how someone can get the PK from a tx hash. We don't get private key from the hash. we get it from the scripts. When a btc-tx is generated it must be signed. but many developers from btc-services code their own "wallet-system" so they make it all from their software and when their signing procedure resuses signing values, then it s easy to generate the private key from that. the input scripts of transaction contains two signature values. i call s and r. so when we have 2 inputs or more in a transaction or different inputs from different transaction (of same publickey) and reused r values it s a huge problem for security. ECDSA then allows you recalculate with curve. formula: Code: privatekey = (sop1s2 - sop2s1)/(r(s1-s2)) now only sop1 and sop2 is missing! These are hashes of the outputs to be signed. Also this is calculated by OP_CHECKSIG. so we have all data for calculating private-key. so i make example now: Public key: 1BFhrfTTZP3Nw4BNy4eX4KFLsn9ZeijcMm (i take this example because this vulnerability is public already) my script tell me we have duplicates in transaction: 9ec4bc49e828d924af1d1029cacf709431abbde46d59554b62bc270e3b29c4b1 input script 1: 30440220d47ce4c025c35ec440bc81d99834a624875161a26bf56ef7fdc0f5d52f843ad1022044e1ff2dfd8102cf7a47c21d5c9fd5701610d04953c6836596b4fe9dd2f53e3e0104dbd0c61532279cf72981c3584fc32216e0127699635c2789f549e0730c059b81ae133016a69 c21e23f1859a95f06d52b7bf149a8f2fe4e8535c8a829b449c5ff input script 2: 30440220d47ce4c025c35ec440bc81d99834a624875161a26bf56ef7fdc0f5d52f843ad102209a5f1c75e461d7ceb1cf3cab9013eb2dc85b6d0da8c3c6e27e3a5a5b3faa5bab0104dbd0c61532279cf72981c3584fc32216e0127699635c2789f549e0730c059b81ae133016a69c2 1e23f1859a95f06d52b7bf149a8f2fe4e8535c8a829b449c5ff first i must explain you inputs script format header descr: 0x30 = header byte 0x44 = length descriptor (68 bytes) 0x02 = header byte 0x20 = r value length descriptor (32 bytes) d47ce4c025c35ec440bc81d99834a624875161a26bf56ef7fdc0f5d52f843ad1 the r coordinate as a big endian integer 0x02 = header byte 0x20 = s value length descriptor (32 bytes) 44e1ff2dfd8102cf7a47c21d5c9fd5701610d04953c6836596b4fe9dd2f53e3e the s1 coordinate and 9a5f1c75e461d7ceb1cf3cab9013eb2dc85b6d0da8c3c6e27e3a5a5b3faa5bab the s2 coordinate as a big endian integer 0x01 = hashtype byte and 04dbd0c61532279cf72981c3584fc32216e0127699635c2789f549e0730c059b81ae133016a69c2 1e23f1859a95f06d52b7bf149a8f2fe4e8535c8a829b449c5ff is the pubkeyhash ok so now we know how inputs script is formated. now we calculated missing sop1 and sop2 by OP_CHECKSIG(): sop1: c0e2d0a89a348de88fda08211c70d1d7e52ccef2eb9459911bf977d587784c6e sop2: 17b0f41c8c337ac1e18c98759e83a8cccbc368dd9d89e5f03cb633c265fd0ddc so we now have a ll data for calculation: Code: p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 r = 0xd47ce4c025c35ec440bc81d99834a624875161a26bf56ef7fdc0f5d52f843ad1 s1 = 0x44e1ff2dfd8102cf7a47c21d5c9fd5701610d04953c6836596b4fe9dd2f53e3e s2 = 0x9a5f1c75e461d7ceb1cf3cab9013eb2dc85b6d0da8c3c6e27e3a5a5b3faa5bab sop1 = 0xc0e2d0a89a348de88fda08211c70d1d7e52ccef2eb9459911bf977d587784c6e sop2 = 0x17b0f41c8c337ac1e18c98759e83a8cccbc368dd9d89e5f03cb633c265fd0ddc now we can calculate with below formulas: mathcad or sagemath and we get privkey. plese note p is the order for the field. p = parameter for secp256k1 curve order which bitcoin use. now we create finite field for calculation: Code: K = GF(p) and calculate decimal private key inside this field with: Code: K((z1s2 - z2s1)/(r(s1-s2))) ouput: 88865298299719117682218467295833367085649033095698151055007620974294165995414 so when we encode we get priv-key hex-coded: c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96 and when converted to WIF format: 5KJp7KEffR7HHFWSFYjiCUAntRSTY69LAQEX1AUzaSBHHFdKEpQ i hope this help you understand. also: here is implementation for calculating by software: https://gist.github.com/nlitsme/dda36eeef541de37d996 hope it's clear and helped. thank you

516

Bitcoin / BitcoinJ / Re: How can I get previous hash to tx.addInput (BitcoinJS)?

on: March 05, 2015, 02:04:04 PM

Quote from: DKH on March 02, 2015, 07:50:57 PM Hello everyone, may I ask, how can I get this variable? Should I get it from spent tx or receive tx or unspent tx? Which hash of listed transaction should I use? I am new in this and I would like to know, how to create raw transaction. Thanks a lot for all replies. Hello, you must create transaction which spends your declared inputs (this is object contains transaction outputs (unspent) so you can spend in this rawtx. like: tx.addInput(unspent.txHash, unspent.index) and this you can get with for example from local btc-node or also can get unspent outputs and transaction history from blockchain.info like i do always. also here are some urls with usefull information on how to make raw tx in bitcoinjs: https://gist.github.com/orweinberger/3bd7dfdc574be58539c5 https://medium.com/@orweinberger/how-to-create-a-raw-transaction-using-bitcoinjs-lib-1347a502a3a hope this help. thank you

517

Bitcoin / Development & Technical Discussion / Check if your BTC-key is vulnerable

on: March 05, 2015, 01:45:59 PM

Hi,

thought maybe someone can use the script below. I just wrote it to check couple of my public keys for reused R-signing values which allow generating of the private key of affected PKs. The script is very lightweight and uses urllib2 for loading the data from blockchain.info. So no local btc-node is needed. The script only works for keys with up to 50 tx. If your key got more than 50 tx you have to add some lines (add loop and use optional API-parameters limit and offset to parse through all transactions [50+]). Also the script contains a lot of debug-output which you can just comment or remove.
This is OpenSource and BETA software - USE AT OWN RISK - released under GNU Public License.

Code:

#!/usr/bin/python


#################################################################################
#                                                                               #
#.______               _______.  ______     ___      .__   __.                  #
#|   _  \             /       | /      |   /   \     |  \ |  |                  # 
#|  |_)  |    ______ |   (----`|  ,----'  /  ^  \    |   \|  |                  #
#|      /    |______| \   \    |  |      /  /_\  \   |  . `  |                  #
#|  |\  \----.    .----)   |   |  `----./  _____  \  |  |\   |                  #
#| _| `._____|    |_______/     \______/__/     \__\ |__| \__|  v0.1.2          #
#                                                                               #
#GNU PL - 2015 - ca333                                                          # 
#                                                                               #         
#USE AT OWN RISK!                                                               #
#################################################################################

import json
import urllib2
import time
import sys

#for some reason blockchain.info api-chain is 59711 blocks short..
blockstart = 170399
blockstart += 59711
blockcount = urllib2.urlopen("https://blockchain.info/de/q/getblockcount").read()

print "WELCOME TO R-scan v0.1.2!"

print "ADDRESS-R-SCAN: "
addr = raw_input("type address:  ")
urladdr = "https://blockchain.info/de/rawaddr/" + str(addr)
#control api-url
print urladdr 
addrdata = json.load(urllib2.urlopen(urladdr))
print "Data for pubkey: " + str(addr)
print "number of txs: " + str(addrdata['n_tx'])
#tx-details:
y = 0
inputs = []
while y < addrdata['n_tx']:	
	print "#################################################################################"
	print "TX nr :" + str(y+1)
	print "hash: " + str(addrdata['txs'][y]['hash'])
	print "number of inputs: " + str(addrdata['txs'][y]['vin_sz'])
	#only if 
	#if addrdata['txs'][y]['vin_sz'] > 1:
	zy = 0
	while zy < addrdata['txs'][y]['vin_sz']:
		print "Input-ScriptNR " + str(zy+1) + " :" + str(addrdata['txs'][y]['inputs'][zy]['script'])
		inputs.append(addrdata['txs'][y]['inputs'][zy]['script'])
		zy += 1
	
	y += 1
	
print "compare: "

xi = 0
zi = 1
lenx = len(inputs)
alert = 0

#compare the sig values in each input script
while xi < lenx-1:
	x = 0
	while x < lenx-zi: 
		if inputs[xi][10:74] == inputs[x+zi][10:74]:
			print "In Input NR: " + str(xi) + "[global increment] " + str(inputs[xi])
			print('\a')
                        print "Resued R-Value: "
			print inputs[x+zi][10:74]
                        alert += 1

		x += 1
		
	zi += 1
	xi += 1

#check duplicates
#alert when everything ok

if alert < 1:
	print "Good pubKey. No problems."


sys.exit()

if you have question ask me.
thank you.

518

Alternate cryptocurrencies / Announcements (Altcoins) / Re: SendChat™ | Messaging App Integrated With Bitcoin & Sendcoin | www.sendchat.org

on: December 26, 2014, 07:57:09 AM

i will watch interested. please can you tell us more about technical and security aspects? (libraries, BTC-binding and used service).

519

Alternate cryptocurrencies / Announcements (Altcoins) / Re: OneCoin-The New CryptoCurrency That Will OverPass Bitcoin

on: December 26, 2014, 07:33:01 AM

potential shitcoin. PLEASE DO YOUR RESEARCH! ICOs are VERY VERY RISKY! YOU CAN WIN 100% but you can also lose 100%. INVEST WITH EXTREME CAUTIOUN! NEVER FORGET: https://bitcointalk.org/index.php?topic=845494

520

Alternate cryptocurrencies / Altcoin Discussion / Re: Never buy ico: ByteCent, EQX, Sys, Craig, Vior...

on: December 26, 2014, 06:59:28 AM

thank you for this information. its very important to warn everybody!!! why doesn't bitcointalk ban every ICO from this forum?? it s destroying altcoins. maybe 5 of 100 ICO is legit.

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 [26]