 Show Posts
|
|
Pages: [1]
|
Bump! Sorry if it's too soon to do a bump, also I edited my above reply. I have another question, it's only to confirm I understood the process. I read the following stackexchange posts: - https://bitcoin.stackexchange.com/questions/8250/what-is-relation-between-scriptsig-and-scriptpubkey- https://bitcoin.stackexchange.com/questions/93966/getting-public-key-from-any-raw-transaction-what-to-take-care-of- https://bitcoin.stackexchange.com/questions/8235/how-is-the-output-script-formed- https://bitcoin.stackexchange.com/questions/91088/how-do-i-get-the-scriptpubkey-type-from-the-raw-output-script- https://bitcoin.stackexchange.com/questions/100907/retrieving-an-addresses-public-key-from-pkscript-sigscript-witnessSo, if I understand correctly when you generate a transaction, then you have a sender (input) and receiver (output). When everything is signed and sent into the blockchain, two things happen, the sender (input) sends this into the blockchain (created by its wallet client): scriptPubKey = OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG and the receiver (output): scriptSig = <sig> <pubKey> Everything right until here? (correct me please) Then, if I would like to retrieve the public key I must define what it's going on here and which options do I have left. I'd like to have as many public keys as possible. To clarify things, to crawl pubkey from the sender (input) then I'll need to look into the signature on the scriptSig part of the receiver (output), and try to decode it? to crawl pubkey from the receiver (output) then I'll need to look into the type of script as @pooya87 stated here: When spending a P2PKH output, the public key is the top stack element when reaching OP_CHECKSIG.
When spending a P2WPKH output, the public key is the second witness item.
When spending a P2PK output, the public key is in the output.
When spending a P2TR output, the public key is a tweaked pubkey in the output (the witness program).
When spending other scripts such as P2SH when you reach any of the above op codes it should be the top stack element or in case of multi signatures there are multiple pubkeys.
So, Idk if I'm missing something more, I think that's the only way to get the public keys on both cases. There are some made examples that are useful: - https://github.com/bitcoin-core/btcdeb#script-compiler> btcc OP_DUP OP_HASH160 897c81ac37ae36f7bc5b91356cfb0138bfacb3c1 OP_EQUALVERIFY OP_CHECKSIG
> 76a914897c81ac37ae36f7bc5b91356cfb0138bfacb3c188ac
But the hash generated here is not a public key? And also I saw a php implementation for a rpc client for btc node, and a very interesting issue: - https://github.com/Bit-Wasp/bitcoin-p2p-php/issues/29$db = new PDO('pgsql:dbname=explore;host=localhost;','pgsql','');
$count = $rpc->getblockcount();
for ($i=0;$i<=$count;$i++) {
$hash = $rpc->getblock($rpc->getblockhash($i));
foreach ($hash['tx'] as $tx) {
$raw = $rpc->getrawtransaction($tx);
if ($raw == -5) {
continue;
} else {
$x = $rpc->decoderawtransaction($raw);
if(is_array($x)) {
foreach ($x['vin'] as $vin) {
if (isset($vin['coinbase']))
continue;
$txid = $vin['txid'];
$stmt = $db->prepare('delete from tx where txid = :id');
$stmt->bindValue('id',$x['txid']);
$stmt->execute();
}
foreach ($x['vout'] as $index=>$out) {var_dump($out['value']);
$stmt = $db->prepare('insert into tx (txid,"value",n,pubkey,address) values (:id,:value,:n,:pubkey,:address)');
$stmt->bindValue(':id',$x['txid']);
$stmt->bindValue(':value',$out['value']);
$stmt->bindValue(':n',$index);
$stmt->bindValue(':pubkey',$out['scriptPubKey']['hex']);
$stmt->bindValue(':address',$out['scriptPubKey']['addresses'][0]);
$stmt->execute();
}
}
}
}
}So, $stmt->bindValue(':pubkey',$out['scriptPubKey']['hex']);
$stmt->bindValue(':address',$out['scriptPubKey']['addresses'][0]);- :pubkey is the hash
- :address is the public key (I need to research this)?More questions, - so the easy way is to have the sender (input) pubkey? - because, the receiver (output) must have to recover the public key from it's signature which is a expensive process for a lot of addreses? - we have 720M of transactions, txid (right?)? https://www.blockchain.com/charts/n-transactions-total if I list txid I can still use btcc to have pubkey (I think not)? - having bitcoin core rpc calls: https://developer.bitcoin.org/reference/rpc/index.html which has listunspent that does something similar to btcposbal2csv (as I understood)? - but isn't there any rpc call to retrieve public keys from an txid? (EDIT: well, I saw this: https://gist.github.com/t4sk/68dbde1ef75762753214c0b3823097e8 and on documentation you can see: https://developer.bitcoin.org/reference/rpc/validateaddress.html but I don't know if it will work) - and last, even if I have the pubkey from the sender/receiver I must check the balance if it's positive? From the last question, I have some premises that Idk if they are right: Most of the public keys exposed: - have a high bit range (above 120 bits) - the ones left with lower bit range are all spent/cracked (their corresponding btc address has a 0 BTC balance) |
|
|
|
What do you mean duplicates? Addresses that have spent once and still have a balance?
Addresses that are duplicated on the list. But I edited my last post, all the addresses I crawled are not duped because the program was storing all addrs in a map. Perhaps you're using Google Translate as this neither makes sense.
No, I don't. |
|
|
|
That's not how you recover public keys from signature and message [hash]!
It's actually a simple process of computing Q = r−1(sR − eG) for R and -R.
So is the Kangroo project the reason why you are looking for public keys? Are you trying to recover "private" key of other people by having their public key?!!
Yes, I know that's not the way to recover public keys. But I would like to ask, recovering the pubkey from its signature it's really expensive process or not?
Of course. There is no limit to how many UTXOs can be sent to a single address.
Then, I'll need to find duplicates.EDIT: No, this py program I shared already does that, so isn't neccesary. You'll need to clarify what you are asking here since this doesn't make sense.
I mean that the only addresses that have money are utxos with a positive balance, everything else isn't worth it. Certainly looks like that. And here I just thought it was an interested newbie trying to learn.  Well, I'm just a newbie trying to learn. Implementing this thing will require much more knowledge, so you can be relaxed! Anyways, thanks to both, because nnow I understand blockchain clearly. |
|
|
|
Note that recovering a public key from an ECDSA signature, alone, is impossible. To compute the public key (without knowing it from the transaction data) you need to know the values r, s and z, where (r, s) represents the signature and z the hash of the message you want to sign.
Also note that recovering a public key from r, s and z is a different (more computationally expensive) procedure than to recover it from the transaction data. When you sign a transaction, you include your signature with your public key.
Thanks. I think that by the moment I'm not interested in doing I have Kangaroo implementation of Jean-Luc Pons.
So you mean that explorer shows everything but real balance are the utxo. Then we can assume that this address I share it has 17BTC? Correct. The balance of addresses really only exists to make things easier for us to interpret. The protocol deals with individual UTXOs. Thanks for the API, but to clarify I want to implement it by myself, so I cannot abuse an API for this task. Anything guidance here is welcome! So let's take the address you linked to, and then look at the transaction where it spends coins: https://mempool.space/tx/4d5cfc3a5d8d81e64235d527ad0521fd92fdaa7e8bf65d73421d5bc999f9b30cHit the button titled "Details", and then let's look at the scriptsig (in hex) for any of the inputs (the scriptsig is the same for all three inputs since all three inputs come from the same address): 47304402207965f47d583936d18267c1a207f5b7884c9dff5ab6b2cda644d078a9692aecd702204f08a3cb3529189e1967bdbdec88cc07a8baf19f0aee777224a37d39c39d0eff0141044188e7b878d0d88872ba579b8bbdb05161d985f4063d520e751340a6ec50d9f62544911e4b2ff1de589e452b7cfd0f786fd58fcdf5ecf80b6405304db173bba5 So let's break this down and see what it is telling us. | 47 | Push 71 bytes | | 30 | Header byte indicating signature | | 44 | Length of what follows (68 bytes) | | 02 | Header byte for R | | 20 | Length of R (32 bytes) | | 7965.....ecd7 | R | | 02 | Header byte for S | | 20 | Length of S (32 bytes) | | 4f08.....0eff | S | | 01 | Hashtype byte (SIGHASH_ALL) | | ------------------------------------ | ------------------------------------ | | 41 | Push 65 bytes | | 0441....bba5 | Pubkey |
However, this is just one example for a legacy P2PKH UTXO. Even other P2PKH UTXOs could be a little different as the length of every element is not necessarily fixed, and if the UTXO is of a different format, such as segwit or taproot, then it will be completely different altogether. Thanks for your guidance! Now I have a little bit clearer approach. Then: https://github.com/graymauser/btcposbal2csv this is correct, I need first utxo that are have the addresses with outputs (so that money can still be spent). But also, inherent to the extracted addresses we can look if it has spent outputs (it has sent money) and then look for its public key depending on the address type. But then, this program has something I don't trust on, can two utxo point to the same address? Maybe I'll need to search for duplicates. And also, I'm feeling like if missing something, like addresses that aren't pointing to any real address, but maybre I'm wrong. I'll like to extract as much as addresses with spendable money as I can and I onoy have like 31M. But blocksci is powerful, but unmaintained and complex to understand so, Idk what to do more. Also, this page: http://alladdresses.loyce.club/ gives me a clue that there are more addresses, but every address that existed doesn't mean that has it can be spent or even have balance. |
|
|
|
Bitcoin is not using a balance-based ledger, it is using an output based ledger. Meaning you only have UTXOs at protocol level and only the wallet or block explorers show "balance" for convenience.
So you mean that explorer shows everything but real balance are the utxo. Then we can assume that this address I share it has 17BTC? Hello
api blockchain.info/q/pubkeyaddr/18yGdLieoWDBrkfFcU6mSJJzNMMfRztDUg
Also you can extract public x,y from R,S,Z method is "Y = (R*s-G*m)/r"
Thanks for the API, but to clarify I want to implement it by myself, so I cannot abuse an API for this task. Anything guidance here is welcome! |
|
|
|
The coinbase transaction is the first transaction in each block in which the miner who found that block sends the block reward of (currently) 6.25 BTC brand new bitcoin to themselves, along with the transaction fees collected from all the transactions within that block they just found.
So, if every 2,016 blocks the difficulty increases (I think it doubles), there are 21,000,000/2,016=972.2222 (bits?) of difficulty. And each difficulty has 12,600 BTC. Interesting. Also, you mentioned: "along with the transaction fees collected from all the transactions within that block they just found". Then, you mean that all future tx done by anyone within that block their fees are returned back to the miner that found that block? Absolutely. If I send two outputs of 1 BTC each to an address, and then spend one of those bitcoin, the address will have used up an output and will still have a balance of 1 BTC.
Yes, I see two world icons on the blockchain page. The one in red is the 3BTC tx that was spent so the balance is taken from the full one (20-3=17BTC). Yes. To make any transaction the pubkey is exposed. The remaining balance on the address (or lack thereof) is irrelevant.
Why do you say it's irrelevant, I didn't understand, sorry. For the address you have linked, the public key is in uncompressed format and is as follows: 044188e7b878d0d88872ba579b8bbdb05161d985f4063d520e751340a6ec50d9f62544911e4b2ff1de589e452b7cfd0f786fd58fcdf5ecf80b6405304db173bba5 And how did you recovered it? I'd like to learn this. |
|
|
|
Thanks again! I read the following: "UTXOs are created through the consumption of existing UTXOs. Every Bitcoin transaction is composed of inputs and outputs. Inputs consume an existing UTXO, while outputs create a new UTXO." And also, there is something called coinbase which is where all root outputs come from. I have more questions, can an address have spent outputs with a positive balance? For example, this account has 17 BTC (balance), it has received 20 BTC and sent 3 BTC, then it is pubkey exposed? (I'm unsure if it works like this) https://www.blockchain.com/btc/address/18yGdLieoWDBrkfFcU6mSJJzNMMfRztDUg |
|
|
|
|
Thanks for your quick response!
I have another question, then I cannot know any pubkey from any unspent address, if I understood it correctly it's called utxo?
So, utxo which means unspent transaction output, now I can understand, but correct me if I'm wrong:
So if utxo belongs to output then it means there is a receiver, but if it's unspent it's because there isn't any sender.
But then, the following question assaults me, how is a utxo created, so if I only have a receiver who sent the money? You can create an address from real money? Or what is going on here?
|
|
|
|
Hi, following the next topic: https://bitcointalk.org/index.php?topic=6430.0 and I have several newbie questions... I would like to recover the public key from an address. I think the only way to do it is to check if there is any transaction done, but if a tx is done, then which pubkey is exposed, from the one that sends the money or the one who receives it? And which is the difference between tx input and tx output. Input is who receives the money and output who emits it? Also, I had check the bitcoin wiki, and I saw that there is a OP_CHECKSIG opcode: https://en.bitcoin.it/wiki/OP_CHECKSIG which states: "OP_CHECKSIG expects two values to be on the stack. These are, in order of stack depth, the public key and the signature of the script." I think that the owner's pubkey is not exposed there, so, which pubkey does it refers to? But I saw that with an ECDSA signature you can recover the original public key. In that case, the ECDSA signature is from the person who emits the money? |
|
|
|
|
