How to get address from in-transaction

[jaruvido]

I do a quick parsing of blockchain file and there was a question on definition of a address for an input transaction.

How from the specified sriptSig calculate the address correctly?

So, scriptSig is hex:

Code:

 len:       107
 scriptSig: 483045022100fffc98a7bcbe7fc6d6716775794f59551e335914683fd1ed6fcdae40c68918310220763ceeb8b9bf168f75b98e4a1dd774072e8816fec384a6228b1ecbfbcbf8239d012102d939f9164fc61e89eaf18841cc13f08721ce9ef671f3751a1536a10af752881f

or

Code:

PUSHDATA[72] 3045022100fffc98a7bcbe7fc6d6716775794f59551e335914683fd1ed6fcdae40c68918310220763ceeb8b9bf168f75b98e4a1dd774072e8816fec384a6228b1ecbfbcbf8239d01
PUSHDATA[33] 02d939f9164fc61e89eaf18841cc13f08721ce9ef671f3751a1536a10af752881f

Is correctly that to calculate the address we first need to get from compressed key (pushdata [33]) - uncompressed by the method https://en.bitcoin.it/wiki/Secp256k1 ?

I tried this method using OpenSSL

Code:

EC_KEY* key=EC_KEY_new_by_curve_name(NID_secp256k1);
if (key)
{
  EC_KEY* r=o2i_ECPublicKey(&key, &keypart, 33);
  if (r)
  {
    EC_KEY_set_conv_form(key, POINT_CONVERSION_UNCOMPRESSED);
    char key_result[65];
    int size=i2o_ECPublicKey(key, &key_result);
  }
  EC_KEY_free(key);
}

openssl specifies that

Code:

key_result [65] = 04d939f9164fc61e89eaf18841cc13f08721ce9ef671f3751a1536a10af752881f42a2f60dd229dca9adbc86f16104a0114f8d1458fda83d4a747476d137e0fd18

-

From which I then determine the address (according to the algorithm described in https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses)

but unfortunately I get the wrong 1LzATNQX57AEZ1qXKbHemS1gRxMayito1n

It's about the block #170058 https://blockexplorer.com/block/000000000000047e131d31e3cd3c8e673c117136b72fd5d67b8b1bffbde04772 and its last transaction #17 from the 1KqydgzrzK28T6rdPVoLaASp3i4BZ5CGTb (1.75723208 BTC)

that is, instead of 1KqydgzrzK28T6rdPVoLaASp3i4BZ5CGTb I get another.  

[1715601992]

1715601992

[1715601992]

1715601992

[1715601992]

1715601992

[starmyc]

For a single private key, you'll have 2 legacy addresses: one for the uncompressed key, one for the compressed.

In the bitcoin blockchain, the compressed public key was used (02d939f9164fc61e89eaf18841cc13f08721ce9ef671f3751a1536a10af752881f), and its address will be 1KqydgzrzK28T6rdPVoLaASp3i4BZ5CGTb.

If instead the uncompressed form was used (04d939f9164fc61e89eaf18841cc13f08721ce9ef671f3751a1536a10af752881f42a2f60dd229d ca9adbc86f16104a0114f8d1458fda83d4a747476d137e0fd18), the address would be 1LzATNQX57AEZ1qXKbHemS1gRxMayito1n as you computed.

The thing is that the bitcoin protocol will never convert compressed public keys to their uncompressed form. It will only use the given form (in fact, the uncompressed form was for only the legacy addresses, newer addresses only uses the compressed form for storage reason).

Retry to convert the compressed public key, and you'll get the same address that blockchain.info.

Code:

$ python3 a.py 04d939f9164fc61e89eaf18841cc13f08721ce9ef671f3751a1536a10af752881f42a2f60dd229dca9adbc86f16104a0114f8d1458fda83d4a747476d137e0fd18
1LzATNQX57AEZ1qXKbHemS1gRxMayito1n

$ python3 a.py 02d939f9164fc61e89eaf18841cc13f08721ce9ef671f3751a1536a10af752881f
1KqydgzrzK28T6rdPVoLaASp3i4BZ5CGTb