Bitcoin script. Need help.

[kzv]

Hi.

I am beginner in Bitcoin scripting. Trying to write simple script and then redeem it. In testnet.

This is my script:
OP_IF OP_RIPEMD160 388756dc41f4eeadcb3fc5064535d1121a49d3f4 OP_EQUALVERIFY OP_ELSE 2 OP_EQUALVERIFY OP_ENDIF

P2SH address in testnet: 2MwGFm13NMXNcv3yTKHWTJ3wFBfxDWhVbpS

This is my redeem transaction

Code:

02000000012d0cf45773e4730cfde672d85447c8c6761621ff708850eb2b0505247255ac5d00000000345114c47907abd2a80492ca9388b05c0e382518ff3960511c63a614388756dc41f4eeadcb3fc5064535d1121a49d3f48867528868feffffff01905f0100000000001976a914d5d4a489e479dc7ab7d64b8dbe2917575cffc79788aca2e81500

The redeem script is

Code:

1 c47907abd2a80492ca9388b05c0e382518ff3960 1 OP_IF OP_RIPEMD160 388756dc41f4eeadcb3fc5064535d1121a49d3f4 OP_EQUALVERIFY OP_ELSE 2 OP_EQUALVERIFY OP_ENDIF

This script is working successful here https://siminchen.github.io/bitcoinIDE/build/editor.html
But when I push transaction to Bitcoin testnet, I got this error:

16: mandatory-script-verify-flag-failed (Script failed an OP_EQUALVERIFY operation)

Wat is wrong with my transaction?

[pebwindkraft]

when I understand the intention of your script correctly, then you try to push a value onto stack, convert it with ripemd160, and do the equal_verify to .
Observation:

Code:

ripemd160(1) --> c47907abd2a80492ca9388b05c0e382518ff3960
ripemd160(c47907abd2a80492ca9388b05c0e382518ff3960) --> 940a74dcade2bdb9385c293f30db6640f3ca22dd

Looking at the code:

1 c47907abd2a80492ca9388b05c0e382518ff3960 1 OP_IF OP_RIPEMD160 388756dc41f4eeadcb3fc5064535d1121a49d3f4 OP_EQUALVERIFY OP_ELSE 2 OP_EQUALVERIFY OP_ENDIF

The EqualVerify tries to compare the result from the ripemd160() to 388756dc... - and fails. A view to the stack:

There are three data pushes (1, c47907ab..., 1), followed by an OP_IF, which "eats" the top element (the "1") as true. So execution goes into first part of the if-clause (the comparison with equalverify).
The top element on stack will then be the c47907ab..., which will be ripemd'd, and pushed again onto the top of stack. The result of ripemd160(c47907ab...) is 940a74dcade2bdb9385c293f30db6640f3ca22dd. With OP_EqualVerify, the stack looks like this:

OP_EQUALVERIFY
388756dc41f4eeadcb3fc5064535d1121a49d3f4
940a74dcade2bdb9385c293f30db6640f3ca22dd
1

Clearly those two values don't match (if my logic is correct). I don't know what input to the function ripemd160() matches with the string "388756dc41f4eeadcb3fc5064535d1121a49d3f4" - if I knew, I wouldn't reply here :-)

Observation: the ripemd160 result of "1" equals to c47907abd2a80492ca9388b05c0e382518ff3960, so if you try "1 1 OP_IF OP_RIPEMD160 c47907abd2a80492ca9388b05c0e382518ff3960 OP_EQUALVERIFY ..." this might work.

btw: what tool do you use to assemble and then sign your tx?

[kzv]

Can you explain please: where is correct way to get ripemd160?
You wrote
ripemd160(c47907abd2a80492ca9388b05c0e382518ff3960) --> 940a74dcade2bdb9385c293f30db6640f3ca22dd

But I have used several ways to get ripemd160

1. https://md5calc.com/hash/ripemd160/c47907abd2a80492ca9388b05c0e382518ff3960
ripemd160(c47907abd2a80492ca9388b05c0e382518ff3960) = 388756dc41f4eeadcb3fc5064535d1121a49d3f4

2. https://siminchen.github.io/bitcoinIDE/build/editor.html
c47907abd2a80492ca9388b05c0e382518ff3960 OP_RIPEMD160 = 388756dc41f4eeadcb3fc5064535d1121a49d3f4

[pebwindkraft]

Can you explain please: where is correct way to get ripemd160?
...

I try :-)
Bitcoin does not work with hashed strings, instead these are hex values. So I convert string first into the hex values into a file, to be used as input for the hash function. In a simple shell script (POSIX compliant) I do this:

Code:

#!/bin/sh

tmp_hex_fn=tmp_file.hex
tmp_hex_sha256_fn=tmp_sha256.hex
tmp_txt_sha256_fn=tmp_sha256.txt
tmp_hex_dsha256_fn=tmp_dsha256.hex
tmp_txt_dsha256_fn=tmp_dsha256.txt
tmp_hex_ripemd160_fn=tmp_ripemd160.hex
tmp_txt_ripemd160_fn=tmp_ripemd160.txt

printf $( echo $1 | sed 's/[[:xdigit:]]\{2\}/\\x&/g' ) > $tmp_hex_fn
hexdump -C $tmp_hex_fn

# sha256
openssl dgst -sha256         <$tmp_hex_fn        >$tmp_txt_sha256_fn
openssl dgst -sha256 -binary <$tmp_hex_fn        >$tmp_hex_sha256_fn
openssl dgst -sha256         <$tmp_hex_sha256_fn >$tmp_txt_dsha256_fn
openssl dgst -sha256 -binary <$tmp_hex_sha256_fn >$tmp_hex_dsha256_fn
printf "sha256:    "
cat $tmp_txt_sha256_fn
printf "dsha256:   "
cat $tmp_txt_dsha256_fn

# ripemd160
openssl dgst -binary -ripemd160 <$tmp_hex_fn >$tmp_hex_ripemd160_fn
openssl dgst -ripemd160 <$tmp_hex_fn >$tmp_txt_ripemd160_fn
printf "ripemd160: "
cat $tmp_txt_ripemd160_fn

Interestingly enough I get a different result when doing ripemd160 on the string:

Code:

echo "c47907abd2a80492ca9388b05c0e382518ff3960" | openssl dgst -ripemd160 
(stdin)= 2382de811bcd78c91976075b0fbe81af987f5e93

Now I'm puzzled, what values are delivered on these web pages... needs some further review.

[kzv]

But when I see on my raw transaction

02000000012d0cf45773e4730cfde672d85447c8c6761621ff708850eb2b0505247255ac5d00000 000345114c47907abd2a80492ca9388b05c0e382518ff3960511c63a614388756dc41f4eeadcb3fc5064535d1121a49d3f48867528868feffffff01905f0100000000001976a914d5d4a489e479dc7ab7d64b8dbe2917575cf fc79788aca2e81500

This is totally hex string?
Are you sure that bitcoin get my hex string c47907abd2a80492ca9388b05c0e382518ff3960 then converted each symbol to hex again begore make hashing?

[pebwindkraft]

yes, the string of your raw transaction is a textual representation of the hex chars. Correct.

Are you sure that bitcoin get my hex string c47907abd2a80492ca9388b05c0e382518ff3960 then converted each symbol to hex again begore make hashing?

I am not sure, what bittcoin did here, it seems that bitcoin client just refused the logic of the script... I was asking how (which library, or manually) you used to assemble the tx... with the bitcoin client?

[kzv]

I am not sure, what bittcoin did here, it seems that bitcoin client just refused the logic of the script... I was asking how (which library, or manually) you used to assemble the tx... with the bitcoin client?

I am use nodejs module 'crypto' for hashing https://nodejs.org/api/crypto.html#crypto_hash_update_data_inputencoding

this command
console.log(require('crypto').createHash("ripemd160").update('c47907abd2a80492ca9388b05c0e382518ff3960').digest('hex'))
print me 388756dc41f4eeadcb3fc5064535d1121a49d3f4

and I use nodejs-lib to compile script

[pebwindkraft]

I receive the same result, when I provide the plain string to openssl;

Code:

printf c47907abd2a80492ca9388b05c0e382518ff3960 | openssl dgst -ripemd160
(stdin)= 388756dc41f4eeadcb3fc5064535d1121a49d3f4

what I try to say is perhaps better described here (it is on sha256, but also applies to ripemd160):

https://bitcoin.stackexchange.com/questions/43347/how-to-generate-bitcoin-address

[kzv]

I receive the same result, when I provide the plain string to openssl;

Code:

printf c47907abd2a80492ca9388b05c0e382518ff3960 | openssl dgst -ripemd160
(stdin)= 388756dc41f4eeadcb3fc5064535d1121a49d3f4

what I try to say is perhaps better described here (it is on sha256, but also applies to ripemd160):

https://bitcoin.stackexchange.com/questions/43347/how-to-generate-bitcoin-address

Thank you!
I had to found the correct way for hashing in node.js

Code:

function Hash(str)
{
    const buffer = str.length % 2 != 0 ? Buffer.from(str) : Buffer.from(str, "hex");
    return require('crypto').createHash("ripemd160").update(buffer).digest('hex')
}

[Coding Enthusiast]

Code:

function Hash(str)
{
    const buffer = str.length % 2 != 0 ? Buffer.from(str) : Buffer.from(str, "hex");
    return require('crypto').createHash("ripemd160").update(buffer).digest('hex')
}

Your condition is too simplified and it will pass for non-hex strings too. For instance it will pass for Hello world! since it is 12 char long and the length % 2 == 0. You have to do some additional character check too. Psedu code:
if each char is >=a & <=f || >=A & <=F || >=0 & <=9
This can be simplified with regex or something!

[kzv]

[solved]