Raw hex data of the prenet genesis transaction

[miner2251]

I recently read topic https://bitcointalk.org/index.php?topic=382374.0 and I wonder how exactly that prenet genesis transaction looked like. After some digging I came up with this:

Code:

decoderawtransaction 01000000010000000000000000000000000000000000000000000000000000000000000000ffffffff0504695dbf0effffffff01102700000000000044ab4104d451b0d7e567c615719a630b9f44632a0f34f5e7101f9942fe0b39996151cef10a809c443df2fab7cd7e58a3538cd8afd08ccfaa49b637de4b1b383f088ad131ac00000000
{
  "txid": "25c61a7089aa96318088bcccfbc12064a18166105c20c237836704611254d2da",
  "hash": "25c61a7089aa96318088bcccfbc12064a18166105c20c237836704611254d2da",
  "version": 1,
  "size": 133,
  "vsize": 133,
  "weight": 532,
  "locktime": 0,
  "vin": [
    {
      "coinbase": "04695dbf0e",
      "sequence": 4294967295
    }
  ],
  "vout": [
    {
      "value": 0.00010000,
      "n": 0,
      "scriptPubKey": {
        "asm": "OP_CODESEPARATOR 04d451b0d7e567c615719a630b9f44632a0f34f5e7101f9942fe0b39996151cef10a809c443df2fab7cd7e58a3538cd8afd08ccfaa49b637de4b1b383f088ad131 OP_CHECKSIG",
        "hex": "ab4104d451b0d7e567c615719a630b9f44632a0f34f5e7101f9942fe0b39996151cef10a809c443df2fab7cd7e58a3538cd8afd08ccfaa49b637de4b1b383f088ad131ac",
        "type": "nonstandard"
      }
    }
  ]
}

Of course I know that transaction version was not present here (in the same way as in the block hash there was no version) and I can calculate sha256 of any data, but still, that transaction should hash into 769a5e93fac273fd825da42d39ead975b5d712b2d50953f35a4fdebdec8083e3. I tried using different values for OP_CODESEPARATOR and OP_CHECKSIG than 0xab and 0xac, but still no match. I tried different endianness in 32-bit and 256-bit values, but still no luck.

The only success so far was hashing the prenet genesis block:

Code:

prenetGenesis=0000000000000000000000000000000000000000000000000000000000000000e38380ecbdde4f5af35309d5b212d7b575d9ea392da45d82fd73c2fa935e9a76a00bc84814000000bb290200
prenetGenesisHash=7ae24cfad8adbe66ab2224a4f7269694fa2fa9aa157b1e44c608bd386fb6160b
prenetGenesisDoubleHash=46a6fa0cbc6e41aaebb6916c55013a0ad66b11e91d1d977ed627135db1060000
prenetGenesisFinalHash=000006b15d1327d67e971d1de9116bd60a3a01556c91b6ebaa416ebc0cfaa646

Is that lost in the past or is it possible to reconstruct that transaction as it was in prenet?

[achow101]

This is an interesting question and I took far too long to figure it out.

The transaction hex is

Code:

010000000000000000000000000000000000000000000000000000000000000000ffffffff0504695dbf0e011027000000000000ffffffff44a94104d451b0d7e567c615719a630b9f44632a0f34f5e7101f9942fe0b39996151cef10a809c443df2fab7cd7e58a3538cd8afd08ccfaa49b637de4b1b383f088ad131aa00000000

There are 3 key differences in the prerelease version:
1. The transaction and block versions are not included in the serialization for hashing
2. The nSequence is found in the CTxOut rather than CTxIn
3. OP_CODESEPARATOR is 0xa9 and OP_CHECKSIG is 0xaa

The last point was harder to find as the source for script.h is not available. However it can be easily bruteforced.

[stwenhao]

Does anyone know, how to reproduce Satoshi's seed, which was used to initialize his random number generator, when he tried to mine "bnNonce" in the prenet coinbase transaction in 2008?

Source code: https://bitcointalk.org/index.php?topic=382374.msg4108762#msg4108762

Code:

bool BitcoinMiner()
{
    printf("BitcoinMiner started\n");

    SetThreadPriority(GetCurrentThread(), THREAD_PRIORITY_LOWEST);



    CBlock blockPrev;
    while (fGenerateBitcoins)
    {
        CheckForShutdown(3);

        //
        // Create coinbase tx
        //
        CTransaction txNew;
        txNew.vin.resize(1);
        txNew.vin[0].prevout.SetNull();
        CBigNum bnNonce; // this nonce is so multiple processes working for the same keyUser
        BN_rand_range(&bnNonce, &CBigNum(INT_MAX));  // don't cover the same ground
        txNew.vin[0].scriptSig << bnNonce;
        txNew.vout.resize(1);
        txNew.vout[0].scriptPubKey << OP_CODESEPARATOR << keyUser.GetPubKey() << OP_CHECKSIG;
        txNew.vout[0].posNext.SetNull();

Here, we can see "695dbf0e" as "bnNonce". It is supposed to be random, but it is only some 32-bit number, so there are not so many values to check. And also, it comes from "BigNumber" library, which is also used for other purposes. So, is the same randomness used to generate the private key for "04 d451b0d7e567c615719a630b9f44632a0f34f5e7101f9942fe0b39996151cef1 0a809c443df2fab7cd7e58a3538cd8afd08ccfaa49b637de4b1b383f088ad131", or is it somehow separated? Because if it is connected, then potentially, this private key can be recovered.

Also, if the source of randomness is just some timestamp from 2008, then it could reveal, when exactly this public key was created.

Edit: It seems "OpenSSL 0.9.8h 28 May 2008" was in use, or maybe even some older version. And it contains these pseudo-random values, which can give a hint, if called functions were pseudorandom for prenet, just to test things, or if the real randomness was used:

Code:

static int fbytes_counter = 0;
static const char *numbers[8] = {
    "651056770906015076056810763456358567190100156695615665659",
    "6140507067065001063065065565667405560006161556565665656654",
    "8763001015071075675010661307616710783570106710677817767166"
    "71676178726717",
    "7000000175690566466555057817571571075705015757757057795755"
    "55657156756655",
    "1275552191113212300012030439187146164646146646466749494799",
    "1542725565216523985789236956265265265235675811949404040041",
    "1456427555219115346513212300075341203043918714616464614664"
    "64667494947990",
    "1712787255652165239672857892369562652652652356758119494040"
    "40041670216363"};

int fbytes(unsigned char *buf, int num)
    {
    int    ret;
    BIGNUM    *tmp = NULL;

    if (fbytes_counter >= 8)
        return 0;
    tmp = BN_new();
    if (!tmp)
        return 0;
    if (!BN_dec2bn(&tmp, numbers[fbytes_counter]))
        {
        BN_free(tmp);
        return 0;
        }
    fbytes_counter ++;
    ret = BN_bn2bin(tmp, buf);
    if (ret == 0 || ret != num)
        ret = 0;
    else
        ret = 1;
    if (tmp)
        BN_free(tmp);
    return ret;
    }

Still trying to figure it out, if things are random or pseudorandom. Starting from pseudorandom should be easier, because it should give the exact same numbers.