How to get an address/public key from a CTxIn ?

[earlz]

I'm trying to modify how change addresses work in Bitcoin 0.9 and desire to change the code (wallet.cpp:1399) so that instead of sending change from a transaction to a new key, it will send  it back to one of the addresses that was used as an input. The only thing I have access to in this area though is a list of CTxIns. I see no clear way of deriving a bitcoin address though from a CTxIn. There are things like the script used for the input, but I see no clear cut way of seeing the address the CTxIn is associated with

Can anyone give me a hint as to how to do this?

My best guess was to use a previous vout CScript from one of the CTxIn inputs, but this would cause problems when using non-standard transactions to send funds, and causes peculiar scripts from solomined transactions. 

[1715013426]

1715013426

[1715013426]

1715013426

[1715013426]

1715013426

[1715013426]

1715013426

[1715013426]

1715013426

[1715013426]

1715013426

[maaku]

That is a terrible idea. It circumvents behavior that is designed to make bitcoin safer for users, and does so in a way which may not be safe when interfacing with other transaction construction protocols. Please don't do it.

But so as to not be a complete jerk, I will answer your specific question: you need the input's referenced output. The transaction intput has a hash and vout index which you can use to lookup the output from the UTXO set (if it exists and is unspent). The scriptPubKey in that output is the "address" you are looking for.

[dexX7]

Or you may extract the public key directly from the script sig - in the case you know the type of the incoming transaction.

Format: [signature] [public key], see: https://en.bitcoin.it/wiki/Script#Standard_Transaction_to_Bitcoin_address_.28pay-to-pubkey-hash.29

[maaku]

you cannot assume anything about the values in the scriptSig without knowing the scriptPubKey

[earlz]

That is a terrible idea. It circumvents behavior that is designed to make bitcoin safer for users, and does so in a way which may not be safe when interfacing with other transaction construction protocols. Please don't do it.

But so as to not be a complete jerk, I will answer your specific question: you need the input's referenced output. The transaction intput has a hash and vout index which you can use to lookup the output from the UTXO set (if it exists and is unspent). The scriptPubKey in that output is the "address" you are looking for.

Thanks for the hints As for the actual idea, change is usually pretty obvious anyway, since the actual amount sent is commonly a round number, and change is not. I'm curious what construction protocols it might break though, the code itself would only be used for building standard transactions in the wallet

[dexX7]

you cannot assume anything about the values in the scriptSig without knowing the scriptPubKey

Well, this is why I wrote "in the case you know the type of the incoming transaction".

You could furthermore test, if the alleged public key forms a valid ECDSA point or you could try to recover the public key from a signature.

In the php-bitcoin-signature-routines library there is a note to:

SEC 1: Elliptic Curve Cryptography, section 4.1.6, "Public Key Recovery Operation"
http://www.secg.org/download/aid-780/sec1-v2.pdf

[maaku]

Thanks for the hints As for the actual idea, change is usually pretty obvious anyway, since the actual amount sent is commonly a round number, and change is not. I'm curious what construction protocols it might break though, the code itself would only be used for building standard transactions in the wallet

The fact that wallets are sending round numbers is the flaw. That's what you should be working to fix, not making users transactions even more identifiable.