project:bitcoin:who_stole_my_btc.py
- who_stole_my_btc.py
#!/usr/bin/env python import sys # needs pybitcointools from bitcoin import * if len(sys.argv) < 2: print "Enter transaction id in hex as first argument" sys.exit(1) txid = sys.argv[1] tx = fetchtx(txid) inScript = deserialize(tx)['ins'][0]['script'] inDeserialized = deserialize_script(inScript) if inDeserialized[0] is not None: print "This does not seem like multisig spending transaction, input script is expected to start with OP_FALSE, but proceeding anyway" sigs = inDeserialized[1:-1] mscript = inDeserialized[-1] mDeserialized = deserialize_script(mscript) if mDeserialized[-1] != 0xae: print "Last instruction of redeem script is not 0xAE, but proceeding anyway" sigCount = mDeserialized[0] pubCount = mDeserialized[-2] pubKeys = mDeserialized[1:-2] assert isinstance(sigCount, int) assert isinstance(pubCount, int) print "We have %d-out-ouf-%d scheme" % (sigCount, pubCount) assert len(sigs) == sigCount, "Signature count does not match reedem script sig count" assert len(pubKeys) == pubCount, "Pubkey count does not match count of pubkeys in redeem script" #let's bruteforce each sig against each pubkey even though in reality there must be certain order for sig in sigs: for pub in pubKeys: #print "Testing sig %s against pub %s" % (sig, pub) if verify_tx_input(tx, 0, mscript, sig, pub): print "Match: pubkey %s matched signature %s" % (pub, sig)
project/bitcoin/who_stole_my_btc.py.txt · Last modified: 2015/06/04 18:38 by ruza