Complex Transaction Signing?

I am trying to recreate this complex transaction in my own project, but it seems my scriptSigs are off. My guess is that I am assembling the rawTX incorrectly, and my best explanation would probably come from my log:

First Input:

rawTX: 0100000002f327e86da3e66bd20e1129b1fb36d07056f0b9a117199e759396526b8f3a20780000000023210229688a74abd0d5ad3b06ddff36fa9cd8edd181d97b9489a6adc40431fb56e1d8acfffffffff0ede03d75050f20801d50358829ae02c058e8677d2cc74df51f738285013c260000000000ffffffff02f028d6dc010000001976a914ffb035781c3c69e076d48b60c3d38592e7ce06a788ac00ca9a3b000000001976a914fa5139067622fd7e1e722a05c17c2bb7d5fd6df088ac0000000001000000 doubleSHA: aea2c2f7bfd4f12de8ade489a0354e2af93b67b538b98c040f1a630aa4be8ef9 r: ce5dd767430d42a9df1ac88d1bfd04a3fe4cf0ca3241c0bb143e76677528b9f7 s: 6f51396eab2c5c808c00d3ce3156774fa9c5b47e7190e6193dc952ab6e89e10c DERencoded: 483045022100ce5dd767430d42a9df1ac88d1bfd04a3fe4cf0ca3241c0bb143e76677528b9f702206f51396eab2c5c808c00d3ce3156774fa9c5b47e7190e6193dc952ab6e89e10c01210229688a74abd0d5ad3b06ddff36fa9cd8edd181d97b9489a6adc40431fb56e1d8 

Second Input:

rawTX: 0100000002f327e86da3e66bd20e1129b1fb36d07056f0b9a117199e759396526b8f3a20780000000000fffffffff0ede03d75050f20801d50358829ae02c058e8677d2cc74df51f738285013c26000000001976a9149ba386253ea698158b6d34802bb9b550f5ce36dd88acffffffff02f028d6dc010000001976a914ffb035781c3c69e076d48b60c3d38592e7ce06a788ac00ca9a3b000000001976a914fa5139067622fd7e1e722a05c17c2bb7d5fd6df088ac0000000001000000 doubleSHA: 05a153824e4e0ee921cc53366334f0c9e11fd0907dc5eecbb01d1f4b0beff4ac r: b14bfacb90c6a4292fd0385ef94671ff26a8f14ab7086a6c1ac1ee6d64ae0cbd s: 3ed58ef3ef635cec3fc0dde9f7d33a7d9d0029ff7c0260b7bb73364e075add75 DERencoded: 483045022100b14bfacb90c6a4292fd0385ef94671ff26a8f14ab7086a6c1ac1ee6d64ae0cbd02203ed58ef3ef635cec3fc0dde9f7d33a7d9d0029ff7c0260b7bb73364e075add75012102240d7d3c7aad57b68aa0178f4c56f997d1bfab2ded3c2f9427686017c603a6d6 

My Signed Result:

FINAL: 0100000002f327e86da3e66bd20e1129b1fb36d07056f0b9a117199e759396526b8f3a2078000000006b483045022100ce5dd767430d42a9df1ac88d1bfd04a3fe4cf0ca3241c0bb143e76677528b9f702206f51396eab2c5c808c00d3ce3156774fa9c5b47e7190e6193dc952ab6e89e10c01210229688a74abd0d5ad3b06ddff36fa9cd8edd181d97b9489a6adc40431fb56e1d8fffffffff0ede03d75050f20801d50358829ae02c058e8677d2cc74df51f738285013c26000000006b483045022100b14bfacb90c6a4292fd0385ef94671ff26a8f14ab7086a6c1ac1ee6d64ae0cbd02203ed58ef3ef635cec3fc0dde9f7d33a7d9d0029ff7c0260b7bb73364e075add75012102240d7d3c7aad57b68aa0178f4c56f997d1bfab2ded3c2f9427686017c603a6d6ffffffff02f028d6dc010000001976a914ffb035781c3c69e076d48b60c3d38592e7ce06a788ac00ca9a3b000000001976a914fa5139067622fd7e1e722a05c17c2bb7d5fd6df088ac00000000 

Desired Result:

0100000002f327e86da3e66bd20e1129b1fb36d07056f0b9a117199e759396526b8f3a20780000000049483045022100fce442ec52aa2792efc27fd3ad0eaf7fa69f097fdcefab017ea56d1799b10b2102207a6ae3eb61e11ffaba0453f173d1792f1b7bb8e7422ea945101d68535c4b474801fffffffff0ede03d75050f20801d50358829ae02c058e8677d2cc74df51f738285013c26000000006b483045022100b77f935ff366a6f3c2fdeb83589c790265d43b3d2cf5e5f0047da56c36de75f40220707ceda75d8dcf2ccaebc506f7293c3dcb910554560763d7659fb202f8ec324b012102240d7d3c7aad57b68aa0178f4c56f997d1bfab2ded3c2f9427686017c603a6d6ffffffff02f028d6dc010000001976a914ffb035781c3c69e076d48b60c3d38592e7ce06a788ac00ca9a3b000000001976a914fa5139067622fd7e1e722a05c17c2bb7d5fd6df088ac00000000 

From this, can you tell me what is wrong?

Recent Questions – Bitcoin Stack Exchange

Understanding signing messages with bitcoinjs-lib

I’m trying to understand what a specific line of code does when signing a message using bitcoinjs-lib. Here’s the code:

var bitcoin = require('bitcoinjs-lib') var bitcoinMessage = require('bitcoinjs-message')  var keyPair = bitcoin.ECPair.makeRandom(); //private key var privateKey = keyPair.toWIF(); // Address var address = keyPair.getAddress();  console.log(privateKey); console.log(address);  privateKey = keyPair.d.toBuffer(32) var message = 'your message' var messagePrefix = bitcoin.networks.bitcoin.messagePrefix  var signature = bitcoinMessage.sign(message, messagePrefix, privateKey, keyPair.compressed) console.log(signature.toString('base64')) 

The line I’m curious about is this one:

privateKey = keyPair.d.toBuffer(32) 

What exactly is this code doing and why is it necessary?

Thanks,

Connor

Recent Questions – Bitcoin Stack Exchange

Troubleshooting pybitcointools: signing transaction valid only for certain hash values

From my pybitcointools fork’s issues:

I’m having some weird issues with the signature sometimes it works and other times it doesn’t. When I see ‘[ALL]’ in scriptSig that’s when I know it’s going to work. But I don’t always get it. Any help would be great and if I find a fix, I’ll send a pull request.

python tx = mktx(ins, outs) tx = mk_opreturn(hex_hash, tx) tx = sign(tx, 0, from_priv)

Here is a transaction that works: 0100000001dc4c6936943c073fca8164d8d18fdb6095ce46baff328b7e7c1230d82aaad69b010000008a473044022033f80a4c35013d5aab9d4f2763b5761188747eebb67fe15b0379f0c09b37c811022019de06d98d37da77c84bfb6f89ff2194b46a135fe8aa9677b285123b73407341014104e7919ecea9c7e9378aec49a055c532f8e0f9aea653e7c9cbe38ad2d2833a9d908f4d7bf771583f9d1e62574c42847e1aa00d506a32b9004b9b2051e3e53e2767ffffffff02803e0000000000001976a914826d9548ee793a060990bc39a01eca5521841a0988ac0000000000000000226a202c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a300000000

python {u'code': 200, u'data': {u'statistics': {u'fee': u'0.00005600', u'vins_sum': u'0.00021600', u'vouts_sum': u'0.00016000'}, u'tx': {u'locktime': 0, u'size': 266, u'txid': u'8cfa33f2eb56a443b10d929b818b01a3a3e3a970d526d212785a2b42b2d19cb9', u'version': 1, u'vin': [{u'scriptSig': {u'asm': u'3044022033f80a4c35013d5aab9d4f2763b5761188747eebb67fe15b0379f0c09b37c811022019de06d98d37da77c84bfb6f89ff2194b46a135fe8aa9677b285123b73407341[ALL] 04e7919ecea9c7e9378aec49a055c532f8e0f9aea653e7c9cbe38ad2d2833a9d908f4d7bf771583f9d1e62574c42847e1aa00d506a32b9004b9b2051e3e53e2767', u'hex': u'473044022033f80a4c35013d5aab9d4f2763b5761188747eebb67fe15b0379f0c09b37c811022019de06d98d37da77c84bfb6f89ff2194b46a135fe8aa9677b285123b73407341014104e7919ecea9c7e9378aec49a055c532f8e0f9aea653e7c9cbe38ad2d2833a9d908f4d7bf771583f9d1e62574c42847e1aa00d506a32b9004b9b2051e3e53e2767'}, u'sequence': 4294967295, u'txid': u'9bd6aa2ad830127c7e8b32ffba46ce9560db8fd1d86481ca3f073c9436694cdc', u'vout': 1}], u'vout': [{u'n': 0, u'scriptPubKey': {u'addresses': [u'1Cte7ugUwdPt3WWt5uxVfUu2dDnony8oqa'], u'asm': u'OP_DUP OP_HASH160 826d9548ee793a060990bc39a01eca5521841a09 OP_EQUALVERIFY OP_CHECKSIG', u'hex': u'76a914826d9548ee793a060990bc39a01eca5521841a0988ac', u'reqSigs': 1, u'type': u'pubkeyhash'}, u'value': 0.00016}, {u'n': 1, u'scriptPubKey': {u'asm': u'OP_RETURN 2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3', u'hex': u'6a202c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3', u'type': u'nulldata'}, u'value': 0}]}}, u'message': u'', u'status': u'success'}

And here is one that doesn’t: 0100000001dc4c6936943c073fca8164d8d18fdb6095ce46baff328b7e7c1230d82aaad69b010000008a4730440220da574cbdac23291faf41d5bd94ae77fe166ab7daebf1a038efa549e441af4dad02206803cadd187e6e4c80c30af06c5d7cfad327fd4d03850a539639e42dea44e8e0014104e7919ecea9c7e9378aec49a055c532f8e0f9aea653e7c9cbe38ad2d2833a9d908f4d7bf771583f9d1e62574c42847e1aa00d506a32b9004b9b2051e3e53e2767ffffffff02803e0000000000001976a914826d9548ee793a060990bc39a01eca5521841a0988ac0000000000000000226a203f79bb7b435b05321651daefd374cdc681dc06faa65e374e38337b88ca046dea00000000

python {u'code': 200, u'data': {u'statistics': {u'fee': u'0.00005600', u'vins_sum': u'0.00021600', u'vouts_sum': u'0.00016000'}, u'tx': {u'locktime': 0, u'size': 266, u'txid': u'03360c8848808714304bc14188fd2de9d40465a38dceaa153a7fcffdb5ba7a49', u'version': 1, u'vin': [{u'scriptSig': {u'asm': u'30440220da574cbdac23291faf41d5bd94ae77fe166ab7daebf1a038efa549e441af4dad02206803cadd187e6e4c80c30af06c5d7cfad327fd4d03850a539639e42dea44e8e001 04e7919ecea9c7e9378aec49a055c532f8e0f9aea653e7c9cbe38ad2d2833a9d908f4d7bf771583f9d1e62574c42847e1aa00d506a32b9004b9b2051e3e53e2767', u'hex': u'4730440220da574cbdac23291faf41d5bd94ae77fe166ab7daebf1a038efa549e441af4dad02206803cadd187e6e4c80c30af06c5d7cfad327fd4d03850a539639e42dea44e8e0014104e7919ecea9c7e9378aec49a055c532f8e0f9aea653e7c9cbe38ad2d2833a9d908f4d7bf771583f9d1e62574c42847e1aa00d506a32b9004b9b2051e3e53e2767'}, u'sequence': 4294967295, u'txid': u'9bd6aa2ad830127c7e8b32ffba46ce9560db8fd1d86481ca3f073c9436694cdc', u'vout': 1}], u'vout': [{u'n': 0, u'scriptPubKey': {u'addresses': [u'1Cte7ugUwdPt3WWt5uxVfUu2dDnony8oqa'], u'asm': u'OP_DUP OP_HASH160 826d9548ee793a060990bc39a01eca5521841a09 OP_EQUALVERIFY OP_CHECKSIG', u'hex': u'76a914826d9548ee793a060990bc39a01eca5521841a0988ac', u'reqSigs': 1, u'type': u'pubkeyhash'}, u'value': 0.00016}, {u'n': 1, u'scriptPubKey': {u'asm': u'OP_RETURN 3f79bb7b435b05321651daefd374cdc681dc06faa65e374e38337b88ca046dea', u'hex': u'6a203f79bb7b435b05321651daefd374cdc681dc06faa65e374e38337b88ca046dea', u'type': u'nulldata'}, u'value': 0}]}}, u'message': u'', u'status': u'success'}

The issue OP adds:

So I found out how to mitigate, I just have to keep changing the hash until it works. The way I’m currently doing it is by decrementing my transaction fee by one satoshi at a time. Now I need to actually fix the code. ­čśÇ

Why would only certain hash values be OK to sign, but others not? I was thinking it could be a random low s issue where r is XORd if low s.

Recent Questions – Bitcoin Stack Exchange

C# BC, successfully creating and signing raw transaction

First time on stackexchange to ask for help, sorry if i make mistakes (english is not my native language).

I try to create a valid raw transaction on C# with bouncycastle and i seems stuck, not able to find where is my mistake. I test on the testnet network and have used many sources to help myself, mainly this one. For start, i have the next address and private key

Address: mjhcWg5SvS96kk85R8G1wp7mru55UCNGY5 Public Key Hex: 0482052EF9560585ED62F046EE45C1B5F85448BCF1BD5CE36A7D35EB00C8A146C14BF99223907F9A8688E6F84B54FD747A637BB82F02E296203E735E7A6B40059F Wif: 93U5P1qHPXAhXhiw1T15z3f1cBqFw9fWrd3Yzz1nDk8b2aRbrrM  Private Key Hex: F7DBD21285F621F1C7A47AE7F63D06C276FE49839F4842DDEF805477936812A5 

i want to use the 6.49689241 btc from the previous (testnet) transaction

912a2c3d84c8572b39c173b2bcde950cfe4ae07756bac189ace98f198d5ccb7d 

and send (as test) some back to the faucet mwCwTceJvYV27KXBc3NJZys6CjsgsoeHmf

First, to build the unsigned raw transaction, i add these bytes:

01000000 (version number) 01 (number of inputs) 7dcb5c8d198fe9ac89c1ba5677e04afe0c95debcb273c1392b57c8843d2c2a91 (reversed previous tx hash) 01000000 (output index) 1976a9142de490b09ef14673af2bb4998fcb9f6b8446a84e88ac (previous tx script with its length at start)  ffffffff (sequence) 02 (number of outputs) 496ff50200000000 (first output little endian amount. The faucet) 1976a914ac19d3fd17710e6b9a331022fe92c693fdf6659588ac (first output script with its length at start) 0046c32300000000 (second output little endian amount. My address, for change) 1976a9142de490b09ef14673af2bb4998fcb9f6b8446a84e88ac  (second script with its length at start) 00000000 (locktime) 01000000 (hash code type) 

The result is

01000000017dcb5c8d198fe9ac89c1ba5677e04afe0c95debcb273c1392b57c8843d2c2a91010000001976a9142de490b09ef14673af2bb4998fcb9f6b8446a84e88acffffffff02496ff502000000001976a914ac19d3fd17710e6b9a331022fe92c693fdf6659588ac0046c323000000001976a9142de490b09ef14673af2bb4998fcb9f6b8446a84e88ac0000000001000000 

I then retrieve the transaction hash by pushing the raw transaction in a double SHA256 function that return me

f64b6480a2888596636d4995153e990ce95582a1308c9c568d2698e6dc1f7893 

Then, i sign with the private key hex (prvkeyHex) the transaction hash (txHash) with this function:

X9ECParameters curve = SecNamedCurves.GetByName("secp256k1"); ECDomainParameters dom = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H) ECKeyParameters params = new ECPrivateKeyParameters(new BigInteger(1, prvkeyHex), dom); ECDsaSigner signer = new ECDsaSigner(); signer.Init(true, params); BigInteger[] sig = signer.GenerateSignature(txHash); MemoryStream ms = new MemoryStream(72); DerSequenceGenerator seq = new DerSequenceGenerator(ms); seq.AddObject(new DerInteger(sig[0])); seq.AddObject(new DerInteger(sig[1])); seq.Close(); byte[] signature = ms.ToArray(); 

Which return me a byte array of max 72 bytes length starting by 30. In my last test:

3045022100abceff62d3192b686c405d10516ff0e6f9ff221c00284d766200a6abb42361be02202972970369d6b9308467e15ebafd3f6b9faf111886071e3c429b34e9407e8d23 

I then construct my final scriptSig with the public key hex and their lengths who result as

483045022100abceff62d3192b686c405d10516ff0e6f9ff221c00284d766200a6abb42361be02202972970369d6b9308467e15ebafd3f6b9faf111886071e3c429b34e9407e8d2301410482052ef9560585ed62f046ee45c1b5f85448bcf1bd5ce36a7d35eb00c8a146c14bf99223907f9a8688e6f84b54fd747a637bb82f02e296203e735e7a6b40059f 

I finally built my signed raw transaction:

01000000 (version number) 01 (number of inputs) 7dcb5c8d198fe9ac89c1ba5677e04afe0c95debcb273c1392b57c8843d2c2a91 (reversed previous tx hash) 01000000 (output index) 8b (scriptSig length) 483045022100abceff62d3192b686c405d10516ff0e6f9ff221c00284d766200a6abb42361be02202972970369d6b9308467e15ebafd3f6b9faf111886071e3c429b34e9407e8d2301410482052ef9560585ed62f046ee45c1b5f85448bcf1bd5ce36a7d35eb00c8a146c14bf99223907f9a8688e6f84b54fd747a637bb82f02e296203e735e7a6b40059f (scriptSig) ffffffff (sequence) 02 (number of outputs) 496ff50200000000 (first output little endian amount. The faucet) 1976a914ac19d3fd17710e6b9a331022fe92c693fdf6659588ac (first output script with its length at start) 0046c32300000000 (second output little endian amount. My address, for change) 1976a9142de490b09ef14673af2bb4998fcb9f6b8446a84e88ac  (second script with its length at start) 00000000 (locktime) 

The final result give me that signed raw transaction

01000000017dcb5c8d198fe9ac89c1ba5677e04afe0c95debcb273c1392b57c8843d2c2a91010000008b483045022100abceff62d3192b686c405d10516ff0e6f9ff221c00284d766200a6abb42361be02202972970369d6b9308467e15ebafd3f6b9faf111886071e3c429b34e9407e8d2301410482052ef9560585ed62f046ee45c1b5f85448bcf1bd5ce36a7d35eb00c8a146c14bf99223907f9a8688e6f84b54fd747a637bb82f02e296203e735e7a6b40059fffffffff02496ff502000000001976a914ac19d3fd17710e6b9a331022fe92c693fdf6659588ac0046c323000000001976a9142de490b09ef14673af2bb4998fcb9f6b8446a84e88ac00000000 

But now, when i try to send that signed raw transaction on the testnet network by a web service, everytime i get an error. sandbox.smartbit.com.au/txs/pushtx return me

"PUSH TRANSACTION ERROR: 16: MANDATORY-SCRIPT-VERIFY-FLAG-FAILED (SCRIPT EVALUATED WITHOUT ERROR BUT FINISHED WITH A FALSE/EMPTY TOP STACK ELEMENT)" 

live.blockcypher.com/btc-testnet/pushtx/ return me

"Error sending transaction: Error running script for input 0 referencing 912a2c3d84c8572b39c173b2bcde950cfe4ae07756bac189ace98f198d5ccb7d at 1: Script was NOT verified successfully.." 

same with tbtc.blockr.io/tx/push

I’m far from mastering bitcoin or c#, i am learning (and want to learn how that work). Is anyone see where is my mistake ? Thanks

Recent Questions – Bitcoin Stack Exchange