// FIXME: To all ye that enter here, be weary of Buffers, Arrays and Hex interchanging between the outpoints var assert = require('assert') var Address = require('./address') var BigInteger = require('bigi') var BufferExt = require('./buffer') var Script = require('./script') var convert = require('./convert') var crypto = require('./crypto') var ECKey = require('./eckey').ECKey var ecdsa = require('./ecdsa') var Network = require('./network') var Transaction = function (doc) { if (!(this instanceof Transaction)) { return new Transaction(doc) } this.version = 1 this.locktime = 0 this.ins = [] this.outs = [] this.defaultSequence = 0xffffffff if (doc) { if (typeof doc == "string" || Array.isArray(doc)) { doc = Transaction.deserialize(doc) } if (doc.hash) this.hash = doc.hash; if (doc.version) this.version = doc.version; if (doc.locktime) this.locktime = doc.locktime; if (doc.ins && doc.ins.length) { doc.ins.forEach(function(input) { this.addInput(new TransactionIn(input)) }, this) } if (doc.outs && doc.outs.length) { doc.outs.forEach(function(output) { this.addOutput(new TransactionOut(output)) }, this) } this.hash = this.hash || this.getHash() } } /** * Create a new txin. * * Can be called with any of: * * - An existing TransactionIn object * - A transaction and an index * - A transaction hash and an index * - A single string argument of the form txhash:index * * Note that this method does not sign the created input. */ Transaction.prototype.addInput = function (tx, outIndex) { if (arguments[0] instanceof TransactionIn) { this.ins.push(arguments[0]) } else if (arguments[0].length > 65) { var args = arguments[0].split(':') return this.addInput(args[0], args[1]) } else { var hash = typeof tx === "string" ? tx : tx.hash hash = Array.isArray(hash) ? convert.bytesToHex(hash) : hash this.ins.push(new TransactionIn({ outpoint: { hash: hash, index: outIndex }, script: new Script(), sequence: this.defaultSequence })) } } /** * Create a new txout. * * Can be called with: * * i) An existing TransactionOut object * ii) An address object or a string address, and a value * iii) An address:value string * iv) Either ii), iii) with an optional network argument * * FIXME: This is a bit convoluted */ Transaction.prototype.addOutput = function (address, value, network) { if (arguments[0] instanceof TransactionOut) { this.outs.push(arguments[0]) return } if (typeof address === 'string') { if (arguments[0].indexOf(':') >= 0) { var args = arguments[0].split(':') address = args[0] value = parseInt(args[1]) network = arguments[1] } address = Address.fromBase58Check(address) } network = network || Network.bitcoin this.outs.push(new TransactionOut({ value: value, script: Script.createOutputScript(address, network), network: network })) } /** * Serialize this transaction. * * Returns the transaction as a binary buffer in * accordance with the Bitcoin protocol. */ Transaction.prototype.serialize = function () { var txInSize = this.ins.reduce(function(a, x) { return a + (40 + BufferExt.varIntSize(x.script.buffer.length) + x.script.buffer.length) }, 0) var txOutSize = this.outs.reduce(function(a, x) { return a + (8 + BufferExt.varIntSize(x.script.buffer.length) + x.script.buffer.length) }, 0) var buffer = new Buffer( 8 + BufferExt.varIntSize(this.ins.length) + BufferExt.varIntSize(this.outs.length) + txInSize + txOutSize ) var offset = 0 function writeSlice(slice) { if (Array.isArray(slice)) slice = new Buffer(slice) // FIXME: Performance: transitionary only slice.copy(buffer, offset) offset += slice.length } function writeUInt32(i) { buffer.writeUInt32LE(i, offset) offset += 4 } function writeUInt64(i) { BufferExt.writeUInt64LE(buffer, i, offset) offset += 8 } function writeVarInt(i) { var n = BufferExt.writeVarInt(buffer, i, offset) offset += n } writeUInt32(this.version) writeVarInt(this.ins.length) this.ins.forEach(function(txin, i) { var hash = new Buffer(txin.outpoint.hash, 'hex') // FIXME: Performance: convert on tx.addInput instead // TxHash hex is big-endian, we need little-endian Array.prototype.reverse.call(hash) writeSlice(hash) writeUInt32(txin.outpoint.index) writeVarInt(txin.script.buffer.length) writeSlice(txin.script.buffer) writeUInt32(txin.sequence) }) writeVarInt(this.outs.length) this.outs.forEach(function(txout) { writeUInt64(txout.value) writeVarInt(txout.script.buffer.length) writeSlice(txout.script.buffer) }) writeUInt32(this.locktime) assert.equal(offset, buffer.length, 'Invalid transaction object') return buffer } Transaction.prototype.serializeHex = function() { return this.serialize().toString('hex') } //var OP_CODESEPARATOR = 171 var SIGHASH_ALL = 1 var SIGHASH_NONE = 2 var SIGHASH_SINGLE = 3 var SIGHASH_ANYONECANPAY = 80 /** * Hash transaction for signing a specific input. * * Bitcoin uses a different hash for each signed transaction input. This * method copies the transaction, makes the necessary changes based on the * hashType, serializes and finally hashes the result. This hash can then be * used to sign the transaction input in question. */ Transaction.prototype.hashTransactionForSignature = function (connectedScript, inIndex, hashType) { var txTmp = this.clone() // In case concatenating two scripts ends up with two codeseparators, // or an extra one at the end, this prevents all those possible // incompatibilities. /*scriptCode = scriptCode.filter(function (val) { return val !== OP_CODESEPARATOR });*/ // Blank out other inputs' signatures txTmp.ins.forEach(function(txin) { txin.script = new Script() }) txTmp.ins[inIndex].script = connectedScript // Blank out some of the outputs if ((hashType & 0x1f) == SIGHASH_NONE) { txTmp.outs = [] // Let the others update at will txTmp.ins.forEach(function(txin, i) { if (i != inIndex) { txTmp.ins[i].sequence = 0 } }) } else if ((hashType & 0x1f) == SIGHASH_SINGLE) { // TODO: Implement } // Blank out other inputs completely, not recommended for open transactions if (hashType & SIGHASH_ANYONECANPAY) { txTmp.ins = [txTmp.ins[inIndex]] } var htB = new Buffer(4) htB.writeUInt32LE(hashType, 0) var buffer = Buffer.concat([txTmp.serialize(), htB]) return crypto.hash256(buffer) } Transaction.prototype.getHash = function () { var buffer = crypto.hash256(this.serialize()) // Big-endian is used for TxHash Array.prototype.reverse.call(buffer) return buffer.toString('hex') } Transaction.prototype.clone = function () { var newTx = new Transaction() newTx.version = this.version newTx.locktime = this.locktime this.ins.forEach(function(txin) { newTx.addInput(txin.clone()) }) this.outs.forEach(function(txout) { newTx.addOutput(txout.clone()) }) return newTx } Transaction.deserialize = function(buffer) { if (typeof buffer == "string") buffer = new Buffer(buffer, 'hex') else if (Array.isArray(buffer)) buffer = new Buffer(buffer) // Copy because we mutate (reverse TxOutHashs) buffer = new Buffer(buffer) var offset = 0 function readSlice(n) { offset += n return buffer.slice(offset - n, offset) } function readUInt32() { var i = buffer.readUInt32LE(offset) offset += 4 return i } function readUInt64() { var i = BufferExt.readUInt64LE(buffer, offset) offset += 8 return i } function readVarInt() { var vi = BufferExt.readVarInt(buffer, offset) offset += vi.size return vi.number } var ins = [] var outs = [] var version = readUInt32() var vinLen = readVarInt() for (var i = 0; i < vinLen; ++i) { var hash = readSlice(32) // TxHash is little-endian, we want big-endian hex Array.prototype.reverse.call(hash) var vout = readUInt32() var scriptLen = readVarInt() var script = readSlice(scriptLen) var sequence = readUInt32() ins.push({ outpoint: { hash: hash.toString('hex'), index: vout, }, script: Script.fromBuffer(script), sequence: sequence }) } var voutLen = readVarInt() for (i = 0; i < voutLen; ++i) { var value = readUInt64() var scriptLen = readVarInt() var script = readSlice(scriptLen) outs.push({ value: value, script: Script.fromBuffer(script) }) } var locktime = readUInt32() assert.equal(offset, buffer.length, 'Invalid transaction') return new Transaction({ version: version, ins: ins, outs: outs, locktime: locktime }) } /** * Signs a standard output at some index with the given key * FIXME: network support is ugly */ Transaction.prototype.sign = function(index, key, type, network) { assert(key instanceof ECKey) network = network || Network.bitcoin var address = key.pub.getAddress(network.pubKeyHash) // FIXME: Assumed prior TX was pay-to-pubkey-hash var script = Script.createOutputScript(address, network) var signature = this.signScriptSig(index, script, key, type) var scriptSig = Script.createPubKeyHashScriptSig(signature, key.pub) this.setScriptSig(index, scriptSig) } // Takes outputs of the form [{ output: 'txhash:index', address: 'address' },...] Transaction.prototype.signWithKeys = function(keys, outputs, type) { type = type || SIGHASH_ALL var addrdata = keys.map(function(key) { assert(key instanceof ECKey) return { key: key, address: key.getAddress().toString() } }) var hmap = {} outputs.forEach(function(o) { hmap[o.output] = o }) for (var i = 0; i < this.ins.length; i++) { var outpoint = this.ins[i].outpoint.hash + ':' + this.ins[i].outpoint.index var histItem = hmap[outpoint] if (!histItem) continue; var thisInputAddrdata = addrdata.filter(function(a) { return a.address == histItem.address }) if (thisInputAddrdata.length === 0) continue; this.sign(i,thisInputAddrdata[0].key) } } Transaction.prototype.signScriptSig = function(index, script, key, type) { type = type || SIGHASH_ALL assert((index >= 0), 'Invalid vin index') assert(script instanceof Script, 'Invalid Script object') assert(key instanceof ECKey, 'Invalid private key') // assert.equal(type & 0x7F, type, 'Invalid type') // TODO var hash = this.hashTransactionForSignature(script, index, type) return key.sign(hash).concat([type]) } Transaction.prototype.setScriptSig = function(index, script) { this.ins[index].script = script } Transaction.prototype.validateSig = function(index, script, pub, sig, type) { type = type || SIGHASH_ALL var hash = this.hashTransactionForSignature(script, index, type) return pub.verify(hash, sig) } Transaction.feePerKb = 20000 Transaction.prototype.estimateFee = function(feePerKb){ var uncompressedInSize = 180 var outSize = 34 var fixedPadding = 34 if(feePerKb == undefined) feePerKb = Transaction.feePerKb; var size = this.ins.length * uncompressedInSize + this.outs.length * outSize + fixedPadding return feePerKb * Math.ceil(size / 1000) } var TransactionIn = function (data) { if (typeof data == "string") { this.outpoint = { hash: data.split(':')[0], index: data.split(':')[1] } } else if (data.outpoint) { this.outpoint = data.outpoint } else { this.outpoint = { hash: data.hash, index: data.index } } if (data.scriptSig) { this.script = Script.fromScriptSig(data.scriptSig) } else if (data.script) { this.script = data.script } else { this.script = new Script(data.script) } this.sequence = data.sequence || this.defaultSequence } TransactionIn.prototype.clone = function () { return new TransactionIn({ outpoint: { hash: this.outpoint.hash, index: this.outpoint.index }, script: this.script.clone(), sequence: this.sequence }) } // FIXME: Support for alternate networks var TransactionOut = function (data) { this.script = data.script instanceof Script ? data.script.clone() : Array.isArray(data.script) ? new Script(data.script) : typeof data.script == "string" ? new Script(convert.hexToBytes(data.script)) : data.scriptPubKey ? Script.fromScriptSig(data.scriptPubKey) : data.address ? Script.createOutputScript(data.address) : new Script() var network = data.network || Network.bitcoin if (this.script.buffer.length > 0) { this.address = this.script.getToAddress(network) } this.value = Array.isArray(data.value) ? convert.bytesToNum(data.value) : "string" == typeof data.value ? parseInt(data.value) : data.value instanceof BigInteger ? parseInt(data.value.toString()) : data.value } TransactionOut.prototype.clone = function() { var newTxout = new TransactionOut({ script: this.script.clone(), value: this.value }) return newTxout } TransactionOut.prototype.scriptPubKey = function() { return convert.bytesToHex(this.script.buffer) } module.exports = { Transaction: Transaction, TransactionIn: TransactionIn, TransactionOut: TransactionOut }