This commit adds a new function named Zero on the hdkeychain.ExtendedKey
which can be used to manually clear the memory used for an extended key.
This is useful for enhanced security by allowing the caller to explicitly
clear the memory when they're done with a key. Otherwise it might hang
around in memory for a while.
Once a key has been zeroed it is no longer usable.
This commit also contains tests to ensure everything works as expected
after a key has been zeroed.
This commit adds a new sub-package named hdkeychain which can be used to
derive hierarchical deterministic key chains which form the foundation of
hd wallets.
- Support for private and public extended keys
- Convenient cryptographically secure seed generation
- Simple creation of master nodes
- Support for multi-layer derivation
- Easy serialization and deserialization for both private and public
extended keys
- Support for custom networks by registering them with btcnet
- Obtaining the underlying EC pubkeys, EC privkeys, and associated bitcoin addresses
ties in seamlessly with existing btcec and btcutil types which provide
powerful tools for working with them to do things like sign transactions
and generate payment scripts
- Makes use of the btcec package which is highly optimized for secp256k1
- Code examples including:
- Generating a cryptographically secure random seed and deriving a
master node from it
- Default HD wallet layout as described by BIP0032
- Audits use case as described by BIP0032
- Comprehensive test coverage including the BIP0032 test vectors
- Benchmarks
This commit creates and an example test file that integrates nicely with
Go's example tooling.
This allows the example output to be tested as a part of running the
normal Go tests to help ensure it doesn't get out of date with the code.
This commit finishes the work started by @dajohi on bloom filters.
- Rename the package from bloomfilter to bloom
- Rename New function to NewFiler
- Rename Load function to LoadFilter
- Rename BloomFilter type to Filter
- Rename Contains to Matches
- Correct tx match handling to match all inputs and outputs instead of
only the first one
- Optimize murmur hash function by using constants
- Optimize the merkle block creation and reduce num of memory allocations
required
- Make MsgFilterLoad concurrent safe as intended
- Update various code consistency issues
- Add a lot of comments
- Improve tests
- Make the code golint clean
Since these constants can be useful for int64, Amount, and float64
math, it doesn't make sense to make them just one type, and require
type conversions for the rest.
ok @davecgh
While here, remove the serializedTx field from Tx. This field was
originally intended to be used to cache the bytes of the serialized
transaction, but it was never used and can effectively leak memory if
the Tx was created with a call to NewTxFromBytes.
ok @davecgh
bytes.Reader is a little bit more efficient than a bytes.Buffer when
just reading, so in situations where only an io.Reader is needed (for
Block and Tx deserialization), switch to a bytes.Reader.
ok @davecgh
This change removes all occurances of btcwire.BitcoinNet from exported
APIs, replacing each with *btcnet.Params. This simplifies the logic
for verifying string encodings of addresses and WIF private keys which
use leading identifier numbers to differentiate between address types
and the network they are intended for. It also allows the use of this
package for non-standard networks (not mainnet, regtest, or testnet3)
and future proofs it for the possible addition of future testnet
networks.
To update across this change, replace each btcwire.BitcoinNet
parameter with the associated *btcnet.Params. For the standard
networks, these changes are:
btcwire.MainNet -> &btcnet.MainNetParams
btcwire.TestNet -> &btcnet.RegressionNetParams
btcwire.TestNet3 -> &btcnet.TestNet3Params
ok @davecgh
The old functions DecodePrivateKey and EncodePrivateKey have been
removed in favor of the DecodeWIF function and the String method of
the new WIF type.
ok @davecgh
This change adds the Hash160 methods to AddressPubKeyHash and
AddressScriptHash so the hash may be accessed as an array, rather than
a byte slice with the ScriptAddress method of the Address interface.
In situations where arrays are more appropiate than slices (such as
for map keys), accessing the array directly this way can significantly
improve performance by reducing copying into local arrays.
Amount should still be a usable type even if the monetary amount being
described is not an amount at a single instance in time, for example,
the total of all BTC received by an address. Therefore, the bounds
checks that the amount is within the total amount of bitcoin ever
producable have been removed.
The checks for NaN and +-Infinity remain.
Besides being shorter, using "BTC" rather than "Bitcoin" in the
AmountUnit constants is deemed to be better for these units as BTC is
already a recognized monetary unit.
AmountBaseBitcoin has likewise been renamed to AmountSatoshi as this
is consistant with how it is returned as a string. The "standard"
part of the comment in the const block has been removed, as Satoshi is
technically not a standard term for this unit.
ok @davecgh
Originally the various NewAddressX family on functions were limited to
only btcwire.MainNet and btcwire.TestNet3. They were changed a while back
to also support the regression test network however the comments were not
updated. This commit simply removes the comments which limited the
available choices since all btcwire.BitconNet types are now supported.
This commit removes the previously deprecated TxShas function from
btcutil.Block. The preferred method to access transaction hashes is via
the Sha function on each btcutil.Tx contained within the block.
For example, the following illustrates how convert the old TxShas approach
to the new method:
OLD:
for i, sha := range block.TxShas() {
// use sha
}
NEW:
for i, tx := range block.Transactions() {
// use tx.Sha()
}
This commit also updates the tests for the removed function.
This commit contains a basic definition for CoinSelector along with some
utility classes and some basic algos to make creating transactions from
a set of available unspent outpoints easier.
Thanks to @dajohi, @davec, @jrick for all the feedback and suggestions
regarding interfaces, organization, optimization, comments and
documentation.
This commit modifies DecodeAddress to accept and decode pay-to-pubkey
addresses (raw serialized public keys). Since the resulting Address
needs to have a network associated with it, and a raw serialized public
key does not encode the network with it, a new parameter has been added
which requires the caller to specify a default network to use when
decoding addresses.
In the case the address has a network encoded with it such as for
pay-to-pubkey-hash and pay-to-script-hash addresses, the network will be
decoded from the address and the resulting Address instance will have that
network associated with it. When the address does NOT have a network
encoded with it, such as a pay-to-pubkey address, the provided default
network will be associated with the returned Address instance.
Also, the tests have been updated to test the new functionality.
ok @owainga and @jrick.
Since all of the deprecated address conversion functions have been
removed, consolidate the remaining private key funcs and tests into
address.go and address_test.go, repectively.
The prefix byte (netID) which is used to encode address is the same for
both the public test and regression test networks. Previously the code
was working under the assumption there was a 1-to-1 mapping of prefix byte
to bitcoin network, however as noted above that assumption was not
correct.
This commit modifies things a bit to choose the prefix byte at address
creation time instead of at encode time and internally stores the prefix
byte instead of the network. It also adds a new function, IsForNet, to the
Address interface which allows callers to test if an address is valid for
the passed network type. The end result of this change is that callers
will only need to change their checks from testing if addr.Net() is the
active bitcoin network to instead using addr.IsForNet(activeNet).
Closes#2.
This commit changes three things with cert generation.
- The extended key usage field has been removed since specifying the
extended key usage field prevents the cert from working with firefox
even when it specifies it can be used as a server
- Creates a random serial number since browsers like firefox and chrome
won't accept two certificates with the same issuer and serial number
- Adds the digital signature key usage capability since some validators
like node.js expect that instead of key encipherment
