我試圖從簽名中恢復公鑰,但我失敗了
我使用了來自<https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#p2sh-p2wpkh>的數據。很容易知道如何獲得
sigHash。但是當我嘗試恢復公鑰時,一切都超出了我的預期。我的問題是
- 要簽名的消息不是
64f3b0f4dd2bb3aa1ce8566d220cc74dda9df97d8490cc81d89d735c92e59fb6?- 如果消息是
64f3b0f4dd2bb3a...59fb6,我的程式碼有什麼問題嗎?我的程式碼
import ecdsa from ecdsa.ecdsa import int_to_string, string_to_int from binascii import hexlify prik = "eb696a065ef48a2192da5b28b694f87544b30fae8327c4510137a922f32c6dcf" prik = bytes.fromhex(prik) pubk = "03ad1d8e89212f0b92c74d23bb710c00662ad1470198ac48c43f7d6f93a2a26873" sig = '3044022047ac8e878352d3ebbde1c94ce3a10d057c24175747116f8288e5d794d12d482f0220217f36a485cae903c713331d877c1f64677e3622ad4010726870540656fe9dcb' sig = bytes.fromhex(sig) raw_msg = "64f3b0f4dd2bb3aa1ce8566d220cc74dda9df97d8490cc81d89d735c92e59fb6" raw_msg = bytes.fromhex(raw_msg) try: pubkey = ecdsa.VerifyingKey.from_public_key_recovery( signature=sig, data=raw_msg, curve=ecdsa.curves.SECP256k1, sigdecode=ecdsa.util.sigdecode_der) print([hexlify(pub.to_string()) for pub in pubkey]) except Exception as e: raise e def check_recovery(pub): padx = (b'\0'*32 + int_to_string(pub.pubkey.point.x()))[-32:] if pub.pubkey.point.y() & 1: ck = b'\3'+padx else: ck = b'\2'+padx return hexlify(ck) lists = [check_recovery(p) for p in pubkey] print(lists) print([l == pubk for l in lists])我得到的是:b'519e33c6b146628b4010ae2b56aa9127ae9b795c82df021979436296daf4cceac17eb495101c3c15011e9d5a08163122054ad375730ee2e219504540eb658211’,b’d28ba1b718b542f52fe42b51635850b5900f111affbbdcbb63465e9a3dd79ffb80251268ba8d5b5ba4aaec8a682145af51b87bd7c7ab9e956895d31db24c4d4b’] [b'03519e33c6b146628b4010ae2b56aa9127ae9b795c82df021979436296daf4ccea’,b'03d28ba1b718b542f52fe42b51635850b5900f111affbbdcbb63465e9a3dd79ffb’] [假,假]
我錯過了什麼?
我錯過了什麼?
您正在
sigHash使用 SHA1 散列(即已經散列的消息),然後使用該結果恢復公鑰,這將為您03519e33c6b146628b4010ae2b56aa9127ae9b795c82df021979436296daf4ccea提供恢復的公鑰(無法使用我的 c# 程式碼重新計算第二個)!我相信這from_public_key_recovery是您正在使用的函式的原始碼。您可能必須使用另一個功能,例如from_public_key_recovery_with_digest