Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: Check if your BTC-key is vulnerable
by
virtualx
on 12/06/2015, 11:22:21 UTC
Quote from: sss555 on June 12, 2015, 10:50:43 AM
Quote from: ca333 on March 05, 2015, 01:45:59 PM
Hi,

thought maybe someone can use the script below. I just wrote it to check couple of my public keys for reused R-signing values which allow generating of the private key of affected PKs. The script is very lightweight and uses urllib2 for loading the data from blockchain.info. So no local btc-node is needed. The script only works for keys with up to 50 tx. If your key got more than 50 tx you have to add some lines (add loop and use optional API-parameters limit and offset to parse through all transactions [50+]). Also the script contains a lot of debug-output which you can just comment or remove.
This is OpenSource and BETA software - USE AT OWN RISK - released under GNU Public License.


Code:
#!/usr/bin/python


#################################################################################
#                                                                               #
#.______               _______.  ______     ___      .__   __.                  #
#|   _  \             /       | /      |   /   \     |  \ |  |                  #
#|  |_)  |    ______ |   (----`|  ,----'  /  ^  \    |   \|  |                  #
#|      /    |______| \   \    |  |      /  /_\  \   |  . `  |                  #
#|  |\  \----.    .----)   |   |  `----./  _____  \  |  |\   |                  #
#| _| `._____|    |_______/     \______/__/     \__\ |__| \__|  v0.1.2          #
#                                                                               #
#GNU PL - 2015 - ca333                                                          #
#                                                                               #        
#USE AT OWN RISK!                                                               #
#################################################################################

import json
import urllib2
import time
import sys

#for some reason blockchain.info api-chain is 59711 blocks short..
blockstart = 170399
blockstart += 59711
blockcount = urllib2.urlopen("https://blockchain.info/de/q/getblockcount").read()

print "WELCOME TO R-scan v0.1.2!"

print "ADDRESS-R-SCAN: "
addr = raw_input("type address:  ")
urladdr = "https://blockchain.info/de/rawaddr/" + str(addr)
#control api-url
print urladdr
addrdata = json.load(urllib2.urlopen(urladdr))
print "Data for pubkey: " + str(addr)
print "number of txs: " + str(addrdata['n_tx'])
#tx-details:
y = 0
inputs = []
while y < addrdata['n_tx']:
print "#################################################################################"
print "TX nr :" + str(y+1)
print "hash: " + str(addrdata['txs'][y]['hash'])
print "number of inputs: " + str(addrdata['txs'][y]['vin_sz'])
#only if
#if addrdata['txs'][y]['vin_sz'] > 1:
zy = 0
while zy < addrdata['txs'][y]['vin_sz']:
print "Input-ScriptNR " + str(zy+1) + " :" + str(addrdata['txs'][y]['inputs'][zy]['script'])
inputs.append(addrdata['txs'][y]['inputs'][zy]['script'])
zy += 1

y += 1

print "compare: "

xi = 0
zi = 1
lenx = len(inputs)
alert = 0

#compare the sig values in each input script
while xi < lenx-1:
x = 0
while x < lenx-zi:
if inputs[xi][10:74] == inputs[x+zi][10:74]:
print "In Input NR: " + str(xi) + "[global increment] " + str(inputs[xi])
print('\a')
                        print "Resued R-Value: "
print inputs[x+zi][10:74]
                        alert += 1

x += 1

zi += 1
xi += 1

#check duplicates
#alert when everything ok

if alert < 1:
print "Good pubKey. No problems."


sys.exit()

if you have question ask me.
thank you.

The script working good but some problem more then a 50 transaction it not process

address: 1szVke6ThJtfdUTi6Y5AAMDMePM4Ha8vK

output

Resued R-Value: 262e481b6d8905b5adba67aff05eb8261501b0a9434c0b7f043d00cf8d23c91b
----------------------------------------------------------------------------------------------------------------------
if address: 1QCRoj5dPAsADvzd2o7NBy6kywBEkfC1Xh

output

compare:

Good pubKey. No problems.
------------------------------------------------------------------------------------------------------------------------
if address: 1BFhrfTTZP3Nw4BNy4eX4KFLsn9ZeijcMm

output

TX nr :51
Traceback (most recent call last):
  File "C:\master\identical-r-check.py", line 61, in
    print "hash: " + str(addrdata['txs'][y]['hash'])
IndexError: list index out of range
------------------------------------------------------------------------------------------------------------------------
1BFhrfTTZP3Nw4BNy4eX4KFLsn9ZeijcMm -> this address reused r value but the script give error how to solve , if any solved script available

It looks like addrdata isn't large enough, simply a buffer overflow.  Does print "number of txs: " + str(addrdata['n_tx'])  output a value larger than 50? I suggest printing y, addrdata['n_tx'] and the other values. It's a multidimensional array and one of them is out of range, meaning the array is not large enough to store values there.