搜索由 
symbiotic / btc-puzzle
此软件包的最新版本(1.0.4)没有提供许可证信息。
1.0.4
2023-05-17 18:38 UTC
Requires
- php: >=8.0
- ext-gmp: *
README
Pool server <-- Client.exe Request range
Pool server --> Generate range
Pool server --> Request signature adresses
|----1Address0 <- Pool server - 1 address from the pool server
|----1Address1 <- User server |
|----1Address2 <- User server |- addresses from pool members
|----1Address3 <- User server |
|----1Address4 <- User server |
Pool Server --> Send to client
{
rangeStart: xxxxxxxxx,
rangeEnd : xxxxxxxxx,
signatureAddresses : [1Address1, ...],
}
Pool Server <-- Client sending the found verification addresses to the pool
{
rangeStart: xxxxxxxxx,
rangeEnd : xxxxxxxxx,
signature: ['privateHex1' => '1Address1',....],
}
Pool Server --> Check signature addresses and signatory range
为了形成发行范围的验证地址,使用了几个远程参与者服务器进行枚举,即使是由枚举池的创建者,也消除了范围伪造的途径。
每个服务器可以自行决定是否保留已发行扇区的日志,并在找到难题后,很容易检查哪个范围被分配。
生成验证地址的算法
要创建验证地址,使用
- 难题编号
- 扇区编号
- 用户ID(为发行扇区的用户)
该算法很简单,基于数据创建一个哈希,从中取数字的前几个字符,并用它替换范围内的内容。作为答案,提供验证地址和扇区哈希,该哈希由一个秘密短语、一个难题和扇区数量组成。
示例
secret = efjiej34f9349gj4309hg4349tfh3044f3
puzzle: 66
sectorNumber = 32352000
userID = 1
We calculate:
hex( 2^(66 -1) +(2^40 * sectorNumber ) )
startHex = 3eda7000000000000
hex( 2^(66 - 1) +(2^40 * sectorNumber + 1 ) )
nextHex = 3eda7010000000000
hex( next - start)
range = ffffffffff // 2^40 we need the number of characters
strlen( range )
addressHashLen = 10
Sector hash for crypt password
sha256(secret + puzzle + sectorNumber)
sectorHash = 99980898683611033808737021fe85d29f08d02ef13076071348e330418ba8a4
Sector signature for subsequent verification that the address was issued from your server.
sha256(secret + puzzle + sectorNumber + userID)
userSectorHash = f87e6a01e99458e2121e1bf53985b8f98899cbc44458b53a1d627cf1381ea428
Address private key prefix
substr(startHex, addressHashLen (10) )
startHexPrefix = 3eda700 - remove characters equal to the length of the range
startHexPrefix + substr(userSectorHash, 0, addressHashLen (10) )
addressPrivHex = 3eda700f87e6a01e9 - range prefix and 10 sector hash characters for the user
address = 1BU1bkkW3YX1NyBxmaLpP48pe2uvh67jX
We perform a hashing operation 5-50 several times
sha256(sectorHash + addressPrivHex)
passwordSHA256 = bde3eafd6fd1ca80870601f32e0c2f592462e446f7c5139e4ee9eb9230a10609
password = BLOWFISH( passwordSHA256 )
Answer:
'sectorHash' : '99980898683611033808737021fe85d29f08d02ef13076071348e330418ba8a4',
'address' : '1BU1bkkW3YX1NyBxmaLpP48pe2uvh67jX'
'userSectorHash' : 'f87e6a01e99458e2121e1bf53985b8f98899cbc44458b53a1d627cf1381ea428',
'signatureBlowfish' => '$2y$10$n5Ehd0YUVvy1tW2nLaMRTu6TGE84FY2mCbFwMDndTk1yBSf2J7pui'
用法
要使用,必须创建一个至少20个字符长度的秘密短语。没有人应该知道它,否则其他人将能够代表您生成范围地址。
需要令牌来防止枚举,否则每个用户都能够在传递范围之前枚举所有扇区并获得验证地址。
$config = new \Symbiotic\BtcPuzzle\Config( [ // your secret phrase for generating signatures 'secret' => 'efjiej34f9349gj4309hg4349tfh3044f3', // authorization token for generating a range signature 'token' => 'Aich45vbdghbds' ] );
为了方便工作,有一个控制器,它接受用于操作的GET参数
$controller = new \Symbiotic\BtcPuzzle\SignatureController($config, $_GET); echo $controller->dispatch();
Example: // Verification address generator $generator = new \Symbiotic\BtcPuzzle\SignatureGenerator($config->getToken(), $config->getSecret()); // Puzzle Range $sector = new \Symbiotic\BtcPuzzle\Sector($puzzleId, $sectorNumber); // Create a verification address for the user $address = $generator->generateSectorAddress($token, $sector, $user_id); // hash of the sector for subsequent authentication of the issuance by the user's server $sectorHash = $generator->getSectorHash($puzzleId, $sectorNumber); $signature = $generator->generateSectorSignature($token, $sector, $user_id); echo json_encode([ 'sectorHash' => $signature['sectorHash'], 'userSectorHash' => $signature['userSectorHash'] 'signatureBlowfish' => $signature['signatureBlowfish'] 'address' => $signature['address']/*we give only the address without the private key*/ ]);