Tuesday, July 14, 2015

Being able to access a wallet balance and info from the API is pretty cool – but the next obvious step is to create your own wallet or owned wallet out there to hold stuff. One of the things that you'll notice is that the wallet query itself just returns the current balance – not what's owned. Finding stuff that's is owned isn't super difficult – but it's a different query and is more expensive than what that entry is intented for. Much of Census occurs on a server elsewhere unless you are running your own full node at home – so we don't return and do stuff that we don't need or want.
The entry point in the library to generate a new wallet is generate_wallet
it's pretty expensive to run in terms of CPU time, which again is deliberate since this makes is more difficult to spam the network with junk data. Generate wallet returns a format which is being called CWIF – or Census Wallet Interchange Format. What it outputs, you should not post to the network or anything like Dropbox or Drive. All those items are indexed, and the private key inside the CWIF can give access to all the items in your wallet.

We'll make an app that creates what's lovingly called a 'brainwallet' – which is a wallet generated from a simple string. The most common example is the ever popular horse battery password from xkcd.com:






Real world, you probably shouldn't use these. This is awesome for passwords, but for generating random data, you are better off with random data – not using Monty Python quotes. We don't care for this example though – just use one of the popular entropy generators to create a nice, random, 2048 byte block to make your keys. Now the code:

__author__= 'lpreimesberger'
import os
import censusprotocollib
print "Let's make a wallet!"
email = raw_input( "What is your email address? : " )
fake_seed = raw_input( "Enter something for a brainwallet: " )
new_wallet = censusprotocollib.generate_wallet(fake_seed, email)
print new_wallet
Running this:

$ python createwallet.py
Let's make a wallet!
What is your email address? : ilovecats@cathuggers.com
Enter something for a brainwallet: correct horse battery staple
{'rsa_keys': [{'public': '-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Xq+nsbKILYaaYIyDB8X\n6jjsvTm+Z00yaiy5HxxIABuTx6gP3DRE78G0Wn5yfw7HRNDYEUaxwnNVFXFwuC+g\nv+uAIdrzXLVO/Qp3Hx7Y1+DoqRtsmG+w05XYY3GrWWT5u7lB93yFTQsOlqBORic2\nSy0Uv6jh9PbMJsJihDPUEsnXYHupBNINVXHaqX6skFsGwlkmtLtEcDGVx22JxTOG\noNrRURMZxaTIYzLYosu0/kl7VgnYFcvR3wa0czUkYDsDr0yWy8zJJNBlDTnx+cNf\naIV1aMmgHclB7ruGRAW4ajPR+cNzWDfns7P440rSxGaEg/T5YwhfgtwSScU/HCED\nPQIDAQAB\n-----END PUBLIC KEY-----', 'private': '-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEA2Xq+nsbKILYaaYIyDB8X6jjsvTm+Z00yaiy5HxxIABuTx6gP\n3DRE78G0Wn5yfw7HRNDYEUaxwnNVFXFwuC+gv+uAIdrzXLVO/Qp3Hx7Y1+DoqRts\nmG+w05XYY3GrWWT5u7lB93yFTQsOlqBORic2Sy0Uv6jh9PbMJsJihDPUEsnXYHup\nBNINVXHaqX6skFsGwlkmtLtEcDGVx22JxTOGoNrRURMZxaTIYzLYosu0/kl7VgnY\nFcvR3wa0czUkYDsDr0yWy8zJJNBlDTnx+cNfaIV1aMmgHclB7ruGRAW4ajPR+cNz\nWDfns7P440rSxGaEg/T5YwhfgtwSScU/HCEDPQIDAQABAoIBAQCMmgCXIioXj+Pv\nho7Yq1mIwhi8FZL1skD/x74/UMdz2mBmWk82rExNPUxenRVk86b85JBsSuotrua5\nIEghrBkfOx/xw15G96kDizqMUiMbHnsMqYBB5SPLBzuIvzpqZw/Vv+XYHRcJQjbC\nRw2T6VH+tDyP1J2RA+XkwRN0KRXYtphIHJkIalahco2VAkXFmW5nCD8jV7s5BC0t\naJtKOiigI1TVB2RicDwFHsV23IwjGu3kuD7ZP4mcJYfTMNRPuy9TOrPuihgXtf3q\n5H/bB8k0g7t13tCNJWcnOBkjYMXAV/y3PfeB6XJibs8b+L7f9cmhuOX+7tvvmT1l\nKkBiDCvBAoGBAOMbBrhIoZRxEYbF5KNVkclHD+kDR7HzacfFV8X2DivIrfnTNIGB\n7bMMiwq5qqE0pUAsuTPIZ1ObhhWCSsa5uhlgeVlxFe3wt/7wg0P0E1Tu73xmEkLm\ny2RpR4kl/ZYFzZxSL+24nP7rEbqoTmjMBJM4KGBxyYX458rD7RqhbsKlAoGBAPUm\nMKu6rsGK4w75/oi9snY2mLqJIkeS9VL1hNlcrWRBj2e/oSB9HEvdkZ1SsfVsMHjj\ngTjg4C4Zpgh9mxXneGbX5OAVFgOdF8XTCOgykePN4/BfeLfPF/DaGy5c5LWRnobd\nJxZnIXaN38Dm/adK2h7hRn2b/NFCMTN1/gEkz9K5AoGBAIN9rWlbnDovMR+gSp4L\nOEqam2qlXIh6z987snNK4K+XFKwWDkuBp9fIRmTiVRnbOmaqvlxuBu1QmdSwSI1B\nEbAJvJj9sd2/RzkTllzs35iIcx7Kln4n1NGBZ0rQNT/8giylJVz1S+kIv44cTrG8\nllWK6U3V9AFeuQ4cXJbTqyaFAoGBAINXOqxHEGnRJ2VWuvA38e0zww/teNgv/A++\nSrbJ2HvmRBaprIHjhc1/oAxRydZbaHzcJtd6Y6FPTI0v/m713KP89zq3EVxORfZO\n4m7E6TTLkluuStbvtTvtHrLwQfilU/Gdetud1WfXCxImr695gvMYbtPNRt42QHX5\nuWSTfGTBAoGAAY98CTF3ltSxWmiZSFKCm1VqbU4B1EfU87K8zXcfY4Z4+90A64ox\nHDSjvJXe6nZ3xmH2XoUnGA8Eczqi+YN8wiCUCxImq2diUKgeXTKqUL2c1Uw9Xnwq\nmKyeGdE6Ie3OPQdTjRQEH7yJjsLoSqsWxPv9kZrkqoQhERJWaaT68Xg=\n-----END RSA PRIVATE KEY-----'}], 'address': '1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T', 'public': '0478d430274f8c5ec1321338151e9f27f4c676a008bdf8638d07c0b6be9ab35c71a1518063243acd4dfe96b66e3f2ec8013c8e072cd09b3834a19f81f659cc3455', 'private': 'c4bbcb1fbec99d65bf59d85c8cb62ee2db963f0fe106f483d9afa73bd4e39a8a', 'email': 'ilovecats@cathuggers.com'}

Holy crap! Yeah, that's a lot – and it includes some of the secret data we shouldn't put on the Internet. Running that through a pretty printer and clipping the data:

{
'rsa_keys': [
{
'public': '-----BEGINPUBLICKEY...
'private': '-----BEGINRSAPRIVATEKEY...
}
],
'address': '1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T',
'public': '0478d4...
'private': 'c4bbc...
'email': 'ilovecats@cathuggers.com'
}

In this output:
  • rsa_keys are the set of RSA interchange keys that are associated with this wallet – it's an array, so there can be a lot of these. Only public keys go on the network
  • address is the wallet address, which is actually the unique hash of the private key if you follow it all the way back
  • public is the public key – which goes to the network as a backup (many clients can validate based on address, but more info doesn't hurt)
  • private is the private ECDSA key we keep locally and don't share
  • email is the optional email tag which lets folks find us on the network. This is optional and can be ignored if you are feeling paranoid or it doesn't make sense. For brokers, this could be a randomized email for your internal customers (i.e. - 2342356134@ticketbrokers.com) to simplify transactions

We can't do anything with this other than save it locally though – so what about adding wallets to the network?


Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)