midefos/basicswap
1
0
Fork 0
mirror of https://github.com/basicswap/basicswap.git synced 2025-11-05 18:38:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change default key derivation paths.

Browse Source 
To allow account keys to be imported into electrum.
Only applies when using descriptor wallets.
To match keys from legacy (sethdseed) wallets set the {COIN}_USE_LEGACY_KEY_PATHS environment variable before prepare.py.
This commit is contained in:
tecnovert
2025-07-26 01:15:57 +02:00
parent dc692209ca
commit d92fa0c61d
11 changed files with 260 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
basicswap/bin/prepare.py
View File

@@ -401,6 +401,12 @@ def getDescriptorWalletOption(coin_params):
return toBool(os.getenv(ticker + "_USE_DESCRIPTORS", default_option))
def getLegacyKeyPathOption(coin_params):
ticker: str = coin_params["ticker"]
default_option: bool = False
return toBool(os.getenv(ticker + "_USE_LEGACY_KEY_PATHS", default_option))
def getKnownVersion(coin_name: str) -> str:
version, version_tag, _ = known_coins[coin_name]
return version + version_tag
@@ -2792,6 +2798,8 @@ def main():
coin_settings["watch_wallet_name"] = getWalletName(
coin_params, "bsx_watch", prefix_override=f"{ticker}_WATCH"
)
if getLegacyKeyPathOption(coin_params) is True:
coin_settings["use_legacy_key_paths"] = True
if PART_RPC_USER != "":
chainclients["particl"]["rpcuser"] = PART_RPC_USER

93
basicswap/interface/btc.py
View File

@@ -16,8 +16,8 @@ import shutil
import sqlite3
import traceback
from io import BytesIO
from typing import Dict, Optional
from basicswap.basicswap_util import (
getVoutByAddress,
@@ -25,9 +25,9 @@ from basicswap.basicswap_util import (
)
from basicswap.interface.base import Secp256k1Interface
from basicswap.util import (
b2i,
ensure,
i2b,
b2i,
i2h,
)
from basicswap.util.ecc import (
@@ -36,18 +36,18 @@ from basicswap.util.ecc import (
)
from basicswap.util.extkey import ExtKeyPair
from basicswap.util.script import (
SerialiseNumCompact,
decodeScriptNum,
getCompactSizeLen,
SerialiseNumCompact,
getWitnessElementLen,
)
from basicswap.util.address import (
toWIF,
b58encode,
b58decode,
decodeWif,
b58encode,
decodeAddress,
decodeWif,
pubkeyToAddress,
toWIF,
)
from basicswap.util.crypto import (
hash160,
@@ -294,6 +294,8 @@ class BTCInterface(Secp256k1Interface):
self._expect_seedid_hex = None
self._altruistic = coin_settings.get("altruistic", True)
self._use_descriptors = coin_settings.get("use_descriptors", False)
# Use hardened account indices to match existing wallet keys, only applies when use_descriptors is True
self._use_legacy_key_paths = coin_settings.get("use_legacy_key_paths", False)
def open_rpc(self, wallet=None):
return openrpc(self._rpcport, self._rpcauth, wallet=wallet, host=self._rpc_host)
@@ -397,6 +399,13 @@ class BTCInterface(Secp256k1Interface):
last_block_header = prev_block_header
raise ValueError(f"Block header not found at time: {time}")
def getWalletAccountPath(self) -> str:
# Use a bip44 style path, however the seed (derived from the particl mnemonic keychain) can't be turned into a bip39 mnemonic without the matching entropy
purpose: int = 84 # native segwit
coin_type: int = self.chainparams_network()["bip44"]
account: int = 0
return f"{purpose}h/{coin_type}h/{account}h"
def initialiseWallet(self, key_bytes: bytes, restore_time: int = -1) -> None:
assert len(key_bytes) == 32
self._have_checked_seed = False
@@ -405,8 +414,15 @@ class BTCInterface(Secp256k1Interface):
ek = ExtKeyPair()
ek.set_seed(key_bytes)
ek_encoded: str = self.encode_secret_extkey(ek.encode_v())
desc_external = descsum_create(f"wpkh({ek_encoded}/0h/0h/*h)")
desc_internal = descsum_create(f"wpkh({ek_encoded}/0h/1h/*h)")
if self._use_legacy_key_paths:
# Match keys from legacy wallets (created from sethdseed)
desc_external = descsum_create(f"wpkh({ek_encoded}/0h/0h/*h)")
desc_internal = descsum_create(f"wpkh({ek_encoded}/0h/1h/*h)")
else:
# Use a bip44 path so the seed can be exported as a mnemonic
path: str = self.getWalletAccountPath()
desc_external = descsum_create(f"wpkh({ek_encoded}/{path}/0/*)")
desc_internal = descsum_create(f"wpkh({ek_encoded}/{path}/1/*)")
rv = self.rpc_wallet(
"importdescriptors",
@@ -445,6 +461,50 @@ class BTCInterface(Secp256k1Interface):
"""
raise (e)
def canExportToElectrum(self) -> bool:
# keychains must be unhardened to export into electrum
return self._use_descriptors is True and self._use_legacy_key_paths is False
def getAccountKey(
self,
key_bytes: bytes,
extkey_prefix: Optional[int] = None,
coin_type_overide: Optional[int] = None,
) -> str:
# For electrum, must start with zprv to get P2WPKH, addresses
# extkey_prefix: 0x04b2430c
ek = ExtKeyPair()
ek.set_seed(key_bytes)
path: str = self.getWalletAccountPath()
account_ek = ek.derive_path(path)
return self.encode_secret_extkey(account_ek.encode_v(), extkey_prefix)
def getWalletKeyChains(
self, key_bytes: bytes, extkey_prefix: Optional[int] = None
) -> Dict[str, str]:
ek = ExtKeyPair()
ek.set_seed(key_bytes)
# extkey must contain keydata to derive hardened child keys
if self.canExportToElectrum():
path: str = self.getWalletAccountPath()
external_extkey = ek.derive_path(f"{path}/0")
internal_extkey = ek.derive_path(f"{path}/1")
else:
# Match keychain paths of legacy wallets
external_extkey = ek.derive_path("0h/0h")
internal_extkey = ek.derive_path("0h/1h")
def encode_extkey(extkey):
return self.encode_secret_extkey(extkey.encode_v(), extkey_prefix)
rv = {
"external": encode_extkey(external_extkey),
"internal": encode_extkey(internal_extkey),
}
return rv
def getWalletInfo(self):
rv = self.rpc_wallet("getwalletinfo")
rv["encrypted"] = "unlocked_until" in rv
@@ -504,10 +564,16 @@ class BTCInterface(Secp256k1Interface):
if descriptor is None:
self._log.debug("Could not find active descriptor.")
return "Not found"
end = descriptor["desc"].find("/")
start = descriptor["desc"].find("]")
if start < 3:
return "Could not parse descriptor"
descriptor = descriptor["desc"][start + 1 :]
end = descriptor.find("/")
if end < 10:
return "Not found"
extkey = descriptor["desc"][5:end]
return "Could not parse descriptor"
extkey = descriptor[:end]
extkey_data = b58decode(extkey)[4:-4]
extkey_data_hash: bytes = hash160(extkey_data)
return extkey_data_hash.hex()
@@ -611,9 +677,10 @@ class BTCInterface(Secp256k1Interface):
pkh = hash160(pk)
return segwit_addr.encode(bech32_prefix, version, pkh)
def encode_secret_extkey(self, ek_data: bytes) -> str:
def encode_secret_extkey(self, ek_data: bytes, prefix=None) -> str:
assert len(ek_data) == 74
prefix = self.chainparams_network()["ext_secret_key_prefix"]
if prefix is None:
prefix = self.chainparams_network()["ext_secret_key_prefix"]
data: bytes = prefix.to_bytes(4, "big") + ek_data
checksum = sha256(sha256(data))
return b58encode(data + checksum[0:4])

14
basicswap/js_server.py
View File

@@ -1054,6 +1054,15 @@ def js_getcoinseed(self, url_split, post_string, is_json) -> bytes:
post_data = getFormData(post_string, is_json)
coin_in = get_data_entry(post_data, "coin")
extkey_prefix = get_data_entry_or(
post_data, "extkey_prefix", 0x04B2430C
) # default, zprv for P2WPKH in electrum
if isinstance(extkey_prefix, str):
if extkey_prefix.isdigit():
extkey_prefix = int(extkey_prefix)
else:
extkey_prefix = int(extkey_prefix, 16) # Try hex
try:
coin = getCoinIdFromName(coin_in)
except Exception:
@@ -1090,7 +1099,6 @@ def js_getcoinseed(self, url_split, post_string, is_json) -> bytes:
wallet_seed_id = ci.getWalletSeedID()
except Exception as e:
wallet_seed_id = f"Error: {e}"
rv.update(
{
"seed": seed_key.hex(),
@@ -1099,6 +1107,10 @@ def js_getcoinseed(self, url_split, post_string, is_json) -> bytes:
"current_seed_id": wallet_seed_id,
}
)
if hasattr(ci, "canExportToElectrum") and ci.canExportToElectrum():
rv.update(
{"account_key": ci.getAccountKey(seed_key, extkey_prefix)}
) # Master key can be imported into electrum (Must set prefix for P2WPKH)
return bytes(
json.dumps(rv),

2
basicswap/util/__init__.py
View File

@@ -54,6 +54,8 @@ def ensure(v, err_string):
def toBool(s) -> bool:
if isinstance(s, bool):
return s
if isinstance(s, int):
return False if s == 0 else True
return s.lower() in ["1", "true"]

45
basicswap/util/extkey.py
View File

@@ -1,10 +1,11 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# Copyright (c) 2024 tecnovert
# Copyright (c) 2024-2025 tecnovert
# Distributed under the MIT software license, see the accompanying
# file LICENSE or http://www.opensource.org/licenses/mit-license.php.
from copy import deepcopy
from .crypto import blake256, hash160, hmac_sha512, ripemd160
from coincurve.keys import PrivateKey, PublicKey
@@ -21,6 +22,10 @@ def hash160_dcr(data: bytes) -> bytes:
return ripemd160(blake256(data))
def hardened(i: int) -> int:
return i | (1 << 31)
class ExtKeyPair:
__slots__ = (
"_depth",
@@ -50,6 +55,11 @@ class ExtKeyPair:
def has_key(self) -> bool:
return False if self._key is None else True
def get_pubkey(self) -> bytes:
return (
self._pubkey if self._pubkey else PublicKey.from_secret(self._key).format()
)
def neuter(self) -> None:
if self._key is None:
raise ValueError("Already neutered")
@@ -83,11 +93,7 @@ class ExtKeyPair:
out._pubkey = K.format()
else:
k = PrivateKey(self._key)
out._fingerprint = self.hash_func(
self._pubkey
if self._pubkey
else PublicKey.from_secret(self._key).format()
)[:4]
out._fingerprint = self.hash_func(self.get_pubkey())[:4]
new_hash = BIP32Hash(self._chaincode, child_no, 0, self._key)
out._chaincode = new_hash[32:]
k.add(new_hash[:32], update=True)
@@ -97,6 +103,26 @@ class ExtKeyPair:
out.hash_func = self.hash_func
return out
def derive_path(self, path: str):
path_entries = path.split("/")
rv = deepcopy(self)
for i, level in enumerate(path_entries):
level = level.lower()
if i == 0 and level == "s":
continue
should_harden: bool = False
if len(level) > 1 and level.endswith("h") or level.endswith("'"):
level = level[:-1]
should_harden = True
if level.isdigit():
child_no: int = int(level)
if should_harden:
child_no = hardened(child_no)
rv = rv.derive(child_no)
else:
raise ValueError("Invalid path node")
return rv
def encode_v(self) -> bytes:
return (
self._depth.to_bytes(1, "big")
@@ -108,17 +134,12 @@ class ExtKeyPair:
)
def encode_p(self) -> bytes:
pubkey = (
PublicKey.from_secret(self._key).format()
if self._pubkey is None
else self._pubkey
)
return (
self._depth.to_bytes(1, "big")
+ self._fingerprint
+ self._child_no.to_bytes(4, "big")
+ self._chaincode
+ pubkey
+ self.get_pubkey()
)
def decode(self, data: bytes) -> None: