common.py 9.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232
  1. #!/usr/bin/env python3
  2. #
  3. # mmgen = Multi-Mode GENerator, command-line Bitcoin cold storage solution
  4. # Copyright (C)2013-2019 The MMGen Project <mmgen@tuta.io>
  5. #
  6. # This program is free software: you can redistribute it and/or modify
  7. # it under the terms of the GNU General Public License as published by
  8. # the Free Software Foundation, either version 3 of the License, or
  9. # (at your option) any later version.
  10. #
  11. # This program is distributed in the hope that it will be useful,
  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. # GNU General Public License for more details.
  15. #
  16. # You should have received a copy of the GNU General Public License
  17. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  18. """
  19. common.py: Common imports for all MMGen scripts
  20. """
  21. import sys,os
  22. from mmgen.exception import *
  23. from mmgen.globalvars import *
  24. import mmgen.opts as opts
  25. from mmgen.opts import opt
  26. from mmgen.util import *
  27. def help_notes(k):
  28. from mmgen.obj import SubSeedIdxRange,SeedShareIdx,SeedShareCount,MasterShareIdx
  29. from mmgen.seed import SeedSource
  30. from mmgen.tx import MMGenTX
  31. def fee_spec_letters(use_quotes=False):
  32. cu = g.proto.coin_amt.units
  33. sep,conj = ((',',' or '),("','","' or '"))[use_quotes]
  34. return sep.join(u[0] for u in cu[:-1]) + ('',conj)[len(cu)>1] + cu[-1][0]
  35. def fee_spec_names():
  36. cu = g.proto.coin_amt.units
  37. return ', '.join(cu[:-1]) + ('',' and ')[len(cu)>1] + cu[-1] + ('',',\nrespectively')[len(cu)>1]
  38. return {
  39. 'rel_fee_desc': MMGenTX().rel_fee_desc,
  40. 'fee_spec_letters': fee_spec_letters(),
  41. 'seedsplit': """
  42. COMMAND NOTES:
  43. This command generates shares one at a time. Shares may be output to any
  44. MMGen wallet format, with one limitation: only one share in a given split may
  45. be in hidden incognito format, and it must be the master share in the case of
  46. a master-share split.
  47. If the command's optional first argument is omitted, the default wallet is
  48. used for the split.
  49. The last argument is a seed split specifier consisting of an optional split
  50. ID, a share index, and a share count, all separated by colons. The split ID
  51. must be a valid UTF-8 string. If omitted, the ID 'default' is used. The
  52. share index (the index of the share being generated) must be in the range
  53. {sia}-{sib} and the share count (the total number of shares in the split)
  54. in the range {sca}-{scb}.
  55. Master Shares
  56. Each seed has a total of {msb} master shares, which can be used as the first
  57. shares in multiple splits if desired. To generate a master share, use the
  58. --master-share (-M) option with an index in the range {msa}-{msb} and omit
  59. the last argument.
  60. When creating and joining a split using a master share, ensure that the same
  61. master share index is used in all split and join commands.
  62. EXAMPLES:
  63. Create a 3-way default split of your default wallet, outputting all shares
  64. to default wallet format. Rejoin the split:
  65. $ mmgen-seedsplit 1:3 # Step A
  66. $ mmgen-seedsplit 2:3 # Step B
  67. $ mmgen-seedsplit 3:3 # Step C
  68. $ mmgen-seedjoin <output_of_step_A> <output_of_step_B> <output_of_step_C>
  69. Create a 2-way split of your default wallet with ID string 'alice',
  70. outputting shares to MMGen native mnemonic format. Rejoin the split:
  71. $ mmgen-seedsplit -o words alice:1:2 # Step D
  72. $ mmgen-seedsplit -o words alice:2:2 # Step E
  73. $ mmgen-seedjoin <output_of_step_D> <output_of_step_E>
  74. Create a 2-way split of your default wallet with ID string 'bob' using
  75. master share #7, outputting share #1 (the master share) to default wallet
  76. format and share #2 to BIP39 format. Rejoin the split:
  77. $ mmgen-seedsplit -M7 # Step X
  78. $ mmgen-seedsplit -M7 -o bip39 bob:2:2 # Step Y
  79. $ mmgen-seedjoin -M7 --id-str=bob <output_of_step_X> <output_of_step_Y>
  80. Create a 2-way split of your default wallet with ID string 'alice' using
  81. master share #7. Rejoin the split using master share #7 generated in the
  82. previous example:
  83. $ mmgen-seedsplit -M7 -o bip39 alice:2:2 # Step Z
  84. $ mmgen-seedjoin -M7 --id-str=alice <output_of_step_X> <output_of_step_Z>
  85. Create a 2-way default split of your default wallet with an incognito-format
  86. master share hidden in file 'my.hincog' at offset 1325. Rejoin the split:
  87. $ mmgen-seedsplit -M4 -o hincog -J my.hincog,1325 1:2 # Step M (share A)
  88. $ mmgen-seedsplit -M4 -o bip39 2:2 # Step N (share B)
  89. $ mmgen-seedjoin -M4 -H my.hincog,1325 <output_of_step_N>
  90. """.strip().format(
  91. sia=SeedShareIdx.min_val,sib=SeedShareIdx.max_val,
  92. sca=SeedShareCount.min_val,scb=SeedShareCount.max_val,
  93. msa=MasterShareIdx.min_val,msb=MasterShareIdx.max_val),
  94. 'subwallet': """
  95. SUBWALLETS:
  96. Subwallets (subseeds) are specified by a "Subseed Index" consisting of:
  97. a) an integer in the range 1-{}, plus
  98. b) an optional single letter, 'L' or 'S'
  99. The letter designates the length of the subseed. If omitted, 'L' is assumed.
  100. Long ('L') subseeds are the same length as their parent wallet's seed
  101. (typically 256 bits), while short ('S') subseeds are always 128-bit.
  102. The long and short subseeds for a given index are derived independently,
  103. so both may be used.
  104. MMGen has no notion of "depth", and to an outside observer subwallets are
  105. identical to ordinary wallets. This is a feature rather than a bug, as it
  106. denies an attacker any way of knowing whether a given wallet has a parent.
  107. Since subwallets are just wallets, they may be used to generate other
  108. subwallets, leading to hierarchies of arbitrary depth. However, this is
  109. inadvisable in practice for two reasons: Firstly, it creates accounting
  110. complexity, requiring the user to independently keep track of a derivation
  111. tree. More importantly, however, it leads to the danger of Seed ID
  112. collisions between subseeds at different levels of the hierarchy, as
  113. MMGen checks and avoids ID collisions only among sibling subseeds.
  114. An exception to this caveat would be a multi-user setup where sibling
  115. subwallets are distributed to different users as their default wallets.
  116. Since the subseeds derived from these subwallets are private to each user,
  117. Seed ID collisions among them doesn't present a problem.
  118. A safe rule of thumb, therefore, is for *each user* to derive all of his/her
  119. subwallets from a single parent. This leaves each user with a total of two
  120. million subwallets, which should be enough for most practical purposes.
  121. """.strip().format(SubSeedIdxRange.max_idx),
  122. 'passwd': """
  123. PASSPHRASE NOTE:
  124. For passphrases all combinations of whitespace are equal, and leading and
  125. trailing space are ignored. This permits reading passphrase or brainwallet
  126. data from a multi-line file with free spacing and indentation.
  127. """.strip(),
  128. 'brainwallet': """
  129. BRAINWALLET NOTE:
  130. To thwart dictionary attacks, it's recommended to use a strong hash preset
  131. with brainwallets. For a brainwallet passphrase to generate the correct
  132. seed, the same seed length and hash preset parameters must always be used.
  133. """.strip(),
  134. 'txcreate': """
  135. The transaction's outputs are specified on the command line, while its inputs
  136. are chosen from a list of the user's unspent outputs via an interactive menu.
  137. If the transaction fee is not specified on the command line (see FEE
  138. SPECIFICATION below), it will be calculated dynamically using network fee
  139. estimation for the default (or user-specified) number of confirmations.
  140. If network fee estimation fails, the user will be prompted for a fee.
  141. Network-estimated fees will be multiplied by the value of '--tx-fee-adj',
  142. if specified.
  143. Ages of transactions are approximate based on an average block discovery
  144. interval of one per {g.proto.secs_per_block} seconds.
  145. All addresses on the command line can be either {pnu} addresses or {pnm}
  146. addresses of the form <seed ID>:<index>.
  147. To send the value of all inputs (minus TX fee) to a single output, specify
  148. one address with no amount on the command line.
  149. """.format(g=g,pnm=g.proj_name,pnu=g.proto.name.capitalize()),
  150. 'fee': """
  151. FEE SPECIFICATION: Transaction fees, both on the command line and at the
  152. interactive prompt, may be specified as either absolute {c} amounts, using
  153. a plain decimal number, or as {r}, using an integer followed by
  154. '{l}', for {u}.
  155. """.format( c=g.coin,
  156. r=MMGenTX().rel_fee_desc,
  157. l=fee_spec_letters(use_quotes=True),
  158. u=fee_spec_names() ),
  159. 'txsign': """
  160. Transactions may contain both {pnm} or non-{pnm} input addresses.
  161. To sign non-{pnm} inputs, a {dn} wallet dump or flat key list is used
  162. as the key source ('--keys-from-file' option).
  163. To sign {pnm} inputs, key data is generated from a seed as with the
  164. {pnl}-addrgen and {pnl}-keygen commands. Alternatively, a key-address file
  165. may be used (--mmgen-keys-from-file option).
  166. Multiple wallets or other seed files can be listed on the command line in
  167. any order. If the seeds required to sign the transaction's inputs are not
  168. found in these files (or in the default wallet), the user will be prompted
  169. for seed data interactively.
  170. To prevent an attacker from crafting transactions with bogus {pnm}-to-{pnu}
  171. address mappings, all outputs to {pnm} addresses are verified with a seed
  172. source. Therefore, seed files or a key-address file for all {pnm} outputs
  173. must also be supplied on the command line if the data can't be found in the
  174. default wallet.
  175. """.format( dn=g.proto.daemon_name,
  176. pnm=g.proj_name,
  177. pnu=g.proto.name.capitalize(),
  178. pnl=g.proj_name.lower())
  179. }[k] + ('-α' if g.debug_utf8 else '')
  180. def exit_if_mswin(feature):
  181. if g.platform == 'win':
  182. m = capfirst(feature) + ' not supported on the MSWin / MSYS2 platform'
  183. ydie(1,m)
  184. def mswin_pw_warning():
  185. if g.platform == 'win' and not opt.echo_passphrase and g.mswin_pw_warning:
  186. m = 'due to a bug in the MSYS2 Python implementation, if your passphrase\n'
  187. m += 'contains non-ASCII characters, you must turn on passphrase echoing with the\n'
  188. m += '--echo-passphrase option or use a password file. Otherwise, the non-ASCII\n'
  189. m += 'characters in your passphrase will be silently ignored!'
  190. msg(red('WARNING: ') + yellow(m))