Pages:
Author

Topic: [coinb.in] Open Source, Multi Signature, HD Wallet, SegWit/Bech32 and more! (Read 74698 times)

brand new
Activity: 0
Merit: 0
Hi all! If we slightly modify the function for generating the private key in this script, coinjs.newPrivkey, and add a couple of lines generated by the JavaScript method Crypto.getRandomValues(), will we get a more robust key?

Original code:
Code:
/* generate a new random private key */
coinjs.newPrivkey = function(){
var x = window.location;
x += (window.screen.height * window.screen.width * window.screen.colorDepth);
x += coinjs.random(64);
x += (window.screen.availHeight * window.screen.availWidth * window.screen.pixelDepth);
x += navigator.language;
x += window.history.length;
x += coinjs.random(64);
x += navigator.userAgent;
x += 'coinb.in';
x += (Crypto.util.randomBytes(64)).join("");
x += x.length;
var dateObj = new Date();
x += dateObj.getTimezoneOffset();
x += coinjs.random(64);
x += (document.getElementById("entropybucket")) ? document.getElementById("entropybucket").innerHTML : '';
x += x+''+x;
var r = x;
for(i=0;i<(x).length/25;i++){
r = Crypto.SHA256(r.concat(x));
}
var checkrBigInt = new BigInteger(r);
var orderBigInt = new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
while (checkrBigInt.compareTo(orderBigInt) >= 0 || checkrBigInt.equals(BigInteger.ZERO) || checkrBigInt.equals(BigInteger.ONE)) {
r = Crypto.SHA256(r.concat(x));
checkrBigInt = new BigInteger(r);
}
return r;
}

Modified code:
Code:
/* generate a new random private key */
coinjs.newPrivkey = function(){
var x = window.location;
x += (window.screen.height * window.screen.width * window.screen.colorDepth);
x += coinjs.random(64);
x += (window.screen.availHeight * window.screen.availWidth * window.screen.pixelDepth);
x += navigator.language;
x += window.history.length;
x += coinjs.random(64);
x += 'coinb.in';
x += coinjs.newRand();
x += coinjs.newRand();
x += (Crypto.util.randomBytes(64)).join("");
x += x.length;
var dateObj = new Date();
x += dateObj.getTimezoneOffset();
x += coinjs.random(64);
x += (document.getElementById("entropybucket")) ? document.getElementById("entropybucket").innerHTML : '';
x += x+''+x;
var r = x;
for(i=0;i<(x).length/25;i++){
r = Crypto.SHA256(r.concat(x)).toUpperCase();
}
var checkrBigInt = new BigInteger(r);
var orderBigInt = new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
while (checkrBigInt.compareTo(orderBigInt) >= 0 || checkrBigInt.equals(BigInteger.ZERO) || checkrBigInt.equals(BigInteger.ONE)) {
r = Crypto.SHA256(r.concat(x));
checkrBigInt = new BigInteger(r);
}
return r;
}
//new function for random
coinjs.newRand = function(){
var arr = new Uint8Array(32)
  window.crypto.getRandomValues(arr);
  var ran = arr.join('')+'New Random';
return ran;
}

Thanks in advance!
newbie
Activity: 16
Merit: 10
I am willing to leak the full WIF key to any high-rank member here that promises to give me 175 DOGE (slightly less than 50%) if they can recover the funds. PM me or comment here. Do not try to scam me, I will only work with a high rank member. If you are skeptical, I will not send you any files, just a plaintext of the WIF, and will not ask for any payment unless you safely recover the funds.

Thank you in advance for anyone willing to help.
newbie
Activity: 16
Merit: 10
I tried redeeming it on coinbin and signing it, but got error 400 when i broadcasted.
Did it show any kind of error message? It may just be a broadcasting or connectivity to remote server error, in which case you can use an explorer like blockcypher to try and rebroadcast the same transaction if the signing was successful and the issue was only when broadcasting it.

Quote
Can i send the redeem script and public key here so it can be easier for you to help? That wouldn't give away access to them, right?
There is no need to post it here if it looks like the following (the bold part should be the same and the rest should be of the same size which is 40 characters equal to HASH160 of your pubkey):
001479091972186c449eb1ded22b78e40d009bdf0089

I broadcasted it with multiple wallets, it's not working. 

address
A6CqeniSjuEp2G5R1JfvPP5cMqEm2qQZiQ
redeem script
00142072920a93446cb9dcfb1ff27b477992f04b1990
public key
0329d0b509ffc7c65224bc2268f534f0e46dcf40815d021fe0caf698347434c85d
WIF Key:
QP****sY (52 characters total)

I followed the same process with a legacy address, works smoothly.
The issue is that it is attributing the WIF key to the legacy address and not the segwit address.
I can't find any other wallets that support segwit for doge either.
legendary
Activity: 3402
Merit: 10424
I tried redeeming it on coinbin and signing it, but got error 400 when i broadcasted.
Did it show any kind of error message? It may just be a broadcasting or connectivity to remote server error, in which case you can use an explorer like blockcypher to try and rebroadcast the same transaction if the signing was successful and the issue was only when broadcasting it.

Quote
Can i send the redeem script and public key here so it can be easier for you to help? That wouldn't give away access to them, right?
There is no need to post it here if it looks like the following (the bold part should be the same and the rest should be of the same size which is 40 characters equal to HASH160 of your pubkey):
001479091972186c449eb1ded22b78e40d009bdf0089
newbie
Activity: 16
Merit: 10
When i import the WIF key into another wallet, it instead imports the corresponding Legacy address (beginning with D) instead of the Segwit address.
Since WIFs don't have the address type information inside, you have to find a way to tell the wallet you are using what type of address it should derive. This is a wallet specific thing that you should ask the developers of that wallet or users of it.

Quote
Are my funds gone forever, or is it possible to access them?
Most probably you'll have a hard time reclaiming them but they aren't gone.
Try checking out the https://coinb.in/#newTransaction section of the website and try to create a transaction spending your coins by entering your redeem script in the first box and setting a destination address.
Then sign it using the https://coinb.in/#sign page with your private key.

Quote
If it's not possible to access, why does coinb.in even offer segwit as an option in the first place?
You really shouldn't use this type of tools for anything serious though, specially if you used it online. They are usually complicated and for "advanced" usages, not to mention could have vulnerabilities.
Try to stick to wallets.

P.S. Your address is a P2SH and I personally couldn't reproduce this type of SegWit address (ie. wrapped witness) which makes me think your address could be a multi-sig not SegWit. In any case are you sure your "redeem script" is a SegWit one? It should be OP_0 followed by a 20 or 32 byte data.

I tried redeeming it on coinbin and signing it, but got error 400 when i broadcasted.
Can i send the redeem script and public key here so it can be easier for you to help? That wouldn't give away access to them, right?
legendary
Activity: 3402
Merit: 10424
When i import the WIF key into another wallet, it instead imports the corresponding Legacy address (beginning with D) instead of the Segwit address.
Since WIFs don't have the address type information inside, you have to find a way to tell the wallet you are using what type of address it should derive. This is a wallet specific thing that you should ask the developers of that wallet or users of it.

Quote
Are my funds gone forever, or is it possible to access them?
Most probably you'll have a hard time reclaiming them but they aren't gone.
Try checking out the https://coinb.in/#newTransaction section of the website and try to create a transaction spending your coins by entering your redeem script in the first box and setting a destination address.
Then sign it using the https://coinb.in/#sign page with your private key.

Quote
If it's not possible to access, why does coinb.in even offer segwit as an option in the first place?
You really shouldn't use this type of tools for anything serious though, specially if you used it online. They are usually complicated and for "advanced" usages, not to mention could have vulnerabilities.
Try to stick to wallets.

P.S. Your address is a P2SH and I personally couldn't reproduce this type of SegWit address (ie. wrapped witness) which makes me think your address could be a multi-sig not SegWit. In any case are you sure your "redeem script" is a SegWit one? It should be OP_0 followed by a 20 or 32 byte data.
newbie
Activity: 16
Merit: 10
I generated a Segwit dogecoin address from coinb.in.

It gave me a Segwit address (begins with A), a redeem script, public key, and wif key.

I funded the address it gave me, with 359.05 DOGE - https://live.blockcypher.com/doge/address/A6CqeniSjuEp2G5R1JfvPP5cMqEm2qQZiQ/

Now, it won't let me spend it. I can't import the WIF key anywhere. I should've imported it before funding it, i know, but it's too late now. When i import the WIF key into another wallet, it instead imports the corresponding Legacy address (beginning with D) instead of the Segwit address.

Are my funds gone forever, or is it possible to access them?

If it's not possible to access, why does coinb.in even offer segwit as an option in the first place?
newbie
Activity: 2
Merit: 0
Hello all.

Is there any modified version for coinb.in that sends the change back to the source address without manually inputting a change address during transaction. I lost some coins to transactions fee because i forgot to input a change address.

By the way this is my favorite wallet for multisig. i would appreciate if anyone have an idea how to modify to auto send change back to source address or if there is a mod version with this feature in place.

Hope to get a response.
thanks
sr. member
Activity: 358
Merit: 254
void
dear OP - happy new year 2021 at first.

i have a quetion related to your awesome coinb.in  Smiley

say i made one valid tx using your site
then i am going to a chat channel and send that tx in public view
as far i can think about it , i can only guess it is safe to do so
even if someone sends this into the right coin network , he/she will make me just a favor
am i right ?

please enlighten me with your expertise please !
are there any problems from such action ?

Greetings from Greece
Elias.C
hero member
Activity: 714
Merit: 601
Double spend rbf guide for most recent modifications can be found in at the link below:

https://blog.coinb.in/guide_double_spend_rbf
hero member
Activity: 714
Merit: 601
I've added a new interesting new feature.

You can now enter a Transaction ID onto the new transaction page and easily rebuild a previous unconfirmed transaction allowing you to make a double spend or a RBF transaction.

Enjoy guys!
hero member
Activity: 528
Merit: 527
Blockdozer (BCH) has quit updating for any tx after yesterday. This was the last compatible API for http://www.motelmaya.com/BCH/BCH.html

You can still redeem BCH coins prior to yesterday, but nothing after date. You can also custom load the inputs and create a file by hand for offline signing.

Redoing the API to work with a different website for BCH is a bit beyond my programming skills and would take me months to learn the necessary stuff, so will probably not be updated in the future.

If you have some old coins from the fork still sitting in limbo waiting for the redeem date, you might want to create/sign the transaction and store until you can pushtx.
hero member
Activity: 640
Merit: 500
interested to BUY CASASCIUS
hi all !
first thanks to outcast3k for your hard work!
this is the best tool in the space to expertise and experiment with raw advanced transactions like no one other.
my question is :
i want to send a tx with two inputs one outputs , but using sighash flag SIGHASH_ALL|SIGHASH_ANYONECANPAY , for the purpose of simulfunding a particular address. two different users apport one utxo eachone.
it's possible make this work on coinb.in?  how is the process?
whats the purpose of the field "script" in "new transaction" "inputs" "advanced options"
thanks.
jr. member
Activity: 84
Merit: 6
I sent a KMD coin (KOMODO) to this wallet - https://deckersu.github.io/coinbin
Now I can’t translate my coins. gives: error 16: tx-overwinter-active. Code: -26

That's a fork of the original version and it's not maintained by the same developer. I would suggest contacting Decker (same Github repository).
thank you)
staff
Activity: 3402
Merit: 6065
I sent a KMD coin (KOMODO) to this wallet - https://deckersu.github.io/coinbin
Now I can’t translate my coins. gives: error 16: tx-overwinter-active. Code: -26

That's a fork of the original version and it's not maintained by the same developer. I would suggest contacting Decker (same Github repository).
jr. member
Activity: 84
Merit: 6
I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.

Thanks for pointing this out. Will have it fixed asap.

https://coinb.in/#fees calculator has been fixed and is now pulling the correct information from the API. thanks again
I sent a KMD coin (KOMODO) to this wallet - https://deckersu.github.io/coinbin
Now I can’t translate my coins. gives: error 16: tx-overwinter-active. Code: -26
hero member
Activity: 714
Merit: 601
I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.

Thanks for pointing this out. Will have it fixed asap.

https://coinb.in/#fees calculator has been fixed and is now pulling the correct information from the API. thanks again
hero member
Activity: 714
Merit: 601
I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.

Thanks for pointing this out. Will have it fixed asap.
legendary
Activity: 1876
Merit: 3131
I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.
staff
Activity: 3402
Merit: 6065
Mine was updated to link to https://bitcoinfees.earn.com, but it isn't an API, you have to calculate it manually.

I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.
Pages:
Jump to: