[coinb.in] Open Source, Multi Signature, HD Wallet, SegWit/Bech32 and more!

volfr

newbie

Activity: 3

Merit: 0

Hi all! If we slightly modify the function for generating the private key in this script, coinjs.newPrivkey, and add a couple of lines generated by the JavaScript method Crypto.getRandomValues(), will we get a more robust key?

Original code:

Code:

/* generate a new random private key */
coinjs.newPrivkey = function(){
var x = window.location;
x += (window.screen.height * window.screen.width * window.screen.colorDepth);
x += coinjs.random(64);
x += (window.screen.availHeight * window.screen.availWidth * window.screen.pixelDepth);
x += navigator.language;
x += window.history.length;
x += coinjs.random(64);
x += navigator.userAgent;
x += 'coinb.in';
x += (Crypto.util.randomBytes(64)).join("");
x += x.length;
var dateObj = new Date();
x += dateObj.getTimezoneOffset();
x += coinjs.random(64);
x += (document.getElementById("entropybucket")) ? document.getElementById("entropybucket").innerHTML : '';
x += x+''+x;
var r = x;
for(i=0;i<(x).length/25;i++){
r = Crypto.SHA256(r.concat(x));
}
var checkrBigInt = new BigInteger(r);
var orderBigInt = new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
while (checkrBigInt.compareTo(orderBigInt) >= 0 || checkrBigInt.equals(BigInteger.ZERO) || checkrBigInt.equals(BigInteger.ONE)) {
r = Crypto.SHA256(r.concat(x));
checkrBigInt = new BigInteger(r);
}
return r;
}

Modified code:

Code:

/* generate a new random private key */
coinjs.newPrivkey = function(){
var x = window.location;
x += (window.screen.height * window.screen.width * window.screen.colorDepth);
x += coinjs.random(64);
x += (window.screen.availHeight * window.screen.availWidth * window.screen.pixelDepth);
x += navigator.language;
x += window.history.length;
x += coinjs.random(64);
x += 'coinb.in';
x += coinjs.newRand();
x += coinjs.newRand();
x += (Crypto.util.randomBytes(64)).join("");
x += x.length;
var dateObj = new Date();
x += dateObj.getTimezoneOffset();
x += coinjs.random(64);
x += (document.getElementById("entropybucket")) ? document.getElementById("entropybucket").innerHTML : '';
x += x+''+x;
var r = x;
for(i=0;i<(x).length/25;i++){
r = Crypto.SHA256(r.concat(x)).toUpperCase();
}
var checkrBigInt = new BigInteger(r);
var orderBigInt = new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
while (checkrBigInt.compareTo(orderBigInt) >= 0 || checkrBigInt.equals(BigInteger.ZERO) || checkrBigInt.equals(BigInteger.ONE)) {
r = Crypto.SHA256(r.concat(x));
checkrBigInt = new BigInteger(r);
}
return r;
}
//new function for random
coinjs.newRand = function(){
var arr = new Uint8Array(32)
window.crypto.getRandomValues(arr);
var ran = arr.join('')+'New Random';
return ran;
}

Thanks in advance!

frogx

newbie

Activity: 16

Merit: 10

I am willing to leak the full WIF key to any high-rank member here that promises to give me 175 DOGE (slightly less than 50%) if they can recover the funds. PM me or comment here. Do not try to scam me, I will only work with a high rank member. If you are skeptical, I will not send you any files, just a plaintext of the WIF, and will not ask for any payment unless you safely recover the funds.

Thank you in advance for anyone willing to help.

frogx

newbie

Activity: 16

Merit: 10

Quote from: pooya87 on August 13, 2023, 07:58:47 AM

Quote from: frogx on August 13, 2023, 01:30:17 AM

I tried redeeming it on coinbin and signing it, but got error 400 when i broadcasted.

Did it show any kind of error message? It may just be a broadcasting or connectivity to remote server error, in which case you can use an explorer like blockcypher to try and rebroadcast the same transaction if the signing was successful and the issue was only when broadcasting it.

Quote

Can i send the redeem script and public key here so it can be easier for you to help? That wouldn't give away access to them, right?

There is no need to post it here if it looks like the following (the bold part should be the same and the rest should be of the same size which is 40 characters equal to HASH160 of your pubkey):
001479091972186c449eb1ded22b78e40d009bdf0089

I broadcasted it with multiple wallets, it's not working.

address
A6CqeniSjuEp2G5R1JfvPP5cMqEm2qQZiQ
redeem script
00142072920a93446cb9dcfb1ff27b477992f04b1990
public key
0329d0b509ffc7c65224bc2268f534f0e46dcf40815d021fe0caf698347434c85d
WIF Key:
QP****sY (52 characters total)

I followed the same process with a legacy address, works smoothly.
The issue is that it is attributing the WIF key to the legacy address and not the segwit address.
I can't find any other wallets that support segwit for doge either.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: frogx on August 13, 2023, 01:30:17 AM

I tried redeeming it on coinbin and signing it, but got error 400 when i broadcasted.

Did it show any kind of error message? It may just be a broadcasting or connectivity to remote server error, in which case you can use an explorer like blockcypher to try and rebroadcast the same transaction if the signing was successful and the issue was only when broadcasting it.

Quote

Can i send the redeem script and public key here so it can be easier for you to help? That wouldn't give away access to them, right?

There is no need to post it here if it looks like the following (the bold part should be the same and the rest should be of the same size which is 40 characters equal to HASH160 of your pubkey):
001479091972186c449eb1ded22b78e40d009bdf0089

frogx

newbie

Activity: 16

Merit: 10

Quote from: pooya87 on August 13, 2023, 12:53:10 AM

Quote from: frogx on August 12, 2023, 11:31:07 PM

When i import the WIF key into another wallet, it instead imports the corresponding Legacy address (beginning with D) instead of the Segwit address.

Since WIFs don't have the address type information inside, you have to find a way to tell the wallet you are using what type of address it should derive. This is a wallet specific thing that you should ask the developers of that wallet or users of it.

Quote

Are my funds gone forever, or is it possible to access them?

Most probably you'll have a hard time reclaiming them but they aren't gone.
Try checking out the https://coinb.in/#newTransaction section of the website and try to create a transaction spending your coins by entering your redeem script in the first box and setting a destination address.
Then sign it using the https://coinb.in/#sign page with your private key.

Quote

If it's not possible to access, why does coinb.in even offer segwit as an option in the first place?

You really shouldn't use this type of tools for anything serious though, specially if you used it online. They are usually complicated and for "advanced" usages, not to mention could have vulnerabilities.
Try to stick to wallets.

P.S. Your address is a P2SH and I personally couldn't reproduce this type of SegWit address (ie. wrapped witness) which makes me think your address could be a multi-sig not SegWit. In any case are you sure your "redeem script" is a SegWit one? It should be OP_0 followed by a 20 or 32 byte data.

I tried redeeming it on coinbin and signing it, but got error 400 when i broadcasted.
Can i send the redeem script and public key here so it can be easier for you to help? That wouldn't give away access to them, right?

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: frogx on August 12, 2023, 11:31:07 PM

When i import the WIF key into another wallet, it instead imports the corresponding Legacy address (beginning with D) instead of the Segwit address.

Since WIFs don't have the address type information inside, you have to find a way to tell the wallet you are using what type of address it should derive. This is a wallet specific thing that you should ask the developers of that wallet or users of it.

Quote

Are my funds gone forever, or is it possible to access them?

Most probably you'll have a hard time reclaiming them but they aren't gone.
Try checking out the https://coinb.in/#newTransaction section of the website and try to create a transaction spending your coins by entering your redeem script in the first box and setting a destination address.
Then sign it using the https://coinb.in/#sign page with your private key.

Quote

If it's not possible to access, why does coinb.in even offer segwit as an option in the first place?

You really shouldn't use this type of tools for anything serious though, specially if you used it online. They are usually complicated and for "advanced" usages, not to mention could have vulnerabilities.
Try to stick to wallets.

P.S. Your address is a P2SH and I personally couldn't reproduce this type of SegWit address (ie. wrapped witness) which makes me think your address could be a multi-sig not SegWit. In any case are you sure your "redeem script" is a SegWit one? It should be OP_0 followed by a 20 or 32 byte data.

frogx

newbie

Activity: 16

Merit: 10

I generated a Segwit dogecoin address from coinb.in.

It gave me a Segwit address (begins with A), a redeem script, public key, and wif key.

I funded the address it gave me, with 359.05 DOGE - https://live.blockcypher.com/doge/address/A6CqeniSjuEp2G5R1JfvPP5cMqEm2qQZiQ/

Now, it won't let me spend it. I can't import the WIF key anywhere. I should've imported it before funding it, i know, but it's too late now. When i import the WIF key into another wallet, it instead imports the corresponding Legacy address (beginning with D) instead of the Segwit address.

Are my funds gone forever, or is it possible to access them?

If it's not possible to access, why does coinb.in even offer segwit as an option in the first place?

solvepuzzle

newbie

Activity: 2

Merit: 0

Hello all.

Is there any modified version for coinb.in that sends the change back to the source address without manually inputting a change address during transaction. I lost some coins to transactions fee because i forgot to input a change address.

By the way this is my favorite wallet for multisig. i would appreciate if anyone have an idea how to modify to auto send change back to source address or if there is a mod version with this feature in place.

Hope to get a response.
thanks

eli113

sr. member

Activity: 358

Merit: 254

void

dear OP - happy new year 2021 at first.

i have a quetion related to your awesome coinb.in

say i made one valid tx using your site
then i am going to a chat channel and send that tx in public view
as far i can think about it , i can only guess it is safe to do so
even if someone sends this into the right coin network , he/she will make me just a favor
am i right ?

please enlighten me with your expertise please !
are there any problems from such action ?

Greetings from Greece
Elias.C

OutCast3k

hero member

Activity: 714

Merit: 601

Double spend rbf guide for most recent modifications can be found in at the link below:

https://blog.coinb.in/guide_double_spend_rbf

OutCast3k

hero member

Activity: 714

Merit: 601

I've added a new interesting new feature.

You can now enter a Transaction ID onto the new transaction page and easily rebuild a previous unconfirmed transaction allowing you to make a double spend or a RBF transaction.

Enjoy guys!

Pente

hero member

Activity: 528

Merit: 527

Blockdozer (BCH) has quit updating for any tx after yesterday. This was the last compatible API for http://www.motelmaya.com/BCH/BCH.html

You can still redeem BCH coins prior to yesterday, but nothing after date. You can also custom load the inputs and create a file by hand for offline signing.

Redoing the API to work with a different website for BCH is a bit beyond my programming skills and would take me months to learn the necessary stuff, so will probably not be updated in the future.

If you have some old coins from the fork still sitting in limbo waiting for the redeem date, you might want to create/sign the transaction and store until you can pushtx.

roterdam

hero member

Activity: 640

Merit: 500

interested to BUY CASASCIUS

hi all !
first thanks to outcast3k for your hard work!
this is the best tool in the space to expertise and experiment with raw advanced transactions like no one other.
my question is :
i want to send a tx with two inputs one outputs , but using sighash flag SIGHASH_ALL|SIGHASH_ANYONECANPAY , for the purpose of simulfunding a particular address. two different users apport one utxo eachone.
it's possible make this work on coinb.in? how is the process?
whats the purpose of the field "script" in "new transaction" "inputs" "advanced options"
thanks.

Romis7151

jr. member

Activity: 84

Merit: 6

Quote from: OmegaStarScream on September 12, 2019, 10:24:16 AM

Quote from: Romis7151 on September 12, 2019, 09:49:48 AM

I sent a KMD coin (KOMODO) to this wallet - https://deckersu.github.io/coinbin
Now I can’t translate my coins. gives: error 16: tx-overwinter-active. Code: -26

That's a fork of the original version and it's not maintained by the same developer. I would suggest contacting Decker (same Github repository).

thank you)

OmegaStarScream

staff

Activity: 3500

Merit: 6152

Quote from: Romis7151 on September 12, 2019, 09:49:48 AM

I sent a KMD coin (KOMODO) to this wallet - https://deckersu.github.io/coinbin
Now I can’t translate my coins. gives: error 16: tx-overwinter-active. Code: -26

That's a fork of the original version and it's not maintained by the same developer. I would suggest contacting Decker (same Github repository).

Romis7151

jr. member

Activity: 84

Merit: 6

Quote from: OutCast3k on August 31, 2019, 07:26:16 AM

Quote from: OutCast3k on August 30, 2019, 04:11:57 PM

Quote from: Rath_ on August 27, 2019, 01:45:48 PM

Quote from: OmegaStarScream on August 27, 2019, 01:27:34 PM

I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.

Thanks for pointing this out. Will have it fixed asap.

https://coinb.in/#fees calculator has been fixed and is now pulling the correct information from the API. thanks again

I sent a KMD coin (KOMODO) to this wallet - https://deckersu.github.io/coinbin
Now I can’t translate my coins. gives: error 16: tx-overwinter-active. Code: -26

OutCast3k

hero member

Activity: 714

Merit: 601

Quote from: OutCast3k on August 30, 2019, 04:11:57 PM

Quote from: Rath_ on August 27, 2019, 01:45:48 PM

Quote from: OmegaStarScream on August 27, 2019, 01:27:34 PM

I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.

Thanks for pointing this out. Will have it fixed asap.

https://coinb.in/#fees calculator has been fixed and is now pulling the correct information from the API. thanks again

OutCast3k

hero member

Activity: 714

Merit: 601

Quote from: Rath_ on August 27, 2019, 01:45:48 PM

Quote from: OmegaStarScream on August 27, 2019, 01:27:34 PM

I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.

Thanks for pointing this out. Will have it fixed asap.

Rath_

legendary

Activity: 1876

Merit: 3132

Quote from: OmegaStarScream on August 27, 2019, 01:27:34 PM

I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Coinb.in's fee estimation has stopped working. Look at the block height. It shows that #590168 is the latest block, but it was mined 12 days ago.

OmegaStarScream

staff

Activity: 3500

Merit: 6152

Quote from: Pente on August 22, 2019, 03:14:56 PM

Mine was updated to link to https://bitcoinfees.earn.com, but it isn't an API, you have to calculate it manually.

I'm aware of earn.com, and I stopped using them because of their overestimation. I find coinb.in to be cheaper and more accurate.

Topic: [coinb.in] Open Source, Multi Signature, HD Wallet, SegWit/Bech32 and more! (Read 74837 times)