Please do not get the wrong idea with regards to what I’m about to ask. NO, I am not trying to steal litecoins from anyone.
I was provided with a wallet along with the message and signature. I’ve installed litecoin version 0.17.1. I have verified the signature, address, and message. The wallet has around $300 litecoins on it. Instead of just transferring litecoins to my litecoin address, the person wanted to see if I could figure out how to spend from the wallet given all the information provided to me. Yes, it’s a crypto challenge.
I have used the verify message command in the litecoin wallet I have installed and it gives me ‘true’ that the message and signature and address verifies. I’ve tried to import the address and do no-rescan but my wallet tries to do a rescan anyways and has issues and the address has not been imported. Honestly, I have not been able to sync the wallet. I’m using the windows version. I’m running windows 10 and every time I try to install some of these crypto wallets after the windows 10 OS does updates the wallets have issues running.
How do I import this wallet with its message and signatures into my litecoin wallet? If that cannot get done which it looks like is not feasible, then how do I create a transaction using the information he provided?
To spend a UTXO you need to sign a message that unlocks that utxo and also grants the newly created utxo to your desired address.
You can do that if you either control the private key or if the owner to that private key signs the appropriate message (for instance, creating the spending transaction).
For me it seems that you don’t have te private key; what kind of message did your friend sign?
No, I do not have the private key. I have the message text that was signed. I have a base 64 signature. To my understanding, with compact signatures you sign a text message or some short string of data. I have that info.
I’ve verified the message and signature in several places already outside the wallet. I’ve used a number of online signature verification tools. Yes, the coins are still on the address. Although I’ve exposed the signature, and the message by using some online tools, the wallet address still has the funds.
This is an interesting case, I have never heard of such a thing. Aren’t you afraid that it will be somehow used against you? Even if you do nothing, someone else will do it.
I’ve determined that it appears that the only way to import the funds on the wallet is to have the private key. Even though there is clearly transparency because I have the message and the signature. I read Sign Message - How to sign a message with a Bitcoin, Litecoin Address and got some insight.
It looks like that with any crypto wallet one cannot import the address unless she has the private key. However, I think its ludicrous that wallets aren’t enabled to provide for the importing of a base64 signature along with the message. I would suggest that the developers take that feature into consideration. It seems to frustrate the purpose of message verification. Why are we verifying messages and addresses, if we cannot import them into a wallet without the private key?
I did read at some blog that the base64 signature may be used as the private key. But upon converting it to hexadecimal it is a very long string - longer than a 32 byte key string.
I’m going to try to create a new transaction using the base64 signature.
which signature do you have?..that is the signature from the wallet that sent you the coins
not the signature belonging to your private key that belongs to the address that the coins are currently behind…
only if you sent coins using the address that now contains the coins can the private key be recovered from a signature
if you have sent coins using that exact address in the past and there are still coins behind the address
then you can recover the private key fro the signature
this is why your never suppose to reuse an address
I have the base64 signature which verifies the message.
There is a transaction on the blockchain with the address and another signature. That’s a DER encoded signature. But the DER encoded signature is different from the base64 signature generated from the message signing that I have.
So, basically, there’s two different signatures here. That’s another thing that is confusing to me as a newbie. Shouldn’t the base64 signature generated from creating a message be used as well to create the transaction? What purpose does the base64 signature serve outside of message verification?
no…the signature is created using both the private key and the message…
the signature is a hash of the private key and the message…
base64 is used to make transfer easier basically…just like base58 is used for addresses in place of public keys and 160 hashes
the signature is used by the miner to verify that the coins belong to the person they were sent to
a signature contains both a signature and a public key
the public key is the verifying key
the message is encoded with the private key to create a signature that can be verified using the public key
the private key decrypts the data that is encrypted with the public key in basic terms
the scriptPubkey is the script that has to be solved in order to spend the coins
this is where the private key creates a signature that is verified using the public key
then this is verified by a miner in the next block
no…you need the hex version of it
as in…convert what you have to hex (base16)
you may need to use python or something like this:
base64sig.decode(‘hex’)
if you are familiar with python (obviously you need to define ‘base64sig’ first)
fyi…the scriptPubkey is public info on sites like blockcypher.com
the signature is what solves the scriptpubkey to spend the coins
if all you have is the signature that signed the incoming transaction…
this is the signature generated by the private key that sent the coins…
not the key you need to spend the coins…
if you have a signature that verifies the message (address label) using the ecdsa signature verification algorithm
then you have to extract the private key first in order to generate a new signed message (signed transaction output) in order to spend the coins to a new address
you should be able to do this by subtracting the unsigned message from the signed one
Thanks. I found a python3 base64 decode script:
import base64
import math
import sys
encoded = ‘the-base-64-signature’
data = base64.b64decode(encoded)
data
outputs the bytes like b’ \xe8u\xadM:\xO1LQ\data\ data’
then take the bytes to convert to hexadecimal:
b’ \xe8u\xadM:\xO1LQ\data \ data’.hex()
‘output-is-the-hexadecimal’
The output is a long string about 128 bytes
Can you suggest a code script to extract the unsigned message from the signed one in this output?
the only way I can think of to do that would be to just recreate the unsigned message from scratch…
since you know what the message says…
can probably just take the hex form of the message and subtract it from the signed version
I dont think you decoded it right…
dont use base64decode
just use decode.signature(‘hex’)
try both…base64decode and hexdecode
you can decode the base64 signature to just the hex of that without decoding the base64 using base64decode…
The message is something like QQB6P2BKXZKUSMTI7L3QP39YKM3Z.
Using an online converter, the output for hexadecimal of the message is something like:
515142365032424b585a9b904345444d5083494c5a44502c43367515051365959
But this is not in the signed version.
For the base64 signature, I used an online converter this time to convert to hexadecimal and got something like:
20504e0b1d9542b6ea2f8a5e7689d73dc764b1deaebcc026911998c803 98c4fca671aca0b6d8cb5d1bfa78e61d59f391609e78f52094a737910220 6f363e13e581
The message is not in there.
How do you mean to use decode.signature(‘hex’). Can you provide steps?
when you change the message to hex…your not going to be able to find the message until you convert it back…
you convert it…sign a transaction with the private key, and then convert it back to transfer it
just like when something is encrypted…
the plain text is converted to base64, then encrypted…
you dont encrypt the plain text…you encrypt an encoded version of the plain text
so you would do this:
x =‘HiUikekeJilleivlUyelkbWNoeLpBxcweQqlzAer08cl2vlkjfl38ivlbh3l4lbklboijldfjcobn=’
x.decode(‘hex’)
now take this out put which is a hex string and define a variable with it…
y = (‘decoded string’)
now convert the message to a hex string and define a new variable with that output
z = (‘encoded message’)
now subtract
a = y - z
keep in mind that you may need to convert the string to a byte array before you can subtract them correctly because hex and encoding are just for “decoration” and all calculations are done in bytes
now type “a” to see the output…
this should be your hex version of the private key
keep in mind I am not 100% on this exactly and I will have to reference my ECDSA notes a little later
but this youtube video may help you:
note that you would use secp256k1 curve instead of 192 and you would need to convert everything to hex strings (or byte arrays) before you can do the calculations on it
(you can also do calculations in straight binary as well)
in python just tpye:
bin(‘hex string’)
to get the binary representation of the string
keep in mind that that video is just a how to do a CTF using ECDSA…but I was able to get the signature algorithm code out of it…
I have it saved on my other laptop if you would like it…I will post it or send it to you tonight…(the python code for ecdsa signature algorithm)
Yes, please either post or send to my email. How to give you my email?
Thanks so much. I’d appreciate it.
You know, I’ve been asking around about how to handle this challenge and no one could figure it out.
I really appreciate your input.
you can just open a python virtual environment in terminal (or command line if using windows)
make sure you install the required libraries but here is the code you can do one step at a time in python
you will need to install ecdsa using pip first though like this:
pip install ecdsa
then open a python instance and type the following code (replacing “message” with your own message to be signed…obviously this is a one way function so you can only regenerate the signed message with this using the unsigned message…in this case it is the label for the address that is within the wallet…
import ecdsa
sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
vk = sk.get_verifying_key()
sig = sk.sign(b"message")
vk.verify(sig, b"message")