Python code to simply create raw transaction with Omni SimpleSend payload and change address.
First create a multi-signature address using omnicore-cli, you can specify how many signatures you want and require (n-of-k), this script will use 3-of-5 for the example test in the signing part.
To create a multisig address you do the following using omnicore-cli or the console in omnicore-qt, or even use a bitcoincore client as this does not involve any omni actions/functions:
Do getnewaddress
k times for the amount of multisig holders you want to create, in real-world situation individuals would all do this by themselves on a secure bootable USB that has omnicore on it and does not need any internet connection.
You will get 5 addresses, for example:
- 36uwmRmD9X2BH4Hi9ekv34k1Lp86QiYGw4
- 36RGKtGoUiZwLucvcdvSm5m2mzY1qa4aCa
- 39hTG37BgWjaRCRGhZSSNGkzK3ErLbS8VZ
- 33bm8hy2Uo4xEubhnbj2ds66VydCJS8djW
- 32nDKbaDCQ3tnW1wvWVyjwskL1kfXcvkbW
Each address represent a unique entity holding a share of the multisig address.
Now run getaddressinfo <address>
for each address, you will get the pubkey
- Hex (base 16), these are meant to be shared and don’t pose any security risks.
It will look like this for each address (showing 1 for sake of simplicity):
getaddressinfo 36uwmRmD9X2BH4Hi9ekv34k1Lp86QiYGw4
Output:
{ "address": "36uwmRmD9X2BH4Hi9ekv34k1Lp86QiYGw4", "scriptPubKey": "a914394a90f1c8f864edb80b186baf48a54ebc89ede187", "ismine": true, "solvable": true, "iswatchonly": false, "isscript": true, "iswitness": false, "script": "witness_v0_keyhash", "hex": "00146bf7aad62dce4a9c6545df5794ea1636c1b3f382", "pubkey": "02d6406f9dd17dedc83496101cb3b997acdce67fba4f671c4eb9398c19d505b8ad", "embedded": { "isscript": false, "iswitness": true, "witness_version": 0, "witness_program": "6bf7aad62dce4a9c6545df5794ea1636c1b3f382", "pubkey": "02d6406f9dd17dedc83496101cb3b997acdce67fba4f671c4eb9398c19d505b8ad", "address": "bc1qd0m6443dee9fce29matef6skxmqm8uuz660mck", "scriptPubKey": "00146bf7aad62dce4a9c6545df5794ea1636c1b3f382" }, "ischange": false, "timestamp": 1614668157, "labels": [ "" ] ... }
Finally, the important part that requires to be done securely, dumping the private key of the address.
The private key(s) will be able to sign raw transactions and when enough do so funds can be moved, keep them secure at all time!
dumpprivkey <address>
Example:
dumpprivkey 36uwmRmD9X2BH4Hi9ekv34k1Lp86QiYGw4
Output (this is not actual key but should look like this):
L3UmFARECa8RVz7DazbGfnfAxMnuW8AP8oCSRC7ZABSREHJpyMLL
Last part is to create the multi-signature address, important is to keep track of the order how you put the public keys! Specify how many required signatures are necessary and then the array of public keys, the github example uses 3-of-5:
createmultisigaddress <#ofSignaturesNeeded> '["scriptPubKey1","scriptPubKey2","scriptPubKey3","scriptPubKey4","scriptPubKey5"]'
Example for 3-of-5:
createmultisig 3 '["02d6406f9dd17dedc83496101cb3b997acdce67fba4f671c4eb9398c19d505b8ad", "02ad49bc6f2932fd02ee17b0f1fdd27c9f0373722c7d14d7fdd0dd6fbdef4bbdae", "0381ae9203e049a978a7b4b067a9f77659c5949b464ed3b6d5f40e6da4c7865ab7", "0347c558956c5e3386277b36d703a03fc7d8e94335305e7681901a621a812b4752", "0273d26832feaec937db4d933c9710a7cf3545711cc32918e84d2665a4c54daf19" ]'
Output with the required redeemScript
and your multisig address
!:
{ "address": "3QhJ3qajPviUgr6krrDYXGrEd8vwVvmP9a", "redeemScript": "532102d6406f9dd17dedc83496101cb3b997acdce67fba4f671c4eb9398c19d505b8ad2102ad49bc6f2932fd02ee17b0f1fdd27c9f0373722c7d14d7fdd0dd6fbdef4bbdae210381ae9203e049a978a7b4b067a9f77659c5949b464ed3b6d5f40e6da4c7865ab7210347c558956c5e3386277b36d703a03fc7d8e94335305e7681901a621a812b4752210273d26832feaec937db4d933c9710a7cf3545711cc32918e84d2665a4c54daf1955ae", "descriptor": "sh(multi(3,02d6406f9dd17dedc83496101cb3b997acdce67fba4f671c4eb9398c19d505b8ad,02ad49bc6f2932fd02ee17b0f1fdd27c9f0373722c7d14d7fdd0dd6fbdef4bbdae,0381ae9203e049a978a7b4b067a9f77659c5949b464ed3b6d5f40e6da4c7865ab7,0347c558956c5e3386277b36d703a03fc7d8e94335305e7681901a621a812b4752,0273d26832feaec937db4d933c9710a7cf3545711cc32918e84d2665a4c54daf19))#3h5wqtqk" }
Note that different order of public keys will create a different address and redeemScript, if you maintain the order it will yield same results.
So from the outputs keep the address, pubkey, private keys of each address and save the multisig address & redeemScript somewhere.
The multisig address and redeemScript can be shared and don’t pose any security risk.
Next you can try to fund your newly created multisig address with a bitcoin transaction, this transaction will be used when you want to create a rawtransaction, it will use the transaction id and inputs to the multisig address for creating new outputs and paying for the miner fee!
I send both some BTC and MAID to my test address, write the transaction id down of the the BTC funding that you will use later in the script.
On my github you can download these simple python scripts, they will do all the copy and paste work for you and create the raw transaction. Still working on it, currently it will create a raw transaction and directly do a test signing until it is complete (meets required # of signatures) but will not broadcast it until you change ENABLE_BROADCAST
to True
.
Please read more about it on my github in README.md