steems.top 更新,添加区块信息反查工具

in STEEM CN/中文4 years ago (edited)

steems.top 更新,添加区块信息反查工具

image.png

由于最近盗号高发,为了提升安全性,特意添加此工具。

此功能可以查询某个交易的签名公钥是什么,以辅助确定是否授权泄露或者钥匙泄露。

使用案例:我发现了我的账号莫名总是点赞某一个人,我自己肯定我没点赞过他,然后我就可以使用此工具查询,是否我的某个授权点赞。

image.png
如这笔交易:
txid:819c77994f369d6c7c25b5bff6808febab1616d6
Block:53166774

image.png

最终计算出操作者是: cn-trail

这是我授权的跟赞操作,可确定此交易无可疑。

核心代码:

# coding=utf-8
import sys
from beembase import transactions
from beem.account import PublicKey
import requests
from beembase.signedtransactions import Signed_Transaction
import re

nodes = 'https://cn.steems.top'


def key_group(player):
    log=""
    data = {"jsonrpc": "2.0", "method": "condenser_api.get_accounts", "params": [[player]], "id": 1}
    response = requests.post(url=nodes, json=data)
    rjson = response.json()
    account=rjson['result'][0]

    #自己的公钥
    key_owner = account["owner"]["key_auths"][0][0]
    key_auths = account["posting"]["key_auths"][0][0]
    post_key_auths=[]
    postkey_auths=account["posting"]["key_auths"]
    for  i in postkey_auths:
        post_key_auths.append(i[0])


    active = account["active"]["key_auths"][0][0]
    memo_key = account["memo_key"]
    #查询授权列表
    posting=account["posting"]["account_auths"]
    name=[]
    for i in posting:
        posting_name=i[0]
        name.append(posting_name)
        log = "获取授权名单:" + str(posting_name)
        log

    #获取授权列表所有人的公钥:
    pk_dict = [{'key': key_owner, 'name': player+"_owner"},
               {'key': key_auths, 'name': player+"_key_auths"},
               {'key': active, 'name': player+"_ative"},
               {'key': memo_key, 'name': player+"_memo"}]

    for i in post_key_auths:
        kkkkey = {'key': i, 'name': i}
        pk_dict.append(kkkkey)
    data = {"jsonrpc": "2.0", "method": "condenser_api.get_accounts", "params": [name], "id": 1}
    response = requests.post(url=nodes, json=data)
    rjson = response.json()
    name_key=rjson["result"]
    for i in name_key:
        key_auths = i["posting"]["key_auths"][0][0]
        pk_name={'key':key_auths,'name':i["name"]}
        print("获取公钥:",pk_name)
        pk_dict.append(pk_name)
    return pk_dict

def get_real_operator(block_num, tx_id,pk_dict):


    data = {"jsonrpc": "2.0", "method": "condenser_api.get_block", "params": [block_num], "id": 1}
    r = requests.post(url=nodes, json=data)
    rjson = r.json()
    block=rjson["result"]
    index = block['transaction_ids'].index(tx_id)
    tx = block['transactions'][index]

    real_operator = 'Unknown'
    tx_obj = Signed_Transaction(**tx)


    #print(tx_obj)

    #验证
    for i in pk_dict:
        pk_str =i["key"]
        pk = PublicKey(pk_str)
        pks = [pk]
        try:
            tx_obj.verify(pks, "STEEM")
        except:
            log = "不匹配:" + i["name"]
            print("不对",i["name"])
            continue
        real_operator = [i["name"],i["key"]]
        print("匹配成功",real_operator)
        log = "匹配成功:" + real_operator[0]

        break
    print("操作者公钥是:",pk)

    return real_operator, tx


def main(tx_id,block_num,pk_dict):
    print('-------------------------------------------------------')
    real_operator, tx = get_real_operator(block_num, tx_id,pk_dict)
    print(f"操作者是: {real_operator}")
    print('Done!')
    print("操作者是:" , real_operator[0])
    print("操作者公钥:" , real_operator[1])




player="maiyude"
block_numss="53166774"
tx_id="819c77994f369d6c7c25b5bff6808febab1616d6"
pk_dict=key_group(player)
main(tx_id,block_numss,pk_dict)