steems.top 更新,添加区块信息反查工具
steems.top 更新,添加区块信息反查工具
由于最近盗号高发,为了提升安全性,特意添加此工具。
此功能可以查询某个交易的签名公钥是什么,以辅助确定是否授权泄露或者钥匙泄露。
使用案例:我发现了我的账号莫名总是点赞某一个人,我自己肯定我没点赞过他,然后我就可以使用此工具查询,是否我的某个授权点赞。
如这笔交易:
txid:819c77994f369d6c7c25b5bff6808febab1616d6
Block:53166774
最终计算出操作者是: cn-trail
这是我授权的跟赞操作,可确定此交易无可疑。
核心代码:
# coding=utf-8
import sys
from beembase import transactions
from beem.account import PublicKey
import requests
from beembase.signedtransactions import Signed_Transaction
import re
nodes = 'https://cn.steems.top'
def key_group(player):
log=""
data = {"jsonrpc": "2.0", "method": "condenser_api.get_accounts", "params": [[player]], "id": 1}
response = requests.post(url=nodes, json=data)
rjson = response.json()
account=rjson['result'][0]
#自己的公钥
key_owner = account["owner"]["key_auths"][0][0]
key_auths = account["posting"]["key_auths"][0][0]
post_key_auths=[]
postkey_auths=account["posting"]["key_auths"]
for i in postkey_auths:
post_key_auths.append(i[0])
active = account["active"]["key_auths"][0][0]
memo_key = account["memo_key"]
#查询授权列表
posting=account["posting"]["account_auths"]
name=[]
for i in posting:
posting_name=i[0]
name.append(posting_name)
log = "获取授权名单:" + str(posting_name)
log
#获取授权列表所有人的公钥:
pk_dict = [{'key': key_owner, 'name': player+"_owner"},
{'key': key_auths, 'name': player+"_key_auths"},
{'key': active, 'name': player+"_ative"},
{'key': memo_key, 'name': player+"_memo"}]
for i in post_key_auths:
kkkkey = {'key': i, 'name': i}
pk_dict.append(kkkkey)
data = {"jsonrpc": "2.0", "method": "condenser_api.get_accounts", "params": [name], "id": 1}
response = requests.post(url=nodes, json=data)
rjson = response.json()
name_key=rjson["result"]
for i in name_key:
key_auths = i["posting"]["key_auths"][0][0]
pk_name={'key':key_auths,'name':i["name"]}
print("获取公钥:",pk_name)
pk_dict.append(pk_name)
return pk_dict
def get_real_operator(block_num, tx_id,pk_dict):
data = {"jsonrpc": "2.0", "method": "condenser_api.get_block", "params": [block_num], "id": 1}
r = requests.post(url=nodes, json=data)
rjson = r.json()
block=rjson["result"]
index = block['transaction_ids'].index(tx_id)
tx = block['transactions'][index]
real_operator = 'Unknown'
tx_obj = Signed_Transaction(**tx)
#print(tx_obj)
#验证
for i in pk_dict:
pk_str =i["key"]
pk = PublicKey(pk_str)
pks = [pk]
try:
tx_obj.verify(pks, "STEEM")
except:
log = "不匹配:" + i["name"]
print("不对",i["name"])
continue
real_operator = [i["name"],i["key"]]
print("匹配成功",real_operator)
log = "匹配成功:" + real_operator[0]
break
print("操作者公钥是:",pk)
return real_operator, tx
def main(tx_id,block_num,pk_dict):
print('-------------------------------------------------------')
real_operator, tx = get_real_operator(block_num, tx_id,pk_dict)
print(f"操作者是: {real_operator}")
print('Done!')
print("操作者是:" , real_operator[0])
print("操作者公钥:" , real_operator[1])
player="maiyude"
block_numss="53166774"
tx_id="819c77994f369d6c7c25b5bff6808febab1616d6"
pk_dict=key_group(player)
main(tx_id,block_numss,pk_dict)