# Transactions and Verifications

##### [Bitcoin and Etherium](#be)

##### [Transactions mechanisms of the two cryptocurrencies](#transveri)

##### [Flexibility and Security](#flexibility)

##### [Privacy](#privacy)




#### [Programming Transactions and Verifications](#a_2)

##### [Building transactions for the Frogcoin](#b_algo)

- [Generating private key and it's derivatives for the frogcoin users](#pk)


- [The ```transaction``` class ](#transaction)
    - [Constructor](#transconst)
    - [Methods and properties](#transmeth)

- [The ```create_signed_transaction``` function](#cst)


- [Testing Frogcoin transactions](#testing)
    - [Generating valid transaction](#valid)        
    - [Testing for valid transaction ID (txid)](#testtxid)
    - [Testing for valid signatures](#testsig)
    - [Testing for valid amount balance and nonce](#testamno)
    - [Testing for signatures created by a third party](#testmalsig)
    - [Testing for valid address (checksum implementation)](#testaddr)
    - [Testing a transaction](#testzimm)



##### [References](#ref)


## Bitcoin and Etherium
<a id="be"></a>

On 31 October 2008, a white paper that described a digital cryptocurrency and was titled "Bitcoin: A Peer-to-Peer Electronic Cash System" was published by Nakamoto<sup>[[1]](#ref)</sup>.

Bitcoin is a de-centralised digital currency, without a central bank or single administrator, that can be sent from user to user on the peer-to-peer bitcoin network without the need for intermediaries<sup>[[2]](#ref)</sup>.

The currency was first used in 2009 when its implementation was released as open-source software<sup>[[3]](#ref)</sup>.


Ethereum was first introduced in 2013 by Vitalik Buterin. In 2014, its development was crowdfunded, and the network went live with an initial supply of 72 million coins on 30 July 2015<sup>[[4]](#ref)</sup>.

Ethereum is a de-centralised, open-source blockchain with smart contract functionality. Ether (ETH) is the native cryptocurrency of the platform. After Bitcoin, it's the second largest cryptocurrency by market capitalization. Ethereum is the most actively used blockchain<sup>[[5]](#ref)</sup>.

Ether and bitcoin are similar in many ways: each is a digital currency traded via online exchanges and stored in various types of cryptocurrency wallets. Both of these tokens are de-centralised<sup>[[6]](#ref)</sup>, meaning that they are not issued or regulated by a central bank or other authority. Both cryptocurrencies use the distributed ledger technology known as blockchain. However, there are many distinctions between these two cryptocurrencies (the most popular ones by market capitalisation).

## Transactions mechanisms of the two cryptocurrencies and differences
<a id="transveri"></a>

The Bitcoin's existence is different than a traditional currency's. Its value is not stored on a hard drive, spreadsheet or account. Bitcoin essentially exist on the blockchain which is a record of transactions between addresses that correspond to users. This record is only updated by the Bitcoin network, and then it is shared across the nodes of the network containing every time the latest information on the addresses' balance. In general, a transaction includes three steps:

- An input. A person states the address that the money to be spent came from.
- The amount.
- An output. That includes the address of the person that the money is transferred to (making it available for spending. 

Performing such a bitcoin transaction is a synonym to having access to a pair of keys. The amount of bitcoins then associated to those keys is essentially the balance of the person who owns them. The method that underpins this concept and ensures that transactions are secure and anonymous is the Asymmetric Encryption Cryptography<sup>[[7]](#ref)</sup>.  
As we mentioned before the blockchain is available to the network, which means that addresses (deriving from public key) are a kind of transparent vaults. Everyone can see what amount the vault has in, but only the private key holder has access to it. 


Similarly, in the case of Ethereum to update its block chain a transaction must be broadcasted to the network. This is a message signed with cryptographic methods and defines what are the changes to be made. That then is send to a node and if the consensus rules are met<sup>[[8]](#ref)</sup> the network agrees to integrate the block to the block chain.

- The amount to be transferred
- Binary Data (In the case of contract deployment the bytecode is send here)
- The maximum amount of gas to be consumed for this transaction
- The amount to be payed by the sender for a unit of gas for this transaction
- A sequence number (defining the sender's previous transaction). This has to match the next transaction and is called nonce.
- Data that identify and authenticate the sender (signature)


One fundamental difference between the two cryptocurrencies is that Bitcoin's transactions are based on a Unspent Transaction Outputs (UTXOs) model and Ethereum is operating on an Account model.

One of the most revolutionary features in the world of cryptocurrencies is the introduction of smart contracts. Ethereum's contracts is essentially a program that runs on the blockchain. The functions and the state (data) of this program can exist at a specific address. As regular contracts, smart contracts can define that are automatically executable by the code. Every public function of Solidity<sup>[[9]](#ref)</sup> (an object-oriented programming language for writing smart contracts) that can change state can be called via a transaction. To call a function it's required to have the address of the contract, the name of the function and the function's arguments.


Generally, Both Bitcoin and Ethereum perform a form of state transitions of a blockchain. In Bitcoin, the blockchain guarantees through a cryptographically secure way to update state of the blockchain to transfer coins between users. The state of the blockchain can be verified by anyone and all the state transitions are initiated as transactions by users. In the case of coins, a few moments before a transaction updates the blockchain a senders account has for example 10 coins and after the blockchain update a receiver's account has the 10 coins when the sender has 0. Ethereum though exploits the fact that there is not an inherit limitation to this system that prevents the state transition of a blockchain to be implemented for just coin exchange. It generalises the state transitions of the blockchain into software included in the transactions. Therefore, since with Ethereum a blockchain can perform any kind of computation defined in the transaction it enables more functionality. Given that these computations are in a Turing-complete language many applications are possible. A few examples would be:

- A requirement for certain number of users to agree if the money in a transaction can be spent.
- Money in a transaction could be returned to the sender according to the conditions of an agreement.
- There could be a requirement for external data to be produced for the money in a transaction to be spent.


Recently, Bitcoin introduced smart contracts into its transactions as well. Smart contract functionality in Bitcoin might not be as flexible as on Ethereum but still has advantages to offer.


## Flexibility and security
<a id="flexibility"></a>

Based on the fact that Bitcoin and Ethereum are operating on a different transaction models we can attempt a comparison in terms of flexibility and security.

In Bitcoin the transactions are processed by Bitcoin Virtual Machines (BVMs). Essentially, every node of the network has a virtual machine that executes a sequence of computations in a stack. Therefore, there is no persistent storage in such a virtual machine to support global state. The Bitcoin's global state is represented by multiple independent UTXOs. This means that Bitcoin can be considered as a cohort of machines, horizontally scalable that can indefinitely expand by adding machines on the network. In terms of smart contracts functions (that reside in UTXOs) its execution is stateless. This means that, similarly to close mathematical functions, given the same input one can always expect the same output. As a result, Bitcoin makes transactions with smart contracts less prone to complexity and errors. Additionally, as these functions are not affecting or being affected by other calls on the network they can be tested offline.


On the other hand side, Ethereum's Virtual Machine (EVM) is fundamentally different than Bitcoin's. It exists as a single entity maintained by all the connected computers running an Ethereum client. In this state machine reside all the accounts and smart contracts and the Ethereum protocol is responsible for maintaining an uninterrupted and immutable operation. EVM's data are stored either in the stack, memory or storage. Memory and storage are reset when the virtual machine is running a new transaction. The storage remains as a part of the global state. For this reason there can be dependency between transactions since the could read and write on the same storage. Essentially an Ethereum transaction perceives the global state as it was left by a previous transaction or contract execution. As concurrency is not supported, transactions are executed on a sequential way. This vertical scaling, in contrary to the Bitcoin, could theoretically be less efficient as the number of users grow. Specifically in terms of contracts, it gives flexibility to the users to develop more complex functions at their will. This complexity might be useful but comes with the risk of errors and vulnerability.


Generally, Bitcoin featuring Turing-incomplete contracts in its transactions offer less flexibility to the users. On the other hand it makes it less vulnerable to attack. Along with its increasing security backed from hashing power (BTC vs ETH)<sup>[[10]](#ref)</sup> makes the double-spending difficult for the following reasons:

- One has to gain access to a wallet with a sufficient amount of coins for the attack to be worthwhile. Buying though enough coins to make such an attack viable would increase its price to an extent that the attack would not be worth it anymore.
- To perform an attack one should have control of 51% or more of the network to make valid double spendings which is a nearly impossible scenario and its cost would make the attach not worthwhile.


Ethereum on the other hand could be considered as a programmable value. Its flexibility would allow for example to create tokens that represent shares, access and permissions or distributed control on assets with people one may not trust. Examples of successful Ethereum applications are the Decentralised Finance (DeFi) and the Non-Fungible Tokens (NFTs). However, this flexible design creates more vulnerabilities that attackers could exploit. Few of the many known attacks are Displacement, Insertion and Suppression <sup>[[11]](#ref)</sup>.

Overall, we could say that both Bitcoin and Ethereum have advantages and disadvantages. Bitcoin would compromise its flexibility to achieve better security when Ethereum offers flexibility but that comes with some security issues. Although both can be used as mediums of exchange and store value there are some conceptual distinctions that make both valuable in its own way.

While Bitcoin was created as an alternative to national currencies and thus aspires to be a medium of exchange and a store of value, Ethereum was intended as a platform to facilitate immutable, programmatic contracts, and applications via its own currency. 



## Privacy
<a id="privacy"></a>

Bitcoin addresses are the only way to identify transactions<sup>[[12]](#ref)</sup>. However, users can access the transaction history of any address, therefore it is suggested to use each address only once. For privacy protection purposes and in order to isolate transactions, one should use a new address each time a payment is received. Users should also avoid publishing Bitcoin addresses online in order to be protected from other users identifying their addresses. It is also advised that users hide their IP addresses to avoid them being logged. Further research is underway in order to improve Bitcoin's privacy features.

Ethereum operates differently to Bitcoin in the sense that it keeps a record of a user's spending and balance; as an analogue one could say the user is like having a bank account. This protocol is different than Bitcoin's protocol that we mentioned above, where the user would use a new address for each payment. A recent paper from researchers at the Institute for Computer Science and Control in Hungary<sup>[[13]](#ref)</sup>, argues governments and private-entities are quickly learning how to strip away anonymity from Ethereum. The authors specifically say *“Careless usage easily reveals links between deposits and withdraws and also impact the anonymity of other users, since if a deposit can be linked to a withdraw, it will no longer belong to the anonymity set”.*


Ethereum however supports private transaction in Solidity smart contracts. The user by developing a smart contract  can take advantage of on-chain privacy solutions like TornadoCash<sup>[[14]](#ref)</sup> or a layer 2 node software run by a third party (Aztec<sup>[[15]](#ref)</sup> or zkSync<sup>[[16]](#ref)</sup>).


<h1><center>Programming  Transactions and Verification</center></h1>
<a id="a_2"></a>

In the following section we attempt to develop the transaction and verification part of  frogcoin. The main focus of this work is to build a ```transaction``` python object to be used for the verification of valid currency transfers and a ```create_signed_transaction``` function that feeds the transaction with the required data for the validation. However, to generate and store the private key of the involved parties in a transaction, we additionally develop a frogcoin_pk_and_address user entity. This might not be necessary but is a convenient way for generating users' private keys and its derivatives (checksum addresses and signatures).

First we import the required packages for our implementation

In [1]:
import struct,binascii
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.serialization import load_der_public_key
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.serialization import load_der_public_key

## The ```froguser_pk_and_address``` class
<a id="pk"></a>

The frogzimuser class, is a python object that generates and provides the information that derives from a user's private key. **Please note** that this class would **not hold a balance or a transaction nonce information yet** as in our implementation we theoretically extract this information from a chain transaction. This is out of scope for this stage and it will be developed in the future. For this project we will use assigned arbitrary values of balance and previous sender's transaction numbers to develop and validate the transaction between users. 

As a result,  the purpose of this class is strictly to generate and hold the absolute necessary data required by the ```create_signed_transaction``` function.

When a frogzimuser is initiated the following are constructed:


- ```__name```: The name of the user


- ```__private_key```: The ```EllipticCurvePrivateKey``` object representing the private key of the user generated by ```ec.generate_private_key(ec.SECP256K1)```. This can be used by the user to sign transactions as a sender. This was made unavailable from outside of the ```froguser``` instance as it is sensitive information (the __ in front of the variable makes it unavailable when called outside of the class).


- ```public_key_bytes```: A property method of the class that generates the user's signature. This is developed here as it uses the user's private key that can be accessed only by this instance as mentioned before.


- ```checksum_address```: A property method that adds a checksum to the user's address. This ensures that when a user acts as a recipient hers/his address cannot be mistyped by the sender resulting in transferring money to another user or to a non existing address. To produce the address we followed the following steps

    1. We appended '04' to the left of the bytes format of the public key of the user and we hashed it (SHA1)
    2. We hashed again the outcome of the previous step (SHA1)
    3. We appended '00' to the left of the outcome of the previous step and hashed it two times (SHA1)
    4. We select the first 4 bytes of the outcome of the previous as a checksum
    4. We add the checksum to the right of the outcome of the third step to generate the final address to be used


Here is the python implementation of the frogzimuser class:

In [2]:
class froguser_pk_and_address:

    def __init__(self, name):
        self.__name = name
        # Making private key inaccessible outside this class 
        # by adding a dunder in the front
        self.__private_key = ec.generate_private_key(ec.SECP256K1(), default_backend())
        
    def user_signature(self, recipient_hash, amount, fee, nonce):
        amount = struct.pack('<Q', amount)
        fee = struct.pack('<Q', fee)
        nonce = struct.pack('<Q', nonce)
        self.signature = (self.__private_key
                              .sign(b''.join([recipient_hash, amount, fee, nonce]), 
                                    ec.ECDSA(hashes.SHA256())))
        return self.signature

    @property 
    def public_key_bytes(self):
        return (self.__private_key
                        .public_key()
                        .public_bytes(encoding=serialization.Encoding.DER,
                        format=serialization.PublicFormat.SubjectPublicKeyInfo))
 
    @property 
    def checksum_address(self):
        
        # Prepend '04' and hash public_key
        digest = hashes.Hash(hashes.SHA1())
        digest.update(binascii.unhexlify('04') + self.public_key_bytes )
        first_hash = digest.finalize()
        
        # Hash again the outcome from the previous step
        digest = hashes.Hash(hashes.SHA1())
        digest.update(first_hash)
        second_hash = digest.finalize()
        
        # Prepend '00' as network byte
        nbyte = binascii.unhexlify('00') + second_hash
        
        # Generate Checksum by applying 2 times sha1
        h = nbyte 
        for i in range(1, 3):
            digest = hashes.Hash(hashes.SHA1())
            digest.update(h)
            h = digest.finalize()

        # We take the first 4 bytes of the second hash as checksum
        cheksum = binascii.unhexlify(h.hex()[:8])
        
        # We add the checksum to the network byte to generate a final
        # address to be used
        self.ch_address = nbyte  + cheksum
        return self.ch_address
          
    def __str__(self):
            return (f"Name: {self.__name}\nAddress: {self.checksum_address.hex()}".format(self=self))


## The ```Transaction class``` class
<a id="transaction"></a>

The transaction class is responsible for digesting all the required data for validating a coin transfer between users. Then the data are evaluated and if all the criteria are met the transaction is classified as valid. 

The transaction's constructor takes the following arguments:
<a id="transconst"></a>
- ```sender_hash```: The address of the sender. Instead of just hashing the user's public key with SHA1 which would result in a 20 bytes address we applied a checksum method. Therefore the length of the address is 25 bytes.


- ```recipient_hash```: Similarly, the 25 bytes address of the recipient. This can be checked for errors by the ```address_validation``` method (explained later)

- ```sender_public_key```: The sender's public key in bytes


- ```amount```: The amount to be transferred from the sender to the recipient. This is expressed by the constructor to a big endian 8 bytes integer ('<Q' parameter in the struct.pack transformation)


- ```nonce```: The 8 byte expression of the sender's number of transaction. This will be increased by 1 each time the sender makes a successful transfer.


- ```fee```: The 8 byte expression of the fee that will be paid to the network to add this transaction (in frogcoinzimcoin the sender is charged)


- ```signature```: The senders ~70 bytes signature. This contains all the information that meets the sender's criteria for making this payment.


- ```txid```: This is the transaction's ID. Is a SHA256 representation of all the information relevant to the transaction.

### The ```verify``` method
<a id="transmeth"></a>

This method is responsible for validating all the data provided for the transaction and decides whether it's valid or not. It takes the following arguments:

- ```sender_balance```: This would be the on-chain balance of the sender. In this implementation we use an assigned value that represents the hypothetical sender's balance on the previous on-chain transaction.


- ```sender_previous_nonce```: This should be the number of the user's previous transaction. In this implementation we use an assigned value that represents the hypothetical sender's transaction number on the previous on-chain transaction.


The ```verify``` method performs the following checks:

- Ensures that the ```txid``` for the transaction is valid. The id contains all the senders' and recipients' data required for the transaction.


- Checks for valid sender's signature.


- Checks for errors in the recipient's address typed/provided by the sender (by using the ```address_validation``` method)


- Ensures that the sender's nonce, the amount and the fee of the transaction to be made are valid.


### The ```address_validation``` method

To check for errors in the recipient's address the method is performing the following steps:
    
 1. We take as a checksum the last 4 bytes of the address provided.
 2. We are hashing (SHA1) two times the remaining  part of the address (which essentially is the prefix plus the hash)
 3. If the outcome of the previous step is equal to the checksum the the address is valid.
  

Here is the python implementation of the transaction class:

In [3]:

class transaction:

    def __init__(self, sender_hash, recipient_hash, sender_public_key, amount, fee, nonce, sender_signature, txid):
        self.sender_hash = sender_hash  
        self.recipient_hash = recipient_hash    
        self.public_key_bytes = sender_public_key
        self.amount = amount 
        self.nonce =  nonce
        self.fee = fee 
        self.signature = sender_signature
        self.txid = txid

        # This defines whether a the transaction is verified
        # and it is used to print the status of the transaction
        self.__verify_tracker = False
    
    def verify(self, sender_balance, sender_previous_nonce):
        
        # txid verification
        self.digest = hashes.Hash(hashes.SHA256())
        self.digest.update(b''.join([self.sender_hash, self.recipient_hash, 
                                     self.public_key_bytes, struct.pack('<Q', self.amount), 
                                     struct.pack('<Q', self.fee), struct.pack('<Q', self.nonce),
                                     self.signature]))
        
        self.txid_check = self.digest.finalize()
        
        if self.txid_check != self.txid:
            raise Exception(f"\n\nVERIFICATION FAILED: Invalid transaction ID\n\n")
            
        
        # Signature verification
        try:
            public_key = load_der_public_key(self.public_key_bytes, default_backend())
            (public_key.verify(self.signature, 
                                      b''.join([self.recipient_hash, struct.pack('<Q', self.amount),
                                                struct.pack('<Q', self.fee), 
                                                struct.pack('<Q', self.nonce)]),
                                      ec.ECDSA(hashes.SHA256())))
        except:
            raise Exception("\n\nVERIFICATION FAILED: Invalid signature\n\n")
           
        # Checks for errors in the receipient's address
        self.address_validation(self.recipient_hash)
    
        
        if sender_previous_nonce + 1 != self.nonce:
            raise Exception(f"\n\nVERIFICATION FAILED: Sender's transaction number is not invalid\n\n")
        
        # We verify that sender has enough frogcoins (including the fees)
        # to make this transaction
        if sender_balance < int(self.amount + self.fee):
            raise Exception(f"\n\nVERIFICATION FAILED: Sender has not enough frogcoins for this transaction\n\n")
        
        if self.amount not in range(1, sender_balance + 1):
            raise Exception(f"\n\nVERIFICATION FAILED: {self.amount} is not a invalid amount of frogcoins\n\n")
            
        if self.fee not in range(0, self.amount + 1):
            raise Exception(f"\n\nVERIFICATION FAILED: {self.fee} is not a invalid fee for this transaction\n\n")
        
        # We set the verify_tracker to True so when we print
        # the transaction's instance we get useful information
        # like txid and signature
        self.__verify_tracker = True

    def address_validation(self, ch_address): 
        prf_plus_hash = ch_address.hex()[:len(ch_address.hex())-8]
        checksum = ch_address.hex()[len(ch_address.hex())-8:]
        h = prf_plus_hash
        for x in range(1,3):
            digest = hashes.Hash(hashes.SHA1())
            digest.update(binascii.unhexlify(h))
            h = digest.finalize().hex()
        
        if(checksum != h[:8]):
            raise Exception("\n\nVERIFICATION FAILED: The receipient's address is not valid\n\n")
            
    def __str__(self):

        if self.__verify_tracker:
            return ("\n\n---------VERIFIED TRANSACTION---------\n"+
                    f"Transaction ID: "+
                    f"{self.txid.hex()}\nSender's Signature: "+
                    f"{self.signature.hex()}\n\n".format(self=self)) 

        if not self.__verify_tracker:
            return ("\n\n---------PENDING TRANSACTION (not yet vefified)----------\n"+
                    f"Sender's address: {self.sender_hash.hex()}\nRecipient's address: {self.recipient_hash.hex()}\nAmount to be tranfered: "+
                    f"{self.amount}\nFee to be charged for this transaction: "+
                    f"{self.fee}\n\n**Please note that the sender "+
                    "will be charged with the fee for this transaction**\n\n".format(self=self))  

## The ```create_signed_transaction``` function
<a id="crt"></a>

This function is responsible for generating and passing the required data into the transaction class for evaluation. As soon as this verification is successful, the function will return a verified transaction ID and a signature. **Please note that the function will not proceed to making the frogcoinzimcoin transfer as it only has access to the data required for generating signatures and txids and verifying the transactions.**. At this point usually the agreement between the sender and the recipient (represented by a valid transaction) will be broadcasted to the network for miners to add it on the blockchain which will complete the transfer.

In our implementation we don't directly pass the sender's ```private_key``` directly, but instead we pass this information indirectly via the sender's instance (along with that we pass the sender's public key and checksum address deriving from the private key). 

We use the ```user_signature``` method to generate a signature in the function. Additionally, the checksum addresses are computed within the ```froguser``` class so will be passed via the ```sender``` instance only for the sender.
The ```create_signed_transaction``` takes the following arguments:

   1. The ```sender``` instance. This instance generates the private key for the user (sender) and all its derivatives required from the ```create_signed_transaction``` for generating the signature and txid. 
   2. The ```recipient_hash``` . This is a checksum address is provided by the recipient and then sender uses it to create a signed transaction. The way this address is produced enables the ```transaction.verify``` to check it for errors.
   3. The ```amount``` to be transferred
   4. The ```fee``` to be paid for this transaction
   5. The sender's ```nonce```
   
   
The function then preforms the following steps:

1. Generates the senders ```signature``` to be passed on to the transaction class for evaluation


2. Generates a ```txid``` to be passed on to the transaction class for evaluation


3. The data generated along with the other inputs of the function are used to populate the transaction instance

    - If the verification is successful the the frogcoinzimcoins are transferred between the users and their status is updated(balance, nonce). The **signature** and the **txid** of the transaction are returned
    - If the verification fails the transaction is aborted with a meaningful error


The implementation of the create_signed_transaction function is as follows:

In [4]:
def create_signed_transaction(sender, recipient_hash, amount, fee, nonce):
    
    on_chain_senders_nonce = 3  # We are assuming that the sender's last on chain nonce is 3
    
    on_chain_senders_balance = 15 # We are assuming that sender has 15 on chain frogcoinzimcoins
    
    
    # We are generating sender's signature
    sender_signature = sender.user_signature(recipient_hash, amount, fee, nonce)
    
    # We are generating txid to pass it to the transaction class for verification
    digest = hashes.Hash(hashes.SHA256())
    digest.update(b''.join([sender.checksum_address, recipient_hash, 
                                     sender.public_key_bytes, 
                                     struct.pack('<Q', amount), 
                                     struct.pack('<Q', fee), 
                                     struct.pack('<Q', nonce),
                                     sender_signature]))
    txid = digest.finalize() 

    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)   
        print (tr)
        return tr.txid.hex(), tr.signature.hex()
    
    except Exception as exc:
        print (exc)

## Testing the transactions
<a id="testing"></a>

To perform the following tests we initiate two user instances *A_sender* and *B_recipient*. This way we can generate private keys and its derivatives that are required from the ```create_signed_transaction``` function to prepare the signature and the txid for the transaction. As we assumed that the on chain sender's previous transaction number is 3,  to verify the transaction we will pass as ```nonce``` the value 4.

In [5]:
# We create the data needed by the sender 
# and the recipient for a transaction
A_sender = froguser_pk_and_address('Bob')
B_recipient = froguser_pk_and_address('Alice')

In [6]:
print(A_sender)

Name: Bob
Address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85


In [7]:
print(B_recipient)

Name: Alice
Address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e


The sender's and recipient's private keys and its derivatives were generated

In [8]:
from cryptography.hazmat.primitives import serialization
print(A_sender, '\n\n', B_recipient)

Name: Bob
Address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85 

 Name: Alice
Address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e


### Generating a valid transaction
<a id="valid"></a>

We are calling the ```create_signed_transaction``` function to make a transaction. As input we use the *A_sender* instance, the *B_recipient* checksum address , the amount to be transferred, the fee and the value 4 as the on chain sender's nonce on the blockchain.

In [9]:
signed_transaction = create_signed_transaction(A_sender,B_recipient.checksum_address, 10, 2, 4)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




---------VERIFIED TRANSACTION---------
Transaction ID: 2b9a9d41f19bcd105a0058b04d2701b493657315db6270351019d65cb4b8aca2
Sender's Signature: 304402200bfadef1983ef839dd640fe8a7586938c484db0f53d252351f9431ee078100b0022016d464b07b493b81b59da9367d91c782a70ec5b5951fd5baaabf2a0e4b8252b0




Additionally we can retrieve the data from the signed and validated transaction

In [10]:
txid, sig = signed_transaction
print (f"txid: {txid}\n\nsignature: {sig}")

txid: 2b9a9d41f19bcd105a0058b04d2701b493657315db6270351019d65cb4b8aca2

signature: 304402200bfadef1983ef839dd640fe8a7586938c484db0f53d252351f9431ee078100b0022016d464b07b493b81b59da9367d91c782a70ec5b5951fd5baaabf2a0e4b8252b0


As we can see the function passed the relevant data to the transaction and it was succesfully verified returning a valid txid and signature.

### Test txid
<a id="testtxid"></a>

To check if our transaction raises an exception for invalid **txid** we create a ```test_txid``` function that generates random inputs and updates every single argument of the transaction class with an invalid value.


In [11]:
from random import randint

def test_txid(sender, recipient_hash, amount, fee, nonce):
    
    on_chain_senders_nonce = 3  # We are assuming that the sender's last on chain nonce is 3
    
    on_chain_senders_balance = 15 # We are assuming that sender has 15 on chain frogcoins
    
    # We are generating sender's signature
    sender_signature = sender.user_signature(recipient_hash, amount, fee, nonce)
    
    # We are generating txid to pass it to the transaction class for verification
    digest = hashes.Hash(hashes.SHA256())
    digest.update(b''.join([sender.checksum_address, recipient_hash, 
                                     sender.public_key_bytes, 
                                     struct.pack('<Q', amount), 
                                     struct.pack('<Q', fee), 
                                     struct.pack('<Q', nonce),
                                     sender_signature]))   
    txid = digest.finalize()
    
    # Generating a valid transaction
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)          
        print (tr)
    
    except Exception as exc:
        print (exc)    

    
    # We arbitarilly use a random integer between 100 and 50000 expressed in bytes
    # to update the transaction's fields and test verification
    rand_value = randint(100, 50000)
    rand_value_bytes = struct.pack('<Q',rand_value)
    
    
    # Testing modified sender's address
    try:
        tr = transaction(rand_value_bytes ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)          
        print (tr)
    
    except Exception as exc:
        print (exc)
    
    # Testing modified recipient's address
    try:
        tr = transaction(sender.checksum_address ,rand_value_bytes,
                     sender.public_key_bytes,
                     amount, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)          
        print (tr)
    
    except Exception as exc:
        print (exc)   
    
    # Testing modified sender's public key
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     rand_value_bytes,
                     amount, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)          
        print (tr)
        
    except Exception as exc:
        print (exc)

    # Testing modified
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     rand_value, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)           
        print (tr)
        
    except Exception as exc:
        print (exc)
        
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, rand_value, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)          
        print (tr)
        
    except Exception as exc:
        print (exc)

    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, rand_value, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)           
        print (tr)
       
    except Exception as exc:
        print (exc)
    
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, rand_value_bytes, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)          
        print (tr)
    
    except Exception as exc:
        print (exc)
        
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, sender_signature, rand_value_bytes)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)   
        print (tr)
    
    except Exception as exc:
        print (exc)
        

In [12]:
test_txid(A_sender,B_recipient.checksum_address, 10, 2, 4)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




---------VERIFIED TRANSACTION---------
Transaction ID: 776d9a775994edd8f075eb98bf153a8bb50ea0f2760a48352456f101029c0656
Sender's Signature: 3044022007af5693683dcbd32e3fc51e271385e5618df064d100cc10a9b2501b39f89a9a02203f61cc074b5078569b75c3766c26a4dfae11835fbd22880d5774f44d007b4199




---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: d304000000000000
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




VERIFICATION FAILED: Invalid transact

As we can see the verification succeeds the first time that the data is accurate. The rest of the transaction attempts failed to verify due to an invalid txid. In the log we can also see the modified random values we used to test the transaction verification. 

### Test signature
<a id="testsig"></a>

To test for valid signature we create the ```test_signature``` function that:

- Generates and completes a valid transaction

- Deliberately changes the amount field and re-generates a txid so it is valid again.

- Then we attempt to perform a valid transaction again.



In [13]:
def test_signature(sender, recipient_hash, amount, fee, nonce):
    
    on_chain_senders_nonce = 3  # We are assuming that the sender's last on chain nonce is 3
    
    on_chain_senders_balance = 15 # We are assuming that sender has 15 on chain frogcoinzimcoins
    
    # We are generating sender's signature
    sender_signature = sender.user_signature(recipient_hash, amount, fee, nonce)
    
    # We are generating txid to pass it to the transaction class for verification
    digest = hashes.Hash(hashes.SHA256())
    digest.update(b''.join([sender.checksum_address, recipient_hash, 
                                     sender.public_key_bytes, 
                                     struct.pack('<Q', amount), 
                                     struct.pack('<Q', fee), 
                                     struct.pack('<Q', nonce),
                                     sender_signature]))    
    txid = digest.finalize()
    
    
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)   
        print (tr)
    
    except Exception as exc:
        print (exc)
    
    # We are changing the amount field in to a different that the
    # one than sender signed to test verification. We pass 66 frogs
    # and later when we call the create_signed transaction the sender
    # signs for 10 frogcoins
    
    digest = hashes.Hash(hashes.SHA256())
    digest.update(b''.join([sender.checksum_address, recipient_hash, 
                                     sender.public_key_bytes, 
                                     struct.pack('<Q', 66), 
                                     struct.pack('<Q', fee), 
                                     struct.pack('<Q', nonce),
                                     sender_signature]))
        
    txid = digest.finalize()
    

    
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     66, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)    
        print (tr)
    
    except Exception as exc:
        print (exc)

In [14]:
test_signature(A_sender,B_recipient.checksum_address, 10, 2, 4)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




---------VERIFIED TRANSACTION---------
Transaction ID: 5b6c8489a45963f945f19cd0095b3e2444c4cde3fb2bd78dd8a79526ec413add
Sender's Signature: 304402201e5af5a4b826b33e6b90c8f75c57a3f5175ad1b3c0d566765a66d88b2341841502200ee4a258c0f99339005996479f26f13cd2de947906de9924910cb9ef6ce65c00




---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 66
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




VER

As we can see the function makes a successful transaction but when we change the amount and the corresponding txid to be valid again it fails because of an invalid signature.

### Test amount balance fee and sender's nonce
<a id="testamno"></a>

We are testing a transaction that the sender cannot afford. **Please note** that in our implementation the sender's balance should be sufficient enough to pay for the amount plus the fee.

In [15]:
create_signed_transaction(A_sender, B_recipient.checksum_address, 15, 2, 4)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 15
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




VERIFICATION FAILED: Sender has not enough frogcoins for this transaction




We are now testing for an invalid fee (larger that the amount)

In [16]:
create_signed_transaction(A_sender, B_recipient.checksum_address, 3, 4, 4)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 3
Fee to be charged for this transaction: 4

**Please note that the sender will be charged with the fee for this transaction**




VERIFICATION FAILED: 4 is not a invalid fee for this transaction




We are testing for an invalid amount (prease note that negative amount, fee or nonce values will anyway raise an error as the struck package will fail to transform them)

In [17]:
create_signed_transaction(A_sender, B_recipient.checksum_address, 0, 2, 4)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 0
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




VERIFICATION FAILED: 0 is not a invalid amount of frogcoins




We are now testing for invalid sender's nonce

In [18]:
# We generate a random ingeger to pass it as the sender's nonce
rand_value = randint(100, 50000)

create_signed_transaction(A_sender, B_recipient.checksum_address, 10, 2, rand_value)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




VERIFICATION FAILED: Sender's transaction number is not invalid




### Test invalid person's signature
<a id="testmalsig"></a>

To test for a transaction that uses a signature from a third person we develop the ```test_others_signature``` function that performs the following steps.

- Performs a valid transaction between user *A_sender* and *B_recipient*
- Then generates a signature for a person *C_person* and updates the corresponding txid to be valid again
- Finally attempts again to make a transaction between *A_sender* and *B_recipient*


In [19]:
# We initiate another user to generate a signature
C_person = froguser_pk_and_address("George")
print (C_person)

Name: George
Address: 004542ff5c57e8e442ea7b84dbe7c55f37beb3203a05e9e56a


In [20]:
def test_others_signature(sender, recipient_hash, amount, fee, nonce):
    
    on_chain_senders_nonce = 3  # We are assuming that the sender's last on chain nonce is 3
    
    on_chain_senders_balance = 15 # We are assuming that sender has 15 on chain frogcoinzimcoins
    
    # We are generating sender's signature
    sender_signature = sender.user_signature(recipient_hash, amount, fee, nonce)
    # We are generating the c_person signature
    C_person_sig = C_person.user_signature(recipient_hash, amount, fee, nonce)
    
    digest = hashes.Hash(hashes.SHA256())
    digest.update(b''.join([sender.checksum_address, recipient_hash, 
                                     sender.public_key_bytes, struct.pack('<Q', amount), 
                                     struct.pack('<Q', fee), struct.pack('<Q', nonce),
                                     sender_signature]))
        
    txid = digest.finalize()
    
    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, sender_signature, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)     
        print (tr)
        
    except Exception as exc:
        print (exc)
        
    
    # We update txid using third signature
    digest = hashes.Hash(hashes.SHA256())
    digest.update(b''.join([sender.checksum_address, recipient_hash, 
                                     sender.public_key_bytes, struct.pack('<Q', amount), 
                                     struct.pack('<Q', fee), struct.pack('<Q', nonce),
                                     C_person_sig]))
        
    txid = digest.finalize()

    try:
        tr = transaction(sender.checksum_address ,recipient_hash,
                     sender.public_key_bytes,
                     amount, fee, nonce, C_person_sig, txid)
        print(tr)
        tr.verify(on_chain_senders_balance, on_chain_senders_nonce)    
        print (tr)
   
    except Exception as exc:
        print (exc)


In [21]:
test_others_signature(A_sender, B_recipient.checksum_address, 10, 2, 4)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




---------VERIFIED TRANSACTION---------
Transaction ID: 46dffeb82d947b0fc2ed4f896ec40573e0832a1ff82a9478fc815f0e99258cad
Sender's Signature: 3046022100c472f6e79cc8282d54ecb5d877235e9cfe4f06e3bb4b91141bd66d28b7b86949022100855c4f3291fc778e2dfb103debc98dd1f7f519b083897de37c2e10ac436b56cf




---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**





As we can see the first transaction attempt was succesful and the frogcoins were transferred when the second failed due to an invalid signature (*C_person* signature)

### Test valid recipients address
<a id="testaddr"></a>

To perform this test we simulate a situation that the sender has to input the recipient's address manually. In the following example we provide the recipient's (Alice) address. The sender then is required to copy and paste Alice's address to sign a transaction. If the sender will not copy correctly the address the transaction verification will fail because of invalid address.

In [22]:
print(B_recipient)

Name: Alice
Address: 00c0a7e62c02a9bb0d589d440ada735b518e0c1dc6146fce1e


The sender can copy and paste the key after running the next cell. Only if the address is properly copied the transaction will be verified. If the address is alternated the transaction will fail because of invalid address.

In [23]:
recipient_address = input("Enter the frogcoinzimcoin recipient's address:")

# If the address' lenght is odd we pad it with a 0 on the left
# as binascii will raises an error for non even lenght inputs
recipient_address = binascii.unhexlify(bytes(len(recipient_address)%2 *'0' + recipient_address, 'ascii'))

#### Sign transaction #####
signed_tr = create_signed_transaction(A_sender, recipient_address, 10, 2, 4)

Enter the frogcoinzimcoin recipient's address:006d9a476d62fd41475937c61e6de10a36933111aa140d08c1


---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 0047c19ea3471233b454b05af08671434793a1c8961e43cb85
Recipient's address: 006d9a476d62fd41475937c61e6de10a36933111aa140d08c1
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




---------VERIFIED TRANSACTION---------
Transaction ID: b146e7645d373c2cc4227f5c5c27ef51e2af717e4ed4ee91856b1f0407e4a8ec
Sender's Signature: 3045022100ffdfa078efe518ad36931d995f7088d55c09c142c4d9e1f9322f3ecd7d1412bf02204e448902c12cb0368095241269e241d6e87a15224c79df1b022d9904568b85d3




### Testing a transaction
<a id="testzimm"></a>

To check for a randomly defined transaction we need to modify our transaction class by commenting out the part that checks for address errors. This is because in our implementation we use a checksum scheme to generate addresses when in this example the addresses are 20 bytes SHA1 hashes of the public key of the users. Therefore the class we will use to verify the transaction will be:


In [24]:
from cryptography.hazmat.primitives.serialization import load_der_public_key

class transaction_no_address_check:

    def __init__(self, sender_hash, recipient_hash, sender_public_key, amount, fee, nonce, sender_signature, txid):
        self.sender_hash = sender_hash  
        self.recipient_hash = recipient_hash    
        self.public_key_bytes = sender_public_key
        self.amount = amount 
        self.nonce =  nonce 
        self.fee = fee 
        self.signature = sender_signature
        self.txid = txid

        # This defines whether a the transaction is verified
        # and it is used to print the status of the transaction
        self.__verify_tracker = False
    
    def verify(self, sender_balance, sender_previous_nonce):
        
        # txid verification
        self.digest = hashes.Hash(hashes.SHA256())
        self.digest.update(b''.join([self.sender_hash, self.recipient_hash, 
                                     self.public_key_bytes, struct.pack('<Q', self.amount), 
                                     struct.pack('<Q', self.fee), struct.pack('<Q', self.nonce),
                                     self.signature]))
        
        self.txid_check = self.digest.finalize()
        
        if self.txid_check != self.txid:
            raise Exception(f"\n\nVERIFICATION FAILED: Invalid transaction ID\n\n")
            
        
        # Signature verification
        try:
            public_key = load_der_public_key(self.public_key_bytes, default_backend())
            (public_key.verify(self.signature, 
                                      b''.join([self.recipient_hash, struct.pack('<Q', self.amount),
                                                struct.pack('<Q', self.fee), 
                                                struct.pack('<Q', self.nonce)]),
                                      ec.ECDSA(hashes.SHA256())))
        except:
            raise Exception("\n\nVERIFICATION FAILED: Invalid signature\n\n")
           
        # Checks for errors in the receipient's address
#         self.address_validation(self.recipient_hash)
    
        
        if sender_previous_nonce + 1 != self.nonce:
            raise Exception(f"\n\nVERIFICATION FAILED: Sender's transaction number is not invalid\n\n")
        
        # We verify that sender has enough frogcoinss (including the fees)
        # to make this transaction
        if sender_balance < int(self.amount + self.fee):
            raise Exception(f"\n\nVERIFICATION FAILED: Sender has not enough frogcoins for this transaction\n\n")
        
        if self.amount not in range(1, sender_balance + 1):
            raise Exception(f"\n\nVERIFICATION FAILED: {self.amount} is not a invalid amount of frogcoins\n\n")
            
        if self.fee not in range(0, self.amount + 1):
            raise Exception(f"\n\nVERIFICATION FAILED: {self.fee} is not a invalid fee for this transaction\n\n")
        
        # We set the verify_tracker to True so when we print
        # the transaction's instance we get useful information
        # like txid and signature
        self.__verify_tracker = True

    def address_validation(self, ch_address): 
        prf_plus_hash = ch_address.hex()[:len(ch_address.hex())-8]
        checksum = ch_address.hex()[len(ch_address.hex())-8:]
        h = prf_plus_hash
        for x in range(1,3):
            digest = hashes.Hash(hashes.SHA1())
            digest.update(binascii.unhexlify(h))
            h = digest.finalize().hex()
        
        if(checksum != h[:8]):
            raise Exception("\n\nVERIFICATION FAILED: The receipient's address is not valid\n\n")
            
    def __str__(self):

        if self.__verify_tracker:
            return ("\n\n---------VERIFIED TRANSACTION---------\n"+
                    f"Transaction ID: "+
                    f"{self.txid.hex()}\nSender's Signature: "+
                    f"{self.signature.hex()}\n\n".format(self=self)) 

        if not self.__verify_tracker:
            return ("\n\n---------PENDING TRANSACTION (not yet vefified)----------\n"+
                    f"Sender's address: {self.sender_hash.hex()}\nRecipient's address: {self.recipient_hash.hex()}\nAmount to be tranfered: "+
                    f"{self.amount}\nFee to be charged for this transaction: "+
                    f"{self.fee}\n\n**Please note that the sender "+
                    "will be charged with the fee for this transaction**\n\n".format(self=self))  

We can now assign the provided values to be passed into the transaction class

In [25]:
z_sender_balance = 20
z_sender_nonce = 5
z_sender_previous_nonce = 4
z_sender_public_key = bytes.fromhex("3056301006072a8648ce3d020106052b8104000a" +
                                  "03420004886ed03cb7ffd4cbd95579ea2e202f1d" +
                                  "b29afc3bf5d7c2c34a34701bbb0685a7b535f1e6" +
                                  "31373afe8d1c860a9ac47d8e2659b74d437435b0" +
                                  "5f2c55bf3f033ac1")
z_signature = bytes.fromhex("3046022100f9c076a72a2341a1b8cb68520713e1" +
                          "2f173378cf78cf79c7978a2337fbad141d022100" +
                          "ec27704d4d604f839f99e62c02e65bf60cc93ae1"
                          "735c1ccf29fd31bd3c5a40ed")
z_sender_hash = bytes.fromhex("3df8f04b3c159fdc6631c4b8b0874940344d173d")
z_recipient_hash = bytes.fromhex("5c1499a0484ace2f731b0afb83241e15f0e168ca")
z_amount = 10
z_fee = 2
z_txid = bytes.fromhex("ca388e0890b71bd1775460d478f26af3776c9b4f" +
                     "6c2b936e1e788c5c87657bc3")

Then we verify the transaction

In [26]:
try:
    tr = transaction_no_address_check(z_sender_hash ,z_recipient_hash,
                 z_sender_public_key,
                 z_amount, z_fee, z_sender_nonce, z_signature, z_txid)
    print(tr)

    tr.verify(z_sender_balance, z_sender_previous_nonce)   
    print (tr)

except Exception as exc:
    print (exc)



---------PENDING TRANSACTION (not yet vefified)----------
Sender's address: 3df8f04b3c159fdc6631c4b8b0874940344d173d
Recipient's address: 5c1499a0484ace2f731b0afb83241e15f0e168ca
Amount to be tranfered: 10
Fee to be charged for this transaction: 2

**Please note that the sender will be charged with the fee for this transaction**




---------VERIFIED TRANSACTION---------
Transaction ID: ca388e0890b71bd1775460d478f26af3776c9b4f6c2b936e1e788c5c87657bc3
Sender's Signature: 3046022100f9c076a72a2341a1b8cb68520713e12f173378cf78cf79c7978a2337fbad141d022100ec27704d4d604f839f99e62c02e65bf60cc93ae1735c1ccf29fd31bd3c5a40ed




## References
<a id="ref"></a>



https://cryptography.io/en/latest/hazmat/primitives/    hasmat primitives

<sup>[1]</sup> Nakamoto, Satoshi (24 May 2009). "Bitcoin: A Peer-to-Peer Electronic Cash System" (PDF). Archived (PDF) from the original on 20 March 2014. Retrieved 5 March 2014.  
 
 
<sup>[2]</sup>  "Statement of Jennifer Shasky Calvery, Director Financial Crimes Enforcement Network United States Department of the Treasury Before the United States Senate Committee on Banking, Housing, and Urban Affairs Subcommittee on National Security and International Trade and Finance Subcommittee on Economic Policy" . fincen.gov. Financial Crimes Enforcement Network. 19 November 2013. Archived from the original on 9 October 2016. Retrieved 1 June 2014. 
  
  
<sup>[3]</sup> Antonopoulos, Andreas M. (April 2014). Mastering Bitcoin: Unlocking Digital Crypto-Currencies. O'Reilly Media. ISBN 978-1-4493-7404-4. 
  
  
<sup>[4]</sup> Foundation, Ethereum (30 July 2015). "Ethereum Launches". blog.ethereum.org. Retrieved 9 January 2020. 
   
   
<sup>[5]</sup> "Ethereum Races Clock to Collect Enough Coins for Big Upgrade". Bloomberg.com. 23 November 2020.
   
   
<sup>[6]</sup> 'DeFi' movement promises high interest but high risk". Financial Times. 2019-12-30. Retrieved 2020-10-06.
   
<sup>[7]</sup> [Public Key Cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography)
   
<sup>[8]</sup> [Ehtereum consensus mechanisms](https://ethereum.org/en/developers/docs/consensus-mechanisms/)   

   



<sup>[9]</sup> Afshar, Vala; Evangelist, ContributorChief Digital; Salesforce (17 July 2017). "Ethereum Is The Second Most Valuable Digital Currency, Behind Bitcoin". HuffPost. Retrieved 10 April 2019.   


<sup>[10]</sup> [BTC vs ETH hashing power](https://coinmetrics.io/charts/#assets=btc,eth_roll=200_left=HashRate_zoom=1279411200000,1587859200000) 


<sup>[11]</sup> [Ethereum known attacks](https://consensys.github.io/smart-contract-best-practices/known_attacks/)   

<sup>[12]</sup> [Bitcoin privacy](https://bitcoin.org/en/protect-your-privacy)

<sup>[13]</sup> [Blockchain is Watching You: Profiling and Deanonymizing Ethereum Users](https://arxiv.org/pdf/2005.14051.pdf)

<sup>[14]</sup> [TornadoCash](https://tornado.cash)

<sup>[15]</sup> [Aztek](https://developers.aztec.network)

<sup>[16]</sup> [zkSync](https://zksync.io)