Money Button Documentation

Money Button Documentation

  • Money Button
  • API
  • Examples
  • Paymail
  • bsv

›Bitcoin SV Library (bsv)

Money Button

  • Money Button Overview
  • HTML
  • Javascript
  • React
  • Crypto Operations
  • Invisible Money Button
  • Paymail Signatures
  • Paymail Encryption
  • Simple Fabriik Protocol for Tokens

API

  • API Overview
  • Apps
  • Webhooks
  • Tokens
  • Currencies
  • Javascript Client
  • Authentication

    • Authentication Overview
    • OAuth
    • OAuth With JS Client

    API v1

    • Get User Identity
    • Get User Profile
    • Get User Balance
    • Get Payments
    • Get Payment By ID

    API v2

    • Get User Balances
    • Get Payments
    • Get Payment By ID
    • Get Assets
    • Create Asset
    • Modify Asset

Examples

  • Examples Overview
  • OP_RETURN Scripts
  • Assets

Paymail

  • Paymail Overview
  • Paymail Video Series
  • Paymail Introduction
  • BRFC Specifications
  • Specification Documents
  • BRFC ID Assignment
  • Service Discovery
  • Host Discovery
  • Capability Discovery
  • Public Key Infrastructure
  • Payment Addressing
  • Payment Addressing (Basic Address Resolution)
  • Payment Addressing (Payer Validation)
  • Payment Addressing (Payee Approvals)
  • Payment Addressing (PayTo Protocol Prefix)
  • Verify Public Key Owner
  • P2P Transactions
  • P2P Payment Destination
  • Recommendations

Bitcoin SV Library (bsv)

  • Bitcoin SV Library (bsv)
  • Big Numbers
  • Points (Elliptic Curves)
  • Hash Functions
  • Base 58
  • Private Keys
  • Public Keys
  • Addresses
  • ECDSA
  • Bitcoin Signed Messages
  • Signatures
  • HD Private Keys (BIP32)
  • HD Public Keys (BIP32)
  • Mnemonics (BIP39)
  • Script

Hash Functions


Source code: hash.js

Note that hash functions are handled automatically by Money Button behind the scenes and it is not necessary to deal with hash functions directly unless you are building an advanced application.

Bitcoin makes extensive use of cryptographic hash functions. The id of a block is the reverse double SHA256 hash of the block. This is the value that is iterated with a nonce when miners are mining - they are trying to get a hash that starts with a large number of zeros. The id of a transaction is also a double SHA256 hash. An address is the RIPEMD160 hash of a SHA256 hash. And last but not least, digital signatures involve hashing a transaction to sign and verify.

Not only does the core protocol use hash functions, but many higher-level protocols on top of Bitcoin also use hash functions. BIP32 (hierarchical deterministic wallets), ECIES, and many other standards use a variety of hash functions.

bsv exposes all of the most important hash functions that you are likely to use in your application. The hash functions are exposed on the crypto object as:

bsv.crypto.Hash

For instance:

bsv.crypto.Hash.sha256

In this document, "hash function" means cryptographic hasn functions, and not any other kind of hash function. Hash functions have these properties:

  • Given a hash, the only way to determine the input is to iterate all possible inputs until you can find the correct hash.
  • All bits in a hash are equally likely to be either 0 or 1 when given many inputs.
  • Changing a single bit of the input will radically change the output.
  • They are a determined length (for instance, 256 bits for SHA256, or 160 bits for RIPEMD160).
  • The input can be any length (or at least a very long length with no practical limits in most cases).

Given the data "this is the data I want to hash", the SHA256 hash looks like this:

f88eec7ecabf88f9a64c4100cac1e0c0c4581100492137d1b656ea626cad63e3

Given a slightly different data, "this is the data I want to hash.", which looks almost exactly the same except there is a period at the end, the SHA256 hash looks like this:

37c8dbe24e14073958444f45db5b34c4496e87019ab9ce4ce06821c516b5c02d

Notice how almost none of the digits are the same as above. Changing the input in a very small way produces a completely different hash.

The code to produce these hashes using bsv is this:

var bsv = require('./')
var hash1 = bsv.crypto.Hash.sha256(Buffer.from('this is the data I want to hash')).toString('hex')
console.log(hash1)
// prints:
// f88eec7ecabf88f9a64c4100cac1e0c0c4581100492137d1b656ea626cad63e3
var hash2 = bsv.crypto.Hash.sha256(Buffer.from('this is the data I want to hash.')).toString('hex')
console.log(hash2)
// prints:
// 37c8dbe24e14073958444f45db5b34c4496e87019ab9ce4ce06821c516b5c02d

The hash functions available in bsv are:

Hash FunctionOutput LengthDescription
sha25632 bytesThe SHA256 hash.
sha256sha25632 bytesThe SHA256 hash of the SHA256 hash. Used for blocks and transactions.
sha51264 bytesThe SHA512 hash. Commonly used in applications.
sha120 bytesThe SHA1 hash.
ripemd16020 bytesThe RIPEMD160 hash.
sha256ripemd16020 bytesThe RIPEMD160 hash of the SH256 hash. Used in Bitcoin addresses.

Every hash function takes a buffer of any length as input. They are all exposed on the bsv.crypto.Hash object.

bsv provides one more hash-related utility that is commonly used in applications: HMAC. It is often the case that you may wish to hash two pieces of data together. There is a common vulnerability called the "hash length extension attack" which can sometimes occur in services that hash secret data together with public data where an attacker can control some inputs. As a general rule, if you need to hash two things together, it is better to use HMAC, which is designed to prevent length extension attacks.

In other words:

Rather than: hash(data1 + data2)

Do: HMAC(data1, data2)

HMAC itself is an algorithm that lets any hash function be used inside. You can use HMAC directly, or you can use the two convenience methods we provide for sha256hmac or sha512hmac.

HMAC Convenience FunctionOutput LengthDescription
sha256hmac32 bytesHMAC with SHA256 as the hash function.
sha512hmac32 bytesHMAC with SHA512 as the hash function.

Both of these functions take two buffers as inputs.

← Points (Elliptic Curves)Base 58 →
Money Button Documentation
Docs
Money ButtonAPIDesignbsv
Community
redditYoutubeTelegramTwitter
More
BlogInstagramGitHubStar
See an error in our documentation? Issue a pull request to fix it.
Copyright © 2021 Yours Inc.