3
I wanted to use Electrum’s servers, listed here, it uses a protocol called "Stratum", which is documented here, but I don’t even know is the most updated.
I can "make it work" using the library tls
and the net
(in case not using TLS) in Golang, as is a test I did as follows:
config := &tls.Config{
InsecureSkipVerify: true,
// NOTA:
// O Electrum permite servidores com certificados self-signed!
// O melhor que posso fazer é um Public Key-Pinning baseado em Trust On First Use.
}
PKHashConfiavel := []byte{0x8c, 0x45, 0x01, 0x95, 0x91, 0xd5, 0x4a, 0x50, 0xc8, 0xf6, 0xac, 0x84, 0xa3, 0xf9, 0x70, 0xb1, 0xa7, 0x3b, 0x7e, 0x51, 0xc6, 0xb1, 0x18, 0x72, 0x64, 0x40, 0x00, 0x29, 0xfd, 0xaa, 0xa7, 0xed, 0xbc, 0x8c, 0xd4, 0x2a, 0xf8, 0xe5, 0xdb, 0x55, 0x5f, 0x09, 0x13, 0x56, 0x55, 0x2f, 0x95, 0x39}
// Se conecta com o servidor
conn, err := tls.Dial("tcp", "electrum.hsmiths.com:50002", config)
if err != nil {
panic(err)
}
connState := conn.ConnectionState()
var isConfiavel bool = false
// Verifica a hash do certificado no qual me conectei
for _, cert := range connState.PeerCertificates {
PKDer, _ := x509.MarshalPKIXPublicKey(cert.PublicKey)
PKHash := blake2b.Sum384(PKDer)
if hmac.Equal(PKHashConfiavel, PKHash[:]) {
isConfiavel = true
}
}
if isConfiavel {
// Envia a requisição
comando := "{\"id\": 1, \"method\": \"blockchain.address.get_history\", \"params\": [\"1DB8zJn99HSVUUwWRCgKxiZV33yPfBSVYr\"]}"
comando += "\n"
conn.Write([]byte(comando))
// Obtêm resposta
resposta, _ := bufio.NewReader(conn).ReadString('\n')
fmt.Print(resposta)
}
This works normally and returns:
{"jsonrpc": "2.0", "id": 1, "result": [{"tx_hash": "a7d790a2418fd0b17af37b2896327985d52941a1211de8705c6f16d868885412", "height": 483800}, {"tx_hash": "4ee9dcd51d1d80e6aa021e5503354ec3d4125cf8777894b68056cfef9bc9a818", "height": 483801}]}
I tried to do the same in PHP, with the native features, in this case the only solution I see would be Curl, but it doesn’t work for anything.
But I also tried in PHP, without using TLS, as follows:
$comando = '{"id": 1, "method": "blockchain.address.get_history", "params": ["1DB8zJn99HSVUUwWRCgKxiZV33yPfBSVYr"]}';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'electrum.hsmiths.com');
curl_setopt($curl, CURLOPT_PORT , '50001');
curl_setopt($curl, CURLOPT_HEADER, 1);
// Para testes desligamos a verificação de SSL:
// curl_setopt($curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
// curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
// curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
// curl_setopt($curl, CURLOPT_PINNEDPUBLICKEY, 'sha256//' . base64_encode($PKHash))
// Testes fracassados:
//curl_setopt($curl, CURLOPT_HTTPHEADER, ['Content-Type: application/stratum']);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $comando);
$response = curl_exec($curl);
var_dump($response);
Answer:
string(134) "{"jsonrpc": "2.0", "id": null, "error": {"message": "cannot decode JSON: Expecting value: line 1 column 1 (char 0)", "code": -32700}}"
Apparently Stratum cannot be used over HTTP and for that I need to create a TCP connection without Curl.
So there is some equivalent to tls.Dial
/net.Dial
in PHP? Is there an alternative to Curl and is natively embedded in PHP?