Understanding Mobile Bitcoin Wallet

Study and analyse the open-source mobile bitcoin wallet: breadwallet

Basic Transaction Function

Make a Transaction

Contains the componenets: input hashes, intput indxes,input script, output addresses and amounts.

- (instancetype)initWithInputHashes:(NSArray *)hashes inputIndexes:(NSArray *)indexes inputScripts:(NSArray *)scripts
outputAddresses:(NSArray *)addresses outputAmounts:(NSArray *)amounts
It generates the output scripts by using a function of appendScriptPubKeyForAddress:address

for (int i = 0; i < addresses.count; i++) {
        [self.outScripts addObject:[NSMutableData data]];
        [self.outScripts.lastObject appendScriptPubKeyForAddress:self.addresses[i]];

    self.signatures = [NSMutableArray arrayWithCapacity:hashes.count];
    self.sequences = [NSMutableArray arrayWithCapacity:hashes.count];

    for (int i = 0; i < hashes.count; i++) {
        [self.signatures addObject:[NSNull null]];
        [self.sequences addObject:@(TXIN_SEQUENCE)];

Sign a transaction

With a provided private key, it signs each input hashes.

- (BOOL)signWithPrivateKeys:(NSArray *)privateKeys
    NSMutableArray *addresses = [NSMutableArray arrayWithCapacity:privateKeys.count],
                   *keys = [NSMutableArray arrayWithCapacity:privateKeys.count];
    for (NSString *pk in privateKeys) {
        BRKey *key = [BRKey keyWithPrivateKey:pk];
        if (! key) continue;
        [keys addObject:key];
        [addresses addObject:key.address];
    for (NSUInteger i = 0; i < self.hashes.count; i++) {
        NSString *addr = [NSString addressWithScriptPubKey:self.inScripts[i]];
        NSUInteger keyIdx = (addr) ? [addresses indexOfObject:addr] : NSNotFound;
        if (keyIdx == NSNotFound) continue;
        NSMutableData *sig = [NSMutableData data];
        UInt256 hash = [self toDataWithSubscriptIndex:i].SHA256_2;
        NSMutableData *s = [NSMutableData dataWithData:[keys[keyIdx] sign:hash]];
        NSArray *elem = [self.inScripts[i] scriptElements];
        [s appendUInt8:SIGHASH_ALL];
        [sig appendScriptPushData:s];
        if (elem.count >= 2 && [elem[elem.count - 2] intValue] == OP_EQUALVERIFY) { // pay-to-pubkey-hash scriptSig
            [sig appendScriptPushData:[keys[keyIdx] publicKey]];
        self.signatures[i] = sig;
    if (! self.isSigned) return NO;
    _txHash = self.data.SHA256_2;
    return YES;

Transaction Protocol

The wallet uses a protocle of BIP70 I need to dig more into this protocol in the following week. This should be key in evaluating the safety of the transaction broadcasting.

Safety of the Private Key Storage

Components of the key