海运的博客

git clone https://github.com/dan-da/hd-wallet-derive.git
cd hd-wallet-derive
composer.phar install

生成bip39钱包，指定助记词数量24个，使用256位随机种子，结果包含b39 seed，助记词，主私钥root-key等。

hd-wallet-derive.php -g --gen-key --gen-words=24

使用主私钥生成path /m/0下的btc地址和私钥：

./hd-wallet-derive.php -g --key=xprv9s21ZrQH143K3mnXKMLng2WiMv8NHtk68CqTSA9Yb8TAeAdT4V3WdKFVnZBBpHejT6ascYfBWu8WvgVFK5VwoP6pk8iQGnW3aVhAZD7r9Cx --path=m/0 --cols=path,address,privkey  

使用助记词生成path /m/0下的btc地址和私钥：

./hd-wallet-derive.php -g --mnemonic="impose tiny skirt crowd scheme thumb episode flat pumpkin junior wonder manual split crane feed seat lady title seek betray next comfort mimic base" --path=m/0 --cols=path,address,privkey

也可使用内置的path，查看列表：

./hd-wallet-derive.php --help-presets

使用electrum preset，和上面使用path=m/0等效。

./hd-wallet-derive.php -g --key=xprv9s21ZrQH143K3mnXKMLng2WiMv8NHtk68CqTSA9Yb8TAeAdT4V3WdKFVnZBBpHejT6ascYfBWu8WvgVFK5VwoP6pk8iQGnW3aVhAZD7r9Cx --preset=electrum --cols=path,address,privkey

1.在离线的机器上使用安全程序通过bip32生成主公钥/私钥或bip39生成助记词/主公钥/私钥
2.在离线的机器上钱包导入主私钥，将主公钥备份到联网的机器上并导入，这样联网机器只能查看不能发送交易
3.地址类型使用三者都支持的P2PKH
4.发送时在联网的钱包上生成交易，复制到离线机器上签名，然后用第三方web网站解码查看签名的交易，正常再广播出去。

注意：
为保持和从主秘钥/公钥导入的地址一致，从备份的bip39助词恢复时要将Derivation Path设置为m/

最好离线和在线机器不直接通过u盘间接传递，联网机器通过网络和第三台机器交换签名文件，第三台再通过u盘和离线机器交换签名文件。

生成bip32/bip39可使用：
https://github.com/tyler-smith/go-bip32
https://github.com/tyler-smith/go-bip39
只要保证初始种子随机安全即可，上面程序通过rand.Read()生成，相同的种子生成相同的主秘钥/公钥/助记词，bip39助记词和初始种子可相互转换。

初始随机种子也可通过其它程序生成：
php7:

php -r "echo bin2hex(random_bytes(32)).PHP_EOL;"

python2:

python2 -c 'import os;print os.urandom(32).encode("hex")'

python3.5以上：

python3 -c 'import os;print(os.urandom(32).hex())'

在线生成验证，也可下载单文件bip39-standalone.html离线版本，或使用hd-wallet-derive验证。
https://iancoleman.io/bip39/

bsv钱包：ElectrumSV
bch钱包：Electron Cash
btc钱包：Electrum

使用gpg校验下载的软件签名：

wget https://download.electrum.org/3.3.8/Electrum-3.3.8.tar.gz.asc
wget https://download.electrum.org/3.3.8/Electrum-3.3.8.tar.gz
wget https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc
gpg --import ThomasV.asc 
gpg --verify Electrum-3.3.8.tar.gz.asc 

wget https://github.com/Electron-Cash/Electron-Cash/releases/download/4.0.14/Electron-Cash-4.0.14.tar.gz
wget https://github.com/Electron-Cash/Electron-Cash/releases/download/4.0.14/Electron-Cash-4.0.14.tar.gz.asc
wget https://github.com/Electron-Cash/Electron-Cash/raw/master/pubkeys/jonaldkey2.txt
gpg --import jonaldkey2.txt 
gpg --verify Electron-Cash-4.0.14.tar.gz.asc 


wget https://electrumsv.io/download/1.2.5/ElectrumSV-1.2.5.tar.gz.asc
wget https://electrumsv-downloads.s3.us-east-2.amazonaws.com/releases/1.2.5/ElectrumSV-1.2.5.tar.gz
wget https://raw.githubusercontent.com/electrumsv/electrumsv/master/pubkeys/rt121212121.asc
gpg --import rt121212121.asc 
gpg --verify ElectrumSV-1.2.5.tar.gz.asc 

wget https://github.com/electrumsv/electrumsv/archive/sv-1.2.5.tar.gz
tar zxvf sv-1.2.5.tar.gz 
cd electrumsv-sv-1.2.5/
apt install python3-pip python3-pyqt5 pkg-config
python3 -m pip install --upgrade pip
pip3 install --target=packages -r contrib/requirements/requirements.txt
pip3 install --target=packages -r contrib/requirements/requirements-binaries.txt 
./electrum-sv

go build:

git clone https://github.com/fatedier/frp.git
#windows客户端
frp/cmd/frpc
GOARCH=amd64 GOOS=windows CGO_ENABLED=0 go build -ldflags "-s -w"
#linux服务端
frp/cmd/frps
go build -ldflags "-s -w"

服务端配置文件：

[common]
bind_addr = 0.0.0.0
bind_port = 7000

dashboard_addr = 0.0.0.0
dashboard_port = 7500
dashboard_user = admin
dashboard_pwd = admin

log_file = /run/log/frp/frps.log
# trace, debug, info, warn, error
log_level = info
log_max_days = 3
disable_log_color = false

token = password
pool_count = 5
tcp_mux = false
allow_ports = 2000-3000,3001,3003,4000-50000
max_ports_per_client = 0

客户端配置文件：

[common]
server_addr = www.haiyun.me
server_port = 7000

log_file = ./frpc.log
# trace, debug, info, warn, error
log_level = info
log_max_days = 3
disable_log_color = false

login_fail_exit = false
token = password
pool_count = 5
protocol = tcp
tcp_mux = false
tls_enable = false
dns_server = 114.114.114.114

admin_addr = 127.0.0.1
admin_port = 7400
admin_user = admin
admin_pwd = admin

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 3389
remote_port = 3389
use_encryption = true
use_compression = false

windows下使用winsw将frpc安装为系统服务开机自动启动，将winsw放到frp目录，并新建winsw.xml配置文件：

<service>
    <id>frp</id>
    <name>frp client</name>
    <description>frp client</description>
    <executable>C:\test\frpc.exe</executable>
    <arguments>-c frpc.ini</arguments>
    <onfailure action="restart" delay="60 sec"/>
    <logmode>append</logmode>
    <logpath>logs</logpath>
</service>

以管理员启动cmd进入frp目录，安装frp为系统服务并启动：

cd C:\test\
winsw install
winsw start frp

安装7zip：

apt install p7zip-full

加密压缩为7zip格式：

7z a -t7z -p123456 -mhe -spf file.7z file/
#-mhe加密文件名
#-spf被压缩目录包含完整的路径

加密压缩为zip格式：

 7z a -tzip -p123456 -mem=AES256 -spf file.zip file/
#-mem使用aes256加密

查看加密压缩文件信息：

7z l -slt file.zip 
7z l -slt file.7z

解压文件：

7z x -p123456 file.zip 
7z x -p123456 file.7z

解压到指定目录：

7z x prowinx64legacy.exe -owindows7-x64

https://sevenzip.osdn.jp/chm/cmdline/switches/index.htm