Your SlideShare is downloading. ×
0
Bitcoin Addresses
How they are generated from public keys
(a step-by-step guide)

Ash Moran
aviewfromafar.net
ash@ashleymo...
Anatomy of an Address
1kqHKEYYC8CQPxyV53nCju4Lk2ufpQqA2

address

prefix

Base58Check encoding of
the cryptographic hash

o...
Step 1:

Representing Numbers
What’s Base58?
Represents numbers (eg decimal, base ten, numbers
using the digits 0-9) using 58 characters
Uses 1-9, most ...
What’s hexadecimal?
Represents numbers (eg decimal, base ten, numbers
using the digits 0-9) using 16 characters
Uses 0-9, ...
Number -> Hexadecimal
Decimal

Hex

0

0

1

1

2

2

3

3

4

4

5

5

6

6

7

7

8

8

9

9

10

A

11

B

12

C

13

D...
Hexadecimal example

C6A =
2 + 6 * 161 + 10 * 160 =
12 * 16
12 * (256) + 6 * (16) + 10 * (1) =
3178
Number -> Base58
Decimal

Base58

Decimal

Base58

Decimal

Base58

0

1

20

M

40

h

1

2

21

N

41

i

2

3

22

P

4...
Base58 example

4iX =
2 + 41 * 581 + 30 * 580 =
3 * 58
3 * (3364) + 41 * (58) + 30 * (1) =
12500
Step 2:
Message digests / hashes
Hashing
A hash function takes a value in
eg “This is my message”
Returns a fixed length number out
eg 1129729371291755845
G...
Cryptographic hashing
Like hashing but designed so it’s very very hard to figure out the message from the hash.
hash_functi...
Base58 version of a hash
RIPEMD160(“This is my message”) =>

bdb6824f7b28e7dd9b9d6b457142547064435937
hex: 

bdb6824f7b28e...
Step 3:
Bitcoin encryption keys
Public/private key signing

Problem: Alice wants to send Bob a message and
want anybody to be able to verify that the mess...
Elliptic Curve Cryptography

See the excellent guide
A (relatively easy to understand) primer on elliptic curve cryptograp...
Elliptic Curve Cryptography
Private key: a random 256-bit (32-byte) integer
Public key: an (x, y) point on the curve, eith...
Step 4:
Checksums
European Article Number

Colgate Total 75 ml
4011200296908
Colgate Total 75ml EAN
checksum
Total of odd numbers = 25

27 + 25 = 52
Last digit of 52 = 2

4 0 1 1 2 0 0 2 9 6 9 0 8
To...
Step 5:
Putting it together
Bitcoin pubkey address
Take the pubkey with header byte, e.g. [4, x, y]
Run it through the SHA256 hash function

pubkey_ha...
Checksum generation
Take the plain binary address, and run it through the SHA256 function
twice:

plain_address_hash = SHA...
Demo!
(source for live demo now on the next
slide)
Example Ruby source
require 'bitcoin'

!

def hex_string_to_bytes(string)
[string].pack("H*")
end

!

def bytes_to_hex_str...
Other address types
Other address types
Bitcoin script addresses: 3xxx, e.g.:

3EktnHQD7RiAE6uzMj2ZifT9YgRrkSgzQX
Bitcoin private key (uncompr...
Done!
Upcoming SlideShare
Loading in...5
×

Bitcoin Addresses

4,250

Published on

A step-by-step guide to how Bitcoin addresses are generated from public keys

Published in: Technology, Education
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
4,250
On Slideshare
0
From Embeds
0
Number of Embeds
31
Actions
Shares
0
Downloads
29
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Transcript of "Bitcoin Addresses"

  1. 1. Bitcoin Addresses How they are generated from public keys (a step-by-step guide) Ash Moran aviewfromafar.net ash@ashleymoran.net
  2. 2. Anatomy of an Address 1kqHKEYYC8CQPxyV53nCju4Lk2ufpQqA2 address
 prefix Base58Check encoding of the cryptographic hash
 of something
 (indicated by the prefix)
  3. 3. Step 1:
 Representing Numbers
  4. 4. What’s Base58? Represents numbers (eg decimal, base ten, numbers using the digits 0-9) using 58 characters Uses 1-9, most of A-Z and a-z, except: No letter capital i (I), lowercase L (l), O or 0 Like hexadecimal, but with more digits
  5. 5. What’s hexadecimal? Represents numbers (eg decimal, base ten, numbers using the digits 0-9) using 16 characters Uses 0-9, A-F A = 10, B = 11, etc
  6. 6. Number -> Hexadecimal Decimal Hex 0 0 1 1 2 2 3 3 4 4 5 5 6 6 7 7 8 8 9 9 10 A 11 B 12 C 13 D 14 E 15 F
  7. 7. Hexadecimal example C6A = 2 + 6 * 161 + 10 * 160 = 12 * 16 12 * (256) + 6 * (16) + 10 * (1) = 3178
  8. 8. Number -> Base58 Decimal Base58 Decimal Base58 Decimal Base58 0 1 20 M 40 h 1 2 21 N 41 i 2 3 22 P 42 j 3 4 23 Q 43 k 4 5 24 R 44 m 5 6 25 S 45 n 6 7 26 T 46 o 7 8 27 U 47 p 8 9 28 V 48 q 9 A 29 W 49 r 10 B 30 X 50 s 11 C 31 Y 51 t 12 D 32 Z 52 u 13 E 33 a 53 v 14 F 34 b 54 w 15 G 35 c 55 x 16 H 36 d 56 y 17 J 37 e 57 z 18 K 38 f 19 L 39 g
  9. 9. Base58 example 4iX = 2 + 41 * 581 + 30 * 580 = 3 * 58 3 * (3364) + 41 * (58) + 30 * (1) = 12500
  10. 10. Step 2: Message digests / hashes
  11. 11. Hashing A hash function takes a value in eg “This is my message” Returns a fixed length number out eg 1129729371291755845 Generates a different number if the input changes even slightly “This it my message” => 3763820994290329705
  12. 12. Cryptographic hashing Like hashing but designed so it’s very very hard to figure out the message from the hash. hash_function(“This is my message”) => hash_value – EASY! hash_value => <?what was the message?> – HARD! Bitcoin uses SHA256 and RIPEMD-160 hash functions SHA256(“This is my message”) =>
 3311b7c0bd91b6c73a38212de8ade31c51910f17480ad212ed2b9798a35b7747 SHA256(“This it my message”) => 26a9911800b6115eb7ee508f60a2fd6479d45155a8aef1b1a35eb3173a512063 RIPEMD160(“This is my message”) =>
 bdb6824f7b28e7dd9b9d6b457142547064435937
  13. 13. Base58 version of a hash RIPEMD160(“This is my message”) =>
 bdb6824f7b28e7dd9b9d6b457142547064435937 hex: 
 bdb6824f7b28e7dd9b9d6b457142547064435937 
 decimal: 1083069342955023797228115257453753838398332950839 Base58(1083069342955023797228115257453753838398332 950839) =>
 3eJ7uPEgX8h56UJmTNmqwTvHs9H8
  14. 14. Step 3: Bitcoin encryption keys
  15. 15. Public/private key signing Problem: Alice wants to send Bob a message and want anybody to be able to verify that the message came from her. She wants to make sure nobody can forge her signature on the message.
  16. 16. Elliptic Curve Cryptography See the excellent guide A (relatively easy to understand) primer on elliptic curve cryptography by Nick Sullivan
  17. 17. Elliptic Curve Cryptography Private key: a random 256-bit (32-byte) integer Public key: an (x, y) point on the curve, either: the number 4, followed by 256-bit x and y coordinates (old uncompressed 65-byte format)
 [4, x, y] the number 2 or 3 followed by a 256-bit x coordinate (new compressed 33-byte format)
 [2, x, y] or [3, x, y]
  18. 18. Step 4: Checksums
  19. 19. European Article Number Colgate Total 75 ml 4011200296908
  20. 20. Colgate Total 75ml EAN checksum Total of odd numbers = 25 27 + 25 = 52 Last digit of 52 = 2 4 0 1 1 2 0 0 2 9 6 9 0 8 Total of even numbers = 9
 9 * 3 = 27 10 - 2 = 8 yay!
  21. 21. Step 5: Putting it together
  22. 22. Bitcoin pubkey address Take the pubkey with header byte, e.g. [4, x, y] Run it through the SHA256 hash function
 pubkey_hash_step_1 = SHA256([4, x, y]) Run it through the RIPEMD160 hash function
 pubkey_hash = RIPEMD160(pubkey_hash_step_1) Add a byte to the start to indicate which network it’s for (Bitcoin 00, Namecoin 34, Bitcoin testnet 6f)
 plain_binary_address = [00, pubkey_hash] TBC…
  23. 23. Checksum generation Take the plain binary address, and run it through the SHA256 function twice:
 plain_address_hash = SHA256(SHA256(plain_binary_address)) Take the first four bytes of this hash as a checksum:
 checksum = first_4_bytes(plain_binary_address) Add the checksum onto the end to give the binary_address:
 binary_address = [00, pubkey_hash, checksum] Base58 encode the result:
 bitcoin_address = Base58(binary_address) Now we have the result, eg “16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM”
  24. 24. Demo! (source for live demo now on the next slide)
  25. 25. Example Ruby source require 'bitcoin' ! def hex_string_to_bytes(string) [string].pack("H*") end ! def bytes_to_hex_string(bytes) bytes.unpack("H*").first end ! # https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses private_key_hex_string = "18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725" ! key = Bitcoin::Key.new(private_key_hex_string) pub_key_bytes = hex_string_to_bytes(key.pub_uncompressed) ! hash_step_1 = Digest::SHA256.digest(pub_key_bytes) hash160 = Digest::RMD160.digest(hash_step_1) hash160_hex_string = bytes_to_hex_string(hash160) ! versioned_hash160_hex_string = "00" + hash160_hex_string versioned_hash160 = hex_string_to_bytes(versioned_hash160_hex_string) ! checksum_hash_round_1 = Digest::SHA256.digest(versioned_hash160) checksum_hash_round_2 = Digest::SHA256.digest(checksum_hash_round_1) checksum = checksum_hash_round_2[0,4] ! binary_address = versioned_hash160 + checksum binary_address_hex_string = bytes_to_hex_string(binary_address) ! human_address = Bitcoin.encode_base58(binary_address_hex_string) p human_address https://gist.github.com/ashmoran/7582071
  26. 26. Other address types
  27. 27. Other address types Bitcoin script addresses: 3xxx, e.g.:
 3EktnHQD7RiAE6uzMj2ZifT9YgRrkSgzQX Bitcoin private key (uncompressed pubkey), 5xxx, e.g.:
 5Htn3FzuH3b1X5VF2zLTsAQzBcyzkZNJsa2egXN8ZFJ TCqQm3Rq Bitcoin private key (compressed pubkey), [K/L]xxx, e.g.:
 L1aW4aubDFB7yfras2S1mN3bqg9nwySY8nkoLmJebS LD5BWv3ENZ
  28. 28. Done!
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×