Bitcoin Addresses

  • 3,149 views
Uploaded on

A step-by-step guide to how Bitcoin addresses are generated from public keys

A step-by-step guide to how Bitcoin addresses are generated from public keys

More in: Technology , Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
3,149
On Slideshare
0
From Embeds
0
Number of Embeds
30

Actions

Shares
Downloads
25
Comments
0
Likes
3

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Bitcoin Addresses How they are generated from public keys (a step-by-step guide) Ash Moran aviewfromafar.net ash@ashleymoran.net
  • 2. Anatomy of an Address 1kqHKEYYC8CQPxyV53nCju4Lk2ufpQqA2 address
 prefix Base58Check encoding of the cryptographic hash
 of something
 (indicated by the prefix)
  • 3. Step 1:
 Representing Numbers
  • 4. What’s Base58? Represents numbers (eg decimal, base ten, numbers using the digits 0-9) using 58 characters Uses 1-9, most of A-Z and a-z, except: No letter capital i (I), lowercase L (l), O or 0 Like hexadecimal, but with more digits
  • 5. What’s hexadecimal? Represents numbers (eg decimal, base ten, numbers using the digits 0-9) using 16 characters Uses 0-9, A-F A = 10, B = 11, etc
  • 6. Number -> Hexadecimal Decimal Hex 0 0 1 1 2 2 3 3 4 4 5 5 6 6 7 7 8 8 9 9 10 A 11 B 12 C 13 D 14 E 15 F
  • 7. Hexadecimal example C6A = 2 + 6 * 161 + 10 * 160 = 12 * 16 12 * (256) + 6 * (16) + 10 * (1) = 3178
  • 8. Number -> Base58 Decimal Base58 Decimal Base58 Decimal Base58 0 1 20 M 40 h 1 2 21 N 41 i 2 3 22 P 42 j 3 4 23 Q 43 k 4 5 24 R 44 m 5 6 25 S 45 n 6 7 26 T 46 o 7 8 27 U 47 p 8 9 28 V 48 q 9 A 29 W 49 r 10 B 30 X 50 s 11 C 31 Y 51 t 12 D 32 Z 52 u 13 E 33 a 53 v 14 F 34 b 54 w 15 G 35 c 55 x 16 H 36 d 56 y 17 J 37 e 57 z 18 K 38 f 19 L 39 g
  • 9. Base58 example 4iX = 2 + 41 * 581 + 30 * 580 = 3 * 58 3 * (3364) + 41 * (58) + 30 * (1) = 12500
  • 10. Step 2: Message digests / hashes
  • 11. Hashing A hash function takes a value in eg “This is my message” Returns a fixed length number out eg 1129729371291755845 Generates a different number if the input changes even slightly “This it my message” => 3763820994290329705
  • 12. Cryptographic hashing Like hashing but designed so it’s very very hard to figure out the message from the hash. hash_function(“This is my message”) => hash_value – EASY! hash_value => <?what was the message?> – HARD! Bitcoin uses SHA256 and RIPEMD-160 hash functions SHA256(“This is my message”) =>
 3311b7c0bd91b6c73a38212de8ade31c51910f17480ad212ed2b9798a35b7747 SHA256(“This it my message”) => 26a9911800b6115eb7ee508f60a2fd6479d45155a8aef1b1a35eb3173a512063 RIPEMD160(“This is my message”) =>
 bdb6824f7b28e7dd9b9d6b457142547064435937
  • 13. Base58 version of a hash RIPEMD160(“This is my message”) =>
 bdb6824f7b28e7dd9b9d6b457142547064435937 hex: 
 bdb6824f7b28e7dd9b9d6b457142547064435937 
 decimal: 1083069342955023797228115257453753838398332950839 Base58(1083069342955023797228115257453753838398332 950839) =>
 3eJ7uPEgX8h56UJmTNmqwTvHs9H8
  • 14. Step 3: Bitcoin encryption keys
  • 15. Public/private key signing Problem: Alice wants to send Bob a message and want anybody to be able to verify that the message came from her. She wants to make sure nobody can forge her signature on the message.
  • 16. Elliptic Curve Cryptography See the excellent guide A (relatively easy to understand) primer on elliptic curve cryptography by Nick Sullivan
  • 17. Elliptic Curve Cryptography Private key: a random 256-bit (32-byte) integer Public key: an (x, y) point on the curve, either: the number 4, followed by 256-bit x and y coordinates (old uncompressed 65-byte format)
 [4, x, y] the number 2 or 3 followed by a 256-bit x coordinate (new compressed 33-byte format)
 [2, x, y] or [3, x, y]
  • 18. Step 4: Checksums
  • 19. European Article Number Colgate Total 75 ml 4011200296908
  • 20. Colgate Total 75ml EAN checksum Total of odd numbers = 25 27 + 25 = 52 Last digit of 52 = 2 4 0 1 1 2 0 0 2 9 6 9 0 8 Total of even numbers = 9
 9 * 3 = 27 10 - 2 = 8 yay!
  • 21. Step 5: Putting it together
  • 22. Bitcoin pubkey address Take the pubkey with header byte, e.g. [4, x, y] Run it through the SHA256 hash function
 pubkey_hash_step_1 = SHA256([4, x, y]) Run it through the RIPEMD160 hash function
 pubkey_hash = RIPEMD160(pubkey_hash_step_1) Add a byte to the start to indicate which network it’s for (Bitcoin 00, Namecoin 34, Bitcoin testnet 6f)
 plain_binary_address = [00, pubkey_hash] TBC…
  • 23. Checksum generation Take the plain binary address, and run it through the SHA256 function twice:
 plain_address_hash = SHA256(SHA256(plain_binary_address)) Take the first four bytes of this hash as a checksum:
 checksum = first_4_bytes(plain_binary_address) Add the checksum onto the end to give the binary_address:
 binary_address = [00, pubkey_hash, checksum] Base58 encode the result:
 bitcoin_address = Base58(binary_address) Now we have the result, eg “16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM”
  • 24. Demo! (source for live demo now on the next slide)
  • 25. Example Ruby source require 'bitcoin' ! def hex_string_to_bytes(string) [string].pack("H*") end ! def bytes_to_hex_string(bytes) bytes.unpack("H*").first end ! # https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses private_key_hex_string = "18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725" ! key = Bitcoin::Key.new(private_key_hex_string) pub_key_bytes = hex_string_to_bytes(key.pub_uncompressed) ! hash_step_1 = Digest::SHA256.digest(pub_key_bytes) hash160 = Digest::RMD160.digest(hash_step_1) hash160_hex_string = bytes_to_hex_string(hash160) ! versioned_hash160_hex_string = "00" + hash160_hex_string versioned_hash160 = hex_string_to_bytes(versioned_hash160_hex_string) ! checksum_hash_round_1 = Digest::SHA256.digest(versioned_hash160) checksum_hash_round_2 = Digest::SHA256.digest(checksum_hash_round_1) checksum = checksum_hash_round_2[0,4] ! binary_address = versioned_hash160 + checksum binary_address_hex_string = bytes_to_hex_string(binary_address) ! human_address = Bitcoin.encode_base58(binary_address_hex_string) p human_address https://gist.github.com/ashmoran/7582071
  • 26. Other address types
  • 27. Other address types Bitcoin script addresses: 3xxx, e.g.:
 3EktnHQD7RiAE6uzMj2ZifT9YgRrkSgzQX Bitcoin private key (uncompressed pubkey), 5xxx, e.g.:
 5Htn3FzuH3b1X5VF2zLTsAQzBcyzkZNJsa2egXN8ZFJ TCqQm3Rq Bitcoin private key (compressed pubkey), [K/L]xxx, e.g.:
 L1aW4aubDFB7yfras2S1mN3bqg9nwySY8nkoLmJebS LD5BWv3ENZ
  • 28. Done!