In the previous article, we looked at different methods to generate a private key. Whatever method you choose, you’ll end up with 32 bytes of data. Here’s the one that we got at the end of that article:
60cf347dbc59d31c1358c8e5cf5e45b822ab85b79cb32a9f3d98184779a9efc2
We’ll use this private key throughout the article to derive both a public key and the address for the Bitcoin wallet.
An example private key. In Bitcoin, a private key is a 256-bit number, which can be represented one of several ways. Here is a private key in hexadecimal - 256 bits in hexadecimal is 32 bytes, or 64 characters in the range 0-9 or A-F. I would like to generate a totally new bitcoin address on the offline computer, and use it as a cold storage address. I will then sign an offline transaction from the wallet to that new address and be safe. How can I create a new Bitcoin private key from the Bitcoin CLI, without using any existing wallet keys / addresses?
What we want to do is to apply a series of conversions to the private key to get a public key and then a wallet address. Most of these conversions are called hash functions. These hash functions are one-way conversions that can’t be reversed. We won’t go to the mechanics of the functions themselves — there are plenty of great articles that cover that. Instead, we will look at how using these functions in the correct order can lead you to the Bitcoin wallet address that you can use.
The first thing we need to do is to apply the ECDSA or Elliptic Curve Digital Signature Algorithm to our private key. An elliptic curve is a curve defined by the equation y² = x³ + ax + b
with a chosen a
and b
. There is a whole family of such curves that are widely known and used. Bitcoin uses the secp256k1 curve. If you want to learn more about Elliptic Curve Cryptography, I’ll refer you to this article.
By applying the ECDSA to the private key, we get a 64-byte integer. This consists of two 32-byte integers that represent the X and Y of the point on the elliptic curve, concatenated together.
For our example, we got: 1e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7b73ff919898c836396a6b0c96812c3213b99372050853bd1678da0ead14487d7
.
In Python, it would look like this:
Note: as you can see from the code, before I used a method from the ecdsa
module, I decoded the private key using codecs
. This is relevant more to the Python and less to the algorithm itself, but I will explain what are we doing here to remove possible confusion.
In Python, there are at least two classes that can keep the private and public keys: “str” and “bytes”. The first is a string and the second is a byte array. Cryptographic methods in Python work with a “bytes” class, taking it as input and returning it as the result.
Now, there’s a little catch: a string, say, 4f3c
does not equal the byte array 4f3c
, it equals the byte array with two elements, O&
lt;. And that’s what codecs.dec
ode method does: it converts a string into a byte array. That will be the same for all cryptographic manipulations that we’ll do in this article.
Once we’re done with the ECDSA, all we need to do is to add the bytes 0x04
at the start of our public key. The result is a Bitcoin full public key, which is equal to: 041e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7b73ff919898c836396a6b0c96812c3213b99372050853bd1678da0ead14487d7
for us.
But we can do better. As you might remember, the public key is some point (X, Y) on the curve. We know the curve, and for each X there are only two Ys that define the point which lies on that curve. So why keep Y? Instead, let’s keep X and the sign of Y. Later, we can derive Y from that if needed.
The specifics are as follows: we take X from the ECDSA public key. Now, we add the 0x02
if the last byte of Y is even, and the byte 0x03
if the last byte is odd.
In our case, the last byte is odd, so we add 0x03
to get the compressed public key: 031e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7
. This key contains the same information, but it’s almost twice as short as the uncompressed key. Cool!
Previously, wallet software used long, full versions of public keys, but now most of it has switched to compressed keys.
From now on, we need to make a wallet address. Whatever method of getting the public key you choose, it goes through the same procedure. Obviously, the addresses will differ. In this article, we will go with the compressed version.
What we need to do here is to apply SHA-256 to the public key, and then apply RIPEMD-160 to the result. The order is important.
SHA-256 and RIPEMD-160 are two hash functions, and again, we won’t go into the details of how they work. What matters is that now we have 160-bit integer, which will be used for further modifications. Let’s call that an encrypted public key. For our example, the encrypted public key is 453233600a96384bb8d73d400984117ac84d7e8b
.
Here’s how we encrypt the public key in Python:
The Bitcoin has two networks, main and test. The main network is the network that all people use to transfer the coins. The test network was created — you guessed it — to test new features and software.
We want to generate an address to use it on the mainnet, so we need to add 0x00
bytes to the encrypted public key. The result is 00453233600a96384bb8d73d400984117ac84d7e8b
. For the testnet, that would be 0x6f
bytes.
Now we need to calculate the checksum of our mainnet key. The idea of checksum is to make sure that the data (in our case, the key) wasn’t corrupted during transmission. The wallet software should look at the checksum and mark the address as invalid if the checksum mismatches.
To calculate the checksum of the key, we need to apply SHA-256 twice and then take first 4 bytes of the result. For our example, the double SHA-256 is 512f43c48517a75e58a7ec4c554ecd1a8f9603c891b46325006abf39c5c6b995
and therefore the checksum is 512f43c4
(note that 4 bytes is 8 hex digits).
The code to calculate an address checksum is the following:
Finally, to make an address, we just concatenate the mainnet key and the checksum. That makes it 00453233600a96384bb8d73d400984117ac84d7e8b512f43c4
for our example.
That’s it! That’s the wallet address for the private key at the start of the article.
But you may notice that something is off. You’ve probably seen a handful of Bitcoin addresses and they didn’t look like that. Well, the reason is that they are encoded with Base58. It’s a little bit odd.
Here’s the algorithm to convert a hex address to the Base58 address:
What we get is 17JsmEygbbEUEpvt4PFtYaTeSqfb9ki1F1
, a compressed Bitcoin wallet address.
The wallet key generation process can be split into four steps:
Depending on the form of public key (full or compressed), we get different addresses, but both are perfectly valid.
Here’s the full algorithm for the uncompressed public key:
If you want to play with the code, I published it to the Github repository.
I am making a course on cryptocurrencies here on freeCodeCamp News. The first part is a detailed description of the blockchain.
I also post random thoughts about crypto on Twitter, so you might want to check it out.
Before getting started with importing your wallet's private keys, let's clarify three important definitions.
Bitcoin is not stored locally on your phone or laptop. They are stored on the blockchain and you use a Bitcoin wallet to access the coins for sending/receiving the cryptocurrency. This means if you lose your phone or buy a new laptop you can access your Bitcoin by importing your key(s) from a previously exported backup. With a backup, you are able to recover your Bitcoin at any time by importing the private keys associated with that wallet from the backup. This is why it is imperative that users take the time to create a backup of their wallet before adding Bitcoin to it. For more on creating a backup, please see our Bitcoin.com wallet guide. If you have not already done so, please go ahead and backup your wallet. This process is covered in detail in the guide on how to use the Bitcoin.com wallet. If you do not backup your wallet and store this information somewhere safe you run the risk of losing all bitcoins on that address in the event that you lose or damage the device on which your wallet is installed. Once you have a backup, you are ready to proceed.
To export your Bitcoin.com wallet private keys by file/text, please follow the steps below:
The Bitcoin.com Wallet will not allow you to proceed without a password. This is because exporting your wallet involves exposing your private keys to the system clipboard, or worse, sending your private keys unencrypted by email. Once you have a password set up, it’s safe to press “Copy to clipboard” or “Send by email”. You can also chose to export your wallet without the private keys. To do this just tap on 'Show Advanced Options' and check the 'Do not include private key' option. Please note that you will not be able to spend from the wallet without the private key.
The QR code method of exporting your wallet is best suited for quickly exporting a wallet and then immediately importing it onto another device via QR code scan. If you’re switching devices and want to move your Bitcoin wallet to your new device with the Bitcoin.com wallet installed, you would select “QR Code” as your export method. If you have more than 1 sub-wallet in your Bitcoin.com app, you will have to export each of them individually. Driver detective registration key generator free.
This is how to import using the copy-to-clipboard method. If you receive an email on your device with your exported wallet, or choose 'Copy to clipboard', on most devices you can press the screen and wait for a “Paste” button to appear, then paste the backup code in to the field.
If you pasted the backup code correctly and entered the correct password your bitcoin wallet will be imported. A popup window will be shown if your password was incorrect, or the code was improperly pasted. Note, everything within the curly braces { and } including the curly braces should be pasted in order to correctly import the wallet.
The QR code method of exporting your wallet is best suited for quickly exporting a wallet and then immediately importing it onto another device via QR code scan. If you’re switching devices and want to move your Bitcoin wallet to your new device with the Bitcoin.com wallet installed, you would select 'QR Code' as your export method.
Once you verify this worked and your wallet shows up on the destination device, you can delete the old wallet and destroy the old device or wipe it for resale. Remember to take basic security precautions. Always do this in a private, secure room or space. The QR code, if seen, can be photographed or scanned by others in public.
This method of importing a private key involves using your hand-written 12-word 'seed' phrase that you can obtain from the backup process within the Bitcoin.com wallet. For a refresher on how to obtain your backup seed phrase, see our Bitcoin.com wallet guide. To import your wallet using the seed phrase:
This completes the guide to importing your private key(s) into your Bitcoin.com wallet. If you have any further questions. Visit the Bitcoin.com Forum.
This special offer gives you full member access to our downloads. Take the DownloadKeeper.com today for more information and further details! Payroll Income Documents Generator was added to DownloadKeeper this week and last updated on 14-Apr-2020.