MultiversX Tracker is Live!

Where's the code that bitcoin core uses to generate private keys

Bitcoin Stack Exchange

Bitcoin News / Bitcoin Stack Exchange 193 Views

Here's what I did to find out:

BIP32 says:

The total number of possible extended keypairs is almost 2512, but the produced keys are only 256 bits long, and offer about half of that in terms of security. Therefore, master keys are not generated directly, but instead from a potentially short seed value.

  • Generate a seed byte sequence S of a chosen length (between 128 and 512 bits; 256 bits is advised) from a (P)RNG.
  • Calculate I = HMAC-SHA512(Key = "Bitcoin seed", Data = S)
  • Split I into two 32-byte sequences, IL and IR.
  • Use parse256(IL) as master secret key, and IR as master chain code.

In case parse256(IL) is 0 or parse256(IL) β‰₯ n, the master key is invalid.

(my emphasis)

So we need to find references to HMAC-SHA512 (or variations):

C:> findstr /S "HMAC.SHA512" *.cpp *.h
bitcoin-master\src\crypto\hmac_sha512.cpp:CHMAC_SHA512::CHMAC_SHA512(const unsigned char* key, size_t keylen)
bitcoin-master\src\crypto\hmac_sha512.cpp:void CHMAC_SHA512::Finalize(unsigned char hash[OUTPUT_SIZE])
bitcoin-master\src\crypto\hmac_sha512.h:#ifndef BITCOIN_CRYPTO_HMAC_SHA512_H
bitcoin-master\src\crypto\hmac_sha512.h:#define BITCOIN_CRYPTO_HMAC_SHA512_H
bitcoin-master\src\crypto\hmac_sha512.h:class CHMAC_SHA512
bitcoin-master\src\crypto\hmac_sha512.h: CHMAC_SHA512(const unsigned char* key, size_t keylen);
bitcoin-master\src\crypto\hmac_sha512.h: CHMAC_SHA512& Write(const unsigned char* data, size_t len)
bitcoin-master\src\crypto\hmac_sha512.h:#endif // BITCOIN_CRYPTO_HMAC_SHA512_H
bitcoin-master\src\hash.cpp: CHMAC_SHA512(chainCode.begin(), chainCode.size()).Write(&header, 1).Write(data, 32).Write(num, 4).Finalize(output);
bitcoin-master\src\key.cpp: CHMAC_SHA512{hashkey, sizeof(hashkey)}.Write(seed.data(), seed.size()).Finalize(vout.data());
bitcoin-master\src\test\crypto_tests.cpp: TestVector(CHMAC_SHA512(key.data(), key.size()), ParseHex(hexin), ParseHex(hexout));
bitcoin-master\src\test\fuzz\crypto.cpp: CHMAC_SHA512 hmac_sha512{data.data(), data.size()};
bitcoin-master\src\test\fuzz\crypto.cpp: data.resize(CHMAC_SHA512::OUTPUT_SIZE);

So key.cpp seems to be calling (rather than defining) HMAC_SHA512 ...

I stopped there but you could make a note of the name of the method in key.cpp that calls HMAC_SHA512 and repeat the search for calls to that method until you find code whose method names, variable names and comments suggest you have reached the right place.

Obviously, on Linux instead of findstr /S you'll use grep -r .


Note that using any of this code is likely to be subject to the licence terms and conditions. These are set out in the file named COPYING - it is the MIT licence.


Get BONUS $200 for FREE!

You can get bonuses upto $100 FREE BONUS when you:
πŸ’° Install these recommended apps:
πŸ’² SocialGood - 100% Crypto Back on Everyday Shopping
πŸ’² xPortal - The DeFi For The Next Billion
πŸ’² CryptoTab Browser - Lightweight, fast, and ready to mine!
πŸ’° Register on these recommended exchanges:
🟑 Binance🟑 Bitfinex🟑 Bitmart🟑 Bittrex🟑 Bitget
🟑 CoinEx🟑 Crypto.com🟑 Gate.io🟑 Huobi🟑 Kucoin.



Comments