A Bitcoin wallet contains a series of key pairs, each of which includes a private key and a public key. The private key (k) is a number, usually chosen at random. With the private key, we can generate a public key (K) using the one-way encryption function elliptic curve multiplication. Armed with the public key (K), we can generate a Bitcoin address (A) using a one-way cryptographic hash function. In this section, we will start with generating a private key, describe how to use elliptic curve operations to generate a public key from a private key, and finally generate a bitcoin address from the public key. The relationship between the private key, public key and bitcoin address is shown in the figure below.
Bitcoin uses a special elliptic curve and a series of mathematical constants defined by the secp256k1 standard. This standard was established by the National Institute of Standards and Technology (NIST). The secp256k1 curve is defined by the following function, which produces an elliptic curve:
y^2 = (x^3 + 7)} over (Fp)
or
y^2 mod p = (x^3 + 7) mod p mod p
above p (modulo prime p) indicates that the curve is in the finite field of prime order p, also written as Fp, where p = 2^256 – 2^32 – 2^9 – 2^8 – 2^7 – 2^6 – 2^4 - 1, which is a very large prime.
The Bitcoin address can be obtained from the public key through a one-way cryptographic hash algorithm. A hash algorithm is a one-way function that accepts input of arbitrary length to generate a fingerprint digest. Cryptographic hash functions are widely used in Bitcoin: Bitcoin addresses, script addresses, and proof-of-work algorithms in mining. The algorithms used to generate Bitcoin addresses from public keys are the Secure Hash Algorithm (SHA) and the RACE Integrity Primitives Evaluation Message Digest (RIPEMD), specifically SHA256 and RIPEMD160.
Take the public key K as input, calculate its SHA256 hash value, and use the result to calculate the RIPEMD160 hash value, and get a number with a length of 160 bits (20 bytes):
A = RIPEMD160(SHA256(K))
In the formula, K is the public key and A is the generated bitcoin address.
python implementation:
import bitcoin
#Generate a random private key
valid_private_key=False
while not valid_private_key:
private_key = bitcoin.random_key()
decoded_private_key = bitcoin.decode_privkey(private_key,'hex')
compressed_private_key = private_key + '01'
valid_private_key=0<decoded_private_key<bitcoin.N
print("Private Key (hex) is:",private_key)
print("Private Key (decimal) is:",decoded_private_key)
print("Private Key Compressed (hex) is:",compressed_private_key)
#Convert private key to WIF format bin_to_b58chech(encode(priv,256,32))+b'\x01',128+int(vbyte)
wif_encoding_private_key=bitcoin.encode_privkey(decoded_private_key,'wif')
wif_compressed_private_key=bitcoin.encode_privkey(decoded_private_key,'wif_compressed')
print("Private Key(WIF) is :",wif_encoding_private_key)
print("Private Key(WIF-Compressed) is:",wif_encoding_private_key)
#Multiply the EC generator point G with the private key to get a public key point
public_key=bitcoin.privkey_to_pubkey(decoded_private_key)
print("Public key (x,y) coordinates is:",public_key)
#Encode as hex,prefix 04
hex_encoded_public_key=bitcoin.encode_pubkey(public_key,'hex')
print("Public key(hex) is:", hex_encoded_public_key)
#Compress public key
hex_compressed_public_key=bitcoin.encode_pubkey(public_key,'hex_compressed')
print("Public Key (hex) is:", hex_compressed_public_key)
#Generate compressd bitcoin address
print("Compressed BitCoin Address (b58Check) is:",bitcoin.pubkey_to_address(hex_compressed_public_key))
operation result:
('Private Key (hex) is:', 'cdc251339ae7f5eb9307b2fabf99fa0c559f4a830d9775da750680aeb7736984')
('Private Key (decimal) is:', 93067462722861502220508048909367986477516452871578598536429701079758554753412L)
('Private Key Compressed (hex) is:', 'cdc251339ae7f5eb9307b2fabf99fa0c559f4a830d9775da750680aeb773698401')
('Private Key(WIF) is :', '5KNuRLDhiciuru7gnsFzbvquhhnh146TQHGZq2zngn3pxEuwdhT')
('Private Key(WIF-Compressed) is:', '5KNuRLDhiciuru7gnsFzbvquhhnh146TQHGZq2zngn3pxEuwdhT')
('Public key (x,y) coordinates is:', (99721318612079371418755876162091289597888001042842450951215822209800054135238L, 113456397613655834157807616351733448095224302432153543297669122135832329444447L))
('Public key(hex) is:', '04dc784423817f472991548cc7a279a446c845a250cad3db86783f2fe5226e59c6fad60b9ea2544f9237e62b4d65f61ad9906143eba74ba2b427ee90f7534bdc5f')
('Public Key (hex) is:', '03dc784423817f472991548cc7a279a446c845a250cad3db86783f2fe5226e59c6')
('Compressed BitCoin Address (b58Check) is:', '1sBU8e7yewpdJzojPba3RqCYWZBXohVe1')
http://zhibimo.com/read/wang-miao/mastering-bitcoin/Chapter04.html