比特币钱包私钥
In the previous article, we looked at different methods to generate a private key. Whatever method you choose, you’ll end up with 32 bytes of data. Here’s the one that we got at the end of that article:
在上一篇文章中 ,我们研究了生成私钥的不同方法。 无论选择哪种方法,最终都会得到32个字节的数据。 这是我们在本文结尾处得到的:
60cf347dbc59d31c1358c8e5cf5e45b822ab85b79cb32a9f3d98184779a9efc2
60cf347dbc59d31c1358c8e5cf5e45b822ab85b79cb32a9f3d98184779a9efc2
We’ll use this private key throughout the article to derive both a public key and the address for the Bitcoin wallet.
在整篇文章中,我们将使用此私钥导出公钥和比特币钱包的地址。
What we want to do is to apply a series of conversions to the private key to get a public key and then a wallet address. Most of these conversions are called hash functions. These hash functions are one-way conversions that can’t be reversed. We won’t go to the mechanics of the functions themselves — there are plenty of great articles that cover that. Instead, we will look at how using these functions in the correct order can lead you to the Bitcoin wallet address that you can use.
我们要做的是对私钥进行一系列转换,以获取公钥,然后获取钱包地址。 这些转换中的大多数被称为哈希函数。 这些散列函数是不可逆的单向转换。 我们不会去探讨函数本身的机制-涵盖了很多很棒的文章。 取而代之的是,我们将研究如何以正确的顺序使用这些功能如何将您引导至可以使用的比特币钱包地址。
椭圆曲线密码学 (Elliptic Curve Cryptography)
The first thing we need to do is to apply the ECDSA or Elliptic Curve Digital Signature Algorithm to our private key. An elliptic curve is a curve defined by the equationy² = x³ + ax + bwith a chosenaandb. There is a whole family of such curves that are widely known and used. Bitcoin uses thesecp256k1curve. If you want to learn more about Elliptic Curve Cryptography, I’ll refer you to this article.
我们需要做的第一件事是将ECDSA或椭圆曲线数字签名算法应用于我们的私钥。 椭圆曲线是由等式y² = x³ + ax + b定义的曲线,其中a和b被选择。 此类曲线有一个完整的家族,已广为人知和使用。 比特币使用secp256k1曲线。 如果您想了解有关椭圆曲线密码学的更多信息,请参考本文 。
By applying the ECDSA to the private key, we get a 64-byte integer. This consists of two 32-byte integers that represent the X and Y of the point on the elliptic curve, concatenated together.
通过将ECDSA应用于私钥,我们得到一个64字节的整数。 它由两个32个字节的整数组成,它们分别代表椭圆曲线上该点的X和Y。
For our example, we got:1e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7b73ff919898c836396a6b0c96812c3213b99372050853bd1678da0ead14487d7.
对于我们的示例,我们得到:1e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7b73ff919898c836396a6b0c96812c3213b99372050853bd1678da0ead14487d7。
In Python, it would look like this:
在Python中,它看起来像这样:
public_key_bytes = codecs.decode(public_key, ‘hex’)# Run SHA-256 for the public keysha256_bpk = hashlib.sha256(public_key_bytes)sha256_bpk_digest = sha256_bpk.digest()# Run RIPEMD-160 for the SHA-256ripemd160_bpk = hashlib.new(‘ripemd160’)ripemd160_bpk.update(sha256_bpk_digest)ripemd160_bpk_digest = ripemd160_bpk.digest()ripemd160_bpk_hex = codecs.encode(ripemd160_bpk_digest, ‘hex’)
Note: as you can see from the code, before I used a method from theecdsamodule, I decoded the private key usingcodecs. This is relevant more to the Python and less to the algorithm itself, but I will explain what are we doing here to remove possible confusion.
注意:从代码中可以看到,在使用ecdsa模块中的方法之前,我先使用codecs解码了私钥。 这与Python无关,而与算法本身无关,但我将在此说明我们在做什么以消除可能的混淆。
In Python, there are at least two classes that can keep the private and public keys: “str” and “bytes”. The first is a string and the second is a byte array. Cryptographic methods in Python work with a “bytes” class, taking it as input and returning it as the result.
在Python中,至少有两个可以保留私钥和公钥的类:“ str”和“ bytes”。 第一个是字符串,第二个是字节数组。 Python中的加密方法与“ bytes”类一起使用,将其作为输入并作为结果返回。
Now, there’s a little catch: a string, say,4f3cdoes not equal the byte array4f3c, it equals the byte array with two elements,O<. And that’s what codecs.decode method does: it converts a string into a byte array. That will be the same for all cryptographic manipulations that we’ll do in this article.
现在,有一个小问题:一个字符串,例如4f3c不等于字节数组4f3c,它等于具有两个元素O<的字节数组。 这就是at codecs.decode方法的作用:它将字符串转换为字节数组。 对于本文中将进行的所有加密操作,这都是相同的。
公钥 (Public key)
Once we’re done with the ECDSA, all we need to do is to add the bytes0x04at the start of our public key. The result is a Bitcoin full public key, which is equal to:041e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7b73ff919898c836396a6b0c96812c3213b99372050853bd1678da0ead14487d7for us.
一旦完成ECDSA,我们要做的就是在公共密钥的开头添加字节0x04。 结果是一个比特币完整的公共密钥,它等于:041e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7b73ff919898c836396a6b0c96812c3213b99372050853bd1678da0ead14487d7。
压缩的公钥 (Compressed public key)
But we can do better. As you might remember, the public key is some point (X, Y) on the curve. We know the curve, and for each X there are only two Ys that define the point which lies on that curve. So why keep Y? Instead, let’s keep X and the sign of Y. Later, we can derive Y from that if needed.
但是我们可以做得更好。 您可能还记得,公钥是曲线上的某个点(X,Y)。 我们知道曲线,对于每个X,只有两个Y定义该曲线上的点。 那为什么要保留Y呢? 相反,让我们保留X和Y的符号。稍后,如果需要,我们可以从中得出Y。
The specifics are as follows: we take X from the ECDSA public key. Now, we add the0x02if the last byte of Y is even, and the byte0x03if the last byte is odd.
具体如下:我们从ECDSA公钥中获取X。 现在,如果Y的最后一个字节为偶数,则添加0x02如果最后一个字节为奇数,则添加字节0x03。
In our case, the last byte is odd, so we add0x03to get the compressed public key:031e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7. This key contains the same information, but it’s almost twice as short as the uncompressed key. Cool!
在我们的例子中,最后一个字节为奇数,因此我们添加0x03以获得压缩的公共密钥:031e7bcc70c72770dbb72fea022e8a6d07f814d2ebe4de9ae3f7af75bf706902a7。 该密钥包含相同的信息,但几乎是未压缩密钥的两倍。 凉!
Previously, wallet software used long, full versions of public keys, but now most of it has switched to compressed keys.
以前,钱包软件使用的是完整完整版的公共密钥,但现在大多数软件已切换为压缩密钥。
加密公钥 (Encrypting the public key)
From now on, we need to make a wallet address. Whatever method of getting the public key you choose, it goes through the same procedure. Obviously, the addresses will differ. In this article, we will go with the compressed version.
从现在开始,我们需要创建一个钱包地址。 不管选择哪种获取公钥的方法,都要经过相同的过程。 显然,地址会有所不同。 在本文中,我们将使用压缩版本。
What we need to do here is to apply SHA-256 to the public key, and then apply RIPEMD-160 to the result. The order is important.
我们需要在此处将SHA-256应用于公钥,然后将RIPEMD-160应用于结果。 顺序很重要。
SHA-256 and RIPEMD-160 are two hash functions, and again, we won’t go into the details of how they work. What matters is that now we have 160-bit integer, which will be used for further modifications. Let’s call that an encrypted public key. For our example, the encrypted public key is453233600a96384bb8d73d400984117ac84d7e8b.
SHA-256和RIPEMD-160是两个哈希函数,同样,我们将不介绍它们如何工作的细节。 重要的是,现在我们有160位整数,将用于进一步修改。 我们称其为加密的公共密钥。 对于我们的示例,加密的公共密钥为453233600a96384bb8d73d400984117ac84d7e8b。
Here’s how we encrypt the public key in Python:
这是我们在Python中加密公钥的方式:
public_key_bytes = codecs.decode(public_key, ‘hex’)# Run SHA-256 for the public keysha256_bpk = hashlib.sha256(public_key_bytes)sha256_bpk_digest = sha256_bpk.digest()# Run RIPEMD-160 for the SHA-256ripemd160_bpk = hashlib.new(‘ripemd160’)ripemd160_bpk.update(sha256_bpk_digest)ripemd160_bpk_digest = ripemd160_bpk.digest()ripemd160_bpk_hex = codecs.encode(ripemd160_bpk_digest, ‘hex’)
添加网络字节 (Adding the network byte)
The Bitcoin has two networks, main and test. The main network is the network that all people use to transfer the coins. The test network was created — you guessed it — to test new features and software.
比特币有两个网络,主要网络和测试网络。 主要网络是所有人用来转移硬币的网络。 创建了测试网络(您猜对了),以测试新功能和软件。
We want to generate an address to use it on the mainnet, so we need to add0x00bytes to the encrypted public key. The result is00453233600a96384bb8d73d400984117ac84d7e8b. For the testnet, that would be0x6fbytes.
我们想要生成一个地址以在主网上使用,因此我们需要向加密的公共密钥添加0x00字节。 结果是00453233600a96384bb8d73d400984117ac84d7e8b。 对于测试网,这将是0x6f字节。
校验和 (Checksum)
Now we need to calculate the checksum of our mainnet key. The idea of checksum is to make sure that the data (in our case, the key) wasn’t corrupted during transmission. The wallet software should look at the checksum and mark the address as invalid if the checksum mismatches.
现在我们需要计算主网密钥的校验和。 校验和的思想是确保数据(在我们的例子中是密钥)在传输过程中没有被破坏。 钱包软件应查看校验和,如果校验和不匹配,则将地址标记为无效。
To calculate the checksum of the key, we need to apply SHA-256 twice and then take first 4 bytes of the result. For our example, the double SHA-256 is512f43c48517a75e58a7ec4c554ecd1a8f9603c891b46325006abf39c5c6b995and therefore the checksum is512f43c4(note that 4 bytes is 8 hex digits).
要计算密钥的校验和,我们需要两次应用SHA-256,然后取结果的前4个字节。 对于我们的示例,双SHA-256为512f43c48517a75e58a7ec4c554ecd1a8f9603c891b46325006abf39c5c6b995,因此校验和为512f43c4(请注意,4个字节为8个十六进制数字)。
The code to calculate an address checksum is the following:
计算地址校验和的代码如下:
# Double SHA256 to get checksumsha256_nbpk = hashlib.sha256(network_bitcoin_public_key_bytes)sha256_nbpk_digest = sha256_nbpk.digest()sha256_2_nbpk = hashlib.sha256(sha256_nbpk_digest)sha256_2_nbpk_digest = sha256_2_nbpk.digest()sha256_2_hex = codecs.encode(sha256_2_nbpk_digest, ‘hex’)checksum = sha256_2_hex[:8]
取得地址 (Getting the address)
Finally, to make an address, we just concatenate the mainnet key and the checksum. That makes it00453233600a96384bb8d73d400984117ac84d7e8b512f43c4for our example.
最后,要创建一个地址,我们只需将主网密钥和校验和连接在一起。 在我们的示例中,使其为00453233600a96384bb8d73d400984117ac84d7e8b512f43c4。
That’s it! That’s the wallet address for the private key at the start of the article.
而已! 那是文章开头的私钥的钱包地址。
But you may notice that something is off. You’ve probably seen a handful of Bitcoin addresses and they didn’t look like that. Well, the reason is that they are encoded with Base58. It’s a little bit odd.
但是您可能会注意到有些问题。 您可能已经看到了少数比特币地址,但它们看起来并非如此。 好吧,原因是它们是使用Base58编码的。 有点奇怪。
Here’s the algorithm to convert a hex address to the Base58 address:
这是将十六进制地址转换为Base58地址的算法:
def base58(address_hex):alphabet = ‘123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz’b58_string = ‘’# Get the number of leading zerosleading_zeros = len(address_hex) — len(address_hex.lstrip(‘0’))# Convert hex to decimaladdress_int = int(address_hex, 16)# Append digits to the start of stringwhile address_int > 0:digit = address_int % 58digit_char = alphabet[digit]b58_string = digit_char + b58_stringaddress_int //= 58# Add ‘1’ for each 2 leading zerosones = leading_zeros // 2for one in range(ones):b58_string = ‘1’ + b58_stringreturn b58_string
What we get is17JsmEygbbEUEpvt4PFtYaTeSqfb9ki1F1, a compressed Bitcoin wallet address.
我们得到的是17JsmEygbbEUEpvt4PFtYaTeSqfb9ki1F1,这是一个压缩的比特币钱包地址。
结论 (Conclusion)
The wallet key generation process can be split into four steps:
钱包密钥生成过程可以分为四个步骤:
creating a public key with ECDSA使用ECDSA创建公钥 encrypting the key with SHA-256 and RIPEMD-160使用SHA-256和RIPEMD-160加密密钥 calculating the checksum with double SHA-256用双SHA-256计算校验和 encoding the key with Base58.使用Base58对密钥进行编码。
Depending on the form of public key (full or compressed), we get different addresses, but both are perfectly valid.
根据公钥的形式(完整或压缩),我们获得不同的地址,但两者都是完全有效的。
Here’s the full algorithm for the uncompressed public key:
这是未压缩公钥的完整算法:
If you want to play with the code, I published it to the Github repository.
如果您想使用这些代码,我将其发布到了Github仓库 。
I am making a course on cryptocurrencies here on freeCodeCamp News. The first part is a detailed description of the blockchain.
我正在freeCodeCamp News上开设有关加密货币的课程。 第一部分是对区块链的详细描述。
I also post random thoughts about crypto on Twitter, so you might want to check it out.
我还在Twitter上发布了关于加密的随机想法,因此您可能需要检查一下。
翻译自: /news/how-to-create-a-bitcoin-wallet-address-from-a-private-key-eca3ddd9c05f/
比特币钱包私钥
