Bitcoin Learning Series
What is Master Key in Bitcoin? How to get a New Bitcoin Address?
We are creating a child address and our master address is always the same.
Greetings. The one question that always comes to our mind is that when we create an address it always gives a different address that is not matched with any other address that we created before. So how it is possible and how bitcoin wallet ensure that this address own by your wallet?
After reading the complete article you will be a master of the address process.
Before continuing I believe that you know about the bitcoin seed phrase and how it works. If you want to know then you can read the below article first.
**Index**
- What is Master Key?
- What is HMAC-SHA512?
- What are Extended Private Key and Extended Public Key?
- Child Key Derivation
- Conclusion
** What is Master Key? **
- The master key is the hash that we get from PBKDF2 (Password-Based Key Derivation Function 2).
- It is unique for every seed phrase. It is also known as an extended key.
- It is used to create multiple child keys. we will understand later about the process.
** What is HMAC-SHA512? **
- HMAC (Hash-Based Message Authentication Code) is a function that has two parameters first is data and the second is key.
- This function produces 64 random bytes result with the process with an additional parameter as key.
The result is the combination of two things. For getting these things we split the result into 32–32 bytes.
- The left side result is called an extended key as a normal key.
- The right side result is called a chain code.
- Chain code help to create other child keys based on extended key.
** What is Extended Private Key and Extended Public Key? **
- Extended Private Key: In the HMAC-SHA512 function we pass in data parameter 512 bits of entropy (Seed) and key parameter a simple arbitrary string “Bitcoin Seed”.
- In the HMAC-SHA512 function, we pass in data parameter 512 bits of entropy (Seed) and key parameter a simple arbitrary string “Bitcoin Seed”.
As per HMAC function output, we split it into two parts
- Left side 32 bytes called Extended Private Key.
- Right side 32 bytes called Chain Code.
If you forget the chain code and remember the extended private key then you cannot derivate the child addresses.
Extended Public Key:
- It is a simple public key coupled with chain code.
- When we convert the private key into a public key using ECDSA (Elliptic Curve Digital Signature Algorithm) and add the chain code (32 bytes). We will get our extended public key.
Now we have both extended keys as it looks like the same public/private key and the interesting thing is how we can create the child keys.
** Child Key Derivation Process **
- When we request an address then the new address is generated from the master key.
We have two types of extended keys:
- Extended Private Key can generate Private key and public key.
- Extended Public Key can only generate the public key.
Each child has an index and it is up to 2**32 (4294967295). It means that we can generate 4294967295 new addresses from a single wallet.
We will understand the three derivation processes.
- Normal Child using Extended Private Key
- Hardened Child using Extended Private Key
- Normal Child using Extended Public Key
- Hardened Child using Extended Public Key is not possible.
Normal Child using Extended Private Key
- Normal child address has an index of only half of the total index (2**32) /2 means that it can be from 0 to 2147483647
- We will use the HMAC function and get the result.
parentPublicKey = "dsa878c7s8f884y8f7d887fd..."
parentChainCode = "k4f9jk4kj3ijk4jk4jk5k4j4..."
parentPrivateKey = "9pn38id3udhu3883h3h8dh..."
index = 0
data = parentPublicKey + index
// data is added to the index into parentPublicKeyresult = HMAC ( data, parentChainCode)
- We get the result in 64 bytes and next we split it into two parts 32 bytes + 32 bytes.
leftResult = result[0..63]
rightResult = result[64..-1]
- Right result is always a chain code.
newChainCode = rightResult
- We add parent private key to leftResult and module of elliptic curve range just to be a valid range.
childPrivateKey = (leftResult + parentPrivateKey) % n// Here n is the number of elliptic curve
- That’s it. Now we will convert this childPrivateKey to HEX format whereas we can create the corresponding childPublicKey using ECDSA.
childPublicKey = ECDSA.encode(childPrivateKey)
Now we will have the three things
- childPublicKey: is the public key of a child address.
- childPrivateKey: is the private key of a child address.
- newChainCode: is a random number that is used to create a new child address.
Hardened Child using Extended Private Key
- A hardened key is a secure way to generate the child address. It is used for an internal or secret purposes.
- The index number is the last split of possible children which is from 2147483648 to 4294967295.
- As Pieter: suggests it should be a default way of creating an address. because we can not do anything without a private key.
- The process is much similar to a normal child key. the fact is that there is no parent public key used.
parentChildCode = "8ufdf8uw88fdh8sfdh8sf..."
parentPrivateKey = "94uhufhdsfd9sfhdfdsd..."
index = 2147483648data = 0x00 + parentPrivateKey + index// add three parameters into dataresult = HMAC(data, parentChildCode)leftResult = result[0..63]
rightResult = result[64..-1]newChainCode = rightResultchildPrivateKey = (leftResult + parentPrivateKey) % nchildPrivateKey = childPrivateKey (64 bytes) //convert into HEXchildPublicKey = ECDSA.encode(childPrivateKey) //get the public key
If you lost your child address private key and you created a child’s key using a normal public key so it might change then someone will get your master private key using a reverse algorithm and break your wallet and steal all the bitcoins that you have in your child addresses. But in the Hardened child key, it is not possible to reach on your master key.
Normal Child using Extended Public Key
- We can only create the public child address using Extended Public Key.
- It is useless because there is nothing to use without a private key.
- The process for creating an address is much similar like rest two.
parentChildCode = "8ufdf8uw88fdh8sfdh8sf..."
parentPublicKey = "94uhufhdsfd9sfhdfdsd..."
index = 0data = parentPublicKey + index// added two parameters to dataresult = HMAC(data, parentChildCode)leftResult = result[0..63]
rightResult = result[64..-1]newChainCode = rightResultpointResult = ECDSA.point(leftResult) //convert left result to elliptic curve pointpointPublic = ECDSA.point(parentPublicKey) //convert public key to elliptic curve pointpoint = pointResult + pointPublic // add two resultschildPublicKey = ECDSA.encode(point) //get the public key
** Conclusion **
- Hardened Child Address is secure to do the bitcoin transaction.
- The public key is the point of the elliptic curve multiplied by a private key. If you increase the number of private key you will get the new private key.
- Don’t share your child’s address private key because if someone has extended the public key and private key of any normal child address then he can steal your bitcoins that exist in your other child address.
- We can use serialization to pass the extended key + chain code with some metadata.
- We can create limited child addresses because 4 bytes field of the child number (0xffffffff) that is in decimal 4294967295.
That’s it. I hope it helps you find out how a bitcoin address generates.
Stay tuned with me and join me to learn the bitcoin series on every Monday at 9 AM (GMT +5:30). You can share your thought as well. I am happy to read your words respectfully.
Thank you for reading.
Signing off.