2.8 C
New York
Thursday, April 4, 2024

What am I doing unsuitable in calculating little one non-public key in HD wallets and reversing again dad or mum non-public key?


I am making an attempt to grasp the method of making the youngsters’s non-public key and, within the case of understanding the youngsters’s non-public key and the left 256-bit hash outcome, the method of returning the dad or mum’s non-public key.

There is a little more textual content as I’ve tried to clarify intimately precisely what I’m doing in addition to to mark all of the articles I check with.

I will clarify what I am doing by way of an instance and hyperlink the article I am referring to.

Instance and numbers are taken from right here (code solely)

So let’s begin with that we’ve got the left 256-bit hash outcome (L256B) and the dad or mum’s non-public key (PPK):

L256B (hex): 6539ae80b3618c22f5f8cc4171d04835570bda8db11b5bf1779afae7ec7c79c3
L256B (decimal): 45785512363230816970838539051071102444734444055822171970071151407697781094851

PPK (hex): e8f32e723decf4051aefac8e2c93c9c5b214313817cdb01a1494b917c8436b35
PPK (decimal): 105366245268346348601399826821003822098691517983742654654633135381666943167285

The method of acquiring the youngsters’s non-public secret’s based mostly on the next method in accordance with this:

children_private_key == (parent_private_key + lefthand_hash_output) % G

That’s, on the next method in accordance with this (the place parse256(IL) is the left 256-bit of the hash outcome, kpar is the dad or mum’s non-public key, and ki denotes the kid’s non-public key):

Baby non-public key method -> parse256(IL) + kpar (mod n) = ki

Additionally, in accordance with this once more an identical method:

The returned little one key ki is parse256(IL) + kpar (mod n)

1. So my first query: is the plus (+) in all these formulation associated to a traditional plus operation like 2+2 = 4, 6+3 = 9, and many others. or is it some type of concatenation like 2+2 = 22, 6+3 =63 and many others.? I ask as a result of in this reply Michael Folkson mentioned it’s a concatenation…

There may be concatenation the place 256 bits positioned subsequent to a different 256 bits
makes 512 bits.

This completely confuses me.

However let’s proceed with the belief that ordinary addition is what we’ve got to do right here.

So the very first thing we have to do is add L256B and PPK:

L256B (decimal): 45785512363230816970838539051071102444734444055822171970071151407697781094851

PPK (decimal): 105366245268346348601399826821003822098691517983742654654633135381666943167285

L256B + PPK (decimal): 151151757631577165572238365872074924543425962039564826624704286789364724262136

The following factor we have to do is the modulo operation with n or G (no matter is the right label). n is (in accordance with this):

n = 115792089237316195423570985008687907852837564279074904382605163141518161494337

So the youngsters’s non-public key (CPK) is:

CPK = (L256B + PPK) mod n 
CPK = 151151757631577165572238365872074924543425962039564826624704286789364724262136 mod 115792089237316195423570985008687907852837564279074904382605163141518161494337

CPK (decimal): 35359668394260970148667380863387016690588397760489922242099123647846562767799
CPK (hex): 4e2cdcf2f14e802810e878cf9e6411fc4e712edf19a06bcfcc5d5572e489a3b7

That is precisely what they bought in instance I’m utilizing.

All the pieces seems high-quality and proper (assuming the conventional + operation is used right here and never concatenation).

Now comes the larger drawback. Within the instance I am utilizing, they are saying you may get the dad or mum’s non-public key again from the youngsters’s non-public key. Components taken from right here says:

Resolve for kpar -> kpar = ki - parse256(IL) (mod n)

This minus confuses me.

2. So my second query can be what does the minus imply within the method above? Regular subtraction operation or one thing else?

I ask as a result of when I attempt to return the dad or mum’s non-public key from the youngsters’s non-public key, I get the unsuitable outcome in comparison with what they get. The method I exploit is as follows:

PPK = (CPK - L256) mod n

CPK (decimal): 35359668394260970148667380863387016690588397760489922242099123647846562767799

L256B (decimal): 45785512363230816970838539051071102444734444055822171970071151407697781094851

CPK - L256B (decimal): -10425843968969846822171158187684085754146046295332249727972027759851218327052

PPK = -10425843968969846822171158187684085754146046295332249727972027759851218327052 mod 115792089237316195423570985008687907852837564279074904382605163141518161494337

PPK (decimal): -10425843968969846822171158187684085754146046295332249727972027759851218327052
PPK (hex): -170CD18DC2130BFAE5105371D36C3639089AABAE977AF021AB3DA57507F2D60C

In order you’ll be able to see, I am not getting the right dad or mum non-public key:

-170CD18DC2130BFAE5105371D36C3639089AABAE977AF021AB3DA57507F2D60C != e8f32e723decf4051aefac8e2c93c9c5b214313817cdb01a1494b917c8436b35

… not like those that get the right key in their answer.

What am I doing unsuitable? Any assist can be appreciated.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles