Author

Topic: How to generate Bitcoin Address? (Read 70326 times)

legendary
Activity: 3472
Merit: 4801
May 27, 2014, 06:37:54 PM
#28
This all seriously doing my head in. I am trying to get active here, figuring it all out...

It's not complicated or difficult if you use the software the way it is intended.  It's when you start trying to play around with importing and exporting your private keys, that you need to be extra careful.  Otherwise a proper backup strategy, a good passphrase, and some care to keep malware off your computer will go a long way towards allowing you to use bitcoin safely.  If you are especially concerned about malware on your computer then an offline solution such as Electrum offline or Armory offline should give you all the protection you need.

I have read a lot. Many days now...

I'm not sure what you're reading, but the average person can drive a vehicle without understanding the chemistry of gasoline oxidation, or the mechanics of a planetary gear set.  If you want to understand the technical details of how and why Bitcoin works, that's great, but don't get caught up in those details if you're just trying to figure out how to use it.

this whole spending a portion of a wallet and then the balance being moved to a 3rd wallet that is not recoverable with your random word list is rather disconcerting and a serious barrier for use as far as i can see

Huh

I'm not sure what you're talking about.  Recovery from a proper backup should be fine unless you are messing around with exporting and importing private keys.

(I am an engineer, and if it is taking me this long to figure out how not to lose my wallet, I have trouble seeing how the general population is going to be able to get up to speed).

You don't seem to be talking about figuring out how to not lose your wallet.  You seem to be talking about manipulating private keys, and forcing a wallet to use a private key that it didn't generate.

What I would like to to do is:

1. Buy some coin for long term investment, who knows, it just might take off in a big way.
2. Buy some coin and get into high frequency trading.

That's simple enough.  Get a bitcoin wallet.  It will provide you with one or more bitcoin receiving addresses.  Find someone with bitcoins.  Give that someone something they want in exchange for their bitcoins.  Give that someone your bitcoin address so they cen send the bitcoins to your wallet.

(In most cases that "someone" will be an online bitcoin currency exchange such as BitStamp, BTC-E, Coinbase, etc. and the "something they want" will be your local currency)

3. Transfer money between my Irish and Canadian bank accounts without having to pay the middleman (one of it's advertised features).

First, bitcoin is money.  So by sending bitcoin to someone, you are sending them money.

Second, there aren't any banks that I know of yet that accept bitcoin deposits, or provide a way for you to send bitcoins.  As such, there will be many middlemen if you are trying to use bitcoins to transfer Euros from your Irish bank to dollars at your Canadian bank.

Now before I put some serious money into to this I need to have a firm grasp of architecture.

Then you should take some time to read the original whitepaper written by Satoshi Nakamoto.  While bitcoin has advanced a bit since it was written, it is still a very good starting place for understanding the basic architecture.

I think it would be most useful if someone knowledgeable laid out the bitcoin system in a comprehensive block diagram instead of trying to describe it with analogies.
With associated use case block diagrams.


Not the sort of effort I feel like putting in.  How about, you create the block diagram and use cases, and I'll answer any questions you have as you put it together.

Some examples of usecase and block diagram components that i think would be important are:

components:

1. bank accounts
2. exchanges

Please explain how to differentiate between a bank account and an exchange.

3. online wallets
4. offline wallets

There are a variety of each of these, and they are each distinct in their behavior.  You'll probably end up having to diagram out each of them separately since it will be difficult to create a single diagram that handles all the differences between all the variations.

5. bit coin client software (with associated credentials [password/username])

At the moment, in most cases, there isn't really a distinction between a wallet or client software.  Please describe what you mean by "client software" and how that differs from what you mean by "wallet".

6. private keys, public keys, bitcoin addresses, seeds etc... anything and everything that is possible in terms data that must be retained by a user.

The most important thing to retain is the private keys.  Deterministic wallets make this a bit easier by calculating all the private keys from a single seed.  This means that if you use a deterministic wallet, you just need to retain the seed, and the private keys can all be re-generated on demand from that.

use cases:

1. Transferring BTC between an offline wallet and an exchange.

Please explain what you mean by "offline wallet".  Many people use the phrase "offline wallet" to mean any wallet that isn't "web based".  Other's use that phrase specifically to refer to wallets that store your private keys on a computer that is never connected to the internet.  How exactly you transfer the BTC between the wallet and the exchange will depend largely on which wallet you choose to use.

2. Can one transfer BTC between exchanges?

Yes.

I have had to set up so many account in the last couple days that I have no idea if my account on an exchange (for example kraken) has an associated address or not.

I've never used Kraken, but it almost certainly has at least one associated bitcoin address.  Try looking in the "funding" section?

3. Transferring BTC between private wallets (my PC to some guy in China without the use of an exchange as an intermediary).

Again, the specifics of how you will do this will depend on the wallet you choose to use.  In general, you'll choose the "Sending" option in your wallet.  You'll enter the bitcoin address provided by your receiver (typically a "copy&paste" or scanning a QR-Code). Then you'll enter the amount of bitcoins you wish to send.  Finally you'll click the "send" button.  This process is the same regardless of whether you are sending to an exchange, an individual, or another wallet that you own.

4. Transferring real money between an exchange and my bank account.

Bitcoin is real money.  I assume you mean transferring your local currency between an exchange and your bank account?  Each exchange will have their own rules on you you fund your account at the exchange, and how you receive payments from the exchange.  This has absolutely nothing to do with the technical details of bitcoin.  It is entirely a business decision by the company operating the exchange.

5. Transferring real money between my bank account and my private offline wallet. I don't think that is possible directly, how would I do it indirectly?

Bitcoin is real money.  Unfortunately, there aren't any banks that I'm aware of that except deposits in both local currency and bitcoin.  As such, the process would be to exchange bitcoins for local currency and then transfer the local currency to the bank.  The reverse is also true.  You would transfer your local currency from your bank to somewhere that you could exchange it for bitcoins.

I think such visual information would help a lot of people.

As I said, if you want to make an attempt at creating the visual information, I'd be happy to answer questions and help you understand how the processes work.

Other questions that need to be included:

1. Speed of transfer. In a block diagram include expected potential time delays.

The bitcoin transaction itself is generally received within a second or two as long as both you sender and receiver are connected to peers on the internet.  Confirmations can take longer.  Some businesses choose not to update your balance at their business until after some number of confirmations.  The number of confirmations necessary are entirely up to the business to decide for themselves.

Bank transfer transactions of local currency will likely have their own delays, but this is entirely outside the scope of bitcoin.

2. Approximate charges for a transfer between blocks (no charge, fixed value, % etc)

Transfer between blocks?  I'm guessing you're trying to ask the "approximate charges for getting a transaction confirmed in a reasonable amount of time?"  If so, then 0.0001 BTC per kilobyte is a good approximation.  How many kilobytes it takes to create your transaction will depend on how you received your bitcoins in the first place.

For example, I understand that if I remove $$ from an exchange, it could take days to process. Are there other possible delays with other transactions?

You're talking about $$, not BTC.  You'll have to ask your bank about the delays that occur when moving $$.  Also individual businesses will have their own rules about how quickly they choose to process any $$ transfers to or from them.

For me personally at the moment, I'd like to implement some test cases to get started.
I have Electrum installed and I am trying to learn how to use it.

Sounds like a good idea.  Perhaps check localbitcoins.com and see if you can find someone near you that would be willing to send you some in exchange for some local currency?

I'm not ready ready to go to my bank and set up a connection yet, that is a whole different can of worms that I haven't figured out yet. All I know so far is I can do it with my bank. I don't know if i physically have to go to the bank?

That will depend on the bank, and on the funding method that is required.

I don't use paypal, i never will.

Good choice.  PayPal is nothing but trouble.

Am i supposed to use my credit card here what's the deal??

There aren't many bitcoin exchanges that will accept credit cards, and those that do will have significant delays and very high fees to offset the huge risk they are taking by accepting a reversible form of payment for an irreversible transaction.

Anyway I'll figure that out on my own.

Ok.

Until then (that is going to take some time), I'd seriously be GRATEFUL if someone could help me out with test cases.

What sort of "test cases"?

I have Electrum showing me some address i am supposed to use.
I'd be so happy if someone could kick me a penny or two:
14erp8z6z6hQQQ43T27Tbd9vYjTnWUDpXz
or
1Lf8GGBn8WEh6ijv5sTAJvK1epZGCM88Jy

Sure.  Mail me a penny, and I'll send you a penny's worth of bitcoins.  (Begging isn't allowed on this forum, so I assume you are offering to pay for the bitcoins?)

That would at least get me going and I can test moving BTC around a bit.

You'll want more than a penny to test moving BTC around a bit, since the typical transaction fee will be approximately 0.005 USD.

(I have gone to those sites that offering free 'microRupees' if I spend a couple days clicking many ads and waiting for many timers, it's a bit ridiculous)

Don't do it.  It will create a situation where you wallet has a huge number of unspendable outputs.  It will result in huge fees when you try to send a transaction.  Stay away from those sites, they are just taking advantage of your lack of knowledge to profit off of you.

P.S> sorry for the long please do x,y,z post, just trying to add some constructive views here as I have already passed the point here myself that I am sure would be a barrier to entry for the layman. I will keep plugging away at it myself only because this is what I am used to doing all day long anyway. Hopefully I don't have to long to go as I'd rather be spending this time trying my hand at writing a trading algorithm.

I don't mind, but it does result in quite a long response, and makes general conversation more difficult.  You might find it easier to keep notes to yourself about things you want to understand, and then just ask about them one at a time.  That way you may find that as you learn a bit, some of your other questions become meaningless or obvious.  It will save you some typing, some reading, and will probably reduce confusion.
newbie
Activity: 1
Merit: 0
May 25, 2014, 09:28:29 AM
#27
This all seriously doing my head in. I am trying to get active here, figuring it all out...

I have read a lot. Many days now... this whole spending a portion of a wallet and then the balance being moved to a 3rd wallet that is not recoverable with your random word list is rather disconcerting and a serious barrier for use as far as i can see (I am an engineer, and if it is taking me this long to figure out how not to lose my wallet, I have trouble seeing how the general population is going to be able to get up to speed).

Anyway, aside from that point, I am trying to get up to speed on some of the bitcoin uses.

What I would like to to do is:

1. Buy some coin for long term investment, who knows, it just might take off in a big way.
2. Buy some coin and get into high frequency trading.
3. Transfer money between my Irish and Canadian bank accounts without having to pay the middleman (one of it's advertised features).

Now before I put some serious money into to this I need to have a firm grasp of architecture.

I think it would be most useful if someone knowledgeable laid out the bitcoin system in a comprehensive block diagram instead of trying to describe it with analogies.
With associated use case block diagrams.


Some examples of usecase and block diagram components that i think would be important are:

components:

1. bank accounts
2. exchanges
3. online wallets
4. offline wallets
5. bit coin client software (with associated credentials [password/username])
6. private keys, public keys, bitcoin addresses, seeds etc... anything and everything that is possible in terms data that must be retained by a user.

use cases:

1. Transferring BTC between an offline wallet and an exchange.

2. Can one transfer BTC between exchanges? I have had to set up so many account in the last couple days that I have no idea if my account on an exchange (for example kraken) has an associated address or not.

3. Transferring BTC between private wallets (my PC to some guy in China without the use of an exchange as an intermediary).

4. Transferring real money between an exchange and my bank account.

5. Transferring real money between my bank account and my private offline wallet. I don't think that is possible directly, how would I do it indirectly?


I think such visual information would help a lot of people.

Other questions that need to be included:

1. Speed of transfer. In a block diagram include expected potential time delays.
2. Approximate charges for a transfer between blocks (no charge, fixed value, % etc)

For example, I understand that if I remove $$ from an exchange, it could take days to process. Are there other possible delays with other transactions?




For me personally at the moment, I'd like to implement some test cases to get started.
I have Electrum installed and I am trying to learn how to use it. I'm not ready ready to go to my bank and set up a connection yet, that is a whole different can of worms that I haven't figured out yet. All I know so far is I can do it with my bank. I don't know if i physically have to go to the bank? I don't understand this 2 or 3 step verification stuff yet. I don't use paypal, i never will. Am i supposed to use my credit card here what's the deal?? Anyway I'll figure that out on my own.

Until then (that is going to take some time), I'd seriously be GRATEFUL if someone could help me out with test cases.

I have Electrum showing me some address i am supposed to use.
I'd be so happy if someone could kick me a penny or two:

14erp8z6z6hQQQ43T27Tbd9vYjTnWUDpXz
or
1Lf8GGBn8WEh6ijv5sTAJvK1epZGCM88Jy

That would at least get me going and I can test moving BTC around a bit.
(I have gone to those sites that offering free 'microRupees' if I spend a couple days clicking many ads and waiting for many timers, it's a bit ridiculous)


P.S> sorry for the long please do x,y,z post, just trying to add some constructive views here as I have already passed the point here myself that I am sure would be a barrier to entry for the layman. I will keep plugging away at it myself only because this is what I am used to doing all day long anyway. Hopefully I don't have to long to go as I'd rather be spending this time trying my hand at writing a trading algorithm.

Thank you
Ed
legendary
Activity: 3472
Merit: 4801
March 09, 2014, 01:34:00 PM
#26
The main thing I can see wrong with my analogy is that the "vault" does not actually contain money since nobody actually "has" Bitcoins. They just have the secret code needed to send from an entry in the public ledger. The analogy falsely implies that your "vault", or wallet as it might be interpreted, contains coins, when in reality it just contains the private key necessary to update the ledger.

The analogy works a bit better if we put all the vaults in a huge super-secure building.  We can call that building "The blockchain".  Nobody is allowed to remove any money from the building, they can only take money out of vaults for which they have the combination, and put that money into the slots on whichever vaults they'd like.

Now, in this analogy, your vault is not your "wallet". It's just a bitcoin address (see why we need to use the address to number the vault). Your wallet is that leather billfold in your pocket (that's why its called a "wallet").  Notice that all the money is in the vaults (addresses) in the building (blockchain).  All you have in your billfold (wallet) is a list of combinations (private keys) since it's difficult to remember them all.  As long as you have the combinations (private keys) either in your billfold (wallet) or elsewhere, you can use the index in the lobby (public key) to find the vaults (addresses) that you control.  If you only have the index entry (public key) or address (vault) it does you no good, because you can't access the money in the vault (address).

The analogy starts to fall apart a bit when you try to account for the purpose of mining and how the new bitcoins enter the system. And the analogy becomes a mess when you try to use it to explain confirmations, orphaned blocks, and double-spend attempts.
member
Activity: 70
Merit: 10
March 09, 2014, 01:01:24 PM
#25
Thanks. I am glad though that you pointed out an address is not a public key. I think it is a common confusion and I should have mentioned it.

The main thing I can see wrong with my analogy is that the "vault" does not actually contain money since nobody actually "has" Bitcoins. They just have the secret code needed to send from an entry in the public ledger. The analogy falsely implies that your "vault", or wallet as it might be interpreted, contains coins, when in reality it just contains the private key necessary to update the ledger.

I know you know that because I read a lot of your posts and have learned much from you! I only write this for the benefit of others who might know these things.
legendary
Activity: 3472
Merit: 4801
March 09, 2014, 12:22:28 PM
#24
The public key is the number of the vault

public key =/= bitcoin address

Right. And the private key is not the combination to the lock on a vault. As I said it is a stupid oversimplification. Since the address is based on the public key, I stand by my "Bitcoin For Dummies in 100 Words Or Less"  Grin

Certainly,

And your analogy is a good one.

I was just suggesting that the number on the vault (the place where you "put the money") is the bitcoin address in your analogy, not the public key.

Of course, I suppose that would make it difficult to indicate where in the analogy the public key actually fits (since it is directly related to both the private key and the bitcoin address).  Perhaps it's an index that allows you to identify which vault number is yours if you know a particular combination.
member
Activity: 70
Merit: 10
March 09, 2014, 11:39:11 AM
#23
The public key is the number of the vault

public key =/= bitcoin address

Right. And the private key is not the combination to the lock on a vault. As I said it is a stupid oversimplification. Since the address is based on the public key, I stand by my "Bitcoin For Dummies in 100 Words Or Less"  Grin
legendary
Activity: 1960
Merit: 1062
One coin to rule them all
March 09, 2014, 11:07:25 AM
#22
Code:
importprivkey yourPrivateKey

Code:
walletpassphrase \"yourPassPhrase\" ###


I tried out the commands, it works great.
It is true that QT acts a little weird (lock up) while it is scanning the block train, but once it is done, is everything fine and dandy.
Thanks again Danny.
legendary
Activity: 3472
Merit: 4801
March 09, 2014, 10:44:24 AM
#21
The public key is the number of the vault

public key =/= bitcoin address
member
Activity: 70
Merit: 10
March 09, 2014, 10:37:57 AM
#20
I'm new to this topic. Can anybody explane me why we need both private and public keys?

Imagine a whole bunch of uniquely numbered vaults with a slot that anybody can drop money in. The vaults are clear so you can see how much money is in them but the only way to get the money out is by knowing the combination to it's lock. The public key is the number of the vault and the private key is the combination for it's lock.

That is a stupid oversimplification but it is the way I think about it.
legendary
Activity: 3472
Merit: 4801
March 06, 2014, 04:44:54 AM
#19
I'm new to this topic. Can anybody explane me why we need both private and public keys?

private key is used to create the digital signature.

public key is used to check that a digital signature is valid.

newbie
Activity: 25
Merit: 0
March 06, 2014, 02:39:41 AM
#18
I'm new to this topic. Can anybody explane me why we need both private and public keys?
legendary
Activity: 3472
Merit: 4801
March 04, 2014, 11:24:48 AM
#17
Thank you so much DannyHamilton.

I was not aware that QT can do that.
That is really awesome, because QT is really my favorite wallet.
I will try do a few test with importing a private key with a small balance.
I assume that the key will be added to wallet.dat, once imported right?

I have tried importing private keys with blockchain.info/wallet, its pretty cool, you can also use a webcam to read QR code (If I remember correctly).
I have also tried importing private key through mtgox last year, it worked pretty well too.
But I have super paranoia when it comes to only online wallets when handling more that a few santoshi, so QT is ideal for me.   

I would like to send you a small tip for your detailed explanation, what is your tip adr. ?

I choose to use a new address for every transaction.  Therefore, I don't have a published "tip address".  I'll send you an address that you can use for this tip.  Don't re-use the address in the future, if you ever have another reason to send me bitcoins.  Once I spend the bitcoins that are received at an address, I discard the private key and will no longer be able to access additional bitcoins that are sent to the same address.
legendary
Activity: 1960
Merit: 1062
One coin to rule them all
March 04, 2014, 11:03:46 AM
#16
Thank you so much DannyHamilton.

I was not aware that QT can do that.
That is really awesome, because QT is really my favorite wallet.
I will try do a few test with importing a private key with a small balance.
I assume that the key will be added to wallet.dat, once imported right?

I have tried importing private keys with blockchain.info/wallet, its pretty cool, you can also use a webcam to read QR code (If I remember correctly).
I have also tried importing private key through mtgox last year, it worked pretty well too.
But I have super paranoia when it comes to only online wallets when handling more that a few santoshi, so QT is ideal for me.   

I would like to send you a small tip for your detailed explanation, what is your tip adr. ?
legendary
Activity: 3472
Merit: 4801
March 04, 2014, 09:09:05 AM
#15
IMPORTANT NOTE: If you import a private key, you should consider that key to no longer be "secure".  If you want to maintain any portion of the balance that was originally at the private key on a "paper wallet" (printed private key), then you should create a new one and send the intended portion there. Importing and exporting private keys is an advanced function of Bitcoin and you can permanently lose your bitcoins if you make a false assumption about how it works.  For example, if you import a private key, and then spend a small portion of the funds of the private key with the Bitcoin-Qt wallet, Bitocin-Qt will have moved the remaining balance to a new private key that it keeps hidden from you.  It will no longer be at the original private key.  If you don't realize this and you delete the wallet.dat (thinking you can re-import the private key again later) your bitcoins will be permanently lost.

What options are there to redeem the balance associated to a private key?

I use primarily bitcoin-QT wallet, but I don't believe that QT can import private keys?

It can.  It is an advanced function that is not part of the user interface.

Under the "Help" menu choose "Debug Window"

In the "Debug Window" select the "Console"

In the console you can type a command:

Code:
importprivkey yourPrivateKey

Where yourPrivateKey is the private key that you want to import.

If your wallet is passphrase protected, you will probably have to unlock the wallet before you issue the "importprivkey" command.  You can do this with the following command in the "Console":

Code:
walletpassphrase \"yourPassPhrase\" ###

Where yourPassPhrase is the passphrase you used to encrypt your wallet, and ### is the number of seconds that you'd like the wallet to remain unlocked (perhaps use 300, which would allow you 5 minutes to enter the importprivkey command).

The importprivkey command will at first appear to do nothing and will seem to freeze up the wallet program for a few minutes.  This is because after adding the private key to the wallet, it must scan the entire blockchain for every instance that the associated address received any bitcoins as well as any instance where those bitcoins were spent.  After several minutes the wallet balance will update with any balance from the imported private key, and the wallet will become usable again.  You will might find the imported bitcoin address in the "Addresses" section instead of the "Received" section of your wallet.  If so, give the address a label in the "Addresses" section and the wallet should move the address over to the "Received" section.

The only other "offline" solutions that I have found (and is comfortable with) is Mycelium.

If we exclude the online wallets solutions, what applications can you recommend?  

Armory, Electrum, and MultiBit are all also capable of importing a private key.  Another option would be to create a temporary blockchain.info/wallet (they take less than 5 minutes to create) and sweep the private key into that wallet.  Then you can immediately use the blockchain.info/wallet to send the entire balance to any offline wallet you like.
legendary
Activity: 1960
Merit: 1062
One coin to rule them all
March 04, 2014, 05:58:24 AM
#14
What options are there to redeem the balance associated to a private key?

I use primarily bitcoin-QT wallet, but I don't believe that QT can import private keys?

The only other "offline" solutions that I have found (and is comfortable with) is Mycelium.

If we exclude the online wallets solutions, what applications can you recommend?
  
newbie
Activity: 3
Merit: 0
February 08, 2014, 03:28:47 PM
#13
Every 256 bit number is a private key,…
nitpicking mode: that's not true. there is a very very very small range of numbers, which do not lift properly on the underlying elliptic curve.
nitpicking mode: that's not true. They perfectly lift on the EC, it's just that their resulting public key are shared by two private keys from the range [0,2^256-1].
But as we're using Bitcoin addresses and not public keys, each address is shared by 2^96 private keys anyway so I'm rather sure that one more won't change anything...

@jackjack, you should read my article ;) @phatsphere is correct. Almost every 256 bit number could be a private key, but according to the secp256k1 curve parameters used by Bitcoin, any number in the range of 1 to FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 - 1 could be a private key.

I'm just starting to try and understand the inner workings of bitcoin, so please excuse my ignorance.  When I use a random number in the above mentioned range, it seems like about 50% of the time I get a key that can not be used to sign messages. The error is that the signature could not construct a recoverable key.  Is this to be expected, and I need to test my random keys for this condition before using them?  It is an error in the code I'm referencing (I'm using litecoinj as my reference because I'm most comfortable in Java)?

Here is a sample of some of the bad keys I've run across:

Code:
import java.math.BigInteger;
import com.google.bitcoin.core.ECKey;

public class ECKeyPairTest {

public static void main(String[] args) {
String txt = "testing testing 123";

BigInteger[] errors = new BigInteger[]{
new BigInteger("6c8fbf6dd62d856e3f8e8993224514e8ee85b4756f120d815dcb402bb2303fcf", 16),
new BigInteger("0d246f6c837761942350e7316d21b48c14f2c3f5d2880c1e1adeff521d7495bb", 16),
new BigInteger("d628aeec2ad502840fa4b713fb89d1f3cd3b0e88820a913ca850bf62a4a48a5f", 16),
new BigInteger("50c2d4262e96bbee3572b54e7b24172dcf7f88e3727d8c8536c2b1a2716489d4", 16),
new BigInteger("32d2b2ea40e6bb360c8bced87ff0a234f372eb8e997b1c6ee5d6c3d7712f9826", 16),
new BigInteger("0d1c709622f19433e7174049694dd1a5cb459a8eb9b8a52c2dbeb09f26dc4dc3", 16),
new BigInteger("29b02e548291c07a3bb0fb086a4115220be1040649886e31c48a3b60bbbdc31f", 16),
new BigInteger("2a4f3fb204abad5db78f157a4c7315f12b9b4c31a9956ceed7fcd59a0aaaff0f", 16),
new BigInteger("2f4854b1af29cde02ef0bbcb3c1d93c1e33a745a442a31962e3e854c60cd894a", 16),
new BigInteger("f725e77b326b8400842009a41c63d2b5657c26fc870dd0db647a4f0f5fe482e6", 16),
new BigInteger("e8d0c60007408acd56de8d7b885ee7e9308107f1fa5fcead6f422a2dbccb2cb4", 16),
new BigInteger("e1fbd323024ea8e05a859464c26368d0921ddd17c15d0c4fc2902dde8ffb1abd", 16)
};

int errCnt = 0;
for (BigInteger err : errors)
{
try {
ECKey x = new ECKey(err);
String sig = x.signMessage(txt);
x.verifyMessage(txt, sig);
} catch (Exception e) {
errCnt++;
e.printStackTrace();
}
}

System.out.println("errCnt: " + errCnt + "/" + errors.length);
}
}
kjj
legendary
Activity: 1302
Merit: 1026
August 28, 2013, 09:44:02 PM
#12
Every 256 bit number is a private key,…
nitpicking mode: that's not true. there is a very very very small range of numbers, which do not lift properly on the underlying elliptic curve.
nitpicking mode: that's not true. They perfectly lift on the EC, it's just that their resulting public key are shared by two private keys from the range [0,2^256-1].
But as we're using Bitcoin addresses and not public keys, each address is shared by 2^96 private keys anyway so I'm rather sure that one more won't change anything...

@jackjack, you should read my article Wink @phatsphere is correct. Almost every 256 bit number could be a private key, but according to the secp256k1 curve parameters used by Bitcoin, any number in the range of 1 to FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 - 1 could be a private key.

It is a modular field.  Numbers bigger than the field order are still keys, just shitty keys.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
August 28, 2013, 04:36:47 PM
#11
Every 256 bit number is a private key,…
nitpicking mode: that's not true. there is a very very very small range of numbers, which do not lift properly on the underlying elliptic curve.
nitpicking mode: that's not true. They perfectly lift on the EC, it's just that their resulting public key are shared by two private keys from the range [0,2^256-1].
But as we're using Bitcoin addresses and not public keys, each address is shared by 2^96 private keys anyway so I'm rather sure that one more won't change anything...

@jackjack, you should read my article Wink @phatsphere is correct. Almost every 256 bit number could be a private key, but according to the secp256k1 curve parameters used by Bitcoin, any number in the range of 1 to FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 - 1 could be a private key.

And I think you should read my post. Phatsphere said that numbers above n doesn't lift on (I figured this means 'fit in') the EC. I said they do, and they do. Even G^gogolplex does.
By the way you can always come back to a private key between 1 and n-1 from whatever number (except those in n obviously).
jp
member
Activity: 69
Merit: 10
August 28, 2013, 03:53:19 PM
#10
Every 256 bit number is a private key,…
nitpicking mode: that's not true. there is a very very very small range of numbers, which do not lift properly on the underlying elliptic curve.
nitpicking mode: that's not true. They perfectly lift on the EC, it's just that their resulting public key are shared by two private keys from the range [0,2^256-1].
But as we're using Bitcoin addresses and not public keys, each address is shared by 2^96 private keys anyway so I'm rather sure that one more won't change anything...

@jackjack, you should read my article Wink @phatsphere is correct. Almost every 256 bit number could be a private key, but according to the secp256k1 curve parameters used by Bitcoin, any number in the range of 1 to FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 - 1 could be a private key.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
August 28, 2013, 03:45:00 PM
#9
Every 256 bit number is a private key,…
nitpicking mode: that's not true. there is a very very very small range of numbers, which do not lift properly on the underlying elliptic curve.
nitpicking mode: that's not true. They perfectly lift on the EC, it's just that their resulting public key are shared by two private keys from the range [0,2^256-1].
But as we're using Bitcoin addresses and not public keys, each address is shared by 2^96 private keys anyway so I'm rather sure that one more won't change anything...
hero member
Activity: 763
Merit: 500
August 28, 2013, 03:21:12 PM
#8
Every 256 bit number is a private key,…
nitpicking mode: that's not true. there is a very very very small range of numbers, which do not lift properly on the underlying elliptic curve.
jp
member
Activity: 69
Merit: 10
August 28, 2013, 03:09:24 PM
#7
I wrote on article on how to create a Bitcoin Address with JavaScript. It's very in depth, and explains step by step the entire process. Hopefully it helps.
full member
Activity: 167
Merit: 100
May 12, 2013, 11:16:42 PM
#5
The private key is a random 256 bit number.  Every 256 bit number is a private key, but some are safer than others.  You should use the strongest entropy source that you can get your hands on to generate them.

The public key is then simply pubkey = G * PrivKey.  The catch is that * is EC multiplication in the appropriate modular elliptic curve field and G is the base point of that curve.

From there, it is just a matter of hashing and encoding to generate the address.

All of this is well published.  Would you like some tips on searching?
a small gift of 0.02btc has been sent to your address for your help..
full member
Activity: 167
Merit: 100
May 12, 2013, 06:20:42 PM
#3
The private key is a random 256 bit number.  Every 256 bit number is a private key, but some are safer than others.  You should use the strongest entropy source that you can get your hands on to generate them.

The public key is then simply pubkey = G * PrivKey.  The catch is that * is EC multiplication in the appropriate modular elliptic curve field and G is the base point of that curve.

From there, it is just a matter of hashing and encoding to generate the address.

All of this is well published.  Would you like some tips on searching?

Yes, plz. I'm quite interested in this and would like to know more.. please show me some keywords on the searching..
kjj
legendary
Activity: 1302
Merit: 1026
May 12, 2013, 05:30:13 PM
#2
The private key is a random 256 bit number.  Every 256 bit number is a private key, but some are safer than others.  You should use the strongest entropy source that you can get your hands on to generate them.

The public key is then simply pubkey = G * PrivKey.  The catch is that * is EC multiplication in the appropriate modular elliptic curve field and G is the base point of that curve.

From there, it is just a matter of hashing and encoding to generate the address.

All of this is well published.  Would you like some tips on searching?
full member
Activity: 167
Merit: 100
May 12, 2013, 05:23:25 PM
#1
I understand that to create a bitcoin address, one has to have a private ECDSA key first. What I don't know is how to take the corresponding public key generated with it. Are the private/public keys of ECDSA generated at the same time? Or is there any algorithm for us to calculate the public key based on the private one?
Jump to: