Author

Topic: I can generate a wallet offline, is it safe? (Read 209 times)

legendary
Activity: 1624
Merit: 2481
So the software knows a certain combination of 24 words matches a certain keypair.
Obviously the software doesnt have all the possible combinations stored. It generates the 24 words and keypair using certain algorithm.

No.
The software chooses 24 words (out of a set of 2048 words as specified in BIP39 [1]) randomly(!).
Thats 2.96427748 * 1079 different seeds. Way more than someone could ever create (by far).



Why cant this process be reversed?

The software chooses 24 words. This seed is used to derive the private key (or multiple private keys..).
To be more accurate:
Quote
To create a binary seed from the mnemonic, we use the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).  [1]

Together with BIP44 [2] this basically creates a one-way-function. This makes it impossible to get the mnemonic seed out of a private key.

The public key is derived from the private key using ECDSA [3].
And the address is a RIPEMD160 hash of a SHA256 hash of the public key (hash functions are one-way-functions) [4]



[1] https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
[2] https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki
[3] https://de.wikipedia.org/wiki/Elliptic_Curve_DSA
[4] https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
sr. member
Activity: 322
Merit: 363
39twH4PSYgDSzU7sLnRoDfthR6gWYrrPoD
Wow so it's one way street. I think it's safe. Thanks! Though I am not sure how its converted.
How what is converted?
Private key to public key?
Or public key to address?
newbie
Activity: 126
Merit: 0
~
How can an offline software create valid private key/public key pairs without communicating with the blockchain? The software must on its own know a certain private key would match a certain public key. Doesnt it mean there is a calculable relationship between private key and public key?

private key is simply a 256 bit number is a huge range that is selected randomly. it is from 0x1 to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140.
when you generate a new address in your wallet (online or offline) what happens is that your wallet software randomly chooses a number in this range and that is your private key then uses some math to get the public key and then your address from that number. and this "math" is a one way street. meaning you get the public key from private key but you can not do the opposite. same with address. and that is the relationship.

example:
1. private key (number)
Code:
11253563012059685825953619222107823549092147699031672238385790369351542642469
your wallet, for convenience shows this to you in a special format called Base58
Code:
5J1F7GHadZG3sCCKHCwg8Jvys9xUbFsjLnGec4H125Ny1V9nR6V

2. public key which is a coordinate on the Elliptic curve (y^2 = x^3 + ax + b)
Code:
0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6

3. address which is SHA256 + RIPMED160
Code:
010966776006953D5567439E5E39F86A0D273BEE
again for convenience the same Base58 encoding is used here too:
Code:
16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM

ref: https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses

Wow so it's one way street. I think it's safe. Thanks! Though I am not sure how its converted.
legendary
Activity: 3472
Merit: 10611
~
How can an offline software create valid private key/public key pairs without communicating with the blockchain? The software must on its own know a certain private key would match a certain public key. Doesnt it mean there is a calculable relationship between private key and public key?

private key is simply a 256 bit number is a huge range that is selected randomly. it is from 0x1 to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140.
when you generate a new address in your wallet (online or offline) what happens is that your wallet software randomly chooses a number in this range and that is your private key then uses some math to get the public key and then your address from that number. and this "math" is a one way street. meaning you get the public key from private key but you can not do the opposite. same with address. and that is the relationship.

example:
1. private key (number)
Code:
11253563012059685825953619222107823549092147699031672238385790369351542642469
your wallet, for convenience shows this to you in a special format called Base58
Code:
5J1F7GHadZG3sCCKHCwg8Jvys9xUbFsjLnGec4H125Ny1V9nR6V

2. public key which is a coordinate on the Elliptic curve (y^2 = x^3 + ax + b)
Code:
0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6

3. address which is SHA256 + RIPMED160
Code:
010966776006953D5567439E5E39F86A0D273BEE
again for convenience the same Base58 encoding is used here too:
Code:
16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM

ref: https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
newbie
Activity: 126
Merit: 0
If i can generate a wallet and corresponding private key offline, and those can fit in the blockchain when I go online

Well, they don't 'fit in the blockchain'. But they are valid, of course.



does it mean that there is a certain formula between a wallet and the private key?

A 'wallet' is a piece of software which manages your public-/private keypairs.
Most wallets use a 24 word seed to derive those keypairs (together with a counter for an (almost) infinite amount).



Can people use that formula to get my private key simply knowing my wallet address?

From knowing one of your wallets addresses (public keys; technically addresses don't exist, they are used for 'represantation') noone can calculate/crack/hack/etc.. your private key.
Thats the sense of a trustless secured system.


So the software knows a certain combination of 24 words matches a certain keypair. Obviously the software doesnt have all the possible combinations stored. It generates the 24 words and keypair using certain algorithm. Why cant this process be reversed?
newbie
Activity: 126
Merit: 0
It is every safe it will work same way all oline wallets works,and you can not have access to the wallet because your with the address you ca only view the wallet

Thank you but this is basic and is what the wallets claim. I knew the piece of information already. When i am concerning is the relationship between address and private key.
newbie
Activity: 126
Merit: 0
If i can generate a wallet and corresponding private key offline, and those can fit in the blockchain when I go online
Correct.

Quote
does it mean that there is a certain formula between a wallet and the private key?
A wallet can hold one or more addresses and private keys. There's no formula there.
A private key is generated at random, and the address is derived from the private key.

Quote
Can people use that formula to get my private key simply knowing my wallet address?
No. If you generate the private key in a proper way, nobody can steal your funds.

If address is derived from private key, then it implies there is a relationship (formula) between public key to private key. can the process be reversed so people can derive the private key from address?
newbie
Activity: 126
Merit: 0
If i can generate a wallet and corresponding private key offline, and those can fit in the blockchain when I go online
Correct.

Quote
does it mean that there is a certain formula between a wallet and the private key?
A wallet can hold one or more addresses and private keys. There's no formula there.
A private key is generated at random, and the address is derived from the private key.

Quote
Can people use that formula to get my private key simply knowing my wallet address?
No. If you generate the private key in a proper way, nobody can steal your funds.

How can an offline software create valid private key/public key pairs without communicating with the blockchain? The software must on its own know a certain private key would match a certain public key. Doesnt it mean there is a calculable relationship between private key and public key?
member
Activity: 406
Merit: 10
It is every safe it will work same way all oline wallets works,and you can not have access to the wallet because your with the address you ca only view the wallet
legendary
Activity: 1624
Merit: 2481
If i can generate a wallet and corresponding private key offline, and those can fit in the blockchain when I go online

Well, they don't 'fit in the blockchain'. But they are valid, of course.



does it mean that there is a certain formula between a wallet and the private key?

A 'wallet' is a piece of software which manages your public-/private keypairs.
Most wallets use a 24 word seed to derive those keypairs (together with a counter for an (almost) infinite amount).



Can people use that formula to get my private key simply knowing my wallet address?

From knowing one of your wallets addresses (public keys; technically addresses don't exist, they are used for 'represantation') noone can calculate/crack/hack/etc.. your private key.
Thats the sense of a trustless secured system.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
If i can generate a wallet and corresponding private key offline, and those can fit in the blockchain when I go online
Correct.

Quote
does it mean that there is a certain formula between a wallet and the private key?
A wallet can hold one or more addresses and private keys. There's no formula there.
A private key is generated at random, and the address is derived from the private key.

Quote
Can people use that formula to get my private key simply knowing my wallet address?
No. If you generate the private key in a proper way, nobody can steal your funds.
newbie
Activity: 126
Merit: 0
If i can generate a wallet and corresponding private key offline, and those can fit in the blockchain when I go online, does it mean that there is a certain formula between a wallet and the private key? Can people use that formula to get my private key simply knowing my wallet address?
Jump to: