Author

Topic: Possible seeds for Bitcoin Core (Read 190 times)

newbie
Activity: 2
Merit: 0
November 25, 2022, 06:03:56 AM
#5

The seed process contains symbols that are a local variable. As a result you should, with the seed 32 bytes


Note that this function should not be given too much importance. So the foundation should not be laid.
Variables and function functions are unlikely to be identical,
Equivalent random is used implicitly. And 2 its use for personal successful benefits is most noted. For that byte, it's better to use public CKEY for analogy. Actually we use public CKEY Acc and HASH to identify the vector.

is
staff
Activity: 3458
Merit: 6793
Just writing some code
November 13, 2022, 01:40:40 PM
#4
Note that not all variable and function names necessarily match their actual behavior. seed is a local variable that contains an identifier for the seed itself. As it is also a local variable and is destroyed after this function completes, so don't read too much into its naming. We use pubkeys and their hash160 (CKeyID) as identifiers for the actual private data. Notice how it does AddKeyPubKey. This adds a key, along with its public key as an identifier, to the database. The actual seed is used in DeriveNewChildKey. There, the local variable seed is a CKey, and the data for the seed itself is loaded into that CKey by GetKey. Then that CKey is set as the seed for a CExtKey which represents BIP 32 extended private keys.
legendary
Activity: 952
Merit: 1386
November 13, 2022, 11:46:04 AM
#3
No, the seed is not a public key. It is 32 bytes of random data. Bitcoin Core's (legacy) wallet stores this as a private key because it is convenient. Neither the compressedness nor the public key are used when computing the master private key, only the 32 bytes of random "private key" data is used.

How then you explain to me that new seed (line 518 https://github.com/bitcoin/bitcoin/blob/7921026a24594765f603d14ef87ff4e4541d2b76/src/wallet/rpc/wallet.cpp)
Code:
master_pub_key = spk_man.DeriveNewSeed(key);

is generated as:
https://github.com/bitcoin/bitcoin/blob/ae6bb6e71e3082dd783e78c52b3af649fd5256cc/src/wallet/scriptpubkeyman.cpp

Quote
CPubKey LegacyScriptPubKeyMan::DeriveNewSeed(const CKey& key)
{
    int64_t nCreationTime = GetTime();
    CKeyMetadata metadata(nCreationTime);

    // calculate the seed
    CPubKey seed = key.GetPubKey();
    assert(key.VerifyPubKey(seed));

    // set the hd keypath to "s" -> Seed, refers the seed to itself
    metadata.hdKeypath     = "s";
    metadata.has_key_origin = false;
    metadata.hd_seed_id = seed.GetID();

    {
        LOCK(cs_KeyStore);

        // mem store the metadata
        mapKeyMetadata[seed.GetID()] = metadata;

        // write the key&metadata to the database
        if (!AddKeyPubKey(key, seed))
            throw std::runtime_error(std::string(__func__) + ": AddKeyPubKey failed");
    }

    return seed;
}
staff
Activity: 3458
Merit: 6793
Just writing some code
November 13, 2022, 11:34:17 AM
#2
No, the seed is not a public key. It is 32 bytes of random data. Bitcoin Core's (legacy) wallet stores this as a private key because it is convenient. Neither the compressedness nor the public key are used when computing the master private key, only the 32 bytes of random "private key" data is used.
legendary
Activity: 952
Merit: 1386
November 13, 2022, 05:12:29 AM
#1
Hello

Recently I wanted to check how Bitcoin Core derivation path (BIP32) is different from other wallets (BIP39). I was also interested how to generate master private key. Reading bip32 specification (https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Specification_Key_derivation) we may find that master private key is clearly dependent on seed only, but the question is - what is seed?
Then I found the operations performed by method "sethdseed" (seed for HD wallet may be generated by program or may be 'injected' by user). (https://github.com/bitcoin-dot-org/developer.bitcoin.org/blob/master/reference/rpc/sethdseed.rst)
 And in fact I was very surprised to see that seed is nothing else that public key of (random/specified) private key:
Code:
CPubKey LegacyScriptPubKeyMan::GenerateNewSeed()
{
    assert(!m_storage.IsWalletFlagSet(WALLET_FLAG_DISABLE_PRIVATE_KEYS));
    CKey key;
    key.MakeNewKey(true);
    return DeriveNewSeed(key);
}
Code:
CPubKey LegacyScriptPubKeyMan::DeriveNewSeed(const CKey& key)
{
    int64_t nCreationTime = GetTime();
    CKeyMetadata metadata(nCreationTime);

    // calculate the seed
    CPubKey seed = key.GetPubKey();
    assert(key.VerifyPubKey(seed));
....

As we see, when seed is generated by program, a random private key (compressed) is created, so I assume public key used as a seed has form "02/03 + X". I do not know how it is when user provide uncompressed WIF to sethdseed command, but then HD seed would be "04 + X + Y".

My concern is: let's say seed is generated by program based on compressed key - does it mean that each Bitcoin Core HD wallet could be derived from a ECDSA256K1 public keys?

In other words, may we say that each seed has form 02/03+X? There is no HD wallet which seed is "12345abcabc"?
Jump to: