Author

Topic: y coordinate calculation (PUBLIC KEY BITCOIN) (Read 1109 times)

newbie
Activity: 13
Merit: 0
December 27, 2021, 11:59:36 AM
#28
this is normal math sqrt√(x)^2,
      test value: 4^2 = 16, next root return 4
                       -8^2= 64,next root return 8

how to bitcoin Publickey x and y use to  sqrt example: √(x,y)^2
how to calculate sqrt for bitcoin publickey teach me please

example1:x,y
px: e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13   py: 51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922 #privatekey 4
px: 421f5fc9a21065445c96fdb91c0c1e2f2431741c72713b4b99ddcb316f31e9fc   py: 2b90f16d11dabdb616f6db7e225d1e14743034b37b223115db20717ad1cd6781 #privatekey 4^2 = 16
ans
px: e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13   py: 51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922 #privatekey √16 = 4

example2:
px: 2f01e5e15cca351daff3843fb70f3c2f0a1bdd05e5af888a67784ef3e10a2a01   py: a3b25758beac66b6d6c2f7d5ecd2ec4b3d1dec2945a489e84a25d3479342132b # -8
px: ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88   py: e57a6f571288ccffdcda5e8a7a1f87bf97bd17be084895d0fce17ad5e335286e # -8^ = 64
ans
px: 2f01e5e15cca351daff3843fb70f3c2f0a1bdd05e5af888a67784ef3e10a2a01   py: 5c4da8a741539949293d082a132d13b4c2e213d6ba5b7617b5da2cb76cbde904 # √64 = 8

how does work explain. do u understad my problem ,i speak little english
jr. member
Activity: 70
Merit: 1
Here's the output

Code:
'Set X'
['0xaf5a13d03a858342aea7dcc0772d66d65b83f6fa17988568cc219866a99436ccL',
 '0x680c20dcdca0813ae3450845c18c6b4975e96281313fb811dda958bca2222076L',
 '0x8d485591727814848b4917388714866d9fd60f0269112edb646f3c13e06924f0L',']
'Set Y'
['0xc694e15f92cddfb68aebcc313f5594b987e7ae7d72f5bfc7b44b6adbd4301ee1L',
 '0xe1bb14e7912ff0224f95d90c710ccf830bef75e1bfe16898adf80fe0d4b595c9L',
 '0xf44e87d22618b5f5b6545cf5555092c64d279708eaf12a5518bbe9bca0d1aae2L']

#mybadenglishwrite
other example
i am genarate rsz value,
step 1: rsz value in sample_rsz.txt get
step 2: rsz to private key hexconvert
step 3: cheak for balance

your not get rsz value in sample_rsz.txt please skip step1(and) write your code step2,step3
Code:
sample_rsz.txt
python getz_input.py -txid f9aa66876f79ed8870720e9019e769548f591d285cc2d16460c411c5da0912ca

Starting Program...
======================================================================
[Input Index #: 0]
     R: 00823cd5826d4dda527055dd8c183c3911a7689c03250214c9928c502d556d5dcd
     S: 708cbaadc433e75db1b2d2b49f1dcb29a6abcf830fb49b5e2f43edf58a9855f7
     Z: cab8d8ead97afc124085bb98127ba0c4c8fc9e0f6908c88c43b24565f98b61f8
PubKey: 039c5889d0ea6c234f0986a519677ec17b8402762bb5e1c2fc85d74256bded7273
======================================================================
[Input Index #: 1]
     R: 7020dab260a2621f0ba6ca9cb7117d9f0c3764cf802fbf9f1ec270b876e86478
     S: 477b0abf12644608fd2a96c1b877aa6d38cc97beadb23f0935cae3d02da29e50
     Z: ac1b62f6fe57a9e226460367fbe45dcad394ea167b44b607182390eec19817be
PubKey: 021af19d3e7658610ace22a8cac1a4349fc9ea253d60459d109d152a40df20a7b6
======================================================================
[Input Index #: 2]
     R: 40381bfcdaa49e8dc464c7efa260c47ab943d87e55a7bfec9e50791c7a9b00c1
     S: 48eaf79559aec14634c80ca1ac9acce1c70dac7f3f23e029bb3509e06826558e
     Z: 8fe79999e5a085062b64a973fc7e1cfb96343383aa415e191f2c6fea9e91a1d5
PubKey: 031ab5e8b751a9d0fb1a7c8db749bf08d2f96adf700070ed98c192e2226ecaf54a
======================================================================
[Input Index #: 3]
     R: 27a2026dc60891e753d5769654eae6fdb4273ad5e43b453c89f98ddf735a60d3
     S: 287ee3d8394b8020bfa8eb2cbd1731de9b56ebfb7853e9c45a8429d444a4532d
     Z: da97a9cf6cdc44477da5299626789bfbec96ad5108d8a38166901790e7ef25a1
PubKey: 036c134583e010e1a0a41ce03ab453d8aa09979e9929af208bf7130145aec27eec
======================================================================
[Input Index #: 4]
     R: 125dd347afe4554df33946d3948e96b24fb852b97a0bfa2ea8d2f4efc7958f9d
     S: 63ac3605c815a28c2721cfce08aacabf95fffcad9c33dd49f1d16110ac3c379e
     Z: db2d008d6d0f78d6b766539099f6939a412d5fc75460ce7e8e42d3aec4fc4b54
PubKey: 0233244cb067b59e82de611f665284111b07b6867380efb9317cba100af345974c
======================================================================
[Input Index #: 5]
     R: 00a264c4897e694fd13c6f0348977bad815499b0cd7df34fd5a4ee680463d3c30c
     S: 72c579ee7c9cb502c903ac71d60d93834c2a9ce8a43215ed853c619337c1cfe8
     Z: cf22845485cd95c625bf92c9a92b49f1166315d4545e404cd213bc4022ca32e5
PubKey: 0374d16a1603a5691eb73aa12be62e506792cff5772def92376d1dbf7d15a64a4d
======================================================================
[Input Index #: 6]
     R: 6fc545a0360d77a92e5f00ad13f947c48d3d61605b091f43d3b8c9aeca68a3ea
     S: 472db6ab16c4b34442a123764e871bbf1c866810996a3117c7a4937ef0b92b52
     Z: 49acf9eb7e34189460d96ef1d8ce0d6bd35e5ff659da757775244aeb887b398d
PubKey: 0242ae9c0bd6300b20b08709546b79a02ef3a297a7eee1299121e2f79eb646c5b9

other help please solve: Smiley

iam run ImportError: No module named txnUtils
https://github.com/FoxxD3V/btc-rsz/blob/master/RawTX_RSZ.py
jr. member
Activity: 70
Merit: 1
thanks its work @ETFbitcoin
i need help, sample.txt file open next get x and y value same time,set value for setmy_x_value,setmy_y_value Huh#note without error..

sample x and y value.. sample.txt
Code:
('0xaf5a13d03a858342aea7dcc0772d66d65b83f6fa17988568cc219866a99436ccL', '0xc694e15f92cddfb68aebcc313f5594b987e7ae7d72f5bfc7b44b6adbd4301ee1L')
('0x680c20dcdca0813ae3450845c18c6b4975e96281313fb811dda958bca2222076L', '0xe1bb14e7912ff0224f95d90c710ccf830bef75e1bfe16898adf80fe0d4b595c9L')
('0x8d485591727814848b4917388714866d9fd60f0269112edb646f3c13e06924f0L', '0xf44e87d22618b5f5b6545cf5555092c64d279708eaf12a5518bbe9bca0d1aae2L')
('0xedb1bc4d3649221c13c65dcf79d7d2050cc734ab878f78ac90d1274356e65536L', '0x5ee7898c708f13ab827bffb1c411375e80155366f0d9b74769a25aa6b3f3e17bL')
('0xa3472f6ecc489b37a0059d3555e11fa44ba6fa139080ea91a84d5928ea1e4058L', '0xc822e040aef7a7a82cc0f7e1b91d2ce35e60f98cbb77b1127d5a69ecb51f62d8L')
('0x2f5410507ab547341c4cfd87c89381dff84609f0ba3b106d912ac8b3b939b139L', '0x79b0462c5105e546f827871efbf9bb53a83615f4fd90486afa6280a994c2fea2L')
('0x66c31d4feabd3f65a7d2ee4cb60f484a29c3485c555189ac993bb5465c21baafL', '0x90c2113380966bf3fffd18b8f94f49b4e21a22bf01c17cce17b8b1256a43d504L')
('0xef78c2ae7c2d1bed13f204e5ed6764c7a9b1c24690ab6fc259f4f4b3acc24e3dL', '0x5c3458d1124458f569fcabc4fab4872335a75e0834d4afa564c83d7d3833e7a4L')
('0x32253c8bcb7cc19c9b959537aafd738bbaba5943cace632248e3ecd03f7cd960L', '0x4dccceab7f7eb85a5d21a5a21c6ebc5ed53bbbd74784cd422e84edf8ef89bc3eL')
('0x9fbc293e6bdaffa96519a7538a7ece62d07a8182bf20494551f2894d39e3c75bL', '0x957beece6c39c7d41fc2c9c3a53796a45a7bef5d3baf8cbd95a32e999615f83L')


filename ='sample.txt'
with open(filename) as f:
    addf = f.read().split()
addf = set(addf)  # this is my idea how to same time get x and y ?...setmy_x_value,setmy_y_value
                           #mybadenglish

example output... like tihs
Code:
>>> Point1 = Point(setmy_x_value, setmy_y_value)
>>> Point2 = Point(0xc6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5, 0x1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a)
>>> Point3 = sub(Point1,Point2)
>>> hex(Point3.x),hex(Point3.y)
('0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798', '0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8')
jr. member
Activity: 70
Merit: 1


script: y from x

Code:
p = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f
x = 0x33709eb11e0d4439a729f21c2c443dedb727528229713f0065721ba8fa46f00e
ysquared = ((x*x*x+7) % p)   
print ("ysquared= %s ",  hex(ysquared) )   
y = pow(ysquared, (p+1)/4, p)
print ("y1 =  ",hex(y))
print ("y2 =  ", hex(y * -1 % p))
y1 = y
y2 = (y * -1) % p
print(" ")
print("value x = ",hex(x))
print("value x = ",x)
print("         ")

if Integer(y1) % 2 == 0:
   
    print("value 02 to y = ",hex(y1))
    print("value 02 to y =",y1)
    print(" ")
    print("value 03 to y = ",hex(y2))
    print("value 03 to y =",y2)
   

if Integer(y2) % 2 == 0:
    print("value 02 to y = ",hex(y2))
    print("value 02 to y =",y2)
    print(" ")
    print("value 03 to y = ",hex(y1))
    print("value 03 to y =",y1)
   

#test
print (hex((x**3 + 7 - y1**2) % p) ) 

print (hex((x**3 + 7 - y2**2) % p)) 



i am run your code python and python2 both erro why?Huh?....
NameError: name 'Integer' is not defined


Code:
user@me133:~/Downloads$ python 3.py
ysquared= %s  0x8ff5190f5e682d223717cd48318a53d918a5c48335924148963d7fc92c852e00
Traceback (most recent call last):
  File "3.py", line 5, in
    y = pow(ysquared, (p+1)/4, p)
TypeError: pow() 3rd argument not allowed unless all arguments are integers

user@me133:~/Downloads$ python2 3.py[
('ysquared= %s ', '0x8ff5190f5e682d223717cd48318a53d918a5c48335924148963d7fc92c852e00L')
('y1 =  ', '0x4bb74cfb14940bce37a2468d7873ea0d0ac01a946607fd774ffb8cdbfb022eacL')
('y2 =  ', '0xb448b304eb6bf431c85db972878c15f2f53fe56b99f80288b004732304fdcd83L')
 
('value x = ', '0xc0c686408d517dfd67c2367651380d00d126e4229631fd03f8ff35eef1a61e3cL')
('value x = ', 87194829221142880348582938487511785107150118762739500766654458540580527283772L)
         
Traceback (most recent call last):
  File "3.py", line 15, in
    if Integer(y1) % 2 == 0:
NameError: name 'Integer' is not defined

user@me133:~/Downloads$ python3 3.py
ysquared= %s  0x8ff5190f5e682d223717cd48318a53d918a5c48335924148963d7fc92c852e00
Traceback (most recent call last):
  File "3.py", line 5, in
    y = pow(ysquared, (p+1)/4, p)
TypeError: pow() 3rd argument not allowed unless all arguments are integers


jr. member
Activity: 70
Merit: 1
p (modulus) = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
n (order; size; the count of all possible EC points) = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
a (the constant "a" in y^2 ≡ x^3 + a*x + b (mod p)) = 0x0000000000000000000000000000000000000000000000000000000000000000
b (the constant "b" in y^2 ≡ x^3 + a*x + b (mod p)) = 0x0000000000000000000000000000000000000000000000000000000000000007
g (the curve generator point G {x, y}) = (0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798, 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)
h (cofactor, typically 1) = 01


please tell why use h = 1
                                a = 0
                                b = 7
what different

how to reverse calculate y^2 ≡ x^3 + a*x + b (mod p) share your code
jr. member
Activity: 70
Merit: 1
hi eny update Re: y coordinate calculation (PUBLIC KEY BITCOIN)
share me
jr. member
Activity: 34
Merit: 5
sorry for the basic question.

how did you get 28948022309329048855892746252171976963317496166410141009864396001977208667916 ?



sorry for the basic question.

how did you get 28948022309329048855892746252171976963317496166410141009864396001977208667916 ?

I get it, its P/4 ..
member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
I would like to understand the math behind this...

Simply and objectively!In decimal for ease.

All calculations:
p = 115792089237316195423570985008687907853269984665640564039457584007908834671663
-------------------------------------------------------------------------------------------------------------------------------------------------------
Private key : 1

Public key :

x = 55066263022277343669578718895168534326250603453777594175500187360389116729240

55066263022277343669578718895168534326250603453777594175500187360389116729240**3 + 7 =

32748224938747404814623910738487752935528512903530129802856995983256684603122**28948022309329048855892746252171976963317496166410141009864396001977208667916=

y = 32670510020758816978083085130507043184471273380659243275938904335757337482424

OKAY
---------------------------------------------------------------------------------------------------------------------------------------------------

Private key : 2

Public key :

x = 89565891926547004231252920425935692360644145829622209833684329913297188986597

89565891926547004231252920425935692360644145829622209833684329913297188986597**3 + 7 =

57199941671890039290383617934355424684258807805258215939368959893591666662646**28948022309329048855892746252171976963317496166410141009864396001977208667916=

y = 12158399299693830322967808612713398636155367887041628176798871954788371653930

OKAY
-------------------------------------------------------------------------------------------------------------------------------------------------

Private key : 3

Public key :

x = 112711660439710606056748659173929673102114977341539408544630613555209775888121

112711660439710606056748659173929673102114977341539408544630613555209775888121**3 + 7 =

104193826873522593991639737736096919049125888873761064059040146529970392609905**28948022309329048855892746252171976963317496166410141009864396001977208667916=

y = 90209061256745311731914079131285931446821116410824268969537695047367247992253

NO OKAY
------------------------------------------------------------------------------------------------------------------------------------------------
Why did the y value of private key 3 need to be inverted?

What math or method is used to know whether or not I will need to invert the y value?

I send you pm, check your pm.

Thx
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
September 07, 2021, 06:46:53 AM
#20
Now let's go on @_Counselor's example; if we take 0.5 and double it, we'll get 1. This means that we must find a number whose doubling will result in 1 in the finite field of secp256k1. In that case, it's - “7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a1”. I'm trying to understand, though, how will you get 0.5 by having that hex and 1.

Once you move the 0.5 into the secp256k1 finite field, it is indistinguishable from that large number you quoted above. They are functionally equivalent.
full member
Activity: 206
Merit: 450
September 07, 2021, 05:57:34 AM
#19

We take 8 in the finite field of 47. We'll multiply 8 by 13 times => 8*13 = 104, 104 mod 47 = 10. Now let's find the multiplication inverse of 10 in that field:

10 * x = 8

How exactly can I solve this besides trying a different value each time? In the article, it tries 1, 2, 3... until it finds 29 which is suitable.


Let's consider a * x ≡ b (mod p), which means x ≡ b/a (mod p) for a ≠ 0.
There are two ways to find x.

First through Fermat's little theorem:
ap ≡ a (mod p)
ap-2 ≡ a-1 ≡ 1/a (mod p)
x ≡ b * ap-2 (mod p)

Second through Extended Euclidean algorithm:
x ≡ b * inverse(a, p) (mod p)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
September 07, 2021, 04:02:35 AM
#18
It's because -1 is outside of the range of remainders 0 to N-1, so it has to be shifted into this range, by repeatedly adding or subtracting N, until it becomes one of the numbers in that range (in this case, N-1).
So let me get this straight. If we want to represent -1 in a finite field [1, 47) whose acres are prime numbers, we'll have to deform it and include it into that range. In order to do so, we'll take -1 and add 47 to it, until it's included. In this case, -1 + 47 = 46. The result will never be 47, that's why I added parenthesis instead above.

Now let's go on @_Counselor's example; if we take 0.5 and double it, we'll get 1. This means that we must find a number whose doubling will result in 1 in the finite field of secp256k1. In that case, it's - “7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a1”. I'm trying to understand, though, how will you get 0.5 by having that hex and 1.

Sorry, but that's a bunch of new things introduced to my maths' knowledge. I'll try learnmeabitcoin.com's example with the modular inverse to possibly understand it better.

We take 8 in the finite field of 47. We'll multiply 8 by 13 times => 8*13 = 104, 104 mod 47 = 10. Now let's find the multiplication inverse of 10 in that field:

10 * x = 8

How exactly can I solve this besides trying a different value each time? In the article, it tries 1, 2, 3... until it finds 29 which is suitable.

You may try it yourself with some EC calculator, just get a point from this privkey, then double it, you will get point from key "1".
I tried it with a secp256k1 calculator and verified it. So, what we're describing is called scalar multiplication? Shouldn't there be an inverse, where you can get -1 by only having - "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140" - and 1?
copper member
Activity: 821
Merit: 1992
September 06, 2021, 01:45:10 PM
#17
Quote
Pi and some other math constants actually can't be expressed like this unless you truncate it to some digits
In finite field, everything is truncated to the prime modulo. You have one and you have prime modulo plus one and that two values have exactly the same value in finite field. You can take a square root of something and it will be equal to some integer, because if you multiply that value by itself, you will get back the value you started with. The same with pi, e, and other constants. If you have some equation, for example that pi is a circumference divided by a diameter, then you can calculate better and better approximation, and finally you will end up with a number that cannot be better approximated, because by taking modulo you will lose precision. You can have pi defined as an infinite sum, where after some point, you will get all zeroes, because numbers will be too small to be expressed in this finite field.

Finite fields are beautiful, because they are finite. You have well-defined precision set to 256-bit values and you will never need more precision than that if you stay in that field. Some values are undefined, for example there is no public key where x=5, so there is no value for the square root of 132 (y^2=x^3+7, x=5, y^2=132, y=sqrt(132) does not exist). But if it is possible to calculate some value (for example sqrt(2) exists), then it can be expressed as an integer.
member
Activity: 110
Merit: 61
September 06, 2021, 01:05:04 PM
#16
If you don't mind could you explain it a little bit more? Or share me a link with useful content, if you're out of time.

Simple explanation.

Let's take a number like 0.5
What is 0.5? It is half of 1, so this number, then multiplied by two, will give 1.
Now we will find a number that satisfies this in the conditions of a finite field.
It will be "7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a1" - if you double that number in secp256k1, you will get 1. So this enormous number also works just like 0.5.
You may try it yourself with some EC calculator, just get a point from this privkey, then double it, you will get point from key "1".

Some way we can explain "-1" as "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140"
-1 + 1 = 0. If you add "1" and "fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140" you will get point at infinity, that is works on EC like zero.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
September 06, 2021, 12:19:47 PM
#15
Minus one is fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140
How? Don't I just convert the hexadecimal into decimal?

It's because -1 is outside of the range of remainders 0 to N-1, so it has to be shifted into this range, by repeatedly adding or subtracting N, until it becomes one of the numbers in that range (in this case, N-1).

everything can be expressed as integers, even square roots and numbers like e, pi, logarithms, just everything.
If you don't mind could you explain it a little bit more? Or share me a link with useful content, if you're out of time.

[Almost] all decimal numbers can be written as a fraction, with a numerator and denominator (Pi and some other math constants actually can't be expressed like this unless you truncate it to some digits).

So the decimal number is actually equivalent to: modinv(denominator) * numerator.

Where modinv is the modular inverse of the number with respect to N.

Is the mod supposed to be implied? Because, OP didn't write it.

Yes.



@OP, have you tried using Legendre numbers mod n to classify the private keys by their polarity? priv=1 gives an odd key (afaik), priv=2 gives an even key, so possibly odd keys have Legendre numbers of -1 and even numbers have them at 1.

I don't remember the polarity of the next few numbers from my head so it's worth a shot if you want to calculate them.
member
Activity: 211
Merit: 20
$$$$$$$$$$$$$$$$$$$$$$$$$
September 06, 2021, 12:06:42 PM
#14

firstly everything is possible.Smiley

second:
"What I would really like is some method that would give me the correct y value... without having to invert or choose between y or -y (I THINK IT'S IMPOSSIBLE)" ---> if you do that means you break ecdsa. You trying solve problem that pubkey is in d n/2 Smiley

third -> you can check how many times is fliped (y) (as 02 to 03 and 03 to 02) depends on subgroup during adding point . but it is not possoble, you can't check   n/2 subgrups -> hundreds years.. you know ... or you are immortal:D

Technically it's the second option Wink
member
Activity: 211
Merit: 20
$$$$$$$$$$$$$$$$$$$$$$$$$
September 06, 2021, 12:04:48 PM
#13
It will be square root modulo prime of 8
But, the square root of 8 is not an interval. Specifically, it is around 2.82. If you mod this with a prime number, such as 11, won't you get the same 2.82? (2.82 = (11 * 0) + 2.82)

Please guide me I've messed things up again.

32748224938747404814623910738487752935528512903530129802856995983256684603122^
28948022309329048855892746252171976963317496166410141009864396001977208667916=
32670510020758816978083085130507043184471273380659243275938904335757337482424
The symbol that I colored red means power. The result from your process would give a much greater number, considered infinity. It doesn't give the blue one.

Public key equations are always modular... you forgot to include:
p = 115792089237316195423570985008687907853269984665640564039457584007908834671663

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
September 06, 2021, 11:55:03 AM
#12
Minus one is fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140
How? Don't I just convert the hexadecimal into decimal?

Code:
hex: fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140
dec: 115792089237316195423570985008687907852837564279074904382605163141518161494336

You got me unprepared on this one. Still, I haven't learnt how they work. I know I shouldn't feel ridicule, but I do.  Smiley

everything can be expressed as integers, even square roots and numbers like e, pi, logarithms, just everything.
If you don't mind could you explain it a little bit more? Or share me a link with useful content, if you're out of time.

No, because if you have a^b mod n
Is the mod supposed to be implied? Because, OP didn't write it.
copper member
Activity: 821
Merit: 1992
September 06, 2021, 11:25:53 AM
#11
Quote
Specifically, it is around 2.82.
In finite field, all numbers are integers. There is no dot. Minus one is fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140, 0.5 is 7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a1, everything can be expressed as integers, even square roots and numbers like e, pi, logarithms, just everything.
Quote
The result from your process would give a much greater number, considered infinity.
No, because if you have a^b mod n, then you can check if b is even or odd. If b is odd, then you can calculate a*a^(b-1) mod n, in this way you have b-1 that is even. If b is even, you can calculate (a*a)^(b/2) mod n. If during multiplication you would get something bigger than n, then you take the result modulo n and proceed. Finally, you will always have a number modulo n, so it will always be in the correct range.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
September 06, 2021, 11:04:51 AM
#10
It will be square root modulo prime of 8
But, the square root of 8 is not an interval. Specifically, it is around 2.82. If you mod this with a prime number, such as 11, won't you get the same 2.82? (2.82 = (11 * 0) + 2.82)

Please guide me I've messed things up again.

32748224938747404814623910738487752935528512903530129802856995983256684603122^
28948022309329048855892746252171976963317496166410141009864396001977208667916=
32670510020758816978083085130507043184471273380659243275938904335757337482424
The symbol that I colored red means power. The result from your process would give a much greater number, considered infinity. It doesn't give the blue one.
member
Activity: 211
Merit: 20
$$$$$$$$$$$$$$$$$$$$$$$$$
September 06, 2021, 10:23:06 AM
#9


script : x from y

Code:
## Input
y = 0x3199555CE45C38B856C9F64AC6DB27000AB6CEA10CAD76B2B6E246C9A020E707

## Field parameters
# Field modulus
p = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f
# Cube root of 1
beta = 0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee

## Actual code
xcubed = (y*y - 7) % p
print ("xcubed = 0x%x" % xcubed)

x = pow(xcubed, (p + 2) / 9, p)
print ("x1 = 0x%x" % x)
print ("x2 = 0x%x" % (x * beta % p))
print ("x3 = 0x%x" % (x * beta * beta % p))


script: y from x

Code:
p = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f
x = 0x33709eb11e0d4439a729f21c2c443dedb727528229713f0065721ba8fa46f00e
ysquared = ((x*x*x+7) % p)   
print ("ysquared= %s ",  hex(ysquared) )   
y = pow(ysquared, (p+1)/4, p)
print ("y1 =  ",hex(y))
print ("y2 =  ", hex(y * -1 % p))
y1 = y
y2 = (y * -1) % p
print(" ")
print("value x = ",hex(x))
print("value x = ",x)
print("         ")

if Integer(y1) % 2 == 0:
   
    print("value 02 to y = ",hex(y1))
    print("value 02 to y =",y1)
    print(" ")
    print("value 03 to y = ",hex(y2))
    print("value 03 to y =",y2)
   

if Integer(y2) % 2 == 0:
    print("value 02 to y = ",hex(y2))
    print("value 02 to y =",y2)
    print(" ")
    print("value 03 to y = ",hex(y1))
    print("value 03 to y =",y1)
   

#test
print (hex((x**3 + 7 - y1**2) % p) ) 

print (hex((x**3 + 7 - y2**2) % p)) 



Thanks for the script ... but I already have the first and the second I already knew
What I would really like is some method that would give me the correct y value... without having to invert or choose between y or -y (I THINK IT'S IMPOSSIBLE)

member
Activity: 211
Merit: 20
$$$$$$$$$$$$$$$$$$$$$$$$$
September 06, 2021, 09:47:05 AM
#8
@BlackHatCoiner Or it could be like this...
 
p = 115792089237316195423570985008687907853269984665640564039457584007908834671663

32748224938747404814623910738487752935528512903530129802856995983256684603122^
28948022309329048855892746252171976963317496166410141009864396001977208667916=
32670510020758816978083085130507043184471273380659243275938904335757337482424


member
Activity: 110
Merit: 61
September 06, 2021, 07:58:03 AM
#7
Excuse me for the noob question:  Let's assume x3=1, which means y2=8. What's y? Will it be square root of 8?
It will be square root modulo prime of 8
to be precise, it will be 29896722852569046015560700294576055776214335159245303116488692907525646231534

(29896722852569046015560700294576055776214335159245303116488692907525646231534 * 29896722852569046015560700294576055776214335159245303116488692907525646231534) mod secp256k1.p = 8
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
September 06, 2021, 07:48:13 AM
#6
32748224938747404814623910738487752935528512903530129802856995983256684603122**28948022309329048855892746252171976963317496166410141009864396001977208667916
What exactly are you trying to do here? It doesn't seem okay to me.

@_Counselor Thanks for the answers... yes, I'm calculating using only x. Maybe with some more advanced equation or other methods it is possible to define exactly the value of y with only x?
But, the only thing you need to define the value of y is x. @interiawp added you a code in which you can get one of the two values by knowing the other. If you wanted to know x, but having only y, then it's: x^3 = y^2 - 7.

To convert between Ys, you have to calculate y2 = (y1 - secp256k1.p) * -1. One of Y is even and another is odd.
Excuse me for the noob question:  Let's assume x3=1, which means y2=8. What's y? Will it be square root of 8?
member
Activity: 211
Merit: 20
$$$$$$$$$$$$$$$$$$$$$$$$$
September 06, 2021, 05:39:04 AM
#5
@_Counselor Thanks for the answers... yes, I'm calculating using only x. Maybe with some more advanced equation or other methods it is possible to define exactly the value of y with only x?
member
Activity: 110
Merit: 61
September 06, 2021, 05:20:41 AM
#4
Yes...but what I would really like to understand is why private key 3 needed to invert the y value and private keys 1 and 2 didn't need to invert the y value.

Why do there have y values that need to be inverted and other values that don't need to be inverted?

What math or method is used to know whether or not I will need to invert the y value?

If you're using standard EC math, there no need to invert anything.
The point on the elliptic curve is generator point G multiplied by the private key. The EC multiplication formula calculates both X and correct Y and does not require additional inversion.
Looks like you're trying to calculate only X and then trying to calculate Y from that X with simple equation, which leads to two possible solutions of that equation. And without using the multiplication formula, there is no way to know whether the right Y will be even or odd.
member
Activity: 211
Merit: 20
$$$$$$$$$$$$$$$$$$$$$$$$$
September 06, 2021, 04:54:40 AM
#3
Each x coordinate corresponds to two y coordinates, because of square root.

To convert between Ys, you have to calculate y2 = (y1 - secp256k1.p) * -1. One of Y is even and another is odd.

To indicate which coordinate is needed, the compressed keys starts with 02 for even Y and 03 for odd Y.
Yes...but what I would really like to understand is why private key 3 needed to invert the y value and private keys 1 and 2 didn't need to invert the y value.

Why do there have y values that need to be inverted and other values that don't need to be inverted?

What math or method is used to know whether or not I will need to invert the y value?
member
Activity: 110
Merit: 61
September 05, 2021, 05:03:57 PM
#2
Each x coordinate corresponds to two y coordinates, because of square root.

To convert between Ys, you have to calculate y2 = (y1 - secp256k1.p) * -1. One of Y is even and another is odd.

To indicate which coordinate is needed, the compressed keys starts with 02 for even Y and 03 for odd Y.
member
Activity: 211
Merit: 20
$$$$$$$$$$$$$$$$$$$$$$$$$
September 05, 2021, 12:57:23 PM
#1
I would like to understand the math behind this...

Simply and objectively!In decimal for ease.

All calculations:
p = 115792089237316195423570985008687907853269984665640564039457584007908834671663
-------------------------------------------------------------------------------------------------------------------------------------------------------
Private key : 1

Public key :

x = 55066263022277343669578718895168534326250603453777594175500187360389116729240

55066263022277343669578718895168534326250603453777594175500187360389116729240**3 + 7 =

32748224938747404814623910738487752935528512903530129802856995983256684603122**28948022309329048855892746252171976963317496166410141009864396001977208667916=

y = 32670510020758816978083085130507043184471273380659243275938904335757337482424

OKAY
---------------------------------------------------------------------------------------------------------------------------------------------------

Private key : 2

Public key :

x = 89565891926547004231252920425935692360644145829622209833684329913297188986597

89565891926547004231252920425935692360644145829622209833684329913297188986597**3 + 7 =

57199941671890039290383617934355424684258807805258215939368959893591666662646**28948022309329048855892746252171976963317496166410141009864396001977208667916=

y = 12158399299693830322967808612713398636155367887041628176798871954788371653930

OKAY
-------------------------------------------------------------------------------------------------------------------------------------------------

Private key : 3

Public key :

x = 112711660439710606056748659173929673102114977341539408544630613555209775888121

112711660439710606056748659173929673102114977341539408544630613555209775888121**3 + 7 =

104193826873522593991639737736096919049125888873761064059040146529970392609905**28948022309329048855892746252171976963317496166410141009864396001977208667916=

y = 90209061256745311731914079131285931446821116410824268969537695047367247992253

NO OKAY
------------------------------------------------------------------------------------------------------------------------------------------------
Why did the y value of private key 3 need to be inverted?

What math or method is used to know whether or not I will need to invert the y value?
Jump to: