2021-01-27 21:19:37 +00:00
<!doctype html> < html lang = en class = no-js > < head > < meta charset = utf-8 > < meta name = viewport content = "width=device-width,initial-scale=1" > < meta name = description content = "Unofficial Monero Documentation" > < meta name = author content = "Piotr 'Qertoip' Włodarek" > < link href = https://monerodocs.org/public-address/subaddress/ rel = canonical > < link rel = "shortcut icon" href = ../../assets/favicon.png > < meta name = generator content = "mkdocs-1.1.2, mkdocs-material-6.2.5" > < title > Subaddress - Monero Documentation< / title > < link rel = stylesheet href = ../../assets/stylesheets/main.15aa0b43.min.css > < link rel = stylesheet href = ../../assets/stylesheets/palette.75751829.min.css > < meta name = theme-color content = #ffffff > < link rel = preconnect href = https://fonts.gstatic.com crossorigin > < link rel = stylesheet href = "https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback" > < style > body , input { font-family : "Roboto" , - apple-system , BlinkMacSystemFont , Helvetica , Arial , sans-serif } code , kbd , pre { font-family : "Roboto Mono" , SFMono-Regular , Consolas , Menlo , monospace } < / style > < link rel = stylesheet href = ../../overrides.css > < / head > < body dir = ltr data-md-color-scheme data-md-color-primary = white data-md-color-accent = indigo > < input class = md-toggle data-md-toggle = drawer type = checkbox id = __drawer autocomplete = off > < input class = md-toggle data-md-toggle = search type = checkbox id = __search autocomplete = off > < label class = md-overlay for = __drawer > < / label > < div data-md-component = skip > < a href = #subaddress class = md-skip > Skip to content < / a > < / div > < div data-md-component = announce > < / div > < header class = md-header data-md-component = header > < nav class = "md-header-nav md-grid" aria-label = Header > < a href = https://monerodocs.org title = "Monero Documentation" class = "md-header-nav__button md-logo" aria-label = "Monero Documentation" > < img src = ../../images/monero.svg alt = logo > < / a > < label class = "md-header-nav__button md-icon" for = __drawer > < svg xmlns = http://www.w3.org/2000/svg viewbox = "0 0 24 24" > < path d = "M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z" / > < / svg > < / label > < div class = md-header-nav__title data-md-component = header-title > < div class = md-header-nav__ellipsis > < div class = md-header-nav__topic > < span class = md-ellipsis > Monero Documentation < / span > < / div > < div class = md-header-nav__topic > < span class = md-ellipsis > Subaddress < / span > < / div > < / div > < / div > < label class = "md-header-nav__button md-icon" for = __search > < svg xmlns = http://www.w3.org/2000/svg viewbox = "0 0 24 24" > < path d = "M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z" / > < / svg > < / label > < div class = md-search data-md-component = search role = dialog > < label class = md-search__overlay for = __search > < / label > < div class = md-search__inner role = search > < form class = md-search__form name = search > < input type = text class = md-search__input name = query aria-label = Search placeholder = Search autocapitalize = off autocorrect = off autocomplete = off spellcheck = false data-md-component = search-query data-md-state = active required > < label class = "md-search__icon md-icon" for = __search > < svg xmlns = http://www.w3.org/2000/svg viewbox = "0 0 24 24" > < path d = "M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z" / > < / svg > < svg xmlns = http://www.w3.org/2000/svg viewbox = "0 0 24 24" > < path d = "M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z" / > < / svg > < / label > < button type = reset class = "md-search__icon md-icon" aria-label = Clear data-md-component = search-reset tabindex = -1 > < svg xmlns = http://www.w3.org/2000/svg viewbox = "0 0 24 24" > < path d = "M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z" / > < / svg > < / button > < / form > < div class = md-search__output > < div class = md-search__scrollwrap data-md-scrollfix > < div class = md-search-result data-md-component = search-result > < div class = md-search-result__meta > Initializing search < /div
2021-01-22 14:04:23 +00:00
< / code > < / pre > < / div > < p > Where:< / p > < ul > < li > < code > Hs< / code > is a Keccak-256 hash function interpreted as integer and modulo < code > l< / code > (maximum edwards25519 scalar)< / li > < li > < code > ||< / code > is a byte array concatenation operator< / li > < li > < code > SubAddr< / code > is a 0-terminated fixed string (8 bytes total)< / li > < li > < code > a< / code > is a private view key of the standard address (a 32 byte little endian unsigned integer)< / li > < li > < code > account_index< / code > is index of an account (a 32 bit little endian unsigned integer)< / li > < li > < code > subaddress_index_within_account< / code > is index of the subaddress within the account (a 32 bit little endian unsigned integer)< / li > < / ul > < p > Deriving "sub view keys" from the main view key allows for creating a view only wallet that monitors the entire wallet including subaddresses.< / p > < h3 id = public-spend-key > Public spend key< a class = headerlink href = #public-spend-key title = "Permanent link" > ¶ < / a > < / h3 > < p > The subaddress public spend key < code > D< / code > is derived as follows:< / p > < div class = highlight > < pre > < span > < / span > < code > D = B + m*G
< / code > < / pre > < / div > < p > Where:< / p > < ul > < li > < code > B< / code > is standard address public spend key< / li > < li > < code > m< / code > is a per-subaddress scalar that is derived from the private spend key< / li > < li > < code > G< / code > is the "base point"; this is simply a constant specific to < a href = /cryptography/asymmetric/edwards25519 > edwards25519< / a > < / li > < / ul > < h3 id = public-view-key > Public view key< a class = headerlink href = #public-view-key title = "Permanent link" > ¶ < / a > < / h3 > < p > The subaddress public view key < code > C< / code > is derived as follows:< / p > < div class = highlight > < pre > < span > < / span > < code > C = a*D
< / code > < / pre > < / div > < p > Where:< / p > < ul > < li > < code > a< / code > is a private view key of the standard address< / li > < li > < code > D< / code > is a public spend key of the subaddress< / li > < / ul > < h3 id = special-case-for-0-0 > Special case for (0, 0)< a class = headerlink href = #special-case-for-0-0 title = "Permanent link" > ¶ < / a > < / h3 > < p > The subaddress #0 on the account #0 is the < a href = /public-address/standard-address > standard address< / a > . As standard address has different generation rules, this is simply implemented via an < code > if< / code > statement.< / p > < h3 id = building-the-address-string > Building the address string< a class = headerlink href = #building-the-address-string title = "Permanent link" > ¶ < / a > < / h3 > < p > The procedure is the same as for the < a href = /public-address/standard-address > standard address< / a > .< / p > < h2 id = caveats > Caveats< a class = headerlink href = #caveats title = "Permanent link" > ¶ < / a > < / h2 > < ul > < li > It is not recommended to sweep all the balances of subaddress to standard address in a single transaction. That links the subaddresses together on the blockchain. However, this only concerns privacy against specific sender and the situation will never get worse than not using subaddresses in the first place. If you need to join funds while preserving maximum privacy do it with individual transactions (one per subaddress).< / li > < li > Convenience labels are not preserved when recreating from seed.< / li > < / ul > < h2 id = reference > Reference< a class = headerlink href = #reference title = "Permanent link" > ¶ < / a > < / h2 > < ul > < li > < a href = https://github.com/emesik/monero-python/blob/125d5eac0d4583b586b98e21b28fb9a291db26e5/monero/wallet.py#L195 > monero-python< / a > - the easiest to follow implementation by Michał Sałaban< / li > < li > < a href = https://github.com/monero-project/monero/blob/16dc6900fb556b61edaba5e323497e9b8c677ae2/src/device/device_default.cpp#L143 > get_subaddress_spend_public_key()< / a > - Monero reference implementation< / li > < li > < a href = https://github.com/monero-project/monero/pull/2056 > historical discussion on Github< / a > - gives context but is not up to date with all details< / li > < li > < a href = https://monero.stackexchange.com/questions/10674/how-are-subaddresses-and-account-addresses-generated-from-master-wallet-keys/10676#10676 > StackExchange answer< / a > - excellent summary by knaccc< / li > < / ul > < / article > < / div > < / div > < / main > < footer class = md-footer > < div class = md-footer-nav > < nav class = "md-footer-nav__inner md-grid" aria-label = Footer > < a href = ../standard-address/ class = "md-footer-nav__link md-footer-nav__link--prev" rel = prev > < div class = "md-footer-nav__button md-icon" > < svg xmlns = http://www.w3.org/2000/svg viewbox = "0 0 24 24" > < path d = "M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z" / > < / svg > < / div > < div class = md-footer-nav__title > < div class = md-ellipsis > < span class = md-footer-nav__direction > Previous < / span > Standard < / div > < / div > < / a > < a href = ../integrated-address/ class = "md-footer-nav__link md-footer-nav__link--next" rel = next > < div class = md-footer-nav__title > < div class = md-ellipsis > < span class = md-footer-nav__direction > Next < / span > Integrated < / div > < / div > < div class = "md-footer-nav__button md-icon" > < svg xmlns = http://www.w3.org/2000/svg viewbox = "0 0 24 24" > < path d = "M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z" / > < / svg > < / div > < / a > < / nav > < / div > < div class = "md-footer-meta md-typeset" > < div class = "md-footer-meta__inner md-grid" > < div class = md-footer-copyright style = "margin: auto;" > < a href = http://bumz4sduzxzlobbgzy5fiufdflg3mo2jyecdwdx5rphrqldms7wlmiid.onion/ > Tor onion version< / a > | < a href = https://qertoip.com/ > contact< / a > | © 2021 MoneroDocs under < a href = https://opensource.org/licenses/MIT > MIT< / a > | built w/ < a href = https://www.mkdocs.org/ > mkdocs< / a > and < a href = https://squidfunk.github.io/mkdocs-material/ > squidfunk/material< / a > < / div > < / div > < / div > < / footer > < / div > < script src = ../../assets/javascripts/vendor.93c04032.min.js > < / script > < script src = ../../assets/javascripts/bundle.83e5331e.min.js > < / script > < script id = __lang type = application/json > { " c l i p b o a r d . c
2021-01-21 14:52:04 +00:00
app = initialize({
base: "../..",
features: [],
search: Object.assign({
worker: "../../assets/javascripts/worker/search.8c7e0a7e.min.js"
}, typeof search !== "undefined" & & search)
})
2021-01-22 14:04:23 +00:00
< / script > < / body > < / html >
