monero-project/monero-docs
monero-project/monero-docs
2
1
Fork 0
mirror of https://github.com/monero-project/monero-docs.git synced 2024-12-22 19:49:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fill in address generation TODO

Browse source
This commit is contained in:
Ben Evanoff 2021-11-16 07:57:03 -06:00 committed by GitHub
parent 8d8e38685c
commit 971924737a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 34 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
docs/public-address/standard-address.md
View file

@ -53,9 +53,42 @@ See the [source code](https://github.com/monero-project/monero/blob/f7b9f44c1b0d
## Generating
Standard address is derived from the root private key. TODO.
### Generating the keys
As mentioned above, a Monero address encodes two elliptic curve public keys so the first step is to generate two elliptic curve private keys from which the public keys may be derived.
Each private key is represented by a scalar between 1 and 2^252 + 27742317777372353535851937790883648492 inclusive. (Note: 2^252 + 27742317777372353535851937790883648492 + 1 is a prime order of the elliptic curve basepoint, `l`).
To generate a new private key, the convention is to generate a random 256 bit numbers and reduce it modulo 2^252 + 27742317777372353535851937790883648493.
To get the public keys to be encoded in the address, the ed25519 basepoint `G` is multiplied by each key scalar.
### Checksum
A checksum of the network byte and public keys is included in the address to help wallet software verify that a typo hasn't been made when users enter the address.
To get this checksum, the network byte as well as the public spend and view keys are concatenated together and Keccak-256 hashed. The first four bytes of this hash are the checksum.
When wallet software parses a Monero address it should decode the address and recompute the checksum and verify that it matches the checksum included in the address.
### Base58 Encoding
In an effort to further prevent errors from typos Monero addresses are encoded using a special character dictionary.
Characters used in Monero base58: `123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz`. Notice how characters that look similar such as `O` and `0` are missing.
[More about Monero base58](https://monerodocs.org/cryptography/base58/).
### Deteministic Wallets
There is no way to regulate how people choose their address keys, it is simply highly suggested that they are chosen at random. The original CryptoNote implementation generated each keypair randomly, independently of each other. Addresses generated this way are called non-deterministic, they have fallen out of popularity.
As of present, the convention is to derive an address's view key deterministically from the spend key which allows for human language encoded seed mnemonics.
Deterministic addresses derive the private view key from the private spend key by hashing it (conventionally Keccak-256) and reducing it modulo `l`.
## Reference
* [StackExchenge answer](https://monero.stackexchange.com/questions/980/what-are-the-public-viewkeys-and-spendkeys)
* [https://xmr.llcoins.net/addresstests.html](https://xmr.llcoins.net/addresstests.html)
* [src/cryptonote_basic/account.cpp account_base::generate](https://github.com/monero-project/monero/blob/dcba757dd283a3396120f0df90fe746e3ec02292/src/cryptonote_basic/account.cpp#L155)