mirror of
https://github.com/monero-project/monero-docs.git
synced 2024-12-23 03:59:23 +00:00
fill in address generation TODO
This commit is contained in:
parent
8d8e38685c
commit
971924737a
1 changed files with 34 additions and 1 deletions
|
@ -53,9 +53,42 @@ See the [source code](https://github.com/monero-project/monero/blob/f7b9f44c1b0d
|
||||||
|
|
||||||
## Generating
|
## Generating
|
||||||
|
|
||||||
Standard address is derived from the root private key. TODO.
|
### Generating the keys
|
||||||
|
|
||||||
|
As mentioned above, a Monero address encodes two elliptic curve public keys so the first step is to generate two elliptic curve private keys from which the public keys may be derived.
|
||||||
|
|
||||||
|
Each private key is represented by a scalar between 1 and 2^252 + 27742317777372353535851937790883648492 inclusive. (Note: 2^252 + 27742317777372353535851937790883648492 + 1 is a prime order of the elliptic curve basepoint, `l`).
|
||||||
|
|
||||||
|
To generate a new private key, the convention is to generate a random 256 bit numbers and reduce it modulo 2^252 + 27742317777372353535851937790883648493.
|
||||||
|
|
||||||
|
To get the public keys to be encoded in the address, the ed25519 basepoint `G` is multiplied by each key scalar.
|
||||||
|
|
||||||
|
### Checksum
|
||||||
|
|
||||||
|
A checksum of the network byte and public keys is included in the address to help wallet software verify that a typo hasn't been made when users enter the address.
|
||||||
|
|
||||||
|
To get this checksum, the network byte as well as the public spend and view keys are concatenated together and Keccak-256 hashed. The first four bytes of this hash are the checksum.
|
||||||
|
|
||||||
|
When wallet software parses a Monero address it should decode the address and recompute the checksum and verify that it matches the checksum included in the address.
|
||||||
|
|
||||||
|
### Base58 Encoding
|
||||||
|
|
||||||
|
In an effort to further prevent errors from typos Monero addresses are encoded using a special character dictionary.
|
||||||
|
|
||||||
|
Characters used in Monero base58: `123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz`. Notice how characters that look similar such as `O` and `0` are missing.
|
||||||
|
|
||||||
|
[More about Monero base58](https://monerodocs.org/cryptography/base58/).
|
||||||
|
|
||||||
|
### Deteministic Wallets
|
||||||
|
|
||||||
|
There is no way to regulate how people choose their address keys, it is simply highly suggested that they are chosen at random. The original CryptoNote implementation generated each keypair randomly, independently of each other. Addresses generated this way are called non-deterministic, they have fallen out of popularity.
|
||||||
|
|
||||||
|
As of present, the convention is to derive an address's view key deterministically from the spend key which allows for human language encoded seed mnemonics.
|
||||||
|
|
||||||
|
Deterministic addresses derive the private view key from the private spend key by hashing it (conventionally Keccak-256) and reducing it modulo `l`.
|
||||||
|
|
||||||
## Reference
|
## Reference
|
||||||
|
|
||||||
* [StackExchenge answer](https://monero.stackexchange.com/questions/980/what-are-the-public-viewkeys-and-spendkeys)
|
* [StackExchenge answer](https://monero.stackexchange.com/questions/980/what-are-the-public-viewkeys-and-spendkeys)
|
||||||
* [https://xmr.llcoins.net/addresstests.html](https://xmr.llcoins.net/addresstests.html)
|
* [https://xmr.llcoins.net/addresstests.html](https://xmr.llcoins.net/addresstests.html)
|
||||||
|
* [src/cryptonote_basic/account.cpp account_base::generate](https://github.com/monero-project/monero/blob/dcba757dd283a3396120f0df90fe746e3ec02292/src/cryptonote_basic/account.cpp#L155)
|
||||||
|
|
Loading…
Reference in a new issue