BIP-0032

hierarchical deterministic wallets，通过单个CSPRNG，来回调用hmac-sha256，结合ec point的加法、乘法，层次化派生公私钥对，用于bitcoin wallet。

通过i>=2^31区分派生的hardened / normal

i ≥ 2^31: hardened child
    let I = HMAC-SHA512(Key = cpar, Data = 0x00 || ser256(kpar) || ser32(i))
otherwise: normal child
    let I = HMAC-SHA512(Key = cpar, Data = serP(point(kpar)) || ser32(i))

IL || IR = I
ki = parse256(IL) + kpar (mod n)
ci = IR
private key: (ki, ci)
public key: (Ki, ci),  Ki=point(ki)

hardened child无法通过父公钥直接派生子公钥，而normal child可以

CKDpub((Kpar, cpar), i) → (Ki, ci)

i ≥ 2^31: hardened child
    return fail
otherwise: normal child
    let I = HMAC-SHA512(Key = cpar, Data = serP(Kpar) || ser32(i))

IL || IR = I
Ki = point(parse256(IL)) + Kpar
ci = IR
public key: (Ki, ci)

BIP-0044

bip-0044

m / purpose' / coin_type' / account' / change / address_index

Published

09 June 2023

Share On

twitter

weibo

本作品采用知识共享署名-非商业性使用-相同方式共享 4.0 国际许可协议进行许可。

HD Wallets

BIP-0032

BIP-0044

Published

Categories

Tags

Share On