比特骑士

I. Overview
The choice and use of wallets are closely related to us retail investors. I found that many newcomers are not very familiar with wallets and do not know how to use them. Essentially, a wallet is a container that generates and saves private and public keys and addresses, responsible for signing with the private key, encrypting with the public key, receiving payments with the generated address, or receiving change with the generated address during a transaction. At the same time, it continuously accesses the Bitcoin network to calculate your wallet balance and display it to you.
When you give someone your Bitcoin address and they send money to that address, the Bitcoin balance displayed in your wallet will change. After you send money to someone, in addition to the Bitcoin you paid them, they also need to give you change, so you need to provide a change address, similar to receiving change in everyday life.

I. Overview.
In the (public key) section, we discussed the mechanism of public key generation, and based on the format of the private key, different forms of public keys can be generated: 'uncompressed public key' and 'compressed public key'. The public key is inherently public; can't it be used directly as an address? Why go through the trouble of converting it into an address?
There are three main reasons.
First: The public key has two forms, compressed and uncompressed, with different lengths—one is 65 bytes (1-byte prefix + 32-byte x value + 32-byte y value) and the other is 33 bytes (1-byte prefix + 32-byte x value). There may be a third or fourth format in the future, making the number of public key formats presented to the user too many, which could be confusing.

3)  实例演示
我们从BIP39生成的种子出发，逐步演绎一下BIP32是如何执行的。
（1）  种子：
0x5b56c417303faa3fcba7e57400e120a0ca83ec5a4fc9ffba757fbe63fbd77a89a1a3be4c67196f57c39a88b76373733891bfaba16ed27a813ceed498804c0570
（2）  派生主密钥
寻找在线工具生成512位的结果（找不到的话请私聊我）
0xb2a0d576b828b537688b561f2cfa8dac3602d54c62bde619ad5331e6c235ee26b70d675323c40ec461e0a6af603b1f135fb2af9ae753eeff18922732a73b0f05
得到主私钥：
0xb2a0d576b828b537688b561f2cfa8dac3602d54c62bde619ad5331e6c235ee26
主公钥：
0x03ca72b45eede592f059b7eaf3da13eb7d8d15aa472b6f79f74820bb22ff596186
主链码：
0xb70d675323c40ec461e0a6af603b1f135fb2af9ae753eeff18922732a73b0f05

（3）  派生子密钥
A. 硬化派生
按照上文描述的法则进行派生
data = 0x00 || ser256(k_par) || ser32(i)
I = HMAC_SHA512(key = c_par, msg = data)
I_L, I_R = I[:32], I[32:]
k_i = (I_L + k_par) mod n
c_i = I_R
其中：
c_par 就是主链码
k_par 就是主私钥
i 就是深度，硬化派生是从2^31开始
data = 0x00 || ser256(k_par) || ser32(i) = 
0x00b2a0d576b828b537688b561f2cfa8dac3602d54c62bde619ad5331e6c235ee2680000000
I = HMAC_SHA512(key = c_par, msg = data) =
0xfd61ec4eff9af45c137d8e49cd152c736284aab45469981358c9ee070c9c264fce62c620b7cd66e27f970d0f29e4f2082c6b7740bd184d0c9c61f79d819af563
I_L = 0xfd61ec4eff9af45c137d8e49cd152c736284aab45469981358c9ee070c9c264f
I_R = 0xce62c620b7cd66e27f970d0f29e4f2082c6b7740bd184d0c9c61f79d819af563
k_i = (I_L + k_par) mod n
其中n你是知道的：0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
使用在线工具生成结果
k_i （子私钥）= 0xb002c1c5b7c3a9937c08e468fa0fba20ddd8a31a07deddf1464ac160fe9bd334
c_i （子链码）= 0xce62c620b7cd66e27f970d0f29e4f2082c6b7740bd184d0c9c61f79d819af563
B. 普通派生
按照上文描述的法则进行普通派生
data = serP(K_par) || ser32(i)
I = HMAC_SHA512(key = c_par, msg = data)
I_L, I_R = I[:32], I[32:]
k_i = (I_L + k_par) mod n
c_i = I_R
其中：
c_par 就是主链码
K_par 就是主公钥
i 就是深度，硬化派生是从0开始
data = ser256(K_par) || ser32(i) = 
0x03ca72b45eede592f059b7eaf3da13eb7d8d15aa472b6f79f74820bb22ff59618600000000
I = HMAC_SHA512(key = c_par, msg = data) =
0xa195f406434d6609e583caa55322cea249820a439ad695101807bd9d6a784a71a74b758d3dc442f8620a2438f56629e62a743a4b4fe1ad02166185bf290b56d1
I_L = 0xa195f406434d6609e583caa55322cea249820a439ad695101807bd9d6a784a71
I_R = 0xa74b758d3dc442f8620a2438f56629e62a743a4b4fe1ad02166185bf290b56d1
k_i = (I_L + k_par) mod n
其中n你是知道的：0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
使用在线工具生成结果
k_i （子私钥）= 0x5436c97cfb761b414e0f20c4801d5c4fc4d602a94e4bdaee058890f75c77f756
c_i （子链码）= 0xa74b758d3dc442f8620a2438f56629e62a743a4b4fe1ad02166185bf290b56d1

#Wallet #BIP

2. Derivation rules [BIP32].
We generated a seed through BIP39, which we call the 'master seed'. According to the derivation rules of BIP32, we can derive the 'master private key', 'master public key', and 'master chain code' from the 'master seed', all three of which are referred to as 'keys'. We can continue to derive 'child keys' (child private key, child public key, child chain code) from the 'keys' as 'child seeds', and so on, allowing for an infinite generation of descendants, all derived from the 'master seed'; hence, the 'master seed' is also referred to as the 'root'. The 'master private key', 'master public key', and 'master chain code' are also referred to as the 'master keys'. As long as we back up the 'mnemonic phrase', we can export the 'root' -> 'master root' -> 'child root', etc.

2. Hierarchical Deterministic Wallet | HD Wallet
To address the flaws of random wallets, the Bitcoin developer community established three standard protocols in 2012, 2013, and 2014, namely BIP32, BIP39, and BIP44 (BIP, Bitcoin Improvement Proposal), which ultimately formed the architectural foundation of mainstream wallets today.

Figure 1, BIP32, 39, 44
Figure 2, Advantages of HD Wallet
3. The underlying logic of HD Wallet
Initially, the HD wallet was established under these three protocols, and subsequently developed and evolved based on them. Below, we will briefly describe how these three protocols work together.

1. Uncompressed Public Key vs. Compressed Public Key
Since the inception of Bitcoin in 2009, the public key generated by the wallet is a 512-bit (64-byte) binary number. We will find that this public key connects the x and y coordinates together. However, once x is determined, the value of y will also be fixed, so as long as the value of x is collected, it also contains the information of y. This can significantly reduce the size of the data and lighten the storage burden (it will be mentioned later that every Bitcoin transaction must be encrypted using the public key, which will be stored on the blockchain), hence it is also referred to as 'compressed public key'. The earliest public key is called 'uncompressed public key'. To distinguish these two formats of public keys, the wallet adds a prefix '0x04' in front of the 'uncompressed public key', resulting in a 520-bit (65-byte) public key. Therefore, in 2012, after the Bitcoin wallet upgrade, support for compressed public keys began.

This chapter is crucial, an original article that explains in simple terms how the public key is calculated, and you will definitely understand it.

#比特币基础 #区块链知识 #椭圆曲线加密算法

I. Overview
After obtaining a 256-bit private key, the public key is calculated from the private key using the elliptic curve cryptography algorithm in a finite field. The basic mathematical knowledge involved belongs to the field of number theory, including modular arithmetic, prime number concepts, Euler's function, Euler's theorem, Euclidean extended theorem, RSA encryption theory, elliptic curve point operations, in other words, it can be understood as an upgraded version of RSA cryptography.
II. Elliptic Curve Cryptography (ECC)
Elliptic curve encryption is unidirectional, also known as asymmetric encryption. Its core idea is that the operation is irreversible, or that as long as an operation method has irreversible characteristics, it can be used as asymmetric encryption. 'Modular arithmetic' and 'point operations' are currently popular irreversible operations or unidirectional functions, or unidirectional operations.

1: General process of encoding
In the Bitcoin system, the general process for Base58Check encoding a data is as follows:
1. Input 'data' | This is the final data that will be used, and the subsequent steps are just modifications to this data.
2. Add 'version number' as 'prefix' at the front of 'data', forming 'prefix' + 'data' | That is, connecting 'prefix' and 'data' to form new data
3. Perform 'hash operation' on the connected data above, and take the front few bytes of the 'hash operation' result to append to 'data' as 'checksum', which is also the reason why Base58Check has 'Check' in its name

Now it is rumored that the Hangzhou police have summoned practitioners in the cryptocurrency industry. I want to ask, does this matter have anything to do with you? You haven't made any money and have lost everything. I was just thinking about asking them if they can recover the money. I'm done with this.

So let's continue studying, haha.

1. The function of 'prefix'
Decimal is the most familiar to everyone, so it will be easier to understand as an example.

Step 1: Assume a four-digit decimal number starting with 3. The minimum is 3000 and the maximum is 3999. In other words, as long as this number n satisfies 3000 ≤ n ≤ 3999, the first digit of this number must be 3.

Encoding is not encryption, but it can also be understood as public encryption of passwords. In the field of computing, encoding is ubiquitous, and the encoding table is the basic rule of encoding, sometimes referred to as a 'protocol.' 'Modular arithmetic' is the technical foundation of encoding.

Base64 and Base58 encoding tables and Base58Check encoding format
The most famous is the Base64 encoding table, which is used to encode binary data into ASCII string format. Since computers can only process binary numbers, the purpose of encoding boils down to two main points:
Encoding long binary numbers into shorter, more readable forms is beneficial for storage. When used, it can be reversed into binary according to the encoding table.

Blockchain technology has a history of 16 years since Satoshi Nakamoto mined the first Genesis block on January 3, 2009. After rigorous testing, it has become a technology that cannot be ignored. Excluding speculative behaviors related to gambling, the decentralized nature of blockchain will definitely have widespread applications. Here is my understanding:
The future belongs to AI; this is beyond doubt and is already the battleground for major tech companies.
AI needs not only algorithms but also data.
Currently, data is isolated, closed, not circulated, and difficult to authenticate | or can be tampered with, such as medical data, research data, personal data, etc.