Master extended keys
Once the “seed” has been created, the master extended keys can be created, which works like this : The “seed” is put through a hashing function (HMAC-SHA512), that generates 64 bytes of data, which gets split into two halves of 32 bytes.
● The left half contains the private key.
● The right half contains the chain code.
That’s the master extended private key, now we will look at the master extended public key.
The master extended public key is calculated from the master extended private key through use of “Elliptic Curve Multiplication”, after which the public key is coupled with the same 32 byte chain code contained in the master extended private key.
● “Elliptic Curve Multiplication” is a one-way function, ensuring that nobody can calculate the corresponding private key from a public key. That’s it, the master extended keys are created, from which seemingly endless child private and public keys and addresses can be calculated.
Child Private and Public keys, Addresses and Signatures
An individual private key is a number which consists of 256 randomly generated binary digits. Once the private key is created, the corresponding public key can be calculated using Elliptic Curve Multiplication. Once the public key is calculated from the private key, the digital fingerprint (better known as address) can be derived from the public key through a hashing function.
In order to derive the digital fingerprint (address) from the public key, the public key is first hashed through the SHA256-function, and thereafter hashed through the RIPEMD160-function, which results in the Hash160, or public key hash (address).
● The‘Elliptic Curve Multiplication’, as well as the ‘hashing algorithm’ are both “one-way” functions. This means that no one can reverse the function and calculate, for example, the private key from a public key. This mathematical trick forms the basis for unforgeable and secure digital signatures proving the ownership of bitcoin.
● A digital signature (signatures) prove that you have the private key to a corresponding public key / address, without exposing the private key.
reply