Connect with us

Bitcoin

Step by step guide to go from public key to a Bech32 encoded address

I feel like having it step-by-step can make it a lot easier specially for developers.

Published

on

The following content was written by Coding Enthusiast on September 01, 2018, 03:05:04 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


Bitcoin wiki has a pretty good step-by-step explanation of how to go from a public key to a base58_encoded address which contains the values for each step of the way[1]. But unfortunately I could not find anything similar for Bech32_encoding. Additionally I found the reference implementations a bit confusing[2]! The information is out there[3] but I feel like having it step-by-step like “[1]” can make it a lot easier specially for developers. For example during unit testing I was getting a different address (bc1qp63uahgrxged4z5jswyt5dn5v3lzsem6c0qqhg8) for below public key and I wasn’t sure where the bug was coming from, this visualization helped me [4] realize I was appending the version byte before converting the bits instead of after. So hopefully these steps can help someone like me looking for them.


How to create a Bech32 address from a public key:

1. Having a compressed[5] public key (0x02 or 0x03 followed by 32 byte X coordinate):
Code:
0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798

2. Perform SHA-256 hashing on the public key:
Code:
0f715baf5d4c2ed329785cef29e562f73488c8a2bb9dbc5700b361d54b9b0554

3. Perform RIPEMD-160 hashing on the result of SHA-256:
Code:
751e76e8199196d454941c45d1b3a323f1433bd6

4. The result of step 3 is an array of 8-bit unsigned integers (base 2^8=256) and Bech32 encoding converts this to an array of 5-bit unsigned integers (base 2^5=32) so we “squash” the bytes to get:
in hex:
Code:
0e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16
in numbers:
Code:
14 20 15 07 13 26 00 25 18 06 11 13 08 21 04 20 03 17 02 29 03 12 29 03 04 15 24 20 06 14 30 22
5 bits binary:
Code:
01110 10100 01111 00111 01101 11010 00000 11001 10010 00110 01011 01101 01000 10101 00100 10100 00011 10001 00010 11101 00011 01100 11101 00011 00100 01111 11000 10100 00110 01110 11110 10110

5. Add the witness version byte in front of the step 4 result (current version is 0):
Code:
000e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16

6. Compute the checksum by using the data from step 5 and the H.R.P (bc for MainNet and tb for TestNet)
Code:
0c0709110b15

7. Append the checksum to result of step 5 (we now have an array of 5-bit integers):
Code:
000e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e160c0709110b15

8. Map each value to its corresponding character in Bech32Chars (qpzry9x8gf2tvdw0s3jn54khce6mua7l) 00 -> q, 0e -> w,…
Code:
qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4

9. A Bech32_encoded address consists of 3 parts: HRP + Separator + Data:
Code:
bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4

The final result from step 9 is the same as example in BIP173[6]

References:
[1] https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
[2] https://github.com/sipa/bech32
[3] https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki
[4] https://en.bitcoin.it/w/images/en/4/48/Address_map.jpg
[5] Only compressed public keys are allowed: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#restrictions-on-public-key-type
[6] https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki#examples

The following content was written by ETFbitcoin on September 01, 2018, 03:26:19 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


Great guide and mostly it’s easy to understand. But i don’t understand the 8th steps, is it encode/decode result from Bech32 characters?

The following content was written by Coding Enthusiast on September 01, 2018, 03:38:49 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


Great guide and mostly it’s easy to understand. But i don’t understand the 8th steps, is it encode/decode result from Bech32 characters?

Yes. Note that step7 is the hexadecimal representation of an array of 5-bit integers {0, 14, 20, 15, 7, …, 11, 21} so 0 is item at index 0 of B32Chars or the letter q and 14 is the character at index 14 or w, 20 is 5 and so on.
 In C♯
Code:
string B32Chars = “qpzry9x8gf2tvdw0s3jn54khce6mua7l”;
StringBuilder result = new StringBuilder();
foreach (byte item in step7Array)
{
   result.Append(B32Chars[item]);
}

Basically this:
.join in python implementation (https://github.com/sipa/bech32/blob/master/ref/python/segwit_addr.py#L59)
or the for loop in JavaScript implementation (https://github.com/sipa/bech32/blob/master/ref/javascript/bech32.js#L74-L76)

The following content was written by odolvlobo on September 02, 2018, 08:06:11 AM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


4. The result of step 3 is an array of 8-bit unsigned integers (base 2^8=256) and Bech32 encoding converts this to an array of 5-bit unsigned integers (base 2^5=32) so we “squash” the bytes to get:

I feel that your description is confusing. You write “array of 5-bit integers”, but displaying the results as a hex string implies that it is a string of 8-bit values. I recommend inserting spaces between each value to emphasize that each element is distinct, and perhaps using decimal values to avoid implying that the values could lie outside of the range 0 – 31.

For example:

Quote
4. The result of step 3 is an array of 8-bit unsigned integers (base 2^8=256) and Bech32 encoding converts this to an array of 5-bit unsigned integers (base 2^5=32) so we “squash” the bytes to get:
Code:
0e 14 0f 07 0d 1a 00 19 12 06 0b 0d 08 15 04 14 03 11 02 1d 03 0c 1d 03 04 0f 18 14 06 0e 1e 16

or even better:

Quote
4. The result of step 3 is an array of 8-bit unsigned integers (base 2^8=256) and Bech32 encoding converts this to an array of 5-bit unsigned integers (base 2^5=32) so we “squash” the bytes to get:
Code:
14 20 15 7 13 26 0 25 18 6 11 13 8 21 4 20 3 17 2 29 3 12 29 3 4 15 24 20 6 14 30 22


Also,

5. Add the witness version byte in front of the step 4 result (current version is 0):
Code:
000e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16

I recommend removing “byte” since the witness version is not a byte. Note that bip-173 also calls it a “byte” when it isn’t.

Quote
5. Add the witness version in front of the step 4 result (current version is 0):
Code:
0 14 20 15 7 13 26 0 25 18 6 11 13 8 21 4 20 3 17 2 29 3 12 29 3 4 15 24 20 6 14 30 22

The following content was written by Coding Enthusiast on September 02, 2018, 02:47:35 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


I feel that your description is confusing. You write “array of 5-bit integers”, but displaying the results as a hex string implies that it is a string of 8-bit values.
I get what you are talking about but base-16 is just another representation of an array of “numbers”, it doesn’t really make a difference if I write 14 12 15 with spaces or 0e 14 0f with or without spaces, they are both representing the same set of numbers in base-256. The only possible way to clarify things is if I start typing them in binary like this but that’s just impossible to read:
Code:
01110 10100 01111 …


Additionally hex or base-16 is a very easy and convenient way to transfer arrays of “numbers”. For instance you can not input each of those “numbers” (14, 20, 15…) one by one in an array when coding, it would take a long time and it is easy to make a mistake. But you can very easily give your code the hexadecimal string representation of it and decode it into the array of “numbers” then treat those “numbers” however you like.

I am going to add both numbers and binary, maybe that helps visualizing it better.

I recommend removing “byte” since the witness version is not a byte. Note that bip-173 also calls it a “byte” when it isn’t.
Well, “version byte” is the name of the “0” we are appending to it, I can’t just change that name:
https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#witness-program
https://github.com/bitcoin/bips/blob/master/bip-0142.mediawiki#rationale

The following content was written by TheArchaeologist on September 03, 2018, 07:13:05 AM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


If you want to play around with this using Python you can check: https://github.com/mcdallas/cryptotools

Example:
Code:
>>> from ECDSA.secp256k1 import CURVE, PrivateKey

>>> private = PrivateKey.random()
>>> private.int()
8034465994996476238286561766373949549982328752707977290709076444881813294372

>>> public = private.to_public()
>>> public
PublicKey(102868560361119050321154887315228169307787313299675114268359376451780341556078, 83001804479408277471207716276761041184203185393579361784723900699449806360826)

>>> public.point in CURVE
True

>>> public.to_address(‘P2WPKH’)
‘bc1qh2egksgfejqpktc3kkdtuqqrukrpzzp9lr0phn’

The following content was written by denisdo95 on November 23, 2019, 01:01:01 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)



3. Perform RIPEMD-160 hashing on the result of SHA-256:
Code:
751e76e8199196d454941c45d1b3a323f1433bd6

4. The result of step 3 is an array of 8-bit unsigned integers (base 2^8=256) and Bech32 encoding converts this to an array of 5-bit unsigned integers (base 2^5=32) so we “squash” the bytes to get:
in hex:
Code:
0e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16



Hey.

Please tell me, how did you get the string “0e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16” from the string “751e76e8199196d454941c45d1b3a323f1433bd6”? What command do you need to execute for this?

The following content was written by DannyHamilton on November 24, 2019, 03:17:04 AM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


3. Perform RIPEMD-160 hashing on the result of SHA-256:
Code:
751e76e8199196d454941c45d1b3a323f1433bd6

4. The result of step 3 is an array of 8-bit unsigned integers (base 2^8=256) and Bech32 encoding converts this to an array of 5-bit unsigned integers (base 2^5=32) so we “squash” the bytes to get:
in hex:
Code:
0e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16
Hey.

Please tell me, how did you get the string “0e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16” from the string “751e76e8199196d454941c45d1b3a323f1433bd6”? What command do you need to execute for this?


Here’s a simple way to understand it…

Convert the first value from a hex value to an array of bits where: 0 = 0000, 1=0001, 2=0010, 3-0011, 4=0100, etc
   7    5    1    e    7    6    e …
0111 0101 0001 1110 0111 0110 1110 …


Change the spacing of the 1’s and zeros so that they are grouped 5 in a set instead of 4:
01110 10100 01111 00111 01101 110 …

Convert each set of 5 into a hex value:
01110 10100 01111 00111 01101 110…
   0e    14    0f    07    0d    …   

The following content was written by TsaPaka on February 23, 2020, 06:30:33 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


Thank you because I could understand until the last soft fork.
I explain here how a segwit address in P2WSH format is derived so as not to mix the segwit between P2WPKH and P2WSH.
Note that the guide explained above generates in P2WPKH format about 42 characters but P2WSH format about 62 characters.

https://bitcointalk.org/index.php?topic=5227953

The following content was written by MixMAx123 on February 25, 2020, 06:01:57 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


I have now successfully reached step 5.
I have: 000e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16

Now I do not come to step 6.
When I calculate: SHA256 (SHA256 (000e140f070d1a001912060b0d081504140311021d030c1d03040f1814060e1e16)) = 103ede5cc41abfd088a368bb40df3d52e5614460521d88daa202917c7f3de88d.

The first 6 bytes are then with me: 10 3e de 5c c4 1a
And this is a different number than yours.
What am I doing wrong?

The following content was written by Coding Enthusiast on February 25, 2020, 07:23:24 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


What am I doing wrong?

The encoding is Bech-32 not Base-58 and there is no SHA256 in this encoding, there is only playing around with bits. Read BIP-173 for details of how you should compute the checksum.

The following content was written by Headphones on July 02, 2020, 07:34:13 PM in the thread Step by step guide to go from public key to a Bech32 encoded address. All content is owned by the author of the bitcointalk.org post. (original)


Hey, great post! It’s really useful.

I’m trying to decode a bech32 address tb1qwm3dqje4wc7cs2u9sv39yh2as8ae0ntzqkjunw into the h160 of the public key, which is step 3 in your guide, using the reference implementation in python.

I end up with an array of integers: [118, 226, 208, 75, 53, 118, 61, 136, 43, 133, 131, 34, 82, 93, 93, 129, 251, 151, 205, 98] which I think corresponds with step 4 of your guide.

How do I go from the array of numbers into the hex version of the h160 which according to https://slowli.github.io/bech32-buffer/ should be: 751e76e8199196d454941c45d1b3a323f1433bd6

Any help would be appreciated!


Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Legal

Korbit charged for excessive customer data collection

Korbit, a well-known cryptocurrency exchange, has been charged and fined over “collecting excessive personal data” from at least one of its customers.

Published

on

Korbit, a well-known South Korean Cryptocurrency exchange, has been charged and fined over “collecting excessive personal data” from at least one of its customers. 

Korbit is a South Korean company that is heavily vested in the cryptocurrency market. The brand is owned and operated by Korbit Inc, a company located in Gangnam-gu, Seoul, South Korea. The brand commenced operations in 2014 after securing huge financing from several venture capitalists.

Korbit performs the following cryptocurrency-related services:

  • Cryptocurrency trading for the local South Korean market.
  • Fiat to cryptocurrency exchange services using the South Korean Won (KRW) as the fiat currency of choice.

South Korea has a large cryptocurrency trading market, largely populated by local players and companies who moved there when the Chinese ban on cryptocurrency trading came into effect. By providing the local and regional market the opportunity to use the local currency to purchase cryptocurrency tokens or secure cryptocurrencies for trading purposes, Korbit fulfills a large need.

So Korbit is a very well-known exchange, and they get fined for a matter like that has been a matter of talk between crypto experts.

A Small But Significant Fine

According to Yonhap, a news agency, “ They have been charged USD 4000 for this by a government watchdog for ordering a customer who had attempted to activate a dormant account on its platform to upload a photograph of their national ID card.”

The court took the case before the Personal Information Protection Committee. Then they met in a plenary session to rule on the case. The crypto exchange Korbit argued that it needed proof of a photo ID to prevent financial crimes such as voice phishing scams, adding that account users could begin trading immediately after activating dormant accounts.

But the committee overruled their argument and decided in favor of the user in question, claiming that none of Korbit’s other “big four” crypto exchange rivals (Upbit, Bithumb, and Coinone) required photo ID submission activate such accounts.

The committee ruled that mobile phone verification would have been sufficient in this instance. The exchange was guilty of violating the “principles of minimum personal information collection” specified in the Personal Information Protection Act, which was passed last year.

The decision made was absolutely correct because there was no point for them to ask for full ID verification. Mobile verification was acceptable, and the demand for photo ID verification was completely useless.

Korbit Jumps Into NFT Craze

In the meantime, Korbit has also started selling these days popular non-fungible tokens (NFTs) for a hit South Korea drama series. Per EDaily, Korbit struck a partnership deal with the production company Studio Dragon, the creator of the drama Vincenzo, a mafia-themed series starring Song Joong-ki that aired on the cable network tvN earlier this year.

The deal will see the company sell 100 limited edition official pieces of art based on the show on a first-come-first-served basis on July 21.

Korbit stated that it plans to create more NFT items for “other popular dramas” produced by Studio Dragon.

The company also said and showcased one of the items it plans to sell – an NFT featuring an iconic lighter used by the main and titular character in the drama, also distributed by the streaming giant Netflix.

Continue Reading

Bitcoin

Bitcoin Core 22.0 To Add Hardware Wallet Support

Bitcoin Core will start to support connection with Hardware Wallets with HWI library. New options for hardware wallets will be added to the settings.

Published

on

The latest version of Bitcoin Core v22.0 will add support for hardware wallets. It will start to support connection with Hardware Wallets with HWI Python library. The overall interface of the wallet will change in the latest version and new options for hardware wallets will be added to the settings and then we will be able to create a new wallet with our connected devices.

It is pretty good news and bitcoin users are looking forward to giving this wallet a go as soon as it releases.

Bitcoin Core can be launched with -signer=<cmd> where <cmd> is an external tool that can sign transactions and perform other functions. For example, it can be used to communicate with a hardware wallet.

Among other changes, Bech32m (witness v1) addresses are now supported for most RPC calls. Adjustments were made to the RPC calls for banning, network, and peer information. It no longer supports MacOS versions older than 10.14 “Mojave”.

22.0 Release Notes Draft

Below is a copy of the relevant section of the release notes that mentions the signing feature.


GUI Changes

External signers such as hardware wallets can now be used. These require an external tool such as HWI to be installed and configured under Options -> Wallet. When creating a new wallet a new option “External signer” will appear in the dialog. If the device is detected, its name is suggested as the wallet name. The watch-only keys are then automatically imported. Receive addresses can be verified on the device. The send dialog will automatically use the connected device. This feature is experimental and the UI may freeze for a few seconds when performing these actions.

Example of Usage

Although this tool is hosted under the Bitcoin Core GitHub organization and maintained by Bitcoin Core developers, it should be used with caution. It is considered experimental and has far less review than Bitcoin Core itself. Be particularly careful when running tools such as these on a computer with private keys on it.

When using a hardware wallet, consult the manufacturer’s website for (alternative) software they recommend. As long as their software conforms to the standard below, it should be able to work with Bitcoin Core.


What does the HWI library do?

The primary use of HWI is to discover hardware wallets that are connected via USB ports. It uses the udev project, which means that Windows is not supported. It only works for macOS and Linux. Fortunately, HWI and hardware wallet support are optional in Bitcoin Core. It will continue to function normally if HWI is not installed.

HWI is a command-line program that reads commands from the terminal and sends them to the device. The device behaves as if a human is entering physical input to it and executes the commands the same way it would be done manually. It also has a Python API, which makes it easier to add an HTTP API in the future if desired by the project maintainers.

Supported Devices

The following hardware wallets are compatible with most commands of HWI:

  • Ledger Nano X
  • Ledger Nano S
  • Trezor Model T
  • Trezor One
  • BitBox01
  • BitBox02
  • KeepKey
  • Coldcard

HWI has a support policy that states that hardware wallets must use as much open-source firmware as possible. Closed-source parts are acceptable if they are required by a non-disclosure agreement (NDA). Closed-source firmware is tolerated if the vendor provides active support for it, but the hardware wallet support will be dropped if the vendor stops maintaining HWI support for their hardware wallet. Also, if the hardware wallet stops receiving security updates, HWI support for it will be dropped if security vulnerabilities are found.

Continue Reading

Mining

Meet The Large Companies Investing In Antminers

Why are these companies only buying large quantities of Bitmain Antminer hardware, and how do they receive them?

Published

on

Along with Gryphon and Hut 8 Mining Corp, many other companies invest in bitcoin miners. There’s a reason why Bitmain Antminers are some of the most popular in the world. All of these invest in Bitmain mining hardware only. Gryphon is a minor mining operation compared to some of the more prominent players, but they all have a role to play. We will discuss TeraWulf first.

TeraWulf

TeraWulf is a new mining company based in the United States purchasing 30,000 miners from Bitmain with plans to have greater than 3 Exahashes (EH/s) of Bitcoin Mining power, which is some serious power that would put it in the top 10 mining pools in terms of hash rate. 

TeraWulf is soon to have a Nasdaq Listing; it agreed to merge with Ikonics, an imaging tech company whose stock is traded on Nasdaq. The newly merged company will trade under “WULF”.

TeraWulf is an example of a medium-sized operation, who has also placed its trust in Bitmain to provide mining hardware.

TeraWulf has a long-term goal to mine Bitcoin with more than 90% Zero-Carbon energy. It has around 50 megawatts of electricity capacity, with long-term plans to increase this to 800 Megawatts by 2025. This would enable a hashrate of more than 23 EH/s. It is ambitious, as it would be in the top 5 of hashrate.

TeraWulf’s low-carbon commitment is a sign of the times with concerns about the carbon footprint of the Bitcoin blockchain. Players the size of TeraWulf can make a difference in the carbon footprint of Bitcoin and help set trends.

Core Scientific

Core Scientific is a mining company in North America. It has recently completed a buy of 112,800 ASIC mining rigs from Bitmain. Core Scientific provides hosting services for miners alongside its operations bought S19 Pro, S19j, and S19j Pro miners intending to double its fleet of miners. Core Scientific can also repair Bitmain mining machines that are under warranty, thus offering Bitmain Warranty services in North America.

Core Scientific intends to use half of the machines it has ordered for its mining operations. They will use the other half to fulfill contracts with existing mining clients.

The large 112,800 shipment and future ones of similar magnitude will help Core Scientific more than double its share of Bitcoin’s hashrate. Core scientific currently has approximately 5% of the current Bitcoin Hashrate. They intend to increase this to 12$, according to their CEO Kevin Turner.

Turner’s forecast aligns with the growing presence of North America in the Bitcoin mining sphere. 

Along with Core scientific, Gryphon, and TeraWulf, other mining companies are looking to expand their operations, such as Marathon, Riot, and Blockcap.

Kevin does not expect the trend of big players investing in the mining space to stop soon, and new prominent players are continuing to enter the game. 

Kevin stated that larger numbers of publicly traded companies, large family companies, and hedge funds are looking for trustworthy mining operations in North America. Kevin believes that the United States is interested in being a leader in digital assets, despite other countries being early adopters before the United States was.

Marathon Patient Group

Marathon is another significant player in the Bitcoin mining industry, based in Las Vegas. They mined no fewer than 196 Bitcoins in 2021, worth over $11 million at current prices. Marathon has planned to expand its mining operation to have no fewer than 100,000 miners online by 2022. Marathon’s hold more than 5,000 Bitcoin. Marathon received an order in Q1 of 2021 for 1,300 Bitmain S19 Pro mining rigs.

Marathon will have ongoing shipments from Bitmain throughout 2021, with a plan to have over 100,000 online by January 2022. Marathon’s total network hashrate is estimated at 10.3 Exahashes per second by then, putting them in the top 10. The company used stock offerings and other financings to invest in the latest Bitmain hardware.

Marathon has planned its high-speed expansion to keep up with other big names in the mining industry. The new machines coming online in 2021 after heavy demand has caused the Bitcoin difficulty to skyrocket due to the flood of hashrate. Bitcoin difficulty is the algorithm that keeps the supply of bitcoins and the Blockchain’s growth constant despite the varying market conditions.

The CEO of Compass Mining, Whit Gibbs, commented on Marathon’s “mammoth” ASIC order. He mentioned he feels that this trend of increasing hashrate and difficulty shows no signs of slowing in 2021 and that it should track with Bitcoin’s price.

Continue Reading

Trending