Nostr Web Client

Replying to

Flix

Question for Bitcoin experts:

How do I derive Bitcoin addresses from a seed (12 words) OFFLINE and without using any bitcoin software?

ie: what is the mathematical formula?

Will zap ⚡ good answers!

Big Barry Bitcoin 2y ago

The first step is to generate a random number (dice or coin flips) then you can create the first 11 or first 23 words with a lookup table and the final word is mostly complicated by the need for using sha256.

This is a good resource even if you're not trying to seed xor. There's a python script that you can read and run on a non bitcoin related computer there somewhere too.

The sad thing is you have to give your whole key to a computer to generate a valid checksum.

https://github.com/dipunm/seedxor/blob/main/assets/dice-xor-instructions.md

Reply to this note

Please Login to reply.

Discussion

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 2y ago

pretty sure there is programmable calculators that could compute SHA256 hashes, if you had the code to do it

seedsigners do this also

Big Barry Bitcoin 2y ago

Calculators and seed signers count as computers to me.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 2y ago

i agree but most of these types of devices have no networking capabilities, if they even have USB

Big Barry Bitcoin 2y ago

Btw, I couldn't find a calculator that could do sha256, I did look 😂

But seed signer works, tails OS is a poor man's option, I was trying to make it work on this microcontroller: https://shop.pimoroni.com/products/badger-2040?variant=39752959852627

They were £16 at the time and I got it working actually but then I wanted it to give you the XPUB as a qr code and I couldn't get the secp256k1 library working on it properly.

These guys now focus on the version of this with WiFi.

Big Barry Bitcoin 2y ago

Some pics, caveat, the checksum is real, the fingerprint is fake.

#m=image%2Fjpeg&dim=768x1020&blurhash=_XJar%7DENRPX9RPofae%7EpoLIpR%2Bayayj%5B4TM%7CoMM%7Ct7WBoynhNGa%7Ds.R%2Bs%3Aayx%5DxGf%2BofjtkCaeWBWBt7s.bHjaj%3FX9xZkBs%3Aayayj%5BogxtoKbIoLWBa%23M%7Bt7j%40oLazaybH&x=0ac9a8dc67b1a1a3049c922e5517382a6ad80f43c5f5bb8dea51e4ece2035330

#m=image%2Fjpeg&dim=768x1020&blurhash=_bI%3B%40jELe.WXWBkBoL%7Epn%25M%7CbHaefkj%5B4nR%2CRkR*jsWVj%5BR5NGjZWCWWofj%5Bt7jFWWWBofa%7CjsV%40NGt6aeofjtayWVRkofoLWXoLj%5BtRn%25kCjsj%5Baya%7CWVj%5BoeoeWVjZay&x=21c26a6d93c11e2e2cb3c9291fe520dab94690e044632c8e52059c7ea9124579

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 2y ago

that is very cool

Big Barry Bitcoin 2y ago

Do you find it crazy that the checksum for 01234..... In sequence is just a continuation of the sequence? 😂

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 2y ago

it's a 12 word code and there is 4 bits so the checksum is 0-9a-f that's it

literally the first hex digit of a hash

not sure why the fingerprint is fake though

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 2y ago

why is the fingerprint fake?, what difference does it make that's one of the lowest entropy numbers you could imagine

Big Barry Bitcoin 2y ago

There is a specific algorithm you are supposed to use to calculate the fingerprint. It involves using the secp256k1 algorithm and I think possibly because of memory constraints, I had issues getting that library to run on the device.

It also wasn't giving very helpful feedback, I think the device just crashed after attempting to perform a memory allocation step.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 2y ago

oh, fingerprint would require generating the public key, it's a truncated hash of the pubkey usually

surely there must be a memory constrained version for deriving a public key using secp256k1?

it doesn't require that much memory actually, so the library isn't well coded

Big Barry Bitcoin 2y ago

I'll jump back on this project some time this year. Hopefully I'll have more luck. I also have had advice on debugging hardware I can buy to help me zero in on the root cause.

I'm a little out of it depth with all this low level c++ coding, and most complex for me: compiling for non standard CPU architecture.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 2y ago

it would be easier if it was C probably, C++ complex syntax often masks underlying wasteful abstractions