How are ethereum addresses generated?

  • What criteria does a valid Ethereum address need to fulfill? Is it just a random number in hexadecimal? Or does it need to be derived in a specific way, according to some cryptographic algorithms? What algorithms and standards are used to generate the key-pair?

    I don't agree about the duplicate. Question is not about verifying if the address is valid but rather how the address is built and if it follows a format or is just random. Indeed it's not random but the result of some processes. The fact that the word "valid" is in the question is not a criteria, you won't mark all questions with the "valid" word as duplicates !

    @tayvano I'm not the one who asked this question

    It's totally fine that questions get edited/improved and voted for reopening. Here we go.

  • tayvano

    tayvano Correct answer

    5 years ago

    Recently this article came to my attention that is way more in depth and technical than my more accessible version below. It also walks you through how to generate one on your own. I highly recommend it: https://kobl.one/blog/create-full-ethereum-keypair-and-address/


    From the Yellow Paper

    yellow paper

    There are three main steps to get from private -> address:

    1. Create a random private key (64 (hex) characters / 256 bits / 32 bytes)

    2. Derive the public key from this private key (128 (hex) characters / 512 bits / 64 bytes)

    3. Derive the address from this public key. (40 (hex) characters / 160 bits / 20 bytes)

    Even though a lot of people call the address the public key, it's actually not the case in Ethereum. There is a separate public key that acts as a middleman that you won't ever see, unless you go poking around a pre-sale wallet JSON file.

    1. Generating private key

    The private key is 64 hexadecimal characters. Every single string of 64 hex are, hypothetically, an Ethereum private key (see link at top for why this isn't totally accurate) that will access an account. If you plan on generating a new account, you should be sure these are seeded with a proper RNG. Once you have that string..

    2. Private Key -> Public Key

    This is hard and beyond me. There is something with Elliptic Curve Digital Signature Algorithm (ECDSA) and stuff. But in the end you end up with a public key that is 64 bytes.

    3. Public key -> Address

    1. Start with the public key (128 characters / 64 bytes)

    2. Take the Keccak-256 hash of the public key. You should now have a string that is 64 characters / 32 bytes. (note: SHA3-256 eventually became the standard, but Ethereum uses Keccak)

    3. Take the last 40 characters / 20 bytes of this public key (Keccak-256). Or, in other words, drop the first 24 characters / 12 bytes. These 40 characters / 20 bytes are the address. When prefixed with 0x it becomes 42 characters long.

    Definitions

    Address: An Ethereum address represents an account. For EOA, the address is derived as the last 20 bytes of the public key controlling the account, e.g., `cd2a3d9f938e13cd947ec05abc7fe734df8dd826. This is a hexadecimal format (base 16 notation), which is often indicated explicitly by appending 0x to the address. Web3.js and console functions accept addresses with or without this prefix but for transparency we encourage their use. Since each byte of the address is represented by 2 hex characters, a prefixed address is 42 characters long. Several apps and APIs are also meant to implement the new checksum-enabled address scheme introduced in the Mist Ethereum wallet as of version 0.5.0. - Homestead Docs

    Private Key: A randomly selected positive integer (represented as a byte array of length 32 in big-endian form) in the range [1, secp256k1n − 1]. - Yellow Paper

    what's the logic behind using only the last 20 bytes of the hash?

    @k26dr Every crypto seems to do something similar in order to keep addresses unique (so that you don't send Bitcoin to an ETH address, etc.) However, I don't know the specific reason. Would make for a great new question though. It's unlikely you will get a real answer here.

    @k26dr it's just to keep the addresses as short as possible without taking the risk of having collisions.

    Good info - But didn't explain final (optional) checksum for capital letters like you did here. https://ethereum.stackexchange.com/a/2046/22785 This is also part of public addr generation.

    It says here:http://ethdocs.org/en/latest/account-management.html?highlight=address#keyfiles that the private key is encoded using the users password, this doesn't seem to be mentioned in this answer?

    @MartinDawson The answer tells you how the keys are generated (and it's correct). After generating the private/public keys, you do need to store them somewhere securely. That's what the password-encrypted file is for.

    @k26dr I suspect another reason for shortening the address to 160bits was that Kademlia DHT p2p nodes are 160bits per the specification and if I remember correctly, Ethereum nodes should provide their address as their Kademlia nodeID.

    Is there an official* open source software to simply generate the private keys and the plublic keys? (*Made by the guys who created the ETH)

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM