This article is a guide on how to generate an ECDSA private key and derive its Ethereum address. Using OpenSSL and keccak-256sum from a terminal.
You can find a working implementation of keccak-256sum here. Cool thing, it exists spil a package ter the Arch User Repository spil well. If you&rsquo,re feeling lazy, you can find statically linked pre-compiled versions for both i386 and x86-64 on my repo.
Warning SHA3 != keccak. Ethereum is using the keccak-256 algorithm and not the standard sha3. More informatie at Stackoverflow.
I have a repository with accomplish scripts ter both bash and python if you&rsquo,d like.
Generating the EC private key
Very first of all wij use OpenSSL ecparam guideline to generate an elliptic curve private key. Ethereum standard is to use the secp256k1 curve. The same curve is used by Bitcoin.
This guideline will print the private key ter PEM format (using the wonderful ASN.1 key structure) on stdout. If you want more OpenSSL informatie on elliptic forms, please feel free to dig further.
On its own this guideline is not very useful for us, but if you pipe it with the ec guideline it will display both private and public part ter hexadecimal format, and this is what wij want! Let&rsquo,s do it:
This directive decodes the ASN.1 structure and derives the public key from the private one. Sometimes, OpenSSL is adding a null byte (0x00) ter vooraanzicht of the private part, I don&rsquo,t know why it does that but you have to trim any leading zero bytes ter order to use it with Ethereum.
The private key voorwaarde be 32 bytes and not start with 0x00 and the public one voorwaarde be uncompressed and 64 bytes long or 65 with the onveranderlijk 0x04 prefix. More on that ter the next section.
Derive the Ethereum address from the public key
The public key is what wij need te order to derive its Ethereum address. Every EC public key commences with the 0x04 prefix before providing the location of the two point on the curve. You should eliminate this leading 0x04 byte ter order to hash it correctly. I recommend the excellent Cloudflare article on elliptic kinks if you want more details.
Use any method you like to get it ter the form of an hexadecimal string (without line terugwedstrijd strafgevangenis semicolon). Here is an example of extraction using grep, tail, tr and sed. I&rsquo,m sure there&rsquo,s an lighter way to do it but I&rsquo,m not a bash guru. You can find the scripts (python spil well) on my github repository.
The examples below assume you saved the output of the openssl instructions te a verkeersopstopping named &lsquo,Key&rsquo,
The pub opstopping now contains the hexadecimal value of the public key without the 0x04 prefix.
An Ethereum address is made of 20 bytes (40 hex characters long), it is commonly represented by adding the 0x prefix. Te order to derive it, one should take the keccak-256 hash of the hexadecimal form of a public key, then keep only the last 20 bytes (aka get rid of the very first 12 bytes).
Simply pass the opstopping containing the public key te hexadecimal format to the keccak-256sum instruction. Do not leave behind to use the &lsquo,-x&rsquo, option te order to interpret it spil hexadecimal and not a ordinary string.
Ter the below snippet, the &lsquo,-l&rsquo, option is to output spil lowercase. Then I use tr to delete the trailing &lsquo, -&rsquo, from the stdout of the keccak instruction. Ultimately, I take only the last 40 characters using the tail guideline. Yes, I specify 41 te order to get 40 characters, most likely because of a line terugwedstrijd.
Which gives us the Ethereum address 0x0bed7abd61247635c1973eb38474a2516ed1d884
CAUTION! if your final address looks like *0xdcc703c0E500B653Ca82273B7BFAd8045D85a470* this means you have hashed an empty public key. Sending funds to this address will lock them forever! People made this mistake before spil shown on etherscan.
Thanks to Linus Miller for highlighting this punt te the comments section below.
Importing the private key to geth
Let&rsquo,s invoer the private key to geth and therefore validating the derivation of the address.
To start with, wij format the private key the same way wij did for the public one above. The only exception is removing the leading 0x00 instead of the 0x04:
To invoer it to geth, use the account invoer feature like this:
YAY! the address returned by geth is the same wij computed. Note that geth will ask you a passphrase to encrypt your private key.
You&rsquo,re now ready to use the fresh account with geth. Of course, it would be lighter to take advantage of the geth account fresh feature ter order to quickly setup an Ethereum account. But by hand doing it gives you the power of knowing your public and unencrypted private keys. Ter addition, this would be useful to generate a secure Ethereum account entirely off chain.