Comments (7)
You need to hold some sort of state counter.
Your BIP32 idea was fine, but you need to derive 0 on the first request, then 1 on the 2nd request, then 2 on the 3rd request etc etc etc.
Do you have the original BIP32 code? I can tell you where to add the extra derive numbers, then you just need to think of how to store that "last generated number" state. (database, redis, sqlite, file, etc.)
from bitcoinjs-lib.
Do you have the original BIP32 code
Sorry, do you mean the master public key/zpub?
Do you have the original BIP32 code? I can tell you where to add the extra derive numbers, then you just need to think of how to store that "last generated number" state. (database, redis, sqlite, file, etc.)
I was under the impression it could be something like a randomly generated number, does it have to be incremental?
from bitcoinjs-lib.
Sorry, do you mean the master public key/zpub?
No. You said you tried BIP32. That means you wrote source code that generates the key using BIP32. I would like to see that source code.
does it have to be incremental?
You can choose any number you want, but you need to be able to recover it.
It's easier to use sequential numbers and just store 1 number in the database ("the last number we used") instead of storing every single number you have used up until this point. (This also requires a collision check in the database if you do it this way)
Edit: Think about it this way: let's say you generate 1645365158
for the first user and 1283118333
for the second user, and they make their deposits etc.
Then 5 days later, you go to generate a new number for a new user... if you don't remember 1645365158 and 1283118333
then what happens if you accidentally generate the same 1283118333
again? You won't know that this is bad, and your application will not throw an error or retry to generate another number.
from bitcoinjs-lib.
Then 5 days later, you go to generate a new number for a new user... if you don't remember
1645365158 and 1283118333
then what happens if you accidentally generate the same1283118333
again? You won't know that this is bad, and your application will not throw an error or retry to generate another number.
To be clear, I'm not generating a wallet for an user or anything like that. The way it works is the API generates a new address, belonging to my wallet, every time. It's meant to be for one-time payments to me.
from bitcoinjs-lib.
To be clear, I'm not generating a wallet for an user or anything like that. The way it works is the API generates a new address, belonging to my wallet, every time. It's meant to be for one-time payments to me.
It doesn't matter whether it's a user or yourself...
Think about it...
- You store 0 state anywhere.
- You derive the address at
1283118333
and once you show the sender the address at1283118333
your app forgets1283118333
because it stores 0 state. - You wait a few days, because you don't need to send any bitcoin.
- 3 days later you want to send bitcoin... your wallet has your private seed............ and that's it.
- How do you recover the private key at index
1283118333
if you don't know the number? Just brute force and try every single number?... that's going to take years.
from bitcoinjs-lib.
To be clear, I'm not generating a wallet for an user or anything like that. The way it works is the API generates a new address, belonging to my wallet, every time. It's meant to be for one-time payments to me.
It doesn't matter whether it's a user or yourself...
Think about it...
- You store 0 state anywhere.
- You derive the address at
1283118333
and once you show the sender the address at1283118333
your app forgets1283118333
because it stores 0 state.- You wait a few days, because you don't need to send any bitcoin.
- 3 days later you want to send bitcoin... your wallet has your private seed............ and that's it.
- How do you recover the private key at index
1283118333
if you don't know the number? Just brute force and try every single number?... that's going to take years.
I'm kind of a bitcoin noob (trying to learn more though). I was under the impression receiving addresses don't have private keys, and only wallets do? I am linking it to an existing wallet (whose public key I am inputting as the yourpubkey
constant, not an entirely new wallet that is being generated there on the fly.
from bitcoinjs-lib.
What you are proposing will not work.
I was under the impression receiving addresses don't have private keys, and only wallets do?
That is incorrect. The below explanation is how wallets actually work.
Pre-bip32 wallets:
- Generate random 256 bit private key
- Calculate public key from private key
- Calculate address from public key
- Show sender your address
- Repeat as necessary, your "wallet file" contains every single private key you have generated until now, you can't forget to save this or else you will lose money. (if someone sends BTC to address A but you didn't save private key A you can not recover those BTC)
Post-bip32 wallets (which usually also include BIP39 recovery phrases):
- Generate a BIP39 recovery seed
- Calculate the BIP32 master private key from the recovery seed
- Calculate the wallet's master public key from the master private key and your path derivation BIP (44, 49, 84, etc)
- Store the master public key wherever you need to generate multiple addresses for your wallet.
- Generate public keys from the master public key using
x/y
paths where x is 0 for receiving addresses and 1 is for change addresses. y is sequential (starting from 0) - Every time the user clicks "generate new address" you increase the wallet file's "last y used" number and if the next number is 6 then you derive public key
0/6
, calculate the public key, then the address - Repeat as necessary, the wallet file only needs to save either the BIP39 recovery seed or the BIP32 master private key, and it needs to store "the last address generated" index.
- When recovering any BTC sent to
0/6
you will take the master private key, the path derivation BIP's root, and the sub path (0/6
in our example) and recover the private key of the public key we generated in the earlier step. That private key is used for signing.
from bitcoinjs-lib.
Related Issues (20)
- Transaction sending failed (No script found for input #0) HOT 2
- Does bitcoinjs lib has instruments for creating MuSig key-path spend wallets with n-n scheme? HOT 10
- How do I consume a UTxO from a script based address (P2SH)
- How should I test the `taproot.spec.ts` file in the project in my localy NodeJS, I got the error infomation below. Thanks very much. HOT 10
- Send a Transaction with SegWit P2PKH Keypair HOT 8
- TypeError: Argument must be a Buffer when signing input HOT 1
- Bitcoin build transaction HOT 3
- can not sign input with my keypair HOT 5
- How can I create inscription psbt with this library? HOT 2
- Help with spending a custom script with Pay to Witness Script Hash HOT 3
- Taproot script-spend-path with sighash ALL|ANYONECANPAY HOT 1
- Can not sign for this input with the key `03...` HOT 4
- A Comprehensive Documentation for BitcoinJs-Lib. HOT 2
- Does bitcoinjs-lib support MuSig2 signature ? HOT 2
- SIGHASH_SINGLE | ANYONECANPAY input signed but can't update the unsigned inputs HOT 2
- Offline signing for Psbt class HOT 3
- PSBT finalScriptWitness "Destructuring" HOT 5
- Prefix xpub to dgub[bug] HOT 1
- Signing a PBST generated with bitcoinjs-lib failed on my Coldcard HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bitcoinjs-lib.