Ethereum addresses are derived from public keys using the Keccak-256 hashing algorithm. Specifically, the address consists of the last 20 bytes of the Keccak-256 hash of the public key. The public key is generated using the secp256k1 elliptic curve algorithm, the same one used in Bitcoin.
This process involves complex mathematical operations but can be implemented step by step using Python. Understanding how to generate an address from a private key is essential for developers working with blockchain technology, cryptography, or wallet development.
How to Generate an Ethereum Address from a Public Key
The public key in elliptic curve cryptography is a point on the curve, represented by coordinates (x, y). To generate an Ethereum address, these coordinates are concatenated, hashed using Keccak-256, and the last 20 bytes of the hash are taken as the address.
Here is a Python code example demonstrating this process:
from ecpy.curves import Curve
from ecpy.keys import ECPublicKey, ECPrivateKey
from sha3 import keccak_256
private_key = 0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
cv = Curve.get_curve('secp256k1')
pv_key = ECPrivateKey(private_key, cv)
pu_key = pv_key.get_public_key()
concat_x_y = pu_key.W.x.to_bytes(32, byteorder='big') + pu_key.W.y.to_bytes(32, byteorder='big')
eth_addr = '0x' + keccak_256(concat_x_y).digest()[-20:].hex()
print('private key: ', hex(private_key))
print('eth_address: ', eth_addr)This code uses the ecpy library, which provides a pure Python implementation of elliptic curve mathematics. While it may not be as fast as libraries built on C implementations, it offers clarity for educational purposes.
👉 Explore more strategies for cryptographic key generation
Generating Elliptic Curve Public Keys
Public keys are derived from private keys using elliptic curve multiplication. The secp256k1 curve parameters define the mathematical properties used in this process.
The public key is a point on the curve, and its x and y coordinates are combined to form the input for hashing. This step is critical for address generation.
Creating Private Keys Using Physical Randomness
For enhanced security, you can generate private keys using physical randomness sources, such as coin flips or dice rolls. This method ensures that the private key is not predictable and avoids vulnerabilities associated with poor random number generation.
Example: Generating a Private Key with Coin Flips
Suppose you flip a coin 256 times, recording 1 for heads and 0 for tails. You might obtain a binary string like:
result = b'1100001011001101010001001100101000001111101101111011001000110001101100011101101011010001011000101111100110010101001001101110111011001000100001010101111100001100100110010010111110110100000010011111100000110101001110000101100101011111001101010001100001000'Convert this binary string to a hexadecimal private key using Python:
private_key = hex(int(result, 2))This yields a private key like 0x1859a89941f6f646363b5a2c5f32a4ddd910abe19325f6813f06a70b2be6a308.
Using Dice for Key Generation
Alternatively, you can use a 16-sided die rolled 64 times, recording each result as a hexadecimal character. Subtract 1 from each roll to adjust for the absence of zero on most dice.
If using a standard six-sided die, record results in base 6 (subtracting 1 each time) and convert to hexadecimal. Continue rolling until you have at least 256 bits of entropy.
👉 View real-time tools for secure randomness generation
Mathematical Background of secp256k1
Curve Equation and Parameters
The secp256k1 curve is defined by the equation (y^2 = x^3 + 7 \mod p), where (p) is the prime number:
115792089237316195423570985008687907853269984665640564039457584007908834671663This prime is also expressed as (2^{256} - 2^{32} - 977).
The order of the curve, which defines the number of points on it, is another large prime and should not be confused with (p).
Key Generation Process
The public key is generated by multiplying the private key by a base point on the curve. This operation is irreversible, ensuring that the private key cannot be derived from the public key.
Frequently Asked Questions
What is the relationship between a private key and an Ethereum address?
A private key is used to generate a public key via elliptic curve multiplication. The public key is then hashed using Keccak-256, and the last 20 bytes of this hash form the Ethereum address. This process is deterministic and secure.
Why is physical randomness recommended for private key generation?
Physical randomness, such as dice rolls or coin flips, provides a high level of entropy, reducing the risk of predictable keys. Software-based random number generators may have vulnerabilities if not properly implemented.
Can I use the same private key for Bitcoin and Ethereum?
While both Bitcoin and Ethereum use the secp256k1 curve, their address generation algorithms differ. Ethereum uses Keccak-256 hashing, whereas Bitcoin uses SHA-256 and RIPEMD-160. However, the same private key can theoretically control assets on both networks if properly converted.
What are the risks of generating private keys manually?
Manual generation requires careful attention to entropy and randomness. Insufficient entropy can lead to vulnerable keys, as seen in vanity address exploits. Always use cryptographically secure methods for critical applications.
How does a recovery phrase relate to a private key?
A recovery phrase (e.g., 24 words) is used to derive multiple private keys for different cryptocurrencies in a hierarchical deterministic wallet. It is not the same as a single private key but serves as a master seed for key generation.
Are there libraries faster than ecpy for production use?
Yes, libraries like coincurve leverage C implementations for better performance. However, ecpy is useful for educational purposes due to its transparency and step-by-step operability.