BIP39是SEED的生成算法.如果你用过比特币钱包应用,很可能它会为你生成一个助记符。这样的助记符可以用来替代私钥,并且可以被用于生成私钥。用“有意义的”助记词代替无意义的数字,也就是“密语种子”,密语种子更加便于记忆和抄录,它可以转化成适用于BIP32的“数字种子”。构造Script.ScriptType.P2PKH类型的钥匙串KeyChainGroup
NetworkParameters params = TestNet3Params.get();
Wallet wallet = new Wallet(params);
public Wallet(NetworkParameters params) {
this(params, KeyChainGroup.builder(params).fromRandom(Script.ScriptType.P2PKH).build());
}
public Builder fromRandom(Script.ScriptType outputScriptType) {
System.out.println("fromRandom construct outputScriptType:" +outputScriptType);
DeterministicSeed seed = new DeterministicSeed(new SecureRandom(),
DeterministicSeed.DEFAULT_SEED_ENTROPY_BITS, "");
fromSeed(seed, outputScriptType);
return this;
}
DeterministicSeed 第三个参数是密码,默认为空,试着自己加了密码也ok,总之不影响随机熵的创建。从SecureRandom创建随机熵
public List<String> toMnemonic(byte[] entropy) throws MnemonicException.MnemonicLengthException {
if (entropy.length % 4 > 0)
throw new MnemonicException.MnemonicLengthException("Entropy length not multiple of 32 bits.");
if (entropy.length == 0)
throw new MnemonicException.MnemonicLengthException("Entropy is empty.");
// We take initial entropy of ENT bits and compute its checksum by taking first ENT / 32 bits of its SHA256 hash.
byte[] hash = Sha256Hash.hash(entropy);
boolean[] hashBits = bytesToBits(hash);
boolean[] entropyBits = bytesToBits(entropy);
//提出SHA256哈希前几位(熵长/ 32),就可以创造一个随机序列的校验和
int checksumLengthBits = entropyBits.length / 32;
// We append these bits to the end of the initial entropy. 将校验和添加到随机序列的末尾
boolean[] concatBits = new boolean[entropyBits.length + checksumLengthBits];
System.arraycopy(entropyBits, 0, concatBits, 0, entropyBits.length);
System.arraycopy(hashBits, 0, concatBits, entropyBits.length, checksumLengthBits);
// Next we take these concatenated bits and split them into groups of 11 bits. Each group encodes number from 0-2047
// which is a position in a wordlist. We convert numbers into words and use joined words as mnemonic sentence.
//将序列划分为包含11位的不同部分
ArrayList<String> words = new ArrayList<>();
int nwords = concatBits.length / 11;
System.out.println("toMnemonic 生成的有顺序的单词组就是助记码entropyBits len:"+entropyBits.length+" checksumLengthBits:"+checksumLengthBits+" nwords:"+nwords );
for (int i = 0; i < nwords; ++i) {
int index = 0;
for (int j = 0; j < 11; ++j) {//将每个包含11位部分的值与一个已经预先定义2048个单词的字典做对应
index <<= 1;
if (concatBits[(i * 11) + j])
index |= 0x1;
}
System.out.println("toMnemonic add 2048个单词表里第" +index+" 个位置单词 "+this.wordList.get(index));
words.add(this.wordList.get(index));
}
return words;
}
对string集合进行加盐操作,salt随机,用PBKDF2SHA512加密算法加密.
public static byte[] toSeed(List<String> words, String passphrase) {
checkNotNull(passphrase, "A null passphrase is not allowed.");
String pass = Utils.SPACE_JOINER.join(words);
String salt = "mnemonic" + passphrase;
log.info("toSeed 加盐 {}", pass+" 盐:"+salt);
final Stopwatch watch = Stopwatch.createStarted();
byte[] seed = PBKDF2SHA512.derive(pass, salt, PBKDF2_ROUNDS, 64);
watch.stop();
log.info("PBKDF2 took {}", watch);
return seed;
}
PBKDF2SHA512 助记词+盐进行2048次sha256每次产生的seed都是不同的!
https://iancoleman.io/bip39/?#english 翻墙查看,把 mnemonic code 记录下来好好保存,就会是一个冷钱包(指不连网路的钱包,所以安全很多)。可以使用产生出来的 address 收送钱。
image.png
128-->10^12 years才能暴力破解,安全性已经足够了。可以加密码短语, 都会导致不同的种子,形成一大批可能未初始化的钱包。这批钱包非常之大(2^512),使用暴力破解或随机猜测基本不可能。最近发现助记词随手抄在纸上,在工位上很容易被同事看到,没有像bip38那样的密码,很不安全,其实有助记词+密码可选项,不知为什么主流钱包去掉了,像比特派钱包,还有中文的助记词,本土化应该优先做中文助记词
image.png
网友评论