Blockchain Technology

and
Cryptocurrency
Ashok Kumar Turuk

1
What is Blockchain?

Blockchain stacks and types of programming

2
Wallets
 Common tasks users
perform:
 Create new addresses
 Store private keys
 Transfer addresses are
between users
 Make payment

3
First wallet version
 Wallet is a mobile app that simplify  Several different wallets are available
common tasks of users. for Bitcoin. Some popular ones are
 Create new addresses  Bitcoin Core
 Manage private keys  Electrum
 Transfer payment details from payee to  GreenBits
payer  BRD (Bread)
 Make a payment
 Keep track of funds
 Back up private keys

4
First wallet version
 John wants to buy a cookie in the cafe
Both John and the cafe are using this
new app.
 The process goes through several steps
 The cafe asks its wallet to create a new
address and request 10 CT to that
address.
 John scan the QR code for the payment
details.
 John’s wallet displays the payment
details to John
 John’s wallet creates an email to Lisa

5
First wallet version
 BIPs (Bitcoin Improvement Proposals)
are used to communicate ideas
among developers.
 Bitcoin adopted BIP21 as a way to
transfer payment details from one
wallet to another using a URI.
 Bitcoin URIs start with bitcoin:

6
First wallet version
 The cafe’s wallet, as well as John’s
wallet, will check the spreadsheet
every now and then to see if there are
any new payments concerning any of
the wallet’s keys, as a sender, a
recipient, or both
 Unconfirmed transactions
 Unconfirmed means a transaction is
created and sent to the Bitcoin network,
but it isn’t yet part of the Bitcoin
blockchain.

7
Private Key Backups
 Risk of theft
 Excessive backups

8
Private Key Backups
 Secure the backup
 Encrypt the private keys with password.

9
Problems with password-encrypted
backups
 More things to secure
 Backup
 Password
 Forgotten password
 Technology advancements
 Randomness is hard

10
Hierarchical deterministic wallets
 Keys are organized as a tree
 One key is the root of the tree, and this root
can have any number of child keys.
 Each child key can in turn have a large
number of children of its own, and so on.
 The root key of the tree is called the
master private key.
 Rest of the keys are derived from master key.
 Each set of children is numbered from 0
upward.
 This gives each key a unique identifier.
 For example, the first savings key, index 0, is
denoted m/1/0—m is special and refers to the
master private key.

11
Hierarchical deterministic wallets
 Three important processes are
performed to create the tree
 A random seed of 128 bits is generated.
This seed is what the whole tree grows
up from.
 The master extended private key is
derived from the seed.
 The descendant extended private keys of
the master extended private key are
derived.

12
Hierarchical deterministic wallets
 An extended private key (xprv)
contains two items:
 A private key and a chain code

13
Deriving a master extended private key
 The seed is hashed using HMAC-
SHA512
 The hash value is split into the left 256
bits and the right 256 bits.
 The left 256 bits become the master
private key
 The right 256 bits become the chain
code, used in the next step to derive
children from the master xprv.

14
Deriving a child extended private key
 The process for deriving a child xprv
from a parent xprv is as follows:
 The desired index is appended to the
parent public key.
 The public key and index become the
input to HMAC-SHA512.
 The 512-bit hash value is split in half:
 The left 256 bits are added, to the parent
private key. The sum becomes the child private
key.
 The right 256 bits become the child chain
code.
 The child private key and the child chain
code together form the child xprv.

15
Backup
 For restoration of keys:
 Seed
 Paths
 In Bitcoin, those paths are standardized in Bitcoin Improvement Protocol (BIP) 44.
 If a wallet uses BIP44 standard, you implicitly know the keys’ paths.

16
Mnemonic sentences
 Seed is a sequence of bits (128 bits).
 Encode those bits in a more human-
friendly way
 Wallet can display the seed as a
sequence of 12 English words, called a
mnemonic sentence:
 Seed:
16432a207785ec5c4e5a226e3bde819d
 Mnemonic: bind bone marine upper gain
comfort defense dust hotel ten parrot
depend
 Mnemonic sentence encodes the seed
in a human-readable way.
 It’s much more approachable to write
down 12 words than it is to write down
hex code.
 In case of lost install the wallet app on
another phone and restore the seed from
those 12 words and regenerate all private
keys from that seed.
 Most Bitcoin wallets use mnemonic
sentences for backup. This is
standardized in BIP39.
17
Encoding a seed into a mnemonic sentence
 The seed is hashed with SHA256, and
the first 4 bits of the hash are
appended to the seed.
 Those 4 bits act as a checksum.
 Then arrange the bits into 12 groups
of 11 bits, where each group encodes
a number in the range 0 to 2047.
 The 12 numbers are looked up in a
standardized word list of 2,048 words
numbered from 0 to 2047

18
Decoding a mnemonic sentence into a seed
 The app decodes the sentence by
reversing the encoding process
 Regenerate keys from the decoded seed
 The decoding uses the 4-bit checksum
to make sure it’s correct

19
Extended public keys
 An xpub is similar to an xprv
 xpub contains a public key and a chain
code, whereas the xprv contains a private
key and a chain code.
 An xprv shares the chain code with
the xpub.

20
Extended public keys
 Create the xpub tree from the master
xpub
 generate any and all addresses without
any private key.
 You can create addresses, but not
spend money from those addresses.

21
Extended public keys

22
Deriving hardened private keys
 The private key m/1/1 is stolen
 xprv derivation function
 private key + parent private key
 m/1 + left half hash of index 1 = m/1/1
 m/1/1 − left half hash of index 1 = m/1
 Mallory knows everything to calculate
the left-half hash other than index of
stolen private key
 m/1/1 − left half hash of index 0 = a  m/1/1 − left half hash of index 1 =
private key another private key
 Derives the public key from this private
key

23
Deriving hardened private keys
 hardened key derivation
 Parent private key as input to the hash
function instead of the public key
 m/1/1 − left half hash of index 0 = a
private key

24
Deriving hardened private keys
 You can’t derive a hardened
child xpub from a parent xpub.
 The children of m/1' can’t be
derived as hardened private
keys
 This will require the cafe to put
the private key m/1' on the
online sales web server, which
would be insecure.
 With hardened xprv, you solve
the case of a stolen M and
m/1'/1 but not the case with a
stolen M/1' and m/1'/1

25