Bitcoin Forum
May 26, 2024, 12:31:03 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Electrum > What does this code snippet do?
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: What does this code snippet do?  (Read 340 times)
bitsec731 (OP)
Jr. Member
*
Offline Offline

Activity: 32
Merit: 1


View Profile
January 23, 2017, 05:09:50 AM
 #1
I am trying to understand Electrum and working on a project that will use Electrum, but I have a problem understandint it's key generation.

I have figured out that the SHA-512 hash of the normalized mnemonic starts with 1 as an encoding for normal wallets. I will only work with normal wallets though.

So the version.py has a constant:

Code:
SEED_PREFIX      = '01'      # Electrum standard wallet

That is called almost every time to check the version of the seed. So far so good.

But then you have in bitcoin.py a code snippet like this:

Code:
hash_encode = lambda x: x[::-1].encode('hex')
hash_decode = lambda x: x.decode('hex')[::-1]
hmac_sha_512 = lambda x,y: hmac.new(x, y, hashlib.sha512).digest()

def is_new_seed(x, prefix=version.SEED_PREFIX):
    import mnemonic
    x = mnemonic.normalize_text(x)
    s = hmac_sha_512("Seed version", x.encode('utf8')).encode('hex')
    return s.startswith(prefix)


I am trying to figure out what this does, step by step.

1) For example the "hash_decode and hash_encode" structure which is never used again.

Is that what "x.encode" calls?

What is the function of these 2 lines?:

Code:
hash_encode = lambda x: x[::-1].encode('hex')
hash_decode = lambda x: x.decode('hex')[::-1]

2) I also don't understand what the "Seed version" phrase does exactly, does it append that to the encoded mnemonic?

3) Then it also checks for the start character of "s", but  then what is the point of adding the "Seed version" into the hash itself?

It's a pretty complicated structure, somebody could please explain.
kolloh
Legendary
*
Offline Offline

Activity: 1736
Merit: 1023


View Profile
January 23, 2017, 05:31:48 AM
 #2
Quote from: bitsec731 on January 23, 2017, 05:09:50 AM
I am trying to understand Electrum and working on a project that will use Electrum, but I have a problem understandint it's key generation.

I have figured out that the SHA-512 hash of the normalized mnemonic starts with 1 as an encoding for normal wallets. I will only work with normal wallets though.

So the version.py has a constant:

Code:
SEED_PREFIX      = '01'      # Electrum standard wallet

That is called almost every time to check the version of the seed. So far so good.

But then you have in bitcoin.py a code snippet like this:

Code:
hash_encode = lambda x: x[::-1].encode('hex')
hash_decode = lambda x: x.decode('hex')[::-1]
hmac_sha_512 = lambda x,y: hmac.new(x, y, hashlib.sha512).digest()

def is_new_seed(x, prefix=version.SEED_PREFIX):
    import mnemonic
    x = mnemonic.normalize_text(x)
    s = hmac_sha_512("Seed version", x.encode('utf8')).encode('hex')
    return s.startswith(prefix)


I am trying to figure out what this does, step by step.

1) For example the "hash_decode and hash_encode" structure which is never used again.

Is that what "x.encode" calls?

What is the function of these 2 lines?:

Code:
hash_encode = lambda x: x[::-1].encode('hex')
hash_decode = lambda x: x.decode('hex')[::-1]

2) I also don't understand what the "Seed version" phrase does exactly, does it append that to the encoded mnemonic?

3) Then it also checks for the start character of "s", but  then what is the point of adding the "Seed version" into the hash itself?

It's a pretty complicated structure, somebody could please explain.

For the hash_encode, it looks like it is simply taking x reversing it and encoding it in hex. [::-1] is the notation to reverse a string.

For the hash_decode, it looks like it is taking a hex input and decoding/reversing it back to the original.

I don't actually see the hash_encode/hash_decode variables being anywhere in the code snippets provided.

The "Seed version" string is the key for the hmac.new function which could really be any phrase, they just chose to use that one.  An HMAC is a cryptographic hash that uses a key to sign a message. A receiver could verifiy the hash by recomputing it using the same key.

So it looks like it is hashing the seed mnemonic encoded into hex and checking which prefix it starts with to determine if it is a new or old version of the seed format.
bitsec731 (OP)
Jr. Member
*
Offline Offline

Activity: 32
Merit: 1


View Profile
January 23, 2017, 05:55:01 AM
 #3
Quote from: kolloh on January 23, 2017, 05:31:48 AM

For the hash_encode, it looks like it is simply taking x reversing it and encoding it in hex. [::-1] is the notation to reverse a string.

For the hash_decode, it looks like it is taking a hex input and decoding/reversing it back to the original.

I don't actually see the hash_encode/hash_decode variables being anywhere in the code snippets provided.

Yes thank you, that is actually being used elsewhere. It was just weird being coupled with the rest of the code.


Quote from: kolloh on January 23, 2017, 05:31:48 AM

The "Seed version" string is the key for the hmac.new function which could really be any phrase, they just chose to use that one.  An HMAC is a cryptographic hash that uses a key to sign a message. A receiver could verifiy the hash by recomputing it using the same key.

So it looks like it is hashing the seed mnemonic encoded into hex and checking which prefix it starts with to determine if it is a new or old version of the seed format.

Indeed, but then I guess the string must be "Seed version" in our electrum, otherwise the whole verification system won't work.

So if I were to change that string, then the whole verification system would be pointless.
kolloh
Legendary
*
Offline Offline

Activity: 1736
Merit: 1023


View Profile
January 23, 2017, 05:59:00 AM
 #4
Quote from: bitsec731 on January 23, 2017, 05:55:01 AM
Indeed, but then I guess the string must be "Seed version" in our electrum, otherwise the whole verification system won't work.

So if I were to change that string, then the whole verification system would be pointless.

Yep, you also would have to use that same "Seed version" string for the verification as that is what they choose to use. I'm guessing they used that string as the key since the point of that is_new_seed function is to determine which version of the seed is being used.
bitsec731 (OP)
Jr. Member
*
Offline Offline

Activity: 32
Merit: 1


View Profile
January 23, 2017, 06:06:11 AM
 #5
Quote from: kolloh on January 23, 2017, 05:59:00 AM
Quote from: bitsec731 on January 23, 2017, 05:55:01 AM
Indeed, but then I guess the string must be "Seed version" in our electrum, otherwise the whole verification system won't work.

So if I were to change that string, then the whole verification system would be pointless.

Yep, you also would have to use that same "Seed version" string for the verification as that is what they choose to use. I'm guessing they used that string as the key since the point of that is_new_seed function is to determine which version of the seed is being used.

Yep, thanks, i will just use it that way.
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Wallet software > Electrum > What does this code snippet do?
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!