Generating Private Keys with OpenSSL in Bitcoin’s Early Days – Methods- History

[bozalic]

Hello Bitcointalk members,

I am conducting research on the methods used to generate private keys in Bitcoin’s early days. How did Satoshi Nakamoto and early miners generate Bitcoin-compatible private keys? I would like to initiate a technical discussion on using OpenSSL and other cryptographic tools for both deterministic and random private key generation.

As you know, Bitcoin private keys are 256-bit random numbers derived using the secp256k1 curve. However, there are some discussions and speculations regarding how OpenSSL was used in the early days of Bitcoin.

We could discuss the following questions:

1. Was it possible to generate private keys using OpenSSL in Bitcoin’s early days?


2. Which algorithms and methods were preferred in the OpenSSL versions used at the time?


3. Which hash functions or HMAC techniques might have been used for deterministic Bitcoin private key generation?


4. What sources of entropy might Satoshi or early miners have used?


5. Are there any previous discussions on Bitcointalk regarding deterministic private key generation in Bitcoin’s early days?



Example: Generating a Private Key Using OpenSSL

Today, we can generate a Bitcoin-compatible private key using OpenSSL with the following commands:

openssl ecparam -genkey -name secp256k1 -noout -out private-key.pem
openssl ec -in private-key.pem -text -noout

This command creates an ECDSA private key based on the secp256k1 curve. However, additional methods may be required for deterministic private key generation. For instance:

Is it possible to generate the same key every time using a message or a specific hash value?

Could deterministic private key derivation in Bitcoin’s early days have involved HMAC, PBKDF2, or SHA-256 techniques?

What role did older versions of OpenSSL play in this process?


I have conducted research on Bitcointalk and other forums but have not yet found a conclusive answer. If you have old discussions, documents, or sources on this topic, could you share them?

I am eager to learn more about private key generation in Bitcoin’s early days. Do you think Satoshi or early miners used a specific method, or did each individual develop their own approach?

Let’s explore this through historical documentation and technical discussions. Please share any interesting findings you may have.

Thank you!

[ABCbits]

We could discuss the following questions:

1. Was it possible to generate private keys using OpenSSL in Bitcoin’s early days?

Yes. In fact older version of Bitcoin Core (back then it was called "Bitcoin" and "Bitcoin-Qt") had OpenSSL dependency.

5. Are there any previous discussions on Bitcointalk regarding deterministic private key generation in Bitcoin’s early days?

Yes, here's an example Deterministic wallets. You can use https://ninjastic.space/search to find other relevant discussion topic.

[bozalic]

 Thank you for the response. I have been researching the forum and old discussions, but what I am specifically looking for is a method that might have been used by early users to generate private keys using a combination of a string, passphrase, and salt.

 For example, was there any known practice of using OpenSSL commands like HMAC, PBKDF2, or direct hashing methods (e.g., SHA-256, SHA-512) to derive a private key deterministically?

 I am particularly interested in whether any early Bitcoin users might have used a repeatable process, similar to how deterministic wallets work today, but manually, without HD wallets.

 If anyone has insights, examples, or can point me to discussions covering this topic, I would appreciate it.

We could discuss the following questions:

1. Was it possible to generate private keys using OpenSSL in Bitcoin’s early days?

Yes. In fact older version of Bitcoin Core (back then it was called "Bitcoin" and "Bitcoin-Qt") had OpenSSL dependency.

5. Are there any previous discussions on Bitcointalk regarding deterministic private key generation in Bitcoin’s early days?

Yes, here's an example Deterministic wallets. You can use https://ninjastic.space/search to find other relevant discussion topic.

[AndrewWeb]

I am eager to learn more about private key generation in Bitcoin’s early days. Do you think Satoshi or early miners used a specific method, or did each individual develop their own approach?

Let’s explore this through historical documentation and technical discussions. Please share any interesting findings you may have.

Thank you!

Back in 2009 Satoshi and early miners used a program called Bitcoin 0.1.0 to generate bitcoin addresses with corresponding private keys.

[apogio]

AI post detected.

GPTZero -> 100%
copyleaks -> 100%

I will report it.

[bozalic]

If this report for me. I am just using ai for translate.

AI post detected.

GPTZero -> 100%
copyleaks -> 100%

I will report it.

I am insteresting with method. First bitcoin client did this automatically off course.

I am trying to understand how algorithm works.

I am eager to learn more about private key generation in Bitcoin’s early days. Do you think Satoshi or early miners used a specific method, or did each individual develop their own approach?

Let’s explore this through historical documentation and technical discussions. Please share any interesting findings you may have.

Thank you!

Back in 2009 Satoshi and early miners used a program called Bitcoin 0.1.0 to generate bitcoin addresses with corresponding private keys.

https://i.ibb.co/MxxDrS8s/100.jpg

[DaCryptoRaccoon]

Here is a quick breakdown of how it works or how I think it works  

MakeNewKey calls OpenSSL’s EC_KEY_generate_key function to generate a new private-public key pair for the secp256k1 curve.

Code:

void MakeNewKey()
{
    if (!EC_KEY_generate_key(pkey))
        throw key_error("CKey::MakeNewKey() : EC_KEY_generate_key failed");
}

It then steps inside the EC_KEY_Generate from OpenSSL it then generates a random number between 1 and the order of SECP256k1 this number is the private key.

It then multiples the curve base point (G) which is a fixed point on the secp256k1 curve.  the output will be points X,Y on the curve which is the public key.  

Both the private key stored as a scalar and the public key as a point are in the pkey object.

Code:

CKey()
{
    pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
    if (pkey == NULL)
        throw key_error("CKey::CKey() : EC_KEY_new_by_curve_name failed");
}

It then Initializes a new EC_KEY object with the 256k1 curve in NID_secp256k1 in OpenSSL

Code:

CPrivKey GetPrivKey() const
{
    unsigned int nSize = i2d_ECPrivateKey(pkey, NULL);
    if (!nSize)
        throw key_error("CKey::GetPrivKey() : i2d_ECPrivateKey failed");
    CPrivKey vchPrivKey(nSize, 0);
    unsigned char* pbegin = &vchPrivKey[0];
    if (i2d_ECPrivateKey(pkey, &pbegin) != nSize)
        throw key_error("CKey::GetPrivKey() : i2d_ECPrivateKey returned unexpected size");
    return vchPrivKey;
}

It then converts the private key to DER format with i2d_ECPrivateKey and returns it as CPrivKey wich is a vector of bytes with a secure allocator.  Typical size being 279 bytes and incluses metadata and the 32 byte private key.

Code:

vector<unsigned char> GetPubKey() const
{
    unsigned int nSize = i2o_ECPublicKey(pkey, NULL);
    if (!nSize)
        throw key_error("CKey::GetPubKey() : i2o_ECPublicKey failed");
    vector<unsigned char> vchPubKey(nSize, 0);
    unsigned char* pbegin = &vchPubKey[0];
    if (i2o_ECPublicKey(pkey, &pbegin) != nSize)
        throw key_error("CKey::GetPubKey() : i2o_ECPublicKey returned unexpected size");
    return vchPubKey;
}

GetPubKey converts the key to byte vector using the i2o_ECPubKey format would be uncompressed 65 bytes and start with 0x04 and followed by the 32 byte X and the 32 byte Y coordinates

Other things to look at might be CBigNum which is a wrapper around OpenSSLs BIGNUM it's not used in key generation but is used in other cryptographic op's

BigNum handles large integers (keys, hashes, ect)
Provides a mehtod to convert between formats hex, binary and uint256.
Use for signing and verification ie manipulation of the hash in Sign and Verify.

1. Make a key

Code:

CKey key;
key.MakeNewKey();

2. Get PK

Code:

CPrivKey privKey = key.GetPrivKey(); // 279 bytes

3. Generate Pub Key

Code:

vector<unsigned char> pubKey = key.GetPubKey(); // 65 bytes

4. Hash pubKey to create the address.

5. User privKey to sign the TX.

You might want to poke over the early source code since bitcoin early codebase is not that extensive not too hard to pull it apart.

Can I ask why your looking for these things? seems interesting!  

Good luck.