bitcoin address algorithm

[Topazan]

I'm hoping to write a small script to generate bitcoin addresses according to a deterministic algorithm and a password provided by the user.  This will serve as my "offline storage".

I know that I can generate a private key by using sha256 on anything.  My question is, how do I convert this key into an address?

I'm hoping it's a fairly simple formula.  If you could describe it in pseudocode, javascript, or bash, I would appreciate it.

[Stephen Gornick]

I'm hoping to write a small script to generate bitcoin addresses according to a deterministic algorithm and a password provided by the user.  This will serve as my "offline storage".

I know that I can generate a private key by using sha256 on anything.  My question is, how do I convert this key into an address?

I'm hoping it's a fairly simple formula.  If you could describe it in pseudocode, javascript, or bash, I would appreciate it.

Javascript private key generator:
 - http://brainwallet.org/#generator

[Topazan]

Thanks.  I tried reverse engineering bitaddress.org, but their structure was a little too confusing for me.  I'll take a crack at that site.

EDIT: Actually, it looks like the same code.  Oh well, I'll keep trying.  I think I see the relevant section anyway.

[Stephen Gornick]

I tried reverse engineering bitaddress.org, but their structure was a little too confusing for me.

Brain Wallet:

Private key = sha256(passphrase)
 - http://en.bitcoin.it/wiki/Brainwallet

Then this:

How can I convert a SHA256 hash into a Bitcoin base58 private key?
 - http://bitcoin.stackexchange.com/a/8249/153

[jackjack]

Keep looking for it in the wiki, it's definitely there
Is something like sha256 then add a byte then ripemd160

[DannyHamilton]

Keep looking for it in the wiki, it's definitely there
Is something like sha256 then add a byte then ripemd160

I suspect that the struggle isn't getting the address from the public key, but rather getting the public key from the private key.  This is where I've struggled so far.  Once you have the public key, the rest is simple.

Assuming that I'm not going to use Python, PHP, or javascript, how would I go about calculating the public key?  Are there standard OpenSSL programs already included in Mac OSX that I can use to calculate the public key?  Are there trusted libraries for PERL that I can use to calculate the public key?

[deepceleron]

The function you are looking for is valid private key -> ECDSA secp256k1 -> public key

You must also have Bitcoin's base58 encoding/decoding if you want to use or import the "5J" style private key.

Javascript:

Look at bitaddress.org source code. It's very easy to read. Near the end there is the wallet details tab. You'll see there which functions are called to get the public key. Search back for the function and see how it's done.

This code is also good as a template for writing in other languages.
eg. some bits chopped out,

Code:

var ecparams = EllipticCurve.getSECCurveByName("secp256k1");

ECKey.prototype.getPub = function () {
	if (this.pub) return this.pub;
		return this.pub = ecparams.getG().multiply(this.priv).getEncoded(0);
	};

ECKey.prototype.getPubKeyHex = function () {
	if (this.pubKeyHex) return this.pubKeyHex;
		return this.pubKeyHex = Crypto.util.bytesToHex(this.getPub()).toString().toUpperCase();
	};

A bit more digging and should have it.

References:
Math: http://cs.ucsb.edu/~koc/ccs130h/notes/ecdsa.pdf
crypto++: http://www.cryptopp.com/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Public_Key
openssl: http://www.ruby-forum.com/topic/4407216

[Topazan]

@Stephen - Thanks, but that's not what I'm looking for.  I want to convert it to an address, not to wallet import format.

Insert Quote
Keep looking for it in the wiki, it's definitely there
Is something like sha256 then add a byte then ripemd160

Thanks, searching for ripemd led me here.  Which brings me to...

I suspect that the struggle isn't getting the address from the public key, but rather getting the public key from the private key.  This is where I've struggled so far.  Once you have the public key, the rest is simple.

...here.  That seems to be the case based on the wiki.

@deepceleron- Thanks, I'll follow through on that when I have time.