address generation and php

[AliceWonder]

OK I'm stuck.

I've been following along

https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses

I'd like to do that in php.

The goal is generation of pseudo brain wallets for business - e.g.

fas568#!hj + some string that acts as a key to me + serialNumber

Generate 10k pairs of private keys / public addresses to store in database kept off-line.
As purchases are confirmed, I can query that database for the private keys and import them into a wallet.
In the event that the offline computer fails, I just need to know the salt and the phrase and can re-generate them.

With that link above, I have all the steps figured out except :
* generation of the public key from the ECDSA
* base58 encoding of 25-byte binary Bitcoin Address

First I haven't even tried to tackle yet, but I'm having a little trouble understanding the algorythm behind the base58 encoding.

It's treated as a long integer, but are the 00 at the front considered part of that? That doesn't make sense. What about the checksum at the end?

Is it all one long integer or is it converted 256-bit component at a time? Nothing I seem to try matches the results for public address in the example.

I'm a little surprised php-pear doesn't already have something in it bitcoin specific, maybe I just wasn't looking for right thing?

As far as why use php, it's what I know - and works just fine from the command line, a small little script will be able to generates hundreds of thousands of addresses I can (as needed) import for use into the public web server without needing any bitcoin software on the web server. Just have to be careful of hackers injecting their own addresses into the pool, but that would be quickly caught.

Anyway, any tips on the base58 encoding in php would be greatly appreciated.

[bitfreak!]

Take a look at my Bitcoin SCI script for help with generating bitcoin addresses in PHP:

http://bitfreak.info/?page=tools&t=bitsci

[AliceWonder]

Thanks, I'll look at it.
One thing I want to avoid is generation on the web server, I don't want any private keys there, especially since most web servers are in a colocation facility.

What I'm planning to do is create an interface where I can upload list of new addresses signed by a gpg key that the server loads if and only if the signature matches.

[bitfreak!]

Thanks, I'll look at it.
One thing I want to avoid is generation on the web server, I don't want any private keys there, especially since most web servers are in a colocation facility.

Well that's why it uses RSA public key encryption to secure the private keys. The RSA keyset is generated using a Javascript interface within the client window so the server will never be aware of the private key.

In any case, it should help you with generating bitcoin addresses in PHP. What you want to look at is the lib/bitcoin.lib.php file.

[AliceWonder]

Thanks, I'll look at it.
One thing I want to avoid is generation on the web server, I don't want any private keys there, especially since most web servers are in a colocation facility.

Well that's why it uses RSA public key encryption to secure the private keys. The RSA keyset is generated using a Javascript interface within the client window so the server will never be aware of the private key.

In any case, it should help you with generating bitcoin addresses in PHP. What you want to look at is the lib/bitcoin.lib.php file.

Somehow the private key has to get to me or I can't spend it. I'd rather it starts with me on an off-line machine I can query it from when I need to import it into a wallet to move it.

[AliceWonder]

Not impressed - I had to install a utility just to decompress 7z - who the hell uses that? Seriously. What's wrong with tar.gz are tar.bz2 or even zip?

Then when decompressing, complaints about files being over-written even though I decompressed in a temp directory.
Doesn't strike me as a product I'd put much confidence in based on sloppy archive. Hopefully the code solves my issue though.

Maybe it's just an issue with the linux utility (I've been 100% Linux for years)

[AliceWonder]

http://pastebin.com/vmRQC7ha

looks like it has it right there.

[AliceWonder]

I apologize for my criticism of 7z use - I was frustrated, but that wasn't acceptable.
Not the first time I've seen 7z but first time in a long time, I guess I rarely correspond with windows coders and the Linux utility doesn't work right - it unpacks directories but dumps all files in the top level directory, hence why it was over-writing its own files.

zip really is a lot better if you you can't do tar.{xz,gz,bz2}

[btharper]

I think 7z is more popular on Windows because it works well there and the tools work as well or better than anything else (including bzip/gzip/etc) on Windows, I don't have any experience with the Linux/Unix version though.

On another note, there's already a BIP that might help (standard, not sure if there's a PHP implementation) BIP 32, it allows for generation of public keys in a predictable manner without knowing anything about the private key, even for freshly generated keys. The receiving wallet doesn't need to communicate with the server or vice versa at all. Even if the server is compromised all the attacker should be able to learn is what public keys belong to you; normally there is no way to correlate these public keys to each other (like generating a large number of random keys).