Bitcoin Forum
November 01, 2024, 03:28:51 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: How exchanges make wallet adresses?  (Read 782 times)
wsxdrfv (OP)
Jr. Member
*
Offline Offline

Activity: 413
Merit: 5


View Profile WWW
March 26, 2018, 06:59:48 AM
 #1

So at exchanges, so many coins. For each of them, they provide deposit addresses.

If you are engineer, need to implement that, how to do?

Maybe using that coin's daemon?

How is specific procedure of it?

Thanks.
DerekVazz
Newbie
*
Offline Offline

Activity: 66
Merit: 0


View Profile
March 26, 2018, 07:12:23 AM
 #2

So at exchanges, so many coins. For each of them, they provide deposit addresses.

If you are engineer, need to implement that, how to do?

Maybe using that coin's daemon?

How is specific procedure of it?

Thanks.

I believe most of the coins use bitcoins method of creating addresses. You can use any programming language for that.
First you generate a random 32-byte private key.
Then create a public key out of it using elliptical curve digital signature algorithm.
Out of public key you can create an address. It works as described in this image:

https://en.bitcoin.it/w/images/en/9/9b/PubKeyToAddr.png
starmyc
Full Member
***
Offline Offline

Activity: 198
Merit: 130

Some random software engineer


View Profile
March 26, 2018, 07:59:14 AM
 #3

So at exchanges, so many coins. For each of them, they provide deposit addresses.

If you are engineer, need to implement that, how to do?

Maybe using that coin's daemon?

How is specific procedure of it?

To be able to generate a wallet address, you need to understand how it works and its format.

As it was said, Bitcoin addresses are a specific format of an edcsa (using secp256k1 parameters) public key, formatted a certain way, as described on this page: Technical background of version 1 bitcoin addresses. You must also take a look at the wallet import format which will help you to import private keys in Bitcoin Core and other wallets. Note that more recent addresses - p2sh & bech32 - are a little different and you will need to do more research about it.

You can either have one daemon to generate/handle those keys, or just a simple script that'll do it on demand, as this is a very simple task to do which doesn't use much cpu. The main problem in the process is to correctly protect the private keys.

Hi, I'm just some random software engineer.
You can check my projects: Bitcoin & altcoin balances/addresses listing dumps: https://balances.crypto-nerdz.org/
AdSkull89
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
March 26, 2018, 08:13:10 AM
 #4

So at exchanges, so many coins. For each of them, they provide deposit addresses.

If you are engineer, need to implement that, how to do?

Maybe using that coin's daemon?

How is specific procedure of it?

Thanks.

All you need is to generate many adresses from a single seed. Store those addresses in some data structure or csv file.

Then each time user requests deposit address - pick one of the pregenerated addresses from stored pool and assign it to respectable user (i.e. remove it from the address pool and add some field in your users database,  put address there).

That's all.


Don't generate address every time user needs a new one. It will be unsafe since to actually generate address you need access to your private key. It is much more safe to do it just once and then use your addresses as a text file. There is no limit on how much addresses you can generate so you can pregenerate as much as you want for all your existing or new users. Once it is done - you can handle deposits/withdrawals separately.
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
March 26, 2018, 09:11:58 AM
Merited by suchmoon (2)
 #5

There are more than one approach to this possible.

The two most common would be:

1) Generate an address 'on demand'.
This requires your online service to have a connection to your daemon. This might (in some circumstances) be a possible attack vector.

2) Generate bulk addresses in advance (in an offline environment)
Then, each time someone wants to deposit, you can easily assign one of these addresses to your customer in your database.
This is considered the 'safer' option, since your private keys don't touch your online system at any time.

wsxdrfv (OP)
Jr. Member
*
Offline Offline

Activity: 413
Merit: 5


View Profile WWW
March 26, 2018, 09:16:11 AM
 #6

There are more than one approach to this possible.

The two most common would be:

1) Generate an address 'on demand'.
This requires your online service to have a connection to your daemon. This might (in some circumstances) be a possible attack vector.

2) Generate bulk addresses in advance (in an offline environment)
Then, each time someone wants to deposit, you can easily assign one of these addresses to your customer in your database.
This is considered the 'safer' option, since your private keys don't touch your online system at any time.

So then, how to pregenerate addresses like 100,000 numbers at once without click [Request payment] button in wallet program 100,000 times?
starmyc
Full Member
***
Offline Offline

Activity: 198
Merit: 130

Some random software engineer


View Profile
March 26, 2018, 09:29:48 AM
 #7

So then, how to pregenerate addresses like 100,000 numbers at once without click [Request payment] button in wallet program 100,000 times?

You can generate a lot of addresses using Vanitygen:

Code:
$ ./vanitygen -k 1|awk '/Address|Privkey/{if($1 == "Address:") {pub = $2} else {if($1 == "Privkey:") {print pub ":" $2}}}'
Difficulty: 1
16ZCL3fKK7hQuRsGK48CGWmqx5rDyv83bm:5J3HRp9RNztekPfKYFjzvzLSSnBN3iy4kPP4sbogWYzctnMdXqi
176zZHK28BgvFZw2Dmv3P7Xy3Vh9CbYnef:5HqDqkxiBKxXvCJnc6Bv9LcveKX9rnZjRfrsyj86jNFtQZ6MxSH
17fZ41JSmTZt9WHAtoAG9PwZVEqrwPmhQa:5K3hma9ePqxdgpVgQc8Nu7m46WLSKsvc1YcEWV1zyGmmYHz1bs2
1AEgJx5F9Y9eBbnmQQeBREbT5zcyvuNz3e:5JGfQHWvLZQCx1UKV8NY6U1K54JYPKVHpTJYUjWBLENgM4hDrEM
...

Hi, I'm just some random software engineer.
You can check my projects: Bitcoin & altcoin balances/addresses listing dumps: https://balances.crypto-nerdz.org/
wsxdrfv (OP)
Jr. Member
*
Offline Offline

Activity: 413
Merit: 5


View Profile WWW
March 26, 2018, 10:06:18 AM
 #8

So then, how to pregenerate addresses like 100,000 numbers at once without click [Request payment] button in wallet program 100,000 times?

You can generate a lot of addresses using Vanitygen:

Code:
$ ./vanitygen -k 1|awk '/Address|Privkey/{if($1 == "Address:") {pub = $2} else {if($1 == "Privkey:") {print pub ":" $2}}}'
Difficulty: 1
16ZCL3fKK7hQuRsGK48CGWmqx5rDyv83bm:5J3HRp9RNztekPfKYFjzvzLSSnBN3iy4kPP4sbogWYzctnMdXqi
176zZHK28BgvFZw2Dmv3P7Xy3Vh9CbYnef:5HqDqkxiBKxXvCJnc6Bv9LcveKX9rnZjRfrsyj86jNFtQZ6MxSH
17fZ41JSmTZt9WHAtoAG9PwZVEqrwPmhQa:5K3hma9ePqxdgpVgQc8Nu7m46WLSKsvc1YcEWV1zyGmmYHz1bs2
1AEgJx5F9Y9eBbnmQQeBREbT5zcyvuNz3e:5JGfQHWvLZQCx1UKV8NY6U1K54JYPKVHpTJYUjWBLENgM4hDrEM
...

Thanks. So that "vanitygen" file generate after compile at ubuntu? I can't find vanitygen file in source at bitcoin github.
starmyc
Full Member
***
Offline Offline

Activity: 198
Merit: 130

Some random software engineer


View Profile
March 26, 2018, 10:08:31 AM
 #9

Thanks. So that "vanitygen" file generate after compile at ubuntu? I can't find vanitygen file in source at bitcoin github.

You should try google: https://en.bitcoin.it/wiki/Vanitygen and on github

Hi, I'm just some random software engineer.
You can check my projects: Bitcoin & altcoin balances/addresses listing dumps: https://balances.crypto-nerdz.org/
wsxdrfv (OP)
Jr. Member
*
Offline Offline

Activity: 413
Merit: 5


View Profile WWW
March 26, 2018, 10:25:09 AM
 #10

Thanks. So that "vanitygen" file generate after compile at ubuntu? I can't find vanitygen file in source at bitcoin github.

You should try google: https://en.bitcoin.it/wiki/Vanitygen and on github
How to apply this to alt-coin?
wsxdrfv (OP)
Jr. Member
*
Offline Offline

Activity: 413
Merit: 5


View Profile WWW
March 26, 2018, 10:28:41 AM
 #11

There are more than one approach to this possible.

The two most common would be:

1) Generate an address 'on demand'.
This requires your online service to have a connection to your daemon. This might (in some circumstances) be a possible attack vector.

2) Generate bulk addresses in advance (in an offline environment)
Then, each time someone wants to deposit, you can easily assign one of these addresses to your customer in your database.
This is considered the 'safer' option, since your private keys don't touch your online system at any time.
And so this means, exchange generate whole address for users with exchange his own private key, exchange can access whole user's addresses?
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
March 26, 2018, 11:30:28 AM
 #12

So then, how to pregenerate addresses like 100,000 numbers at once without click [Request payment] button in wallet program 100,000 times?

The easiest probably would be to use a small script to generate private-/public- keypairs.
It is important to pick a script (or better: write one yourself) with good entropy. Any bug/vulnerability/mistake in implementation could make your private keys 'guessable' and therefore unsafe.



And so this means, exchange generate whole address for users with exchange his own private key, exchange can access whole user's addresses?

Of course.

An (deposit-)address from an exchange is always in full control of the exchange itself.
You (as a customer) are depositing to the exchange. From this moment on the exchange is in control of your funds.
In return they give you 'credits' which match your deposited amount/crypto. Those are just assigned numbers in their database.

Only after withdrawing (after transaction got confirmed) you are in control of your cryptos again.

starmyc
Full Member
***
Offline Offline

Activity: 198
Merit: 130

Some random software engineer


View Profile
March 26, 2018, 12:05:04 PM
 #13

How to apply this to alt-coin?

Depends of your altcoin (especially the address prefix, which is 0x00 for bitcoin). Change prefix, recompile, should work.

Hi, I'm just some random software engineer.
You can check my projects: Bitcoin & altcoin balances/addresses listing dumps: https://balances.crypto-nerdz.org/
wsxdrfv (OP)
Jr. Member
*
Offline Offline

Activity: 413
Merit: 5


View Profile WWW
March 26, 2018, 12:58:58 PM
 #14

How to apply this to alt-coin?

Depends of your altcoin (especially the address prefix, which is 0x00 for bitcoin). Change prefix, recompile, should work.
Thanks!
wsxdrfv (OP)
Jr. Member
*
Offline Offline

Activity: 413
Merit: 5


View Profile WWW
March 26, 2018, 01:02:58 PM
 #15

The easiest probably would be to use a small script to generate private-/public- keypairs.
It is important to pick a script (or better: write one yourself) with good entropy. Any bug/vulnerability/mistake in implementation could make your private keys 'guessable' and therefore unsafe.
Thanks.
Can you show some example of that small script? Is it just like below?

for(x=0; x<100,000;x++){
   GetAddressFromDaemonOfSomeAltcoin();
}

burakkeceli
Newbie
*
Offline Offline

Activity: 18
Merit: 5


View Profile
March 27, 2018, 12:14:07 AM
 #16

You should take a look this video: https://youtu.be/pLJQy0B5OKo
Bitcoin address prefix: 0x00
Litecoin address prefix: 0x30
Dash address prefix: 0x4c
Doge address prefix: 0x1E
robortscatherine
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile WWW
March 27, 2018, 07:44:29 AM
 #17

In the top right corner there is a button that says "Create Wallet" and "Import or restore wallet". Click "create Wallet". Enter a wallet name and a description. You can then enter a passphrase for the wallet. You should right this down too in a safe spot. To view your bitcoin address open up "Receive Bitcoins" or "Send Bitcoins".
onurgozupek
Hero Member
*****
Offline Offline

Activity: 1336
Merit: 602


In #Bitcoin me trust


View Profile WWW
March 27, 2018, 09:57:50 AM
 #18

They are running full nodes of the cryptocurrencies and generating addresses on their online wallet. But a background process checks online wallets in each period and transfers the amount to offline wallet. So your funds are safe...
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
March 27, 2018, 10:11:16 AM
 #19

Can you show some example of that small script? Is it just like below?

for(x=0; x<100,000;x++){
   GetAddressFromDaemonOfSomeAltcoin();
}

Something like this would be an option.
But you don't have to connect to a daemon.

You can create private-/public- keys yourself.
You need to know how to mathematically create private and public keys.
This can be read in any documentation regarding your coin.


DannyHamilton
Legendary
*
Offline Offline

Activity: 3472
Merit: 4801



View Profile
March 27, 2018, 02:41:03 PM
 #20

Can you show some example of that small script? Is it just like below?

for(x=0; x<100,000;x++){
   GetAddressFromDaemonOfSomeAltcoin();
}

Pseudocode?  Sure...

It may be slightly different for each altcoin, since some of them have implemented their own algorithms (and there will be some variations for different address versions) , but if you want to compute a version 1 address for anything that works like Bitcoin does...

Code:
constant ECDSA_BASE_POINT =0x0279BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798   // See parameters of secp256k1 ECDSA curve.

for(x=0; x<100,000;x++){
    privateKey[x] = generateCrypographicallySecureRandomNumber()                // Range of values is governed by the secp256k1 ECDSA standard.
    publicKey[x] = ellipticCurvePointMultiply(ECDSA_BASE_POINT, privateKey[x])  // Use ECDSA point multiplication to multiply the base point by the private key.
    bitcoinAddress[x] = computeAddressFromPubKey(publicKey[x])                  //
}

You'll probably need some sort of "big number" library for working with 256 bit integers.  You'll also probably want to find an ECDSA library to handle the point multiplication (unless you really want to try to write that yourself).  It would be smart NOT to write your own random number generator, but to make sure that the random number generator that you do use is well accepted as being "cryptographically secure".

See the following link to learn how to compute an address from a public key:
https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!