step-by-step process for BTC transaction

[bkelly13]

I cannot find a simple step-by-step process to understand how to go from a BTC private address, in the form of a 256-bit binary number, to initiating an actual transaction.  A description or link to a good web page will be greatly appreciated.

Here is what I suspect happens.

1. Create 256-bit random number.  Yeah, a bit difficult to do properly.
2. translate to base 58 format.
   2.a. takes multiple steps, what are they?
3. Create seed phrases, how to do this?
4. There is more stuff needed to actually initiate a BTC transaction I don't understand, but keep this short and stop here.

This is probably already on this forum.  Do you have a search phrase that will discover it? Link to a specific thread?

Thank you for your time.

[ABCbits]

Assuming you want step-by-step technical explanation, here's the rough process.
1. Generate private keys securely, https://learnmeabitcoin.com/technical/keys/private-key/.
2. Generate public key using your private keys, https://learnmeabitcoin.com/technical/keys/public-key/.
3. Create Bitcoin address using your public key, https://learnmeabitcoin.com/technical/keys/public-key/hash/.

If you want to create seed phrase from random 128-256 bit random binary, check https://learnmeabitcoin.com/technical/keys/hd-wallets/mnemonic-seed/. As for creating Bitcoin TX, it's far more complex where you need to read really long article or part of book such as https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch06_transactions.adoc or https://learnmeabitcoin.com/technical/transaction/. Personally i never try to create Bitcoin TX from scratch due to the complexity.

[DannyHamilton]

I cannot find a simple step-by-step process to understand how to go from a BTC <snip>

You've jumped into the deep end of the pool with weights strapped to your ankles here. Your lack of understanding of even the basics has resulted in you using phrases that are meaningless and don't apply to Bitcoin at all, such as "private address".

What are you trying to accomplish here?  Are you just wanting to learn more about the technical details of the bitcoin protocol because you find it interesting? Are you trying to create software that interacts with the Bitcoin network in some way? Are you just trying to receive some bitcoins from someone that wants to pay you with bitcoin? Do you already have some bitcoin, and you're just trying to send it somewhere?

User ABCbits, earlier in this thread, has linked to some good resources for learning a bit more about some of the technical details of keys and addresses. Hopefully that will help, but I'm not certain yet that it gets you any closer to what you're actually trying to accomplish.

[bkelly13]

ABCbits: Thank you for the links, looking at them.  I keep missing that WIF, Wallet Import Format.  Cannot seem to keep it in my head.

DannyHamilton: Yes, the deep end.  I have a bit of dyslexia and knew that the correct phrase is private key, just wrote it wrong.  I am not a mathematician, or even very good with math.  I just want to develop my own sense of confidence in this entity into which we place so much trust.  

I have a small amount of bitcoins in a commercial exchange and will probably put them in an offline wallet.  Someday soon.

I continue to be a bit surprised at how volatile BTC is, and most cryptos.  Similar to the stock markets of the world, but much more volatile.  Seems to me it should be more stable.  I really do like the concept of a currency that is independent of government control.  That is its main attraction for me.

Oh, and I still don’t fully understand why we use the base 58 format.  Its not that much shorter than hex, and quite a bit more complicated.  Regarding fonts and the characters 0/O and 1/l  (one and lower case l), how often does anyone really transcribe a private key or an address by hand?  I suspect extremely seldom.  Almost to the point of never.  We just do a copy with the keyboard and mouse, in which case, the font has no significance what-so-ever.  And I suspect that we very seldom manually copy the key. It gets saved by our selected exchange or our offline wallet.  We write down the code words for recovery, but even then, I print them out and put them in a safe.  Won't trust my writing and spelling for something that critical.

[ABCbits]

I have a small amount of bitcoins in a commercial exchange and will probably put them in an offline wallet.  Someday soon.

Please double check withdraw fee imposed by that commercial exchange. If you own relative small amount of Bitcoin, the withdraw fee could "eat" most of it.

Oh, and I still don’t fully understand why we use the base 58 format.  Its not that much shorter than hex, and quite a bit more complicated.  Regarding fonts and the characters 0/O and 1/l  (one and lower case l), how often does anyone really transcribe a private key or an address by hand?  I suspect extremely seldom.  Almost to the point of never.  We just do a copy with the keyboard and mouse, in which case, the font has no significance what-so-ever.  And I suspect that we very seldom manually copy the key. It gets saved by our selected exchange or our offline wallet.  We write down the code words for recovery, but even then, I print them out and put them in a safe.  Won't trust my writing and spelling for something that critical.

This page explain Base58 in detail, https://en.bitcoin.it/wiki/Base58Check_encoding. But AFAIK the main reason should be it's checksum feature and version bytes.

[DannyHamilton]

<snip>
how often does anyone really transcribe a private key or an address by hand?  I suspect extremely seldom.  Almost to the point of never.  We just do a copy with the keyboard and mouse, in which case, the font has no significance what-so-ever.
<snip>

Even when we "copy with the keyboard and mouse", it is important to be able to look at the original address and the copied address and make sure they are identical. Malware exists that can modify the contents of your clipboard. So, it's possible that you could copy an address, then the malware modifies the contents of the clipboard to be someone else's address, and then you paste that other person's address into wherever you are using it.

Generally you are correct though, we could use binary or octal, or hex, or any other base to represent the number. base 58 is what was chosen. It is both shorter than hex AND avoids ambiguity. Since it isn't really any more difficult for a computer to convert binary data to base58 than it is to convert that binary data to hex, why not?

[tbct_mt2]

Even when we "copy with the keyboard and mouse", it is important to be able to look at the original address and the copied address and make sure they are identical. Malware exists that can modify the contents of your clipboard. So, it's possible that you could copy an address, then the malware modifies the contents of the clipboard to be someone else's address, and then you paste that other person's address into wherever you are using it.

There is risk from malware and people must be very carefull when copying, pasting an address in their transaction broadcasting process. Check, double check will help them to avoid risk of sending their precious bitcoins to a non-wanted address.

How to lose your Bitcoins with CTRL-C CTRL-V

It can help to reduce risk and loss of hijack from malware attackers.

[Cricktor]

Oh, and I still don’t fully understand why we use the base 58 format.  Its not that much shorter than hex, and quite a bit more complicated.

Base58 encoded public addresses or private keys in WIF format also contain a checksum which allows detection of errors. You don't have that luxury with plain "naked" private keys in plain hex. I'd also go so far to say that if you need to read, compare or write private keys or public addresses then it's less error prone in base58enc format than in plain boring uniform hex.

Humans are not supposed to deal with such things, let your wallet do the heavy lifting. But, one exception, always carefully control all details of a transaction before you sign it. When you check public addresses it's usually sufficient to check a bunch of characters at the start, in the middle and at the end.

[bkelly13]

<snip>
Since it isn't really any more difficult for a computer to convert binary data to base58 than it is to convert that binary data to hex, why not?

Oh its a lot more difficult.  Converting binary to hex is a single pass process that just replaces each 4 bits with one character.  When creating the base 58 code, you must divide that 256 bit number by 58 once for each character in the result.  And since there are no 256 bit ALUs, it must be synthesized with multiple divides tracking the multiple quotients and remainders.  And the radix of 58 is prime with respect to radix 2.  A one bit change can change the entire base 58 encoding.

But, it really doesn't matter because it will not be changed.

However, I am still working on how bitcoin transactions work.  Got to this site:
https://hackernoon.com/what-is-the-math-behind-elliptic-curve-cryptography-f61b25253da3

Its pretty good.  I get to the point where it states:  The base point used by secp256k1 curve has the following x- and y- coordinates: ….

The site does not make a clear declaration but my understanding is that this is named point P.  The core of all bitcoin calculations.  Is this correct?  

Is this the point on the curve from which all operations begin?  Over simplifying a bit and in my words: Begin with P.  For each 1 bit in the private address, add in the coordinates of P, according to the bit position of each one.

Further down the site mentions using the modulus function and names that value p.  It names the modulus divisor as the largest prime smaller than 2^256 but does not provide a value.  

A search revealed two sites, one of which is:  https://t5k.org/lists/2small/200bit.html
From there is this row:

256   189, 357, 435, 587, 617, 923, 1053, 1299, 1539, 1883

But please notice that the formatting is quite unusual.  Six groups of three, then four groups of four.  Is this the correct value for p?  

Do you have a favorite place to look this up?

Thanks again for your time and patience.

[Cricktor]

Why don't you use well known and reputable ressources to learn step-by-step the basics of Bitcoin transactions?

I'd rather go to https://learnmeabitcoin.com (in the technical section it get's quite detailed and deep down the rabbit hole) or quite a bit dryer Mastering Bitcoin 3rd Edition. Sorry, I didn't bother to hop to your source link and read what's presented there. Could be good, could be bad, no judgment.

[bkelly13]

Why don't you use well known and reputable ressources to learn step-by-step the basics of Bitcoin transactions?

I'd rather go to https://learnmeabitcoin.com (in the technical section it get's quite detailed and deep down the rabbit hole) or quite a bit dryer Mastering Bitcoin 3rd Edition. Sorry, I didn't bother to hop to your source link and read what's presented there. Could be good, could be bad, no judgment.

Cricktor, Thanks for the link.  From the main page I took the link named Technical.  In the next page are links named Private Key and Public Key.  The link Public Key provides a tool to make the translation on-line, but I could not recognize the specific steps to translate my private key number into a public key.

I tried this site also:  https://learnmeabitcoin.com/technical/cryptography/elliptic-curve/#mathematics
It provides values:

a = 0, b = 7 meaning the curve equation is y^2 = x^3 + 7

It describes p as being:  $p = 2 ** 256 - 2 ** 32 - 2 ** 9 - 2 ** 8 - 2 ** 7 - 2 ** 6 - 2 ** 4 - 1

Which I worked out to the hex number and which does not agree with another site that I cannot find again right now.  For now presume this one is correct.

So generate my random number to become my private key.

Then generate a public address.  Here is where several sites provide an online tool to enter a test private key and give you the public key.  But none of the sites I have found spell out the arithmetic steps to do this?  By arithmetic steps I ask for the addition, subtraction, multiply, and divide steps.  And even taking a square or cube root of a number.

I presume that my random number is the x part of an x,y point on the curve equation y² = x³ + 7.

Then I must calculate y, the square root of x³ + 7.  And must do this with 256 bit arithmetic.  Actually, I suspect that 512 bits must be used for accuracy.  And then I must use modulo p to keep the numbers within the 256 bit range.

If correct, then what?

So, please, where can I find the arithmetic steps to transform a private key into a public address?

[NotATether]

Let's start with this one:

1. Create 256-bit random number.  Yeah, a bit difficult to do properly.

This is actually quite easy to do, you just have to use the correct APIs.

In this case you need to generate random bits that will form the private key, the best way to do that is through the hardware random number generator on your computer mixed with whatever algorithms your OS uses.

This is really something that is meant to be done in a programming language, but in Linux you can use a command like openssl rand -hex 32 to accomplish this for you.

This "random number" i.e. private key is then used in your calculations above to create a public key.

The public key hash is created from the public key, and the address itself created from the public key hash.

[bkelly13]

Let's start with this one:

1. Create 256-bit random number.  Yeah, a bit difficult to do properly.

This is actually quite easy to do, you just have to use the correct APIs.

Hello NotATether,
Thanks for the reply.  I understand, the random number is not a big problem.
The bit problems is the exact arithmetic steps of the various procedures.

For one example.  Presume my code does multiplies and divides to 512 bit precision.  Then look at the last three bits of the most significant 256 bits and find 111.  Then look at the next three bits of the lower group and find 111. 

Should the code truncate or round up?

One bit difference is the difference between success or failure. 

Thank you for your time.

[DannyHamilton]

The site does not make a clear declaration but my understanding is that this is named point P.  The core of all bitcoin calculations.  Is this correct?

This point (the Generator Point) is more commonly referred to as G.

So, please, where can I find the arithmetic steps to transform a private key into a public address?

What you're looking for is: elliptic curve point addition over a finite field

The private key is a scalar value indicating how many times you must add the Generator Point (G) to get the public key point.

For example,
If the private key (represented in base 10) is: 7
Then the step to generate the public key is: G + G + G + G + G + G + G

This looks like a pretty good explanation about how elliptic curve point addition is done with finite fields:
https://www.rareskills.io/post/elliptic-curves-finite-fields

[Cricktor]

It's not easy to understand and digest the stuff under https://learnmeabitcoin.com/technical/cryptography/elliptic-curve/ and maybe it's also beneficial to read about elliptic curve "magic" in other sources like Mastering Bitcoin or even completely different ones before the stones fall into their places.

Don't expect to understand it within minutes, hours or days unless you're a "Wunderkind" or math prodigy.

[bkelly13]

The site does not make a clear declaration but my understanding is that this is named point P.  The core of all bitcoin calculations.  Is this correct?

...
For example,
If the private key (represented in base 10) is: 7
Then the step to generate the public key is: G + G + G + G + G + G + G

This looks like a pretty good explanation about how elliptic curve point addition is done with finite fields:
https://www.rareskills.io/post/elliptic-curves-finite-fields

Wonderful, the comment about adding in G (effectively multiplying) is something I really needed to see.  It has been worded in different ways and I was suspecting that is the situation.  Now I am reasonably confident.

As I add in G multiple times, the results will become larger than 256 bits and will require a modulo operation to reduce its size.  I forget the name of that constant, p I believe. The calculations will require thousands of additions, arithmetically changed into multiplications, and the numbers will exceed 256 bits.

What is the threshold to apply the modulus operation?

From memory at the moment, the site that mentioned the modulus operations showed the equation with the mod operation on both sides of the = character.  Is each side done independently, or both at the same time.

That leads to the question:  Will there ever be a time to truncate or round off numbers?  Will that be a truncate or round off operation?

Now to visit the mentioned site.
Thank you for taking the time to reply.

Edit, to be a bit more precise.

from the referenced site:  https://learnmeabitcoin.com/technical/cryptography/elliptic-curve/
is found the text

y² = x³ + ax + b  mod p

There are no parens and the "mod p" seems to apply to the entire equation.  Another site had something like:

y² mod p = x³ + ax + b  mod p

As I interpret the second one the modulus operation for y is independent from that of x.

What is the trigger to apply the modulus operations? Apply to the x term when it exceeds p, to the y term when it exceeds p, and do them independently?  Or something else?

[bkelly13]

It's not easy to understand and digest the stuff under https://learnmeabitcoin.com/technical/cryptography/elliptic-curve/ and maybe it's also beneficial to read about elliptic curve "magic" in other sources like Mastering Bitcoin or even completely different ones before the stones fall into their places.

Don't expect to understand it within minutes, hours or days unless you're a "Wunderkind" or math prodigy.

Agreed.  If I keep at it, some number of months.  Thank you for the link and for your reply.