I want to bridge the general public to the more abstract concept how ethereum/bitcoin works, so figured i’d make a post on how your “wallet” actually works. Let me know if I said something wrong in the comments, it’s a hard topic to condense. Many of these topics overlap with how bitcoin works too, but I have studied it from an Ethereum angle.
Don’t get afraid by the math, get the grasp of the intuition, if the math works for you, great!
Public Keys and Addresses
Imagine a point in space. Your public key is a point in space.
How do we calculate this point in space?
Welcome to elliptic curve cryptography, where we can find your public key (point in space K) with a private key (k).
An elliptic curve looks something like this, which you may see it tends to infinity on the right-part of the function. Your public key is a point, belonging to these infinite lines.
There is also an important constant, G, which is a random point on that elliptic curve that is constant for generating public keys. This constant G is called the “Generator Point”, since it literally is used for generating public keys.
So now that we know those basic concepts, computing a public key is just
K = k * G
(Public key = private key coordinates * Generator point coordinates)
Multiplications over elliptic curves are out of the scope of this post, but keep in mind, you can’t recompute k given a K and the constant G.
Horray, now I have my public key! This is my public key. This point in space. That’s it. I am the only one able to compute this particular point in space, since i am the sole owner of k (private key).
Fun fact, the public key is not your usual 0x…Ab, it’s similar to your private key. The keccak hash of the public key is your address, which is the one you share with your friends.
Wallets add another layer of abstraction, they say “What if we add another cryptographic trick, and be able to have multiple wallets, tied to a single mnemonic phrase”
So these wallets will just:
Generate a mnemonic for you (Using BIP39 standard) Create some kind of function that maps f(mnemonic, walletNumber) => private key
Now with your mnemonic, you can create N amounts of addresses, cryptographically secured with your mnemonic. You could expand on this concept and google on Hierarchical Deterministic Wallets, which is basically using this method recursively. Mostly used in organizations.
Digital Signatures and Transactions
Won’t expand much on this detail, but will give a general idea:
When you craft an ethereum transaction for example, you are creating a “Digital Signature” and then executing it as a transaction. This actually means you can craft a transaction without ever executing it.
You can craft your digital signature in the following manner:
Signature = Fsig(transactionData, k), remember that k is the private key.
Fsig() produces a signature that is composed of two values, commonly referred to as r and s
S i g = ( r , s )
These r,s values are coordinates over the elliptic curve, that show your private key, along with a variable that will not be introduced called “v”.
With this signature, one proceeds to “Verify it”, which is an intrincate algorithm that basically states “Yes, this transaction was actually signed by this public key”
Once you have your verified transaction, you can broadcast it to the ethereum network and then it will be mined.
You may wonder, then how can somebody see my public key, if my address is a hash of the public key?! Where is the public part in that? Why do this?
Im not an expert on this particular part, but with the r,s,v variables previously talked, you can compute back the elliptic curve coordinates for a signed transaction. Remember, (r,s) are points on the elliptic curve. Take v as a “dimension” so to say for this curve, or completely ignore it. This means, that indeed, a public key is only exposed once an address makes a transaction. So, public keys are private until used from a “Externally Owned Account”, this turns a “point” (public key) into an Address, someone you can transact to. This is the key conceptual difference between a public key and an address.