2

say I have master private key from dumpwallet command:

extended private masterkey: tprv8ZgxMBicQKsPdcg8UJAGEEQM6zQgyxgXXXXXXXX

from there, I derived child key using bx hd-private command

$ xprv=tprv8ZgxMBicQKsPdcg8UJAGEEQM6zQgyxgXXXXXXXX
$ bx hd-private -d $xprv | bx hd-private -d

which returned tprv8eWEgAtBJiEjAn8o4G6JL1mqoccXXXXXX

I want to derive hardenned addresses within BIP141 m/0'/0'/* (ex. m/0'/0'/0')

using bitcoin-cli deriveaddresses, which I need a correct descriptor. 

$ acctKey=tprv8eWEgAtBJiEjAn8o4G6JL1mqoccXXXXXX
$ bitcoin-cli getdescriptorinfo "wpkh([fingerprint/0h]$acctKey/0h/*)"
$ descrip="wpkh(xxxxxxxxxx)" 
$ bitcoin-cli deriveaddresses "$descrip"

questions:

  1. How do I get master fingerprint from Master Key?

  2. What is the correct descriptor to use?

crybo
  • 31
  • 4

2 Answers2

2

Bitcoin Core doesn’t use unhardened keys, so attempting to get a master public key will never work no matter what.

Claris
  • 15,408
  • 2
  • 26
  • 43
0

Question 1: How do I get master fingerprint from Master Key?

I'm trying to figure this out as well.

Apparently it's just "the first 32 bits of the Hash160 of the master pubkey".

So:

First_8_characters(RIPEMD160(SHA256($publicKey)))

It seems to have been implemented in python at: https://github.com/darosior/python-bip32/

So using the following python code I think this makes the correct fingerprint:

$ pip3 install bip32
$ python3

import binascii
from bip32 import BIP32, HARDENED_INDEX

bip = BIP32.from_xpub("xpub6CbtS57jivMSuzcvp5YZxp6JhUU8YWup2axi2xkQRVHY8w4otp8YkEvfWBHgE5rA2AJYNHquuRoLFFdWeSi1UgVohcUeM7SkE9c8NftRwRJ")
binascii.hexlify( bip.parent_fingerprint ).decode('ascii')


gives "814adbb4"


bip = BIP32.from_xpriv("xprv9zrFarSYsBUzhmLYWJN4tYcdhZnEWQ7XCUQzNaouUDLu52xJggNisybDgqJRVe1hWww16SLJM478q5CCquPq5YQ19i2eTmz7HqmpsBnt1SS")
binascii.hexlify( bip.parent_fingerprint ).decode('ascii')


gives "2984b47b"

But it seems like any 4-byte hex fingerprint works just fine in the bitcoin core wallet, including 00000000. In my testing, all valid (00000000-ffffffff) fingerprints generate the same bitcoin addresses anyway.

So

$ bitcoin-cli getdescriptorinfo "wpkh([00000000/0h]$acctKey/0h/*)"
$ bitcoin-cli deriveaddresses "wpkh([00000000/0h]$acctKey/0h/*)#<checksum here>" "[0,10]"

Sources:

https://github.com/bitcoin/bitcoin/blob/master/doc/descriptors.md#key-origin-identification

" When interacting with a hardware device, it may be necessary to include the entire path from the master down. BIP174 standardizes this by providing the master key fingerprint (first 32 bit of the Hash160 of the master pubkey), plus all derivation steps. To support constructing these, we permit providing this key origin information inside the descriptor language, even though it does not affect the actual scriptPubKeys it refers to.

Every public key can be prefixed by an 8-character hexadecimal fingerprint plus optional derivation steps (hardened and unhardened) surrounded by brackets, identifying the master and derivation path the key or xpub that follows was derived with.

Note that the fingerprint of the parent only serves as a fast way to detect parent and child nodes in software, and software must be willing to deal with collisions. "

https://github.com/bitcoin/bitcoin/blob/master/doc/descriptors.md#reference

KEY expressions:
  Optionally, key origin information, consisting of:
    - An open bracket [
    - Exactly 8 hex characters for the fingerprint of the key
      where the derivation starts (see BIP32 for details)
    - Followed by zero or more /NUM or /NUM' path elements to
      indicate unhardened or hardened derivation steps between
      the fingerprint and the key or xpub/xprv root that follows
    - A closing bracket ]

Following the link for BIP32 shows:

https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#key-identifiers

" Extended keys can be identified by the Hash160 (RIPEMD160 after SHA256) of the serialized ECDSA public key K, ignoring the chain code. This corresponds exactly to the data used in traditional Bitcoin addresses. It is not advised to represent this data in base58 format though, as it may be interpreted as an address that way (and wallet software is not required to accept payment to the chain key itself).

The first 32 bits of the identifier are called the key fingerprint. "

4 bytes: the fingerprint of the parent's key (0x00000000 if master key)

Question 2: What is the correct descriptor to use?

I believe for BIP141, it's just m/0

So:

$ bitcoin-cli getdescriptorinfo "wpkh([00000000/0]$acctKey/*)"
$ bitcoin-cli deriveaddresses "wpkh([00000000/0]$acctKey/*)#<checksum here>" "[0,10]"

But since you want the addresses hardened, I believe it would be:

$ bitcoin-cli getdescriptorinfo "wpkh([00000000/0]$acctKey/*h)"
$ bitcoin-cli deriveaddresses "wpkh([00000000/0]$acctKey/*h)#<checksum here>" "[0,10]"

And bitcoin core is very picky for some reason about where the slashes and zeroes and appostrophe/h's go (before or after the account key), and how many, so if you know what address you're trying to generate, maybe try a few different combinations until you get the right address.

To be safe, I would verify my generated addresses with the tool at:

https://iancoleman.io/bip39/

Bob
  • 1
  • 1