HD钱包
深入浅出HD钱包:从协议到实践的完整解析
在区块链世界中,钱包是管理数字资产的核心工具,而HD钱包(分层确定性钱包)凭借其独特的设计,已成为当前主流的钱包解决方案。本文将系统解析HD钱包的底层协议、路径规则、助记词机制及实现原理,帮助你全面理解这一技术的工作方式。
完整助记词
ENGLISH_WORDLIST = [ "abandon", "ability", "able", "about", "above", "absent", "absorb", "abstract", "absurd", "abuse", "access", "accident", "account", "accuse", "achieve", "acid", "acoustic", "acquire", "across", "act", "action", "actor", "actress", "actual", "adapt", "add", "addict", "address", "adjust", "admit", "adult", "advance", "advice", "aerobic", "affair", "afford", "afraid", "again", "age", "agent", "agree", "ahead", "aim", "air", "airport", "aisle", "alarm", "album", "alcohol", "alert", "alien", "all", "alley", "allow", "almost", "alone", "alpha", "already", "also", "alter", "always", "amateur", "amazing", "among", "amount", "amused", "analyst", "anchor", "ancient", "anger", "angle", "angry", "animal", "ankle", "announce", "annual", "another", "answer", "antenna", "antique", "anxiety", "any", "apart", "apology", "appear", "apple", "approve", "april", "arch", "arctic", "area", "arena", "argue", "arm", "armed", "armor", "army", "around", "arrange", "arrest", "arrive", "arrow", "art", "artefact", "artist", "artwork", "ask", "aspect", "assault", "asset", "assist", "assume", "asthma", "athlete", "atom", "attack", "attend", "attitude", "attract", "auction", "audit", "august", "aunt", "author", "auto", "autumn", "average", "avocado", "avoid", "awake", "aware", "away", "awesome", "awful", "awkward", "axis", "baby", "bachelor", "bacon", "badge", "bag", "balance", "balcony", "ball", "bamboo", "banana", "banner", "bar", "barely", "bargain", "barrel", "base", "basic", "basket", "battle", "beach", "bean", "beauty", "because", "become", "beef", "before", "begin", "behave", "behind", "believe", "below", "belt", "bench", "benefit", "best", "betray", "better", "between", "beyond", "bicycle", "bid", "bike", "bind", "biology", "bird", "birth", "bitter", "black", "blade", "blame", "blanket", "blast", "bleak", "bless", "blind", "blood", "blossom", "blouse", "blue", "blur", "blush", "board", "boat", "body", "boil", "bomb", "bone", "bonus", "book", "boost", "border", "boring", "borrow", "boss", "bottom", "bounce", "box", "boy", "bracket", "brain", "brand", "brass", "brave", "bread", "breeze", "brick", "bridge", "brief", "bright", "bring", "brisk", "broccoli", "broken", "bronze", "broom", "brother", "brown", "brush", "bubble", "buddy", "budget", "buffalo", "build", "bulb", "bulk", "bullet", "bundle", "bunker", "burden", "burger", "burst", "bus", "business", "busy", "butter", "buyer", "buzz", "cabbage", "cabin", "cable", "cactus", "cage", "cake", "call", "calm", "camera", "camp", "can", "canal", "cancel", "candy", "cannon", "canoe", "canvas", "canyon", "capable", "capital", "captain", "car", "carbon", "card", "cargo", "carpet", "carry", "cart", "case", "cash", "casino", "castle", "casual", "cat", "catalog", "catch", "category", "cattle", "caught", "cause", "caution", "cave", "ceiling", "celery", "cement", "census", "century", "cereal", "certain", "chair", "chalk", "champion", "change", "chaos", "chapter", "charge", "chase", "chat", "cheap", "check", "cheese", "chef", "cherry", "chest", "chicken", "chief", "child", "chimney", "choice", "choose", "chronic", "chuckle", "chunk", "churn", "cigar", "cinnamon", "circle", "citizen", "city", "civil", "claim", "clap", "clarify", "claw", "clay", "clean", "clerk", "clever", "click", "client", "cliff", "climb", "clinic", "clip", "clock", "clog", "close", "cloth", "cloud", "clown", "club", "clump", "cluster", "clutch", "coach", "coast", "coconut", "code", "coffee", "coil", "coin", "collect", "color", "column", "combine", "come", "comfort", "comic", "common", "company", "concert", "conduct", "confirm", "congress", "connect", "consider", "control", "convince", "cook", "cool", "copper", "copy", "coral", "core", "corn", "correct", "cost", "cotton", "couch", "country", "couple", "course", "cousin", "cover", "coyote", "crack", "cradle", "craft", "cram", "crane", "crash", "crater", "crawl", "crazy", "cream", "credit", "creek", "crew", "cricket", "crime", "crisp", "critic", "crop", "cross", "crouch", "crowd", "crucial", "cruel", "cruise", "crumble", "crunch", "crush", "cry", "crystal", "cube", "culture", "cup", "cupboard", "curious", "current", "curtain", "curve", "cushion", "custom", "cute", "cycle", "dad", "damage", "damp", "dance", "danger", "daring", "dash", "daughter", "dawn", "day", "deal", "debate", "debris", "decade", "december", "decide", "decline", "decorate", "decrease", "deer", "defense", "define", "defy", "degree", "delay", "deliver", "demand", "demise", "denial", "dentist", "deny", "depart", "depend", "deposit", "depth", "deputy", "derive", "describe", "desert", "design", "desk", "despair", "destroy", "detail", "detect", "develop", "device", "devote", "diagram", "dial", "diamond", "diary", "dice", "diesel", "diet", "differ", "digital", "dignity", "dilemma", "dinner", "dinosaur", "direct", "dirt", "disagree", "discover", "disease", "dish", "dismiss", "disorder", "display", "distance", "divert", "divide", "divorce", "dizzy", "doctor", "document", "dog", "doll", "dolphin", "domain", "donate", "donkey", "donor", "door", "dose", "double", "dove", "draft", "dragon", "drama", "drastic", "draw", "dream", "dress", "drift", "drill", "drink", "drip", "drive", "drop", "drum", "dry", "duck", "dumb", "dune", "during", "dust", "dutch", "duty", "dwarf", "dynamic", "eager", "eagle", "early", "earn", "earth", "easily", "east", "easy", "echo", "ecology", "economy", "edge", "edit", "educate", "effort", "egg", "eight", "either", "elbow", "elder", "electric", "elegant", "element", "elephant", "elevator", "elite", "else", "embark", "embody", "embrace", "emerge", "emotion", "employ", "empower", "empty", "enable", "enact", "end", "endless", "endorse", "enemy", "energy", "enforce", "engage", "engine", "enhance", "enjoy", "enlist", "enough", "enrich", "enroll", "ensure", "enter", "entire", "entry", "envelope", "episode", "equal", "equip", "era", "erase", "erode", "erosion", "error", "erupt", "escape", "essay", "essence", "estate", "eternal", "ethics", "evidence", "evil", "evoke", "evolve", "exact", "example", "excess", "exchange", "excite", "exclude", "excuse", "execute", "exercise", "exhaust", "exhibit", "exile", "exist", "exit", "exotic", "expand", "expect", "expire", "explain", "expose", "express", "extend", "extra", "eye", "eyebrow", "fabric", "face", "faculty", "fade", "faint", "faith", "fall", "false", "fame", "family", "famous", "fan", "fancy", "fantasy", "farm", "fashion", "fat", "fatal", "father", "fatigue", "fault", "favorite", "feature", "february", "federal", "fee", "feed", "feel", "female", "fence", "festival", "fetch", "fever", "few", "fiber", "fiction", "field", "figure", "file", "film", "filter", "final", "find", "fine", "finger", "finish", "fire", "firm", "first", "fiscal", "fish", "fit", "fitness", "fix", "flag", "flame", "flash", "flat", "flavor", "flee", "flight", "flip", "float", "flock", "floor", "flower", "fluid", "flush", "fly", "foam", "focus", "fog", "foil", "fold", "follow", "food", "foot", "force", "forest", "forget", "fork", "fortune", "forum", "forward", "fossil", "foster", "found", "fox", "fragile", "frame", "frequent", "fresh", "friend", "fringe", "frog", "front", "frost", "frown", "frozen", "fruit", "fuel", "fun", "funny", "furnace", "fury", "future", "gadget", "gain", "galaxy", "gallery", "game", "gap", "garage", "garbage", "garden", "garlic", "garment", "gas", "gasp", "gate", "gather", "gauge", "gaze", "general", "genius", "genre", "gentle", "genuine", "gesture", "ghost", "giant", "gift", "giggle", "ginger", "giraffe", "girl", "give", "glad", "glance", "glare", "glass", "glide", "glimpse", "globe", "gloom", "glory", "glove", "glow", "glue", "goat", "goddess", "gold", "good", "goose", "gorilla", "gospel", "gossip", "govern", "gown", "grab", "grace", "grain", "grant", "grape", "grass", "gravity", "great", "green", "grid", "grief", "grit", "grocery", "group", "grow", "grunt", "guard", "guess", "guide", "guilt", "guitar", "gun", "gym", "habit", "hair", "half", "hammer", "hamster", "hand", "happy", "harbor", "hard", "harsh", "harvest", "hat", "have", "hawk", "hazard", "head", "health", "heart", "heavy", "hedgehog", "height", "hello", "helmet", "help", "hen", "hero", "hidden", "high", "hill", "hint", "hip", "hire", "history", "hobby", "hockey", "hold", "hole", "holiday", "hollow", "home", "honey", "hood", "hope", "horn", "horror", "horse", "hospital", "host", "hotel", "hour", "hover", "hub", "huge", "human", "humble", "humor", "hundred", "hungry", "hunt", "hurdle", "hurry", "hurt", "husband", "hybrid", "ice", "icon", "idea", "identify", "idle", "ignore", "ill", "illegal", "illness", "image", "imitate", "immense", "immune", "impact", "impose", "improve", "impulse", "inch", "include", "income", "increase", "index", "indicate", "indoor", "industry", "infant", "inflict", "inform", "inhale", "inherit", "initial", "inject", "injury", "inmate", "inner", "innocent", "input", "inquiry", "insane", "insect", "inside", "inspire", "install", "intact", "interest", "into", "invest", "invite", "involve", "iron", "island", "isolate", "issue", "item", "ivory", "jacket", "jaguar", "jar", "jazz", "jealous", "jeans", "jelly", "jewel", "job", "join", "joke", "journey", "joy", "judge", "juice", "jump", "jungle", "junior", "junk", "just", "kangaroo", "keen", "keep", "ketchup", "key", "kick", "kid", "kidney", "kind", "kingdom", "kiss", "kit", "kitchen", "kite", "kitten", "kiwi", "knee", "knife", "knock", "know", "lab", "label", "labor", "ladder", "lady", "lake", "lamp", "language", "laptop", "large", "later", "latin", "laugh", "laundry", "lava", "law", "lawn", "lawsuit", "layer", "lazy", "leader", "leaf", "learn", "leave", "lecture", "left", "leg", "legal", "legend", "leisure", "lemon", "lend", "length", "lens", "leopard", "lesson", "letter", "level", "liar", "liberty", "library", "license", "life", "lift", "light", "like", "limb", "limit", "link", "lion", "liquid", "list", "little", "live", "lizard", "load", "loan", "lobster", "local", "lock", "logic", "lonely", "long", "loop", "lottery", "loud", "lounge", "love", "loyal", "lucky", "luggage", "lumber", "lunar", "lunch", "luxury", "lyrics", "machine", "mad", "magic", "magnet", "maid", "mail", "main", "major", "make", "mammal", "man", "manage", "mandate", "mango", "mansion", "manual", "maple", "marble", "march", "margin", "marine", "market", "marriage", "mask", "mass", "master", "match", "material", "math", "matrix", "matter", "maximum", "maze", "meadow", "mean", "measure", "meat", "mechanic", "medal", "media", "melody", "melt", "member", "memory", "mention", "menu", "mercy", "merge", "merit", "merry", "mesh", "message", "metal", "method", "middle", "midnight", "milk", "million", "mimic", "mind", "minimum", "minor", "minute", "miracle", "mirror", "misery", "miss", "mistake", "mix", "mixed", "mixture", "mobile", "model", "modify", "mom", "moment", "monitor", "monkey", "monster", "month", "moon", "moral", "more", "morning", "mosquito", "mother", "motion", "motor", "mountain", "mouse", "move", "movie", "much", "muffin", "mule", "multiply", "muscle", "museum", "mushroom", "music", "must", "mutual", "myself", "mystery", "myth", "naive", "name", "napkin", "narrow", "nasty", "nation", "nature", "near", "neck", "need", "negative", "neglect", "neither", "nephew", "nerve", "nest", "net", "network", "neutral", "never", "news", "next", "nice", "night", "noble", "noise", "nominee", "noodle", "normal", "north", "nose", "notable", "note", "nothing", "notice", "novel", "now", "nuclear", "number", "nurse", "nut", "oak", "obey", "object", "oblige", "obscure", "observe", "obtain", "obvious", "occur", "ocean", "october", "odor", "off", "offer", "office", "often", "oil", "okay", "old", "olive", "olympic", "omit", "once", "one", "onion", "online", "only", "open", "opera", "opinion", "oppose", "option", "orange", "orbit", "orchard", "order", "ordinary", "organ", "orient", "original", "orphan", "ostrich", "other", "outdoor", "outer", "output", "outside", "oval", "oven", "over", "own", "owner", "oxygen", "oyster", "ozone", "pact", "paddle", "page", "pair", "palace", "palm", "panda", "panel", "panic", "panther", "paper", "parade", "parent", "park", "parrot", "party", "pass", "patch", "path", "patient", "patrol", "pattern", "pause", "pave", "payment", "peace", "peanut", "pear", "peasant", "pelican", "pen", "penalty", "pencil", "people", "pepper", "perfect", "permit", "person", "pet", "phone", "photo", "phrase", "physical", "piano", "picnic", "picture", "piece", "pig", "pigeon", "pill", "pilot", "pink", "pioneer", "pipe", "pistol", "pitch", "pizza", "place", "planet", "plastic", "plate", "play", "please", "pledge", "pluck", "plug", "plunge", "poem", "poet", "point", "polar", "pole", "police", "pond", "pony", "pool", "popular", "portion", "position", "possible", "post", "potato", "pottery", "poverty", "powder", "power", "practice", "praise", "predict", "prefer", "prepare", "present", "pretty", "prevent", "price", "pride", "primary", "print", "priority", "prison", "private", "prize", "problem", "process", "produce", "profit", "program", "project", "promote", "proof", "property", "prosper", "protect", "proud", "provide", "public", "pudding", "pull", "pulp", "pulse", "pumpkin", "punch", "pupil", "puppy", "purchase", "purity", "purpose", "purse", "push", "put", "puzzle", "pyramid", "quality", "quantum", "quarter", "question", "quick", "quit", "quiz", "quote", "rabbit", "raccoon", "race", "rack", "radar", "radio", "rail", "rain", "raise", "rally", "ramp", "ranch", "random", "range", "rapid", "rare", "rate", "rather", "raven", "raw", "razor", "ready", "real", "reason", "rebel", "rebuild", "recall", "receive", "recipe", "record", "recycle", "reduce", "reflect", "reform", "refuse", "region", "regret", "regular", "reject", "relax", "release", "relief", "rely", "remain", "remember", "remind", "remove", "render", "renew", "rent", "reopen", "repair", "repeat", "replace", "report", "require", "rescue", "resemble", "resist", "resource", "response", "result", "retire", "retreat", "return", "reunion", "reveal", "review", "reward", "rhythm", "rib", "ribbon", "rice", "rich", "ride", "ridge", "rifle", "right", "rigid", "ring", "riot", "ripple", "risk", "ritual", "rival", "river", "road", "roast", "robot", "robust", "rocket", "romance", "roof", "rookie", "room", "rose", "rotate", "rough", "round", "route", "royal", "rubber", "rude", "rug", "rule", "run", "runway", "rural", "sad", "saddle", "sadness", "safe", "sail", "salad", "salmon", "salon", "salt", "salute", "same", "sample", "sand", "satisfy", "satoshi", "sauce", "sausage", "save", "say", "scale", "scan", "scare", "scatter", "scene", "scheme", "school", "science", "scissors", "scorpion", "scout", "scrap", "screen", "script", "scrub", "sea", "search", "season", "seat", "second", "secret", "section", "security", "seed", "seek", "segment", "select", "sell", "seminar", "senior", "sense", "sentence", "series", "service", "session", "settle", "setup", "seven", "shadow", "shaft", "shallow", "share", "shed", "shell", "sheriff", "shield", "shift", "shine", "ship", "shiver", "shock", "shoe", "shoot", "shop", "short", "shoulder", "shove", "shrimp", "shrug", "shuffle", "shy", "sibling", "sick", "side", "siege", "sight", "sign", "silent", "silk", "silly", "silver", "similar", "simple", "since", "sing", "siren", "sister", "situate", "six", "size", "skate", "sketch", "ski", "skill", "skin", "skirt", "skull", "slab", "slam", "sleep", "slender", "slice", "slide", "slight", "slim", "slogan", "slot", "slow", "slush", "small", "smart", "smile", "smoke", "smooth", "snack", "snake", "snap", "sniff", "snow", "soap", "soccer", "social", "sock", "soda", "soft", "solar", "soldier", "solid", "solution", "solve", "someone", "song", "soon", "sorry", "sort", "soul", "sound", "soup", "source", "south", "space", "spare", "spatial", "spawn", "speak", "special", "speed", "spell", "spend", "sphere", "spice", "spider", "spike", "spin", "spirit", "split", "spoil", "sponsor", "spoon", "sport", "spot", "spray", "spread", "spring", "spy", "square", "squeeze", "squirrel", "stable", "stadium", "staff", "stage", "stairs", "stamp", "stand", "start", "state", "stay", "steak", "steel", "stem", "step", "stereo", "stick", "still", "sting", "stock", "stomach", "stone", "stool", "story", "stove", "strategy", "street", "strike", "strong", "struggle", "student", "stuff", "stumble", "style", "subject", "submit", "subway", "success", "such", "sudden", "suffer", "sugar", "suggest", "suit", "summer", "sun", "sunny", "sunset", "super", "supply", "supreme", "sure", "surface", "surge", "surprise", "surround", "survey", "suspect", "sustain", "swallow", "swamp", "swap", "swarm", "swear", "sweet", "swift", "swim", "swing", "switch", "sword", "symbol", "symptom", "syrup", "system", "table", "tackle", "tag", "tail", "talent", "talk", "tank", "tape", "target", "task", "taste", "tattoo", "taxi", "teach", "team", "tell", "ten", "tenant", "tennis", "tent", "term", "test", "text", "thank", "that", "theme", "then", "theory", "there", "they", "thing", "this", "thought", "three", "thrive", "throw", "thumb", "thunder", "ticket", "tide", "tiger", "tilt", "timber", "time", "tiny", "tip", "tired", "tissue", "title", "toast", "tobacco", "today", "toddler", "toe", "together", "toilet", "token", "tomato", "tomorrow", "tone", "tongue", "tonight", "tool", "tooth", "top", "topic", "topple", "torch", "tornado", "tortoise", "toss", "total", "tourist", "toward", "tower", "town", "toy", "track", "trade", "traffic", "tragic", "train", "transfer", "trap", "trash", "travel", "tray", "treat", "tree", "trend", "trial", "tribe", "trick", "trigger", "trim", "trip", "trophy", "trouble", "truck", "true", "truly", "trumpet", "trust", "truth", "try", "tube", "tuition", "tumble", "tuna", "tunnel", "turkey", "turn", "turtle", "twelve", "twenty", "twice", "twin", "twist", "two", "type", "typical", "ugly", "umbrella", "unable", "unaware", "uncle", "uncover", "under", "undo", "unfair", "unfold", "unhappy", "uniform", "unique", "unit", "universe", "unknown", "unlock", "until", "unusual", "unveil", "update", "upgrade", "uphold", "upon", "upper", "upset", "urban", "urge", "usage", "use", "used", "useful", "useless", "usual", "utility", "vacant", "vacuum", "vague", "valid", "valley", "valve", "van", "vanish", "vapor", "various", "vast", "vault", "vehicle", "velvet", "vendor", "venture", "venue", "verb", "verify", "version", "very", "vessel", "veteran", "viable", "vibrant", "vicious", "victory", "video", "view", "village", "vintage", "violin", "virtual", "virus", "visa", "visit", "visual", "vital", "vivid", "vocal", "voice", "void", "volcano", "volume", "vote", "voyage", "wage", "wagon", "wait", "walk", "wall", "walnut", "want", "warfare", "warm", "warrior", "wash", "wasp", "waste", "water", "wave", "way", "wealth", "weapon", "wear", "weasel", "weather", "web", "wedding", "weekend", "weird", "welcome", "west", "wet", "whale", "what", "wheat", "wheel", "when", "where", "whip", "whisper", "wide", "width", "wife", "wild", "will", "win", "window", "wine", "wing", "wink", "winner", "winter", "wire", "wisdom", "wise", "wish", "witness", "wolf", "woman", "wonder", "wood", "wool", "word", "work", "world", "worry", "worth", "wrap", "wreck", "wrestle", "wrist", "write", "wrong", "yard", "year", "yellow", "you", "young", "youth", "zebra", "zero", "zone", "zoo" ]一、HD钱包的核心概念与价值
HD钱包(Hierarchical Deterministic Wallet)即分层确定性钱包,是一种能够从单一种子生成并管理大量私钥的钱包结构。其核心优势体现在两个方面:
- 确定性(Deterministic):所有私钥都由一个初始种子(Seed)推导而来,种子不变则私钥序列不变
- 分层(Hierarchical):私钥按树状层级结构组织,便于多账户、多场景管理
这种设计彻底解决了传统钱包的两大痛点:私钥管理复杂(需备份多个私钥)和跨设备同步困难,为区块链资产管理提供了标准化解决方案。
二、HD钱包的底层协议基石
HD钱包的实现依赖于一系列比特币改进协议(BIP),这些协议共同构成了其技术标准:
1. BIP-32:分层确定性密钥派生
BIP-32是HD钱包的核心协议,定义了从根私钥派生子私钥的数学方法。它通过椭圆曲线加密算法(ECDSA)实现密钥的层级派生,主要解决了两个问题:
- 如何从父私钥生成子私钥
- 如何从父公钥生成子公钥(无需暴露私钥)
核心原理:通过HMAC-SHA512算法对父密钥和索引进行计算,生成子密钥。派生分为两种类型:
- 普通派生:使用非 hardened 索引(0-2^31-1),可从公钥派生
- 强化派生:使用 hardened 索引(231-232-1),标记为
i',只能从私钥派生
// BIP-32 子私钥派生简化实现
private byte[] deriveChildPrivateKey(byte[] parentPrivateKey, int index) {
byte[] indexBytes = ByteBuffer.allocate(4).putInt(index).array();
byte[] data;
// 强化派生与普通派生的数据拼接方式不同
if (isHardened(index)) {
// 强化派生:0x00 + 父私钥 + 索引
data = ArrayUtils.addAll(new byte[]{0x00}, ArrayUtils.addAll(parentPrivateKey, indexBytes));
} else {
// 普通派生:父公钥 + 索引
byte[] parentPublicKey = derivePublicKey(parentPrivateKey);
data = ArrayUtils.addAll(parentPublicKey, indexBytes);
}
// 使用HMAC-SHA512计算派生结果
Mac mac = Mac.getInstance("HmacSHA512");
mac.init(new SecretKeySpec(parentChainCode, "HmacSHA512"));
byte[] i = mac.doFinal(data);
// 前32字节为子私钥,后32字节为子链码
byte[] childPrivateKey = Arrays.copyOfRange(i, 0, 32);
// ... 椭圆曲线加法计算最终子私钥
return childPrivateKey;
}
2. BIP-39:助记词标准化
BIP-39解决了种子(Seed)的人类可读性问题,将随机数种子转换为易记的单词序列(助记词)。其核心价值在于:
- 简化备份:12-24个单词比128-256位随机数更易记忆和抄写
- 增强兼容性:统一助记词格式,使不同钱包间可相互恢复
3. BIP-44:多币种路径规范
BIP-44在BIP-32基础上,定义了一套统一的路径格式,用于区分不同币种和账户:
m / purpose' / coin_type' / account' / change / address_index
每个字段的含义:
m:表示从根私钥开始purpose':固定为44',标识遵循BIP-44标准coin_type':币种类型(如比特币0',以太坊60',完整列表见SLIP-44)account':账户索引(0开始,用于区分不同账户)change:0表示外部地址(接收资金),1表示内部地址(找零)address_index:地址索引(0开始,用于生成多个地址)
三、助记词生成规则与流程
助记词的生成是HD钱包初始化的关键步骤,严格遵循BIP-39标准,完整流程如下:
1. 生成随机熵(Entropy)
熵是助记词的源头,必须是128-256位的随机数,且为32的倍数:
- 128位 → 12个助记词
- 160位 → 15个助记词
- 192位 → 18个助记词
- 224位 → 21个助记词
- 256位 → 24个助记词
// 生成指定长度的随机熵
private byte[] generateEntropy(int bits) {
if (bits % 32 != 0 || bits < 128 || bits > 256) {
throw new IllegalArgumentException("熵必须是32的倍数,且在128-256位之间");
}
int bytesLength = bits / 8;
byte[] entropy = new byte[bytesLength];
SecureRandom secureRandom = new SecureRandom();
secureRandom.nextBytes(entropy); // 使用加密安全的随机数生成器
return entropy;
}
2. 计算校验和(Checksum)
校验和用于验证熵的完整性,计算方式:
- 对熵进行SHA-256哈希
- 取哈希结果的前
熵位数/32位作为校验和
// 计算校验和
private byte[] calculateChecksum(byte[] entropy) throws NoSuchAlgorithmException {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(entropy);
int checksumLength = entropy.length * 8 / 32; // 熵位数/32
return Arrays.copyOf(hash, (checksumLength + 7) / 8); // 向上取整为字节
}
3. 拼接熵与校验和
将熵和校验和按位拼接,形成总长度为熵位数 + 校验和位数的序列,该总长度一定是11的倍数:
// 拼接熵和校验和(按位操作)
private BitSet concatenateEntropyAndChecksum(byte[] entropy, byte[] checksum, int entropyBits) {
int checksumBits = entropyBits / 32;
BitSet entropyBitset = BitSet.valueOf(entropy);
BitSet checksumBitset = BitSet.valueOf(checksum);
BitSet combined = new BitSet(entropyBits + checksumBits);
// 复制熵的所有位
for (int i = 0; i < entropyBits; i++) {
combined.set(i, entropyBitset.get(i));
}
// 复制校验和的前checksumBits位
for (int i = 0; i < checksumBits; i++) {
combined.set(entropyBits + i, checksumBitset.get(i));
}
return combined;
}
4. 分割为11位分组
将拼接后的序列按11位一组分割,每组对应0-2047的整数(BIP-39词表索引):
// 分割为11位分组并映射到词表
private List<String> bitsToMnemonic(BitSet combined, int wordCount, List<String> wordlist) {
List<String> mnemonic = new ArrayList<>(wordCount);
for (int i = 0; i < wordCount; i++) {
int start = i * 11;
int end = start + 11;
// 计算11位对应的整数索引
int index = 0;
for (int j = start; j < end; j++) {
index <<= 1;
if (combined.get(j)) {
index |= 1;
}
}
mnemonic.add(wordlist.get(index));
}
return mnemonic;
}
5. 映射到BIP-39词表
每组11位整数对应词表中的一个单词,词表包含2048个固定单词(多语言版本),确保不同钱包间的兼容性。
完整代码实现
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.BitSet;
import java.util.List;
public class BIP39Generator {
// BIP-39英文词表(完整词表包含2048个单词)
private static final List<String> ENGLISH_WORDLIST = Arrays.asList(
"abandon", "ability", "able", "about", "above", "absent", "absorb", "abstract", "absurd", "abuse",
"access", "accident", "account", "accuse", "achieve", "acid", "acoustic", "acquire", "across", "act",
// ... 省略中间2028个单词 ...
"zone", "zoo", "zoom", "zombie", "zodiac", "zero", "zealous", "zap", "youth", "yield"
);
/**
* 生成助记词
* @param entropyBits 熵的位数(128, 160, 192, 224, 256)
* @return 助记词列表
*/
public static List<String> generateMnemonic(int entropyBits) throws NoSuchAlgorithmException {
// 1. 生成随机熵
byte[] entropy = generateEntropy(entropyBits);
// 2. 计算校验和
byte[] checksum = calculateChecksum(entropy);
// 3. 拼接熵和校验和
BitSet combined = concatenateEntropyAndChecksum(entropy, checksum, entropyBits);
// 4. 计算助记词数量
int wordCount = (entropyBits + (entropyBits / 32)) / 11;
// 5. 转换为助记词
return bitsToMnemonic(combined, wordCount, ENGLISH_WORDLIST);
}
/**
* 生成随机熵
*/
private static byte[] generateEntropy(int bits) {
if (bits % 32 != 0 || bits < 128 || bits > 256) {
throw new IllegalArgumentException("熵必须是32的倍数,且在128-256位之间");
}
int bytesLength = bits / 8;
byte[] entropy = new byte[bytesLength];
SecureRandom secureRandom = new SecureRandom();
secureRandom.nextBytes(entropy);
return entropy;
}
/**
* 计算校验和
*/
private static byte[] calculateChecksum(byte[] entropy) throws NoSuchAlgorithmException {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(entropy);
int checksumBits = entropy.length * 8 / 32;
return Arrays.copyOf(hash, (checksumBits + 7) / 8);
}
/**
* 拼接熵和校验和
*/
private static BitSet concatenateEntropyAndChecksum(byte[] entropy, byte[] checksum, int entropyBits) {
int checksumBits = entropyBits / 32;
BitSet entropyBitset = BitSet.valueOf(entropy);
BitSet checksumBitset = BitSet.valueOf(checksum);
BitSet combined = new BitSet(entropyBits + checksumBits);
// 复制熵的所有位
for (int i = 0; i < entropyBits; i++) {
combined.set(i, entropyBitset.get(i));
}
// 复制校验和的前checksumBits位
for (int i = 0; i < checksumBits; i++) {
combined.set(entropyBits + i, checksumBitset.get(i));
}
return combined;
}
/**
* 将位集合转换为助记词
*/
private static List<String> bitsToMnemonic(BitSet combined, int wordCount, List<String> wordlist) {
if (wordlist.size() != 2048) {
throw new IllegalArgumentException("词表必须包含2048个单词");
}
List<String> mnemonic = new ArrayList<>(wordCount);
for (int i = 0; i < wordCount; i++) {
int start = i * 11;
int end = start + 11;
// 计算11位对应的整数索引
int index = 0;
for (int j = start; j < end; j++) {
index <<= 1;
if (combined.get(j)) {
index |= 1;
}
}
mnemonic.add(wordlist.get(index));
}
return mnemonic;
}
/**
* 从助记词生成种子
*/
public static byte[] mnemonicToSeed(List<String> mnemonic, String passphrase) throws Exception {
String mnemonicStr = String.join(" ", mnemonic);
String salt = "mnemonic" + (passphrase == null ? "" : passphrase);
// 使用PBKDF2算法生成512位种子
javax.crypto.SecretKeyFactory factory = javax.crypto.SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
javax.crypto.spec.PBEKeySpec spec = new javax.crypto.spec.PBEKeySpec(
mnemonicStr.toCharArray(),
salt.getBytes("UTF-8"),
2048, // 迭代次数
512 // 输出长度(位)
);
return factory.generateSecret(spec).getEncoded();
}
public static void main(String[] args) {
try {
// 生成12个助记词(128位熵)
List<String> mnemonic = generateMnemonic(128);
System.out.println("生成的助记词:");
System.out.println(String.join(" ", mnemonic));
// 从助记词生成种子
byte[] seed = mnemonicToSeed(mnemonic, ""); // 可选密码
System.out.println("\n生成的种子 (十六进制):");
System.out.println(bytesToHex(seed));
} catch (Exception e) {
e.printStackTrace();
}
}
// 字节数组转十六进制字符串
private static String bytesToHex(byte[] bytes) {
StringBuilder sb = new StringBuilder();
for (byte b : bytes) {
sb.append(String.format("%02x", b));
}
return sb.toString();
}
}
四、从助记词到私钥的完整链路
助记词只是HD钱包的起点,从助记词到最终可用的私钥,还需要经过以下步骤:
-
助记词 → 种子(Seed)
通过PBKDF2算法,使用助记词和可选密码(passphrase)生成512位种子:- 盐值(salt)固定为 "mnemonic" + 密码
- 迭代次数:2048次
- 哈希算法:HMAC-SHA512
-
种子 → 根私钥(Master Private Key)
使用HMAC-SHA512算法,以"Bitcoin seed"为密钥,对种子进行哈希,得到:- 前32字节:根私钥
- 后32字节:根链码(Chain Code,用于派生子密钥)
-
根私钥 → 子私钥
根据BIP-32规则,通过根私钥和链码,结合BIP-44路径,派生各层级的子私钥。 -
私钥 → 公钥 → 地址
每个私钥通过椭圆曲线算法生成对应的公钥,公钥经过哈希等处理后生成最终的区块链地址。 -
从助记词到多链地址的生成代码实现(python简易实现)
import hashlib
import hmac
import os
import binascii
from typing import List, Dict, Tuple
from ecdsa import SECP256k1, SigningKey
from ecdsa.util import sigencode_string_canonize
import bech32
# BIP-39完整英文词表(部分展示)
ENGLISH_WORDLIST = [
"abandon", "ability", "able", "about", "above", "absent", "absorb", "abstract", "absurd", "abuse",
"access", "accident", "account", "accuse", "achieve", "acid", "acoustic", "acquire", "across", "act",
# ... 省略中间单词 ...
"zone", "zoo", "zoom", "zombie", "zodiac", "zero", "zealous", "zap", "youth", "yield"
]
# 链类型与BIP-44路径映射
CHAIN_PATHS = {
"BTC": "m/44'/0'/0'/0/0", # 比特币主网
"ETH": "m/44'/60'/0'/0/0", # 以太坊主网
"BSC": "m/44'/56'/0'/0/0" # 币安智能链
}
def mnemonic_to_seed(mnemonic: List[str], passphrase: str = "") -> bytes:
"""从助记词生成种子"""
mnemonic_str = " ".join(mnemonic)
salt = f"mnemonic{passphrase}".encode()
return hashlib.pbkdf2_hmac(
"sha512",
mnemonic_str.encode(),
salt,
2048,
64
)
def generate_mnemonic(entropy_bits: int = 128) -> List[str]:
"""生成助记词"""
if entropy_bits % 32 != 0 or not (128 <= entropy_bits <= 256):
raise ValueError("熵必须是32的倍数(128-256位)")
entropy = os.urandom(entropy_bits // 8)
checksum = hashlib.sha256(entropy).digest()[0] >> (8 - (entropy_bits // 32))
combined = (int.from_bytes(entropy, 'big') << (entropy_bits // 32)) | checksum
mnemonic = []
for i in range(entropy_bits // 32 * 3):
index = (combined >> (11 * (entropy_bits // 32 * 3 - 1 - i))) & 0x7FF
mnemonic.append(ENGLISH_WORDLIST[index])
return mnemonic
def hmac_sha512(key: bytes, data: bytes) -> bytes:
"""HMAC-SHA512计算"""
return hmac.new(key, data, hashlib.sha512).digest()
def derive_child_key(parent_private_key: bytes, parent_chain_code: bytes, index: int) -> Tuple[bytes, bytes]:
"""BIP-32子密钥派生"""
if index >= 0x80000000: # 强化派生
data = b'\x00' + parent_private_key + index.to_bytes(4, 'big')
else: # 普通派生
# 从私钥计算公钥
sk = SigningKey.from_string(parent_private_key, curve=SECP256k1)
pk = sk.get_verifying_key().to_string('compressed')
data = pk + index.to_bytes(4, 'big')
# 计算HMAC-SHA512
i = hmac_sha512(parent_chain_code, data)
i_l = i[:32] # 子私钥部分
i_r = i[32:] # 子链码
# 椭圆曲线加法计算最终子私钥
parent_private_num = int.from_bytes(parent_private_key, 'big')
i_l_num = int.from_bytes(i_l, 'big')
curve_order = SECP256k1.order
child_private_num = (parent_private_num + i_l_num) % curve_order
return (child_private_num.to_bytes(32, 'big'), i_r)
def derive_path(seed: bytes, path: str) -> Tuple[bytes, bytes]:
"""从种子按BIP-44路径派生密钥"""
# 生成根密钥
h = hmac_sha512(b"Bitcoin seed", seed)
master_private_key = h[:32]
master_chain_code = h[32:]
# 解析路径
parts = path.split('/')[1:] # 跳过'm'
current_private_key = master_private_key
current_chain_code = master_chain_code
for part in parts:
# 处理强化派生标记'
if part.endswith("'"):
index = int(part[:-1]) + 0x80000000
else:
index = int(part)
# 派生子密钥
current_private_key, current_chain_code = derive_child_key(
current_private_key, current_chain_code, index
)
return (current_private_key, current_chain_code)
def private_key_to_public_key(private_key: bytes, compressed: bool = True) -> bytes:
"""从私钥生成公钥"""
sk = SigningKey.from_string(private_key, curve=SECP256k1)
vk = sk.get_verifying_key()
return vk.to_string('compressed' if compressed else 'uncompressed')
def public_key_to_eth_address(public_key: bytes) -> str:
"""将公钥转换为以太坊地址"""
# 以太坊地址是公钥哈希的后20字节
keccak = hashlib.new('keccak_256')
keccak.update(public_key[1:]) # 移除前缀0x04
return '0x' + keccak.digest()[-20:].hex()
def public_key_to_btc_address(public_key: bytes) -> str:
"""将公钥转换为比特币地址(Bech32格式)"""
# 计算哈希
sha256 = hashlib.sha256(public_key).digest()
ripemd160 = hashlib.new('ripemd160', sha256).digest()
# Bech32编码(主网前缀'bc')
return bech32.encode('bc', bech32.convertbits(ripemd160, 8, 5))
def generate_chain_addresses(mnemonic: List[str], chains: List[str] = None) -> Dict[str, Dict[str, str]]:
"""生成指定链的私钥、公钥和地址"""
if not chains:
chains = CHAIN_PATHS.keys()
result = {}
seed = mnemonic_to_seed(mnemonic)
for chain in chains:
if chain not in CHAIN_PATHS:
continue
path = CHAIN_PATHS[chain]
private_key, _ = derive_path(seed, path)
public_key = private_key_to_public_key(private_key, compressed=chain == "BTC")
# 根据不同链生成地址
if chain in ["ETH", "BSC"]: # ETH和BSC地址格式相同
address = public_key_to_eth_address(public_key)
elif chain == "BTC":
address = public_key_to_btc_address(public_key)
result[chain] = {
"path": path,
"private_key": binascii.hexlify(private_key).decode(),
"public_key": binascii.hexlify(public_key).decode(),
"address": address
}
return result
def main():
# 1. 生成助记词
mnemonic = generate_mnemonic(128) # 12个单词
print("助记词:")
print(" ".join(mnemonic) + "\n")
# 2. 生成多链地址信息
chain_data = generate_chain_addresses(mnemonic)
# 3. 输出结果
for chain, data in chain_data.items():
print(f"=== {chain} 信息 ===")
print(f"路径: {data['path']}")
print(f"私钥: {data['private_key']}")
print(f"公钥: {data['public_key']}")
print(f"地址: {data['address']}\n")
if __name__ == "__main__":
main()
五、实际应用与注意事项
1. 多链地址生成
同一份助记词可生成不同链的地址,只需使用对应链的BIP-44路径:
| 区块链 | coin_type | 地址路径示例 |
|---|---|---|
| 比特币 | 0' | m/44'/0'/0'/0/0 |
| 以太坊 | 60' | m/44'/60'/0'/0/0 |
| BSC | 56' | m/44'/56'/0'/0/0 |
| 莱特币 | 2' | m/44'/2'/0'/0/0 |
2. 安全性最佳实践
- 助记词备份:手写备份,离线存储,避免数字记录
- 密码保护:使用强密码(passphrase)增强种子安全性
- 随机数质量:确保熵的生成使用加密安全的随机数生成器
- 路径规范:使用标准路径,避免自定义路径导致的兼容性问题
3. 常见问题
- 助记词顺序重要吗? 是的,单词顺序错误会导致种子错误
- 可以修改助记词中的单词吗? 不可以,任何修改会导致校验和不匹配
- 忘记密码(passphrase)怎么办? 无法恢复,需使用无密码方式重新导入
- 不同钱包导入同一份助记词,地址相同吗? 遵循相同BIP标准的钱包会生成相同地址
六、总结
HD钱包通过BIP-32、BIP-39和BIP-44等协议的有机结合,构建了一套安全、便捷、可扩展的私钥管理系统。其核心创新在于:
- 用助记词解决了私钥的备份难题
- 用分层结构实现了多账户的有序管理
- 用标准化路径支持了多币种的统一管理
七、相关面试问题
以下是针对BIP32、BIP39、BIP44/49/84/86的核心面试点及详细解答,涵盖原理、流程、关键细节及实际应用场景,适合面试准备和技术理解。
一、BIP32(分层确定性钱包)面试点
1. 核心问题:BIP32解决了什么问题?为什么需要分层确定性钱包?
解答:
传统钱包中,每个地址对应独立的私钥,管理时需要备份所有私钥(繁琐且易丢失)。BIP32(Bitcoin Improvement Proposal 32)提出“分层确定性钱包(HD Wallet)”概念,通过一个种子生成所有私钥,且私钥间存在层级关系(父子、兄弟),解决了以下问题:
- 只需备份一个种子,即可恢复所有私钥(无需逐个备份);
- 支持层级结构(如按账户、链、地址类型分组),便于管理(如区分“接收地址”和“找零地址”);
- 可安全共享子公钥(如商家公开子公钥让客户转账,无需暴露私钥)。
2. 核心问题:BIP32的“派生过程”是什么?父密钥如何生成子密钥?
解答:
BIP32的核心是“从父密钥派生子密钥”,通过“扩展密钥(Extended Key)”实现。扩展密钥包含两部分:
- 私钥/公钥(256位):用于签名或验证;
- 链码(Chain Code,256位):随机数,用于增强派生安全性(避免子密钥泄露导致父密钥被推导)。
(1)扩展密钥的分类:
- 扩展私钥(xprv):包含私钥+链码,可派生所有子私钥和子公钥;
- 扩展公钥(xpub):包含公钥+链码,仅可派生子公钥(无法派生私钥,适合共享)。
(2)派生流程(核心):
派生分为“非强化派生(non-hardened)”和“强化派生(hardened)”,区别在于输入参数不同:
-
非强化派生(子索引
i < 2^31):
父公钥可直接派生子公钥(无需父私钥),适合共享xpub生成地址。- 子链码计算:
HMAC-SHA512(父链码, 父公钥 + 4字节索引i) → 前256位为子链码; - 子私钥计算:
(父私钥 + 子链码前256位) mod 椭圆曲线阶数n; - 子公钥计算:
子私钥 * G(椭圆曲线点乘,G为生成点),或直接通过父xpub派生(父公钥 + 子链码前256位 * G)。
- 子链码计算:
-
强化派生(子索引
i ≥ 2^31,记为i'):
必须用父私钥派生,避免“子私钥泄露导致父私钥被推导”(安全增强)。- 子链码计算:
HMAC-SHA512(父链码, 0x00 + 父私钥 + 4字节索引i) → 前256位为子链码; - 子私钥计算:
(父私钥 + 子链码前256位) mod n; - 子公钥计算:
子私钥 * G。
- 子链码计算:
(3)关键区别:
- 非强化派生:父xpub可派生所有子公钥,适合“只读场景”(如公开收款地址);但如果子私钥泄露,结合父xpub可推导出父私钥(风险)。
- 强化派生:必须用父私钥派生,子私钥泄露不会影响父私钥(安全),但父xpub无法派生子公钥(需用父xprv)。
3. 追问点:扩展密钥的格式是什么?如何序列化?
解答:
扩展密钥需序列化后存储/传输,格式为Base58编码,包含:
- 版本号(4字节,区分主网/测试网,如主网xprv为
0x0488ADE4,xpub为0x0488B21E); - 深度(1字节,根节点为0,子节点为1,以此类推);
- 父节点指纹(4字节,父公钥哈希的前4字节,根节点为0);
- 子索引(4字节,派生时的索引i);
- 链码(32字节);
- 私钥/公钥(33字节,私钥前加0x00,公钥为压缩格式)。
二、BIP39(助记词)面试点
1. 核心问题:BIP39的作用是什么?为什么需要助记词?
解答:
BIP39定义了“助记词(Mnemonic Phrase)”标准,将BIP32的“种子(128-256位随机数)”转换为人类易记的单词序列(替代冗长的十六进制种子),解决了“种子备份困难”的问题。
- 例如:256位种子(64个十六进制字符)可转换为24个单词,便于手写备份(如“abandon abandon ... zoo”)。
2. 核心问题:助记词的生成流程是什么?(熵→校验和→单词映射)
解答:
生成流程分5步,核心是“熵→校验和→单词索引”的转换:
-
生成熵(Entropy):
熵是随机数,长度为128-256位(必须是32的倍数),对应助记词数量:- 128位熵 → 12个单词;
- 160位熵 → 15个单词;
- 192位熵 → 18个单词;
- 224位熵 → 21个单词;
- 256位熵 → 24个单词。
-
计算校验和:
对熵做SHA-256哈希,取前熵长度/32位作为校验和(如128位熵→4位校验和,256位熵→8位校验和)。 -
合并熵和校验和:
将熵(128位)和校验和(4位)拼接,得到128+4=132位的二进制串(12个单词对应12组,每组11位)。 -
分割为单词索引:
将合并后的二进制串按11位一组分割(11位可表示0-2047的索引,对应词库大小)。 -
映射到词库:
每组11位索引对应词库中固定位置的单词,最终形成助记词序列。
示例(12个单词生成):
- 熵(128位):
00000000000000000000000000000000 - SHA-256哈希(前4位):
0000(校验和) - 合并后:
000000000000000000000000000000000000(132位) - 分割为12组(每组11位):
00000000000(索引0)重复12次 - 词库中索引0为“abandon”,最终助记词:
abandon abandon ... abandon(12次)。
3. 核心问题:助记词如何转换为BIP32的种子?(关键步骤)
解答:
助记词需通过PBKDF2函数转换为BIP32的种子(512位),流程:
- 输入:助记词字符串(单词用空格分隔)+ 盐(Salt);
- 盐固定为:
"mnemonic" + 密码(密码可选,增强安全性,若无密码则盐为"mnemonic"); - 算法:PBKDF2-HMAC-SHA512,迭代次数2048次;
- 输出:512位种子(作为BIP32的根密钥输入)。
代码片段(Python):
import hashlib
import hmac
def mnemonic_to_seed(mnemonic: str, passphrase: str = "") -> bytes:
salt = f"mnemonic{passphrase}".encode() # 盐格式固定
# PBKDF2计算:2048次迭代,输出512位
return hashlib.pbkdf2_hmac(
hash_name="sha512",
password=mnemonic.encode(),
salt=salt,
iterations=2048,
dklen=64 # 512位=64字节
)
4. 核心问题:如何验证助记词的有效性?
解答:
验证流程是生成流程的逆过程:
- 将助记词通过词库映射回11位二进制组,拼接为完整二进制串(熵+校验和);
- 分离熵和校验和(校验和长度=熵长度/32);
- 对熵计算SHA-256哈希,取前N位与校验和对比,一致则有效。
5. 关键细节:BIP39词库的特点?
- 词库包含2048个单词(2^11=2048,对应11位索引);
- 单词唯一且无歧义(如无“apple”和“apples”同时出现,避免混淆);
- 支持多语言(中文、英文等),但同索引在不同语言中对应不同单词(但生成的种子唯一,与语言无关)。
三、BIP44/49/84/86(地址派生路径)面试点
1. 核心问题:BIP44的作用是什么?路径结构是什么?
解答:
BIP44定义了HD钱包的标准化派生路径,解决不同钱包间的兼容性问题(确保同一种子在不同钱包中生成相同地址)。
路径结构(分层):
m / purpose' / coin_type' / account' / change / address_index
各字段含义:
m:根私钥(种子派生的根节点);purpose':固定为44'(BIP44标识,带'表示强化派生);coin_type':区块链类型(如比特币=0',以太坊=60',莱特币=2',带'强化派生);account':账户索引(从0'开始,用于区分不同账户,强化派生);change:0=外部地址(接收转账),1=内部地址(找零),非强化派生;address_index:地址索引(从0开始,非强化派生,按顺序生成新地址)。
示例:
比特币第0账户的第1个接收地址路径:m/44'/0'/0'/0/0
2. 核心问题:BIP44、49、84、86的区别是什么?各自的使用场景?
解答:
这四个BIP均基于BIP44的路径结构,核心区别是purpose字段和对应的地址格式(因区块链地址格式升级而衍生)。
| 标准 | purpose字段 | 地址格式 | 特点/场景 |
|---|---|---|---|
| BIP44 | 44' | Legacy(P2PKH) | 最早的比特币地址(如1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa),兼容性强但效率低 |
| BIP49 | 49' | 嵌套隔离见证(P2SH-P2WPKH) | 兼容Legacy钱包的隔离见证地址(如3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy),平衡兼容性和效率 |
| BIP84 | 84' | 原生隔离见证(P2WPKH) | 比特币bech32格式(如bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq),体积小、手续费低 |
| BIP86 | 86' | Taproot(P2TR) | 比特币Taproot地址(如bc1p5d7rjq7g6rdk2yhzks9smlaqtedr4dekq08ge8ztwac72sfr9rusxg3297),支持复杂脚本、隐私性和扩展性更强 |
3. 核心问题:不同区块链的coin_type如何区分?
解答:
coin_type用于区分不同区块链,由SLIP-44(BIP44的补充)定义,常见值:
- 比特币(主网):0';
- 以太坊(主网):60';
- 莱特币(主网):2';
- 比特币测试网:1'。
示例:
以太坊第0账户接收地址路径:m/44'/60'/0'/0/0
4. 关键细节:为什么purpose、coin_type、account需要强化派生(带')?
解答:
带'表示强化派生(hardened),防止子私钥泄露后推导出父私钥,保护核心层级(如不同链、不同账户的隔离)。而change和address_index用非强化派生,允许通过xpub直接生成地址(方便共享接收地址)。
本文来自博客园,作者:ffffox,转载请注明原文链接:https://www.cnblogs.com/ffffox/p/19005011
浙公网安备 33010602011771号