生成助记词种子有三个步骤:
- 生成熵
- 熵到助记词
- 助记词到种子
一、生成熵(你的熵应该是128到256位)
require 'securerandom' # 用于生成熵字节的库
bytes = SecureRandom.random_bytes(16) # 16字节= 128位(1字节= 8位)
entropy = bytes.unpack("B*").join # 将字节转换为位串(base2)
puts entropy #=> "01011001011011001111111111010111001001101001010100111000101000011010111011111001011101000000011001001101011111000000010110110111"
注意:总是使用安全的随机数生成器为您的熵。不要使用你的编程语言的默认“随机”函数,因为它产生的数字对于密码学来说不够随机
二、熵到助记词(助记词短语通常在12到24个单词之间)
entropy = "01011001011011001111111111010111001001101001010100111000101000011010111011111001011101000000011001001101011111000000010110110111"
# 1. 创建校验和
require 'digest'
size = entropy.length / 32 # 从熵散列中获取的位数(每32位熵1位校验和)
sha256 = Digest::SHA256.digest([entropy].pack("B*")) # 熵散列(在原始二进制中)
checksum = sha256.unpack("B*").join[0..size-1] # 获得所需的位数
puts "checksum: #{checksum}"
# 2. 联合
full = entropy + checksum
puts "combined: #{full}"
# 3. 拆分为11位的字符串
pieces = full.scan(/.{11}/)
# 4. 以数组的形式获取单词列表
wordlist = File.readlines("wordlist.txt")
# 5. 将位数组转换为单词数组
puts "words:"
sentence = []
pieces.each do |piece|
i = piece.to_i(2) # 将11位的字符串转换为整数
word = wordlist[i] # 从单词列表中获取相应的单词
sentence << word.chomp # 添加到句子(从单词末尾删除换行符)
puts "#{piece} #{i.to_s.rjust(4)} #{word}"
end
mnemonic = sentence.join(" ")
puts "mnemonic: #{mnemonic}" #=> "choice cheese funny glory autumn march physical betray cable car boy job"
三、助记词到种子
require 'openssl'
mnemonic = "choice cheese funny glory autumn march physical betray cable car boy job"
passphrase = "" # 可以将此字段留空
puts "passphrase: #{passphrase}"
password = mnemonic
salt = "mnemonic#{passphrase}" # "mnemonic" 始终在salt中使用,并附加可选的密码短语
iterations = 2048
keylength = 64
digest = OpenSSL::Digest::SHA512.new
result = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, keylength, digest)
seed = result.unpack("H*")[0] # 转换为十六进制字符串
puts "seed: #{seed}" #=> "c9525372f456ab1a5c8b917a7818a0eabd39080badfa22997f8de4519d46cdca0336c13c929f65304a7170f518635fdb350dbb06a89d4a620d016d70d6fe1335"
PBKDF2 Settings:
Password: Mnemonic Sentence
Salt: "mnemonic"+(optional passphrase)
Iterations: 2048
Algorithm: HMAC-SHA512
Size: 64 bytes
PBKDF 2-基于密码的密钥导出函数2
PBKDF2基本上是一个哈希函数,它被设计成很慢(通过在生成结果之前对数据进行多次哈希)。这样做的好处是,任何人都很难用暴力记忆句子来尝试获得人们实际使用过的种子。
此外,PBKDF2还允许您提供第二个名为salt的输入(“密码短语”,“种子扩展”)沿着您想要散列的数据,这允许您从相同的助记语句生成完全不同的种子。
链接.