How to determine the origin and legitimacy of a transaction is a fundamental problem of having a trustless, distributed monetary system without supervision. Blockchains use asymmetric cryptography to solve this problem. Even if you have never used cryptocurrencies, or programmed a single line of code in your life, you will have used asymmetric cryptography. It is the technology behind the HTTPS protocol, used in banking, downloading software, sending and receiving WhatsApp messages and much more.

In blockchain, a `private key`

is generated using a common secret, a `passphrase`

. This private key can then be used to create a `public key`

, together called a `key pair`

. Using the `private key`

, you can encrypt a piece of data, such that only the `public key`

can decrypt it. The other way around is possible as well; you can encrypt data using the `public key`

such that only the `private key`

can decrypt it.

Using this principle, you can create signatures. Since we know only the `private key`

can encrypt data so that the `public key`

can decrypt it, if I were to send you the text "hello", but encrypted, you could use my `public key`

to decrypt the data back to the text "hello", and thus proving the message originated from me. In the same manner, a blockchain network will validate transactions, using the `public key`

to authenticate the origin of the signed transaction.

TIP

You should now realize why it is so important to keep your `private key`

and `passphrase`

hidden, with them anyone can create valid transactions.

An address on the blockchain is derived from a `public key`

. We could use the `public keys`

directly, but they are quite long and thus take up more storage, and using addresses improves privacy, as someone does not need to expose their public key to receive currencies. Transmitting currencies always requires sharing your `public key`

with the network. Cold wallets are just normal wallets, but ones that haven't yet exposed their `public key`

.

It is possible to compute the private key from the public key, doing so would merely take a very long time, think one-hundred-trillion-times-the-lifespan-of- earth long. Because of this, public keys can be freely shared, allowing anyone to encrypt content and verify digital signatures, while private keys can be kept secret, ensuring only the owners of the private keys can decrypt the content and create digital signatures [1].

Ark uses the SECP256k1 curve from the elliptic curve digital signature algorithm (ECDSA). ECDSA generates the private key and the public key pair from a 32-bytes-size seed. As the seeds are not very human readable, we have the option to generate the seed from something more convenient: a `passphrase`

.

The passphrase generated by the Ark Desktop wallet is a 12-word sentence, according to BIP39. The usage of the protocol is not mandatory as a seed can be generated from any kind text, but is recommended. A passphrase needs enough complexity and has to be random enough to be considered secure.

**From a passphrase to private and public keys**

Here we generated a full wallet using `simple secret`

as our `passphrase`

. As long as we have access to `simple secret`

, we can always regenerate the seed, private and public key, and address.

passphrase | `simple secret` |
---|---|

seed | `b6af972cfcff450addadfecccc1d222de0f28c92c349a6bcbba4d4267dd3199c` |

private key | `9b449f2ac4525b0116c7a78ce52387aab2ad6d928749cd26e60f2588efc5c01d` |

public key | `036f9f2b56926a8c28c3bcef02811b6b3338c4d67b06eb7a9e90bda0fb3eacedee` |

address | `AJZkkwhCjDG5AS9gZcNfKzTa3s1qwvD44r` |

An Ark address is like a bank account where only the owner of the private key can validate and broadcast transactions.

**From a public key to an Ark address**

A modifier is a byte used to customize the address. It is useful to differentiate networks:

- On Ark mainnet modifier =
`0x17`

so Ark address starts with`A`

. - On Ark devnet modifier =
`0x1e`

so DArk address starts with`D`

. - On KAPU mainnet modifier =
`0x2d`

so KAPU address starts with`K`

.

Here is a table giving the address start character according to hexadecimal modifier value.

hex | start char | hex | start char | hex | start char | hex | start char | hex | start char |
---|---|---|---|---|---|---|---|---|---|

00 | 1 | 10 | 7 | 20 | D or E | 30 | L | 40 | S or T |

01 | Q or o | 11 | 7 or 8 | 21 | E | 31 | L or M | 41 | T |

02 | o or 2 | 12 | 8 | 22 | E or F | 32 | M | 42 | T |

03 | 2 | 13 | 8 or 9 | 23 | F | 33 | M | 43 | T or U |

04 | 2 or 3 | 14 | 9 | 24 | F | 34 | M or N | 44 | U |

05 | 3 | 15 | 9 | 25 | F or G | 35 | N | 45 | U or V |

06 | 3 | 16 | 9 or A | 26 | G | 36 | N or P | 46 | V |

07 | 3 or 4 | 17 | A | 27 | G or H | 37 | P | 47 | V |

08 | 4 | 18 | A or B | 28 | H | 38 | P | 48 | V or W |

09 | 4 or 5 | 19 | B | 29 | H | 39 | P or Q | 49 | W |

0a | 5 | 1a | B | 2a | H or J | 3a | Q | 4a | W or X |

0b | 5 | 1b | B or C | 2b | J | 3b | Q or R | 4b | X |

0c | 5 or 6 | 1c | C | 2c | J or K | 3c | R | 4c | X |

0d | 6 | 1d | C or D | 2d | K | 3d | R | 4d | X or Y |

0e | 6 or 7 | 1e | D | 2e | K | 3e | R or S | 4e | Y |

0f | 7 | 1f | D | 2f | K or L | 3f | S | 4f | Y or Z |

hex | start char | hex | start char | hex | start char | hex | start char | hex | start char |
---|---|---|---|---|---|---|---|---|---|

50 | Z | 60 | f or g | 70 | n | 80 | t | 90 | z or 2 |

51 | Z | 61 | g | 71 | n | 81 | t or u | ≥91 | 2 |

52 | Z or a | 62 | g | 72 | n or o | 82 | u | ||

53 | a | 63 | g or h | 73 | o | 83 | u or v | ||

54 | a or b | 64 | h | 74 | o or p | 84 | v | ||

55 | b | 65 | h or i | 75 | p | 85 | v | ||

56 | b or c | 66 | i | 76 | p | 86 | v or w | ||

57 | c | 67 | i | 77 | p or q | 87 | w | ||

58 | c | 68 | i or j | 78 | q | 88 | w or x | ||

59 | c or d | 69 | j | 79 | q or r | 89 | x | ||

5a | d | 6a | j or k | 7a | r | 8a | x | ||

5b | d or e | 6b | k | 7b | r | 8b | x or y | ||

5c | e | 6c | k | 7c | r or s | 8c | y | ||

5d | e | 6d | k or m | 7d | s | 8d | y or z | ||

5e | e or f | 6e | m | 7e | s or t | 8e | z | ||

5f | f | 6f | m or n | 7f | t | 8f | z |

The best way to secure Ark address is to use a device that can sign transactions securely. The Ark team developed an application running on Ledger Nano S hardware wallet. Even if your computer has been infected with malware, you can still use it with your hardware wallet securely.

The Ledger Nano S device does not store passphrases. It is a device that generates public and private keys from a master seed. Keys are issued from the seed using the derivation path. For Ark blockchain (and cloned ones) the derivation path is structured like this:

`44'\111'\<account index>'\0\<address number>`

So the derivation path of the first address from the first account is:

`44'\111'\0'\0\0`

Choosing 12 words randomly from the 2048 words available in BIP39 list:

yields 5.271.537.971.301.488.476.000.309.317.528.200.000.000 combinations, that is an enormous amount!

Last Updated: 1/31/2019, 10:37:43 PM