Anyone who has traded or invested in cryptocurrencies may know about wallet addresses. When you set up a Metamask or a Trust wallet account, an address is automatically generated. More so, users who keep their crypto tokens on centralised exchanges such as Binance, Coinbase, and KuCoin also get wallet addresses.
This article aims to uncover the behind-the-scenes of generating a wallet address.
From a layman’s perspective, an address is synonymous with your bank account or an email address. A crypto wallet address gives you a unique digital identity on the internet, specifically, a blockchain network. Your address enables you to sign transactions on the blockchain, receive funds, and send cryptocurrencies to other users.
Ethereum is the second largest blockchain platform by market capitalisation, closely behind Bitcoin, the first ever built blockchain-based cryptocurrency. Ethereum is equally one of the highest used platforms with many use cases and projects ranging from decentralised finance, metaverse, NFTs, etc. That said, it makes sense to study how Ethereum addresses are generated by DApps such as Metamask.
By design (from the yellow paper), Ethereum addresses are hexadecimal characters of 20 bytes or 40 characters long. They are typically prefixed with 0x, making them 42 characters long. An example address is 0x6B96f06B72D5A21d64b9D460534977799c332434. These 42 long characters are generated using public key cryptography, also known as asymmetric cryptography. In an asymmetric cryptographic scheme, two keys (a public and a private key) are needed to provide secure encryption. It turns out that your address is the output of your public key.
To generate an Ethereum address, you need
- A 256-bit (or 32-bytes) random private key. A private key can come in several formats: a binary string, a mnemonic, or a secret hexadecimal string.
- You then pass your 256-bit private key through an Elliptic Curve Digital Signature Algorithm (ECDSA), the same curve used in generating Bitcoin addresses. The ECDSA is a cryptographic algorithm that offers robust and secure encryption for communications.
- The output of the ECDSA (public key) is then hashed using a hashing function, specifically Keccak-256.
- Your Ethereum address is the last 20 bytes or 40 characters of the hashed output, prefixed with 0x.
We shall use one of the popular Ethereum crypto libraries. With this utility, we can perform cryptographic operations such as hashing, signing transactions, and generating public keys of different algorithms.
Let’s start by initializing our project folder with node.js and installing the library.
npm install ethereum-cryptography
Part 1: Generating Private Key
We need to generate a random 256-bit or 32-byte (8 bits equals 1 byte) hexadecimal string using a cryptographic random number generator (RNG) function. See the code snippet below.
Running the code (node index.js) gives you the below output — your private key.
Part 2: Generating Public Key using ECDSA
In this part, we shall derive a public key for our private key using the secp256k1 curve. See the code below.
The output is a 64-byte integer.
Part 3: Hashing the Public Key using Keccak-256
The last technical part is hashing the output of the secp256k1 curve using the famous keccak-256 hashing algorithm. And finally, we take the last 40 characters from the hash (digest)
The output value (0xdf86c04b91b0d2711158d89bf62387f6bba0fb8b) is our Ethereum address.
PS: I have successfully received 0.5 MATIC tokens on this address using the Polygon Test blockchain. See the screenshot below.
Conclusion
If you’ve made it this far, I hope you now understand how wallet providers (such as Metamask) and crypto exchanges (such as Binance) provision new addresses for every crypto user. With these simple steps, anyone can generate their Ethereum addresses as there are 2^ 256 possible addresses to be owned. It is crucial to generate a powerful private key that is impossible to brute-force or hack.
