I am implementing bip32 for my wallet as a Bitcoin learning project.
I follow this documentation:
Since I am not yet implementing bip39, I get the private master key and the code chain from the BIP39 master key from this web:
with a random set of words that are:
praise vague cruise stem test gesture twin long donate violin special hamster horror rough loan
Compare this edition with another web implementation here: https://iancoleman.io/bip39/
These two outputs match. After this point, however, they no longer do so. And my implementation doesn't match any of these implementations!
Here is my Python code in which I deserialize the extended BIP32 key. This fits perfectly with the private master key and the chain code from the second web app:
version = s.read(4)
depth = s.read(1)
fingerprint = s.read(4)
chain_code = s.read(32)
privkey = s.read(32)
return (version,depth, fingerprint,index,chain_code,privkey)
decoded =deserialize_xprvk( BytesIO(decode_base58_extended(xtprvk)))
I get print "decrypted":
This fits perfectly with the second implementation (the first does not show the private master key or chain code).
Then I try to follow the instructions from here:
To derive the PRIVATE KEY with index 0 for this master key and chain code as follows:
#The order of the ciclic group in the finite field of the ecliptic curve
N = 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141
#creates a string to emulate the index in a 4-byte hex format.
i_str = hex(i)(2:)
pub_key = PrivateKey(int.from_bytes(master_priv_key,"big")).point.sec()
#I put an extra "0" because every public key begins with a "02" or "03" but
#the hex() function commits this character.
#The str_i(0) means I am trying to get the index 0.
msg=("0" + hex(int.from_bytes(pub_key,"big"))(2:) + str_i(0)).encode()
key = hex(int.from_bytes(chain_code,"big"))(2:).encode() ,
I_L, I_R = I(:32), I(32:)
child_privkey_int = (int.from_bytes(I_L,"big") + int.from_bytes(master_priv_key,"big"))%N
child_privkey = PrivateKey(child_privkey_int).wif(compressed= True)
child_chain_code = I_R
When I run this code and try to get the child private key for path m 0 0 , I get:
But in the first web app you get:
And in the second you get:
Is it OK to disagree with different implementations? or am I really doing something wrong? I'm starting to pull my hair out to find out where I screw it up.
Thank you very much.