0

i have the following formula for generating public key

hash160 h = h0+h1+h2+h3+h4+h5+h6+h7+h8+h9

pubkey = g.base[h0]+g.offset[h1]+g.offset[h2]+g.offset[h3]+g.offset[h4]+g.offset[h5]+g.offset[h6]+g.offset[h7]+g.offset[h8]+g.offset[h9]

And the following code which generate the pub key from hash160

#define BASE_MAX            0xFFFF

static secp256k1_gej_t bases[BASE_MAX];
static secp256k1_scalar_t priv_bases[BASE_MAX];

#define OFFSET_MAX_COL      9
#define OFFSET_MAX_ROW      BASE_MAX

#define BITS                16
#define NUM_PARTS(n)        (((n) - 1) / 16 + 1)

static secp256k1_ge_t offsets[OFFSET_MAX_ROW][OFFSET_MAX_COL];
static secp256k1_scalar_t priv_offsets[OFFSET_MAX_ROW][OFFSET_MAX_COL];

union uint256_s
{
    uint8_t i8[32];
    uint16_t i16[16];
    uint32_t i32[8];
    uint64_t i64[4];
};

typedef union uint256_s uint256_t;


 static void gen_pub_key(uint8_t *pub_key, size_t n, uint160_t x)
{
    size_t idx = get_bits(n, x.i16, 0);
    secp256k1_gej_t r = bases[idx];
    for (size_t i = 1; i < NUM_PARTS(n); i++)
    {
        size_t col = i - 1;
        size_t row = get_bits(n, x.i16, i);
        secp256k1_gej_add_ge(&r, &r, &offsets[row][col]);
    }
    secp256k1_ge_t s;
    secp256k1_ge_set_gej(&s, &r);
    pub_key[0] = 0x02 | (secp256k1_fe_is_odd(&s.y) ? 0x01 : 0x00);
    secp256k1_fe_get_b32(pub_key+1, &s.x);
}

But what if i had public key and i want the corresponding hash160 using the above formula and the code.

For clarity, g in the g.offset[i] is the seck256k1's generator point.

i have no idea where to start but i know the original code collects random bytes and write them into memory then access them later to make 10*16 bit parts which will be used to generate public key and private key respectively.

so i want to do it in reverse like

pubkey => hash160

not to be confused by bitcoin's normal pubkey=> hash160=> address.

terry franklin
  • 19
  • 3
  • It looks to me like there are multiple `hash160` values that could result in the same `pubkey`? So I'm not sure if it is reversable. – abelenky Jan 26 '23 at 16:34
  • The whole be-all end-all of public/private key cryptography algorithms is to perform calculations that are very easy to perform in on direction but for all intents and purposes impossible to reverse. – datenwolf Jan 26 '23 at 16:36
  • Fundamentally, not all algorithms are easily reversible, or reversible at all. For a simple example, adding two digits of a number: XY -> X+Y = Z. There is no way to uniquely identify the XY for most Zs. As @datenwolf indicates, the fundamental operations in cryptography are generally designed to be one-way. – Max Jan 26 '23 at 16:54
  • For example, the RSA cryptosystem is fundamentally based on that it’s really easy to multiply two very large numbers together: Z = X * Y (where X and Y are perhaps 2048 bit numbers) but much much harder to factor Z back into X and Y. – Max Jan 26 '23 at 16:57
  • This is similar to pollard's kangaroo but this efficient and faster, if i can try to load the offsets and bases using parts of public key then from offsets calculate hash160 – terry franklin Jan 27 '23 at 05:22

0 Answers0