Skip to content

Instantly share code, notes, and snippets.

@bwbush

bwbush/trezor-keys.ipynb

Created October 16, 2022 04:34
Show Gist options
  • Save bwbush/bfcd3f4ebc990c899e0a69552962e3d1 to your computer and use it in GitHub Desktop.
Save bwbush/bfcd3f4ebc990c899e0a69552962e3d1 to your computer and use it in GitHub Desktop.
Download ZIP
Deriving Trezor Keys from Seed Phrase and Extra Password
Display the source blob
Display the rendered blob
Raw
trezor-keys.ipynb
{
"cells": [
{
"cell_type": "markdown",
"id": "2e1ec9dd-8f93-437b-b7a7-520255e66624",
"metadata": {},
"source": [
"# Deriving Trezor Keys from Seed Phrase and Extra Password"
]
},
{
"cell_type": "markdown",
"id": "9b39a3a4-c238-4a4d-8eb3-93209a59af7f",
"metadata": {},
"source": [
"## Record versions of tools"
]
},
{
"cell_type": "code",
"execution_count": 1,
"id": "9c52034e-8556-46da-8bb4-79582540dbcf",
"metadata": {},
"outputs": [],
"source": [
"export PATH=$HOME/local/bin:$PATH"
]
},
{
"cell_type": "code",
"execution_count": 2,
"id": "dbf0d451-2819-4565-92ac-90b3443df9f2",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"3.12.0 @ unknown revision\n"
]
}
],
"source": [
"cardano-address --version"
]
},
{
"cell_type": "code",
"execution_count": 3,
"id": "9d918e4d-6ec6-49be-a1a0-3fde260c653f",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"cardano-cli 1.35.3 - linux-x86_64 - ghc-8.10\n",
"git rev 950c4e222086fed5ca53564e642434ce9307b0b9\n"
]
}
],
"source": [
"cardano-cli --version"
]
},
{
"cell_type": "markdown",
"id": "843a32e7-4fb3-4330-bc28-39b7879140ce",
"metadata": {},
"source": [
"## Seed phrase"
]
},
{
"cell_type": "markdown",
"id": "66c5912e-9a05-4695-85b5-c03e402e38f7",
"metadata": {},
"source": [
"This method works with a 12-word seed phrase in the Trezor."
]
},
{
"cell_type": "code",
"execution_count": 4,
"id": "bb5cc2e8-8f52-4b9c-a895-ca3fed086a3f",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"thing local rely frozen opera kiwi design dirt success pair engine undo\n"
]
}
],
"source": [
"cat << EOI > seed.tmp\n",
"thing local rely frozen opera kiwi design dirt success pair engine undo\n",
"EOI\n",
"cat seed.tmp"
]
},
{
"cell_type": "markdown",
"id": "2a5a0cc0-9578-4474-9dac-1525d353f20d",
"metadata": {},
"source": [
"## Extra password"
]
},
{
"cell_type": "markdown",
"id": "f431d4b1-4250-427d-98a2-248b9eb297b0",
"metadata": {},
"source": [
"Trezor extra passwords are encoded as lower-cases characters in ASCII encoding. We need to convert them to hexadecimal digits before supplying the extra password to `cardano-address`."
]
},
{
"cell_type": "code",
"execution_count": 5,
"id": "9b74c272-cf34-490e-aab5-af5a389eed4e",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"7472657A6F72\n"
]
}
],
"source": [
"echo -n 'trezor' | basenc --base16 > passphrase.tmp\n",
"cat passphrase.tmp"
]
},
{
"cell_type": "markdown",
"id": "d136ce4c-a99b-4135-8114-f828cde6f174",
"metadata": {},
"source": [
"## Root private key"
]
},
{
"cell_type": "code",
"execution_count": 6,
"id": "fb66113f-455b-4a1a-9726-ec1524cfa072",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"root_xsk1sqwr6snjczfrqdvsr3l7ygmx27jrvy00hnaaauvhqff5f93v99gyjahdexkndg9hc85sz9r3pjd6n6v02llupwl75j5zcfjm3znq5hex2rwm386kxgvrjlz9y33qamdh9azxyzelz6kqg6thvtfk3a46ayruht05"
]
}
],
"source": [
"cardano-address key from-recovery-phrase Shelley --passphrase from-hex --from-file passphrase.tmp < seed.tmp > root.prv\n",
"cat root.prv"
]
},
{
"cell_type": "markdown",
"id": "917c3460-8737-4031-9dda-652611dedf12",
"metadata": {},
"source": [
"## Root public key"
]
},
{
"cell_type": "code",
"execution_count": 7,
"id": "bce88e52-82ac-46c8-b5b9-cf96742fdfa4",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"root_xvk1ur2ulr6lecd0g6yzzrnlwxz89f6gnzvf4merxlrdfe0n8kd0exwzv5xahz04vvsc897y2frzpmkmwt6yvg9n794vq35hwckndrmt46gggqaee"
]
}
],
"source": [
"cardano-address key public --with-chain-code < root.prv > root.pub\n",
"cat root.pub"
]
},
{
"cell_type": "markdown",
"id": "8009d144-070b-4a78-b2b0-6cc139f8552b",
"metadata": {},
"source": [
"## Stake key and address"
]
},
{
"cell_type": "code",
"execution_count": 8,
"id": "2f7cb079-5805-4a4b-9cc3-e1e9a9e647d1",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"stake1uxpjr8vuc92rnrzu8pdlcnr37gpqnz8pmw920c332ujc30gcphm08\n",
"stake_test1uzpjr8vuc92rnrzu8pdlcnr37gpqnz8pmw920c332ujc30gltaet6"
]
}
],
"source": [
"cardano-address key child 1852H/1815H/0H/2/0 < root.prv > stake.prv\n",
"cardano-address key public --without-chain-code < stake.prv > stake.pub\n",
"cardano-cli key convert-cardano-address-key --shelley-stake-key --signing-key-file stake.prv --out-file stake.skey\n",
"cardano-cli key verification-key --signing-key-file stake.skey --verification-key-file stake-extended.vkey\n",
"cardano-cli key non-extended-key --extended-verification-key-file stake-extended.vkey --verification-key-file stake.vkey\n",
"cardano-cli stake-address build --mainnet --stake-verification-key-file stake.vkey --out-file stake.mainnet.address\n",
"cardano-cli stake-address build --testnet-magic 1 --stake-verification-key-file stake.vkey --out-file stake.testnet.address\n",
"cat stake.mainnet.address\n",
"echo\n",
"cat stake.testnet.address"
]
},
{
"cell_type": "markdown",
"id": "94017bef-84fe-4ed8-8180-f31aa6aa14b8",
"metadata": {},
"source": [
"When the Trezor is paired with Daedalus, it displays the actual stake address."
]
},
{
"cell_type": "code",
"execution_count": 9,
"id": "0607f90c-fdfe-4ffc-b33c-0ab713001b7e",
"metadata": {},
"outputs": [],
"source": [
"ACTUAL=stake_test1uzpjr8vuc92rnrzu8pdlcnr37gpqnz8pmw920c332ujc30gltaet6"
]
},
{
"cell_type": "code",
"execution_count": 10,
"id": "f9f2377a-d308-4d22-b7d4-91b04abcfa68",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"MATCH\n"
]
}
],
"source": [
"[[ \"$(cat stake.testnet.address)\" == \"$ACTUAL\" ]] && echo \"MATCH\" || echo \"NO MATCH\""
]
},
{
"cell_type": "markdown",
"id": "14bfda43-25cf-43ea-a8fd-861bc747ba87",
"metadata": {},
"source": [
"This matches what we see in Daedalus.\n",
"\n",
"![Daedalus stake address for the hardware wallet.](http://dl.bwbush.io/trezor-stake.png)"
]
},
{
"cell_type": "markdown",
"id": "6889c325-d15a-419d-aafb-2bede6ff5611",
"metadata": {},
"source": [
"## First three payment keys and addresses"
]
},
{
"cell_type": "code",
"execution_count": 11,
"id": "a63d99fb-788f-4040-898f-94349b204fbf",
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"1852H/1815H/0H/0/0\n",
" addr1qxg6nkac8er3daj8v3qfwh89xdqvny4fncg7cxlae65m6lyryxwees258xx9cwzml3x8ruszpxywrku25l3rz4e93z7sg4mmjj\n",
" addr_test1qzg6nkac8er3daj8v3qfwh89xdqvny4fncg7cxlae65m6lyryxwees258xx9cwzml3x8ruszpxywrku25l3rz4e93z7strxm7d\n",
"1852H/1815H/0H/0/1\n",
" addr1qychp5tvhxknchhhewp02xg4406ghv47cmqlfu4vqcjqfeuryxwees258xx9cwzml3x8ruszpxywrku25l3rz4e93z7s94lg6y\n",
" addr_test1qqchp5tvhxknchhhewp02xg4406ghv47cmqlfu4vqcjqfeuryxwees258xx9cwzml3x8ruszpxywrku25l3rz4e93z7sxrzgkm\n",
"1852H/1815H/0H/0/2\n",
" addr1q9n3huaq8q9mv2y7jrs4v70qvrsefyelqtmxwdqs8z9rpfyryxwees258xx9cwzml3x8ruszpxywrku25l3rz4e93z7sq2s0n8\n",
" addr_test1qpn3huaq8q9mv2y7jrs4v70qvrsefyelqtmxwdqs8z9rpfyryxwees258xx9cwzml3x8ruszpxywrku25l3rz4e93z7srud0lc\n"
]
}
],
"source": [
"for i in `seq 0 2`\n",
"do\n",
" cardano-address key child 1852H/1815H/0H/0/$i < root.prv > payment-$i.prv\n",
" cardano-address key public --without-chain-code < payment-$i.prv > payment-$i.pub\n",
" cardano-cli key convert-cardano-address-key --shelley-payment-key --signing-key-file payment-$i.prv --out-file payment-$i.skey\n",
" cardano-cli key verification-key --signing-key-file payment-$i.skey --verification-key-file payment-$i.vkey\n",
" cardano-cli address build --mainnet --payment-verification-key-file payment-$i.vkey --stake-verification-key-file stake.vkey > payment-$i.mainnet.address\n",
" cardano-cli address build --testnet-magic 1 --payment-verification-key-file payment-$i.vkey --stake-verification-key-file stake.vkey > payment-$i.testnet.address\n",
" echo \"1852H/1815H/0H/0/$i\"\n",
" echo \" $(cat payment-$i.mainnet.address)\"\n",
" echo \" $(cat payment-$i.testnet.address)\"\n",
"done"
]
},
{
"cell_type": "markdown",
"id": "e748b0ff-6fa7-409d-b52c-a32fbc194964",
"metadata": {},
"source": [
"This also matches what we see in Daedalus.\n",
"\n",
"![Daedalus payment addresses for the hardware wallet.](http://dl.bwbush.io/trezor-payment.png)"
]
}
],
"metadata": {
"kernelspec": {
"display_name": "Bash - Marlowe",
"language": "bash",
"name": "bash_marlowe"
},
"language_info": {
"codemirror_mode": "shell",
"file_extension": ".sh",
"mimetype": "text/x-sh",
"name": "/nix/store/2ispfz80kmwrsvwndxkxs56irn86h43p-bash-5.1-p16/bin/bash"
}
},
"nbformat": 4,
"nbformat_minor": 5
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment