johnta0/recover_parent.pseudo.py

## recover_parent.pseudo.py
# https://github.com/bitcoinjs/bitcoinjs-lib/blob/582727f6de251441c75027a6292699b6f1e1b8f2/test/integration/crypto.js#L61-L103
# の recoverParent function を言葉で要約したもの

serQp = "the point on secp256k1 representing pubkey derived from master key"
d1 = "child private key"
data = "length: 37, 左詰めで serQP"

for i in range(0, 2^31):
  # 右端に index を uint32 で write

  # master chain code を key に data を hmachash512 にかけて I を計算
  I = HMAC-SHA256(key="master.chain_code", data=data)
  IL = "I の左半分"

  d2 = d1 - IL (mod n) # d2: 親の秘密鍵候補
  if d2.public_key == serQP: break
	# https://github.com/bitcoinjs/bitcoinjs-lib/blob/582727f6de251441c75027a6292699b6f1e1b8f2/test/integration/crypto.js#L61-L103
	# の recoverParent function を言葉で要約したもの

	serQp = "the point on secp256k1 representing pubkey derived from master key"
	d1 = "child private key"
	data = "length: 37, 左詰めで serQP"

	for i in range(0, 2^31):
	# 右端に index を uint32 で write

	# master chain code を key に data を hmachash512 にかけて I を計算
	I = HMAC-SHA256(key="master.chain_code", data=data)
	IL = "I の左半分"

	d2 = d1 - IL (mod n) # d2: 親の秘密鍵候補
	if d2.public_key == serQP: break