IOTA Tutorial 9 | Address and checksum
Address and checksum
In this video series different topics will be explained which will help you to understand IOTA.
It is recommended to watch each video sequentially as I may refer to certain IOTA topics explained earlier.
The procedure to generate IOTA addresses is as follows:
IOTA addresses are deterministically generated starting with the seed (81 trytes).
Seed (trytes): C9RQF … QIAWT
Convert the seed (81 trytes) to trits (= 81 x 3 = 243 trits)
Seed (trits): 0,1,0,0,0,0 … -1,-1,0,-1,1,-1
Every address has a corresponding key index number. A key index number is an integer starting from 0.
Address 0 has key index number 0, address 1 has key index number 1, etc.
An IOTA seed can generate in total 9007199254740992 addresses. The decimal key index number must be converted to trits. For example the key index number 1 converted to trits looks like: 1,0,0
Next create a subseed by adding the key index number and seed together. subseed = seed + key index number
IOTA provides 3 security levels: 1, 2 or 3. A security level determines the number of rounds for hashing, which means that a single seed can have 3 different accounts. A different security level with the same index number, means that you will get a different address.
- Security level 1, Key size (trits): 6561 x 1
Remark: Used for low security (for very high efficiency). Best for tiny IoT devices that only transact/store small amounts of value.
- Security level 2, Key size (trits): 6561 x 2
Remark: Used for standard security (for medium performance). Best for regular people’s wallets and devices that store higher amounts of value.
- Security level 3, Key size (trits): 6561 x 4
Remark: Used for full blown quantum proof security that conforms to National Security Agency’s (NSA) recommendations for sensitive material.
Good for big value transactions and paranoids.
By default the IOTA light wallet uses security level 2 and you can not change its security level.
If you created an address using security level 1 or 3 this address will not appear in the IOTA light wallet using the same seed. In the next slide a simplistic explanation is given how the subseed is hashed multiple times using the Keccak-384 hash algorithm. The hashing is done in a wrapper class called Kerl.
The seed and subseed can differ between the first 1 tryte up to and including 12 trytes. If someone else has exactly the last 69 (= 81 – 12) trytes up to and including 81 trytes of your seed they can see the balance of one or more of your addresses. The probability that someone else happens to have the same last 69 trytes of your seed is very small.
Here is the proof: IOTA seed with only 69 trytes has 27^69 = 5.80 x 10^98 possible combinations.
For comparison: A Bitcoin private key with 256 bits has 2^256 = 1.15 x 10^77 possible combinations.
This means, even if you have an IOTA seed with only 69 trytes it has more possible combinations than a Bitcoin private key.
A checksum is an additional 9 trytes added to an address (81 trytes) which can be used to validate the integrity and validity of the address. An address with checksum is 90 trytes long, 81 trytes for the address itself and 9 trytes for the checksum.
The procedure to calculate an address checksum is as follows:
Start with an IOTA address (81 trytes).Address (trytes): FSAFM … NVDZC
Convert the address (81 trytes) to trits (= 81 x 3 = 243 trits)
Address (trits): 1,0,-1,1,0,-1 … -1,0,0,0,1,0
The address is hashed using the Keccak-384 hash algorithm.
Convert the address checksum (243 trits) to trytes (81 trytes): …PJFNYWVUGKPRTRV
Get the last 9 trytes: VUGKPRTRV
Append the last 9 trytes to the original address: FSAFM … NVDZCVUGKPRTRV
The address including checksum has a length of 81 + 9 = 90 trytes.
The IOTA light wallet
- Always creates addresses including the checksum
- The addresses are always 90 trytes long
- Always requires receive addresses, with valid checksums when making a transaction
- The receive addresses must be 90 trytes long