# # How to generate key pair

Private key on GXChain is a Random BigInteger, and the public key is the product of G and PrivateKey on ECC (elliptic curve cryptography). The token is a point on the elliptic curve. Like most blockchain systems, GXChain's public-private key pair is based on the secp256k1 curve. The relationship between private key `p`

and public key `P`

is expressed as:

```
P = secp256k1.G.multiply(p)
```

## # BIP39 and mnemonic

BIP39 is short for Bitcoin Improvement Proposal No.0039. The content of the proposal is to define a scheme for generating a private key through mnemonics, and to solve the problem that the private key is difficult to record by text. The method is to obtain a series of random words in the dictionary. Come to the seed generated as a private key. GXChain's mnemonic is composed of 16 random words, examples are as follows:

```
truvat amyrin cuss tulare redcoat reckla arratel cladose deedbox receipt overwin quasi kan bout joe rompish
```

## # Private Key

As described at the beginning of the article, the private key of GXChain is essentially a BigInteger, and the relationship between the mnemonic (m) and the private key (p) is:

```
p = sha256(sha512(m+' '+i));
```

Tips

Where i is the sequence, by changing i, one mnemonic can generate multiple private keys

In order to prevent accidental omission during replication, the private key consists of the version number (fixed value **0x80**), private key p itself, checksum (2 times sha256 encoded private key), expressed as

```
p' = Base58(Buffer.concat([0x80, p, sha256(sha256(p)).slice(0,4)]))
```

In order to facilitate copying and expression in shorter text, we encode the above three parts by Base58, which is called Wallet Import Format (WIF). An example is as follows:

```
5JrWo7xtBXSQybihT9wmepNxaNyxMyETPiUSAVMdEBEmotwocS4
```

## # Public Key

As mentioned at the beginning of the article, the relationship between the public key and the private key is

```
P = secp256k1.G.multiply(p)
```

Similarly, in order to facilitate replication and prevent replication omissions, the checksum calculated by the core asset identifier GXC and calculated by RIPEMD160 is used as a suffix, and the public key and the checksum part are encoded in the form of Base58, expressed as:

```
P' = GXC+Base58(Buffer.concat([P,ripemd160(p).slice(4)]))
```

eg.

```
GXC8jfLPQcaNEzz1HGL5pHPzM7ZPuDKaCLiiXxTkU7ec63WDoJQiL
```

## # References

## # Reference implementations

Python:

Go:

Elixir:

Objective-C:

Haskell:

.NET C# (PCL):

.NET C# (PCL):

JavaScript:

- https://github.com/bitpay/bitcore-mnemonic (opens new window)
- https://github.com/bitcoinjs/bip39 (opens new window)

Ruby:

Rust:

Swift:

- https://github.com/CikeQiu/CKMnemonic (opens new window)
- https://github.com/yuzushioh/WalletKit (opens new window)

C++:

C (with Python/Java/Javascript bindings):