How to generate a SCRT private key and derive public keys and transactions?

I’m posting these questions because I couldn’t find anything on the topic anywhere.
I could have been mislead because every time I ask for or look for a way to generate a private key for SCRT, I am invited to use some browser extension to do it.

However, this is absolutely not what I am looking for.
What I am looking for is:

  • From a random number, what is the computation I have to do to generate a private key?
  • What are the characteristics of this random number? (number of bits, something else?)
  • How can I derive a public key from that private key?
  • What is the protocol to generate a transaction on the blockchain?

I am asking these because I want to be as safe as possible and therefore I want to do all of these steps on an air gap computer and definitely not use browser extensions which I would not be able to review

1 Like

Hi. :wave:

So wallets use secp256k1 keys, so I think any random 32 bytes could be used as a private key, but you’d have to do secp256k1 elliptic curve math to derive the pubkey, to sign txs, etc.

We’re using the cosmos-sdk which is build upon Tendermint, so most of our txs come from vanilla cosmos-sdk (sending and delegating funds, voting on gov proposals, etc). I’m not really sure what you’re trying to do, so if you kindly explain you use-case I might be able to better assist you with it.


My use-case is pretty simple

Let’s assume I have 2 computers
One is air gaped (A), and the other is connected to the internet (B)

I want to generate a private key on A (and derive the public key from it obviously) using something like a python script (so I can review the code)
On A, I want to generate a transactions (ie generate the thing which is sent to the blockchain using the private key, the public addresses (which are copied from B), message and whatever else is necessary) and copy the result on B to send to the blockchain

This will ensure that at no point my potentially corrupted computer B will reveal any of my private keys and therefore keep my assets as safe as possible.

Ledger Nano S/X might solve this problem for you.

I don’t care about the finality!!
Which may or may not be trustable
I’d have an easier time reading code than dismantling some usb device and try to figure out which transistor does what
I want to know the whole process!!

I could have been mislead because every time I ask for or look for a way to generate a private key for SCRT, I am invited to use some browser extension to do it.

You can add any electronic device from a third party to that statement

This is no replacement for hardware wallets, and since you’d like a python tool, I just forked and used cosmospy to generate keys and sign txs for Secret Network offline. Of course it comes with no warranty :slight_smile: But from there you should see the code needed for a solution that suits you.

Another option, also not better, is to use python to wrap the cli commands to only generate txs using an offline account (imported by public key only it gets the account and sequence number), then sign offline with the account on computer A with the private key.

Once you have your signed TX you can broadcast using REST api.

Would be nice to have secret support in a site like which we can run offline to generate accounts, and another site to generate txs.