DEV Community: Diego Cândido The latest articles on DEV Community by Diego Cândido (@diego_cnd). https://dev.to/diego_cnd https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3239130%2F7c8e1da4-5d8d-4409-9904-4d653eeea655.png DEV Community: Diego Cândido https://dev.to/diego_cnd en Reentrancy Attacks: What They Are and How to Defend Against Them Diego Cândido Fri, 20 Jun 2025 14:54:07 +0000 https://dev.to/diego_cnd/reentrancy-attacks-what-they-are-and-how-to-defend-against-them-40pb https://dev.to/diego_cnd/reentrancy-attacks-what-they-are-and-how-to-defend-against-them-40pb <p>Imagine the following situation: your smart contract is responsible to receive money from some addresses (freezing it) and, after some time, it should refund each address with the fozen amount plus some rewards for the freezing process.</p> <p>As we know, <strong>smart contracts are not reactive; they are passive</strong>, which means that they only execute some function when someone calls it. Therefore, the address that wants to withdraw its amount has to call a function named, for example, <code>withdraw()</code>.</p> <p>I imagine this function as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>function withdraw() external { uint256 amount = balances[msg.sender]; require(amount &gt; 0, "No balance"); (bool success, ) = msg.sender.call{value: amount}(""); require(success, "Transfer failed"); balances[msg.sender] = 0; } </code></pre> </div> <p>Everything looks right. But there's a problem: transfers are not synchronous functions, which means they take time to execute. If an address calls <code>withdraw</code>, we send him money. If he call again immediately, we send him more money, because the balance update occours only after the first transaction is completed.</p> <p>This is what we call a reentrancy attack: an attack where a user calls a withdraw/send function multiple times, trying to steal money from the contract.</p> <h2> 🛡️ Preventing the attack </h2> <p>The best way to prevent a smart contract from reentrancy attacks is by updating the contract’s state **before **the transaction occurs. In the previous example, the solution would look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>function withdraw() external { uint256 amount = balances[msg.sender]; require(amount &gt; 0, "No balance"); balances[msg.sender] = 0; (bool success, ) = msg.sender.call{value: amount}(""); if (!success) { balances[msg.sender] = amount; revert("Transfer failed"); } } </code></pre> </div> <p>Simple as that. If an address tries to call withdraw again right after the first call, it won’t be possible.</p> <p>Reentrancy attacks have been a headache for blockchain developers, but most of the vulnerabilities in the Ethereum ecosystem can be solved with simple steps. Happy studying!</p> solidity ethereum blockchain web3 How is a public key really generated? (with Golang) Diego Cândido Tue, 03 Jun 2025 01:54:48 +0000 https://dev.to/diego_cnd/how-a-public-key-is-really-generated-with-golang-16o9 https://dev.to/diego_cnd/how-a-public-key-is-really-generated-with-golang-16o9 <p>When talking about cryptocurrencies and blockchain, it's common to hear that your wallet is just a pair of keys: a private key and a public key.</p> <p>But how exactly is a public key generated from a private key? And how does that turn into a Bitcoin address?</p> <p>In this post, we will dive deep into how this works under the hood, using Golang to demonstrate the process step by step.</p> <h2> What is a private key? </h2> <p>A private key is simply a very large number. Seriously. Just a random number between 1 and the maximum allowed by the elliptic curve (secp256k1 in Bitcoin).</p> <p>The more random, the better. You can generate it from mouse movements, atmospheric noise, or even the lottery draw. But for simplicity, in this example, we'll derive it from a passphrase (which is, of course, not secure in real-world applications).</p> <h2> 🚀 Step 1: Generating a Private Key </h2> <p>Let's generate a private key by hashing a simple passphrase using SHA-256.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"crypto/sha256"</span> <span class="s">"fmt"</span> <span class="s">"github.com/btcsuite/btcd/btcec/v2"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">passphrase</span> <span class="o">:=</span> <span class="s">"Hello World!"</span> <span class="n">privateKeyBytes</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">([]</span><span class="kt">byte</span><span class="p">(</span><span class="n">passphrase</span><span class="p">))</span> <span class="n">privateKey</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">btcec</span><span class="o">.</span><span class="n">PrivKeyFromBytes</span><span class="p">(</span><span class="n">privateKeyBytes</span><span class="p">[</span><span class="o">:</span><span class="p">])</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Private Key: %x</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">privateKey</span><span class="o">.</span><span class="n">Serialize</span><span class="p">())</span> <span class="p">}</span> </code></pre> </div> <p>It's important to note that <code>btcec.PrivKeyFromBytes()</code> is a function from the <code>btcsuite/btcd/btcec</code> library that converts bytes into a private key on the secp256k1 elliptic curve, which is used in Bitcoin.</p> <h2> 🔓 Step 2: Deriving the Public Key </h2> <p>The public key is generated by applying elliptic curve multiplication: <code>PublicKey = PrivateKey × GeneratorPoint (G)</code> (yeah, math stuff that we don't need to undestand for a while).</p> <p>This is a one-way function: it's easy to compute the public key from the private key, but practically impossible to compute the private key from the public key.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">publicKey</span> <span class="o">:=</span> <span class="n">privateKey</span><span class="o">.</span><span class="n">PubKey</span><span class="p">()</span> <span class="n">publicKeyBytes</span> <span class="o">:=</span> <span class="n">publicKey</span><span class="o">.</span><span class="n">SerializeCompressed</span><span class="p">()</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Public Key: %x</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">publicKeyBytes</span><span class="p">)</span> </code></pre> </div> <h2> 🔗 Step 3: Hashing the Public Key </h2> <p>Before converting it into a Bitcoin address, the public key is hashed twice:</p> <ol> <li>SHA-256</li> <li>RIPEMD-160</li> </ol> <p>This gives us the public key hash.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="p">(</span> <span class="s">"crypto/sha256"</span> <span class="s">"golang.org/x/crypto/ripemd160"</span> <span class="s">"log"</span> <span class="p">)</span> <span class="n">shaHash</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">(</span><span class="n">publicKeyBytes</span><span class="p">)</span> <span class="n">ripemd</span> <span class="o">:=</span> <span class="n">ripemd160</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">_</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">ripemd</span><span class="o">.</span><span class="n">Write</span><span class="p">(</span><span class="n">shaHash</span><span class="p">[</span><span class="o">:</span><span class="p">])</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">publicKeyHash</span> <span class="o">:=</span> <span class="n">ripemd</span><span class="o">.</span><span class="n">Sum</span><span class="p">(</span><span class="no">nil</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Public Key Hash (RIPEMD160): %x</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">publicKeyHash</span><span class="p">)</span> </code></pre> </div> <h2> 🏷️ Step 4: Adding Version Prefix </h2> <p>Bitcoin addresses start with different characters depending on the network. <code>0x00</code> for mainnet (addresses start with "1").<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">versionedPayload</span> <span class="o">:=</span> <span class="nb">append</span><span class="p">([]</span><span class="kt">byte</span><span class="p">{</span><span class="m">0x00</span><span class="p">},</span> <span class="n">publicKeyHash</span><span class="o">...</span><span class="p">)</span> </code></pre> </div> <h2> ✅ Step 5: Checksum (Double SHA256) </h2> <p>Compute the checksum:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">firstSHA</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">(</span><span class="n">versionedPayload</span><span class="p">)</span> <span class="n">secondSHA</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">(</span><span class="n">firstSHA</span><span class="p">[</span><span class="o">:</span><span class="p">])</span> <span class="n">checksum</span> <span class="o">:=</span> <span class="n">secondSHA</span><span class="p">[</span><span class="o">:</span><span class="m">4</span><span class="p">]</span> </code></pre> </div> <h2> 📦 Step 6: Create the Final Address </h2> <p>Concatenate the payload and checksum, and encode it using Base58Check (Bitcoin's encoding format).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="s">"github.com/btcsuite/btcutil/base58"</span> <span class="n">fullPayload</span> <span class="o">:=</span> <span class="nb">append</span><span class="p">(</span><span class="n">versionedPayload</span><span class="p">,</span> <span class="n">checksum</span><span class="o">...</span><span class="p">)</span> <span class="n">address</span> <span class="o">:=</span> <span class="n">base58</span><span class="o">.</span><span class="n">Encode</span><span class="p">(</span><span class="n">fullPayload</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Bitcoin Address: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">address</span><span class="p">)</span> </code></pre> </div> <h2> Full Code Example </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"crypto/sha256"</span> <span class="s">"fmt"</span> <span class="s">"log"</span> <span class="s">"github.com/btcsuite/btcd/btcec/v2"</span> <span class="s">"github.com/btcsuite/btcutil/base58"</span> <span class="s">"golang.org/x/crypto/ripemd160"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">passphrase</span> <span class="o">:=</span> <span class="s">"Hello World!"</span> <span class="n">privateKeyBytes</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">([]</span><span class="kt">byte</span><span class="p">(</span><span class="n">passphrase</span><span class="p">))</span> <span class="n">privateKey</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">btcec</span><span class="o">.</span><span class="n">PrivKeyFromBytes</span><span class="p">(</span><span class="n">privateKeyBytes</span><span class="p">[</span><span class="o">:</span><span class="p">])</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Private Key: %x</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">privateKey</span><span class="o">.</span><span class="n">Serialize</span><span class="p">())</span> <span class="n">publicKey</span> <span class="o">:=</span> <span class="n">privateKey</span><span class="o">.</span><span class="n">PubKey</span><span class="p">()</span> <span class="n">publicKeyBytes</span> <span class="o">:=</span> <span class="n">publicKey</span><span class="o">.</span><span class="n">SerializeCompressed</span><span class="p">()</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Public Key: %x</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">publicKeyBytes</span><span class="p">)</span> <span class="n">shaHash</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">(</span><span class="n">publicKeyBytes</span><span class="p">)</span> <span class="n">ripemd</span> <span class="o">:=</span> <span class="n">ripemd160</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">_</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">ripemd</span><span class="o">.</span><span class="n">Write</span><span class="p">(</span><span class="n">shaHash</span><span class="p">[</span><span class="o">:</span><span class="p">])</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">publicKeyHash</span> <span class="o">:=</span> <span class="n">ripemd</span><span class="o">.</span><span class="n">Sum</span><span class="p">(</span><span class="no">nil</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Public Key Hash (RIPEMD160): %x</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">publicKeyHash</span><span class="p">)</span> <span class="n">versionedPayload</span> <span class="o">:=</span> <span class="nb">append</span><span class="p">([]</span><span class="kt">byte</span><span class="p">{</span><span class="m">0x00</span><span class="p">},</span> <span class="n">publicKeyHash</span><span class="o">...</span><span class="p">)</span> <span class="n">firstSHA</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">(</span><span class="n">versionedPayload</span><span class="p">)</span> <span class="n">secondSHA</span> <span class="o">:=</span> <span class="n">sha256</span><span class="o">.</span><span class="n">Sum256</span><span class="p">(</span><span class="n">firstSHA</span><span class="p">[</span><span class="o">:</span><span class="p">])</span> <span class="n">checksum</span> <span class="o">:=</span> <span class="n">secondSHA</span><span class="p">[</span><span class="o">:</span><span class="m">4</span><span class="p">]</span> <span class="n">fullPayload</span> <span class="o">:=</span> <span class="nb">append</span><span class="p">(</span><span class="n">versionedPayload</span><span class="p">,</span> <span class="n">checksum</span><span class="o">...</span><span class="p">)</span> <span class="n">address</span> <span class="o">:=</span> <span class="n">base58</span><span class="o">.</span><span class="n">Encode</span><span class="p">(</span><span class="n">fullPayload</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Bitcoin Address: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">address</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Conclusion </h2> <p>This example uses a passphrase as input, which is for educational purposes only. Never generate a wallet this way in the real world. A private key should be generated from a cryptographically secure random number generator to avoid collisions and to maintain security.</p> <blockquote> <p>This post is based on the topic <em>Generating Keys</em> from the book <strong>Mastering Blockchain</strong> by Lorne Lantz and Daniel Cawrey.</p> </blockquote> blockchain bitcoin cryptocurrency go