Seeds and addresses
Last updated
Last updated
A seed is a unique master password that gives us access to all of our addresses as well as the balance. We use our seed to create addresses, sign our transactions and to access our IOTA tokens. It is very crucial to keep the seed as safe as possible. If we lose our seed, we cannot recover it. If somebody gains access to it, they gain access to everything. The seeds must have 81 characters and they can include the number 9 and (only) capital letters from A - Z. That being said, there are 81^27 different possible combinations of seeds, which is about 2^385. The number is so huge that it is practically impossible to guess a specific seed.
We can generate a random seed quite easily using:
The method uses RNGCryptoServiceProvider, which is used to generate a random byte array in a secure manner. From that random byte array, a seed is generated.
If we have an already existing seed we can use it like this:
Each seed has its own addresses associated with it. There is one thing we always need to keep in mind when using them and there are three things we need to know when generating them.
WARNING: An address is like a piggy bank! Because of quantum resistant signatures, we can receive on the same address multiple times, but can send from it ONLY ONCE. Like a piggy bank - we can put money into the piggy as many times as we want, but to take the money out, we need to break the piggy and get a new one.
To generate an address we need to know three things:
Seed
Index
Security level
The addresses are derived deterministically from the seed. Because of the determinism, we always have to provide the index of the address that we are generating.
As we can see, the addresses start from index 0. There is a practically unlimited number of addresses so the maximum amount of them is something we should never worry about. Behind the scenes, there is quite a lot going on, but since this tutorial is meant to be easy, we will not dive into the details. If we wish to see exactly what is going on, we can look through the official documentation.
Addresses can be generated using three security levels. The higher the security level, the larger and more secure the signature is. A higher security level also means that more computations must be done to sign a transaction. As a result, it is recommended that the smaller devices use security level 2, while large-scale companies may use level 3. Furthermore, a different security level will result in a different address, even if the index is the same. For example, Trinity uses security level 2 by default.
It is possible to generate addresses with the class called AddressGenerator. For example, this is how we generate addresses with our seed and security level 2:
WARNING: AddressGenerator class returns addresses on certain indexes regardless of whether they have already been spent from or not.
However, if we want to generate an address that has not yet been spent on, we need to use another method. GetNewAddresses is the go to method when receiving IOTA tokens as it returns only unspent addresses. Here we can see an example on how to get the first unspent and safe address:
The method takes 4 parameters into account: A seed, starting index, count and security level. It starts checking from the starting index and it returns "count" amount of addresses that have not been yet spent from, and are safe to send funds on. This is the same way Trinity generates addresses.