HMAC-SHA512 — Technical — BitcoinMachine

TECHNICAL_DOC // CRYPTOGRAPHY / HMAC-SHA512

HMAC-
SHA512

hmac-sha512/">HMAC-SHA512 is a keyed hash function that combines a secret key with SHA-512 to produce a 512-bit authentication code. In Bitcoin, it is the core operation of BIP32 hierarchical deterministic key derivation — turning a parent key and chain code into child keys. The 512-bit output splits cleanly into two 256-bit values: the new key material and the new chain code.

HMAC_CONSTRUCTION

HMAC ALGORITHM (RFC 2104)

HMAC(Key, Message): ipad = 0x36 repeated to block size opad = 0x5C repeated to block size inner = SHA512((Key XOR ipad) || Message) result = SHA512((Key XOR opad) || inner) Output: 512 bits (64 bytes)

USED IN BIP32

BIP32 — MASTER KEY DERIVATION

Input seed: S (512 bits from BIP39 mnemonic) I = HMAC-SHA512(Key="Bitcoin seed", Data=S) → 512 bits output Left 256 bits: IL = Master Private Key Right 256 bits: IR = Master Chain Code If IL ≥ curve order n → seed is invalid (astronomically rare)

BIP32_CHILD_KEY_DERIVATION

Normal Child Key (Non-Hardened)

INDEX 0 – 2^31-1

Derives a child key that can also be derived from the parent's public key alone — useful for generating receive addresses without exposing private keys.

I = HMAC-SHA512(Key=parent_chain_code, Data=parent_pubkey || ser32(index)) child_key = parse256(IL) + parent_key (mod n) child_code = IR Public key derivable from parent public key: child_pubkey = IL×G + parent_pubkey

Hardened Child Key

INDEX 2^31 – 2^32-1

Uses the parent private key as input instead of the public key. Child key cannot be derived from parent public key — provides stronger isolation between branches.

I = HMAC-SHA512(Key=parent_chain_code, Data=0x00 || parent_privkey || ser32(index)) child_key = parse256(IL) + parent_key (mod n) child_code = IR Notation: m/44'/0'/0' ← apostrophe indicates hardened 44' = index 0x8000002C = 2147483692

Hardened derivation is used at the account level in BIP44/84/86 to prevent a leaked child key from compromising sibling branches.

TERMINOLOGY_INDEX

HMAC

Hash-based Message Authentication Code. A keyed hash providing both data integrity and authentication.

Chain Code

A 32-byte value used as the key input to HMAC-SHA512 during BIP32 child key derivation.

Hardened Key

A BIP32 child key derived using the parent private key. Index ≥ 2^31. Cannot be derived from parent pubkey.

Non-Hardened Key

A BIP32 child key derived from the parent public key. Index < 2^31. Enables watch-only wallets.

BIP32

The standard for hierarchical deterministic key derivation using HMAC-SHA512.

xpub / xprv

Extended public/private key — a BIP32 key plus chain code encoded in Base58Check for sharing.