Skip to main content

Key pair

TON Blockchain uses asymmetric cryptography, such as the Ed25519 signature scheme. There are multiple ways to derive a key pair from a mnemonic. Below is the most common approach in TON.

Key pair from a mnemonic

To transform a mnemonic phrase into a key pair, a seed is first derived using PBKDF2, and the key pair is then derived from that seed. PBKDF2 has five input parameters: PRF, Password, Salt, c, and dkLen. Each of those parameters is assigned a concrete value. The most commonly used values are:

Generate a key pair

TypeScript
The private key is needed to sign messages, and the public key is stored in the wallet’s smart contract. When new external messages arrive on that smart contract, the public key would be used to check the authenticity of the messages signed using the corresponding private key.

Mnemonic validation

  1. Check that all the words are from the list of BIP-39.
  2. If a password is used: the first byte of the derived seed computed with c = 1 and salt = 'TON fast seed version' must equal 0.
  3. If no password is used: the first byte of the derived seed computed with c = floor(100000/256) = 390 and salt = 'TON seed version' must equal 1.
Random mnemonic phrases are generated until PBKDF2 yields a seed whose first byte matches the expected version (0 for the ‘fast seed’ parameters, 1 for the ‘seed version’ parameters); then a valid mnemonic is returned.

Generate a mnemonic

TypeScript