Creating a Stark key

StarkEx supports the following wallet types:

  • BIP32 compatible wallets, such as Ledger

  • Non-BIP32 wallets

StarkWare recommends two methods for creating a Stark key, depending on the type of the wallet.

BIP32 Compatible Wallets

BIP32 compatible wallets should implement EIP-2645. This EIP describes a path, called starkPath and a key derivation algorithm that uses this path to derive the starkPrivateKey.

The starkPath consists of four passed parameters and two internal parameters as described below, and has the following structure: m/purpose'/layer'/application'/ethAddress1'/ethAddress2'/index

Passed Parameters


2645, which is the EIP number.


Differentiates between technologies, defined as sha256(layer) & ((1 << 31) - 1)). In the context of starkex, the value is 579218131 as described in EIP-2645.


Differentiates between applications, defined as sha256(application_name) & ((1 << 31) - 1)).


Allows multiple keys per Ethereum address.

Internal Parameters


31 LSB of the user Ethereum address (i.e. ethAddress & 1 << 31) - 1


31 following LSB of the user Ethereum address (i.e. (ethAddress >> 31) & 1 << 31) - 1

BIP32 compatible wallets are expected to be stateful with regard to their own Ethereum address.

Non-BIP32 Wallets

For security reasons, this method is not recommended when using any wallet that does not use a deterministic signing algorithm.

For example, multi-party computation (MPC) wallets should not use this method.

Deriving a Stark key proceeds as follows:

  1. The user signs a message, using his Ethereum signature, such as by using MetaMask. It is recommended to use EIP-712 in order to provide transparency to the user when they are signing the message. An important recommendation is to add a warning inside the message that the user should only sign this message if it was sent from a specific domain, as in Figure 1.

  2. The signature (r,s,v) is used as an input to the grinding algorithm that outputs the starkPrivateKey . You can use the StarkEx Crypto SDK to derive the key. Call the function getPrivateKeyFromEthSignature to generate the private key from the signature and then privateToStarkKey to compute the StarkKey.

DeversFi signin
Figure 1. MetaMask pop-up. Prompts a user to sign using their Ethereum key in order to generate a private Stark key.