Bitcoin Keys and Addresses: A Comprehensive Guide

1. Bitcoin Keys

Ownership of Bitcoin is determined by digital keys, Bitcoin addresses, and digital signatures. Unlike traditional banking, these keys are not stored on a network but generated by users and kept in a file or simple database called a wallet.

Every Bitcoin transaction requires a valid signature to be recorded on the blockchain. Only a legitimate key can produce such a signature, meaning whoever holds the private key controls the associated Bitcoin.

1.1. Public-Key Cryptography and Cryptocurrencies

Bitcoin uses elliptic curve cryptography (ECC)—a type of asymmetric encryption—where:

• A private key (random number) generates a public key via irreversible mathematical operations.
• The public key derives a Bitcoin address, akin to a bank account number.
• Transactions are signed with the private key and verified by the public key.

🔹 Key Properties:

• Unidirectional: Easy to compute public key from private key, but impossible to reverse.
• Security: Based on the hardness of the "discrete logarithm problem" in elliptic curves.

1.2. Private Keys

A private key is simply a 256-bit random number. It’s the cornerstone of Bitcoin security:

K_{\text{public}} = k_{\text{private}} \times G \quad \text{(G = elliptic curve generator point)}  

Generating a Private Key:

• Use cryptographically secure entropy sources (e.g., hardware RNG).
• Avoid weak randomness (predictable patterns).

1.3. Public Keys

Derived via elliptic curve multiplication:

• Uncompressed: Starts with 04, followed by x/y coordinates (65 bytes).
• Compressed: Starts with 02 (even y) or 03 (odd y), omitting y-coordinate (33 bytes).

Example:

Uncompressed: 04x-coordy-coord  
Compressed: 02x-coord (if y is even)  

1.4. Elliptic Curve Math

Bitcoin uses the secp256k1 curve:

y^2 \mod p = (x^3 + 7) \mod p  

Where p is a 256-bit prime number.

2. Bitcoin Addresses

A Bitcoin address is a Base58Check-encoded string derived from a public key:

1. Compute SHA-256 of the public key.
2. Apply RIPEMD-160 to the result (creates a 160-bit hash).
3. Encode with Base58Check (avoids ambiguous chars like 0/O).

Example Address:
1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy

2.1. Base58Check Encoding

• Purpose: Human-readable format with error detection.
• Alphabet: Excludes 0/O/I/l to prevent misreads.

Process:

1. Add a version byte (e.g., 0x00 for Bitcoin addresses).
2. Append a 4-byte checksum (SHA256(SHA256(prefix + data))).
3. Encode in Base58.

| Type | Version Prefix | Base58 Prefix |
|-----------------------|----------------|----------------|
| Bitcoin Address | 0x00 | 1 |
| P2SH Address | 0x05 | 3 |
| Testnet Address | 0x6F | m or n |

2.2. Key Formats

Private Key Formats:

| Format | Example |
|-----------------|----------------------------------------------|
| Hex | 1E99423A4... (64 chars) |
| WIF | 5J3mBbAH58... (Base58Check, uncompressed) |
| WIF-Compressed | KxFC1jmwwC... (ends with 01) |

Public Key Formats:

• Uncompressed: Full x/y coordinates (04 prefix).
• Compressed: x-coordinate + y-parity (02/03 prefix).

👉 Learn more about Bitcoin security practices

FAQ

Q1: Can someone steal my Bitcoin if they know my public key?

A: No. Public keys are meant to be shared. Only private keys authorize transactions.

Q2: Why use compressed keys?

A: Saves block space (33 vs. 65 bytes), reducing transaction fees.

Q3: What if I lose my private key?

A: The associated Bitcoin is irrecoverable—always back up keys securely!

👉 Explore advanced Bitcoin wallet solutions

References:

• Mastering Bitcoin
• Bitcoin Improvement Proposals (BIPs)

Disclaimer: This guide excludes promotional links per guidelines. The only external link is for educational purposes.