System basics, Keys, and Addresses
Learn about system basics, keys, and addresses of Bitcoin.
We'll cover the following
System basics
The ownership and transfer of coins are specified by digital keys, addresses, and digital signatures. The Bitcoin protocol relies on public-key cryptography in order to create a corresponding pair of a private key and a public key for access control and to provide the ability to generate digital signatures. More precisely, the Bitcoin protocol uses elliptic curve cryptography based on the elliptic curve secp256k1, which is specified by Certicom. Each user occupies their own database, called a Bitcoin wallet, which contains a collection of corresponding key pairs, whereas a valid Bitcoin address is a hash of the public key. Each user is allowed to generate as many keys and addresses as they want. An owner of a private key that corresponds to funds on the public ledger can spend the funds to an address of any recipient by signing a transaction.
Keys and addresses
In this section, we introduce Bitcoin’s key and address creation. The Bitcoin protocol uses the Elliptic Curve Digital Signature Algorithm (ECDSA) based on the curve.
The private key is a randomly selected 256-bit (32-byte) unsigned integer , where is the order of the elliptic curve. The secp256k1 public key is then derived from the private key by , where is the specified basepoint and the coordinates and are two 256 -bit integers. Since the public key is deterministically derived through a one-way function from the corresponding private key, the public key doesn’t need to be stored in the protocol. The public key is represented in a compressed format , where the compressed key is bytes long and only consists of the coordinate , including a constant prefix either of x if the coordinate is odd, or x if the coordinate is even.
In early versions of the Bitcoin protocol, the address was represented by the public key Q. However, Bitcoin changed this and is now using the hash of the public key as an address instead of the public key itself. This selection wasn’t made intentionally because of security reasons, but rather to save memory space. However, as we’ll see later, this choice yields an advantage for quantum security. So, a Bitcoin address is, roughly speaking, a representation of the encoded cryptographic hash of the compressed ECDSA public key, computed according to Algorithm 8.
The compressed ECDSA public key is hashed twice, first using , which produces a hash of 256 bits (32 bytes), and then RIPEMD160, which produces a hash of 160 bits (20 bytes). According to
Algorithm 8: Bitcoin address generation
Required: Compressed public key .
- .
- .
- Return Bitcoin address A.
Implementation
Note: The code will take a long time the first time we execute it, but it will run smoothly after that.
Get hands-on with 1400+ tech skills courses.