Understanding Bitcoin: Private Keys, Public Keys, and Addresses

In the world of Bitcoin, three terms frequently come up: private keys, public keys, and addresses. What do they mean, and how are they related? Understanding their differences and connections is fundamental to grasping how Bitcoin operates.

Private Key

What Is a Private Key?

A private key is a cryptographic secret that allows you to access and spend Bitcoin stored at a specific address. Typically, a private key appears as a string of characters, like this:

5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss

Applications supporting the Bitcoin protocol can decode this string into a valid private key, derive the corresponding public key, and generate the associated Bitcoin address. If this address holds Bitcoin, the private key can authorize transactions to spend those funds.

Properties of a Private Key

• Essentially a Random Number:
  A Bitcoin private key is a 256-bit number (32 bytes), meaning it can have any value between:
  1 and 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141.
  The total number of possible private keys (~2²⁵⁶) exceeds the number of atoms in the observable universe, making brute-force attacks mathematically infeasible.
• Cryptographically Secure:
  Bitcoin's security relies on elliptic curve cryptography (ECC). While it's theoretically possible for two private keys to collide, the probability is astronomically low.

• Generated via PRNG:
  Most private keys are derived using Pseudo-Random Number Generators (PRNGs).

  A PRNG mimics randomness but isn’t truly random—it relies on mathematical algorithms.

  True randomness is crucial because weak randomness increases collision risks.

Private Key Formats

Private keys are often encoded in Base58 for readability (avoiding ambiguous characters like 0, O, I, l). They may also appear in:

• Wallet Import Format (WIF): Starting with 5 (older uncompressed keys).
• Compressed WIF: Starting with K or L (indicating compressed public keys).

Example:
L4sQv2xG8GSAgH6cBN1uJN3vG7WuZ5nJ7Rb7rr3QZfJm6w2E2xK1

Public Key

Derivation from Private Key

A public key is generated from the private key using elliptic curve multiplication. It serves two main purposes:

1. Verifying signatures (proving ownership without exposing the private key).
2. Generating Bitcoin addresses.

Public keys come in two formats:

• Uncompressed: 65-byte (starts with 04).
• Compressed: 33-byte (starts with 02 or 03).

Example:
04a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd5b8dec5235a0fa8722476c7709c02559e3aa73aa03918ba2d492eea75abea235

Why Compression Matters

Compressed public keys reduce blockchain bloat by 32 bytes per transaction, improving network efficiency.

Bitcoin Address

How It’s Generated

An address is a shortened version of a public key, derived through:

1. SHA-256 → Hashes the public key.
2. RIPEMD-160 → Creates a 20-byte hash.
3. Base58Check encoding → Adds version/checksum for error detection.

Formula:
Address = Base58(Version + Hash160(SHA-256(Public Key)) + Checksum)

Example Addresses

• Uncompressed Public Key: 1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN
• Compressed Public Key: 1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV

Both addresses can spend Bitcoin controlled by the same private key.

FAQs

1. Can two private keys generate the same address?

No. Each private key produces a unique public key and address due to cryptographic one-way functions.

2. What happens if I lose my private key?

You lose access to your Bitcoin permanently—no recovery is possible.

3. Why are there different address formats?

Legacy (P2PKH) and SegWit (Bech32) addresses optimize for transaction efficiency and lower fees.

👉 Learn more about Bitcoin security