In this article, we learn about bitcoin addresses, how they are created, the algorithms used, and key formats.
Table of contents.
- Base58 and Base58Check Encoding.
- Public and Private Key Formats.
In the previous article, we discussed the Bitcoin blockchain layered model. We learned that L1 Bitcoin only supports transactions. Participants of the Bitcoin L1 blockchain are assigned wallet addresses which are a result of public-key cryptography and hashing algorithms such as SHA-256. In Bitcoin, these addresses are the only interface that allows people to store and exchange value with each other.
Bitcoin addresses consist of a string of digits and characters. If person A wants to send funds to person B, he/she needs the wallet address of B.
The following is an example of a bitcoin address:
The above wallet address is a result of one-way cryptographic hashing using hashing algorithms such as SHA-256 and keccak. These algorithms must fulfill certain requirements, for example, the produced hash must be of a fixed length and irreversible. This is discussed in later articles.
A modified Base 58 binary to text encoding is used to encode bitcoin addresses. Some of the features of this encoding include;
- 58 alphanumeric symbols that consist of distinguished uppercase and lowercase letters.
- Arbitrarily-sized payload
- One-byte version application information.
- Four bytes of SHA-256-based error checking code.
- An extra step for preserving leading zeros in data.
Consider the following image demonstrating how a public key is converted into a bitcoin address using Base58Check encoding.
Base58 and Base58Check Encoding.
Encoding in computer science is used to reduce long strings of text into short compact strings with alphanumeric symbols. Base64 is one such representation, it uses 26 lowercase and capital letters, 10 numerals, and 2 additional characters.
Another representation is Base58 which is text-based, it is extensively used in the Bitcoin blockchain as we shall learn shortly. It provides users with a balance between compact representation, readability, and easier detection of errors. It is a subset of Base64. Its alphabet consists of the following;
For additional security to prevent typos and errors encountered during transcription, Base58Check is used. It has a built-in error checking functionality involving a checksum. The checksum derived from the hash of the encoded data has four bytes. It is used to detect and prevent errors. That is, it calculates the checksum of data and compares it to the checksum in the code. If they match it is valid otherwise not. This makes sure users enter a valid bitcoin address otherwise funds will be lost to an unknown address.
Converting data into a Base58Check
First, we add a version byte, a prefix added to the data. It is used to identify the data type encoded.
Next, we compute the double-SHA checksum by applying the SHA-256 algorithm on the prefix + data twice.
Now we have a 32-byte hash, we take the first 4 bytes. These are used for error checking. The checksum is appended to the end of the hash.
Now we have a prefix, the data, and a checksum to check for errors.
This is encoded using the Base58 alphabet.
The process is demonstrated using the image below;
Public and Private Key Formats
Public and private keys are represented in a number of ways. This makes them easier to read and transcribe while avoiding errors.
For example, a private key can be represented in various formats all of which correspond to the original key.
Encoding formats for private keys include, Raw 32-bytes, 64-hexadecimal digits, Base58Check encoding or WIF-compressed encoding. All these formats are different ways of representing the same value.
Public keys on the other hand can be represented as compressed or uncompressed public keys. Public keys have a prefix that is used to distinguish uncompressed public keys from compressed public keys.
Compressed public keys are used in bitcoin because they reduce the size of transactions. As mentioned earlier transactions and expensive on bitcoin and slow, therefore we need to compress what we can such as public keys in order to reduce the amount of bandwidth a transaction uses.
On the other hand compressed private keys turn out 1 byte longer before they are WIF-compressed. This is because the private key before compression has an extra byte suffix which means that the key is from a newer wallet. Note that, these keys are not really compressed, we use this term to mean a private key from which a compressed public key is derived from.
Base58Check is used for additional security in addition to helping to prevent typos and errors encountered during transcription of a bitcoin address.
Compressed public keys used in bitcoin reduce the size of transactions thereby reducing the needed computational resources such as network bandwidth and storage space.
SHA-256 and Keccack are one-way cryptographic hashing functions used to generate wallet addresses/accounts in Bitcoin and Ethereum blockchains.