## Author: Paul

### Basics

- By using cryptography, you can create a key pair consisting of a public key and a private key.
- The
**public key**is used to receive funds, similar to your bank account number. It can be publicly shared without risking losing your funds. - The
**private key**is used to spend the funds, similar to your bank account password. You should never disclose it. - A
**wallet**helps you to generate and manage such kind of key pairs because they are long alphanumeric strings and not easy to memorize. - To make bitcoin transaction easier in daily life, the public key is converted to a much shorter bitcoin
**address**(33 or 34 characters) through a series of mathematical functions.

- On most occasions, we use “public key” and “address” interchangeably.
- We present our bitcoin address instead of the public key when we want to receive funds. We rarely see our actual public keys in bitcoin daily usage.
- You can also think of your phone number as your bitcoin address, and it allows others to call you easily. Your SIM card is your private key and if you lose it, you lose control of your identity. The IMEI identifier of your phone is similar to the public key, which can be used to uniquely identify you, but it is too long and used internally and rarely shown to users.
- From your private key, we can calculate your public key; and thru your public key, we can calculate your bitcoin address. But it cannot be done in the opposite direction. Therefore, as long as you keep your private key in a safe place, you are in full control of your fund.

### Intermediate

- In Bitcoin, we use elliptic curve multiplication as the basis for its cryptography. The curve determines the mathematical relationship between the public key and the private key.
- The private key is not used to encrypt your fund, instead, to sign a message, usually a transaction. It is similar to your signature on the cheque, which enables you to prove your ownership and spend the fund in the bank.
- By applying a signing algorithm (e.g. DSA) between your private key and the transaction message, a unique digital signature can be generated. Anyone with your public key can verify the signature was generated by you and the message was not altered in transit.

- This useful property allows the private key owner to prove its ownership of the source of the information without revealing the private key, and anyone with the public key to verify the signature without knowing the private key.
- The relationship between the private key and public key is fixed, but can only be calculated in one direction, from private to public. We call such kind of relationship as “asymmetric”. It is guaranteed by math.
- Such kind of asymmetric cryptography has been widely used on the internet nowadays to prove the authenticity of a digital identity, such as a website, an email message, a electronic document, a bank transaction and so on.

### Advanced

- ECDSA or Elliptic Curve Digital Signature Algorithm is the core of bitcoin cryptographic algorithm which defines how bitcoin private key and public key are generated.
- From the public key, we can derive the “raw” bitcoin address using SHA256 and RIPEMD160 one-way functions.
- To help human readability, avoid ambiguity and protect against errors, we use “Base58Check” to encode the “raw” bitcoin address, which is the ultimate address (33 or 34 characters) we see in daily transactions.

- Base58 uses all letters (lowercase & uppercase) and numbers except (0, O, l, I) to represent the 160-bit “raw” bitcoin address.
- Base58Check adds version number and error-checking code at the beginning and end of the address, which boosts its flexibility and security.

Nowadays, most bitcoin wallets generate a new address each time you need to receive funds from others. The main purpose of doing this is to protect your privacy and make the source of funds difficult to track.

Some people may worry that if too many bitcoin addresses are generated in the world, the address resource may be exhausted and they may have the possibility of getting the same address as someone else.

People are very bad at perceiving large numbers because we do not see them in daily life. To understand how large the resource of bitcoin address is, we have to look at it from the probability angle.

- The private key is a 256-bit random number generated by your computer, which means, the number of possible private keys is 2^256 (approximately 10^77 in decimal).
- It is roughly equal to the number of hydrogen atoms in the observable universe.
- From the private keys and one-way cryptographic function, we can calculate the corresponding public keys and bitcoin addresses.
- Therefore, the resource of private keys and bitcoin addresses are unlimited. It will never get exhausted.
- There is no need to worry about “energy saving” in the bitcoin space. You can generate as many new keys or addresses as you want for fun, and discard them anytime you want.