Unlock the Mysteries of Bitcoin Keys to Defend Your Wealth
Navigate the depths of Bitcoin to understand the significance of safeguarding your private key.
That key is paramount in protecting your digital assets. In this episode, we dissect the intricacies of Bitcoin keys, from the binary complexities to the mnemonic seeds that simplify their representation.
Delve into the world of elliptic curve cryptography, where we unveil the relationship between private and public keys, demystifying the process of generating addresses for transactions.
We also touch on the importance of address management and derivation paths in ensuring security and anonymity in Bitcoin transactions.
Join us on this enlightening journey through the heart of Bitcoin’s technology, as we empower ourselves with the knowledge to navigate the ever-evolving landscape of digital finance.
Support by Donating: ⚡zapheartbit@getalby.com
https://geyser.fund/project/heartbit
Looking for bitcoin wallets, gadgets and merch? Find them all on our coupons page https://loveisbitcoin.com/coupons
00:00 What is a key?
02:07 How is this secure?
04:38 What about the words?
07:00 How do people send me money?
Show Notes:
Welcome to the heartbit podcast, where we delve into the heart of Bitcoin and uncover the sweet spot for enthusiasts worldwide.
I’m Dani, your fellow Bitcoin explorer and today, we will talk about Bitcoin keys.
Keeping your key safe is the most important thing you must do to protect your Bitcoin. There are many ways to keep them safe, and they all have upsides and downsides. In the gadgets series, we will take a look at many of them, but first, let’s take a moment to understand what a key is.
A Bitcoin private key is a sequence of 256 ones and zeros. We created a key for the podcast to help explain the technology. It’s okay for me to share it with you because there is no money in it but you should never share your private key with anyone. The key is:
0111111000110001100010010010101111111101000101111111011100010001000101110010110010101001110111000111110000010011111001001101110100111001110001100010111001101000010100000110000111000011000101111001101010100110100100001111011111110001010110001001101010101011
This binary can be interpreted as a huge integer. This binary is equivalent to the decimal:
50788021389387617274514358088406408689264366110443835153879738598089844484058
Which, in English, starts something like this: Fifty quin-decillion, seventy eight quattuordecillion, eight hundred twenty-one tredecillion, three hundred eighty-nine duo-decillion, … you get the picture, it’s hard to say…
This is why it is more frequently represented as a 64-digit hexadecimal number using the characters from 0 to 9 and a to f.
0x7E31892BFD17F711172CA9DC7C13E4DD39C62E685061C3179AA690F7F1589AAB
As you can see, the hex is a much more manageable chunk of information than the binary or decimal.
That’s basically all there is to your key. It is a very large random number. But how could this possibly be secure?
The largest number that can be generated using 256 bits is when all bits are the number one, giving us:
115792089237316195423570985008687907853269984665640564039457584007913129639935
This number is about as big as the number of atoms in the visible universe.
The reason this is secure is because the probability that two people will pick the same atom at random is astronomically small. In the same sense, the chances that two people will pick the same random number are so small that it is negligible. That’s why you have to pick an actual random number. Patterns or familiar numbers will play against you in the Bitcoin universe.
That is why generating the random number is the first step for securing financial sovereignty. Unfortunately, our brains are not very good at generating truly random sequences, so just writing down a series of 1s and 0s is not gonna cut it. Software is capable of generating random numbers but if entropy isn’t introduced then developers can predict what the program will do.
So, what options do you have? Well, you can use software that introduces random input like the lava lamps that secure the internet or a hardware wallet that has been heavily peer-reviewed and implements random algorithms that cannot be reverse-engineered. You can also do it by hand with the help of a coin or some dice.
If you are not very tech-savvy, it might be dangerous for you to try to generate your keys on your own; therefore, it’s better to stick to hardware wallets. If you really want to go for it, then I suggest you stay tuned for one of our future episodes where we will go step by step on how to create and monitor a paper wallet. Never enter your private key into a website. They can easily save the key and use it to steal your Bitcoin.
And that’s it, folks. That’s basically what a Bitcoin private key is. So why is my wallet asking me to store words? Well…
Because of Bitcoin’s decentralized nature, updates to the codebase are also distributed. To enable collaboration among peers, developers create Bitcoin Improvement Proposals, BIPs for short, to share their innovative ideas. In 2013, Marek Palatinus, also known as “slush,” and Pavol Rusnak proposed BIP39 to provide a more user-friendly way for Bitcoin users to back up and recover their keys using mnemonic seeds.
Remembering a series of 256 ones and zeros would be a difficult task, even for the brightest minds. The 64-hexadecimal might be more feasible but is only memorizable by gifted individuals. So, they devised a way of reducing that complexity to 24 words by implementing Mnemonic seeds on Bitcoin. These words are human-readable representations of the underlying private key. Each word represents a unique sequence of ones and zeros, and you can use those words to create every possible combination.
Most wallets nowadays implement mnemonic seeds. To generate the words, we first need our 256-bit private key. Then, we perform a checksum on the randomly generated entropy bits, producing eight additional bits for a total of 264 bits. 264 bits divided by 24 words gives us 11 bits per word. The number of unique combinations of 11 bits is 2^11, which is 2048 …and that’s why there are 2048 words.
n = 256 / 32 = 8 bits
256 + 8 bits = 264 bits
264 bits / 24 words = 11 bits per word
We only need 24 words to represent 264 bits to secure our key.
The 24 words for the private key I showed you earlier are:
icon elite blanket gas impose must wall blossom regret earth body manage obvious path kangaroo lamp inner measure gloom shrimp jungle weird panda forget
In fact, I started with the 24 words and worked my way back to the binary. Just like the wallet does when you recover your key.
The list of 2048 words has indices from 1 – 2048, but they represent values from 0 to 2047. That is why I had to subtract one from the indice to determine the binary of each word.
That’s why your wallet is asking you to backup 24 words instead of a complicated hexadecimal series which is prone to human errors.
Ok, but if my private key is secret then how do people send me money? Well, a private key alone, is no use because we need its matching public key to receive money.
Here’s the thing. In a couple of weeks, I will do an episode on elliptic curve cryptography, but for now lets get a general understanding of how the public and private keys are related.
If you’re somewhat familiar with Bitcoin you may have come across this image. This is an elliptic curve. If I take a point on the curve G and I multiply it by a value Z it will produce another point D. What makes this special is that even if I know point G and D I will not be able to figure out what the multiplier Z was. In this example Z is your private key and point D is your public key.
In the specific case of bitcoin the curve is defined by secp256k1 which stands for: Standards for Efficient Cryptography over a prime field of 256 bits of a Koblitz curve variant number one.
In this case point G is
X =
0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
Y =
0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8
In the specific case of our keys, we take point G and multiply it by our private key:
0x7E31892BFD17F711172CA9DC7C13E4DD39C62E685061C3179AA690F7F1589AAB * G
Giving us the point D:
X = 0x1B3EC59C61493224A807A81528508BC8AFE76B2F79E81CBC679466BD8BEE4F8
Y = 0x2A1ED9F91D3EAA23CAC28E0A0F27E687F455FC0A631E2D7243DCD8487256F6DE
Since the elliptic curve is symmetrical along the x-axis, it suffices to know the x coordinate and whether the y-coordinate is even or odd to know where the point is located on the curve. Therefore a compressed Bitcoin public key is just the x coordinate preceded by the code 03.
In our case this gives us:
0x021B3EC59C61493224A807A81528508BC8AFE76B2F79E81CBC679466BD8BEE4F8
Therefore the private-public key pair for our wallet are:
Private: 0x7E31892BFD17F711172CA9DC7C13E4DD39C62E685061C3179AA690F7F1589AAB
Public: 0x021B3EC59C61493224A807A81528508BC8AFE76B2F79E81CBC679466BD8BEE4F8
This public key is quite long, so to make things a little bit more human friendly addresses are an encoded version of the public key. The encoding depends on the type of lock we are using but for this example we will stick with the simplest which is Pay to Public Key Hash also known as P2PKH. The way we encode it is by performing a SHA-256 and RIPEMD-160 hash on the public key.
In our case specifically our hash is:
0x703f5ffab4a3d015e27760552ffe2d80cee72780
This shortened hexadecimal can be further encoded for human readability by doing a Base58encoding giving us the P2PKH legacy address: 1BEWbrPkUAcmYoN4m3KKMDWXDE4ieUHfkk
Sharing that address is much simpler than the original public key
1BEWbrPkUAcmYoN4m3KKMDWXDE4ieUHfkk vs.
0x021B3EC59C61493224A807A81528508BC8AFE76B2F79E81CBC679466BD8BEE4F8
That is how the private key produces an address that you can send money to.
In the future I will make another episode explaining how the private key is used to unlock the funds. But in simple terms, only the owner of the private key can do a mathematical operation that results in a signature that, when combined with the transaction data and the corresponding public key, proves ownership of the funds, allowing them to be transfered.
Bitcoin is not anonymous; it is pseudonymous, but if it is used correctly, then it can be very difficult to trace the identity behind the numbers. The pseudonym is the address.
In Bitcoin, you don’t want to reuse addresses because it is public knowledge that all those transactions belong to the same entity. Instead you want to produce a new address for every transaction.
In the next technical episode we are going to go into detail about what a wallet is but for now lets say that part of what a wallet does is allow you to create many private keys from one private key so that you can create new public keys for every transactions without having to manage each key individually. In reality, every time you click “get new address” the wallet is generating a new private key, public key and address.
When we say private key, we are really referring only to the root private key, and all the other keys are generated from that one using the derivation path. If you imagine a tree, the derivation path is what tells the algorithm how the branches are shaped and which leaves to pick.
The reason it is done this way is so users can restore all the private keys from a single point. You need to know the derivation path used by your wallet just as much as you know your key otherwise, the information might not be recovered correctly. Suppose you have the correct private key, but restore the wallet in a device that uses a different derivation path than the original wallet you were using. The funds sent to the first public key will be retrieved but the wallet will calculate your additional addresses incorrectly. If you recover your wallet and done see the funds as expected, don’t freak out just yet, you probably just have the derivation path wrong and need to figure out what your original wallet uses.
The essence of security lies not only in safeguarding your private key but also in the judicious use of addresses, ensuring that each transaction paints a fresh canvas of anonymity.
If you have any questions about subjects I skipped, leave them in the comments, and I will try to answer them in the next episode.
As we conclude this enlightening exploration into the heart of Bitcoin keys, remember: your private key is the silent guardian of your digital fortune. Safeguard it with diligence, for within its binary depths lies the essence of your financial sovereignty.
We’ll continue our journey through the intricate tapestry of Bitcoin’s technology, unraveling the mysteries of elliptic curve cryptography and the art of wallet management. Empowering ourselves with the knowledge needed to forge new pathways to prosperity.
Until we meet again on the next episode of Heartbit, may your Bitcoin keys remain secure, and your curiosity unquenchable.
