top of page

Keys, Addresses, Wallets

Generically, all key-address-wallet relationships are formed and work as follows (at a very high level).  Note that the terms can be confusing and its not clear that the community has agreed on definitions across the board.  Specifically, "Wallet" and "Wallet Address" seem to be used in confusing ways, depending on the source of the information.  The bullets below use the term "Wallet" and does not use the phrase "Wallet Address".

  • Assymetric Cryptography, sometimes also referred to as public key cryptography, serves as the backbone to "Keys" as referred to with respect to the blockchain.

  • Applications of Assymetric Cryptography used in the blockchain are:

    • Encryption:​  provide confidentiality protection

    • Digital Signature: authentication and source integrity

  • A message encrypted with a public key can be decrypted using the private key

  • A message signed by a private key can be verified using the public key

  • Generically, a private key is generated as the starting point and is just a string of arbitrary length that contains alphanumeric characters.

  • An Assymetric cryptographic function is applied to the private key, producing a public key.  Examples of Assymetric cryptographic functions are RSA, DSA, ECC and ECDSA

  • The public key is processed to produce a fixed length alphanumeric sequence, which is an address

  • A wallet holds one or more combinations of a private key, the public key, and the address that came from the public key

  • An address can not be transformed backwards to a public key

  • A public key can not be transformed backwards to a private key

  • A private key is used to create a digital signature

  • A public key is used to validate a digital signature

  • Most non-paper wallets handle all of the bookkeeping for keeping key pairs together, tracking unspent transactions, signing transactions using the appropriate key , etc.

  • When transacting on the blockchain, it is the address which came from the public key that is used.  A wallet may hold several of these addresses.

The following is specifically how key-address-wallet relationships are formed and work for Bitcoin (and many other cryptocurrencies!)

  • A 256 bit unsigned integer is generated.  Most non-paper wallets will use a seed phrase to generate the 256 bit integer; further, HD (hierarchical deterministic) wallets will use this seed phrase to create a "master extended key", from which all private keys for the wallet will be generated.  In this way, a user need only keep safe the one seed phrase and from that, all private/public key pairs will always be able to be re-generated.  

  • The 256 bit number is converted to hexadecimal

  • A version number is added to the beginning of the hex representation; For the bitcoin mainnet, the version number is 5;  to end up with a leading 5 at the end of the next transformations, a 80 is added to the beginning of the hex.

  • A checksum is added to the end of the hex string, which makes error detection by the bitcoin core possible

  • The result of the above is converted to base58;  This is the private key which will start with the number 5.

  • Elliptic Curve Digital Signature Algorithm (ECDSA) is applied to the private key. The specific curve that is used by Bitcoin is secp256k1.  This produces the public key.

  • The public key is hashed twice, using SHA256 and then converted to base58.  This is the address that is used for transacting on the bitcoin blockchain!

bottom of page