Where is a Bitcoin?
reminder: “Bitcoin” here is a placeholder for your favorite crypto-currency
Yes, we are taking a minor (but a single post!) digression before returning to the options for keeping bitcoin, replete with pros and cons, best practices, etc.
On the off chance you find this post thought provoking, specifically in the sense of “I find my intellectual curiosity piqued! I want to develop an intuitive understanding of Bitcoin and blockchain technology!” Have I got some great news for you:
The Bitcoin Tutorial is a unique approach to fully understanding Bitcoin. It starts by explaining contemporary cryptography and confidently works through the blockchain and the currency. Each concept is explained from first principles, building upon the preceding material. Intuition is developed step-by-step, fostering real understanding.
Literally talking my own book, ‘nuff said. The figures below are plucked straight of the tutorial, because, to be completely honest, I’m too lazy to generate a whole new set of figures for this post. That is a double-edge sword: the tutorial spills FAR more ink in explanations. Here in but a single post, we’ll gloss some details and skip others completely. That’s supremely ironic, as my motivation for writing the tutorial was to remedy precisely such behavior.
Most of the Bitcoin literature tells the story awkwardly. Mystifying concepts are presented and readers are left hoping they’ll “get it” later. The innovative blockchain technology is oversimplified. Essential fundamentals such as cryptography are glossed over.
So there is a contradiction as we drink out of a firehose, using figures from a book opposed to precisely this sort of post. C’est la vie d’auteur.
Every Bitcoin you own came from someone, perhaps a friend overly enthusiastic about crypto-currencies or perhaps from an exchange. The take away is that someone transferred some of their existing Bitcoin to you. That someone earlier got the Bitcoin in question from another someone, and so on. (You can trace the path of any Bitcoin backward, step-by-step through a series of transactions; step back far enough and you’ll find a special “coinbase transaction” that marks the CREATION of new Bitcoin in the mining process.)
Figure 1 illustrates what I call a “funding transaction” because our focus is on the elements on right. Transactions follow the rules of double-entry bookkeeping: the sum of the inputs on the left is equal to the sum of the outputs on the right.
(Every transaction is BOTH a spending transaction and a funding transaction: inputs on the left are spent and outputs on the right are funded. The sum of inputs on the left is SLIGHTLY BIGGER than the sum of outputs in the right. The difference is the vital “transaction fee” that determines how quickly the transaction will be packaged into a block and included in the blockchain.)
You’re keen on getting Bitcoin, so here and now we are focused on two pieces of data in Figure 1: Bitcoin Amount and Public Key Hash. If you paid your exchange 2,500-some-odd dollars, Bitcoin Amount will be 1.0-ish. Public Key Hash is a crazy-long and unique number that identifies your new Bitcoin. This transaction will be written to the Bitcoin blockchain, one entry in the immutable public ledger that documents the entire history of Bitcoin.
Public Key Hash raises a bunch of questions. Namely, (a) where did it come from and (b) how the hell is this secure if everyone can see my new Bitcoin in the public ledger? The good news is that both parts of that question bring us to a single answer.
For purposes of this post, our story has you purchasing Bitcoin on your favorite exchange. In order to keep this simple (as if that was possible at this point ), we will think of the “you” in Figure 2 above as “an agent in the exchange acting on your behalf.”
BEFORE the exchange constructed the funding transaction shown earlier in Figure 1, your imaginary agent to created a private-public key pair for your new Bitcoin. Private Key is a 256-bit random number. Such a number is unfathomably large. If it is properly secured, it is inconceivable that anyone can crack a Private Key. (And yes, I do know what that word means.)
Public Key is a 512-bit number that is calculated from Private Key. Thanks to some achingly beautiful mathematics, this calculation is a cryptographic one-way (also known as trapdoor) function. Calculating Public Key from Private Key takes a fraction of a second on the processor in your phone. Working backward from a Public Key to derive its Private Key would take heat-death-of-the-universe time on the most powerful supercomputer. This is the public key cryptography (PKC) that protects every “https” website you visit and every Apple or Snap or WhatsApp message you send. (It is fair to say that we would not have the Internet as we know it without PKC.)
Repeating for clarity: Public Key is directly calculated from Private Key; doing so by cryptographic one-way function ensures that openly revealing Public Key leaves Private Key fantastically secure.
Those of you paying close attention at home noticed a “missing dot” between Figure 1 and Figure 2. The former includes Public Key Hash, while the latter showed Public Key. How do we connect those dots?
Et voilà! Public Key Hash is directly calculated from Public Key, as shown above in Figure 3. One-way mathematical functions are used, specifically a pair of cryptographic hashes (SHA-256 followed by RIPEMD-160).
Bitcoin Address is a brilliant representation of Public Key Hash, encoded using upper-case, lower-case, and numeric characters … EXCLUDING the human-error-prone letters l (the lower-case letter), I (the upper-case letter), O (the upper-case letter), and 0 (the Arabic digit). Bitcoin Address incorporates four bytes of error correcting code (ECC) to detect and correct errors. Here is an real example: 1FU32Ywgah58w6RzMMhs5BVFqV1SEKuEYq.
Not something you would want to type letter-by-letter, but a far cry better than the corresponding Public Key Hash in its native hexadecimal: 009EAEAF0BF071F0661F049516BFD5DEBB8E9A0B72F95096AA.
We are almost home free. Take a deep breath and hold onto your towel.
Figure 4 — in all its glory — answers the question “Where is a Bitcoin?” Starting on the left side, we have from Figure 2 and Figure 3:
- Private Key generated an “agent in the exchange acting on your behalf”
- Public Key, calculated from Private Key by a one-way function
- Public Key Hash, calculated from Public Key by a one-way function
(Ignore “Bitcoin Wallet” atop the left side, that gets into the currently-on-hold but coming-real-soon-now question “Where can I keep my Bitcoin?”)
On the right side we find the “funding transaction” from Figure 1, now packaged into a block and firmly ensconced in the Bitcoin blockchain.
Ladies and gentlemen, Figure 4: THERE IS A BITCOIN.
Woo. Hoo. Back to our regular scheduled programming.
Bonus: how do I SPEND a Bitcoin?
Quit while we’re ahead? Yea, probably should. Nagging bit is, we’ve barely justified the existence of Private Key, much less described its raison d’être.
Private Key → Public Key → Public Key Hash → Bitcoin Address
Bitcoin Address is sent around by email and TXT. Literally. Public Key Hash is visible for anyone to see in the Bitcoin blockchain. Whoever knows the Private Key can spend the Bitcoin at the corresponding Bitcoin Address. Further elevating its importance — and the need to keep it, well, PRIVATE — is the reality that Public Key, Public Key Hash, and Bitcoin Address are readily calculated from Private Key. So should you metaphorically “leave” a Private Key on a table at Starbucks, someone finding it has EVERYTHING they need to spend the associated Bitcoin. Likewise, metaphorically “losing” a Private Key means that you’ve lost the associated Bitcoin, full stop.
Super-high-level-one-paragraph explanation: the Ownership Test in Figure 2 and Figure 4 presents a mathematical puzzle that declares “Prove that you know the Private Key associated with this Bitcoin!” The proof uses the same achingly beautiful mathematics alluded to earlier, this time in the form of a one-way function called a digital signature algorithm (DSA). Producing the digital signature absolutely, positively, no-way-around-it requires Private Key. Validating the digital signature, on the other hand, requires only Public Key. Yup, solving the mathematical puzzle that asserts “I know Private Key, FACT!” does not actually reveal Private Key. Cool.
Whoever knows Private Key has EVERYTHING they need to spend the associated Bitcoin.
And THAT little ditty is why you really, REALLY should deeply cogitate on “Where can I keep my Bitcoin?” And we will get back to that broadly overlooked question in the next post … stay tuned.