Public Keys, Private Keys and Bitcoin Address

My previous post on the nitty gritty of the transactions covered how peer-to-peer transactions work in a bitcoin Blockchain. There are 3 items that are imperative for this — Public Key, Private Key and Transaction Message.

Like any currency, Bitcoins have a controlled supply. The bitcoin generation algorithm has been defined in such a manner that it takes care of how the coins will be created and at what rate. There is no centralized party in this process.

Newer coins are generated as and when blocks are added to the chain. This is called mining. Hence peer-to-peer transactions play a huge part in this as they are indirectly the trigger.

Private Key is essentially a randomly generated number which is analogous to a password. Private keys are help in accessing the unspent money associated with the corresponding public key. It is a 256 bit integer. Private keys help in creating a Digital Signature which helps the miners verify the identity of the person transacting.

Public Key is the ‘To Address’ in the transaction. It is a pair of two 256 bit numbers (512 binary digits) with a possibility of 2256 combinations. Earlier, the bitcoin Blockchain followed ‘Pay to Public Key’ transaction method where the ‘To Address’ was the person’s Public Key.

Both the Private and Public keys are part of the Elliptic Curve Digital Signature Algorithm (ECDSA). This is a cryptographic algorithm that Bitcoin has adopted to ensure funds can be accessed and spent only by rightful owners and this can easily be verified by anybody with access to the books (Blockchain).

In order to improve the security in this transaction process as a fail-safe back-up, bitcoin moved from ‘Pay to Public Key’ to ‘Pay to Public Key Hash’ system where the ‘To Address’ was replaced from Public Key to Public Key Hash.

The way these keys work are as follows,

1. Private Key is a randomly generated 256 bit integer that is similar to a password and is advisable not to share this with others

2. ECDSA helps in deriving the Public key from the Private key

3. The Public Key Hash or more commonly called Bitcoin Address is obtained by hashing the Public key using RIPMED160 (cryptographic function)

Public Key = ECDSAexponentiation(Private Key)

Bitcoin Address = RIPMED(SHA256(Public Key))

Currently, there are different types of transactions systems that are possible — Pay to Public Key, Pay to Public Key Hash, Multi-sig (two or more parties are required to sign the transaction) etc.

These different systems ensure different levels of security and it’s purely up to the user to determine the kind of transaction system preferred.

Exchanges like Coinbase have a hosted wallet service. This means that the private keys are not given to the customers. These exchanges manage the private keys through passwords, 2 step verification, device confirmation etc. This is part of their secure cold storage technology. Customers only have access to their bitcoin address and the rest is taken care of by these exchanges.

Scripts in Bitcoin Blockchain

Bitcoin Blockchain network uses scripts which serve as list of instructions for each transaction to describe how the person receiving the bitcoin can possibly gain access to it and spend it.

These scripts are part of the ECDSA and help in locking and unlocking the transaction input and output so that people are able to transact securely.

Eg. The output of a transaction would contain a column ‘Script Public Key’. This is pretty much the lock for a transaction.

A sample value in this would like — OP_DUP_HASH160<X’s Public Key>OP_EQUAL OP_CHECKSIG (X is the person to whom the money is being sent)

This is unlocked (X basically accesses this money that he has received) by
<X’s Signature> <X’s Public Key>

These scripts function well for peer-to-peer transactions but is very limited when it comes to broader applications which led to the foundation of Ethereum Blokchain. More on this in the subsequent post.