Because the private key is the "ticket" that allows someone to spend bitcoinsit is important key these are kept secure. Fund manager Brian Kelly has insisted claims cryptocurrency is bitcoin have been hugely exaggerated and revealed key tips for investing in the current environment. Anyone price asks you for your private key is likely trying to scam you in some way. Severe winter weather significantly impacted the second week of the Public Session of the Alabama Legislature. To spend the funds sent to a particular bitcoin key you need the corresponding private key. No, as it turns out, although it's not a private story!
Skip to main content. View all mining guides Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top. So it's a fail-safe backup. This is the same private key in This can be a confusing concept so this post explains the relationship between private keys, public keys, bitcoin addresses and the blockchain. Welcome to the Kenyan slum of Dandora:
Anybody can ask a question Anybody can answer The best answers are voted public and rise to the top. Feed a hash key the price same data and it will spit out the exact same number again. The key-chemicals arranged to represent Wed, 24 Jan Private suppose you know the key of public key cryptography? I bitcoin this article helps you in that regard.
People can encrypt things to your public key, and if they do so, then only your private key can decrypt them. So you can publish your public key publicly, and people can then encrypt messages that can only be unlocked with your private key. A signature is something that can only be created by your private key, but which your public key can be used to verify that the signature indeed must have been created with your private key. So I can use my private key to "sign" a PDF document for example, and if you have my public key and the document and the signature text, you can verify that indeed I made that signature for that document, and I made it with my private key.
The signature proves I own the private key, even though it doesn't reveal the private key to you or anybody else. The most common way to send bitcoins is to an address, which is a hash of a Bitcoin public key. The reason we do it that way is so that if there is a vulnerability in elliptic curves, your money can still be safe, since the public key isn't even known until you spend the money, only the hash is known.
The public key is revealed only when you spend money, because it is necessary to prove that the digital signature came from your private key. And the way Bitcoin verifies that the transaction is valid is it checks the signature with the public key and the data being signed is not a PDF but the Bitcoin transaction itself , and the Bitcoin miners and users verify that the private key indeed did make that signature and make it for this transaction , and then they also verify that the public key hash is the same hash as the output transaction.
If those two things are true - the signature is good and the hash matches - then the transaction is valid and the money can be spent. The reason Bitcoin uses the hash in addition to the public key is security.
Let's say elliptic curves suffered a flaw that allowed somebody to derive a private key from a public key in 3 hours, but the hash functions were still unbroken.
Then your money would be safe the vast majority of the time, because you could spend it and get the transaction mined before somebody looking at that transaction which shows your signature and your public key would be able to use your public key to reverse engineer your private key.
And your public key wouldn't even be revealed until you spent the money, so as long as the hash function was still safe, you're mostly ok. So it's a fail-safe backup. In an emergency where the elliptic curves or the hash function get broken, users still have an emergency backup way of keeping their money temporarily safe while the Bitcoin software gets updated. This is why a lot of people always say you should not re-use addresses, because if you've spent from an address previously, then its public key is already publicly known, and you lose that emergency backup protection.
So now that we've got all that explained, I can actually answer your question! An address is the hash of the public key. That's why you only need the private key backed up, because everything else can be derived from that.
Basically, the public key is actually a point on a graph derived from the private key. It's just an X and Y coordinate. However, the Bitcoin curve has a neat property that any X coordinate can only ever have one of two Y coordinates, and the Y coordinates can be derived from the X coordinate.
So you can see how every positive X value can have a positive or negative Y value, because of the Y-squared part. So sometimes you'll see a public key written as "04" followed by the character X value, followed by the character Y value. That's an uncompressed public key. But you may also see just the X value with either an "02" in front or an "03" in front of it, indicating which of the two Y values is supposed to be used if you uncompressed it.
Remember, hashes output the same length, so the length of the address will be exactly the same, and in fact you won't know whether it's a compressed or uncompressed address until you see the spending transaction that shows the public key.
What would be the advantages and disadvantages of using a compressed vs. In other words, why bother having the two formats? Uncompressed keys exist only because of historical reasons and backwards compatibility. It was either an oversight, or Satoshi was unaware of the existence of compressed keys when the first version was released.
They were added in bitcoin-qt 0. Compressed keys save 32 bytes per transaction input. It doesn't sound like much, but a lot of transactions are less than bytes so it's a significant percentage saving with no cost. The only disadvantage is so negligible it's barely worth mentioning. Working with compressed public keys requires an additional step to calculate the y-coordinate, but it's a trivial computation and only needs to be done once.
If you spend bitcoins that were in an address even once, the ecdsa public key is published to the blockchain, so you lose the extra protection from ripemd and sha.
Using public-key cryptography, you can "sign" data with your private key and anyone who knows your public key can verify that the signature is valid. Because the pubkey to address hashing can't be reversed, your pubkey is safe against for example quantum attacks. Isn't that too short-sighted? Shouldn't brute-forcing a hash-reversal precisely be what quantum computers are good at?
However, the two algorithms differ drastically in just how efficient they are. In the case of RIPEMD, the weaker of the two hashes used to create a Bitcoin address, this means that the number of steps needed to recover a public key from an address goes down from 1.
Somewhat easier, but still thankfully impractical. I have no idea if this is anything close to the final word on the matter, but the whole article is worth a read if you're interested.
Not sure why you are being downvoted. If we're talking about a future where we have quantum computers that can solve discrete logarithms, then it's reasonable to think we could have quantum computers that can run Grover's algorithm on a domain size of 2 Certain theoretical future cryptographic attack vectors like quantum computers are said to be possibly capable of deriving the private key from the public key, but not from the hash of the public key from the address.
So the sha provides considerable extra security. For some reason I thought the address was the same as the pub key, thanks for the info. So let me see if I get this now. There's a private key, from which you can derive a public key.
View all exchange guides Ethereum Mining Contract 2 Year Large. Ethereum Mining Contract 2 Year Medium. Guides How to mine Zcash How to mine Ethereum? View all mining guides Popular Wallets Enjin Wallet. Analysis By user rating Cards Popular. View all wallet guides Popular Spend mBit Casino. Top Cryptopians Coming Soon! How to use CryptoCompare forums? How to review products on CryptoCompare? A miner will eventually pick your transaction and include it a block the transactions are actually included in a merkle tree whose root hash is in in the block header - the block header hash is the proof of work that has to match the difficulty requirement for the block.
Thank you for your interest in this question. Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site the association bonus does not count.
Would you like to answer one of these unanswered questions instead? Questions Tags Users Badges Unanswered. Bitcoin Stack Exchange is a question and answer site for Bitcoin crypto-currency enthusiasts. Join them; it only takes a minute: Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top.
How are public and private keys related to the wallet? I understand that all the Bitcoin protocol is based on an asymmetric cryptography. A user gets 2 keys public and private. How do these keys connect to the Bitcoins? Sean Black 1 1 7. Thomas' answer is correct, but I think an easy version may be appreciated as well.