Overview
A key pair is the fundamental unit of ownership in Bitcoin. It consists of a private key and its corresponding public key, linked through elliptic curve cryptography. The private key is a secret number that allows its holder to sign transactions and spend bitcoin. The public key is derived from the private key and is used to generate Bitcoin addresses and verify digital signatures. This asymmetric relationship -- where the public key can be derived from the private key but not the reverse -- is the cornerstone of Bitcoin's security model.
Key Generation
Step 1: Generate a random 256-bit number (private key)
┌──────────────────────────────────────────────────────┐
│ Private Key (256 bits): │
│ e9873d79c6d87dc0fb6a5778633389f4453213303da61f20bd67│
│ fc233aa33262 │
│ │
│ (Must be between 1 and the curve order n) │
└──────────────────────────────────┬───────────────────┘
│
Elliptic curve multiplication
(point multiplication on secp256k1)
│
▼
Step 2: Derive the public key
┌──────────────────────────────────────────────────────┐
│ Public Key = private_key * G (generator point) │
│ │
│ Uncompressed (65 bytes): 04 + x-coordinate + │
│ y-coordinate │
│ Compressed (33 bytes): 02/03 + x-coordinate │
│ (prefix 02 if y is even, 03 if y is odd) │
└──────────────────────────────────┬───────────────────┘
│
Hash operations (SHA-256 + RIPEMD-160)
│
▼
Step 3: Derive the address
┌──────────────────────────────────────────────────────┐
│ Bitcoin Address: bc1q... (Bech32 for native SegWit) │
│ 1... (Base58 for legacy P2PKH) │
│ 3... (Base58 for P2SH) │
└──────────────────────────────────────────────────────┘
The One-Way Relationship
The security of Bitcoin depends on the mathematical one-way relationship between private and public keys:
Private Key ──────► Public Key ──────► Address
(easy) (easy)
Address ────✗────► Public Key ────✗──► Private Key
(impossible) (impossible with current math)
This one-way property is based on the Elliptic Curve Discrete Logarithm Problem: given the public key point on the curve, there is no known efficient algorithm to compute the private key scalar that produced it.
Key Formats
Private key formats:
- Raw hex: 64 hexadecimal characters (32 bytes)
- WIF (Wallet Import Format): Base58Check-encoded, starts with '5' (uncompressed) or 'K'/'L' (compressed)
- Part of a seed phrase derivation in modern HD wallets
Public key formats:
- Uncompressed: 65 bytes (04 prefix + 32-byte x + 32-byte y)
- Compressed: 33 bytes (02 or 03 prefix + 32-byte x)
- Modern Bitcoin exclusively uses compressed public keys
Security Best Practices
- Never share your private key. Anyone with the private key can spend all bitcoin associated with it.
- Use cryptographically secure random number generators for key generation. Weak randomness is one of the few practical ways keys can be compromised.
- Store private keys offline using hardware wallets or cold storage for significant amounts.
- Use HD wallets so that key management is simplified to protecting a single seed phrase.
- Never generate keys using brainwallets (keys derived from memorized passphrases), as these are vulnerable to brute-force attacks.
Common Misconceptions
- You do not need to "register" a key pair anywhere. Key pairs are generated locally and are valid immediately. Bitcoin's address space is so large that collisions are virtually impossible.
- Losing a private key means losing the bitcoin permanently. There is no "password reset" in Bitcoin.
- A public key is not the same as an address. The address is derived from the public key through hashing, adding an additional layer of security. The public key is only revealed when spending from that address.