Public Addresses And Private Keys
Bitcoin relies on what is known as Public-key Encryption. The idea is like a locked night drop box on a bank. On one side, the public side, a bank can hand out the key to any customer it chooses so they can put things into the box. But on the inside, the private side, they keep the key secret so that only certain people can get things out of the box. Now imagine that you have a different night drop box and pair of keys for every deposit, not just every customer. That is what Bitcoin addresses are like.
I call it a Public Address and you’ll see that reading my Tutorials and Education sections. But it’s more accurate to call it a Bitcoin Address. Most people shorten it to Address. I say Public Address because it stresses that it’s OK to broadcast it publicly, as opposed to Private Key. Again, Private Key is usually shortened to Key. I still say Private Key because it stresses that they should be kept private.
Addresses are generally a string of 26 to 35 random characters, usually 34, and they start with a 1 or a 3. They are case sensitive. To avoid visual ambiguity they do not use uppercase “O”, number “0”, uppercase “I”, or lowercase “l”. Addresses also contain information to be used as a checksum to avoid errors. If you incorrectly type an address the software will typically reject it. But for simplicity you should copy/paste or use a QR code.
Addresses are free and anyone can generate one whenever they need one. Most wallet software generates new addresses as you need them. Other address generation tools exist. There is software available to create large batches of addresses for things like payment systems and e-commerce websites. There is also software to create seeds which will allow services to create addresses as needed without being able to spend from them. This is great for things like wage payment systems.
Addresses that start with 1 have one private key. There are addresses that can require multiple private keys and these start with 3. The number of keys that are issued and the number of keys required to send from the address are set when the address is created. Imagine the bank night drop box above, but a manager and an employee both have to open the box together. For instance there can be 3 keys issued and any 2 can send funds. Or 12 issued and 7 required to send. No change to the number of keys or keys required are possible after creation. A new set must be created if a change is required.
Addresses are meant to be disposable and only used once, but they can be used multiple times as long as you keep the key associated with them. Wallet software generally retains old addresses and keys. But this can cause issues and should be avoided.
Privacy concerns are a possibility in address reuse. Linking people to addresses is possible and linking addresses to addresses could lead to linking customers to businesses. While you may be OK with this many people are not. And it could lead to safety and personal security issues if you have enough money.
If addresses get reused and the keys are exposed to the Internet your funds could be at risk. If you use a compromised or public computer someone could record your keys and use them to empty your wallet. If this happens there’s no getting those funds back.
And there’s no guarantee that the address is even remembered. Many companies use an address as an invoice. Once the amount is paid in full they sweep the funds to another address. If someone were to send more to that first address there’s no telling if the business kept the key. There is no reason for them to do so. In this case those funds could be lost.
Because of this addresses are not to be thought of as account numbers and should not be thought to hold balances. Wallets will often spend the whole amount from an address and move remaining funds to another address as change. This confuses people sometimes, especially when using paper wallets. I’ll cover those another time.
A Private Key is a secret code that allows Bitcoin to be spent. It is used in combination with a Public Address. Once a key is used to spend Bitcoin it should considered compromised and not used again. Private keys can be used to import addresses into wallet software, but many consider this to be reuse and to be avoided. In this case using the keys to sweep the funds to a new address is preferred.
Now that you know what addresses are and are not and why it’s important to keep your keys secure I’ll talk about different ways to secure the funds sent to your addresses in my next Education post.