The cornerstone of Bitcoin self-sovereignty is control of your private keys. Without it, one way or another, you are giving up control of your money to someone else. “Not your keys, not your coins,” as the saying goes. One of the counter-intuitive aspects of Bitcoin for people who are not familiar with its technical underpinnings is “where” your Bitcoin actually resides. When people think of a wallet, they think of “where I keep my money.” Your Bitcoin wallet doesn't actually hold your Bitcoin, it just stores your private keys. Your bitcoins are just data entries on the blockchain hosted by all participants in the network. When you go to spend your Bitcoin, what you are actually doing is proposing an update to the data stored on the blockchain. A private key is the way the protocol ensures that only you can allow the blockchain spending your Bitcoin to be updated.
So what are your private keys? Just very, very large numbers. This is a private key in binary:
11100010110110010111101111000001010000001000100111101011101101010111011100111111111110101011101001011101001110100111001 010 01101111010001100001111101011110011010010111100110111010000011011011011100011010001100011110100010010011110110101010110011 01 101010
256 random 1s and 0s. This random number is what ultimately secures your Bitcoin. It may not seem like a lot, but its randomness is what ensures the security of your wallet. There are roughly as many private keys to Bitcoin as there are atoms in the visible universe. This is the number of digits the computer must count to generate and index all possible private keys. As long as the process used to generate the keys is truly random, your keys are safe.
This is what a private key looks like in hexadecimal (a binary key uses two digits to encrypt a number, 1 and 0, and hexadecimal uses 16 digits, 0-9 and AF):
E2D97BC144089EBB5773FFABA5D3A729BD187D79A5E6E836DC68C7A24F6AB36A
This is what the private key looks like in uncompressed wallet import format (WIF):
5KYC9aMMSDWGJciYRtwY3mNpeTn91BLagdjzJ4k4RQmdhQvE98G
The WIF format is the way everyone used to interact with their private keys in the early days of Bitcoin. In this era, you can generate one private key at a time, and then you can generate the public key from that. The process of generating a public key is basically just multiplying very large numbers but there is a little more to it than that. All public keys are points x and y on a graph that shows, very A large curve that rotates around itself.
On the curve of the graph, in the case of Bitcoin Secp256k1, there is a point called the “generator point”. This generator point can be thought of as the “base point” on the Secp256k1 curve. It is an integral part of the process of generating keys and signing them. This is the generator point of the Bitcoin curve:
G=02 79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798
To generate the public key from your private key, you take the private key you generated and multiply it by the generator point. That's it. This now creates a point on the graph that has a mathematical relationship to the private key you generated that only you know.
This is an uncompressed public key showing the points x and y:
04C0E410A572C880D1A2106AFE1C6EA2F67830ABCC8BBDF24729F7BF3AFEA06158F0C04D7335D051A92442330A50B8C37CE0EC5AFC4FFEAB41732DA5108261FFED
It is very common to “press” global keys in the rare case of interacting with them just to store the x coordinate in bytes to tell you whether the y coordinate is negative or positive. This pretty much sums it up:
04C0E410A572C880D1A2106AFE1C6EA2F67830ABCC8BBDF24729F7BF3AFEA06158F0C04D7335D051A92442330A50B8C37CE0EC5AFC4FFEAB41732DA5108261FFED
When you go to sign a transaction with your private key, it again basically boils down to multiplication. By generating a random number (nonce), and using it and your private key to multiply the hash of the transaction you are signing, you produce the signature (which consists of two values, r and S). This allows someone to run an algorithm to verify that a message is signed by the appropriate private key without revealing that key. The thing to ensure that you are the only one who can allow your Bitcoin to be spent is basically just multiplying very large numbers.
If you're not familiar with these concepts before reading this, this may all seem a little scary. Dualism? Hexadecimal? Chart points? How do you back up a WIF?
Since the development of more intuitive ways to handle this data, most users are no longer familiar with these complex formats. Most likely, you have more experience using word seeds, also known as seed phrases.
BIP 39 Mnemonic Seeds
Mnemonic seeds, or seed phrases, were created to address the problem of experiencing interaction with your private keys.
As we discussed earlier, private keys are ultimately just a long string of randomly generated ones and zeros. Imagine trying to make copies of this and make sure you didn't make a mistake copying it:
11100010110110010111101111000001010000001000100111101011101101010111011100111111111110101011101001011101001110100111001 010 01101111010001100001111101011110011010010111100110111010000011011011011100011010001100011110100010010011110110101010110011 01 101010
All it takes is one mistake in copying a single number to render your backup copy of your keys useless. This is where reminder seeds come in handy. 256 Consecutive 1s and 0s are not a human-friendly way to interact with sensitive information. Registering this number incorrectly means losing access to your account.
Truck renovation anger donkey reminder laptop repair details division sadness due to fat
This is much easier to deal with, isn't it? Only 12 words. So how does that work, from a bunch of random ones and zeros to a string of words that actually make sense to you? An encoding system, just like binary or hexadecimal!
Each of those 12 words in that mnemonic seed above is a binary number in Coding scheme Assign specific strings of 1 and 0 to words. If we look again at the WIF private key example from earlier, that was just a number encoded in a specific cryptosystem, in this case, base 58, which uses every number and letter of the alphabet except 0 and 1, and O and l (topic sensitivity). These characters were specifically excluded to make transcription errors intolerable by confusing 1 for l or 0 for O. bech32 and bech32m used by Segwit and Taproot take this to the next level by using only this set of characters ( qpzry9x8gf2tvdw0s3jn54khce6mua7l).
Bitcoin Improvement Proposition 39 (BIP 39), introduced a unified encryption system in which each word in a specially crafted dictionary is mapped alphabetically to a binary number from 00000000001 to 11111111111. The stub of the demo above says:
Truck: 11101001001
Renewal: 10110110001
Anger: 01011110011
Donkey: 01000001001
Reminder: 10110101110
Laptop: 01111101000
Fix: 10110100010
Details: 00111100010
Division: 11010010001
Sadness: 01100110100
Because: 00010011110
Fat: 01010011011
In binary it just looks like this:
11101001001 10110110001 01011110011 01000001001 10110101110 01111101000 10110100010 00111100010 11010010001 01100110100 000 10011110 0101001 1011
There are 2,048 words, each mapped to a specific 11-digit string of 1s and 0s, specifically to make it easier for people to interact with their private keys. When you generate a random number for your private key, your wallet chops that number into 11 binary digit chunks and maps them to the BIP 39 Mnemonic dictionary. It's still the same large number, but you can now read it as English words. Since your brain is more accustomed to this format than to long strings of 1's and 0's, this… Radically It reduces the chances of you writing down something wrong and losing your bitcoin in the process.
You may have noticed that in the raw binary encoding of the word “seed” above, there are four numbers (1011) sitting alone, and the last “word” is actually only 8 numbers. This is the checksum to verify the validity of the initial statement. When you generate your random number, there are not enough numbers to map it exactly to 12 (or 24) words. The wallet hashes those existing numbers that you have generated and takes the first few digits of the hash to add to the end of your random number. This gives you enough numbers to set the final word.
This last word allows you to perform a safety check on your seed copies. If you enter your memorization seed into the wallet incorrectly, the checksum will not match. Each 12- or 24-word seed contains multiple valid checksum words, but if the last word does not match the checksum of the valid seed, your wallet will warn you that it is invalid. This gives people an intuitive but still mathematical way to ensure the validity of their backups, as opposed to the messy process of copying and backing up raw binary numbers.
The selection of specific words in the list went so far as to ensure that none of the 2,048 words contained the same first four letters. This was done to reduce the possibility of people making transcription errors by confusing similar words and ending up with an incorrect backup of their private keys.
Translate these words into a hiring Generating multiple private/public keys is very simple. Your memory seed is taken and hashed using SHA512, which produces a hash of 512 1s and 0s. Half of this output is used as the actual private key, and the other half is used as input to a SHA512 with an index number and the current private or public key to generate a new key pair. You can do this as many times as you want to create new private/public keys that can all be retrieved from a single mnemonic phrase.
This ensures that you can manage your private keys easily, and Safely, as much as possible with the least chance of making a mistake and losing your money. And it was all done using mathematics! Hopefully, you now have a good understanding of why people think that Bitcoin is “mathematically secured” money.
