A Bitcoin address is a string consisting of numbers and letters, and is generated from the public key through a hash function. Usually, the bitcoin addresses we see are Base58Checkencoded. This encoding uses 58 characters and a check code, which improves readability, avoids ambiguity, and can effectively prevent errors when entering addresses.
Base58 encoding
Base58, like base64, is a binary-to-visual string algorithm, mainly used to convert large integer values. The difference is that the converted string removes several characters that seem to be ambiguous, such as 0 (zero), O (uppercase O), I (uppercase i) and l (lowercase L), and several characters that affect double-click selection, such as /, +. The resulting character set is exactly 58 characters (including 9 numbers, 24 uppercase letters, and 25 lowercase letters).
In Bitcoin's implementation, the
Base58Checkencoding issrc\base58.cppin and all characters are defined as follows:/** All alphanumeric characters except for "0", "I", "O", and "l" */ static const char* pszBase58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
- 1
- 2
The above figure clearly shows how to convert the elliptic curve (ECC) public key into a bitcoin address. First of all, we know that the ECC public key refers to a point on the coordinates (x, y), and the horizontal and vertical coordinates are represented by 32 bytes. That's 256 bits. Then the first "1" in each step represents 1 byte, which is used to represent different networks. Finally, there are two hash functions, sha256and ripemd160, we can judge the number of bits they output from the numbers at the end of their names, and finally get the most Bitcoin address by combining them.
So a direct question is, why is the process of address generation so complicated?
Personally, this design is to defend against quantum computer attacks and to make the Bitcoin system more secure. We know that if quantum computers are successfully built, then almost all existing public key cryptosystems will be broken, whether based on large integer factorization or discrete logarithm, or elliptic curve discrete logarithm, will Insecure, insecure means that the private key can be calculated directly from the public key. However, the hash function is still safe. Of course, the premise is that the hash function has sufficient randomness and can only be cracked by sha256violent For example, if the output is 256 bits, then the result space of the hash value will be large. For 2^256, this space is so large that even a quantum computer cannot crack it in an effective time.
In practical applications, if address A sends a transaction Tx1 to address B, then B can use Tx1 as the input of Tx2 by writing its public key and signature into the new transaction Tx2. At this time, Tx2 includes The public keys corresponding to addresses B and B are obtained. Once B broadcasts Tx2, everyone will know the public keys corresponding to addresses B and B. At this time, if the attacker uses a quantum computer to attack, then all will be transferred to address B. The transaction attacker can spend; but before B exposes its public key, that is, it has not spent any transaction going to address B, then even a quantum computer cannot conduct an attack.
Through the above explanation, we can summarize the secure transaction method of Bitcoin after the quantum computer comes out: Do not reuse the spent Bitcoin address, then all your transactions are safe