BittyBatty (OP)
Jr. Member
 Offline
Activity: 49
Merit: 1
|
 |
September 28, 2017, 12:06:16 PM |
|
While i have been dealing with bitcoin trading for sometime the following question keep bugging me all along. Hope one of you can clarify it for me.
I understand that bitcoin is decentralized and self maintained in the sense there are no central authority to create users or provision passwords or maintain servers.
I also understand that bitcoins are stored in wallets, which are essentially public key hashes aka an address of 20 bytes randomly generated address. To make any transactions on this wallet/public key address bitcoin decentralized application need corresponding private key.
All well and good. Now my question is
1) How and who generates these public/private keys. I assume anyone can generate ..but whats the criteria
2) Who keeps track of which public keys are generated and what is its corresponding private key .. as far i understand there is no one so i wonder how it works
3) If it is a random public key with no one keeping track of addresses in use, how does the system ensure same address is not being used by two different people. i.e how do we know the key generate has produced a key that is not already in use
4) we keep hearing suggestions about disposing keys and keep creating new ones for security reasons. While it is secure to move on to new address as frequently as possible, my question is how sustainable is this approach. How big is the address space and whats the chance of exhausting the addresses and stumbling on reused addresses.
Some of these questions might be silly to few of you but its better to get clarified than working under assumptions. As you can tell i am a IT developer hence the questions from my developer mindset.
Thanks in advance..
|
|
|
|
|
|
|
|
"There should not be any signed int. If you've found a signed int
somewhere, please tell me (within the next 25 years please) and I'll
change it to unsigned int." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
AtheistAKASaneBrain
|
|
September 28, 2017, 12:16:15 PM |
|
1) How and who generates these public/private keys. I assume anyone can generate ..but whats the criteria
The software you are using to create keys generates them. The range of valid private keys is governed by the secp256k1 ECDSA standard used by Bitcoin. 2) Who keeps track of which public keys are generated and what is its corresponding private key .. as far i understand there is no one so i wonder how it works Nobody keeps track. It is just statistically improbable that there is a coincidence of the same keys being generated again. 3) If it is a random public key with no one keeping track of addresses in use, how does the system ensure same address is not being used by two different people. i.e how do we know the key generate has produced a key that is not already in use Again.. it is just impossible in practice that it happens. It would be like winning the lottery on steroids. 4) we keep hearing suggestions about disposing keys and keep creating new ones for security reasons. While it is secure to move on to new address as frequently as possible, my question is how sustainable is this approach. How big is the address space and whats the chance of exhausting the addresses and stumbling on reused addresses.
And again, it is just a non issue. In fact, there's people generating addresses constantly because they are cunts and are trying to cause that coincidence in purpose: https://lbc.cryptoguru.org/aboutGood luck with that. |
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3290
Merit: 16496
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
September 28, 2017, 12:19:37 PM |
|
That's a lot of questions to ask on a forum, for detailed answers you'd better just Google them.
In short:
1. Any wallet can generate keys, anybody can install a wallet.
2. Nobody keeps track, all private keys are randomly generated. There are so many possibilities that you'd never get a used key.
3. Get a dice. Throw 100 times. Try to reproduce 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 in the same order. You won't be able to do this, no matter how fast your computer can throw dice.
4. Practical answer: there is an unlimited supply of addresses. Theoretical answer: it's booring, something about the sun burning out long before you ever get a duplicate key.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3360
Merit: 4570
|
|
September 28, 2017, 12:38:49 PM |
|
How big is the address space
The address is a 160 bit hash (represented with base58check encoding). A bit can have 2 possible values (0 or 1). So: For a 1 bit number, there are two possibilitites: 0 1 (notice that is 2 1 = two possibilities) For a 2 bit number, there are four possibilitites: 00 01 10 11 (notice that is 2 2 = four possibilities) For a 3 bit number, there are eight possibilities: 000 001 010 011 100 101 110 111 (notice that is 2 3 = eight possibilities) Perhaps you can see the pattern by now? With a 160 bit number, there are 2 160 possibilities. 2 160 = 1461501637330902918203684832716283019655932542976 possibilities That's approximately 1.46 X 10 48 possibilities Note that it is estimated that the universe has only existed for approximately 13772000000 years. If we assume there are about 31557600 seconds per year, that puts the age of the universe at roughly: 13772000000 X 31557600 = 434611267200000000 seconds That's approximately 4.35 X 10 17 seconds The current population of earth (including infants, aged, mentally disabled, etc) is approximately 7442000000 (7.442 X 10 9) people. Lets pretend that every single human owns a super computer. Lets pretend that they use their supercomputer to compute 1 trillion (1000000000000) addresses per second. Lets pretend that they ALL go back in time and start their super computers at the moment that the universe came into existence. So: 7.442 X 10 9 computers, generating 1 trillion (1.0 X 10 12) addresses per second, for 4.35 X 10 17 seconds: 7442000000 X 1000000000000 X 434611267200000000 = 3234377050502400000000000000000000000000 addresses That's only 3.23 X 10 35 addresses. Every currently existing human, 1 trillion addresses per second, since the beginning of the universe and it's not even 0.00000000001% of all the possible addresses yet. |
|
|
|
|
ArithmomanicVampire
Jr. Member
Offline
Activity: 45
Merit: 1
|
|
September 28, 2017, 01:42:13 PM |
|
How big is the address space
The address is a 160 bit hash (represented with base58check encoding). A bit can have 2 possible values (0 or 1). So: For a 1 bit number, there are two possibilitites: 0 1 (notice that is 2 1 = two possibilities) For a 2 bit number, there are four possibilitites: 00 01 10 11 (notice that is 2 2 = four possibilities) For a 3 bit number, there are eight possibilities: 000 001 010 011 100 101 110 111 (notice that is 2 3 = eight possibilities) Perhaps you can see the pattern by now? With a 160 bit number, there are 2 160 possibilities. 2 160 = 1461501637330902918203684832716283019655932542976 possibilities That's approximately 1.46 X 10 48 possibilities Note that it is estimated that the universe has only existed for approximately 13772000000 years. If we assume there are about 31557600 seconds per year, that puts the age of the universe at roughly: 13772000000 X 31557600 = 434611267200000000 seconds That's approximately 4.35 X 10 17 seconds The current population of earth (including infants, aged, mentally disabled, etc) is approximately 7442000000 (7.442 X 10 9) people. Lets pretend that every single human owns a super computer. Lets pretend that they use their supercomputer to compute 1 trillion (1000000000000) addresses per second. Lets pretend that they ALL go back in time and start their super computers at the moment that the universe came into existence. So: 7.442 X 10 9 computers, generating 1 trillion (1.0 X 10 12) addresses per second, for 4.35 X 10 17 seconds: 7442000000 X 1000000000000 X 434611267200000000 = 3234377050502400000000000000000000000000 addresses That's only 3.23 X 10 35 addresses. Every currently existing human, 1 trillion addresses per second, since the beginning of the universe and it's not even 0.00000000001% of all the possible addresses yet. Just a note for the OP. The above demonstrates the sheer vastness of the address space, but also see see: https://en.wikipedia.org/wiki/Birthday_problem. I. e., while 3.23 X 10 35 randomly picked addresses can only be a small part of the address space, the probability that two of them are equal in this particular scenario is still near 1, approximately 1 - exp(-(3.23 X 10 35) 2/(2 X 1.46 X 10 48)). Nevertheless, for practical purposes, the collision probability is still virtually zero. |
|
|
|
|
BittyBatty (OP)
Jr. Member
Offline
Activity: 49
Merit: 1
|
|
September 28, 2017, 02:52:08 PM |
|
Thank you all for your detailed clarification.
So it is left to chance that there will not be a duplicate, however small that probability is. This at least validates my assumption but with solid understanding with the help of details you provided.
|
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3360
Merit: 4570
|
|
September 28, 2017, 04:00:29 PM |
|
How big is the address space
The address is a 160 bit hash (represented with base58check encoding). A bit can have 2 possible values (0 or 1). So: - snip -' Every currently existing human, 1 trillion addresses per second, since the beginning of the universe and it's not even 0.00000000001% of all the possible addresses yet. Just a note for the OP. The above demonstrates the sheer vastness of the address space, Which is the question that was being answered. but also see see: https://en.wikipedia.org/wiki/Birthday_problem. I. e., while 3.23 X 10 35 randomly picked addresses can only be a small part of the address space, the probability that two of them are equal in this particular scenario is still near 1, approximately 1 - exp(-(3.23 X 10 35) 2/(2 X 1.46 X 10 48)). That "Birthday Problem" only partially applies here. There can never be more than 2099999997690000 addresses that have any value stored in them at any moment in time. If I generate an address, and I don't send any bitcoins to it, and you generate the same address and also don't send any bitcoins to it, it won't matter that we've generated the same address. Neither of us will ever know. So, while there may be some "address collisions" after generating a billion addresses per second per person since the beginning of the universe, it will be impossible for those people to ever know that they've had a collision, since the odds that any of those generated addresses have actually been used to store any bitcoins will be very near 0%. |
|
|
|
|
ArithmomanicVampire
Jr. Member
Offline
Activity: 45
Merit: 1
|
|
September 29, 2017, 07:30:00 PM |
|
That "Birthday Problem" only partially applies here.
There can never be more than 2099999997690000 addresses that have any value stored in them at any moment in time.
If I generate an address, and I don't send any bitcoins to it, and you generate the same address and also don't send any bitcoins to it, it won't matter that we've generated the same address. Neither of us will ever know.
So, while there may be some "address collisions" after generating a billion addresses per second per person since the beginning of the universe, it will be impossible for those people to ever know that they've had a collision, since the odds that any of those generated addresses have actually been used to store any bitcoins will be very near 0%.
Ha, that's cool. I never thought about the actual money supply. So Bitcoin is safe from the UniverseAttack™ by design. Ethereum people, however, better watch out  |
|
|
|
|
|
aplistir
|
|
September 29, 2017, 08:32:33 PM |
|
That "Birthday Problem" only partially applies here.
There can never be more than 2099999997690000 addresses that have any value stored in them at any moment in time.
Ha, that's cool. I never thought about the actual money supply. So Bitcoin is safe from the UniverseAttack™ by design. That is the theoretical upper limit. In practice >3.000.000 bitcoins are permanently lost in addresses, that contain lots of bitcoins. And the biggest addresses eg. coldfinex exchange has over 100.000 coins in it, and exchanges are probably always going to have lots of coins in same address. Just trying to say, that there will always be a lot less addresses with balance than the theoretical upper limit. Or who knows. Maybe bitcoin value will someday get so high, that we will have to divide bitcoins to even smaller parts. How about 0.001 Satoshi = 1mS |
My Address: 121f7zb2U4g9iM4MiJTDhEzqeZGHzq5wLh
|
|
|
|
AtheistAKASaneBrain
|
|
September 30, 2017, 12:55:30 PM |
|
That "Birthday Problem" only partially applies here.
There can never be more than 2099999997690000 addresses that have any value stored in them at any moment in time.
Ha, that's cool. I never thought about the actual money supply. So Bitcoin is safe from the UniverseAttack™ by design. That is the theoretical upper limit. In practice >3.000.000 bitcoins are permanently lost in addresses, that contain lots of bitcoins. And the biggest addresses eg. coldfinex exchange has over 100.000 coins in it, and exchanges are probably always going to have lots of coins in same address. Just trying to say, that there will always be a lot less addresses with balance than the theoretical upper limit. Or who knows. Maybe bitcoin value will someday get so high, that we will have to divide bitcoins to even smaller parts. How about 0.001 Satoshi = 1mS If the Bitcoin price ever reaches an insanely high price enough that the 8 digits aren't enough, we could keep creating more digits. So we would have 0.000000001. I just don't know if this change would require a hardfork or not. Also the price would need to be sustained for it to be worth the change. I don't think we'll need to worry about that anytime soon anyway... 1 satoshi is worth 1 Venezuelan dollar according to LocalBitcoins tho. |
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3290
Merit: 16496
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
October 01, 2017, 09:27:26 AM |
|
Or who knows. Maybe bitcoin value will someday get so high, that we will have to divide bitcoins to even smaller parts. How about 0.001 Satoshi = 1mS
If the Bitcoin price ever reaches an insanely high price enough that the 8 digits aren't enough, we could keep creating more digits. So we would have 0.000000001. I just don't know if this change would require a hardfork or not. Also the price would need to be sustained for it to be worth the change. I don't think we'll need to worry about that anytime soon anyway... 1 satoshi is worth 1 Venezuelan dollar according to LocalBitcoins tho. This would require a hard fork. Within the Bitcoin protocol, Bitcoins don't exist, only Satoshis. http://stackexchange.com explains it better than I do: At the protocol level bitcoins don't actually exists, but rather base units (recently called “satoshis”). Bitcoins are defined as 108 base units, meaning that for a 50 BTC mining reward, you are actually earning 5 000 000 000 units. Bitcoin is designed to be deflationary, so increasing the number of Bitcoins by just moving the decimal point to the right (and keeping 8 decimals) isn't really an option. Apart from the deflation argument, this arbitrary choice could work just as well as adding more decimals. |
|
|
|
fredrick4u
Member
Offline
Activity: 82
Merit: 10
|
|
October 01, 2017, 11:36:49 PM |
|
While i have been dealing with bitcoin trading for sometime the following question keep bugging me all along. Hope one of you can clarify it for me.
I understand that bitcoin is decentralized and self maintained in the sense there are no central authority to create users or provision passwords or maintain servers.
I also understand that bitcoins are stored in wallets, which are essentially public key hashes aka an address of 20 bytes randomly generated address. To make any transactions on this wallet/public key address bitcoin decentralized application need corresponding private key.
All well and good. Now my question is
1) How and who generates these public/private keys. I assume anyone can generate ..but whats the criteria
2) Who keeps track of which public keys are generated and what is its corresponding private key .. as far i understand there is no one so i wonder how it works
3) If it is a random public key with no one keeping track of addresses in use, how does the system ensure same address is not being used by two different people. i.e how do we know the key generate has produced a key that is not already in use
4) we keep hearing suggestions about disposing keys and keep creating new ones for security reasons. While it is secure to move on to new address as frequently as possible, my question is how sustainable is this approach. How big is the address space and whats the chance of exhausting the addresses and stumbling on reused addresses.
Some of these questions might be silly to few of you but its better to get clarified than working under assumptions. As you can tell i am a IT developer hence the questions from my developer mindset.
Thanks in advance..
3)My explanation on question 3 is that the transaction is like a key and lock.What is important is that we need one perfect key and one perfect lock for proper connection.This explanation is in plain language |
|
|
|
|
|
cyberpitstop
|
|
October 02, 2017, 12:04:17 AM |
|
That's a lot of questions to ask on a forum, for detailed answers you'd better just Google them.
In short:
1. Any wallet can generate keys, anybody can install a wallet.
2. Nobody keeps track, all private keys are randomly generated. There are so many possibilities that you'd never get a used key.
3. Get a dice. Throw 100 times. Try to reproduce 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 1 2 3 5 6 6 4 4 6 2 in the same order. You won't be able to do this, no matter how fast your computer can throw dice.
4. Practical answer: there is an unlimited supply of addresses. Theoretical answer: it's booring, something about the sun burning out long before you ever get a duplicate key.
Where else would he ask all those BitCoin questions?? It is a BitCoin talk forum isn't it???. |
|
|
|
|
ArithmomanicVampire
Jr. Member
Offline
Activity: 45
Merit: 1
|
|
October 02, 2017, 09:39:34 AM |
|
Where else would he ask all those BitCoin questions?? It is a BitCoin talk forum isn't it???.
While I concur, there are a couple of resources besides Bitcoin Talk that I (being pretty new to Bitcoin as well) use regularly: I'm sure more seasoned members can come up with more places to get technical info on Bitcoin. Maybe a list of such places tacked to the top of this board would be useful? |
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3360
Merit: 4570
|
|
October 03, 2017, 12:15:25 AM |
|
Just a side note, do wallets in general check if the address they have produced is already used?
No. |
|
|
|
|
ssgtatn
Newbie
Offline
Activity: 60
Merit: 0
|
|
October 03, 2017, 05:08:57 AM |
|
Just a side note, do wallets in general check if the address they have produced is already used?
No. Then someday I may generate your current address and I also have a private key to control the address balance? |
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3290
Merit: 16496
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
October 03, 2017, 07:30:38 AM |
|
Then someday I may generate your current address and I also have a private key to control the address balance?
You can start by guessing my license plate, it's only 6 characters. After that, you can try to guess my creditcard number, and while you're at it, go for the winning lottery numbers too  Getting all this right is still much more likely than guessing used private keys, but by all means, try it, and convince yourself Bitcoin is safe. |
|
|
|
Kogs
Member
Offline
Activity: 86
Merit: 26
|
|
October 03, 2017, 09:20:10 AM |
|
2) Who keeps track of which public keys are generated and what is its corresponding private key .. as far i understand there is no one so i wonder how it works
Only YOU need to save your private and public key (private key is enough, because the public key can be created out of the private key if you lose your public key). Nobody else need to know which public or private keys exists or were used. Some basics:Private/public key pairs have the following attributes - A private key can be created randomly
- You can create the public key out of the private key with some mathematical rules
- You CANNOT create the private key out of the public key -> so you can safely pass the public key (in Bitcoin it's actually a hash of the public key) to anyone without risking they can create the private key out if this public key
- You can sign a message (in Bitcoin the message is a transaction) with your private key
- You can prove with the public key, that a message was signed by the corresponding private key
With this in mind let's assume, you own 1 Bitcoin which was previously sent to one of your Public keys. If you want to spent this 1 Bitcoin, you need to create a transaction. Within this transaction you need to prove, that you own the private key of the public key which holds the 1 Bitcoin. You can do this, by signing the transaction with your private key. As we learned above, when you sign something with your private key, anybody else can check with the public key (which is also included in the transaction), that the signature was created by your private key. In the transaction you also pass a recipients public key where you want to send the Bitcoin. This transaction is passed to the Bitcoin network (send the transaction to each Bitcoin node which is connected to your Bitcoin node (Wallet)). Each node will verify if this transaction is valid. One check to verify is, if your created signature matches with the public key which holds the Bitcoin. If you sign with a wrong private key, the transaction is invalid and will not be forwarded to the next Bitcoin node. If it is valid, it will be forwarded to all other nodes in the Bitcoin network. After some time, a miner will take your transaction and put it in one block he mined. This shows, that it is not needed to track which public keys were already used. You just prove that you are the owner of the private key by signing the transaction. |
|
|
|
|
ssgtatn
Newbie
Offline
Activity: 60
Merit: 0
|
|
October 03, 2017, 09:42:24 AM |
|
2) Who keeps track of which public keys are generated and what is its corresponding private key .. as far i understand there is no one so i wonder how it works
Only YOU need to save your private and public key (private key is enough, because the public key can be created out of the private key if you lose your public key). Nobody else need to know which public or private keys exists or were used. Some basics:Private/public key pairs have the following attributes - A private key can be created randomly
- You can create the public key out of the private key with some mathematical rules
- You CANNOT create the private key out of the public key -> so you can safely pass the public key (in Bitcoin it's actually a hash of the public key) to anyone without risking they can create the private key out if this public key
- You can sign a message (in Bitcoin the message is a transaction) with your private key
- You can prove with the public key, that a message was signed by the corresponding private key
With this in mind let's assume, you own 1 Bitcoin which was previously sent to one of your Public keys. If you want to spent this 1 Bitcoin, you need to create a transaction. Within this transaction you need to prove, that you own the private key of the public key which holds the 1 Bitcoin. You can do this, by signing the transaction with your private key. As we learned above, when you sign something with your private key, anybody else can check with the public key (which is also included in the transaction), that the signature was created by your private key. In the transaction you also pass a recipients public key where you want to send the Bitcoin. This transaction is passed to the Bitcoin network (send the transaction to each Bitcoin node which is connected to your Bitcoin node (Wallet)). Each node will verify if this transaction is valid. One check to verify is, if your created signature matches with the public key which holds the Bitcoin. If you sign with a wrong private key, the transaction is invalid and will not be forwarded to the next Bitcoin node. If it is valid, it will be forwarded to all other nodes in the Bitcoin network. After some time, a miner will take your transaction and put it in one block he mined. This shows, that it is not needed to track which public keys were already used. You just prove that you are the owner of the private key by signing the transaction. Thank you BittyBatty, your explanation works for me. |
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3360
Merit: 4570
|
|
October 03, 2017, 02:42:37 PM |
|
Just a side note, do wallets in general check if the address they have produced is already used?
No. Then someday I may generate your current address and I also have a private key to control the address balance? No. As long my private key was chosen randomly enough, you will not choose the same private key. The search space is too large, and the probability is too low. |
|
|
|
|
|
