Please explain a simple concept regarding paper wallets

[Polyrhythm]

I know this sounds really stupid, but I need to understand one thing about paper wallets. I understand that they are created offline for safety reasons, and that the private key never contacts the internet until the funds are to be used...but if it is completely offline, how is it that you can send bitcoins to wallet using the public key in the first place?

So I create this paper wallet offline, then I send a bitcoin to it from an exchange online. Okay so now this 1 bitcoin is sitting in an address that isn't even online? When I want to spend the bitcoins and upload them to an exchange, the wallet magically contains the bitcoins? I tried researching this but I still don't really get it. Sorry if it's really dumb, but I just started recently. Thanks for the help!

[Light]

I know this sounds really stupid, but I need to understand one thing about paper wallets. I understand that they are created offline for safety reasons, and that the private key never contacts the internet until the funds are to be used...but if it is completely offline, how is it that you can send bitcoins to wallet using the public key in the first place?

Because what you're storing is the private key it enables you to sign the transaction necessary for you to spend the coins from the associated address. Hence, while everyone knows and can send money to your address, no one can spend it without the private key which only you have and is safely stored offline.

In layman's terms, what you are storing offline is the proof that you own the Bitcoins, so when they are sent to an address you can effectively 'claim' them as yours. I'm not too sure if I explained it properly so don't hesitate to ask more questions.

[Stn]

When we say "coins in the wallet" it is really just figure of speech. Unlike real coins (metal disks) bitcoins are never stored in the wallet. It is true for any kind of wallet online or paper. The coins are in the "cloud", but your wallet contains only private key which allows you to use coins in the cloud whenever you need.

Phrase "steal coins" is also figure. Actually what can be stolen is private key which corresponds that particular lot of coins. Coins itself are just records in the accounting book accessible by anybody.

[Polyrhythm]

Okay thanks! So far that makes sense but I'm still a bit unclear...

The public and private keys are both generated offline. So even before I generated the wallet, this public address already exists and coins can already be sent to it? But I am the only one who can prove ownership of these coins how? Simply because I am the one who holds this particular private key that is associated with the public key? If so, what is preventing someone else who is also creating a wallet at the same time from generating the same keys? Just mathematical improbability? I think this is what I really don't understand. Thanks all!

[Stn]

Yes, it is mathematical improbability. Just for impression the chances that two persons will generate the same address similar as they pick the very same single atom on the planet of Earth.

[Light]

The public and private keys are both generated offline. So even before I generated the wallet, this public address already exists and coins can already be sent to it?

This public address is simply an identifier that does 'exist' even without anyone having a private key. For example, you could send coins to 1thisaddressdoesntexist but in reality it's highly improbable that someone will have the private key corresponding to that address to spend coins there.

Simply because I am the one who holds this particular private key that is associated with the public key? If so, what is preventing someone else who is also creating a wallet at the same time from generating the same keys? Just mathematical improbability? I think this is what I really don't understand. Thanks all!

Basically, you generate a private key and from there it undergoes a few mathematical functions (trapdoor functions to be specific) to produce a public key. They are linked together. From a private key one can work out an address, but with an address one cannot work out a private key (hence trapdoor function - google them, they form the basis of cryptography).

It is incredibly improbable. You'd be more likely to win the lottery 10 times in a row then having an address collision.

Statistically speaking, unless the protocol changes to accommodate more decimal places, only 2.1e14 addresses could contain at least one Satoshi, and that's only if everyone only had one Satoshi. If anyone has more (and pretty much everyone who has any has more than one Satoshi), then there are fewer occupied wallets.

Within the set of 2256 private keys, they only map to 2160 unique wallet addresses. So the question is how does 2160 compare to 2.1e14? One in a million? One in a trillion?
The answer is one in 6.9595 decillion. Since "decillion" isn't a commonly used word, I'll save you the bother of having to look it up: it's a one with 33 zeroes after it.

To put that 6.9595 decillion figure into perspective: The Earth has a diameter of 12,742 kilometers, giving it a surface area just shy of 50 million square kilometers. A square kilometer is 1 million square meters, and a square meter is one million square millimeters, meaning the surface area of the Earth, in millimeters, is just shy of 50 quintillion mm2.

So here's the game we'll play. I've got 140 trillion earth-sized spheres. On one of them, I have randomly selected a single square millimeter as the prize winning spot. Find it, and you'll get to spin the prize wheel to see how much you've won. The prize wheel currently has about 22 million spaces. 21 million of them contain less than a dollar. But you only get to spin the wheel if you can find the secret spot on the secret sphere.

Wanna play?

[cp1]

You can even send bitcoins to an address that no one has the private key for (just pick a random address).  Then no one can spend those coins ever.

[Polyrhythm]

Thanks for the explanations! All are incredibly helpful! I finally get it, and wow, that's genius! I admit, I think bitcoin has a lot of issues (learning curve for the dumber folk like me being one) but this is an awe-inspiring innovation nonetheless.

[Light]

Thanks for the explanations! All are incredibly helpful! I finally get it, and wow, that's genius! I admit, I think bitcoin has a lot of issues (learning curve for the dumber folk like me being one) but this is an awe-inspiring innovation nonetheless.

No problems. I personally found trapdoor functions (elliptic curves) in current cryptography to be rather fascinating especially considering it forms the basis of all cryptography (including Bitcoin). If you have any other questions feel free to ask/drop me a line.