In bitcoin, a wallet is a bit of an abstract. The bitcoin protocol doesn’t contain the notion of wallets. This concept is created by user interfaces for user comfort.

Wallets are built for two primary functions:

• They are a user interface for scanning the blockchain and checking the balance of the users addresses.
• They are systems for managing a users private keys and for signing and sending transactions.

Here we will focus primarily on the second function and look at how wallets store private keys, interact with the blockchain and construct, sign and transmit transactions. Primarily we’ll focus on a wallets roll as a keychain for the private keys that control a users funds on the blockchain.

First, let’s take a step back and learn the relationship between public/private key pairs and bitcoin addresses.

Again, bitcoin uses Elliptic curve cryptography. A generation point on an elliptic curve is used to produce a public key once a private key has been chosen. More information about this process can be found here.

However, for this lesson we will summarize the process of generating a public key by saying that public keys are derived from private keys and we’ll look at the process of generating bitcoin addresses from public keys.

Bitcoin makes extensive use of hashing functions. To derive an address from a public key two hashing functions are used, SHA256 and RIPEMD160.

This results in a 160-bit, 20-byte string that is then base58 encoded the result of which looks like this:

A: Public Key; B: SHA256; C: RIPEMD160; D: 'Double Hash' or HASH160; E: Public Key Hash (20 bytes/160 bits); F: Base58Check Encode with 0x00 version prefix; G: Bitcoin Address (Base58Check Encoded Public Key Hash).

ADDRESS TYPES AND CHECK ENCODING

In bitcoin, most data presented to the user is not just base58 encoded, but base58check encoded to help prevent errors.

This adds prefix data to addresses that can be used to help verify the accuracy of the following data. Here is how this is done.

A version prefix is added to the address and an additional four bytes are added to the end of the data as a checksum called Base58Check and is used as built-in error-checking to protect against typos.

The first 4 bytes of this are then added to the end of the address.

When an address is typed into a wallet Base58Check code, the decoding software will calculate the checksum of the address on it’s own and compare it to the checksum included in the address. If the two do not match, the address entered is invalid.

BASE58CHECK ENCODING

1: Add Version Prefix; 2: Hash (Version Prefix + Payload); 3: Add First 4 Bytes as Checksum; 4: Encode in Base-58. A: Payload; B: Version; C: SHA256; D: First 4 Bytes; E: Checksum; F: Base58 Encode; G: Base58Check Encoded Payload.

In January of 2012, with BIP16, a new type of bitcoin address was introduced, Pay to Script Hash or P2SH. This type of address is not based on a public key but instead on the hash of a script. Bitcoin scripting is a topic that we’ll cover in depth in Part II of this series. For the moment let’s think of a bitcoin script as a bit of code that needs to return true when run in order for a transaction to be considered valid. It’s an unlocking script.

A common use case for P2SH addresses is a multi-signature address or multi-sig for short. Any funds sent to this address can only be spent by a transaction that is signed by m of n signatures, 2 of 3 being a very common setup.

To create a 2 of 3 multi-sig P2SH address a script requiring a valid signature from any 2 of 3 keys is created and then hashed in the same fashion as described above.

The version prefix that is used depends on which network the address is intended for and whether it is a P2SH (Pay to Script Hash) or P2PKH (Pay to Public Key Hash) address.

A: Type; B: Version Prefix (Hex); C: Base58 Result Prefix; D: Bitcoin Address; E: Pay-To-Script-Hash Address; F: Bitcoin Testnet Address.

And now that we have a base for understanding bitcoin addresses, let’s head back to wallets!