Introduction to Wallets and Addresses

In bitcoin, a wallet is a bit of an abstract. The bitcoin protocol doesn’t contain the notion of wallets. This concept is created by user interfaces for user comfort.

Wallets are built for two primary functions:

Here we will focus primarily on the second function and look at how wallets store private keys, interact with the blockchain and construct, sign and transmit transactions. Primarily we’ll focus on a wallets roll as a keychain for the private keys that control a users funds on the blockchain.

First, let’s take a step back and learn the relationship between public/private key pairs and bitcoin addresses.

Again, bitcoin uses Elliptic curve cryptography. A generation point on an elliptic curve is used to produce a public key once a private key has been chosen. More information about this process can be found here.

However, for this lesson we will summarize the process of generating a public key by saying that public keys are derived from private keys and we’ll look at the process of generating bitcoin addresses from public keys.

Bitcoin makes extensive use of hashing functions. To derive an address from a public key two hashing functions are used, SHA256 and RIPEMD160.

Address Generation Formula

1 Address = RIPEMD160(SHA256(Public Key))

This results in a 160-bit, 20-byte string that is then base58 encoded the result of which looks like this:

Address Generation Output

1 1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZ

A: Public Key; B: SHA256; C: RIPEMD160; D: 'Double Hash' or HASH160; E: Public Key Hash (20 bytes/160 bits); F: Base58Check Encode with 0x00 version prefix; G: Bitcoin Address (Base58Check Encoded Public Key Hash).
Bitcoin addresses are usually encoded as base58 which is similar to Base64 but has been modified to avoid both non-alphanumeric characters and letters which might look ambiguous when printed. This was done to help prevent human error when copying the data. In base58 the following similar-looking letters have been removed such as 0 (zero), O (capital o), I (capital i) and l (lower case L) and the symbols '+' & '/'. The remaining characters are, 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz.


In bitcoin, most data presented to the user is not just base58 encoded, but base58check encoded to help prevent errors.

This adds prefix data to addresses that can be used to help verify the accuracy of the following data. Here is how this is done.

A version prefix is added to the address and an additional four bytes are added to the end of the data as a checksum called Base58Check and is used as built-in error-checking to protect against typos.

This checksum is created from the hashing the encoded data as follows:

1 Checksum = SHA256(SHA256(prefix+base58 address))

The first 4 bytes of this are then added to the end of the address.

When an address is typed into a wallet Base58Check code, the decoding software will calculate the checksum of the address on it’s own and compare it to the checksum included in the address. If the two do not match, the address entered is invalid.


1: Add Version Prefix; 2: Hash (Version Prefix + Payload); 3: Add First 4 Bytes as Checksum; 4: Encode in Base-58. A: Payload; B: Version; C: SHA256; D: First 4 Bytes; E: Checksum; F: Base58 Encode; G: Base58Check Encoded Payload.

In January of 2012, with BIP16, a new type of bitcoin address was introduced, Pay to Script Hash or P2SH. This type of address is not based on a public key but instead on the hash of a script. Bitcoin scripting is a topic that we’ll cover in depth in Part II of this series. For the moment let’s think of a bitcoin script as a bit of code that needs to return true when run in order for a transaction to be considered valid. It’s an unlocking script.

A common use case for P2SH addresses is a multi-signature address or multi-sig for short. Any funds sent to this address can only be spent by a transaction that is signed by m of n signatures, 2 of 3 being a very common setup.

To create a 2 of 3 multi-sig P2SH address a script requiring a valid signature from any 2 of 3 keys is created and then hashed in the same fashion as described above.

Hash generation for BTC Script

1 Script hash = RIPEMD160(SHA256(the script))

The version prefix that is used depends on which network the address is intended for and whether it is a P2SH (Pay to Script Hash) or P2PKH (Pay to Public Key Hash) address.

A: Type; B: Version Prefix (Hex); C: Base58 Result Prefix; D: Bitcoin Address; E: Pay-To-Script-Hash Address; F: Bitcoin Testnet Address.


Bitcoin’s, or UTXO’s, 'live' at bitcoin addresses. In order to transfer those funds the owner of the funds, who is presumably the owner of the private keys the address was derived from, has to sign the transferring transaction with their private key. In this way users don’t really hold bitcoin's, but rather control them with their private keys.

And now that we have a base for understanding bitcoin addresses, let’s head back to wallets!