Bitcoin Address Generation Algorithm Explained

The Step-by-Step Generation Process

Bitcoin addresses are generated through a meticulous cryptographic process:

1. Private Key Selection
   A random 32-byte number (256-bit) is chosen within a specific range as the private key.
   Example: 18e14a7b6a307f426a94f8114701e7c8e774e7f9a47e2c2035db29a206321725
2. Public Key Derivation
   The uncompressed public key (65 bytes) is computed using ECDSA-SECP256k1:
   0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6
3. SHA-256 Hashing
   Public key undergoes SHA-256 hashing:
   600FFE422B4E00731A59557A5CCA46CC183944191006324A447BDB2D98D4B408
4. RIPEMD-160 Hashing
   Output from step 3 is hashed with RIPEMD-160:
   010966776006953D5567439E5E39F86A0D273BEE
5. Version Byte Addition
   Mainnet version byte 0x00 is prepended:
   00010966776006953D5567439E5E39F86A0D273BEE

6-7. Double SHA-256 Checksum
Two consecutive SHA-256 hashes yield:
D61967F63C7DD183914A4AE452C9F6AD5D462CE3D277798075B107615C1A8A30

8. Checksum Append
   First 4 bytes of the final hash (D61967F6) are appended for error checking:
   00010966776006953D5567439E5E39F86A0D273BEED61967F6
9. Base58 Encoding
   Final conversion results in a human-readable address:
   16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM

👉 Explore Bitcoin address tools

Core Technical Insights

Base58 Encoding Mechanics

Base58 eliminates ambiguous characters (0/O, I/l) to prevent misreads. The encoding:

• Uses alphabet: 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz
• Special handling for leading zeros (converted to '1's)
• Example: 00000000000000000000000094a00911 → 1111111111111111111114oLvT2

Bitcoin Address Characteristics

• Total Possible Addresses: 2¹⁶⁰ (~1.46×10⁴⁸ unique combinations)
• Private Key Collisions: Multiple private keys could map to one address, though probabilistically negligible

• Address Length: Typically 26-34 characters

  • Shortest: 11111111111111111111BZbvjr (26 chars, "burn address")
  • Longest: 1QLbz7JHiBTspS962RLKV8GndWFwi5j6Qr (34 chars)

Python Implementation Breakdown

import hashlib
from ecdsa import SECP256k1, SigningKey
import binascii

BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'

def base58_encode(version, public_address):
    # Performs Base58Check encoding with version byte and checksum
    payload = bytearray.fromhex(version) + public_address
    checksum = hashlib.sha256(hashlib.sha256(payload).digest()).digest()[:4]
    return encode_to_base58(payload + checksum)

def get_public_address(public_key):
    # Generates RIPEMD-160(SHA-256(public_key))
    sha256 = hashlib.sha256(public_key).digest()
    ripemd160 = hashlib.new('ripemd160')
    ripemd160.update(sha256)
    return ripemd160.digest()

👉 Bitcoin developer resources

Frequently Asked Questions

Why does Bitcoin use Base58 instead of Base64?

Base58 omits visually similar characters (0/O, I/l) to reduce human transcription errors in wallet addresses.

How secure is the address generation process?

The combination of ECDSA (256-bit security) and RIPEMD-160 makes address forgery computationally infeasible. Brute-forcing a private key would require ~2²⁵⁶ operations.

Can two private keys generate the same address?

While theoretically possible due to RIPEMD-160's 160-bit output space, the probability is astronomically low (~1 in 2⁹⁶ even with 2²⁵⁶ private keys).

Key Takeaways

• Bitcoin addresses derive from layered cryptographic transformations (SHA-256, RIPEMD-160, Base58)
• Address security relies on the one-way nature of hash functions and ECDSA
• The 160-bit address space ensures collision resistance for practical purposes