Understanding Public-Key Cryptography in Crypto

Explore fundamental concepts of public-key cryptography and its crucial role in securing cryptocurrency transactions. Learn about key pairs, seed phrases, entropy, and the generation of public and ...

TECHNICAL

11/8/20244 min read

How do public and private keys power the almost 3 trillion dollar industry called cryptocurrency? In order to explain, I will discuss how it works on the bitcoin blockchain. For a user lets call him Michael, it all starts off with a series of 12 words, some of you might recall that we used to use 24 words for this process, we will just say its 12 in this case. These 12 words are selected at random from a list called the BIP-39 word list (its just a list nothing fancy in the name), this is a list of 2048 words which have remained largely unchanged since 2013. Now to talk about the concept of entropy, this is the amount of randomness in a system which in this case we can think of it as the ability to guess Michael's 12 words also known as the seed phrase.

If we had to guess a user's seed phrase and the seed phrase only contained one word and not 12, then the probability of us guessing it correctly would be 1 in 2048 which would be very poor security and the wallets would not be secure,

If the seed phrase only contained two words then the probability of guessing it correctly would be the probability of guessing the first one correctly in combination with the second, which would be 1 in 2048 multiplied by 1 in 2048 which is 1 in just over 4 million, exponentially more secure, now imagine this but for 12 words continously multiplying 2048 by itself 12 times, the end result for someone to guess your seed phrase would be 1 in 2.8 x 10^39. Let me make sense of this number, imagine every sand grain on earth is its own earth sized planet, only difference is that this matrix styled sand is a deep blue colour. So you travel to a random beach and pick a grain of sand, and this sand grain grows to become a world of its own but with blue sand, you now pick a blue sand grain at random. Now imagine the security of your seed phrase as being a blue sand grain on one of the individual worlds represented by each sand grain, I bet that makes you feel more secure with funds being stored on your wallet

Now how does this relate to public or private keys? This seed phrase is used to generate a private key linked to a public key by using hashing algorithms, the hashing algorithm basically takes the seed phrase and puts it though an algorithm (SHA -256) in the case of Bitcoin but this isn't too relevant as the idea is it just allows your 12 word seed-phrase to be changed into a different format which looks like a bunch of numbers and text like the following for example if the 12 word seed phrase was the following

famous leopard garlic fever vacuum middle satisfy write rocket rope letter course

Then the output from the hashing algorithm would be

fc0132dbd056d5c35aef83f372c4a5b60b087b90d37d8da060d23fcfa9b5b3b0

Using the 12 word seed phrase is one of the standard methods to derive a hash function because it is easy for people to write down or remember the words and serves for ease of use but if you didn't want to use this standard practice you could take the word "hello" and pass it through the SHA - 256 function

The output would be a kind of similar looking string of numbers and text, but do not be fooled because entropy will bite you

2cf24dba5fb0a30e26e83b2ac5b9e29e1b170a3b163b72e94cf2feffb1b1f4c4

These two hashing functions may look identical but the one higher up encoded with the 12 word seed phrase contains much more entropy and less likely to be hacked, making sure you encode sufficient entropy into your hashing function is the most important thing for a secure wallet

What is a Private key and how does it relate to any of this? The private key is derived from the hash function, I will get more into the derivation methods in my next article but from the hash function you can generate the private key and if you have the private key you can generate the public key, but you cannot go the other way around. For example you can think of this like a Russian Babushka doll set, with the large one being the hashing function (generated from the seed), the medium one being the private key and the small one being the public key. If you have the large doll (the hashing function) then you have the medium doll (private key) and small doll (public key) contained within it. Whereas if you have the medium doll (private key) you have the small doll (public key) as well within it, if you have the small doll, it no longer opens up and its just as itself (Public key) each doll always full with the smaller ones. This would be the case for a simple singular bitcoin private/public key wallet, often most wallets come with multiple keys and I will discuss the mechanics of this in the next article

How does a public/private key pair work?

The public key you can share and distribute with your friends and family and anyone else who you want to try and get some free money from, you can post it on Instagram, Tiktok or wherever else you desire. This will allow someone to send you Bitcoin using this public key as well as view all your transactions associated with your wallet which highlights the privacy issues with a singluar private/public key. The private key is what you use to send a cryptocurrency to another person. The private and public key is an amazing invention because it allows the person holding the private key to send bitcoin or other digital assets without actually exposing the private key. The process for sending bitcoin to another person's wallet is to use the private key to "sign" or basically hash it with the recipient's public key, this allows the output hash to be sent out onto the internet. The output hash proves that the public key's owner (private key holder) wants to make a transaction, so the signing of the private key provides proof they are the owner of the public key without exposing the private key itself