Frequently Asked Questions

Bitcoin is a decentralized digital currency created in 2009 by an anonymous person/group known as Satoshi Nakamoto.

Key properties:

• Decentralized: No central authority controls Bitcoin
• Limited supply: Maximum 21 million BTC will ever exist
• Blockchain: All transactions are recorded on a public ledger
• Cryptographic: Uses elliptic curve cryptography (secp256k1) for key generation and signatures

Smallest unit: 1 satoshi = 0.00000001 BTC

No. Private keys are not pre-stored. They are calculated on-the-fly in your browser.

How it works:

• When you visit a page, your browser calculates the private keys for that page
• Keys are derived mathematically from the page number
• Key generation uses client-side JavaScript cryptographic libraries

The entire key space (2²⁵⁶ keys) would require more storage than exists on Earth to store.

The odds are astronomically small - essentially zero.

The math:

• Total private keys: ~2²⁵⁶ ≈ 10⁷⁷
• Active Bitcoin addresses: ~50 million ≈ 5 × 10⁷
• Probability: 5 × 10⁷ / 10⁷⁷ = 5 × 10⁻⁷⁰

For comparison:

• Atoms in observable universe: ~10⁸⁰
• Winning lottery 10 times in a row: ~10⁻⁷⁰

Even checking 1 trillion keys per second for the age of the universe wouldn't find a single funded key by chance.

No. This is mathematically impossible due to the one-way nature of cryptographic hash functions.

The process is one-way:

1. Private Key → Public Key (elliptic curve multiplication) - cannot reverse
2. Public Key → Address (hash functions) - cannot reverse

Why it's impossible:

• Elliptic Curve Discrete Logarithm Problem (ECDLP) - no efficient algorithm exists
• Hash functions are designed to be irreversible
• This is the foundation of cryptocurrency

You can't directly, but you can enumerate all possible addresses for each private key because the derivation is deterministic.

One private key → Multiple addresses:

• Legacy compressed (1...)
• Legacy uncompressed (1...)
• SegWit (bc1q...)
• Nested SegWit (3...)
• Taproot (bc1p...)
• Ethereum (0x...)
• Tron (T...)

PKF shows all these address types for each private key on the page.

This is due to how Taproot uses x-only public keys and the mathematical properties of elliptic curves.

Technical explanation:

• Taproot uses only the X coordinate of the public key (32 bytes)
• For any X coordinate, there are two valid Y values (one even, one odd)
• Private key k and n - k (where n is curve order) produce public keys with the same X coordinate but opposite Y values

Example:

• Key 1: 0x1
• Key n-1: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140
• Both produce the same Taproot address

A Public Key is derived from the private key using elliptic curve point multiplication on the secp256k1 curve.

Two formats:

• Uncompressed (65 bytes): 04 + X coordinate (32 bytes) + Y coordinate (32 bytes)
• Compressed (33 bytes): 02 or 03 (parity of Y) + X coordinate (32 bytes)

Formula: Public Key = Private Key × G (where G is the generator point)

An Address is a hash of the public key, encoded in a human-readable format. Different blockchains use different address formats:

WIF is a Base58Check encoded representation of a Bitcoin private key.

Structure:

• 0x80 (version byte) + Private Key (32 bytes) + [0x01 if compressed] + Checksum (4 bytes)

Prefix indicators:

• 5 - Uncompressed (51 characters)
• K or L - Compressed (52 characters)

Checksum: First 4 bytes of SHA256(SHA256(payload))

A Mnemonic is a sequence of words (12, 15, 18, 21, or 24) that represents entropy for generating a master seed.

Process:

1. Generate entropy (128-256 bits)
2. Add checksum (entropy → SHA256 → first N bits)
3. Split into 11-bit groups → Map to wordlist (2048 words)
4. Mnemonic + Passphrase → PBKDF2 (2048 iterations) → 512-bit Seed

Wordlist: BIP39 defines wordlists in multiple languages (English, Japanese, etc.)

A Derivation Path specifies how to derive child keys from a master seed using HD (Hierarchical Deterministic) wallets.

Format: m / purpose' / coin_type' / account' / change / address_index

Hardened derivation ('): Uses private key; cannot derive child public keys from parent public key.

secp256k1 is the elliptic curve used by Bitcoin, Ethereum, and most cryptocurrencies.

Parameters:

• Curve: y² = x³ + 7 (mod p)
• p: 2²⁵⁶ - 2³² - 977 (field prime)
• n: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 (curve order)
• G: Generator point (predefined)

Operations: Point addition, scalar multiplication (used for public key derivation and signatures)

SHA256 is a cryptographic hash function that produces a 256-bit (32-byte) digest.

Properties:

• Deterministic: Same input always produces same output
• One-way: Cannot reverse to get input from output
• Collision-resistant: Infeasible to find two inputs with same output
• Avalanche effect: Small input change → completely different output

Usage in crypto: Address generation, checksums, mining (PoW), transaction hashing

RIPEMD160 is a 160-bit hash function used in Bitcoin address generation.

Bitcoin Address Hash: RIPEMD160(SHA256(public_key)) - also called Hash160

Why 160-bit?

• Shorter addresses (20 bytes vs 32 bytes)
• 160-bit still provides sufficient collision resistance
• Reduces blockchain storage requirements

Keccak256 is used by Ethereum for address generation and various hashing operations.

Ethereum Address:

1. Public Key (uncompressed, without 04 prefix) → 64 bytes
2. Keccak256 hash → 32 bytes
3. Take last 20 bytes → Address
4. Add 0x prefix + EIP-55 checksum (mixed case)

Note: Ethereum uses Keccak256, not the standardized SHA3-256 (they differ slightly)

Base58Check is used for Bitcoin addresses and WIF private keys.

Alphabet (58 characters):

123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz

Excluded: 0, O, I, l (to avoid visual confusion)

Format: Version (1 byte) + Payload + Checksum (4 bytes)

Checksum: SHA256(SHA256(version + payload))[0:4]

Bech32 is used for SegWit addresses (BIP173).

Alphabet (32 characters):

qpzry9x8gf2tvdw0s3jn54khce6mua7l

Format: HRP + "1" + Data + Checksum

• HRP (Human Readable Part): bc (mainnet), tb (testnet)
• Version 0: SegWit v0 (bc1q...) - uses Bech32
• Version 1: Taproot (bc1p...) - uses Bech32m (BIP350)

Advantages: Case-insensitive, better error detection, QR code efficient

Hexadecimal is base-16 encoding using digits 0-9 and letters A-F.

Properties:

• 1 hex character = 4 bits (nibble)
• 2 hex characters = 1 byte
• Private key: 64 hex characters = 32 bytes = 256 bits

Common prefixes: 0x (Ethereum convention), no prefix (Bitcoin raw)

P2PKH (Pay-to-Public-Key-Hash) is the original Bitcoin address format.

Generation:

1. Public Key → SHA256 → RIPEMD160 → 20 bytes
2. Add version byte 0x00
3. Base58Check encode

ScriptPubKey: OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG

Size: 25-34 characters, starts with 1

P2SH (Pay-to-Script-Hash) allows complex scripts (multisig, nested SegWit).

P2SH-P2WPKH (Nested SegWit):

1. Create redeem script: 0x0014 + Hash160(compressed pubkey)
2. Hash160 of redeem script → 20 bytes
3. Add version byte 0x05
4. Base58Check encode

Advantage: Compatible with older wallets while using SegWit benefits

P2WPKH (Pay-to-Witness-Public-Key-Hash) is native SegWit v0.

Generation:

1. Compressed Public Key → Hash160 → 20 bytes
2. Witness version: 0
3. Bech32 encode with HRP bc

Advantages:

• ~38% smaller transactions → lower fees
• Signature data moved to witness (not counted in block size)
• Better error detection with Bech32

P2TR (Pay-to-Taproot) is SegWit v1, activated November 2021.

Generation:

1. Private Key → x-only public key (32 bytes, no prefix)
2. Tweak with internal key (for key path spending)
3. Witness version: 1
4. Bech32m encode

Features:

• Schnorr signatures (more efficient than ECDSA)
• MAST (Merkelized Abstract Syntax Trees)
• Key aggregation for multisig
• Better privacy (all spends look the same)

Browse the entire 256-bit private key space organized into pages.

Key Space:

• Total keys: 2²⁵⁶ (secp256k1 order)
• Keys per page: 60
• Total pages: ~1.93 × 10⁷⁵

Page calculation:

• Page N contains keys: (N-1)*60 + 1 to N*60
• Key K is on page: ceil(K / 60)

A challenge created in 2015 with ~1000 BTC distributed across 160 addresses.

Structure:

• Puzzle #N has private key in range: 2^(N-1) to 2^N - 1
• Key space size: 2^(N-1) keys

Difficulty examples:

Tools: BitCrack (GPU), Keyhunt (BSGS/Kangaroo), VanitySearch

Addresses derived from passphrases using SHA256 hash as private key.

Process:

1. Passphrase (UTF-8 string)
2. SHA256(passphrase) → 32 bytes → Private Key
3. Derive public key and address normally

Why it's weak:

• Human-chosen phrases have low entropy
• Dictionary attacks can check millions of phrases per second
• Common phrases are pre-computed and monitored

Convert BIP39 seed phrases to private keys and addresses.

Conversion process:

1. Mnemonic → Validate words & checksum
2. PBKDF2-HMAC-SHA512 (mnemonic, "mnemonic" + passphrase, 2048 iterations) → 512-bit seed
3. HMAC-SHA512(seed, "Bitcoin seed") → Master key + Chain code
4. Derive child keys using BIP32 path

Supported paths: BIP44, BIP49, BIP84, BIP86, custom

Generate EVM addresses with custom prefix/suffix patterns.

Algorithm:

1. Generate random private key
2. Compute public key → Keccak256 → Address
3. Check if address matches pattern
4. Repeat until match found

Difficulty (expected attempts):

• 1 hex char: 16 attempts
• 4 hex chars: 65,536 attempts
• 8 hex chars: ~4.3 billion attempts

Implementation: Rust WASM for high performance (~4000-6000 addr/s per worker)

Mini private key is a 30-character format (starting with S) used for physical Bitcoin coins and paper wallets.

Format:

• 30 characters from Base58 alphabet
• First character is always S
• Must pass checksum validation: SHA256(key + "?") first byte = 0x00

Conversion to standard key:

• SHA256(mini_key) → 256-bit private key
• Example: S6c56bnXQiBjk9mqSYE7ykVQ7NzrRy → standard hex key

wallet.dat is the Bitcoin Core wallet file that stores your private keys and transaction data.

Contents:

• Private keys (encrypted if passphrase set)
• Key pool (pre-generated keys)
• Transaction history and labels
• Address book entries

Format: Berkeley DB database (older versions) or SQLite (Bitcoin Core 0.21+)

Encryption: AES-256-CBC with key derived from passphrase using scrypt

Default Bitcoin Core data directory:

Notes:

• Bitcoin Core 0.16+: wallets stored in /wallets/ subdirectory
• Custom location with -datadir flag
• Multiple wallets supported with -wallet flag

Random searching is practically impossible due to the size of the key space.

Targeted approaches (for research/puzzles):

• Known range: Bitcoin Puzzle limits keys to specific bit ranges
• Weak keys: Brainwallets, low-entropy generators
• Leaked keys: Historical database breaches
• Partial information: Partial key recovery with known bits

Methods:

• Brute force (only for very small ranges)
• BSGS (Baby-step Giant-step) - O(√n) complexity
• Pollard's Kangaroo - probabilistic, good for ranges
• Dictionary attacks for brainwallets

GPU-based tools:

CPU tools:

• btcrecover: Seed phrase/password recovery
• hashcat: wallet.dat password cracking

Note: These tools are useful for recovering your own lost keys or solving puzzles. Finding random funded keys is mathematically infeasible.