Guide | Private Keys
$5,412.38/BTCBuy

Private Keys

What is a private key?

A private key is a randomly generated number.


But to be more exact, because bitcoin uses 256-bit numbers, a randomly generated private key starts out looking like this:

Yes, this is still a number. It’s just in binary, which is a elemental way of storing numbers in a computer. Because you know, Bitcoin is a computer program after all.

Anyway, we can easily convert this private key from binary to decimal:

Or to hexadecimal:

It doesn’t make a difference. They’re all the same number, and they’re all the same private key.

Because after all, a private key is just a number.

A raw private key is commonly shown in hexadecimal format.

Where do private keys come from?

I wasn’t lying when I said they are generated at random.

Honestly, when you use any kind of bitcoin software to generate a private key, they are not performing magic – they are just giving you a random 256-bit number.

Therefore, there’s no reason why you can’t create your own private key. All you need is to be able to generate a random 256-bit number.

You could do this in a number (heh) of ways:

  1. Flip a coin 256 times.

    This will give you a private key in binary.

    This will give you a private key in binary.

  2. Use your favourite programming language to generate a random number.

    # need to use the operating system's random number generator for security
    import random
    random.SystemRandom().randint(1, 115792089237316195423570985008687907852837564279074904382605163141518161494337)

    This will give you a private key in decimal.

  3. Hash some data using the SHA256 hash function. (try it)

    This will give you a private key in hexadecimal.

    This will give you a private key in hexadecimal.

All of these methods will give you a 256-bit number. And if you’ve got a 256-bit number, you’ve got a private key.

You want to make sure that the private key you create is utterly random.1

If you use a random number generator that isn’t reliably random (i.e. it has patterns in the way it generates random numbers), you’re leaving yourself vulnerable to anyone who is familiar with the weaknesses of the random number generator you used.

And if someone is able to recreate the same private key as you, they can take your bitcoins.

As a result, most guides will make you fearful about generating your own private keys, because nobody wants to be responsible for your noob mistakes.

But don’t let all that fear-mongering stop you. As long as you’re not a noob you’ll be fine.

Putting the word “bitcoin” in to the SHA256 hash function (and using that as your private key) is more comical than random.

If you’re still unsure, just flip a coin 256 times. You can’t get more random than that.

What if someone generates the same private key as me?

Then they’ll be able to steal your bitcoins.

But don’t worry, nobody is going to randomly generate the same private key as you.

Surely they could?

Okay, they could, but due to the range of possible private keys, it’s somewhat “unlikely”.

For example, if I had one million monkeys who could each generate one million private keys per second (I’ve trained them well), it would take roughly 3,671,743,063,080,802,746,815,416,825,491,118,336,277,193,184,902,172 million years 2 (on average) before one of my monkeys generates the same private key as you.

So as you can see, I haven’t quite got time or monkey-power on my side. And neither has anyone else.

There are so many possible private keys that choosing one at random is security in itself.

Fair enough.

No, I’m not done yet.

The range of 256-bit numbers (and therefore the number of possible private keys) is unfathomably huge. Just as it’s impossible for the human mind to visualise the the scale of the universe, it’s impossible for the human mind to comprehend the range of 256-bit numbers.

So if you have any doubts about the safety of your 256-bit number, it’s either because you didn’t use a reliable enough random number generator, or because you don’t appreciate the magnitude of the numbers we are dealing with.

Now get out of my office.


  1. Nothing is utterly random, but you should always try your best.

  2. Here’s mah math:

    keys = 115792089237316195423570985008687907852837564279074904382605163141518161494337
    monkeys = 1000000
    monkeyhashrate = 1000000
    
    keyspersecond = monkeys * monkeyhashrate
    
    seconds = keys / keyspersecond
    minutes = seconds / 60
    hours = minutes / 60
    days = hours / 24
    years = days / 365
    millionyears = years / 1000000
    
    print millionyears

Greg Walker, 19 May 2015

Back to Top