BitcoinCryptography Intermediate

What Actually Makes a Bitcoin Yours

Bitcoin has no usernames, no passwords, and no banks. Ownership is proven by knowing a single number - the private key. A guide to the public-key cryptography that the entire system rests on.

26.05.10 · 6min

Bitcoin has no accounts, no passwords, and no sign-up. Who owns which bitcoin is not recorded in any server's database. Ownership is proven by one thing only: knowing a number called the private key. The technology that makes this simple fact possible is public-key cryptography. Bitcoin addresses, signatures, wallets, multisig - nearly every part of Bitcoin stands on this foundation.

Two Kinds of Cryptography

There are broadly two ways to encrypt.

Symmetric cryptography locks with one key and unlocks with the same key. It is fast and simple, but has a fatal weakness. For two people far apart to communicate securely, they must first share the same secret key. But how do you safely deliver that key in the first place? Send it over a channel that can be wiretapped, and security collapses the moment you do. This is the key distribution problem that troubled cryptography for thousands of years.

Asymmetric cryptography - public-key cryptography - solves it elegantly. Instead of one key, there is a pair.

Private key: a number you never reveal and keep to yourself
Public key: a number you can share freely with anyone

The two are mathematically linked, but computing the private key from the public key is practically impossible. That is why the public key can be broadcast to the entire world and remain safe.

One-Way Functions: The Easy Direction and the Impossible One

At the heart of public-key cryptography is a one-way function: easy to compute in one direction, computationally infeasible to reverse.

A common analogy is mixing paint. Combining yellow and blue into green takes an instant. But looking at the finished green and separating it back into exactly which yellow and which blue went in is effectively impossible. The public key is the mixed green; the private key is one of the original colors hidden inside it.

Bitcoin's One-Way Function: Elliptic Curves

Bitcoin implements this one-way property with Elliptic Curve Cryptography (ECC). The specific curve Bitcoin uses is named secp256k1.

A private key k is simply a 256-bit random number. The public key K is obtained by multiplying a fixed reference point G (the generator) on the curve by the private key:

K = k × G

Here × is not ordinary multiplication but a special, repeated "point addition" defined on the elliptic curve. What matters is its property:

Knowing k and G, computing K finishes in a few milliseconds.
Knowing K and G, computing k would take longer than the age of the universe with current technology.

This is the discrete logarithm problem. What keeps a private key safe is not a secret vault but this mathematical asymmetry.

The Size of the Number Is the Security

A private key is an integer between 1 and about 1.158 × 10^77. The number of possible private keys rivals the estimated number of atoms in the observable universe (about 10^80). Even using every computer on Earth, the odds of randomly guessing one specific private key are effectively zero. Bitcoin's security rests not on secrecy but on the astronomical size of the number.

Digital Signatures: Proving Without Revealing

The real magic of public-key cryptography is the digital signature. A digital signature guarantees two things at once:

Authentication: this message was made by the owner of that private key.
Integrity: the message was not altered by a single character.

In Bitcoin, sending a transaction means exactly this: signing a message - "I will spend this bitcoin this way" - with your private key.

The sender creates a signature over the transaction using the private key.
Anyone on the network can verify that signature with the sender's public key.
If verification passes, it is proven that the owner of that key signed - without anyone ever seeing the private key.

The private key is never exposed to the network. Only the public key and the signature are revealed, and that alone completes the proof of ownership. No bank teller, no intermediary, no trusted third party. Verification is pure mathematics.

The Full Flow in Bitcoin

The chain from private key to a completed transaction looks like this:

Private key (256-bit random number)
   │  elliptic curve multiplication (K = k × G)
   ▼
Public key
   │  hashing (SHA-256 → RIPEMD-160, etc.)
   ▼
Bitcoin address

Receiving bitcoin: the counterparty creates an output locked to your address (derived from your public key).
Spending bitcoin: you sign with your private key to prove the right to unlock it.

Thanks to this structure, Bitcoin lets you publish a receiving address to anyone while keeping full control of your funds as long as you guard the private key.

What "Be Your Own Bank" Really Means

Public-key cryptography enables Bitcoin's core proposition: whoever controls the private key owns the bitcoin. Unlike a bank account, you do not need anyone's permission to access your balance. With the private key alone, you can move your assets anywhere in the world, with no institution's consent.

This is a powerful freedom and a heavy responsibility at once. Lose the private key and the bitcoin is lost forever. Have the private key stolen and the assets are stolen with it. The maxim "Not your keys, not your coins" comes straight from this mathematical fact. That is why how you generate and store a private key is, in effect, the whole of Bitcoin self-custody.

Are Quantum Computers a Threat?

A sufficiently powerful quantum computer could, in theory, break the one-way property of elliptic curves (Shor's algorithm). However, a quantum computer of that scale does not yet exist, and Bitcoin has room to upgrade to quantum-resistant signature schemes in advance. Moreover, addresses whose public key has never been revealed (receive-only addresses) are shielded by an extra layer of hashing. This is less an immediate threat than a long-term challenge the Bitcoin development community prepares for.

Connected Concepts

Seed Phrases and HD Wallets - managing countless private keys from a single phrase
How Bitcoin Addresses Work - how a public key becomes an address
Schnorr Signatures - Bitcoin's next-generation digital signature
Multisig - splitting authority across multiple keys
Censorship Resistance - why no one can stop you if you hold the keys

ideas How Schnorr Signatures Merge Many Signatures Into One ideas Why a Hash Function Became the Backbone of Bitcoin ideas Bumping a Sent Bitcoin Transaction Past the Mempool Queue ideas What Is Bitcoin?