# Bitcoin Private Key/ Public Key Leading Zeros, Is there a Mystery in the Maths?



## RichInSpirit (30 Jan 2018)

Apologies in advance for asking more silly Bitcoin questions. The following might be a bit long winded, apologies in advance also. And my Bitcoin knowledge is probably a bit infantile.

The Blockchain thread has fired up my bitcoin imagination and given me a bone to chew for the last while.

From my understanding of the Blockchain thread, The Public Key contained in the Blockchain is the hash of the Private Key and the Hash function cannot be reversed.

So here am I thinking just get the hash of all possible Private Keys and then you have a database or directory that can be reverse searched to find the Private Key of any Public Key. But Im told that the amount of hashing to be done to find all the different combinations will take hundreds of years. And is completely unfeasible.

But I still cant get it out of my head, so Id like to check how many hashes would I have to do in total. So back to permutations and combinations from my secondary school maths. Im not sure whether this is a permutation or combination.

Base58 can have 58 different options for every character position, so the hash of a single character Private Key would have 58 possible Public Keys. (Its probably not possible to have such short Private and Public Keys, Im going this short just for illustration!)
The hash of a 2 character Private Key would have 3364 possible Public Keys (58 multiplied by 58).
The hash of a 6 character Private Key would have 38,068,692,544 possible Public Keys (58x58x58x58x58x58) or 58 to the power of 6, (58^6).
And so on.

But some of the Public Keys have leading zeros, again take my previous 2 character Private and Public Key example. In the right most character position you can have 58 different characters but in the left most character position you can only have 1 different character Zero 0! 

Which brings me to my Mystery, how many possibilities are there for this 2 character Public Key with a leading Zero? Theres only one possible character for this position 0 so I was tempted to think 1x58 possibilities?? Upon mature reflection based on observation and further thinking I decided that there were 2 options for this character position, Zero and no character. Which gives 2x58 possibilities. Which is 116 possibilities. But as far as I can gather you still have to hash the Private key 3364 times (58x58) even with the leading zero.

Again taking the 6 character Private and Public key example from up above and imagine this public key with 3 leading zeros. So the possibilities are (2x2x2x58x58x58) which is 1,560,896 possibilities. But as far as I can gather you still have to hash the Private key 38,068,692,544 times (58x58x58x58x58x58) even with the leading zeros.

So that is my Mystery. To me it looks like the leading zeros dont weaken the cryptography of the thing. But if there was a reverse search Directory/Database somewhere or even a partial reverse search Directory, it would speed up the search for a private key fairly considerably.

So it would prompt me to ask why the leading Zeros ? Is it an attempt at a back door by some one?


----------



## jman0war (30 Jan 2018)

Google tells me, from a miner look at the puzzle:

_The leading zeros are there to control the difficulty of the problem. More zeros mean a lower space of possible solutions and hence harder problems (more hashes to try before you find one that wins)._


----------



## RichInSpirit (31 Jan 2018)

Thanks .


----------



## RichInSpirit (31 Jan 2018)

I think i'll have to root out my 486 and basic and see if I can write a hashing program, and test things out for myself.


----------



## fpalb (1 Feb 2018)

RichInSpirit said:


> The Blockchain thread has fired up my bitcoin imagination and given me a bone to chew for the last while.


Great to hear so!

You're mixing two different aspects here as the asymmetric cryptography being used for wallet addresses is a completely sepaarate thing from the hashing done for mining.

Let's start with the public/private keys, your general idea here is correct:



RichInSpirit said:


> From my understanding of the Blockchain thread, The Public Key contained in the Blockchain is the hash of the Private Key and the Hash function cannot be reversed.
> 
> So here am I thinking just get the hash of all possible Private Keys and then you have a database or directory that can be reverse searched to find the Private Key of any Public Key. But Im told that the amount of hashing to be done to find all the different combinations will take hundreds of years. And is completely unfeasible.



The first thing I'll say is that the public key is not technically a SH256 hash of the private key, there is more than one step using RIPEMD-160 and SHA256. If anyone cares about the gory details there are examples of the calculations in the answers here.

But anyway, the important thing as you've mentioned is that for all intents and purposes it's impossible to find the private key for any given public one. You can't calculate it and you can't compile a database of possible keys because the number is astronomical.... there are a couple of joke websites that demonstrate this like https://lbc.cryptoguru.org/dio/0

*Page 1 out of 904625697166532776746648320380374280100293470930272690489102837043110636675*

3blue1brown has an excellent 5 minute video about how large these numbers are here.

There are no leading zeros involved in this aspect of bitcoin, in fact bitcoin addresses always start with a 1 or a 3 and private keys with a 5. A zero at any point in the String has no more or less significance than any other digit/character. You are free to generate any valid private key you like (I guess starting with 5 is the only restriction, or is it just a convention - I'm not sure), derive the the public key from it and send bitcoin to that address.

Maybe this already answers your question, but if you're wondering about the hashes of solved blocks starting with leading zeros, that's for a completely different reason.


----------



## RichInSpirit (1 Feb 2018)

Thanks  for that very comprehensive answer.
So my leading zero conspiracy theory is debunked !
Bitcoiners can rest easy.


----------



## RichInSpirit (2 Feb 2018)

fpalb said:


> 3blue1brown has an excellent 5 minute video about how large these numbers are here.


Watched the very informative video just now. Very educational and very well presented.


----------



## fpalb (4 Feb 2018)

I've linked it before, but in case you missed it, the same channel has a fairly in depth 25 minute video about bitcoin in general which is also excellent: https://www.youtube.com/watch?v=bBC-nXj3Ng4


----------



## RichInSpirit (9 Apr 2018)

I was thinking about 2^256 yesterday.
16x16 is 256. Interesting.


----------

