TERM_DEF // MODULE_5_CRYPTO_PRIMITIVES / HASH160
HASH160
HASH160. RIPEMD160(SHA256(x)) — produces the 20-byte pubkey hash.
HASH160 is the two-step hash used throughout Bitcoin address generation: first SHA-256, then RIPEMD-160, yielding a 20-byte result. It is used in P2PKH (to hash the public key into an address) and in P2SH (to hash the script/">redeem script). The 20-byte output is what gets Base58Check-encoded into the address you share with senders.
This page sits in the Module 5 — Crypto Primitives section — Vocabulary introduced in the Crypto Primitives module. Read on for what it is, why it exists, how it works under the hood, and what to watch out for.
HASH160 is the two-step hash used throughout Bitcoin address generation: first SHA-256, then RIPEMD-160, yielding a 20-byte result. It is used in P2PKH (to hash the public key into an address) and in P2SH (to hash the script/">redeem script). The 20-byte output is what gets Base58Check-encoded into the address you share with senders.
This page sits in the Module 5 — Crypto Primitives section — Vocabulary introduced in the Crypto Primitives module. Read on for what it is, why it exists, how it works under the hood, and what to watch out for.
WHAT_HASH160_IS
HASH160 — at a glance
MODULE 5
HASH160 is a cryptographic component of Bitcoin. RIPEMD160(SHA256(x)) — produces the 20-byte pubkey hash. Like every cryptographic building block in Bitcoin, it is fundamentally a piece of math — not a feature provided by a server, not a permission granted by an authority, but a deterministic function that any machine can compute and any other machine can verify.
HASH160 is the two-step hash used throughout Bitcoin address generation: first SHA-256, then RIPEMD-160, yielding a 20-byte result. It is used in P2PKH (to hash the public key into an address) and in P2SH (to hash the redeem script). The 20-byte output is what gets Base58Check-encoded into the address you share with senders.
Why it exists
DESIGN
Bitcoin has no central authority to vouch for ownership, prove identity, or guarantee that a message has not been tampered with. Cryptography fills all three roles. HASH160 exists because the alternative — trusting a third party with custody, signatures, or random number generation — would re-introduce exactly the single points of failure Bitcoin was designed to eliminate. The security of every coin in existence depends on these primitives behaving as advertised.
HOW_IT_WORKS
Mechanism
HOW IT WORKS
The mechanism rests on a one-way function: easy to compute forward, computationally infeasible to reverse. For signature schemes that asymmetry comes from the elliptic-curve discrete logarithm problem on the secp256k1 curve; for hash functions like SHA-256 it comes from collision-resistance. HASH160 is built on top of these primitives and inherits their security: every node/">full node can independently verify a result in microseconds, but no attacker can fabricate a fake one in any realistic amount of time, even with all the computers on Earth working together.
1. Generate or receive the input bytes (a private key, a message, a public key, a signature — depending on the operation).
2. Apply the cryptographic primitive — typically built on SHA-256, RIPEMD-160, secp256k1, or Schnorr/ECDSA.
3. Encode the result in the expected form: 32-byte hash, 33-byte compressed pubkey, 64-byte Schnorr signature, ~71-byte DER ECDSA signature, etc.
4. Verifiers worldwide re-run the same computation against the public inputs to confirm authenticity — no shared secret required.
WORKED_EXAMPLE
HASH160 — example values
EXAMPLE
input : "hello bitcoin"
operation: HASH160(input)
output : afffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff (deterministic, 32 bytes)
properties:
same input → same output, always
1 bit flipped → ~half the output bits change (avalanche)
finding two inputs with the same output : computationally infeasible
reversing output → input : computationally infeasible
KEY_PROPERTIES
ONE-WAY
Easy to compute forward in microseconds; infeasible to reverse even with planetary compute resources.
DETERMINISTIC
Same input → identical output on every machine, forever. No randomness sneaks in.
COLLISION-RESISTANT
Finding two distinct inputs that produce the same output requires more work than has ever been done on Earth.
PUBLIC-VERIFIABLE
Anyone can check a signature/hash against public data — no shared secret needed for verification.
COMMON_PITFALLS
Things that catch people out
PITFALLS
- Never reuse a signing nonce — a single nonce reuse leaks the private key permanently and irretrievably.
- Never generate keys with weak randomness (timestamps, user input, Math.random) — predictable seeds have drained millions in past incidents.
- Never paste secrets into a web form, screenshot, or cloud note — anywhere they leave your control they may be copied silently.
- Treat HASH160 like nuclear material: handle it, store it, and dispose of it deliberately.
WHERE_YOU'LL_SEE_IT
Pages on this site that cover HASH160 in more depth:
RELATED_CONCEPTS
Other terms from Module 5 — Crypto Primitives — click any to read its page:
TERMINOLOGY_INDEX
TERMINOLOGY
HASH160
RIPEMD160(SHA256(x)) — produces the 20-byte pubkey hash.
Hash function
One-way function that maps arbitrary data to a fixed-size digest.
SHA-256
256-bit cryptographic hash function used throughout Bitcoin.
RIPEMD-160
160-bit hash function; combined with SHA-256 gives HASH160.
Preimage
The original input to a hash function.