Private Key — Glossary — BitcoinMachine

TERM_DEF // KEYS_CRYPTOGRAPHY / PRIVATE_KEY

PRIVATE
KEY

Private Key. A random 256-bit number that gives full spending authority over the coins locked to its derived public key.

This page sits in the Keys & Cryptography section — Elliptic curves, hashes, and signatures — the math that lets a 32-byte secret control billions of dollars. Read on for what it is, why it exists, how it works under the hood, and what to watch out for.

WHAT_PRIVATE_KEY_IS

Private Key — at a glance

KEYS

A private key is a 256-bit random number — usually written as 64 hex characters — that is the single source of spending authority over the bitcoin locked to its derived public key. It is the only secret in the entire system. There are no passwords, no account recovery, no customer support, no fallbacks. The key is the money.

Why it exists

DESIGN

Bitcoin replaces every trusted intermediary with cryptography. The fundamental cryptographic question — "did this payment actually come from the right person?" — is answered by an elliptic-curve signature, and that signature is produced by exactly one secret: the private key. Whoever has it, has the coins. This is what self-sovereignty means.

HOW_IT_WORKS

Mechanism

HOW IT WORKS

Generate a 256-bit random integer in the range [1, n-1] where n is the order of the secp256k1 curve. Multiply it by the curve's generator point G to get the corresponding public key (a curve point). The hash of the public key becomes an address. Signing a message: compute a deterministic nonce-k-signing-scalar/">nonce k (RFC-6979), hash the message + nonce + private key, produce a 64-byte (Schnorr) or ~71-byte (ECDSA) signature anyone can verify with the public key.

1. Generate 32 bytes of cryptographically secure entropy (NEVER timestamps, Math.random, or user input). 2. Verify the integer is in [1, n-1]; n = 0xFFFF...41 (the curve order). Almost any random 32 bytes will be valid. 3. The 32-byte value IS the private key. Optionally encode as WIF (Base58Check, prefix 0x80 mainnet) for export. 4. Derive the public key: pubkey = privkey × G (scalar multiplication on the secp256k1 curve). 5. To sign a transaction: compute the sighash, then produce sig = sign(privkey, sighash). Verifier checks with pubkey. 6. To spend: place the signature in the input's scriptSig (legacy) or witness (SegWit/Taproot). Network verifies in microseconds.

WORKED_EXAMPLE

A real (now-published) private key from the Bitcoin Whitepaper era

EXAMPLE

raw private key : E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262 (256 bits = 32 bytes = 64 hex characters) range : 1 ≤ key < n n = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 WIF (mainnet, uncompressed): 5Hwgr3u458GLafKBgxtssHSPqJnYoGrSzgQsPwLFhLNYskDPyyA WIF (mainnet, compressed) : L5oLkpV3aqBjhki6LmvChTCV6odsp4SXM6FfU2Jvxy5sopo5K9WS guessing 1 specific key : 1 in 2²⁵⁶ ≈ 1 in 1.16 × 10⁷⁷ more candidates than atoms in the observable universe (~10⁸⁰) derive public key: pubkey = privkey · G (on secp256k1) = 04 + x_coord (32 bytes) + y_coord (32 bytes) — uncompressed, 65 bytes = (02 or 03) + x_coord (32 bytes) — compressed, 33 bytes

⚠ CRITICAL. A private key is the entire spending authority for all coins on its derived addresses. Anyone who learns it gains immediate, irrevocable control. Never paste it into a website, share over chat, store in cloud notes, photograph it, or type it on a device you don't fully trust. Safe storage is offline only: wallet/">hardware wallet, steel plate, paper in a physical safe.

KEY_PROPERTIES

TOTAL AUTHORITY

Whoever has the bytes can spend the coins. No identity, no KYC, no permission — only mathematics.

NO RECOVERY

Lose the key → lose the coins. No platform, foundation, or government can restore access.

OFFLINE-VERIFIABLE

Signing happens locally; the private key never needs to leave your device. Verification by anyone is just an ECC point check.

ASYMMETRIC

Easy to derive a public key from a private key; cryptographically infeasible to do the reverse (ECDLP).

COMMON_PITFALLS

Things that catch people out

PITFALLS

Never reuse a signing nonce — Sony's PS3 leaked their root key this way, and at least one Bitcoin wallet lost funds to the same bug. RFC-6979 deterministic nonces prevent it.
Never paste a private key into a webpage, screenshot, or chat. The moment it leaves your control, the coins are at risk.
"Brain wallets" (deterministically derived from a password) get drained by attackers running dictionaries. Use cryptographic randomness instead.
Quantum threat: a sufficiently powerful quantum computer could derive private keys from public keys via Shor's algorithm. Coins in unrevealed P2PKH outputs are protected; spent / P2PK outputs are exposed.

WHERE_YOU'LL_SEE_IT

Pages on this site that cover Private Key in more depth:

→ Private Keys
→ Private Key
→ WIF Private Key

RELATED_CONCEPTS

Other terms from Keys & Cryptography — click any to read its page:

TERMINOLOGY_INDEX

TERMINOLOGY

Private Key

A random 256-bit number that gives full spending authority over the coins locked to its derived public key.

Public Key

A point on the secp256k1 curve, derived from a private key, that others use to verify signatures you produce.

Key Pair

A private key paired with its mathematically-linked public key; one signs, the other verifies.

Elliptic Curve

A curve defined by y² = x³ + ax + b; "adding" two points produces a third, and that operation is easy forward but practically impossible to reverse.

secp256k1

The specific elliptic curve Bitcoin uses, chosen for its lack of suspicious constants and high-performance arithmetic.

Generator Point (G)

A fixed agreed-upon point on secp256k1; multiplying G by your private key gives your public key.

Curve Order (n)

The number of distinct points on secp256k1 reachable from G; private keys are integers modulo n.

Field Prime (p)

The prime modulus defining secp256k1's coordinate field; all curve arithmetic is done modulo p.