In our guide, we explain. What addresses are, how they are created and what the differences between different kind of addresses on different blockchains are.
What Are Addresses on Blockchains? Blockchain Address 101
In the early days of Bitcoin, it was possible to send payments to an IP-address like 188.8.131.52 (which is blockgeeks.com). This was planned to be a convenient method to use Bitcoins without dealing with unhandy public keys and addresses. However, after the Bitcoin developers realized that this way of sending coins could be subject to serious man- in-the-middle-attacks, the option was disabled and did never come back.
This anecdote of Bitcoin’s early days seems to have mostly historic values. But it demonstrates what an address is: It is not something special or something set in stone. It is just a placeholder to accept and send blockchain transactions. Like an IBAN or SWIFT address.
The address itself doesn’t matter, nor does its format. The only thing matters are that the address serves its purpose – to enable payments to an entity which has a unique information. Usually, a private key, to exclusively access the funds. The address is nothing but a secure identifier.
However, while SWIFT or IBAN numbers are assigned by central authorities like banks, blockchain addresses exist. Every blockchain address possible already existed, long before a wallet found it. The reason is that blockchain addresses are the result of a mathematical operation.
The Public Key: Where the Blockchain Address Generation begins
A standard P2PKH address has something like 34 signs and starts with a 1. P2PKH is the abbreviation of “Pay To Public Key Hash.” This means that you Pay to a hash of a public key. For beginners, this might sound intimidating complex, so let’s wait through the process of building such an address to learn what it is.
Every wallet software you use can easily create a P2PKH address, or, to be more precise: find as many of it as you want. It is no rocket science, but a combination of several non-exceptional cryptographic operations.
First, your wallet collects entropy and uses it to generate an ECDSA private key. ECDSA is the cryptographic algorithm in the core of bitcoin addresses. It is an asymmetric signature algorithm, which means that you can sign messages with the PRIVATE key and verify the signature with the PUBLIC key. With ECDSA you can give the world easily the information to prove that you – and only you – are the author of a message by signing it. It’s very similar to physically signing a letter.
So, after creating the private key with entropy, the wallet derives the public key from it. It does so by picking some random coordinates on a certain elliptic curve and doing some calculations. Details are not important. What matters ist, which this public key is all you need to send and collect payments. In the early days, the public key was used to receive funds.
But very soon the concept was extended. The public key is not only very long and unhandy – around 65 characters – but can also be subject to typing errors. Further, exposing it can also set you on risks if ECDSA is ever broken, for example by quantum computing. This is why the bitcoin developers created a method to derive an address from the public key.
Creating the Bitcoin Blockchain address
To create the address your wallet pushes the public key through a series of cryptographic algorithms. Roughly speaking this is what happens:
The software hashes the public key with SHA 256 and the result with RIPEMD-160. Then it adds the bytes 00 as a prefix in the beginning of the resulting string – this is the reason why P2PKH addresses start with a “1” – and four checksum-bytes at the end. The four checksum bytes are generated by hashing the result twice with SHA 256 and taking the first four bytes. Then your wallet converts the result into a base58 string. And voilá: we have the bitcoin address we know and we love.
You don’t need to understand the cryptographic details. What’s important is that the address represents a public key in a better readable way and adds a checksum which prevents that you fall victim to a typing error. Whenever you paste an address in your bitcoin wallet, it checks the prefix and calculates the checksum. If it doesn’t match, it rejects the address. This makes it impossible to send funds to a wrong address due to a typing error.
If you have the private key for an address, only you can sign a transaction with cryptocurrency token assigned to this address – while everybody who knows your address can verify the validity of your signature. This simple process – signing a transaction, verifying the signature – is more or less everything a cryptocurrency transaction does.
But bitcoin has more advanced addresses: the so-called P2SH addresses. This abbreviation stands for “Pay to Script Hash”. It means that you don’t pay to the hash of a public key, but to the hash of a script. To sign a transaction you don’t have to provide the signature matching a certain public key, but a script matching a certain hash. This kind of addresses enable more flexible methods to verify yourself, for example, those that are used in multisig-addresses, in which two parties provide information which sums up to the needed script. These addresses use the prefix 05, which is the reason why they start with a “3”.
However, it needs another guide to completely describe the magic of P2SH addresses. Here we focus on addresses itself and leave bitcoin to have a look, how other cryptocurrencies create addresses.
Addresses in other Cryptocoins
A lot of cryptocurrencies use nearly the same address format as bitcoin. For example, Litecoin, Dash, and Dogecoin deploy the same cryptographic procedures to generate an address: ECDSA, SHA 256 and RIPEMD 160.
The only difference is the prefix of the RIPEMD-160 hash. While Bitcoin’s prefix 00 results in addresses starting with a “1”, Altcoins like Dash, Litecoin or Dogecoin use other prefixes so that the addresses start with “L” (Litecoin), “X” (Dash) or “D” (Dogecoin).
As these coins use the same cryptographic algorithm, you can use the same private and public keys to save coins in all these cryptocurrencies. Partly you can even store them on the same addresses. For example, Litecoin and bitcoin use the same prefix for P2SH addresses – 05 – so that it is possible to store both Bitcoin as Litecoin at the same address.
Other cryptocurrencies, however, use other schemes to generate the address. For example, Monero is based on the Cryptonote algorithm. This algorithm deploys another cryptographic signature algorithm to generate the public key, EdDSA. Cryptonote currencies have so-called ring signatures, which provide more privacy, as you can’t determine which key a transaction was signed. For this reason, Cryptonote addresses must contain two public keys, a view, and a spend key.
Like with bitcoin addresses, Cryptonote adds a prefix byte and hashes the result. However, it uses Keccak-256 instead of double SHA 256 to generate four checksum bytes, which are added at the end of the string. After converting the result to base58, you get the final address, which is longer than in bitcoin. It looks like this:
This variety of addresses demonstrates, again, that addresses are just a mean to accept a payment which is assigned to a certain public key. For this base function, it does not matter what you do with the public key, what cryptographic algorithm you apply to convert it to an address, and how the address looks.
The building procedure of an address, however, can have an important implication on security, privacy, and usability. Without the checksum integration, bitcoin address could be mistyped, and without the integration of the view key in the address, Monero would be not as private as it is. A look at Ethereum’s addresses further establishes this insight.
Like many things in cryptocurrency, the topic of addresses starts to get really intriguing when it comes to Ethereum. Many people who started with Bitcoin and then trying Ethereum are puzzled with the address format, which is a long, hexadecimal string starting with 0x, for example, “0x0eb81892540747ec60f1389ec734a2c0e5f9f735”.
Technically, Ethereum’s address generation is similar to Bitcoin’s, but does not take the whole way. You start with a private key and use ECDSA to generate a 64-byte public key. Like we know from bitcoin. Then you hash this key with Keccak-256. The result is a 32-byte string. The first 12 of these bytes are dropped, the remaining 20 bytes are a 40 character address, to which usually the prefix 0x is added. That’s it. Other than bitcoin or Cryptonote, Ethereum does not transform the address to base58, so it is in hexadecimal (0-F).
Another difference between ethereum and other cryptocurrencies is that Ethereum addresses have no checksum. Any hexadecimal 40 character string can be an ethereum address, which is the reason why ethereum developers heavily dissuade users to manually type such an address, as a single typing error can result in the loss of funds.
Compared with the addresses of other cryptocurrencies, ethereum addresses seem to be unfinished, gross and recklessly dangerous for the user. For a cryptocurrency which has the second largest market value and is promoted as the most innovative cryptocurrency at all, this seems to be surprisingly low level.
The initial reason for this was that, when Ethereum’s first version, Frontier, was released, nobody really cared. What we today use as addresses were never intended to be permanently used as such. From the beginning, Ethereum developers aim to build a smart contract based name register, with which payments can be easily sent to names or domains and so on. In the long term, with ethereum, cryptocurrency can close the circle and come back to the easy to use payment Satoshi intended when implementing Pay to IP.
However, as Jeff Coleman points out, there is another, a maybe more important reason that Ethereum does not use crafted addresses like bitcoin: The developers think it can be done better. Remember, an address is just a cryptographic method to represent the needed information to assign funds to a private key. This can be done with contracts that assign this information to names, but this can also be done with more sophisticated address formats than bitcoin uses.
The favorite format for Ethereum developers is currently the ICAP format, which looks like this:
Like bitcoin addresses, it uses base58 characters and includes a checksum.
“But that’s not all, folks! For one thing, the ICAP is a fully valid International Bank Account Number (or IBAN),” Coleman explains, “That means that existing bank software can understand it and interact with it.” IBAN is the international identifier of client accounts in the banking industry. It consists of 32 case insensitive alphanumeric characters, containing a country code, a checksum, the bank number as well as the account number. ICAP uses an XE as a country identifier and string of 16 to 30 alphanumerical characters which includes information like account, asset, checksum or institution.
Colemen goes on: “For another, the ICAP doesn’t have to use hexadecimal addresses. Instead, once we all do switch over to using name reg contracts it can just use your actual human readable string to end up with something like “XE81ETHXREGJEFFCOLEMAN”, which still matches bank formats but might be possible actually to remember!”. In the long run, Ethereum addresses could become memorable and compatible with the existing banking system.
The support for ICAP addresses is currently growing. The usual clients already enable the generation of ICAP addresses, but still, use the legacy address as a standard. To make this more secure, Vitalik Buterin developed a little improvement to add checksums in the form of capitalization. With EIP55 generated addresses, upper cases serve as a checksum. So if an address has at least one capital letter, it will be invalid, if you make a typing error.
STEEM – where your username is your address
The cryptocurrency STEEM already implemented a system similar to what Ethereum aims to achieve. In STEEM your username is your wallet address.
STEEM is a cryptocurrency based on the BitShares concept. It is interlinked with the social platform Steemit, where users can “mine” Steem-coins by collecting upvotes for posts. This “subjective proof of work” is a clever combination of Proof of Stake and Proof of Work. The system as a whole is relatively complex, as it contains “delegates”, which are elected to do the proof, and three forms of token, STEEM, STEEM power and STEEM Dollar; also it is hard to assess if STEEM is as decentralized as bitcoin and Ethereum, as large parts of it are based on the privately hosted platform Steemit, which is the main client of Steem. There seem to be no other wallets available.
However, the address concept is intriguing. In a more centralized way, STEEM implemented what ethereum aims to build with smart contract name registrars: The users gets a private key, which he can use to sign his transaction, like with any other cryptocurrency. Addresses, however, are no cryptographic derivation of the private key, but just the usernames on Steemit. Probably these usernames are connected to the public key in a public database on Steemit, so that, at least, it is possible for every user to validate a transaction. But still, the most important part of the validation – the connection between public key and address – is not based on math, but on trust to the platform Steemit.
The username based address scheme of STEEM is interesting because it provides an ideal usability. But its centralized and trusted nature makes it inadequate for most blockchain use cases, which aim to decentralize verification and substitute trust with math. At least, the system lacks transparency.
A smart contract based name registrar, like Ethereum, aims to build on top of its blockchain, however, could combine the best of both worlds: the decentralized, trustless nature of bitcoin – and the ease of use of STEEMs name based addresses.