Bitcoin public key — why do we have now a compressed and uncompressed model?


My understanding is that the general public key can begin with 04 if it is uncompressed, or 02(x-coor) or 03(y-coor) if it is compressed.

That is not precisely proper. There are two encodings:

  • Uncompressed encoding: (0x04, X coordinate, Y coordinate)
  • Compressed encoding:
    • (0x02, X coordinate) if Y is even
    • (0x03, X coordinate) if Y is odd

What is the goal of this?

And if that is certainly the case, why would you desire a compressed public key?

When you’re asking about intent, you might want to remember that these requirements for encoding aren’t particular to Bitcoin. They’re outlined by SEC1, and adopted by many different methods. Presumably their objective for having each is:

  • Compressed encoding is smaller, and thus fascinating when house/bandwidth issues matter extra.
  • Uncompressed encoding is barely extra environment friendly to work with, so if house/bandwidth is not a priority it is quicker to decide on this.

If Bitcoin was designed right now, it might most likely solely have compressed keys.

Higher entropy as we are able to have a bigger public key if it is uncompressed?

Would not or not it’s safer to make use of the bigger one?

No, there’s a one-to-one conversion between compressed and uncompressed keys, in each route. There isn’t a distinction in entropy (each have 256 bits of entropy) and thus equally safe.

Supply hyperlink

Leave a reply