Base58Check Math: Double SHA256

The original checksum method used in Bitcoin is Base58Check. It relies on the cryptographic strength of the SHA256 hashing algorithm to create a unique fingerprint for the address data.

1. The "Double Hash" Tradition

Bitcoin almost never uses a single hash. For checksums, it uses SHA256(SHA256(Data)).

• Reasoning: In the early days of cryptography, there were concerns about "Length Extension Attacks" on certain hashing algorithms. Hashing twice was seen as a conservative, "belt and suspenders" approach to ensure maximum security.

2. The Truncation Logic

A SHA256 hash is 32 bytes (256 bits). However, we only use the first 4 bytes as the checksum.

1. Input: [Version Byte] + [20-byte Hash]

2. Step 1: Hash the input (SHA256).

3. Step 2: Hash the result of Step 1 (SHA256).

4. Step 3: Take the first 4 bytes of that second hash.

5. Result: These 4 bytes are appended to the input before encoding into Base58.

3. Why only 4 bytes?

If 32 bytes is more secure, why throw 28 bytes away?

• User Experience: If we used the full 32-byte hash, Bitcoin addresses would be twice as long (around 70-80 characters).

• Efficiency: 4 bytes provides a 1 in 4 billion chance of failure. For a human typing an address, this is effectively perfect. The extra 28 bytes would add significant weight to the blockchain without providing a meaningful increase in real-world safety.

4. Verification Flow

When a wallet "Validates" a legacy address:

1. It decodes the Base58 string into raw bytes.

2. It separates the last 4 bytes (the "Stored Checksum").

3. It performs the Double SHA256 on the remaining data.

4. It compares its "Calculated Checksum" to the "Stored Checksum."

5. Match: The address is valid. Mismatch: The address is rejected.

Component	Bytes	Description
Payload	21	Version + Public Key Hash
Checksum	4	The "CheckDigit"
Encoded	~34	Final Base58 String

In the next section, we will look at the more advanced Bech32 Polynomial Math.