TeachMeBitcoin

Custom Python Public Key Auditor

From TeachMeBitcoin, the free encyclopedia Reading time: 2 min

Custom Python Public Key Auditor

In this final guide, we will build a Python script that takes a Compressed Public Key and mathematically reconstructs the missing Y-Coordinate. This demonstrates how Bitcoin nodes save space by calculating geometry on the fly.

The Public Key Reconstructor

# secp256k1 Field Prime (P)
P = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f

def reconstruct_y(compressed_key_hex):
    print(f"--- Public Key Compression Audit ---")

    # 1. Parse the input
    prefix = compressed_key_hex[:2]
    x_hex = compressed_key_hex[2:]
    x = int(x_hex, 16)

    print(f"[*] Prefix: {prefix}")
    print(f"[*] X-Coordinate: {x_hex}")

    # 2. Calculate y^2 = x^3 + 7 (mod P)
    y_sq = (pow(x, 3, P) + 7) % P

    # 3. Calculate modular square root
    # Since P % 4 == 3, we can use the formula: y = y_sq^((P+1)/4) mod P
    y = pow(y_sq, (P + 1) // 4, P)

    # 4. Check Parity
    # y1 is the result, y2 is P - y1
    y_even = y if y % 2 == 0 else P - y
    y_odd = y if y % 2 != 0 else P - y

    # 5. Final Selection based on prefix
    if prefix == "02":
        final_y = y_even
        print("[SUCCESS] Found Even Y-Coordinate")
    elif prefix == "03":
        final_y = y_odd
        print("[SUCCESS] Found Odd Y-Coordinate")
    else:
        print("[ERROR] Invalid prefix for compressed key!")
        return

    print(f"[*] Derived Y: {hex(final_y)[2:].zfill(64)}")
    print(f"[*] Full Uncompressed Key: 04{x_hex}{hex(final_y)[2:].zfill(64)}")

# --- Simulation ---

# Case: A real-world compressed public key
# This corresponds to a well-known test key
test_key = "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
reconstruct_y(test_key)

How to Run the Auditor

  1. Ensure you have Python 3 installed.

  2. Copy the code into a file named pubkey_auditor.py.

  3. Run it using python3 pubkey_auditor.py.

Technical Takeaways

  1. Modular Math: Notice we use pow(base, exp, mod). This is the core of all cryptography. It keeps numbers within the "Field" of the prime $P$.

  2. Square Roots: In normal math, $\sqrt{9}$ is 3. In modular math, the "Square Root" is much harder to find, but secp256k1's choice of $P$ makes it relatively straightforward.

  3. Efficiency: By doing this math, every Bitcoin transaction is 32 bytes smaller. Over the history of Bitcoin, this has saved hundreds of Gigabytes of bandwidth for node operators.

Congratulations! You have completed the Public Key (Uncompressed vs. Compressed) module. You now understand the geometry behind your Bitcoin identity.

Related Articles
☕ Help support TeachMeBitcoin

TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation:

Ethereum: 0x578417C51783663D8A6A811B3544E1f779D39A85
Bitcoin: bc1q77k9e95rn669kpzyjr8ke9w95zhk7pa5s63qzz
Solana: 4ycT2ayqeMucixj3wS8Ay8Tq9NRDYRPKYbj3UGESyQ4J
◄ Previous article (The Even/Odd Y-Coordinate) Next article (Public Key Hash (PKH) Overview) ►
Address copied to clipboard!