Ok so the quote that there are 2^96 private keys is wrong then
I realize this is an old discussion but this thread now appears towards the top of searches for "How many Bitcoin addresses are there" and I wanted to add some exact numbers along with some "color" that might make more sense than exact numbers.
The AnswerThe total possible number of addresses is exactly 2
160, or more commonly expressed as
2^160 which is 2 multiplied by itself 160 times.
As a
decimal number (what most people consider "normal") this is 1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976.
Why THAT NumberIf I were to ask you how many possible numbers could be shown on a 2-digit scoreboard under the HOME team section, the answer would be 100. Don't feel bad if you thought 99, we're all incorrectly taught to start counting at one instead of zero, but the range of 0 to 99 = 100 possible numbers.
Similarly, a Bitcoin address must be a whole number that can be displayed on a "scoreboard" that uses binary numbers and extends 160 digits. If you can wrap your head around hexadecimal numbering, it offers a good illustration of the range of possible numeric addresses being from:
0 to FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFFPrivate Key PossibilitiesThe total number of possible private keys is frequently listed as
2^256 and for all sensible discussion, this is correct.
However,
technically there are fewer due to usage of the secp256k1 Curve usage. Words cannot express how insignificant of a difference the actual number is from
2^256. Imagine all of Earth's beaches. Now imagine them with one less grain of sand. Even THAT example is overstating the difference (though the actual numeric difference is far greater than the actual number of grains of sand on Earth's beaches
)
But since we're talking exact numbers, here's an illustration (compared to 2^256)
Total Numbers As Decimals
115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 (exact private key maximum)
115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936 (2^256)
Maximum Value as a Hexadecimal
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140 (exact private key maximum)
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF (2^256)
Overall SecurityGoing back to the discussion of how long it would take to brute force attack a specific address -- quite simply not possible with today's technology. A few years ago, I posted this question in the mathematics section on the stack exchange trying to figure out how many trials would be needed to even have a 1% probability. Suffice to say... it's pretty safe.
https://math.stackexchange.com/questions/2845598/how-to-calculate-binomial-distribution-of-really-smallIf you or someone you know still finds themselves worried about the idea of someone randomly guessing your private key code, it might be worth noting that we all face similarly improbable odds on a regular basis. It would be far more likely for a cybercriminal to find a recycled password or some other vulnerability to access our financial records. A three-year-old might accidentally hit the precise keystrokes to miraculously log into your account. These are risks we inherently accept and don't lose sleep over yet they are more likely to occur than anyone guessing your private key combination. While there is a possibility it is just too low to consider existent. But to quote dumb and dumber...
SO YOU'RE SAYING THERE'S A CHANCE.....