Generating Private Keys with Bitcoin Dice

I 3D printed some hexadecimal dice so I could play around with rolling my own bitcoin private keys. With one 16-sided dice, labeled 0-9 and A-F, rolled 64 times you get some version of:


A bitcoin private key.

Put it through a series of hashes here and you get:


A private key WIF compressed

A few more hashes here and you get:


A segwit public address

The idea is that you can use physical dice to see how much entropy goes into generating a private key. Rolling your own private keys is for fun, not for serious storage of bitcoins. That being said it is a lot of fun, and I’ll make some metal ones available soon.

If you want to go deeper into the concepts of entropy and probabilistic security keep reading. If not I would run away now.

Entropy as Information

Entropy is a confusing topic because the word is closely related to the idea of disorder (in physics), chance, and probability.

Informational entropy is defined as the amount of information produced as the outcome of a discrete and random process. Where P is the number of possible outcomes, and R is the number of times it’s done.

$E = log2(P^R)$

But that’s a lot of words, so it helps to think of entropy like this:

  1. The amount of uncertainty or randomness in X (in bits).
  2. The number of yes/no questions needed to guess a draw from X.
  3. The minimum number of bits required to communicate one draw from X.

If that doesn’t help, let’s consider what we know about probability then try and relate entropy to that.

Gamboling on Practical Probability

The probability of heads or tails on a coin flip is 50/50 or 1.
The probability of rolling any one side of a six-sided dice is 1/6 or 0.16.
The probability of rolling double-zero on roulette is 1/38 or 0.03.

If you know what the probability of an outcome is, you can say what stakes you’re willing to put behind it. Roulette has some of the worst odds in the casino, yet people are still willing to gamble on the chance.

In gambling, the odds usually stay in the realm of a practical probability. In cryptography, the odds rely on improbabilities. Access to money, resources, identities, protection of user privacy is all secured by algorithms with statistically improbable outcomes.

Trust as an Emergent Property of Probabilistic Uncertainty

We can’t know what the outcome of any one particular coin flip is, but we know what the outcome of 100 coin flips is.

Certainty brings security, and security brings trust.

In Mathematics we trust.

Consider the idiom “A needle in a haystack,” which loosely means trying to find something really small in a mess of something really large. In Bitcoin, the needle is your private key, with direct access to potentially millions of dollars, and the haystack is the number of possible keys that could be generated.

The main underlying principle securing your key from other keys is the fact that it’s “hidden” or stored in a very big pool of possible keys. Every time someone goes to create a new key, they pull one at random from the pool of exactly $2^{160}$ possible private keys. Anyone could “regenerate” your private key, but no one ever does. Why? Because it’s statistically and practically improbable.

The chance that they would recreate your exact bitcoin private key is:

1 in 1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976.

So low the odds are essentially zero.

Low Probability, High Entropy

If you know the probability of a coin flip, what good does it do to know its entropy?

Odds tell us the probability of one particular outcome happening over another, entropy tells us the amount of data necessary to store the information of that outcome. Take for example flipping a coin with the possible outcomes of heads or tails.

We say the entropy of flipping the coin is 1 bit.

Consider the entropy of rolling a dice.

The entropy for rolling a standard 6 sided dice (d6) once is,

E = log2(6) = 2.58, or 3 bits per roll.

The chance of guessing the outcome of a dice roll is 1 out of 6, and on average you’ll need 2.5 yes/no questions to guess the result of the roll.


Highly improbable events are used for security guarantees in Bitcoin. In general, the lower the probability, the higher the entropy.

In Bitcoin the chance of pulling anyone specific private key is 1 in $1.16 × 10^{77}$, and that key can be stored in 256 bits of entropy.

$E = log2(16^{64}) = 256$

Informational entropy gives a way of calculating the smallest possible amount of data necessary to store the results of a dice roll. Or in the case of a bitcoin private key, the results of a 16-sided dice rolled 64 times. Neat.

Bonus Blogs: