Base58Check Encoder (with Checksum)

Base58 + 4-byte SHA256d checksum — Bitcoin address format

Encode any hex payload to Base58Check: appends a 4-byte double-SHA256 checksum for integrity, then Base58-encodes with the Bitcoin alphabet. Verified against real Bitcoin addresses. Runs entirely in your browser. It runs free in your browser on Gera Tools, with nothing uploaded.

Last updated Source: Gera Tools

What is the checksum in Base58Check?

It is the first four bytes of SHA-256(SHA-256(payload)), often written SHA256d. Those four bytes are appended to the payload before Base58 encoding. A decoder recomputes the hash and rejects the string if the checksum does not match, catching typos.

Base58Check is the encoding behind Bitcoin addresses and WIF private keys. It wraps a raw payload with a built-in error-detecting checksum so that a single mistyped character makes the whole string invalid rather than silently pointing somewhere else. This tool takes a hex payload and produces the exact Base58Check string.

Why Base58Check was invented

Early Bitcoin developers faced a specific usability problem: people needed to write down and type cryptocurrency addresses by hand, and address errors could mean permanent, irrecoverable fund loss — unlike a bank where a mistyped account number bounces. Two design decisions solved this:

Remove confusing characters. Base64 uses +, /, 0, O, I, and l — characters that are easy to mistake for each other in handwriting and many fonts. Base58 removes these six, leaving only characters that are visually unambiguous.

Add a checksum. Even with a clean alphabet, a typo creates a valid-looking string. Appending a 4-byte double-SHA256 checksum means any single-character change produces a checksum mismatch, and the address can be rejected before any funds move.

How it works

Encoding happens in two stages. First the checksum:

hash      = SHA256(SHA256(payload))
checksum  = hash[0..4]          (first 4 bytes)
extended  = payload || checksum

Then the extended byte array is converted to Base58 using the Bitcoin alphabet 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz. The conversion is repeated division of the big integer by 58, and every leading 0x00 byte is emitted as a leading 1.

The Bitcoin alphabet in detail

The 58-character alphabet is ordered: 1 2 3 4 5 6 7 8 9 A B C D E F G H J K L M N P Q R S T U V W X Y Z a b c d e f g h i j k m n o p q r s t u v w x y z.

Notice: 0 (zero), O (capital letter o), I (capital letter i), and l (lowercase letter L) are absent. These are the four characters historically confused in handwritten notes, printed receipts, and certain typefaces.

Worked example from the Bitcoin wiki

The canonical verification test:

FieldValue
Payload (hex)00010966776006953d5567439e5e39f86a0d273bee
Double-SHA256 checksum (first 4 bytes)d61967f6
Extended hex00010966776006953d5567439e5e39f86a0d273beed61967f6
Base58Check output16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM

The leading 1 in the output maps directly to the 0x00 version byte: every leading zero byte becomes a leading 1 in Base58Check output.

Version bytes and common use cases

The version byte prefixed to your payload determines what the encoded string represents and what leading characters the output has:

Version byte (hex)TypeTypical leading character
0x00Mainnet P2PKH address1
0x05Mainnet P2SH address3
0x80WIF private key (mainnet)5, K, or L
0xEFWIF private key (testnet)c

To build a mainnet Bitcoin address, hash the public key with RIPEMD160(SHA256(pubkey)), prepend 0x00, then run through this Base58Check encoder. For a WIF private key, prepend 0x80 to the raw 32-byte private key scalar.

Security note: This tool runs entirely in your browser. No hex data is transmitted to any server. When working with real private key material, ensure you are on a trusted, air-gapped machine.