What is the checksum in Base58Check?

It is the first four bytes of SHA-256(SHA-256(payload)), often written SHA256d. Those four bytes are appended to the payload before Base58 encoding. A decoder recomputes the hash and rejects the string if the checksum does not match, catching typos.

Why does Base58 use a 58-character alphabet?

Base58 removes the characters 0, O, I, and l from Base62 because they are easy to confuse visually, plus the + and / used by Base64. The result is a compact, copy-safe encoding ideal for addresses and keys.

How are leading zero bytes handled?

Each leading zero byte in the payload is encoded as a single leading 1 character, because 1 is the first symbol of the Base58 alphabet. This is why mainnet Bitcoin addresses, which start with a 0x00 version byte, begin with the digit 1.

Is this the same encoding Bitcoin uses?

Yes. Bitcoin legacy addresses (P2PKH and P2SH) and WIF private keys all use Base58Check with this exact SHA256d checksum scheme. This tool was verified to reproduce the canonical example address 16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM.

Does my data leave the browser?

No. The Base58 encoding and the SHA-256 hashing both run locally in JavaScript on your device. Nothing is sent to a server, which matters when you are handling key material.

Base58Check Encoder (with Checksum)

Base58Check is the encoding behind Bitcoin addresses and WIF private keys. It wraps a raw payload with a built-in error-detecting checksum so that a single mistyped character makes the whole string invalid rather than silently pointing somewhere else. This tool takes a hex payload and produces the exact Base58Check string.

How it works

Encoding happens in two stages. First the checksum:

hash      = SHA256(SHA256(payload))
checksum  = hash[0..4]          (first 4 bytes)
extended  = payload || checksum

Then the extended byte array is converted to Base58 using the Bitcoin alphabet 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz. The conversion is repeated division of the big integer by 58, and every leading 0x00 byte is emitted as a leading 1.

Example and notes

The payload 00010966776006953d5567439e5e39f86a0d273bee (a version byte plus a 20-byte public-key hash) encodes to 16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM, the canonical worked example from the Bitcoin wiki. To build a mainnet address, prefix a RIPEMD160(SHA256(pubkey)) hash with the version byte 0x00; for a WIF private key use version 0x80. The leading 1 you see in the output comes directly from that 0x00 version byte.