So, imagine I bought 1 BTC, so I have my private key generated by my online wallet and also my public key that I can give to people/friends. My question is, if I spend 0.5 to buy Apples on a website?
How does that work?
1) Only 0.5 BTC is sent to the website, I still have 0.5 BTC on private key A
2) 1 BTC total is sent through the protocol, thus the change is sent back to me. On which key? Key A where I had 1 BTC ? Or a new one generated? (Key B)
Thank you :)
Every private key has exactly one corresponding public key, and every public key has one address. Whenever a new address is generated, internally that means a new private key and public key are generated. Note that with BIP32 and BIP44, private keys can be generated deterministically from a master key or a seed, in which case these new private keys do not necessary need to be saved - they can just be regenerated from the seed or master whenever needed.
A new keypair is used for each change in most wallets, but that's done internally - it won't show you the address for those, as there is no need for anyone else to send you money to that.
Creating addresses is very cheap. A modern CPU can generate 1000s per second. It also does not require any interaction with the network. All that is needed is generating 32 bytes of random data, and computing its corresponding elliptic curve point.
If all the 1BTC was in one Unspent Transaction Output (UTXO) then you'd indeed send all of the 1BTC as an input in a transaction and assign this to two new outputs: 0.5BTC to make your payment and 0.5BTC to return your change to yourself.
If the 1BTC was split up into several Unspent Transaction Outputs, then you may have a combination that amounts exactly to 0.5BTC, e.g. you could use 0.1BTC+0.2BTC+0.2BTC. Then no change output would be created.
Whether you send change to the same address as before, or to a new address is up to the creator of the transaction. Most wallets avoid reusing the same address by default though, so the change output is sent to a new address.
