Private Keys and Public Keys Explained

Private keys and public keys are the cryptographic foundation of all cryptocurrency. Every Bitcoin wallet, every Ethereum address, every crypto transaction in existence depends on the mathematics of public-key cryptography to function. Understanding how these keys work, even at a conceptual level, transforms your understanding of why crypto security matters and what it actually means to “own” cryptocurrency.

The beautiful simplicity at the heart of the system: a private key is a randomly generated large number. From that number, a corresponding public key is derived using one-way mathematics (easy to compute in one direction, computationally infeasible to reverse). The public key generates a wallet address that anyone can see and send crypto to. The private key is required to sign transactions spending from that address. No institution verifies this: the mathematics enforces it universally and permissionlessly.

This guide explains private and public keys conceptually (no advanced mathematics required), how they generate wallet addresses, how seed phrases relate to private keys, what happens when you sign a transaction, and what it truly means that “not your keys, not your crypto.”

Public-Key Cryptography: The Foundation

Public-key cryptography (also called asymmetric cryptography) is a mathematical system where two related keys are generated together: a private key and a public key. The relationship between them has a critical one-way property: you can derive the public key from the private key, but you cannot derive the private key from the public key. This asymmetry is the security foundation.

This is analogous to a padlock: the padlock (public key) can be shared publicly and anyone can use it to lock a box. Only the key (private key) can unlock the box. But the analogy undersells the security: with real padlocks, a determined person can pick the lock or make a copy from the lock itself. With public-key cryptography, deriving the private key from the public key would require solving a mathematical problem that would take billions of years on all computers in existence running simultaneously.

Bitcoin uses Elliptic Curve Digital Signature Algorithm (ECDSA) on the secp256k1 curve for its cryptography. Ethereum also uses ECDSA on secp256k1. The private key is a 256-bit number (a number with 77 decimal digits), and the public key is a point on the elliptic curve generated by multiplying the private key by a defined base point. The security comes from the Elliptic Curve Discrete Logarithm Problem: given the curve point (public key) and the base point, finding the multiplier (private key) is computationally infeasible.

What a Private Key Is

A private key is a randomly generated 256-bit number: effectively any number from 1 to approximately 1.16 times 10 to the power of 77. The number of possible private keys is so large it exceeds the number of atoms in the observable universe. A wallet application generates this number using a cryptographically secure random number generator: the randomness quality is important because a predictable or poorly seeded private key is a security vulnerability.

Private keys are typically represented in a human-readable format:

Raw hexadecimal: A 64-character hex string like “E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262”. This is the raw private key in hexadecimal notation.

Wallet Import Format (WIF): A compressed representation starting with “5” (uncompressed) or “K” or “L” (compressed) used by Bitcoin wallets. WIF encoding adds a checksum that catches transcription errors.

The private key must be kept secret, stored securely, and used only for signing transactions. Exposing a private key to any party or any internet-connected system compromises that key permanently: anyone with the private key can spend all funds associated with it. This is not recoverable: crypto transactions are irreversible.

From Private Key to Public Key

The public key is mathematically derived from the private key using elliptic curve multiplication. The computation is deterministic: the same private key always produces the same public key. The public key is a point on the secp256k1 elliptic curve, represented as two 256-bit numbers (x and y coordinates), or in compressed form as a 33-byte value (one coordinate plus a sign bit).

The public key serves two purposes: it is a cryptographic commitment to the private key (proving ownership without revealing the key), and it is the basis for the wallet address. The public key can be shared freely: knowing your public key does not help an attacker compute your private key.

From Public Key to Wallet Address

A wallet address is derived from the public key through a hashing process. For Bitcoin: the public key is hashed first with SHA-256, then with RIPEMD-160, producing a 20-byte hash. This hash is encoded with a version byte and checksum using Base58Check encoding, producing the familiar Bitcoin address starting with “1” (legacy), “3” (P2SH), or “bc1” (Native SegWit Bech32).

For Ethereum: the public key (uncompressed, 64 bytes) is hashed with Keccak-256, and the last 20 bytes of the hash become the address, prefixed with “0x”. Ethereum addresses look like “0x742d35Cc6634C0532925a3b8D4C9C3E1e5F6c2e9.”

The address hashing step provides an additional security layer: even if the elliptic curve problem were somehow weakened, revealing the public key, the address does not directly expose the public key (it is a hash of it). For most wallet types, the public key is only revealed when a transaction is signed and broadcast, not from the address alone.

This address derivation chain — private key produces public key, public key produces address — is entirely deterministic and mathematical. There is no registration, no central authority, no database entry. Creating a wallet address is just mathematics: generate a random number (private key) and perform a sequence of mathematical operations. This is why anyone can create a wallet instantly, without permission, anywhere in the world.

How Seed Phrases Relate to Private Keys

Modern wallets do not directly use raw private keys as the primary user interface. Instead, they use hierarchical deterministic (HD) wallets defined by BIP-32 and BIP-44 standards, with a seed phrase (BIP-39) as the human-readable master backup.

The relationship: a 12 or 24-word seed phrase encodes a 128 or 256-bit master seed. From this master seed, a master private key is derived using a defined key derivation function. From the master private key, an unlimited number of child private keys are derived deterministically using BIP-32 derivation paths (like m/44’/0’/0’/0/0 for the first Bitcoin account’s first address). Each child private key has its own public key and address.

This hierarchy means one seed phrase backs up every account, address, and private key the wallet has ever generated. This is the power of HD wallets: rather than backing up each individual private key separately (which would be unmanageable across many addresses), the single seed phrase recovers the entire wallet tree. A seed phrase of 24 words is the compact, human-readable representation of a master cryptographic key that controls potentially millions of derived addresses.

Critically: the seed phrase is as sensitive as any individual private key. Anyone with the seed phrase can derive all private keys in the wallet and spend all funds. The seed phrase storage guide covers securing this master backup in full.

Digital Signatures: How Transactions Are Authorised

When you send cryptocurrency, you are creating a digital signature that proves you authorise the transaction without revealing your private key. This is the cryptographic core of how blockchain transactions work.

The signing process: You compose a transaction specifying inputs (which funds to spend), outputs (recipient addresses and amounts), and a fee. Your wallet takes this transaction data and uses your private key to compute a digital signature using ECDSA. The signature is a mathematical value that proves the transaction was created by someone who knows the private key for the spending address, without revealing the private key itself.

Verification: The signed transaction is broadcast to the blockchain network. Every node receiving it can verify the signature using the public key (which is derived from the address in the transaction inputs). If the signature is valid, the transaction is legitimate and can be included in a block. If invalid, it is rejected. This verification happens without any central authority: every node independently performs the cryptographic check.

This architecture is why hardware wallets provide security: the signing operation happens inside the secure element chip, where the private key lives. The private key computes the signature internally and outputs only the signature (not the key) to the connected computer. A compromised computer cannot steal the key because the key never passes through it, only the signature output.

Why Transactions Are Irreversible

Blockchain transactions are irreversible because there is no mechanism to “undo” a valid signed transaction. Once a transaction is confirmed in a block, it has been validated by the network’s consensus mechanism and embedded in the immutable blockchain history. Changing it would require redoing all the proof-of-work or stake consensus for that block and all subsequent blocks, which is computationally infeasible for an established chain. This irreversibility is a feature: it prevents double-spending and enables trustless settlement. It also means that sending to a wrong address, sending to a scammer, or any other transaction error is permanent. There is no bank to call, no dispute process, and no recovery mechanism beyond the recipient voluntarily returning funds.

Address Reuse and Privacy

Because the public key is only revealed when a transaction is spent (not from the address alone), it is good practice to use each Bitcoin address only once. After spending from an address, the public key is on-chain and visible. While this does not currently compromise security (the elliptic curve problem remains computationally infeasible to reverse), it reduces the privacy buffer against future cryptographic advances.

HD wallets automatically generate new addresses for each receive transaction, making address reuse unnecessary. Most modern wallets (hardware and software) implement this by default. For privacy reasons related to the blockchain transparency of Bitcoin, using fresh receive addresses for each transaction also prevents transaction history linkability: if you reuse an address, all transactions to and from that address are publicly linked.

Ethereum addresses are commonly reused because Ethereum’s account model (unlike Bitcoin’s UTXO model) typically involves one address per account. The public key is revealed on the first transaction and remains associated with the account permanently. This is accepted as a design tradeoff in Ethereum’s model.

Key Management in Practice

For most crypto users, direct interaction with raw private keys is rare. Hardware wallets manage keys inside the secure element. Software wallets manage keys in encrypted storage. The user interacts through the wallet interface without ever seeing the actual private key numbers.

The seed phrase is the practical user-level representation of key custody. Securing the seed phrase is securing the keys. The seed phrase storage and backup practices described in the seed phrase storage guide are the translation of private key security into user-level practice.

One common scenario where direct private key handling occurs: importing a paper wallet or moving from one wallet application to another using a private key rather than a seed phrase. When importing a private key, it is being entered into the new wallet software, which means it is touching the internet-connected device. This is the correct approach for migration (the key was already on that device conceptually), but importing a key from cold storage to a hot wallet means that key is now in a hot wallet context and should be treated accordingly.

What Happens When You Lose Your Private Key

Losing a private key (or a seed phrase, which generates private keys) means permanent loss of access to all funds associated with those keys. There is no password reset, no account recovery, no customer service escalation. The cryptography has no backdoor and no master key held by any company. The funds remain on the blockchain forever, associated with an address that can receive but never spend.

This is the most significant known permanent loss mechanism in crypto. The risks of losing crypto to mistakes include seed phrase loss, seed phrase destruction (fire, flood), and forgotten passwords to encrypted key backups. Estimates suggest that a significant fraction of all Bitcoin that will ever be mined is already permanently inaccessible due to lost keys.

The solution is correct backup practice: a properly stored, verified seed phrase on durable physical media in multiple geographic locations. The seed phrase storage guide and hardware wallet guide together provide the complete framework for preventing key loss.

Key Takeaways

Private keys are randomly generated 256-bit numbers that prove ownership and authorise transactions. Public keys are derived from private keys using one-way elliptic curve mathematics. Wallet addresses are derived from public keys through hashing. Seed phrases are human-readable encodings of master seeds that generate all private keys in a wallet using hierarchical deterministic derivation. Digital signatures prove transaction authorisation without revealing private keys: this is how blockchain transactions are validated without a central authority. Losing a private key or seed phrase means permanent loss of funds with no recovery option. Hardware wallets keep private keys in secure elements, meaning signing happens without keys ever touching internet-connected computers. Software wallets manage keys on devices where they are more exposed. The entire value of self-custody derives from you holding and securing your own private keys. All transactions are subject to Australian crypto tax obligations regardless of key management approach.