Public Keys, Private Keys, and Addresses
A private key is a secret number only you know; a public key is derived from it and safe to share — together they let you prove ownership of funds without ever revealing your secret.
Public-key cryptography is how you 'own' cryptocurrency without a bank account. Understanding keys is also the foundation of all crypto security: most hack victims lost funds because they mishandled their keys — not because the blockchain was broken. The math is rock-solid; the human layer is where it fails.
The Intuition
Traditional finance requires identity: your name, SSN, and bank account number tie your money to you. Blockchain works without identity — instead, it works with mathematical proof. Your private key is a secret number. From it, you derive a public key (safe to share) and an address (your 'account number').
To spend funds, you create a digital signature that proves you know the private key — without revealing the private key itself. It's like proving you know a password without saying the password. The math makes this possible.
See it concretely
Think of a padlock with a transparent mechanism: anyone can see the lock's design (the public key) and use it to seal a box addressed to you. But only you have the physical key (private key) that can open it.
The clever part: your private key also produces unforgeable signatures on documents — like signing your name in a way that's mathematically impossible to forge, and anyone can verify with the public key. Bitcoin transactions work exactly this way.
Tempting — but wrong
The precise version
Bitcoin uses ECDSA (Elliptic Curve Digital Signature Algorithm) over secp256k1:
— Private key: random integer k ∈ [1, n-1], where n is the curve order (~2^256)
— Public key: K = k·G, where G is the generator point (elliptic curve point multiplication)
— Address: Base58Check(SHA256(RIPEMD160(K)))
— Signing: given message m, signature (r, s) is computed from k, m, and a random nonce
— Verification: given (r, s), m, and public key K, anyone verifies the signature without knowing k
Key asymmetry: k·G is fast to compute; inverting K → k requires solving ECDLP, believed intractable.
K = k \cdot G \pmod{p}Check your understanding
What is the mathematical relationship between a private and public key in Bitcoin?
Click to reveal answer
What happens if you permanently lose your private key?
Click to reveal answer
What is a BIP-39 seed phrase and how does it relate to your private key?
Click to reveal answer
- I understand why public keys are safe to share
- I know the consequences of losing a private key
- I understand what a seed phrase represents
You generate a Bitcoin wallet on an air-gapped computer, write the seed phrase on paper, then destroy the paper. The address holds 5 BTC. What is the outcome?