What is a private key?

A private key is a secret 256-bit number that proves you own your Bitcoin and authorizes spending.

Can you derive a private key from a public key?

Public keys are derived from private keys using one-way elliptic curve math—reversing it is essentially impossible.

What is a Bitcoin address?

An address is a hashed and checksummed version of your public key, used to receive Bitcoin.

Is it safe to share your public key?

Public keys are safe to share—they let people send you Bitcoin but can't be used to steal your coins.

What curve does Bitcoin use?

Bitcoin uses the secp256k1 elliptic curve for generating public keys from private keys.

Public Keys and Private Keys

10 min readarticleIncludes quiz · 5 questions

Public key cryptography is the foundation of Bitcoin. Your private key is your password—it proves you own your Bitcoin. Your public key is like your bank account number—you can share it freely. Together, they enable secure, trustless transactions.

Private Key:

•Definition: A secret 256-bit random number that proves ownership of Bitcoin.
•Function: Used to create digital signatures that authorize spending.
•Format: Can be represented as 64 hexadecimal characters or a 12/24-word seed phrase.
•Security: Must be kept absolutely secret. Anyone with your private key controls your Bitcoin.
•Uniqueness: So many possible private keys (2²⁵⁶ ≈ 10⁷⁷) that randomly guessing one is essentially impossible.
•Generation: Created using cryptographically secure random number generators.

Public Key:

•Definition: A number derived from your private key using elliptic curve mathematics.
•Function: Used to verify digital signatures and receive Bitcoin.
•Derivation: Created from private key using elliptic curve multiplication (one-way function).
•Security: Safe to share publicly—cannot be reversed to find the private key.
•Format: 33 or 65 bytes (compressed or uncompressed).
•Bitcoin address: Public key is hashed to create a shorter, more user-friendly address.

Key Definitions:

•Elliptic curve: A mathematical curve used in Bitcoin (secp256k1) to generate public keys from private keys.
•secp256k1: The specific elliptic curve Bitcoin uses (same one used by other systems).
•Key pair: A private key and its corresponding public key.
•Address: A hashed version of a public key, used to receive Bitcoin (shorter and includes checksum).
•Seed phrase: Human-readable representation of a private key (12 or 24 words).
•Entropy: Randomness used to generate private keys securely.

How Key Pairs Work Together:

1. Generate private key: Random 256-bit number (e.g., from dice rolls, coin flips, or secure RNG). 2. Derive public key: Use elliptic curve multiplication: Public Key = Private Key × G (where G is a fixed point on the curve). 3. Create address: Hash the public key (SHA-256, then RIPEMD-160) and add checksums. 4. Receive Bitcoin: Share your address (or public key) with senders. 5. Spend Bitcoin: Sign transactions with your private key to prove ownership.

The Math (Simplified):

Bitcoin uses elliptic curve cryptography (ECC):

•Curve equation: y² = x³ + 7 (this is secp256k1)
•Private key: A random number (k)
•Public key: k × G = P (multiply the private key by a generator point G to get public key P)
•One-way: Easy to compute P from k, nearly impossible to find k from P
•Security: Based on the "elliptic curve discrete logarithm problem" (ECDLP), which is unsolved

Analogy: Mailbox vs. Key

•Public key/address: Like a transparent mailbox anyone can drop letters (Bitcoin) into.
•Private key: Like the only key that can open the mailbox and retrieve the contents.
•Sharing: You can tell everyone your mailbox location (public key/address), but you never give away your key (private key).
•Security: Even if someone sees your mailbox and knows where it is, they can't take what's inside without your key.

Key Security Best Practices:

•Generate offline: Use trusted hardware or air-gapped computers.
•Verify randomness: Ensure your random number generator is truly random (not predictable).
•Multiple backups: Store seed phrase in 2-3 secure locations.
•Test recovery: Before depositing large amounts, practice restoring your wallet from seed.
•Never digital: Don't store private keys in email, cloud, photos, or messages.
•Hardware wallets: Use dedicated devices that keep private keys offline.
•Passphrases: Consider adding a 25th word passphrase for an extra hidden wallet.

Common Mistakes:

•Screenshot seed phrases: Photos can be synced to cloud, hacked, or leaked.
•Store in password managers: If the manager is breached, your Bitcoin is gone.
•Share with "support": Real Bitcoin support never asks for private keys or seed phrases.
•Reuse private keys: Some early Bitcoin users reused keys; this reduces security and privacy.
•Weak randomness: Using predictable methods (birthdays, simple passwords) to generate keys.

Test Your Knowledge

This lesson includes a 5-question quiz (passing score: 75%).

Quiz functionality available in the mobile app.