Public Addresses & Private Keys

You've already heard us talking about public addresses, public keys, and private keys. We will try to explain them in detail on this page. You can think of a public address as being somewhat similar to a bank account number. In the case of cryptoassets, which rely on a public blockchain, anyone with an account number can view the balance (amount of crypto stored) in an account. A public address is thus used to receive funds OR to see the balance in an account. A private key, on the other hand, is like a password. If you have the private key to an address, you are allowed to make transactions (send assets) from that address. You may also hear reference to things like "seeds" and "pass phrases," and we'll explain those on this page.

People often talk about something called a public key. Often, this term is used interchangeably with public address. However, despite representing the same information, the definitions of these terms differ on a technical level. We will explain that later on this page. For now, if you ever see or hear a reference to a public key, you can assume that it is essentially synonymous with the public address.

This part of our website may cause some confusion, because we're going to go into some information that is more technical than the average user may need to understand. If you go to the "Public & Private Keys" page on this website, there's a short video at the bottom of the page which provides a sufficient overview on the topics. The most important thing to gain from this website is a general understanding of the difference between public addresses and private keys, and an understanding that you must never share your private keys with anyone.

Public Keys

To begin, what does a public key look like? A real public key is usually a long alphanumeric string consisting of hexadecimal characters. Hexadecimal characters are restricted to the digits 0 through 9 and the letters A through F. You may wonder why hexadecimal characters are used. Why not just use numbers? Or if we need to use letters, why not use the whole alphabet instead of just including the letters A through F? The answer is simple, but would make more sense to a mathematician or a computer programmer. Hexadecimal notation is commonly used in computer programming and related fields. Hexadecimal is the numbering system for base 16. We're used to base 10 (decimal) numbering, which probably arose naturally because our ancestors had ten fingers and ten toes, and were used to counting on them. But for a computer, the inherent numbering system is base 2 (binary). Base 16 is a natural extension of binary. We have an appendix at the back of our print book (Fomo, Moon, Lambo) to explain hexadecimal numbering in more detail, if you're curious. But you don't really need to understand it fully in order to work with crypto. Just take our word that base 16 is fairly useful for computers.

Let's get back to public keys. Here is an example of what a public key might look like. This is a real public key (slightly different from the public address) for a real Litecoin wallet. When expressed in text form, the public key is:

0437F40BE1827A7F5FF4C1ADA993F76313D1B7278FBC55123782C7C926CEAA6B5E8A9F05FC40BD6EC995C955511576C22E7CA396F2EEB73871DD34217B6CC2D7A5

As mentioned, this public key represents a wallet address. It's fairly long, isn't it? It would be impossible for most people to memorize that address. Having a bank account number which is 130 characters long would undoubtedly prove to be inconvenient. Imagine how long the lineups would be at the bank if you had to give the bank clerk an account number that is 130 characters long. That wouldn't be suitable or convenient for regular daily use. The same thing is true when you have a cryptocurrency wallet address which is that lengthy. To make public keys more user-friendly, this problem is solved by shortening the public key to about a quarter of its original length, making it much easier to work with. The shortened version of a public key is known as the public address, which we'll cover next.

Public Address

What does a public address look like? Unlike a public key, a public address is not restricted to hexadecimal characters. It usually takes the form of an alphanumeric string. Quite often, every letter of the alphabet and every digit could be present in a single address. Letters may be either uppercase or lowercase (or both) which means that there are sixty-two possible options for any specific character in the key (26 capital letters, 26 lowercase letters, and 10 numerical digits). The case of a letter is important. A lower case letter is not treated the same way as a capitalized version of the same letter. Not every cryptocurrency allows all sixty-two alphanumeric characters to be used in a public address. Some cryptos have restrictions, for various reasons. Depending on what crypto you're using, your public addresses may have different structures, such as using only capital letters or only allowing one of the ten digits.

Here is an example of what a public address might look like. This is a real public address for a Litecoin wallet. When expressed in text form, the public address is:

LbrZv9q4XMgbuAEusU5JvUSdgVRoHg8Knx

Do not send any funds to this wallet! You will lose your money. This wallet address is not intended for you to send us a donation or a tip! Anybody who looks at this website (or reads our book) will soon have the ability to remove any funds that were deposited into this wallet.

The black and white pattern that you see above is called a Quick Response code (or QR code). A QR is a barcode which can be scanned using a dedicated QR scanner, or by using a QR scanner app on a smartphone with built-in camera. You may not have known that a barcode doesn't have to be composed solely of thick and thin lines, but can instead be pixelated like a QR code. Anyway, this particular QR provides a barcode representation of the exact same string of text as our public address. QR codes exist to present the same information in a different format that's both easier to work with and more accessible. It is much more efficient to scan a QR code using your smartphone than it is for you to type out a few dozen characters without any typos. It is also much easier for your smartphone to scan a QR code correctly than it is for your phone to scan and correctly understand a string of text or letters.

Some types of public addresses have certain conventions. Bitcoin public addresses are up to 34 alphanumeric characters long (sometimes slightly shorter) and always start with the digit 1. Litecoin addresses are always to up 34 characters long (alphanumeric), but they always start with an uppercase letter L. Iota's addresses use any of the 26 letters (uppercase only) and the digit 9, allowing for 27 options for each character in the key. Incidentally, Iota's key is 81 characters long, which is much longer than the keys for Bitcoin or Litecoin or most other cryptocurrencies.

Public Address vs Public Key

Despite appearing radically different, the public address shown above corresponds to the public key described in the previous section. As mentioned, the shorter length of this public address makes it more convenient and user-friendly than the public key. Unfortunately, a lot of people refer [incorrectly] to the public address as being a public key. We can sympathize. We've already implied the same thing earlier. We won't judge you for using the two terms interchangeably, but at least now you know that there is a very important technical difference between the two, even if they are intended to represent the exact same information.

As mentioned, if you know a public address or key, you can see the balance of any crypto that might be stored in that address. This is due to the fact that each blockchain is set up as a public ledger. There are advantages and disadvantages to this system. Let's review those advantages and disadvantages. An advantage is that the public ledger is a permanent and immutable (unchangeable) record of all the transactions that have ever occurred. As such, you don't have to worry that someone has changed or edited any of the past transactions, therefore you know that the information on the blockchain is correct. This is extremely important when it comes to accounting, the keeping of financial records, and a trust of previous transactions. Incidentally, don't forget that financial records are not the only information that can be stored on a blockchain.

Of course, as we mentioned elsewhere on this site, a public ledger also presents some disadvantages. One such disadvantage is that anybody who knows a wallet address can see the amount of money in that wallet. They may not know who owns the wallet, but the contents of the wallet can't be hidden. All transactions are traceable. If you make a transaction from your wallet to a stranger's wallet, that stranger now knows the address of your wallet (and can thus see the contents). This is a potential security risk.

Let's get technical for just a moment. Although the public address and public key represent the same information, they obviously look very different. They have different combinations of letters and numbers, and one is much longer than the other. How can they mean the same thing?

A public address is derived from a hashing algorithm which has been applied to the public key. A hashing algorithm is a one-way street in terms of cryptography. With a public key, it is possible to quickly produce a public address, but it is essentially impossible to work backwards to figure out the public key with just a public address. This is important in terms of data security. We're not going to explain why it's essentially impossible to reverse-engineer the hashing algorithm; you'll just have to trust us that it can't be done. We have an appendix about hashing if you'd like to learn some of the slightly more technical details. You don't need to know exactly how it's done though; you just need to know that it works.

There has been some worry that at some point in the future it might become possible for someone to "crack" a public key and derive the private key from it. Specifically, people are worried that quantum computers might be able to accomplish this task. The probability of this happening any time soon is extremely low, because our current supercomputers aren't powerful enough to crack keys (and if they were, they'd be put to better uses than cracking a single wallet address). However, in a theoretical sense, if it was possible to somehow crack a public key to derive a private key to the same wallet, the funds stored in wallets would be vulnerable to theft. The use of a public address rather than a public key acts like an extra locked door at the entrance to your house. Of course, there's still a drawback. When you send any crypto from a wallet (you do a spend), your public key rather than public address is revealed on the blockchain. At that point, you no longer have the advantage of that extra "locked door" for thieves to penetrate. Essentially then, the extra layer of security provided by using a public address instead of a public key is only valid for a wallet that has only ever received (and never spent) any crypto.

People talk a lot about whether cryptocurrency systems could fall apart when quantum computers eventually become a reality. You may be reassured to know that quantum computers are believed to be possibly capable of deriving the private key from a public key, but not capable of deriving a private key from the hash of the public key (the public address). The authors of this website don't worry about quantum computers. Once quantum computers eventually become a reality, they'll probably be put to much more important uses than opening peoples' wallets. Also, certain cryptocurrencies have been specifically designed to be "quantum resistant." I guess we'll see how that plays out someday.

Private Keys

A private key has the same general appearance as a public key and without context, telling the two apart is extremely difficult. Private keys however, often tend to be longer than public keys.

Here is an example of what a private key may look like in a mainstream WIF text format. WIF stands for Wallet Import Format. This is a real private key (password) for a Litecoin wallet (we presume that the wallet is empty). The private key for this wallet is:

6vuw9DbaenYyMjuBDn8bkH3Ny23b4s6mPPLq4dbuxZPDm EVo4TM

What are private keys used for? As previously mentioned, you can think of a private key as a password to a digital account, or you could think of it as a key to a locked cabinet. A private key grants you access to the funds found within its associated wallet, and that specific wallet is identified by a public key (or public address).

With your private key, you don't need to know your public key. This differs slightly from the concept of a bank account. If you go to a bank, you need to know your account number. Simply presenting your password to a teller without your account number would not grant you access to your account. On a blockchain, the information pertaining to both the account number and its password are embedded within the private key. If you were hypothetically able to do this at a bank, you could tell the bank teller that your password is "Heather120482" and the teller would be able to say, "Oh, of course, that password is for account number 7285-28-002765." In other words, comparing a bank account and password to a public address and private key is not a perfect analogy.

It is important to note that each wallet has its own distinct private key. A private key only opens one wallet. Not surprisingly, you cannot use a private key for a Bitcoin wallet on a Litecoin wallet, because it would not be the correct private key.

You should NEVER share your private key with anyone, no matter what the circumstances are. The private key posted on this page leads to an empty wallet. If you own any Litecoin and are inclined to make a test transaction, you could send a minuscule amount to that wallet. You could use a blockchain explorer to watch the transfer. Having said that, we do not recommend that you try that, as we do not accept donations, and we don't monitor that wallet. Anyone who reads this page has the capacity to unlock the wallet in question and remove any funds that are in it.

View-Only Keys

Currently, Monero is sometimes reputed to be the only completely private cryptocurrency, although certain other privacy coins also make the same boast. Monero is so private that even with the public key of a Monero wallet, you can't see the amount of funds in the wallet. This presents a challenge in the case where a party to a transaction would like to show the other party the contents of their wallets, but doesn't want to share their private key and risk losing funds. To resolve this challenge, every Monero wallet has a "view-only" key, in addition to the public and private keys. A view-only key allows someone to access a wallet and "view" its contents without providing any other information on the wallet. View-only keys are irrelevant to the majority of cryptoassets currently available.

Pass Phrase

A pass phrase is a more complex (and consequently more secure) version of a password. Pass phrases, unlike passwords, are generally allowed to include spaces. As such, even a simple pass phrase usually provides much more security than a traditional password, due to its length. You may be surprised by this, but a comprehensive pass phrase such as "I like to eat chocolate chip cookies" is incredibly more difficult for a supercomputer to crack by using brute force methods than a shorter arbitrary password such as "Y8s9aJ#&@"

Every password or pass phrase becomes more secure and harder to crack when you make it longer. Adding even a single extra character to an existing password usually makes it at least seventy times more difficult to crack, especially if you're using random characters. Although a pass phrase that is a sentence in English might not have the advantages of being comprised of "completely random" characters, the extra length should make up for that. Add some random punctuation and numbers to your pass phrase, and you get top marks for great security.

Some websites allow the use of pass phrases in place of simple passwords. This is good. Any website administrator whose site doesn't allow for passwords that are at least 32 characters long is in need of some computer security lessons. The ability to use long pass phrases on websites will become increasingly common in the future.

Certain hardware cryptocurrency wallets allow the use of pass phrases as a security measure. In these cases, a pass phrase acts as more than just a fancy PIN number to access the device. The pass phrase is required to access the wallet accounts on the device, rather than just to access the device itself. The pass phrase is not actually stored on the device. If your device was stolen and "taken apart" in a lab, the thieves would be unable to get into your crypto wallets because they wouldn't know the pass phrase. This is due to the way a pass phrase is processed. Rather than being stored on the wallet, an algorithm processes the pass phrase information that you enter, and that processed information is what allows your crypto accounts to be unlocked. Therefore, a thief would need to have both the physical device AND the pass phrase for the device, in order to access your money.

Some pass phrases for certain cryptocurrencies are designed intentionally to work universally across all devices or websites (but only to unlock one specific wallet, of course). This is ok, as they are incredibly complex. Using a unique 25-word pass phrase on a different device is mathematically much, much more secure than signing into a bank account from a different device.

A pass phrase can consist of a "seed phrase" plus an extra word that acts as a password to that seed phrase. Next, we will examine seed phrases.

Seeds

We will preface this section with a piece of advice. This is one of the Golden Rules of crypto security: Never generate a seed (or private key) from an online website! This is a certain way to lose all of your money. Many of the websites that generate seeds are compromised, and your seed or private key will also be sent to a malicious actor, who will wait until you have deposited some crypto into a wallet. After you've done so, he/she will steal it. Believe us, we know of several people that this has happened to!

A seed phrase is a specific collection of common words, in a particular order, which acts as a complex password. Why use a seed instead of a private key? The answer is simple: It is because it is easier to type into a computer than a long private key. Some people just like to use common everyday words to access their wallets, instead of complex alphanumeric strings. Iota is one of the cryptocurrencies that uses seeds, so in the next section, we'll talk mostly about how seeds work within that particular cryptocurrency. However, Iota is certainly not the only crypto that uses seeds, so this knowledge will be useful for many other crypto projects too.

Seed phrases can have any number of words, but they commonly consists of 12 or 24 word seeds. Unlike a pass phrase that might be used to get into a wallet or website, a seed phrase generates a specific public and private key. Here's an example of a 36-word seed phrase generated for an Iota wallet:  "mean burger analyst note tomorrow boost woman view effort carry clock length innocent nice identify adult clock giraffe usage cabin ball twin scan there cash punch angry priority ski empty remain bonus reduce demise truck life." By using that combination of 36 words, which must be used in that particular order, the following seed is created:

JF9TWKFESZPLKUYQFTSTVHXZLKAIGIAHTNGRANUHAQRNSNFLJAZQNPTONCUPHIOZVTAJBIQJHKBANLGOBMSLMIXEUZ

Here's a screenshot of the wallet information created when this seed phrase and seed were generated:

Note that in this particular example, we generated a "real" seed, but we did it from a website that is reputed to be a scam site after many Redditors have reported losing funds. This is why we blocked out the identifier URL with the red stripe. Do not send funds to this wallet address. You will lose them. This is not a wallet that the authors are using or monitoring, and we do not accept donations.

As noted in other sections, scam websites are abundant for almost every type of cryptocurrency. Never trust a site to keep your funds safe without doing exhaustive research. A good resource in determining the safety of any particular website is the official subReddit for that cryptoasset, where you can find resources listed on the sidebar. The moderators of every crypto subReddit generally work hard to ensure that only sites believed to be safe and legitimate are listed on their resource pages. Even so, scam websites sometimes trick Reddit moderators. Ultimately, you should only use resources that are endorsed directly by the official development team for your cryptocurrency.

Assuming that this wallet was legitimate, the seed phrase and seed generated for this wallet will open a specific wallet which has the following "receive address":

JF9TWKFESZPLKUYQFTSTVHXZLKAIGIAHTNGRANUHAQRNSNFLJAZQNPTONCUPHIOZVTAJBIQJHKBANLGOBMSLMIXEUZ

This receive address is comparable to a public key for the wallet.

It is important to understand that a seed phrase is not actually the same as a private key. This is because a seed phrase allows for the generation of a number of equally valid private keys. We bet that you were surprised by this! A seed phrase, which is sometimes called a "word seed," is simply a more human-readable way of expressing a "root private key." The 36 words that we used in the example above, when repeated in that exact sequential order, will always generate the exact same root private key.

Now you're probably confused by the reference to a "root" private key, since that term wasn't mentioned earlier. A root private key is used to generate other private keys for other wallet addresses. All of your addresses will still have different private keys, but they can all be restored by the single main root private key which comes from your seed phrase. This is probably more than a basic crypto enthusiast needs to learn right now, so just keep this in mind for later.

A seed phrase may also be described as a recovery phrase, as the seed phrase offers the means to recover (remove) your funds from your wallet.

Additional Technical Information (advanced users only)

In addition to regular public addresses and private keys which come in the expected and familiar text format, there exist variations of these strings in different data formats and of different field lengths. There can be compressed and uncompressed seeds. There can be different encryption standards used when generating these keys. These are confusing concepts, so don't worry if they don't entirely make sense. We're about to delve into the realm of math and computer science, so all that matters is that you understand the difference between public and private keys. If you don't understand the additional technical information on the rest of this page, it's ok. You can just skip ahead to the next section of our website if you'd prefer.

Here are some additional details associated with the wallet shown above.

First, it is important to grasp that numbers or text strings can be represented in different ways. For example, the number 4 can be represented simply as 4, or it can be represented mathematically as 2*2 or 2^2. If you decide to depart from our conventional base 10 system of mathematical notation, and convert to binary notation, the number 4 (as expressed in base 10) can be represented as "0100".

When you look at the graphics above, the public and private keys are represented in four common notations used for key information. These four notations are called WIF, WIFC, HEX, and B64. Be aware that all four notations express the same string in their respective ways.

WIF stands for Wallet Import Format. This is the traditional format for a key, i.e. an alphanumeric string containing both lower and upper case letters. The WIF version of the private key is

6vuw9DbaenYyMjuBDn8bkH3Ny23b4s6mPPLq4dbuxZPDmEVo4TM

WIF keys are 51 characters of the "Base58" character set (more on this below).

WIFC stands for WIF Compressed. The WIFC version of the private key is

TAxdyGbdXn47kYMJ7QCYN1oVxFcRN48SuocX92Z6kDw5KvwG1PqK

The format for this key is 52 characters of the "Base58" character set.

HEX stands for Hexadecimal, a base-16 numbering system. The 16 allowed Hexadecimal characters are the digits 0 through 9 and the letters A, B, C, D, E, and F, which represent 10, 11, 12, 13, 14, and 15 respectively. In the above graphic, the private key in hexadecimal format is

EBF3DF7CB89AF1FC9D624BBEB75BC8354AC03289EC6BBFA425C5E32C7E2A6CD3

B64 stands for Base 64. The 64 characters allowed are the letters A through Z (capitalized) which represent the numbers 0 through 25, the letters "a" through "z" (lower case) representing the numbers 26 through 51, the digits 0 through 9 representing 52 through 61, the "+" symbol representing 62, and the "/" symbol representing 63. In addition, the equal sign is a permitted character, used for padding. Base 64 is similar to Hexadecimal but is in base 64 rather than base 16. In the above graphic, the private key in B64 format is expressed as:

6/PffLia8fydYku+t1vINUrAMonsa7+kJcXjLH4qbNM=

Base 58 is a group of binary-to-text encoding schemes used to represent large integers as alphanumeric text. It is similar to Base64 but has been modified to avoid both non-alphanumeric characters and letters which might look ambiguous when printed. Thus, it is designed to be easily used for manually entering data or copying from a visual source. In addition, it is easy to copy & paste this information because a double-click will usually select the whole string, without getting fooled by any punctuation that might have been present in B64 format. Base 58 drops six characters from the conventional base 64 character set. The six characters that are dropped are the digit zero, the capital letter "o", the capital of the letter "i", the lowercase of the letter "L", and the "+" and "/" symbols. This method is well-suited to encode large integers, but not very helpful or efficient when trying to encode longer portions of binary data, since it is not an exponential power of 2.

A Few Short Videos about Public and Private Keys