RoadToChain Logo
RoadToChain
T0/M0.4/Private keys, public keys, addresses
beginner 10m read

Private keys, public keys, addresses

Asymmetric cryptography for humans. Your private key IS your identity.

#cryptography #keys

Here's the single biggest misconception I had for months: I thought my ETH was inside MetaMask. Like coins in a digital piggy bank, sitting on my hard drive. I even avoided uninstalling MetaMask because I was afraid I'd "lose my money."

I was completely wrong. My ETH was never in MetaMask. It was never on my computer. It existed — and still exists — as a number in a massive global spreadsheet running on thousands of machines around the world.

MetaMask just holds the key that lets me write to that spreadsheet.

1. The Problem: Identity Without a Server

In Web2, identity is simple: you create an account (email + password), the server stores it in a database, and when you log in, the server checks your credentials. Your identity exists because the server says it does.

On a public blockchain, there is no server. There's no account creation form. There's no "forgot my password" flow. Nobody runs a user database.

So how does the blockchain know who you are?

Answer: Mathematics. Your identity on the blockchain is a mathematical relationship between three things: a private key, a public key, and an address.

2. Layman Explanation: The Signature That Can't Be Forged

Imagine you're a medieval king, and you need to send sealed orders to distant generals. You have a personal signet ring — carved with a completely unique pattern that no one else can replicate.

  • Your private key is the ring itself — the physical object you guard with your life
  • Your public key is the wax impression the ring leaves — anyone can examine it to verify it came from your ring
  • Your address is your name plate outside the castle — a short label that identifies you publicly

When you seal a document:

  1. You press your ring (private key) into hot wax on the letter
  2. Anyone who receives the letter can compare the wax pattern (public key) against your known seal
  3. If it matches, they know: "This order genuinely came from the king"

The crucial property: Someone can verify your seal without ever seeing your ring. They cannot forge new seals from the wax impression. The ring → impression direction is one-way.

This is exactly how blockchain cryptography works.

3. Technical Explanation: The Derivation Chain

PRIVATE KEY → PUBLIC KEY → ADDRESS DERIVATION🎲 Random Entropy256 random bitsCryptographically secure🔑 Private Key0x4c0883a69...⚠️ NEVER share thissecp256k1🔓 Public Key04ab83c92f...512-bit (uncompressed)Keccak📬 Address0x71C7656E...Last 20 bytes of hash⛓️On-chainidentityONE-WAY FUNCTIONSPrivate Key → Public Key → Address. You cannot reverse the arrows. Ever.

// Private key → public key → address. Each arrow is a one-way mathematical function. You can never reverse the direction.

Key derivation chain — private key to public key to Ethereum address
Your Ethereum identity is a chain of one-way mathematical operations: random entropy → private key → secp256k1 elliptic curve → public key → Keccak-256 hash → address.

Here's the exact pipeline that creates your blockchain identity:

Step 1: Generate a Private Key

Your private key is just a random 256-bit number. That's it. A very large random number.

types.ts
typescript
// A private key is literally a random 256-bit integer
// Example (DO NOT USE — this is for illustration only):
const privateKey = "0x4c0883a69102937d6231471b5dbb6204fe51296170827936ea5e0b39a6d47f7c";
// This is 64 hex characters = 256 bits of entropy
// There are more possible private keys than atoms in the observable universe

Step 2: Derive the Public Key (secp256k1)

The private key is multiplied by a special point on an elliptic curve (secp256k1 — the same curve Bitcoin uses). This produces a 512-bit public key. This operation is mathematically one-way: you cannot compute the private key from the public key.

Step 3: Derive the Address (Keccak-256)

Take the public key, hash it with Keccak-256, and take the last 20 bytes. Prefix with 0x. That's your Ethereum address.

types.ts
typescript
// The full derivation in ethers.js:
import { Wallet } from "ethers";
 
const wallet = Wallet.createRandom();
console.log("Private key:", wallet.privateKey);   // 0x4c0883a6...
console.log("Public key:",  wallet.publicKey);     // 0x04ab83c9...
console.log("Address:",     wallet.address);       // 0x71C7656E...
 
// The address IS your identity on the blockchain
// It's derived deterministically from your private key
// Same private key → always same address

4. The Key Insight: Where Your Coins Actually Live

HOW DIGITAL SIGNING WORKS — YOUR PRIVATE KEY NEVER LEAVES YOUR DEVICE📄 Message"Send 0.1 ETH to Bob"Raw transaction data🔢 HashKeccak-25632-byte digest🔐 ECDSA SignPrivate Key + Hashsecp256k1 curve mathKey NEVER transmitted✅ Signature{ r, s, v }65 bytes totalProves ownership📡BroadcastTo networkKEY INSIGHTAnyone can verify the signature — nobody can extract the private key from it.

// When you sign a transaction, your private key never leaves your device. Only the mathematical signature is broadcast.

Your coins are not inside any wallet app. They exist as entries in the Ethereum global state — a mapping of addresses to balances:

1.5
typescript
// Conceptual representation of Ethereum state
// This "database" runs on ~7,000+ nodes worldwide
const ethereumState = {
  "0x71C7656E...": { balance: 1500000000000000000n }, // 1.5 ETH
  "0xBobAddr...":  { balance: 800000000000000000n },  // 0.8 ETH
  // ... millions of entries
};
 
// MetaMask doesn't store this. It READS it via an RPC call:
// eth_getBalance("0x71C7656E...") → "0x14D1120D7B160000"

When you "send ETH," you're not moving a file from your computer. You're signing a mathematical proof that says "I own the private key for address 0x71C7..., and I authorize subtracting 0.1 ETH from my entry and adding it to Bob's entry." Validators verify your signature, update the global state, and seal it into a block.

MetaMask just holds the key. The money was never there.

// Reality Check

If you lose your private key (or seed phrase), no one can help you. There is no "forgot password" email. There is no customer support phone number. There is no central authority that stores a backup. The private key IS the identity. If it's gone, the ETH at that address is permanently inaccessible — it still exists on the blockchain, but no one can ever sign transactions for it again. This is the fundamental tradeoff of self-custody.

— Production Engineering Principle
// I Got This Wrong

Thought my ETH was "in" MetaMask. Considered uninstalling MetaMask to "move" my crypto to a different wallet. Eventually learned that reinstalling MetaMask with the same seed phrase restores full access — because the coins were never in MetaMask. They were always on-chain. The seed phrase just regenerates the same private key, which derives the same address, which points to the same on-chain balance.

— Postmortem Confession
Key Confusion

"If my address is public, can someone steal my ETH by knowing it?"

No. Your address is derived from your public key, which is derived from your private key. Each derivation is a one-way function. Knowing your address tells someone nothing about your private key. They can see your balance (it's public), but they cannot sign transactions for your account. Only the private key holder can do that.

System Design Challenge
Think Active

Open etherscan.io and look up Vitalik Buterin's public address (0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045). You can see his entire balance and transaction history — it's all public. Now think: why can't anyone just take his ETH, if the balance is visible to everyone?

[ Think Before Continuing ]
// Project Connection

Visual Blockchain Simulator

The Visual Blockchain Simulator includes an animated key derivation panel that steps through: entropy → private key → elliptic curve multiplication → public key → Keccak hash → address. This lesson's mental model drives the entire signing animation component.

Skills you'll practice:
  • Node propagation
  • P2P communication
  • Block formation
  • Gas fee mechanics
Related Course TrackTrack 0 Foundations
View Project

Was this lesson helpful?

Let us know what you think of this specification. (submitting anonymously)