What is a private key and how does it work?

private keys

What is a private key?

A private key, or also called a private key, is a type of secret password that allows you to access your cryptocurrencies, such as Bitcoin. Private key allows you to cryptographically sign transactions. It is like a digital signature that allows you to prove that you are the rightful owner of the crypto in your wallet. You can think of a private key as a PIN for your bank that allows you to access your money. The person who owns the private key has full control over the associated cryptocurrencies.

Private keys are an essential component in blockchain technology and play an important role in the crypto world. A private key should never be shared with anyone, because the person with the private keys, can send crypto and thus potentially steal it. Therefore, it is very important to secure your private keys properly.


Key Takeaways

  • A private key is a secret code that gives you full control over your cryptocurrencies and is needed to sign transactions.
  • Private keys are generated locally and securely with cryptographic algorithms, making them all unique and no one can guess them.
  • A seed phrase is a readable string of words that represents your private key and allows you to recover your wallet.
  • It is crucial to never share your private key and seed phrase by properly securing and storing them offline.
  • The public key is derived from the private key and is used to receive and verify transactions, but does not itself provide access to your crypto.

What does a private key look like?

A private key looks like a long code that is usually 256 bits (characters) long. Exactly what the private key looks like depends on the wallet and blockchain. They are all randomly generated and all unique. Private keys are created by cryptographic algorithms and can come in different formats, these are some examples:

  • Hexadecimal notation: A 256-bit key represented in 64 characters consisting of numbers (0-9) and letters (A-F). For example:

A1B2C3D4E5F67890ABCD1234EF567890ABCDEF1234567890ABCDEF1234567890

  • Base58: A notation of a Private key that has a human-friendly notation by omitting confusing characters such as 0 (zero), O (capital o), l (small L) and I (capital i). This makes the key easier to read and less error-prone. For example:

5HueCGU8rMjxEXxiPuD5BDuCCuE9SLkVb1y3cT8SH4oqz6v

  • Wallet Import Format (WIF): A compressed version of the private key that usually begins with a 5, K or L. In addition, it contains controls for additional security. For example:

5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

Note: the examples shown above are not real Private keys and do not provide access to real crypto wallets.

What is a seed phrase?

A seed phrase or recovery phrase is a readable and user-friendly representation of a Private key. Instead of a long string of characters, a seed phrase creates a set of 12, 18 or 24 random words, for example:

cloud window globe salad detect forest wild frozen deer bike morning tool

The words in a seed phrase are based on BIP39 (Bitcoin Improvement Protocol), where a fixed list of 2048 words are chosen to represent the private key in a reliable and reproducible way.

The seed phrase is actually the root of your entire wallet: all wallet addresses, private key, public key and transactions can be derived from it. This is why it is so important to keep your seed phrase safe and not show it to anyone.

How does a private key work?

Private keys work on the basis of asymmetric cryptography. This is a system where two keys are connected, private keys and public keys. The public key is cryptographically derived from the private key, but it is practically impossible to retrieve the private key from the public key. You use the private key to sign your to transactions and you use the public key to verify it.

The process is as follows:

  1. You want to send 0.1 BTC to a friend.
  2. With your private key you show that you are authorized to carry out this transaction.
  3. Other nodes in the network can use your public key to verify the signature. If the combination of public key and private key is correct, the transaction is added to the network.

Because of this system, you never have to share or disclose your private key.

How are private keys generated?

Private keys are randomly generated using a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG). This is an algorithm that produces secure, unpredictable numbers that meet strict cryptographic requirements. The probability of generating the exact same private key is practically zero because there are so many different possibilities.

The generation of new private keys is done locally on a device, without interacting with external servers. In software wallets, the Pseudo Random Number Generator (PRNG) generates the secret key. In a hardware wallet such as Ledger or Trezor, the physical hardware generator creates for the secret key.

How can you secure your private keys?

As you probably know by now, private keys are a very important part in the crypto world. After all, you need a private key to access your cryptocurrencies. Therefore, it is very important that you keep the private key safe. Note: this only applies to non-custodial wallets (e.g. a hardware wallet), where you have to secure your private keys yourself. Here are some actions you can take to secure your private keys (and thus your cryptocurrencies):

  • Offline backups: Write down your seed phrase somewhere and keep it in a safe place. Also consider whether this place is fire and water resistant. Avoid digital storage via screenshots, emails or cloud services.
  • Encryption: If you do want to store your seed phrase digitally (for example, on an encrypted USB flash drive), make sure it contains strong encryption with a password you don't use anywhere else.
  • Protect yourself from phishing: No legitimate party will ever ask for your private keys or seed phrase. Do not fall for messages or emails in which someone asks for these, this is almost always an attempt at a scam.

What is the difference between a private and public key in crypto?

The difference between a private and public key in the crypto world is that a private key gives full control over cryptocurrencies and a public key is just a public key that can be used to receive or verify transactions. They are mathematically connected by forming a cryptographic key pair. Here are the main differences:

Key Private key Public key
Visibility Should remain secret May be shared publicly
Function Sign and execute transactions Verify transactions and receive crypto
Level of power Full control over cryptocurrencies No power over crypto wallet
Risk in the event of a leak High, possible loss or theft of crypto assets Low, no access to crypto assets

Conclusion

A private key is a kind of secret password that gives you control over your cryptocurrencies. It ensures that only you can sign and execute transactions. Therefore, your private keys should always be kept strictly secret. With the right security measures in place, you can avoid risks such as theft and enjoy the benefits of blockchain technology without worry. It is therefore very important that you know how private keys work and how to protect them.

About Finst

Finst is one of the leading cryptocurrency providers in The Netherlands and offers a best-in-class investment platform together with institutional-grade security standards and ultra-low trading fees. Finst is led by the ex-core team of DEGIRO and is registered as a Crypto Service Provider with De Nederlandsche Bank (DNB). Finst offers a full suite of crypto services including trading, custody, fiat on/off ramp, and staking for both retail and institutional investors.

The crypto platform you'll love

We are here to give you the tools, inspiration, and support you need to become a better investor.