Seed phrase illustration

Chapter 5

Public key, private key and secret phrases

Understand what are public keys, private keys and secret phrases, how they are created and how they are used to store and transfer cryptocurrencies.

Clock icon10 minutes|Pascal Hügli|Published 2021-09-02|Updated 2024-10-31

TL;DR

What is a public key?

A public key is to cryptocurrency what an IBAN is to a bank account: the address on which you can receive money on a blockchain.

What is a private key?

The private key is what authorizes you to control funds attached to a public key and initiate transactions from that address. Public and private keys are always created in pairs.

What is a seed phrase?

A seed or secret phrase is a human-readable master private key in the form of a sequence of words. It can contain an unlimited amount of public/private key pairs.

A defining feature of cryptocurrencies is the fact that they are true digital bearer instruments, meaning that you can exert full and complete ownership over them. A cryptocurrency does not "exist" as an account entry in a centralized balance sheet (like money in a bank account), but as tokens residing on a distributed ledger.

Because of that nature, a cryptocurrency can be possessed independently of any third party and can be owned self-sovereignly. As an "owner" you are not just entitled to owning it, you can take actual ownership of it.

A good illustration is the comparison of Bitcoin and gold: although the cryptocurrency represents an abstract, digital form of money, it can be handled directly by its holder just like you can own and control a piece of gold by yourself.

In the case of Bitcoin and any other cryptocurrency, that control is wielded through electronic signatures.

Public/private key cryptography

Cryptocurrencies (and that is where their name comes from) are based on cryptography, which can be seen as the art of making mathematical problems very difficult to solve.

With Bitcoin, a specific cryptographic algorithm is used, which is called Elliptic Curve Digital Signature Algorithm, or ECDSA. This algorithm ensures that "funds" on the Bitcoin network can only be spent by their rightful owner and not by anyone else. Other cryptocurrencies might use different cryptographic algorithms, but they all achieve the same goal.

An important concept to understand how cryptography is applied to cryptocurrency. It is called a signature scheme, which is made of two parts:

  1. The signature, where an owner uses his private key to produce a digital signature.
  2. The verification, where the signed message and the public key are used to check whether the digital signature has been made with the associated private key.

As you probably see it by now, the key concepts to grasp in this scheme are the public key, the private key and the digital signature. The verifying key is always public as it can be used by anyone to do the verification. Generally, this key is referred to as the public key.

The signing key on the other hand has to remain private, which is also why it is commonly called the private key. Typical of any public/private key cryptography is the fact that every public key matches with a corresponding private key. Both of these keys are created in pairs and they always have a definite mathematical relationship.

Signing a message

When the owner of a cryptocurrency wants to move some coins, the network demands that person to sign a corresponding message, i.e. the transaction.

To do so, the owner applies a mathematical transformation to the transaction message (usually done through a digital wallet software) by using the signing key (private key). The output of this signing process will be a definite string of numbers called the digital signature.

In order for the transaction to go through, its message has to be validated. All that is needed for this verification procedure is the transaction message, the digital signature of this message that has been created by the private key, and the corresponding public key.

One-way hash function

A public key is derived from a private key when it is created. Between the two keys exists what is called a one-way hash function. It means that with a private key, it is easy to derive its corresponding public key but not the other way around. With today's technology, it is impossible to generate a private key from a public key.

This is thanks to Bitcoin's SHA-256 algorithm. With it, private keys are 256 bits long, meaning that Bitcoin's private key space (the number of different distinct keys that are possible to create) is about 2256, which is an ridiculously large number. It is about 1077 in decimal. In comparison, the universe is estimated to contain 1080 atoms. It is therefore practically impossible that anyone will guess or be able to brute force your private key randomly.

Crypto keys and signature scheme

Crypto keys and signature scheme

Practically speaking, what does all of this mean?

For all intents and purposes, your private keys are your crypto. If you lose the private keys, access to and the ability to control your crypto are lost forever. This is why private keys need to be kept safe and secret at all times, because revealing them to anyone is equivalent to giving them control over the funds secured by that private key.

While the private key is like the password to your bank account, the corresponding public key can be thought of as your personal IBAN number. Anyone willing to send you cryptocurrency will have to send it to your public key that, again, is controlled by you through the corresponding private key.

Another analogy for your public key is to see it as your email address but for money. Just like you send messages to/from email addresses, in crypto you send funds to/from public keys. Unlike an email address that is tied to an email client (Gmail, Outlook, etc.), or an IBAN that is tied to a bank, your public/private key pair is independent from any software and can be used with any non-custodial wallet application, like Bridge Wallet. This analogy also nicely conveys the fact that a public key is sometimes also called a public address.

The power of secret phrases

Ultimately, private keys can be shown in many different formats. Their most common form used to be a long string of random numbers and characters, which wasn't particularly user-friendly. Learning and remembering one's private key was very hard and therefore prone to errors. This is why a better way to display them was gradually adopted: in the form of a secret phrase.

Most of today's crypto wallets won't give you a cryptic private key by default anymore. Instead, the private key will be translated into seed words. Depending on the wallet, you will be given either 12, 18 or 24 seed words (a secret phrase). These seed words make up your private key and are just another way of displaying in a human-readable way what could be shown as a painfully long string of random numbers and characters.

A secret phrase is also called seed phrase, mnemonic phrase, mnemonic, mnemonic seed, mnemonic seed phrase, seed key, or recovery phrase. All those terms are ultimately the same thing and simply describe the 12 or 24 words long sequence of a secret phrase.

In order to secure the funds associated with the seed words, they have to be memorized or written down in the exact order that they were given. What we have already said about private keys is true for secret phrases as well: there is virtually no way for anyone to guess a secret phrase. When creating a new secret phrase, the words are chosen randomly from a list of 2,048 English words.

That sequence of words, entered in the right order, is converted using formulas into numbers that give access to a wallet and all the public key - private key pairs that it contains.

Example of a 12-words secret phrase:

Bridge Wallet seed phrase screen

Keeping a secret phrase private and ensuring that it won't be lost is critical, as it is the only way to access and recover a wallet and all of its content. Anyone getting access to a secret phrase can take control of the content of its wallet and transfer it elsewhere, an operation that cannot be reverted due to blockchain's nature.

Split seed phrases

A split seed phrase is an alternative form of secret phrase that generates a sequence of 100 seed words (instead of the 12/18/24 words of a regular secret phrase) and splits it in 5 pieces, which are then distributed among a group of 5 different storage nodes. That secret phrase can only be reconstructed when at least 3 pieces are combined together.

This method is more secure than a regular secret phrase. It is a good trade-off to mitigate the risk of theft and the risk of loss/destruction of the secret phrase.

The tree structure of secret phrases

Today's wallets don't merely create one private key and one public address for you but many. They follow a widely adopted standard to create so-called deterministic (HD) wallets. Simply speaking, with such wallets a master private key is generated. This master private key can then be used by the wallet software to create many child private keys and their corresponding public keys.

This leads to a sort of tree structure where multiple child keys are derived from a parent key. Because all the child private and public keys are ultimately derived from the master key, they can all be controlled by the same secret phrase that is given to you by your crypto wallet.

A secret phrase contains many public/private key pairs, meaning that with one secret phrase you can basically use as many addresses as you need. That also includes public/private key pairs on different blockchains, which is why for instance with Bridge Wallet (and most wallet applications) you control with a single secret phrase a Bitcoin wallet, an Ethereum wallet, a Tezos wallet, and so on.

Hierarchical deterministic wallet structure

The tree structure of an HD wallet

Backing up secret phrases

Most of non-custodial wallet apps ask you to back up your secret phrase immediately after creating it. Although that step is not mandatory, you should really back up your secret phrase sooner rather than later if you plan to use seriously.

You should either write your secret phrase down on a piece of paper and store it somewhere safe (waterproof and fireproof if possible), or you could even use more durable support like metallic plates, where you can engrave your seed words. You can buy such products online from manufacturers like Ledger, Trezor or BitBox.

Most importantly, never make a screenshot of your secret phrase and never write it on a digital medium (email, SMS, text file, etc.). When using a mobile wallet, your secret phrase is indeed stored on your mobile phone but it is locally encrypted and protected by passwords, which is already more secure than most options (we'll explain the different options in more detail in another chapter). If you write or screenshot your secret phrase, it is openly available on your device and can be easily hacked. If anyone gets access to that text or picture file, your cryptocurrencies will be gone in minutes.

We will have a deeper look in the next chapters the different ways to use secret phrases and the best ways to keep them secure.

Pascal Hügli photo

About the author

Pascal Hügli

Pascal is a moderator, debater and lecturer at the Zurich University of Applied Sciences in Business Administration (HWZ). He advises the bank Maerki Baumann in a mandate as Crypto Investment Manager. As an analyst for the German-language newsletter Insight DeFi, he aims to inform the general public competently and concisely about the events and opportunities of the new decentralized world of Bitcoin and Co. He is also the author of the book Ignore at your own risk: The new decentralized world of Bitcoin and blockchain.

Don't miss our next article!

Subscribe to our newsletter and get the next chapters delivered straight to your mailbox.

SubscribeRight angle white icon