Mcap -- BTC -- ETH -- SOL -- BNB -- XRP -- F&G -- View Market
Loading prices…

Public Key

The non-secret counterpart to a private key. Used to verify signatures and, after hashing, to produce crypto addresses.

Cryptography 4 min read

A public key is the non-secret counterpart to a private key. It is derived from the private key via a one-way function β€” specifically, point multiplication on an elliptic curve β€” and it can be freely shared without compromising the private key it came from. The public key has two practical uses in crypto. First, it can verify signatures: anyone with the public key can check whether a signature was produced by the corresponding private key, without learning the private key itself. Second, it can be hashed to produce a crypto address, which is what you actually share with people who want to send you funds.

The asymmetry is the whole point. Given the private key, producing the public key is a quick computation. Given the public key, recovering the private key would require solving the elliptic curve discrete logarithm problem, which is computationally infeasible with current hardware (and would stay infeasible even against much faster hardware short of cryptographically relevant quantum computers). This one-way relationship is what lets you publish the public key β€” or use it to derive an address you share widely β€” without giving away any ability to spend from it.

Bitcoin vs Ethereum Addressing

Bitcoin and Ethereum both use elliptic curve cryptography on the secp256k1 curve, so the underlying math is the same. They differ in how they turn public keys into addresses.

Bitcoin hashes the public key (first with SHA-256, then with RIPEMD-160) to produce a 160-bit hash, prepends a version byte, appends a checksum, and encodes the result in Base58 to produce the familiar 1..., 3..., or bc1... addresses. The reason for the extra hashing step is partly to shorten the representation (a full public key is 33 or 65 bytes; a hash is 20 bytes) and partly to add a layer of protection against a theoretical quantum attack on elliptic curve cryptography β€” the public key is not exposed until you spend from the address for the first time, which limits the window for quantum attack.

Ethereum takes the public key, runs it through Keccak-256, and uses the last 20 bytes as the address, displayed in hex with a 0x prefix. There is no Base58, no checksum in the original format, and no extra hiding step β€” the Ethereum address is just a truncated hash of the public key. The more recent EIP-55 introduced a checksum by using mixed case in the hex representation (e.g., 0xAbC123... instead of 0xabc123...), which lets wallets detect typos without changing the underlying address.

Signature Recovery

One of the quirks of Ethereum’s signature format is that it is recoverable β€” given a signature and the message it signed, you can derive the public key that produced the signature without needing it as a separate input. This is why Ethereum transactions do not include the sender’s public key explicitly; the network recovers it from the signature and computes the address to verify authorization. Bitcoin’s signatures are also recoverable in principle but the protocol typically requires the sender to include the public key explicitly alongside the signature.

Signature recovery is a useful trick for saving space and simplifying contract interactions β€” many Ethereum protocols use it to implement meta-transactions, permit signatures, and other off-chain signing workflows. It also means that the first time you send a transaction from a Bitcoin address, your public key becomes visible on-chain permanently; if you want to preserve the quantum-resistance property that comes from hiding the public key behind a hash, you should avoid reusing addresses after spending from them.

Why You Rarely See the Raw Key

For day-to-day wallet use, you almost never interact with the public key directly. You see the address (which is a hash of the public key) and the private key (either as a raw hex value or, more commonly, as a derivation from a seed phrase). The public key is something the wallet software computes internally when it needs to verify signatures or display the address, and it does not usually show up in the UI at all.

The main places where “public key” appears in ordinary usage are Bitcoin pubkey-script addresses (the raw P2PK form, which is mostly historical), BIP32 extended public keys (xpubs, which are used to generate watch-only wallets without giving up spending ability), and various protocol-level messages where signature verification is happening. For everyone else, “public key” is an internal concept and “address” is the thing you share, even though the two are closely related.

Private Key The secret number that lets you sign transactions from a crypto address. The one thing standing between you and anyone else spending your coins. Read definition Address The unique identifier you send crypto to. A string of letters and numbers derived from a public key, and the on-chain equivalent of a bank account number. Read definition Wallet Software or hardware that manages your crypto private keys and lets you interact with blockchains. Less like a wallet, more like a key ring. Read definition Merkle Tree A tree of hashes that lets you prove a specific piece of data is in a set without downloading the whole set. Quietly critical to how blockchains actually work. Read definition Nonce A number used once. In Bitcoin, the value miners change to find a valid block hash. In Ethereum, the counter that prevents replay attacks on transactions. Read definition Zero-Knowledge Proof A cryptographic technique for proving a statement is true without revealing why it's true. The primitive behind ZK rollups and on-chain privacy. Read definition