Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

What Are Public Keys Vs Private Keys?

Read 4 min
— The goal of public and private keys is to prove that a spent transaction was indeed signed by the owner of the funds, and was not forged.

— When you own cryptocurrencies, what you really own is a “private key” which unlocks the right for its owner to spend the associated cryptocurrencies. As it provides access to your cryptocurrencies, it should remain private.

— It’s possible to recover the public key if you own the private key. However, it’s impossible to find the private key using only the public key.

If you want to understand the theory behind how your wallet works, it’s important to understand the nuances of public vs private keys. This is the basis upon which your whole interaction with web3 is based. But actually, the concept of public and private keys existed long before cryptocurrency. It’s actually a cryptography concept called Public Key Cryptography (PKC) or Asymmetric Encryption.

But what on earth is that exactly? Well, it’s a rather technical subject, so let’s explore how they came to be.

The Origin of Public and Private Keys

As you may already know, Public and private keys are part of a larger field of cryptography known as Public Key Cryptography (PKC) or Asymmetric Encryption. However, you’re probably here to learn about how they relate to blockchains. But before we get there, let’s first explore what PKC is even for.

The general purpose of PKC is to enable secure, private communication using digital signatures in a public channel with potentially malicious eavesdroppers.

In doing so, PKC allows for transitions from one state to another while making reversing the process nearly impossible. This process proves you have access to the secret without exposing it to any other parties. To do this successfully, PKC uses an important one-way mathematical concept called a Trapdoor function. Put simply, Trapdoor Functions are mathematics problems that are easy to compute in one direction but nearly impossible to reverse.  In essence, it’s perfect for validating authenticity as the trapdoor function means it cannot be forged. 

To clarify, solving this problem will take computers enormous amounts of time (i.e., thousands of years) to compute the correct answer. In the context of PKC, such mathematical tricks like Prime Factorization are the trapdoor functions that make reverse-engineering (i.e., forging) cryptographic signatures impossible. Essentially it requires the computer to solve a virtually unsolvable math problem. 

To keep you secure, PKC relies on a two-key model: the public and private keys. It’s these two important components that work together to keep your important information safe. But what’s that to do with crypto?

Public and Private keys in Cryptocurrency

Well private and public keys are integral for public blockchains to operate. In the context of cryptocurrencies, PKC is used to prove that a spent transaction was actually signed by the owner of the funds rather than the result of forgery. The reason it’s so important is due to public blockchains’ transparency. Since all of the transactions are viewable by any network participant, it’s integral to have a method that protects users’ sensitive information. Otherwise, anyone using the blockchain could reverse engineer the password to your digital funds! In short, PKC keeps you safe from Charlie in the middle.

So how does that fit into the blockchain tech you already know about? And what on earth does “signing” a transaction actually entail? Well, before we attack transactions, it’s important to know exactly what public and private keys are.

What Are Public and Private Keys?

There is a cryptographic link between the public key and the private key. It’s possible to recover the public key if you own the private key. However, it’s impossible to find the private key using only the public key. Although not equivalent, public and private keys are analogous to an email address and password, respectively. 

Private key and Public key

Typically, crypto wallets each use a private and public key. To clarify, your public key is responsible for the address to your blockchain wallet and you can share it with anyone. Conversely, your private key is the code that will allow anyone access to the funds stored at that public address. 

But actually, there’s a little more to it than that.

What Are Private Keys?

Private keys are at the base of every blockchain account, and necessary for even the simplest of actions. For starters, when people say they “own” cryptocurrencies, what they really own is the private key to the wallet that stores those assets. To clarify, cryptocurrencies are always stored on the blockchain network, not within a crypto wallet itself. Instead, you own the special code that allows access to the account. 

This private key unlocks the right for its owner to spend the associated cryptocurrencies. However, should anyone get hold of it, it would also grant them access to your account too. That’s why – as the name suggests – it should remain private. There’s only one private key to your account and it functions as your private password only you should know.

However, that’s not the end of the story for private keys. It doesn’t just grant access to funds, it controls the whole basis of how your crypto wallet works and how you interact with other accounts too. To explain, it’s your private key that generates your public key in the first place. And it’s not just capable of generating a single public key, it can create multiple. This is not just for show though, it’s this process that keeps these keys linked, creating that special trapdoor function. 

What Are Public Keys?

Public keys are visible to all users in the network, and sometimes even beyond the network too. Essentially, public keys act like an account number. They make each wallet uniquely identifiable to participants on the network. Like the private key, a public key is actually made up of a long sequence of numbers far too long for a human to read. However, this is the code you need to create a blockchain address. To explain, a blockchain address is simply a hashed version of this public key.

What Is a Blockchain Address?

Your blockchain address, the code you can share with others to receive cryptocurrencies, is derived from your public key. When you send cryptocurrency to someone else, this is the address they will see. For Ethereum, it’s that long hexadecimal number starting with 0x. Then for Bitcoin, you might notice that your wallet will generate a new address each time you transact. Both of these methods are fine, and, to clarify, this blockchain address is completely safe to share. PKC guarantees that no one can access your funds with only your blockchain address or the public key it was derived from.

Public Vs Private Keys: How Do They Work?

So now you know what private and public keys are; what about how they work? Well, each of them have their specific roles but are equally important when executing transactions or signing approvals. That said, how your public and private keys interact depends entirely on what you’re trying to do with your crypto wallet. 

There are two main uses for private and public keys: encryption and signing. Encryption is for protecting sensitive information, by making sure only the intended recipient can read it. Signing, on the other hand, is for verifying the authenticity of a transaction, guaranteeing it wasn’t forged or tampered with. However, it’s important to note that while encryption with a person’s public key is crucial in multiple security contexts, it is not used in standard public blockchains. On blockchain networks, the most important function is signing.

So, let’s look at exactly how this function works.

Signing In Action

For example, let’s say you want to send 1ETH to your friend Bob using the Ethereum Network. In this case, you would find out Bob’s blockchain address, which was derived from his public key. Just like you, Bob also has a set of public and private keys, and his private key is the only one that controls the address of the corresponding public key. 

When you try to send any Ether, you will have to initiate a transaction request. Within that request, you specify the amount you want to send and where you want to send it—in this case we want to send 1 ETH to Bob’s account.      

From there, your crypto wallet uses your private key to sign the transaction. To explain, a signature is like a digital fingerprint; it proves to the blockchain that you intend to carry out the plan in the attached message. It also proves you are who you say you are. Your signature is created by your private key and includes the transaction details, which eventually become part of the transaction’s data. 

Once the transaction is signed using your private key, transaction and signature are then broadcast to the network. That means every node in the network can review the transaction. To follow, Ethereum validators verify that the signature matches your public key, guaranteeing you are who you say you are, and thus own the funds that you are trying to spend. They also check that Bob’s address actually exists on the network, and that the transaction is sound overall. If all of these conditions are met, the transaction will be confirmed. The 1 Ether will disappear from your account and arrive in Bob’s.

It’s important to reiterate that throughout this process, and as the owner of your private key, only you can sign the transaction capable of moving your own funds. That’s because your blockchain address is directly derived from your public key, which was originally derived from your private key. Thus, as long as you keep your private key private, no one can move your funds on the blockchain. Yes– even though you are sharing your public key, your address, and signatures of all your transactions, your funds remain safe. This is the brilliance of trapdoor functions in action. 

Private Vs Public Keys: Helping You Retain Custody of Your Crypto

As you now know, Private and public keys are an integral, but often overlooked, part of blockchain technology. Without public and private keys, your funds on a public network would be at risk of malicious onlookers. The great part about the trapdoor function is that when you use crypto, you are protected from the other participants on the network. 

This is why understanding how they interact within a blockchain transaction and how they are even derived in the first place is so important. Without them, an open peer-to-peer network would not be possible. Put simply, your private and public keys can allow you to go completely bankless, while actually owning the cryptocurrencies you buy. This is a core tenet of Ledger’s. 

While traditional banking accounts and centralized exchanges don’t actually give you unbridled access to your own funds, Ledger devices always do. Ledger believes in self-custody, meaning that only you should control your private key, and therefore the access to your funds.

Related Resources

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our

New coins supported, blog updates and exclusive offers directly in your inbox

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time using the link included in the newsletter.

Learn more about how we manage your data and your rights.