Key Takeaways
What is a Public Key?
A public key in cryptocurrency functions similarly to an IBAN for your bank account: it's an address where you can receive funds on the blockchain.
What is a Private Key?
A private key grants you control over funds associated with a public key and allows you to initiate transactions from that address. Public and private keys are always generated as a pair.
What is a Seed Phrase?
A seed phrase is a human-readable master private key in the form of a word sequence. It can generate an unlimited number of public/private key pairs.
A fundamental characteristic of cryptocurrencies is that they are true digital bearer instruments, meaning you can exercise full and complete ownership over them. Cryptocurrencies don't exist as an account entry in a centralized ledger (like money in a bank account) but as tokens stored in a widely distributed ledger (the blockchain).
Due to this nature, cryptocurrency can be owned independently and self-custodied without relying on a third party. As the "owner," you not only have the right to possess it but also the ability to actually take possession of it.
A good analogy is comparing Bitcoin to gold: although cryptocurrency is an abstract, digital form of money, it can be handled directly by its holder, much like owning and controlling a piece of gold.
In the case of Bitcoin and every other cryptocurrency, this control is exercised through digital signatures.
Public/Private Key Cryptography
Cryptocurrencies (hence their name) are based on cryptography, which can be viewed as the art of making mathematical problems very difficult to solve.
Bitcoin uses a specific cryptographic algorithm called the Elliptic Curve Digital Signature Algorithm (ECDSA). This algorithm ensures that "funds" in the Bitcoin network can only be spent by their rightful owner and not by anyone else. Other cryptocurrencies may use different cryptographic algorithms, but they all pursue the same goal.
An important concept for understanding how cryptography is applied to cryptocurrencies is the so-called signature scheme, which consists of two parts:
- Signing, where an owner uses their private key to create a digital signature.
- Verification, where the signed message and the public key are used to verify whether the digital signature was created with the corresponding private key.
As you've probably noticed, the key terms in this scheme are the public key, the private key, and the digital signature. The verification key is always public because it can be used by anyone for verification. This key is generally referred to as the public key.
The signing key, however, must remain private, which is why it's commonly called the private key. Typical for all public/private key cryptography is the fact that every public key has a corresponding private key. These two keys are created as a pair and always maintain a specific mathematical relationship.
Signing a Message
When the owner of a cryptocurrency wants to move some coins, the network requires that person to sign a corresponding message, i.e., the transaction.
For this purpose, the owner applies a mathematical transformation to the transaction message (usually via digital wallet software) using the signing key (private key). The result of this signing process is a unique string of numbers: the digital signature.
For the transaction to be executed, the message must be validated. All that is needed for this verification process are the transaction message, the digital signature of that message (created with the private key), and the corresponding public key.
One-Way Hash Function
A public key is derived from a private key when it is generated. A one-way hash function exists between the two keys. This means it's easy to derive the corresponding public key from a private key, but not the other way around. With today's technology, it's impossible to generate a private key from a public key.
This is thanks to Bitcoin's SHA-256 algorithm. Private keys are 256 bits long. This means Bitcoin's private key space is about 2^256, which is an unimaginably large number. In decimal, it's roughly 10^77. For comparison: the entire universe is estimated to consist of 10^80 atoms. It is therefore practically impossible for someone to guess your private key by chance or obtain it through a brute-force attack.
What Does This Mean in Practice?
In every sense, your private keys are your cryptocurrency. If you lose the private keys, access to and control over your cryptocurrencies are lost forever. For this reason, private keys must always be kept safe and secret. If you reveal them to someone, you give that person control over the funds secured by that private key.
While the private key can be understood as the password for your bank account, the corresponding public key can be thought of as your personal IBAN number. Anyone who wants to send you cryptocurrencies must send them to your public key, which in turn is secured by your private key.
Another analogy for your public key is to consider it your email address, but for money. Just as you send messages to/from email addresses, in the crypto world you send money to/from public keys. Unlike an email address, which is tied to an email client (Gmail, Outlook, etc.), your public/private key pair is independent of any software and can be used with any non-custodial wallet application, like Bridge Wallet. This analogy also illustrates why a public key is sometimes called a public address.
The Power of the Seed Phrase
Ultimately, private keys can be represented in many different formats. The most common form was a long string of random numbers and characters, which proved not very user-friendly. Learning and memorizing one's private key was very difficult and therefore error-prone. For this reason, a better form of representation was gradually adopted: the seed phrase.
Most modern crypto wallets no longer give you a cryptic private key by default. Instead, the private key is translated into seed words. Depending on the wallet, you will receive either 12, 18, or 24 seed words (a seed phrase). These seed words form your private key and are merely another way of representing what would be a painfully long sequence of random numbers and characters in a human-readable form.
A seed phrase is also known as a mnemonic phrase, mnemonic, mnemonic seed, mnemonic seed phrase, seed key, or recovery phrase. All these terms ultimately mean the same thing and simply describe the 12 or 24-word sequence of a seed phrase.
To secure the funds associated with the seed words, they must be memorized or written down in the exact order they were provided. What we've already said about private keys also applies to seed phrases: there is practically no way for someone to guess a seed phrase. When creating a new seed phrase, words are randomly selected from a list of 2,048 English words.
Example of a 12-word seed phrase:
riverpurposesubmitavoidsirenartthrivefabricdivertsurgekiteobscure
This sequence of words, entered in the correct order, is converted into numbers using formulas, granting access to a wallet and all the public-key-private-key pairs within it.
Keeping a seed phrase secret and ensuring it is not lost is absolutely crucial. It represents the only way to access a wallet and its entire contents, as well as to restore it. Anyone who gains access to a seed phrase can take control of the wallet's balance and transfer it to another location/wallet—a process that cannot be reversed due to the nature of the blockchain.
Shared Seed Phrases
A shared seed phrase is an alternative form of seed phrase where a sequence of 100 seed words (instead of the 12/18/24 words of a regular seed phrase) is generated and split into 5 parts, which are then distributed to a group of 5 different storage nodes. The seed phrase can only be reconstructed if at least 3 parts are combined.
This method is more secure than a normal seed phrase. It's a good compromise to mitigate the risk of theft and the risk of loss/destruction of the seed phrase.
The Tree Structure of Seed Phrases
Modern wallets don't just create one private key and one public address for you; they create several. They follow a widely adopted standard for creating so-called deterministic (HD) Wallets. Simply put, these wallets generate a master private key. This private key can then be used by the wallet software to create many child private keys and their associated public keys.
This results in a kind of tree structure, where multiple child keys are derived from a master key. Since all child private and public keys are ultimately derived from the master key, they can all be controlled via the same seed phrase.
A seed phrase contains many pairs of public/private keys, which in turn means that with one seed phrase, you can use as many addresses as you need. This also includes pairs of public/private keys on different blockchains, which is why you can, for example, manage a Bitcoin wallet, an Ethereum wallet, a Tezos wallet, etc., with a single seed phrase using Bridge Wallet (and most wallet applications).
Backing Up Seed Phrases
Most non-custodial wallets prompt you to back up your seed phrase immediately after creation. Although this step is not mandatory, you should back up your seed phrase sooner rather than later if you plan to use it seriously.
You should either write your seed phrase on a piece of paper and keep it in a safe place (preferably waterproof and fireproof). You could even use more durable/secure aids like metal plates into which you can engrave your seed words. You can purchase such products online from manufacturers like Ledger, Trezor, or BitBox.
The most important thing is to never take a screenshot of your seed phrase and never transfer it to a digital medium (email, SMS, text file, etc.). When using a mobile wallet, your seed phrase is stored on your mobile phone, but only locally encrypted and protected by passwords, which is already more secure than most other options (we will explore the various options in more detail in another chapter). If you write down your seed phrase or take a screenshot of it, it becomes openly accessible on your device and can be easily hacked. If someone gains access to that text or image file, your cryptocurrencies can be lost in minutes.
In the next chapters, we will take a closer look at the different ways to use seed phrases and the best methods for backing them up.
Frequently Asked Questions
What happens if I lose my seed phrase?
If you lose your seed phrase and no longer have access to your wallet (e.g., your device is lost or broken), you will permanently lose access to all cryptocurrencies stored in that wallet and any wallets derived from that seed phrase. There is no central authority to recover it for you.
Can someone steal my crypto with just my public key?
No, your public key is meant to be shared. It is used to receive funds. To spend or move funds, the corresponding private key is required to sign transactions. Possession of the public key alone does not grant access to your funds.
Is it safe to store my seed phrase in a password manager?
Storing a seed phrase in a cloud-based password manager is generally not recommended due to the potential risk of the service being hacked. If used, it should be an offline, securely encrypted password manager, but physical, offline storage (like metal plates) is considered the gold standard for long-term security.
Why are there 12 or 24 words in a seed phrase?
The number of words (12, 18, or 24) relates to the strength (entropy) of the private key. A 12-word phrase offers a very high level of security (128 bits of entropy), while a 24-word phrase offers an even higher level (256 bits of entropy). For most users, 12 words provide sufficient security.
Can I use the same seed phrase for different wallets?
Yes, you can often import the same seed phrase into different non-custodial wallet applications that support the same derivation standards (like BIP39/BIP44). This will give you access to the same set of keys and funds across different software interfaces. However, always ensure the wallet is reputable before importing your seed phrase.
What is the difference between a private key and a seed phrase?
A seed phrase is a human-readable representation of a master private key. From this master key, multiple private keys (and their corresponding public keys) can be deterministically generated. A single private key usually controls one specific address, while a seed phrase can control an entire hierarchy of addresses across multiple blockchains.