Understanding Ethereum Keys, Addresses, and Wallets

Ethereum, much like Bitcoin, relies on a foundation of cryptographic keys and addresses to enable secure transactions and interactions on its network. If you're familiar with Bitcoin's mechanics, many concepts here will feel familiar, yet Ethereum introduces its own unique elements and standards. This guide breaks down the process of generating Ethereum keys and addresses, explains different address formats, and explores how wallets operate within the Ethereum ecosystem.

How Ethereum Addresses Are Generated

The process of creating an Ethereum address from a private key is very similar to Bitcoin's method. It involves a clear, multi-step transformation using cryptographic functions.

Generating the Private Key

An Ethereum private key is a 256-bit number, randomly generated using a cryptographically secure method. This key must be kept secret and stored offline, as anyone with access to it can control the associated funds.

Example private key: f8f8a2f43c8376ccb0871305060d7b27b0554d2cc72bccf41b2705608452f315

Deriving the Public Key

The private key is used in an elliptic curve scalar multiplication operation on the secp256k1 curve (the same curve Bitcoin uses). The result is a set of (x, y) coordinates which, when concatenated, form a 64-byte public key. For some uses, a prefix of 04 is added to create a 65-byte public key, but this prefix is omitted when generating an address.

Example public key: 6e145ccef1033dea239875dd00dfb4fee6e3348b84985c92f103444683bae07b83b5c38e5e2b0c8529d7fa3f64d46daa1ece2d9ac14cab9477d042c84c32ccd0

Hashing with Keccak-256

The 64-byte public key is then passed through the Keccak-256 hash function. It's crucial to note that Ethereum uses the original Keccak-256 algorithm, not the NIST-standardized SHA-3, despite what some source code comments might imply. This is a historical detail rooted in the timing of Ethereum's development.

Example Keccak-256 hash: 2a5bc342ed616b5ba5732269001d3f1ef827552ae1114027bd3ecf1f086ba0f9

Forming the Ethereum Address

The final Ethereum address is created by taking the last 20 bytes of the Keccak-256 hash and prefixing them with 0x to indicate a hexadecimal format.

Example Ethereum Address: 0x001d3f1ef827552ae1114027bd3ecf1f086ba0f9

This resulting string is known as a HEX address. A significant initial drawback was that these addresses lacked a checksum mechanism, making them vulnerable to typos that could result in irreversible loss of funds.

👉 Explore secure wallet options and address tools

Checksum Mechanisms: EIP-55 and Beyond

The lack of a checksum in the original HEX address format was a recognized problem. The expectation was that the Ethereum Name Service (ENS) would quickly replace these hard-to-read addresses. However, delays in ENS adoption necessitated an interim solution.

EIP-55: Capitalization-Based Checksums

EIP-55 proposed a clever, backward-compatible solution: using capital letters within the address itself as a checksum.

How it works:

1. A HEX address is converted to all lowercase.
2. This lowercase string is hashed using Keccak-256.
3. Each character in the original address is checked against the corresponding nibble (4 bits) in the hash.
4. If the hash nibble is 8 or greater (values 8-15, or hex characters 8,9,A,B,C,D,E,F), the corresponding letter in the address is capitalized.

For example:

• Original HEX: 0x001d3f1ef827552ae1114027bd3ecf1f086ba0f9
• Becomes with checksum: 0x001d3F1ef827552Ae1114027BD3ECF1f086bA0F9

Wallets can easily validate this checksum. If a user mistypes an address, the recalculated checksum will not match the capitalization pattern entered, and the wallet can warn the user of the error. This method boasts a 99.986% error detection rate.

The ICAP Proposal

Another proposal was the Inter exchange Client Address Protocol (ICAP), which aimed to align with the International Bank Account Number (IBAN) standard for international bank transfers. It offered checksum protection and a more familiar format.

• Direct ICAP: Codes are up to 34 characters, start with XE (for "eXtended Ethereum"), include a two-digit checksum, and an encoded version of the HEX address.
• Indirect ICAP: Designed for human readability, this format uses an identifier that must be looked up in a registry to find the actual HEX address.

However, ICAP saw limited adoption due to its lack of backward compatibility with the entrenched HEX standard and the complexities involved in setting up the necessary infrastructure for Indirect ICAP.

The Ethereum Name Service (ENS)

The Ethereum Name Service is the long-term solution to address readability. It functions similarly to the internet's Domain Name System (DNS), mapping human-readable names to machine-readable addresses.

An address like 0x001d3f1ef827552ae1114027bd3ecf1f086ba0f9 can be associated with a name like example.eth. Users can then send funds to example.eth, and the ENS system resolves it to the correct hexadecimal address.

How to Acquire an ENS Name

ENS names are allocated through a Vickrey auction process to ensure fairness:

1. Bid: A user selects a desired name (must be at least 7 characters long) and submits a sealed bid, stating the maximum amount of ETH they are willing to pay. A small transaction fee is required to start the auction.
2. Auction: The auction runs for a 5-day period. For the first 3 days, all bids are hidden.
3. Reveal: In the final 2 days, bidders must reveal their bids. If they win, they only pay the amount of the second-highest bid plus a small fee, receiving a refund for the difference.
4. Registration: The winner gains ownership of the name for one year. After the year, they can renew it or let it expire, which returns the locked funds.

Popular names like exchange.eth have sold for thousands of ETH, highlighting the demand for readable identities on the blockchain.

👉 Learn more about managing digital assets and domains

How Ethereum Wallets Function

An Ethereum wallet's primary function is identical to a Bitcoin wallet: it is a tool for managing private keys, not for "storing" ether itself. The security of the seed phrase and private keys remains the most critical aspect.

However, there are key operational differences between Bitcoin and Ethereum wallets:

• Balance Tracking: Bitcoin wallets calculate a balance by gathering and summing Unspent Transaction Outputs (UTXOs). Ethereum wallets simply query the balance field of an Externally Owned Account (EOA) address.
• Address Management: While Bitcoin wallets often generate a new address for each transaction to enhance privacy (a practice known as deterministic change), Ethereum's account model uses a nonce counter. It is common for users to repeatedly use a single EOA address, though wallets can generate new addresses if desired.
• Transaction Structure: The data structure of an Ethereum transaction is different from a Bitcoin transaction, containing different fields like gasLimit and gasPrice.
• Token Support: Ethereum wallets are typically built to interact with smart contracts, most notably those following the ERC-20 token standard. They can display token balances and facilitate token transfers.

Frequently Asked Questions

What is the main difference between a Bitcoin address and an Ethereum address?
The core generation process is similar, but they use different hash functions (RIPEMD-160 for Bitcoin, Keccak-256 for Ethereum) and Ethereum's original HEX format lacked a built-in checksum, leading to the creation of EIP-55.

I have a Bitcoin wallet. Can I use it for Ethereum?
No. While they manage keys similarly, the networks, transaction structures, and functionalities are different. You must use a wallet specifically designed for the Ethereum network.

Is my Ethereum address the same as my public key?
No. Your address is actually the last 20 bytes of the Keccak-256 hash of your public key. It is a shorter and more manageable identifier derived from the public key.

What happens if I send funds to an address with a typo?
If you send to a valid but incorrect address (one that passes the checksum validation but isn't your intended recipient), the funds are lost permanently. Always double-check addresses. Using ENS names greatly reduces this risk.

Is ENS the only way to get a readable address?
While ENS is the dominant standard, it's not the only one. The older ICAP format was another attempt, but it failed to gain significant traction compared to ENS.

Are all Ethereum wallets compatible with ERC-20 tokens?
Most modern Ethereum wallets like MetaMask, Trust Wallet, and others support ERC-20 tokens by default. However, some very basic wallets might only handle ETH itself, so it's important to check your wallet's features.