Web3 Basics: Understanding Mnemonics, Private Keys, Public Keys, and Addresses

In the world of Web3 and blockchain, understanding how cryptographic keys and wallet addresses are generated is fundamental. This article dives into the core mechanics behind private keys, public keys, addresses, and mnemonics—explaining their relationships, generation processes, and underlying principles using clear examples and simplified Go code.

Whether you're a developer building decentralized applications or a curious learner exploring blockchain security, this guide will equip you with foundational knowledge essential for navigating cryptocurrency wallets securely.

👉 Discover how secure digital asset management starts with understanding key generation

The Core Components of Wallet Cryptography

At the heart of every blockchain wallet lie three critical elements:

• Private Key
• Public Key
• Wallet Address

These components work together through cryptographic algorithms to enable secure ownership and transfer of digital assets. Let’s break them down step by step.

What Is an Elliptic Curve?

Both Bitcoin and Ethereum use the same elliptic curve: secp256k1. This curve forms the mathematical foundation for public-key cryptography in these networks.

A public key is a point (x, y) on this curve, where both x and y are 32-byte values. Together, they form a 64-byte public key. However, you may also see public keys represented as 65 bytes—this includes a one-byte prefix (0x04) indicating an uncompressed format, meaning both coordinates are fully stored.

Why have compressed and uncompressed formats?

Because the secp256k1 curve equation allows us to derive one coordinate if we know the other. So instead of storing both x and y, we can store just one coordinate along with a prefix:

• 0x02: even y-coordinate
• 0x03: odd y-coordinate

This results in a compressed public key of only 33 bytes (1 byte prefix + 32 bytes for x), saving significant space across millions of transactions.

Pro Tip: Modern wallets default to compressed public keys due to efficiency. Uncompressed keys are largely legacy.

Private Keys: The Foundation of Ownership

A private key in Ethereum is simply a randomly generated 256-bit number—32 bytes of cryptographically secure randomness.

You could theoretically generate one by flipping a coin 256 times and recording the sequence of heads (1) and tails (0). As long as the process is unpredictable and non-repeating, it qualifies.

But in practice, developers must use cryptographically secure random number generators (CSPRNGs) like crypto/rand in Go. Never rely on standard pseudo-random functions—they’re not safe for cryptographic purposes.

b := make([]byte, 32) // 256 bits = 32 bytes
_, err := rand.Read(b)
if err != nil {
    log.Fatal(err)
}
privateKey := new(big.Int).SetBytes(b)

⚠️ Critical Reminder: Losing your private key means losing access to your assets—forever. Unlike traditional banking systems, there's no "forgot password" option in decentralized networks.

This highlights a core trade-off in Web3:

• ✅ Full control over your data
• ❌ No recovery mechanism for lost credentials

It’s not just about technology; it’s about responsibility.

👉 Learn how top-tier platforms implement private key security best practices

From Private Key to Public Key

Once you have a private key, generating the corresponding public key involves elliptic curve multiplication:

curve := secp256k1.S256()
X, Y := curve.ScalarBaseMult(privateKey.Bytes())
publicKey := elliptic.Marshal(curve, X, Y)

The ScalarBaseMult function multiplies the private key with the base point (generator point) on the curve, producing a new point (X, Y)—your public key.

As discussed earlier:

• elliptic.Marshal returns a 65-byte slice starting with 0x04
• For efficiency, we typically compress it using prefixes 0x02 or 0x03

This public key can now be shared openly—it’s used to verify digital signatures without exposing the private key.

Generating the Wallet Address

The final step is deriving the wallet address from the public key. Here's how it works:

1. Strip off the first byte (0x04) from the public key
2. Apply the Keccak-256 hash function
3. Take the last 20 bytes of the resulting hash
4. Format as a hexadecimal string prefixed with 0x

hash := crypto.Keccak256(publicKey[1:]) // skip prefix
address := common.BytesToAddress(hash[12:]) // last 20 bytes
fmt.Println("Address:", address.Hex())

This 20-byte value is your Ethereum address—the identifier you share to receive funds.

🔍 Note: While SHA3 is standardized, Ethereum uses the original Keccak-256 algorithm before finalization changes. Ensure your library supports Ethereum’s version.

Why Mnemonics Matter

Managing individual private keys becomes impractical when dealing with multiple accounts. Enter mnemonic phrases—a user-friendly way to back up and restore entire wallets.

A mnemonic (e.g., "apple banana cat...") is a sequence of 12 or 24 words generated from entropy. Using standards like BIP-39, this phrase can deterministically generate many private keys via hierarchical deterministic (HD) wallets.

This means:

• One backup phrase → Many accounts
• Easy recovery across devices
• Enhanced usability without sacrificing security (when implemented correctly)

We’ll explore HD wallets and BIP-44 in depth in future articles.

Frequently Asked Questions

Q: Can two people generate the same private key?

While theoretically possible, the probability is astronomically low—about 1 in 2²⁵⁶. That’s less likely than winning the lottery every day for years. With proper randomness, collisions are not a practical concern.

Q: Is it safe to generate keys using Go code like this?

The example code illustrates concepts but should not be used in production. Always use well-audited libraries like go-ethereum/crypto. Rolling your own crypto is dangerous.

Q: How does MetaMask generate my address?

MetaMask uses your private key (derived from your mnemonic) to compute the public key via secp256k1, then applies Keccak-256 hashing to produce your address—exactly as shown above.

Q: Can I derive a private key from a public key?

No. That would break elliptic curve cryptography. The security of blockchain relies on this one-way function: easy to go from private → public, impossible to reverse.

Q: What happens if I lose my mnemonic?

You lose access to all associated accounts and funds permanently. There is no central authority to appeal to. Always store mnemonics securely—offline, encrypted, and backed up.

Q: Are all Ethereum addresses 42 characters?

Yes—they start with 0x followed by 40 hexadecimal characters (representing 20 bytes). Example: 0x742d35Cc6634C0532925a3b8D4C7dE8Df8B8D737.

Final Thoughts

Understanding how private keys, public keys, and addresses are created empowers you to interact with Web3 safely and confidently. You now know:

• How secp256k1 enables secure asymmetric encryption
• How private keys must be truly random and kept secret
• How addresses are derived through hashing
• Why mnemonics simplify wallet management

This knowledge isn’t just theoretical—it’s practical defense against scams, mistakes, and poor security practices.

As you continue exploring blockchain development or personal wallet usage, remember: your keys, your crypto; not your keys, not your coins.

👉 Secure your digital future with tools built on these cryptographic principles