If you're new to crypto, the first thing you'll encounter is a wallet address — that long string of letters and numbers people give out to receive funds. It looks something like:
1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
A wallet address is a public identifier — think of it like an email address or a bank account number. You can share a receiving address when needed, but avoid unnecessary reuse or public posting if privacy matters. Knowing an address alone does not give someone the ability to sign transactions or spend funds.
But alongside the address lives something much more sensitive: the private key. Confusing the two is one of the most common — and most expensive — mistakes a beginner can make.
This guide explains exactly what a wallet address is, how it relates to the private key, and what you must never share.
What Is a Wallet Address?
A wallet address is a public identifier that lets others send cryptocurrency to you. On many chains, it is derived from a public key, often by hashing and encoding it — but the exact method depends on the blockchain and address type.
- Bitcoin (Legacy, P2PKH): Starts with
1— derived from a public key hash. - Bitcoin (P2SH): Starts with
3— derived from a script hash (not a public key hash). - Bitcoin (SegWit, Bech32): Starts with
bc1— derived from a witness program. - Bitcoin (Taproot): Common mainnet prefix is
bc1p— based on a 32-byte output key. - Ethereum (EOA): Starts with
0x— derived from the last 20 bytes of a Keccak-256 hash of the public key. - Ethereum (Contract): May be created deterministically — for instance, via CREATE (from creator address + nonce) or via CREATE2 (from deployer address + salt + init code hash, per EIP-1014). Contract accounts are controlled by code rather than a private key.
So while "address = hash of public key" holds for some types (Ethereum EOA, Bitcoin P2PKH), it is not a universal rule — always check the specific chain's scheme.
Behind the scenes, wallet software derives a public key from the private key using elliptic-curve cryptography (secp256k1 for Bitcoin and Ethereum). Depending on the chain and address type, the public key or a related script/output is then encoded into an address. This one-way process is critical: anyone can derive an address from a private key, but it is computationally infeasible to reverse an address back into the private key. That's the bedrock of crypto security.
How Address and Private Key Are Created
For ordinary key-controlled accounts (the most common type for individual users), the simplified relationship is:
Private Key → Public Key → Address
- Private key — For Bitcoin and Ethereum-style secp256k1 accounts, a private key is a 32-byte (256-bit) secret value.
- Public key — Derived from the private key using elliptic-curve multiplication (secp256k1). This is a one-way process.
- Wallet address — Encoded from the public key or a related script/program. The encoding varies by chain — Ethereum EOA uses Keccak-256 hashing, while Bitcoin uses HASH160 (SHA-256 + RIPEMD-160) plus Base58Check or Bech32 encoding.
Not all addresses follow this chain. Bitcoin P2SH addresses are derived from a script hash, not a public key. Ethereum contract accounts are controlled by code and created via CREATE (creator address + nonce) or CREATE2 (deployer address + salt + init code hash) — they have no private key at all.
Most everyday users rarely interact with the public key directly — your wallet software handles the math. You mainly see the address (for receiving) and the private key / seed phrase (for backup). Developers or hardware wallet users may occasionally see the public key itself.
Seed phrase vs private key: A seed phrase (mnemonic phrase) is a wallet backup. BIP39 defines mnemonic lengths such as 12, 15, 18, 21, or 24 words; many wallets commonly use 12 or 24. In a standard deterministic (HD) wallet, the seed phrase can regenerate all the keys derived from that seed — provided you use the correct derivation path and passphrase. Imported keys or accounts on a different path may not be covered.
The Simple Analogy: Mailbox
| Concept | Analogy |
|---|---|
| Wallet address | Your mailbox address — publish it so others can send you mail |
| Private key | The key to your mailbox — only you should hold it |
| Anyone with the address | Can send you mail (funds) |
| Anyone with the private key (single-key wallet) | Can open the mailbox and take everything inside |
Note: This analogy describes a simple single-key wallet. Multisig or smart-contract wallets may require multiple signatures or additional conditions to spend funds.
This is why people say "share your address like a Venmo tag, protect your private key like a PIN."
Common Beginner Mistakes
❌ Sharing a private key instead of an address
A support scammer asks you to "verify your wallet." You paste your private key — and your funds disappear within minutes.
Rule: Only share a public receiving address for the specific chain you are using. Prefixes can help identify common address formats (e.g., 1, 3, bc1 for Bitcoin mainnet; bc1p for Taproot; 0x for Ethereum), but always verify the network, address type, and that the recipient supports the format you're sharing. If you see a string starting with K, L, or a seed phrase — stop. That's not an address.
❌ Confusing "received" with "accessible"
Someone sends you ETH. You see it in your wallet. But what you actually see is a balance on the blockchain that your private key can prove ownership of. The transaction is public; your private key is the signing tool that authorizes moving those funds. (For a simple externally owned account, the relevant private key authorizes spending; contract or multisig wallets may add code-based or multi-signature rules.)
❌ Thinking a wallet "holds" coins
A crypto wallet doesn't contain coins like a physical wallet. It contains keys. The coins live on the blockchain. Your private key is the signing tool that authorizes the network to move them.
Address vs Private Key: Cheat Sheet
| Wallet Address | Private Key | |
|---|---|---|
| Can you share it? | Yes — share when needed, but avoid unnecessary public posting | Never |
| Length | Varies by chain and address type (Bitcoin and Ethereum lengths differ significantly based on encoding) | For secp256k1 accounts: a 32-byte (256-bit) value, often shown as 64 hex characters. Backup seed phrases under BIP39 commonly use 12 or 24 words |
| What it does | Receiving funds; checking balance | Signing transactions; proving ownership |
| Derivation | Encoded from public key or related script/program; contract accounts use CREATE/CREATE2 | Random number (or deterministically derived from a seed phrase) |
| If lost | Inconvenient, generate a new one | Irrecoverable if no backup exists |
How CryptoToolbox Helps
At CryptoToolbox, we build tools that interact with wallet addresses across multiple blockchains — checking balances, verifying transactions, and estimating fees — all without ever touching your private key. That's the right model: a tool should only need your public address to serve you.
If you want to check what's in a wallet without exposing your keys, try our multi-chain wallet checker — just paste an address and go.
Not financial advice. Always verify you are on the correct website before entering any wallet information. Never share your private key or seed phrase with anyone, including support staff, "verification bots," or dApp interfaces you don't fully trust.