Understanding Ethereum's Cryptographic Components
Ethereum's security framework relies on elliptic curve cryptography (S256 curve), where:
- Private keys are 32-byte hexadecimal values
- Public keys are 65-byte values (with 0x04 compression byte)
- Addresses are derived from the last 64 bytes of the public key's Keccak-256 hash (last 20 bytes)
Private Key Generation
Here's how to securely generate an Ethereum private key in Go:
// Generate private key
key, err := crypto.GenerateKey()
if err != nil {
t.Fatalf("failed GenerateKey with %s.", err)
}
// Display private key without 0x prefix
fmt.Println("private key no 0x \n", hex.EncodeToString(crypto.FromECDSA(key)))Example Output:
private key no 0x
b1fb9a42d8478cf19bbc1cb4e75625ced1728c8de8691845f546b2ad84a7d379๐ Learn more about secure key generation
Key Storage Best Practices
Store private keys securely using Ethereum's built-in functions:
// Save private key to encrypted file
if err := crypto.SaveECDSA("privatekey", key); err != nil {
log.Error(fmt.Sprintf("Failed to persist node key: %v", err))
}Public Key Generation
Convert private key to public key:
fmt.Println("public key no 0x \n", hex.EncodeToString(crypto.FromECDSAPub(&key.PublicKey)))Example Output:
public key no 0x
0425b775a01b5df335cd71170f6a16d8b43704e68b8eb87a8e6ebfd3deafbfc1151d76bbe078002ffb7caaca06441b1c3976c3ca3b1e1fda9cf0f4591d799758e4Address Conversion Techniques
From Private Key String
acc1Key, _ := crypto.HexToECDSA("8a1f9a8f95be41cd7ccb6168179afb4504aefe388d1e14474d32c45c72ce7b7a")
address1 := crypto.PubkeyToAddress(acc1Key.PublicKey)
fmt.Println("address ", address1.String())Output:
address 0x703c4b2bD70c169f5717101CaeE543299Fc946C7From Byte Arrays
addr3 := common.BytesToAddress([]byte("ethereum"))
fmt.Println("address ",addr3.String())Output:
address 0x000000000000000000000000657468657265756D๐ Advanced address conversion methods
Cryptographic Signatures
Signing and Recovery Process
msg := crypto.Keccak256([]byte("foo"))
sig, err := crypto.Sign(msg, key1)
// Recover public key from signature
recoveredPub, err := crypto.Ecrecover(msg, sig)
pubKey, _ := crypto.UnmarshalPubkey(recoveredPub)
recoveredAddr := crypto.PubkeyToAddress(*pubKey)Public Key Compression
// Compress public key to 33 bytes
compressed := CompressPubkey(key)
// Decompress back to full public key
DecompressPubkey(compressed)Complete Implementation Code
Create this test file in your Ethereum project:
package test
import (
"encoding/hex"
"fmt"
"github.com/ethereum/go-ethereum/common"
"github.com/ethereum/go-ethereum/common/hexutil"
"github.com/ethereum/go-ethereum/crypto"
"github.com/ethereum/go-ethereum/log"
"testing"
)
func TestGenerateKey(t *testing.T) {
// [Previous code examples combined here]
}Frequently Asked Questions
What's the difference between compressed and uncompressed public keys?
Uncompressed public keys are 65 bytes (including 0x04 prefix), while compressed keys are 33 bytes using mathematical optimization.
How secure is Ethereum's key generation?
Ethereum uses proven cryptographic standards (secp256k1 curve) that are currently considered computationally infeasible to break.
Can I convert an address back to its public key?
No, addresses are one-way hashes of public keys. You can only derive addresses from keys, not reverse the process.
What happens if I lose my private key?
Private keys cannot be recovered. Always store backups securely using encrypted formats.
Why are Ethereum addresses checksummed?
Checksums (mixed case) help prevent typos and ensure address validity before transactions.
How are smart contract addresses different?
Contract addresses are generated from sender's address and nonce, not from public keys.