Last updated: August 2024 / 858388 o'block
You may have heard the mantra 'Not your keys, not your coins.' Let's see what keys it refers to, what information you should keep private and which can safely be shared publicly.
Bitcoin public keys and addresses are like email addresses: anyone can send to them, but not anyone can access what is sent to them. Just as it's safe to share your email address with others, it's safe to share your bitcion address. But just as you keep the password to your email account private so others can't read your email, you should keep your seed and private keys safe and private because they can spend your bitcoin.
Your seed is usually kept written on paper and/or stamped into metal. Avoid storing it online as it could be hacked and stolen. When you enter your seed into a Bitcoin wallet (ideally, a hardware wallet), from your seed the wallet can derive the private key, public key, and your addresses that can receive bitcoin.
Your public key and addresses are derived from your seed/private key using some maths and cryptography (details here). That connection is why you can pubicly share your address to receive bitcoin to it, but only you remain able to sign a transaction to later spend that bitcoin.
Bitcoin seed phrase (recovery phrase) is a list of words which store information (secret, randomly generated number) needed to recover Bitcoin funds.
Each word represents a number. Combined, they are converted to a large number used as the seed to create or recover a bitcoin wallet.
So even if your hardware wallet breaks or is lost or damaged, so long as you have your seed, you can get a new hardware wallet (or any Bitcoin wallet that meets your desired level of safety) and enter your seed into it to recreate your wallet and recover your bitcoin.
Keep it private: whoever knows your seed can spend your bitcoin.
A Bitcoin private key is a string of alphanumeric data created from a seed phrase. It is used to cryptographically sign a transaction that spends your bitcoin.
It is usually created and kept by your hardware wallet and you don’t need to worry about handling it directly.
Keep it private: whoever has your private key can spend your bitcoin
A public key is an alphanumeric string created from your private key and used to build your wallet addresses.
One private key can create different public keys using different derivation paths. This is why, when you are creating your seed and wallet, you should also note down your derivation path to make it easier to recreate the wallet if needed.
It's impossible to work out your private key from either your public key or address.
Your public key (specifically Xpub, extended public key) 'knows' all your addresses and can be used to create a
watch-only wallet which can show you your transactions and balance, but can not spend your bitcoin (as it doesn't 'know' your private key).
You can share your public key; it can not spend your bitcoin.
But be careful: it can monitor your whole wallet. Whoever has your Xpub can see all your past and future transactions to and from your wallet.
Bitcoin addresses are alphanumeric strings created from your public keys. They are used to receive bitcoin. You can share them publicly.
You can think of a Bitcoin address as an invoice - you usually generate a new one each time you want to receive a payment.
To get paid, you can share your Bitcoin address. Someone who only knows your address can not spend your coins.
But keep in mind: knowing your address allows for monitoring all past and future transactions to and from it.
***
Graphical abstract: for when you just need a quick overview or reminder - same stuff as above, just all in one image.
