How is an Ethereum wallet address generated from a public key?

An Ethereum wallet address is derived from the public key through Keccak-256 hashing, using the last 20 bytes to form a unique identifier.

Jun 14, 2025 at 11:14 am

Understanding the Relationship Between Ethereum Wallet Addresses and Public Keys

In the world of Ethereum, a wallet address is not directly the public key itself but rather a derived version of it. The public key is generated from a private key using elliptic curve cryptography (specifically, the secp256k1 curve). Once this public key is created, it undergoes further hashing to generate the final wallet address.

The process begins with a randomly generated private key, which is a 256-bit number. From this, the public key is derived using the secp256k1 algorithm. This public key is typically represented as a 64-byte array (or 128 hexadecimal characters) when compressed. It's crucial to understand that while the public key can be shared openly, it must never be altered or exposed in insecure environments.

Hashing the Public Key Using Keccak-256

Once the public key is generated, the next step involves applying a cryptographic hash function. Ethereum uses the Keccak-256 hashing algorithm for this purpose. Unlike SHA-256 used by Bitcoin, Keccak-256 was chosen due to its flexibility and performance characteristics.

• Take the full public key (including the prefix byte if present).
• Apply the Keccak-256 hash function to produce a 32-byte (256-bit) output.
• The resulting hash will be a unique sequence of bytes representing the input public key.

This hashed value serves as the intermediate stage before extracting the actual Ethereum wallet address.

Extracting the Final Ethereum Address

After obtaining the Keccak-256 hash of the public key, only a portion of it is used to form the final Ethereum wallet address. Specifically, the last 20 bytes (160 bits) of the hash are selected for this purpose.

• Take the 32-byte output from the Keccak-256 hash.
• Discard the first 12 bytes.
• Retain the remaining 20 bytes as the Ethereum address.

These 20 bytes are then encoded into a hexadecimal string without the "0x" prefix initially. When displayed in wallets or explorers, the address is usually prefixed with "0x" to indicate it's an Ethereum-compatible hexadecimal format.

Applying Checksum Encoding for Security

To enhance security and reduce the risk of typos, Ethereum introduced EIP-55, which enables mixed-case checksum encoding for addresses. This feature allows users to detect errors when entering Ethereum addresses manually.

• Convert the Ethereum address (without the "0x") into its lowercase form.
• Compute the Keccak-256 hash of this lowercase string.
• For each character in the original address:
  • If the corresponding nibble in the hash is greater than or equal to 8, capitalize the character.
  • Otherwise, leave it lowercase.

This results in an Ethereum wallet address that appears like 0xAbCdef1234567890aBcDef1234567890aBcDef12, where capitalization serves as a visual checksum.

Verifying the Correctness of the Generated Address

Before using any Ethereum wallet address, it's essential to verify its correctness through tools or libraries designed for this purpose. Many developers use libraries such as ethers.js or web3.js to ensure their implementation aligns with Ethereum standards.

• Use a trusted library to regenerate the address from the same public key.
• Compare the output with the manually computed one.
• Ensure that both checksum-encoded and lowercase versions match expected values.

Additionally, test transactions with small amounts should be performed before deploying on mainnet to confirm that the address behaves as intended.

Frequently Asked Questions

Q: Can two different public keys result in the same Ethereum address?

While theoretically possible due to the finite size of the Ethereum address space (2^160), the probability is astronomically low. However, collisions are not considered a practical threat due to the vast number of possible combinations.

Q: Is it safe to share my Ethereum wallet address publicly?

Yes, sharing your Ethereum wallet address is safe since it does not expose your private key or public key directly. However, avoid sharing transaction details or metadata that could compromise privacy.

Q: Why does Ethereum use only 20 bytes from the Keccak-256 hash instead of the full 32 bytes?

Using 20 bytes strikes a balance between security and gas efficiency. A shorter address reduces storage and computation costs on the blockchain while maintaining sufficient entropy to prevent collisions.

Q: What happens if I send ETH to a malformed Ethereum address?

Sending funds to a non-existent or malformed Ethereum address may result in permanent loss of assets. Always validate addresses using checksum encoding or verification tools before initiating transfers.