1. Wallet Password
A wallet password is not your private key. It serves two primary purposes:
- Acts as a payment password for transactions.
- Unlocks keystore files when importing a wallet.
Best Practices:
- Use at least 8 characters with a mix of uppercase, lowercase, numbers, and symbols.
- Passwords can be reset, but private keys cannot.
2. Private Key
A private key is a 64-character hexadecimal string (e.g., 0xE4356...0115A).
Key Facts:
- Each account has one immutable private key.
- Whoever possesses the private key controls the account’s digital assets.
- Private keys generate public keys, which then derive wallet addresses (irreversible process).
👉 How to securely store private keys
3. Keystore
Keystore is an encrypted JSON file containing the private key. Common in Ethereum wallets, it requires the wallet password to decrypt.
Example Keystore Structure:
{
"address": "d5c7ef16f4407348...",
"crypto": {
"cipher": "aes-128-ctr",
"ciphertext": "acd05496f6ce10b9...",
"kdf": "scrypt"
}
}Security Note:
Keystore alone cannot access funds—it needs the password. Unlike mnemonics or private keys, which grant full control.
4. Mnemonic Phrase
A 12–24-word phrase derived from a private key for easier memorization.
Clarifications:
- Mnemonic ≠ Private Key: A mnemonic can generate multiple private keys, but a single private key cannot reveal the mnemonic.
- Governed by BIP39 (generation) and BIP44 (multi-currency hierarchy).
BIP Standards Overview
| BIP | Purpose |
|---|---|
| BIP32 | Hierarchical Deterministic (HD) wallets |
| BIP39 | Mnemonic code generation |
| BIP44 | Multi-currency support (e.g., m/44'/60'/0'/0/n) |
Security: A 12-word mnemonic has ~5e+39 combinations—virtually uncrackable.
Core Relationships
- Private Key + Password → Keystore (Encryption)
- Keystore + Password → Private Key (Decryption)
- Mnemonic → Multiple Private Keys (via HD Wallet Paths)
👉 Why HD wallets matter for security
FAQ
Q: Can I recover my wallet with just a keystore?
A: No—you need both the keystore and the password.
Q: Are mnemonics safer than private keys?
A: Yes, for usability. A mnemonic backs up all derived keys, but leaked phrases risk all assets.
Q: Does Ethereum fully support BIP standards?
A: Partially. Ethereum uses BIP32/BIP44 for HD wallets but relies on keystores (not UTXO model).
Summary
- Private keys are the foundational asset control mechanism.
- Keystores add encryption but require passwords.
- Mnemonics simplify backups for HD wallets.
Always prioritize secure storage—leaked keys = lost funds.