PrivateKey
32-byte secp256k1 private key for cryptographic signing operations.
Overview
PrivateKey represents a 32-byte secp256k1 private key used for signing Ethereum transactions, messages, and deriving public keys and addresses. The branded type prevents accidental exposure or misuse of sensitive key material.
Type Definition
Usage
Create PrivateKey
Derive Public Key
Derive Address
Sign Message Hash
Convert to Hex
API Reference
Constructors
| Function | Description |
|---|
from(hex) | Create from hex string |
fromBytes(bytes) | Create from Uint8Array |
Methods
| Function | Description |
|---|
toHex(pk) | Convert to 0x-prefixed hex string |
toPublicKey(pk) | Derive uncompressed 64-byte public key |
toAddress(pk) | Derive 20-byte Ethereum address |
sign(pk, hash) | Create ECDSA signature |
Internal Methods
For advanced tree-shaking:
Key Derivation
PrivateKey supports the standard Ethereum key derivation:
Dependency Injection
For tree-shaking, use the factory pattern:
Security
Private keys are sensitive cryptographic secrets. Never expose them in logs, URLs, or client-side code.
Best Practices
- Never log private keys - Use secure logging that redacts keys
- Store encrypted - Use keystore files or hardware wallets
- Clear from memory - Zero out key material after use
- Use HD derivation - Derive keys from mnemonic seeds
Example: Secure Key Handling
Test Vectors
See Also