Skip to main content

PrivateKey

32-byte secp256k1 private key for cryptographic signing operations.

Overview

PrivateKey represents a 32-byte secp256k1 private key used for signing Ethereum transactions, messages, and deriving public keys and addresses. The branded type prevents accidental exposure or misuse of sensitive key material.

Type Definition

Usage

Create PrivateKey

Derive Public Key

Derive Address

Sign Message Hash

Convert to Hex

API Reference

Constructors

FunctionDescription
from(hex)Create from hex string
fromBytes(bytes)Create from Uint8Array

Methods

FunctionDescription
toHex(pk)Convert to 0x-prefixed hex string
toPublicKey(pk)Derive uncompressed 64-byte public key
toAddress(pk)Derive 20-byte Ethereum address
sign(pk, hash)Create ECDSA signature

Internal Methods

For advanced tree-shaking:

Key Derivation

PrivateKey supports the standard Ethereum key derivation:

Dependency Injection

For tree-shaking, use the factory pattern:

Security

Private keys are sensitive cryptographic secrets. Never expose them in logs, URLs, or client-side code.

Best Practices

  1. Never log private keys - Use secure logging that redacts keys
  2. Store encrypted - Use keystore files or hardware wallets
  3. Clear from memory - Zero out key material after use
  4. Use HD derivation - Derive keys from mnemonic seeds

Example: Secure Key Handling

Test Vectors

See Also