How does a crypto wallet work: Inside key generation, storage, and secure transactions

How does a crypto wallet work: Inside key generation, storage, and secure transactions

Tens of millions of people use crypto wallets regularly to prove identity, authorize transactions, and protect private keys. When this much value moves through a system, even small decisions—how a key is generated, which hardware secures it, how a transaction is presented—affect the reliability of the system. 

Below, you’ll learn how a crypto wallet works, how wallets generate and safeguard keys, how signing flows connect user intent to onchain outcomes, and what makes modern crypto wallet design intuitive and secure.

How does a crypto wallet work?

A crypto wallet controls who can move assets that live on a blockchain. It manages private and public keys, tracks onchain state, and produces the digital signatures the network accepts as proof of authorized intent. The wallet itself holds no assets. Balances exist on the chain. The wallet holds the credentials that prove ownership.

What role do public keys, private keys, and addresses play in a wallet?

A wallet manages three connected pieces of information: the private key, the public key derived from it, and the address the network uses to recognize your account.

Private keys

A private key is just a long, randomly generated number. Whoever controls it controls the assets tied to it. Wallets often turn this number into a 12–24 word recovery phrase so people can write it down and back it up. You can always recreate your private key from this phrase, but if the phrase is lost, the key is lost with it, and the wallet becomes inaccessible.

Public keys and addresses

The public key is generated from the private key, but it doesn’t reveal anything about it. The network then derives an address from that public key. This address is what you see in block explorers, transaction logs, and wallet interfaces. It’s the identity the network uses to track balances and activity, even though only the private key can authorize movement.

How they fit together

The private key creates a digital signature that proves the wallet owner approved a specific action. The public key lets anyone check that the signature is valid without exposing the private key itself. The address ties that verified signature to the right onchain account, which the blockchain uses as its official record.

How does a wallet generate, store, and use keys to authorize transactions?

A wallet creates a private key with enough randomness that it can withstand international-scale computational pressure. 

From there, where and how the wallet stores keys depends on the type of wallet: 

  • Hardware wallets: These keep the private key entirely inside a tamper-resistant chip. Signing happens inside that chip, and the private key never touches the computer or phone connected to it. Even if the paired device is compromised, the key remains isolated.

  • Software wallets: These encrypt the private key on the device, often inside a secure element or encrypted file, and unlock it only when needed. On mobile, this often ties directly into biometric authentication. The key is accessible for signing but shielded from many system-level threats.

When a user initiates an action (sending funds, interacting with a contract, approving a token allowance), the wallet assembles the transaction data. Once the user confirms, the wallet signs the transaction with the private key. The output is a digital signature that proves the transaction came from the address’s rightful controller.

Offer wallets to your users without the engineering overhead

Offer wallets to your users without the engineering overhead

Ready to go live?

How do custodial vs. non-custodial wallets work?

The distinction between custodial and non-custodial wallets determines who holds the private key, and that single question carries legal, regulatory, and operational weight far beyond convenience.

In a custodial arrangement, a third party generates and stores the private key on the user's behalf, typically inside trusted execution environments (TEEs) or hardware security modules (HSMs). The user authenticates through conventional credentials while the custodian handles signing. This model shifts key management responsibility to the custodian, along with the compliance obligations that come with it. Custodians are often subject to money transmission laws, KYC/AML requirements, and in some jurisdictions, specific digital asset custody regulations. If the custodian is compromised, goes insolvent, or freezes withdrawals, users have no unilateral recourse. Their assets are a claim against the custodian, not an onchain position they control directly.

In a non-custodial arrangement, the private key never leaves the user's possession. No third party can move funds, freeze access, or be compelled by a regulator to restrict the account. There is no account recovery process, support ticket to file, or institutional backstop if the key is lost or compromised.

Hardware wallets are non-custodial by design. Software wallets can be either, depending on the implementation.

How do authentication and transaction approvals work? 

When someone “connects a wallet” to an app, they’re proving they control a specific blockchain address by creating a digital signature instead of typing a username or password. That signature ties a real user action to an address that the network recognizes. The app expresses what it wants to do, the wallet confirms the user’s intent, and the network enforces whatever is finally approved.

Authentication

When an app asks a user to log in, it sends the wallet a small message to sign. Signing it is simply cryptographic proof that the user controls the private key for that address. The app checks the signature using the public key and then starts the session.

Transaction approvals

When a user wants to do something such as swap tokens, the app creates a transaction and passes it to the wallet. The wallet shows the request in clear, human-friendly terms and asks the user to confirm. If the user approves, the wallet signs the transaction with the private key and sends it to the network, which verifies the signature before adding it to the chain.

How do wallets handle security, usability, and reliability? 

A wallet’s security, usability, and reliability depend on who controls the keys, how those keys are protected, and how the wallet handles recovery. 

Who controls the key

Self-custody keeps signing authority with the user. The private key never leaves their control, which means no third party can freeze, seize, or lose it on their behalf — but it also means there is no recourse if the user mismanages it. Under a custodial model, the service manages the private key and assumes the operational and legal responsibilities that follow: uptime guarantees, incident response, regulatory compliance, and liability exposure if something goes wrong.

Where the key lives

The environment holding the key shapes both the attack surface and the user experience.

Software wallets run on connected devices and rely on OS-level protections, encrypted storage, and secure enclaves. They support fast, frequent interactions and are the dominant form for consumer-facing applications, but a compromised device or OS vulnerability can expose them to attack.

Hardware wallets isolate the private key inside a dedicated tamper-resistant chip. Signing happens entirely within that chip; the key never touches the host device. This sharply reduces the remote attack surface, at the cost of additional friction and physical custody requirements.

How recovery is designed

BIP-39 seed phrases remain the standard recovery mechanism: a deterministic mapping from entropy to a human-readable word list that can reconstruct the full key hierarchy. Losing the phrase means losing the wallet, with no path to recovery.

Newer approaches reduce that single point of failure. Cloud-encrypted backups store recovery material in a user-controlled encrypted store. Social recovery schemes delegate partial access to trusted contacts or devices, requiring a threshold of approvals to reconstruct the key. Shamir's Secret Sharing and similar threshold schemes split the key into multiple shares distributed across locations or parties, so no single share is sufficient on its own. Each approach trades some degree of self-sovereignty for resilience against device loss or user error.

How can applications securely and intuitively implement wallets? 

Applications can generate wallets automatically at signup, which anchors key creation to the device's secure hardware so the wallet is invisible to the user until they need it. The goal is to preserve genuine onchain ownership from the start without requiring users to understand key management before they've done anything meaningful on the platform.

One way to structure this:

  • Embedded wallet creation: Keys are generated during onboarding inside the device's secure enclave or TEE. The user gets a real wallet tied to real hardware without any explicit setup.

  • Deferred complexity: Users transact onchain through familiar interfaces until they're ready to engage with the underlying infrastructure.

  • Tiered recovery: Early-stage users with small balances can start with an encrypted backup tied to an existing login. As activity and value accumulate, more durable options can be surfaced progressively.

  • Managed key infrastructure: Platforms such as Privy handle key generation, signing orchestration, and secure storage within TEEs, removing the need for applications to build and audit that infrastructure independently. See Privy Docs for implementation details.

  • Portability and user control: Users should be able to export their private keys at any point. Lock-in is a trust liability. Genuine ownership means the user can always leave.

  • Transaction transparency: Interfaces should simulate transactions before submission, surfacing what will actually change onchain. Approvals should be explicit, reversible until final confirmation, and presented in terms that reflect the real action being taken.

Companies shipping onchain products run on Privy. See how we can help →

This content is for informational purposes only and does not constitute legal, financial, or investment advice. Laws and regulations governing digital assets vary by jurisdiction and are subject to change. Consult a qualified legal or financial professional before making custody or asset management decisions.