Cryptography Foundations: Hashing, Digital Signatures, Wallets, and Key Management
Understand the cryptographic building blocks that make blockchain systems verifiable, tamper-evident, and ownership-aware.
Inside this chapter
- Hash Functions and Data Integrity
- Public Keys, Private Keys, and Signatures
- Wallets, Custody, and Seed Phrases
- Practical Example and Best Practices
Series navigation
Study the chapters in order for the smoothest path from beginner blockchain concepts to advanced architecture and production practices. Use the navigation at the bottom of each page to move chapter by chapter.
Hash Functions and Data Integrity
Hash functions convert input data into a fixed-length output called a hash or digest. In blockchain, hashes help detect tampering because even a tiny input change produces a completely different output. Blocks reference previous block hashes, transactions can be summarized into Merkle roots, and content addressing in some systems also relies on hashing.
Input: "Alice pays Bob 5"
Hash: 0x9f...ab
Input: "Alice pays Bob 6"
Hash: 0x17...4dThis avalanche effect makes hashes useful for integrity checks, but a hash alone does not prove who created the data. That is where digital signatures matter.
Public Keys, Private Keys, and Signatures
A blockchain user typically controls a private key and derives a public key or address from it. The private key is secret and is used to sign transactions. Other network participants verify the signature using the corresponding public key or address-derived mechanism. This allows the network to confirm authorization without learning the private key itself.
- Private key: proves control and must never be exposed
- Public key or address: used for receiving assets and verification workflows
- Digital signature: proves a transaction was authorized by the private-key holder
Wallets, Custody, and Seed Phrases
A wallet is not the same thing as the blockchain account balance itself. Assets live on-chain, while the wallet stores or manages the keys needed to control them. Wallets may be custodial, where a service provider controls the keys, or non-custodial, where the user controls the keys directly. Many wallets use a seed phrase that can regenerate a family of keys.
Practical Example and Best Practices
Imagine a student building a simple token-transfer app. The frontend asks the wallet to sign a transaction, the user reviews the details, and the signed payload is broadcast to the network. The application never needs direct access to the private key if wallet integration is designed correctly.
Advanced teams go beyond wallet connection alone. They use hardware wallets, multi-signature approvals, secret rotation, offline signing for treasury operations, and strong incident-response processes for key compromise scenarios.