Skip to main content
Ethereum & smart contracts

Ethereum Addresses Explained

Pomegra Learn

Ethereum Addresses Explained

An Ethereum address is a unique identifier on the network, much like a bank account number or email address. Every user, smart contract, and decentralized application has one. Addresses are the mechanism by which value and data move across the Ethereum network. Understanding how addresses work is foundational to using Ethereum safely and effectively.

Ethereum addresses appear as 42-character hexadecimal strings starting with 0x—for example, 0x742d35Cc6634C0532925a3b844Bc9e7595f42bE. These addresses look random and meaningless, but they're deterministically generated from cryptographic keys. They're checksum-protected and designed to be public identifiers while keeping private keys secret.

Address Types: Externally-Owned vs. Contract

Ethereum distinguishes between two types of addresses, though both are valid recipients and can hold value:

Externally-Owned Accounts (EOAs) are controlled by users with private keys. When you create a wallet (like MetaMask), you generate a private key, and from that key, an address is derived. Only someone with your private key can authorize transactions from your EOA. EOAs pay gas fees when initiating transactions.

Contract Accounts are deployed smart contracts. They don't have private keys. Instead, they're controlled by their code. They execute functions when other accounts send them transactions. Contract accounts can receive tokens, hold funds, and execute complex logic, but they cannot initiate transactions without being called by an EOA or another contract.

From a practical standpoint, both types can be recipients of transfers, but only EOAs can be transaction senders (and pay gas fees). A contract can transfer funds to another address, but this happens within a transaction initiated by an EOA.

How Addresses Are Generated

The process of generating an Ethereum address begins with a private key—a 256-bit random number represented as a 64-character hexadecimal string. The private key must be kept secret; if compromised, an attacker can access all funds and tokens associated with that address.

From the private key, the public key is derived using elliptic curve cryptography (specifically, the secp256k1 curve). The public key is a 512-bit number that can be shared freely—knowing someone's public key reveals nothing about their private key.

The Ethereum address is generated by taking the public key, hashing it with Keccak-256 (a cryptographic hash function), and taking the last 160 bits (20 bytes) of the result. This 160-bit value is then prefixed with 0x to create the address.

The process is deterministic: the same private key always generates the same public key and address. But it's cryptographically one-way: knowing an address doesn't reveal the public key or private key.

Address Format and Checksums

Ethereum addresses are 42 characters: 0x followed by 40 hexadecimal characters. Early addresses were lowercase, but this created a vulnerability—typos in copying addresses were hard to detect. Bitcoin addressed this with checksums; Ethereum did too with EIP-55.

EIP-55 introduces a checksum using the Keccak-256 hash of the address (treated as a number). Characters at positions where the hash has certain values are capitalized. The capitalization pattern becomes a checksum. If you copy an address with an error, the checksum will likely be wrong, and careful users (and wallet software) will reject it.

For example: 0x5aAeb6053ba3EFfb0280c7d2a07f0e7D1f97b9bc has specific capitalization that serves as a checksum. If you change any character, you'd also need to change the capitalization pattern to maintain a valid checksum, which is cryptographically infeasible to do accidentally.

Wallets and Key Management

Users interact with Ethereum through wallets—software that manages private keys and facilitates transactions. Wallets don't store addresses or keys on the blockchain; they're local to the user's device.

Software Wallets like MetaMask, Ethers.js, and hardware wallet companions run on your computer or phone. They store encrypted private keys locally and prompt you to authorize transactions. You control the private keys, but you're responsible for backups and security.

Hardware Wallets like Ledger and Trezor store private keys on dedicated devices that never connect to the internet. To authorize a transaction, you physically approve it on the device. This dramatically improves security—your private keys never touch internet-connected computers.

Web3 Wallets like Phantom and Rainbow operate as browser extensions, making it easy to interact with DeFi applications and NFT marketplaces directly from web browsers.

The crucial security principle is this: whoever controls the private key controls the address and all funds on it. Write down and secure your seed phrase (recovery words) in a safe place. Never share your private key with anyone.

Multiple Addresses from a Single Seed

Most wallets use a standard called BIP-39 (Bitcoin Improvement Proposal 39) to generate deterministic wallets. From a single seed phrase (typically 12 or 24 words), you can derive multiple private keys and addresses.

A seed phrase like "abandon ability able about above absent abuse access accident account accuse" combined with a derivation path (like m/44'/60'/0'/0/0) generates a specific private key and address. By changing the derivation path, you can generate many different addresses from the same seed.

This allows users to maintain one backup (the seed phrase) while using multiple Ethereum addresses. If one address is compromised, the others remain secure.

Address Reuse and Privacy

Reusing the same Ethereum address for multiple transactions creates a public transaction history tied to that address. The Ethereum blockchain is transparent—anyone can view all transactions to and from a public address using explorers like Etherscan.

This means your transaction history is permanently public. If someone knows your address, they can see every transaction you've made and calculate your portfolio balance. This is very different from traditional banking, where account numbers are private and transaction history is confidential.

For privacy, you can generate a new address for each transaction. However, this doesn't guarantee anonymity because linking transactions together (transaction analysis) is possible through heuristics. Additionally, if you exchange cryptocurrency for fiat currency on a regulated exchange, the exchange associates your address with your identity.

True privacy on Ethereum requires privacy protocols like Tornado Cash or Aztec, which obscure transaction origins through mixing or zero-knowledge proofs.

Smart Contract Addresses

When you deploy a smart contract to Ethereum, the deployment transaction determines the contract's address. The address is derived from the deployer's address and a nonce (transaction count). Interestingly, you can predict a contract's address before deployment by knowing the deployer's address and nonce.

This is why tools like CREATE2 exist—a different contract creation method that allows deterministic address generation. You can design the address (within limits) before deployment, enabling counterfactual contracts that don't exist until needed but have pre-determined addresses.

Address Standards and Naming

Standard Ethereum addresses are 20-byte values. However, Ethereum Name Service (ENS) provides human-readable alternatives. Instead of sending tokens to a hex string like 0x742d35Cc6634C0532925a3b844Bc9e7595f42bE, you can send them to vitalik.eth.

ENS is a protocol that maps domain names to addresses. Domains are ERC-721 NFTs that you own and can transfer. ENS simplifies user experience and reduces errors from address typos. It's particularly valuable for payment requests and long-term identities.

Multisig and Proxy Wallets

Standard Ethereum addresses are single-signature—only one private key controls the address. For higher security or shared control, multisig contracts require multiple signatures to authorize transactions.

Multisig wallets like Gnosis Safe are smart contracts that hold funds and require multiple approvals (from different signers) to execute transactions. You might set up a 3-of-5 multisig where any 3 of 5 authorized signers can approve spending.

Proxy contracts, similarly, allow upgradeable logic. You own a proxy address but delegate function calls to an implementation contract. The implementation can be updated without changing the address users interact with.

Address Across Different Networks

Ethereum addresses remain the same across different blockchains that use the same address format. Your Ethereum address 0x742d... is valid on Arbitrum, Optimism, Polygon, and other EVM-compatible chains.

However, the address refers to different accounts on different chains. Your balance on Ethereum mainnet and your balance on Arbitrum are separate. You need to bridge assets between chains if you want to move value.

This unified address format is convenient—one wallet can interact with multiple networks. But it's also a source of confusion—sending tokens to your Ethereum address on Arbitrum when you meant to send them on mainnet will send them to a (possibly empty) address on the wrong chain.

Vanity Addresses and Address Generation

Some users or projects create "vanity addresses" with meaningful patterns—like addresses starting with many zeros or containing their username. Generating vanity addresses requires brute-force searching through random private keys until finding one whose derived address matches the desired pattern.

Tools like Vanity-ETH make this accessible, but generating addresses with very specific patterns requires immense computational work. A meaningful vanity address might take seconds to minutes; highly specific ones might take hours or days.

The security of vanity-address generation depends on your tools. If you generate vanity addresses through untrusted online tools, you risk those tools recording your private key. It's safer to use open-source tools on an air-gapped computer if you need vanity addresses.

Address Balance and State

Every address on Ethereum has associated state:

Nonce is the transaction count. Each transaction increments the nonce. This prevents replay attacks and ensures transactions execute in order.

Balance is the amount of Ether (in wei, the smallest unit) the address holds.

Code (for contract accounts) is the deployed bytecode of the smart contract.

Storage (for contract accounts) is the persistent data the contract maintains.

When you send a transaction from an EOA, you must include the nonce of your next transaction. If you send two transactions with the same nonce, one will be rejected. This ordering is crucial for ensuring transactions execute in the intended sequence.

Address and Privacy on the Blockchain

The tradeoff between transparency and privacy is fundamental to Ethereum. Addresses are public, and all transactions are visible. This transparency is valuable for security and auditability—you can prove ownership of assets and verify transactions.

However, this transparency also means financial privacy is limited compared to traditional banking. If you're concerned about privacy, you must explicitly use privacy tools or accept that your transaction history is public.

Conclusion

Ethereum addresses are fundamental to the network's operation. They're the mechanism by which users hold assets, interact with contracts, and execute transactions. Understanding how addresses are generated, secured, and used is essential for safely managing cryptocurrencies and tokens on Ethereum.

From securing your private keys to understanding address checksums to recognizing the privacy implications of public addresses, address literacy is as important as understanding cryptographic keys themselves. Your address is your identity on the blockchain—guard your corresponding private key with extreme care.

References