Private key

Private key is the secret number used to sign transactions on behalf of a wallet. TON uses Ed25519, so the key is 32 bytes (256 bits). Holding the key is equivalent to owning the funds: whoever has it can send any amount of TON and any jetton on that address.

Where it comes from

In normal user flows the private key is never seen directly:

1. The wallet generates a seed phrase (24 BIP-39 words).
2. The phrase passes through PBKDF2 → master seed.
3. Master seed → BIP-32 / Ed25519 derivation → private key.

That is why “protect your seed” and “protect your private key” mean the same thing. The phrase is equivalent to the key, just in a form that humans can write down.

How it leaks

• Backup files. Older versions of some wallets stored private keys in plain local files; an infostealer harvests them instantly.
• Plain-text export. The user pulled the raw key out of the wallet, pasted it into a notes app, the notes app synced to the cloud.
• Compromised app. A fake “Tonkeeper” APK downloaded from a phishing site exfiltrates the key the moment the wallet is created.
• Browser JS wallets. Extensions without strict context isolation can leak the key via XSS in a connected dApp.

Defence

• Hardware wallet. The private key never leaves a Ledger or Tangem secure chip. Even on a fully compromised PC, remote theft is infeasible.
• No plain-text export. If the wallet offers “show private key”, treat it as a developer feature you do not need.
• Isolation. Use a separate browser profile (or even OS user) for crypto activity.

What is not a defence

• “Cloud encryption.” A cloud service that can read decrypted content is not protection; the key must be encrypted locally and never transmitted in plain.
• Wallet password. Most wallets encrypt local storage with a password, but if a stealer is on the box it captures the password at unlock time.
• Sharing with a “developer friend”. Never. There is no legitimate reason to send a private key to anyone.