How to Generate Ethereum Wallets and Key Pairs Using PHP

·

Creating secure cryptocurrency wallets is a foundational skill for blockchain developers. In this guide, you’ll learn how to generate Ethereum wallets and key pairs using PHP 7.0+, leveraging built-in cryptographic functions and trusted libraries. Whether you're building a wallet service, integrating blockchain functionality into a web app, or exploring decentralized technologies, this tutorial provides a practical, step-by-step approach.

The process involves generating an ECDSA private key using the secp256k1 elliptic curve, deriving the public key, and computing the Ethereum address via Keccak-256 hashing. All operations are performed securely within PHP using OpenSSL and composer-managed dependencies.

Core Keywords

Prerequisites and Setup

Before diving into the code, ensure your environment meets the following requirements:

Begin by setting up your project with the required packages. These libraries handle cryptographic encoding, ASN.1 structures, and Keccak hashing.

{
  "require": {
    "sop/asn1": "^3.3",
    "sop/crypto-encoding": "^0.2.0",
    "sop/crypto-types": "^0.2.1",
    "kornrunner/keccak": "^1.0",
    "symfony/dotenv": "^4.0",
    "sc0vu/web3.php": "dev-master"
  }
}

Install the dependencies using:

composer install

These packages provide essential tools:

Generating the ECDSA Private Key

Ethereum uses the secp256k1 elliptic curve for its public-key cryptography. The first step is generating a cryptographically secure private key.

We use PHP’s openssl_pkey_new() function with EC configuration:

$config = [
    'private_key_type' => OPENSSL_KEYTYPE_EC,
    'curve_name'       => 'secp256k1'
];

$res = openssl_pkey_new($config);
if (!$res) {
    die('ERROR: Failed to generate private key. -> ' . openssl_error_string());
}

// Export the private key in PEM format
openssl_pkey_export($res, $priv_key);

// Extract full key details including public key
$key_detail = openssl_pkey_get_details($res);
$pub_key = $key_detail['key'];

This generates a private key in PEM format and retrieves associated public key information. The next step is decoding this structure into raw hexadecimal values suitable for Ethereum.

👉 Discover how to securely manage blockchain keys with advanced tools

Converting Keys to Hexadecimal Format

To derive the Ethereum address, we need both the private and public keys in raw binary form, then convert them to hex.

Using the sop/crypto-encoding and sop/crypto-types libraries, we parse the PEM-encoded private key into an ASN.1 structure:

$priv_pem = PEM::fromString($priv_key);
$ec_priv_key = ECPrivateKey::fromPEM($priv_pem);
$ec_priv_seq = $ec_priv_key->toASN1();

// Extract private key as hex
$priv_key_hex = bin2hex($ec_priv_seq->at(1)->asOctetString()->string());

// Extract public key (remove header '0x04' prefix later)
$pub_key_hex = bin2hex($ec_priv_seq->at(3)->asTagged()->asExplicit()->asBitString()->string());
🔐 Note: The public key starts with 0x04, indicating an uncompressed point on the elliptic curve. This must be stripped before hashing.

Deriving the Ethereum Wallet Address

An Ethereum address is derived from the last 20 bytes of the Keccak-256 hash of the public key (without the 0x04 prefix).

Here’s how it works:

// Remove the leading '0x04' from the public key
$pub_key_hex_2 = substr($pub_key_hex, 2);

// Compute Keccak-256 hash
$hash = Keccak::hash(hex2bin($pub_key_hex_2), 256);

// Take last 40 characters (20 bytes) for Ethereum address
$wallet_address = '0x' . substr($hash, -40);
$wallet_private_key = '0x' . $priv_key_hex;

echo "\r\nETH Wallet Address: " . $wallet_address;
echo "\r\nPrivate Key: " . $wallet_private_key;

✅ Result:

ETH Wallet Address: 0xb2...
Private Key: 0x73...

This address conforms to the Ethereum standard and can receive ETH or ERC-20 tokens. The private key must be stored securely—never exposed or shared.

Frequently Asked Questions (FAQ)

Q: Is it safe to generate Ethereum keys using PHP?

Yes, provided you're using secure randomness sources (like OpenSSL) and run the code in a secure environment. PHP's openssl_pkey_new() uses strong entropy under the hood, making it suitable for production use if properly configured.

Q: Why do we remove the '0x04' prefix from the public key?

The 0x04 indicates an uncompressed EC point. Ethereum requires only the coordinate data for hashing. Removing it ensures correct Keccak-256 output aligned with Ethereum specifications.

Q: Can I reuse this method for other blockchains?

Similar logic applies to Bitcoin and other secp256k1-based chains, but address encoding differs (e.g., Bitcoin uses Base58Check or Bech32). Adjust hashing and formatting accordingly.

Q: What happens if someone gets my private key?

They gain full control over your wallet. Always store private keys in encrypted storage or hardware modules. Never log or transmit them in plaintext.

Q: How can I test my generated wallet?

Send a small amount of testnet ETH to the address using a faucet. Use tools like MetaMask or Etherscan (on Ropsten, Goerli, etc.) to verify balance and transactions.

👉 Explore secure digital asset management solutions today

Running the Script

Save the complete logic in a file named GenerateEthereumWallet.php. Then execute:

php GenerateEthereumWallet.php

Each run produces a new random wallet pair. For production systems, consider adding:

Security Best Practices

When working with cryptocurrency keys:

Expanding Your Blockchain Development Skills

Once comfortable with wallet generation, explore:

Understanding low-level cryptographic operations empowers you to build more robust and secure decentralized systems.

👉 Start exploring next-gen blockchain tools now

By mastering Ethereum wallet generation in PHP, you open doors to innovative blockchain integrations—securely, efficiently, and with full control over your infrastructure. Keep experimenting, stay updated with cryptographic standards, and always prioritize security in every line of code.