How to securely create Cosmos/Osmosis wallet private keys

In this post, we explain how to create a private key for Cosmos wallets. The use cases include programmers or advanced blockchain and DeFi users. This is especially handy for any keys you need to share with your team: one-off deployment keys, hot wallet keys and so on.


Creating cryptocurrency wallet securely is important, as there have been several issues of weak random number generators causing hacks and losses.

In this post

  • We create a private key using secure UNIX (Linux/macOS) command line tools. Particularly, we do not use any unsafe websites.
  • We show how to back up the private key securely.
  • We import this to Keplr wallet to.
  • This method is compatible with Cosmos Hub, Osmosis, Juno, EVMOS, Stargaze, and many other Cosmos chains.

Creating a private key

A private key is a 256-bit non-guessable integer. There is nothing magical about it, it is just a hard-to-guess number. To create a private key on your developer laptop, you can use console tools. You can even do this offline, so this way the key never leaves your laptop, as opposed to website based key generators.

Install the OpenSSL command line tool. The openssl can create a random 256-bit number with nice hex output:

openssl rand -hex 32

The output is 32 bytes, or 256 bits, and looks like this:


This is often called a "raw private key" as it is not derived from any seed words, also known as a mnemonic. The randomness is sourced from a cryptographically secure /dev/urandom random number generator (RNG) device on your laptop.

Backing up the private key

  • Print it out on a paper
  • .. .or store the generated number in a secure password manager

As we are going to store this key in our wallet any case, the security of this key is not going to be the maximum security. For more security, you should always use a hardware wallet and/or a multisignature wallet. Creating keys and storing them in a password manager is not giving you the best security. But for many programmatic use cases, like one time deploy keys, it is more than safe enough.

Importing a raw private key to Keplr

You can import the raw private to the Keplr wallet:

Then choose the Private key option:

Now you can have the private key account in your Select account menu:

And then you can choose to use this private key with different Cosmos blockchains like Osmosis: