Public key is the mathematical counterpart of your private key. It is computed from the private key via elliptic-curve multiplication (secp256k1 for Bitcoin and Ethereum), and the wallet address you share with the world is itself derived from the public key through a hashing step.
The relationship
Private key → public key → address. The arrow goes only one way. Anyone with the public key can verify that a signature was produced by the corresponding private key, but they cannot recover the private key from the public key. Reversing that step would require breaking elliptic-curve cryptography, which would also break the security model of every modern banking system.
What gets shared on chain
On Bitcoin, the address you see is a hash of the public key (P2PKH or P2WPKH formats). The actual public key only becomes visible on chain when you spend from the address — at that point the signature reveals the public key, and from then on the address is "exposed." This is one reason Bitcoin best practice has historically been to avoid reusing addresses.
On Ethereum, the address is the last twenty bytes of the keccak-256 hash of the public key. The address itself is the visible identifier; the public key is computable from any signed transaction.
Why this matters for holders
You almost never need to handle the raw public key directly. What you do need to understand is the chain of derivation: the same mnemonic generates the same set of private keys, which generate the same public keys, which generate the same addresses, on any wallet that follows the same BIP-32 / BIP-44 derivation path. This is why importing your mnemonic into Ledger Live, MetaMask, or Sparrow Wallet will surface the same addresses — they share the standard.
The post-quantum question
NIST finalized its first set of post-quantum cryptography standards in August 2024. Bitcoin and Ethereum both still rely on elliptic-curve signatures. The timeline for practical quantum attacks against secp256k1 is debated, but the prudent assumption for a US-resident holder with a long horizon is that, between 2030 and 2040, signature schemes will likely migrate. Address-hashing (Bitcoin's P2PKH) buys some protection because the public key is not revealed until first spend.
Further reading: Private key, Address, Derivation path.