Public addresses – such as the “Current Address” displayed on every wallet screen in both QR and text form – can only be used to receive funds. They’re what you share with the other party in a transaction. If someone were to get a screenshot of your main wallet screen, they wouldn’t be able to remove any funds associated with that address. To do that, they’d need the private key associated with that address. Private keys “sign” the transaction; without that digital signature, the sender can’t “prove” they control the address associated with those funds, and no transaction will take place.

Like public addresses, private keys are really just data strings that can be represented in plain text or graphic form. Unlike public addresses, however, they should not be shared with third parties unless you want to grant them access to remove funds (e.g. a family member or trusted friend).