Cryptocurrency is a bearer asset. Simply put, the person who holds the keys to the crypto wallet owns the coins. When you get a crypto wallet, you’ll be given two keys: public and private. They are both essential to completing any transaction. Let’s dive into what these two keys are and how you can keep them safe.
What’s a Key?
Just like a conventional key, a crypto key also opens doors. In this case, however, the door is a gateway, finalizing your crypto transactions. Once you set up an account and a wallet, you will be given two types of keys:
A public key is akin to a bank account number. It’s your unique wallet address, which allows you to receive crypto transactions. A public key can be shared with anyone you wish to receive coins from. Sharing or pasting your public key does not pose any risk.
A private key, in essence, is your crypto. You need a private key to "prove" that you own the crypto received through your public address. You’ll find private keys in the form of a 256-bit randomly generated alphanumeric code or a 64-digit hexadecimal code.
No matter what form your private key comes in, it’s going to be a very, very long value. It’s supposed to be complex and large for a sensible reason—to prevent hacking. It’s the equivalent of a bank's ATM pin, allowing anyone who has it to withdraw from the account easily. So just like you wouldn’t share your ATM pin with anyone, never share your private key either!
How Does a Private Key Work?
Your private key is used to digitally "sign" or authenticate a transaction. Any activity, whether receiving or sending funds, cannot be authorized by the blockchain network without your private key. Here’s how it works:
- When you give your public key, the transaction gets encrypted. It can only be decrypted using a private key.
- Next, you digitally "sign" using the private key to authorize the transaction. Then the nodes on the blockchain automatically verify the transaction. A wrong private key entry would mean the transaction getting rejected by the network. This rejection is irreversible, and you may never recover that cryptocurrency again!
Where are My Keys?
Most likely, you will never even see your actual private key. Cryptocurrency wallets hold your keys for you. If you use a CEX like Binance or Coinbase, the linked wallet stores your key. These are called custodial wallets. The exchange is the custodian of your key, the same way you’d trust a bank locker to hold on to your gold and other valuables.
Custodial wallets have both benefits and risks. On the upside, you don’t have to worry about managing your private key. You are essentially outsourcing the security of your private key to that CEX. Whenever you wish to transfer coins out of your custodial wallet, you can simply login with a username and password, and enter the receiver’s public key. The CEX will input the private key to finish the transaction. This is a simple solution, but it comes with a risk. The biggest downside to this is that exchanges have been hacked in the past. If your private key gets compromised, you could lose all crypto without a chance of recovery!
If you would like to control your own keys, then opt for a non-custodial wallet, which is much safer. In this case, you are not outsourcing your private key to an institution, so there is less chance of hacking. On the flip side, though, non-custodial wallets are not as user-friendly as custodial wallets and come with a tremendous amount of responsibility. Since you are in control of your own keys, losing or misplacing them can be a costly mistake.
How to Keep your Keys Safe
There’s a popular saying in the crypto world-"not your keys, not your crypto." This means that whoever holds the keys, holds the coins. Essentially, platforms like Binance and Coinbase control your crypto, yet millions of users trust them with their keys. Ultimately, there is no right or wrong way to manage your keys. However, you can take some steps to keep your keys safe.
- Keep your keys in "cold storage," like a hardware wallet. These are physical devices that store your keys safely and protect them from malware attacks. Some hardware wallets also generate their own private keys for an additional layer of security. You can also opt for low-tech alternatives like a USB stick or hard drive.
- Paper Wallet: Simply write your private key on a piece of paper and lock it away in a safe. It comes with a risk-given the huge number of characters that make up a private key, even the slightest error when writing down the key could prove costly. A better option would be to print out your public and private keys along with a QR code.
- Be cautious with centralized exchanges: Do your due diligence to ensure the exchange is trust worthy. Use centralized exchanges that ask for two-factor authentication to complete any transaction. This gives further safety to your crypto.
- Remember your seed phrase: Your wallet will generate a seed phrase as a backup for your private keys. These are user-friendly phrases, often a set of 12–24 random words generated that can be easily remembered. For example, if you stored your key on your phone and then lost it, or if your hardware wallet broke, a seed phrase, also known as a "recovery phrase," can assist you. You can reset your wallet on a new phone or hardware device and regain access to your crypto using the seed phrase.
Remember, if you lose your private keys, there is no office that you can call to make a complaint like in a conventional bank! There is no evidence to prove that any amount of cryptocurrency was ever yours except for what you hold in the wallet that you have the keys to. So, never, ever share your private keys with anyone!