For all beginners in the crypto industry, it is essential to know what public keys and private keys are and what their functions are. Here is a short guide.
Public and private keys in the crypto world: what are they?
When one enters the world of cryptocurrencies, the first thing to do is to set up a wallet. It is at this stage that you start dealing with public keys and private keys. But what are they?
The public key is an encrypted code paired with the private key that is used to receive cryptocurrency transactions. While anyone can send transactions to the public key, you need the private key to “unlock” them and prove that you are the owner of the cryptocurrency received in the transaction.
The public key that can receive transactions is usually a wallet address, and that is a 42-character string specified by the recipient to receive crypto. The wallet address is simply a shortened form of the public key and functions as the IBAN of a given crypto’s account.
In general, one can freely share their public key without concern. In contrast, the private key is reserved for the owner of the wallet and must be kept secret.
In fact, the private key in the crypto world functions as a password to access a cryptocurrency wallet. If by chance this password is lost or stolen one day, anyone who has it can access the wallet and do whatever they want with the crypto assets they find.
Specifically, private keys are numeric codes that can take different forms, such as 256-character long binary code, 64-digit hexadecimal code, QR code, and even a mnemonic phrase.
Public and private keys in different crypto-wallets
Speaking of private keys, it is important to learn about the functioning of the crypto-wallet you have decided to use to hold your cryptocurrencies.
And indeed, many crypto wallet providers encrypt the private key in a way that is easier to record and remember.
Some wallets use a “seed phrase,” also known as a “secret recovery phrase,” to unlock the wallet. If you choose MetaMask‘s non-custodial cryptocurrency wallet, a string of random words will be assigned to the user and used to unlock the funds. The private key is hidden within the software behind this user-friendly string of words.
Alternatively, if you choose a wallet from a centralized platform such as Binance and Coinbase, the company will hold the private key on behalf of the user. In this sense, the wallet provider controls the funds on behalf of the user.
Public and private keys and the digital signature of crypto transactions
These public and private keys are primarily used to sign crypto transactions. This digital signature is used to verify the authenticity of the transaction on the relevant Blockchain.
Here are the steps involved in a transaction on the Blockchain:
- A transaction is encrypted using a public key. The transaction can only be decrypted by the accompanying private key;
- Next, the transaction is signed using the private key, which shows that the transaction has not been modified. The digital signature is generated by combining the private key with the data sent in the transaction;
- The transaction can be verified as authentic using the accompanying public key.
The user digitally signs a transaction to prove that he or she is the owner of the funds. Nodes check and authenticate transactions automatically. Any transaction that is not authenticated is rejected by the network. A transaction that is authenticated and mined on the blockchain is irreversible.
The story of Stefan Thomas and his IronKey
Public and private keys are a fundamental part of the crypto world. The story of Stefan Thomas and his IronKey, is a testament to this.
Thomas is a computer developer who risks losing 220 million in Bitcoin because he lost the password to his IronKey encrypted storage device, on which he saved the private keys of his wallets.
Basically, the developer apparently no longer knows how to access his wallets precisely because his IronKey with everything stored in it keeps the stuff secured. Indeed, secure even from him, as he no longer remembers his password.
Ironically, it is also the case that the IronKey only allows the user to enter a password 10 times, after which it becomes inaccessible. By the time the story was shared, Thomas had already attempted to log in 8 times and got the password wrong.
This story suggests that using IronKey is also not an appropriate storage mode for private keys. Rather, the idea is to keep the seed phrase or private key saved on sheets of paper, easily retrieved by at least its master.