Basics of Crypto Security

What are public and private keys?

An approachable explanation of how public and private encryption keys are at the core of crypto wallets and seed phrases.

When embarking on the journey of owning and managing your own cryptocurrency, the array of choices and number of new concepts may seem overwhelming. Cryptocurrency wallets make the process of managing your own cryptocurrency relatively straightforward - but there are some common terms and basic concepts that you should understand. In this article, we will summarize what encryption keys are, and how they are related to seed phrases and software wallets.



TL;DR (concentrated takeaways)

A cryptocurrency wallet generates encryption keypairs from a seed phrase, and then uses those keys to perform crypto transactions.

Although there may be many pairs of encryption keys in a wallet (to support varied wallet addresses), there is one "master" key pair.

Private keys are used to digitally sign crypto transactions.

Public keys are used to associate crypto with a blockchain address.

How are Seed Phrases and Keys related?

At its core, a cryptocurrency wallet is a secure container for your "private key." But what does that mean, and is it the same thing as the seed phrase? The answer is that they are closely related, but are not exactly the same.

A cryptocurrency wallet produces, or optionally, you give it, a BIP39 seed phrase, which you always keep securely backed up. From that seed phrase, the wallet software mathematically calculates a master private key and master public key. It is this master private key that is what people commonly refer to as your cryptocurrency "private key." If a cryptocurrency wallet is lost or destroyed, this original seed phrase can allow a new wallet to re-generate the private and public keys, and thus re-gain access to your cryptocurrency. This high-level view gives you an understanding of what your private key is, the relationship between your seed phrase and your private key, and why it is so important to back up your seed phrase.

Be aware that there can be more than one set of private and public keys: if you are using a Hierarchical Deterministic Wallet (HD Wallet), which most modern wallets are, your wallet will produce a large number of private/public keypairs that can be used to perform individual cryptocurrency transactions that preserve your privacy and security. Fortunately, the wallet handles that detail for you, and your single seed phrase (and wallet passphrase, if you chose to add one) will restore all of your private keys when needed.

How do private and public keys work?

Cryptocurrency wallets use standard encryption software to generate unique encryption keypairs, and then use those unique keys to perform secure identification and authorization of your crypto transactions. The term "keypair" is used because cryptocurrency uses a type of encryption called asymmetric encryption - also known as public-key encryption, or Public Key Infrastructure (PKI). Asymmetric encryption relies on two unique keys that work as a related pair. This type of encryption is called public-key encryption because of the way it is used: one key must be kept private, while the other can safely be shared publicly.

The wallet uses the private key to digitally sign cryptocurrency "sell" transactions. This digital signature produced with a private key is like a stamp of authenticity. Correspondingly, the related public key of that same keypair - the key that is shareable - can be used to verify that only the holder of the private key could have signed that transaction, and that the transaction was not tampered with after it was signed.

The public key is also used by cryptocurrency wallets, which use a hashed form of the public key to identify the location on the blockchain network where a private key owner may receive cryptocurrency payments. So when you share your payment address with someone who will pay you in cryptocurrency, you are actually giving them a form of your public key, which tells the blockchain network where to pay you - in other words, a public key functions as an accounts receivable address.

What are "Quick Response" (QR) codes?

Either the private or the public key can be represented as a QR barcode. A wallet holder could publish a public key QR code (for example on their website) to ask people to pay them at that single blockchain address. Alternatively, they could generate and send each individual a unique payment public key QR code, resulting in payments to be made at multiple blockchain addresses. The wallet owner is thus free to decide on the payment address strategy that makes most sense for their privacy goals.


It is very important never to publish the QR code for a private key - if a private key QR code is generated at all, it should only be retained as part of a secure private key backup strategy!

https://www.linkedin.com/company/vault12
https://twitter.com/_vault12_
avatar-icon

Vault12 Crypto Security

Social Recovery Vault for Digital Asset Security + Digital Inheritance for protecting the future of money.

star-background

Backup and Inheritance for Bitcoin

vault12-guard
Vault12 Guard Explainer
Get the Vault12 Guard app onto your phone
QR code Vault12 Crypto/NFT InheritanceDownload Vault12 on App StoreDownload Vault12 on Google Play
Vault12 app mockup
Scroll down
Close

Vault12 Product Demo

Get The Vault12 App Onto Your Phone

Download Vault12 on App StoreDownload Vault12 on Google Play
Close
Start protecting your digital assets: Free 30-day trial available today.