Public & Private Keys
What are cryptographic keys?
Public and private keys are fundamental to cryptocurrencies, allowing you to make transactions without the need for third-party verification. These keys function as a pair, and it is vitally important you own your keys and keep them safe.
In practice, keys are "very large numbers shown as long strings of characters", and each blockchain network user has a set of two keys:
- Private key - used to create a digital signature for a transaction and to prove ownership of a blockchain address; used for accessing and spending your Bitcoin.
- Public key - used as an address on the blockchain network for receiving funds, and for verification of a digital signature.
Private keys
A private key acts like a password that allows you to access and manage your crypto - and just like your passwords, private keys must be kept secret!
The private key itself is a randomly generated secret number that should only be known to you, as the sole owner of the associated address (where you receive payments).
- Your Trezor is a dedicated piece of hardware that generates your private keys for you
- All you have to do is follow the instructions for setting up your device using Trezor Suite, making sure you carefully write down your recovery seed on the cards provided and keep them somewhere safe
- The process is isolated (offline) and the keys never leave your Trezor, making it the safest way to manage your crypto
Private keys for Trezor devices are generated based on the recovery seed and (optional) passphrase.
- When you initialize your Trezor, you'll be prompted to create a backup of your wallet (private keys)
- During setup, you'll be asked to write down your recovery seed (carefully!) which is the only backup of your private keys
- This list of words allows you to recover a wallet (restore private keys) if your Trezor is damaged, lost or stolen, so you must keep it safe!
Public keys
Your public key can be shared with others in order to send and receive funds. It is generated by your private key using some complicated mathematics, which makes them a matched pair.
A public key is used as the basis for an address, which is where you receive funds.
- Anyone can send funds to your public key, but you require the private key to access them, i.e., prove that you're the rightful owner of the received funds
- Whenever you make a transaction using your public key (public address), you need to verify it's really you making the transaction by using your private key. Essentially, everything is open and anonymous
The role of hardware wallets
In 'owning' cryptocurrency, you really own a private key that proves you have sole ownership of some cryptocurrency stored on the blockchain.
Anybody else is able to verify those funds belong to your public key, and you can prove your ownership by signing a message with your private key.
For cryptocurrency you're not holding on to a physical asset (such as cash), so your wallet is used for a different purpose: to store your keys.
A hardware wallet creates a seed using a secure hardware random number generator. The seed is then used to generate many pairs of related keys which are managed by the device.
Hardware wallets like the Trezor Model One and Model T are primarily used for storing your keys, but can also be used for other purposes e.g. a security token for 2-Factor Authentication.
Although the keys are related, it is not computationally feasible to deduce a private key from a public key - this is why public keys may be shared.
Together, the public key and private key ensure the security of the cryptocurrency ecosystem.
Understanding the concept of public and private keys and how to keep them safe is extremely important for working with your crypto.
