For those just starting to invest in cryptocurrency, it’s essential to understand what cryptocurrency keys are and how public and private keys work. Every cryptocurrency wallet has a public and a private key. Not only are keys used during the process of sending and receiving cryptocurrencies, but they are also integral to keeping cryptocurrency holdings secure.
This article covers the differences between private and public keys, how they enable crypto trading and storage, and what investors need to do to keep their crypto secure.
What Is a Private Key?
A private key is a cryptographic string of numbers and letters which is mathematically related to a public key, but impossible to reverse engineer. This is due to its strongly encrypted code base.
A private key is what gives a wallet owner access to their funds and allows them to send funds to others. Think of a private key as a password, used to decrypt messages and transactions.
A public key, on the other hand, can be shared publicly to allow others to send cryptocurrencies to a wallet. Think of a public key as encrypting messages and transactions. In fact, a wallet address is basically a hashed version of a public key—shortened and compressed in order to send an address.
Each cryptocurrency uses its own algorithms for creating keys, so some are longer than others.
Why It’s Important to Secure Your Private Key
It’s very important to keep private keys secure and to keep a back-up in a safe, offline location. If anyone accesses your private key they can steal funds from your wallet, and if a private key gets lost there is no way to retrieve the funds in the wallet.
This can’t be stressed enough. If a private key gets lost or stolen, the funds secured by it are lost too.
It’s estimated that about 20% of all Bitcoin—$3.7 million—that has been mined is lost forever, and 1500 more Bitcoins get lost every day.
Recommended: How Many Bitcoins Are Still Left?
How Do Public and Private Cryptocurrency Keys Work?
Certain crypto exchanges and wallets store users’ private keys in an encrypted form. This can be more convenient for sending and withdrawing funds, but can make users vulnerable to security breaches. If using this type of wallet or exchange it’s imperative to make sure the company is reputable, and one might want to consider only keeping a fraction of their cryptocurrency holdings in this type of wallet at any given time.
Although the same private key is used for every transaction from a particular wallet, it never gets shared with the public network, making it possible to securely use it over and over again. Each transaction gets linked to a unique digital signature which confirms the validity of the wallet owner and ensures that the transaction can’t be changed later.
Bitcoin Private Keys
When someone creates a new bitcoin wallet, a 256-bit long private key beginning with the number 5 is chosen randomly. A public key connected to that private key will also be generated, which is the address used to receive Bitcoins. The public key begins with the number 1. It is next to impossible to reverse engineer to figure out the private key associated with a public key.
Here is an example of what Bitcoin keys look like:
Storing Crypto with Private Keys
Cryptocurrencies themselves are not stored locally on one’s phone or laptop. They are stored on the blockchain and accessed using public and private keys. Wallets keep track of how many coins are held by any particular user. This is similar to a traditional online bank account. When an account owner logs into their account online, it tells them how much money is in their account, but the money itself isn’t stored online. The difference is that cryptocurrencies are digital currency, whereas online funds relate to fiat currency backed by physical assets, at least in theory.
If a wallet owner loses track of their phone, laptop, or hardware wallet, they can still gain access to their cryptocurrencies if they have the private keys, or in some cases by using a backup code or recovery phrase provided when the wallet gets created. This is why it’s so important to make a backup of one’s private keys or backup codes.
Different Crypto Wallets Use Different Private Keys
There are a few different types of cryptocurrency wallets, each of which utilize private keys in a different way.
Some online wallets and exchanges store private keys on behalf of the user. These may be mobile apps or web apps, and are also known as hot wallets. Crypto holders can also send and receive funds on decentralized exchanges, which are peer-to-peer networks that don’t have a central authority.
Desktop wallets get downloaded from the internet but then exist offline on one’s computer. The private key may be written down or stored in an offline file.
Hardware wallets, such as the Trezor and Ledger devices, store private keys offline, and funds can’t be accessed without the device and a pin code. They generally have small screens and buttons used to verify transactions when the device is plugged into a computer. This makes them very secure. If the device breaks or gets lost, the funds can be retrieved using a backup code. These devices support many different cryptocurrencies, including Bitcoin, Litecoin, Ethereum, and more. Both hardware wallets and paper wallets are known as cold wallets.
A paper wallet is simply a piece of paper where one writes down their private keys or that gets printed out with the keys on it. This is perhaps the most secure way to store private keys, but it’s important to keep the paper dry and in a safe and memorable place. Paper wallets for Bitcoin can be generated at bitaddress.org , while the user is offline.
Trading Crypto With Private Keys
When a wallet owner wants to access or send funds, they will be asked for their private key, or to verify the transaction if the key is held by a wallet service. Crypto wallets generally come with QR codes that can be scanned for sending funds, making the process faster and easier. If even one letter or number in an address is entered incorrectly the transaction will go to the wrong wallet, so using a QR code can help prevent that from happening.
Bitcoin and many other crypto transactions are irreversible. For this reason, it’s very important to double- or even triple-check the address that funds are being sent to and ensure that it’s correct. One should never send funds to an unverified company or unknown individual, as there have been countless instances of crypto fraud.
Tracking Transactions Using Keys
While a private key will get you into your own account, there are other, more anonymous ways to track other crypto transactions. There is a publicly viewable ledger for almost every cryptocurrency showing transactions between wallet addresses. One can also view all incoming and outgoing transactions from any particular wallet address, without knowing who the address belongs to.
This can be useful during the transaction process, because sometimes it takes several minutes or even longer for a transaction to go through and funds to transfer into a wallet. However, one can often see that the funds were sent from the outgoing address, confirming that the transaction has been initiated.
Understanding private and public keys is integral to investing in and using cryptocurrencies. While a public key is in fact public-facing, one’s private key should always be kept secure, because with it you—or anyone else—can execute crypto transactions, and without it you have no access to your cryptocurrency.
Investors looking to start building a crypto portfolio can get start trading crypto with SoFi Invest® for as little as $10. Members can trade Bitcoin, Ethereum, and other cryptocurrencies right from the mobile app. Plus, holdings are kept on a secure platform to protect against fraud and theft.
The information provided is not meant to provide investment or financial advice. Investment decisions should be based on an individual’s specific financial needs, goals and risk profile. SoFi can’t guarantee future financial performance. Advisory services offered through SoFi Wealth, LLC. SoFi Securities, LLC, member FINRA / SIPC . SoFi Invest refers to the three investment and trading platforms operated by Social Finance, Inc. and its affiliates (described below). Individual customer accounts may be subject to the terms applicable to one or more of the platforms below.
1) Automated Investing—The Automated Investing platform is owned by SoFi Wealth LLC, an SEC Registered Investment Advisor (“Sofi Wealth“). Brokerage services are provided to SoFi Wealth LLC by SoFi Securities LLC, an affiliated SEC registered broker dealer and member FINRA/SIPC, (“Sofi Securities).
2) Active Investing—The Active Investing platform is owned by SoFi Securities LLC. Clearing and custody of all securities are provided by APEX Clearing Corporation.
3) Cryptocurrency is offered by SoFi Digital Assets, LLC, a FinCEN registered Money Service Business.
For additional disclosures related to the SoFi Invest platforms described above, including state licensure of Sofi Digital Assets, LLC, please visit www.sofi.com/legal. Neither the Investment Advisor Representatives of SoFi Wealth, nor the Registered Representatives of SoFi Securities are compensated for the sale of any product or service sold through any SoFi Invest platform. Information related to lending products contained herein should not be construed as an offer or pre-qualification for any loan product offered by SoFi Lending Corp and/or its affiliates.
Crypto: Bitcoin and other cryptocurrencies aren’t endorsed or guaranteed by any government, are volatile, and involve a high degree of risk. Consumer protection and securities laws don’t regulate cryptocurrencies to the same degree as traditional brokerage and investment products. Research and knowledge are essential prerequisites before engaging with any cryptocurrency. US regulators, including FINRA , the SEC , and the CFPB , have issued public advisories concerning digital asset risk. Cryptocurrency purchases should not be made with funds drawn from financial products including student loans, personal loans, mortgage refinancing, savings, retirement funds or traditional investments.
External Websites: The information and analysis provided through hyperlinks to third party websites, while believed to be accurate, cannot be guaranteed by SoFi. Links are provided for informational purposes and should not be viewed as an endorsement.
Financial Tips & Strategies: The tips provided on this website are of a general nature and do not take into account your specific objectives, financial situation, and needs. You should always consider their appropriateness given your own circumstances.