Most of the people in this sub probably already know what the Bitcoin private key is and how it works, but there are many newcomers who do not fully understand all the technical aspects of it. I hope you guys will find it useful.
Bitcoin Private Keys: The Basics
Let’s start with some main principles.
- A private key is functionally similar to a password to your email account. Unlike your email address, you never share it.
- You need your private key to be able to receive the crypto someone sends you and to have access to your funds.
- The BTC network does not store your private keys, they are generated and stored by the wallet software. There are different types of wallets.
IMPORTANT: The private key concept does not apply exclusively to Bitcoin. Other cryptocurrencies use it too.
Now, let’s see how a private key looks and works.
Bitcoin Private Key Definition
Bitcoin private key is an alphanumeric piece of code. It includes letters and numbers, just like your public address.
However, while a public address is like your plastic card number, a private key is like your CVC. You know, those secret three digits on the back of a card?
A private address is created in a random manner when you get a cryptocurrency wallet. The possibility of creating two identical private keys is almost zero, due to the sophisticated encryption algorithm, we apply for the purpose.
In the BTC network, a private key contains 256 symbols, as we obtain it using the SHA256 encryption algorithm. This function always returns 256 symbols, no matter the input.
Bitcoin private key in various formats, including WIF.
Wallet Import Format (WIF)
Using such a long string of code is inconvenient, so a private key is often presented in WIF (Wallet Import Format). It’s a shortened version that includes only 51 characters (numbers from 0 to 9 and letters in the range of A-F) and begins with 5.
Here is a Bitcoin private key example in WIF:
5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF
WIF has a few advantages over a full BTC private key version. As we have said, it’s shorter and more convenient to use. Also, it contains special pieces of code that serve to check the address for typos and correct them automatically.
WIF associates with only one private key and can be easily converted back into it, using an established algorithm.
Encrypting Private Keys
If a key looks like WIF but starts with 6, it is an encrypted version of a private key. People encrypt keys to ensure an extra layer of protection. To obtain such a string of code, we apply another algorithm. To decode (decrypt) the key we need to enter the password that we set when we were encrypting it.
How Bitcoin Private Key Works
You probably know Bitcoin as a digital payment system. To explain how it works, it would be better to compare it to a web-messenger, with massages transferring value. These ‘value messages’ are BTC transactions.
And what role a private key plays in sending these financial messages?
Let’s take a look at a real-life example.
https://preview.redd.it/fgtn8h63veu41.png?width=1261&format=png&auto=webp&s=9855f9aba70ebe7ca1f02b32c160ae78b2b42400
Using Private And Public Keys For a Transaction
Imagine you are sending 1 BTC to your friend Bill. You create a transaction and indicate yourself as the sender and Bill as the receiver of this amount. Then, you will broadcast the transaction to make the Bitcoin network aware of it.
- You start by choosing a private key. Using a special encryption algorithm, you derive a public key from it. You send this public key to Bill.
- You create a message for Bill and sign it with your digital signature. To obtain it, you pass your private key through a special encryption algorithm and attach the resulting code to the message. Every signature is unique, and you can use the same private address to produce an infinite number of them.
- Bill receives your message, public key, and signature and passes it through a signature algorithm. If it’s the message you sent, the algorithm returns ok.
Why we need a digital signature in the first place? There are three reasons. First, it tells the recipient that the message is from the sender he knows. Second, a digital signature makes it impossible for the sender to deny he sent the message. Third, it confirms that no one has altered the message in transit.
Unlike a traditional signature, a digital one cannot be forged. To produce it, you have to possess a secret private key.
https://preview.redd.it/k8n0vcg4veu41.png?width=624&format=png&auto=webp&s=9ab6c0bc25c0a638c4d3bfdbf86056f5462aa7d0
Why Keeping Your Private Key Secret Is Important
As we have mentioned, anyone in possession of your private key can steal your funds anytime.
If your wicked colleague Alice gets your private key (because you carelessly left your paper wallet on your desk), she can use it to create a digital signature. She can then use that signature to sign a transaction that will look like yours for the network. For instance, Alice can send all your crypto to another address. You will never be able to cancel this transaction and you are highly unlikely to know that she made it.
For this reason, you should be very careful with your private keys. Never send it to anyone using a messenger, or an email client, or a social media channel. Don’t share photographs of your private key. Never store a private key in a Google Doc file.
Please note that some desktop wallet apps store your private key in a standard directory on your hard drive. This place is a honeypot for hackers who know you are a cryptocurrency user. That’s why it’s extremely important to have up-to-date anti-virus software installed on your device.
https://preview.redd.it/bg2zd50aveu41.png?width=723&format=png&auto=webp&s=0e692f5c73c7c68ea854342b7fbeaf6aaa62f71f
Also, you may encrypt this wallet file to make it immune to malware. Many wallet apps provide this option. You will have to set a password to decrypt the private key, and the hacker will have to break this password to do it. If the password is strong, it will be a really difficult and time-consuming task.
Where To Store Private Keys: Mobile, Desktop And Hardware Wallets
As we have mentioned, the Bitcoin network does not store these keys. Instead, wallet services do it.
Mobile Wallets
Some of them allow you to keep and protect your private key, others do it automatically, applying various safety measures like 2FA or encryption. Note that nobody is responsible for it, your bitcoins will be gone if the service is hacked.
Desktop Wallets
Desktop wallets may be a good option. They provide a BTC public and private keys in the format of a file that you can download and import. You can protect this file with a strong password and safely store it on a hard drive. Don’t forget about safe storage for this drive, too. For instance, use a bank vault for this purpose.
Cold (Hardware) Wallets
Hardware wallets are the safest ones. They are small USB devices designed to store your funds and private keys offline, away from anyone who could steal them. For this very reason, hardware (or cold) wallets are impossible to hack. If you accidentally lose, damage or destroy such a device, you can recover your BTC and private keys using a backup phrase. The best-selling models of hardware wallets are Tresor and Ledger Nano S, supporting several popular coins.
https://preview.redd.it/7wlozgvcveu41.png?width=803&format=png&auto=webp&s=9c438a47a47f6bb2ba5dbd4fdfba924e8c960f47
Paper Wallets
These wallets are sheets of paper with BTC private keys and public address printed on them. Paper wallets look pretty basic and not very innovational, but it’s a safe way to store your BTC-related sensitive data. The main reason is that they are not connected to the Internet and thus are unreachable for malware attacks. This format is also immune to many mishaps that can affect electronic devices. To create a paper wallet you use a special web service like WalletGenerator.
P.S. Check out our blog if you are interested in more articles on crypto and finance