When we talk about “keys” we are referring to both your public and private keys. You can think of these as your routing number and then your password to your bank login.
Your public key is needed when sending funds, this is where another user knows which address is yours. It’s just like your account number, it’s reserved only for your account and the bank (which in this example is the blockchain) will use it to identify your account without using your password.
Now your private key would be the password to the login information on the banking website and would be the same as the login to your crypto “wallet”. This is the key that only you should know and not anyone else, because if someone else knows your private key they can drain every bit of crypto you might have been holding. Most wallets have 12-24 words you can write down to be able to log into your wallet instead of trying to memorize all 64 letters and numbers that make up your private key.
If you want a more in depth explanation on how they work and how they are secure you can watch our video over asymmetric encryption which will be linked in the description below.
In short, your private keys are used to create your public address, and also used to send your money – this is why you don’t want anyone else to have access to them.
Accessing vs Owning
Something that is very important to note when it comes to cryptocurrencies is the difference between Access and Ownership. Access can be shared, it is when multiple people have access to your crypto, they can move it around without your verification if they wanted to. Ownership is where ONLY you have access to your funds.
Imagine if your friend (or even Sathvik) had access to your house keys while you were away on vacation and they threw a party – they had access to your house and did what they wanted to – even if they said they weren’t going to throw a party.
When it comes to cryptocurrencies and any blockchain network, if anyone other than yourself has access to the private keys… consider your account compromised. When it comes to money, it’s best to assume the worst.
Major hacks – mt gox?
One of the most famous cryptocurrency hacks of all time was from an exchange called Mount Gox.
It was estimated that Mt Gox (Which was an exchange very similar to Coinbase) had been jacked for around 850,000 bitcoin which they could only assume that it was stolen but it was from both their and their customers accounts.. These customers simply were holding bitcoin in their wallets hosted on MT Gox and here’s the issue: they trusted the company to keep their wallets safe. We don’t know if there was an insider who was like “hmm, that sure is a lot of money, I’d like to have it for myself” or if there was a hacker who found a vulnerability… but a TON of private keys were lost and thus a ton of bitcoins were stolen. To put it into perspective, 850,000 bitcoins is literally 7% of all the circulating bitcoins at the time. Roughly $500,000,000. I don’t know about you, but I could do some damage with half a billion dollars.
The problem with Robinhood and Coinbase
Let’s go over the problem with using noncustodial exchanges, which basically means they don’t give you a wallet for yourself, they share one with you.
Robinhood doesn’t even give you a wallet – they just buy and sell for you. This means if you wanted to send your crypto to a friend, you literally cannot. If you want to receive some crypto from a friend, you also cannot. Robinhood is a horrible place to buy crypto if you believe in the fundamentals of why crypto was created in the first place: Decentralization, privacy, and trust. You don’t get an address with Robinhood, they just act as a middle man to buy and sell certain cryptos for you.
Coinbase, on the other hand, actually lets you send the crypto you bought off platform. However, if you keep it on their platform, and they get hacked due to a database issue on their side – all of your crypto could be gone. Coinbase is a good beginner exchange because it is fairly easy to buy a ton of large market-cap cryptocurrencies, and then use their user-friendly platform to send your newly bought crypto to another wallet.
The key here is that you’re just using coinbase as an exchange, not a wallet. We highly recommend sending your crypto a wallet that ONLY you control, so that you have 100% ownership of that crypto. Coinbase has those private keys, so technically anyone at coinbase might be able to send your crypto to a wallet, tumble it using a tumbler (you can watch our video on that topic if you’re curious what it is) and then you’ll never know where it went.
Metamask and Ledger
Two common wallets that you can send your crypto to so that you are the only person who actually owns it are Metamask and Ledger.
Metamask is a browser extension, so you can use it on your desktop. Technically if your computer has a virus, you could lose your funds, but it is still much more secure than Coinbase or storing your crypto elsewhere. Metamask is used by hundreds of thousands of people and the code is audited by very curious people so it’s pretty much an industry standard. You can also use Metamask to interact with decentralized applications.
Ledger, on the other hands offers a USB version of a wallet. The private key is encrypted and stored on a USB where you must insert your USB Ledger and connect the device to be able to send your crypto – it is much more secure than Metamask and if you don’t share your private keys with anyone else, you can be 100% sure they aren’t shared anywhere else.