Published in


A Primer on Private Keys

Not your ████, not your crypto

Think of a private key as a password to your crypto wallet.

In the same way that giving someone your email password grants them access to all your emails, giving someone your wallet’s private key grants them access to all your crypto.

Technically, a private key is a secret string of numbers and letters that proves your ownership of a bitcoin wallet address, allowing you to access and send your crypto.

“Not your keys, not your crypto” is more than just a meme.

It’s a half-warning, half-reminder that bitcoin and other cryptocurrencies belong to those who control the private keys.

If you don’t have the private keys to the wallet where your crypto lives, then you do not technically control the crypto at that moment. You’re trusting a third party.

Example: You put some crypto on an exchange to trade. The exchange will store your crypto at an address held by the exchange, not you. This means that if the exchange goes offline due to heavy traffic or disables withdrawals due to a volatility spike, you will not have full, uncompromised access to your crypto assets.

The only way to get full control? Using an account where you have the private keys.

A public key address is like an email address: you can send crypto to it, and you send crypto from it.

While anyone can send crypto to a public key address, only the holder of the private key can send from the address. Sort of like crypto launch codes.

However, there is one huge difference: while your emails are private even if someone knows your address, a public key address in crypto is more like a vault with transparent walls: everyone can see inside.

That’s right. If you know a public key address, you can see the crypto contents inside.

In fact, you can even check out a list of the 100 richest bitcoin addresses here.

Since private keys are incredibly hard to crack due to their cryptography, hackers go after crypto holders directly instead.

Every day, even savvy crypto users fall victim to phishing, social engineering, and malicious software:

  • Phishing: someone obtaining your password, often with fake websites
  • Social engineering: scammers using social media details to realistically impersonate someone whom you might send money (e.g. a loved one)
  • Malware: malicious viruses and software exploits that drain your crypto wallet

This usually happens due to avoidable human errors, such as a user falling for a scam that tricks them into giving up their private key or visiting an insecure website.

Here are some ways to keep your private keys out of unwanted hands:

  • Writing down an offline copy that’s not on a (hackable) computer
  • Do not share your private key with anyone; no one from Customer Success (from Blockchain.com or any other reputable company) will ever DM you or request access to your private keys.
  • Store your crypto in a private key wallet when not trading
  • Double check verified websites–often scammers will change a “.com” to a “.org”
  1. A private key is ______________ . It can be thought of as a ________ .
  2. If someone has access to your private key, they can __________ .
  3. One way to keep your private keys safe is _________ .

If you can fill in the blanks above, you’re well on your way to private key prosperity

The Blockchain.com Wallet app gives you a private key wallet that’s easy to use while giving you full control over your crypto.

Open an account and get started in as little as 10 minutes.

Get Started



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

The most popular and trusted cryptocurrency platform. For support @AskBlockchain. We're hiring! http://blockchain.com/careers