Image for post
Image for post

The Scatter Way — keys and accounts

Rami James
Apr 23, 2019 · 4 min read

EOS and Scatter basics

Part 1

This article is about the basics of how EOS works, what a private key is, and how EOS accounts and private keys are related. If you already know that, go check out some of the apps you can play with.

If all this is new to you, you’ll need to understand it so that you can get your EOS account up and running, and really safely manage your assets.

Let’s get started.

How EOS works and Scatter’s place in it

EOSIO is a blockchain, which is just a tower of building blocks. It is run entirely by users and some of those users choose to run for elected positions (Block Producers or BPs for short) which allows them to add new blocks to the top of the tower in return for pay. However only 21 of the elected BPs are able to add new blocks to the tower and everyone below them with less votes becomes a “stand-by”. Every user on the network can vote on who should be the elected producers.

The top 21 block producers shift around a bit but are largely stable.

The protocol itself gets updated from time to time and a cool feature of the network is that they can all vote and update the network together when there is a consensus of 15 out of 21 block producers.

EOS Mainnet is one of the networks that runs the protocol and has block producers synced up and producing blocks together. We have built a decentralized computer network that people have accounts on with funds in them. Billions of dollars sit in the network. It is mind-blowing to be a tiny part of that.

Scatter is the beast that Nathan, my brother, and I build that allows users and developers to easily connect to any EOSIO network. Before I explain what Scatter does, we’ll have to dive into private keys and permissions.

Keep it secret, keep it safe

So what is different about EOS than other smart contract networks like Ethereum and Tron is that users have actual accounts on the network and not just addresses. To access those accounts, you have to have private keys associated with an account permission. Account permissions give you access to network functions, such as transfer, which is used to move funds around the network.

So it goes like this

Private keys give you access to a permission. Scatter never gives anyone your private key; instead it simply provides a proof that you own it via a signature.

Most of the “daily driver” functions that you’d want to do with your account, stuff that is “safe” is all in the ACTIVE permission. Exposing the ACTIVE permission’s associated private key isn’t an “end of the world” scenario as you can not lose your account this way. The OWNER permission houses the functionality that you could possibly lose your account with, like updateauth which swaps one set of private keys for another.

You can use the same private key to manage both permissions, but that is bad practice. In general we recommend that you hold two sets of private keys, one for each permission. Keep the ACTIVE permission key in Scatter and use that for everything you can. Keep the OWNER permission key somewhere safe. I like to put it on a couple of encrypted USB sticks and hide that somewhere safe physically, like a lock-box in a bank. This way no matter what happens there is no way to lose your account, which could potentially hold millions of dollars. Worst case scenario you get your OWNER permission’s private key and use that to update the private key for your ACTIVE permission and you have access again. Another great way to secure yourself is purchasing a hardware wallet like a Ledger.

If your OWNER permission’s private key is exposed, you lose access permanently to your EOS account and its funds. There is no way back from this scenario.

From a private key you can derive a public key. A public key can be used to search for an associated account. Since private keys prove ownership, public keys are linked to the accounts and when you sign something on the blockchain the signature is validated against the public key that is associated with your account. If a signature is incorrect (signed by a wrong private key) it will not be able to be added to the blockchain.

To search for things like accounts, keys, and transaction IDs you can use a block explorer like or EOSpark.

Scatter lets you hold your private keys securely. It warns you if actions you are going to do are potentially dangerous. It allows you to generate and manage the private keys which are associated with your accounts.

Scatter keeps you safe.

Next up: on smart contracts and applications.

Want to join the early Marketplace roster?

Send us your NFT-centric projects to and make sure that when we launch, you launch with us.

— Rami James | Telegram: | Website:

Scatter is a blockchain application signature provider. We provide high quality tools for developers and users.


Who you are on the blockchain

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store