Part One: Understanding Private Keys
Private keys are of critical importance in the crypto industry. We recommend all seasoned crypto users learn about their origin, reasoning, and value. Below, we’ll analyze where private keys come from and their relationship with your crypto.
Private keys and their role in crypto
Owning cryptocurrency comes down to merely holding a private key. Unlike in the “real” world, where owning physical property usually involves possessing a deed with your name or a receipt of sale, owning is equivalent to knowing in the crypto world. In simpler terms, knowing a private key is equivalent to owning a crypto asset.
All assets can be manipulated via transactions. In the real world, these transactions are usually authorized with your signature. However, in the crypto world, these transactions can only be authorized using private keys, which are used to sign these transactions cryptographically. A signed transaction can grant access to the assets connected to these keys. Although anyone can generate a transaction involving your crypto assets, only the private key owner associated with them can sign, and thus validate, the transaction.
While fake signatures are a problem in the real world, the crypto world is protected by its underlying cryptography nature. As of today, no known hack allows someone to sign transactions on your assets without having your key.
What is a private key?
From a practical perspective, private keys are numbers within a specific range that allow funds to be spent (which is why keeping them secret is such an imperative). From a mathematical perspective, a private key is just a random positive integer. Here is a more technical and accurate description:
A private key is a cryptographically strong random number that has been obtained using a random number generator given a defined positive range.
Most of the time, computers use pseudorandom number generators (PRNGs) to generate these random positive integers (real random number generators are hard to come by. These generators often require having specialized hardware and use physical sources such as thermal noise in electrical circuits or precise timing of Geiger counter clicks). PRNGs are cryptographically strong functions seeded with a value that has enough entropy. Entropy is a complex concept, but its objective is simple: provide unpredictability to functions. By using secure entropy sources, PRNGs can create numbers that have a negligible probability of not being random (within a given, acceptable range).
The range given to a PRNG to securely create a valid Ethereum or Bitcoin private key is 2²⁵⁶ — 1 (imagine a combination lock made of the numbers 0–9, which is 78 digits long). Due to the immense size of this range, the probabilities of generating two private keys are negligible, which is the reason why your private key is unlikely to be created by another user. The set of integers your key is selected from is a massive number — it is roughly the same size as the total amount of visible atoms in the universe.
Private keys, public keys, and addresses
Since private keys are meant to be kept to yourself, we need a different mechanism to allow other individuals to find our assets and for us to find theirs. As a result, all blockchains use the concept of addresses — unique numbers derived from your private key. These addresses are meant to be the location of your crypto assets and can be shared with whomever you need to know your crypto assets’ balance (if you want to).
A blockchain address is created using your public key to ensure you are the owner of said address. In turn, these public keys are generated from your private keys. This process is unidirectional, which means you can use a private key to derive an account, but not an account to derive a private key.
Private keys can derive public keys, and public keys can derive blockchain addresses. However, blockchain addresses cannot be used to derive their public keys, and public keys cannot be used to derive their private keys.
This unidirectional process is done via cryptographic trapdoor functions. A trapdoor function is a one-way function that can only generate its value based on a specific input, and it cannot be used to derive the original input from it. Depending on the blockchain ecosystem, these one-way functions vary. For instance, most popular blockchain systems use elliptic curve-based algebraic constructions to generate their public keys. Independently of these characteristics, the outcome is always deterministic: a public key is unique to its corresponding private key, and the private key always generates the same public key.
Blockchain addresses also use one-way functions, called hash functions. Bitcoin and Ethereum addresses are created from one or more cryptographically strong hashing functions over your public key, in addition to specific mathematics depending on the particular blockchain. Because of how these hashing operations work, you can be confident to a pretty much absolute degree that your blockchain address is unique to your public key, and thus, to your private key.
A little bit of math can keep a secret
The cryptography and mathematics behind private keys are the reason why our crypto assets are safe — as long as we keep our keys secure. As of today, it is impossible to find and brute force any private keys connected to your blockchain address due to the fact that it would cost more energy than is stored by the sun. At Portis, we took careful measures, explained in our whitepaper, to ensure your key is generated safely and only by data known to you.
In the next chapter, we will look at popular blockchain ecosystems and some of the math behind public key generation. We’ll provide some code examples for you to try calculating the keys from the process each blockchain describes and using libraries that make the generation process easier. Stay tuned!