You’ve bought some Bitcoin, Ether, Litecoin, or some other Altcoin from an exchange like Coinbase, Gemini, or Kraken. You’ve read that you should use a hardware wallet to keep your coins safe in the event of some issues with the exchange, but why?
This is the first post in a two part series. In part 1, we’ll learn some fundamental concepts that hardware wallets use. In Part 2, we’ll go into more detail about hardware wallets. Be sure to follow us on Twitter or Like us on Facebook for updates on future posts.
Public and Private Keys
At the most basic level, a wallet is a set of public and private keys. Both of these are strings of alphanumeric characters such as “13GjxwhrdcqkrEqotGgmCNg8JtUwmL83o4”. In layman’s terms, it’s a random grouping of numbers and letters from the alphabet.
The concept of public and private keys come from an area of study called cryptography, and have been used by computer scientists and software engineers long before cryptocurrencies came around. They are mature, well established concepts and the usage of keys are common in the technology industry.
For practical purposes, each set of public and private keys are unique – no two people will have the same set of keys1. Even if you have multiple wallets, the set of keys will be distinct from others. Like a a phone number or Social Security number, everyone will have a different one that can be used to uniquely identify you.
Your wallet’s address is a “hash” of your public key. Think of the address as another alphanumeric string like your public or private key. To generate the hash, your public key is run through an algorithm and the output is your address.
Since your wallet’s address is based off the public key, it can be made public as well.
Your private key must be kept a secret and not shared with anyone. The private should not published anywhere and exchanges typically will not share your private key. Private keys are used behind the scenes for transactions and are the key that allow you to make these transactions. But if the exchanges were compromised by hackers, they’ll have access to the private keys and be able to make transactions with your coins or steal your funds. This is where hardware wallets help.
Here’s my wallet’s address on Coinbase. This is a Bitcoin address so you can send BTC to it 🙂
When you buy digital currencies on an exchange, a wallet (bitcoin address with corresponding public and private keys) are automatically created for you. For example, Coinbase will actually create a wallet for each payment, and therefore holds your public and private keys. Here’s a screenshot of the addresses in a Coinbase account:
Since exchanges like Coinbase are a collection of your addresses, they are collection of public and private keys. If something were to happen to these exchanges, you risk losing your keys and therefore your coins. Exchanges are currently unregulated and won’t be bailed out like the big banks were. There have been numerous stories of exchanges being hacked or shut down, and the larger the exchanges become, the more likely they are to be targets of an attack. The Blockchain Graveyard website lists cryptocurrency companies that have been compromised and shut down. This is where hardware wallets come in. They keep your keys off an exchange and onto a physical device.
Hardware wallets manufactured by companies like Ledger or Trezor store your keys on a physical device instead of an exchange. Your public and private keys are created when you setup the device, and you’re given addresses just like you were on an exchange. You use this address to transfer coins from an exchange to your wallet.
In Part 2, we’ll answer several questions such as:
- What happens if I lose my hardware wallet?
- What is the difference between a hardware wallet and cold storage?
- What types of cryptocurrencies are supported?
1 Technically, it is possible for someone to have the same address as you, but it’s extremely unlikely. When this happens, it’s called a collision. According to the Bitcoin Wiki, it is more likely that the Earth is destroyed in the next 5 seconds, than that a collision occur in the next millenium. It would take an enormous amount of compute power for a would-be thief to generate the same address and keys as you.