How A Cryptocurrency Wallet Works – And Why We Need It
To start actually using cryptocurrency, you need a cryptocurrency wallet. The wallet doesn’t store the value – that job is done by the cryptographic keys. Instead, the wallet organizes the keys in an interface which is more legible to humans.
Cryptographic keys are very complicated. Can you reliably memorize a string of seemingly-random letters and numbers such as “19Vv7GD9rq3dF7UTKMyGq7EV5ADrRWQk2e”? Unless you are some kind of incredible memory expert, the answer is no. Therefore, you must store your keys somewhere other than in your head. That’s where wallets come in.
A useful analogy is to think of cryptocurrency keys as being similar to bank debit cards, and the cryptocurrency wallet as being a convenient storage place – just as you might have several bank cards inside your wallet, one cryptocurrency wallet can hold multiple keys.
Public Key vs. Private Key
Cryptographic keys come in pairs: a public key and a private key. As mentioned, these keys look like a long jumble of numbers, upper-case and lower-case letters.
Functionally, a public key is needed to receive cryptocurrency from somebody else, and the private key is required to send cryptocurrency to somebody else. Returning to our bank card analogy:
- The public key is like a bank account number. You can give it out freely to anyone, or even post it on the Internet where anybody can see it, with no risk. Someone who has your bank account number can make deposits but cannot make withdrawals. The same is true for public keys. You might also find that people refer to public keys as “addresses”, because they are places for cryptocurrencies to be sent, analogous to a mailing address.
- The private key is more akin to the password for logging into Internet banking. If a thief were to get hold of your Internet banking password, then that thief could access your money and steal it. You shouldn’t give your Internet banking password to anyone. Actually, the private key must be guarded even more carefully than an Internet banking password, because it’s the only thing a thief needs. They don’t need your public key, or anything else. Only the private key is needed to unlock the funds stored inside that key.
If you hold cryptocurrency on a crypto exchange (such as Coinbase or CEX.io), you may never see your private key because the exchange holds it on your behalf. This fact has important security implications – remember, whoever holds the private key effectively has full control over all of the cryptocurrency that address is associated with.
It is possible to represent a public key (but, critically, never a private key) with a QR code, which is a sort of square barcode, like the one pictured below. This image has been smudged to protect readers from accidentally trying to send payments to it, but it still bears a close enough resemblance that you will know a QR code when you see one.
QR codes are convenient because they allow others to use a scanner to make a transfer, instead of needing to deal with the long, convoluted series of letters and numbers, such as 19Vv7GD9rq3dF7UTKMyGq7EV5ADrRWQk2f. Manually typing in a random-seeming string like that is no fun, and is highly prone to error.
Public key QR codes can be posted in any public place – for instance, on a website, or at a shop counter. Once displayed, anyone can freely send payments to the cryptocurrency address it is associated with.
Like Bank Cards… But Still Different
The bank card analogy only goes so far. There are important differences – for one thing, unlike bank cards, no identifying information is attached to cryptocurrency keys. Cryptocurrency doesn’t care about your address, social security number, date of birth, or country of residence – or even your name. Whereas banks have the power to approve or deny a bank card application based on the information given to them, cryptocurrency keys don’t discriminate. Absolutely anyone with an Internet connection can get a cryptocurrency key, no questions asked.
Bank accounts are denominated in a single currency (US dollars, Euros, Japanese Yen, etc.). Similarly, cryptocurrency keys are specific to a certain crypto token. For example, dealing in Bitcoin, Ethereum and Litecoin will require three separate keys. With a Bitcoin key, you can receive Bitcoin, store Bitcoin, and make a payment of Bitcoin, but you cannot use your Bitcoin key to do any of that with Ethereum, Litecoin, or any of the others.
For the avoidance of doubt, Bitcoin keys are not compatible with similarly-named tokens like “Bitcoin Cash” or “Bitcoin Gold”. Although these coins (confusingly) still have the word “Bitcoin” in their name, they require separate keys. Bitcoin Cash and Bitcoin Gold were derived from the programming code of the original Bitcoin before they split off on their own, in a process called a “fork”. It’s a bit like how zebras and horses share a common ancient ancestor, but have since evolved on separate paths.
Hot Wallets vs. Cold Wallets
You may also heard of “hot wallets” and “cold wallets”. In a nutshell, the basic difference is convenience vs. security. Hot wallets are more convenient, but cold wallets are more secure.
- A hot wallet is a cryptocurrency wallet with Internet access. They are necessary for facilitating movements of cryptocurrencies – such as making payments, or trading crypto on an exchange.
- A cold wallet is a cryptocurrency wallet without Internet access. Any data held on the Internet is at risk of hacking, at least in theory. But a hacker cannot use the Internet to steal from a wallet if it has no connection to the Internet. That’s why cold wallets are useful.
Here’s a good rule of thumb: treat what you store in a hot wallet the same way you would treat a physical wallet. Keep only your day-to-day needs in hot wallets, and store the vast majority of your holdings in cold wallets. It wouldn’t be smart to walk around with $50,000 in cash in your physical wallet. Better to have just a little cash in your pocket and keep the rest somewhere more secure – say, stuffed under a mattress. Then, when you need more to use day-to-day, you can make a transfer from the secure place (cold wallet / mattress) to the convenient place (hot wallet / physical wallet).
It must be emphasized that anything you hold on cryptocurrency exchanges are hot wallets. The good exchanges have implemented best-practice security and have insured against the possibility of theft, but you can never be too careful. Anything stored on an exchange is at potential risk of being compromised. This is not a hypothetical fear – according to statements by a cryptocurrency exchange named Mt. Gox, hackers are alleged to have reached in and stolen hundreds of thousands of Bitcoins. Mt. Gox filed for bankruptcy in 2014, leaving the rightful holders of those Bitcoins out of pocket. Unfortunately, there is little chance of recovery, due to the features inherent in Bitcoin (no identifying information on the wallets they were sent to, and inability to reverse transactions).
There are different types of wallets. In the next article in this series, we will look into what your options are, and the pros and cons of each.