Keys enable two parties to complete a cryptocurrency transaction securely. They also prove that the transaction is legitimate. Or, in other words, that it was made by the true owner of the funds.

You need two keys to perform a cryptocurrency transaction: a public key and a private key (secret key).

As the name suggests, public keys are publicly known. This is because their purpose is to identify the individuals taking part in the transaction. By contrast, a private key is secret and only known to the individual who holds it. Secret keys authenticate and encrypt transactions.

It’s helpful to think of a public key as a username, or an email address. Others can use this information to look you up and get in touch. A secret key, on the other hand, is the password you’d use to log onto your account.

In cryptocurrency, you don’t own the coins themselves. What you really own are private keys. Whoever has access to the private key controls the coins that key grants access to.

More importantly, if you lose your secret keys, there’s no way to recover your coins. This is because, unlike fiat currencies, cryptocurrencies aren’t backed by a central authority. Instead, they run on a decentralized, immutable public network .

This means it’s important to keep your private keys safe.



There are three main ways to store keys:

  • Hot wallets

Here, the keys are stored on the internet. This is the most practical form of storage, because it gives you instant access to your cryptocurrency when you need it. The flipside is that your private keys are more vulnerable to attacks by malicious hackers.

Experienced cryptocurrency users typically store only a small portion of their cryptocurrency holdings in hot wallets, for this reason

  • Warm wallets

Warm wallets store keys in downloadable software instead of an online server. You need a code or PIN to gain access to the key.

The advantage is that warm wallets are only connected to the internet when you need them. This means they’re harder to hack than hot wallets. That said, when they’re connected to the internet, there’s a window in which malicious hackers can try their luck

  • Cold storage

Here, the private key is stored offline. This could be as simple as writing it down on a piece of paper placed in a locked drawer, or as sophisticated as using an air-gapped server — a standalone server that isn’t connected to the internet or another unsecured network.

Offline keys can’t be hacked, because they don’t come in contact with a publicly accessible server. The trade-off is that it takes longer to make a transaction



  • The system of public and secret keys that cryptocurrency transactions use is called public-key cryptography, or asymmetric cryptography.

Stanford University researchers Whitfield Diffie and Martin Hellman publicized the concept in a 1977 paper. But it was originally — and covertly — proposed several years earlier by James Ellis, who worked with British intelligence.

  • Asymmetric cryptography isn’t exclusive to the crypto world. Transport layer security (TLS) and secure sockets layer (SSL) — the protocols that make HTTPS possible — also also use asymmetric cryptography.
  • Over the years, improper private key storage has led to many headline-grabbing hacks. The biggest one ever recorded happened in January 2018, when NEM coins worth $534 million disappeared from Japanese crypto exchange Coincheck. NEM’s president Lon Wong called the hack “the biggest theft in the history of the world.”



  • This article explains asymmetric encryption in the plainest terms possible and compares it to symmetric encryption — the standard for cypher systems before the mid-1970s.
  • For a more light-hearted but no less hair-raising read, here are 7 unfortunate ways people compromised their private keys. One even involves an ill-advised trip to the tip



“Proper security is crucial in decentralised systems. At Metaco, we continually look ahead to make sure we anticipate and neutralise new threats as they appear, whether they stem from technological vulnerabilities or human error.”

Access the A-to-Z
of Digital Assets glossary