What’s in your Bitcoin wallet?
If you said “bitcoins,” you’re wrong.
Bitcoins are simply entries in a publicly-viewable database: the blockchain.
Since the blockchain is available online for all to see, you, as a bitcoin owner, don’t actually “hold” bitcoin in your wallet. You hold something even more important: private keys.
A Bitcoin private key is like a secret passcode that’s needed to transfer ownership of bitcoins on the blockchain. With private keys, you have the power to alter the blockchain record by authorizing an ownership transfer from one Bitcoin address to another. That transaction gets recorded in the blockchain.
To go a level deeper, bitcoins are, at their root, numbers; monetary amounts that are assigned to Bitcoin addresses. For every private key, there is a public key (translated to a “Bitcoin address” or a “deposit address”).
The private key belonging to that corresponding public key is the secret code needed to “spend” bitcoin.
So my Bitcoin wallet just holds private keys — no bitcoins?
That’s right - you’re holding the private keys needed to move the bitcoin you own on the blockchain.
You can think of your Bitcoin wallet like a password manager (which everyone should be using!). Password managers store and secure the secret passwords you need to access websites, rather than the content of the websites themselves.
In this way, your Bitcoin wallet is essentially a key manager.Private keys empower you to take full control over the bitcoin you own
Part of the beauty and elegance of the Bitcoin network is that it allows one to have total sovereign control over a digital monetary asset - a simple but powerful tool of self-empowerment.
With that power comes the responsibility of keeping those private keys secure. If an attacker is able to obtain your private key, they can claim ownership of the bitcoin. Likewise, if the private key to a Bitcoin address is lost, the bitcoins will not be able to move on the blockchain at all.
There is no password reset button you can press in Bitcoin.
Private keys seem important…
They are. Anyone who holds the private key to a Bitcoin address can spend that bitcoin. Because of this, it’s vitally important that not only are your keys secure, but that you have full control over those keys.
With centralized entities (like Bitcoin exchanges), you’re trusting someone else to keep your private keys secure, and give you access to those keys when you request it.
Unfortunately, 3rd-party custodians have been notoriously poor keepers of private keys.
Maximum security, minimal risk
For greatest security and resilience, you can generate multiple private keys, with a customizable quorum of keys needed to spend funds. This type of wallet is called a multisignature (or “multisig” for short) wallet.
Multisig allows you to create, as an example, 5 private keys to a Bitcoin wallet, with at least 3 keys needed in order to move funds on the blockchain. To picture this, imagine a safe with 5 keyholes. If there are at least 3 keys in any of the keyholes, the safe can be opened.
Multisig offers the greatest resilience against both theft and user error. In such a setup, 2 keys could be compromised, and the attacker would not be able to move the bitcoin. Likewise, you can lose up to 2 keys, and still be able to access funds using your remaining 3 keys.