Author

Topic: Cold Wallet: What is My Private Key? (Read 146 times)

legendary
Activity: 2730
Merit: 7065
February 17, 2022, 10:08:19 AM
#10
When I withdraw coin from a custodial service, I now control my key and the custodial service loses that control, so that if they were hacked, I would be safe because I am taking responsibility for security. So having a key that one writes down is immaterial. It's about who controls the key function.
By now you have probably understood the importance of seed words and private keys and how to store them safely. And I guess you have noticed how that is different from using a custodial service, such as a casino or centralized exchange. What do these platforms give you? They give you an account. You deposit your coins to their account, but where are the private keys or seed? Do you have it? No! The exchange has it. Your coins become their coins that you are allowed to use if you fulfill their requirements. So when we are talking about keys, custody and control, you never had that while the coins were on their wallets with private keys only they controlled.   
legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
February 15, 2022, 06:07:59 AM
#9
The various beginners' books I have read on the private key never really explain any of this, leaving one to assume that the key is something like a password that you keep private . . . a little misleading.
You should read more serious books like "Mastering Bitcoin" to fully understand the relationship between seed words which represent your main key, that is, information which is sufficient to derive other keys, and private keys which are derived from your main key and which are used to create signatures and spend coins. The derivation process is done by the software you are using (your software wallet) which stores keys online or a hardware wallet that has no connection to the Internet, meaning that it stores keys isolated from the online environment. During the derivation process, some essential keys are created, for example, master private key, master public key, master chain code, etc. These are derived from your seed but some of them are hidden from you behind advanced options for privacy and security reasons. That means the access to them is kind of restricted for your safety because if you don't know how to deal with them, it may compromise your funds.
legendary
Activity: 2212
Merit: 7064
February 13, 2022, 02:40:50 PM
#8
But now that I have successfully set up Trezor Model One, I have no idea what my key is. I mean if it is MY key but I don't know what it is, then what does that mean?
What do you mean you don't know what your key is?
If you have seed words backup written on paper or metal plate, than you have your private key(s) that is derived from that specific seed phrase.
You can even generate your own seed words offline in more secure way using dices and than import them in Trezor, I consider that much better way than using inferior trezor generating system.
You can also  always convert your BIP39 seed words using iancoleman page offline.

legendary
Activity: 2268
Merit: 18711
February 13, 2022, 09:01:50 AM
#7
When I withdraw coin from a custodial service, I now control my key and the custodial service loses that control, so that if they were hacked, I would be safe because I am taking responsibility for security. So having a key that one writes down is immaterial. It's about who controls the key function.
This is essentially correct, but be aware it isn't that you are moving control of a private key from the custodial service to you, but rather the coins are moving from one private key to another, as denoted by a transaction in which the coins move from one address to another.

If someone was to give you the private key to an address with coins on it, then you have absolutely no way of verifying that they aren't also keeping a copy of the private key themselves. The only way to be sure that you and you alone are in control of the coins is to have them sent to a brand new address derived from a private key you have generated yourself in secret. A hardware wallet such as a Trezor does this for you, with every key it generates being deterministically derived from your seed phrase.

You may also use https://iancoleman.io/bip39/ (or download off-line version from https://github.com/iancoleman/bip39) to see what are your addresses (and private keys) generated from the given seed.
While this is possible, you shouldn't ever do this with a wallet which has coins on it. Typing your seed phrase in to a website is a fast track to having your wallet emptied and all your coins stolen. There is no need to view or write down individual private keys, and in fact, you are safer if you don't. As long as you have your seed phrase, you don't share it with anyone, and your coins are on addresses which are derived from your seed phrase, then you are firmly in control of your own keys and your own coins.
legendary
Activity: 952
Merit: 1385
February 13, 2022, 07:41:49 AM
#6
Hell All:

Ditto for you, I'm sure, I have had it drilled into me, "Not your keys, not your coin." But now that I have successfully set up Trezor Model One, I have no idea what my key is. I mean if it is MY key but I don't know what it is, then what does that mean?   In the setup process the word "key" was never mentioned. I assume that the "key" must be on the blockchain and not on my device but when I plug in my device, how can my BTC data (on the blockchain) be retrieved into the Trezor Suite on my PC without some kind of key or password?   Sounds like a dumb question I am asking but I don't know the answer . . . And, again, if "key" is such an obvious thing, why was it never mentioned in setup?                                           


You may also use https://iancoleman.io/bip39/ (or download off-line version from https://github.com/iancoleman/bip39) to see what are your addresses (and private keys) generated from the given seed.
jr. member
Activity: 57
Merit: 62
February 13, 2022, 07:18:50 AM
#5
The private keys are derived from the 24 words seed that was mentioned during the setup. That's all you need to have full control over your funds.

You also said that you're never asked for a password when connecting your device? A PIN is always required when connecting the device and spending unless you selected the "REMEMBER" option when setting up the wallet:



Before I figured out how to set the PIN using the randomly generated digits on the device and the blind matrix in Suite, I was accessing my account without a PIN. I finally realized that a device PIN is critical and now I am asked for that every time. I do not have Remember turned on and I "Eject" which means that the software data on Suite is ejected, not the Trezor, a new and confusing use of the traditional "Eject" function which always refers to hardware and not software (as in this case). From what I read in the Trezor tutorials, you just pull the device out of the port, something that is generally never done . . .



OP: I was just looking through Ansel Lindner's
Quote
The Bitcoin Dictionary
and came across the term "proof of key." When I withdraw coin from a custodial service, I now control my key and the custodial service loses that control, so that if they were hacked, I would be safe because I am taking responsibility for security. So having a key that one writes down is immaterial. It's about who controls the key function.
staff
Activity: 3500
Merit: 6152
February 13, 2022, 07:16:25 AM
#4
That helps, thanks. The "keys" then are an internal function that I am not privy to? In this case, as you indicated, I DO have my key which was generated from my seed words but my key is not something I could write down like my public address?
-snip-

It's just that the Trezor suite doesn't give you the ability to export them. You could do that using Electrum but I would not recommend doing that. For two reasons:

1. It's not convenient: Say you have 100 addresses (with funds). Would you rather have 100 private keys (one key for each address) or 24 seed that would help you restore the whole wallet?

2. It's not really safe: If your PC is infected, and you do try to export the keys, then a hacker could easily get them and spend the funds even without getting physical your hardware wallet and PIN code.
jr. member
Activity: 57
Merit: 62
February 13, 2022, 07:10:31 AM
#3
The private keys are derived from the 24 words seed that was mentioned during the setup. That's all you need to have full control over your funds.


That helps, thanks. The "keys" then are an internal function that I am not privy to? In this case, as you indicated, I DO have my key which was generated from my seed words but my key is not something I could write down like my public address? In the case, the reality would be that I have a key but I don't know my key. The various beginners' books I have read on the private key never really explain any of this, leaving one to assume that the key is something like a password that you keep private . . . a little misleading.
staff
Activity: 3500
Merit: 6152
February 13, 2022, 06:59:28 AM
#2
The private keys are derived from the 24 words seed that was mentioned during the setup. That's all you need to have full control over your funds.

You also said that you're never asked for a password when connecting your device? A PIN is always required when connecting the device and spending unless you selected the "REMEMBER" option when setting up the wallet:

jr. member
Activity: 57
Merit: 62
February 13, 2022, 06:57:40 AM
#1
Hell All:

Ditto for you, I'm sure, I have had it drilled into me, "Not your keys, not your coin." But now that I have successfully set up Trezor Model One, I have no idea what my key is. I mean if it is MY key but I don't know what it is, then what does that mean?   In the setup process the word "key" was never mentioned. I assume that the "key" must be on the blockchain and not on my device but when I plug in my device, how can my BTC data (on the blockchain) be retrieved into the Trezor Suite on my PC without some kind of key or password?   Sounds like a dumb question I am asking but I don't know the answer . . . And, again, if "key" is such an obvious thing, why was it never mentioned in setup?                                           
Jump to: