Topic: where are private keys stored? (Read 701 times)

Hello community. Where does the blockchain store private keys for bitcoin addresses? They must really be stored somewhere. If I have for an example an online wallet with a private key, I think my private key is stored somewhere and not in my PC.

Let us take an example of an online wallet which I have and have private keys. It is on ethereum block chain from etherdelta. When you create an account there you get a private key. But is that private key only available or recognized when I use the device through which I created the account? It is definitely not because I can import my account to say a metamask extension to another device .

Hello community. Where does the blockchain store private keys for bitcoin addresses? They must really be stored somewhere. If I have for an example an online wallet with a private key, I think my private key is stored somewhere and not in my PC.

So is it right to say in case of etherdelta the private key is stored in my browser cache? If yes that means anyone who can access my cache can also see my key?

So is it right to say in case of etherdelta the private key is stored in my browser cache? If yes that means anyone who can access my cache can also see my key?

Thanks for your insights. My worry is that since when someone opens an account with etherdelta by simply clicking NEW ACCOUNT, you get a public address and a private key which you are prompted to copy and save it somewhere else, but as long as you are trading on etherdelta there is no way to log out and log in again so your public address remains there on your browser alongside with your private key. If someone gets hold of your computer it is just a matter of clicking EXPORT KEY and he has your key! The only way to log out there is to remove account. That means when you want to trade again you have to import your account!

I don't know how etherdelta works excactly.
But it is not in the cache. It is either in the storage of your browser (most likely since i guess you don't have to "upload" it manually, right?) or a file on your computer (if you need to choose the file each time by "uploading" it).

In both cases. If someone has access to your browser (i.e. by having access to your device), and the wallet file / private keys are not encrypted, they have full access, yes.

So is it right to say in case of etherdelta the private key is stored in my browser cache? If yes that means anyone who can access my cache can also see my key?

Rerence is here: https://hackernoon.com/bitcoin-safety-a-guide-on-how-to-keep-your-wallet-and-private-keys-secure-94cf7b7f4a00#:~:text=Private%20keys%20are%20generated%20by,managed%20by%20the%20wallet%20software.

So here the software is your bitcoin core.

Blockchain is not storing any private key information.

Your private key is (or better: should be) only stored in your wallet on your PC / mobile / whatever device you are using.
They are not stored on the blockchain at all.

Your private key is used to sign transactions. These signatures can be verified using the corresponding public key.
No one needs access to your private key to verify signatures.




In the case of etherdelta, they don't have your private key. The private key is generated locally in your browser.
You are not given the key from their server.
So can someone access my browser cache and find the key?



You don't ever enter your private key anywhere.
You sign a transaction using your private key. And everyone can verify it by using the public key.

For visualization:
A transaction = "I want to transact X BTC from address 1 to address 2
Then you sign the transaction using the private key of address 1.
Everyone can then verify the signature by using the public key of address 1.

Please note that this visualization is not completely technically correct. But it gives you an idea how it works.

[...] how does the other computer know if the private key I am now entering on metamask to import an account is correct or not?

Your private key is (or better: should be) only stored in your wallet on your PC / mobile / whatever device you are using.
They are not stored on the blockchain at all.

Your private key is used to sign transactions. These signatures can be verified using the corresponding public key.
No one needs access to your private key to verify signatures.




In the case of etherdelta, they don't have your private key. The private key is generated locally in your browser.
You are not given the key from their server.



Thanks for replying. But my logic is still troubled. Let us say I have imported a wallet from etherdelta to a metamask extension which I have on a different pc from the one I used to create my etherdelta account. If as someone here said that private wallets are created and stored locally in my browser, how does the other computer know if the private key I am now entering on metamask to import an account is correct or not?
You don't ever enter your private key anywhere.
You sign a transaction using your private key. And everyone can verify it by using the public key.

For visualization:
A transaction = "I want to transact X BTC from address 1 to address 2
Then you sign the transaction using the private key of address 1.
Everyone can then verify the signature by using the public key of address 1.

Please note that this visualization is not completely technically correct. But it gives you an idea how it works.

I am for example using etherdelta and they have an option to import an account. I insert the public key then i go to the next step to enter the private key. Then I just enter a string of letters and numbers then it says invalid key. This surely means that etherdelta knows what is the right private key associated with that public key. Otherwise it would accept whatever input.

Then should we say that the only one who knows my private key is my public address?

I agree that electrum is the greatest tool out there for a "lite wallet", it's very complete.

For OP, the blockchain can't and shouldn't know your private keys, your private key is that, the key that opens the public address holding the bitcoins. The blockchain doesn't need to know the private key, it only needs the transaction hash to confirm whether the real owner of said public key is the one sending the funds, if it's correct, the transaction goes through, if it isn't, it's not.

I agree that electrum is the greatest tool out there for a "lite wallet", it's very complete.

For OP, the blockchain can't and shouldn't know your private keys, your private key is that, the key that opens the public address holding the bitcoins. The blockchain doesn't need to know the private key, it only needs the transaction hash to confirm whether the real owner of said public key is the one sending the funds, if it's correct, the transaction goes through, if it isn't, it's not.

I have a different understanding with what you're asking. You have mentioned an online wallet and blockchain, let me ask you if you are pertaining to blockchain.com wallet? Most online wallets will provide you the recovery phrases but if that's the wallet that you'll use in storing most of your bitcoins, choose a better wallet like electrum.

In the first place, you shouldn't keep your private keys in your computer. It's advisable to write it on a paper or make an encrypted backup. Private keys are shown before you create a wallet.