There are more places to “buy” cryptocurrencies popping up every day. Unfortunately, a number of these crypto exchanges aren’t actually selling crypto assets.
Some, like Venmo, let you spend your coins with a handful of preapproved merchants. Others, like Robinhood, never let you spend or even transfer your coins. These kinds of exchanges force you to treat your crypto as just another investment, only allowing you to “buy” or sell them.
Imagine walking into a bank to get some cash only to have the teller inform you that your cash can only be spent with the bank’s partners. Now imagine that the teller refuses to give you your cash at all.
Instead, they offer to keep holding it for you or to write you a check that should clear in a few days. If you’re smart, you’d probably close your account and store your cash somewhere that actually lets you use it.
When you “buy” cryptocurrencies from Venmo, Robinhood, or similar exchanges, you’re basically just depositing funds into a bank like the ones in these ridiculous scenarios. These exchanges maintain full control of both public and private keys, meaning they own your coins, not you.
Where Are Your Bitcoins?
Bitcoin and other cryptocurrencies are stored in wallets. Most people use digital wallets, often in the form of an app or an account on a website. But you can also store your coins in a hardware wallet that might resemble a hard drive or USB stick. Or you can print out a paper wallet to keep your coins safe on any old piece of paper.
Paper wallets are typically nothing more than a couple of strings of letters and numbers with QR codes to match. These strings of letters and numbers are the wallet’s public key and private key. You need both keys to initiate and receive crypto transactions. The public key is like a bank account number; it’s all you need to deposit funds into the wallet. The private key is like the PIN for the wallet and is required to access the coins in the wallet.
How Do Private and Public Keys Work?
When you want to send Bitcoin from your wallet to someone else’s wallet, you create a transaction. This transaction contains information such as the amount of Bitcoin being sent, the recipient’s wallet address, and a digital “signature” that proves you are the owner of the Bitcoin you are sending.
Private Keys: Accessing Funds and Securing Your Wallet
To create the digital signature for the transaction, you need to use your private key. Your private key is a long string of letters and numbers that is generated by your wallet software. Think of the private key as, essentially, the password to your Bitcoin wallet, and should be kept secret at all times. It’s important to keep your private key to your digital wallet a secret because it is essentially the password that allows you to access your Bitcoin or other cryptocurrencies. If someone else has access to your private key, they can use it to sign transactions and transfer your cryptocurrency to their own wallet, effectively stealing your funds.
You should also know that cryptocurrency transactions are irreversible, meaning that once a transaction is confirmed on the blockchain, it cannot be undone or reversed. This means that if someone were to steal your cryptocurrency using your private key, you would not be able to get it back.
When you use your private key to sign a transaction, you are essentially saying “I am the owner of this Bitcoin, and I authorize this transaction.” The digital signature (not your actual name, of course) is then attached to the transaction and broadcast to the Bitcoin network.
Once the transaction is confirmed by the network, the Bitcoin is transferred from your wallet to the recipient’s wallet. Without your private key, nobody can sign transactions on your behalf and access your Bitcoin.
Public Keys: Receiving Cryptocurrency and Sending It To The Proper Digital Wallet
In Bitcoin transactions, public keys are used to receive cryptocurrency. A public key is a long string of letters and numbers that is derived from a mathematical algorithm and serves as the public address for your Bitcoin wallet. You can share your public key with anyone who wants to send you Bitcoin, similar to sharing your bank account number with someone who wants to send you money.
When someone wants to send you Bitcoin, they need to know your public key. They can then use your public key to create a transaction that sends Bitcoin to your wallet. The transaction is then sent out to the Bitcoin network, where it is verified and confirmed by other network participants (miners).
When a transaction is confirmed, the Bitcoin is transferred from the sender’s wallet to your wallet. This transfer is recorded on the blockchain, which is a distributed ledger that contains a record of all Bitcoin transactions.
To spend the Bitcoin that you received, you will need to use your private key to sign a transaction that sends the Bitcoin to another address. This is why it’s important to keep your private key secure, as anyone with access to your private key can sign transactions on your behalf and transfer your Bitcoin to another address.
Owning Your Keys
When you don’t have access to the private key, you technically don’t have control of the wallet or the coins within it. This is where the phrase “not your keys not your Bitcoin” comes from.
Buying Bitcoin or any other cryptocurrency from the kinds of exchanges discussed above will not provide you access to your private key. As a result, these exchanges can prevent you from using or even selling “your” coins whenever they so choose.
It might sound farfetched to think they’d prevent you from even selling “your” coins. But they have on multiple occasions, often at the worst possible times. As a result, these exchanges have cost countless individuals untold amounts of money. Storing your keys on an exchange platform is potentially risky. Here is why:
- Hacking
Exchanges are vulnerable to hacking attacks, where cybercriminals can gain unauthorized access to the exchange’s systems and steal the cryptocurrency stored in the exchange’s wallets. Cryptocurrency exchanges are attractive targets for hackers because they can hold large amounts of valuable digital assets in a single location.
- Insider Theft
Exchange employees or contractors may have access to the exchange’s wallets and may steal cryptocurrency from the exchange. While insider theft may not be as common as hacking attacks, it’s still important for Bitcoin exchange companies to have strong security measures in place to prevent and detect such incidents. These measures may include limiting access to sensitive information and funds, conducting thorough background checks on employees, and implementing regular internal audits to detect any signs of misconduct.
- Technical Issues
Technical issues with the exchange’s systems, such as glitches or errors, can lead to loss of funds. In addition to glitches and technical errors, other technical issues that could compromise the security of cryptocurrencies stored on digital exchange platforms include bugs in software, issues with network infrastructure, and problems with hardware. Technical issues can occur on any digital platform, including cryptocurrency exchanges. While it’s difficult to know the exact frequency of technical issues that could compromise the security of cryptocurrencies stored on digital exchange platforms, there have been instances where technical problems have led to the loss of funds.
- Poor Security Practices
Exchanges may have inadequate security measures in place, such as weak passwords, lack of two-factor authentication, or failure to use cold storage to store funds. Your own personal security practices come into play as well. To take control of the situation consider these tips:
- Create strong passwords for all accounts related to your cryptocurrencies, including wallets and exchanges. Use a combination of upper and lowercase letters, numbers, and symbols, and avoid using easily guessable information like your name or birthdate.
- Enable two-factor authentication on all accounts related to your cryptocurrencies. This requires a second form of authentication, such as a code sent to your phone or generated by an app, in addition to your password.
- Consider storing your cryptocurrency in a cold wallet or offline storage device, in addition to the exchange or hot wallet connected to the internet. This can help protect against hacking and other online threats.
- Keep up to date with the latest security threats and trends in the cryptocurrency industry, and be cautious of any suspicious activity or unsolicited requests for information.
- Be cautious of phishing scams, which are attempts to trick you into revealing sensitive information or passwords. Double-check URLs and email addresses before entering any information, and never reveal sensitive information over email or instant messaging.
By implementing these personal security measures, cryptocurrency owners can help protect the security of their coins and minimize the risk of loss due to hacking, theft, or other security threats.
There’s nothing wrong with investing in Bitcoin or other digital assets. In fact, Bitcoin has proven to be one of the best investments in history. But thinking of cryptocurrencies as nothing more than an investment or restricting their usage completely defeats their purpose.
Bitcoin was designed to be a decentralized currency and if you maintain control of your private keys that’s exactly what it is. It isn’t controlled by any government, corporation, group, or individual. It’s simply a computer code that’s hosted independently on tens of thousands of nodes around the world.
Check out our other blog posts for a more detailed explanation of Bitcoin. But the short version is: it’s not what you’re buying if it doesn’t come with a private key. Because as you now know, not your keys, not your coin.
If you’re looking for a way to actually buy cryptocurrencies, stop by any RockItCoin Bitcoin ATM. With more than 1,900 locations throughout the United States, there’s sure to be one near you. And just to be clear, we never retain copies of your private keys. When you buy from us, your coins and your keys are yours and yours alone.