The Future of Private Keys? It’s a Secret

Published Mar 1, 2021
By Sonny Azeez, Qredo Community Manager

My online, best friend’s name starts with “0x71dA0b62...” before trailing off into something worthy of waking Cthulhu from his slumber.

We don’t communicate much, but I know they are always there whenever I need to transact value, and they know I will always be there for the same. There is also one other thing we both know: my friend’s existence is only as good as where their private key or seed phrase is stored and who can access it. The moment someone else can access their private key and use it, they also become “0x71dA0b62…” and we will be none the wiser.

The same thing goes for mine too.

A Very Little Key

Unlike the other kind of crypto wallet that you shove into your back pocket or purse, a cryptocurrency wallet is an interface that allows you to access digital assets, interact with them, and manage the keys that you own.

The ownership of any cryptocurrency boils down to who owns the private key or the seed phrase of the wallet. Unlike their physical counterparts, Crypto wallets do not contain the actual assets; rather the assets are documented on the blockchain and the wallet is merely giving you the ability to interact with the assets as long as you have the proper key.

In plain speak, this is akin to the doors from “The Adjustment Department” - wear the right hat before turning the doorknob or you will end up somewhere else.

There are two components to a crypto wallet: a public key and a private key.

The public key lets you receive funds from anyone - literally. You have no say over what enters your wallet, and from whom. All it takes is for the sender to have your crypto wallet address. Just like having a publicly listed phone number. Also since most blockchains are public ledger with their explorer, just about everyone can look you up to see everything you’ve ever done on that blockchain, and with whom. Glass houses for everyone. But, in this case, what is good for the goose is indeed good for the gander since it becomes easier to audit any exchange of value for any entity, at any point in time.

The other component is the private key. This is what gives you access to the content of the public key; the keys to the vault. Like any vault, the last thing you want is to keep it within  reach of every Tom, Dick, and Harry - especially when they can open and move your vault’s contents from any place in the world.

A Very Heavy Door

A private key can be deterministic or non-deterministic.

Deterministic keys are generated from a seed phrase of between 12 to 24 words. Using this method, you can use the same seed phrase to generate an infinite number of keys for different purposes and entities, without having to store each key individually. Think of it as the master key of a hotel. Every door has its key. Room A’s key cannot open Room B’s door, however, the master key opens all doors. This aspect is extremely useful for businesses who may want to give their staff or clients control over their crypto wallet while maintaining a way to recover the account should things go awry.

By contrast, non-deterministic keys have no relationship in common with each other, each existing in its own self-contained space. They are independently derived from random numbers.

Regardless of whether a key is deterministic or not, private key ownership allows you to be your own bank. With this comes the responsibility of keeping it safe and secure - from blockchain bandits prowling the UTXO highway, Greeks bearing gifts, the garbage man, and even yourself.

Of course, someone out there may already have access to your private keys, but until your asset starts to move, you will be none the wiser. And even when the funds start to move, there is no stopping them.

Security Without Keys

When it comes to securing high-value, real-world assets, Acrylonitrile Butadiene Styrene (ABS) keyboards and biometric authentication are a world away from the first wooden keys of ancient Assyria. With the integration of Multi-Party Computation (MPC) on the blockchain, the digital asset wallet may also be undergoing its own evolution.

Multi-Party Computation allows parties to jointly execute computational tasks without sharing any data. Usually, we tend to be more worried about preserving our privacy from unauthorized parties, but with MPC our personal data is shielded even from the counterparties we are dealing with.

What does this mean for private keys? Simple. Once you connect to the blockchain for the first time, a sovereign ID is created on the connecting device and the protocol generates multiple independent secrets which are then distributed between MPC Nodes. Using these secrets, nodes work together to provide a public key and signature for every value exchange without ever possessing or materializing a private key. What's more, no node can see another node’s secrets.

This is an important distinction of MPC signing - no private keys are generated. This novel solution to the private key conundrum is what Qredo is pioneering. By never generating the private key into a whole form under the control of one actor, the security of systems with custodial responsibility for crypto-assets can increase by orders of magnitude.

When an asset owner wants to sign a transaction or generate a public key to make a deposit, the MPC Nodes running the protocol create a public address for the transaction and a signature recognized by the underlying blockchain (example: Bitcoin). As a result, the asset owner can spend or move the crypto assets without worrying about who is really at the other end of the line.

Not your keys, not your crypto? Your phone’s biometric lock would like to have a word.

Read more from Qredo