This time, I will briefly explain the importance of your EOS private key and how to manage it.
To transfer data in the EOS blockchain and perform smart contracts, users must use an encrypted digital signature. To do this in EOS, the encryption method follows an asymmetric key encryption (public key encryption).
First, let me give you a brief introduction about encryption.
Encryption methods include a symmetric key encryption and an asymmetric key encryption.
Encryption and decryption means:
- Encryption : Changing the original message so that it is recognizable only to a specific subject.
- Decryption : Restoring an encrypted message to its original message
Symmetric key encryption
Use the same key for encryption and decryption
Asymmetric key encryption
Use different keys (public key, secret key) for cryptography and decryption
Public Key : The key that anyone can see on the system
Private Key : The key to be secretly managed by the user
Content encrypted with A's public key : only possible to decrypt only with A's private key
Content encrypted with A’s private key : only possible to decrypt only with A's public key
When sending a message
The sender encrypts the message using the recipient's public key, and the recipient decrypts the message using his/her private key to verify the message.
When putting A’s digital signature
'A' encrypts the message using his/her private key, and the receiver, including the third party, decrypt the message using the public key of A to confirm the signature.
Private Key of EOS
The private key used in EOS is a 51-digit random number generated according to a certain rule, and the public key is generated by hashing this private key. However, you cannot obtain the private key by reverse-hashing the public key again. In other words, although a public key can be obtained through a private key, it is impossible to find a private key through a public key. Therefore, once you lose your private key, it is almost impossible to re-find it, so you should back it up in a safe place.
Managing the Private Key
Storing these private keys on public networks cause a risk of losing precious assets. So how do you keep your private key safe from the risk of hacking while at the same time solving the anxiety of loss? EOS, Bitcoin and Ethereum exchanges and personal wallets are frequently hacked, and accordingly, various security solutions are coming out. However, hacking technologies that go beyond security technologies are constantly emerging, so it is very dangerous to rely solely on private key management for security programs and technologies.
This article also suggests some ways to manage the EOS private key, but it is not a perfect solution and requires constant attention and thorough management of the individual.
You can keep it in doubly secured or proven professional ways, but we'll show you the safest and easiest way for those who give up because of the hassle and complexity.
1. Using the identity authentication tool “Scatter”
When using the Scatter, an identity authentication tool, you do not have to register or enter your private key every time you use Dapp, which reduces the risk of hacking. It can be used after the first one time authentication, and the Scatter never requests or provides information about the private key.
The Scatter is the most trusted identity authentication tool ever released on EOS. Because it is stored locally, even if someone else finds out your password, it is difficult to hack a Scatter account unless he comes to your laptop or desktop hardware to steal it.
However, it is important to install a normal Scatter program first because it can cause an accident if the Scatter itself is unusual. You can verify that this is a normal program in the Chrome browser's Extension Manager mode.
Meanwhile, Block One is developing its own authentication tool, so we need to see more about how best to secure the future.
2. Distributing the key & keeping your assets in more than 1 private key
- It is a kind of multi-signature method to distribute the private key and store them on several online /offline places.
Private key : 5EjXk6Bai1HE3O …
place A : 5EjXk6
place B : k6Bai1
place C : i1HE3O …
- Against the case of forgetting the order, you can save several digits in duplicate.
- It is also much safer to keep your asset in several keys. You can create and keep multiple private keys themselves to prevent you from blowing all of your assets with a single hack.
- In addition, EOS can split an active account that performs various transactions and an owner account that owns the ownership.
- For frequent use, it is safer to register Scatter with the private key which you keep the small amount of assets.
3. Be careful
There are several ways to keep it safe, but at the same time, it is important not to take careless actions that put you at risk for hacking. In fact, hacking cases are often caused by the negligence of individuals. Even though the private key is stored in the encrypted USB storage, it can be hacked if the computer is infected with a virus. Sometimes it is also hacked in the process of copy and paste the private key. Therefore, it's important to be careful not to open up unclear emails, or to install unauthorized sites or programs.
Of course, you must not give out your private key. Except in rare and special cases, there are no Dapps or BPs requesting a private key—so you should never enter a private key in a non-verified tool or Dapp.
It is also possible to bring in a private key while off-line when the network is blocked, or to keep a private key of 51 digits on a notebook, rather than on a computer.
What I've said so far is just a simple suggestion. If you get hacked, no one is responsible for it. As you have valuable assets, you need to be aware of the latest and best management practices with constant care.
The lack of a centralized organization that manages personal information is equal to say that there is no centralized organization in charge of any problem. Individual efforts are needed to fully enjoy the benefits of decentralization system.
All in all, there are significant benefits and risks to a decentralized system. However, the risks are preventable as long as you always stay smart.
So far, I have briefly discussed the importance of EOS private keys and some management methods.