- Public key = account number = transfer address, which is equivalent to your bank card number. The public key can be freely disclosed to the outside world without any risk. Just like someone else knows your bank card number, they can’t do anything except transfer money to you. (Editor: Generally, the deposit address of exchange is equivalent to a public key)
- Private key = account number + password = identity authentication, which is equivalent to your bank card number + password. The private key is composed of numbers and uppercase and lowercase letters, and the private key length of different blockchains is generally different. The public key can be derived from the private key. It should be noted that once your private key is lost or forgotten, it cannot be retrieved, so be sure to keep it properly.
- Since the private key is inconvenient to remember, a mnemonic phrase appears, which is just another form of presentation of the private key. It is generally composed of 12 or 24 English words. For the convenience of domestic users, Chinese version mnemonics are also provided. As long as you remember these words and type them in the wallet in order, you can restore the wallet and perform any operations. If someone else gets your mnemonic phrase, it is equivalent to getting your private key, and you can control your assets.
- Keystore=card number. The essence of Keystore is the encrypted private key. Keystore must be used with your wallet password to be effective.
- Keystore, private key, and mnemonic words are common to all wallets. Wallet service providers may only provide users with one or more of these methods due to product design. However, if the same method cannot be restored normally in a wallet, then there may be some problems with the wallet.
- To further enhance security, most wallets will use a password to encrypt the private key twice. The encryption method and storage method of each wallet is different. This is why when you use a wallet to conduct transactions, you always need to perform authorization. This actually involves the wallet using the password to decrypt the private key, and then use the private key to sign the transaction and other complex processes.
Wallet safety tips
- The public key can be exposed and does not affect the security of your assets. It is equivalent to telling others your bank card account number.
- Once the mnemonic phrase and private key are leaked, there is a great risk that the assets will be controlled by others. At this time, you need to immediately transfer the assets to another address, and the original account or address is no longer used.
- The Keystore is leaked. Regardless of whether the password is leaked, there is a risk that others will control the assets, so you need to quickly transfer the assets to other addresses.
- If the private keys of EOSIO (including EOS, BOS, WAX, etc.) and IOST accounts are leaked, the new private key can also be replaced to prevent others from controlling their assets.
- When storing private keys and mnemonic words, we recommend using offline forms (manual copy, printing, etc.) for data backup, and at the same time keep the backed-up content properly. For information such as Keystore, it is unscientific and easy to make mistakes to use copy to backup, so users can store the Keystore as a file, and then store it in a USB flash drive and then properly manage the USB flash drive; among them, we are very It is not recommended that you take screenshots, network transmission (QQ, WeChat), cloud storage, etc., as these methods may be attacked by hackers and cause asset losses.