• Main
  • Blog
  • Tech
  • ‘Not Your Keys, Not Your Coins’: Paranoia or a Valid Concern?

‘Not Your Keys, Not Your Coins’: Paranoia or a Valid Concern?

There is a popular saying among crypto enthusiasts that goes, "Not your keys, not your coins."

It means that without your keys, you wouldn't really have control over your crypto assets. But why? Let's take a closer look.

Public and Private Keys Explained

Defining the difference between the private key and the public key is fundamental to understanding it.

Just as fiat money is sent to a bank account number, cryptocurrency is sent to a receiving address. This address is called a public key. When you receive crypto, it is sent to your public key, which anyone can access without compromising the security of your assets.

‘Not Your Keys, Not Your Coins’: Paranoia or a Valid Concern?

A public key is paired with another key – a private key, which is absolutely crucial. So how do cryptocurrency private keys work? Anyone with a private key can access funds on a public key and do whatever they want with crypto stored there. To put it simply, a private key is like a password: it identifies you as the rightful owner.

It's therefore easy to see why these concerns are so widespread. Were they all made up, serious cryptocurrency players wouldn't have used centralized platforms only to transact and then move their crypto to more secure places afterward, would they?

Having Access to Your Crypto Is Not the Same as Owning It

Signing into an exchange and entering the password no one knows may make you believe the coins on your account are your own. But that's not true.

The illusion that you're in complete control of your assets breaks down once you try to withdraw more cryptocurrencies than the platform allows – or as soon as you withdraw less than the minimum amount.

The exchange may actually take a cut of any transaction you make, freeze your cryptocurrency account at the whim of a government – or the worst nightmare for all crypto holders – notify you that your funds have been stolen and apologize they can’t help.

According to Chainanalysis 2022 Crypto Crime Report, cryptocurrency-related crime reached a new high of $14 billion in 2021. This represents a significant increase of $7.8 billion since 2020.

Additionally, in the event their platform has any technical glitches, you're basically shut out of your digital assets.

Why is this happening? There is only one explanation – it is because you don’t hold the private keys to your crypto assets – they do. It is impossible for you to have financial freedom since you cannot control your own funds.

Same things can be done by any platform that does not allow you to own private keys; this is not confined to exchanges. Basically, whenever you use a custodial service for your crypto, you are trusting them with your funds.

But the custodian cares about security, you say. Well, weigh and decide – if securing a backup and keeping a seed phrase safe is beyond what you can do (if you lose or forget it with a non-custodial service, you'll lose your crypto forever), then it might be best to trust someone else to handle your cryptocurrency.

How Are Public Keys Generated?

To dig deeper, let's look at how public keys are created.

  • Public Keys can be generated from Private Keys
  • The Public Key is an Elliptic Curve coordinate (x,y)
  • Any point along this curve would be the Public Key

unnamed (9).png


  • The private key is used as a scalar (a multiplier)
  • On this curve, there is a publicly known point, let's call it G
  • G is a starting position and has an (x, y) co-ordinate

unnamed (10).png


  • Next, (x, y) co-ordinate G is multiplied by itself, Private Key (number) of times (or G*G, Private Key number of times)
  • This results in a "pinball" effect where this point G bounces around the Elliptic Curve, hitting another point on the curve, reflecting over the x-axis, and this is repeated * Private Key (number) times.
  • The public key is now generated, voila!

unnamed (11).png


Can a Non-Custodial Wallet Be Hacked?

Non-custodial wallets are decentralized, like digital safes that only you know the combination to.

Hackers are almost never able to penetrate non-custodial wallets. A hacker would need physical access to your mnemonic seed phrase just like they would need the keys to your home or car. Be sure not to give them to anyone!

A non-custodial wallet puts power in the hands of the user. It is impossible for third parties to steal or freeze your cryptocurrency funds from a non-custodial wallet, making it a perfect way to store and manage them.

ChangeNOW: You Own Private Keys, You Own Your Coins

Both ChangeNOW’s exchange platform and NOW Wallet offer convenience, absolute accessibility, and security so users can rest easy. Private keys are always yours, as are your coins. We respect your privacy, so we don't require you to sign up. Over 400 supported assets, fast processing times, and 24/7 responsive customer service are available to you.

Moreover, it is now possible to save not only a mnemonic phrase, but also separate private keys to all generated wallets in the new version of NOW Wallet.

Exchange Crypto

    No matches were found for your query

  • 1 BTC ~ 0 ETHExpected rate
  • No hidden fees
Loader Icon

    No matches were found for your query