Understanding the private key
A cryptographic protocol performs security-related functions, applies cryptographic methods and describes how the cryptographic algorithms should be used to secure information.
By using proven cryptographic protocols in the design of a blockchain system it becomes possible to create an asymmetric encryption, meaning that the public key can easily be derived from a private key, but not the other way around.
What this boils down to is that the private key is the only way you will ever be able to access your funds.
It is not a car or house key which can be replaced when lost, it is a highly rare combination of alpha-numeric characters in an array so big that trying to crack it would take hundreds of years at the current technological state of our planet, Earth.
People can quickly make a mistake, lose a piece of paper, be victim of a robbery, a house fire, a nosy roommate -- you can never foresee all of the possible events which may lead to you losing your private key, but you can do your best to ensure you:
- Don't lose it
- Don't leak it
There are very good protocols out there which go in to great detail about best practices, beyond the scope of Nyzo.
The Glacier Protocol is one such example.
While the Glacier protocol will do just fine for retail investors as well, it is highly information dense and complex.
It's possible, as is also described in the Glacier protocol, that due to not being familiar with strict procedures, mistakes are more likely to happen in a highly complex environment where one single mistake could lead to you losing your private key(s).
The guidelines below are mostly what I've found to be practical and safe, but your mileage may vary, and I am not responsible for any loss of funds.
Always do your due diligence, and do not involve other people into the process if you get stuck, as that will render the entire operation useless.
Instead, persevere and you will succeed. If not day 1, day 2.
Let's start with what we already have: a long string of random characters that hold access to a lot of value, most likely residing on a computer or mobile device.
If you opted to use a hardware wallet such as a Ledger or a Trezor, well done, you're using the most secure and convenient medium available on the market.
However, after setting up your hardware wallet, your private keys which hold access to different cryptocurrency wallets may be safe and sound in the device, but you're still left behind with a mnemonic seed, most likely written down on the cardboard piece of paper you received and used during your initial setup procedure execution.
In both cases you're currently handling a set of characters or words for which a solution needs to be found.
There are multiple ways of continuing:
- In the case of no hardware wallet being present:
- You should be aware that dividing your private keys into parts is not the way to go about things, not only would you be increasing risk by trusting multiple counterparties or places, you would also be lowering the safety garnered from using the cryptographic protocol, exponentially. This means that someone could potentially crack the remainder within weeks instead of centennials.
- Tools for encrypting storage containers such as VeraCrypt exist and can be used to protect your private key file with a password. While better than a plain-text key, the password will also have to be remembered and stored in a location, the only benefit being the convenience of the relatively easy to remember passphrase which acts as a secondary line of defense for the private key. Relying on your mind alone is by all means insufficient.
- In the case of a hardware wallet being present
- Store two copies of the mnemonic seed, in full, in two, seperate, secure, locations. Or consider using a steel variant which allows you to store the mnemonic seed in a fire-resistant fashion, and cut the amount of additional secure storage locations down to 1. A good example of a secure storage location is a bank vault or on one of your properties.
- Keep one ledger on you at all times or store it in a separate location than where your mnemonic seed is stored. The goal is to diversify locations in a secure fashion, that if build 1 burns down, building 2 will still hold an alternative.