A lock with two different keys
Imagine a mailbox on a busy street. Anyone walking past can drop a letter through the slot — that opening is public, and you would happily print its location on a business card. But only you carry the little key that opens the door to take the mail out. The slot and the door belong to the same box, yet they do completely different jobs: one receives, the other controls.
This is exactly how value works on a blockchain, and it rests on an idea called public-key cryptography. When you join, your software generates a matched pair of numbers: a private key, which you keep utterly secret, and a public key, which you can share freely. They are mathematically twins — but knowing the public one tells nobody how to figure out the private one.
private key (SECRET) ---> public key ---> address sign here share freely pay to here | ^ '----- only you can spend -----. | anyone can send you funds ------'---------'
The address: where money comes in
Your public key is a long string of characters, so most blockchains shorten and tidy it into an address — a compact code that works like an account number you can paste, scan as a QR image, or text to a friend. An address is the destination written on the slot of your mailbox. Anyone who wants to pay you simply makes a transaction pointing to that address.
The private key: a signature no one can forge
So how do you *spend*? When you want to move value, your software uses the private key to stamp the transaction with a digital signature. Think of it as a wax seal that only your ring can press, yet anyone in the world can hold up to the light and confirm it is genuine. The network checks the signature against your public key and waves the payment through — without ever seeing the private key itself.
This single mechanism is what lets strangers transact without a referee. The signature proves *you* authorized the move, and the math makes it effectively impossible to fake. There is no manager to phone, no password-reset link, no fraud department. Possession of the private key simply is ownership.
A wallet holds keys, not coins
Here is the surprise that trips up almost everyone. A crypto wallet — the app on your phone or the small device in a drawer — does not actually store any coins inside it. Your coins are nothing but entries on the shared ledger that every computer in the network keeps. The wallet is really a keyring: it safeguards your private key and uses it to sign on your behalf.
That reframes a famous saying you will hear everywhere: "not your keys, not your coins." If someone else holds your private key — say, an exchange holding it for you — then they, not you, can ultimately move the funds. Holding your own keys means total control, and total responsibility, with no safety net behind you.
The seed phrase: your key, in plain words
A raw private key is a fearsome jumble of characters — easy to mistype and impossible to memorize. So when you first set up a wallet, it shows you a seed phrase: a list of ordinary words, usually twelve or twenty-four, like *ripple anchor velvet cabin ...*. That phrase is your key written in a human-friendly form. From it, your wallet can rebuild every private key it ever needs.
Freedom, and the weight that comes with it
Put it together and a new picture appears. Your keys live with you, not in a vault that some institution controls. No bank can freeze your account, no clerk can refuse a transfer, and once a signed transaction is settled, no one can reverse it. That is genuine self-custody — money you truly hold, the way you hold cash in your own pocket.
The same freedom is also the weight: with no one above you, there is no one to fix a mistake either. Master this one pair of keys and you have the foundation for everything ahead — every transfer, every signature, every app you will meet. Next, we step into the ledger they write to and see how those signed transactions are gathered, ordered, and made permanent.