New: Wallet recovery made easy with Ledger Recover, provided by Coincover

Get started

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Not Your Keys, Not Your Coins: Explained

Read 4 min
Beginner
Grey closed belt on a purple background.
KEY TAKEAWAYS:
— The expression “not your keys, not your coins” refers to private keys and how they affect your custody of your assets.

— While plenty of the blockchain ecosystem is decentralized, some elements are centralized, affecting whether you truly own your crypto assets.

— In other situations attackers can force custody of your assets, since there’s no governing body to call for help.

— With Ledger, you have the benefit of secure self-custody; guaranteeing you have ownership of your keys and your coins.

“Not your keys, not your coins” is a popular expression in the crypto world, and with good reason. Understanding where your keys are stored and who might possibly have access to them is integral to your crypto security.

To understand the phrase fully, the most important foundation is learning about private keys.

But What Are Private Keys And Why Do They Matter?

To understand the phrase “Not Your Keys, Not Your Coins” it’s important to understand how private keys work on the blockchain. To clarify, while people often say that crypto wallets store cryptocurrency, that’s not quite accurate. Crypto is stored on the blockchain, with the amount of crypto at each blockchain address recorded immutable by each node in the network.

What your crypto wallet stores is your private key.

If this is news to you, essentially, each blockchain address is associated with a key pair including the private key, the code that allows you to manage the assets at a specific address; and the public key, which serves as your account’s unique identifier. This public key is what your blockchain address is derived from, but it’s the private key that’s integral to your wallet’s security.

Simply, anyone with access to your private key can access the funds in that account, no matter who they are. Handing over your private keys means sharing access to your assets, thus the phrase “Not Your Keys, Not Your Coins”.

Not Your Keys, Not Your Coins: Explained

There are two reasons the phrase “Not Your Keys, Not Your Coins” has become so poignant.

Self Custody

The first and most popular use of this phrase warns against the dangers of custodial wallets and platforms. To explain, some cryptocurrency platforms, such as centralized exchanges, use custodial wallets. These types of wallets allow you to manage cryptocurrencies, but they don’t offer true ownership. Custodial wallets are operated by centralized entities with the power to impose any rules on your funds without warning, whenever they like. It’s almost exactly how the traditional banking system works.

In reality, custodial wallets are not true blockchain addresses. The centralized entity that issued the account maintains ownership of its private keys, even though it secures your funds.

This allows a custodial wallet provider to take a cut of any cryptocurrency transaction you make. It could even lend your funds out to another user, or in the worst-case scenario, the CEO could spend your crypto on a flashy new yacht without your permission.

Even when you can trust this centralized entity’s intentions, not everything goes according to plan. If a centralized entity goes bankrupt, and many centralized exchanges have suffered this fate, your assets could be at risk if stored in a custodial wallet. Even if all goes according to plan financially, you’re outsourcing your wallet’s security and thus relying on its security features to be appropriately robust.

Scams

The other use for this phrase stems from scams, as allowing attackers access to your private keys is simply game over. Sharing your private keys means sharing access to your assets. If you wouldn’t hand someone your credit card and tell them the PIN code, you certainly shouldn’t be showing them your private keys.

Not Your Keys, Not Your Coins also works in reverse: your keys, your coins. If a bad actor can access the private key of your account, they will empty it extremely quickly. However, it’s important to note that each private key only controls a single account. So, if someone has access to more than one of your accounts, it’s probably your seed phrase that was compromised.

To protect your private keys from scammers is simple: use an offline hardware wallet, such as a Ledger device, and make sure to never import or record your private keys on any internet-connected device. By protecting your devices effectively, you can guarantee your keys stay hidden from attackers, thus protecting your coins.

By having the private keys, you can set your own rules. There won’t be anyone else telling you what you can or cannot do with your crypto. Only you own your coins. Enjoy financial freedom but with responsibility.

Ledger Provides Secure Self-Custody

Ledger devices are designed to provide you with the path to financial freedom with the highest level of security for your private keys.

They generate and protect your private keys offline in a Secure Element chip, isolated from your internet-connected device. This means that even if someone were to hack your computer, you’d still be protected. The Secure Element chip running your Ledger device can withstand even the most sophisticated physical attacks.

And of course, Ledger’s security model doesn’t stop there either. Ledger devices provide peace of mind to our users by offering an easy-to-use, accessible yet secure solution. With Ledger, you own your keys and your coins. Because if not self-custody, then why crypto?


Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our
newsletter

New coins supported, blog updates and exclusive offers directly in your inbox


Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time using the link included in the newsletter.

Learn more about how we manage your data and your rights.