Most of this post comes from Ledger: https://www.ledger.com/academy/not-your-keys-not-your-coins-why-it-matters
1）What are “your keys”?
Similar to a bank account number, cryptocurrencies are sent to a receiving address. The technical term for this address is the public key. When someone sends you some Bitcoin, they will send it to your public key. It’s called public, since you can send it to anyone without compromising your crypto.
There is, however, another key that is linked to your public key. That would be the private key. This key is absolutely vital. Anyone that has access to the private key can access the funds on the public key that it’s linked to. In simpler terms a private key is similar to a password – a means of identifying you as the true owner. When speaking of “not your keys, not your coins”, it refers to your private key.
2) The difference between accessing and owning your coins
When logging into your favorite exchange, it might seem like you actually own the coins on your account. After all, you do need to log in to gain access to them, right?
Wrong. It looks like you’re in total control of your assets… until you try to withdraw more cryptocurrencies than the platform permits – or lower than a certain threshold. As a matter of fact, the exchange might take a cut of any cryptocurrency transaction you make. They can quite simply do this, since you don’t own the private keys to the crypto assets on your account – they have them.
This phenomenon isn’t limited to exchanges: it goes for any wallet provider that doesn’t allow you to own the keys to the associated funds. If you don’t own the private keys, then you are not the true owner of the funds – you’d be entrusting a third party to it. This means that they essentially can do whatever they want with the cryptocurrencies on your account.
3) Why does owning my keys matter?
There’s a plethora of reasons why you’d want to own your keys, rather than leaving it in the custody of a third party, requiring you to trust your funds to them.
The most obvious is accidentally entrusting it to malicious actors. Should you have trusted a malicious third party with your money, you’ll likely never see it back. Thankfully this is quite unlikely with established companies.
Even then you will never be in total control over your own money with them. As mentioned previously, they can set certain restrictions like a maximum withdrawal limit or fees associated with using their services. They can decide what you can do with your own hard-earned money. Also if their platform has any technical issues, you’re basically locked out of your cryptocurrencies. In short: so long as you don’t own your keys, you won’t have financial freedom and your funds remain at someone else’s mercy.
On top of this, you won’t have control over the security of the platform’s system either – you’re outsourcing your cryptocurrency’s security to them. Unfortunately over the years, there have been major hacks that have amounted to around 2 billion dollars being stolen.
The opposite is true if you own your own private keys. By having the private keys, you can set your own rules. There won’t be anyone else telling you what you can or cannot do with your own cryptocurrencies. By having your own keys, you fully own your own coins and can enjoy financial freedom.
Having your own keys does come with an important responsibility though: you must ensure that you’ll be the only one to hold those private keys. If anyone else manages to get their hands on them, they can access and take your cryptocurrencies.
4) How to own my keys?
A. Use a decentralized wallet, such as MetaMask or Argent