Everyone understands how physical money works - I give you a token, you give me the thing I want to purchase. We might assume digital money is a digital representation of physical money - that just like we would pass physical tokens and bills between each other, in Bitcoin, we are passing digital tokens back and forth over the internet between our Bitcoin wallets. This would be a false assumption. Bitcoin is conceptually different, and it is important for users to understand how it is actually working, to avoid messing up and losing access to your bitcoin, and to appreciate the power, protection, and responsibility you have when you use Bitcoin.
This article is for you if youâre a new Bitcoiner interested in taking custody of your bitcoin, moving it from the exchange where you purchased it into cold storage that you control. The tactical steps for such a move should not be undertaken without an understanding of how Bitcoin transactions work, and what is really happening when you take self-custody. Thatâs what this article covers.
In this article, weâll see how money can be represented as a ledger rather than as exchangeable tokens, what this looks like in Bitcoin, and why ownership of private keys is what Bitcoin ownership is all about. The meme, âNot your keys, not your bitcoin,â and itâs more colloquial variant âNot your keys, not your cheese,â fundamentally expresses why Bitcoin exists and how to use it in a way that is empowering to the user. By the end of this article, you will understand not only the philosophical significance of the meme, but also the technology that backs it.
Part 1: Ledger-Based Money
âMoneyâ is technology for ascribing purchasing power, and can take forms different than the one we are familiar with.
In an ancient civilization on the Micronesian Yap island, Rai stones served as money.
The stones were difficult to create more of and difficult to move, so members of the society could track wealth simply by knowing which stones in the village center belonged to whom. When someone wanted to exchange value with someone else, they would announce the change in ownership to the other members of the society. In this way, the community as a whole bore responsibility for maintaining an account of who owned which stones. The Rai stones illustrate a concept of money wherein the value of money is not inherent in the physical object itself but is assigned by agreement within a community. The system depends heavily on oral history and communal trust.
As the community grows, youâd want to formally track a history of changes in ownership, for the sake of legitimacy.
Tracking ownership could become cumbersome as the community grows, and relationships and social networks become more complex, so rather than relying on the oral history of changes in ownership, youâd want to keep a record of the transactions themselves. Imagine a record (aka a ledger) of all of the transfers of Rai stone ownership. Rather than simple oral proclamation of a change and self-reported accounting of the transaction by community members, those looking to make a transaction to transfer ownership would update the ledger for everyone to see. Rather than tracking who owns what, the ledger would simply track every transaction, and knowledge of who owns what could be derived from the list of transactions.
If one person, group, or government were entrusted with the power to maintain the ledger, theyâd be incentivized to cheat the system and create transactions that give ownership of some of the stones to themselves or allow them to falsely ascribe their stones to multiple parties in trades. To protect against the abuses enabled by centralized ledger management, letâs imagine that every member of the community maintains their own ledger that they would update upon hearing of a transaction.
Everyone would need rules to apply in order to validate proposed a transaction. For example, if Bob said, âAscribe 2 stones to Aliceâ, the community would need to verify that Bob was the one who issued that proclamation, and that he owns 2 stones.
Similarly, there would need to be rules for making sure that peopleâs respective ledgers were staying in sync.
Bitcoin is software for maintaining a decentralized public ledger.
In Bitcoin, nodes are computers that maintain their own copies of the blockchain, which is a history of all Bitcoin transactions, and run software for validating transactions, propagating them to other nodes, and adding them to their copy of the blockchain.
âValidating transactionsâ is a fancy way of saying that, like community members in the Rai stone example above, the nodes make sure that it is provably Bob who sent the transaction, and that he has the bitcoin necessary to complete the transaction (among other things).
Note: How nodes eventually reach consensus about the state of the blockchain is beyond the scope of this article.
Part 2: Updating the Bitcoin Ledger (ie the Blockchain)
What does it mean to own Bitcoin?
You donât have a Bitcoin account.
You donât have a Bitcoin balance.
At least, as far as the actual Bitcoin network is concerned.
Your ownership of Bitcoin is the fact that you can create a transaction that spends bitcoin. Put another way, based on the history of transactions, there is bitcoin that is only spendable by you, because when someone âsentâ you bitcoin, the transaction that is added to the ledger effectively says that only you can spend it. Letâs phrase that a little more technically now: The only way bitcoin can be spent is by signing a transaction with the private key whose public key was used to generate the address to which the bitcoin has been ascribed.*
đł
In order to understand how bitcoin ownership is ascribed and how bitcoin is spent, we need to learn just a tad about some new concepts - keys, addresses, and digital signatures - concepts that have been used for decades in cryptography.
Once we cover these fundamentals, we can get back to explaining the meme! đ§
Cryptography is how you authenticate yourself, authorize a spend, and assert the validity of the transaction details.
The foundation of Bitcoin transaction cryptography is public / private key pairs. A private key is essentially a random string of characters generated by a computer (or a more specialized device), and a public key, also a random string of characters, is derived from the private key, such that the public key tells you nothing about the private key, but the private key can prove to be the private counterpart of a public key.
A Bitcoin address is a straightforward transformation of a public key. To illustrate the concepts in this article, a Bitcoin address and a public key are functionally the same.
A Bitcoin Wallet, then, is software that holds your keys and uses them to a) determine which transactions on the blockchain are spendable by your keys, and b) to create valid transactions to spend your bitcoin.** Wallets hold keys, they donât âhold bitcoinâ, because you donât âsend units of bitcoin around on the networkâ, you âcreate and sign transactions to update the ledgerâ.
Transactions added to the ledger simply ascribe bitcoin to an address, and describe the conditions for spending them. The most simple transactionâs condition for spending is the presence of a digital signature, which proves ownership of the private key that goes with the receiving address, without revealing the private key.*** An abstracted and simplified visual depiction of a transaction might look like this:
Transactions reference one or more previous transactions in order to assert that the spender has the funds required for the new transaction. And for this new transaction, the sender must prove that he owns the receiving address of those transactions, using his private key to create the signature.
The following diagram illustrates the full story (double click to enlarge in a new tab): the creation of a transaction referencing a previous transaction, and including a signature that is used for verification by other nodes:
Publicly available cryptography methods ensure that though the public address and digital signature can be derived from the private key, neither can be used to derive the private key.
In summary, if you have the private key, you can spend the Bitcoin. If you donât have the private key, you cannot spend the Bitcoin. If no one has the private key that corresponds to the address from the transaction output, no one will ever be spending that Bitcoin.
So where are my keys?
You may be thinking - âI just bought some Bitcoin with Swan (or River, or whomever), and I havenât heard anything about keys. Why not?â
These companies are managing keys for you behind the scenes, so that you can interact with your Bitcoin in a familiar way - a similar way to how you interact with your other financial assets - bank accounts, stocks, etc. They provide a service on top of a Bitcoin wallet, so that you can start your journey before learning how to use Bitcoin directly. They simplify the user experience to lower the barrier for people to start using Bitcoin. They manage a Bitcoin wallet on your behalf.
Part 3: Not Your Keys, Not Your Cheese
We made it! With the foundations covered, we can now understand and appreciate the meme: âNot your keys, not your cheese.â
Translation: if anyone but you has access to your private key, you donât own the bitcoin. Bitcoin âownershipâ is the ability to spend bitcoin without permission, so if you can spend it, it is your bitcoin, and if someone else can spend it, then it is not your bitcoin.
That is, if you manage your own wallet software, no one else can spend your bitcoin. If your bitcoin is held by a company on your behalf (eg River, Swan, Coinbase, etc), then you are part of a partnership that owns bitcoin (this is according to the ideal expressed in the meme - Iâm not talking about legal implications). In that partnership, you actually cannot spend bitcoin - your partner can, and you trust them to do what you tell them to do with the bitcoin.
You need get to hold your own keys.
What separates Bitcoin from other financial assets is that you can use it without an intermediary. All thatâs needed to transact is a valid digital signature. No âfinancial systemâ required.
Moving debasement-resistant money without permission is an empowering experience, and the cost of that experience is responsibility. When we opt for convenience and abdicate responsibility, we cede power, and Bitcoin is striking a chord with people across the world because theyâve seen that that power ceded to financial institutions can be abused.
As Satoshi Nakamoto said, âThe root problem with conventional currency is all the trust that's required to make it work. The central bank must be trusted not to debase the currency, but the history of fiat currencies is full of breaches of that trust.â
Trust is required to make conventional currency work. Responsibility is required to make Bitcoin work.
Self Custody is a tradeoff.
Risks associated with leaving your bitcoin in someone elseâs custody include crypto-scams, security breaches, bankruptcy, and government censorship/seizure.
Many crypto companies have failed by not actually having the Bitcoin they claim to have. Any company might not be following security best-practices, and could get hacked. They could go bankrupt, and your bitcoin may be seizable by the company as part of the bankruptcy proceedings. A person can be âfinancially cancelledâ by a financial institution freezing their funds. Or governments can forbid possession of certain financial assets, as the US government did with Rooseveltâs Executive Order 6102, which forbade the possession of gold by American citizens. If your Bitcoin is held by an institution, no matter how reliable and trustworthy that institution may be, you should not expect them to resist their government on your behalf.
Note that Bitcoin-only companies are considered trustworthy, but even they will tell you to âget your Bitcoin off exchanges,â ie, off their platforms and into a wallet that you manage. Swan, as an example, has done a good job of this - according to CEO Cory Klippsten, more than 80% of the bitcoin purchased on the platform has been withdrawn to user-managed addresses.
So on one hand, when you take self custody of your bitcoin, you eliminate certain risks. However, you introduce a new risk - the risk that you mess something up, your bitcoin becomes unspendable, and no one will be able to help you recover it. Allowing a trustworthy custody specialist to manage your bitcoin is the right move until you are confident in your ability to safely manage custody.
A few simple rules for choosing a Bitcoin custodian: the service you choose should be Bitcoin-only (no other cryptos), should allow you to âwithdrawâ bitcoin (ie send to another wallet) without converting to fiat, and should not offer any âBitcoin yield productsâ - ie if they promise a return on your Bitcoin for holding with them, they are doing something risky to generate that return, and should not be trusted. Swan, River, and Unchained top the list of reliable Bitcoin companies.
Taking responsibility for your assets starts with learning how to own them safely.
When you are accustomed to letting a financial institution manage your assets, the thought of taking custody of your bitcoin when you could lose it forever if you screw up should be scary. That fear should motivate a desire to learn the techniques and tools for securing your bitcoin safely. Before taking this step in your Bitcoin journey, you ought to learn in greater technical detail how this all works, then learn more advanced and tactical steps - how to effectively use the wallet of your choosing, setup and store effective backups, manage your UTXOâs - to mitigate the risk of potentially losing access to your bitcoin. River offers a handful of articles about the important concepts in Bitcoin storage, Bitcoin self-custody expert Tom Honzik has written an evaluation of various approaches and implementations, and BTC Sessions has YouTube tutorials on how to use the most popular self custody products.
In ConclusionâŚ
Weâve covered how Bitcoin works conceptually, and why ownership of bitcoin really means ownership of the private keys needed to spend it. Additionally, we highlighted that in order to fully experience the unconfiscatable nature of Bitcoin, self custody is the way. Naturally, the Bitcoin community, motivated by self-sovereignty, favors self custody as the way to store bitcoin, but it comes with its own risks.
Bitcoin is money that cannot be debased or confiscated.
Bitcoin cannot be debased because there is no way to add a transaction creating more bitcoin to assign to yourself - you need to âunlockâ the output of a prior transaction using a digital signature created with your private key.
Bitcoin cannot be confiscated because without your private key, no one can take your bitcoin (by moving it to another address).
Taking full ownership of your money is a big change in responsibility, and it should not be undertaken hastily or lightly. However, in order to fully embrace Bitcoin, you must understand and appreciate: Bitcoinâs value to the individual and to the world is expressed when people can use it without intermediaries. Self-custody is the revolution. Not your keys, not your cheese.
*This is one form of a transaction. Put more broadly, a transaction output can only be used as an input to a subsequent transaction if it can be unlocked by a script generated by the spending wallet, which should only be possible by the intended recipient of the original transaction. The point of the article does not require getting into more technical transactions
**Iâm deliberately staying abstract and not mentioning UTXOâs, which are how these concepts are actually implemented, as I hope to avoid overcomplicating things for a beginner. To understand how this works in more accurate detail, a reader should learn about Bitcoinâs UTXO model: https://river.com/learn/bitcoins-utxo-model/
***Again, abstraction. For more technical details about transactions, see https://en.bitcoin.it/wiki/Transaction#:~:text=A transaction is a transfer,Bitcoin values to new outputs.