Substrate Keys
Public and private keys are an essential aspect of most crypto-systems and an essential component that enables blockchains to exist.
Account Keys
Account keys are keys that are meant to control funds. They can be either:
- The vanilla
ed25519
implementation using Schnorr signatures. - The Schnorrkel/Ristretto
sr25519
variant using Schnorr signatures. - ECDSA signatures on
secp256k1
There are no differences in security between ed25519
and sr25519
for simple signatures.
We expect ed25519
to be much better supported by commercial HSMs for the foreseeable future.
At the same time, r25519
makes implementing more complex protocols safer. In particular, sr25519
comes with safer version of many protocols like HDKD common in the Bitcoin and Ethereum ecosystem.
"Controller" and "Stash" Keys
When we talk about "controller" and "stash" keys, we usually talk about them in the context of running a validator or nominating KSI. Still, they are valuable concepts for all users to know. Both keys are types of account keys. They are distinguished by their intended use, not by an underlying cryptographic difference. When creating new controller or stash keys, all cryptography supported by account keys is an available option.
The controller key is a semi-online key that will be in the user's direct control and used to submit manual extrinsics. This means that validators and nominators will use the controller key to start or stop validating or nominating.
Warning
Controller keys should hold some KSI to pay for fees, but You should not use them to hodl massive amounts or life savings since the blockchain will expose them to the internet with relative frequency. You should treat them carefully and occasionally replaced them with new ones.
The stash key is a key that will, in most cases, be a cold wallet, existing on a piece of paper in a safe or protected by layers of hardware security. It should rarely if ever, be exposed to the internet or used to submit extrinsics. The stash key is intended to hold a large amount of funds. You can compare it to a savings account at a bank, which ideally is only ever touched in urgent conditions. Or, perhaps a more apt metaphor is to think of it as buried treasure, hidden on some random island and only known by the pirate who initially hid it.
Since the stash key is kept offline, it must be set to bond its funds to a particular controller. For non-spending actions, the controller has the funds of the stash behind it. For example, in nominating, staking, or voting, the controller, can indicate its preference with the weight of the stash. It will never be able to move or claim the funds in the stash key. However, if someone does obtain your controller key, they could use it for slashable behavior, so you should still protect it and change it regularly.
Session Keys
Session keys are active or "hot" keys that a validator must keep online to perform network operations. Session keys are typically generated by the client, e.g., your SwapDEX Node instance on your server, although they don't have to be. The session keys are not meant to control funds, and you should only use them for their intended purpose. You can change them regularly; your controller account only needs to create a certificate by signing a session public key and broadcast this certificate via an extrinsic.
Our blockchain uses three session keys: - GRANDPA: ed25519 - BABE: sr25519 - I'm Online: sr25519
Summary
Account keys are essential to blockchains because they allow you to control your funds. The blockchain publishes your public keys to the network, as the name implies. Your wallet address is an excellent example of a public key. Your private key, in contrast, should be protected and kept secret at all times because, with the private key, anybody could move your funds.
Our blockchain uses controller keys (a second wallet) to speak for your main wallet's stash keys (public and private keys) that control your funds. However, the controller keys are limited to just acting on behalf but are never capable of making a transaction. This Setup of a "hot" wallet (controller) that you use to engage with the network and the "cold" wallet (stash) that holds the funds grants you an extra layer of security.
Finally, Session keys are generated by the validator node itself and used by the validator to perform network actions continuously. You can change session keys at any time.