Learn the basics about wallets, key pairs and how Vega interacts with key pairs below.
What is a wallet?
A wallet is a file on your computer that stores your key pairs. This file can contain any number of key pairs, possibly along with extra data, such as a nickname for a key.
A wallet service is a program on your computer that reads and writes wallet files, by creating or removing key pairs. Wallet services are encrypted, and you’ll need to choose a password/passphrase to decrypt it, to access its contents.
Every person / participant needs at least one wallet to use Vega. One wallet can have many key pairs, and each public key acts as a completely different party on Vega, even if the keys are derived from the same wallet. Read more about key pairs below.
Note: When you deposit assets using the bridge, you deposit to a public key (not to a wallet), so each public key that you want to use for trading will need its own pool of assets. Each public key is the party ID used for trading, and one public key cannot share collateral with other public keys in the same wallet.
What is a key pair?
A key pair is two keys, created together. One is public (shared with everyone), and one is private (only you know it). If data is encrypted with the public key, only the private key can decrypt it, and vice versa. This means that it is possible to do two things:
- Share secret data: If someone encrypts data with your public key, then only you can decrypt it with your private key
- Authenticate data, also known as sign data: If Pat encrypts data with their private key, then anyone can decrypt it with their public key, and they know that only Pat could have encrypted this data
How does the Vega network use public and private keys?
To trade or take other actions on Vega, the requests you make to the network need to be signed with a set of keys, one public and one private. The public key provides enough information to verify that a transaction was signed and is valid, and that only the holder of the private key could have signed the transaction. This allows the network to authenticate you as the holder of any collateral balances and open positions, and identifies you when you vote on any governance actions.
When you want to do something on Vega Fairground, for example place an order, Console creates a representation of the order, uses the wallet server to sign it with the private key to prove that only you could have done it, and then submits it to the network. The public key is included in this, meaning anyone can verify that it’s signed by you. The public key doesn’t reveal your name, or who it’s owned by, it only shows your interactions with the Vega network.
How does Vega Console use my keys?
Vega Console itself never directly uses your public and private key.
- Vega Console accesses your wallets through a wallet service, which is either the testnet’s demonstration key service, or another Vega wallet running the wallet server, such as one installed on your computer or that you or your employer hosts
- Vega Console knows your public key but will never have access to your private key, which is seen only by the wallet software
- You select a set of keys, held by the wallet, in order to authenticate your transaction
- Vega Console then forwards this transaction, signed and bundled by the wallet service using a set of keys from your wallet, to the Vega network
When real money is at stake you should ensure that the system running the wallet is secure, and that you trust whoever is running it, as they can potentially access all of your funds and act as you on the Vega network.