Understanding Self-Custody of Assets

Published 6.12.2023

It is difficult for users to use self-custody wallets because it requires knowledge of at least the basic principles of cryptography. Furthermore, they must know the processes taking place in the blockchain and crypto wallets. In this article, we will explain the basic principles of cryptographic keys and transactions.

For easier understanding, we deliberately simplify the explanation of some processes and skip some details. The article is intended primarily for newcomers.

Owning Assets Requires Keeping Secrets

Cardano, like most blockchains, allows you to exclusively own assets. This means that only you and no one else in the world have control over the assets.

Exclusive ownership means that only you can create a valid transaction that transfers assets from your blockchain address to the recipient's address. So only you can spend assets.

This feature is conditional on your ability to create and maintain a cryptographic secret.

The ownership and transfer of assets in blockchain networks are based on public-key cryptography (also known as asymmetric cryptography). In general, cryptography offers tools to enable mutual communication between remote participants in a secret and trusted manner. But only on the condition that the cryptographic secret is not revealed.

Anyone who wants to own assets must first create a cryptographic secret.

This secret is called a seed or passphrase. A certain number of words is randomly selected from a predefined list of words (eg from BIP-39). It can be, for example, 24 words, but you may also encounter fewer words in a passphrase. It can be like 15 words.

A passphrase will be generated for you by every Cardano wallet after you install it. A self-custody wallet can never function without cryptographic secrets. The wallet you install only works with your secret.

It is possible to use an existing passphrase and so-called restore the wallet. It is even possible to use multiple wallets with the same cryptographic secret.

At a given moment, it must be ensured that only you can see the randomly generated passphrase. It is a cryptographic secret that will enable your exclusive ownership of assets.

Therefore, make sure that you are using a verified wallet and that you have downloaded it (or installed it) from a trusted source.

You must remember the passphrase exactly as displayed in a wallet. You must be able to put together the same list of words in the same order if necessary.

This can't be done without physically writing it down on paper or using some other method for safekeeping (eg engraving the words into metal). Never store the passphrase digitally, i.e. in a file or by taking a photo on a mobile phone.

You may need the passphrase again if you lose your light wallet on your computer, your entire computer or smartphone, or your hardware wallet. Remember that if you know the passphrase, you still own your assets.

You can even delete the wallet on purpose, but you need to know the passphrase to restore it. Ownership of assets does not depend on the existence of a wallet and the possibility of creating a valid transaction but above all on maintaining a cryptographic secret, i.e. a passphrase.

Now you have a cryptographic secret in physical form and an installed wallet. The next step is to derive the digital secret from the passphrase. That is the generation of cryptographic keys.

Cryptographic Keys

Multiple private and public keys are hierarchically derived from the passphrase. This process is known as Hierarchical Deterministic (HD) wallet derivation.

The good news is that you don't have to worry about it. Your wallet will do everything for you. You just need to know what is happening in the background and what processes are taking place there. The wallet's user interface insulates you from the complexities associated with cryptography.

In the image below you can see the key derivation structure that starts with the seed.

The wallet generates key pairs from the seed (passphrase). A master key is the top level of the hierarchical deterministic wallet structure.

It is often said, not your keys, not your coins. What are keys? It can be said that the keys are part of the cryptographic secret, especially the private keys.

You can imagine the key as a string of various scrambled characters that fit roughly on one line. It's a combination of lots of digital ones and zeroes.

Two related keys are used.

The private key (or also the signing key) is generated first. It is marked in red in the picture. As the name suggests, this key must be kept secret. Transactions are signed with this key. A key signature is a certain cryptographic operation that can be verified by a second, public key.

The public key (or also the verification key) is derived from this private key. It is marked in green in the picture. As the name suggests, this key can be made public.

First, a master key pair is generated.

A master key can be used to derive multiple Cardano accounts, each with its own set of addresses and keys. An account is also a key pair that represents your stake in Cardano and allows you to delegate it to a pool.

Staking is not the subject of the article. However, remember that staking also works through cryptography. We will focus on sending transactions from address to address, which requires payment keys.

Blockchain addresses are used for holding funds (UTxOs). It is possible to receive UTxO on them and then send UTxO from them.

Public keys (from a pair of payment keys) are used to generate addresses, while private keys are used to sign transactions and thus prove ownership of the funds.

The following text will be simplified for easier understanding. We will not deal with the hashing of blockchain addresses.

The owner of assets is the prover and the Cardano network is the verifier.

In the process of sending assets through a transaction, it is necessary to use a related pair of keys. Assets are associated with an address that was derived from the public key. The sender digitally signs the transaction, providing proof of ownership of the assets at the given address. The private key is used to sign the transaction.

You can imagine the digital signature of a transaction as a regular signature of a document with a pen. An expert would be able to unequivocally verify the signature and say if you signed the document.

Cardano (blockchain network) must verify the signature through the public key. It will be verified that the private key that corresponds to the address where the assets are held was used.

Cardano must have a public part of the cryptographic secret and a private part in the form of a digital signature available for validation.

By signing a transaction, the private key is not revealed. This means that the address may still hold UTxOs exclusively owned by the transaction's sender. During validation, it is also verified that the address holds a sufficient amount of assets for spending by the owner.

The transaction contains the address of the recipient. This address is derived from the recipient's public key. The recipient holds the corresponding private key, so he can send (spend) assets from this address.

In the picture, you can see the simplified process described above.

Alice sends UTxO to Bob. UTxO is on a blockchain address that belongs to Alice. Alice's wallet creates a transaction and puts the input UTxO into it. Additional transaction parameters are specified. For example, the value to be spent from UTxO (for simplicity, the entire UTxO is sent to Bob, so Alice gets nothing back).

An output UTxO will be created from the input UTxO in which the blockchain address belonging to Bob will be specified (Bob's public key was used).

For assets to be transferred, Alice must sign the transaction with a private key through her wallet. The digital signature will be verified by the Cardano network, which is not drawn in the picture.

The wallet selects the UTxOs to be inserted into the transaction. It also selects private keys that are required for signature. Most of the time, the user just enters the spending password or confirms the sending of the transaction by pressing a button in the hardware wallet.

It is important to double-check the recipient's address and the amount to be sent. Transactions are non-refundable. Once a transaction is included in a block, it cannot be undone. If a UTxO is sent to the wrong address (non-existent or someone else's), this record will be stored in the blockchain forever. Mistakes cannot be corrected.

Self-Custody of Assets

What is the self-custody of assets? What do asset owners need to be aware of?

A blockchain network is essentially a decentralized ledger keeping records of asset ownership. Blockchain addresses are used instead of owner names.

A record in the ledger can only be changed through cryptography. To change the owner of assets, their current owner must prove their ownership by signing a transaction through a private key.

Self-custody can be seen as the exclusive right to spend assets.

If the owner loses both the private keys (wallet) and the passphrase (the physical form of the cryptographic secret), the record in the ledger will remain written forever. Assets will exist but cannot be spent. In other words, by losing the cryptographic secret, the owner also loses all assets forever.

If someone manages to steal or reveal your cryptographic secrets, they will have the same control over your assets as you. You are responsible for the exclusive ownership of your assets. If you fail and someone transfers the assets to another blockchain address, there is no way to change it.

It is even impossible to prove whether the given transaction was signed by you or the person who stole your cryptographic secret (passphrase or private keys).

Assets are controlled by whoever holds the private keys (or the passphrase) of the given blockchain addresses. That's supposed to be the only person. However, this cannot be guaranteed. Multiple people may know the cryptographic secret.

Network consensus is unaware of transaction context and asset owners. It only validates transactions, i.e. verifies digital signatures. If the transactions are valid, the entries in the ledger will be changed. Assets will be transferred from sender addresses to recipient addresses. Transactions will be stored in the blockchain (ledger) forever.

There is no other way to change the owner of assets than using private keys.

This gives owners full control over assets. However, they are exclusively responsible for cryptographic secrecy and must be aware of all risks involved.


Next time we will explain the details that we have simplified in this article. We will talk about what cryptography is used, how and why blockchain addresses are hashed, how a digital signature works, how the key pairs are deterministically derived, etc. The goal of this article was to clarify the basic concepts related to the use of self-custody wallets. It is beneficial for users to know the basics of cryptography and to know what processes take place during the transfer of assets.


Related articles

Did you enjoy this article? Other great articles by the same author