Ethereum Addresses vs. EOS Accounts - A (long-ish) explainer
Learning how to use your EOS account starts with understanding your Ethereum address
Welcome to your new EOS currency. We are no longer bound to those erc-20 EOS tokens of that thing called Ethereum. Now before we can start trading, sending, using, voting and all the other things that EOS will bring us we have to discuss this thing called our EOS account.
It's important that we understand some fundamental differences on how EOS handles interacting with the blockchain in contrast to Ethereum. To understand this, let's discuss Ethereum 'accounts' first.
There are NO accounts. Huh? Yup. No accounts. There are only records of public key transactions. And all you need to access your tokens, contracts, ethereum is the corresponding private key to sign for a public key (also known as your ETH address). How does this magic work?
Without going into all the crypto details, an encryption algorithm will generate key pair combos that can be used to validate information. So in simple terms, a private key "abcd" will always generate the public key "0xangelsEthAddress". So if I generate a transaction on ethereum, without knowing my private key we can run the transaction against the signature and it will spit out my public key... thus validating that it was indeed me who generated that transaction.
// PSEUDO CODE: myPrivateKey = "abcd" transactionData = "Send 10 tokens to 'theOtherAngel'" signature = encryptFunction(transactionData, myPrivateKey) // This generates a signature. "0xThisIsASignature" transmitToEthNodeFunction(transactionData, signature) // Notice that my private key never leaves my possession. Only the data and signature
signature is received then we can run a verification function on this data, without ever knowing the private key of the user.
publicAddress = recoverPublicAddress(transactionData, signture) // publicAddress > "0xangelsEthAddress"
This is why tools like Metamask or a Ledger Nano can create "accounts" for you on the fly. Because all they are doing is creating key pairs as shown above that can be used to sign transactions. All that ever leaves the "wallet" are the signatures and the transaction data, thus keeping your private keys secure.
A key distinction in EOS is that accounts ARE created. A private and public key pair can't do anything on their own without being assigned to an account. This is a very important distinction. It changes how 'wallets' can be used.
When a new EOS account are created, the public keys for that account are specified with the respective permission levels. The two basic requirements are the Owner and Active keys.
EOS public key pairs are generated in a similar fashion to Eth pairs, with the difference that the algorithm produces EOS prefixed public keys. Here is a sample generated from this site
If you registered your EOS tokens (remember that thing you were supposed to do before June 1st) you had to take a few steps.
Step 1 - Generate a public / private EOS keypair (like the sample above)
Step 2 - Use your ethereum account which holds your EOS and register the public key you generated with the contract. (EOS5f9...HrB1)
Why? So that when the final snapshot was taken and the new EOS mainnet is launched, an EOS account can be created automatically for you with your token balance and with your Owner key set to the one you submitted in the registration process.
That's why it is important to have saved your private key. That's how we'll be able to sign transactions and validate that it is indeed you doing so. A transaction can be anything from transferring tokens, interacting with smart contracts or voting for Block Producers.
Your EOS private key IS NOT the same private key that your Metamask or Ledger Nano or XYZ wallet was using. It is the private key that was generated when you went through the steps of obtaining it in your registration process.
This leads us to another sub-topic:
Currently I've only seen the cleos cli which is very unlikely to be used by end-users OR something like Scatter (chrome / firefox extension). To use any wallet CLI / Extension / Mobile with your EOS account you WILL need to import your private key. Why? Because the only way to interact with the account that was assigned to you during the Mainnet launch is to have access to the private key that corresponds to your Owner public key.
Why can't Scatter or XYZ wallet just generate a public / private key pair for me like Metamask? Metamask doesn't ask me to import keys! Actually Scatter can... But they wouldn't be assigned to ANY account, so they'd be useless.
This isn't a limitation of Scatter or any other wallet that comes around. It's a difference in blockchain design.... EOS vs. Ethereum. Although it may seem like an inconvenience, dig around a bit and you'll see how having accounts with permission levels is an advantage and opens up different dApp design possibilities.
So what does this mean? That in order to access your initial account a level of trust will be required. Whatever wallet you choose to use, you'll have to import your private key so that it can sign transactions on your behalf. The most reliable / trustworthy source would be to just go ahead and use the EOS provided cleos cli. That will require a level of bootstrapping that most end-users will not go through.
The alternative? Be patient and wait for the EOS community to start giving validation to trustworthy wallets. So far, the only one that has some community trust behind it is Scatter. I'm a fan, but even then there is no harm in waiting a few and letting the dust settle.
EOS is exciting, but it's also new. Keep your private key safe, and only import it into a wallet that you feel 100% comfortable with. Take some time to understand how EOS accounts work and what you need to have ready to go when the mainnet launches 🚀!