Private / Public key pairs

Ok, I have to ask a really silly question.

After SPO-videos and guides people always talk about securing the cold-keys. (Plural)
I have these stored offline, however are these keys a typical public/private keypair, such that the s(igning) key is the only one that really needs to be offline, or are they both “private” in that sense?

This would make creating a new pool-registration cert easier, as the cold.vkey could be stored on a node that has the ability to use cardano-cli. The TX could be transferred to an airgapped computer to be signed by the respective skey(s).

Any clarification would be appreciated :smiley:


Hello @hovmeister, too bad you withdrew the post, it looked very interesting. I suppose you solved the problem yourself. But of course for the value of the forum it would be nice if you wrote the answer here instead deleting the thread to help others with the same problem. Thanks!

I did not withdraw it?
Don’t know what happened, apologies if I posted in the wrong place :thinking:
I may have been pressing a few buttons with too many windows open :partying_face:

Original post TLDR:

Basically asking about the difference between vkeys and skeys, and if they are anything like a public/private keypair.
If so, only the s-key really needs to be kept private and offline.


vkey/skey means verification-key / signing-key. So yes, it is identical to the known public / private terminology.


That is good to know :smiley:
That means i can have the cold vkey on my server, where I have some scripts to simplify the creation of new pool-registration.cert on the live node. Signing with the skey of course happens elsewhere.

Would be nice in the future if this process could be done with a Ledger / Trezor etc :thinking:

Okay, no worries, I fixed it. I’m sure this will be helpful for others.