What is a private key?#

A private key is secret cryptographic material that can authorize transactions from a blockchain account. Anyone who obtains it can usually move assets or grant permissions without your consent, so it must never be shared with CenturionDEX, support staff, or another person.

How it works#

A private key creates digital signatures. Centurion validators use the related public information to verify that a transaction was authorized, but they do not need to learn the private key itself.

Many wallets generate several accounts from one recovery phrase. In that setup, the phrase is a master backup and is at least as sensitive as any individual private key. Exporting one account key may expose only that account, while exposing the recovery phrase can compromise every derived account.

Smart-account wallets can use a different model. Contract code may accept several signers, recovery guardians, hardware keys, session keys, or spending policies. The signer secrets and account modules remain security-critical even when there is no single conventional key controlling every action.

How to protect it#

• Generate keys only in authentic wallet software or hardware.
• Keep recovery material offline and physically protected.
• Do not store it in screenshots, email, cloud notes, or chat logs.
• Use hardware signing for significant value when practical.
• Separate long-term holdings from routine application activity.
• Review wallet permissions and remove unused session keys or operators.
• Test recovery procedures without exposing the secret to another person.

A device password encrypts local wallet data but does not make a leaked recovery phrase safe. Likewise, disconnecting a website does not rotate a compromised key.

What to do after exposure#

1. Use a clean device and create a new wallet with new recovery material.
2. Transfer remaining native CTN and tokens to the new address, prioritizing assets that can still be moved.
3. Transfer any v3 position NFTs and other unique assets.
4. Remove approvals or smart-account permissions where doing so can prevent further loss.
5. Stop using the compromised account for deposits.
6. Preserve transaction hashes and evidence for reporting.

If malicious transactions are already pending, competing with them can be complex. Do not trust strangers who promise guaranteed recovery or ask for another payment.

Common scams#

Fake support agents, wallet “validation” pages, malicious browser extensions, clipboard tools, and remote-access software all target keys or recovery phrases. A legitimate application may ask you to sign, but it will never need the secret itself.

Related#

• What is a crypto wallet?
• Crypto wallet signature scams
• Impersonation scams
• How to get a crypto wallet