How are keys used in Algorand generated and managed?

I found out that there are Membership Key, Spending Key, and Participation Key in Algorand.

Among them, it is explained that the Spending Key is used by the nodes selected for the consensus committee for signing.

I wonder how the Spending Key is generated and how other nodes verify the signature generated with this key (Spending Key).
(How to pass the public key of the sending key)

And if the Committee node stores a spending key that is used only once each time, it seems to run out of storage space.

How does Algorand manage this (Spending Key)?

Algorand has only two types of keys:

  • spending keys
  • participation keys

A spending key is a secret key that is associated to an account/address.
It is used to sign transactions originating from that account, e.g., to send tokens to another address, call an application, …

A participation node should never store a spending key. Indeed, if a node gets corrupted, you don’t want your spending key being lost. When a spending key is leaked or lost, you lose all your tokens!

Instead, a participation node generates a participation secret key and public key. You can then register the participation public key and associate it to your account by sending a special “key registration” or “change online” transaction. This transaction needs to be signed by the spending key.

Nodes know all the current participation (public) keys because of this registration process.

I have never heard of “membership key”

1 Like