# Private Keys ## Secure Identity and Control in the Circular Network In the Circular system, private keys are the foundation of secure identity and access. Every account created within an organization is paired with a private key, which is used to authorize and sign actions, such as issuing or verifying a certificate. Private keys are not passwords or logins. They are cryptographic credentials that allow systems to verify that a specific user or organization has approved a given action, without revealing sensitive data. ## What Is a Private Key? A private key is a randomly generated, highly secure digital code that: * Authenticates that an action (like certifying a document) was performed by your account * Proves ownership and control over an account in a cryptographically secure way * Enables the signing of certificates, data records, and transactions on Circular ## Why Private Keys Matter In regulated environments, it is essential that every certified data action, whether anchoring a document or validating an audit trail, is: * Authorized by a verified identity * Non-repudiable, meaning it cannot later be denied or falsified * Cryptographically signed, ensuring trust without relying on central authorities Private keys make this possible. They ensure that all activity on Circular can be independently verified, yet remain secure and tamper-proof. ## How Circular Uses Private Keys 1. When an account is created, a private key is generated 2. When issuing a certificate, the private key digitally signs the data, creating cryptographic proof No one, not even Circular, can recover or regenerate your private key. It is your organization’s responsibility to store it securely ## Best Practices for Handling Private Keys * Store securely using encrypted vaults, hardware modules (HSMs), or secure infrastructure designed for key management * Do not share private keys by email or in unprotected environments * Back up responsibly. If lost, the account cannot be recovered * Use secure signing environments. Keys should never be exposed in browser consoles or insecure systems ## Important Limitations * Private keys cannot be reset or recovered by Circular or any third party * If a private key is lost, access to the account and its certificates will be permanently lost * If compromised, the key may be used to fraudulently sign actions. In this case, revocation procedures must be followed immediately ## Summary Private keys are the invisible backbone of trust in the Circular Protocol. While they operate quietly in the background, they ensure that every certificate, record, and verification is secure, accountable, and verifiable without the need for centralized control. > If you are unsure how to manage private keys within your organization, consult your IT or compliance team before proceeding. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://circular-protocol.gitbook.io/circular-protocol-documentation/private-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.