 And we have a little animation, and that was cute. So in this segment of Down the Rabbit Hole, I'm going to ask me the question that you haven't asked me yet, which is, hey, Andreas, if I'm doing e-commerce or receiving payments online, doesn't that put my keys at risk? If I put my keys on a server, can't that server be hacked? So now let's talk about a really interesting and very important feature that exists in cryptocurrencies, but also in cryptography, which is asymmetric cryptography or public-private key systems. Public key cryptography is a mechanism invented in the 70s that allows you to have two keys, a public key and a private key. And you can produce the public key from the private key in order to receive, in the case of cryptocurrency payments or messages. And the person who has your public key cannot unlock your funds or your messages. And you can then share that comfortably. Bitcoin addresses are effectively a public key that is wrapped up in some hashes, but otherwise they're just a public key. So what happens when you're trying to do e-commerce? Well, if you simply give someone a Bitcoin address, the main risk you have is that if you keep reusing that Bitcoin address, other people can see who's paid you and when and how many Bitcoin you have or have received through that Bitcoin address. And they can also then trace where you send it afterwards. So that creates some privacy risk. But no one can steal your Bitcoin or crypto just because they have an address or public key. Now, if you wanted to give a fresh address to everybody who visits your website, for example, to run e-commerce or an online billing system or an invoice system or something like that, you'd probably use some software. Software might include something like BTC pay server or some kind of integration into Electrum or some other capability like that. Now, what all of these systems have in common is that they do not store your private keys online. In fact, they don't even need your private keys at all. Instead, what you give these programs is what is called an extended public key or XPUB, X-P-U-B. An extended public key is basically the root key of a hierarchical deterministic wallet or usually the sub key for a specific account within a hierarchical deterministic wallet. So if you're using an HD wallet, which is probably what you're using, if you're using a mnemonic phrase, a 24 word seed as some people call it phrase to initialize your wallet, whether it's a software wallet on your smartphone or a hardware wallet, that is building a hierarchical deterministic wallet and you can export the XPUB, the extended public key from one of your accounts. If you then load that extended public key onto some kind of e-commerce site or web software that can generate invoices or manage e-commerce payments, that software can then generate receive addresses from the extended public key, unique Bitcoin addresses or Ether addresses or whatever else for every single incoming payment cart or customer and then keep track of all of those. Now, when someone pays those, of course, your website doesn't have the private keys to unlock them. So even if someone hacks your website, they can't do anything. They might be able to see all of the addresses you've generated and what payments you've received on those addresses because they can seal your XPUB and generate the same addresses, but they can't take your money. Now, the beauty of this effectively, if you think about it, is that you could have a hardware wallet or even a completely offline wallet where you've generated a mnemonic phrase on a hardware wallet and you've exported the XPUB and then you've wiped that hardware wallet and just kept the mnemonic phrase back up in a safe. And effectively, when someone pays you, the keys to that money that allows you to spend that money is sitting in your safe, safely away from prying eyes and the only thing on the website is an extended public key and that's how we can do e-commerce without using a hot wallet on a server which is extremely vulnerable. Whether you're doing invoices and just copying a single Bitcoin address or you're doing a full-blown e-commerce site where you're serving thousands and thousands of customers, you do not have to risk your private keys with a hot wallet. And that segment is down the rabbit hole where I ask myself the question you haven't yet asked me. If you enjoyed this video, please subscribe, like and share. All my work is shared for free. So if you wanna support it, join me on Patreon.