If you’ve spent years building in Web2, identity probably feels straightforward: users sign up with an email, set a password, and your backend stores their credentials. Every app has its own system, and identity is fragmented across services.
Solana flips that model completely.
Instead of usernames and passwords, identity starts with a keypair — a cryptographic pair of keys generated locally. The public key is your address (visible to everyone), and the private key is your proof of ownership. There’s no central server, no account creation endpoint, and no password reset flow. If you hold the private key, you are the account.
The SSH key analogy (your mental bridge)
If you’ve used SSH, you already understand this.
You generate a keypair on your machine, place the public key on a server, and prove your identity by signing with your private key. Solana works the same way — except the “server” is the entire network.
That one keypair becomes your identity everywhere: across apps, tokens, and programs.
Creating identity (no signup required)
One of the most surprising things when you first touch Solana is this:
You don’t “register” an account — you generate it.
In a simple script, you can create a brand-new wallet instantly. No API call, no database, no approval. The address is derived mathematically from the private key using Ed25519, which means it’s valid on the network the moment it exists.
That’s a big shift from Web2:
- Web2 → identity is issued by a platform
- Solana → identity is generated and owned by you
To interact with the network, you fund that address with test tokens (on devnet). Now your identity isn’t just theoretical — it can send transactions and hold value.
Persistence: identity you actually keep
At first, your keypair might live only in memory. Run the script again, and you get a completely new identity.
That’s not practical.
So the next step is persistence: saving the keypair to a file and reloading it later. Now your wallet behaves more like a real account — same address, same balance, same identity across runs.
This introduces a critical idea:
In Web2, platforms store and manage identity for you.
In Solana, you are responsible for storing it safely.
And that comes with consequences. If someone gets access to your private key, they control your account. There’s no “forgot password” option.
SOL vs lamports: thinking in precise value
Once your wallet is funded, you’ll see balances like “2 SOL.” But under the hood, everything works in lamports:
-
1 SOL = 1,000,000,000 lamportsThis is similar to how payment systems like Stripe use cents instead of dollars. Blockchains avoid floating-point numbers entirely to guarantee precision. Every transaction must produce the exact same result across thousands of nodes — no rounding errors allowed.
So while users see SOL, your code works with integers. Send 1 instead of 1_000_000_000, and you’ve just transferred a billionth of what you intended.
Real users don’t manage keys — wallets do
Up to this point, you’ve been handling private keys directly. That’s fine for scripts, but it’s not how real users interact with apps.
Browser wallets like Phantom or Solflare
They store private keys securely, show confirmation popups, and expose a standard API your app can use. Your app never sees the private key. Instead, it asks the wallet to sign something, and the user approves or rejects it.
If you’ve used “Sign in with Google,” this feels familiar — except instead of a company verifying identity, the wallet proves it cryptographically.
This changes the security model completely:
- The wallet is the security boundary
- The user approves every action
- Your app is untrusted by default
Not all wallets are the same
By now, you’ve likely interacted with multiple wallet types:
- CLI wallet → a JSON file on disk (fast, scriptable, but exposed)
- Browser wallet → encrypted storage + approval UI (balanced usability and safety)
- Mobile wallet → adds biometric and device-level security
They all manage the same underlying thing — a keypair — but differ in how they protect it.
This introduces two useful mental models:
- Hot vs cold: Is the key on an internet-connected device?
- Custodial vs non-custodial: Who controls the key? There’s no single “best” wallet. Developers often use CLI wallets for testing, browser wallets for apps, and hardware wallets for storing real value.
So what is identity on Solana?
It’s not a username.
It’s not tied to a single app.
It’s not controlled by a company.
It’s a cryptographic keypair that:
- Proves ownership through signatures
- Holds tokens and pays fees
- Interacts with programs
- Works across every application on the network And most importantly, it’s yours.
When you move from Web2 to Solana, the biggest shift isn’t learning new APIs — it’s rethinking identity itself. Once that clicks, everything else starts to make sense.
Top comments (0)