What is the main functional difference between these two keys and when do I use them except for account recovery?
This is how it works for Passbolt (see illustration)… Technically
you don’t have to use them, except for account recovery… but you could use them outside of Passbolt for encryption like for email, files, code-signing, etc.
Some more resources:
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. The generation of such keys depends on cryptographic algorithms based on mathematical problems to produce one-way functions. Effective security only requires keeping the private key private; the public key can be openly distributed without compromising security.
In such a system, any person can ...