Cryptocurrency wallet

A cryptocurrency wallet is a device,[1] physical medium,[2] program or a service which stores the public and/or private keys[3] for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often also offers the functionality of encrypting and/or signing information. Signing can for example result in executing a smart contract, a cryptocurrency transaction (see "bitcoin transaction" image), identification or legally signing a 'document' (see "application form" image).[4]

An example paper printable bitcoin wallet consisting of one bitcoin address for receiving and the corresponding private key for spending.

Technology

Private and public key generation

A crypto currency wallet works by a theoretical or random number being generated and used with a length depending on the algorithm size of the cryptocurrency's technology requirements. The number is then converted to a private key using the specific requirements of the cryptocurrency cryptography algorithm requirement. A public key is then generated from the private key using whichever cryptographic algorithm requirements are required. The private key is utilised by the owner to access and send cryptocurrency and is private to the owner, whereas the public key is to be shared to any third party to receive cryptocurrency.

Up to this stage no computer or electronic device is required and all (key pair) can be mathematically derived and written down by hand. The private key and public key pair (known as address) are not known by the blockchain or anyone else. The blockchain will only record the transaction of the public address when cryptocurrency is sent to it, thus recording in the blockchain ledger the transaction of the public address.

Duplicate private key

Collision prevention of having 2 or more wallets with the same private key is a possibility (as key's can be generated without transactions sent to them thus being offline until recorded in the blockchain ledger) negated by the theoretical possibility of such a combination of 2 or more private key's being similar is theoretically difficult to achieve due to the amount of possible wallets in a certain cryptocurrency cryptography being equated to briefly less than atoms in the universe, a high enough number to be incomprehensible to duplicate and difficult to hack.[5] [6]

Seed phrases

In modern convention a seed phrase is now utilised which is a 12 to 24 word and greater word phrase that is an unencrypted form of the private key in dictionary word format which is simpler to remember then a encrypted cryptographic key in another string format. When online, exchange and hardware wallets are generated using random numbers a seed phrase is asked to be recorded by the user, so that when access to the wallet becomes misplaced, damaged or compromised, the seed phrase can be used to re-access the wallet and associated keys and cryptocurrency.[7]

Wallets

A number of technologies known as wallets exist that store the key value pair of private and public key known as wallets. A wallet hosts the details of the key pair making transacting cryptocurrency possible. There exists multiple methods of storing keys or seed in a wallet from using paper wallets which are traditional public, private or seed keys written on paper to using hardware wallets which are dedicated hardware to securely store your wallet information, using an digital wallet which is a computer with a software hosting your wallet information, hosting your wallet using an exchange where cryptocurrency is traded. or by storing your wallet information on a digital medium such as plaintext.[8]

Crypto Wallets vs Dapp Browsers

Dapp browsers are specialized software that sustains new generation decentralized applications. Dapp browsers are considered to be the browsers of Web 3.0 and are the gateway to access the decentralized applications which are working based on blockchain technology. That means all Dapp Browsers must have a unique code system to unify all the different codes of the dapps.

While crypto wallets are focused on the exchange, purchase, sale of digital assets[9] and support narrowly targeted applications, the browsers support different kinds of applications of various formats, including exchange, games, NFTs marketplaces, etc.[10]

Technical specifications of different browsers may or may not include features such as:

  •     Full support for all modern Web2.0 technologies;
  •     Built-in Ethereum mainnet/testnet RPC, fully compatible with Web3.0;
  •     Built-in Ethereum wallet (using smart contracts);
  •     Dapp naming support

Characteristics

In addition to the basic function of storing the keys, a cryptocurrency wallet may also have one or more of the following characteristics.

Simple cryptocurrency wallet

 
An actual bitcoin transaction from a web based cryptocurrency exchange to a hardware cryptocurrency wallet.

A simple cryptocurrency wallet contains pairs of public and private cryptographic keys. The keys can be used to track ownership, receive or spend cryptocurrencies.[11] A public key allows others to make payments to the address derived from it, whereas a private key enables the spending of cryptocurrency from that address.[12]

The cryptocurrency itself is not in the wallet. In the case of bitcoin and cryptocurrencies derived from it, the cryptocurrency is decentrally stored and maintained in a publicly available distributed ledger called the blockchain.[11]

eID wallet

 
Providing an eID and a diploma and digitally signing the 'application form' with a crypto wallet app.

Some wallets are specifically designed to be compatible with a framework. The European Union is creating an eIDAS compatible European Self-Sovereign Identity Framework (ESSIF) which runs on the European Blockchain Services Infrastructure (EBSI). The EBSI wallet is designed to (securely) provide information, an eID and to sign 'transactions'.[4]

Multisignature wallet

In contrast to simple cryptocurrency wallets requiring just one party to sign a transaction, multisignature wallets require multiple parties to sign a transaction.[13] Multisignature wallets are designed to have increased security.[14]

Smart contract

In the cryptocurrency space, smart contracts are digitally signed in the same way a cryptocurrency transaction is signed. The signing keys are held in a cryptocurrency wallet.

Key derivation

Deterministic wallet

 
A deterministic wallet seed phrase of a crypto wallet.

With a deterministic wallet a single key can be used to generate an entire tree of key pairs.[15] This single key serves as the root of the tree. The generated mnemonic sentence or word seed is simply a more human-readable way of expressing the key used as the root, as it can be algorithmically converted into the root private key. Those words, in that order, will always generate exactly the same root key. A word phrase could consist of 24 words like: begin friend black earth beauty praise pride refuse horror believe relief gospel end destroy champion build better awesome. That single root key is not replacing all other private keys, but rather is being used to generate them. All the addresses still have different private keys, but they can all be restored by that single root key. The private keys to every address it has and will ever give out in the future can be recalculated given the root key. That root key, in turn, can be recalculated by feeding in the word seed. The mnemonic sentence is the backup of the wallet. If a wallet supports the same (mnemonic sentence) technique, then the backup can also be restored on another software or hardware wallet.

A mnemonic sentence is considered secure. The BIP-39 standard creates a 512-bit seed from any given mnemonic. The set of possible wallets is 2512. Every passphrase leads to a valid wallet. If the wallet was not previously used it will be empty.[11]: 104

Non-deterministic wallet

In a non-deterministic wallet, each key is randomly generated on its own accord, and they are not seeded from a common key. Therefore, any backups of the wallet must store each and every single private key used as an address, as well as a buffer of 100 or so future keys that may have already been given out as addresses but not received payments yet.[11]: 94

Concerns

Wallet access permissions

When choosing a wallet, the owner must keep in mind who is supposed to have access to (a copy of) the private keys and thus potentially has signing capabilities. In case of cryptocurrency the user needs to trust the provider to keep the cryptocurrency safe, just like with a bank. Trust was misplaced in the case of the Mt. Gox exchange, which 'lost' most of their clients' bitcoins. Downloading a cryptocurrency wallet from a wallet provider to a computer or phone does not automatically mean that the owner is the only one who has a copy of the private keys. For example, with Coinbase, it is possible to install a wallet on a phone and to also have access to the same wallet through their website.

Vulnerabilities

A wallet can also have known or unknown vulnerabilities. A supply chain attack or side-channel attack are ways of a vulnerability introduction. In extreme cases even a computer which is not connected to any network can be hacked.[16]

When using a software wallet for receiving cryptocurrency, access to the receiving wallet is not needed—the sending party only need know the destination address, thus anyone can send cryptocurrency to an address. Only the one who has the private key of the corresponding (public key) address otherwise has access.

See also

References

  1. ^ Roberts, Daniel (15 December 2017). "How to send bitcoin to a hardware wallet (url=https://finance.yahoo.com/news/send-bitcoin-hardware-wallet-140141385.html". Yahoo! Finance.
  2. ^ Divine, John (1 February 2019). "What's the Best Bitcoin Wallet?". U.S. News & World Report. Retrieved 12 March 2019.
  3. ^ Newman, Lily Hay (2017-11-05). "How to Keep Your Bitcoin Safe and Secure". Wired. ISSN 1059-1028. Retrieved 2019-03-10.
  4. ^ a b "European Blockchain Services Infrastructure (EBSI)". European Commission. Retrieved 24 July 2020.
  5. ^ Yadav, Nagendra Singh & Goar, Vishal & Kuri, Manoj. (2020). Crypto Wallet: A Perfect Combination with Blockchain and Security Solution for Banking. International Journal of Psychosocial Rehabilitation. 24. 6056-6066. 10.37200/IJPR/V24I2/PR2021078.
  6. ^ Guler, Sevil (2015). "Secure Bitcoin Wallet" (PDF). UNIVERSITY OF TARTU FACULTY OF MATHEMATICS AND COMPUTER SCIENCE Institute of Computer Science Computer Science Curriculum: 48 – via core.ac.uk.
  7. ^ Shaik, Cheman. (2020). Securing Cryptocurrency Wallet Seed Phrase Digitally with Blind Key Encryption. International Journal on Cryptography and Information Security. 10. 1-10. 10.5121/ijcis.2020.10401.
  8. ^ Jokić, Stevo & Cvetković, Aleksandar Sandro & Adamović, Saša & Ristić, Nenad & Spalević, Petar. (2019). Comparative analysis of cryptocurrency wallets vs traditional wallets. Ekonomika. 65. 10.5937/ekonomika1903065J.
  9. ^ Frankenfield, Jake (2021-08-16). "Blockchain Wallet".
  10. ^ Deepanshu, Bhatt (2019). "Best DApp Browsers to use in 2019".
  11. ^ a b c d Antonopoulos, Andreas (12 July 2017). Mastering Bitcoin: Programming the Open Blockchain. O'Reilly Media, Inc. ISBN 9781491954386. Retrieved 14 September 2017.
  12. ^ "Bitcoin Wallets: What You Need to Know About the Hardware". The Daily Dot. 2018-11-20. Retrieved 2019-03-10.
  13. ^ "Bitcoin Startup Predicts Cryptocurrency Market Will Grow By $100 Billion in 2018". Fortune. Retrieved 2019-02-15.
  14. ^ Graham, Luke (2017-07-20). "$32 million worth of digital currency ether stolen by hackers". www.cnbc.com. Retrieved 2019-02-15.
  15. ^ Gutoski, Gus; Stebila, Douglas. "Hierarchical deterministic Bitcoin wallets that tolerate key leakage" (PDF). iacr.org. International Association for Cryptologic Research. Retrieved 2 November 2018.
  16. ^ Air-gap jumpers on cyber.bgu.ac.il