A cryptocurrency wallet is a device, physical medium, program or a service which stores the public and/or private keys
transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often also offers the functionality of encrypting
information. Signing can for example result in executing a smart contract
, a cryptocurrency transaction (see "bitcoin transaction" image), identification
or legally signing
a 'document' (see "application form" image).
In addition to the basic function of storing the keys, a cryptocurrency wallet may also have one or more of the following characteristics.
Simple cryptocurrency wallet
A simple cryptocurrency wallet contains pairs of public and private cryptographic keys. The keys can be used to track ownership, receive or spend cryptocurrencies
A public key allows others to make payments to the address derived from it, whereas a private key enables the spending of cryptocurrency from that address.
The cryptocurrency itself is not in the wallet. In the case of bitcoin
and cryptocurrencies derived from it, the cryptocurrency is decentrally stored and maintained in a publicly available distributed ledger
called the ''blockchain
Some wallets are specifically designed to be compatible with a framework. The European Union is creating an eIDAS compatible European Self-Sovereign Identity Framework
(ESSIF) which runs on the European Blockchain Services Infrastructure (EBSI). The EBSI wallet is designed to (securely) provide information, an eID and to sign 'transactions'.
In contrast to simple cryptocurrency wallets requiring just one party to sign a transaction, multisignature
wallets require multiple parties to sign a transaction. Multisignature wallets are designed to have increased security.
In the cryptocurrency space, smart contract
s are digitally signed
in the same way a cryptocurrency transaction is signed. The signing keys are held in a cryptocurrency wallet.
With a deterministic wallet a single key can be used to generate an entire tree
of key pairs. This single key serves as the root
of the tree. The generated mnemonic
sentence or word seed is simply a more human-readable way of expressing the key used as the root, as it can be algorithmically converted into the root private key. Those words, in that order, will always generate exactly the same root key. A word phrase could consist of 24 words like: begin friend black earth beauty praise pride refuse horror believe relief gospel end destroy champion build better awesome. That single root key is not replacing all other private keys, but rather is being used to generate them. All the addresses still have different private keys, but they can all be restored by that single root key.
The private keys to every address it has and will ever give out in the future can be recalculated given the root key. That root key, in turn, can be recalculated by feeding in the word seed. The mnemonic sentence is the backup of the wallet. If a wallet supports the same (mnemonic sentence) technique, then the backup can also be restored on another software or hardware wallet.
sentence is considered secure. The BIP-39
standard creates a 512-bit seed from any given mnemonic. The set of possible wallets is 2512
. Every passphrase leads to a valid wallet. If the wallet was not previously used it will be empty.
In a non-deterministic wallet, each key is randomly generated on its own accord, and they are not seeded from a common key. Therefore, any backups of the wallet must store each and every single private key used as an address, as well as a buffer of 100 or so future keys that may have already been given out as addresses but not received payments yet.
When choosing a wallet, the owner must keep in mind who is supposed to have access to (a copy of) the private keys and thus potentially has signing capabilities. In case of cryptocurrency the user needs to trust the provider to keep the cryptocurrency safe, just like with a bank
. Trust was misplaced in the case of the Mt. Gox
exchange, which 'lost' most of their clients' bitcoins. Downloading a cryptocurrency wallet from a wallet provider to a computer or phone does not automatically mean that the owner is the only one who has a copy of the private keys. For example, with Coinbase
, it is possible to install a wallet on a phone and to also have access to the same wallet through their website. A wallet can also have known or unknown vulnerabilities
. A supply chain attack
or side-channel attack
are ways of a vulnerability introduction. In extreme cases even a computer which is not connected to any network
can be hacked.Air-gap jumpers on cyber.bgu.ac.il
/ref> For receiving cryptocurrency, access to the receiving wallet is not needed. The sending party only needs to know the destination address. Anyone can send cryptocurrency to an address. Only the one who has the private key of the corresponding (public key) address can use it.
* Cryptocurrency and security
* Mobile payment