Jump to content

Cryptocurrency wallet

Page semi-protected
From Wikipedia, the free encyclopedia

An example paper printable bitcoin wallet consisting of one bitcoin address for receiving and the corresponding private key for spending

A cryptocurrency wallet is a device,[1] physical medium,[2] program or an online service which stores the public and/or private keys[3] for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often offers the functionality of encrypting and/or signing information.[4] Signing can for example result in executing a smart contract, a cryptocurrency transaction (see "bitcoin transaction" image), identification, or legally signing a 'document' (see "application form" image).[5]

History

In 2008 bitcoin was introduced as the first cryptocurrency following the principle outlined by Satoshi Nakamoto in the paper “Bitcoin: A Peer-to-Peer Electronic Cash System.”[6] The project was described as an electronic payment system using cryptographic proof instead of trust. It also mentioned using cryptographic proof to verify and record transactions on a blockchain.[7][8]

Software wallets

The first wallet program, simply named Bitcoin, and sometimes referred to as the Satoshi client, was released in January 2009 by Satoshi Nakamoto as open-source software.[9] In version 0.5 the client moved from the wxWidgets user interface toolkit to Qt, and the whole bundle was referred to as Bitcoin-Qt.[10] After the release of version 0.9, the software bundle was renamed Bitcoin Core to distinguish itself from the underlying network.[11][12] Bitcoin Core is, perhaps, the best known implementation or client. Forks of Bitcoin Core exist, such as Bitcoin XT, Bitcoin Unlimited,[13] and Parity Bitcoin.[14]

There are several modes in which wallets can operate. They have an inverse relationship with regard to trustlessness and computational requirements.[15]

  • Full clients verify transactions directly by downloading a full copy of the blockchain (over 150 GB as of January 2018).[16] They do not require trust in any external parties. Full clients check the validity of mined blocks, preventing them from transacting on a chain that breaks or alters network rules.[17]: ch. 1  Because of its size and complexity, downloading and verifying the entire blockchain is not suitable for all computing devices.[citation needed]
  • Lightweight clients consult full nodes to send and receive transactions without requiring a local copy of the entire blockchain (see simplified payment verificationSPV). This makes lightweight clients much faster to set up and allows them to be used on low-power, low-bandwidth devices such as smartphones. When using a lightweight wallet, however, the user must trust full nodes, as it can report faulty values back to the user. Lightweight clients follow the longest blockchain and do not ensure it is valid, requiring trust in full nodes.[18]

Third-party internet services called online wallets or webwallets offer similar functionality but may be easier to use. In this case, credentials to access funds are stored with the online wallet provider rather than on the user's hardware.[19] As a result, the user must have complete trust in the online wallet provider. A malicious provider or a breach in server security may cause entrusted bitcoins to be stolen. An example of such a security breach occurred with Mt. Gox in 2011.[20]

Cold storage

A paper wallet with a banknote-like design. Both the private key and the address are visible in text form and as 2D barcodes.
A paper wallet with the address visible for adding or checking stored funds. The part of the page containing the private key is folded over and sealed.
A brass token with a private key hidden beneath a tamper-evident security hologram. A part of the address is visible through a transparent part of the hologram.
A hardware wallet peripheral which processes bitcoin payments without exposing any credentials to the computer

Wallet software is targeted by hackers because of the lucrative potential for stealing bitcoins.[21] "Cold storage" simply means keeping the private keys out of reach of hackers by storing or generating them on a device that is not connected to the internet.[22][17]: ch. 4 [23]: 39  The credentials necessary to spend bitcoins can be stored offline in a number of different ways, from simple paper printouts of private keys, to specialized hardware wallets.[17]: ch. 10 

Paper wallets

A paper wallet is created with a keypair generated on a computer with no internet connection; the private key is written or printed onto the paper and then erased from the computer.[17]: ch. 4  The paper wallet can then be stored in a safe physical location for later retrieval.[23]: 39 

Physical wallets can also take the form of metal token coins[24] with a private key accessible under a security hologram in a recess struck on the reverse side.[25]: 38  The security hologram self-destructs when removed from the token, showing that the private key has been accessed.[26] Originally, these tokens were struck in brass and other base metals, but later used precious metals as bitcoin grew in value and popularity.[25]: 80  Coins with stored face value as high as ₿1,000 have been struck in gold.[25]: 102–104  The British Museum's coin collection includes four specimens from the earliest series[25]: 83  of funded bitcoin tokens; one is currently on display in the museum's money gallery.[27] In 2013, a Utah manufacturer of these tokens was ordered by the Financial Crimes Enforcement Network (FinCEN) to register as a money services business before producing any more funded bitcoin tokens.[24][25]: 80 

Hardware wallets

A hardware wallet is a small and portable computer peripheral that signs transactions as requested by the user. These devices store private keys and carry out signing and encryption internally,[22] and do not share any sensitive information with the host computer except already signed (and thus unalterable) transactions.[28] Because hardware wallets never expose their private keys, even computers that may be compromised by malware do not have a vector to access or steal them.[23]: 42–45 The user sets a passcode when setting up a hardware wallet.[22] As hardware wallets are tamper-resistant,[28][17]: ch. 10  without the passcode the assets cannot be accessed.[28]

Technology

Private and public key generation

A cryptocurrency wallet works by a theoretical or random number being generated and used with a length that depends on the algorithm size of the cryptocurrency's technology requirements. The number is converted to a private key using the specific requirements of the cryptocurrency cryptography algorithm requirement. A public key is then generated from the private key using whichever cryptographic algorithm is required. The private key is used by the owner to access and send cryptocurrency and is private to the owner, whereas the public key is to be shared to any third party to receive cryptocurrency.[29]

Up to this stage no computer or electronic device is required and all key pairs can be mathematically derived and written down by hand. The private key and public key pair (known as an address) are not known by the blockchain or anyone else. The blockchain will only record the transaction of the public address when cryptocurrency is sent to it, thus recording in the blockchain ledger the transaction of the public address.[4]

Duplicate private keys

Collision (two or more wallets having the same private key) is theoretically possible, since keys can be generated without being used for transactions, and are therefore offline until recorded in the blockchain ledger. However, this possibility is effectively negated because the theoretical probability of two or more private keys being the same is extremely low. The number of possible wallets and thus private keys is extremely high,[4][30][31] so duplicating or hacking a certain key would be inconceivable.[32][33]

Seed phrases

In modern convention a seed phrase is now utilised which is a random 12 to 24 (or even greater) list of dictionary words which is an unencrypted form of the private key. (Words are easier to memorize than numerals). When online, exchange and hardware wallets are generated using random numbers, and the user is asked to supply a seed phrase. If the wallet is misplaced, damaged or compromised, the seed phrase can be used to re-access the wallet and associated keys and cryptocurrency in toto.[34]

Wallets

A number of technologies known as wallets exist that store the key value pair of private and public key known as wallets. A wallet hosts the details of the key pair making cryptocurrency transactions possible. Multiple methods exist for storing keys or seeds in a wallet.[35]

A brainwallet or brain wallet is a type of wallet in which one memorizes a passcode (a private key or seed phrase).[36][37] Brainwallets may be attractive due to plausible deniability or protection against governmental seizure,[38] but are vulnerable to password guessing (especially large-scale offline guessing).[36][38] Several hundred brainwallets exist on the Bitcoin blockchain, but most of them have been drained, sometimes repeatedly.[36]

Crypto wallets vis-à-vis DApp browsers

DApp browsers are specialized software that supports decentralized applications. DApp browsers are considered to be the browsers of Web3 and are the gateway to access the decentralized applications which are based on blockchain technology. That means all DApp browsers must have a unique code system to unify all the different codes of the DApps.[39]

While crypto wallets are focused on the exchange, purchase, sale of digital assets and support narrowly targeted applications, the browsers support different kinds of applications of various formats, including exchange, games, NFTs marketplaces, etc.

Characteristics

In addition to the basic function of storing the keys, a cryptocurrency wallet may also have one or more of the following characteristics.

Simple cryptocurrency wallet

An actual bitcoin transaction from a web based cryptocurrency exchange to a hardware cryptocurrency wallet

A simple cryptocurrency wallet contains pairs of public and private cryptographic keys. The keys can be used to track ownership, receipt or spend cryptocurrencies.[40] A public key allows others to make payments to the address derived from it, whereas a private key enables the spending of cryptocurrency from that address.[41]

The cryptocurrency itself is not in the wallet. In the case of bitcoin and cryptocurrencies derived from it, the cryptocurrency is decentrally stored and maintained in a publicly available distributed ledger called the blockchain.[40]

Multi-Chain cryptocurrency wallet

Multi-chain wallets are designed to support multiple blockchain networks, enabling users to store, manage, and transact different types of cryptocurrencies from a single interface. Unlike single-chain wallets, which are limited to a specific blockchain, multi-chain wallets provide a unified experience for handling various assets. These wallets enhance convenience and security by reducing the need for multiple wallet applications and providing integrated features for multiple digital assets.

Features of a Multi-Chain Wallet

Support for Multiple Blockchains: Users can hold and manage various blockchains such as Bitcoin, Ethereum, Klever Blockchain, Binance Smart Chain, and more within one wallet.

Enhanced Security: Typically incorporate advanced security measures including two-factor authentication and seed phrase backup.

Interoperability: Facilitates seamless transactions across different blockchain networks.

User-friendly Interface: Designed to be accessible and intuitive, making it easier for users to navigate and manage their assets.

Popular multi-chain wallets include Trust Wallet, Klever Wallet and Exodus, each offering unique features and support for multiple blockchains, therefore, hundreds of cryptocurrencies.

eID wallet

Providing an eID and a diploma and digitally signing the 'application form' with a crypto wallet app

Some wallets are specifically designed to be compatible with a framework. The European Union is creating an eIDAS compatible European Self-Sovereign Identity Framework (ESSIF) which runs on the European Blockchain Services Infrastructure (EBSI). The EBSI wallet is designed to (securely) provide information, an eID and to sign 'transactions'.[5]

Multisignature wallet

In contrast to simple cryptocurrency wallets requiring just one party to sign a transaction, multi-sig wallets require multiple parties to sign a transaction.[42] Multisignature wallets are designed for increased security.[43] Usually, a multisignature algorithm produces a joint signature that is more compact than a collection of distinct signatures from all users.[44]

Smart contract

In the cryptocurrency space, smart contracts are digitally signed in the same way a cryptocurrency transaction is signed. The signing keys are held in a cryptocurrency wallet.

Key derivation

Sequential deterministic wallet

A deterministic wallet seed phrase of a crypto wallet

A sequential deterministic wallet utilizes a simple method of generating addresses from a known starting string or "seed". This would utilize a cryptographic hash function, e.g. SHA-256 (seed + n), where n is an ASCII-coded number that starts from 1 and increments as additional keys are needed.[45]

Hierarchical deterministic wallet

The hierarchical deterministic (HD) wallet was publicly described in BIP32.[46] As a deterministic wallet, it also derives keys from a single master root seed, but instead of having a single "chain" of keypairs, an HD wallet supports multiple key pair chains.

This allows a single key string to be used to generate an entire tree of key pairs with a stratified structure.[47]

BIP39 proposed the use of a set of human-readable words to derive the master private key of a wallet.[citation needed] This mnemonic phrase allows for easier wallet backup and recovery, due to all the keys of a wallet being derivable from a single plaintext string.[how?]

Non-deterministic wallet

In a non-deterministic wallet, each key is randomly generated on its own accord, and they are not seeded from a common key. Therefore, any backups of the wallet must store each and every single private key used as an address, as well as a buffer of 100 or so future keys that may have already been given out as addresses but not received payments yet.[48][40]: 94 

Concerns

A wallet can also have known or unknown vulnerabilities. A supply chain attack or side-channel attack are ways of introducing vulnerabilities. In extreme cases even a computer which is not connected to any network can be hacked.[49]

To mitigate the risk of crypto wallet hacking, one can choose for a cold wallet, which remains offline and disconnected from the internet. A cold wallet refers to a physical device, such as a pen drive, that is utilized as a secure storage medium for transferring money from a hot wallet.[50]

Security

When using a merchant site that accepts server-side digital wallets, customers enter their name, payment, and delivery information. Following the purchase, the customer is requested to register for a wallet with a user name and password for future purchases.[51]

Digital wallets can be dedicated to a single cryptocurrency (examples: Bitcoin, Etherium, Ripple, Litecoin), or they can be multi-currency (Coinomi, CoinSpot, CoinVault, Cryptonator multi-cryptocurrency wallet, Exodus, Gatehub, Holy Transaction, Jaxx Wallet, UberPay Wallet, AnCrypto Wallet, Klever Wallet.

Wallets are free for consumers but cost retailers. Wallet sellers may receive a portion of merchant purchases made through their wallets. In other circumstances, digital wallet vendors conduct cardholder-merchant transactions for a set fee.[52]

See also

References

  1. ^ Roberts, Daniel (15 December 2017). "How to send bitcoin to a hardware wallet". Yahoo! Finance. Archived from the original on 17 February 2018. Retrieved 11 March 2019.
  2. ^ Divine, John (1 February 2019). "What's the Best Bitcoin Wallet?". U.S. News & World Report. Archived from the original on 27 October 2021. Retrieved 12 March 2019.
  3. ^ Newman, Lily Hay (2017-11-05). "How to Keep Your Bitcoin Safe and Secure". Wired. ISSN 1059-1028. Archived from the original on 2021-03-04. Retrieved 2019-03-10.
  4. ^ a b c Levine, Matt. "The Crypto Story". Bloomberg.com. Archived from the original on 2023-12-15. Retrieved 2023-12-03.
  5. ^ a b "European Blockchain Services Infrastructure (EBSI)". 2020-12-31. Archived from the original on 2022-10-19.
  6. ^ Nakamoto, Satoshi. "Bitcoin: A Peer-to-Peer Electronic Cash System" (PDF). Archived (PDF) from the original on 2014-03-20. Retrieved 2023-02-26.
  7. ^ "What are blockchain and cryptocurrency?", Blockchain and Cryptocurrency: International Legal and Regulatory Challenges, Bloomsbury Professional, 2022, doi:10.5040/9781526521682.chapter-002, ISBN 978-1-5265-2165-1, retrieved 2023-02-26
  8. ^ "Soon You'll Be Saying, 'There's a Blockchain App for That'". Bloomberg.com. 2021-11-16. Archived from the original on 2022-05-12. Retrieved 2023-12-03.
  9. ^ Davis, Joshua (10 October 2011). "The Crypto-Currency: Bitcoin and its mysterious inventor". The New Yorker. Archived from the original on 1 November 2014. Retrieved 31 October 2014.
  10. ^ Skudnov, Rostislav (2012). Bitcoin Clients (PDF) (Bachelor's Thesis). Turku University of Applied Sciences. Archived (PDF) from the original on 18 January 2014. Retrieved 16 January 2014.
  11. ^ "Bitcoin Core version 0.9.0 released". bitcoin.org. Archived from the original on 27 February 2015. Retrieved 8 January 2015.
  12. ^ Metz, Cade (19 August 2015). "The Bitcoin Schism Shows the Genius of Open Source". Wired. Condé Nast. Archived from the original on 30 June 2016. Retrieved 3 July 2016.
  13. ^ Vigna, Paul (17 January 2016). "Is Bitcoin Breaking Up?". The Wall Street Journal. Archived from the original on 20 August 2016. Retrieved 8 November 2016.
  14. ^ Allison, Ian (28 April 2017). "Ethereum co-founder Dr Gavin Wood and company release Parity Bitcoin". International Business Times. Archived from the original on 28 April 2017. Retrieved 28 April 2017.
  15. ^ Truong, Nguyen; Lee, Gyu Myoung; Sun, Kai; Guitton, Florian; Guo, YiKe (2021-11-01). "A blockchain-based trust system for decentralised applications: When trustless needs trust". Future Generation Computer Systems. 124: 68–79. arXiv:2101.10920. doi:10.1016/j.future.2021.05.025. ISSN 0167-739X. Archived from the original on 2024-05-18. Retrieved 2024-05-18.
  16. ^ "Bitcoin blockchain size 2009-2024". Statista. Archived from the original on 2024-05-18. Retrieved 2024-05-18.
  17. ^ a b c d e Antonopoulos, Andreas M. (2014). Mastering Bitcoin: Unlocking Digital Crypto-Currencies. O'Reilly Media. ISBN 978-1-4493-7404-4.
  18. ^ Gervais, Arthur; O. Karame, Ghassan; Gruber, Damian; Capkun, Srdjan. "On the Privacy Provisions of Bloom Filters in Lightweight Bitcoin Clients" (PDF). Archived (PDF) from the original on 5 October 2016. Retrieved 3 September 2016.
  19. ^ Bill Barhydt (4 June 2014). "3 reasons Wall Street can't stay away from bitcoin". NBCUniversal. Archived from the original on 3 April 2015. Retrieved 2 April 2015.
  20. ^ "MtGox gives bankruptcy details". bbc.com. BBC. 4 March 2014. Archived from the original on 12 March 2014. Retrieved 13 March 2014.
  21. ^ Jeffries, Adrianne (19 December 2013). "How to steal Bitcoin in three easy steps". The Verge. Archived from the original on 27 July 2019. Retrieved 17 January 2014.
  22. ^ a b c Roberts, Daniel (15 December 2017). "How to send bitcoin to a hardware wallet". Yahoo Finance. Archived from the original on 17 February 2018. Retrieved 17 February 2018.
  23. ^ a b c Barski, Conrad; Wilmer, Chris (2015). Bitcoin for the Befuddled. No Starch Press. ISBN 978-1-59327-573-0.
  24. ^ a b Staff, Verge (13 December 2013). "Casascius, maker of shiny physical bitcoins, shut down by Treasury Department". The Verge. Archived from the original on 10 January 2014. Retrieved 10 January 2014.
  25. ^ a b c d e Ahonen, Elias; Rippon, Matthew J.; Kesselman, Howard (2016). Encyclopedia of Physical Bitcoins and Crypto-Currencies. Elias Ahonen. ISBN 978-0-9950-8990-7.
  26. ^ Mack, Eric (25 October 2011). "Are physical Bitcoins legal?". CNET. Archived from the original on 26 June 2019. Retrieved 19 May 2019.
  27. ^ British Museum (2012). "Bitcoin token with digital code for bitcoin currency". Archived from the original on 2019-10-10. Retrieved 17 May 2019.
  28. ^ a b c Arapinis, Myrto; Gkaniatsou, Adriana; Karakostas, Dimitris; Kiayias, Aggelos (2019). A Formal Treatment of Hardware Wallets (PDF) (Technical report). University of Edinburgh, IOHK.
  29. ^ Baloian, Artiom (2021-12-18). "How To Generate Public and Private Keys for the Blockchain". Medium. Archived from the original on 2023-09-27. Retrieved 2023-09-27.
  30. ^ Singer, David; Singer, Ari (2018). "Big Numbers: The Role Played by Mathematics in Internet Commerce" (PDF).
  31. ^ Kraft, James S. (2018). An introduction to number theory with cryptography. Lawrence C. Washington (2nd ed.). Boca Raton, FL. ISBN 978-1-315-16100-6. OCLC 1023861398.{{cite book}}: CS1 maint: location missing publisher (link)
  32. ^ "Yadav, Nagendra Singh & Goar, Vishal & Kuri, Manoj. (2020). Crypto Wallet: A Perfect Combination with Blockchain and Security Solution for Banking. International Journal of Psychosocial Rehabilitation. 24. 6056-6066. 10.37200/IJPR/V24I2/PR2021078". Archived from the original on 2021-09-16. Retrieved 2021-09-16.
  33. ^ Guler, Sevil (2015). "Secure Bitcoin Wallet" (PDF). UNIVERSITY OF TARTU FACULTY OF MATHEMATICS AND COMPUTER SCIENCE Institute of Computer Science Computer Science Curriculum: 48. Archived (PDF) from the original on 2021-06-28. Retrieved 2021-04-25 – via core.ac.uk.
  34. ^ Shaik, Cheman. (2020). Securing Cryptocurrency Wallet Seed Phrase Digitally with Blind Key Encryption. International Journal on Cryptography and Information Security. 10. 1-10. 10.5121/ijcis.2020.10401.
  35. ^ Jokić, Stevo & Cvetković, Aleksandar Sandro & Adamović, Saša & Ristić, Nenad & Spalević, Petar. (2019). Comparative analysis of cryptocurrency wallets vs traditional wallets. Ekonomika. 65. 10.5937/ekonomika1903065J.
  36. ^ a b c Vasek, Marie; Bonneau, Joseph; Castellucci, Ryan; Keith, Cameron; Moore, Tyler (2017). "The Bitcoin Brain Drain: Examining the Use and Abuse of Bitcoin Brain Wallets". In Grossklags, Jens; Preneel, Bart (eds.). Financial Cryptography and Data Security. Lecture Notes in Computer Science. Vol. 9603. Berlin, Heidelberg: Springer. pp. 609–618. doi:10.1007/978-3-662-54970-4_36. ISBN 978-3-662-54970-4.
  37. ^ Kent, Peter; Bain, Tyler (2022). Bitcoin For Dummies. John Wiley & Sons. p. 102. ISBN 978-1-119-60213-2. Archived from the original on 2023-04-08. Retrieved 2023-02-22.
  38. ^ a b Castellucci, Ryan. "Cracking Cryptocurrency Brainwallets" (PDF). rya.nc. Archived (PDF) from the original on 8 November 2020. Retrieved 28 December 2022.
  39. ^ "The New Frontier: Cryptocurrency Wallets and DApp Browsers Redefining Access | SimpleSwap". SimpleSwap | Cryptocurrency exchange blog. Archived from the original on 2024-05-18. Retrieved 2024-05-18.
  40. ^ a b c Antonopoulos, Andreas (12 July 2017). Mastering Bitcoin: Programming the Open Blockchain. O'Reilly Media, Inc. ISBN 9781491954386. Retrieved 14 September 2017.
  41. ^ "Bitcoin Wallets: What You Need to Know About the Hardware". The Daily Dot. 2018-11-20. Archived from the original on 2021-03-22. Retrieved 2019-03-10.
  42. ^ "Bitcoin Startup Predicts Cryptocurrency Market Will Grow By $100 Billion in 2018". Fortune. Archived from the original on 2020-12-04. Retrieved 2019-02-15.
  43. ^ Graham, Luke (2017-07-20). "$32 million worth of digital currency ether stolen by hackers". www.cnbc.com. Archived from the original on 2021-03-08. Retrieved 2019-02-15.
  44. ^ Bellare, Mihir; Neven, Gregory (2006). "Identity-Based Multi-signatures from RSA". Topics in Cryptology – CT-RSA 2007. Lecture Notes in Computer Science. Vol. 4377. pp. 145–162. CiteSeerX 10.1.1.207.2329. doi:10.1007/11967668_10. ISBN 978-3-540-69327-7. {{cite book}}: |journal= ignored (help)
  45. ^ Oranburg, Seth C., ed. (2022), "Cryptographic Theory and Decentralized Finance", A History of Financial Technology and Regulation: From American Incorporation to Cryptocurrency and Crowdfunding, Cambridge: Cambridge University Press, pp. 112–128, doi:10.1017/9781316597736.010, ISBN 978-1-107-15340-0, retrieved 2023-02-26
  46. ^ "Bip32". University of Texas at Austin. Archived from the original on 17 October 2021. Retrieved 17 October 2021.
  47. ^ Gutoski, Gus; Stebila, Douglas. "Hierarchical deterministic Bitcoin wallets that tolerate key leakage" (PDF). iacr.org. International Association for Cryptologic Research. Archived (PDF) from the original on 25 September 2018. Retrieved 2 November 2018.
  48. ^ Acharya, Vivek (30 June 2021). "How Ethereum Non-Deterministic and Deterministic Wallets Work". Oracle Corporation. Archived from the original on 17 October 2021. Retrieved 17 October 2021.
  49. ^ "Air-gap jumpers on cyber.bgu.ac.il". Archived from the original on 2019-08-19. Retrieved 2018-10-17.
  50. ^ Sigalos, MacKenzie (2022-11-12). "FTX says it's removing trading and withdrawals, moving digital assets to a cold wallet after a $477 million suspected hack". CNBC. Archived from the original on 2022-11-19. Retrieved 2023-12-03.
  51. ^ Budgar, Laurie (2021-01-04). "What Is a Digital Wallet, and How Does It Work?". Reader's Digest. Archived from the original on 2024-05-18. Retrieved 2024-05-18.
  52. ^ Vittorio, Andrea. "Virtual Green Cards Offer Path for Digital Wallets' Data Privacy". news.bloomberglaw.com. Archived from the original on 2023-12-03. Retrieved 2023-12-03.