Cryptocurrency wallet: Difference between revisions

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages) Some of this article's listed sources may not be reliable. Please help improve this article by looking for better, more reliable sources. Unreliable citations may be challenged and removed. (January 2023) (Learn how and when to remove this message) This article relies excessively on references to primary sources. Please improve this article by adding secondary or tertiary sources. Find sources: "Cryptocurrency wallet" – news · newspapers · books · scholar · JSTOR (January 2023) (Learn how and when to remove this message) (Learn how and when to remove this message)

A cryptocurrency wallet is a device,^[1] physical medium,^[2] program or an online service which stores the public and/or private keys^[3] for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often offers the functionality of encrypting and/or signing information.^[4] Signing can for example result in executing a smart contract, a cryptocurrency transaction (see "bitcoin transaction" image), identification, or legally signing a 'document' (see "application form" image).^[5]

In 2008 bitcoin was introduced as the first cryptocurrency following the principle outlined by Satoshi Nakamoto in the paper “Bitcoin: A Peer-to-Peer Electronic Cash System.”^[6] The project was described as an electronic payment system using cryptographic proof instead of trust. It also mentioned using cryptographic proof to verify and record transactions on a blockchain.^[7][8]

The first wallet program, simply named Bitcoin, and sometimes referred to as the Satoshi client, was released in January 2009 by Satoshi Nakamoto as open-source software.^[9] In version 0.5 the client moved from the wxWidgets user interface toolkit to Qt, and the whole bundle was referred to as Bitcoin-Qt.^[10] After the release of version 0.9, the software bundle was renamed Bitcoin Core to distinguish itself from the underlying network.^[11][12] Bitcoin Core is, perhaps, the best known implementation or client. Forks of Bitcoin Core exist, such as Bitcoin XT, Bitcoin Unlimited,^[13] and Parity Bitcoin.^[14]

There are several modes in which wallets can operate. They have an inverse relationship with regard to trustlessness and computational requirements.^[15]

• Full clients verify transactions directly by downloading a full copy of the blockchain (over 150 GB as of January 2018^[update]).^[16] They do not require trust in any external parties. Full clients check the validity of mined blocks, preventing them from transacting on a chain that breaks or alters network rules.^{[17]: ch. 1} Because of its size and complexity, downloading and verifying the entire blockchain is not suitable for all computing devices.^{[citation needed]}
• Lightweight clients consult full nodes to send and receive transactions without requiring a local copy of the entire blockchain (see simplified payment verification – SPV). This makes lightweight clients much faster to set up and allows them to be used on low-power, low-bandwidth devices such as smartphones. When using a lightweight wallet, however, the user must trust full nodes, as it can report faulty values back to the user. Lightweight clients follow the longest blockchain and do not ensure it is valid, requiring trust in full nodes.^[18]

Third-party internet services called online wallets or webwallets offer similar functionality but may be easier to use. In this case, credentials to access funds are stored with the online wallet provider rather than on the user's hardware.^[19] As a result, the user must have complete trust in the online wallet provider. A malicious provider or a breach in server security may cause entrusted bitcoins to be stolen. An example of such a security breach occurred with Mt. Gox in 2011.^[20]

A paper wallet with a banknote-like design. Both the private key and the address are visible in text form and as 2D barcodes.

A paper wallet with the address visible for adding or checking stored funds. The part of the page containing the private key is folded over and sealed.

A brass token with a private key hidden beneath a tamper-evident security hologram. A part of the address is visible through a transparent part of the hologram.

A hardware wallet peripheral which processes bitcoin payments without exposing any credentials to the computer

Wallet software is targeted by hackers because of the lucrative potential for stealing bitcoins.^[21] "Cold storage" simply means keeping the private keys out of reach of hackers by storing or generating them on a device that is not connected to the internet.^{[22][17]: ch. 4 [23]: 39} The credentials necessary to spend bitcoins can be stored offline in a number of different ways, from simple paper printouts of private keys, to specialized hardware wallets.^{[17]: ch. 10}

A paper wallet is created with a keypair generated on a computer with no internet connection; the private key is written or printed onto the paper and then erased from the computer.^{[17]: ch. 4} The paper wallet can then be stored in a safe physical location for later retrieval.^[23]: 39

Physical wallets can also take the form of metal token coins^[24] with a private key accessible under a security hologram in a recess struck on the reverse side.^[25]: 38 The security hologram self-destructs when removed from the token, showing that the private key has been accessed.^[26] Originally, these tokens were struck in brass and other base metals, but later used precious metals as bitcoin grew in value and popularity.^[25]: 80 Coins with stored face value as high as ₿1,000 have been struck in gold.^{[25]: 102–104} The British Museum's coin collection includes four specimens from the earliest series^[25]: 83 of funded bitcoin tokens; one is currently on display in the museum's money gallery.^[27] In 2013, a Utah manufacturer of these tokens was ordered by the Financial Crimes Enforcement Network (FinCEN) to register as a money services business before producing any more funded bitcoin tokens.^{[24][25]: 80}

A hardware wallet is a small and portable computer peripheral that signs transactions as requested by the user. These devices store private keys and carry out signing and encryption internally,^[22] and do not share any sensitive information with the host computer except already signed (and thus unalterable) transactions.^[28] Because hardware wallets never expose their private keys, even computers that may be compromised by malware do not have a vector to access or steal them.^{[23]: 42–45}The user sets a passcode when setting up a hardware wallet.^[22] As hardware wallets are tamper-resistant,^{[28][17]: ch. 10} without the passcode the assets cannot be accessed.^[28]

A cryptocurrency wallet works by a theoretical or random number being generated and used with a length that depends on the algorithm size of the cryptocurrency's technology requirements. The number is converted to a private key using the specific requirements of the cryptocurrency cryptography algorithm requirement. A public key is then generated from the private key using whichever cryptographic algorithm is required. The private key is used by the owner to access and send cryptocurrency and is private to the owner, whereas the public key is to be shared to any third party to receive cryptocurrency.^[29]

Up to this stage no computer or electronic device is required and all key pairs can be mathematically derived and written down by hand. The private key and public key pair (known as an address) are not known by the blockchain or anyone else. The blockchain will only record the transaction of the public address when cryptocurrency is sent to it, thus recording in the blockchain ledger the transaction of the public address.^[4]

Collision (two or more wallets having the same private key) is theoretically possible, since keys can be generated without being used for transactions, and are therefore offline until recorded in the blockchain ledger. However, this possibility is effectively negated because the theoretical probability of two or more private keys being the same is extremely low. The number of possible wallets and thus private keys is extremely high,^[4][30][31] so duplicating or hacking a certain key would be inconceivable.^[32][33]

In modern convention a seed phrase is now utilised which is a random 12 to 24 (or even greater) list of dictionary words which is an unencrypted form of the private key. (Words are easier to memorize than numerals). When online, exchange and hardware wallets are generated using random numbers, and the user is asked to supply a seed phrase. If the wallet is misplaced, damaged or compromised, the seed phrase can be used to re-access the wallet and associated keys and cryptocurrency in toto.^[34]

A number of technologies known as wallets exist that store the key value pair of private and public key known as wallets. A wallet hosts the details of the key pair making cryptocurrency transactions possible. Multiple methods exist for storing keys or seeds in a wallet.^[35]

A brainwallet or brain wallet is a type of wallet in which one memorizes a passcode (a private key or seed phrase).^[36][37] Brainwallets may be attractive due to plausible deniability or protection against governmental seizure,^[38] but are vulnerable to password guessing (especially large-scale offline guessing).^[36][38] Several hundred brainwallets exist on the Bitcoin blockchain, but most of them have been drained, sometimes repeatedly.^[36]

DApp browsers are specialized software that supports decentralized applications. DApp browsers are considered to be the browsers of Web3 and are the gateway to access the decentralized applications which are based on blockchain technology. That means all DApp browsers must have a unique code system to unify all the different codes of the DApps.^[39]

While crypto wallets are focused on the exchange, purchase, sale of digital assets and support narrowly targeted applications, the browsers support different kinds of applications of various formats, including exchange, games, NFTs marketplaces, etc.

In addition to the basic function of storing the keys, a cryptocurrency wallet may also have one or more of the following characteristics.

A simple cryptocurrency wallet contains pairs of public and private cryptographic keys. The keys can be used to track ownership, receipt or spend cryptocurrencies.^[40] A public key allows others to make payments to the address derived from it, whereas a private key enables the spending of cryptocurrency from that address.^[41]

The cryptocurrency itself is not in the wallet. In the case of bitcoin and cryptocurrencies derived from it, the cryptocurrency is decentrally stored and maintained in a publicly available distributed ledger called the blockchain.^[40]

Multi-chain wallets are designed to support multiple blockchain networks, enabling users to store, manage, and transact different types of cryptocurrencies from a single interface. Unlike single-chain wallets, which are limited to a specific blockchain, multi-chain wallets provide a unified experience for handling various assets. These wallets enhance convenience and security by reducing the need for multiple wallet applications and providing integrated features for multiple digital assets.

Features of a multi-chain wallet:

• Support for Multiple Blockchains: Users can hold and manage various blockchains such as Bitcoin, Ethereum, Klever Blockchain, Binance Smart Chain, and more within one wallet.
• Enhanced Security: Typically incorporate advanced security measures including two-factor authentication and seed phrase backup.
• Interoperability: Facilitates seamless transactions across different blockchain networks.
• User-friendly Interface: Designed to be accessible and intuitive, making it easier for users to navigate and manage their assets.

Popular multi-chain wallets include Trust Wallet, Klever Wallet and Exodus, each offering unique features and support for multiple blockchains, therefore, hundreds of cryptocurrencies.

Some wallets are specifically designed to be compatible with a framework. The European Union is creating an eIDAS compatible European Self-Sovereign Identity Framework (ESSIF) which runs on the European Blockchain Services Infrastructure (EBSI). The EBSI wallet is designed to (securely) provide information, an eID and to sign 'transactions'.^[5]

In contrast to simple cryptocurrency wallets requiring just one party to sign a transaction, multi-sig wallets require multiple parties to sign a transaction.^[42] Multisignature wallets are designed for increased security.^[43] Usually, a multisignature algorithm produces a joint signature that is more compact than a collection of distinct signatures from all users.^[44]

In the cryptocurrency space, smart contracts are digitally signed in the same way a cryptocurrency transaction is signed. The signing keys are held in a cryptocurrency wallet.

A sequential deterministic wallet utilizes a simple method of generating addresses from a known starting string or "seed". This would utilize a cryptographic hash function, e.g. SHA-256 (seed + n), where n is an ASCII-coded number that starts from 1 and increments as additional keys are needed.^[45]

The hierarchical deterministic (HD) wallet was publicly described in BIP32.^[46] As a deterministic wallet, it also derives keys from a single master root seed, but instead of having a single "chain" of keypairs, an HD wallet supports multiple key pair chains.

This allows a single key string to be used to generate an entire tree of key pairs with a stratified structure.^[47]

BIP39 proposed the use of a set of human-readable words to derive the master private key of a wallet.^{[citation needed]} This mnemonic phrase allows for easier wallet backup and recovery, due to all the keys of a wallet being derivable from a single plaintext string.^[how?]

In a non-deterministic wallet, each key is randomly generated on its own accord, and they are not seeded from a common key. Therefore, any backups of the wallet must store each and every single private key used as an address, as well as a buffer of 100 or so future keys that may have already been given out as addresses but not received payments yet.^{[48][40]: 94}

A wallet can also have known or unknown vulnerabilities. A supply chain attack or side-channel attack are ways of introducing vulnerabilities. In extreme cases even a computer which is not connected to any network can be hacked.^[49]

To mitigate the risk of crypto wallet hacking, one can choose for a cold wallet, which remains offline and disconnected from the internet. A cold wallet refers to a physical device, such as a pen drive, that is utilized as a secure storage medium for transferring money from a hot wallet.^[50]

When using a merchant site that accepts server-side digital wallets, customers enter their name, payment, and delivery information. Following the purchase, the customer is requested to register for a wallet with a user name and password for future purchases.^[51]

Digital wallets can be dedicated to a single cryptocurrency (examples: Bitcoin, Etherium, Ripple, Litecoin), or they can be multi-currency (Coinomi, CoinSpot, CoinVault, Cryptonator multi-cryptocurrency wallet, Exodus, Gatehub, Holy Transaction, Jaxx Wallet, UberPay Wallet, AnCrypto Wallet, Klever Wallet.

Wallets are free for consumers but cost retailers. Wallet sellers may receive a portion of merchant purchases made through their wallets. In other circumstances, digital wallet vendors conduct cardholder-merchant transactions for a set fee.^[52]

• Cryptocurrency
• Cryptocurrency exchange
• Bitcoin
• List of bitcoin companies
• Cryptography
• Cryptocurrency and security
• Medium of exchange
• Private and Public key cryptography
• Mobile payment
• Digital gold currency