Cryptocurrency wallet

A cryptocurrency wallet is a device, physical medium, program or an online service which stores the public and/or private keys for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often offers the functionality of encrypting and/or signing information. Signing can for example result in executing a smart contract, a cryptocurrency transaction (see "bitcoin transaction" image), identification, or legally signing a 'document' (see "application form" image).

History

In 2008 bitcoin was introduced as the first cryptocurrency following the principle outlined by Satoshi Nakamoto in the paper “Bitcoin: A Peer-to-Peer Electronic Cash System.” The project was described as an electronic payment system using cryptographic proof instead of trust. It also mentioned using cryptographic proof to verify and record transactions on a blockchain.

Starting in 2022, Forbes reported 60 large crypto exchanges trading above USD 100 billion.

In March 2022, approximately 600 crypto exchanges globally facilitated digital asset trading, including Binance, Coinbase, Crypto.com, Gemini, GMO Coin, Huobi, eToro, Kraken, Robinhood. Aside from cryptocurrency exchanges, consumers had an option to utilize cryptocurrency wallets such as Ledger, Trezor, MetaMask and others for the secure storage and management of digital assets.

Software wallets

The first wallet program, simply named Bitcoin, and sometimes referred to as the Satoshi client, was released in 2009 by Satoshi Nakamoto as open-source software. In version 0.5 the client moved from the wxWidgets user interface toolkit to Qt, and the whole bundle was referred to as Bitcoin-Qt. After the release of version 0.9, the software bundle was renamed Bitcoin Core to distinguish itself from the underlying network. Bitcoin Core is, perhaps, the best known implementation or client. Forks of Bitcoin Core exist, such as Bitcoin XT, Bitcoin Unlimited, and Parity Bitcoin.

There are several modes in which wallets can operate. They have an inverse relationship with regard to trustlessness and computational requirements.

• Full clients verify transactions directly by downloading a full copy of the blockchain (over 150 GB as of January 2018). They do not require trust in any external parties. Full clients check the validity of mined blocks, preventing them from transacting on a chain that breaks or alters network rules.^{: ch. 1} Because of its size and complexity, downloading and verifying the entire blockchain is not suitable for all computing devices.
• Lightweight clients consult full nodes to send and receive transactions without requiring a local copy of the entire blockchain (see simplified payment verification – SPV). This makes lightweight clients much faster to set up and allows them to be used on low-power, low-bandwidth devices such as smartphones. When using a lightweight wallet, however, the user must trust full nodes, as it can report faulty values back to the user. Lightweight clients follow the longest blockchain and do not ensure it is valid, requiring trust in full nodes.

Third-party internet services called online wallets or webwallets offer similar functionality but may be easier to use. In this case, credentials to access funds are stored with the online wallet provider rather than on the user's hardware. As a result, the user must have complete trust in the online wallet provider. A malicious provider or a breach in server security may cause entrusted bitcoins to be stolen. An example of such a security breach occurred with Mt. Gox in 2011.

Cold storage

Wallet software is targeted by hackers because of the lucrative potential for stealing bitcoins. "Cold storage" simply means keeping the private keys out of reach of hackers by storing or generating them on a device that is not connected to the internet.^{: ch. 4 : 39} The credentials necessary to spend bitcoins can be stored offline in a number of different ways, from simple paper printouts of private keys, to specialized hardware wallets.^{: ch. 10}

Paper wallets

A paper wallet is created with a keypair generated on a computer with no internet connection; the private key is written or printed onto the paper and then erased from the computer.^{: ch. 4} The paper wallet can then be stored in a safe physical location for later retrieval.^: 39

Physical wallets can also take the form of metal token coins with a private key accessible under a security hologram in a recess struck on the reverse side.^: 38 The security hologram self-destructs when removed from the token, showing that the private key has been accessed. Originally, these tokens were struck in brass and other base metals, but later used precious metals as bitcoin grew in value and popularity.^: 80 Coins with stored face value as high as ₿1,000 have been struck in gold.^{: 102–104} The British Museum's coin collection includes four specimens from the earliest series^: 83 of funded bitcoin tokens; one is currently on display in the museum's money gallery. In 2013, a Utah manufacturer of these tokens was ordered by the Financial Crimes Enforcement Network (FinCEN) to register as a money services business before producing any more funded bitcoin tokens.^: 80

Hardware wallets

A hardware wallet is a computer peripheral that signs transactions as requested by the user. These devices store private keys and carry out signing and encryption internally, and do not share any sensitive information with the host computer except already signed (and thus unalterable) transactions. Because hardware wallets never expose their private keys, even computers that may be compromised by malware do not have a vector to access or steal them.^: 42–45The user sets a passcode when setting up a hardware wallet. As hardware wallets are tamper-resistant,^{: ch. 10} without the passcode the assets cannot be accessed.

Technology

Private and public key generation

A cryptocurrency wallet works by a theoretical or random number being generated and used with a length that depends on the algorithm size of the cryptocurrency's technology requirements. The number is converted to a private key using the specific requirements of the cryptocurrency cryptography algorithm requirement. A public key is then generated from the private key using whichever cryptographic algorithm is required. The private key is used by the owner to access and send cryptocurrency and is private to the owner, whereas the public key is to be shared to any third party to receive cryptocurrency.

Up to this stage no computer or electronic device is required and all key pairs can be mathematically derived and written down by hand. The private key and public key pair (known as an address) are not known by the blockchain or anyone else. The blockchain will only record the transaction of the public address when cryptocurrency is sent to it, thus recording in the blockchain ledger the transaction of the public address.

Duplicate private keys

Collision (two or more wallets having the same private key) is theoretically possible, since keys can be generated without being used for transactions, and are therefore offline until recorded in the blockchain ledger. However, this possibility is effectively negated because the theoretical probability of two or more private keys being the same is extremely low. The number of possible wallets and thus private keys is extremely high, so duplicating or hacking a certain key would be inconceivable.

Seed phrases

In modern convention a seed phrase is now utilised which is a random 12 to 24 (or even greater) list of dictionary words which is an unencrypted form of the private key. (Words are easier to memorize than numerals). When online, exchange and hardware wallets are generated using random numbers, and the user is asked to supply a seed phrase. If the wallet is misplaced, damaged or compromised, the seed phrase can be used to re-access the wallet and associated keys and cryptocurrency in toto.

Wallets

A number of technologies known as wallets exist that store the key value pair of private and public key known as wallets. A wallet hosts the details of the key pair making cryptocurrency transactions possible. Multiple methods exist for storing keys or seeds in a wallet.

A brainwallet or brain wallet is a type of wallet in which one memorizes a passcode (a private key or seed phrase). Brainwallets may be attractive due to plausible deniability or protection against governmental seizure, but are vulnerable to password guessing (especially large-scale offline guessing). Several hundred brainwallets exist on the Bitcoin blockchain, but most of them have been drained, sometimes repeatedly.

Crypto wallets vis-à-vis DApp browsers

DApp browsers are specialized software that supports decentralized applications. DApp browsers are considered to be the browsers of Web3 and are the gateway to access the decentralized applications which are based on blockchain technology. That means all DApp browsers must have a unique code system to unify all the different codes of the DApps.

While crypto wallets are focused on the exchange, purchase, sale of digital assets and support narrowly targeted applications, the browsers support different kinds of applications of various formats, including exchange, games, NFTs marketplaces, etc.

Characteristics

In addition to the basic function of storing the keys, a cryptocurrency wallet may also have one or more of the following characteristics.

Simple cryptocurrency wallet

A simple cryptocurrency wallet contains pairs of public and private cryptographic keys. The keys can be used to track ownership, receipt or spend cryptocurrencies. A public key allows others to make payments to the address derived from it, whereas a private key enables the spending of cryptocurrency from that address.

The cryptocurrency itself is not in the wallet. In the case of bitcoin and cryptocurrencies derived from it, the cryptocurrency is decentrally stored and maintained in a publicly available distributed ledger called the blockchain.

eID wallet

Some wallets are specifically designed to be compatible with a framework. The European Union is creating an eIDAS compatible European Self-Sovereign Identity Framework (ESSIF) which runs on the European Blockchain Services Infrastructure (EBSI). The EBSI wallet is designed to (securely) provide information, an eID and to sign 'transactions'.

Multisignature wallet

In contrast to simple cryptocurrency wallets requiring just one party to sign a transaction, multi-sig wallets require multiple parties to sign a transaction. Multisignature wallets are designed for increased security. Usually, a multisignature algorithm produces a joint signature that is more compact than a collection of distinct signatures from all users.

Smart contract

In the cryptocurrency space, smart contracts are digitally signed in the same way a cryptocurrency transaction is signed. The signing keys are held in a cryptocurrency wallet.

Key derivation

Sequential deterministic wallet

A sequential deterministic wallet utilizes a simple method of generating addresses from a known starting string or "seed". This would utilize a cryptographic hash function, e.g. SHA-256 (seed + n), where n is an ASCII-coded number that starts from 1 and increments as additional keys are needed.

Hierarchical deterministic wallet

The hierarchical deterministic (HD) wallet was publicly described in BIP32. As a deterministic wallet, it also derives keys from a single master root seed, but instead of having a single "chain" of keypairs, an HD wallet supports multiple key pair chains.

This allows a single key string to be used to generate an entire tree of key pairs with a stratified structure.

BIP39 proposed the use of a set of human-readable words to derive the master private key of a wallet. This mnemonic phrase allows for easier wallet backup and recovery, due to all the keys of a wallet being derivable from a single plaintext string.

Non-deterministic wallet

In a non-deterministic wallet, each key is randomly generated on its own accord, and they are not seeded from a common key. Therefore, any backups of the wallet must store each and every single private key used as an address, as well as a buffer of 100 or so future keys that may have already been given out as addresses but not received payments yet.^: 94

Concerns

When choosing a wallet, the owner must keep in mind who is supposed to have access to (a copy of) the private keys and thus potentially has signing capabilities. In case of cryptocurrency the user needs to trust the provider to keep the cryptocurrency safe, just like with a bank. Trust was misplaced in the case of the Mt. Gox exchange, which 'lost' most of their clients' bitcoins. Downloading a cryptocurrency wallet from a wallet provider to a computer or phone does not automatically mean that the owner is the only one who has a copy of the private keys.

A wallet can also have known or unknown vulnerabilities. A supply chain attack or side-channel attack are ways of introducing vulnerabilities. In extreme cases even a computer which is not connected to any network can be hacked.

To mitigate the risk of crypto wallet hacking, one can choose for a cold wallet, which remains offline and disconnected from the internet. A cold wallet refers to a physical device, such as a pen drive, that is utilized as a secure storage medium for transferring money from a hot wallet.

Security

Digital wallets provide similar security and benefits as traditional currency. When using a digital wallet, consumers don't need to fill out order forms on each site because their information is stored and automatically updated and inserted into merchant sites' order fields. Electronic wallets safeguard consumers' data with a private software code, while retailers get fraud protection, faster payment acceptance, lower transaction costs, and less theft loss.

Digital wallets are free and simple to get. When using a merchant site that accepts server-side digital wallets, customers enter their name, payment, and delivery information. Following the purchase, the customer is requested to register for a wallet with a user name and password for future purchases. Sites selling wallets can also be visited.

Digital wallets can be dedicated to a single cryptocurrency (examples: Bitcoin, Etherium, Ripple, Litecoin), or they can be multi-currency (Coinomi, CoinSpot, CoinVault, Cryptonator multi-cryptocurrency wallet, Exodus, Gatehub, Holy Transaction, Jaxx Wallet, UberPay Wallet, AnCrypto Wallet.

Wallets are free for consumers but cost retailers. Wallet sellers may receive a portion of merchant purchases made through their wallets. In other circumstances, digital wallet vendors conduct cardholder-merchant transactions for a set fee.

See also

• Cryptocurrency
• Cryptocurrency exchange
• Bitcoin
• List of bitcoin companies
• Cryptography
• Cryptocurrency and security
• Medium of exchange
• Private and Public key cryptography
• Mobile payment
• Digital gold currency

References

1. Wallet
2. Digital wallet
3. Airdrop (cryptocurrency)
4. Cryptocurrency exchange
5. Bitcoin
6. Blockchain.com
7. Cryptocurrency
8. Shiba Inu (cryptocurrency)
9. Tether (cryptocurrency)
10. Tron (cryptocurrency)
11. MetaMask
12. Cryptocurrency and crime
13. Binance
14. Bitcoin.com
15. Coinbase
16. Bitkey
17. List of cryptocurrencies
18. HTX (cryptocurrency exchange)
19. SafeMoon
20. Cardano (blockchain platform)