There’s No ‘Currency’ in Your Cryptocurrency Wallet: Part 1
What is a Cryptocurrency Wallet?
In our day to day lives, a wallet has always been something that lets us enjoy somewhat of convenience by carrying money, credit cards, ID, etc. on our behalves. So when we think of a ‘cryptocurrency wallet’, it, of course, reminds us of an actual wallet that stores cryptocurrencies.
Surprisingly, there isn’t any cryptocurrency in a cryptocurrency wallet! A cryptocurrency wallet is only a tool that stores and manages private keys that are used for creating and signing transaction data.
If so, where exactly is it stored? My assets, the sum of my key and the linked address’ UTXO (if Bitcoin) or my key and linked address’ balance (if Ethereum), all of these are on the shared blockchain network.
Let’s say someone had accidentally lost the key. This doesn’t necessarily mean his/her assets are also lost. But what it actually means is that he/she can’t prove that those assets are still (or were) his/her possessions.
Therefore, the most important thing in crypto asset management is actually managing the key itself. A cryptocurrency wallet, therefore, can be seen as a tool that manages that specific and important key.
Transaction Authentication and Encryption Technology
Cryptocurrency transactions must all be signed via ‘public-key cryptography’ in order to gain validity. Public-key cryptography refers to an encryption process.
When people use cryptocurrency for transactions, it’s all about verifying transactions with a public key that was signed with a specific private key in order to prove who the principal of the transaction was.
[Public-key cryptography: https://en.wikipedia.org/wiki/Public-key_cryptography ]
If a list of random enumeration of256-bit numbers gets exposed, it allows others to pretend and sign valid transactions on your behalf. In other words, all your assets can be stolen. Protecting and managing the private key as safe as possible is the most important priority of owning cryptocurrencies in a cryptocurrency wallet, to begin with.
A public key literally means a key that is open to the public. You can easily create public keys with private keys, but it’s impossible for others (non-owners) to create your private key with other public keys.
Therefore, even if the public key is exposed, unless the person has a pairing private key, it’s impossible to utilize the public key. A cryptocurrency wallet address is created through a double hashing encoding process which repeatedly applies SHA-256 one-way encryption on the public key.
In other words, the address is created through one-way encryption and public keys isn’t enough to derive private keys directly from the public keys.
The Development History of Cryptocurrency Wallet
We believe that the development of human civilization was all about using tools (for convenience) and developing them. This has got to do a lot with the development of the cryptocurrency wallet and its technologies as well.
By now you might wonder, ‘Would it be possible to sign transactions when I have one private key and one public key?’
The answer is no.
On each transaction history, you can see how the name, address, and the information of the public key are recorded. All the transactions can be seen by anyone, therefore it’s very simple to figure out who owns what (a type of cryptocurrency) and how much.
The first-ever cryptocurrency wallet used to at least create more than a hundred private keys randomly in order to avoid any re-uses. It also used separate private and public keys for each coin and occasion.
But by doing this, it was possible to prevent wallets from privacy issues and was very inconvenient due to storing and managing all the keys used for every single transaction. (Since keys were randomly created, it is called ‘Random Wallets’, or ‘Non-Deterministic Wallets’)
To resolve the inconvenience of non-deterministic wallets, deterministic wallets were developed.
It used random seed value by selecting a sample from multiple sampling numbers, which is the reason why it’s called ‘Seeded Wallets’.
Deterministic wallets don’t create random keys but only in order, therefore allowed the users to back-up and manage all the keys used for transactions as long as they wanted to re-create private keys from seeds.
[ BIP-0032 : https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki ]
However, this doesn’t mean that everything had been resolved.
There are countless types of cryptocurrencies and an individual can own different addresses – meaning it’s not quite possible to manage all the environments with just deterministic wallets.
This is when the concept of Hierarchical Deterministic Wallets came in.
Known as the ‘HD Wallet’, it hierarchically creates and manages private keys from master seed, which allowed the management of various cryptocurrencies and addresses in one wallet.
HD Wallet became standardized by the name of ‘BIP-0032’ and now there are BIP-0043 and BIP-0044 that remedied BIP-0032’s shortcomings.
Mnemonic Code, Seed that Humans Can Read
In an HD Wallet environment, you can recover the entire wallet by recreating all the keys as long as you have your master seed with you. However, it’s not easy to remember what master seed was, which is basically a random mix of 32-digit texts in hex. It’s not consisted of ‘words’ that humans can read and memorize.
Mnemonic Code was what solved this issue. It helped the users to easily use the wallets without having to understand all the technologies.
It consists of common vocabularies which might make it seem vulnerable, however, if hackers try broute-force attacking to hack the wallet, even with a fifty-fifty chance of success, they still need to try as many times as 127 multipliers of 2.
Therefore, it’s found to be more efficient to just mine cryptocurrencies than to hack.
Just Because It Works… Doesn’t Mean It’s Safe
Anyone can technically create a wallet by using the above-mentioned technologies. All technologies deployed to making wallets are opened to the public, so it’s at least possible to create wallets without having an intimate knowledge of the technologies.
It can’t be safe to store anything, but still is, a cryptocurrency wallet.
However, now we all know that a safe cryptocurrency wallet isn’t all about wallets and its functions anymore. Even if you developed the most powerful cryptocurrency wallet in the world, the stored assets can be gone in a wink.
Those numerous cryptocurrency wallet hacking incidents did not just happen because they weren’t made safely. A chain is only as strong as its weakest link – and cryptocurrency wallet isn’t an exception.
Safe cryptocurrency wallets need to form a safe cryptocurrency environment and need to be operated within that environment. All of 1) Cryptocurrency wallet technology, 2) Security technologies like encryption and 3) Architecture technology to build that safe environment – are needed in order to create safe cryptocurrency wallets.