Here’s the simplified explanation of how a crypto wallet works:
When you create a wallet, what you’re actually doing is creating a public/private key pair which gives you control over your crypto.
The public key let’s you receive crypto - your wallet address is derived from the public key and this is how other people send crypto to you.
The private key let’s you sign transactions. In other words, it enables you to spend crypto from that address.
So to sum it up:
Crypto wallets do not store your cryptocurrency.
Crypto wallets store your private keys. And this private key is associated with a public key, which is used to derive your wallet address.
So where is the cryptocurrency stored?
On the public ledger!
Public ledgers are essentially the cryptocurrency.
To make a transaction on a blockchain network you have to sign the transaction using your private key. When you make a transaction other people on the network can easily verify that it's you by using a mathematical function that takes in your signature and your public key (wallet address). When the transaction has been verified, people on the network update their ledgers to reflect the new balance associated with your public key (wallet address).
Private keys are simply a string of random numbers like such:
afdfd9c3d2095ef696594f6cedcae59e72dcd697e2a7521b1578140422a4f890
To explain this in a bit more detail, I’m going to use the Ethereum network as an example, but the key principles are generally the same across different blockchains.
On Ethereum a private key is generated based on the elliptical curve ecp256k1. On EC ecp256k1, any number between 1 to 2^256-1 is a valid private key.
So a crypto wallet private key is essentially just a random number…
But the set of possible numbers a private key can be generated from is so vast, that the probability of a third party guessing your private key is effectively zero.
The private key is used to create signatures required to spend crypto by proving ownership of the funds used in a transaction. So, the private key gives you control over all funds linked to the corresponding wallet address, in addition to access to contracts that authorise that address.
How your crypto wallet creates your private keys is incredibly important.
Creating an Ethereum private key involves picking a number between 1 and 2²⁵⁶. So it’s vital that this number is chosen at random. Otherwise, it would be trivial for a malicious actor to steal your private keys.
But how does your wallet guarantee that this number is randomly generated?
Well, most wallets use your underlying operating system’s random number generator to generate 256 random bits.
In the case of browser based wallets, they typically use the browser's native Crypto.getRandomValues function, which seeds itself with your operating system's entropy source. This is the best source of random numbers that a browser-based application can provide without your help.
In the case of a non-deterministic wallet, that’s about all it does. But these wallets are a pain in the arse to manage because if you lose the private keys, they’re lost forever. Which is why most wallets are deterministic or hierarchical deterministic wallets (HD). These wallets go a step further to generate your private keys, usually using a seed phrase - a set of 12 to 24 words, which can be used to recover your wallet if it’s ever lost or stolen.
So, most deterministic wallets generate your private keys by using the random number from your device to generate a seed phrase. And it’s this seed phrase which determines your private key.
Most wallets use a specification known as the BIP39 to generate a seed phrase - also known as a secret recovery phrase.
BIP stands for Bitcoin Improvement Proposals. And BIP39 recommends the use of a mnemonic phrase (a group of easy to remember words) to serve as a means to recover your wallet in the event that your wallet is compromised or lost. These 12 to 24 words in the Secret Recovery Phrase are generated from a list of 2048 words.
Generating a seed phrase has to begin with a random source of data, otherwise, an attacker could steal funds by regenerating your seed phrase. I’ve mentioned how your crypto wallets generates this random number, but how does it turn this into a seed phrase?
It does so by running your random number through a hashing function, specifically SHA 256, which generates a checksum. Part of that checksum is appended to the random data. And the resulting output is split into chunks of 11 bits, where each 11-bit chunk maps to a single word on the BIP39 word list.
BIP stands for Bitcoin Improvement Proposals. BIP39 recommends the use of a mnemonic phrase (a group of easy to remember words) to serve as a mean to recover your accounts in the event your accounts are compromised or lost. MetaMask calls this mnemonic phrase the Secret Recovery Phrase.
These 12 words in the Secret Recovery Phrase are generated from a list of 2048 words. The complete list of 2048 words can be found from here: https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt.
BIP39 uses mnemonic phrases of 12 or 24 words, depending on the
Each word in the secret recovery phrase has a number associated with it. So your random set of words can be mapped to a random number. And this number is used to form a seed integer, which is then used to create a set of public/private keys.
Things get a little more complicated when it comes to generating your public key. Your public key is derived from your private key. And your public key is well, public… So you don’t want hackers to be able to determine your private key by knowing your public key. To achieve this, your public key has to be created via a one way calculation. And it’s done so using elliptic curve cryptography.
That’s right. Public keys are generated on an elliptic curve.
An Ethereum public key is a point on an elliptic curve, a set of x and y coordinates that satisfy the elliptic curve equation.
It is formed from two numbers, joined together. These numbers are generated from the private key that can only go one way which means: you can calculate the public key if you have the private key, but you can’t calculate the private key from the public key.
Crypto wallets usually store your private keys on your device system’s data store. So for a browser wallet, this would be on the browser’s data store. And for a mobile wallet, your private key is held on your mobile device. In both cases the private key is encrypted with a password which you choose when you set up your wallet in the first place.
Of course, every wallet is different, but as a general rule this is the case - especially for standard self-custody wallets like MetaMask. So with most wallets your private key is attached to your device and encrypted with a password to keep it safe.
However, this does mean that your wallet and therefore your crypto is at risk to things like man-in-the-middle attacks, or your device being stolen.
This is why using an MPC wallet makes so much more sense. By using an MPC wallet you’re eliminating the single point of failure.
I touched on this briefly above, but in the case of a deterministic wallet your private keys can be recovered using your seed phrase. Now, not every wallet uses seed phrases, some wallets have alternative recovery methods.
In fact, in my opinion seed phrases create a horrible user experience. Because you still have to keep the seed phrase private and store it somewhere. And anyone with the seed phrase can steal your crypto. But anyway, I digress!
Most wallets have a recovery mechanism in place. With a lot of self-custody wallets this is typically the seed phrase.
Your recovery phrase can be seen as a master key which your wallet uses to calculate your private keys. This means that so long as your recovery phrase is the same, the calculation of the private keys will always have the same result.
So, in the event that you do lose your crypto wallet:
Downloading your wallet software on a new device and inputting your recovery seed phrase would give you back control over your wallet.
Your seed phrase is a mnemonic code consisting of 12-24 words that is used to recover your cryptocurrency wallet. Sometimes called a backup phrase, recovery phrase, or mnemonic sentence.
For example, it might look something like this:
No. Seed phrases and private keys are not the same! Your seed phrase gives you access to your wallet, but an hierarchical deterministic wallet can store multiple private keys and addresses, which are derived from your seed phrase.
Well, not all wallets use seed phrases. Thankfully, some wallets have alternative recovery methods. But the main reason for a seed phrase is that it’s one of the only recovery methods that allows you to remain completely anonymous. You could of course use a non-deterministic wallet, but if you lost your private keys, you’d have no way of ever getting control of your crypto again
No. The use of checksum means that not all seed phrases are valid.
In theory, there’s nothing stopping you from generating public/private key pairs using random seed phrases until you find a public key that matches a wallet address on the public ledger. However, statistically your chances of succeeding within your lifetime are small.
In the first instance, not all seed phrases are valid. So the BIP39 checksum would reject "most" of the wrong passphrases.
Assuming you can guess a seed phrase that actually maps to a public/private key pair - with an address that hasn’t been seen before on the blockchain, it would be valid. But in all likelihood it would have a balance of zero.
Yes, theoretically, there is a chance of someone guessing a public/private key pair with an address that has a non-zero balance.
But this chance is so low that for all intents and purposes we can ignore it.
A seed phrase can be used by a crypto wallet to generate your public/private key pairs and recover your accounts in the event that you lose access to your wallet.
Never share your seed phrase with anyone. And make sure to keep it offline.
Most people choose to write down their seed phrase on paper and keep it somewhere safe.
As you already know, I’m not a fan of basic hot wallets that rely on recovery seed phrases. Especially when it comes to keep large amounts of crypto safe.
You’re much better off using an MPC wallet which requires multiple approvals to execute a transaction. MPC makes it so much harder for hackers to exploit your wallet or steal your private keys.