How does a wallet actually work? This is a fundamental topic that everyone who wants to use Bitcoin will have to deal with sooner or later. This article introduces the basic principle of a wallet, goes into more detail about modern wallets as they are used today and finally shows the differences between different types of wallets.
Publishing transactions in the Bitcoin network, receiving Bitcoin or generally obtaining a clear summary of your holdings is theoretically possible manually - but almost every user uses a wallet for this. A tool that helps you with precisely these tasks and more.
Contrary to what you might think when you hear the term "wallet", a Bitcoin wallet does not actually contain any Bitcoin. At least not directly. The information about who owns and is allowed to spend how much Bitcoin is stored decentrally on thousands of computers in a ledger, the blockchain.
If you want to spend Bitcoin, i.e. send it to someone, a transaction is published in the Bitcoin network, which is provided with a digital signature. This signature confirms, without publishing any secret information, that you are in possession of the corresponding private key. These private keys are managed and stored by the wallet.
As the name suggests,private keys must never be made public, as otherwise you would gain control over all the Bitcoin that can be spent with them. This is where the basic rule widely used in the Bitcoin community comes from...
Not your keys, not your coins!
Not your keys, not your coins!
It is therefore essential to take the safekeeping of your Bitcoin into your own hands, i.e. to use your own wallet. Then, and only then, can you technically claim to own Bitcoin. If you store your Bitcoin with a crypto exchange, for example, you have nothing more than a promise from the provider, which in the vast majority of cases is not insured.
In simple terms, every wallet works according to the same principle: a random private key is generated from which a public key is derived. These "keys" are nothing more than very large numbers. However, there is a mathematical relationship between the private and public keys. This is crucial in order to be able to verify a digital signature created with the private key using the public key alone, i.e. without secret information.
Finally, a Bitcoin address can be built from the public key. Somehow, the possibility of being able to receive Bitcoin at all must ultimately be created. The address itself is usually a hash value, i.e. something like a fingerprint, of the public key, which is equipped with additional details, such as a function to detect typing errors.
More precisely, an address provides a kind of construction manual for how the wallet should construct a transaction. Because on a technical level, there are actually no addresses in the Bitcoin network.
Reading tip: The Bitcoin script language explained simply
Nowadays, there is far more functionality, but also complexity, behind a Bitcoin wallet than you might think at first glance. Whereas in the past, individual key pairs were actually generated and used manually for transactions, today's wallets are all based on a master key, a secret that can be used to derive any number of keys for different purposes and can be restored at any time. This is officially referred to as an HD wallet.
This simplifies use and dramatically reduces the potential for errors, but is also somewhat more difficult to understand. However, the basic principle described above remains the same - only the way to get there is different.
A Bitcoin wallet can also be imagined as a large tree. At the root of this tree is a large, random number. This is the absolute cornerstone of the wallet and influences all keys that are later derived from it.
However, since such large random numbers are rather impractical for humans, we can simply represent them in a different format, namely using a long word list in the form of normal English words. This representation is often called "seed words" or "seed phrase", although strictly speaking the tongue twister "mnemonic phrase" is most accurate, and is usually 12 or 24 words long.
Here is an example of such a random number, together with the corresponding mnemonic:
159639691159477030235761861086753305317
job slogan brown term alarm use impulse attitude long earn uncover slam
These 12 words are all that is needed to derive all of the wallet's keys and thus restore them at any time. So you need to keep a close eye on these words, because if you know them, you effectively own all the Bitcoin controlled by the wallet!
So you don't open an "account" in the Bitcoin network like you would with a bank, but generate your own bouquet of keys completely by chance. But isn't it possible for someone else to randomly generate the same keys as you? Theoretically, this is indeed possible, but the numbers we are talking about here are so gigantic that the probability of finding a key that has already been used is extremely low and therefore negligible.
It is just as important to handle the mnemonic carefully as it is to back it up in case of an emergency. This should always be analog, e.g. written down on a piece of paper or even punched into steel. A digital backup, e.g. as a photo on a smartphone or in the cloud, is generally not advisable. After all, backups are only intended for rare emergencies, and the supposed advantage of being able to quickly retrieve them digitally poses an unnecessary security risk.
A backup should also be documented in as much detail as possible. In addition to the 12 or 24 words, it can be useful to include a name, the creation date, the wallet software or hardware used and other peripheral information.
An often neglected feature of modern wallets is the use of so-called derivation paths. It has already been mentioned that the keys of a wallet can be visualized using a tree. A derivation path can be imagined as a signpost that indicates a clear path through the various branches and twigs in the tree in order to land on the right leaves, i.e. the right keys.
Different derivation paths are therefore used for different wallet standards, and the vast majority of wallet developers adhere to them. For example, a frequently used derivation path looks like this: m/84'/0'/0'/0/0. This may look strange at first glance, but it only contains information about which key is to be derived at which level in the tree.
The following diagram summarizes the structure of a wallet once again. We start at the top with the random number and work our way up to a theoretically arbitrarily large tree of keys via the mnemonic. We use a specific derivation path in this tree to generate the actual key pairs that are later used to send and receive Bitcoin.
The topic of derivation paths has only been touched on superficially in this article. It is advisable to take a closer look at this important feature of HD wallets.
Reading tip: How do HD wallets work and what are derivation paths?
Once you have understood how wallets work, the next question is which wallet you should actually use. Of course, there is no one-size-fits-all answer to this question; nevertheless, wallets can be categorized according to security criteria and range of functions and recommendations can be made accordingly.
Remember: the more difficult it is to gain access to the private keys or carry out other manipulations, the more secure the wallet can be classified. A distinction is often made as to whether the wallet has direct access to the internet or not. This results in two common general terms:
The idea behind this, namely that wallets connected to the internet are much more vulnerable, is of course correct, but should never be used as the sole criterion. For example, a cold wallet is not automatically "secure" just because it is not directly connected to the internet. Every wallet inevitably has to communicate with the Bitcoin network sooner or later, namely to publish transactions. For this reason alone, there can be no one hundred percent guaranteed security, as there will always be potential vulnerabilities that an attacker could exploit.
For higher amounts, it is worth investing in a hardware wallet. They elegantly compensate for the vulnerabilities of conventional hot wallets without posing any additional challenges for the user. Good hardware wallets reduce the potential for errors enormously, as they are optimized to prevent insecure use in the first place, even if the user is clumsy.
The question of a specific amount above which a hardware wallet is worthwhile can only be answered subjectively. To illustrate this, a comparison can be made with an ordinary wallet. Would you walk through a big city with €100 cash in your pocket? Probably yes. How about €100,000? No way!
A hardware wallet suitable for both beginners and advanced users is the one fromBlocktrainer.derecommended BitBox02:
Other well-known brands such as Ledger or Blockstream are also recommended and offer different advantages depending on your requirements. You can find an overview of various hardware wallets here.
Paper wallets are still a popular relic from the early days of Bitcoin. These are simply a manually generated key pair that you can print out on a piece of paper, which has nothing to do with the modern wallet standard that we have just seen.
Such paper wallets are often seen as particularly secure cold wallets, which is misleading and sometimes simply wrong for several reasons. It is no longer advisable to actively use such paper wallets these days!
Some of these reasons are:
No master has fallen from the sky yet. If you still have difficulties using your own wallet at the beginning, you can contact us at any time in our free Blocktrainer forum and ask for help! 🙂
