Wallets

All participants in a given blockchain network use wallets.

These wallets each have a set of unique addresses, often referred as 'accounts', just like a bank account has an account number. A noteworthy difference between a bank account and a blockchain wallet is that the blockchain wallet's addresses are public, meaning anyone can find them and see their contents.This may seem strange and insecure at first, but having an address and knowing its contents will mean nothing to a stranger since they won't know who owns the account or be able to do anything with its contents since they lack they private key to that account. Furthermore, anyone on the network can send assets to an address, but only the owner of an address can send assets from their address.

Wallet Structure

The most common wallet structure you will see in the wild is a seed phrase. A seed phrase is a human-readable representation of your wallet keys which is used to create a master seed (which is a hash of the seed phrase) from which the Master Private Key (MPK) is derived (again, as a hash of the master seed). This is how MetaMask, the most common wallet extension, operates and it is basically industry standard at this point.

The private key is then used to create addresses/accounts. An arbitrarily large number of addresses may be derived from the private key and the same addresses are always produced in the same order from a specific private key. This means the method of generating addresses is deterministic. The most advanced type of deterministic wallets are hierarchical deterministic wallets (or HD wallets), where the keys are generated in a tree structure (parent keys create children keys which create grandchildren keys and so forth).

On Ethereum, these accounts/addresses are used just like a bank account, each address has a balance of ether and tokens/NFTs, when you send or receive tokens, the address's balance is updated on the blockchain just like you'd expect. This we call the account model. On Bitcoin, you may have received your first incoming tx to the primary address in the wallet's address list. Now, when you send even a small amount of BTC to an external address, all of the BTC in your wallet is included in the transaction, so it appears that all the BTC has been transferred out of your account, but this is not so. Only the intended transacted amount is sent plus a small fee paid to a miner, the remainder is then sent back to your wallet BUT to the next address in your wallet, which was derived from your private key. We call this the UTXO model.

Derivation Paths

Derivation paths are used to derive addresses from a private key. They can be seen as a way to implement addresses, and they're essential to understanding how wallet/address generation works.

An example of a derivation path: m/44'/60'/0'/0'/0 or more generally: m/purpose/coin_type/account/change/index

In the above example m is a character that helps programmers know what type of path they are looking at, it could be any letter, but 'm' lets us know that what we are seeing is a derivation path, specifically.

Purpose

The 44' (purpose) tells us that it follows the bip-44 standard.

Coin_type

The 60' coin_type Is a field for specifying which coin type the address pertains to. 60' lets us know it's an Ethereum address, another example is a Bitcoin address which would have a 0' in this space. Each coin has a specific number.

Account

This field splits the key space into independent accounts so the wallet does not mix coins between different accounts. You can think of these incremental accounts as bank accounts.

Change

This is more useful in Bitcoin and was generally used to generate "change" accounts where unspent transaction outputs would be sent following a transaction. Not really used in Ethereum addresses.

Index

Another variable to generate addresses. There is no limit to how many addresses can be generated.

The ' symbol in derivation paths is used to denote that addresses private keys uses hardened derivation, meaning that if a private key from one of the generated accounts is compromised it only compromises THAT corresponding address and not all the other addresses..

Last updated