A Hierarchical Deterministic (HD) wallet is a system that generates a family of key pairs (both public and private keys) from a single mnemonic phrase.
This wallet design enables the creation of an unlimited number of addresses from the initial seed, organising them into a hierarchical, tree-like structure.
This architecture not only enhances privacy by allowing users to generate a new address for each transaction but also significantly simplifies the secure management of digital assets because users need only to back up their mnemonic phrase.
Further Reading:
What is a Bitcoin Wallet
Hot Wallets vs. Cold Wallets
Mnemonic Phrase
A mnemonic phrase, as outlined in BIP39, is typically composed of 12, 18, or 24 words and is generated from a random seed number.
This seed acts as the core secret key to your digital assets, with the mnemonic phrase serving as a human-readable version of this seed.
Designed for ease of memorization and recording, the mnemonic ensures that users can reliably backup and restore their wallets.
The mnemonic phrase is the starting point HD wallets use to backup and restore access to your crypto assets.
Further Reading:
What is a Mnemonic Phrase
The Master Seed
The Master Seed is directly derived from a mnemonic phrase and is represented in either binary or hexadecimal format. It acts as the initial root from which all subsequent cryptographic keys are generated.
This binary or hexadecimal representation is necessary for the next steps in the cryptographic process, functioning as the technical foundation for generating a secure digital wallet. The mnemonic phrase, in contrast, serves as the user-friendly, human-readable form of this seed.
Further Reading:
Master Seed
Creating a Master Seed
Converting a Master Seed into a mnemonic phrase
Master Extended Key
After creating the Master Seed from the mnemonic phrase, the next step involves the Master Extended Key. This key consists of a private key paired with a chain code.
Like a traditional private key, it can generate a corresponding public key. However, the addition of the chain code enables the derivation of multiple child keys in a hierarchical tree structure.
Further Reading:
Extended Keys
Generating the Master Extended Key
Deriving Child Extended Keys
Once the Master Extended Key is set up, it can be used to derive child keys. These child keys are generated in a hierarchical tree structure, allowing for organised and secure management of multiple addresses or accounts within the same wallet.
Each child key can further derive its own set of child keys, creating a multi-level hierarchy. This structure enables users to separate their transactions and accounts for enhanced privacy and organisation. The child keys inherit the security properties of the master extended key, ensuring that all keys in the hierarchy are secure.
The process involves using the private key and chain code of the parent key (starting with the Master Extended Key) to produce child keys. Each child key then has its own unique chain code.
Child keys can be generated in two forms: hardened or non-hardened. The key difference lies in the security and accessibility of the keys:
Hardened Child Keys are derived in such a way that even if a single child private key is compromised, it does not jeopardise the security of the entire wallet. They prevent a potential attacker from deducing the parent key or other sibling keys, offering an added layer of security.
Non-Hardened Child Keys allow for more flexibility and are derived using a method that facilitates the generation of corresponding public keys without needing access to the private keys. This is particularly useful for creating public addresses where private key access is unnecessary or needs to be restricted.
Each extended child key, whether hardened or non-hardened, can include a private key (xPriv) for transactions requiring authentication or just a public key (xPub) for receiving transactions. This distinction allows for a balance between security and functionality, enabling the wallet to adapt to various needs and use cases.
Further Reading:
Deriving a Child Key
Hardened vs. Non-Hardened Keys
Deriving an xPub from an xPriv
Human Readable Extended Key
Selecting the Derivation Path
The derivation path specifies the sequence for deriving child keys from the master seed, indicating how to navigate the hierarchical structure to reach specific keys. It’s a notation that helps in organising and accessing various accounts or addresses generated from a single master seed.
A common format for a derivation path might look like *m/44’/0’/0’/0/0*, where each part separated by slashes represents a different level in the key hierarchy.
Further Reading:
Derivation Path
Importance of Derivation Paths
Private Key
After selecting the derivation path, you obtain an extended private key (xPriv). From this xPriv, the private key portion is used for operational purposes.
This key enables the signing of transactions and demonstrates ownership of cryptocurrency assets.
Essentially, a private key is a substantial random number that functions similarly to a password or PIN in traditional banking. For Bitcoin and similar cryptocurrencies, this number is 256 bits long, offering a high level of security.
Further Reading:
Private Key: What It Is and How It Works
Public Keys
Public keys are generated from their corresponding private keys. While generating a public key from a private key is straightforward, deducing the private key from the public key is computationally infeasible, thanks to cryptographic security measures.
Public keys are intended to be shared openly. They are essential for creating cryptocurrency addresses and play a crucial role in transactions. Specifically, they verify that a transaction is authorised by the holder of the corresponding private key without revealing that private key.
Further Reading:
Bitcoin Public Key
Generating a Public Key
Crypto Address
A cryptocurrency address, often simply referred to as a crypto address, represents the final piece in the cryptocurrency transaction chain.
It functions as the destination for cryptocurrency transactions and is what users share publicly to receive funds.
Further Reading:
Bitcoin Address
Types of Bitcoin Addresses