How Is Private Key Generated In Hardware Wallet

Posted : admin | On 11-05-2021

A private key in the context of Bitcoin is a secret number that allows bitcoins to be spent. Every Bitcoin wallet contains one or more private keys, which are saved in the wallet file. The private keys are mathematically related to all Bitcoin addresses generated for the wallet.

  • Understanding addresses, public keys, and private keys is critical to understanding how cryptocurrencies work. A wallet address is a randomly generated set of numbers and letters This set usually consists of 26 to 35 alphanumeric characters.
  • The main idea behind a hardware cryptocurrency wallet is to store the cryptographic seed in a manner that it never leaves the device. All the cryptosigning stuff is done inside the wallet, not on a computer that it is connected to. Therefore even if your computer.
  • The most simple transaction has one input and one output; i.e. It spends coins from one source address to one destination address. To be valid, the amount of output coins must not exceed the amount of input coins, and to be verified the output address hash is signed by the input address' private key.
HomeEssentialHow Do Hardware Wallets like the Ledger Nano S Work?

One of the most common questions new crypto-enthusiasts have is how hadware wallets like the Ledger Nano S can possibly be the most secure way to store cryptocurrency? What if the device gets stolen or destroyed?

In this post we'll try to explain how such a device works in a technical (but hopefully human-readable) way, detailing how it does what it does and how it can be this flexible and yet this secure.

Before we dive into explanations, it's recommended you read this short post about cryptocurrency wallets, so that the terminology used in the rest of the article becomes clear.

BIP

When the blockchain appeared as the technology behind Bitcoin, and a group of programmers / scientists wanted to propose a new feature, they had to formalize and present that idea in a way that's readable and understandable by all participants of the bitcoin network. Such formal proposals were called Bitcoin Improvement Proposals or BIPs. All BIPs are publicly discussed before being implemented into the blockchain.

By setting up a good foundation for new ideas, this allowed other blockchains to adopt the good ideas that they liked and discard the ones they didn't.

This is where things get a little more technical and complex. We promise it'll be worth it by the end of this post – keep reading!

One such good idea was BIP 39. BIP 39 uses math to figure out how to use a set of 24 regular words to get a seed – a big random number from which further keys for crypto wallets are later generated.

Curiosity: If you're interested in taking a look at the lists of supported words, see here.

How is private key generated in hardware wallet free

BIP 39 also defines a way to secure these 24 words with an additional passphrase which counts as word 25. If no passphrase is selected, an empty one is used, so it's essentially always 24 words + passphrase (empty or not).

Curiosity: This passphrase differs from passwords you're used to in various interfaces in that it doesn't produce an error message if the wrong one is used. Any passphrase in combination with 24 words produces a valid seed, which is useful in plausible deniability scenarios – an extortion-protection mechanism we'll explain later.

This generated seed number is used to generate a root key – an unguessable combination of letters and numbers – for each cryptocurrency you're interested in. Every blockchain has its own method of generating the root key from the seed, and in the example of bitcoin that's BIP 32 which results in a key like this one: xprv9s21ZrQH143K3QTDL4LXw2F7HEK3wJUD2nW2nRk4stbPy6cq3jPPqjiChkVvvNKmPGJxWUtg6LnF5kejMRNNU3TGtRBeJgk33yuGBxrMPHi.

This key is then used to generate several private keys which then become cryptocurrency wallets for a given blockchain.

Confused?

It all boils down to this: BIP 39 is used to pick a certain combination of words, which may or may not be passphrase-protected, which are then used to generate wallets with a formula such as the one described in BIP 32.

So what does all this have to do with a device like the Ledger?

Ledger

When you first turn a Ledger device on, it'll generate the aforementioned 256-bit seed. This seed number will be used to calculate 24 words which are then shown on the device's screen.

The user should then write these 24 words down on a piece of paper which comes in the box with the Ledger, and keep that paper safe, away from the Ledger itself.

In addition to that, the Ledger requires the use of a PIN which can have 4 to 8 digits. If, after setting it up, the PIN is wrongly inputted 3 times in a row, the Ledger will self-destruct all data on it.

How Is Private Key Generated In Hardware Wallet For Women

Should the Ledger ever get destroyed, stolen, or lost, the original owner of the device can use the words from the piece of paper to restore its contents – either on a backup Ledger, or in a software wallet like MyEtherWallet, thus regaining all funds and addresses. This is possible because all you need to regenerate the root key are those 24 words and the passphrase (if set).

It's important to say this again: the same root key will always be generated from the same combination of 24 words, and the same addresses will be generated from that root key. Therefore, to reclaim all wallets generated with a BIP 39 word phrase, all you need is the one single combination of 24 words inserted into hardware or software supporting that generation method.

Plausible Deniability

We mentioned extortion-protection previously, so let's explain it in this section.

The Ledger won't ask you for your passphrase when you turn it on, but it will ask you for your PIN. The passphrase can't be set when setting up the device for the first time, either – only in Settings can you subsequently add it.

This lets you attach a separate PIN to a passphrase in order to have two (or more). Each PIN will be bound to its own passphrase, and because of the aforementioned fact that 24 words + passphrase always produce a valid seed (there's no “Incorrect password” warning), it's easy to define a decoy PIN to give to someone who's forcing you to give it up.

In such an instance, inputting the secondary decoy PIN will not destroy the Ledger's data, but will open wallets corresponding to that passphrase when added to your 24 words. The robber won't know you haven't given him the real PIN, and he'll gain access to bogus addresses. For added effect, add some trivial amounts of cryptocurrency to the addresses to make them seem real – zero-balance addresses won't be as convincing.

The Probability of Guessing Keys

Many people wonder how easy it would be to just guess the 24 words and gain access to someone's wallet that way, especially considering BIP 39 isn't even using the whole dictionary, but only 2048 words.

There are 2^256 or 115792089237316195423570985008687907853269984665640564039457584007913129639936 possible combinations for the 24 words. If we assume that we have an impossible computer which is capable of guessing 100 trillion combinations a second, to try them all we'd need:

That's around 36717430000000000000536992568032848736216424136408984408 years, and that's only if you have a computer more powerful than anything that's ever even been imagined by mankind.

What if you know all the words, but not the order? In that case, the number of possible combinations is 24! (24 factorial).

An equally powerful computer would thus take:

That's 196.6 years.

So even if you knew all the words in someone's combination, but just needed to guess the order, you'd need 200 years of using a computer that's unimaginably powerful even by today's standards. If you don't know which words you need to guess, the number is multiplied by 2048 for every missing word. So not knowing just one of them in this case would increase the time required to guess all combinations to 400,000 years.

Conclusion

The Ledger is an exceptionally safe way of storing your cryptocurrency. It vastly outperforms any kind of USB-based storage where you just save your key into a file and put it away.

How

The device has its own processor which calculates the keys, which means your root key never leaves the device – this keeps it safe from potential viruses or auto-transacting malware installed on the computer you're using it with. In addition to that, the Ledger demands an extra hardware confirmation of any transaction – you need to press a button on the device whenever sending funds, or else it doesn't work. There's no sneaky funds siphoning with the Ledger.

If you lose or destroy your Ledger, it's trivial to get all the funds back by just punching in the 24 words obtained when first setting the device up. These words should be kept safe and away from prying eyes.

How Is Private Key Generated In Hardware Wallet Holder

You can use our web shop to buy the Bitfalls-branded Ledger at a price that's lower than retail. It's also possible to buy Ledger with extra options like cryptocurrency already on it, or an hour of Skype consultations alongside the purchase during which we'll explain everything about the device and help you set it up.

For any and all questions, there's also our email. Get in touch!

An example paper printable bitcoin wallet consisting of one bitcoin address for receiving and the corresponding private key for spending.

A cryptocurrency wallet is a device,[1] physical medium,[2] program or a service which stores the public and/or private keys and can be used to track ownership, receive or spend cryptocurrencies.[3] The cryptocurrency itself is not in the wallet. In the case of Bitcoin and cryptocurrencies derived from it, the cryptocurrency is decentrally stored and maintained in a publicly available ledger called the blockchain.[3]

Functionality

A cryptocurrency wallet, comparable to a bank account, contains a pair of public and private cryptographic keys. A public key allows for other wallets to make payments to the wallet's address, whereas a private key enables the spending of cryptocurrency from that address.[4]

Wallet types

How Is Private Key Generated In Hardware Wallet Size

Wallets can either be digital apps or be hardware based.[5] They either store the private key with the user, or the private key is stored remotely and transactions are authorized by a third party.

An actual bitcoin transaction from a web based cryptocurrency exchange to a hardware wallet (a Ledger Nano S).

Multisignature wallet

Multisignature wallets require multiple parties to sign a transaction for any digital money can be spent.[6] Multisignature wallets are designed to have increased security.[7]

Key derivation

Deterministic wallet

With a deterministic wallet a single key can be used to generate an entire tree of key pairs.[8] This single key serves as the root of the tree. The generated mnemonic sentence or word seed is simply a more human-readable way of expressing the key used as the root, as it can be algorithmically converted into the root private key. Those words, in that order, will always generate exactly the same root key. A word phrase could consist of 24 words like: begin friend black earth beauty praise pride refuse horror believe relief gospel end destroy champion build better awesome. That single root key is not replacing all other private keys, but rather is being used to generate them. All the addresses still have different private keys, but they can all be restored by that single root key.The private keys to every address it has and will ever give out can be recalculated given the root key. That root key, in turn, can be recalculated by feeding in the word seed. The mnemonic sentence is the backup of the wallet. If a wallet supports the same (mnemonic sentence) technique, then the backup can also be restored on another software or hardware wallet.

A mnemonic sentence is considered secure. The BIP-39 standard creates a 512-bit seed from any given mnemonic. The set of possible wallets is 2512. Every passphrase leads to a valid wallet. If the wallet was not previously used it will be empty.[3]:104

Non-deterministic wallet

In a non-deterministic wallet, each key is randomly generated on its own accord, and they are not seeded from a common key. Therefore, any backups of the wallet must store each and every single private key used as an address, as well as a buffer of 100 or so future keys that may have already been given out as addresses but not received payments yet.[3]:94

See also

References

How Is Private Key Generated In Hardware Wallet For Iphone

  1. ^Roberts, Daniel (15 December 2017). 'How to send bitcoin to a hardware wallet (url=https://finance.yahoo.com/news/send-bitcoin-hardware-wallet-140141385.html'. Yahoo! Finance.
  2. ^Divine, John (1 February 2019). 'What's the Best Bitcoin Wallet?'. U.S. News & World Report. Retrieved 12 March 2019.
  3. ^ abcdAntonopoulos, Andreas (12 July 2017). Mastering Bitcoin: Programming the Open Blockchain. O'Reilly Media, Inc. ISBN9781491954386. Retrieved 14 September 2017.
  4. ^'Bitcoin Wallets: What You Need to Know About the Hardware'. The Daily Dot. 2018-11-20. Retrieved 2019-03-10.
  5. ^Newman, Lily Hay (2017-11-05). 'How to Keep Your Bitcoin Safe and Secure'. Wired. ISSN1059-1028. Retrieved 2019-03-10.
  6. ^'Bitcoin Startup Predicts Cryptocurrency Market Will Grow By $100 Billion in 2018'. Fortune. Retrieved 2019-02-15.
  7. ^Graham, Luke (2017-07-20). '$32 million worth of digital currency ether stolen by hackers'. www.cnbc.com. Retrieved 2019-02-15.
  8. ^Gutoski, Gus; Stebila, Douglas. 'Hierarchical deterministic Bitcoin wallets that tolerate key leakage'(PDF). iacr.org. International Association for Cryptologic Research. Retrieved 2 November 2018.

How Is Private Key Generated In Hardware Wallet Size

Retrieved from 'https://en.wikipedia.org/w/index.php?title=Cryptocurrency_wallet&oldid=939037950'