HD Wallet and Seed

Introduction to Hierarchical Deterministic Wallets (HD Wallets) and Seeds.

For detailed technical information, please refer to BIP-32

1. Hierarchical Deterministic Wallet (HD Wallet)

The Hierarchical Deterministic Wallet (HD Wallet) is a wallet structure proposed by Bitcoin Improvement Proposal 32 ( BIP-32). An HD wallet generates all private keys and public keys from a single seed, allowing users to manage multiple addresses with a single backup and offering excellent scalability and security.

2. Key Concepts

2.1 Seed

The seed is the core of an HD wallet. It is a randomly generated initial value used to generate all key pairs in the wallet. The seed is typically created by mixing random entropy provided by the user with random numbers generated by the wallet software.

2.2 Mnemonic

A mnemonic is a sequence of easily memorable words that represent the seed. This method not only makes it easier for users to back up and restore their wallet but also reduces the risk of forgetting or losing the seed. Mnemonics usually consist of 12, 15, 18, 21, or 24 words selected from a standardized word list.

The steps to generate a mnemonic are as follows:

  1. Generate Random Entropy: Create random numbers.

  2. Calculate Checksum: Hash the random numbers using SHA-256 and take the first few bits as the checksum.

  3. Combine Data: Combine the random numbers with the checksum.

  4. Split Data: Divide the combined data into 11-bit binary blocks.

  5. Map to Word List: Map each 11-bit binary block to a word in the standardized word list.

2.3 Master Key

The master key is the first key pair generated from the seed, consisting of a master private key and a master public key. The master key is the starting point of an HD wallet, from which all child keys can be derived.

2.4 Child Key

Child keys are derived from the master key or other child keys. HD wallets use a hierarchical structure where multiple child keys can be derived from a single master key, and each child key can further derive more child keys. The derivation process is deterministic, meaning the same seed will always generate the same sequence of keys.

2.5 Extended Public Key (xpub) and Extended Private Key (xpriv)

Extended public keys (xpub) and extended private keys (xpriv) contain additional information to support the hierarchical structure of HD wallets.

  • xpub: Contains the public key, chain code, and derivation path information, allowing the generation of child public keys without knowing the private key.

  • xpriv: Contains the private key, chain code, and derivation path information, allowing the generation of child private keys and child public keys.

2.6 Derivation Path

The derivation path is a string that represents the path from the master key to a specific child key. It is usually written in a slash-separated notation, such as m/44'/0'/0'/0/0. Each number represents a level of child key, with ' indicating hardened derivation and numbers without ' indicating non-hardened derivation.

  • m: Represents the master key.

  • 44': Indicates adherence to the BIP-44 standard.

  • 0': Represents the coin type (0 for Bitcoin).

  • 0': Represents the account.

  • 0: Represents the receiving address.

  • 0: Represents the address index.

3. How HD Wallets Work

The operation of HD wallets involves the following steps:

  1. Generate Seed: The user provides random entropy, and the wallet software generates the seed.

  2. Generate Master Key: The seed is used to generate the master private key and master public key.

  3. Generate Child Keys: The master key and chain code are used to generate child keys, which can further generate more child keys.

  4. Manage Keys and Addresses: Extended public keys and extended private keys allow the generation and management of numerous addresses.

4. Advantages of HD Wallets

HD wallets have several advantages over traditional wallets:

  1. Simplified Backup: Users only need to back up the seed or mnemonic once to recover all keys and addresses.

  2. Excellent Scalability: HD wallets can generate an unlimited number of child keys and addresses, accommodating various use cases.

  3. Enhanced Security: Extended public keys do not contain private key information, allowing the generation of child public keys without exposing private keys.

  4. Standardization: HD wallets follow standards such as BIP-32, BIP-39, and BIP-44, ensuring compatibility and interoperability.

5. Application Examples

5.1 Creating an HD Wallet

  1. Generate Mnemonic: Generate 12 mnemonic words using random entropy, such as: abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about.

  2. Generate Seed: Create the seed from the mnemonic.

  3. Generate Master Key: Use the seed to generate the master private key and master public key.

  4. Generate Child Keys: Use the master key and chain code to generate child keys, such as the path m/44'/0'/0'/0/0.

5.2 Recovering a Wallet

  1. Enter Mnemonic: The user inputs the backed-up mnemonic.

  2. Generate Seed: Recover the seed from the mnemonic.

  3. Generate Master Key: Use the seed to recover the master private key and master public key.

  4. Generate Child Keys: Use the master key and derivation path to recover child keys and addresses.

Summary

Hierarchical Deterministic Wallets (HD Wallets) achieve simplified backup, excellent scalability, and enhanced security through the structured generation and management of seeds, mnemonics, master keys, and child keys. Extended public keys (xpub) and extended private keys (xpriv), along with derivation paths, have made HD wallets widely used in Bitcoin and other cryptocurrencies. Understanding the principles and key concepts of HD wallets can help better manage and use cryptocurrency assets.

PreviousBase58 EncodingNextBlockchain

Last updated