How do Bitcoin wallets work?
Bitcoin, and all other forms of cryptocurrency, are based on a branch of science called cryptography. Cryptography is a vast discipline with a very rich history that we will not explain in this book, lest we upset a cryptographer by omitting their favorite bit.
Cryptography refers to the study of encoding and communicating messages so that they can only be read by the intended recipient. This is a very simplified definition, and again, we apologize to all the cryptographers in the audience.
Cryptography is a fundamental part of our lives, and one of the main reasons that it’s possible to use chip payment cards and browse securely on the internet. It’s also one of the main reasons the Allies won the Second World War. The brilliant mathematician Alan Turing was able to improve on pre-war Polish methods of deciphering German ciphers, enabling the Allies to intercept and decode Nazi messages. This was enormously influential for the Allied war effort, and possibly shortening the war by 2-3 years. 1
Ok, cryptography is amazing. But how did the crypto in cryptocurrency get there? Bitcoin uses different cryptographic methods to maintain the security and accuracy of its transactions: asymmetric key encryption (or public-key cryptography) and hashing.
We’ve gone over how blockchains are made of blocks of bundled transactions that are connected to previous blocks by a hask. How does this all work? To explain asymmetric key encryption, we’ll briefly explain symmetric key encryption.
Symmetric key encryption
In symmetric key encryption, both sides have a key, or secret code that unlocks the encrypted message. The problem with symmetric key encryption is getting that key to both person A and person B, without someone intercepting the key and eavesdropping on their conversation. Transferring the key is difficult to do securely.
Let’s go through a scenario where Alice wants to send Bob private messages about Eve’s surprise birthday party without Eve finding out. Alice decides to use symmetric key encryption, so she needs to find a way to get the key to Bob. She sends it via SMS. Eve is a brilliant hacker with a tenuous grasp on the concept of privacy, and intercepts the message. Now she can listen in on Alice and Bob’s conversation while they send encrypted messages to each other. The surprise party is ruined.
It was the weaknesses in symmetric key based encryption that enabled Allied codebreakers to intercept keys and listen in on Axis communications.
Asymmetric key encryption
Bitcoin does not use symmetric key encryption. Instead, it uses something called asymmetric key encryption, or public key encryption, that solves the problem of key distribution. Bitcoin uses cryptographic signatures for validation, and public key encryption prevents impersonation.
In asymmetric key encryption, the key is broken into two parts – public key and private key. If people have the public key, they can encrypt a message and send it to you, which you can decrypt with the private key. Using a very complicated mathematical formula called Elliptic Curve Digital Signature Algorithm (you do not need to remember this), it’s possible to derive a public key from a private key. It’s impossible to get a private key from a public key. You can give your public key from all and sundry, but they won’t be able to get your private key from it.
With the private key, you can also sign a message, and people with the public key can verify it was you that signed it.
In Bitcoin, your public key acts like a bank account number address, and the private key is the ability to actually spend the money in your account. The problem facing public key encryption is called a man in the middle attack, where someone swaps public keys to reroute a transaction.
Alice wants to send Bob money. Bob sends Alice his public key, but Mallory intercepts Bob’s message and swaps her key for his. Alice unknowingly sends the bitcoin to Mallory, who promptly goes on a very long holiday to regions unknown.
That’s why the common phrase “trust but verify” exists. Always double-check that you’re sending a transaction to the right address, much the same way you would with bank accounts.
Hot Wallets vs Cold Storage
Wallets are defined as ‘hot’ or ‘cold’ based on their internet connection. Hot wallets are connected to the Internet in some form, while cold wallets are not. Each has their uses. Hot wallets take several forms: there are desktop wallets, mobile wallets, hybrid wallets, and exchange wallets.
If you download a wallet app or set up a wallet on an exchange, you’re creating a hot wallet. Hot wallets are usually easy to use, and great for making quick transactions. The main drawback for hot wallets is security. Since hot wallets are online, they are much more exposed to hackers.
Cold wallets, such as paper wallets and hardware wallets, are not connected to the internet, and are considered a much more secure option. Cold wallets are only connected to the internet when you make a transaction. As a rule, the majority of your bitcoin should be kept in a cold wallet. We’ll go over a few different types of wallet
Custodial vs. non-custodial wallets
One of the core tenets of Bitcoin’s philosophy is maintaining complete control over your assets in the form of your private key. When you control the private keys to your wallet, it is referred to as a non-custodial wallet. You can do whatever you want with that bitcoin whenever you want, and no one can stop you.
When you use a non-custodial wallet, that does mean that you have full responsibility for making sure that your bitcoin is safe. That means backing up your wallet and following security best practices. There is no customer care for bitcoin in non-custodial wallets. There is, however, frequent customer care for bitcoin in custodial wallets.
Cryptocurrency service providers like exchanges often offer custodial wallets, a type of wallet where you do not control the private key. There are risks associated with custodial wallet in the same way there are risks with any situation where someone else controls your money. You need to ask permission to exchange and withdraw bitcoin, and you can be kept out of the wallet entirely. There are plenty of cases where people have been barred from accessing funds stored in custodial wallets forever.
In order to use many exchanges and financial products, you will need to deposit some bitcoin into a custodial wallet. Since you don’t control the keys, it’s best not to keep more bitcoin on an exchange than completely necessary. Consider bitcoin stored in custodial wallets to be at-risk.
Types of wallet
- Mobile wallet
Mobile wallets are a type of hot wallet that typically take the form of apps downloaded on a mobile device. They’re portable, convenient, and designed to make transactions easy and frictionless. There are a few downsides to mobile wallets. If you lose or damage your phone, you could lose access to all of your funds. App stores have also removed wallet services in the past, making it difficult to receive necessary updates to keep your wallet secure.
Mobile wallets are a great choice for storing small amounts of bitcoin you plan to use on the go, but be careful about how much you keep in them.
- Desktop wallet
Desktop wallets are run on your computer, and are generally more versatile than mobile wallets. You’re generally able to exert more control over your bitcoin. They’re often compatible with hardware wallets, allowing you to easily access bitcoins kept in cold storage.
Desktop wallets do have downsides. They’re almost always hot wallets, and are popular targets for malware and viruses. It’s also a bit harder to use QR codes, making transactions slightly more difficult.
- Browser wallets/web wallets
Absolutely not. If you have too much bitcoin and feel the need to get rid of it immediately, consider sending it to me, the author. Or you could use a web wallet. Up to you!
- Hardware wallet
If you have a lot of bitcoin, you’ll be keeping it in one of these bad boys. Hardware wallets are typically used as cold wallets, though it’s possible to mishandle them enough that they turn into hot wallets. The two respectable brands of hardware wallet are Ledger and Trezor.
What hardware wallets have in security they lose in usability. While hardware wallets are a safe way to store bitcoins, they can be a pain to use for regular transactions. Also, if you lose it and your recovery phrase, you are out of luck.
- Paper wallet
Paper wallets are essentially pieces of printer paper with your private key
written on it. If you’re the type of person that misplaces bookmarks, bills, and receipts, consider buying a hardware wallet.
- Setting up your Bitcoin address
Your wallet will generate this for you. If you have a recovery phrase, write it
down on multiple pieces of paper, and store them in different geographical locations.
Your public key, or bitcoin address, is generated from your private key. Normally, when you set up a wallet you will be given both a public key and private key.
- Update everything. Just like with every other system, you need to update your wallet and keep it current. Go update your computer operating system and browser too, while you’re at it.
- If it’s online it’s not safe.
- Always keep multiple copies of your passphrase in secure locations