All the Things You Need to Know About Wallet Keys
A cryptocurrency wallet, at its core, is a user interface layer that sits on top of your public and private keypair and hides the blockchain access interface. Your “passport” through the web3 environment is this key pair. Not Your Keys, Not Your Coins is a popular expression that alludes to the value of these keys and their ownership. But what are these keys, exactly?
To comprehend the mathematics and cryptography that support keys (and wallets), this blog article will delve deeply into their technical aspects.
Public-key encryption
Basics of Public-Key Cryptography
You must first comprehend public key cryptography in order to comprehend what a wallet actually is. A form of cryptosystem for secure data transmission, public-key cryptography (also known as asymmetric cryptography) provides each user with two keys: a secret private key and a publicly known public key.
The classic illustration of how these keys are utilized (which is inverted in crypto) is when Alice wants to transmit a message that only Bob can see. Alice accomplishes this by encrypting the communication with Bob’s widely known public key. Bob then decrypts the message using his own key.
Modular exponentiation-based RSA is a well-known public-key cryptography algorithm that can generate keypairs and encrypt/decrypt messages. One of the most widely used algorithms is RSA, which creates key pairs using big primes.
Producing the Keys
A new private key is generated when you make a new self-custodial wallet, and the public key is then calculated using the private key. Your keys are used as a UI on top of the wallet.
While the method of obtaining keypairs and addresses is consistent, the activities carried out on the private keys may vary amongst blockchains. The information below relates to Ethereum.
Creation of the Private Key
The private key is a 256-bit value that is produced at random; the number of private key addresses is roughly equal to the number of atoms in the universe. The operating system or wallet program determines the private key’s randomness; it is essential to have enough entropy while generating private keys so that the output is unpredictable.
Read This: Marie temra NFT
Creation of the Public Key
Then, using the Elliptic Curve Digital Signature Algorithm (ECDSA), a DSA version, the public key is from the private key. Similar to Bitcoin, Ethereum makes use of the National Institute of Standards and Technology’s elliptic curve parameter secp256k1 (NIST).
How to Create an Ethereum Address
The 160 right-most hash output bits from Keccak-256 are utilized as the Ethereum address after the public key has been computed. The address is frequently preceded by 0x to show that it is in hexadecimal format.
Ethereum Address vs. Public Key
Keep in mind that the public key and the Ethereum address are different. Users disseminate the Ethereum address, which is an alphanumeric string and a hash of the public key, to receive money. The public key, which can be used to confirm the veracity of the signature, may be extracted from the values in the transaction header, whereas the Ethereum address is visible on every transaction.
Key Keeping in Wallets
The generated keys must be kept safely after generation in order to deter theft. The private key was kept in a local “wallet.dat” file by the first bitcoin crypto wallets. By exporting keys to secure cloud storage systems or interfacing with a hardware wallet like Ledger to give access to funds, more recent wallets offer more reliable storage alternatives.
Meanwhile, the private keys are frequently further encrypted or hashed. Your private keys are held on the servers of centralized exchanges like Coinbase, but they are saved in the browser’s data store by browser-based self-custodial wallets like MetaMask.
Recover Phrase and Master Seed
Most wallets instruct users to store the recovery phrase offline in a secure location. The “Master seed” can be mapped to this phrase, which consists of 12–24 words in a precise arrangement. The master seed, which is a 256-bit value produced at random, can be used to create an endless number of private keys. Wallets can create numerous accounts, each with its own private and public keys, in this way while yet enabling you to recover all of them using a single recovery phrase.
Authenticating Transactions
Now that the keys are safely stashed in your wallet, you can use them to “sign transactions” and engage in other web3 wallet economy activities.
It functions somewhat analogously to the Alice-Bob communication encryption example. The user enters the transaction and their private key into a mathematical formula that generates the signature to “sign” a transaction on the blockchain.
The signature procedure generates two outputs, generally referred to as r and s, using the transaction data and a temporary private key. The transaction message is then supplemented with this signature. Any third-party validator can utilize the inverse of the signature creation function, which accepts the transaction data, the user’s public key, and the two signature values to output a return value, q, to confirm that a user signed the message. If q equals the signature value r, the transaction is considered legitimate.
Naturally, wallet users will never need to perform any activities on their own because the wallet UI abstracts away the complex technical aspects of transaction signing.
Final observations
A wallet is fundamentally a program that creates a public/private key pair for you, then uses that pair to sign and encrypt messages. Contrary to popular belief, crypto wallets merely safeguard and limit access to the assets recorded in the blockchain rather than actually storing your crypto assets.
A self-custodial wallet, such as MetaMask, differs from a custodial wallet, such as Coinbase, in that the former has access to and takes care of your private key, whereas the latter is your responsibility. In the next sections, we’ll examine several strategies for maintaining your private keys, such as MPC sharing, using multisig schemes, and more.
