Warning : this article is synthesized by understanding as well as analysis from the technological aspect of HDWallet so it is quite complicated people prepare mentally.
In addition to wallets such as Non-Deterministic (Random) Wallets , Deterministic (Seeded) Wallets , we have a Hierarchical Deterministic Wallets (BIP0032 / BIP0044) briefly called HDwallet or also known as decentralized wallet names. Introduced in BIP 32 and later improved by BIP 44. (BIPs stands for Bitcoin Improvement Proposals, Bitcoin improvement solutions). Although the HD wallet was introduced by the Bitcoin community, this is the wallet structure that supports many different cryptocurrencies. Before going directly to HDwallet, what should we reverse the definition of Mnemonic a little.
Mnemonic Code Words
Mnemonic codes (evocative words) are English strings that represent the encoding of a random number used as a seed to retrieve a specified wallet. This sequence of words is enough to recreate the seed and thereby recreate the wallet and all the keys in it. Current wallet apps will show users a 12-24 sequence when first creating a wallet. The string can then be used to recover and recreate all the keys in the same or any other compatible wallet application. These catchy words make it easier for users to remember, as they are easier to read and transcribe correctly, compared to a random sequence of numbers.
The creation of memory words is described as follows:
- Generates a random string (satisfying entropy) of 128 to 256 bits
- Generate a checksum of the random string by taking the first few bits of SHA256 hash
- Add checksums at the end of that random string
- Divide the string into different 11-bit parts, using these sections to index up to 2048 predefined words
- Generates 12-24 words that represent this random string code
Below is a detailed illustration to make it easier to understand:
What is HDwallet
So what is HDwallet? Put simply, this is a public / private key tree starting from a root node (master node), so that the parent key can obtain a sequence of subkeys, each of which can obtain a sequence of keys. grandchildren and so on to infinity. Here is an illustration.
First, the tree structure can be used to express organizational significance, such as when a specific subkey branch is used to receive incoming payments and another branch is used to receive changes from the bar. math go. Key branches can also be used in enterprise environments, different branches for departments, subsidiaries, etc.
The second advantage of HD wallets is that users can create a series of public keys without accessing the corresponding private keys (this is a feature compared to Non-Deterministic (Random) Wallets, this type of wallet Generate random private keys then generate public keys from corresponding private keys). This allows HD wallets to be used on insecure servers.
Wallet creation process
HDwallet is made up of an original seed, which is a random 128, 256 or 512 bit number. Everything else in HD wallets is clearly derived from the original seed, allowing you to recreate the entire HD wallet from the seed. This makes it easy to backup, restore, export and import HDwallet containing thousands or even millions of keys just by transferring the original seed. The original seed is usually represented by a sequence of memory words, as described in the previous section on Mnemonic.
Here is the illustration:
The original seed is entered into the HMAC-SHA512 algorithm and the resulting hash function is used to generate the private key (m) and the Master chain code. The private key (m) then creates the corresponding master public key (M), using the normal elliptic curve algorithm. The Master Chain code is used to generate entropy in the parent key’s subkey function, as we will see in the next section.
Create a Private child key
HDwallet uses the child key derivation function (CKD) to get the child key from the parent key. The subkey generation function is based on a one-way hash function combined with the following parameters
- A parent private or public key
- The seed is called a chain code (created above).
- index number (32 bits)
These three items are combined and hashed to create the subkey, as follows:
Parent public key, chain code and index number are combined and hashed with HMAC-SHA512 algorithm to generate 512 bit hash function. The resulting hash is divided into two halves. The 256 bits to the right of the hash output become the chain code. 256 bits to the left of the hash and index functions plus the parent Private key to create the Child private key. In the diagram below, we see this illustrated with index = 0. Changing the index to 1 2 3 helps us to create other subkeys. Repeating the process we will have infinite subkeys.
Generate Public child key
As mentioned above, a very useful feature of the wallet is the ability to retrieve public child keys from public parent keys without the need of private keys. It is similar to creating a private key but it is a little different
However, because the public child key contains a Chain code, if one knows the private key or is leaked in some way, it can be used with the chain code to get all the other private child keys. And they have a solution
By using the parent private key instead of the parent public key
HD wallet key identifier (path)
HD wallet tree is represented by the path from the first address node. The example in the default path in Ethereum is m / 44 ‘/ 60’ / 0 ‘/ 0 each number in this path has its meaning.
m / purpose' / coin_type' / account' / change / address_index
m/44'/60'/0'/0 is explained as
- 44: based on BIP 44
- 60: Ethereum’s coin type (can refer to here for other coin types)
- 0: Account 0
- 0: Change 0
Technically speaking, the decentralized wallet has a tree-like format where each node has a public / private key pair that extends from the master node. Moreover the number of nodes is unlimited.
For example, HDwallet holds two types of code of Bitcoin and Ethereum, it will be like this
// Bitcoin cointype : 0
// Ethereum cointype : 44
coinType 0 -- account 0 - change 0 - address 0
root -- BIP 44 address 1
coinType 44 -- account 0 - change 0 - address 0
The important thing to keep in mind after this overview is set: the purpose of the master private key is to recreate the nodes of the tree. It is not used to sign transactions. In short, HDwallet is designed so that it can generate many public / private keys from seed or mnemonic.
Tree level Breakdown
You can use HDwallet to store many different currencies using multiple coinType branches. Meanwhile, the branch account is used to hold multiple wallets in the same currency. Simple example is like opening a bank account for wife 1, wife 2 or children, …. Next is the change branch with the value 0 or 1, 0 to create receiving addresses and 1 to create change addresses (you can read about change address here ). And finally the address_index is the different wallet address. Here are some examples:
M/44'/0'/0'/0/2 Khóa công khai thứ ba cho tài khoản bitcoin chính
M/44'/0'/3'/1/14 Khóa công khai change-address thứ mười lăm cho tài khoản bitcoin thứ tư
m/44'/2'/0'/0/1 Khóa riêng thứ hai trong tài khoản chính Litecoin, để ký các giao dịch
Thus, we have come to learn about HD Wallet. This wallet is created to meet the needs of many user wallet addresses. With HD Wallet, we have the ability to create countless wallets and only need a single seed.
- Mastering Bitcoin