To improve the privacy of its users, the BitBox02 creates a new bitcoin address every time you receive a transaction. How can it create an endless amount of bitcoin addresses, but the user only has to write down his seed phrase once?
Let us explain what hierarchical deterministic wallets are and how they work:
The seed phrase
It all starts with a seed phrase. It is the ‘master key’ to your wallet. Generally it is represented by a list of 12-24 words. Translated via a special decoding algorithm, it’s just a string made up of lots of ones and zeroes.
To make sure only one user and nobody else has the same seed phrase, it’s essential that it is created completely randomly. This is achieved by using a lot of randomness (also referred to as ‘entropy’). Because humans are comparatively bad at picking random words, you should never pick random words from the wordlist yourself!
In theory, all one has to do to create a seed phrase is to flip a coin 256 times and write down either a one or a zero. The chance of someone ‘flipping the coins’ in the exact same way as someone else is 1:2^256, or roughly 1:10000000000000000000000000000000000000000000000000000000000000
000000000000000.
To make this much easier, the BitBox02 uses multiple sources for this randomness, such as a dedicated true random number generator chip, the user set password, as well as the desktop app and combines them into one very random seed phrase.
An optional passphrase is mixed with the seed before deriving single keys.
Example: resource plastic opinion divorce since play neglect domain park apart edge vague world mango slim over wreck icon artist pudding drill orphan camp fish
In binary: 10110111100 10100110000 10011011011 01000000000 11001001001 10100110010 10010100000 01000000111 10100000010 00001010010 01000110010 11110000101 11111101101 10000111001 11001011110 10011101111 11111110001 01110000010 00001101000 10101101001 01000010111 10011100110 00100000110 010
Derivation path
The derivation path allows us to apply a standardised ‘formula’ to our master key in order to create a private key. You can think of it like a path to a folder on your computer!
An example for a bitcoin derivation path for the BitBox02 is:
m/49’/0’/0’/0/0
Each part of the path represents a certain use:
m / purpose’ / coin_type’ / account’ / change / address_index
If we change this derivation path, we receive a completely different private key. Modern wallets increase the “address_index” field incrementally in order to derive a series of private keys. That means in order to derive the private keys to our first 5 bitcoin addresses, the wallet uses the derivation paths:
m/49’/0’/0’/0/0
m/49’/0’/0’/0/1
m/49’/0’/0’/0/2
m/49’/0’/0’/0/3
m/49’/0’/0’/0/4
Because these paths are not limited in count, virtually unlimited amounts of private keys can be derived.
Example: m/49’/0’/0’/0/0
Private key
A private key can be thought of as the key to one of your individual bitcoin addresses. It is needed to sign a transaction from the associated bitcoin address.
As the name suggests, you must not share these keys with anyone. So how does a wallet go from a private key to a bitcoin address? First, the wallet has to create the public key to your private key.
Example: L5UxSZahnxwzrNU3kv6gxatYcC3TXffv6sxQkebxUxYFxxdSmva1
Public key
Using a private key, you can create a public key. This public key can be shared with anyone. It enables the owner to prove that he owns the associated private key.
Example: 020be9666e50552e0f10c15fa0a7691197144313d30a61c9129ec40375748e28ed
Bitcoin address
A bitcoin address consists of an encoded pubkey script, which in most cases includes the public key or the hash of a public key. The hash of a public key is derived by applying a hash function to the public key. The pubkey script defines under which conditions the coins can be spent.
This address is what others can send bitcoin to.
Example: bc1q6zjfr73jywxck3stj0rzl62ga94hyxgw9tfu8g
Summing it up
As explained in this article, a bitcoin address is derived in multiple steps from the seed phrase. The way these addresses are derived is always the same (deterministic). These types of wallets are generally referred to as “hierarchical deterministic”-wallets (HD wallets). The standards for these wallets are defined in BIP32 and BIP39.
Because the way the addresses are derived is the same every time, we do not need to back up individual addresses, only the seed!
How often can I use a bitcoin address?
You can use a bitcoin address as often as you like. For privacy reasons, this is not recommended. Any person who receives bitcoin from this address can see the remaining balance on it.
Do I have to write down the derivation path?
Generally no. Most wallets use common derivation paths, which are easy to look up online. If you really want to make sure, you can note down the derivation path of your wallet.
Do I need to save my private keys?
If you are using a modern wallet that gives you a backup seed phrase, you only need to note down your seed phrase. The private keys and addresses are derived from your seed.
Don’t own a BitBox yet?
Keeping your crypto secure doesn't have to be hard. The BitBox02 hardware wallet stores the private keys for your cryptocurrencies offline. So you can manage your coins safely.
The BitBox02 also comes in Bitcoin-only version, featuring a radically focused firmware: less code means less attack surface, which further improves your security when only storing Bitcoin.
Shift Crypto is a privately-held company based in Zurich, Switzerland. Our team of Bitcoin contributors, crypto experts, and security engineers builds products that enable customers to enjoy a stress-free journey from novice to mastery level of cryptocurrency management. The BitBox02, our second generation hardware wallet, lets users store, protect, and transact Bitcoin and other cryptocurrencies with ease - along with its software companion, the BitBoxApp.