Cryptocurrency wallet

A cryptocurrency wallet is a software program that can be used to store, send, and receive cryptocurrencies from a digital address. The wallet is a required component of the cryptocurrency ecosystem, which allows a user to interact with blockchains, make purchases and transactions with cryptocurrency, and monitor balances. It functions in a similar way to a traditional wallet, but holds proof of cryptocurrency. The cryptocurrency wallet also stores public and private keys.

The digital address of a cryptocurrency wallet is made secure and functional by public-key cryptography. The public key can be shared with anybody and used to receive funds, while the corresponding private key enables anybody who knows it to access the contents of a cryptocurrency wallet and to digitally sign transactions sending funds out of the wallet. In a simplified way, a public key can be thought of as a username and the private key is comparable to a password.

Public-key cryptography, also known as asymmetric cryptography, is a cryptographic system that utilizes alphanumeric keys together in pair; these are the public and private keys. The public key is distributed, while the private key is kept private. This type of cryptography is used to store cryptocurrencies on the blockchain and to send cryptocurrencies between blockchain or wallets. The generation of these keys is made possible by the usage of cryptographic algorithms, based on mathematical problems to produce a one-way function.

The public key is what allows cryptocurrencies to be transacted. It is a cryptographic code paired to a private key. While anyone can send transactions to a public key, the private key is needed to complete the transaction and prove the user is the owner of the cryptocurrency. The public key is usually an address, a shortened form of a public key that can receive transactions, meaning it can be freely shared without worry. This means, for example, someone can send a public address cryptocurrencies, but to access those funds they would need the private key.

Perhaps as the name suggests, the private key is something that should never be shared with anyone, as the private key gives the user access to their cryptocurrency funds, and gives the user the ability to prove ownership of the funds and use those funds. A private key can take many forms, such as 256-character binary code, a 64-digit hexadecimal code, a QR code, or a mnemonic phrase. Regardless of the form, the private key is intended to be a very large number, and is large to make the chance of randomly generating a private key near impossible. The private key is capable of generating a public key, but doing the opposite is intended to be impossible.

A seed phrase, also referred to as a seed recovery phrase, backup seed phrase, or mnemonic phrase is a list of words that store the information needed to recover funds on-chain or in a cryptocurrency wallet. Seed phrases are intended to provide a way of backing up a wallet, and usually on the creation of a wallet the user is prompted to write down twelve to twenty-four random words, which is the seed phrase. These leave less room for human error compared to private keys, and they tend to be easier to record and transmit.

The seed phrase is automatically generation when a user creates a cryptocurrency wallet. Each phrase is pulled from a list of 2,048 simple words. The idea was adopted after 2013 and the Bitcoin Improvement Proposal 39 (BIP39) to establish a standard for a "deterministic" wallet in which the seed phrase would control all private keys held in the wallet. This standard also makes wallets compatible, meaning to switch wallets a user need only enter the seed phrase. And if a wallet is lost or deleted, it can be recreated using a seed phrase alone.

There are, broadly speaking, two types of blockchain wallets: software wallets and hardware wallets. These are also referred to as hot storage or cold storage wallets.

Also referred to as hot wallets, these include any wallet that is connected to the internet, such as a phone app, a desktop software program, an online provider, or an exchange. These services tend to be free, but are often considered to be riskier from a security perspective as they are potentially susceptible to online theft. Although, a study by CipherTrace in 2020 found cryptocurrency theft dropped by 57 percent.

Exodus's cryptocurrency wallet for desktop and mobile.

A desktop wallet is a software that runs on a desktop of computer. This type of wallet is non-custodial, meaning that a user has complete control of their funds without concern of a third party that can freeze or lose funds, but also means the security of the wall remains the users responsibility as well. This requires the user to secure and back up the wallet, and ensure the computer is as secure as possible as well.

A mobile wallet is a software application run on a smartphone or tablet. Some of these apps are non-hosted, or non-custodial, meaning, like desktop wallets, the user is in complete control of the wallet and responsible for managing private keys and access to cryptocurrency. As well, the user is responsible for ensuring the device is backed up and kept safe from damage, theft, or loss. However, these tend to be more convenient options for face-to-face payments and can make use of QR codes for quick payments.

These tend to be custodial wallets, where the keys are managed by a third party, and often are considered the easiest-to-use wallets. These can be browser extensions, web portals, or offered by a cryptocurrency exchange. These wallets are always connected to the internet and come with some security issues, such as if the exchange is compromised; however these types of wallets are often considered the easiest options for crypto transactions and purchases. Exchanges such as Coinbase, or brokerage that allow users to purchase cryptocurrencies, often provide users with web-based wallets.

Example of a USB hardware wallet.

Also known as cold storage wallets, these are encrypted portable devices that allow a user to download and carry cryptocurrencies. Unlike software wallets, hardware wallets come with a cost for the hardware, which ranges depending on the device and manufacturer and related features, but on average cost USD $100. Because the cryptocurrency is stored offline, and can only be accessed when connected to a computer or related port for transfers and transaction, these are considered to have the highest level of security. They require the user to be responsible for the device and for keeping track of security.

Example of paper wallets.

Similar to a hardware wallet, and considered by some to be the most secure form of cryptocurrency wallet, a paper wallet refers to a physical copy or printout of a public and private key, and can further refer to a piece of software used to generate a pair of keys which are then printed. Using a paper wallet is relatively straightforward, with transfers taking place through a public address shown on the paper wallet. And to withdraw or spend currency, the user can transfer the funds from the paper wallet to a software wallet. This process, often called sweeping, can either be done manually by entering private keys or by scanning a QR code on the paper wallet.

When picking a wallet, a decision can be made between the use of a hot or a cold wallet. Often cryptocurrency traders will use a combination of hot and cold wallets, with the former for quick transactions and the latter for securing a bulk of cryptocurrency resources.

The benefit to using a hot wallet, as explored above, tends to be ease-of-use, as there's no need to transition between offline and online to make a transaction. Although not the same as a traditional wallet, the traditional logic of it being a bad idea to keep a lot of money on a person remains true, with a cold wallet acting similar to an ATM when cash can be withdrawn when a hot wallets balance gets low.

Similarly, cold wallets are focused on security, with the first part of the security being that in order to take cryptocurrencies from a cold wallet, the person needs to have physical possession or access to the cold wallet, as well as any associated PINs or passwords. Often these devices look like small USB sticks, although paper wallets act as cold wallets, and some use secondary offline computers to store cryptocurrency. Hardware wallets can be connected to a computer via a USB port or by Bluetooth, depending on the device, and, even though it is connected to a device connected to the internet, the transaction of funds from the device to the computer is done offline and is only broadcast to the network after the transaction is done.

Regardless of whether picking a software wallet, a hardware wallet, or a combination of both, there are a few considerations, or best practices, before choosing which wallet, or combination of wallets, to use. These include:

• Access points—wallets act as an access point to the larger cryptocurrency ecosystem, and before using a wallet or sending funds to the wallet, it can be crucial to check that the product a users wants is supported by the wallet
• Seed phrases—perhaps the biggest deterrent to non-custodial wallets is the sense of ownership a user must have. In 99 percent of cases, if a user loses the seed phrase, its impossible to access the funds inside the wallet
• Supported assets—different wallets support different assets and it is recommended the user do their due diligence to ensure the wallet is compatible with whichever currency the user wishes to store
• Social presence—when choosing a wallet with a community-backing, it is often important to check and follow the community on social media, as this can give a user a good idea about the product and the way it is engaged with; and can act a signal of trust

Cryptocurrency wallets and their security is varying, and the level of security tends to depend on the type of wallet used and the service provider. For example, there is an increased risk in a wallet held on a web server environment compared to users keeping currency in an offline wallet. Online wallets bring inherent risk of being online and possible vulnerabilities in the platform, which can be exploited by hackers to steal funds. While offline wallets cannot be hacked because they remain offline and do not rely on a third party for security.

While online wallets have proven the most vulnerable and prone to hacking, there are security precautions required when using any cryptocurrency wallets. For example, regardless of the wallet used, a user has to keep private keys, as losing these keys will lead to the user losing the money. Similarly, if a wallet gets hacked, or a user sends money to a scammer, there is no way to reclaim lost currency or reverse the transaction.

There are activities the user can undertake to keep their wallets and currency safe, including backing up the wallet and keeping any software wallets up-to-date, or the software environment to ensure the software's security measures are up-to-date. Further, keeping a small amount of currency in an online wallet, while maintaining the majority of funds in a more secure environment, such as a cold storage option. And a user can add extra security layers, such as long and complex passwords required with withdrawal of funds. And there are wallets users can find with good reputations and that can provide security measures such as two-factor authentication and additional authentication requirements when a wallet is initially opened.

Bitcoin is by far the most well-known and popular digital currency, but hundreds of new cryptocurrencies have emerged, and continue to emerge, each with distinctive ecosystems and infrastructure. Not all wallets support all cryptocurrencies, while some wallets can support multiple types of cryptocurrencies. However, due to the nature of cryptocurrency, even a multi-currency capable wallet cannot trade all currencies.

Cryptocurrency wallets are best understood as pseudonymous, rather than anonymous. While wallets are not tied to a user's identity, nor do they provide any information available for that information, all transactions from a wallet are stored publicly and permanently on the blockchain. This does not mean the user's identity or information, but rather the wallet's address can be traced back to a user. And once a user has been traced to wallet's address, that wallet's transactions, and thereby the user's, can be traced. There are further efforts to make anonymity and privacy easier to achieve.