BLOG
Wondering what a Bitcoin wallet really is? These essential signing devices manage your private keys and secure your bitcoin transactions. Explore the differences between hot wallets and cold wallets to learn how to protect your Bitcoin assets effectively!
A Bitcoin wallet is not a wallet. It’s a signing device. It’s an important part of the Bitcoin puzzle, as we use software wallets for daily transactions and hardware devices to protect the user from malware, theft, remote attacks, phishing, and hacking of any kind. However, contrary to popular belief and what the name suggests, a Bitcoin wallet doesn’t contain Bitcoin. Its main function is to sign transactions. To do that, Bitcoin wallets hold, hide, and manage private keys.
The blockchain is an open ledger that tracks every Bitcoin and Sat in existence. Transactions between two parties are just transfers of ownership of Unspent Transaction Outputs or UTXOs. Those transactions have to be authorized or signed, though, and that’s where the Bitcoin wallet and private keys come in.
Software wallets are generally called “hot wallets” because they are connected to the Internet. They store private keys online, which puts them at risk. We refer to hardware wallets as “cold wallets” because they keep private keys away from the Internet. For extra protection, hardware wallets have the least possible memory to prevent malware injection.
However, Bitcoin wallets connect to the network’s nodes to transmit, receive, and authenticate transactions. Be it hot or cold, to do that, Bitcoin wallets require a software component that serves as the link between the wallet and the node. More on this later,
Another important distinction is between “custodial” and “non-custodial” Bitcoin wallets. Custodial means a third party holds your private keys for you, which requires trust. Users who acquire BTC from exchanges and leave their funds there are doing just this, and you know what Bitcoiners say: “Not your keys, not your coin.” Check this guide for more information.
On the other hand, the user controls its private keys in non-custodial wallets, but that means all responsibility falls into said user’s hands. No mistakes allowed. Bitcoin is ultimate control over your finances, but you know what comic book nerds say: “with great power comes great responsibility.”
Before advancing, let’s get something straight: Blink is a Lightning Network wallet, and in this article, we’re explaining onchain processes. For more information on the difference between “Lightning Wallet vs Bitcoin Wallet” read our guide. Also, Blink is a custodial wallet engineered for everyday life and daily spending. Read this other guide for more information on “Choosing The Right Bitcoin Wallet: Payments vs. Savings.”
Now, as promised, let’s talk about:
As stated, a usual characteristic of hardware Bitcoin wallets is low memory and resources. They can’t interact with the blockchain and the nodes by themselves. The device’s job is to sign transactions, software connected to the Internet does everything else. However, cold wallets are air-gapped and keep the private keys isolated from the Internet at all times. More on this later.
Users can choose software proprietary to the hardware wallet’s manufacturer or connect their Bitcoin wallets to external open-source software, but they need a software component. Through it, the wallet interacts with the nodes of the Bitcoin network to receive, create, and send transactions. The software component also creates seed phrases and Bitcoin addresses.
The existence of a private key implies a public key. Bitcoin addresses are hashed versions of the public key. An address is a unique identifier, and you need it to send and receive BTC. However, every Bitcoin wallet can create multiple addresses and since the Bitcoin network is pseudonymous, we recommend creating a new address for each transaction.
A seed phrase is a representation of the master private key. Unchained explains: “During setup, most hardware wallets generate a seed for you. This seed, which is a large, randomly-generated string of binary digits, can be represented in human-readable form as a seed phrase.”
Seed phrases are of the utmost importance, as users can employ this series of 12 or 24 words to restore their wallet in any scenario, including the most extreme ones. Most Bitcoin Wallets use the BIP39 Standard to generate “the mnemonic and converting it into a binary seed. This seed can be later used to generate deterministic wallets using BIP-0032 or similar methods.”
Unchained translates/ elaborates:
“Hardware wallets generate seed phrases by generating a seed and mapping it to a list of 2,048 words. Hardware wallets use various methods to achieve randomness, such as random number generators (RNGs).”
That randomness is key to the wallet’s security, and some users use external elements like dice to increase it. However, BEWARE, you have to really know what you’re doing to perform this task.
Anyway, this next item is also crucial to wallet security.
These microchips are common in the world of traditional finance as they are often used in credit cards to store confidential information. Some hardware Bitcoin wallets keep private keys in a secure element instead of a normal chip, which makes them harder to crack in case of physical theft or attack.
For a precise explanation of what a secure element does, let’s quote Unchained:
“A secure element is designed to detect any abnormalities in circuit features, such as voltage supply, and responds by conducting a series of fake operations alongside its normal ones, effectively hiding any sensitive information that could have been released. Furthermore, if any nefarious activity is flagged by the chip, then the seed phrase and private key that it contains can immediately be wiped.”
On the flip side, most secure elements are proprietary and closed-source. That means you have to trust a third party, in this case, the manufacturer. However, hardware Bitcoin wallets have designed ways around it, and open-sourced secure elements are hitting the market as you read these lines.
So, hardware Bitcoin wallets keep private keys away from the Internet and its prying eyes. By removing everything that interfaces with the Internet, the device is effectively isolated from it or “airgapped.” This is done as a security measure. However, the software component of the wallet still has to communicate with the the Bitcoin network’s nodes.
How does the process work? Through SD cards, QR codes, or even a less secure USB cable, the hardware Bitcoin wallet receives unsigned or partially signed transactions (PSBTs.) On its end, it adds the necessary signatures and returns the approved transactions to the software component. After that, the software broadcasts the signed transactions to the network for validation.
For a list of inconveniences brought by the process, let’s consult with Bitbox:
“Using an air-gapped hardware wallet comes with significant usability sacrifices. It takes more steps, button pushes, mental attention, and time to send a transaction involving a PSBT over an air-gapped communication channel.”
Is the trade-off worth it? Most hardware Bitcoin wallets believe it is. Some don’t. The customer decides.
Using a hardware Bitcoin wallet is a high-risk/ high-reward situation. On one hand, the user is using the network in a trustless way and is in complete control of his or her finances. On the other, there’s no one to call in case of theft or mismanagement. A way to mitigate that risk is a multisig setup.
The most common multisig configuration uses three wallets to secure one account. To transfer funds, the user or users need 2 out of 3 signatures. That way, if a tragedy occurs and one wallet gets compromised or lost, there’s a clear path to recover the funds.
Also, if the owner of the account is a company or corporation, multisig solves a lot of problems. For more complex organizations, it’s possible to set up configurations with more wallets and more signatures needed to perform transactions.
Bitcoin wallets are crucial and complex, that’s the reason Blink provides multiple guides - 1, 2, 3 - plus this one and probably more in the future. Study them mercilessly; your financial future might depend on it.
No pressure, though.
