Modern HD Wallets enable the wallet owner to create an infinite number of secret wallets backed up with one single recovery seed plus the 25th word passphrase.\u00a0\u00a0<\/p>\n
Hierarchical Deterministic wallets<\/a>, also called HD Wallets, <\/strong>were introduced as part of the Bitcoin Improvement Proposal #32 (BIP 32).\u00a0<\/p>\n BIP: <\/strong>Short for Bitcoin Improvement Proposal<\/a> which is the method to propose, discuss and implement Bitcoin Blockchain features, upgrades and\/or information.<\/p>\n BIP-32<\/a> \u2013 the 32nd Proposal which introduced HD Wallets<\/p>\n BIP-39<\/a> \u2013 the 39th Proposal which implemented mnemonic phrases from a \u2018word list\u2019 that can be converted to binary seeds to create deterministic wallets.<\/p>\n BIP-44<\/a> \u2013 the 44th Proposal which improves on BIP-32 to allow \u201chandling of multiple coins, multiple accounts, external and internal chains per account and millions of addresses per chain\u201d using prefixes <\/strong>(xpub\/xpriv) for extended keys.<\/strong><\/p>\n Wallet<\/strong>: software that generates a public and private key pair to allow users to transact and store cryptocurrency.\u00a0\u00a0<\/p>\n Seed Phrase<\/strong>: A string of 12 or 24 words derived from your private key that can be used to restore, recover and access your crypto wallet.\u00a0 (aka \u2013 \u2018seed\u2019 \u2018master seed\u2019 \u2018phrase\u2019 \u2018mnemonic seed\u2019, \u2018recovery seed\u2019, \u2018backup seed\u2019, \u2018recovery phrase\u2019 or \u2018secret code\u2019)\u00a0<\/p>\n Passphrase<\/strong>: Optional \u201825th word\u2019 a user can add to their 24 word mnemonic seed phrase to unlock hidden wallets.\u00a0 (aka \u2013 \u2018wallet seed extension\u2019)<\/p>\n PIN<\/strong>: Enter your PIN<\/strong> or PIN code<\/strong> on a hardware wallet<\/strong> to restrict access to your device.\u00a0 Some wallet providers, like Ledger, offer an option to create a second PIN.<\/p>\n Wallet Password<\/strong> \u2013 software wallets, or hot wallets, may require a password separate from your PIN, Passphrase, or Recovery Seed.\u00a0 The password is used to access the software wallet and in some cases it\u2019s used to encrypt files stored on your computer.<\/p>\n Extended Keys (XPRIV & XPUB)<\/strong> \u2013 HD Wallets use a master key pair<\/strong> called the Extended Private Key (xpriv) and the Extended Public Key (xpub).\u00a0 These extended keys are used to derive subordinate child keys<\/strong> which are used to create an infinite number of public addresses<\/strong> from one single master key pair or extended keys.\u00a0\u00a0<\/p>\n Pro Tip<\/strong> \u2013 Your 12 or 24 word recovery seed phrase<\/strong> can be used to access, recover, and restore your wallet on ANY third-party software wallet (ie \u2013 Electrum<\/a> or Sparrow<\/a>) or hardware device (ie \u2013 ColdCard<\/a>, BlockStream Jade<\/a>, or Ledger) regardless of what service you used to create it.\u00a0\u00a0<\/p>\n The wallet may contain multiple addresses with each address having a corresponding public key<\/strong> cryptographically derived from an extended private key<\/strong>.\u00a0\u00a0<\/p>\n These different addresses are often referred to as \u2018accounts\u2019 within the wallet.\u00a0<\/p>\n If you use the Ledger hardware wallet, the software program defaults to creating a unique Bitcoin address for every transaction to enhance your privacy on the network.\u00a0\u00a0<\/p>\n Your public key is like your bank account number and your private key is like your bank account password.\u00a0 Each unique key pair derives a public address which the \u2018receiver\u2019 shares with the \u2018sender\u2019 to initiate a transaction.\u00a0\u00a0<\/p>\n Yes, your HD wallet generates one single recovery seed phrase which thanks to the BIP-32 cryptographically derives (via derivation path<\/strong>) and stores the public key <\/strong>and private key pair<\/strong><\/a> <\/strong>for each different cryptocurrency \u2018wallet chain<\/strong>\u2019 and the various sub-accounts.\u00a0\u00a0<\/p>\n Your seed phrase<\/strong> is used for backing up and recovering your wallet, most commonly with a hardware device (cold wallet).\u00a0 The seed phrase represents the master key pair<\/strong> which includes the extended private key (XPRIV)<\/strong> and extended public key (XPUB).<\/strong>\u00a0\u00a0<\/p>\n XPRIV <\/strong>generates new private keys while XPUB<\/strong> is used to display the balances of each public key in your wallet for each different crypto account.\u00a0\u00a0<\/p>\n In essence, your seed phrase<\/strong> secures the extended private key<\/strong> which is used to generate a pseudononympus identity for every public address (key pair) you create inside the wallet used to send or receive Bitcoin (or other crypto).<\/p>\n You DO NOT need to generate a unique backup recovery seed for the different crypto blockchains (Bitcoin, Ethereum) or their (sub)accounts (addresses) stored on the HD Wallet thanks to the BIP32 deterministic method of deriving key sets\u2026<\/em> Private keys<\/strong> are used to derive a public key<\/strong> but public keys <\/strong>CANNOT be used to derive a private key.\u00a0\u00a0<\/strong><\/p>\n In a Bitcoin transaction, a ScriptPubKey<\/strong> \u2018locks\u2019 bitcoin to the receiver\u2019s address<\/strong> which is a hash (shortened version) of the receiver\u2019s public key.\u00a0\u00a0<\/strong><\/p>\n For example, Pay-to-Public-Key-Hash (P2PKH) <\/strong>is the most common \u2018locking script<\/strong>\u2019 compared with an alternative, Pay-to-Public Key (P2PK).\u00a0 <\/strong>P2PK locks bitcoin to a public key<\/strong> and P2PKH locks bitcoin to a hash<\/strong>, or shortened version, of the public key.\u00a0<\/p>\n The permissionless<\/strong> nature of most blockchains (Bitcoin, Ethereum) enables the end user to safely and autonomously migrate all crypto accounts in their wallet <\/strong>to different wallet providers using the same original 12 \u2013 24 word backup recovery seed.\u00a0<\/p>\n Pro Tip: <\/strong>If you are using a recovery seed to migrate from one wallet provider to another (ie Ledger to ColdCard), make sure you confirm that the new wallet provider supports all of your cryptocurrency accounts (Ethereum, Bitcoin, Filecoin etc).<\/p>\n BIP32 HD wallets<\/strong> allow keys to be organized in a hierarchical, multi-level tree structure to send and receive from an unlimited number of different wallets and accounts (sub-accounts) under a single HD Wallet.\u00a0\u00a0<\/p>\n The (1) Seed Phrase represents the (2) Master Key \u2013 Extended Private Key with an extra 256 bits of entropy\/randomness to create (3) Child Keys and even (4) Grandchild Keys.\u00a0<\/p>\n HD Wallets (Type 2) were introduced via the Bitcoin Improvement Proposal #32 (BIP32<\/strong>) in 2012 to improve privacy & usability as an alternative to <\/strong>Bitcoin Core \u2018Qt\u2019<\/strong> Wallets<\/strong><\/a> which required physical private key backups or hard drive storage on your computer (filename: wallet.dat<\/strong>) for every address key pair you manage.\u00a0\u00a0<\/p>\n With HD Wallets, you can always generate the same set of keys from the extended master private key<\/strong> without ever revealing the corresponding private keys.\u00a0\u00a0<\/p>\n The only limitation imposed is related to the available storage (~1.5MB) available on a specific hardware wallet and varies depending on the manufacturer.<\/p>\n You can try it for yourself <\/a>using this Deterministic Key Generator tool.<\/p>\n Step 1<\/strong>:\u00a0 Follow the instructions to enter your entropy, which is a mathematical word for randomness.\u00a0\u00a0<\/p>\n For example, you could roll a 6 sided dice 53 times and enter the result in order after each roll.\u00a0\u00a0<\/p>\n You could also flip a coin 53 times, entering \u20181\u2019 for heads and \u20182\u2019 for tails to create your own randomness (entropy).<\/p>\n Step 2<\/strong>: (optional) enter an \u2018optional password\u2019 commonly referred to as a password or passphrase<\/strong>.\u00a0\u00a0<\/p>\n Step 3<\/strong>: Select whether you want a 12 or 24 word BIP39 phrase (seed phrase\/recover seed) and click \u2018Generate New Phrase\u2019.<\/p>\n Voila!\u00a0 After some complicated behind the scenes hashing, salting, and checksum operations you just created a new Bitcoin address with the corresponding public and private key pair.\u00a0\u00a0<\/p>\n The backup phrase provided was generated from the BIP39 word list <\/a>which corresponds to a numeric number converted from the output of the key generator which uses entropy.<\/p>\n Step 4<\/strong>: (optional) Scroll down the page, select \u2018External account (master)\u2019<\/strong> from the Derivation Path<\/strong> dropdown.\u00a0 Examples below:<\/p>\n Path m\/0 = The first (0) child private key derived from the master private key (m)<\/p>\n Path m\/0\/0 = The first grandchild private key derived from the first child<\/strong> (m\/0)<\/p>\n Path m\/1\/0 = The first grandchild private key derived from the second child <\/strong>(m\/1)<\/p>\n The Account<\/strong> (k) field is where you can enter a number to represent an additional key pair.\u00a0\u00a0<\/p>\n We can enter the number 3 to generate the (public\/private) key pair for the third Bitcoin address in our HD wallet.\u00a0 This is the logic that cold wallet device manufacturers like Trezor and Ledger use to generate new, pseudonymous addresses that are not publicly connected but stored within the same wallet.\u00a0 Here\u2019s a link to their documentation<\/a>.<\/p>\n The example below displays the public and private keys generated based on the account number I enter.\u00a0\u00a0<\/p>\n Note: <\/strong>Notice how the \u2018BIP 32\u2019 Extended Key<\/strong>, at the top of the image, DOES NOT change.\u00a0\u00a0<\/p>\n With HD Wallets, the public and private key pairs are generated from an extended master private key<\/strong> which can be unlocked\/restored with a 12 \u2013 24 recovery seed phrase that you must backup and keep secure.\u00a0<\/p>\n Pro Tip: <\/strong>Generating a paper wallet<\/strong>, like the example above, is not our recommendation because using an online key generator introduces risk<\/a> (keylogger, bad actor, malware).\u00a0 You could opt to use a more advanced, secure, and self-contained (air-gapped) option following these instructions<\/a> (alternative<\/a>) or allow your wallet provider to generate the private key<\/strong> (and recovery seed).<\/p>\n A private key<\/strong> is just a number that can be randomly generated like we just showed in the example above.\u00a0\u00a0<\/p>\n Technically, someone could accidentally generate the same BIP39 recovery seed when they are setting up a new wallet.\u00a0 This is called key collision.<\/strong><\/p>\n The chances of generating the same private key as someone else is 2^256 which is approximately 10^77 <\/p>\n Nerd alert<\/strong> \u2013 2^256 (1.15 quattuordecillion) = 1.157920892373162e+77 = 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936<\/p>\n For example, let\u2019s assume that Bitcoin goes through a mass adoption<\/strong> and at some point in the future there are 10 TRILLION<\/strong> addresses (currently ~500 Billion w\/ only 30 Million<\/a> holding Bitcoin).\u00a0 So, 30 Million to 10 Trillion is a HUGE leap, but let\u2019s keep at it.\u00a0 If those 10T addresses were evenly distributed, there would still be gaps of 10^64 between each.\u00a0 Remember we started with 10^77 as the total number of possible addresses.\u00a0\u00a0<\/p>\n Your private key is statistically impossible for someone or some quantum computer to guess in the next 10^23 millennia because the number of combinations is comparable to the quantity of atoms in the universe.\u00a0<\/p>\n So, you\u2019re saying there\u2019s a chance.<\/p>\n Buttcoiners and FUD-spreaders are happy to talk about hacking, stealing, scamming or even accidental \u2018key collision\u2019<\/strong> resulting in an unauthorized party having access to your coins because they have your recovery seed<\/strong>.<\/p>\n Technically someone could<\/em> generate the same private key on the first guess.\u00a0 Unlikely, but possible.\u00a0<\/p>\n Or maybe you fell victim to a phishing attack or clicked a bad link.\u00a0\u00a0<\/p>\n Pro Tip: Never.\u00a0 Never ever. Never ever type in your seed phrase on ANYTHING other than a cold storage device.\u00a0 Your hardware wallet\u2019s sole purpose is to be the ONLY thing that can safely accept your recovery seed.\u00a0 If you have any questions, ask us at <\/strong>team@stratus.io<\/strong><\/a> and remember that we will not ask for your seed.\u00a0\u00a0<\/strong><\/p>\n Passphrases are optional and add additional data to the master seed<\/strong> before the extended private key <\/strong>is generated.\u00a0\u00a0<\/p>\n Adding a passphrase to your randomly generated private key<\/strong> is the easiest way to protect your wallet from key collision<\/strong> with the drawback of having one additional word or number to backup and keep secure.<\/p>\n With a 13th or 25th word BIP-39 passphrase, If someone acquired your seed through hacking or happenstance, they would need both your backup recovery seed + your passphrase<\/strong> to access your passphrase-secured accounts.<\/p>\n By default, every wallet uses a \u2018blank\u2019 passphrase.\u00a0 Adding a passphrase replaces the default \u2018blank\u2019 placeholder with a \u2018string\u2019 (case sensitive letters\/words\/numbers) that replaces the default \u2018blank\u2019 passphrase field.<\/p>\n A passphrase <\/strong>offers the greatest value by adding an additional layer of security if your seed phrase<\/strong> is discovered or accidentally revealed to someone.\u00a0<\/p>\n Pro Tip: <\/strong>A \u2018passphrase\u2019 and \u2018BIP-39 Passphrase<\/a>\u2018 are used interchangeably. A passphrase option is available on BIP-39 compatible wallets which use the list to generate your 12\/24 word recover seed. However, your passphrase is NOT limited to one of 2,048 words the BIP-39 list<\/span> and we strongly encouraged you to use, backup and secure a unique alphanumeric passphrase.<\/p>\n Depending on the requirements of the wallet provider, a passphrase<\/strong> is CaSe sensitive and can be any combination of numbers, letters, and symbols.\u00a0 Common words could <\/em>be brute forced, so consider adding randomness using 12 upper\/lowercase letters and numbers.\u00a0 Some providers may present an option to select a word from the predefined list of 2,048 BIP-39 word list<\/a>.\u00a0\u00a0<\/p>\n You\u2019ll need to decide if simplicity (memorable passphrase) is more important than advanced security (random words\/numbers).\u00a0\u00a0<\/p>\n Passphrases DO NOT get stored on your device.\u00a0 Your wallet will combine the recovery seed<\/strong> + passphrase <\/strong>to create a new, unique passphrase-secured private\/hidden<\/strong> wallet.\u00a0 For exmample:<\/p>\n Wallet A = recovery seed + {default empty passphrase}<\/p>\n Wallet B = recovery seed + passphrase1<\/p>\n Wallet C = recovery seed + passphrase2<\/p>\n Wallet D = recovery seed + passphrase3<\/p>\n<\/div>\n<\/div>\n If someone generated the same private key<\/strong> by rolling dice or flipping a coin, your passphrase enhances<\/strong> your entropy by adding an additional word (or number) that can\u2019t be randomly generated.\u00a0\u00a0<\/p>\n Pro Tip<\/strong>: Best practice is to store your passphrase separately from your backup recovery seed when you self-custody your bitcoin.\u00a0 Even if you have your recovery seed accessible, if you lose (or forget) your passphrase, you will lose your coins!<\/p>\n Accessing your hidden\/secret wallets to make a transaction is as easy as accessing your standard wallet then entering your passphrase in where prompted.\u00a0\u00a0<\/p>\n If you enter the wrong passphrase, your wallet is NOT able to tell you that it\u2019s incorrect because technically there are no wrong<\/em> passphrases.\u00a0 If you enter the wrong passphrase, a NEW hidden\/secret wallet will be created for use.\u00a0 You will need to reset and try again if your passphrase entry does not access the wallet you expected.\u00a0\u00a0<\/p>\n The only way to know if you entered the correct passphrase is by the contents of the wallet funds.\u00a0\u00a0<\/p>\n You may be wondering, how can I reset or change my passphrase?\u00a0 You can\u2019t reset or change your passphrase.\u00a0 Each passphrase you enter accesses a different wallet.\u00a0 If you want to use a different passphrase, then generate a new passphrase wallet and send bitcoin to this wallet.<\/p>\n For example, if you use Trezor watch this video <\/a>showing how to create hidden wallets and use 3rd party apps like MetaMask or hardware devices like ColdCard with a passphrase<\/a>. <\/p>\n On some devices, like Ledger, you can create a second PIN<\/a> for your hardware wallet that uses a PIN to unlock a specific passphrase protected secret wallet.\u00a0 Entering the second PIN accesses the hidden accounts.\u00a0\u00a0<\/p>\n On a Ledger wallet device, you have two options for the second PIN passphrase:<\/strong><\/p>\n Attach to Pin<\/strong>: Your device has a standard non-passphrase wallet accessible by your primary PIN.\u00a0 If you turn your device off, then back on and enter the secondary PIN<\/strong>, your device will allow you to manage your hidden wallets.<\/p>\n With Attach to Pin you selected from the device menu, confirm your secondary PIN then confirm a passphrase.\u00a0 You still have a passphrase, but don\u2019t have to enter it because the PIN serves as a proxy for the passphrase.<\/p>\n You can only create one (1) secondary PIN<\/strong> if you select the Attach to Pin.\u00a0 Creating a separate passphrase attached to a PIN overrides the first PIN code + passphrase combination.\u00a0 You can still access the overwritten secret wallet by recovering the wallet with a seed and the original passphrase.\u00a0\u00a0<\/p>\n Set as Temporary: <\/strong>A temporary passphrase generates new accounts on your device for the remainder of the session.\u00a0 When you turn your wallet off then back on, navigate to the passphrase menu<\/strong> and click \u2018set secret passphrase.\u2019\u00a0 If you want to access a passphrase wallet, enter the passphrase then your primary PIN<\/strong> to validate.<\/p>\n Note: This does not assign a PIN to the passphrase like the \u2018attach to PIN\u2019 option.\u00a0\u00a0<\/p>\n When we created the master keys in the previous example, we were provided with a recovery seed, private key, public key, public address and an extended key (XPRIV).\u00a0<\/p>\n 12 word recovery seed<\/strong>: banana code hard debate vague ecology mistake sick present prepare nasty manage<\/em><\/p>\n Private Key (WIF*)<\/strong>: L2qM2hSYeC9TW9LhUwtzQMHhaKzeyoNULmuzDQkaiynVaDyByDtR<\/p>\n *WIF \u2013 \u201cwallet import format\u201d is the standard alphanumeric private key format.\u00a0\u00a0<\/p>\n Public Key (hex)<\/strong>: 02054f43aa816fe14d4d38a3c01af02844b0366aad8e7a6865780c57062269e05b<\/p>\n Public Address:<\/strong> 1EGxUj4NEuXyWoKfGPGhhCHbWAv6LrL5xP<\/p>\n Extended Key:\u00a0<\/strong><\/p>\n xprv9s21ZrQH143K3FUHuKDbffdt4TYNYigit28odBvz9HZ2QZdu6rybiqDVxpUYoyudsv9tebfY2iJmZke6LDR3EeaVVTQBH3ZgbTBmsTM8wyH<\/p>\n Adding a Passphrase \u201cbtc\u201d to the backup recovery seed generated a new private key, public key, public address and an extended key (XPRIV).<\/p>\n Extended Key with Passphrase: <\/strong>xprv9s21ZrQH143K3QaGxe5JD5rgtHdQmvLZMxM6LBGwgDYEX7jDLXxkjPyV2bsM6RNe8eE8uqicqWRmRoqTF7GkJzmoss64Ua1M92SkVRE8bML<\/p>\n It\u2019s like having a completely different wallet with an infinite number of addresses and backed up with the same recovery seed<\/strong>.\u00a0 Adding a 25th word passphrase creates an entirely NEW wallet with an infinite number of addresses and backed up with the same recovery seed + passphrase.<\/strong><\/p>\n This is the beauty of deterministic wallets which use cryptography to easily derive secure keys to transact with.\u00a0 Prior to HD wallets, every time you created a new address you were given a new recovery seed to backup to recover the wallet.\u00a0\u00a0<\/p>\n New key pairs can be derived for each transaction which helps to keep your transactions more private compared to using the same key pair every time you send or receive Bitcoin.\u00a0\u00a0<\/p>\n The organizational structure of HD Wallets increases privacy, compared to non deterministic, because if \u2018branch A\u2019 is used to receive Bitcoin, \u2018branch B\u2019 is used to receive Bitcoin a change outputs within the same wallet.\u00a0\u00a0<\/p>\n Another major privacy benefit for HD Wallets is being able to generate and use different<\/strong> public keys<\/strong> in transactions received<\/strong> while eliminating the need to provide the corresponding private key.<\/strong><\/p>\n The Bitcoin blockchain is a public network.\u00a0\u00a0<\/p>\n Re-using an address allows anyone with a blockchain explorer<\/a> to view your transaction history and balance.\u00a0\u00a0<\/p>\n Many HD Wallet hardware devices are programmed to generate a new address for every transaction.\u00a0\u00a0<\/p>\n The addresses (key pairs) are maintained within your wallet under the same account while being publicly disassociated from each other on the network thanks to the extended public key <\/strong>(XPUB).\u00a0\u00a0<\/p>\n Pro Tip: <\/strong>multiple passphrases can also be used to categorize different wallets depending on the transaction type for each.\u00a0 For example: Passphrase A for your Dollar Cost Averaging<\/a> (cap gains tax reporting).\u00a0 Passphrase B for sending\/receiving with friends or family.\u00a0 Passphrase C for merchant transactions. \u00a0 EVERY passphrase needs to be backed up separate from each other and your recovery seed!!<\/strong><\/p>\n You should have a plan for backing up and safely storing your recovery seed<\/a> to prevent unauthorized access to your wallet(s).<\/p>\n Being in your own bank means that you are free to manage a personal strategy for Crypto Operational Security<\/a>.<\/p>\n Hardware wallets<\/strong> store your keys offline and even protect your keys and crypto if you plug your cold wallet into a computer infected with malware.\u00a0\u00a0<\/p>\n Most cold storage devices require you to enter a 4-8 numeric Key Terms HD Wallet Passphrases:<\/strong><\/h3>\n
Can I use one single recovery seed for different blockchains?<\/strong><\/h2>\n
Click To Tweet<\/a><\/p>\nHow to create a BIP 32 Deterministic Key<\/strong><\/h2>\n
What\u2019s the chance of generating the same private key as someone else?<\/strong><\/h2>\n
Bitcoin Wallet Passphrases<\/strong><\/h2>\n
How do I set up and recover a passphrase wallet?<\/strong><\/h2>\n
Can I use a second PIN as a passphrase?<\/strong><\/h2>\n
Generating a Private Key with Passphrase Example: <\/strong>\u00a0<\/h3>\n
HD Wallet Privacy\u00a0<\/strong><\/h2>\n
HD Wallet Security<\/strong><\/h2>\n