Published: 2021-01-19 at block 666,827
Bitcoin Price: $36,340
So you finally bought some bitcoin and started learning about wallets.
But all the terminology and technical details are overwhelming. Private keys, seeds, public keys, addresses, HD wallets, BIPs... All these concepts seem pretty foreign right?
Stick with me and by the end of the blog post, you'll have a strong understanding of the concepts above.
Table of Contents
- What is a Private Key?
- What is a Seed Phrase?
- Where can I find my seed phrase?
- How should I backup my seed phrase?
- Where can I use my seed phrase?
- What is BIP39?
- How do I import my seed phrase?
- What is a Public key?
- What is an Address?
- Why does my Bitcoin Address Change?
- What is a BIP32 Hierarchical Deterministic (HD) Wallet?
- What is a Wallet?
What is a Private Key?
A private key is like an ATM PIN to your bank account. A bank account has a unique PIN. A PIN proves to the ATM that you own the account and allows you to spend the funds in the account, right?
Similarly, your private key proves to the Bitcoin network that you own bitcoin and allows you to spend your bitcoin.
A private key is essentially a random number between 0 and 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936. Pretty much, a 256-bit number.
But it'd be difficult to enter in a PIN like that every time you wanted to spend bitcoin, right?
So developers created a human-readable format to derive private keys: the popular seed phrase format.
What is a Seed Phrase?
FYI: you might've heard "seed phrase" synonyms and variants like:
- Mnemonic phrase
- Mnemonic code words
- Mnemonic seed
- Seed words
- Backup seed
- Recovery phrase
- BIP39 seed phrase
These are all interchangeable. Regardless, a seed phrase is simply a representation of a random number. It's an ordered sequence of 12 or 24 words, chosen from a list of 2048 words. Using cryptography, your wallet can derive your private key using your seed phrase. And with that private key, your wallet can spend your bitcoin.
Each seed phrase is unique. The chances that you share the same seed phrase with someone else are virtually zero. And just as improbable is brute-forcing a seed phrase with a non-zero bitcoin balance.
Here's an example of a seed phrase:
dove lumber quote board young robust kit invite plastic regular skull history
Where can I find my seed phrase?
You might be wondering where you can find your seed phrase. Usually, you're required to backup a copy of your seed phrase when you first set up your wallet.
But in case you haven't, some wallets offer a way to find or export your seed phrase.
Before you go looking, make sure to keep your seed phrase away from prying eyes. Anyone with your seed phrase can steal your bitcoin!
Like an ATM PIN, it's important to keep your seed phrase secret. NEVER share your seed phrase with anyone you don't trust (like I did in the example above)!
If you share your seed phrase with anyone, they can control and spend your bitcoin. They can steal your funds and you'll have no way to get them back - Bitcoin transactions are irreversible.
So whenever someone asks for your seed phrase or for you to send funds, it should ring alarm bells in your head.
There are many scammers who will try to get you to share your seed phrase. They're usually get-rich-quick schemes. But there are also sophisticated phishing schemes. They look like legit websites, emails, developer tools, recovery kits, etc.
If the scam is on a website, make sure to check that the URL is correct. And as always, feel free to ask Reddit whether something is a scam.
Ok so... are you away from prying eyes in a safe, secure, and private location? Good.
If you already know how to find your seed phrase, then feel free to skip ahead to the next section.
If not, I've added how to find your seed phrase in the following wallets for your convenience. Let me know if I missed any examples in the comments below.
Note: you CANNOT view your seed phrase in Ledger or Trezor after your initial setup.
- How to find your seed phrase on Coldcard: Advanced > Danger Zone > View Seed Words
- How to find your seed phrase on Blockstream Green: Settings > Security > Mnemonic
- How to find your seed phrase on Samourai: Settings > Wallet > Show mnemonic
- How to find your seed phrase on Liquality: Menu > Backup Seed
- How to find your seed phrase on Umbrel: Settings > Account > Secret words > View
If this is your first time looking at your seed phrase, make sure to store a copy of your seed phrase in a secure place! Consider your seed phrase as your bitcoin. If you lose access to your seed phrase, you lose your bitcoin.
This is why having a backup of your seed phrase is important. Please please please make sure to backup your seed phrase in a safe, secure, and secret location.
How should I backup my seed phrase?
If you're wondering how and where to store your seed phrase backup, here are a few pointers:
- Do NOT save your seed phrase on a computer, phone, etc. You want it to be "air-gapped" from the Internet / a digital environment.
- Consider writing down your seed phrase on paper or stamping it into metal, then store it in a safe location
I'm going to leave it up to you to figure out how to store you seed phrase backup. Here are some other resources:
Ok, so we've gone over:
- Private key = how you own and spend bitcoin
- Seed phrase = a way for your wallet to derive your private key
- Not sharing your seed phrase
- Where to find your seed phrase
- Backing up a copy of your seed phrase
Now you might be wondering, "when or where can I use my seed phrase?"
Where can I use my seed phrase?
Let's say that you lose your Ledger device or wipe your phone. Do you lose access to your bitcoin?
Well, bitcoin aren't physically stored in your hardware. The Bitcoin blockchain tracks which addresses own which bitcoin.
So don't worry, you don't lose access to your bitcoin.
Using your seed phrase backup, you can import your seed phrase into a new wallet.
Let's say you were using a Ledger Nano S, lost it, then bought a new one.
All you need to do is import your existing seed phrase (which you made a backup of) into that new Nano S. That's it. Your Ledger Live dashboard should recover the same bitcoin balances and history.
If you were using Blockstream Green, same thing. Type in your seed phrase and it recovers your entire wallet.
Now let's say you backed up your seed phrase from your Ledger device. You could even import that seed phrase into Blockstream Green! You could receive or spend bitcoin from either wallet. The apps would show the same wallet activity, balances, addresses, history, etc.
In fact, people commonly "transfer" bitcoin from one wallet to another using a seed phrase. This way, there's no transaction. You don't need to pay transaction fees or wait for mining confirmations.
So seed phrases can be platform-independent - it's like accessing a cloud service. All you need is your seed phrase and you can access your bitcoin from any wallet that adheres to BIP39.
Do you see why backing up your seed phrase is so important? Do you see why keeping your seed phrase a secret is so important?
Rather than your hardware or software, your seed phrase is your access to your bitcoin.
What is BIP39?
BIP39 specifies how wallets should go about implementing seed phrases for better compatibility. It also specifies the 2048 word list from which wallets generate seed phrases.
Most modern wallets are BIP39 compatible and you can find a list here.
How do I import my seed phrase?
Here's how to import your BIP39 seed phrase into the following wallets. Make sure to enter your seed phrase in sequential order.
Let me know if I missed any wallets that you'd like to see in the comments below.
If you're already comfortable importing seed phrases into wallets, then feel free to skip ahead to the next section.
- How to Import Your Seed Phrase on Ledger
- How to Import Your Seed Phrase on Trezor
- How to Import Your Seed Phrase on Coldcard
- How to Import Your Seed Phrase on Blockstream Green
- How to Import Your Seed Phrase on Samourai
- How to Import Your Seed Phrase on Liquality: First lock your Liquality Wallet. Then, click "Forgot password? Import with seed phrase"
- How to Import Your Seed Phrase on Umbrel: On umbrel.local/start , during your setup, click "Recover" on the "Note Down Your Secret Words" screen
So far, we've covered private keys and seed phrases.
A private key allows you to spend your bitcoin, and a seed phrase is a way to derive your private key. Your wallet derives your private key from your seed phrase.
Now how do these relate to public keys and addresses?
Well, how does our wallet know which addresses belong to us? How can our wallet spend the bitcoin received by those addresses?
What is a Public Key?
Like a private key, a public key is also a large number. But instead of using it to send bitcoin, we use it to receive bitcoin.
You see, digital keys come in pairs.
Using cryptography, a private key generates its corresponding public key. This establishes a "one-to-one" relationship between the two, making a key pair.
But a public key CANNOT generate its corresponding private key. This makes the one-to-one relationship between a private key and a public key "one-way". The private key can derive the public key, but not vice versa.
So you can't spend bitcoin using a public key. You also can't derive a private key from a public key. So a public key doesn't need to be kept a secret.
But many believe that you should keep your public keys secret as well, and only share addresses. This topic is out of the scope for this blog post. But if you're interested in learning more, feel free to let me know in the comments below.
Pretty much, your wallet uses public keys to receive bitcoin, not for sending it. And your public key can't compromise your private key.
At this point, you might be thinking: "oh so my addresses, where I receive bitcoin, are just public keys."
What is an Address?
An address is a "human-readable" form of its respective public key. It's where you receive bitcoin. As stated in the Practical Guide to Bitcoin Addresses, these addresses typically start with a "bc1", "3", or "1".
Again, by using one-way cryptographic functions, a public key generates its corresponding address. The one-to-one relationship between an address and public key is also one-way. A public key derives an address, but not vice versa.
Like their public key counterparts, addresses don't need to be kept secret. In fact, you need to share them in order to receive bitcoin.
So in summary, a seed derives a private key. That private key generates its corresponding public key. That public key then generates its corresponding address.
This means that each address relates to a public key, which also relates to a private key.
This is how our wallet (1) knows that an address belongs to us, and (2) can spend the bitcoin in that address. Private keys and addresses are ultimately linked.
Thankfully, you do NOT have to worry about managing your private and public keys when using a wallet.
Most wallets abstract away all those concepts. Wallets handle key management in the background. You're only required to know your seed phrase, and how to send and receive bitcoin.
Tip - you can use this guide to find your address within your wallet.
"So one private key can generate one public key, and one public key can generate one address. Then how does my wallet generate new addresses for every transaction? I'm only using one private key via my seed phrase!"
It's a great question because one private key corresponds to one seed phrase. And it's not like you're backing up a seed phrase for every transaction...
This is where BIP32 Hierarchical Deterministic (HD) wallets come into play.
What is a BIP32 Hierarchical Deterministic (HD) Wallet?
HD wallets can use a single master seed to generate many new key pairs (and in doing so, addresses). This is why your single seed phrase can generate a new address for every transaction. You are using an HD wallet.
So if you've received 100 transactions, your HD wallet created 100 key pairs for them.
Note: HD wallets are not hardware wallets. But hardware wallets are often HD wallets.
HD wallets are great if you want to avoid address reuse for better privacy and security.
They also offer two other advantages.
First, they use a tree structure. This tree structure can express organizational meaning.
For example, let's say that I'm running a bitcoin business.
- I can have one branch of the tree represent product sales. That one branch can create a new address for every sale.
- I can have another branch representing donations. That branch can create a new address for every donation.
- I can have another branch representing consulting fees, and so on and so forth.
With this tree structure, all I need is one HD wallet - I can separate concerns by using different branches. So HD wallets offer more convenience. They generate addresses on the fly and allow me to separate transactions into groups.
Compare this to non-HD wallets, where I'd have to create and backup every private key, then organize them into groups. Key management in a non-HD wallet would be a headache!
FYI - these branches are often called accounts or sub-accounts, like in Ledger Live. Also many HD wallets may offer only one account for simplicity's sake. Still with one account, you'll be generating addresses for every transaction.
The second benefit of HD wallets is the ability to generate private keys and public keys separately.
Let's continue with the bitcoin business example to explain this concept.
If someone wants to make a donation, my website will tell my HD wallet to create a new address under my "donations" account.
You'd guess that the wallet first creates a new key pair using the master seed, then displays the respective address, right?
But what if the GoDaddy server that's hosting my website was insecure? What if GoDaddy was stealing every website's private keys? How could the web server generate a new address for each donation in an insecure environment?
The web server would need to be able to generate public keys and addresses without accessing my private keys.
Without an HD wallet, I'd have to first pre-generate a ton of key pairs. Then, I'd have to put the public keys on the web server. I'd also need to make seed phrase backups for each private key. And I'd have to make sure to separate concerns between the key pairs - noting which keys were used for donations, sales, etc.
In other words, a headache and recipe for disaster.
Luckily, an HD wallet comes with this capability.
I can host something called an "extended public key" (xpub) on the web server. This would allow the web server to create public keys and corresponding addresses ad-hoc for each donation. Because it's one-way, knowing this xpub would not help GoDaddy in finding my private keys.
This way, I could host my xpub and its corresponding public keys and addresses on the web server, while keeping my private keys separated and secure.
So if you use an HD wallet, each transaction will use a new private-public key pair and derive an address. Your wallet manages these new private-public key pairs in the background.
Again, you only need to know your single master seed phrase. Amazing right?
There's a lot of magic that happens behind the scenes in HD wallets, but it's out of the scope for this blog post. If you'd like to learn more about wallets, let me know in the comments below.
I highly recommend researching topics like:
- Compressed vs. uncompressed keys
- Master private key, master public key, master chain code
- Parent vs. child keys
- BIP44, BIP84, BIP49, BIP43
- Extended Public Key (xPub), Extended Private Key (xPrv)
- Derivation paths
- Digital signatures
- Encodings, Hash functions
- Elliptic curve cryptography
Tying all these concepts up...
What is a Wallet?
Your wallet is your key manager. It handles all the complexities of key creation, management, etc. for you. All you need to know is your seed phrase and click a few buttons to transact.
So in summary:
- Your seed phrase is a representation of a random number
- Your wallet uses your seed phrase to derive your private key
- Your wallet uses your private key to spend bitcoin
- Your wallet uses your private key to generate a corresponding public key
- Your wallet uses your public key to generate a corresponding address
- You use an address to receive bitcoin
- Hierarchical deterministic (HD) wallets use a single seed phrase to generate many private keys, public keys, and corresponding addresses
- HD wallets can organize key pairs into accounts
- HD wallets can also generate public keys without private keys (except for the master key pair)
- Your wallet is your key manager that abstracts away complexity for a simpler user experience
Note: if you are using a custodial retail brokerage / exchange like Gemini, Coinbase, CashApp, etc., then you do NOT actually own your bitcoin. On these platforms, you don't own a seed phrase (and its derivatives).
Hope this blog post helped clarify these technical concepts. If so, let me know what you've learned in the comments below, and feel free to share this post with other beginners who might also be struggling with these concepts!
What did I miss? What else would you like to learn more about? Let me know on Twitter!