What is a Bitcoin wallet?
Bitcoin wallets don’t act like wallets we traditionally think of and bitcoins aren’t really coins. Wallets are actually the software that generate wallet addresses and sign transactions using cryptographic public and private keys. A public key is like an email address which is shared with everyone. The private key is like a password that must be kept secret.
Private keys sign transaction messages. The cryptography ensures that those messages can be verified by all (using the public key) to have been signed by the holder of the private key (without knowing the actual private key!). These keys are called key pairs and are linked together inextricably; only the person with both keys can sign a transaction and then give out the public key to prove it was them. Your wallet will generate and manage your keys for you.
The public/private keys are generated from a “seed” which is essentially a backup copy of your entire wallet. Seeds are commonly a string of plain-text words in a specific order, often 12 or 24 words. In case your wallet is lost, the seed will recreate your whole wallet. However, anyone can do this if they acquire your seed, so it should be stored separately from the wallet in a very safe place. This seed is not needed for regular access and spending; instead, a regular password is used to open the wallet and spend coins.
A wallet can generate a virtually unlimited number of wallet addresses, useful for giving out a new address every time we receive coins (while retaining them all in a single “account” within your wallet). This is all done behind the scenes of your wallet’s software, but it helps to understand this because your wallet might show you a new bitcoin address every time you want to receive coins. This is a feature not a bug.
Addresses can be read as QR codes to eliminate the need to type or copy and paste long addresses. Old addresses that you used in the past will always work. Wallets might use multiple accounts within a single wallet like you might have multiple accounts at your bank.
Wallets don’t actually “hold” your bitcoin, coins are not stored in them physically. Instead, the blockchain (a distributed history of every transaction) is technically responsible for keeping track of how many coins are spendable by wallets; the coins are associated with addresses in those wallets.
The wallet can be lost or damaged without losing your funds as long as you have a backup of your seed. The wallet is still protected by a password so if that is kept secret then the wallet is useless to a thief. If the seed is lost you can move your funds to a new wallet and safely store your new seed. Seeds can be obfuscated or encrypted but take care to ensure you (or a loved one) can decrypt it if the time came to do so. One might want to keep multiple copies of a seed in different secure locations especially with large sums of coin.
Please note: If both the wallet and the seeds are lost, your coins are essentially gone forever.
Other wallet features include multi-signature wallets (requiring some combination of multiple signatures to “spend” coins), address books (to store wallet addresses of your contacts), built-in access to exchanges to buy or sell your coins, or support for multiple crypto-currencies. This is not an exhaustive list and some features we haven’t thought of yet.
Hot vs Cold Wallets
Wallets are either considered “hot” or “cold”, depending on whether or not they are exposed to hackers.
Wallets that reside on an internet-connected device (or even just connected to any kind of network, LAN, intranet, or having active wireless network adapters) are considered hot. Being hot means an attacker may be able to “hack” the device or wallet’s software and compromise the security of the wallet in some way which can lead to theft of your coins.
Desktop computers with access to the internet are definitely considered “hot”, and they can be prone to viruses and malware. In fact, smartphones are generally more secure than PC computers, and are not the worst place to store a small amount of coins. Mobile phones should be updated regularly (for security fixes) and wallet software should always be vetted or audited to make sure it is secure, and to ensure it is from the correct developer. Beware of brand new apps with very few downloads or few reviews. Open source software is usually better because the community of developers can help spot bugs or malicious code.
Hacks and theft are a concern because bitcoin is not controlled by a central authority. If someone steals your coins, there’s no phone number to call to get them back.
Some hacks include “key-loggers” and “paste-jacking”. Key-loggers might record and steal your password (an attacker with access to your computer can use your stolen password and spend your coins). Paste-jacking entails malicious software that hijacks copy/paste functions and can paste an attacker’s bitcoin address instead of the address you wanted to send coins to. You should always verify at least part of the address you are sending to for this reason (just like you would verify account and routing numbers).
This can seem scary, but it is important to understand security if one desires to be their own bank. Take care to update your operating system, use virus and malware protection, and never visit potentially hazardous websites on a computer on which wallets are stored. Furthermore, it is not actually recommended to store bitcoins on desktop computers. Especially with large sums, cold storage is the most secure type of wallet.
Cold storage refers to hardware wallets and paper wallets. Paper wallets are just seeds/keys written on paper (or other material). Hardware wallets often look often like a USB drive; they are specially designed to protect your private keys because their circuitry itself prevents access to the keys.
Hardware wallets are generally the most secure means to spend your coin because the private keys are only ever visible to an internal component in the hardware and the keys are never visible to anyone; in fact, the keys are never displayed and never leave the device at all, only a transaction message with the signature (signed with the keys) is sent out. Transactions must be confirmed by pressing physical buttons on the hardware wallet itself, meaning your coins can never be spent without holding the actual device. Destination addresses are confirmed on the device’s screen as well. If the seed and password are kept safe, these are very secure ways to store coins.
Hardware wallets in their current generation only have a few buttons, likely have a very small screen, and are rarely connected to the internet. Subsequently, they require a separate computer connected (typically through USB) to send out the transaction to the internet. Currently they are difficult to spend on the go without a laptop.
The inevitable march of technology will deliver wallets far more advanced than what exists today. Wallets have already come a long way from the early days of bitcoin, and new features are incorporated all the time. The current design of hardware wallets require a separate device to transact, although recently a hardware wallet was released that uses encrypted bluetooth to function with a smartphone, and it’s the same size as a credit card. Being able to carry a hardware wallet in your actual wallet is certainly intuitive.
I believe the next step is a mobile phone with a hardware wallet built-in. This would provide all the convenience of current mobile wallets while retaining the security of standard hardware wallets, though, it will take time before these are available.
Another great feature would be accommodating the many different cryptocurrencies that are flooding the markets. There are services that will exchange coins for you on-the-fly, for example, you send some bitcoin to an address and receive another coin in a specified address minus a fee. It is all done without making an account of any kind.
This can be taken a step farther; imagine you only have bitcoin but a merchant only accepts a different currency, a wallet integrated with a similar service could send your bitcoin while the merchant receives their desired currency effortlessly, selected from a drop-down menu. These services are in their infancy but for this reason I believe they will be robust and common in the future.
This is a lot of unfamiliar information for newcomers. People are used to getting a username and password from a centralized organization ( banks, paypal, venmo) that handle everything and they can recover that password if it’s lost. Luckily, this is still an option.
Custodial services are already emerging that provide the service we are used to. Much like banks they actually store coins for you and send it on your behalf. Some of these services will even give you a VISA card and let you spend bitcoins anywhere VISA is accepted. The difference is there isn’t yet the necessary insurance (like FDIC) or regulation to ensure that users are protected thoroughly, though, we are already seeing legislation and insurance starting to materialize.
Using a bitcoin custodial service or currency exchange that can aid in managing wallets and coins is useful as long as the service is secure, but it re-introduces a trusted, centralized, point-of-failure. This is something bitcoin facilitates avoiding altogether. The difference now is we have the option to use custody services or manage our coins ourselves if we so choose; but, to be our own bank, we are responsible for following good practices. If we allow our seeds or wallets to become compromised, we risk losing coins that are associated with those wallets.
All of the challenges regarding bitcoin wallets are surmountable. Hardware wallets are getting better and they are very secure if used carefully (seed and passwords must be kept safe). Engineering solutions to brand new technological challenges will simply take time. Much like how early smartphones were used only by a tech-savvy subset of the population, yet now occupy nearly every adult’s pocket or purse globally, using bitcoin wallets will soon be as second-nature as using a credit card or ATM machine.