Huobi Blockchain Industry Special Report: Cryptocurrency Wallets

This report is produced by Huobi Research; please cite “Huobi Blockchain Industry Special Report” for reference. Abstract In the narrowest cryptocurrency wallet is simply a tool to store one’s private key; in the broader sense, however, cryptocurrency wallet also bears basic functions such as balance viewing and sending transactions. In Q1 2018, there were estimated 23.95 million cryptocurrency wallet users worldwide, increased by 86% compared to Q1 2017. Based on our investigation into the 31 cryptocurrency wallet projects, Approximately 70% of the 31 investigated cryptocurrency wallets have mobile apps, while only about 26% can be accessed through webpages. 61% are open-sourced cryptocurrency wallets, and 65% have additional functions including market update and cryptocurrency trading, of which 75% of the wallets with additional functions provides cryptocurrency service to their users. we witness a fierce competition, as well as a lack of sustainable business model in the cryptocurrency wallet industry. There are many kinds of cryptocurrency wallets; this report classifies the wallets from five aspects: network connection, data storage, private key storage, main-chain relationship and private key signature. The report also analyzes the differences between these wallets in terms of security, ease of use, and functionality. In order to help readers understand the cryptocurrency wallet in depth, this report will elaborate on many basic concepts crucial to wallet usage, including but not limited to: Mnemonic Phrase, Keystore, Private/Public Keys and Address. In addition, this report also analyzes the security level of the wallets based on their security design and security education. At present, there are indeed some problems within the cryptocurrency wallet industry, such as complicated design, and unclear business models; security issues also occurred from time to time. However, as cryptocurrency wallet projects continue to develop and improve, its financial attributes will be gradually strengthened. Thus, it is expected that cryptocurrency wallets will become a functional portal for the integration of cryptocurrency asset management, DAPP applications, token usage, and right to obtain dividends/revenue, where the trading and wealth management services will also be improved. Chapter 1: Current Cryptocurrency Wallet Industry 1.1 Introduction Since Satoshi Nakamoto published the “Bitcoin White Paper: A Peer-to-Peer Electronic Cash System” in 2008, the Cryptocurrency market has grown from scratch and expanded. According to coinmarketcap statistics, on July 20, 2018, the total market capitalization of global Cryptocurrency assets has reached 286.82 billion US dollars. (July 20, 2018, 2:50 am UTC, per ). On December 17, 2017, after the bitcoin price reached a record high of $1973.40, the Cryptocurrency boom reached its peak. It is in the context of the rapid rise of Cryptocurrency investment that has driven the need for secure storage of Cryptocurrencies, and thus the Cryptocurrency industry has ushered in a development opportunity, with a large influx of developers and funds. According to the statistic of Statista, in the first quarter of 2018, the number for the users of global Cryptocurrency wallets was 23.95 million, an increase of 85.80% over the same period of last year and an increase of 11.34% from the previous quarter. Coinmarketcap The narrowest definition of a Cryptocurrency wallet is the tool for storing private keys. In a broad sense, it should include basic functions such as Cryptocurrency balance inquiry and sending/receiving transactions. (In a broad sense, an Cryptocurrency exchange can also be understood as a wallet, but they will not be discussed in depth in this report). From different perspectives, the definition and classification of Cryptocurrency wallets are different. For example, from the perspective internet connection, it can be categorized into cold/hot wallets; from the perspective of data integrity, it can be categorized into light/full node wallets. In terms of future development, Cryptocurrency wallets will not only serve as the entrance to the blockchain world, but also will support the extended financial functions such as Cryptocurrency trading and wealth management, and the continued development of this industry is worthy of attention from Cryptocurrency and blockchain industry practitioners. 1.2 Industry Analysis As an indispensable part of the blockchain industry, the development of Cryptocurrency wallets has also accelerated as the blockchain industry boomed; more developers have joined the field of Cryptocurrency wallet than ever. Compared to around 6 billion overall population and 4 billion Internet users in this world, the proportion of Cryptocurrency wallet users is still very small, meaning that there is still a huge potential for this market. Of course, it also means that the blockchain technology, and the Cryptocurrency wallet industry, is still in their early stage of development. We researched and analyzed 31 Cryptocurrency wallets in the market, and made statistical analysis in terms of their establishment date, platforms supported, Cryptocurrencies supported, open/closed source, number of users, and investments received. All statistics are derived from public information online with regard to Cryptocurrency wallet projects analyzed in this chapter. The establishment date (by year) of the 28 Cryptocurrency wallets (3 wallets do have public information available) are shown in figure below. The figure has a certain correlation with the BTC price trend; that is, in the years that saw the spike in BTC price (2014 and 2017, specifically), there were also more Cryptocurrency wallet projects being developed and deployed. Wallet created by year Other than a few cold wallet that does not have client software, 29 Cryptocurrency wallets support multiple platforms. As shown in figure below, 74.19% of the projects support Android, while only 25.81% could be accessed through webpages. Platforms support rate Next, we analyzed the support of 31 wallets to 10 major cryptocurrencies and ERC 20 tokens. With regard to the Cryptocurrencies supported, as shown in figure below, about 84% of the 31 Cryptocurrency wallets support BTC, 68% support ETH, 45% support ERC-20 tokens, while only 6% support XLM. Cryptocurrency support rate The security of Cryptocurrency wallet is the most concerned topic, especially with regard to the storage mechanism of private key. About 61.29% of the project are open-sourced; as such, they benefit by receiving help in development and having their codes regularly reviewed by wallet users and developers. Categorization by whether wallet is open-sourced Analyzing the 11 Cryptocurrency wallet projects with user information available, we found that, as shown in figure below, the number of Cryptocurrency wallets with a number of less than 100,000 users is similar to the number of wallets with a number of users of 100,000 to 1 million and with more than 1 million users. Categorization by number of users Among the 31 Cryptocurrency wallet projects, 10 have released the amount of investment received. Specifically, 60% of the projects received investment bewteen 10 and 100 million US dollars, and 20% of the project received more than 100 million US dollars investment, as shown in figure below. Categorization by amount of investment received 1.3 Business Model Analysis As tools for private key management, Cryptocurrency wallet projects currently do not have a viable and sustainable business model; most projects are still in its early stage if acquiring users and investments. Most Cryptocurrency wallets have launched value-added services as ways to generate revenue, attract new users, and increase customer loyalty. As shown in figure below, 65% of the 31 Cryptocurrency wallets provide additional services such as Cryptocurrency wealth management, market update, PoS pooling, and aggregated balance inquiry. Categorization by additional services provided As shown figure below, among the wallet projects providing additional services, about 75% provides Cryptocurrency trading services, 60% provides market update services, while only 5% provides aggregated balance inquiry services. Additional service support rate Cryptocurrency Trading Services Wallets with Cryptocurrency trading services have built-in access to centralized/decentralized exchange platforms, such as BitPie and Imtoken, with some wallets have access to automated trading platforms powered by Bancor mechanism, such as Tokenpocket. Some wallets have “instant trading services”, that is, the immediate exchange between Cryptocurrencies according to a pre-determined “exchange rate”, with its mechanism bearing resemblance to that of the decentralized exchanges. Cryptocurrency wallet users also trades. Without having transferring Cryptocurrency assets from wallet to an exchange, it simplifies the process for wallet users, thereby reducing risk resulted by making mistakes and enhancing customer loyalty, and ultimately facilitating user growth. However, a built-in exchange feature greatly increase the complexity of the wallet design and introduce greater risks since it requires high security. Cryptocurrency Wealth Management Services Wallets with Cryptocurrency wealth management services have built-in wealth management modules. The types of wealth management include long-term fixed income invsetment, short-term flexible invsetment, P2P financing and lending for Cryptocurrencies, and mortgages. At present, some of these wealth management modules are operated by third-party service; some are wealth management products in which money raised will be used to support the development of its own platform. Others uses includes investing the rasied assets into primary/secondary market, or providing peer-to-peer lending services. For long-term “hodlers’, Cryptocurrency wealth management services allow them to steadily earn incomes. Currently, the annual ROI of Cryptocurrency wealth management products provided by various wallets ranges from 4% to 20%. However, it is important to note that the Cryptocurrency market is highly volatile, and the products with poor liquidity will face greater risks. At present, the Cryptocurrency wealth management industry is not mature, and the risk-control and pay-back ability of these services are yet to be tested. In addition, in terms of the peer-to-peer lending with Cryptocurrencies, an improper management will drastically increase the risk of a default. Thus, Cryptocurrency investors interested in such services have to be extremely cautious when making an investment decision. PoS Pooling Services Wallets with PoS pooling services allow users to lock up their tokens (of PoS consensus algorithm) to receive periodical dividend and interest payout through PoS pooling. The wallets will provide the masternode for PoS pooling services, and users that meet certain capital requirements can participate in PoS pooling. Some wallets provide fixed-time pooling services (lock-up required), while some other PoS services do not require lock-up, meaning that they can withdraw their fund to their wallet anytime. A proportion of pooling income will go to the wallet operators, or PoS pooling service providers, as “Carry”, allowing wallet operators to generate revenue. Currently, there are many tokens that support PoS pooling, including DASH, LightningBitcoin, ZCoin, Qtum, and Hcash. Aggregated Balance Inquiry Services Today, Cryptocurrency users/investors tend to hold different tokens a number of exchanges and wallets, causing problems for centralized management and balance inquiry. Wallets providing aggregated balance inquiry service allows users to centralize manage their tokens across exchanges and wallets through utilizing API interface provided by Cryptocurrency exchange platforms. For platforms with poor or no API interface, the informations could also be updated manually. Currently, aggregated balance inquiry service allows can collect informations regarding one’s assets in exchanges, wallets, and ICO projects. At present, there are many types of major exchanges and wallet platforms. The types of Cryptocurrencies supported by each exchange and wallet are different. Therefore, users’ funds are usually distributed to different platforms, which is not conducive to centralized management and enquiry. Therefore, aggregate services can better meet the needs of user queries, improve user activity degree and user stickiness. This kind of wallet needs to cooperate with many exchanges, wallets, and etc for API interface development, and that requires certain development and maintenance costs. Based on the various value-added services described above, mainstream Cryptocurrency wallet operators generate review in the following ways: Major business models for cryptocurrency wallets Chapter 2: Cryptocurrency Wallets Classification With the development of the blockchain industry, we see a wide range of Cryptocurrency wallet projects in the market, in which the technologies, strategies used and functional focus are very different. This chapter will try to classify the existing Cryptocurrency wallet projects from five perspectives, as shown in figure below. As we can see, the classification reflects the strategic focus of the wallet and the user groups it faces; some embody safety, some insist on ease-of-use, and some emphasize functionality. 2.1 Internet Connection Cryptocurrency wallet is essentially a tool for storing private keys. The security of private keys is very important. By network connection, Cryptocurrency wallets today can be categorized into cold wallets and hot wallets, according to whether the wallets are connected to the Internet. Cold wallets came after hot wallets as a way to achieve “absolute security”. As shown in figure below, 83.87% of the 31 investigated wallets are hot wallets, with the other 16.13% being cold wallets. Categorization by internet connection Hot Wallets Wallets that keep real-time online connection are often referred to as hot wallets. Features: The hot wallet is more convenient to use than the cold wallet. It can be used on a PC or on a mobile terminal such as a mobile phone. It can also operate the assets in the wallet at any time. Therefore, 83.87% of the wallets are currently the hot wallet mode. However, due to its networking, it also gives the basic conditions for hacker attacks, and wallet security will be challenged. However, the wallet project party usually encrypts the stored private key and communication data packets, and to a certain extent, it can avoid hackers from easily invading. Analysis: Cold wallets Cold wallets usually refer to wallets that are not used network connection, and they are also called offline wallets. According to different implementations, it can also be divided into hardware wallets and paper wallets. The hardware wallet is used to generate and save the secret key. The device itself does not leak or output the secret key, but simply displays the secret key’s custody situation after we press a button or enter the device password. The paper wallet, as the name implies, is to record the secret key on the paper and then lock the paper in the safe. Features: Cold wallets store private keys in fully offline devices, which is a safer method than hot wallets, but with higher cost and worse ease of use, such as the traditional hardware wallet Armory. It requires a computer, that is not connected to the Internet, dedicated to install the offline side. Although the cold wallet is safer than the hot wallet, the cold wallet is not absolutely safe, and may encounter hardware damage, wallet loss, etc., and it need to be backed up. Analysis: 2.2 Data Integrity Categorizing by data integrity, Cryptocurrency wallets today can be categorized into full node wallets and light wallets, of which the light wallets also includes SPV node wallets. Since the full node wallets achieve higher data integrity by keeping a complete and up-to-date copy of the entire blockchain, they occupy large amount of storage space and computing resources and thus are suitable for mobile access. Currently, the full node wallet is not convenient for ordinary users. Therefore, about 90% of the wallets on the market are light node wallets, as shown in figure below. Categorization by data integrity Full-Node Wallets Features: A full-node wallet participating in the data maintenance of the network synchronizes all the data on the blockchain, which is characterized by more hidden and faster verification. However, due to the large amount of data, the degree of scalability is low. Analysis: Due to the need to synchronize information on the chain, many full-node wallets only support a single token and cannot support multiple Cryptocurrencies. Generally a full-node wallet is an official wallet. In addition, the full-node wallet takes up a lot of hard disk space. Full-node wallet is necessary to synchronize the block data before each use, which may result in poor usability. Light Wallets Features: Light wallet is designed to solve the problem that the full-node wallet needing to occupy a large amount of hard disk space by not keeping a complete copy of Blockchain data. Although the light wallets do not download all the data of the new block, they obtain, store and analyze data only related to itself. The running of light wallets depends on other full nodes in the network, and the light wallets could be accessed through mobile phone apps and the webpages. The SPV wallets are a type of light wallets that can perform simple payment verification. The SPV wallet also synchronizes the block data content, but only temporarily; it parses, but does not save, the UTXOs from the Blockchain. Light wallets are more scalable, allowing the wallets to simultaneously managing a wide range of different Cryptocurrency assets. Due to its high scalability, DApps can also run on light wallets. Light wallets can be further categorized into centralized wallets and decentralized wallets. Analysis: 2.3 Private Key Storage Method The private key management is at the core of Cryptocurrency wallet, where wallet is meant to help users store, manage and use the private key conveniently and securely. Therefore, a wallet’s private key storage method is very important. Based on whether the private key is stored locally, Cryptocurrency wallets today can be catergorized into centralized wallets and decentralized wallets. As shown in figure below, currently about 82.76% of the investigated projects are decentralized wallets. Categorization by private key storage method Centralized Wallets In centralized wallets, the private keys are not held by the users but stored in the centralized server of wallet operators. Sometimes, the private keys are also managed by third-party service providers. Features: : Centralized wallets are often referred to as Off-chain wallets. The private key and assets are managed by the wallet operators. Centralized wallet users do not have to worry about the loss of the private key and thus loss of funds, since these wallet support password recovery. However, it puts more pressure on the wallet operators: if the wallet’s centralized server is hacked, the private keys and assets of all users will be at risk. Analysis Decentralized Wallets The private key is owned by the user and the assets are stored on the blockchain. Features: The decentralized wallet is usually called On-chain wallet. With decentralized wallets, user have to store their private keys locally; as such, if the user by any chance lost the private key he/she will not be able to recover the address, and the assets will be permanently lost. However, it is difficult for the decentralized wallet to be attacked. Analysis: 2.4 Number of Cryptocurrencies Supported At present, public blockchain platforms are relatively independent from each other; there are no interoperability between platforms. Therefore, there are two kinds of wallets, with one being blockchain-specific wallets, and the other being wallets that support tokens of various standards. As shown in figure below, currently about 35.48% of the investigated projects are Blockchain-specific wallets, while 64.52% support more than one Cryptocurrencies. With the continued development of the Blockchain industry, we expect the gap to be further enlarged. Categorization by number of cryptocurrencies supported Blockchain-Specific Wallets : Blockchain platforms that allows customized token issuance also allows DApps to be deployed on these platforms. Blockchain-specific wallets are not only a instrumental component of the Blockchain platform ecosystem, they also serve as “app stores” that provide access to Dapps deployed on the Blockchain Features For public blockchain platforms, their tokens usually have certain use cases. The activities carried out by various roles on the platform are carried out around the token, such as miners, platform users, storage nodes or computing nodes, etc. So a wallet is needed to be a node for the parties to store and circulate the tokens. The wallet can also be used as one of the criteria for determining whether a platform-type project is available. Analysis: Multi-Chain Wallets It can support multi-mainchain platforms’ tokens. Features: The technical programs adopted by different mainchians are usually different. If the wallet wants to support the tokens of multi-mainchain platforms, it needs to develop the connection interface one by one, which has certain develop difficulties and workloads. This type of wallet has natural adventures to support build-in exchanges and cross-chain exchange business. Analysis: 2.5 Number of Private Key Signatures Required In order to enhance the security of Cryptocurrencies and use wallets in conjunction with certain application scenarios, there is a strategy that requires multiple parties’ private key signatures to use the wallet. So the wallet can be divided into a single-signature wallet and a multi-signature wallet. According to the statistical analysis of the Huobi Research, as shown below, the wallet supporting multi-signature only accounts for 25.81%, and the single-signature mode is a more popular way on the market. Categorization by number of private key signatures required Single-Signature Wallets Users can trade with a single private key signature. Features: The single-signature mode is simple and user-operability is strong, but since there is only one key, the risk is more concentrated. If users lose or leak the private key, it may directly lead to the loss of assets in the accounts. However, single-signature wallet management is more convenient, making it easy for users to directly control the account without going through an uncontrollable third party, so it is also a more popular mode in the market. About 74% of wallets adopting the single-signature mode. Analysis: Multi-Signature wallets : The trade can be allowed in the case of two (or more) private keys are signed at the same time. Features : Usually a private key is saved by the user and another one is given to the server. If only the server private key is stolen, the hacker does not have a local private key and he or she cannot sign during the transaction. Multi-signature wallet can also be used in a company or organization where multiple parties jointly manage property. The keys are managed by multiple members, and the most of members need to complete the signature before they can use the assets. Multi-signature mechanism is more secure than single-signature, but ease of use is greatly affected. Users need to understand some technical details, and they also need multi-party coordination. Thus learning and use costs are much higher. In addition, the multi-signature mechanism is more complicated, and it also exist some security risks. For example, the multi-signature mechanism of the parity wallet is used by hackers, causing more than 150,000 Ethereum to be stolen. Analysis Chapter 3: Technology Implementation Principle of Cryptocurrency Wallet 3.1 Technology Overview The technology realization of Cryptocurrency wallet mainly consists of three parts: 1. The wallet design itself, such as how to generate mnemonic phrase, keystore and password; 2. private key, public key and address generation methods; 3. wallet provider remote invocation of the public chain RPC interface design; as shown in the following figure, the technical process of the realization of the Cryptocurrency wallet can be summarized: As we all know, the private key is irregular strings, very inconvenient to remember, not to speak of the usage. So, from the point of view of wallet design, in order to simplify the operation at the same time without losing the security, the method of the word “AIDS” appears. In general, mnemonic phrase is made up of a number of words. As long as the words are remembered and input in order, the wallet can be opened. These following principles and methods will be described in detail. The wallet can be classified into two categories according to whether there is correlation between the keys. each key is generated independently from the random number, and the key is not related to each other. The wallet is also called “Just a Bunch Of Keys”, or JBOK wallet for short. Nondeterministic wallet: All keys are derived from a master key, which is the seed. All keys in this type of wallet are interrelated and can be found through primitive seeds. A number of different key derivation methods are used in the deterministic wallet, and the most commonly used is the tree structure, which is called the hierarchical deterministic wallet or the HD (hierarchical deterministic) wallet. Deterministic wallet: Bitcoin Core belongs to the nondeterministic wallet as there is no association between the key pair. This type of wallet is more troublesome if you want to backup and import, and the user must operate the private key and the corresponding address in the wallet, such as the nondeterministic wallet of random key set with loose structure in the following figure: Deterministic wallet Deterministic wallet is based on the BIP32 (Bitcoin Improvement Proposal32) /BIP39/BIP44 standard to maintain numbers of private keys through a common seed. The seed derives the private key from the irreversible hash algorithm. When you need to back up the private key of the wallet, only backup the seed (in most cases, mnemonics is generated by seeds through BIP44 and easy to write down). A wallet supporting standard BIP32, BIP39, and BIP44 standards only needs to import all the mnemonics, and then to import all private key as shown in the figure below: Non-deterministic wallet Generally speaking, the BIP32 standard defines the seed using HMAC-SHA512 to generate the root private key, and exports the private key, which is the main standard for the HD wallet; the BIP39 standard defines the generating rules of mnemonics and seeds; the BIP44 standard defines the node layout for the multi-currency and the multi account wallet. In addition, there is also the BIP43 standard for defining the multi-purpose HD wallet structure. For specific information, you can visit . https://github.com/bitcoin/bips 3.2 wallet design framework Generating Mnemonic Phrases (BIP-39 Standard) The mnemonics library has 2048 words, and 11 bits can be used to locate all the words (2¹¹=2048) in the mnemonics library as the index of the word, so a word is expressed in 11 bits. The number of the mnemonics can be (entropy + check sum) /11. The value is 12, 15, 18, 21, 24. The entropy must be an integer multiple of 32, so the length of the entropy is between 128 and 256 with an integer value of 32, which is 128,160,192,224 and256; and the length of the check sum is bits of entropy divided by 32 and can be 4, 5, 6, 7, 8. Entropy bits and mnemonic length The concrete steps to generate mnemonics are shown in figure below: generate random sequences (entropy) with a length of 128 to 256 bits (bits), taking 128 bits as an example. take the first n bit of entropy SHA256 hash as checksum (n= entropy length /32), and the graph shows 128/32=4; the random sequence (entropy) and checksum construct a string, 128+4=132. cut the result from step 3 to every 11 bits, and the figure shows 132/11 =12 string. each string obtained in step 4 matches the words in the pre-defined 2048-word database. Step 5 yields a mnemonics string, which is an ordered phrase, the mnemonic we’ve been talking about. Generate mnemonic words Generating Seed through Mnemonics (BIP-39 Standard) Mnemonics comes from a random sequence (entropy) with a length of 128 to 256 bits and then adopts PBKDF2 (Password-Based Key Derivation Function 2) to derive longer seeds (seed). The generated seeds are used to construct deterministic Wallet and derive the wallet key. In cryptography, Key stretching technology is used to enhance the security of the weak key, increasing the time for the violent cracking (Brute-force attack) to try to break every possible key, and enhance the difficulty of the attack. Native libraries of various programming languages provide the implementation of key stretching. PBKDF2 is one of the common key stretching algorithms. The basic principle is to use a random function (such as a HMAC function), plaintext and salt figures as input parameters, and then repeat the operation to generate the key. As shown in figure below, PBKDF2 has two parameters: the help word and the salt. The purpose of salt is to increase the difficulty of violent attack. Refer to the BIP-39 standard. Salt consists of a string constant “mnemonic” and an optional user supplied cryptographic string. PBKDF2 uses HMAC-SHA512 as a random algorithm plus 2048 hash repeats to obtain the BIP32 seed, 512 bits (64 bytes) being the desired seed length. That is, DK = PBKDF2 (PRF, Password, Salt, C, dkLen), where PRF is a pseudo random function, such as a HASH_HMAC function, which outputs a result of the length of hLen; Password is the original password used to generate the key; Salt is a salt value for encryption; c is the number of repeated calculations; dkLen is the length of the desired key. Degree; DK is the last key. Generate 512-bits seed Generating HD wallet from seed (BIP-32 standard) The HD wallet is created from a single root seed (root seed), a random number of 128 to 256 bits, and any root seed compatible with the HD wallet can also recreate the entire HD wallet, so the root seed of the HD wallet is equal to all the keys, which is convenient for storage, import and export. The primary key and the main chain code generation process of the HD wallet are shown in figure below. The root seed calculates a 512-bit hash string through an irreversible HMAC-SHA512 algorithm. The left 256 is the main private key Master Private Key (m) and the right 256 is the main chain code Master Chain Code; the chain code is the entropy for deriving the lower level key. Generate HD wallet and master chain code The above process combined with BIP43 and BIP44 can also achieve HD wallet, such as multi-currency, multi accounts, multi-purpose functions. basic functions of keystore and password Refering to the user’s experience, the mnemonic is still complex, and the existing password manipulation is the most familiar one, so the wallet also provides keystore to save the user’s export key file. The Keystore will be stored in user’s device, so that every login only needs to enter the corresponding password. Keystore is a file which is encrypted after the private key. It needs the password set by the user to open the file. Even if the keystore file is stolen, the password provided by the user is long enough to be random. In short time, the private key will not be leaked, and there will be enough time to transfer the Cryptocurrencies to other addresses. ways of generating private keys, public keys and addresses It is unidirectional to derive public keys from private keys and to deduce public key hash from public keys. The irreversible algorithms heard often is the elliptic curve algorithm, as shown in figure below. Detailed public key and address generation process is shown in figure below, the private key is generated by the random number. the private key is generated by SECP256K1 algorithm and the public key is generated. Like SHA256, RIPEMD160 is also a Hash algorithm. After one SHA256 + one RIPEMD160 hash operation, the public key hash is computed from the public key. the address version number of a byte is connected to the public key hash head, and the two SHA256 operation is performed. The first 4 bytes of the result are used as the check value of the public key hash, which is connected to the end of the hash. code the fourth step result using BASE58, that is, get the wallet address. Public key and wallet address generation From the byte level, the detailed generation process of the public key is shown in figure below. the private key is a random number of 32 bytes (256 bits); add the version number to the head of the private key. add the compression mark at the end of the private key; Two SHA256 hashing operations are performed on the private key, and the first 4 bytes of the two hashing results are added to the compressed flag as the check code. the random number obtained in the 2, 3, and 4 steps is encoded with BASE58, and the private key of the WIF (Wallet import Format) can be obtained, which is used to import and export the private key between the wallet, which is the more common key format of the user. the private key can be obtained through the multiplication of elliptic curves. The public key is the point on the elliptic curve and has x and Y coordinates. Public key generation From the byte level, the detailed production process of the wallet address is shown in figure below. the public key is processed by SHA256 hash algorithm to get 32 byte hash value. after obtaining the hash value, we get the 20 byte public key hash Hash160 through the RIPEMD-160 algorithm. double byte SHA256 hash operation of the 21 byte array consisting of version number + public key hash Hash160; the first 4 bytes of the hash value are used as checksums and placed at the end of the 21 byte array. Base58 encoding the 25 bit array, and finally get the address of the wallet. Wallet address generation 3.4 multiple ways to restore the wallet After understanding the basic principles of the wallet, and the relationship among the Keystore, the private key, the public key, the public key, and the address, we can get the wallet retrieved in an orderly way when the private key is lost. As shown in figure below, as long as the private key, password, and the mnemonics are all lost at the same time, there are N methods that wallet can be restored. Ways to restore a wallet Chapter 4: Security Analysis of Cryptocurrency Wallet For the blockchain industry, security will be an eternal topic. Since wallet involves the core of user’s assets, its security cannot be ignored. In the past two years, the number of Cryptocurrency wallet security incidents have continued to increase, and the two security events of the parity wallet have resulted in the loss of about 240,000 ETH. Also, many hot and cold wallets appeared security problem in 2018, as shown in figure below. The security of the Cryptocurrency wallet is not only to be fully considered from the bottom design, but also for the majority of the onchain wallet, it is also a very important content for the user’s security education, as shown in figure below. 4.1 user habitual safety guidance For the onchain wallet, the private key is saved by the user. Wallet project should emphase on how to help the user correctly understand and use the key and mnemonics. At present, the mainstream wallet uses tutorials, answer exams, and video explanations to help users understand the basic concepts of the wallet, to remind users to keep the mnemonics, the private key and the local password. Manual recording in a relatively primitive method, rather than all computer operations such as screenshots, copying and so on is suggested, so as to forming a good habit of surfing the Internet and minimize the risk. 4.2 wallet safety design 4.2.1 Network Transmission Security MITM, bi-directional check MITM (Man-in-the-middle attack): an attacker creates an independent connection between the two ends of the communication and exchanges the data they receive, making the two ends of the communication think they are talking directly to each other through a private connection, but in fact the whole conversation is completely controlled by an attacker. Although most Cryptocurrency wallet applications use the HTTPS protocol and the server-side to communicate, MITM can get the contents of the HTTPS protocol by installing a digital certificate in the user’s terminal. A secure Cryptocurrency wallet needs to be able to scan the legitimacy of all the digital certificates in the terminal, check the proxy settings in the network transmission process and ensure the security of the basic network communication environment. In the development of Cryptocurrency wallet, it is an important criterion to evaluating the security of the application of a Cryptocurrency wallet by whether the communication verification is used in a two-way check. RPC interface calls permission security The wallet itself is only the interface software of the block chain world, as many of the previous articles introduce the corresponding interface using RPC, so that the permission control of the data transmission process is the security of data communication, and the design of the code and various scenes should be careful. RemoteProcedureCall (RPC) security policy: if using remote procedure call to access on the wallet node Geth, external access to remote procedure calls with unlocked account functions should not be allowed. 4.2.2 client file management security The main consideration of file security is that the file installed at the end of the user is not deciphered, as well as some prohibitive operations to the user or to increase the inconvenience of some risk operations to reduce the risk caused by the users themselves. Install package security Ensure that the software installation package is secure and cannot be decomposed and cracked into illegal operation. Resisting terminal bad program access to key files The core of the encrypted Cryptocurrency wallet, the private key or mnemonics stored on the terminal device. No matter it is the PC end or the mobile end, if the terminal device is unsafe, there exists a very high security risk for the private key or mnemonics. A secure Cryptocurrency wallet is originally designed to avoid the possibility of stolen private keys or mnemonics caused by the running environment. For example, set the function of face recognition or SMS confirmation when users operate to access the core files. Terminal key file encryption method A high security encryption method is used for terminal key files to prevent access to ordinary programs, or even if the key files are copied out, the third party does not own the cracking function, such as Wallet.dat encryption problem. generation and management of mnemonics and other key information For the core information of wallet, such as mnemonics, private keys, Keystore generation and management, we need to give full consideration to security. The principles and ideas of the three are basically the same. In order to ensure that the client generates mnemonics, it cannot pass through any cloud or server. This is the core of the offchian wallet, and any process of accessing the help word needs the user to confirm the work actively, such as the face recognition or the acknowledgement of the text message mentioned above. The display of mnemonic words cannot be displayed by any operation, but only through user’s manual record. Import private key and mnemonics generated by other wallets The idea of importing the private key and mnemonics security generated by other wallets can reduce the risk of illegal program intrusion from the way of recreating the new core file, and can also use face recognition or message confirmation at the same time. 4.2.3 development and extension security Considering that the wallet is the interface port of the blockchain, and it is very important to the application expansion, so it is necessary to strictly control the permissions of the open port and ensure that the communication is only public key signature. At the same time, the application program should be strictly examined for the core technical ability of anti-tampering ability, and the memory security and anti-debugging ability in the application process. In addition, considering the risk of user password forgetting, we can consider using multi-signatures to add various application scenarios, such as password retrieval function. Chapter 5: Existing Problems and Industry Development Trend 5.1 problems in existing products Security problems occur often Due to the rapid iteration of the business scenario and the need for promotion, there are security risks that can be ignored in both hot and cold wallets. The conflict between security and ease of use cannot be solved in short time. The Cryptocurrency wallet is intermingled on the market and some development teams, under the principle of business priority, temporarily have no enough protection for the security of their own wallet products, causing hackers to get control, such as the loopholes in Parity wallet and Ledger wallet. Less coin diversification and single function Although there are many kinds of wallets on the market, their functions are generally single, and the types of Cryptocurrency assets supported are also very limited. Users often need to switch back and forth between multiple wallets when managing Cryptocurrency assets, which not only affects the user experience, but also brings a lot of risks. High threshold and poor usability At present, the users who have entered the Cryptocurrency asset market are still inclined to put their assets on the exchange. On the one hand, it is due to the needs of the convenience of the transaction. On the other hand, the wallet has a higher threshold for the ordinary users. The wallet still needs to further optimize the business process, change into the technology, improve the convenience of use, and need more convenience. We should strengthen user’s education to help them use their wallets correctly and safely. The profit model is still continuing At present, the profit model of most wallets is still being explored, and the cash flow capability is not strong, so the survival pressure of wallet projects is greater. Compared with the hot wallet, the cold wallet selling equipment has a stronger ability to change cash, but the premise of its design and development is huge, and the risk of stock backlog is also high, which is greatly influenced by the market overall market. 5.2 development trend of Cryptocurrency wallet On the one hand, the walllet is the interface between the user and the blockchain, which can be regarded as an important entrance to the blockchain world from the real world; on the other hand, the essence of the wallet is the private key management tool, which is closely related to the blockchain and Cryptocurrencies, and the asset attributes are strong. The development of Cryptocurrency wallets in the future will also focus on two characteristics: the enrichment and expansion. With the development and evolution of the industry, some wallets are bound to carry out deep ploughing of technology and resources in a certain field to form high barriers to industry, and some will carry out business optimization and resource aggregation towards a comprehensive direction. The development and strengthening of the block chain world entrance With the increasing number of Cryptocurrencies, users are in urgent need of a unified platform to help users manage many types of assets. Because of the current status of the liquidity segmentation in the centralization of Cryptocurrency transactions, users need to register and log in different accounts for inquiries and transactions in different exchanges. The process is cumbersome, and it is difficult to improve the situation in the future, so the wallet will become the first choice of the asset aggregation. Integrated management of assets can summarize and provide unified summary, query, analysis and transaction services for users in multiple wallets and exchanges. The development of supporting multi-platform cross link exchange in the future will also meet the diversified needs of users’ mobility. Asset types increase, integrated management entrance. In the Internet age, like all kinds of App, users can feel the windows of mobile Internet. In the future, in the era of block chain, all kinds of Dapp will also become the main way for users to directly participate in the block chain. Because the interaction between users and Dapp needs to consume Cryptocurrencies, and the importance of the wallet as a tool to help users manage all kinds of Cryptocurrencies, it is self-evident that it may become a new era application store and become the real super flow entrance in the 3 era of block chain. DAPP application entry. In the future, as the blockchain projects fall to the ground, and the function and property of the Token are becoming more and more strong, the wallet will carry a very critical role as the entrance of the blockchain world. Only when the user directly controls the private key, can he exercise the functions and powers represented by the token, such as EOS voting rights, PoS pooling gains and so on. In the future, more actual Token usage scenarios, such as pooling, dividends and power vouchers, will emerge under the model of token economy. The direct and convenient channel provided by wallet will release the function potential of token beyond transaction and promote the economic development of token economy better. The function entrance, like usage right of token and income right. Strengthened Financial attributes, services and products are constantly enriched The wallet user has the natural demand of the transaction. If it transaction can be realized without withdrawing the from the wallet, it does not only reduces the operation steps of the coin transfer and probability of making mistakes, but also enhances the stickiness of the user. It provides a good direction of development and fund precipitation for the follow-up transformation of the wallet project. In addition, the development of offchain exchanges will also promote the development of offchain wallet, which emerges natural advantages for onchain wallets. Trading properties are increasing. . As a platform for asset precipitation, Cryptocurrency wallet is not only a tool, but also a flow entrance and a financial services platform. Carrying out a series of financial services around assets will be the focus of future wallet development. At present, some Cryptocurrency wallets have begun to arrange all kinds of financial and fund trusteeship services, but the field is still at very early stage, and the traditional management service is very different. Many problems such as wind control, profit model and fund security need to be solved one by one. The product design needs to be re-regulated and consider in combination with the characteristics of the blockchain assets. Financial services are constantly improved