Does 'wallet' contain balance as like a physical purse? No
If I lost my backup of the wallet software, does I lose my all balances? No
If I moved mine to 'cold wallet', is it safe against hacking? Not sure
If I moved mine to 'cold wallet', does my balance transfer to 'cold wallet'? No
Before starting to describe how to manage my wallet, It would be better to explain what is 'wallet'.
For authorization, a web service asks ID and password to sign up. And the information is stored in database. ID and password are asked in every log in event, then, search the data in DB in every requests and compares the stored and the input. If match, allows to use every service, else rejects against using.
In conventional service, ID cannot be derived from password, and vice versa. So it can be said that there is no logical relation between them. That means, ID and password should be stored at centralized DB.
But in blockchain, public key and private key are automatically generated, and the public key can be derived from private key by the fixed algorithm. When authenticating, blockchain SW asks only private key, and hashes by the fixed algorithm. If matches with public key, blockchain judges the request as valid.
As public key can be derived from private key, blockchain doesn't have to hold public key - private key pair in any node. Blockchain just holds public key - balance information, and the users can manage their own balance in safe way.
In opposite way, your balance data with public key is distributed to all nodes, in the philosophy of the distributed ledger. So, we can check all of the Tx & data including with balance. (Only read, not managing)
For users' safety, what they should do is just to keep their private key in safe way!
Private key doesn't have to be stored in blockchain, and balance data are already stored in every node. Therefore, the user only have to hold private key in the local, without any balance data.
The file containing public key (optional) - private key, we refer it as 'wallet'
And the local-stored private key is hard to manage only with complex public key or private key. So, they are managed with readable name. We refer it as 'wallet alias'.
As the public key - private key are generated randomly, it is very hard to remember it. So many users store the data into cloud service. When the user leaves for a while without any lock, and the other user opens cloud services and thefts the private key.
Almost of hacking occur from users' mistake, not from security hole of blockchain software.
Basically, it follows the way of Bitcoin. Because that way has some benefits: compatibility with Hdac mainnet 1 and current hardware wallet such as Kasse, Ledger Nano & Trezor.
From Mnemonics to master seed: BIP 39
Secp256k1 private key is used as password of the account.
Bech32-encoded address with prefix is used for address of end users.
| key | value ||------------------------|-----------------------------------|| <alias> + ".info" | <Encrypted Secp256k1 private key> || <address> + ".address" | <Encrypted Secp256k1 private key> |
Basically, the wallet data is stored into local key-value storage. Currently, it is stored into 2 types of key. One is by wallet alias, and the other is by Bech32 address string. The information including with the encrypted Secp256k1 private key is stored by each key.
Thanks to that, we can find private key information from local wallet from both of wallet alias and address. And the information can be used for signing a transaction for transfer or smart contract execution.