What is wallet

If you read the document in your first visit, we recommend to perform tutorials described in Installation, Deploy Your Own Friday Testnet, and Play with Hdac Token first.

What is 'wallet'?

Does 'wallet' contain balance as like a physical purse? No

If I lost my backup of the wallet software, does I lose my all balances? No

If I moved mine to 'cold wallet', is it safe against hacking? Not sure

If I moved mine to 'cold wallet', does my balance transfer to 'cold wallet'? No

Before starting to describe how to manage my wallet, It would be better to explain what is 'wallet'.

Starting from a conventional centralized web service...

For authorization, a web service asks ID and password to sign up. And the information is stored in database. ID and password are asked in every log in event, then, search the data in DB in every requests and compares the stored and the input. If match, allows to use every service, else rejects against using.

What is blockchain different from the conventional?

Public key (compared to ID in the conventional terminology) and private key (compared to password) are automatically generated by the given crypto algorithm

In conventional service, ID cannot be derived from password, and vice versa. So it can be said that there is no logical relation between them. That means, ID and password should be stored at centralized DB.

But in blockchain, public key and private key are automatically generated, and the public key can be derived from private key by the fixed algorithm. When authenticating, blockchain SW asks only private key, and hashes by the fixed algorithm. If matches with public key, blockchain judges the request as valid.

The auth data will not be & doesn't have to be stored in any of node

As public key can be derived from private key, blockchain doesn't have to hold public key - private key pair in any node. Blockchain just holds public key - balance information, and the users can manage their own balance in safe way.

In opposite way, your balance data with public key is distributed to all nodes, in the philosophy of the distributed ledger. So, we can check all of the Tx & data including with balance. (Only read, not managing)

For users' safety, what they should do is just to keep their private key in safe way!

'Wallet' == ID:password set

Private key doesn't have to be stored in blockchain, and balance data are already stored in every node. Therefore, the user only have to hold private key in the local, without any balance data.

The file containing public key (optional) - private key, we refer it as 'wallet'

And the local-stored private key is hard to manage only with complex public key or private key. So, they are managed with readable name. We refer it as 'wallet alias'.

(OPTIONAL) How and why can my balance be hacked then?

As the public key - private key are generated randomly, it is very hard to remember it. So many users store the data into cloud service. When the user leaves for a while without any lock, and the other user opens cloud services and thefts the private key.

Almost of hacking occur from users' mistake, not from security hole of blockchain software.

Wallet in detail

Cryptography

Basically, it follows the way of Bitcoin. Because that way has some benefits: compatibility with Hdac mainnet 1 and current hardware wallet such as Kasse, Ledger Nano & Trezor.

From Mnemonics to Secp256k1 private key - public key pair

  • From Mnemonics to master seed: BIP 39

  • From master seed to Secp256k1 private key - public key pair

    • BIP 32 for deriving Secp256k1 private key(32 bytes) - public key(33 bytes) pair

    • BIP 44 for supporting Bitcoin-based multiple coins from same seed

Secp256k1 private key is used as password of the account.

From Secp256k1 public key pair to address

  • From Secp256k1 public key (33 bytes) to address (20 bytes)

    • Secp256k1 public key (33 bytes) -> SHA256 (32 bytes) -> Ripemd160 (20 bytes)

  • Ripemd160 (20 bytes) to string address with prefix: Bech32

Bech32-encoded address with prefix is used for address of end users.

Storage & Load

| key | value |
|------------------------|-----------------------------------|
| <alias> + ".info" | <Encrypted Secp256k1 private key> |
| <address> + ".address" | <Encrypted Secp256k1 private key> |

Basically, the wallet data is stored into local key-value storage. Currently, it is stored into 2 types of key. One is by wallet alias, and the other is by Bech32 address string. The information including with the encrypted Secp256k1 private key is stored by each key.

Thanks to that, we can find private key information from local wallet from both of wallet alias and address. And the information can be used for signing a transaction for transfer or smart contract execution.