Understanding how Bitcoin ownership works requires understanding what it means to “own” a single Bitcoin address. At a practical level, Bitcoin ownership means the ability to send some amount of Bitcoin from one address to another or to cryptographically prove that one has that ability by “signing” a Bitcoin address. At a technical level, ownership means the possession of the private key which is used to sign a Bitcoin transaction. A Bitcoin address is an identifier which can have any number of inputs (deposits) and outputs (outgoing transfers). The value of an address is the sum of inputs minus all the outputs.
What Is a Bitcoin Wallet?
A Bitcoin “wallet” is a file containing a collection of addresses. A wallet does not need to contain the entire list of transactions for each address because they are publicly recorded on the blockchain, but they are usually cached within the wallet to view them offline. Opening a wallet with wallet software will usually refresh the list of transactions for each address by downloading the latest record of the blockchain.
A security best practice is for wallets to be double encrypted. Modern wallets are deterministically generated – all the public and private keys are derived via an algorithm with a 12 or 24-word seed (known as a BIP39 mnemonic). It is possible to use a single list of seed words to generate wallets for most cryptocurrencies, though not all wallet software uses the same seed word format.
It’s possible to create a “watch only” wallet which contains public addresses without their private keys, allowing transactions to be monitored but not initiated.
A security best practice is for wallets to be double encrypted: the wallet itself can be encrypted (this hides the addresses within the wallet), then the private key for each address can be encrypted (this requires a passphrase to authorize outgoing transactions or signatures).
The private key for a Bitcoin address can be shared among many individuals. It’s also possible to split the private key so that multiple keys are required to authorize any transaction on an address. Furthermore, it is possible to specify the number of keys needed out of the total created to authorize a transaction. For example, the address 3D2oetdNuZUqQHPJmcMDDHYoqkyNVsFk9r holds 1,365,558 Bitcoins. It’s a 3 of 5 signature address, which means that it requires 3 out of 5 signatures to authorize a transaction.
A hardware wallet is an electronic device dedicated to storing Bitcoin. The advantage of using a hardware wallet is that it is immune from viruses or unrelated software which can be compromised to steal a wallet. Typically, it is a small device with embedded firmware that has no connectivity other than a USB connection. To date, there are no known Bitcoin thefts stemming from a security compromise of a hardware wallet. This is not to say that hardware wallets are perfectly secure, and, in fact, a number of vulnerabilities have been found and patched with hardware wallets. However, these would have required physical access and forensic analysis of the wallet, unlike a computer which can be accessed remotely if the device is online.
We can expect these solutions to keep evolving until cryptocurrency is as easy to use and protect as traditional currencies. Cold Storage
The private key for a Bitcoin address or the word list used to generate a deterministic wallet can be written on paper and placed in a safe place (or memorized). If the private key or seed word list is never entered into a computer, it is said to be in “cold storage.” Wallets in cold storage can still receive payments. A cold wallet only needs to be entered into a software wallet when the funds need to be spent.
Bitcoin Provides a Spectrum of “Hot” and “Cold” Storage Options
Bitcoin storage options come in a spectrum from “easy to spend, but least safe” to “most safe, but difficult to spend.” This is also known as the difference between “hot” and “cold” storage. On one extreme, there are “hot wallets” running on smartphones that allow you to pay by typing in a PIN code or recognizing your thumbprint. On the other side, there are “cold” wallets written down on paper slips locked away in an underground safe. Furthermore, the keys to cold wallets can be split among multiple people, requiring a complex procedure to enter the keys into hardware and authorize transactions.
Thus, while it is potentially easy to have one’s Bitcoins stolen or lose them due to a technical error, there is an ecosystem of software and hardware solutions to store Bitcoin safely, both for individuals and institutions. With time, we can expect these solutions to keep evolving until cryptocurrency is as easy to use and protect as traditional currencies.
Reprinted from Vellum Capital