Explain wallets to me

[LogicalUnit]

Hi everyone,

I understand that the term "wallet" can be used to refer to the Bitcoin client software, such Armory, Electrum, or the official Bitcoin Core. What I'd like to ask about is the logical concept of a "wallet", that holds a collection of Bitcoins across these various products.

Is a wallet merely a collection of private/public key pairs that can be used to send/receive Bitcoins? How are these addresses generated? Is there a maximum number of addresses that can be generated per wallet? How does the client know if an address is in my wallet? How is a HD wallet (used in Mycelium) different from an ordinary wallet?

Also, I have a related question: according to the official Bitcoin website, an address should only be used to receive coins once. I want to put a donation link on my website. How can I generate a new address for each donation?

Many thanks
~LU

[1715399941]

1715399941

[1715399941]

1715399941

[1715399941]

1715399941

[AGD]

Is a wallet merely a collection of private/public key pairs that can be used to send/receive Bitcoins?

Mostly this. Rest is ease of use (compared to working with a command line.)

edit: Working with multiple addresses is more a privacy issue, rather than security.

[gogodr]

Is a wallet merely a collection of private/public key pairs that can be used to send/receive Bitcoins?

Mostly this. Rest is ease of use (compared to working with a command line.)

You answered your own question. Seems like you know more then you let on.

[deepceleron]

Start here: http://we.lovebitco.in/how-bitcoin-works/bitcoin-addresses/ and read the following page also.

Bitcoin addresses traditionally are randomly generated, but they can also be generated by a random seed fed into a pseudorandom algorithm. This makes a deterministic wallet, so that all addresses that will ever be in a wallet can be recreated by a backup of just the seed.

The only way someone will know a Bitcoin address of yours is if you give it to them. Many orgs use a single donation address, with the benefit/detriment being that others can see how much has been donated.

The safest way to offer a new address for each contribution is to pre-generate them offline, and have web site software simply give a new one to each donator from a list of addresses. Putting full wallet software online for a web backend requires incredible security precautions.

[pedrog]

We should call them keychains. 

[DannyHamilton]

- snip -
What I'd like to ask about is the logical concept of a "wallet", that holds a collection of Bitcoins across these various products.

Is a wallet merely a collection of private/public key pairs that can be used to send/receive Bitcoins?

In general, yes.  A wallet is simply a system of securely storing private keys. This is why a piece of paper with a private key on it is often called a "paper wallet", and a memorized private key is often called a "brain wallet". Most wallet software also provides other services, such as:

• Scanning the blockchain for confirmed transactions
• Monitoring the Bitcoin network for relayed unconfirmed transactions
• Assisting you in creating transactions
• Assisting you in signing transactions
• Broadcasting your transactions to peers on the Bitcoin network
• Generating new private key (and the associated address) for you
• Recording a history of transactions that you've sent and received
• Maintaining a list of the unspent outputs that the wallet has the ability to spend

But it looks like you're most interested in discussing the private key storage aspect of the wallets.

How are these addresses generated?

That's up to the creator of the wallet.  Most well written wallets will either generate every private keys completely randomly, or will generate a single random seed, and then use a formula to create a hierarchy of private keys from that seed.

Is there a maximum number of addresses that can be generated per wallet?

Addresses are simply the numeric result of a RIPEMD160 hash function that has a version number prepended to it and a checksum appended to it.  That hash function is calculated on the result of a SHA256 hash of the public key. Assuming that you are only asking about version 1 addresses, there result of the RIPEMD160 hash is between 0 and 2¹⁶⁰.  This puts an upper bound on the number of addresses at 1.462 X 10⁴⁸.  Realistically, if the wallet software is going to give you information about the transactions that are sent to those addresses, then it needs to be able to scan through them all.  As the number of addresses the wallet stores gets VERY large, the amount of time it takes for the wallet to find and send transactions gets VERY large.  Eventually it becomes so slow that you would become frustrated trying to use it.  How large that number is will depend a lot on how well written the software is.

How does the client know if an address is in my wallet?

Your software client reads a file that stores your private keys (and typically the RIPEMD160 hash associated with those keys). It is possible to re-generate the public key and hashes every time from the private keys, but it is faster to just store the RIPEMD160 hash along with the private key.

How is a HD wallet (used in Mycelium) different from an ordinary wallet?

Bitcoin Core generates every new private key completely randomly.  There is no connection between the private keys at all.  If you lose a private key that you haven't backed up somewhere, it is impossible to know what that key was.

HD wallets generate a single seed value completely randomly.  Then every private key is calculated from that initial seed using a formula.  As long as you have the seed somewhere, you can re-use the same formula to regenerate all the private keys that the wallet was using.  If you lose access to the seed along with the private keys, then it becomes impossible to know what the seed was and therefore impossible to regenerate the list of private keys.

Also, I have a related question: according to the official Bitcoin website, an address should only be used to receive coins once.

That is very good advice.  Many people seem to think of a bitcoin address as an account number, used to keep track of all the funds that they have access to.  It really should be thought of more like an invoice number, used to keep track of a single payment. Your wallet software can then be thought of as keeping track of all the invoices (both paid and unpaid) and assisting you in keeping track of it all.

I want to put a donation link on my website. How can I generate a new address for each donation?

Generate a HD wallet seed and store it securely somewhere.  Then the website software can be given a public seed value (xpub) and with the appropriate formula can generate a sequence of addresses.  When you want to spend any of those funds received, the private keys for that sequence of addresses can be generated separately on a computer that is far more secure than a web server.

[thejaytiesto]

If you use Bitcoin Core or a wallet like that (that saves a wallet.dat file with all the private/public keys) remember that each time you generate a new key, your last backup will not have this key. Since it's recommended to generate a new key for each transaction, frequent backup is recommended.
I think backing up your wallet.dat file every week is enough. I save mine in a couple usb pendrives and a couple hard drives weekly for years, never had a problem. Don't forget to encrypt it as well.

If you don't want to bother just use an HD wallet. Btw HD wallets are coming to Bitcoin Core too I think soon.

[tobacco123]

We should call them keychains. 

I think wallets are not only "keychains"...

1. Yes, they help you organize and store the private keys.
2. They help you to generate and relay your transmission when you are spending the balance.
3. They help you check the balances in your addresses.

[DannyHamilton]

If you use Bitcoin Core or a wallet like that (that saves a wallet.dat file with all the private/public keys) remember that each time you generate a new key, your last backup will not have this key. Since it's recommended to generate a new key for each transaction

 Absolute nonsense.  Bitcoin core pre-generates 100 addresses and private keys for you so that when you request a new address it can just choose from the pool of already backed up keys.  If a pool of 100 isn't enough, you can increase the size of the pool to as many keys as you like. Please, take your signature spam elsewhere.

[Vaccinus]

That is very good advice.  Many people seem to think of a bitcoin address as an account number, used to keep track of all the funds that they have access to.  It really should be thought of more like an invoice number, used to keep track of a single payment. Your wallet software can then be thought of as keeping track of all the invoices (both paid and unpaid) and assisting you in keeping track of it all.

but this can cause confusion, if i want to differentiate the income on my wallet, if i want that, for example all my mining earning go to one address all my signature earning go to another, and i don't like to create a new wallet each time

If you use Bitcoin Core or a wallet like that (that saves a wallet.dat file with all the private/public keys) remember that each time you generate a new key, your last backup will not have this key. Since it's recommended to generate a new key for each transaction

 Absolute nonsense.  Bitcoin core pre-generates 100 addresses and private keys for you so that when you request a new address it can just choose from the pool of already backed up keys. Please, take your signature spam elsewhere.

but what he say it's true, when you exceed the 100 pre-generated addresses

[spazzdla]

Wallet, is a TERRIBLE TERRIBLE name for what it actually is.

That is the first thing lol.


Do some googling on public/private key encryption.


I like explaining it like the public key is your vault address and your private key is the key that allows you to open it.

Show any one your public key but no one your private.

When you go to spend a coin your private key signs the transaction (opens your vault door to keep the analogy) and sends it to the public address you told it too

[DannyHamilton]

but this can cause confusion, if i want to differentiate the income on my wallet, if i want that, for example all my mining earning go to one address all my signature earning go to another, and i don't like to create a new wallet each time

You can do whatever you like.  You don't have to do things the best way if you don't want to.  By re-using addresses you are reducing the anonymity and security of yourself as well as many others, but there is no authority to stop you.

There are other ways to differentiate and group payments from the same source.  Just two examples are using separate wallets, or using coin-control features of some wallets.

but what he say it's true, when you exceed the 100 pre-generated addresses

No.  He didn't say "when you exceed the 100 pre-generated addresses".  He said:

that each time you generate a new key, your last backup will not have this key.

That implies that you have to back up after EVERY transaction, not after 100 transactions.  It also doesn't take into account the fact that you can increase the size of your key pool.

Additionally he said:

I think backing up your wallet.dat file every week is enough.

Which is completely useless advice.

If someone has less than 100 transactions per year, then they are wasting a lot of time and effort backing up EVERY WEEK.  If they have more than 100 transactions per day, then telling them to back up every week could result in losing a significant amount of bitcoins.

I suggest that you both take your signature spam elsewhere.  We really don't need all this horrible advice being spread around.

[LogicalUnit]

Thanks to DannyHamilton for a thorough and helpful response.

I think I'll start another thread about the single-use donation problem. I use WordPress, perhaps we can create a plugin for it, if it doesn't exist already.

[AGD]

Hi Danny. Thanks again for sharing your ignore list. Some threads are pretty empty now, but it is really more fun checking, if some posts actually provide at least a little content. Most of them do not, so ....

[LogicalUnit]

Thanks to DannyHamilton for a thorough and helpful response.

I think I'll start another thread about the single-use donation problem. I use WordPress, perhaps we can create a plugin for it, if it doesn't exist already.

I've done some experimentation, and there are a couple of solutions for Bitcoin donations on WordPress:

1) You can install the "Easy Bitcoin Donation Widget" plugin, which provides a very simple QR code with a fixed address. Change it as frequently as you like.
2) You can install the "Give WordPress Donations", "GoUrl.io Payments Gateway", and "GoUrl Bitcoin donation addon" plugins (all three) to generate a unique address for every donation. However, once a donation has been made, it is forwarded to a single fixed address. This can probably be changed as desired too.

Neither of these is quite what I'm after. Ideally I'd like to provide a master public key, which provides a new donation address every time a payment is made. Not 100% sure what this would require. Maybe some sort of processing of the blockchain, to determine when the current donation address has been used?