In this HOW TO I will explain the connection between keys and addresses and then show you how to set up a Wallet that will hold multiple Crypto Currencies. In the main part I will outline how to make a secure backup and describe how to store the backups for long-term keeping.
Tools we will be using
Most of the tools we are going to use have been written by me. But you don’t have to trust me! All tools are all open source and hosted on GitHub. You can download them and use them offline (for example the Blockchain Demo). Or you can run them on your own server (for example the Cloudcoins service).
- Hierarchical Deterministic Wallet tool: Part of my Blockchain Demo, can be used offline, code is here.
We’ll be using this to generate our keys.
- www.cloudcoins.ch: My public zero-knowledge key storage service. Can be run in a Docker container, code is here.
We’ll be using this to store one of the backups.
- (optional) Coinomi: Multi-Asset Wallet App, developed by Coinomi Ltd. Available for Android, iOS coming soon.
A short introduction to keys and addresses
In early implementation of Crypto Currency Wallets, simple independent Elliptic-curve key pairs have been used to secure the funds stored within the wallet:
A private key is created by taking 256bit of random data that hopefully nobody else will ever come up with (that’s why good „randomness“ is needed). From that private key, the public key is calculated using Elliptic-curve Cryptography (in most Crypto Currencies, it’s secp256k1). Next this public key is hashed multiple times (twice with SHA256, once with RIPEMD-160) and finally encoded with the base58check encoding that results in a human readable string of approximately 34 characters.
The problem with this method is, that every address (and the corresponding private key) that is used, needs to be stored separately. So a classic wallet is really just a collection of loose, independent private and public keys. This is fine as long as you regularly back up your wallet.dat. But to write every key down is not practicable using this approach.
That’s why BIP32 was introduced: A way to deterministically generate key pairs from a single secret (seed):
A seed is randomly generated and usually displayed as 12 to 15 mnemonic words so it can be written down/memorized more easily. The seed can optionally be encrypted with a passphrase to further protect the seed in case someone finds the backup of the mnemonic words.
The seed, together with the optional passphrase, is then transformed mathematically (using HMAC-SHA512) to a Master Root Key.
From this master key a practically infinite number of key pairs can be calculated by applying a path (for example m/2’/345). Further ideas, like BIP44 for example, then define how standard paths should be used to generate keys for wallets of different currencies.
In essence, when using a seed to create a root key, your wallet becomes more portable.
Create your Root Key
In this step we are going to create a so called BIP32 master extended key, also called root key or HD root node key. From this key, all your addresses are going to be derived. Therefore you only need to backup and protect this key.
But obviously, if someone is able to get this key from you, they will bei able to control all your funds and steal all your coins. That’s why we are not just going to create some random words but also encrypt those with a password. That way you can control how you store/backup these separate pieces of information.
But let’s start now:
- Go to the HD Wallet tool, or, if you’re not sure about the security of your computer (or my my tool), download the code and run it offline by opening the index.html file. There is a warning about using a browser to generate random numbers. If you are using a recent version of Chrome or Firefox, you don’t need to worry about that since they have implemented a strong pseudo-random number generator. Also, we are going to encrypt the generated phrase with a password. If you are using Internet Explorer or Edge, you sould not be buying Crypto Currencies at all and just give away your money to charity!
- You see 12 random english words already pre-filled in the „Seed Mnemonic“ field. Click on „Generate new“ as many times as you like to generate new random words. DO NOT use your own words, if they aren’t in the BIP39 dictionary, you might end up with worse entropy than the pseudo-random generator of your browser.
- Once you’re satisfied with some 12 words, WRITE THEM DOWN. Yes, on paper!
- Now, think of a password/passphrase that you will most likely still remember in years. This phrase will protect your 12 words. For example, if someone finds the paper you have just written down the words on, they could spend all your coins. With the password you prevent that from happening. But of course, if you write down the password together with your 12 words, you don’t add any extra security. So what I suggest is: You write down a hint to your password together with the 12 words. So in 10 years when you find your paper backup, you still have a clue to what password you used. If you forget your password, nobody can reset or recover it for you!
- Make sure that the selected „Method“ is set to „BIP39 default (like Coinomi)“
- Now you should see a long string in the field „HD root node key base58“, starting with
xprv. This is your root key. It is calculated from the 12 words and your password. That’s why you should never write that down or copy to any medium/app you don’t completely trust! All your coins will be spendable from that key!
One copy of anything is never enough to really call it a backup. So go ahead and make another copy of the paper you just wrote everything down on and put it in a (fire proof) safe.
Now you have a backup! But one more on another medium is always a good idea. So here is another way to securely store your key while still being able to generate addresses from it (and export private keys of these addresses if needed).
- Now go to www.cloudcoins.ch and create an account. You can use the same password you used in the previous step to setup the account. But of course, it’s always a risk to use a password multiple times. But here it is much more important that you will be able to remember the password in the future as there is nobody that can reset or recover it for you if you forget it!
- After creating the account, log in and go to „My keychains“. Create a keychain, give it any name and select the tab „Import coinomi recovery phrase“. Now enter the 12 words and your password. The „Derived BIP32 root key“ should be exactly the same as seen in the other application before.
- By clicking „Create keychain“ you store the root key in the database of cloudcoins.ch. But the key is only stored heavily encrypted (AES256) with your password you used to create the account. The unencrypted key never leaves your computer! If you want to enter paranoid mode, you can run your own version of cloudcoins on an offline computer.
- Now that you have a keychain, you can generate addresses for your coins. For example you can click on „Add coin/crypto currency“ and select „Bitcoin (BTC)“. The tool will show you an address that you can send your Bitcoin to that is in your control, e.g. where you have the private key for. The service cloudcoins is mainly meant as another piece of backup but more accessible than real „cold storage“. Cloudcoins is still very much in development so the usability will improve over time. Contact me if you have any suggestions!
If you want to be able to spend your coins and see real-time balance, you can also import the key we have created into the Coinomi App. Follow the instructions in the app to import/restore your wallet.
The App will also ask you for 12 to 15 words (enter those written down in step 1) and a passphrase.