By design, hierarchical deterministic (HD) wallets differ from all other types of wallets in terms of how cryptographic keys are generated and managed. The main purpose of the HD wallet is to address issues that arise with conventional single-key wallets.
But how are these issues addressed? The answer can be found in the term “hierarchical” which stands for the different levels of a tree-like wallet structure. We have already delved deep into the specifics of HD wallets, but let's make a quick recap and provide more insight on the wallet structure.
HD wallets allow an entire suite of cryptocurrency wallets to be generated from a single seed phrase, since the number of new addresses is unlimited. New address creation starts from the master node (also known as root node). However, before we get to the stage in which new addresses are generated, there are other steps, which come immediately after the master node`s creation.
The master key pair is the backbone of the wallet, which branches off into private keys for different blockchain networks. From there, depending on whether transactions are public and taking place on mainnets of the blockchain protocols, or they are private (transactions are processed on testnet networks), specific tree structure with multiple chains capabilities is created.
Only after that we come to the last part - the creation of as many addresses as the user wish, corresponding with the respective path. Each new address is called a child address with each node generating an extended private key (xPriv) and an extended public key (xPub). All newly created addresses shape the tree structure with derivation paths leading to the first address node. This means that the exact details about the master node, the wallet account, wallet chains, and the corresponding child address are visible in the same sequence.
The main differentiator in the HD wallet type is that a single key pair grants access to all addresses in the wallet, known as an extended key pair. That key pair consists of one xPub key and one xPriv key, but keep in mind that xPriv key is different for each wallet account.
The xPriv key is the most important key of the pair as all other addresses` private keys are derived from the extended public key. In simple terms, this means that the xPriv key is the master key to all other private keys across all wallet accounts and wallet chains. Тhe entire wallet management is done through xPub and transactions are signed only with the xPriv key.
The main advantage here is that through a single wallet, users can create numerous addresses and keep track of all transactions at one place. On the downside, losing your master key or anyone getting access to it can result in potential losses from all addresses associated with the wallet.
Despite that xPub is used to view balances of all addresses running as part of users` wallets as well as for accounting purposes (thus, no other actions other than “view” is possible), it is still recommended not to share it whenever you can, for additional privacy and security.
Starting from the mnemonic phrase, which is also known as and interchangeable with “seed phrase” and “recovery phrase”, it represents a 12, 18 or 24 words data generated from a hexadecimal entropy.
Memorizing an entropy is associated with certain limitations, such as complexity, inconvenience and unnecessary hassle. This is where developers found a way to translate entropy into a mnemonic phrase, which consists of easily readable data.
With the use of a mnemonic phrase, wallet users can backup, recover and restore their wallets.
Master seed phrases can be generated through a process, called key stretching. That process involves strengthening the mnemonic phrase by making it difficult to predict each of the words (reminder that the number of words is 12, 18 or 24) and more secure against brute force attacks.
By completing this process, users can generate a master seed from a mnemonic phrase. This master seed is then used to generate the user`s master key. Note that from the master key it is not possible to generate a seed phrase.
We need to start from the private keys first - extended private keys are in essence standard private keys, which are extended with a chain code. That code is 32-bytes. Each private key has a corresponding public key, which logically explains the presence of an extended public key. Don`t forget that the xPub allows read-only data and no other action other than monitoring and reviewing can be made.
The next tree branch is wallet accounts. Multiple accounts are allowed in each wallet, and each of the accounts will be represented by a specific derivation path. Accounts are generated in such a way to help wallet users manage their funds more efficiently, as separation of accounts is based on the blockchain on which users` funds are running. For example, you can have an account with assets on the Ethereum network, another with cryptocurrencies on Tron and so on.
Moving on to the next tree level, we have a clear separation of each generated wallet account into wallet chains. The idea here is that wallet chains are used to distinguish public transactions from private ones. In the public wallet chain all transactions that take place on the mainnet will appear here, where all private transactions will be visible in wallet chains corresponding to the testnet(s) of a particular blockchain protocol.
Let`s simplify it with the following example. John owns different trc20 assets and he needs to make multiple private and public transfers. The public transfers will appear on Tron`s mainnet. All private transfers will be visible on the Nile testnet. This is how the differentiation within the wallet chains branch is made.
Generation of Addresses
This is the bottom level of the tree with highest depth into the derivation path. Based on the wallet chains that were set-up, users can create different unlimited addresses for each of the wallet chains visible in their wallet.
If you are still unsure how HD wallets function, or you have questions about Crypto APIs non-custodial services, do not hesitate to contact our team for assistance.