Bitcoin: From Software to Hardware Wallets
It is worrisome that the majority of crypto asset holders keep their trust in centralized exchanges and don’t control their keys. Self-custody, in other words true ownership, is one of the pillars of Bitcoin and is the sole reason for permissionless payments. I’ve outlined what I used over the years, what difficulties you may encounter with wallet upgrades and forks, and how I upgraded security for Bitcoin specifically with a hardware wallet.
Wallets store information required to transact Bitcoin and other cryptocurrencies. Originally, all wallets were in software, in the early days still we got some paper wallets with a sharable and secret QR code. Though from the very beginning in Nakamoto’s white paper, it was suggested to verify bitcoin payments without running a full network node that would need to store the entire blockchain. At the time of writing the Bitcoin chain reaches almost 400 Gigabytes. This is called simplified payment verification or SPV. A user or user’s bitcoin SPV wallet only needs a copy of the block headers of the longest chain, which are available by querying network nodes until it is apparent that the longest chain has been obtained. Given that software wallets are easy targets of malware, over the last years hardware wallets became the norm.
My first Bitcoin wallet software next to toying with Bitcoin Core, was MultiBit HD. It’s primary selling point was being an thin client, an SPV wallet. Its development stopped in 2017 after the acquisition by KeepKey. More on how relatively simple it is to upgrade from an outdated software wallet to a hardware solution later on in this post.
This is a bit technical and not required, but good to know for the technical audience of whom I believe is the majority of readers of this blog.
BIP32 is the Bitcoin Improvement Proposal for Hierarchical Deterministic (HD) wallets. BIP39 is a standard of a specific list of wallet words and the process of transforming those into a 512 bit hex seed. THis seed is used for generating a BIP32 HD wallet.
Any wallet that is BIP 32/39/44 compatible will allow for 12-24 words as the “master seed” and use those words to deterministically generate a 512 bit seed. A BIP32 master key. It then creates and use child keys in the manner specified by BIP44. BIP44 proposes a specific history/hierarchy. When the master seed is imported, the software starts to discover the accounts as per derivation path. The BIP versions that make all this work are:
- BIP32 - HD wallets
- BIP39 - type of mnemonic and the process for turning it into a BIP32 seed
- BIP44 - the format of a BIP32 wallet
The apostrophe in the path indicates that BIP32 hardened derivation is used. The following 5 levels in BIP32 path are as follows:
m / purpose' / coin_type' / account' / change / address_index
- purpose - the purpose is a constant set to 44' and indicates that the subtree of this node is used according to the BIP43 specification.
- coin type - one master seed, a node in the derivation path, can be used for unlimited number of independent crypto standards such as Bitcoin, Litecoin, Solana
- account - the account level splits the key space into independent user identities to avoid the wallet mixing coins across different accounts
- change - 0 is used for external chain, constant 1 for internal chain (change addresses)
- index - addresses are numbered from index 0 in sequentially increasing manner. This number is used as child index in the BIP32 derivation.
This was adopted widely among other crypto currencies as well. For example,
Solana supports BIP32 and BIP44 hierarchical derivation of private keys from
your seed phrase and passphrase. By default, Solana’s base derivation path is
Electrum Software Wallet
Multibit HD doesn’t support SegWit addresses, so if you never updated your wallet software, you likely won’t be able to sent to most current wallets. The MultiBit HD GitHub repository suggests to use Electrum Wallet instead.
It’s straightforward to import the old wallet into Electrum. To do this, select
“I already have a seed”, enter the seed, click on options and check BIP39. Set
the address types as
legacy (p2pkh) and derivation path as
Electrum verifies all transactions in the wallet history using SPV as well, supports SegWit and dynamic transaction fees among other niceties. Electrum also supports offline payments, allowing for it to be used on cold storage (non networked devices). If you install Electrum, follow the steps on the official website (not me, this is just exemplary here!):
wget https://download.electrum.org/4.1.5/electrum-4.1.5.dmg wget https://download.electrum.org/4.1.5/electrum-4.1.5.dmg.asc wget https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc
gpg --import ThomasV.asc gpg --verify electrum-4.1.5.dmg.asc
we’ll get an intimidating output
gpg: assuming signed data in 'electrum-4.1.5.dmg' gpg: Signature made Thu Jul 22 20:49:25 2021 HKT gpg: using RSA key 637DB1E23370F84AFF88CCE03152347D07DA627C gpg: Can't check signature: No public key gpg: Signature made Tue Jul 20 03:20:15 2021 HKT gpg: using RSA key 0EEDCFD5CAFB459067349B23CA9EEEC43DF911DC gpg: Can't check signature: No public key gpg: Signature made Tue Jul 20 02:22:27 2021 HKT gpg: using RSA key 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6 gpg: Good signature from "Thomas Voegtlin (https://electrum.org) <email@example.com>" [unknown] gpg: aka "ThomasV <firstname.lastname@example.org>" [unknown] gpg: aka "Thomas Voegtlin <email@example.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6
The message should contain:
Good signature from "Thomas Voegtlin (https://electrum.org) <firstname.lastname@example.org> Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6
We can ignore the warning indicating we have not established a web of trust with other GPG users:
WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner.
Only then open the wallet if this checks out. Example of how the Electrum 4.1.5 Bitcoin wallet looks like after clearing it.
Recovering Funds from Notable Forks
What affected me a few years ago were forks that I cared about and that allowed me to take advantage of copied funds into forked, new chains. While there were plenty of sh*tcoin forks that are not worth the effort. Two more prominent forks stand out and to this day receive a not insignificant amount of development work. If we held funds before those forks, we can try to recover those coins.
Claim Bitcoin Cash BCH from a pre Fork Software Wallet
Bitcoin Cash BCH forked from the what we still call Bitcoin BTC on August 1, 2017 at block height 478,559. The fork originated over a disagreement over Bitcoin Improvement Proposal (BIP) 91, otherwise known as the Segregated Witness upgrade. The argument was layer two solutions and a more complex block setup vs staying true to the original protocol and increasing the block size. I probably simplify the dispute, let me know.
There is Electron Cash, a fork of the Electrum wallet used before. The original Electrum wallet authors don’t seem to trust this fork and advice to clear out your Electrum wallet before exposing keys to the Electron Cash fork.
Download the app from the official website and the signature from GitHub:
wget https://electroncash.org/downloads/4.2.6/mac/Electron-Cash-4.2.6-macosx.dmg wget https://raw.githubusercontent.com/Electron-Cash/keys-n-hashes/master/sigs-and-sums/4.2.6/mac/Electron-Cash-4.2.6-macosx.dmg.asc wget https://raw.githubusercontent.com/Electron-Cash/keys-n-hashes/master/pubkeys/calinkey.txt
Import the signature
gpg --import calinkey.txt
And verify the app binary
gpg --verify Electron-Cash-4.2.6-macosx.dmg.asc gpg: Good signature from "Calin Culianu (NilacTheGrim) <email@example.com>" [unknown] Primary key fingerprint: D465 135F 97D0 047E 18E9 9DC3 2181 0A54 2031 C02C
Only then open the downloaded binary.
In the original Electrum wallet, post clearing BTC funds, export your private keys:
Wallet -> Private keys -> Export
Be mindful that is file is unencrypted and access to it will allow you to immediately lose funds.
Open Electron Cash and create a key store from private keys. Copy in all private keys without the preceding pubkey and without the preceding p2pkh identifier. If done correctly, you can click next and recover some funds from old days. Here’s what Electron Cash 4.2.6 looks like after clearing funds.
Claim Bitcoin Satoshi’s Vision BSV from a pre Fork Software Wallet
On November 15th, at block height 556767, Bitcoin Cash split into two separate blockchains, Bitcoin ABC (BCH) and Bitcoin Satoshi’s Vision (BSV). Without reading too much into it, it appears to have originated in a disagreement of adding features and op_codes and staying true to “Satoshi’s vision”. If you have any interest in those coins, be mindful general support isn’t great (yet? or still?) and BSV isn’t support by the Ledger Hardware wallet. You can follow up with their own Electrum fork ElectrumSV. I haven’t used it myself and cannot speak for it but assume the steps to be analogously to BCH.
Ledger Hardware Wallet
One of the most popular hardware wallets is, with millions of customers, undoubtedly ledger.com. The benefit is that a hardware wallet provides full isolation between private keys and your interacting device.
A seed phrase with 24 random 24 dictionary words is an unencrypted form of a private key. The private keys stored on the ledger never leave the device. Transactions and interactions have to be signed on the device upon prompt from wallet connectors and require confirmation on the device, showing the address and transaction details.
Applications on the Ledger device calculate the Private Keys for crypto assets as needed. As everything is derived from the seed, uninstalling apps or even restoring the seed on a new device doesn’t cause you to lose any crypto assets. The seeds give you access to the same addresses. For added security, applications on the ledger cannot directly access the privacy, nor can they interact with each other.
Applications such as Bitcoin, Solana and Algorand are required to verify receiving address and transaction details. When trying to make a transaction, the respective application will send a signature request to the Ledger hardware wallet. The Ledger will show the transaction details and requires verification to mitigate MITM (man in the middle) attacks. When confirmed on the hardware device, the ledger application creates the signature by using the devices private keys and sent the signed transaction back to the external wallet application. To underline the key point here again, private keys never leave the device.
Receiving Address Changes Automatically
Note that your receive address for Bitcoin changes every time you receive a transaction for privacy reasons. For some other crypto currencies such as Ethereum, the address stays the same due to protocol complexities.
A note on Ethererum ERC20 Tokens
After creating an Ethereum account, all tokens can be sent to that very Ethererum address. Upon reception, they will automatically show up below the account. Ensure that when you send Ethererum based tokens from an exchange, to select the ERC20 network type. Network types other than ERC20 are not supported by the Ledger.
Note that in order to send ERC20 tokens, you also require ETH in the parent account to burn as gas as transaction fees.
In web3 methodology, we connect via browser extensions to websites to provide identity or connect our wallets to trade or exchange assets. Ledger is supported by the vast majority of wallets, a small selection of web3 wallets I’m using the Ledger with:
- Phantom - a browser extension for Solana and Solana based tokens.
- MetaMask - probably the most famous browser extension web3 wallet for ETH and Ethereum based tokens.
- MyAlgo - a web3 wallet for Algorand
- … many more
If you want to truly own your crypto, make sure you’re not keeping all on centralized exchanges (CEX). While many users will feel intimidated by the learning curve, it is much simpler to create a secure setup than it was in 2014/2015 when I first got into the ecosystem.
To withdraw your funds from exchanges to a secure location, use a hardware wallet if you can afford it for ease of use and the security reasons outlined above. Second best options are paper wallets and air gapped cold storage. Avoid software wallets on networked computers as your funds will be at risk.
Most importantly, don’t trust me or strangers on the internet on any of this and do your own research. In this space, the lowest common denominator you find from multiple sources online is fundamental security advise.
Published on Saturday, Jan 15, 2022. Last modified on Saturday, Jun 18, 2022.