That introduction to Web3 wallets you wish you had read earlier
KopiDAO
0x9d9C
October 18th, 2022

Web3 wallets explained with the help of some basics of cryptography

Do you know that a Web3 wallet in no way resembles the physical wallet that you hold in your pocket, purse, or bag?

I for sure didn’t. 

When I recently realized this, I had to rewire the entire mental model I had built around wallets and it wasn’t pretty. 🧟‍♂️

In the hope of saving you from all of the same headaches, I have jotted down all my findings. While I absolutely do not claim I have gotten it all right, I did strive to produce an all-encompassing piece.

Perhaps you’ll realize you also created a bunch of assumptions (and misconceptions) about how a Web3 wallet works and how it is secured. 

Let’s find out, shall we?

Some basics of cryptography

It will not be possible to go over the inner workings of a Web3 wallet, without touching upon some of the basics of cryptography. So to get everybody on the same page, let’s discuss the following concepts:

  • Public / Private key pair

  • Asymmetric encryption

  • Signing

  • Encryption compared to hashing

Public / Private key pair

A public / private key pair is a set of 2 keys that get issued at the same time and have a relationship with each other. Both are alphanumeric strings, yet the public key is intended for wider distribution, whereas the private key is meant to be kept by one party. Which role both keys play depends on 2 possible use cases: Encryption and Signing.

Public / Private key pair: Both are alphanumeric strings, yet the public key is intended for wider distribution, whereas the private key is meant to be kept by one party.
Public / Private key pair: Both are alphanumeric strings, yet the public key is intended for wider distribution, whereas the private key is meant to be kept by one party.

Asymmetric encryption

One way the public / private key pair can be used is in asymmetric encryption (or simply encryption). Encryption in this case means that a piece of information is obfuscated which subsequently can be clarified and understood again. 

Here, the public key will be applied to encrypt that message, something which cryptographers call ciphertext. The private key then helps decrypt that jumbled-up message again into plaintext.

The processes of encryption (with a public key) and decryption (with a private key). Note: it is impossible to reverse an encrypted message with a public key — in fact, what you would do is encrypt the message a second time!
The processes of encryption (with a public key) and decryption (with a private key). Note: it is impossible to reverse an encrypted message with a public key — in fact, what you would do is encrypt the message a second time!

Remembering that the public key is intended for common use, you may now realize that anybody can encrypt a message with it. On the other hand, if only one party has access to the private key, then only they are able to decrypt that message and read what it contains. This is where the encryption becomes asymmetric given that the wielding power of the keys is asymmetrically distributed between the 2 of them.

Signing

The second use case of the public / private key pair is signing. Interestingly, the role of the public / private key pair is completely reversed here! Whereas for encryption the public key encrypts, for signing this is done by the private key. Conversely, the verification of the signature will be performed by the public key (to which anybody has access). 

The private key is applied to sign the original message, whereas the public key can be used to verify the signature. Do note that the original plaintext will need to be compared with the “decrypted” signature. Only if they match up, then the signature is verified!
The private key is applied to sign the original message, whereas the public key can be used to verify the signature. Do note that the original plaintext will need to be compared with the “decrypted” signature. Only if they match up, then the signature is verified!

Besides the reverse roles of the public / private key pair, it should also be noted that the point of signing is not to obfuscate plaintext, but rather to both prove the sender’s authenticity and that the plaintext has not been tampered with. That’s why the plaintext is typically passed alongside the signature to the receiver

The receiver will then use the plaintext to compare with the “decrypted” signature. If they are both the same, that means the signature is verified. This in turn means that the original message is indeed from the person holding the private key and no changes have been made to the original message.

Encryption compared to hashing

Lastly, it is good to point out how encryption compares to the cryptographic process called hashing. Hashing is another technique applied within a Web3 wallet context to obfuscate things. 

Both encryption and hashing obfuscate the same message, but there are some differences…
Both encryption and hashing obfuscate the same message, but there are some differences…

From the example above, you can observe, however, that there are 3 key differences between encryption and hashing:

  • The first difference is that for hashing you don’t use a key to convert a message into something else. For hashing, a formula is applied (e.g. the MD5 hashing formula) which with the same input will always result in the same outcome (the hash value). 

  • The second difference is that hashing is irreversible. There is no private key that can help to retrieve the original message.

  • The third difference is that hashing typically leads to creating a smaller fixed-length output. That makes a larger input string through hashing more manageable in its hashed form. Conversely, with encryption, the output typically becomes greater in size.

Encryption and Hashing compared: While they have one similarity, they differ in 3 ways.
Encryption and Hashing compared: While they have one similarity, they differ in 3 ways.

The 3 layers of a Web3 wallet

Now that we have found our cryptographic bearings, we can start unpeeling the 3 layers that make up a Web3 wallet. To make things really easy to follow along with, I'll be using screenshots of the wallets Metamask and Trust Wallet to visually support what those layers look like. 

As said, there are 3 layers to a wallet and all of these layers are different in how they are accessed through security credentials (so-called "secrets"):

  1. Top layer: The Wallet layer that can be accessed by a password

  2. Middle layer: The Wallet Account layer that can be accessed by a secret recovery phrase

  3. Bottom layer: The Wallet Address layer that can be accessed by a private key

The 3 layers of a Web3 wallet: The Wallet layer, the Wallet Account layer, and the Wallet Address layer are all accessed by different secrets (i.e. credentials).
The 3 layers of a Web3 wallet: The Wallet layer, the Wallet Account layer, and the Wallet Address layer are all accessed by different secrets (i.e. credentials).

1. The Wallet layer that can be accessed by a password

The wallet layer is the top layer of how we can interpret a Web3 wallet. These days, there are many wallets available of which some of the most popular are Metamask, Trust Wallet, and Coinbase Wallet. There are even wallets for blockchain-specific use such as Phantom for the Solana blockchain.

It’s good to realize that a wallet is eventually a piece of software. It’s either installed in your desktop browser as an extension (e.g. in Google Chrome) or on your mobile phone as an app.

A wallet is a piece of software. Here you see the Metamask browser extension (left, for Google Chrome) and Metamask iOS app (right). Upon entering, you will need to key in a password or use biometric authentication.
A wallet is a piece of software. Here you see the Metamask browser extension (left, for Google Chrome) and Metamask iOS app (right). Upon entering, you will need to key in a password or use biometric authentication.

As mentioned, the wallet layer is accessed (and protected) by a password. Both on desktop and mobile you will set one similar to how you would with any other password you use for Web2 platforms. You will also store your password in the same way (e.g. using a password manager). 

But what exactly will this wallet do for you? Well, the software has 3 intended functionalities:

  • It helps sum up all of the asset balances that are associated with a wallet address. What this effectively means, is that a wallet will look for all of the transactions on the blockchain that have a reference to the wallet address. All of these transactions represent additions and subtractions of the assets (i.e. tokens) involved. The wallet will then sum all of those up and display the balances. 
    Note that this is exactly where the concept of a Web3 wallet differs vastly from a physical one: A Web3 wallet does not contain anything — it is simply a representation of the assets associated with the wallet address on the blockchain.
A very simplified example of how balances for Wallet A are calculated in its interactions with Wallet B and C.
A very simplified example of how balances for Wallet A are calculated in its interactions with Wallet B and C.
Here you can see Metamask summing up all of the balances in my Metamask wallet. It has detected that I hold both ETH and staked ETH (stETH) assets. It also deduced that my XSGD and USDC stablecoin assets are 0, even though I did own those assets in the past. Note: I am not divulging anything sensitive here, because my wallet address is publicly known! Anybody can see what assets I own.
Here you can see Metamask summing up all of the balances in my Metamask wallet. It has detected that I hold both ETH and staked ETH (stETH) assets. It also deduced that my XSGD and USDC stablecoin assets are 0, even though I did own those assets in the past. Note: I am not divulging anything sensitive here, because my wallet address is publicly known! Anybody can see what assets I own.
  • It helps keep your secret recovery phrase secure by encrypting it with your wallet’s password.
    We will learn later what that secret recovery phrase exactly is, but a wallet’s software is always built in such a way that it keeps the phrase secure from anybody else.
    It depends on the type of wallet, however, who needs to remember what the secret recovery phrase is, in case you forget your password to your wallet or for whatever other reason you get locked out of your wallet. For a custodial wallet, the custodian (e.g a centralized exchange like Binance) will remember the secret recovery phase for you. Conversely, for a non-custodial wallet like Metamask, you are solely responsible for remembering what it is. That means that you need to make sure to memorize it by heart or write it down somewhere (ideally on a piece of paper — at least something non-digital).
A wallet will always keep your secret recovery phrase secure, but it depends on the type, custodial or non-custodial, who needs to remember the phrase in case you lose access to your wallet (for whatever reason).
A wallet will always keep your secret recovery phrase secure, but it depends on the type, custodial or non-custodial, who needs to remember the phrase in case you lose access to your wallet (for whatever reason).
  • Lastly, a wallet facilitates interpretation and helps to sign (using your private key) when you want to transact on the blockchain. What that exactly means, is that your wallet will help you visualize and understand what transaction you want to engage with. Once you approve that transaction, your wallet will subsequently utilize your wallet’s private key to attach a signature to that transaction (as discussed earlier in the basics of cryptography!).
I am about to send 0.1 ETH from michaelduyvesteijn.eth to mikkel.eth. If I click “Send” Metamask will help me sign this transaction on the blockchain using my private key. Also, note that Metamask helps me interpret the transaction by warning me with a red exclamation mark (!) that there might be something wrong/malicious with the recipient address.
I am about to send 0.1 ETH from michaelduyvesteijn.eth to mikkel.eth. If I click “Send” Metamask will help me sign this transaction on the blockchain using my private key. Also, note that Metamask helps me interpret the transaction by warning me with a red exclamation mark (!) that there might be something wrong/malicious with the recipient address.

As a final note: There are also “hardware” non-custodial wallets. They are, however, not purely hardware as e.g. a Ledger hardware wallet will only work in combination with a piece of software to interact with it. This type of wallet is considered useful because the secret recovery phrase is safely stored on an external piece of hardware that only you have access to. Additionally, they are not directly connected to the internet which makes them less susceptible to hacks. This is why they are also better known as cold wallets.

This is in contrast to non-custodial wallets that will store the secret recovery phrase on your computer (like your browser’s internal storage) or to custodial wallets that will store it on the cloud. Both of these wallets are always directly connected to the internet and are therefore considered “hot” and less safe.

For custodial, non-custodial, and hardware wallets, it differs where the secret recovery phrase is stored. Hardware wallets are also not directly connected to the internet, which makes them “cold” and safer.
For custodial, non-custodial, and hardware wallets, it differs where the secret recovery phrase is stored. Hardware wallets are also not directly connected to the internet, which makes them “cold” and safer.

2. The Wallet Account layer that can be accessed by a secret recovery phrase

Then the next layer is called the wallet account layer. Depending on how the software of the company is set up, a wallet may allow you to create 1 (like Metamask) or more wallet accounts (like Trust Wallet). It is good to understand that every wallet account has only 1 secret recovery phrase associated with it and every wallet account may contain 1 or more wallet addresses.

This is how my 2 different wallets are set up. Metamask only has 1 wallet account associated with it, containing 2 wallet addresses: michaelduyvesteijn.eth and ayraduyvesteijn.eth (my daughter’s 😏). Trust Wallet, however, can have 2 wallet accounts set up, which is a different design decision they made. Note that michael + ayra in Trust wallet refers to the exact same wallet addresses that Metamask does. Also, note that both wallet accounts under Trust Wallet have different secret recovery phrases (they’re not the same).
This is how my 2 different wallets are set up. Metamask only has 1 wallet account associated with it, containing 2 wallet addresses: michaelduyvesteijn.eth and ayraduyvesteijn.eth (my daughter’s 😏). Trust Wallet, however, can have 2 wallet accounts set up, which is a different design decision they made. Note that michael + ayra in Trust wallet refers to the exact same wallet addresses that Metamask does. Also, note that both wallet accounts under Trust Wallet have different secret recovery phrases (they’re not the same).
This is what Metamask and Trust Wallet look like in their wallet account setup. Metamask (left) contains 2 wallet addresses michaelduyvesteijn.eth and ayraduyvesteijn.eth as a part of 1 wallet account. On the other hand, Trust Wallet (right) shows 2 wallet accounts: mikkel.eth and michael+ayra (which is michaelduyvesteijn.eth and ayraduyvesteijn.eth combined).
This is what Metamask and Trust Wallet look like in their wallet account setup. Metamask (left) contains 2 wallet addresses michaelduyvesteijn.eth and ayraduyvesteijn.eth as a part of 1 wallet account. On the other hand, Trust Wallet (right) shows 2 wallet accounts: mikkel.eth and michael+ayra (which is michaelduyvesteijn.eth and ayraduyvesteijn.eth combined).

Now let’s finally spend a few words on the secret recovery phrase (or also referred to as “seed phrase”). Typically, it is a phrase made up of 12 to 24 English words to form a mnemonic (something that’s easy to remember). The industry standard that most wallets use for this is called BIP39. It’s a list of 2048 words that they will pick randomly from in order to create the seed phrase.

This is a not-very random secret recovery phrase made up of 12 words in the English language from the BIP39 list.
This is a not-very random secret recovery phrase made up of 12 words in the English language from the BIP39 list.
Upon creating a wallet account (in this case with Trust wallet) you will be presented with the secret recovery phrase. And no, you shouldn’t EVER share these 12 words with anybody else. I’m just cheeky. You’re free to try the above and see what you find. It will not lead you to any of my assets 😊
Upon creating a wallet account (in this case with Trust wallet) you will be presented with the secret recovery phrase. And no, you shouldn’t EVER share these 12 words with anybody else. I’m just cheeky. You’re free to try the above and see what you find. It will not lead you to any of my assets 😊

In principle, you should see the secret recovery phrase only once. That’s right: When you create the wallet. If you end up forgetting or losing the password that you set (as we spoke about when discussing the top layer) or if you want to transfer your wallet to a different wallet software, that’s when this phrase will allow you to regain access to the wallet and all of its assets.

You might ask: Then why bother with a password if the seed phrase can recover all my assets? Well, for one, a password is easier to enter than 12 words upon entering the wallet. And, for two, a password is used to access the wallet (the top level) and not the wallet account (the middle level). That’s how you can structurally allow multiple wallet accounts under 1 wallet.

Or conversely: Then why bother with a secret recovery phrase if you already have a password for a wallet? Can’t I just click “forget password” and receive an e-mail? 

Well, that doesn’t work for non-custodial wallets. Because one of the tenets of Web3 is anonymity/pseudonymity, so you typically don’t have your e-mail address associated with your wallet (only if you want to). If you forget your password that won’t be a recourse.

The password to your wallet is different from the secret recovery phrase associated with your wallet account. Here I compare the two.
The password to your wallet is different from the secret recovery phrase associated with your wallet account. Here I compare the two.

Moreover, the seed phrase is not only there to recover your wallet but it is also a master key. BIP39 contains a deterministic derivation formula that will be leveraged in order to create all of the public / private key pairs associated with wallet addresses from that seed phrase.

I know that last statement likely confused you, so let me put that simply: The secret recovery phrase will always lead to the same result in terms of the public / private key pair that gets assigned to the nth wallet address. If I use the phrase to create its 1st wallet address over and over again, that key pair will always be the same. Of course, the 2nd wallet address will have a different key pair.

Every time the wallet software creates the 1st wallet address, the exact same public / private key pair will be generated. That makes the BIP39 formula “deterministic”. The 2nd wallet address will of course have a different key pair.
Every time the wallet software creates the 1st wallet address, the exact same public / private key pair will be generated. That makes the BIP39 formula “deterministic”. The 2nd wallet address will of course have a different key pair.

This leads to some interesting conclusions with regard to the secret recovery phrase:

  • Because a wallet account can contain several wallet addresses, losing or giving away your seed phrase means that all wallet addresses and their public/private key pairs have been compromised, not just one wallet address. When you are moving assets out of your compromised wallet address, it may therefore be prudent to do so as well for all of the other wallet addresses in that wallet account.

  • Given that most wallets stick to the BIP39 standard, it is in fact possible to use the seed phrase created with one wallet (e.g. Metamask) in another wallet (e.g. Trust Wallet) to regain access to the wallet account and its wallet addresses. So you are not locked in with one wallet provider — you can switch relatively easily to another using the secret recovery phrase.

3. The Wallet Address layer that can be accessed by a private key

Now, the final layer that makes up a Web3 wallet is the wallet address. And this is where we can finally find back some of the basics of cryptography we have learned. 👊

It’s because the wallet address is nothing more — and nothing less — than a hashed version of the public key of the public / private key pair that was created upon the issuance of the wallet address. If you still remember from earlier, a hashed version of the public key is beneficial in blockchain operations, because it gets mapped into an alphanumeric string that is shorter and has a fixed length. 

The wallet address is created out of the public key through cryptographic hashing. For most blockchain addresses, a hexadecimal hash algorithm is applied.
The wallet address is created out of the public key through cryptographic hashing. For most blockchain addresses, a hexadecimal hash algorithm is applied.

For most wallet addresses (like that of the blockchain Ethereum), a hexadecimal hash algorithm is applied, which is why all of those addresses start with “0x….”. But even those wallet addresses in their hashed form may be further simplified through a “domain name” to something more recognizable. One of my wallet addresses for example uses ENS (Ethereum Name Service) to simplify 0x17C2FA32594664F6B90EF10588dfeD9460878eC9 to michaelduyvesteijn.eth.

Lastly — and hopefully stating the obvious now — the public and private keys are at the core of this wallet address layer. You can use the public key (through its hashed version) all over Web3 to be identified and to receive funds, for example through an airdrop (where a project gives away free tokens). There is no private key needed for this — in a very similar way to how somebody could send money to you if they knew your bank account number, but won’t be able to transfer any funds out of your bank account with only that information.

On the other hand, your private key is crucial in proving to everybody else that you have ownership over all of the assets associated with your wallet address. That’s why I state that the bottom layer — the wallet address layer —  is accessed through its private key. This ownership can be expressed through signing (exactly as how we learned in our cryptographic lesson earlier!) and can take shape in 2 kinds of messages:

  • Through a wallet confirmation signature. This is typically the very first interaction you have with a dApp (decentralized app), where you connect your wallet. You will sign this message to prove with your signature that you are in fact the holder of the private key to the wallet address that you want to engage with. Note that this is an exchange with the dApp that is fully off-chain (does not get recorded on the blockchain) and as such does not entail any gas fees (i.e. transaction fees).
Here I sign a message to connect my wallet to the decentralized exchange Uniswap. This is a wallet confirmation message, which only proves that I have control over the private key that is associated with the public key. This is not recorded on the blockchain, nor do I pay gas fees.
Here I sign a message to connect my wallet to the decentralized exchange Uniswap. This is a wallet confirmation message, which only proves that I have control over the private key that is associated with the public key. This is not recorded on the blockchain, nor do I pay gas fees.
  • Through signing a transaction. A transaction in this case means that you will sign a message with your private key that will in turn call upon a smart contract. This smart contract is a piece of code (a function to be more precise) that is then executed and makes a change on the blockchain. Transactions using your funds cannot be validated by the blockchain if no signature is attached (or if the verification of it doesn’t check out). Transactions can be used to e.g. move funds around, sell an NFT, or vote in a DAO proposal.
Here I am about to approve a transaction by signing a message that will execute a smart contract on Uniswap. This smart contract will then transfer 0.05 ETH out of my wallet (which I want to use to trade against another token). Note that a gas fee needs to be paid because it is “on-chain”.
Here I am about to approve a transaction by signing a message that will execute a smart contract on Uniswap. This smart contract will then transfer 0.05 ETH out of my wallet (which I want to use to trade against another token). Note that a gas fee needs to be paid because it is “on-chain”.

Summary

That’s it! I know this was a lengthy piece, but that’s really all there is to understand how a Web3 wallet works and how it is secured. What we learned is that:

  • A public / private key pair is used to encrypt both messages and to sign messages. Hashing is another obfuscation process in cryptography that’s used in Web3, such as when your wallet address is created from your public key.

  • A Web3 wallet is built up of 3 layers, all with their own secrets. The Wallet layer is secured by a password, the Wallet Account layer is accessed through a secret recovery phrase, and the Wallet Address layer hinges crucially on a private key. We also learned that the main functionality of a wallet is: To sum up all of your wallet's balances, keep your secret recovery phrase secure, and help interpret and sign transactions on the blockchain.

Are you keen to learn more about other basic topics in Web3? This article was co-published with KopiDAO, the Southeast Asian Web3 learning community. We run physical workshops and will launch an online Academy very soon, where you can earn your Web3 credentials in the form of a soulbound token. Join us to get access to a network of professionals who are all experimenting with the next evolution of the internet while sipping a cup of kopi ☕️.

Or are you interested in abstracting away all of the complexity and Web3 lingoes that mystify how wallets work? I am building my next venture ITW which will simplify transacting securely on the blockchain to boost mainstream adoption. Feel free to ping me on LinkedIn if you want to know how you can get involved. 🚀

My gratitude goes out to all of the folks reviewing this Web3 wallet overview! In particular, I’d like to thank: fellow KopiDAO members TY and TheBuleGanteng for helping me improve the structure and accompanying images. Also, my technologist friend Santiago was instrumental in pointing out some of the cryptographic inaccuracies.

I hope you enjoyed this article. Feel free to comment or leave questions if anything is still unclear or if I’ve still not eliminated all falsehoods. I’ll get back to you!

In case you want to show your appreciation for this piece, then you are highly encouraged to purchase and collect a limited edition NFT (at the humble price of 0.01ETH, ~13USD) of this introduction in Web3 wallets! All of the proceeds will entirely go to KopiDAO to support our mission to onboard and nurture the next 1 million Web3 talents. Many thanks!

Subscribe to KopiDAO
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
7_xA-lA19l9Nenv…oG1bKc6-Qc2GHEQ
Author Address
0x17C2FA32594664F…8dfeD9460878eC9
Content Digest
N3-4Zdcl2rN_Yxo…nre71z6sEmXTkjo