Not your keys, not your coins.

메타마스크는 Browser Storage(Extension)에 개인키를 암호화해서 보관.

HD wallet

Hierarchical Deterministic

BIP-32

• Master key generation: seed or mnemonic → HMAC-SHA512 → $(I_l, I_r)$
• Key derivation
  • hardened key: parent private key + chain code. apostrophe means hardened.
  • Extended key: In order to prevent these from depending solely on the key itself. extra 256 bits of entropy(chain code is identical for corresponding private and public keys).
    • extended private key -> both private and public child key.
    • extended public key -> only public child key.
  • Essentially, a hardened child key is computed with hash(parent private key + index), whereas a non-hardened child key is computed with hash(parent public key + index).
  • Child key derivation (CKD) functions
    1. Private parent key

       1. private child key

          let I
          IF index ≥ 2^31 (hardened key)
            I = HMAC-SHA512(parent_private_key, chaincode)
          ****ELSE
            I = HMAC-SHA512(parent_public_key, chaincode)
          
          I_l, I_r = I.split()
          child_private_key = I_l
          child_chaincode = I_r
          

       2. public child key (neutered)

    2. Public parent key

       1. public child key

          If index **≥** 2^31 (hardened key)
            return failure
          ELSE
            HMAC-SHA512(parent_public_key, chaincode)
            
          // same as the above.
          

       2. private child key: Not possible.

  • Key identifiers
    • Hash160
    • the fingerprint of the parent only serves as a fast way to detect parent and child nodes

BIP-44

• Derivation path

  m / purpose' / coin_type' / account' / change / address_index

  For example,

  m/44’/60’/0’/0/0

  purpose: 44’ following the BIP43.

  coin_type: ethereum(60)

  account: for many purposes(e.g., donation, saving, common expenses)

  change

  • external(0): for deposit
  • internal(1): for sending back

  address: public key and private key

• master private key’s sole purpose is wallet tree regeneration. It is unable to sign transactions.

• change address becomes harder for external observers to track your wallet balance and transaction history. (For Account Discovery)

BIP-32 → BIP-44

• 어떤 방(Coin Type)으로 가느냐에 따라 다른 재료(Private Key)가 나오고, 그 재료를 어떤 조리법(Hashing/Encoding)으로 요리하느냐에 따라 전혀 다른 요리(Address Format)가 서빙되는 것입니다.