• wallet or account를 통해 token(e.g., cryptocurrency)을 보관하는 것이 아닌 token에 대한 access를 가지고 있음.

HD wallet

Hierarchical Deterministic

BIP-32

• Master key generation: seed or mnemonic → HMAC-SHA512 → $(I_l, I_r)$
• Key derivation
  • hardened key: parent private key + chain code. apostrophe means hardened.
  • Extended key: In order to prevent these from depending solely on the key itself. extra 256 bits of entropy(chain code is identical for corresponding private and public keys).
    • extended private key -> both private and public child key.
    • extended public key -> only public child key.
  • Essentially, a hardened child key is computed with hash(parent private key + index), whereas a non-hardened child key is computed with hash(parent public key + index).
  • Child key derivation (CKD) functions
    1. Private parent key

       1. private child key

          let I
          IF index ≥ 2^31 (hardened key)
            I = HMAC-SHA512(parent_private_key, chaincode)
          ****ELSE
            I = HMAC-SHA512(parent_public_key, chaincode)
          
          I_l, I_r = I.split()
          child_private_key = I_l
          child_chaincode = I_r
          

       2. public child key (neutered)

    2. Public parent key

       1. public child key

          If index **≥** 2^31 (hardened key)
            return failure
          ELSE
            HMAC-SHA512(parent_public_key, chaincode)
            
          // same as the above.
          

       2. private child key: Not possible.

  • Key identifiers
    • Hash160
    • the fingerprint of the parent only serves as a fast way to detect parent and child nodes

BIP-44

• Derivation path

  m / purpose' / coin_type' / account' / change / address_index

  For example,

  m/44’/60’/0’/0/0

  purpose: 44’ following the BIP43.

  coin_type: ethereum(60)

  account: for many purposes(e.g., donation, saving, common expenses)

  change

  • external(0): for deposit
  • internal(1): for sending back

  address: public key and private key

• master private key’s sole purpose is wallet tree regeneration. It is unable to sign transactions.

• change address becomes harder for external observers to track your wallet balance and transaction history. (For Account Discovery)

MultiSig

• 여러 서명을 하나의 서명으로 만들어서 이더리움에 보냄: L2
• 스마트 컨트랙트에서 자체적으로 여러 서명을 검증: L1
• Flow
  • implementation completed in Typescript.
  • golang - reference

Managing & Protecting

1. Shamir's Secret Sharing(SSS): a way to split a secret (like a private key) into multiple shares and reconstruct the private key

2. TSS(Threshold Signature Scheme) and MPC(Multi-Party Computation):

   Signing transactions securely

   MPC 어떤 식으로 분리?

   어떻게 서명 만듦?