Introduction to Crypto Wallets
A wallet is the most essential accessory that everyone carries around with them. A digital wallet is a program that stores personal information about payments and passwords of websites. In Cryptocurrency, a wallet is used as a gateway to a blockchain network. These wallets interact with a blockchain and don’t store cryptocurrencies. A wallet securely stores the public keys, private keys, and the addresses of the user. It can also store the digital signatures of all the data which has been exchanged using the stored addresses and key-pairs. A person will get complete access to the data stored in your wallets using the private key. Usually, we hear in the news about cryptocurrencies getting stolen, this means that someone got access to the private key of the user and all the cryptocurrencies were transferred from one wallet address to another and since blockchain’s ledger is irrefutable, the process can’t be undone.
How Crypto Wallets Function?
All the information one needs to use cryptocurrencies are generated by the wallets. For example, M wants to build a new Bitcoin wallet to receive a payment from Z. Using a ‘crypto wallet program’ would be the easiest way to do this. A new wallet would generate a set of keys; a public key and a private key. The program uses the public key to generate a Bitcoin address. M needs to give Z the Bitcoin address for Z to be able to transfer the Bitcoin from his wallet to M’s wallet.
Coins are only transferred from one address to another and they never actually leave the blockchain.
While it is safe to share their public key or address, one must never share or disclose their private key with others. One can use the private key to access one’s funds and for signing new transactions. As long as one has their private key, they can use any device to access their wallet but if someone gets a hold of your private key, your funds can be stolen. The private key can also be used to recover the public key and addresses and it is a key element of a wallet.
Types of Crypto Wallets
There are two main types of cryptocurrency wallets: Hot Wallets and Cold Wallets.
Hot wallets are wallets that are somehow connected to the internet, for example, wallets available on cryptocurrency exchanges. They are convenient for traders and frequent users as they are easy to set up and access.
Cold Wallets are a safer alternative to hot wallets. They are not connected to the internet and they physically store the public & private keys offline. They are resistant to hackers and are also known as cold storage. They are extremely convenient for long term investors.
Cryptocurrency wallets can be further divided into 3 groups; Software Wallets, Hardware Wallets, and Paper Wallets.
Software wallets are those that are in some way connected to the internet. They store your cryptocurrency and are easily accessible by frequent traders. It’s a secure wallet but can be compromised in case your system is hacked. They fall under the category of hot wallets. There are three types of software wallets:
Desktop Wallets are software that can be downloaded onto your desktops. They are easily accessible for transactions. They are safer than Web Wallets. Desktop Wallet gives you full control over your funds and keys, unlike some web wallets. A file called “wallet.dat” is stored locally on your computer when you generate a new desktop wallet. It is important to encrypt this file with a personal passcode as it contains your private key information which is used to access your cryptocurrency addresses.
Once encrypted, to read the wallet.dat file, you need to provide your passcode every time you run it. You will most likely lose your funds if you lose the file or forget your passcode. It is critical to back up this file and keep it safe. You can also access your funds on another device by exporting the private key in case your computer stops working.
Web Wallets are available online and they are accessible through a browser interface without having to download any app or program for them. All exchanges offer them and you can send & receive tokens on them. Web Wallets include any browser-based wallet as well as exchange wallets. They are more susceptible to online hacks.
Mostly, you are required to set a personal password when you create a new wallet to access it. But, some providers hold and manage the private keys for you. This may seem convenient, but it’s dangerous; as if you don’t hold your private keys, you are trusting a third party with your money. To help solve this problem, a lot of web wallets now allow you to manage your keys, either entirely or through shared control. So, it is crucial to see which wallet is most suitable for you from a technical perspective before choosing one.
It is important to use security tools available when using an exchange’s wallet such as 2-factor authorization, anti-scamming code, etc
Mobile Wallets are app-based wallets that can be used on your phones. One has to download and install them on their phones. They offer extreme convenience as you can trade through the use of QR codes. They are the most convenient for performing everyday transactions and make them the most feasible option for spending cryptocurrencies. One of the most prominent examples of a mobile Crypto wallet is Trust Wallet.
Like web and desktop wallets, mobiles are also jeopardized by malware and malicious forces. It is essential to encrypt your mobile wallet with a passcode and to backup your private keys in case your device gets lost.
Hardware wallets are those where you store your cryptocurrency offline on a physical electronic device. This device generates a random number that is used to generate the public and private keys and the device then stores these keys. These wallets offer a higher level of security as they store the data offline, but that makes them less accessible. To overcome this, many web wallets offer a service to connect your device directly to the trading platform and this allows hardware wallets to be connected to your browser interface.
They are the most secure way to store your cryptocurrency. As they are not compatible with all kinds of cryptocurrency, one has to find a wallet that is compatible with the currency they want to store. They fall under the category of Cold Wallets and hence are more convenient for long term investors. One of the most prominent examples of Hardware Wallet is Ledger Nano S
Paper wallets are wallets you print out. They fall under the category of cold wallets. They contain your public and private keys which are usually in the form of a QR code. One has to scan the QR code to access the wallet to execute transactions. Some paper wallets let you generate new address and keys while being offline by allowing you to download their code. Though paper wallets are the safest way to avoid a hack on your data, unfortunately, they come with their fair share of issues. In a paper wallet, you can only transfer the entirety of your funds and transactions.
Just like with any data, back up is the most important so as to not lose access to your funds and private keys. It is essential to back up regularly and research to ensure you are using a wallet of your choice that fits your criteria the best. All wallets have their upside and downside, so choose wisely.
Blockchain’s impact on industries is increasing rapidly. The technology has the potential to disrupt all the industries of the modern world with its decentralization and mutual trust behaviour. Financial services were the early adopters of blockchain, but presently, every industry wants to try this technology. Supply-chain, healthcare, social media, entertainment, energy, gambling, gaming, robotics, analytics, marketing, real estate, retail & e-commerce, education, charity, legal, art and social media industries have their projects already proliferating in the market. The biggest advantage of a distributed ledger is maintaining an unchangeable shared ledger between two firms which gets automatically updated after every transaction.
Fiat currencies are those currencies that are issued by the government and regulated by a central bank like RBI. They are based on a centralized system which means they are operated by a single entity such as RBI or FED. These centralized systems, including your banks handle all your finances, do all the transfers, update accounts tasks and store all the information about ‘Your Money’.
Cryptocurrencies are different from Fiat currencies as it is only available in a digital format and it’s not controlled by any central authority. This is called decentralization. To understand cryptocurrency, we need to understand what a decentralized system or a decentralized ledger is.
Decentralized Ledger Explained
We will start with what is a Ledger?
A ledger is a written or computerized record of all the transactions a business has completed. Usually, it is maintained by one centralized body like banks or accounting departments of the companies. In a distributed ledger, there are multiple participants to handle these tasks. When these tasks are distributed to everyone in the network, it is called a distributed ledger. When these tasks are distributed only to some people in the network, it is called a decentralized ledger. Bitcoin‘s ledgers are a type of decentralized ledger.
Blockchain is a similar database that allows multiple users to record and make changes in it. Once the data is entered, it cannot be removed or changed as it only provides the feature of adding the data. The data can only be added to the blockchain once the majority of the participants provide the consensus to confirm the authenticity of the data with the process called ‘mining’. The data (a transaction in the case of Bitcoin’s blockchain) will be represented as a block in the network. The data gets broadcast on the blockchain network and it will validate the authenticity of the transaction using a consensus mechanism. A new block is generated once the block is deemed authentic by the network. After which it gets added to the most current state of the blockchain.
In the decentralized system, the information is not stored in one place. Every time a new change occurs or a new transaction happens, the node first verifies the transaction and then receives a copy of the new state of the ledger. A full node is basically a device (like a computer) and not a human who is doing the verification task manually. However, the entire blockchain data is publicly available on the internet and anyone can become a node by downloading the same. All nodes on a blockchain are connected to each other and they constantly exchange the latest blockchain data with each other so that all nodes stay up to date. They store, spread, and preserve the blockchain data. Hence, theoretically, a blockchain exists on nodes.
Now the next question comes where is cryptocurrency in this infrastructure. The currency used to transact on a blockchain is called a cryptocurrency. There is already enough buzz in the market, which has termed cryptocurrency as an asset, a commodity, digital gold, and even similar to real estate. Cryptocurrencies are digital currencies that are able to operate as a medium of exchange at a peer-to-peer level and enabling direct payments between individuals. Since the entire blockchain is developed using the principles of asymmetric cryptography, it was wise to call Bitcoin or any mode of exchange on a blockchain, a cryptocurrency. The idea behind the invention was to find a way to be independent of a central authority while producing a means of exchange that is secure, immutable, and verifiable.
They operate on decentralized platforms which means it is not controlled by any central authority. The decentralized nature of the blockchain makes cryptocurrencies theoretically immune to the old ways of government control and interference. Transactions made by this system can neither be reversed nor be faked. Cryptocurrencies are the way to solve the digital cash problem and helps to maintain integrity.
As we all know the first cryptocurrency was Bitcoin launched in 2009. Its inventor Satoshi Nakamoto is still unknown as of today. Bitcoin’s success has spawned a number of competing cryptocurrencies known as “altcoins”. Today, there are literally thousands of cryptocurrencies in existence with an aggregate market value of over $270 billion. Bitcoin currently represents more than 50% of the total market value.bitcoin
Criteria to Differentiate Blockchains
There are multiple criteria to classify blockchain. We will be classifying it based on the permissions provided to the users and the nodes to access, verify, or update the blockchain. If everyone is permitted to read and write, it is called Permissionless/Public. If only limited users are permitted to read and write, it is called Permissioned/Private. To put an analogy, a public blockchain is like a public Wi-Fi, whereas Private Blockchain is like a corporate Intranet. The detailed explanation and applications of this classification are the following:
Permissionless (Public) Blockchain
Bitcoin, Ethereum, Zcash, Neo, Stratis, etc. are examples of public blockchain. They are decentralized platforms where anyone is allowed to participate without any request for access or fulfilment of criteria. The consensus mechanisms are designed very meticulously to prevent malicious users from entering and become a part of the network. The primary rationale for a number of participants and networks to grow in this category is because every kind of participation is free and the nodes are rewarded for providing consensus to the transactions in the blockchain. The rewards are in the form of a transaction fee or the cryptocurrency which functions in the blockchain.
The following characteristics should be considered to deploy public blockchains in the business model:
- All the data stored in the blockchain are public, although pseudo-anonymity of the user can be established since the data will be linked to the wallet or public key.
- History of changes made in the database will be visible to everyone in the world.
- Mimicking or entering false data in the blockchain, although it can be prevented using multiple cryptographic defence layers and protocols.
- The data is immutable. These types of blockchain should only be used if the business model can handle rigorously increasing data.
- Transaction speed may be slower than a centralized ledger since the consensus protocol and the addition of blocks takes time.
Permissioned (Private) Blockchain
These are very customizable blockchains that can be developed by an individual or for an entire organization. The difference from permissionless blockchain lies in the access control layer built into blockchain nodes, or, the access who has to read, write, and change the blockchain, and also who provides these accesses. A group of participants or nodes are appointed in the network who are given authority to provide consensus to the blockchain. This authority also includes the writing of smart contracts. This authority is usually provided using a private key. Multiple organizations or individuals who wish to work together, but do not trust each other can set up permissioned blockchains. This type of blockchain can provide full knowledge about all the honest internal interactions between the two parties without anyone able to alter the data.
Permissioned Blockchains are relatively fast and cost-effective because the number of nodes providing the consensus is lower, which also means the blockchains are relatively less secure. One way to make them secure by doing unpredictable distribution of the power of making blocks among the nodes. Permissioned blockchains generally require 2/3rd of the private keys to validate the recent state of the blockchain in comparison to 51% in a permissionless blockchain. They are more scalable because they are not employing consensus mechanisms like Proof of Work in their structure. Permissioned Blockchains have different algorithms like RAFT, Paxos, Roundhead Consensus, or other PBFT algorithms.
The following characteristics should be considered to deploy private blockchains in the business model:
- Since most of the activities in the blockchain are immutable, providing access to someone in the network and then revoking it can be a challenge.
- To provide access to a specific task based on the requirements of the position of an employer, the blockchains should be structured very carefully.
- Since the mining nodes will be very limited and they are the ones who are enforcing the rules, a deep level of trust and a strong incentive not to act maliciously is generally required.
- Since the malicious or incorrect data entered in the blockchain can’t be undone, forking may be required with the consensus of the remaining nodes to implement changes in the system.
- Private keys of all the nodes must be secured to ensure compliance to the consensus protocol. Access to these keys can not only induce false data in the blockchain but can also result in more commissioning of dishonest nodes.
When the permissions are kept within an organization or a group of individuals, it is called a Private Blockchain. Examples may include auditing, database management, healthcare, etc. Industries who don’t want public readability of their data will take advantage of blockchain using private blockchains by setting a group of participants within the organization to verify blocks internally. When a group of organizations (usually from a similar industry) come together to become participants in a permissioned blockchain, these blockchains are called Consortium/Federated Blockchain. In Consortium Blockchains, the consensus mechanism is provided by a pre-selected set of nodes agreed by all the participating organizations. These nodes can be formed by independent bodies or by the participating organizations. For example, a group of 30 banks can become a part of a consortium blockchain and can make full use of the principal features which include distributed consensus, record immutability, and instant asset (money) transfer between the banks.
A hybrid model of permissioned and permissionless blockchain can also be built based on business requirements. The companies may want to maintain the privacy of different operations, departments, and ledgers differently. Considering the above example of banks, they may be required to keep the ledgers publicly readable, but the customers may demand privacy and control of sharing the data of their accounts or wallets. Adding to this, a hybrid model of the distributed and centralized database can also be developed where generally the data is stored in a cloud and the hashes of the data are stored in a blockchain. Since blockchain (both permissionless and permissioned) has limitations regarding privacy, immutability, and storage, companies have also considered employing blockchain only in those departments where necessary.
Introduction to Smart Contracts
Firstly, we want to make it clear that Smart Contracts are neither ‘Smart’ nor a ‘Contract’. A smart contract is a set of cryptographic code which consists of pre-determined rules and execution of a task. In layman’s terms, the criteria are embedded in the code and once those criteria are met, the corresponding task or event is executed
For example, you can write a smart contract about paying $450 for rent every 30th of the month, transferring the assets once the predetermined payment is received, vote on the day of elections with the records being untampered, etc. One of the most important qualities of the smart contracts is that since the contracts are stored in a blockchain, they cannot be changed once written.
This quality has its own pros and cons. On one hand, it provides transparency and automation, on the other hand, the contract has to be written again if there is any flaw in the code, which sometimes makes the applications pricey. Smart Contracts provide the advantage of automation to its very fundamental nature. Due to the qualities mentioned above, Smart Contracts are autonomous, trustworthy, accurate, secure, and economical. They are economical in a way that the contracts will cut down the expenses incurred on middlemen.
History of Smart Contracts
In 1994, Nick Szabo, a computer scientist, and a legal scholar came up with the idea of smart contracts. He said a form of self-executing contracts could be developed using a digital signature, cryptography, and secure computation. He intended to use distributed ledgers to store such contracts.
In traditional contracts, you would have to go to a lawyer, broker, or government and pay them to get an important document, but in smart contracts, there is no middle man.
Smart Contracts can also function with digital signatures. This means that the contract will execute only if the required participants digitally sign the contract using their private keys. The contract can also store information like terms of agreements, membership records, health records, domain registration information, etc. which makes their applications vast. They can also run as a series or a web of smart contracts where one contracts triggering event can depend upon the results of the other contract. Due to this characteristic, the complexity of smart contracts can vary from as small as completing a transaction to forming an entire organization (DAO) which is fully automated.
Imagine a fundraising platform; here, people can go on the platform and create a project. They set a funding goal for this project which people donate to if they like or believe in the idea. Essentially the fund-raising platform is a third party that sits between the creator and the supporters.
The creator of a project expects the funds to be given to them, if the funding goal is met; whereas, the supporters want their money to go to the project or get a refund when it doesn’t reach the goal. The most important factor of a traditional contract is trusting a third party, but one can build a similar system that doesn’t require a third party with smart contracts.
Now if you create a Smart Contract for this, an agreement will be coded where the T&C is encrypted in the hash. This program holds all the received funds until the goal is reached. Thus, this money can now be transferred by the supporters to the Smart Contract. The contract automatically passes the money to the creator of the project if fully funded or issues a refund if not.
Smart contracts like traditional contracts can be used to help exchange property, money, or anything of value in a transparent, conflict freeway, all the while avoiding the services of a middle man. Smart contracts can define the rules and penalties of these agreements in the same way as a traditional contract but can also automatically enforce them.
Suppose you rent a house from a landlord, you can do this through the blockchain by paying in cryptocurrency. You get a receipt that is held as your virtual contract. A digital entry key is given to you by the landlord which comes to you by a specified date. If the key comes before the date then the blockchain holds it and releases both the fee and the key respectively when the date arrives. In case the key is not sent on time, the blockchain releases a refund.
The system works on the conditional premise of “If” and “Then”. Hundreds of peers witness it on the blockchain, so you can expect a faultless delivery. If the landlord gives you the key, then the landlord will definitely get paid. The code of the contract cannot be interfered with by any of the parties without the other one being simultaneously alerted.
Advantages of Smart Contracts
- As smart contracts are stored in a blockchain, everything is completely distributed, everyone on the network validates the output and no one is in control of the money. It inherits the properties of a Blockchain.
- Since there is no need to rely on a third party, they are autonomous.
- They also help you save money as there is to a middleman you have to pay.
- Trust is another important benefit as all your doc are encrypted on a shared ledger, they record transactions and no one can say they lost a document or sent money when they didn’t or any other sort of human errors.
- In a smart contract, you don’t have to worry about your information being lost, as, in a blockchain, each and every peer has a duplicate copy of your documents and is backed up, and retrievable.
- In a traditional contract, it takes a lot of time to manually process paperwork and documents. Smart contracts use code to automate tasks and thereby save hours off many business processes.
- Smart contracts are not only cheaper and faster but also avoid the errors that come from manually filling out piles and piles of forms and documents. They are extremely accurate.
- Smart contracts are immutable as they can never be changed once created.
Disadvantages of Smart Contracts
- Smart Contracts are far from perfect though. There are many questions that arise when it comes to the remedies available for the execution of smart contracts.
- Many questions such as what if a bug gets in the code, how would the dispute regulation take place, what if the terms and conditions have to be changed once it has been entered into the hash, etc.
- In a traditional contract, parties can go to court for their disputes and have their contracts rescinded but in Smart contracts the situation is different. Once a contract is executed there is no way to revert transactions, however, this does not take away the right to remedy. The contract and dispute resolution for smart contracts is very real and a growing field.
The list of challenges and technicalities goes on. Experts are trying to work on these critical issues but these issues often dissuade potential adapters from signing on. Several platforms already exist which use Smart Contracts among which Ethereum is the one that has pioneered its application. It is specifically designed and created to support Smart Contracts.
The success of a platform like Ethereum using Smart Contracts shows that when the issues are ironed out, Smart Contracts are a form of technology that will be the future of contracts.
Components of a Blockchain
Before understanding how a blockchain works, let’s understand the Blockchain Architecture and its components.
One of the most important components of Blockchain Architecture is the hashes which are generated by hashing the content of the block. Hashing is a randomized algorithmic process to calculate a fixed-size output (called as digest) for an input of any size. Look at figure 2, the output will be purely unique and even a single ‘bit’ of change in the input will change the output completely. The algorithmic function used here is called ‘hash function’ which is a one-way function (preimage resistant), which means it is practically impossible to reverse the function and obtain the desired input from a calculated output. Adding to this, it is practically infeasible too to produce the same output from two or more different inputs (second preimage resistant).
Hash (x) = Fixed size digest
Most of the Blockchains use a hashing algorithm called as Secure Hash Algorithm – 256 (SHA-256) which gives a fixed output of 256 bits (32 characters each of 8 bits) means there are 2256 different possible values. With the growing use of this technology, a larger number of input values can exist with a fixed amount of outputs which brings with it the possibility of collusion (Hash(X) = Hash (Y)). However, the probability of this collusion event is very low and thus, SHA-256 is called to be collision-resistant. Every time the data is added to the block, it generates a new hash fingerprint’ (digest) for the list of data. Even a small change in any data among the list will change the fingerprint of the block, making it very convenient to find any change occurring in the database.
Private/Public Key Cryptography
Private/Public Key cryptography is a very fundamental feature provided to secure the data flow between two users. A pair of keys is generated, called a public key and a private key, which are mathematically related to each other. The public key can be made public, but the private key needs to be kept secret to keep the database owned by the user secure. This process is also called as Asymmetric-key cryptography. Although the keys are related to each other, it is practically impossible to evaluate the private key by knowing the public key. In a Blockchain system, the receiver’s public key is used by the sender to send the data, and the receiver, with the help of his own private key can decrypt the data (see figure 3). The private key is usually longer than the public key. Using this method, it is clearly evident that the data exchange is happening only on a peer-to-peer principle.
The address is an alphanumeric string of characters which are derived by applying a hash function to the user’s public key. Addresses are usually shorter than the public keys and are mostly used to send and receive digital assets. But in this paper, we will be using the addresses for different purposes. The address is generated by a simple process:
public key → hash function → address
These addresses are responsible for the pseudo-anonymity in the Blockchain ecosystem by acting as the participant’s digital identity in the network.
A wallet securely stores the public keys, private keys, and the addresses of the user. It can also store the digital signatures of all the data which has been exchanged using the stored addresses and key-pairs. Getting your private key stolen will mean the stealer has complete access to the data stored in your wallets using the private key. Usually we hear in the news about cryptocurrencies getting stolen, this means that someone got access to the private key of the user, and all the cryptocurrencies were transferred from one wallet address to another, and since blockchain’s ledger is irrefutable, the process cannot be undone.
A block contains a list of validated data (generally a transaction) and is generated or update after the process of mining. Each block is hashed to its current state, which is done to protect and trace the changes a block is undergoing through.
A block is made up of the following components:
Block Height – Also known as block number is the number of blocks which precedes that particular block. The genesis block is the first block generated in a blockchain. Block Height can also be termed as the distance between that particular block and the genesis block.
- Current Block Hash – The newly generated hash value of the current state of the Block.
- Previous Block Hash – The hash of the block formed just before that block. The current block hash will be changed if the hash of any block generated before the current block changes.
- The Merkle Tree Root Hash – Since it is nearly impossible to store the hash of every update the block is going through; the block only stores the Merkle Tree Root Hash in the Block Header. A Merkle Tree keeps combining the hash values of the data until only one root hash is remaining to be stored. This root hash is called as the Merkle Tree Root Hash. This procedure can be used to summarize the data in the block and verify the presence of each and every change that happened in the block. The process can be seen in figure 4 below.
Looking at the figure above, the 1st layer is the data layer which contains A, B, C, and D. These are the data elements that need to be summarized. In the 2nd row, the hash of each data has been generated using a hash function. The hashes of the data are combined in the following layers and the hash of the combined hashes is generated. This process is repeated until the tree is left with a single root hash which is on the topmost layer. The Merkle root is stored in the Block header and hash value of the block header depends upon the Merkle Root Hash. Any change in any layer of the hierarchy will result in the change of hash values of Merkle Root Hash and the hash of Block Header.
- Timestamp – A timestamp is the stamp of the exact time when the block is generated or updated by the miner. The miner is responsible for inserting the timestamp in the block. In-Page 7 of Ethereum’s White paper, Vitalik Buterin says to check if the block is valid:
“Check that the timestamp of the block is greater than that of the [median of the 11 previous blocks] and less than 2 hours into the future”
- Nonce Value – It is a one-time 32-bit random number, manipulated by the miner to solve the hash puzzle, which when solved, enables the miner to add the block to the blockchain.
- Data included in the block
Chaining the Blockchain
As observed in the list of components of a block, each block contains its own hash as well as the hash of the previous block and this is how the blocks stay connected and form a linear chain of blocks. Any change in a block will result in a change in the hash of that block and in all the hashes of the succeeding blocks. This way, it is easier to locate the block which has undergone a change.
Below is the figure to summarize the complete architecture of the blockchain.
How does a Blockchain work?
Below is a step-by-step process that explains the working of a blockchain. We are explaining this working based on Bitcoin’s blockchain. To start with the process, consider A wants to send money/data to B. The transaction will be represented as a block in the network. The architecture of the block has already been discussed earlier. The transaction is broadcasted on the blockchain network. The network (miners) will work to validate the authenticity of the transaction using a consensus mechanism (discussed later). A new block is generated once the block is deemed authentic by the network. Once the block is generated, it will be added to the most current state (the most recent block) of the blockchain. After the block has been added, the blockchain will be updated to its most current state and the transaction will be executed.