Figure 1. Bitcoin (cookie token) wallets
Q1: What is a wallet in the context of Bitcoin (or cookie tokens)?
A wallet is a software application that generates and stores your private keys, creates addresses, facilitates payments, and keeps track of your funds. It does not store the money itself (that’s in the blockchain or spreadsheet) but holds the keys to spend it.
Q2: What common tasks should a wallet handle?
Q3: How does the wallet improve the user experience compared to emailing Lisa manually?
The wallet automates most steps: it handles address creation, digital signatures, and prepares the payment details (amount, recipient address) for the user. It also updates balances automatically by checking the spreadsheet/ledger.
Q4: Why do we need to back up our private keys?
Because losing your private keys means permanently losing access to your funds. The ledger (spreadsheet/blockchain) won’t care who lost a key; it only checks digital signatures.
Q5: What are some initial (but imperfect) solutions for backing up private keys?
Q6: What are the main drawbacks of password-encrypted backups?
Q7: What is a hierarchical deterministic (HD) wallet?
An HD wallet derives all of its private keys from a single master seed. This seed alone can recreate the entire family (tree) of private keys, enabling a single backup to restore them all.
Q8: Why is this approach so much better for backups?
You only need to back up once (the seed). Any new addresses derived in the future remain backed up as long as you have that seed. No repeated exports, no repeated backups each time a new key is generated.
Q9: Instead of storing a hex seed like 16432a2077…, how can we make it more human-friendly?
We use a mnemonic sentence of 12 or 24 English words. This is easier to write down and verify. The wallet can convert it back into the seed if needed.
Q10: How does the mnemonic system protect against typos?
Each mnemonic includes a short checksum (several bits), so if the user writes down incorrect words, there’s a high chance the wallet will detect it when restoring.
Q11: What is an xprv and how does it differ from a normal private key?
An xprv (extended private key) contains two parts:
Q12: What about xpub (extended public key)?
Similarly, an xpub is the public key + chain code. With an xpub, you can generate new addresses (child public keys), but cannot spend funds because you don’t have the private keys.
Q13: Why is xpub so useful on insecure servers?
A web server can generate many fresh receiving addresses using the xpub (no private keys needed), so even if the server is hacked, the attacker cannot steal funds—it only exposes public info.
Q14: What's the risk if someone has a normal child private key and the parent xpub?
They can potentially compute the entire parent xprv (and thus spend all other child keys in that branch). This is because normal derivation uses standard math that can be reversed with these two pieces of info.
Q15: How does hardened derivation fix that?
Hardened derivation uses the parent private key in the hash instead of the parent public key. That way, the child private key cannot be reversed from the xpub.
Q16: What is the elliptic curve used in Bitcoin, and why is it secure?
Bitcoin uses the secp256k1 elliptic curve y^2 = x^3 + 7 (mod p).
It's secure because there's no known efficient "inverse" for the
multiplication operation that maps a private key to a public key.
End of Study Notes for Chapter 4. These principles—wallet apps, HD wallets, mnemonic sentences, and xpub/xprv—are crucial for convenient and secure management of Bitcoin or cookie tokens!