How your hard wallet works : a simple explanation.
Everyone knows that one of the biggest challenge in the crypto industry is to keep your secrets secret.
How can one conciliate the paradox of keeping a private key away from internet while using a crypto wallet which requires both the private key and an internet connection? The simplest answer is : hardware wallet.
First, an hardware wallet is a very simple piece of electronics. Actually, as simple as it can get.
Why? Because the simpler the device is, the harder it is to hack it (No complex code that can be twisted, no forgotten vulnerabilities etc.).
But… How does it work?
I will (arbitrary) chose the Ledger wallet as an example (but the Trezor wallet is also a very good wallet). The Ledger wallet generates a MASTER KEY : the string of 24 words that you need to store safely. This is the MASTER KEY based on which, all your crypto private keys will be created. Simply put, you can imagine for instance that if your ledger Master key is : LEDGERMASTERKEY, your Bitcoin private key will be : LEDGERMASTERKEYBITCOIN, your Ethereum master key will be : LEDGERMASTERKEYETHEREUM and so on for every other crypto supported by the hardware wallet.
But… How the hardwallet 'randomly' generates the master key?
A computer or any electronic device is anything but random. A computer can not 'pick' or 'choose' a random number. This is why it is actually very difficult in the field of informatics to generate random stuff. But… there are tricks!
Simply put : when you switch on your hard wallet for the first time, it will capture the electric noise inside itself to subsequently put a huuuuge number on this electric noise. This number will then be used to create the master key. Because the electric noise is extremely variable and will never be the same, EVER, your master key will be unique and ‘randomly generated’. So, basically, the 24 words are the representation of the electric noise signature that was captured when the ledger was first switched on. No one will never be able to guess it or generate the same.
Yes but, how come is it possible to regenerate my wallet on a new Ledger using my 24 words?
If a Ledger get destroyed, the user just needs to buy a new one and enter his 24 words. The string of words will provide the new Ledger the electric noise originally captured by the destroyed Ledger. It will then allow the new Ledger to be in the same state as the previous one. Basically, it's like saying to your new Ledger : My previous master key was : LEDGERMASTERKEY. Because all the Ledger works in the same way, the new Ledger will regenerate the same private keys : LEDGERMASTERKEYBITCOIN, LEDGERMASTERKEYETHEREUM etc.
So, if every Ledger can put the same words on the same numbers it means that they all have a 'common reference'?
Indeed, there is a PUBLIC list of the 2048 possible words which can be used to create private keys. Each word is associated to a number. As long as all the Ledger devices share the same word-number association, everything is fine.
Ok, but how come is it safe to use a device made by a company?
As explained before, the MASTERKEY (and all the subsequent cryptokeys) is 'randomly' generated when you first switch on the device. After that, those keys never touch the internet. Indeed, to control the device (thus, the cryptokeys), you need to push physical buttons on it. No hacker can hack that because you need a physical finger to push it. You can not hack the finger of someone to push a button! No hacker can actually hack your hands.
Good, and what are the worst case scenarios?
Finally : do not forget that your coins are not stored on your hard wallet. If you want to understand how it works in 1min, read this 🙂