All Posts

Architecture and Blockchain Wallet Creation Mechanism

blockchainJanuary 1, 2026·#Blockchain

The article deeply analyzes the mathematical foundation and rigorous technical steps to form an e-wallet, helping users master digital assets in the decentralized era.

Architecture and Blockchain Wallet Creation Mechanism

Blockchain Wallet Architecture and Mechanism: From Cryptographic Entropy to Distributed Digital Asset Governance

The birth of Bitcoin in 2009 not only introduced a new currency but also established a completely different way of thinking about digital ownership. In this system, the blockchain wallet serves as the key interface, the boundary between the user and the distributed ledger. Contrary to popular belief, blockchain wallets do not actually store cryptocurrency inside the device or application; instead, it is a tool for managing cryptographic key pairs. These keys allow users to interact with the blockchain to securely perform transactions, claim ownership, and transfer value. According to experts at Tan Phat Digital, a blockchain wallet is created through a series of rigorous technical processes, starting from generating pure randomness, converting into readable linguistic phrases, and finally deriving a complex tree structure of cryptographic keys. This entire architecture is built on the foundation of Elliptic curve cryptography (ECC), which allows establishing control over assets without any confirmation from a central authority.

Elliptic Curve Cryptography and Digital Signing Algorithm

The heart of the blockchain wallet creation process is asymmetric cryptography. The mechanism is based on one-way mathematical functions, also known as "trapdoor" functions, which are easy to implement in the forward direction but extremely difficult to reverse without secret information. In the blockchain context, the most popular algorithm used is the Elliptic Curve Digital Signing Algorithm (ECDSA), specifically the secp256k1 curve.

Secp256k1 Curve Specifications

The secp256k1 curve was chosen for Bitcoin and later Ethereum because of its superior computing performance and security properties. It is defined by the equation $y^2 = x^3 + 7$ over a finite field of prime numbers $p$. The use of non-random parameters in the design of secp256k1 gives the cryptographic community confidence that there are no "back doors" installed by government entities. Below are the main technical parameters:

  • Parameter $p$: Value $2^{256} - 2^{32} - 977$, representing the size of the finite field of prime numbers.

  • Parameter $a$: Value equal to 0, is the coefficient of the variable $x$ in the line equation curve.

  • Parameter $b$: Value equal to 7, is a free constant in the curve equation.

  • Parameter $G$ (Generator Point): Origin point used to perform point multiplication on the curve.

  • Parameter $n$ (Number of steps): Total number of points that can be obtained on the curve.

  • code.

The key generation process begins by choosing an extremely large random number $k$, which serves as the Private Key. The Public Key is then calculated by multiplying the point $G$ by this number $k$: $K = k \times G$. Point multiplication on an Elliptic curve is a complex mathematical operation, ensuring that even with today's most powerful supercomputers, retrieving $k$ from $K$ is an impossible task.

BIP-39 Standard: Converting Entropy to Human Language

In the early era of cryptocurrency, users had to back up private keys as dry hexa character strings, a laborious process risk. To improve the experience, the BIP-39 standard was introduced to make recovery phrases (mnemonic phrases) easier to remember.

Entropy Generation and Checksum Calculation Process

The actual modern wallet creation process begins with the generation of a sequence of random bits, called Entropy (ENT). The length of Entropy determines the security of the wallet, usually ranging from 128 bits to 256 bits. To prevent input errors, a checksum is calculated by hashing the original Entropy string through the SHA-256 algorithm.

For a 12-word wallet, the process follows these steps:

  1. Generate 128 random Entropy bits.

  2. Hash this Entropy using SHA-256 and take the first 4 bits as checksum.

  3. Attach the checksum to the end of the original Entropy string to form a 132-bit string.

  4. Divide this 132-bit string into 12 groups of 11 bits each.

Each group of 11 bits corresponds to an integer from 0 to 2047, used as an index to look up words in a list of 2048 standard English words. This list is recommended by Tan Phat Digital for users to note down carefully because it is the only way to recover assets.

PBKDF2 Key Derivation Function

The mnemonic phrase is not directly the wallet key but is the input to the PBKDF2 (Password-Based Key Derivation Function 2) function:

  • Use the mnemonic phrase as the "password password".

  • Uses a fixed salt string "mnemonic" combined with an optional additional password (13th or 25th word).

  • Performs 2048 HMAC-SHA512 hash loops to produce a 512-bit Binary Seed.

Hierarchical Identity Wallets (HD Wallets) and BIP-32/BIP-44 Standards

Managing multiple independent private keys for each transaction is a burden. The solution is the Hierarchical Identity Wallets (HD Wallets) architecture, which allows a single root seed to generate an infinite tree of key pairs.

Chain Code and Subkey Derivation Mechanism

In the BIP-32 model, each key comes with a 32-byte component called the Chain Code. The derivation process has two modes:

  • Normal Derivation: Allows the creation of child public keys from the parent public key, suitable for "watch-only" wallets.

  • Hard Derivation: Creates strong security boundaries. If a child private key is exposed, an attacker cannot deduce the parent private key.

BIP-44 Path Structure

The BIP-44 standard establishes a common convention for derivation paths in the format: m / purpose' / coin_type' / account' / change / address_index. Details of the components are as follows:

  • m: Represents the Master Key.

  • purpose': Always the value 44 to specify compliance with BIP-44 standards.

  • coin_type': Cryptocurrency type (e.g. 0' for Bitcoin, 60' for Ethereum).

  • account': Logical account to separate funds (0, 1, 2...).

  • change: Value 0 for receiving address, 1 for change address.

  • address_index: Incremental address index to create a new address for each transaction.

Process Lead Export Wallet Address: Bitcoin vs. Ethereum

After the public key is generated, each blockchain applies different hashing algorithms to generate the wallet address that users see.

  • Bitcoin (Legacy P2PKH):The public key is hashed to SHA-256, then hashed to RIPEMD-160 (called Hash160). The system adds version bytes, calculates the checksum by hashing SHA-256 twice, and finally Base58 encoding to remove easily confused characters such as 0, O, I, l.

  • Ethereum: Uses the Keccak-256 algorithm to hash the 64-byte public key. The address is taken from the last 20 bytes of the hash result and represented as a 40-character hexa string starting with 0x. Ethereum also applies the EIP-55 standard (mixed capital/lower case) to support data entry error checking.

Wallet Classification and Storage Model: Custodial vs. Non-custodial

At Tan Phat Digital, we often emphasize the difference between trust wallets and self-managed wallets so that users can make the most suitable choice:

Custodial Wallet (Trust Wallet)

  • Control: Third party (exchange) holds the private key.

  • Requirements KYC: Identity verification is usually required.

  • Recovery capabilities: Through customer support if password is lost.

  • Risks: Depends entirely on the security and reputation of the exchange.

Non-custodial wallets (Self-managed wallets) management)

  • Control: User directly holds private key and recovery phrase.

  • KYC required: Usually not necessary, ensures privacy.

  • Recoverability: Only via recovery phrase (if lost, assets are lost).

  • Risk risk: Due to user negligence or malicious code attacking personal devices.

Hardware Wallets and Offline Signing Mechanisms

Hardware wallets like Ledger or Trezor represent the pinnacle of personal security by isolating private keys from the internet environment. They use Secure Element (SE) chips that are resistant to physical interference and sophisticated attacks. The transaction signing process typically uses the PSBT (BIP-174) format, which allows the device to sign transactions inside the security chip without ever exposing the key to the computer.

Multi-party Security Solutions: Multi-sig and MPC

To eliminate the "single point of weakness", organizations often use Multi-sig or MPC. Below is a detailed comparison between these two technologies:

Multi-signature solution

  • Mechanism: Requires multiple independent signatures recorded directly on the blockchain.

  • Transaction fees: High, due to large data capacity and need for multiple on-chain authentication.

  • Privacy: Low, because everyone sees the number and identity of signers.

  • Compatibility: Needs specific support from each blockchain network.

MPC (Multi-Party Computation) Solution

  • Mechanism: The private key is broken down into shares (shares) and signed off-chain. A unique signature is created without ever needing to recover the full key.

  • Transaction fees: Low, equivalent to a typical single transaction.

  • Privacy: High, does not expose the fund management structure on the blockchain.

  • Compatibility: Works on any blockchain without changing transactions knowledge.

Brute-force and Cryptographic Probability

Many customers of Tan Phat Digital wonder about the possibility of having their wallets cracked. With a 12-word wallet, the number of combinations is $5.4 \times 10^{39}$, while a 24-word wallet is up to $2.9 \times 10^{75}$. These are huge numbers that make guessing impossible even with the most powerful computer systems billions of years from now. The actual risk often comes from human error or insecure recovery phrase storage.

Steel Wallets Backup Strategy

Storing recovery phrases on paper is susceptible to damage by fire or flood. Steel backup solutions are sustainable alternatives:

  • Billfodl: Uses 316 stainless steel, letter brick sliding mechanism, heat resistant up to 1200°C.

  • Cryptosteel Cassette: Uses 304 steel, embossed brick stacking mechanism, equivalent heat resistance 1200°C.

  • Cryptotag Zeus: Aerospace-grade Titanium material, permanent punching mechanism, extreme heat resistance up to 1600°C.

  • Blockplate: Stainless steel, manual engraving or punching mechanism, high durability against physical impacts.

Future Outlook lai

The process of creating a blockchain wallet is a delicate combination of mathematics and computer security. From random entropy initialization to derivation of complex key layers, every step is towards the goal of giving absolute control of assets to users. In the future, with the development of Account Abstraction (ERC-4337) and modern MPC wallets, the barrier of seed phrase management will gradually be removed, providing a smoother Web3 experience. Tan Phat Digital believes that understanding the operating mechanism of a wallet is not only technical knowledge, but also an important preparation step to protect your digital prosperity in a sustainable way.

Share

Comments

0.0 / 5(0 ratings)

Please login to leave a comment.

No comments yet. Be the first to share your thoughts.

Related Posts

Why doesn't running Node help you make money as easily as advertised? | Tan Phat Digital
blockchain2/27/2026

Why doesn't running Node help you make money as easily as advertised? | Tan Phat Digital

Does Blockchain help increase customer trust | Tan Phat Digital
blockchain2/27/2026

Does Blockchain help increase customer trust | Tan Phat Digital

Enterprise Blockchain Deployment 2026: Starting Point & Roadmap for Implementation
blockchain2/27/2026

Enterprise Blockchain Deployment 2026: Starting Point & Roadmap for Implementation

Does Blockchain really prevent internal fraud? | Tan Phat Digital
blockchain2/26/2026

Does Blockchain really prevent internal fraud? | Tan Phat Digital

Integrating Blockchain into the application | Tan Phat Digital
blockchain2/26/2026

Integrating Blockchain into the application | Tan Phat Digital

Can Blockchain replace ERP systems? | Tan Phat Digital
blockchain2/26/2026

Can Blockchain replace ERP systems? | Tan Phat Digital

Blockchain Vietnam 2026: Potential, Challenges and Roadmap for Sustainable Development
blockchain2/25/2026

Blockchain Vietnam 2026: Potential, Challenges and Roadmap for Sustainable Development

Build Your Own or Ready-to-Use Blockchain? Infrastructure Strategy 2026 - Tan Phat Digital
blockchain2/25/2026

Build Your Own or Ready-to-Use Blockchain? Infrastructure Strategy 2026 - Tan Phat Digital