There are many components of a bitcoin wallet, and it's easy to get the terms confused. Seed phrases, private keys, extended public keys (xpubs), child public keys, addresses... how do they all fit together? In this thread, I break down the anatomy of a bitcoin wallet! 🧵⬇️

First, it's helpful to review how a bitcoin wallet can be conceptualized. They don't hold bitcoin. One way to think about a wallet is that it's a collection of addresses controlled by the same keys in the same way.

So what's the difference between keys and addresses? What gets created first? What information is sensitive and important to keep secret? What information can be shared with others?

Let's walk through the components, and the chronology of how they come into existence.

Creating a bitcoin wallet begins with entropy. Think of this as selecting a large number in a random and unpredictable way, so that there is no realistic chance of someone else guessing it.

This number will be the secret that ultimately controls your bitcoin. Entropy can be generated by flipping a coin or rolling dice a large number of times. But to help prevent mistakes, a common method is to use a hardware wallet. These tools are designed to safely generate entropy.

You'll want to keep a record of your entropy, so that you don't lose the information that controls your bitcoin.

Instead of writing down a very large number, where it would be easy to have a typo, there is a standardized method to convert the number into words.

This is what a hardware wallet will show you, a list of words (typically 12 or 24) called a seed phrase. With additional resistance to typos, the words can be written down physically, to protect the information from electronic malfunction. Learn more:

A seed phrase can once again be converted to numerical data called a seed.

The seed is an intermediary to produce the final format of the information, a master private key, which can ultimately be used to approve transactions spending bitcoin.

Although technically different, each piece I've covered so far (entropy, seed phrase, seed, master private key) is closely related, representing similar information.

They are all extremely sensitive, because if someone got one of these items, they could steal your funds.

Your master private key can derive a hierarchy of other keys. The next term you should know is an extended public key, or xpub.

Your master private key can make many xpubs. They are the main ingredients to build a wallet.

This means one master private key can be involved with many different wallets.

One xpub is enough to create one singlesig wallet.

Creating a typical multisig wallet involves combining multiple xpubs, each one coming from a different master private key.

Xpubs are not as sensitive as the previous components discussed, because they don't represent private keys, and can't be used to spend funds.

However, if someone else gets your xpub information, they could learn about the balances in your wallet, across all its addresses.

Hardware wallets are designed to keep private keys locked down and protected, but they are also built to export the xpub to a laptop or phone.

This will allow your wallet software to connect to the internet and the blockchain, scanning it to find your balances.

An xpub can produce child public keys. These are the main ingredients to build addresses for the wallet.

An address to a singlesig wallet can be produced with just 1 child public key.

An address to a multisig wallet needs 1 child public key from each xpub. Child public keys are even less sensitive than xpubs, because by default they don't reveal balance information about the entire wallet, just individual addresses.

They are rarely seen by the end user. Instead, users most often see the xpub, and the addresses produced.

An address is what you share with other people to receive bitcoin. They are built with child public keys, and have some protections built into them to prevent typos. You can learn a bunch more about addresses here:

That was the last component to cover!

The following diagram provides basic imagery to show how a master private key is used for a singlesig wallet. It creates an xpub, which in turn creates child public keys and addresses for the wallet.

And this next diagram demonstrates how 3 master private keys create the addresses to a 2-of-3 multisig wallet.

Each master private key contributes an xpub to the wallet. By grabbing one child public key from each xpub, and including the 2-of-3 rule, wallet addresses are built.