Things to Know Before You Select A Crypto Wallet
Software Engineer - 20 September 2021 -
Software Engineer - 20 September 2021 -
For quite a long time, we have been using physical wallets to carry our identity cards, money in the form of gold, silver, and other metal coins, and fiat paper currencies. We are also carrying plastic money in our wallets. But now digital modes are gaining traction. Banks and other financial institutions have started offering digital wallets to ease peer-to-peer transactions, bill payments, and money transactions. A detailed look into this system reveals that digital wallets are changing human behavior when it comes to moving money and assets smartly. The wallets we use are basically a vendor-defined identity mechanism that enables us to maintain our cash and assets. This has eased and secured our access to valuable assets.
Crypto wallets do the same thing. It helps us to identify ourselves in the blockchain world and maintain our digital assets like coins, NFTs, etc. We have been developing blockchain networks and applications here at Talentica for the past few years and have gained significant market understanding through our research works and hands-on experience. You can know in detail about the blockchain framework in our blog, Simple Blockchain Framework: An Introduction to Block & Transaction Structure – Talentica.
The blockchain ecosystem is inadequate without a crypto wallet. Let’s know in detail about the crypto wallet.
A crypto wallet is a type of wallet that holds our identity and information that we can use to connect with decentralized applications or assets. To interact with blockchain networks, DApps or cryptocurrencies, we need to have a crypto wallet. Its software runs each time you interact with the blockchain application. This interaction enables receiving or sending a coin, updating or fetching an NFT asset, etc.
Types Of Crypto Wallets
There are mainly two different categories of crypto wallets. The first one is “cold wallet,” and the second one is “hot wallet.”
The cold wallet is a type of wallet that doesn’t share connection with the internet. This wallet is a hardware device that contains our identity and other network connection details in it. To interact with the wallet, we need to connect this device with the application. The details present inside the hardware device never leave it. If you want to make a transaction, create the transaction and then pass it to the wallet. The wallet will return the signed transaction. This method is the most secure form of crypto wallet implementation. But at the same time, it is costly, has low user experience, and needs secured device with high safety procedures.
The hot wallet refers to the wallet category connected to the internet. This wallet is a software code that contains our identity and other network connection details. While interacting with the application, we run this piece of code. The software wallet can be developed in many ways to support blockchain applications. The most common implementations of the hot wallets are “the custodian wallet” and “the non-custodian wallet.” Hot wallets can be used via different ways, such as the web browser, the desktop client, and the mobile client.
Hot wallets have their pros and cons over cold wallets. Since hot wallets are connected to the internet, they are more vulnerable to hacks than cold wallets. On the other side, hot wallets are easy to access and more user-friendly than cold wallets.
Now, we will dive deep into the hot wallet. As we saw earlier, hot wallets can be built in different ways, such as custodial and non-custodial wallets. So, let’s understand them in detail.
A custodial wallet is a type of crypto wallet where the vendor keeps the private keys. Here, the third party has complete control over the private keys. They will give users the right to transact on the application, but they are transacting on the user’s behalf.
In the custodial wallet, the private key is secured by the vendor. So, this wallet comes with a single point of failure. If any malicious hacker gets access to the application database, he/she could get access to information of every single user. This wallet implementation is highly prone to attack by malicious groups. The vendor will maintain the mapping between the private key and the belongings of the end-user in this implementation. In this way, each action can be linked back to the user. The users get some login credentials in a general standard format to access the application. Even if the end-user lost its app login credentials, the vendor provides them with recovery functionality. The end-user does not have to maintain high-security measures for their credentials. Thus, it is a better user experience with less freedom over the data.
The custodial wallet is appropriate for crypto exchange like use-cases. In this way, they are giving a better user experience and earning brokerage on each transaction. Also, at the same time, they are retaining the users since they are holding their wallet key pair.
A non-custodial wallet is a type of wallet where the end-user holds the private key. The third-party has no control over the user’s identity. They cannot restrict the user’s actions and cannot transact on behalf of the user. Users are solely responsible for all sorts of security measures for the private key, such as storing it with safety, not sharing it with anyone else, etc.
Now, to make any malicious transaction, the malicious hacker needs to attack the user itself. There is no single point of failure. This makes it a more secure implementation than the custodian wallet. Users can do transactions anonymously since they own the private-public key, and their real-world identity is not linked with the public key. They are not dependent on the application to make transactions. This freedom comes with great responsibility. Assume that the end-user forgets the private key. Since the vendor has no control over the private keys, they cannot help the end-user recover their private key. Losing the private key means losing all of your assets.
The non-custodial wallet is the proper form of decentralized application. This form of wallet is supported by almost every application. MetaMask, Bitski, WalletConnect, Fortmatic are examples of live non-custodial wallets.
Some applications do support non-custodial wallets or identity management. But having said that, they do want to know who the owner of the public key is. Most of the time, the reason behind this requirement is their use case. For example, they are working in the supply chain management domain. Then, they would require the transactor’s real-world identity, the transactor’s role or designation in the organization, etc.
The developers can use a digital certificate to bind the user information to the public key. An X.509 is a standard format of a public key certificate. This public-key certificate binds the public key with the real-world user identity. A user can make N number of identities, but all identities are linked back to the user via certificates. These certificates build trust and ownership using a chain of digital certificates. These signing certificates are publicly well-known trusted third parties. Their root certificate is a self-signed identity. It is beneficial to use cases where we need to build an audit system with the DApps.
A typical pattern has emerged across blockchain-based enterprises. In general, enterprises adopt consortium-based private blockchain networks to improve security and hide the data from the public domain. During the early stages of development, enterprises create a custodial wallet in their ecosystem. After that, gradually make a transition to non-custodial hot wallets. This process also aids them in gaining a better understanding of the end-user preferences, which they can then use to develop the preferred wallet functionality over time.
Each wallet type provides a different level of security and freedom to application development and the end-user experience. Selecting one specific wallet type for an application depends on the app use case. Since each wallet directly impacts the end-user, we need to consider their point of view while selecting the specific crypto wallet implementation.
In my next blog, I will talk about the custodial wallet’s implementation details. Till then, stay connected and stay safe!