Wallet (Cryptocurrency)

What Is a Cryptocurrency Wallet?

A cryptocurrency wallet is a tool (software, hardware, or a combination) that manages the cryptographic keys required to send, receive, and control digital assets on a blockchain. Despite the name, a wallet never holds coins or tokens directly. Assets always live on the blockchain ledger itself. The wallet simply stores the private key that proves you own a particular address and authorizes transactions from it.

This distinction matters: if you lose access to your private key, no company or support team can recover your funds. Conversely, anyone who obtains your private key can spend everything associated with it. The crypto principle "not your keys, not your coins" captures this idea. Understanding how wallets work is the first step toward self-custody and secure participation in the Bitcoin ecosystem.

How It Works

At the core of every wallet is a digital signature scheme built on elliptic curve cryptography. The wallet generates a private key (a large random number), derives a corresponding public key, and then hashes that public key to produce a wallet address. When you send a transaction, the wallet signs it with your private key. Network nodes verify the signature using your public key without ever seeing the private key itself.

1. Generate entropy (randomness) and create a seed phrase per the BIP-39 standard
2. Derive a master key from the seed using BIP-32 hierarchical deterministic key derivation
3. Follow a standardized derivation path (BIP-44, BIP-84, or BIP-86) to generate account keys and addresses
4. Use the private key to sign transactions, proving ownership to the network

Seed Phrases and Key Derivation

Most modern wallets are hierarchical deterministic (HD) wallets. They derive all keys from a single master seed, which is encoded as a 12- or 24-word seed phrase. This means backing up one phrase protects every address the wallet will ever generate.

The derivation path determines which keys to generate. For Bitcoin, common paths include:

m/44'/0'/0'  : BIP-44 (Legacy P2PKH addresses)
m/84'/0'/0'  : BIP-84 (Native SegWit P2WPKH addresses)
m/86'/0'/0'  : BIP-86 (Taproot P2TR addresses)

Each level in the path serves a purpose: purpose' identifies the address format, coin_type' identifies the blockchain (0 for Bitcoin), and account' separates independent accounts under the same seed. The apostrophe denotes hardened derivation, which prevents a leaked child key from compromising sibling keys.

Address Generation

Wallet addresses are derived from public keys through hashing. Bitcoin supports multiple address types: P2PKH (legacy, starting with 1), P2WPKH (native SegWit, starting with bc1q), and P2TR (Taproot, starting with bc1p). Each successive format improves efficiency, privacy, or programmability.

Types of Wallets

Hot Wallets

A hot wallet is any wallet connected to the internet. This category includes desktop applications, mobile apps, browser extensions, and web-based interfaces. Hot wallets are convenient for everyday transactions because they can broadcast signed transactions immediately. The tradeoff: internet connectivity exposes private keys to potential attack vectors such as malware, phishing, and SIM-swap attacks.

Cold Wallets

Cold wallets store private keys entirely offline. Hardware wallets (dedicated signing devices from manufacturers like Ledger and Trezor) are the most common form. They sign transactions internally and never expose the private key to an internet-connected device. Air-gapped wallets go further, using QR codes or microSD cards to transfer unsigned transactions without any electronic connection.

Custodial vs. Non-Custodial

The most consequential distinction is who holds the keys. With a custodial wallet (typically provided by exchanges), a third party generates and stores your private keys. You trust them to secure the funds and process withdrawals. With a non-custodial (self-custodial) wallet, you alone control the keys. No company can freeze your funds, but no support team can recover them if you lose your seed phrase.

Wallet Architectures

Single-Key Wallets

The simplest architecture: one private key controls all funds. Most personal wallets use this model. It is straightforward to implement and use, but creates a single point of failure. If the key is compromised or lost, all associated funds are at risk.

Multisig Wallets

Multisig wallets require multiple independent keys to authorize a transaction: for example, 2 of 3 keyholders must sign. This eliminates single points of failure and is widely used for institutional custody, joint accounts, and organizational treasuries. The tradeoff is that multisig transactions are visible on-chain (revealing the signing policy) and incur higher fees due to larger transaction sizes.

MPC Wallets

Multi-party computation (MPC) wallets distribute key material across multiple parties who jointly compute signatures without ever assembling the full private key in one place. The resulting signature looks identical to a standard single-key signature on the blockchain, improving both privacy and fee efficiency compared to multisig. MPC is increasingly adopted by institutional custodians for its flexibility in resharing key material without moving funds.

Threshold Signatures (FROST)

FROST (Flexible Round-Optimized Schnorr Threshold signatures) brings threshold signing to Schnorr-based systems like Bitcoin's Taproot. A group of n participants generates key shares such that any t of them can produce a valid signature, but fewer than t cannot. FROST completes in fewer communication rounds than earlier threshold schemes, making it practical for both institutional custody and protocol-level applications like Spark's Bitcoin Layer 2.

Use Cases

• Daily payments: hot wallets on mobile devices enable quick point-of-sale and peer-to-peer Bitcoin transactions, including Lightning Network payments
• Long-term storage: cold wallets and multisig setups protect savings from online threats, following the principle of minimizing hot wallet balances
• Institutional custody: enterprises combine HSMs, MPC, and geographic key distribution to meet regulatory and security requirements
• Developer integration: embedded wallets and wallet SDKs let applications offer self-custodial functionality without requiring users to manage keys directly
• Stablecoin management: wallets handle Bitcoin-native stablecoins like USDB alongside BTC, enabling dollar-denominated payments on Bitcoin rails

Why It Matters

Wallets are the primary interface between users and the blockchain. The quality of wallet software directly determines the security of funds, the smoothness of the user experience, and the practical accessibility of cryptocurrency. As the ecosystem has matured, wallet technology has moved from raw key files to seed-phrase-backed HD wallets, and now toward SDK-driven embedded wallets that abstract complexity entirely.

Spark's Wallet SDK takes this approach: developers integrate self-custodial Bitcoin and stablecoin functionality into their apps through a TypeScript or React Native package. Users get instant transfers, Lightning connectivity, and token management without needing to understand derivation paths or UTXO mechanics. For a deeper comparison of self-custodial versus custodial approaches, see the self-custodial vs. custodial wallets research article.

Risks and Considerations

Key Loss

The most common way people lose cryptocurrency is by losing access to their private keys or seed phrase. Unlike a bank account, there is no password reset. Secure backup strategies (metal seed plates, geographic distribution, multisig recovery schemes, or social recovery) are essential for anyone holding meaningful value in a self-custodial wallet.

Theft and Compromise

Hot wallets face attack surfaces including malware, clipboard hijacking (swapping copied addresses), phishing sites mimicking wallet interfaces, and supply chain attacks on wallet software. Hardware wallets mitigate most remote attacks, but physical theft or wrench attacks (physical coercion) remain risks. Using a BIP-39 passphrase adds an extra layer that protects against casual physical access.

Custodial Risk

Custodial wallets introduce counterparty risk. Exchange insolvencies and hacks have resulted in billions of dollars in losses across the industry. Even well-run custodians may freeze accounts due to regulatory pressure, internal compliance flags, or operational errors. The tradeoff is explicit: custodial convenience comes at the cost of trust in a third party.

Complexity in Advanced Architectures

Multisig, MPC, and threshold wallets improve security but introduce coordination overhead. Key ceremonies, signer availability, and communication protocols add failure modes that single-key wallets avoid. Organizations adopting these architectures need clear operational procedures and redundancy planning.

This glossary entry is for informational purposes only and does not constitute financial or investment advice. Always do your own research before using any protocol or technology.