Blog

Mental model behind web3 wallets

You're probably familiar with web3 wallets. These are usually browser extensions that allow you to store your private keys and interact with blockchains. Some examples of popular wallets are:

  • MetaMask
  • Phantom
  • Rainbow
  • Ledger

These wallets look different but internally they are all very similar. There are really just 2 core functionalities of every wallet:

  1. Storage of private keys
  1. Interaction with a blockchain

There are 2 types of wallets: software and hardware wallets. We will start by breaking down the mental model behind software wallets. Specifically, we will study MetaMask. Other software wallets like Phantom and Rainbow are very similar under the hood. After that, we will take a look at hardware wallets and see how they differ from software wallets. Let's go!

Software Wallets - MetaMask

Here is the mental model behind MetaMask. We are going to break it down bit by bit.

HD wallets

The first component we will start with is the HD wallet functionality which is this little piece:

HD wallet means - Hierarchical Deterministic wallet. In this type of wallet, all accounts are generated programmatically from a single seed. This seed is usually a combination of 12 words, also called the seed phrase, secret recovery phrase, and a mnemonic.

HD wallets use an algorithm to generate all accounts (private keys and addresses) from a single seed.

  • The algorithm is "hierarchical" because there is a hierarchy - seed is the parent, then account1 is the first child, then account2 is the child of the seed and account1, etc.
  • The algorithm is "deterministic" because the same seed always results in the same sequence of generated accounts. ("deterministic" is the opposite of "random")

In MetaMask, the seed is called the "Secret recovery phrase":

and when you click "Create Account", a new account (account4) is generated from the seed and account3 using the HD algorithm.

There is no limit to how many accounts can be generated from a single seed.

The beauty of HD wallets is that you only need one seed phrase to generate all your private keys and addresses. HD wallets were introduced in BIP-32 by the Bitcoin community as an improvement to Bitcoin wallets (BIP is Bitcoin Improvement Proposal). Before this improvement, people had to write down all their private keys and addresses one by one which was cumbersome and error-prone. HD wallets made it much easier to store and manage all your accounts using just one single seed phrase.

HD wallets also increase your security. You can generate a few accounts, use one account for every day/small transactions, and use another for storage of big amounts which you rarely touch.

Storage of accounts

The next component in the mental model is the storage of accounts. It's this little piece:

MetaMask stores everything on the local storage of your computer. It never syncs to a server. Everything is kept locally.

You only need to store the seed. All accounts can be generated from it using the HD algorithm. You can just call a function like generateAccount(seed, position) and it will always output the same account at the given position. So, account1 will always be generated from position=1, account2 from position=2, and so forth.

However, MetaMask does not store the raw seed. That would be too dangerous. If someone gets access to your computer, they will just be able to read your seed and steal all your funds. So MetaMask encrypts your seed and stores the encrypted version. It encrypts your seed using a password that you set up when you installed MetaMask initially.

This is why the password is needed - to encrypt your seed and store the encrypted seed locally. The password is not used to back up your accounts on the MetaMask server (This is what I initially thought the password was for). Your accounts never leave your computer.

That is it for the storage component of MetaMask. So far, we have covered these components in the MetaMask mental model:

Interaction with a blockchain

MetaMask also allows you to interact with the Ethereum blockchain. It does so by connecting to Infura. Infura is a blockchain-as-a-service provider. It allows you to connect to a blockchain via an HTTP API. You can query your balance, submit transactions, etc.

For example, to display your balance, MetaMask uses the getBalance endpoint of Infura API and queries the balance of your account:

To send a transaction, MetaMask uses the sendTransaction endpoint to send a (locally) signed transaction to the Ethereum blockchain:

Authentication into dApps

Everyone hates passwords, right? Another useful functionality of MetaMask: it allows you to sign-in to dApps using your MetaMask wallet. The accounts stored in MetaMask act as your identity/authentication. dApps can know who you are by reading your address and can submit transactions on your behalf (with your consent, of course). MetaMask essentially allows dApps to connect to the blockchain from your name and do pretty much anything that Infura provides (get balance, send transaction, sign arbitrary message, etc).

The way it usually works is that a dApp, like Bored Ape Yacht Club (BAYC), has a "Connect to MetaMask" button on their website. When you click on it, the website triggers a popup from MetaMask. MetaMask asks if you want to allow BAYC access to your account. If you allow, then MetaMask allows the website to request various information about your accounts. Then, BAYC can know if you own an Ape, for example.

Summary

This pretty much covers the entire mental model of MetaMask:

It's just a browser extension but there is a lot happening behind the scenes of this little extension.

Check your understanding of MetaMask

1. What does MetaMask store in its database?

2. Which of the following functionalities can be implemented locally (without connecting to a blockchain)?

3. Does MetaMask have a backend?

4. Some wallets, like Phantom, also allow you to manage your Collectibles (like NFTs) through the wallet. How would such functionality be implemented?

Hardware Wallets - Ledger

Now, we will break down the mental model behind hardware wallets like Ledger. These hardware wallets generally look like a USB drive. You can send transactions from a hardware wallet by plugging it into a laptop.

The hardware wallet will be illustrated as this dark rectangle.

A hardware wallet also has the same seed phrase, protection by a password, and generation of accounts as in software wallets:

Now, accounts consist of 2 things: private key and address:

(accounts in software wallets also consisted of the private key and address. I just never mentioned it because there was no need)

Hardware wallets differ from software wallets by not exposing the private key to the outside world. It always stays physically isolated from your laptop. There is literally no connection from the private key to your laptop in the electronic circuit of a hardware wallet. This adds more security because your laptop might be infected with malware and your laptop is always connected to the internet which adds more attack vectors.

The address however needs to be exposed to the outside world. For example, to check the balance of your account. But, it's safe to expose the address because there is no way to infer the private key from the address.

How can we send transactions though? We need the private key for signing transactions so it needs to be exposed anyway, right? No, because the only thing we need to extract from the hardware wallet is the signed transaction. The signing process itself can happen totally within the wallet.

Summary

And this pretty much completes the mental model of a hardware wallet and web3 wallets in general. To summarize, a wallet's main functionality is to:

  • store the seed phrase and generate your accounts from it
  • interact with a blockchain to show you your balance and to send transactions

Software wallets like MetaMask and Rainbow also allow you to swap tokens (essentially, built-in Uniswap) and manage your NFTs.

Wallets could do much more in theory. For example:

  • They could upload your smart contract to the Ethereum network by signing the smart contract with your private key and then uploading it.
  • They could let you explore blocks in the blockchain (basically the functionality of etherscan.io built-in).
  • Monitor for transactions or let you "follow" accounts, i.e. subscribe to updates from certain addresses. This will make wallets kinda like a social network built on top of the blockchain.
  • Search for information in the blockchain, i.e. be the Google of blockchains.

Hit me up on Twitter if you come up with more interesting functionalities of wallets.

What did you think of this article? Let me know on Twitter.