← Back to Projects

CryptoWebWallet

Completed πŸ“… July’24 - Sep’24
GitHub

A focused learning project that implements a minimal wallet for testnets/devnets to explore the cryptographic and blockchain principles behind how wallets, addresses and transactions work. Educational only β€” not for real funds.

Web3 Concepts Cryptography Wallet Mechanics Blockchain

Why this project β€” in plain words

Wallets are the user-facing layer of blockchains: they hold the keys, create transactions, and talk to the network. Building a wallet from scratch (for testnets) forces you to turn textbook ideas into real dataflows β€” seed phrases, keys, signatures, RPCs and transaction formats β€” so the abstractions stop being words and start being working pieces.

Core concepts I explain here (and why they exist)

Seed phrases & BIP39 β€” what they do and why

A seed phrase (12 or 24 words under the BIP39 standard) is a human-friendly representation of a large random number. Why words? Humans can copy and back up a short list more reliably than a long hex string. Behind the words is a deterministic binary seed β€” one seed that can deterministically produce every private key for a wallet. This is powerful because:

  • One backup (the mnemonic) recovers many addresses β€” convenient and safer for users.
  • The standard adds checks so accidental typos are less likely to produce a valid, different wallet.

Public / Private keys β€” why they are secure

Public-private key cryptography is asymmetric: a private key can create signatures, and the corresponding public key verifies them. The security comes from mathematical functions that are easy to compute in one direction (derive the public key or sign a message) but infeasible to invert (recover the private key from the public key). For modern blockchains, these functions use elliptic curves (for example Ed25519 or secp256k1) which are chosen because:

  • The operations are computationally cheap β€” good for wallets and nodes.
  • They have strong, well-studied hardness assumptions that make private-key recovery infeasible with current technology.

In practical terms: as long as a private key stays secret, nobody can create valid signatures that look like they came from you. That’s the heart of custody: whoever controls the private keys controls the assets.

Digital signatures β€” how they protect transactions

A signature proves two things: the signer had the private key, and the signed data (transaction) wasn't tampered with. Wallets sign the transaction hash locally with the private key; then any node can verify the signature with the public key. This guarantees authenticity (it came from a key-holder) and integrity (the contents are unchanged).

HD wallets & derivation paths β€” why deterministic wallets matter

HD (Hierarchical Deterministic) wallets use the seed to derive a tree of key pairs (BIP32/BIP44 are common standards). Instead of tracking many unrelated keys, a wallet can generate child keys for different accounts, coins, or purposes. The advantages:

  • Single backup (seed) restores every address deterministically.
  • Clear structure: you can separate coins, accounts, and change addresses with standardized paths.

Account-based vs UTXO models β€” design tradeoffs

Blockchains use different models for state and transactions:

  • Account-based (e.g., many smart-contract platforms): each address has a balance and you update state by sending transactions that modify those balances. This is intuitive and easy for smart contracts to interact with.
  • UTXO (used by Bitcoin): transactions consume unspent outputs and produce new outputs. This model naturally supports parallel verification, privacy patterns and simpler transaction validation rules.

Different models make different engineering trade-offs: account models are simpler for contracts; UTXO models are more flexible for privacy and concurrency.

Blockchain APIs & RPCs β€” how wallets talk to networks

Wallets use RPC endpoints to ask nodes for balances, broadcast signed transactions, and fetch history. RPCs are plain HTTP/JSON (or WebSocket) interfaces that expose node capabilities. The wallet stays light by delegating chain sync and heavy lifting to full nodes β€” but this requires trusting node responses (so many wallets validate critical data locally when possible).

Why networks differ (briefly comparing two common design choices)

Different chains make different choices about cryptography, transaction throughput, fee models and account semantics β€” those choices shape how wallets are built. For example, design decisions around signature schemes, smallest units (like lamports or wei), and confirmation strategies all affect UX, performance and safety.

Uses β€” what wallets enable

  • Manage keys and addresses for sending/receiving crypto
  • Sign transactions locally so private keys never leave the user device
  • Interact with smart contracts (approve, call functions) via signed messages
  • Support multiple chains or accounts from one seed using deterministic derivation
  • Provide UX features: address labeling, transaction history, and fee control

Practical lessons & safety notes

The strongest lessons were practical: seed phrases are powerful β€” one phrase recovers everything β€” so backup and secrecy are critical. Never reuse testnet keys for real funds; always assume code you build for learning needs security reviews before production.

Takeaways (short)

  • Cryptography gives the guarantees: authenticity, integrity, and non-repudiation.
  • Deterministic wallets trade convenience for the need to protect a single powerful secret.
  • Different blockchain architectures shape wallet design and UX.
  • Building a wallet is the best way to move from concepts to clear, testable implementations.

Note

This project is for learning only β€” all networks used were testnets/devnets. Never use these builds for real funds and always follow production-level security best practices.

View the repository
← Back to Projects