Technical Glossary
A software application or hardware device that securely stores digital assets including cryptocurrencies, verifiable credentials, digital identity documents, and payment instruments. Digital wallets provide user interfaces for managing keys, initiating transactions, and presenting credentials to relying parties. They may operate as custodial services managed by third parties or non-custodial solutions where users retain full control of their private keys. Interoperability standards from W3C, ISO, and the OpenID Foundation are establishing common interfaces for wallet-to-wallet and wallet-to-verifier communication.
The set of processes and technologies for generating, protecting, using, and disposing of cryptographic private keys that control access to digital wallet assets and identity credentials. Private key management must ensure keys are never exposed in plaintext outside secure boundaries while remaining available for authorized signing operations. Implementation approaches range from software keystores and encrypted vaults to hardware security modules and secure enclaves. NIST SP 800-57 and FIPS 140-3 provide the authoritative frameworks for cryptographic key management practices.
A sequence of words, typically 12 or 24, generated from a cryptographic entropy source that serves as the master backup for all private keys derived within a hierarchical deterministic wallet. Seed phrases follow the BIP-39 standard which maps random entropy to a human-readable mnemonic using a predefined wordlist, enabling wallet recovery from the seed alone. Users must store seed phrases securely offline, as anyone possessing the phrase gains complete control over all associated wallet accounts and assets. The deterministic derivation path from seed to keys is standardized through BIP-32 and BIP-44 specifications.
A digital wallet configuration that requires multiple independent cryptographic signatures to authorize a transaction, providing enhanced security through distributed approval authority. Multi-signature schemes define threshold requirements such as two-of-three or three-of-five signing policies that prevent any single key compromise from resulting in unauthorized asset transfers. These wallets are widely used by organizations, DAOs, and high-value individual holders to implement governance controls and reduce single points of failure. Smart contract-based multi-sig implementations on Ethereum and similar platforms extend programmable access control capabilities.
A purpose-built physical device that stores cryptocurrency private keys in a secure element and signs transactions offline, isolating key material from internet-connected environments. Hardware wallets generate and protect keys within tamper-resistant chips, requiring physical button confirmation for transaction authorization to prevent remote unauthorized access. They support multiple blockchain networks and provide firmware update mechanisms with cryptographic verification to maintain security over time. The devices implement standards including BIP-32, BIP-39, and BIP-44 for hierarchical deterministic key derivation and recovery.
An open communication protocol that establishes secure, encrypted connections between decentralized applications and digital wallets through QR code scanning or deep linking mechanisms. WalletConnect enables users to interact with dApps from desktop browsers while signing transactions on their mobile wallet, maintaining key isolation from the application environment. The protocol uses end-to-end encrypted relay servers to facilitate message passing between the dApp and wallet without exposing private keys. Version 2.0 of the protocol introduces session management, multi-chain support, and improved pairing efficiency.
The cryptographic operation of applying a digital signature to a blockchain transaction using the wallet's private key, authorizing the transfer of assets or execution of smart contract functions. Transaction signing involves constructing the transaction payload, computing its hash, and generating an ECDSA or EdDSA signature that proves the signer's authorization without revealing the private key. Wallets display transaction details for user review before signing to prevent blind signing attacks and unauthorized operations. Standards such as EIP-712 for typed structured data signing improve the readability and security of the signing process.
The wallet functionality that calculates and recommends the appropriate transaction fee required for timely inclusion of a blockchain transaction by network validators or miners. Gas estimation algorithms analyze current network congestion, historical fee data, and transaction complexity to provide users with fee options balancing cost against confirmation speed. Accurate estimation prevents transaction failures from insufficient gas while avoiding unnecessary overpayment during low-congestion periods. EIP-1559 introduced a base fee mechanism on Ethereum that improved fee predictability and wallet estimation accuracy.
A blockchain architecture pattern that transforms user accounts from externally owned accounts controlled by private keys into programmable smart contract accounts with customizable validation and execution logic. Account abstraction enables wallets to implement features such as social recovery, gas sponsorship, transaction batching, and multi-factor authentication without protocol-level changes. ERC-4337 standardizes account abstraction on Ethereum through a system of bundlers, paymasters, and entry point contracts. This approach significantly improves wallet usability by removing the requirement for users to manage raw private keys or hold native tokens for gas.
A specification defining the interface, behavior, and metadata structure for digital tokens on a blockchain platform, enabling interoperability between wallets, exchanges, and decentralized applications. Token standards such as ERC-20 for fungible tokens and ERC-721 for non-fungible tokens establish common function signatures for transfer, approval, and balance queries. Wallets must implement support for multiple token standards to display balances, facilitate transfers, and render token metadata correctly. The Ethereum Improvement Proposal process governs the development and adoption of new token standards within the ecosystem.
A systematic evaluation of a digital wallet's codebase, cryptographic implementations, key management practices, and network communication to identify vulnerabilities and verify security controls. Security audits assess threats including key extraction, transaction manipulation, phishing susceptibility, and side-channel attacks against the wallet's secure element or software stack. Professional audit firms review smart contract logic, dependency supply chains, and firmware integrity as part of comprehensive wallet security assessments. NIST Cybersecurity Framework and OWASP testing guidelines provide structured methodologies for conducting thorough wallet security evaluations.
The encoding scheme that converts a public key or script hash into a human-readable string used to receive digital assets on a specific blockchain network. Address formats vary across networks, with Bitcoin using Base58Check and Bech32 encodings while Ethereum uses hexadecimal checksummed addresses defined by EIP-55. Wallets must validate address formats, detect network mismatches, and support address book functionality to prevent asset loss from incorrect address entry. Checksum mechanisms built into address formats provide error detection for common transcription mistakes.
The wallet capability of connecting to and interacting with blockchain-based decentralized applications through standardized provider APIs and communication protocols. dApp integration enables wallets to inject Web3 provider objects, process RPC requests, display transaction approval interfaces, and manage application-specific session permissions. Wallet providers implement EIP-1193 for Ethereum provider APIs and chain-specific equivalents for other networks to ensure consistent dApp connectivity. Browser extension wallets, mobile wallets, and hardware wallets each implement distinct integration patterns optimized for their platform capabilities.
Security mechanisms within digital wallets designed to detect and prevent fraudulent attempts to steal private keys, seed phrases, or transaction approvals through deceptive interfaces and social engineering. Wallet phishing protection includes domain verification, transaction simulation, approval amount warnings, contract interaction analysis, and blocklist checking against known malicious addresses and URLs. Advanced wallets display human-readable transaction interpretations to help users understand what they are approving before signing. The APWG and NIST provide frameworks for phishing threat classification and countermeasure evaluation applicable to wallet security.
Infrastructure that enables the transfer of digital assets and data between different blockchain networks by locking tokens on the source chain and minting equivalent representations on the destination chain. Cross-chain bridges employ various trust models including multi-signature committees, optimistic verification with fraud proofs, and zero-knowledge proof validation to secure inter-chain transfers. Wallet integration with bridge protocols allows users to move assets across ecosystems without leaving their wallet interface. Bridge security remains a critical concern, as multiple high-profile exploits have demonstrated the risks of centralized bridge architectures and smart contract vulnerabilities.