intro to wallets and mnemonic word diagrams

ch05.asciidoc

@@ -1,30 +1,28 @@
 [[ch05_wallets]]
 == Introduction
 
-We will see how bitcoin wallets store collections of keys controlling many bitcoin addresses. 
+The term _wallet_ is used differently by bitcoin developers than it is used by the general public. Broadly, a bitcoin wallet can mean any application used to interface with bitcoin, encompassing both key management and transaction signing. Among bitcoin developers, however, the term wallet has been used more narrowly to describe the data structure that holds keys. In this chapter, we will look at wallets in the context of key management. The next chapter will focus on transaction creation and signing. 
 
 === Wallets
 
-((("wallets", id="ix_ch04-asciidoc23", range="startofrange")))Wallets are containers for private keys, usually implemented as structured files or simple databases. 
-Another method for making keys is((("deterministic key generation"))) _deterministic key generation_. Here you derive each new private key, using a one-way hash function from a previous private key, linking them in a sequence. As long as you can re-create that sequence, you only need the first key (known as a _seed_ or _master_ key) to generate them all. In this section we will examine the different methods of key generation and the wallet structures that are built around them. 
+Bitcoin wallets contain keys, not coins. Wallets are really keychains containing pairs of private/public keys (see <<private_public_keys>>). 
 
-[TIP]
-====
-Bitcoin wallets contain keys, not coins. Each user has a wallet containing keys. Wallets are really keychains containing pairs of private/public keys (see <<private_public_keys>>). Users sign transactions with the keys, thereby proving they own the transaction outputs (their coins). The coins are stored on the blockchain in the form of transaction-ouputs (often noted as vout or txout).((("txout notation")))((("vout notation")))
-====
+There are two main types of wallets: deterministic and nondeterministic. Nondeterministic wallets consist of a collection of random keys, independently generated and unrelated to each other. Deterministic wallets, by comparison have a single _master key_ or _seed_ and derive all keys from that. Most modern wallets are deterministic. If you are implementing a wallet you should implement a deterministic wallet. Nondeterministic wallets are considered obsolete and are difficult to use, especially for non-technical users. 
+
+In this section we will examine the different methods of key generation and the wallet structures that are built around them. 
 
 [[random_wallet]]
 ==== Nondeterministic (Random) Wallets
 
-((("nondeterministic wallets")))((("random wallets")))((("Type-0 nondeterministic wallet")))((("wallets","nondeterministic")))((("wallets","random")))In the first bitcoin clients, wallets were simply collections of randomly generated private keys. This type of wallet is called a _Type-0 nondeterministic wallet_. For example, the((("Just a Bunch Of Keys (JBOK) wallets"))) Bitcoin Core client pregenerates 100 random private keys when first started and generates more keys as needed, using each key only once. This type of wallet is nicknamed "Just a Bunch Of Keys," or JBOK, and such wallets are being replaced with deterministic wallets because they are cumbersome to manage, back up, and import. ((("backups","of random wallets")))((("random wallets","backing up")))The disadvantage of random keys is that if you generate many of them you must keep copies of all of them, meaning that the wallet must be backed up frequently. Each key must be backed up, or the funds it controls are irrevocably lost if the wallet becomes inaccessible. This conflicts directly with the principle of avoiding address re-use, by using each bitcoin address for only one transaction. Address re-use reduces privacy by associating multiple transactions and addresses with each other. A Type-0 nondeterministic wallet is a poor choice of wallet, especially if you want to avoid address re-use because that means managing many keys, which creates the need for frequent backups. Although the Bitcoin Core client includes a Type-0 wallet, using this wallet is discouraged by developers of Bitcoin Core. <<Type0_wallet>> shows a nondeterministic wallet, containing a loose collection of random keys.
+((("nondeterministic wallets")))((("random wallets")))((("Type-0 nondeterministic wallet")))((("wallets","nondeterministic")))((("wallets","random")))In the first bitcoin clients, wallets were simply collections of randomly generated private keys. This type of wallet is called a _nondeterministic wallet_. For example, the((("Just a Bunch Of Keys (JBOK) wallets"))) Bitcoin Core client generates 100 random private keys when first started and generates more keys as needed, using each key only once. This type of wallet is nicknamed "Just a Bunch Of Keys," or JBOK, and such wallets are being replaced with deterministic wallets because they are cumbersome to manage, back up, and import. ((("backups","of random wallets")))((("random wallets","backing up")))The disadvantage of random keys is that if you generate many of them you must keep copies of all of them, meaning that the wallet must be backed up frequently. Each key must be backed up, or the funds it controls are irrevocably lost if the wallet becomes inaccessible. This conflicts directly with the principle of avoiding address re-use. Address re-use reduces privacy by associating multiple transactions and addresses with each other. A nondeterministic wallet is a poor choice of wallet, especially if you want to avoid address re-use because that means managing many keys, which then creates the need for frequent backups. The Bitcoin Core client includes a nondeterministic wallet, primarily for testing and reference purposes. Most Core developers discourage the use of this wallet in production systems. <<jbok_wallet>> shows a nondeterministic wallet, containing a loose collection of random keys.
 
-[[Type0_wallet]]
-.Type-0 nondeterministic (random) wallet: a collection of randomly generated keys
-image::images/msbt_0408.png["non-deterministic wallet"]
+[[jbok_wallet]]
+.Nondeterministic (random) wallet: a collection of randomly generated keys
+image::images/msbt_new0501.png["nondeterministic wallet"]
 
 ==== Deterministic (Seeded) Wallets
 
-((("deterministic wallets")))((("seeded wallets")))((("wallets","deterministic")))((("wallets","seeded")))Deterministic, or "seeded" wallets are wallets that contain private keys that are all derived from a common seed, through the use of a one-way hash function. The seed is a randomly generated number that is combined with other data, such as an index number or "chain code" (see <<hd_wallets>>) to derive the private keys. In a deterministic wallet, the seed is sufficient to recover all the derived keys, and therefore a single backup at creation time is sufficient. The seed is also sufficient for a wallet export or import, allowing for easy migration of all the user's keys between different wallet implementations.
+((("deterministic wallets")))((("seeded wallets")))((("wallets","deterministic")))((("wallets","seeded")))Deterministic, or "seeded" wallets contain private keys that are all derived from a common seed, through the use of a one-way hash function. The seed is a randomly generated number that is combined with other data, such as an index number or "chain code" (see <<hd_wallets>>) to derive the private keys. In a deterministic wallet, the seed is sufficient to recreate all the derived keys, and therefore a single backup at creation time is sufficient. The seed is also sufficient to export the keys to a new wallet, allowing for easy migration of all the user's keys between different wallet implementations.
 
 [[mnemonic_code_words]]
 ==== Mnemonic Code Words
@@ -81,7 +79,7 @@ fce540af281bf7cdeade0dd2c1c795bd02f1e4049e205a0158906c343
 [[hd_wallets]]
 ==== Hierarchical Deterministic Wallets (BIP0032/BIP0044)
 
-((("deterministic wallets","hierarchical", id="ix_ch04-asciidoc24", range="startofrange")))((("hierarchical deterministic wallets (HD wallets)", id="ix_ch04-asciidoc25", range="startofrange")))((("BIP0032", id="ix_ch04-asciidoc25a", range="startofrange")))((("BIP0044", id="ix_ch04-asciidoc25b", range="startofrange")))Deterministic wallets were developed to make it easy to derive many keys from a single "seed." The most advanced form of deterministic wallets is the _hierarchical deterministic wallet_ or _HD wallet_ defined by the BIP0032 standard. Hierarchical deterministic wallets contain keys derived in a tree structure, such that a parent key can derive a sequence of children keys, each of which can derive a sequence of grandchildren keys, and so on, to an infinite depth. This tree structure is illustrated in <<Type2_wallet>>.((("hierarchical deterministic wallets (HD wallets)","tree structure for")))
+((("deterministic wallets","hierarchical", id="ix_ch05-asciidoc24", range="startofrange")))((("hierarchical deterministic wallets (HD wallets)", id="ix_ch05-asciidoc25", range="startofrange")))((("BIP0032", id="ix_ch05-asciidoc25a", range="startofrange")))((("BIP0044", id="ix_ch05-asciidoc25b", range="startofrange")))Deterministic wallets were developed to make it easy to derive many keys from a single "seed." The most advanced form of deterministic wallets is the _hierarchical deterministic wallet_ or _HD wallet_ defined by the BIP0032 standard. Hierarchical deterministic wallets contain keys derived in a tree structure, such that a parent key can derive a sequence of children keys, each of which can derive a sequence of grandchildren keys, and so on, to an infinite depth. This tree structure is illustrated in <<Type2_wallet>>.((("hierarchical deterministic wallets (HD wallets)","tree structure for")))
 
 [[Type2_wallet]]
 .Type-2 hierarchical deterministic wallet: a tree of keys generated from a single seed
@@ -256,7 +254,7 @@ BIP0044 specifies the structure as consisting of five predefined tree levels:
 
 ===== Experimenting with HD wallets using Bitcoin Explorer
 
-((("hierarchical deterministic wallets (HD wallets)","Bitcoin Explorer and")))((("Bitcoin Explorer","HD wallets and")))Using the Bitcoin Explorer command-line tool introduced in <<ch03_bitcoin_client>>, you can experiment with generating and extending BIP0032 deterministic keys, as well as displaying them in different formats((("Bitcoin Explorer","seed command")))((("seed command (bx)")))((("Bitcoin Explorer","hd-seed command")))((("hd-seed command (bx)")))((("Bitcoin Explorer","hd-public command")))((("hd-public command (bx)")))((("Bitcoin Explorer","hd-private command")))((("hd-private command (bx)")))((("Bitcoin Explorer","hd-to-address command")))((("hd-to-address command (bx)")))((("Bitcoin Explorer","hd-to-wif command")))((("hd-to-wif command (bx)"))): (((range="endofrange", startref="ix_ch04-asciidoc25b")))(((range="endofrange", startref="ix_ch04-asciidoc25a")))(((range="endofrange", startref="ix_ch04-asciidoc25")))(((range="endofrange", startref="ix_ch04-asciidoc24")))(((range="endofrange", startref="ix_ch04-asciidoc23")))
+((("hierarchical deterministic wallets (HD wallets)","Bitcoin Explorer and")))((("Bitcoin Explorer","HD wallets and")))Using the Bitcoin Explorer command-line tool introduced in <<ch03_bitcoin_client>>, you can experiment with generating and extending BIP0032 deterministic keys, as well as displaying them in different formats((("Bitcoin Explorer","seed command")))((("seed command (bx)")))((("Bitcoin Explorer","hd-seed command")))((("hd-seed command (bx)")))((("Bitcoin Explorer","hd-public command")))((("hd-public command (bx)")))((("Bitcoin Explorer","hd-private command")))((("hd-private command (bx)")))((("Bitcoin Explorer","hd-to-address command")))((("hd-to-address command (bx)")))((("Bitcoin Explorer","hd-to-wif command")))((("hd-to-wif command (bx)"))): (((range="endofrange", startref="ix_ch05-asciidoc25b")))(((range="endofrange", startref="ix_ch05-asciidoc25a")))(((range="endofrange", startref="ix_ch05-asciidoc25")))(((range="endofrange", startref="ix_ch05-asciidoc24")))(((range="endofrange", startref="ix_ch05-asciidoc23")))
 
 ====
 [source, bash]