mirror of
https://github.com/bitcoinbook/bitcoinbook
synced 2024-11-22 16:18:11 +00:00
208 lines
6.8 KiB
Plaintext
208 lines
6.8 KiB
Plaintext
------------------------------------------------------------
|
|
BIP: BIP-0044
|
|
Title: Multi-Account Hierarchy for Deterministic Wallets
|
|
Authors: Marek Palatinus <slush@satoshilabs.com>
|
|
Pavol Rusnak <stick@satoshilabs.com>
|
|
Status: Draft
|
|
Type: Standards Track
|
|
Created: 2014-04-24
|
|
------------------------------------------------------------
|
|
|
|
[[abstract]]
|
|
Abstract
|
|
~~~~~~~~
|
|
|
|
This BIP defines a logical hierarchy for deterministic wallets based on
|
|
an algorithm described in BIP-0032 (BIP32 from now on) and purpose
|
|
scheme described in BIP-0043 (BIP43 from now on).
|
|
|
|
This BIP is a particular application of BIP43.
|
|
|
|
[[motivation]]
|
|
Motivation
|
|
~~~~~~~~~~
|
|
|
|
The hierarchy proposed in this paper is quite comprehensive. It allows
|
|
the handling of multiple coins, multiple accounts, external and internal
|
|
chains per account and millions of addresses per chain.
|
|
|
|
[[path-levels]]
|
|
Path levels
|
|
~~~~~~~~~~~
|
|
|
|
We define the following 5 levels in BIP32 path:
|
|
|
|
-------------------------------------------------------------
|
|
m / purpose' / coin_type' / account' / change / address_index
|
|
-------------------------------------------------------------
|
|
|
|
Apostrophe in the path indicates that BIP32 hardened derivation is used.
|
|
|
|
Each level has a special meaning, described in the chapters below.
|
|
|
|
[[purpose]]
|
|
Purpose
|
|
^^^^^^^
|
|
|
|
Purpose is a constant set to 44' (or 0x8000002C) following the BIP43
|
|
recommendation. It indicates that the subtree of this node is used
|
|
according to this specification.
|
|
|
|
Hardened derivation is used at this level.
|
|
|
|
[[coin-type]]
|
|
Coin type
|
|
^^^^^^^^^
|
|
|
|
One master node (seed) can be used for unlimited number of independent
|
|
cryptocoins such as Bitcoin, Litecoin or Namecoin. However, sharing the
|
|
same space for various cryptocoins has some disadvantages.
|
|
|
|
This level creates a separate subtree for every cryptocoin, avoiding
|
|
reusing addresses across cryptocoins and improving privacy issues.
|
|
|
|
Coin type is a constant, set for each cryptocoin. Cryptocoin developers
|
|
may ask for registering unused number for their project.
|
|
|
|
The list of already allocated coin types is in the chapter "Registered
|
|
coin types" below.
|
|
|
|
Hardened derivation is used at this level.
|
|
|
|
[[account]]
|
|
Account
|
|
^^^^^^^
|
|
|
|
This level splits the key space into independent user identities, so the
|
|
wallet never mixes the coins across different accounts.
|
|
|
|
Users can use these accounts to organize the funds in the same fashion
|
|
as bank accounts; for donation purposes (where all addresses are
|
|
considered public), for saving purposes, for common expenses etc.
|
|
|
|
Accounts are numbered from index 0 in sequentially increasing manner.
|
|
This number is used as child index in BIP32 derivation.
|
|
|
|
Hardened derivation is used at this level.
|
|
|
|
Software should prevent a creation of an account if a previous account
|
|
does not have a transaction history (meaning none of its addresses have
|
|
been used before).
|
|
|
|
Software needs to discover all used accounts after importing the seed
|
|
from an external source. Such an algorithm is described in "Account
|
|
discovery" chapter.
|
|
|
|
[[change]]
|
|
Change
|
|
^^^^^^
|
|
|
|
Constant 0 is used for external chain and constant 1 for internal chain
|
|
(also known as change addresses). External chain is used for addresses
|
|
that are meant to be visible outside of the wallet (e.g. for receiving
|
|
payments). Internal chain is used for addresses which are not meant to
|
|
be visible outside of the wallet and is used for return transaction
|
|
change.
|
|
|
|
Public derivation is used at this level.
|
|
|
|
[[index]]
|
|
Index
|
|
^^^^^
|
|
|
|
Addresses are numbered from index 0 in sequentially increasing manner.
|
|
This number is used as child index in BIP32 derivation.
|
|
|
|
Public derivation is used at this level.
|
|
|
|
[[account-discovery]]
|
|
Account discovery
|
|
~~~~~~~~~~~~~~~~~
|
|
|
|
When the master seed is imported from an external source the software
|
|
should start to discover the accounts in the following manner:
|
|
|
|
1. derive the first account's node (index = 0)
|
|
2. derive the external chain node of this account
|
|
3. scan addresses of the external chain; respect the gap limit
|
|
described below
|
|
4. if no transactions are found on the external chain, stop discovery
|
|
5. if there are some transactions, increase the account index and go to
|
|
step 1
|
|
|
|
This algorithm is successful because software should disallow creation
|
|
of new accounts if previous one has no transaction history, as described
|
|
in chapter "Account" above.
|
|
|
|
Please note that the algorithm works with the transaction history, not
|
|
account balances, so you can have an account with 0 total coins and the
|
|
algorithm will still continue with discovery.
|
|
|
|
[[address-gap-limit]]
|
|
Address gap limit
|
|
^^^^^^^^^^^^^^^^^
|
|
|
|
Address gap limit is currently set to 20. If the software hits 20 unused
|
|
addresses in a row, it expects there are no used addresses beyond this
|
|
point and stops searching the address chain.
|
|
|
|
Wallet software should warn when the user is trying to exceed the gap
|
|
limit on an external chain by generating a new address.
|
|
|
|
[[registered-coin-types]]
|
|
Registered coin types
|
|
~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
These are the registered coin types for usage in level 2 of BIP44
|
|
described in chapter "Coin type" above.
|
|
|
|
All these constants are used as hardened derivation.
|
|
|
|
[cols=",,",options="header",]
|
|
|==============================
|
|
|index |hexa |coin
|
|
|0 |0x80000000 |Bitcoin
|
|
|1 |0x80000001 |Bitcoin Testnet
|
|
|==============================
|
|
|
|
[[examples]]
|
|
Examples
|
|
~~~~~~~~
|
|
|
|
[cols=",,,,",options="header",]
|
|
|====================================================================
|
|
|coin |account |chain |address |path
|
|
|Bitcoin |first |external |first |m / 44' / 0' / 0' / 0 / 0
|
|
|Bitcoin |first |external |second |m / 44' / 0' / 0' / 0 / 1
|
|
|Bitcoin |first |change |first |m / 44' / 0' / 0' / 1 / 0
|
|
|Bitcoin |first |change |second |m / 44' / 0' / 0' / 1 / 1
|
|
|Bitcoin |second |external |first |m / 44' / 0' / 1' / 0 / 0
|
|
|Bitcoin |second |external |second |m / 44' / 0' / 1' / 0 / 1
|
|
|Bitcoin |second |change |first |m / 44' / 0' / 1' / 1 / 0
|
|
|Bitcoin |second |change |second |m / 44' / 0' / 1' / 1 / 1
|
|
|Bitcoin Testnet |first |external |first |m / 44' / 1' / 0' / 0 / 0
|
|
|Bitcoin Testnet |first |external |second |m / 44' / 1' / 0' / 0 / 1
|
|
|Bitcoin Testnet |first |change |first |m / 44' / 1' / 0' / 1 / 0
|
|
|Bitcoin Testnet |first |change |second |m / 44' / 1' / 0' / 1 / 1
|
|
|Bitcoin Testnet |second |external |first |m / 44' / 1' / 1' / 0 / 0
|
|
|Bitcoin Testnet |second |external |second |m / 44' / 1' / 1' / 0 / 1
|
|
|Bitcoin Testnet |second |change |first |m / 44' / 1' / 1' / 1 / 0
|
|
|Bitcoin Testnet |second |change |second |m / 44' / 1' / 1' / 1 / 1
|
|
|====================================================================
|
|
|
|
[[compatible-wallets]]
|
|
Compatible wallets
|
|
~~~~~~~~~~~~~~~~~~
|
|
|
|
* https://mytrezor.com[myTREZOR web wallet]
|
|
(https://github.com/trezor/webwallet[source])
|
|
|
|
[[reference]]
|
|
Reference
|
|
~~~~~~~~~
|
|
|
|
* link:bip-0032.mediawiki[BIP32 - Hierarchical Deterministic Wallets]
|
|
* link:bip-0043.mediawiki[BIP43 - Purpose Field for Deterministic
|
|
Wallets]
|
|
|