In the Cardano ecosystem, derivations refer to the process of generating cryptographic keys (public and private keys) and addresses from a single master seed or key using Hierarchical Deterministic (HD) wallet principles. These derivations are based on established standards that allow for the structured and secure generation of key pairs and addresses, ensuring that users can create and manage multiple accounts and addresses from a single mnemonic phrase (seed).
There are two main types of derivations: hardened and soft (also known as non-hardened). Both types are used to generate child keys from a parent key, but they differ in how securely the child keys are derived and how they handle parent-child relationships. Let’s explore the differences between these types.
1. Hardened Derivations
Hardened derivation is a type of key generation that adds an extra layer of security by ensuring that the parent key cannot be derived from a child key. This is particularly useful in cases where the private keys need to be protected more thoroughly.
Key Features:
- Higher Security: In a hardened derivation, even if someone has access to the child public key, they cannot use it to discover the parent private key or any other child keys. This provides enhanced security.
- Not Compatible with Public Derivations: A public key generated from a hardened path cannot be used to derive child public keys directly. To derive hardened child keys, access to the parent private key is required.
- Used for Sensitive Key Chains: Typically, hardened derivations are used for generating sensitive child keys, such as the primary accounts in wallets or for the most critical operations, where private key security is essential.
Example in BIP44 Path:
In BIP44 (the standard for HD wallets), hardened derivations are indicated by an apostrophe ('
). For example, in the derivation path:
m / 44' / 1815' / 0' / 0 / 0
the portions 44'
, 1815'
, and 0'
are hardened derivations.
Use Case:
Hardened derivations are ideal for situations where maximum security is required, such as when generating the primary keys for a cryptocurrency wallet. Even if a public key is exposed, an attacker cannot reverse-engineer the parent private key, safeguarding the rest of the wallet.
2. Soft (Non-Hardened) Derivations
Soft derivation (also known as non-hardened derivation) is a method where both the parent public and private keys can be used to derive child keys. This is more flexible than hardened derivation but comes with certain trade-offs in terms of security.
Key Features:
- More Flexible: With soft derivations, you can derive a child public key from a parent public key, which makes it more useful in scenarios where you need to derive multiple addresses without exposing the private key.
- Less Secure in Some Contexts: If an attacker gains access to the parent public key and a child private key, they can compute the parent private key. This makes soft derivation less secure than hardened derivation for highly sensitive key paths.
- Used for Non-Sensitive Key Chains: Soft derivations are generally used for less critical parts of the key hierarchy, such as generating new payment addresses that are publicly visible but do not require the private key to be exposed.
Example in BIP44 Path:
In a standard BIP44 path, soft derivation is used for non-hardened parts of the path. For instance, in m / 44' / 1815' / 0' / 0 / 0
, the last two sections (0 / 0
) are soft derivations. These represent specific addresses derived from the account.
Use Case:
Soft derivations are commonly used when you need to generate multiple payment addresses or public keys for general use in transactions. Since these keys are not as sensitive as those generated through hardened derivations, this method provides more flexibility while still maintaining a reasonable level of security.
Key Differences Between Hardened and Soft Derivations:
Feature | Hardened Derivation | Soft (Non-Hardened) Derivation |
---|---|---|
Security | Higher security; prevents reverse engineering of parent private key from child keys | Lower security; public keys and child keys can potentially expose parent private key |
Parent-Child Relationship | Child key cannot be used to derive parent private key | Child key can reveal parent private key if public key is exposed |
Use of Public Keys | Cannot derive child keys using only a public key | Can derive child public keys using a parent public key |
Common Use Cases | Sensitive keys such as main accounts or wallet root keys | Generating payment addresses, non-sensitive child keys |
BIP44 Path Notation | Denoted with an apostrophe (' ) | No apostrophe, indicating non-hardened derivation |
Example in Practice (Cardano HD Wallets)
In Cardano, like other cryptocurrencies, HD wallets generate keys for both payment addresses and staking addresses using a combination of hardened and soft derivations.
- Hardened paths are used to derive the most sensitive parts of the key hierarchy, such as the root of the wallet and account keys.
- Soft derivations are used to generate new payment addresses or change addresses, as these are derived from the public key and are typically less sensitive.
In Cardano and other blockchain ecosystems, both hardened and soft derivations are critical components of HD wallet design, each serving different purposes. Hardened derivations prioritize security by ensuring that child keys cannot compromise parent keys, making them ideal for sensitive keys like wallet root keys or account keys. On the other hand, soft derivations provide more flexibility and are commonly used for generating new addresses or child keys that require less protection. Together, these derivation types allow HD wallets to maintain a balance between security and usability.
Key Concepts of Derivations in Cardano
1. Hierarchical Deterministic (HD) Wallets:
Cardano uses HD wallet architecture, which allows a user to generate a vast number of payment addresses and stake addresses from a single seed phrase (or mnemonic phrase). This seed is the starting point for all derivations.
2. Derivation Paths:
- Derivation paths are specific sequences that dictate how keys and addresses are generated from the master seed. Each part of the derivation path corresponds to a specific type of key or address (e.g., payment address, staking address).
- The derivation path follows a hierarchical structure where key pairs and addresses can be generated from parent keys at different levels. This allows for efficient and organized management of addresses.
- The standard derivation path used in Cardano is compliant with the BIP32 and BIP44 standards, commonly used in HD wallets across different blockchains.
3. BIP44 Path Structure in Cardano:
Cardano’s derivation path adheres to the BIP44 standard, which defines a multi-level hierarchical tree structure. The typical BIP44 path for Cardano looks like this:
m / 44' / 1815' / account' / change / address_index
44'
: Refers to the BIP44 standard for HD wallets.1815'
: Refers to Cardano’s coin type (1815 is the unique identifier for Cardano).account'
: Represents the account index within the wallet.change
: Indicates whether the address is for receiving payments (0
) or for change addresses (1
), which are used to receive leftover ADA after a transaction.address_index
: Refers to the specific address derived under the account, which can be incremented to generate new addresses.
4. Purpose of Derivation:
- Key and Address Generation: Derivations are used to systematically create new addresses and keys without needing to generate entirely new wallets or seed phrases. This allows users to manage multiple addresses from a single seed, enhancing both security and convenience.
- Backup and Recovery: Since all keys and addresses can be derived from a single seed, a user only needs to back up their mnemonic phrase once. If the user loses access to their wallet, the entire set of keys and addresses can be restored by re-entering the seed phrase into a compatible wallet.
5. Types of Derivations:
- Payment Address Derivation: Derivations can generate a series of payment addresses used for transactions, each with a corresponding public and private key.
- Stake Address Derivation: Similarly, derivations can generate stake addresses that are linked to a user’s stake key, allowing them to delegate ADA to a stake pool and participate in the Proof-of-Stake consensus.
6. Security in Derivations:
Cardano’s use of derivations ensures that the private keys never leave the wallet or are exposed. Instead, only public addresses are generated and used for transactions. The derivation process keeps the wallet structure secure and allows for privacy when dealing with multiple addresses.
Example of Derivation Use in Cardano
A user creates a new Yoroi wallet and is given a 24-word mnemonic phrase. This seed phrase is the source of all future derivations:
- The wallet generates payment addresses from this master seed using the derivation path described above.
- As the user receives payments, new addresses can be generated on demand using this same seed, ensuring that the wallet can handle multiple transactions while keeping the same master seed for backup.
- The user can also participate in staking by generating stake addresses from the same derivation tree.
Summary
In Cardano, derivations refer to the process of generating cryptographic keys and addresses from a single master seed using HD wallet principles. This structured approach follows standards like BIP44, allowing users to create and manage multiple payment and stake addresses from a single mnemonic phrase. By securely deriving keys and addresses from a master seed, Cardano ensures efficient, secure wallet management and easy backup and recovery through a single seed phrase.
Leave a Reply