COLDCARD logo
Shopping cart Shop

How Bitcoin Wallets Work

A Bitcoin wallet stores the private keys that authorize spending from addresses recorded on Bitcoin's distributed public ledger. This distinction is important as it illustrates not only how wallets work, but how Bitcoin itself operates and how no company or service can take your self-custodied bitcoin from you.

Does a Bitcoin Wallet Store Bitcoin?

The misconception about Bitcoin wallets comes from the word "wallet" itself. Physical wallets hold cash, whereas Bitcoin wallets does not hold bitcoin. Bitcoin exists as digital entries on a distributed public ledger, known as a blockchain, visible to anyone in the world. A Bitcoin wallet holds the private keys that are required to authorize making updates to those entries, which is how bitcoin is spent.

The better analogy for understanding Bitcoin wallets is that of a keychain. Instead of holding actual money, a keychain holds keys that let you gain access to valuable things, such as those stored in a locked box. You can also create backups of your keys, so that if you lose your keychain you don't lose access to your valuables.

This understanding of how a Bitcoin wallet works matters most when something goes wrong. If you lose your phone or computer with your Bitcoin wallet on it, your bitcoin is not gone. You can restore your wallet's private keys on a new device using your seed phrase, which restores full access to your bitcoin.

What "losing your bitcoin" actually means is losing your private keys and losing the seed phrase needed to recover them. If you lose both, your bitcoin will remain on the blockchain, unspendable by anyone.

What Does a Bitcoin Wallet Actually Contain?

Every self-custody Bitcoin wallet is built around the private key, the focal point of Bitcoin ownership. While the technical aspects of private keys are worth noting, the important thing to remember is that private keys must be safeguarded.

Private keys are large random numbers generated by a cryptographically secure random number generator. The randomness is encoded as a human-readable seed phrase, which is a sequence of 12 or 24 English words that can be written down and stored offline. This seed phrase is used to produce a master seed, from which an innumerable number of private keys can be created and used by the Bitcoin wallet for transacting and securing bitcoin. What is a Bitcoin seed phrase? covers the seed phrases in greater detail.

Within your Bitcoin wallet there are three things used for transaction operations:

A private key is a large random number, 256 bits in size, that authorizes spending from the corresponding address. It is used to derive public keys and to create digital signatures to authorize spending. Whoever controls the private key, controls the bitcoin locked to its associated addresses. What is a private key? covers this in full.

A public key is derived mathematically from the private key. The derivation is one-way, which means yu can produce the public key from the private key in an instant, but going in reverse is computationally infeasible. The public key is used to generate Bitcoin addresses that are used for receiving bitcoin and to allow the network to verify transaction signatures. It can be shared freely without compromising the private key. What is public key cryptography?

A Bitcoin addresses is derived from the public key through a hashing process. It is the string of characters you share when you want to receive bitcoin. Addresses are shorter than raw public keys, and the hashing step adds an additional layer of security. What is a Bitcoin address? covers the generation pipeline in full.

How Does an HD Wallet Generate Keys and Addresses?

Modern Bitcoin wallets are known as HD wallets, which stands for "hierarchical deterministic." Hierarchical describes how keys are organized in a tree-like structure, branching from a single root. Deterministic means the same starting point always produces the same keys in the same order, on any compatible wallet software.

The word "derivation" is often used when describing wallets, as it describes how each part is produced from the one that preceeded it, hence it is derived from it.

Prior to HD wallets, Bitcoin software generated each private key independently. Every key needed its own separate backup, and if a key was not backed up before funds arrived at the associated address, those funds were at risk of permanent loss. Managing dozens of independent backups was impractical, which is the reasoning for introducing HD wallets.

Modern Bitcoin wallet setup starts with randomness to generate your seed phrase. From there, the seed phrase initiates a chain of deterministic derivations, each step producing the next:

  1. Master seed. The seed phrase is processed through a key derivation function to produce a single master seed.
  2. Master private key. The master seed derives one master private key, which becomes the root of the key hierarchy.
  3. Individual private keys. From the master private key, the wallet derives a structured tree of individual private keys, one for each position in the hierarchy. Every position always resolves to the same key for a given seed phrase.
  4. Public keys. Each private key produces exactly one corresponding public key, forming a key pair.
  5. Bitcoin addresses. Each public key maps to a bitcoin address. Because the tree can have countless positions, the wallet can generate countless distinct addresses from a single seed phrase.

Because the derivation is deterministic, every address the wallet generates is reproducible from the seed phrase. There is nothing else to back up. This is why the seed phrase is sometimes described as the wallet itself, not a password or recovery mechanism, but the actual cryptographic root of the entire structure.

HD wallets and Bitcoin derivation paths covers the path structure and what each level of the hierarchy specifies.

How Does a Bitcoin Wallet Sign a Transaction?

Private keys are used for authorizing transactions. Doing that requires producing a digital signature, a piece of cryptographic proof that the holder of the private key authorized this specific transaction, without revealing the key itself.

The signing process follows five steps:

  1. Transaction construction. The wallet identifies the unspent transaction outputs (UTXOs) that will be used in the transaction and constructs an unsigned transaction specifying the recipient address(es) and amounts.
  2. Review. The unsigned transaction is presented for review: inputs, outputs, amounts, and fees. In a hardware wallet setup, this review happens on the device screen, not on the networked computer.
  3. Signing. The private key is combined with the transaction data using a signing algorithm to produce a digital signature that proves the key was used corresponding to the UTXOs being spent, without revealing the key itself. The signature is specific to this exact transaction.
  4. Return. Only the signed transaction leaves the device, so the private key remains in the hardware wallet.
  5. Broadcast. The signed transaction, which includes the public key alongside the signature, is broadcast to the Bitcoin network. Every node independently verifies that the public key matches the address being spent from, and that the signature is valid against that key, before accepting the transaction.

In a hardware wallet setup, steps 1 and 2 happen on the connected computer. Step 3 happens inside the device. Steps 4 and 5 return to the computer for broadcasting. The private key is active only for the moment of signing, entirely within the device.

The PSBT standard (BIP174, Partially Signed Bitcoin Transaction) formalizes this separation between transaction construction and signing. It defines a data format that an unsigned or partially-signed transaction can travel in, allowing different software components to contribute without any single piece needing access to the private key.

What Are the Different Types of Bitcoin Wallets?

The most important question to ask about any wallet is where the private keys live, and how exposed they are to potential attack.

Mobile and Desktop Wallets

Mobile and desktop wallets store private keys on an internet-connected phone or computer, giving you genuine self-custody. The keys are yours, held on your device rather than on a custodian's server, and you can verify your holdings on-chain and transact without asking anyone's permission.

That custody arrangement comes with a tradeoff. The device holding those keys is connected to the internet and is potentially reachable by malware designed to scan for wallet files and extract private keys. Because that attack requires only a network path rather than physical access, the risk exposure is ongoing rather than situational. For small amounts used in everyday transactions, this level of risk is generally manageable, but for long-term savings it represents a more serious concern.

Signing Devices

Signing devices, commonly called hardware wallets, store private keys in dedicated hardware that is never connected to the internet. The key is generated, stored, and used for signing all on the device. When you want to send bitcoin, a transaction is constructed on a networked computer, passed to the signing device for signing, and only the completed signature returns to the computer for broadcast. The private key never crosses to the networked machine, so a compromised computer has no path to a key.

Some signing devices go further by removing the cable connection from the process entirely. These devices operate in fully air-gapped mode. Transaction data moves via QR code or microSD card rather than through a direct connection. The signing device makes no physical link to any networked hardware.

Watch-only wallets

Watch-only wallets hold an extended public key for an account, which is a public key bundled with derivation data that allows the wallet to generate every child key and address without access to the corresponding private keys. From that single key, the wallet can derive all receiving and change addresses, monitor balances, and construct unsigned transactions. In a secure setup, the watch-only wallet handles all of these preparatory steps on the networked computer, and the paired signing device handles signing in isolation.

Custodial wallets

Custodial wallets, including exchange accounts, are not directly comparable to the other wallet types described here. Rather than managing private keys, they function as interfaces to a custodian's platform where the actual operations of the wallet reside.

In this arrangement the custodian holds the keys, and when you initiate a transaction you do not sign anything yourself, but send a request to the custodian to authorize and execute it on your behalf. Your balance is an entry in their database rather than actual holdings you can verify or enforce on-chain, and whether a withdrawal is honored depends entirely on the institution's continued operation, solvency, and willingness to cooperate. What is Bitcoin self-custody? covers why this distinction has real consequences.

The security considerations for these wallet types depends on the architecture. The further the private key from an internet connection, the smaller the attack surface. A signing device that never touches a network cannot be compromised through any network path. There is nothing for remote malware to reach.

What Does This Mean for How You Hold Bitcoin?

The wallet type you use has direct implications for your custody. In Bitcoin, ownership is determined by who holds the private keys, so understanding where your keys come from, where they are stored, and how they are used is the foundation of managing them well.

In a custodial arrangement, the institution holds and manages the private keys. You hold an account balance, which is a claim on the custodian's holdings. The security of your bitcoin depends entirely on the security, solvency, and cooperation of that institution.

In a self-custody arrangement with a signing device, you hold the private key directly. The signing device stores it offline, and a watch-only wallet on your computer handles monitoring, address generation, and transaction construction without ever holding the key itself. When you need to sign a transaction, it is passed to the device, signed in isolation, and returned, so the private key is never exposed to any network path.

The seed phrase is the complete cryptographic root of your wallet, not a password or recovery code but the actual source from which every private key is derived. Anyone who obtains it controls every bitcoin associated with every key in the hierarchy. Storing the seed phrase offline and physically separate from the device is the most consequential single action in self-custody.

Related articles

What is a Bitcoin private key?

The 256-bit secret number that proves Bitcoin ownership: what it is, how it works, and why it must never be shared

Read article

What is public key cryptography?

The mathematical system that lets Bitcoin prove ownership and authorize transactions without revealing the private key

Read article

What is a Bitcoin seed phrase?

The sequence of 12 or 24 words that generates every key in a Bitcoin wallet and serves as the sole recovery backup

Read article

HD wallets and Bitcoin derivation paths

How HD wallets derive every key from a single seed, and what the derivation path numbers mean

Read article