The Wallet Wars Part 1 - A New Wallet Hope

Prequel, Abridged

Wallets have presented as different shapes throughout history. For millennia, wallets were used to store food and minted coins, until the introduction of paper currency in the late 17th century, and credit cards in the 1950s brought about the flat, bifold wallet we consider standard now.

But few transitions would be as dramatic as the move from physical wallets to digital ones: the early days of the internet in the 1990s saw digital wallets for digital currencies like B-Money and Ecash. However, these early digital currencies never took off due to a centralized system of transactions, few early adopters, or high computational requirements.

‍

A New Wallet Hope

In 2009, Satoshi Nakamoto proposed Bitcoin, a decentralized proof-of-work digital currency inspired by its predecessors. After successfully adding a block to the blockchain, users receive Bitcoins that they can spend as a digital currency. If a user wants to send bitcoins to someone, they need to provide the receiver’s public key and validate the transaction with their private key. If a third party ever gains access to a user’s public and private key, they can hijack the remaining bitcoin. This need to safeguard the public and private keypair gave rise to the first generation of crypto wallets.

The first application to interact with the Bitcoin blockchain was the open-source Bitcoin-Qt, also known as Satoshi Client. It was a C++ application initially released for Windows NT/2000/XP users in early 2009. Bitcoin-Qt stored blockchain information and users’ wallet details in local storage, provided a command line and graphical user interface, and supplied users with methods to launch new transactions, view previous transactions, and check the wallet balance. The wallet was a ‘full-client,’ requiring each user to download the entire blockchain history on set up. During the formative years of Bitcoin, the blockchain size was around 16 MB — a full download of blockchain took minutes and occupied minimal disk space.

Running a full-client wallet provides privacy and security during bitcoin transactions: since the client maintains the entire ledger of transactions, it can validate that no rogue coins have been created by circumventing the well-established bitcoin supply. It also maintains economic trust in the system by preventing a majority of malicious users from validating incorrect transactions.

But while the Satoshi Client provided strong transaction legitimacy guarantees, the wallet suffered from poor security features: cybercriminals could create malware to infiltrate and steal the user’s local wallet.dat file, which stored the user’s private keys. Even though Bitcoin-Qt began providing passphrase-based encryption two years after the initial version, malware could bypass this if it executed it on the same computer and with the same privileges as the client. 

Moreover, the cost of maintaining disk space and network connections increased with the Bitcoin blockchain’s rise in popularity: the blockchain size ballooned to over 2 GB in June 2012 and was forecasted to grow exponentially (as of Jan 2022, it is 379 GB). 

Soon a new generation of wallets saturated the market, allowing users to carry out bitcoin transactions without downloading the entire blockchain. Instead of downloading all the blocks — consisting of a block header and data on all transactions in the block — only the block headers would be stored, resulting in a 1000x decrease in size. The data reduction enabled wallets to run on smaller devices like smartphones and conduct more efficient transactions.

‍

The Rise of Thinner Wallets

On September 12th, 2011, British programmer Jim Burton released a free, lightweight wallet called MultiBit; he explained that it “was designed for non-technical people as much as possible”. It had an intuitive GUI, allowed users to transact with multiple wallets, supported numerous languages, and allowed export and import of keypairs. To seamlessly receive payments, MultiBit allowed users to create ‘Bitcoin swatches’ — QR codes containing the Bitcoin receiver address, amount, and message. 

Around this time, new digital wallet services were springing up that allowed mobile and web consumers to transact bitcoin: Coinbase, founded in December 2012, provided online wallets for consumers and services for businesses considering accepting Bitcoin payment. Bits allowed individuals and merchants to send and accept bitcoin payments through text messages; users could register by sending ‘SIGNUP’ to a number. Kipochi launched a similar bitcoin SMS feature with M-Pesa in Africa in July 2013 and allowed the liquidation of bitcoin to Kenyan shillings.

By early 2014, these ‘thin wallets’ had soared in popularity: MultiBit had 1.5 million downloads and both Coinbase and Blockchain.info had a million customers each. 

Like other early pieces of blockchain infrastructure, these wallets were buggy. MultiBit created multiple random cryptographic keys and encouraged a unique address for each transaction. If the keys got used up, MultiBit would generate random new keys: this required regular wallet backups, which could be prone to errors. A loss of private keys rendered the bitcoin stored in the associated addresses irretrievable. 

In April 2014, a user exposed a flaw in MultiBit’s wallet feature on Reddit: he claimed 0.5225 bitcoins (worth $220 at the time) were inaccessible after MultiBit did not provide the private keys for the ‘change’ address after a transaction. Several other users confirmed the bug and mentioned similar issues in the thread. The resulting backlash against MultiBit’s security vulnerabilities precipitated improvements in the current wallet ecosystem.

‍

The Rise of Physical Wallets

One solution to avoid theft or loss was by using cold wallets — storage methods like paper, CDs, or USBs that are not connected to the internet. These wallets are used for addresses with large bitcoin stores that are not actively used for transactions. While these wallets prevent hackers from stealing your private keys, they don’t protect them from extrinsic forces like fires, coffee spills, or accidental disposals. The latter action affected a Welshman who in 2013 dumped out a hard drive containing bitcoin keys currently worth over $500 million.

On the other hand, hardware wallets are specialized crypto wallets that provide security by allowing you to conduct transactions without revealing your private keys to a computer. Czech-based hardware wallet Trezor One provided users with a physical USB attachment that added an authentication layer; it had a password manager, two-factor authentication, and interfaced with a computer for inputting passphrases. 

‍

The Rise of Deterministic Wallets

Another solution was to use hierarchical deterministic (HD) wallets. These wallets use an initial seed number to generate a sequence of cryptographic key pairs through a known deterministic algorithm. If we lose the keys to the addresses, we only need to supply the algorithm with the same seed value and recover the original keypairs. 

Electrum, an open-source lightweight bitcoin wallet, gave users wallet encryption and deterministic key generation. The randomly generated 128-bit sequence called a seed number can be transformed into mnemonic code consisting of 12 random English words. In September 2013, BIP 39 was proposed containing 2048 unique words to use for seed phrase generation — wallets with this feature were known as brain wallets. 

‍

In May 2014, the MultiBit creators released a new client, MultiBit HD wallet with deterministic wallet key pair generation, compatibility with the popular hardware wallet Trezor, and multi-signature functionality. Some features considered state-of-the-art at the time, like stealth addresses and CoinJoin — which were employed in the competitor product Dark Wallet — were not prioritized in the release due to the company’s “limited resources for development.”

Many of the early wallets like Electrum, MultiBit, and others were marketed towards programmers, bitcoin enthusiasts, and early adopters: they were open-sourced, accessible, and were built by developers in their free time. But as crypto’s userbase grew rapidly, it put pressure on a relatively steady number of developers. MultiBit began charging transaction fees an equivalent of half a cent in 2013. Other wallets allowed users to choose the fee, with higher fees having higher chances for the transactions to be added to the blockchain.

The VCs Strike Back

Starting in 2013, the crypto wallet landscape began shifting as venture capitalists recognized the growth potential of cryptocurrency and began investing millions of dollars in promising crypto start-ups. In mid-2013, Coinbase — which at the time had 121,000 users and turned over $1.5 million in February — received $5 million in funding to help make its merchant and online wallet services more accessible. 

In the same month, Winklevoss Capital Management provided $1.5 million in seed funding to BitInstant, an online platform for exchanging bitcoins. Venture capitalists had committed over $88 million dollars to bitcoin companies by the end of the year, a total 40 times greater than in 2012.

These newer wallets clashed with the existing free and open-source options available, and bitcoin veterans complained their bitcoin holdings were at the mercy of centralized companies’ security infrastructure. Yet, the influx of VC cash allowed many non-programmers to trade in the cryptocurrency market and positioned bitcoin as a powerful commodity: the price of Bitcoin rose meteorically from around $12 in November 2012 to $1200 in November 2013. 

But the bull run did not last long. In February 2014, the largest bitcoin exchange operator Mt. Gox was hacked and reportedly lost 850,000 bitcoins. Such a sizable theft raised existential questions about bitcoin, decreased liquidity in the market, and caused the price to plummet to around $450 by May 2014. 

Though bitcoin prices gradually fell over the next few months, VCs funding considerably increased throughout the year: they disregarded short-term price fluctuations and focused on its underlying technology potential as it disrupted the traditional financial system. In August, Xapo received $20 million in funding to build ‘ultra-secure’ physical bitcoin cold storage vaults with biometric scanners and 24/7 surveillance. A couple of months later, wallet provider Blockchain raised $30.5 million, marking it as the year’s single largest bitcoin capital investment. By year’s end, VCs invested 314.7 million dollars according to CoinDesk’s data. 

Dawn of a New Wallet Age

In early 2015, Vitalik Buterin and others released Ethereum, a new decentralized blockchain that expanded on bitcoin capabilities by allowing smart contracts and other applications to run on the blockchain. Users could collect and breed crypto kittens, own digital art, lend coins, and much more, while crypto wallets provided the security and solid foundation. In our next article, we explore these newer blockchains where the next generation of crypto wallets would flourish.