Today we’re introducing a different kind of wallet for cryptocurrency
At BlockCypher, we’re committed to making blockchain development easier for developers. Most of the time, that means creating robust and reliable APIs, keeping our uptime stratospherically high, and providing stellar customer support.
Sometimes, furthering that mission means going a bit outside of our wheelhouse. Today, we’re excited to introduce an open source wallet that leverages the power of our API for Bitcoin (and Litecoin and Dogecoin) applications: bcwallet .
Why Another Wallet?
Before talking about why we built bcwallet — and who it’s for — it’s critical to highlight the other wallets we’re not competing against. Consumers who want absolute security should consider using dedicated hardware wallets (like our customer we just profiled,KeepKey). Non-developers who want a place to easily transfer small amounts should consider web wallets (like Coinbase or Xapo).
But, for developers, developers, developers …well, this one’s for you. bcwallet is built by developers, for developers, and for the command line.
So Why is bcwallet So Money?
We’re obviously unabashedly biased here, but there’s a lot to love about the bcwallet approach. Thanks to the BlockCypher API integration and eschewing a GUI, the wallet itself is quite lightweight and easy to audit ; bcwallet has fewer lines of code than almost every other open source wallet.
But despite the low LoC count and audibility, bcwallet follows best practice by taking advantage of Hierarchical Deterministic (HD) Seeds. HD Seeds/Wallets are incredibly useful; by creating a “master seed” that generates “child” key pairs, you can help protect your privacy and prevent public key reuse. Before HD, if you were engaging in thousands of bitcoin transactions — and wanted to follow best practice by using a public address only once — that meant keeping track of thousands of private-public key pairs. It’s no wonder in the pre-HD days bitcoin users would pass the time by dumpster-diving for $9 million hard drives .
HD significantly mitigates this problem. While many wallets today offer HD key derivation, they generally hide the mechanics from the user. Not bcwallet. It makes HD transparent by providing the xpriv and xpub extended keys (the “master seed” in private and public key form) when first used, making it easy to audit these keys and the addresses they generate locally. It’s one of the simplest ways to support HD, and we show you exactly what you need to protect explicitly: the xpriv key. There’s no magic up our sleeve; with the xpriv you have full access to viewing and spending your funds. You can read more about HD mechanics, and bcwallet’s particular implementation, at the bcwallet FAQ Page or our HD Wallet API documentation .
Beyond the benefit of transparent HD support, bcwallet supports multiple currencies, has up-to-date fee estimation based on current network conditions, and is exceptionally easy to use…of course, it also places a strong onus on the user to securely maintain and use their “master seed.” But hey, that’s why it’s for developers.
And hey, we’re developers! Dogfooding is our forte, and we’d be remiss if we didn’t use our own wallet. We accept and store all customer bitcoin payments using bcwallet.
How to Use bcwallet in A GIF(fy)
First, install bcwallet using pip, then run bcwallet on the command line:
$ pip install bcwallet
Pictures are worth a thousand words, and by that logic, slow screencaptures are worth at least 15,000 words a second.
Here we set up a new wallet on our internal testnet. bcwallet exits after generating a new extended private and public seed. We copy this seed, and load bcwallet with its newly created master seed. Note that in almost all real-world cases, putting sensitive master private keys in your bash history is a massive, world-ending no-no; for this toy example it’s fine, but in real life you should be much more careful. That’s why bcwallet also supports piping keys directly — to be extra cautious, you should pipe your encrypted key from GPG or OpenSSL.
Next, we check the wallet balance (0 bits, as suspected from a newly generated seed). We then generate a new receiving address. We copy this address, then zip to the next GIF.
Then we head back to the terminal to check the updated balance; 10,000 bits, nice!
Finally, since we have the private seed locally loaded in this session, we can send all the funds back to our testnet faucet address. We use -1 to sweep all the value in this wallet, and select medium fee priority. Last but not least, we check the last transaction list and it shows a 0 bit balance and the 2 transaction hashes. q to quit, and that’s that!
What’s Happening Behind the Scenes
A great deal! We’re generating a full HD Wallet seed locally, then generating new public addresses on the 0 and 1 subchain indices using ourHD Wallet API. We can generate seeds for every single cryptocurrency we support (Bitcoin, Bitcoin Testnet, Litecoin, Dogecoin, and BlockCypher Testnet) within bcwallet. We check the HD subchains for any addresses with spent/unspent bitcoin, and then report back the balance and transaction hashes.
While public address watching is handled by the API, all private key signing happens locally and your private key never touches the file system (bcwallet doesn’t use the hard drive).
Using the Wallet in Watch-Only Mode
Perhaps you have a dedicated device for private key signing, or simply prefer your private keys staying on an air-gapped computer. As demonstrated above, you can use bcwallet with a public master seed and only use it to watch balances.
bcwallet Beyond the GIF Playground
Perhaps the best way to highlight the advantages of bcwallet is to consider a scenario where one might use BlockCypher’s API in tandem. Let’s say you’re running a game and using an HD master seed to derive addresses for in-game items for purchase by players. The private seed is never kept on any hot/connected game server, and you use the BlockCypher Derive Address endpoint to generate new addresses on the server. You use the 0-indexed subchain for in-game items and the 1-indexed subchain for internal change, mirroring bcwallet’s configuration.
Meanwhile, you operate a watch-only bcwallet using the public master key on a local computer connected to the Internet (or by sharing theLive Block Explorer link provided in every instantiation of bcwallet) and never fear losing your funds. Even if your game server and machine is “totally pwned,” you can keep your private seed on another air-gapped computer with bcwallet (or hardware wallet like KeepKey ), and transfer funds by transferring signatures (and never revealing your private key/seed).
More broadly, let’s imagine you’re a developer-friendly company that deals exclusively with cryptocurrency. You can imagine scenarios where you’d want to create hardened keys and have entire departments with varying levels of budget/P&L running their own subtrees of HD wallets, and you could use bcwallet to watch/sign them all. Auditing and access are no longer the arduous tasks they once were.
The possibilities are as endless as the keys you might derive; the beauty of programmable money is that programmability doesn’t stop with the buck. The means to store and distribute cryptocurrency is just as extensible, and ought to be approachable to all. We love PRs and improvements, so If you’d like to extend or fork bcwallet, definitely feel free to do so here: https://github.com/blockcypher/bcwallet . For more details check out the bcwallet FAQ page: https://github.com/blockcypher/bcwallet#faqs
Otherwise, as written before, if you’re just interested in using bcwallet, you just need to pip to start piping:
$ pip install bcwallet
Feedbackalways welcome, and we hope you enjoy bcwallet as much as we do!