From Simple Wallet to HD Wallet
Introduction
Now that we introduced support for HD wallet using the Ledger hardware wallet and Software Seed options. What should you as a user do, and what are the implications?
Best Practices
Let's start from the basics, existing users already using passphrase based accounts, for you there is no change, you can continue using all the procedures you know and love from previous versions of Ardor without making any changes. Use the "Passphrase" login option to login using your passphrase and use the "Account" login option to login with your public account. You can still use your existing passphrase anywhere you used it before, to sign transactions, encrypt/decrypt messages, generate tokens, forge, bundle, and so on. Everything should remain operational and backward compatible.
Now that we cleared this up let's discuss how you should use the new functionality.
To start with, a bit of theory. We'll try to keep it to the bare minimum.
Seed (sometimes also called Mnemonic) is a random sequence of words from which all secret data is derived. The Seed should be kept at least as secure as an old account passphrase but even more so since a compromised seed means all accounts derived from the seed are compromised as well.
All the secrets derived from the Seed are represented in a tree structure we call the "Derivation Tree".
The derivation tree is composed of BIP32 Nodes, each composed of a pair of private/public keys and a master public key.
Each BIP32 node is uniquely identified by its BIP32 Path from the root node of the derivation tree to the node itself.
The data included in each BIP32 node is composed of:
- Private Key - a secret identifier of an Ardor account. The private key should be kept at least as secure as an old account passphrase.
- Public Key - public data derived from the private key. The public key is announced to the blockchain as the unique identifier of an Ardor account.
- Account Address - the Ardor account address itself derived from the public key.
- Master Public Key - a separate piece of public information used only for deriving the public information of child nodes.
Use cases
Login using a Ledger hardware
When to use
In case you have access to a Ledger hardware. To sign transactions, encrypt messages, generate tokens.
When not to use
When you like to use Forging, Bundling, Shuffling, Contract Running and any other operation which requires you to submit your private key to the node.
Securing your data
When using the Ledger hardware your private information (seed, private keys) never leaves the Ledger device. Therefore you can work with a compromised wallet and still never risk losing your tokens, you are still exposed to social engineering attacks like a malicious wallet trying to convince you to submit your tokens to the wrong recipient address. Therefore always make sure the transaction data you see on the Ledger screen when signing a transaction agrees with the information displayed in your Ardor wallet.
Login using a Software Seed
When to use
In case you don't have access to a Ledger hardware. When you like to start Forging, Bundling, Shuffling from your wallet. When you are using a wallet on your local workstation or connecting to a remote node under your control. In general, we recommend that all new Ardor accounts would be created from a seed, not from a passphrase.
When not to use
Never use a seed when connecting to a remote node not under your control, and never store your seed un-encrypted on a remote node.
Securing your data
Only use your seed on your local workstation. We recommend that you never store a seed from which high balance accounts were derived on a remote node. Instead, derive the private key of a specific low balance account from the seed and use it instead.
Login using a Master Public Key
When to use
When you only need access to public data of multiple accounts derived from the same software seed or Ledger wallet. When loading accounts from a master public key, you can use a specific account private key to sign transactions for a specific derived account. Use the master public key as a more secure alternative to using your software seed directly.
When not to use
Do not publicly announce your master public key. Try to keep it reasonably safe under your control.
Securing your data
A compromised master public key does not directly let an attacker steal your funds; in addition the attacker will need to obtain the private key of one of the derived accounts to compromise all other derived accounts. Therefore it is not recommended to publicly announce your master public key. However, storing it on a remote node under your control should be acceptable.
Login using a Private Key Derived from a Software Seed
When to use
When you cannot afford to expose your software seed. When you need your private key for forging, bundling, shuffling, contract running. Use an account with a reasonably low amount and keep the rest of your funds safe in other derived accounts.
When not to use
On a compromised workstation
Securing your data
An account private key should be kept as secure as an old passphrase with the only difference being that, unlike a passphrase, a private key derived from a seed can always be restored from a seed.
Login using a Public Account Address
When to use
To view public information about a specific account. You can still sign transactions from your using your account private key.
When not to use
When you need access to secret information about your account.
Securing your data
The account address can be announced publicly without restriction.
More use cases
Using your Ledger hardware seed as a software seed. In general, you can derive the same accounts using hardware and software when using the same seed. However, by doing so you are risking your hardware seed by exposing it to a possibly insecure software. An attacker who intercepts the seed from the software can initialize a new Ledger device with the same seed and steal your funds therefore we do not recommend this configuration. Alternatively, use the master public key extracted from the Ledger hardware.
Secure your seed using a seed passphrase. A seed passphrase represents an additional random data that you can combine with the seed to create multiple derivation trees from the same seed. For example, store your hot wallet using a BIP39 seed without a seed passphrase, store your cold wallet with an additional 12 words BIP39 seed passphrase kept separately from the seed itself. In case your seed is compromised but your seed passphrase is not, only your hot wallet will be compromised. This option is supported by Ardor in general but is not implemented in the wallet UI. You can experiment with it using the BIP32 calculations dialog.
Deriving a nested hierarchy of accounts is not supported by the wallet UI which supports only single-level derivation but is supported by the Ardor APIs.
Using deep derivation of nested account can be useful in case you need to generate a large number of keys split into categories.