[TEP-101] Enhancing Privacy and Usability in TON with Deterministic Subwallets


The TON blockchain, known for its scalability and speed, faces a challenge common to many digital asset platforms: the need for enhanced privacy and usability in wallet management. This technical document introduces a proposal for deterministic subwallets, aiming to streamline the creation and management of multiple wallets from a single seed, thereby improving both privacy and user experience.


Users of digital assets often require multiple wallets to manage their assets for various purposes. Each new wallet necessitates separate backup procedures, complicating the management process. The proposed standard, documented as TEP-0, addresses this challenge by enabling the creation of multiple, privacy-preserving subaccounts or subwallets from a single mnemonic seed, making them indistinguishable from randomly generated wallets.


The primary motivation behind this proposal is to simplify the user experience in managing multiple wallets and enhance privacy. By allowing users to generate numerous independent wallets as subaccounts from a single mnemonic, the need for repeated backups with each new wallet creation is eliminated. This approach significantly improves usability and ensures privacy, as the public keys of these subwallets cannot be linked to a single owner without access to the private keys.

Technical Specification

The process of generating subwallet keys involves several steps, detailed below, and adheres to specific standards and practices to ensure security and functionality:

  1. Initial Mnemonic Conversion: The user’s mnemonic is converted into entropy using HMAC-SHA512.
  2. Subwallet Generation: This entropy is then combined with a subwallet identifier using HMAC-SHA512, resulting in a seed_level0.
  3. Final Seed Derivation: The seed_level0 undergoes PBKDF2-SHA512 hashing with the salt “TON default seed” and 10,000 iterations, with the first 32 bytes of the result serving as the wallet’s private key.

These steps ensure that each subwallet is securely derived from the initial mnemonic, providing a privacy-preserving mechanism for managing multiple wallets.

Implementation Guidelines

Wallet applications implementing this standard must adhere to specific guidelines to ensure consistency and security:

  • Subwallet Identifiers: Applications must use a decimal representation of consecutive numbers starting with 0 for subwallet identifiers, with provisions for user-defined or randomly generated identifiers for additional privacy.
  • Asset Display: Applications should display assets separately for each subwallet, with an optional aggregate view for the user’s convenience.
  • Subwallet Creation: A recommended function, subwalletMnemonicToSeed, should be defined in relevant libraries to streamline the creation process.

Comparative Analysis

Feature Deterministic Subwallets Traditional Multi-Wallet Management
Backup Process Single mnemonic backup for all subwallets Separate backup required for each wallet
Privacy Enhanced, as subwallets are indistinguishable from random wallets Limited, as each wallet is independently generated
Usability Simplified management with a single seed Complex management with multiple seeds
Security High, with HMAC-SHA512 and PBKDF2-SHA512 for key derivation Varies, depending on the implementation


The deterministic subwallet standard proposed in TEP-0 offers a significant improvement in privacy and usability for TON users managing multiple wallets. By streamlining the wallet creation process from a single mnemonic seed, users benefit from enhanced security, simplified backup procedures, and improved privacy, making it a valuable addition to the TON ecosystem’s tools for asset management.

1 Like