Introduction
The TON blockchain, known for its scalability and speed, faces a challenge common to many digital asset platforms: the need for enhanced privacy and usability in wallet management. This technical document introduces a proposal for deterministic subwallets, aiming to streamline the creation and management of multiple wallets from a single seed, thereby improving both privacy and user experience.
Background
Users of digital assets often require multiple wallets to manage their assets for various purposes. Each new wallet necessitates separate backup procedures, complicating the management process. The proposed standard, documented as TEP-0, addresses this challenge by enabling the creation of multiple, privacy-preserving subaccounts or subwallets from a single mnemonic seed, making them indistinguishable from randomly generated wallets.
Motivation
The primary motivation behind this proposal is to simplify the user experience in managing multiple wallets and enhance privacy. By allowing users to generate numerous independent wallets as subaccounts from a single mnemonic, the need for repeated backups with each new wallet creation is eliminated. This approach significantly improves usability and ensures privacy, as the public keys of these subwallets cannot be linked to a single owner without access to the private keys.
Technical Specification
The process of generating subwallet keys involves several steps, detailed below, and adheres to specific standards and practices to ensure security and functionality:
- Initial Mnemonic Conversion: The user’s mnemonic is converted into entropy using HMAC-SHA512.
- Subwallet Generation: This entropy is then combined with a subwallet identifier using HMAC-SHA512, resulting in a
seed_level0. - Final Seed Derivation: The
seed_level0undergoes PBKDF2-SHA512 hashing with the salt “TON default seed” and 10,000 iterations, with the first 32 bytes of the result serving as the wallet’s private key.
These steps ensure that each subwallet is securely derived from the initial mnemonic, providing a privacy-preserving mechanism for managing multiple wallets.
Implementation Guidelines
Wallet applications implementing this standard must adhere to specific guidelines to ensure consistency and security:
- Subwallet Identifiers: Applications must use a decimal representation of consecutive numbers starting with 0 for subwallet identifiers, with provisions for user-defined or randomly generated identifiers for additional privacy.
- Asset Display: Applications should display assets separately for each subwallet, with an optional aggregate view for the user’s convenience.
- Subwallet Creation: A recommended function,
subwalletMnemonicToSeed, should be defined in relevant libraries to streamline the creation process.
Comparative Analysis
| Feature | Deterministic Subwallets | Traditional Multi-Wallet Management |
|---|---|---|
| Backup Process | Single mnemonic backup for all subwallets | Separate backup required for each wallet |
| Privacy | Enhanced, as subwallets are indistinguishable from random wallets | Limited, as each wallet is independently generated |
| Usability | Simplified management with a single seed | Complex management with multiple seeds |
| Security | High, with HMAC-SHA512 and PBKDF2-SHA512 for key derivation | Varies, depending on the implementation |
Conclusion
The deterministic subwallet standard proposed in TEP-0 offers a significant improvement in privacy and usability for TON users managing multiple wallets. By streamlining the wallet creation process from a single mnemonic seed, users benefit from enhanced security, simplified backup procedures, and improved privacy, making it a valuable addition to the TON ecosystem’s tools for asset management.