While researching bitcoin wallets, I kept coming across the letters “HD”, which I at first thought might be the initials of the inventor. But no, they stand for “hierarchical deterministic”, and represent a pretty cool innovation that has made wallets even more practical. So, let’s try and put those two words with lots of syllables into plain language.
Old-style bitcoin wallets generate addresses and keys randomly. Random generation is obviously much more secure than user generation (given that users can be quite lazy or uncreative: “password” is still the most popular password). And new addresses are automatically generated when needed, which is convenient. But it also presents complications.
Wallets that transact frequently will have many associated addresses, since for privacy reasons some users prefer each bitcoin they purchase, or receive in exchange for a service, to have a separate address. Also, each transaction generates a “change address”: if I have three bitcoins at one address and want to spend two, I can’t just spend part of that address’ bitcoins, I have to spend the whole lot. So, I send all three and one automatically gets returned as change, to a new, automatically-generated address. Frequent transactors generate a lot of change addresses.
However, keeping up to date with the backups of a steadily increasing array of addresses is complicated. Backups are important, since if you lose your keys (your computer dies, your pendrive goes missing, whatever) you lose your bitcoins. Frequent generation of random addresses will require equally frequent backups, which can become a hassle.
What if there were a way to generate an almost infinite number of seemingly random addresses, but following some sort of pattern that could be replicated, but that at the same time was impossible to guess or hack?
Deterministic wallets (in this case “deterministic” can be taken to mean the opposite of “random”) generate addresses and keys according to a pre-set algorithm, which depends on a “seed”, or starting sequence of characters. This seed can be a sequence of words randomly assigned, and is a bit like a “master key” which can be used to generate any number of public and private key pairs.
With deterministic wallets, frequent backups are not as necessary, since your wallet addresses can be “re-created” from the seed string. Instead of spending a lot of time and computing power backing up a list of addresses, you focus on backing up the seed string. The rest can be recovered from that. You don’t need to worry about outdated backup copies.
“Hierarchical” deterministic wallets allow for the generation of keys from a “master” seed, in a cascade, an hierarchy, a stream of keys/addresses depending on one at master level. This allows for the sharing of keys below the master level – you can hand your auditor a sub-level key, even a private one (the one that allows spending of the bitcoins associated with that address), and not worry about him or her figuring out the private key for all the addresses that “belong” to the master seed. While this scenario is not free of security risks, it does open up an interesting range of possible uses within teams and even corporations.
To summarize: HD wallets are especially cool in that you can recover your addresses from a seed phrase, and you can “split” a bitcoin account into several addresses, sharing those among interested parties without compromising the others. The full repercussions of this have yet to be explored, as with most things bitcoin. And twists and evolutions will no doubt increase functionality and security in incremental steps.