BIP32 is an important Bitcoin improvement Proposal that gave us Hierarchical Deterministic Wallets, a standards-based mechanism that crypto wallets use to derive public and private keys from a binary master seed.


BIP39 is an important Bitcoin improvement Proposal that builds on BIP32 by providing standards for the creation of a recovery phrase and optional passphrase from a binary seed. BIP39 is a central support for backing up crypto wallets.


BIP44 is a Bitcoin improvement Proposal that built on BIP32 by extending standards for multi-coin wallet management.


Bitcoin is the original and still the most-significant cryptocurrency, a peer-to-peer form of digital currency that has revolutionalized finance by enabling decentralized, transparent, international currency transactions. See also Bitcoin Core.

Bitcoin Address

A Bitcoin Address is a string of alphanumeric and hexadecimal characters that uniquely identify a location on the Bitcoin blockchain network where cryptocurrency is stored. An example of what a Bitcoin address looks like is bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh.

Three major types of Bitcoin addresses have evolved:

(You can learn more details about address types at this Trezor blog post.)

Bitcoin addresses show where cryptocurrency is when it is spent (an input), or where it should be moved to (an output). When you see businesses publish a QR code where they accept Bitcoin payments, that QR code is a shortcut to their “Receive” Bitcoin address. Similarly, you might choose to send Bitcoin from one address associated with your hot wallet on a crypto Exchange to a different address that is associated with a hardware wallet that you control. When you send Bitcoin, you can set the destination/receive address to either the long address string, or scan a QR code. Be very careful to be correct when you identify destination addresses!

When a cryptocurrency transaction does not spend the entire amount of crypto stored at the input address, your crypto wallet may move the unspent funds (the UTXO) to a new Bitcoin address called a “change address.” Moving “change” to a change address is done in order to increase user privacy.

You can use blockchain explorer tools to look at cryptocurrency that is stored in any Bitcoin address. Two such tools are and

Bitcoin Core

Bitcoin Core is an open-source reference implementation of Bitcoin client software. It is a descendent of the original Bitcoin client software released by Satoshi Nakamoto, and includes both a wallet and “full-node” software for performing Bitcoin blockchain validation.

Bitcoin Improvement Proposal (BIP)

A Bitcoin Improvement Proposal (BIP) is a design proposal intended to improve Bitcoin by adding to or modifying its standards, processes, or documentation. BIPs are evaluated by the Bitcoin community in an ongoing fashion and may be accepted, rejected, or may remain in a state of review indefinitely.

Advanced: Details of all BIPs can be viewed in the GitHub repository

Bitcoin Script

Bitcoin Script (often called simply “Script”) is a scripting language that enables the processing of transactions on the Bitcoin blockchain. It is designed for implementing spending conditions, and consists of various combinations of signatures, hash locks, and time locks. Functionally, Script takes the form of a list of simple instructions recorded with each transaction that describes rules for how the next person wanting to spend the Bitcoins can do so. Cryptocurrency wallets interact with the Bitcoin blockchain through the use of Bitcoin Script, and advanced users can write their own Bitcoin Script. There is also a streamlined implementation of Script known as Miniscript.

Cold Storage

“Cold Storage” is a means of securely storing your cryptocurrency wallet on a device that is not connected to the Internet.

Cold storage devices may be limited in form, like single-purpose Ledger Nano USB-based hardware wallets, or they may be software wallets installed on a standalone computer or dedicated smartphone – as long as they remain offline. Cold storage imposes some added overhead to process crypto transactions, making it less-convenient than online (“hot”) storage. Most experts recommend storing non-trivial amounts of cryptocurrency in a cold-storage wallet, and if desired for convenience, keeping limited amounts that are actively used for trading or small purchases in an internet-connected “hot wallet.”

The most-secure cold wallets protect private keys in such a way that neither the seed phrase nor the keys are ever placed onto any device that has ever been connected to the Internet. To accomplish that, cryptocurrency transactions must be digitally conveyed to a cold wallet in an unsigned state, then approval and signing stages are performed in the cold wallet, and then the signed transaction is transferred back to a device that is internet-connected, delivering the now-signed transaction to the blockchain.

Cold storage is often part of a broader set of crypto storage strategies that may include sharding (like using a mechanism based on Shamir Secret Sharing Scheme to split and distribute private keys), damage-proof materials (like steel plates or disaster-proof safes for backing up seed phrases), distributed transaction approval mechanisms (like multi-signature), and/or multiple storage locations, depending on the relevant threats for the situation.

Cryptographic Signature

A cryptographic signature is a unique digital “fingerprint” attached to a cryptocurrency transaction that proves that it is the only account authorized to make a transaction. To produce authorized transactions, cryptocurrency wallets “sign” them, proving ownership of your private key without exposing the key itself. In this way, your private key is the stamp used by wallet software to add a cryptographic signature to your cryptocurrency transactions. Because of the nature of the assymetric encryption used in cryptocurrency, the public key half of that private-public keypair, which is freely shareable, is used to verify the authenticity of the private key signature.


A dApp, or Decentralized Application, is a powerful and flexible type of software application that is executed on a distributed blockchain network. DApps often leverage multiple Smart Contracts to perform complex functions, but unlike Smart Contracts, they can accept real-time data during their execution from predefined, trusted sources known as Oracle services. Because Oracle Services can feed dApps real-time data such as financial indicators or market prices, dApps can perform a much wider and richer set of actions than a single Smart Contract could. DApp use is not limited to cryptocurrencies; they are used in a wide assortment of implementations and industries.

One of the primary benefits of a dApp is its ability to offer immediate and transparent execution of subtasks that in traditional contexts would be performed by one or more intermediaries – each of which could have added time, cost, and potentially more risk to the execution. DApps are expected to play a large role in the future of De-Fi, or Decentralized Finance.

Decentralized Finance (“DeFi”)

Decentralized Finance (DeFi) is a loosely-defined set of cryptocurrency-related technologies that changes how financial transactions are performed by allowing purchases, trades, and investments to be processed by distributed, smaller participants like individual consumers. DeFi sidesteps traditional financial transactional dependencies on large, centralized institutions and financial intermediaries.

Elliptic Curve Digital Signature Algorithm (ECDSA)

The Elliptic Curve Digital Signature Algorithm (ECDSA) is a popular algorithm of digital cryptographic signatures and has been used for many years in cryptocurrency. Schnorr signatures, which are slightly smaller and more flexible for use in complex smart contracts, have been proposed as a replacement for ECDSA signatures.


Encryption is a collection of information-hiding methods that make information unreadable to all but the intended recipient. Encryption locks information with a secret key that only the information creator (and sometimes the recipient) controls.

Cryptocurrency and digital assets are protected by a type of encryption known as “asymmetric.” Asymmetric encryption uses mathematically-related pairs of keys – one private and one public – to encrypt and decrypt data. Asymmetric encryption is widely used because it does not require a private way to send someone a decryption key. (Before asymmetric encryption was invented, it was risky to find a safe, secret way to deliver a symmetric decryption key.)

As computer processors become more powerful, encryption standards that are considered very strong today eventually will become crackable in relatively short periods of time, and thus ineffective.

Encryption is different from hashing.

Encryption Keys

Encryption keys are long, mathematically-derived alphanumeric strings used to lock and unlock encrypted data.

Cryptocurrency uses a type of encryption called asymmetric encryption, which requires the use of both a private key and a public key.

Public keys are used to derive payment addresses, and to verify that a private key signature is valid. Your public key can be shared., and your cryptocurrency wallet can tell you what your public key is.

Private keys are used to sign transactions. Private keys should never be shared! Cryptocurrency wallets keep private encryption keys secret. If the device on which you keep your crypto wallet is not highly secure (say, a “hot wallet” on a high-usage laptop that is connected to the Internet), a hacker might be able to steal your private keys, and then steal your cryptocurrency.

If you keep your encryption keys secret in your crypto wallet, but you somehow lose access to your wallet and to your backup seed phrase, there is no way to restore your private encryption keys, and therefore no ability to recover your cryptocurrency. It is a great responsibility to keep your private encryption keys accessible but secret. This is why it is so important to back up your seed phrase – it allows you to rebuild a new wallet with your original encryption keys, and to regain access to your wallet funds. 


Ethereum is a wildly-popular blockchain that has somewhat different characteristics than Bitcoin. While Ethereum has a digital currency called “ETH,” Ethereum is even more well-known for its support for highly-customizable Smart Contracts. Smart contracts have made Ethereum a digital marketplace with nearly unlimited ability to leverage and integrate financial transactions, games, and a plethora of other digital services. These applications are known as Ethereum dApps.

Ethereum Request for Comment (ERC)

ERC is an acronym for Ethereum Request for Comment. ERCs are a subtype of Ethereum Improvement Protocols (EIPs), which are used by Ethereum contributors to collaboratively evaluate proposals to improve or add feature functionality to Ethereum. Each ERC describes the mechanics for new application-related functionality on the Ethereum network, such as contract standards, new token types, and wallet formats. You can find ERCs here:

ERC-20 token

ERC-20 is an Ethereum-based token definition that allows ERC-20 tokens to be interoperable with other products and services via an Ethereum smart contract interface. The most well-known characteristic of the ERC-20 token is that all ERC-20 tokens associated with a Smart Contract are interchangeable (fungible), similar to the way that all money of a given denomination is interchangeable. However, even though ERC-20 tokens are interchangeable within their defined type, the value of different ERC-20 token types will vary: not all ERC-20 token types even have value. It is largely due to the fungibility of ERC-20 tokens that they are the most common type of token used in Smart Contracts related to cryptocurrencies.

ERC-20 tokens have a small set of standard functions that indicate who owns them (by Blockchain address), the total count of tokens, and methods by which tokens may be transferred between parties. Developers may optionally add custom functions to the standard ones.

ERC is an acronym for Ethereum Request for Comment, and each ERC describes the mechanics for new application functionality on the Ethereum network. The ERC-20 standard may be found here:

ERC-721 token

ERC-721 is an Ethereum-based token definition that describes a token as an Ethereum smart contract interface. The most well-known characteristic of the ERC-721 token is that it represents a non-fungible token (NFT) – in other words, it is a unique and non-interchangeable good (for example, digital art, an insurance policy, or a lottery ticket ). ERC-721 token definitions usually include more complex behaviors and events than ERC-20 tokens. ERC is an acronym for Ethereum Request for Comment, and each ERC describes the mechanics for new application functionality on the Ethereum network. The ERC-721 standard may be found here:

Hardware Wallet

A hardware wallet is a digital asset management hardware device that specializes in acting as a host to your cryptocurrency wallet, including your private encryption keys. Hardware wallets store encryption keys in a highly-secure way, and usually offer additional wallet functionality such as the ability to generate seed phrases, and perform crypto spend transactions. Trezor and Ledger are two well-known brands of hardware wallet.

Hash & Hash Functions

A cryptographic hash function is a non-reversible, one-way mathematical operation that converts one string of data into a different one of a fixed length. Hash functions are deterministic, meaning that a given input always generates the same hash value. Because of these characteristics, hashes offer a secure way to validate the authenticity of information by comparing the hash outputs of two inputs, without having to compare the actual inputs. Since hashing is a one-way function, the hash value can not be used to learn what the original string value was.

A good hash algorithm also will be “collision-resistent,” meaning that no two different inputs should produce the same hash. The only way to figure out what original value might have been used to produce a given hash value would be to perform an enormous number of guesses with different inputs until one of the output values matches the expected hash string. This kind of “brute-force” guessing is statistically impractical.

Hash functions are used for data transformations in a wide variety of contexts, including in many standards-based cryptocurrency-related operations. For example, the BIP39 standard that is fundamental to many cryptocurrency wallets relies on the SHA256 hash algorithm as part of the calculations to generate keys from a seed phrase, as does BIP32. Bitcoin relies on several different hash functions for different purposes, including SHA256, double SHA256 hash, hash160, and RIPEMD-160.

As an example of an input that has been hashed with the SHA-256 algorithm, the input string “MySecretSeedPhrase” after hashing looks like “95239929A3462F429A4F5013B120F28E67B872F0565EF556A9E9DA003BC010B4,” and this hash value is unique to only this input text.

Hierarchical Deterministic Wallet

A Hierarchical Deterministic Wallet is a type of hot or cold wallet that follows the BIP32 standard to organize and manage your seed phrase, encryption keys, and wallet addresses in a predictable and convenient way that allows you to rely on one master seed phrase that can be used to reconstruct your wallet if and when needed.

Hot and Cold Wallets

A cryptocurrency wallet can be used to buy and sell cryptocurrency, and it holds digital assets in sort of the same way as a physical wallet holds traditional printed cash.

Crypto wallet users may choose to rely on a custodial crypto wallet, where a third party retains control of the cryptocurrency, or a non-custodial wallet, where users own and control their own cryptocurrency. There are significant risks in trusting a third party to hold your cryptocurrency for you in a custodial wallet – in fact, trusting a custodian to control your cryptocurrency wallet keys for you negates a significant element of the fiat currency risk-mitigation value that cryptocurrency offers.

The term hot wallet refers to a cryptocurrency wallet that is stored online, connected to the Internet, whether that wallet is stored on an exchange or on your own device. A cold wallet stores cryptocurrency keys offline. There are advantages and disadvantages to both types. Cold storage is generally more secure, but factors like the possibility of hardware vulnerabilities and user error lead to potential security issues even for cold wallets. It is important to follow security best practices when configuring and using all wallet types, and to choose products and services that offer secure encryption and limited surface area for attack.

Examples of hot wallets are downloadable applications, exchanges, and any software service that is connected to the internet. Cold wallets are exclusively stored offline, and can be in the form of USB drives (e.g., Ledger Nano, Trezor), or a seed phrase storage solution like CryptoSteel.

-Hot Wallet

-Cold Wallet

Lightning Network

The Lightning Network is a “layer 2” extension to the Bitcoin network intended to enable fast and extremely cheap transactions among participants. Effectively it is a peer-2-peer payment protocol designed to be layered on top of a Bitcoin blockchain and work securely “off-chain,” without delegating custody of funds. While Bitcoin is focused on extreme security and finality of transactions, which limits its speed and imposes significant transaction costs, Lightning network improves the scalability challenges of blockchains, allowing transactions to be completed instantaneously, and lowering transaction costs to sometimes just a fraction of penny.

Merkel Tree (aka Hash Tree)

A Merkel tree allows efficient validation of large, related data sets by associating each tree node with hash values calculated from its children nodes. Merkel trees were patented in 1979 by Ralph Merkel, and later, Satoshi Nakamoto incorporated Merkel trees into the initial Bitcoin design.


Miniscript is a compiled, structured language used for writing a streamlined subset of Bitcoin Script. It supports efficient analysis, spending policy composition, generic signing, and more. Miniscript visually condenses Bitcoin Script for more human-readability and elegant handling of different Bitcoin address types – in particular, Partially-Signed Bitcoin Transactions (PSBTs).

(MPC) Multi Party Computation

Multi-Party Computation (MPC) technology is a category of cryptography technologies used to produce and store distributed key shares, which are then used by multiple parties to jointly generate partial signatures. Multi-Party Computation uses Distributed Key Generation and other mechanisms to avoid the need to assemble an entire secret in one place. When a sufficient number of partial signatures have been collected, a single signature is generated from them, and the transaction can be validated and approved. Although the entire private key is not stored in any one place, the distributed spending approvals can be recorded off-chain and made auditable. MPC has been under development in various forms since the 1980s.

Multi-Signature (aka Multisig)

“MultiSig” is a type of crypto transaction that requires multiple signatures to approve spending. Imagine a safe deposit box where multiple keys are required for entry. Wallets that support multisig transactions include Electrum and Armory.

The term multisig can be used broadly to refer to an array of current and future implementations that allow cryptocurrency to be spent only when multiple participants have indicated their approval of the transaction.
Multi-sig decentralizes the private key signing architecture by requiring a certain number of keyholders to authorize a transaction by signing it, thereby making the signing process less vulnerable to attack compared to a case where there is just one key and one signer.

National Institute of Standards and Technology (NIST)

The National Institute of Standards and Technology (NIST) is a United States government organization that sets recommended U.S. standards for many forms of technology. In computer software generally, and for cryptocurrency specifically, NIST is relevant as a source of guidance on encryption standards. Encryption guidance is offered as part of NIST’s Federal Information Processing Standards (FIPS). NIST updates their guidance on encryption over time to reflect changes in computer capabilities.

(There is no single global standard or law regulating encryption technologies, although the International Organization for Standardization (ISO) also sets standards for many technologies including encryption.)

Non-Fungible Token (NFT)

A Non-Fungible token is a digital asset that is associated with a unique and non-interchangeable good (for example, digital art, an insurance policy, or a lottery ticket). 

Output Descriptors

Output descriptors are strings that contain all the information necessary to allow a wallet or other program to track payments made to or spent from a particular script or set of related scripts (i.e., a Bitcoin blockchain address. or a set of related addresses such as in a hierarchical deterministic wallet).

Output descriptors combine well with miniscript in allowing a wallet to handle tracking and signing for a large variety of scripts. They also combine well with Partially Signed Bitcoin Transactions (PSBTs) in allowing the wallet to determine which keys it controls in a multisig script.

Partially Signed Bitcoin Transaction (PSBT)

A Partially Signed Bitcoin Transaction (PSBT) is a data format that allows wallets and other tools to exchange information about a Bitcoin transaction and to combine multiple signatures that may be required. Among other advantages, this allows clients to sign transactions while offline if desired. The PSBT format is defined in Bitcoin Improvement Protocol BIP-0174. It is mostly popular for Bitcoin Multisignature solutions.

Passphrase (for Seed)

The BIP39 passphrase, sometimes referred to as an “extra word” (although it does not need to take the form of a single word) can be used as an additive authentication feature beyond the standard 12-24-word seed phrase. Some wallets call this passphrase a mnemonic seed extension, or 13th/25th word. If used, the passphrase should be securely backed up and stored, because like your seed phrase, if you forget or lose it, you will lose access to your cryptocurrency. Many crypto wallets offer this as an advanced feature, since it does make your backup task a little more complicated. In order to provide an additive security layer, the passphrase would need to be stored separately from the seed phrase itself. Like any password, if it is set, the seed extension passphrase should be complex in order to provide significant additive security.

WARNING: Losing your passphrase would have the same effect as losing your seed, resulting in losing access to your crypto!

Private Key

Cryptocurrencies are built on a public-key cryptographic system that uses pairs of keys. Public and private keys are derived from the master seed phrase. Creating a crypto wallet begins with the generation of a random seed that is used to calculate your private key.

Once generated and backed up, the private key is used by your crypto wallet to digitally sign crypto spending transactions that you authorize. Using crypto wallets to keep your private encryption keys secure is important because wallets avoid the need for a 3rd party (like an exchange) to have access to your private keys. Cryptocurrency wallets not only keep private encryption keys secret, but can also tell you what your publicly-shareable public key is. However, if the device on which you keep your crypto wallet is not secure (say, a “hot wallet” on a laptop that is connected to the Internet), a hacker might be able to steal your private keys, and then steal your cryptocurrency.

“The private key must remain secret at all times, because revealing it to third parties is equivalent to giving them control over the bitcoins secured by that key. The private key must also be backed up and protected from accidental loss, because if it’s lost it cannot be recovered and the funds secured by it are forever lost, too.”

– Andreas M. Antonopoulos, “Mastering Bitcoin: Unlocking Digital Cryptocurrencies”

Random Number Generation (RNG)

Random number generation is the act of producing unpredictable numbers. If two people roll a 6-sided dice at the same time, the chance of them rolling the same number is 1/36. Now imagine if each dice was number 1 through a billion. The chances of rolling the same becomes extremely small. This concept represents collision resistance.

Why is this important to cryptography? When generating a seed phrase, it is very important that no two users end up generating the same phrase, since that would yield the same private key. Even though there is nothing that would technically prevent a “collision” of seed phrases … nothing could stop Alice and Bob from choosing the same seed phrase … the chances of their choosing exactly the same seed phrase when they rely on random number generators to produce them is infinitesimally small. This is why random number generators are so important to cryptocurrency. A true RNG (random number generator) has a source of highentropy, which, when generating long strings of digits, becomes unpredictable, and hence, very unlikely to produce the same pattern twice. When generating a truly random master seed, there will be zero, or near-0 collisions, especially with longer seed phrases (24 words).

Schnorr Signatures

Schnorr Signatures encompass multiple, additive digital signatures (multiple public keys representing multiple participants can be combined into one key). They are a proposed alternative to and replacement for ECDSA (Elliptical Curve Digital Signature Algorithm). Schnorr Signatures have been academically proven to be secure, and offer more privacy than standard multisig by appearing to blockchain explorers as if it is a standard, single-key transaction. Schnorr Signatures perform signature aggregation, and (along with TapScript) will enable the long-awaited implementation of TapRoot. Schnorr Signatures are described in BIP #340.

Seed Phrase/BIP39

The BIP39 seed phrase is used to generate or re-generate the master private keypair for a crypto wallet. A seed phrase, mnemonic phrase, and recovery phrase are different terms for the same thing. (These terms are not to be confused with a BIP39 passphrase, which is like an “extra” password.) Seed phrases can be between 12 and 24 words long. More words provide more security through having more possible permutations – longer phrases contain more bits of entropy.

A seed phrase serves as your recovery tool to regain access to your wallet in the event of a lost or malfunctioning wallet. It can also be helpful when changing wallet devices, or if a wallet company goes out of business. The seed phrase can be used to reconstruct access to all your crypto in a wallet.

It is best to generate seed phrases and conduct conversion offline (see cold storage) — this is to prevent information interception, where an adversary could gain access to the seed phrase while or after it is generated.

Segregated Witness (aka SegWit)

SegWit crypto transactions allow smaller-sized (and thus, cheaper to process) transactions by splitting a transaction into two pieces, and processing the digital signature and the record of sender and receiver separately. The SegWit proposal is described in BIP141. SegWit was a relatively major change to the Bitcoin network that was incorporated with significant controversy.

Shamir’s Secret Sharing / Key Split

Shamir’s Secret Sharing is a form of multi-party computation. Specifically, it is a private key-splitting technique in which a digital signature is split into several pieces (shares) and individually shared with multiple parties. The Shamir’s Secret Sharing cryptographic algorithm was created by Adi Shamir of Rivest–Shamir–Adleman (RSA) algorithm fame. With SSS, “k out of n” shares can be used together to reconstruct the secret.


Sharding is a strategy of dividing information up into smaller pieces, or shards. It is a general term that is used in a few different ways related to cryptocurrency.

A seed phrase or private key could be sharded as part of an information-hiding strategy to prevent anyone from gaining access to a phrase or key in its entirety. Dividing a digital string of characters into parts, and storing each independently is an example of sharding. In order for a sharding design to increase security, each shard needs to be well-protected, and the ability to re-assemble the shards must be resilient. A resilient sharding design allows re-assembly of the whole event in the event that any single shard is lost.

Beyond its usefulness in securing information confidentiality, sharding is sometimes used for purposes of scalability. For example, sharding can be used as a means of distributing transaction data over many nodes in a blockchain network in order to allow for massively-parallel processing.

Signature Aggregation

Signature Aggregation is a protocol that allows aggregating digital signatures for multiple parties into one single digital signature. Aggregate signatures can be constructed with MultiParty Computation.

Smart Contract

A Smart Contract is a type of software program that is deployed to and may be executed on a public blockchain network. The simplest example is Multisig and timelocks in Bitcoin network. Ethereum network is known for more advanced smart-contract capabilities.

Smart Contracts are not limited to use by cryptocurrencies – they are used in a wide assortment of contexts. They can be used to execute business processes in a predictable, automated fashion. The code of a Smart Contract is immutable (unchangeable) once deployed, and when executed, it produces a deterministic (pre-determined) result. A Smart Contract can only use predictable information that is already available on the blockchain – it can not consume or use dynamic, realtime data in its processing.

Spending Policy

A Spending Policy is part of a locking script that defines the criteria to be satisfied in order to validate a spend transaction for a given cryptocurrency block address. Spending Policies may introduce time-based or budget-based limitations, or prescribe specific criteria for who may or must authorize a spend transaction.

TapRoot and TapScript

Taproot is a pending (2021) improvement to Bitcoin code that will increase the privacy of transactions by making all scripts and public-key transactions, even complex ones with multiple signatories, appear to be a simple, single-key transaction. Taproot is described in BIP341, and Tapscript is described in BIP342. The current status of Taproot implementation can be tracked at

Threshold Signature Schemes (TSS)

Threshold signature schemes are types of multi-party computation (MPC) that support the combination of partial signatures to produce a complete threshold signature that satisfies “k of n” approval threshold rules, and even more-complex spending policy rules.

A well-known form of threshold signature schemes is Multisig transactions, which achieve a prescribed level of approvers in order for a spend transaction to be approved.

Two-Factor Authentication (2FA), Multi-factor authentication

Two-factor authentication (2FA) is a mechanism that performs two types of identity verification before allowing access to a computer system or application (for example, to a cryptocurrency wallet). All high-security computer systems should offer 2FA or multi-factor authentication as an option for users to identify themselves.

A “factor” is a category of evidence, for example, “something that you know” (like a PIN code, or the answer to a secret question) or “something that you have” (like a smartphone or other device that generates a Time-based One-time password (TOTP), or “something that you are” (represented by biometrics like a fingerprint, or Face ID).

An example of a popular application that can generate single-use codes to prove identification of a user/device is Authy.

Unspent Transaction Output (UTXO)

An Unspent Transaction Output (UTXO) is the term used to describe the amount of unspent cryptocurrency at a given Bitcoin blockchain address. In other words, UTXOs account for how much unspent crypto remains after a transaction is performed.

Bitcoin uses the UTXO model of accounting. In contrast, Ethereum uses a different account-based model.


A cryptocurrency wallet is software that allows its users to perform functions with cryptocurrency such as spending, purchasing, and swapping one type for another. Wallets take many different forms. For more details, see the Vault12 article about cryptocurrency wallets.

Wallet Address

Your wallet address is the way for you to receive crypto, and is specific to the type of cryptocurrency you wish to receive (each cryptocurrency type has a different format for its public addresses).

Crypto wallet addresses are determined by public encryption keys, which are part of a private-public keypair that work together to authorize and manage crypto transactions. It is impossible to reverse-engineer the private key from which the public key was generated, which is one of the ingenious characteristics that make key-pair cryptography secure.

Crypto wallets can produce as many public addresses/wallets as you want.

Example BTC wallet (public) address: 1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm

Zero-Knowledge Proof (ZKP)

A zero-knowledge proof is a methodology in which one person can indicate, or prove, that they know a secret, but without revealing the secret’s value. In this way, a group of keyholders can independently indicate approval of a crypto transaction without having access to enough information to independently approve it, and even without knowing who else may also be approving it.