A Deep Dive into HD Wallets

The Backbone of Modern Crypto Key Management

In my last article, we peeled back the layers of what makes a crypto wallet tick—covering everything from key management and seed phrases to transaction signing. Today, we’re zooming in on one of the most important innovations in wallet design: the HD Wallet.

Hierarchical Deterministic (HD) wallets are the foundation upon which secure, scalable, and user-friendly crypto wallets are built. Whether you’re using MetaMask, Ledger, or a mobile wallet like Trust or Exodus, chances are it’s built on HD principles.

Let’s unpack what that means.

1. The Problem Before HD Wallets

In the early days of Bitcoin, wallets would generate a new private key for every address. These keys were stored locally without a backup mechanism. If you lost your wallet.dat file, your funds were gone forever.

There was no easy way to derive new addresses from a single root. No structure. No backup. No scalability.

This was not ideal for users—or for developers.

2. The HD Wallet Breakthrough

Introduced in BIP32, HD wallets introduced the idea of a single seed phrase (usually 12 or 24 words) from which an entire tree of private keys could be deterministically generated.

With this one innovation, several things became possible:

• One backup to rule them all – Your seed phrase becomes your master key.

• Infinite keys from one source – Useful for privacy and multi-account setups.

• Structured derivation paths – Organize keys in predictable ways (accounts, chains, addresses).

3. The Magic Behind the Scenes: Master Keys & Derivation Paths

At the heart of an HD wallet lies a seed, from which a master private key and a master chain code are derived using HMAC-SHA512. The master private key is used to generate child private keys, while the master chain code is an entropy value used during derivation to add randomness and ensure security. The chain code does not directly participate in signing transactions, but it ensures the derivation process is unique and secure.

New keys are generated using standardized derivation paths:

m / purpose' / coin_type' / account' / change / address_index

Breakdown:

• m – Master node (root of the tree).

• purpose' – Typically 44', defined by BIP44.

• coin_type' – Defines which blockchain (e.g., 0' for Bitcoin, 60' for Ethereum).

• account' – Enables support for multiple accounts.

• change – 0 for receiving addresses, 1 for change addresses.

• address_index – A counter that generates a unique address each time.

This structure allows hierarchical and deterministic generation of keys.

Hardened vs Non-Hardened Derivation

A key concept in HD wallets is the distinction between hardened and non-hardened derivation:

• Hardened derivation requires the parent private key and chain code to derive child keys. It prevents public key leakage, meaning even if someone has your xPub, they can't compute hardened children.

• Non-hardened derivation allows child public keys to be derived from a parent public key and chain code alone (without the private key). This enables watch-only wallets and server-side address generation without exposing private keys.

Most wallets use hardened paths at higher levels (like account) for security and non-hardened paths at lower levels (like address index) for convenience.

This entire structure ensures that from a single root seed, wallets can deterministically derive an unlimited number of unique addresses in a way that is secure, scalable, and fully recoverable.

4. HD Wallet Tree Structure and xPriv/xPub Explained

An HD wallet organizes your keys in a tree-like hierarchy. At the root is the master key, from which all other keys are deterministically derived.

Seed Phrase (BIP39)
└── Master Private Key (m)
    ├── xPriv (Extended Private Key)
    │   └── xPub (Extended Public Key)
    └── m/44'/0'/0' (Account 0 - hardened)
        ├── m/44'/0'/0'/0 (External Chain)
        │   ├── m/44'/0'/0'/0/0
        │   └── m/44'/0'/0'/0/1
        └── m/44'/0'/0'/1 (Internal Chain - Change)
            ├── m/44'/0'/0'/1/0
            └── m/44'/0'/0'/1/1

xPriv (Extended Private Key)

• Contains the private key + chain code

• Can derive both child private keys and xPubs

xPub (Extended Public Key)

• Contains the public key + chain code

• Can only derive non-hardened child public keys

• Used in watch-only wallets

🔐 Hardened keys cannot be derived from an xPub—only from an xPriv.

5. Which Key Signs a UTXO?

When spending a UTXO, the transaction must be signed by the private key corresponding to the exact address that received the UTXO.

That means:

• Not the master key

• Not the account-level key

• ✅ The leaf child private key at the precise derivation path (e.g., m/44'/0'/0'/0/5)

This is a key security feature: only the private key tied to a specific UTXO-bearing address can authorize the spend.

6. Real-World Derivation Example

Let’s walk through a concrete example of how HD wallets work using a 12-word mnemonic phrase.

🔑 Mnemonic Phrase

hobby maximum peanut crop column ticket obscure moon armed wreck piece swing

This phrase is converted into a binary seed using the BIP39 standard. From this seed, the master key pair and master chain code are derived.

🔐 Master Key (m)

This is the root of the HD wallet tree. It is not used to send or receive funds directly but serves as the source from which all child keys are deterministically generated.

Account Path: m/44'/0'/0'

This path follows BIP44:

• 44' → Purpose (BIP44-compliant structure)

• 0' → Coin type (0 for Bitcoin)

• 0' → Account 0 (could be personal wallet)

This account can now branch into two chains:

• External chain (/0) → for receiving payments

• Internal chain (/1) → for change addresses

---

First 3 Receiving Addresses

Below are the first three public addresses and their corresponding private keys derived from the external chain:

Address 1 — m/44'/0'/0'/0/0

• Private Key: L1aW4aubDFB7yfras2S1mN3bqg9K6YkNNy7D1EZXGPhCAYPcHZzB

• Public Address: 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa

Address 2 — m/44'/0'/0'/0/1

• Private Key: KxZudJw3y2zSx3o7vCDuyooTwh9FQHhM7L2eyLWmeRyvLms6spL1

• Public Address: 1BoatSLRHtKNngkdXEeobR76b53LETtpyT

Address 3 — m/44'/0'/0'/0/2

• Private Key: L3Hq7KUnBeuCxrgW5zF7BShZfJFrZXFtMvoZB9BdSExsRyD4VRo3

• Public Address: 1Cdid9KFAaatwczBwBttQcwXYCpvK8h7FK

Each of these addresses is completely independent, yet they all originate from the same seed phrase. This enables:

• Unified backup using the mnemonic

• Unlimited address generation

• Enhanced privacy through address rotation

✅ Only the private key corresponding to a specific address can sign transactions for UTXOs sent to that address. The master key or other child keys cannot substitute.

This example demonstrates how a single seed gives rise to a structured, scalable system of accounts and addresses—without needing to remember or back up each one individually.

7. Explore It Yourself: Interactive Widget

To explore HD wallet derivations interactively, here are two options:

Use Ian Coleman’s BIP39 Playground

Most comprehensive tool (but run it offline for safety): https://iancoleman.io/bip39

Embed Your Own Widget

You can embed a hosted tool (e.g. GitHub Pages, Replit):

<iframe src="https://yourdomain.com/hd-wallet-explorer" width="100%" height="600" frameborder="0"></iframe>