How can there be multiple wallets from the same Ethereum private key? - blockchain

So I'm interested in storing some ERC-20 tokens in 100 different wallets as an experiment and would like to know what the easiest way to do this would be without having to manually store 100 different private keys. Also, I know the ledger does something similar where a single private key lets you use wallets for different blockchains, what is the science behind this?
Additionally, if I were to program a smart contract to send the tokens to the list of 100 addresses, would that help me save on gas compared to if I just send the 100 transactions from a normal wallet?
Thank you so very much.

What you need is a hierarchially deterministic address generation from a single seed. Here is a HD wallet JavaScript package for Ethereum.
There are also tools for token bulk sending that have minor transaction cost savings over doing a single naive transaction per recipient.

Related

developing custodial vs non-custodial wallets

This is a very broad and general question so I'm going to specify my intended use case and branch several questions, mainly referring to the implementation of each approach.
In short, users using my wallet are going to constantly send to each other, and perhaps receive/send from/to other wallets and networks, and I'm mentioning this in case it could provide an overview of how transactions will take place in my app.
so to start with the custodial wallets:from what i know, most custodial wallets have 1 cold wallet and 1 hot wallet and a hot wallet to every user, so when a user creates an account keys are automatically generated to that user, but my question is how are the users' keys stored: is it in a normal db or do they do it in another way, and how does this model work like how do they technically use the cold and hot wallets.
moving to non-custodial wallets,i want to know basically the same thing, how and where are the users' keys stored? and how are they accessed? and in case i go with this approach i am still able to impose tx fees on tx happening on my app?
I hope I made sense in what I said, and I hope to check your answers, If you feel like you know an answer to some part of the question but not all that okay say what you know as any contribution would be great, and if anyone is up for a discord/zoom call i would really appreciate it. Thanks in advance, and please let me know in case you need extra info to answer.
custodial wallets
how are the users' keys stored
It depends on each app implementation. A good practice is to store sensitive data (such as private keys) in a secrets management system. It's usually an encrypted database with advanced access control - allowing access to groups of data based on user group policies, generating single-use or time-sensitive tokens for accessing the data, ... The application can then request the private key from the SMS using the user's unique token.
non-custodial wallets
how and where are the users' keys stored? and how are they accessed?
Software wallets (including browser extensions) usually store private keys in a file, located in your computer, encrypted by a master key. The master key can be for example the hash of your MetaMask password and some predefined salt. When you unlock the wallet by entering the correct password, the wallet software decrypts the file containing the actual private keys, and then it's able to use the private keys.
Hardware wallets store private keys on the device, encrypted by a master key as well (e.g. your device PIN and a salt). It's a common practice that private keys never leave the device. So the UI software usually sends a request to sign a raw transaction data to the device, the device then asks the user to enter their pin, performs the signature on the actual device and returns the signed transaction back to the UI software.

Is there a way to use multisig without smart contracts on Ethereum?

I have already found many wallets that offer multisig smart contract deployment. But this way is very expensive and slow, because it requires a lot of transactions.
I think there is another way. For example, we can create many private keys, sign transactions with them, and then combine the results into one final transaction.
Is such a scheme possible? Or maybe I missed some services?
Ethereum does not support native threshold wallets. You need to use multisignature wallets like Gnosis Safe.
Gnosis Safe requires only one transaction per execution from the multisig wallet. Other communication happens off-chain. Thus your assumption "very expensive and slow, because it requires a lot of transactions." is incorrect.
Currently, Ethereum protocol only supports smart contract based multisignature wallets. They are very expensive to deploy and they do expose wallet setup: participants of multisig wallet, many of them and what is the minimum amount of confirmation to transfer funds from this wallet. On top of that, smart contract should know how to work with native coins, with different kinds of tokens and be able to handle multiple spending requests. This all adds weight to smart contract and makes it more expensive to deploy and operate.
However, there is a threshold signature system (TSS). In the nutshell it works the following way: all participants generate their own private keys, then they derive their respective public keys and share with others. The group public key is literally a sum of participants public keys. When they need to sign a transaction they calculate their individual shares of r and s values of a signature. This way they literally can just sum up their signature shares and get a group signature. This approach is called multiplicative-to-additive transformation and is a scope of multi party computation (MPC).
The advantage of it is that group does not expose their wallet participants to the world and transaction cost is the same as if that was signed by a normal private key (through a Metamask for example). On top of that, there is no difference what transaction you are signing, coin transfer, NFT token minting or deployment of smart contract.
If you want to try this in action feel free to download multichain multisig wallet: WH Cypher. It supports Bitcoin, Litecoin, Ethereum, ERC20 tokens, BSC, BEP20 tokens and more. There will be more blockchains supported soon. You can setup there any wallet scheme: 2-of-2, 2-of-3, 3-of-5 and so on. There is also test networks avalable: Bitcoin Testnet and Ethereum Ropsten.
Disclaimer: I am a developer of this wallet. Feel free to reach out to me to provide feedback or request new features.

Which blockchain is best to implement tamper proof document?

I am just starting out as a blockchain developer and I want a blockchain service except Ethereum (already implemented) to store a hash (SHA256 and ISCC hashes) of a document in a blockchain so that it can verify its validity and is tamper proof. There is already a UI to generate hashes and I need a blockchain to store the hashes
My need is:
I want to have a blockchain service with low transaction cost and high transaction speed. Also, I want that the hashes be stored in the blockchain for a long period of time (5 years). Which blockchain would be best fit for this usecase?
To answer your question, you need to understand who will be the users of your project. Accordingly, it is necessary to use the public or private blockchain further. For public blockchains, the choice is quite small - of those that will live for 5 years, these are most likely Bitcoin and Ethereum. For private blockchains, the choice is much wider: Ethereum / Quorum, Hyper Ledger Fabic, Corda and many others. Each of them has its own complexity of deployment, development and support.
But the very first question - why do you need blockchain? To store hashes of files, you can use IPFS or cloud storages, certifying them with a digital signature of a certain "notary" participant or, for example, the owner of the file. In terms of performance and low cost, these are the most efficient solutions.
I want to have a blockchain service with low transaction cost and high transaction speed.
Everyone wants this, so you are not along with your requirements.
Also, I want that the hashes be stored in the blockchain for a long period of time (5 years). Which blockchain would be best fit for this usecase?
Currently all blockchains assume the state is stored permanently - or to the end of the world or until nobody runs nodes anymore. Whichever comes first. There is a risk of dead chain, so whatever you pick might not be around after five years. However this is a business discussion, so it is hard to answer to this one on StackOverflow.
For your use case, it does sound you do not need a blockchain at all, but just having a public data storage that is prepaid for up to five years.
You can use Emercoin NVS for upload your hashes. Service emernotar.io already does so. Also, you can use File Validator service, all scripts are open source and available on Github.

Is it necessary to use a cryptocurrency to make a payment, using blockchain?

I'm documenting in this blockchain world. Basically I would like to make some web application in which a user decides to make a donation, and would like to see who made the donation and to which entity. I have several doubts, the first one:
1-Is it possible to use blockchain using javascript? (can smartcontracts be done in javascript?)
2- If the donation is made using blockchain, is it necessary to use a cryptocurrency? or you can use real money and make the transaction (using some means like paypal)
3- Can real money be transferred by some means such as paypal using blockchain?
Thank you very much, your answers will document me much more
Is it possible to use blockchain using javascript? (can smartcontracts be done in javascript?)
Every blockchain has a SDK, the part of the software which lets you
interact with the real blockchain( A decentralise ledger). There
are generally two parts in the Blockchain , One is client and one
is processor.
As you must have guessed, Client is the one who sends the transaction,
This transaction must satisfy certain rules in order to be accepted by
the transaction processor. If the transaction gets validated by
transaction processor, The transaction will be added to the block alongwith
other transactions and this block will then be added to the blockchain.
Copied to all other nodes (Forks are a different story)
Generally Most blockchains lets you interact with the blockchain through
ABCI which is just an interface to convert your transaction into
a format understandable by the blockchain processor.
Some blockchains has their fixed transaction processing logic like Ethereum for
security and some lets you write your own transaction processing logic like
Sawtooth, Fabric etc.
Permissioned and some public blockchains like Hyperledger projects and
cosmos SDK lets you write your own application layer logic for Blockchain,
So yes, You can write those transactions in Javascript or any other programming
language, as long as it satisfies the interface.
Public blockchain deals with tokens having real worth. Their transaction logic
is already fixed, but some of them does provide javascript API's like NEO
(Not sure about that)
2- If the donation is made using blockchain, is it necessary to use a cryptocurrency? or you can use real money and make the transaction (using some means like paypal)
You can do that and put the donation receipt on Blockchain linked with
real identities of people. This way if anybody wants to check who pays
how much donation, They can query blockchain for the user address.
3- Can real money be transferred by some means such as paypal using blockchain?
This can also be done, but this will involve using a crypt exchange,
centralised or decentralise. You can convert the real money into crypto
of your choice at one end and vice versa at the other hand.
Note: This is based on my limited knowledge of Cryptocurrencies. Please consult more people or any professional company before acting on this advice.
I don't think any protocols offer the possibility to implement their smart contracts in Java Script, but you can build a translator between the two languages which could potentially benefit others in the open source community.
So you want have some engineers do some work for you, in this case build an web application. There are several ways you can get this done, here are some ideas:
a) issue tokens which pays profits based on the success of your new business, you might be able to do this on a protocol that is not tied to any specific crypto or fiat currency.
The users can use an exchange to convert your tokens to their favorite one.
b) approach a private equity or VC fund and get them to pay for it.
c) forget about blockchain, and just pay for the project to your favorite engineers.

Smart Contract (Solidity) Auction when bidders abstracted from their wallets

I have a web site which sells certain information for its users for a fixed cost.
I want to go ICO with my business and trying to change my operating model so it can leverage blockchain technology.
However I want to make sure that auction participants are in some way abstracted from their Ethereum wallet and budding in points (they will pay later if action is actually won. i.e. eBay model) without knowing that they are actually using blockchain behind the scenes. Once bidding is complete, ICO investors will automatically get their share distributed to them, and winning bidder will receive their info upon payment (in most cases real money which we will convert to ETH and mark status as paid in solidity contract)
Is there any solution for that problem, can i create wallets on the fly for the bidders accounts? Since my site is always a seller, is there a way to set auctions automatically (interact with my contract from my lets say java backed etc?)
Is there any work around/ suggestions?
Thank You
You can create wallets on the fly for your customers. That's perfectly doable. But as you create the wallets, customers can't trust those wallets you have their private keys, so they should withdraw the funds immediately to their wallets. This took us to step 0: Wallet creation. So either way, your customers have to create a wallet for themselves, for security reasons.