How to Develop a Non-Custodial Crypto Wallet? [For Storing BTC, ETH and ERC20]

Probably each of us has at least once heard of cryptocurrency technologies. Also, it is obvious to most of us that to use or store digital assets you need a special crypto wallet. From the perspective of a regular user, these ledgers are similar to the bank ones. Usually, it is hard to believe that someone may actually not know how to create a crypto wallet. Yet, such beliefs may be misleading.

To clarify, we propose to consider crypto wallet technology, based on the blockchain network, from the perspective of the developer. Let’s find out what are the types of crypto ledgers and how to develop one of them.

Non-Custodial Crypto Wallet and Custodial Solution

First of all, let’s find out the main types of digital wallets. As the title of the article suggests, developers usually distinguish between two main types: custodial and non-custodial wallets. Actually, there are some other crypto wallets, however, they are very rare and too specific, thus we can ignore them.

Custodial Wallets

Let’s start with the Custodial type of wallet. In fact, it is probably the most common and popular way of storing BTC, or other digital currency. It was designed specifically for newcomers and regular users, who are interested in blockchain networks and digital assets, yet don’t want to spend much time setting up the account for further usage.

Custodial Wallets are usually built into various marketplaces. In fact, it is a ready-to-use service, which requires only the registration of an account. As a result, users, who are interested in crypto exchange or simply storing digital assets, can easily register an account, top it up, and buy the crypto tokens, they are interested in. The rest will be done by the platform. For instance, it can automatically convert your traditional currency into crypto, or back. Yet, the most important advantage, which is also the main drawback of this approach, is the fact, that private keys, as well as any other essential security data, are accessible to the owner of the platform only.

A private key is a confidential number or combination, used to sign the transactions or as ownership proof. In other words, it is something in between login and password. Also, it is used to generate a public key, that is shared online to encrypt the message or transfer. It is impossible to recreate the private key with the use of the public one.

Therefore, on the one hand, users have a very friendly interface and easy-to-use platform, which ensures all software and hardware details. Moreover, it provides a wide range of services, including the security of your assets, allowing you to manage your funds on your own. Also, such platforms usually allow their users to reset their passwords if they forget them.

On the flip side, it is possible to say, that a custodial solution is rather a “wallet-as-a-service”. So, there is no 100% guarantee, that your digital assets are actually your’s. To make it simple, there is a great saying: “Do not put all eggs into one basket”. Actually, the blockchain network, as well as all products, based on it, is more complex than it may seem. In fact, these private keys are a crucial element of the overall wallet system.

Clearly, if you are using wallet-as-a-service, you have no access to the private keys. It is your price for convenience. To simplify, the custodial wallet is a banking account, while the platform is the bank. When you are using it - you trust the final stakeholder, or the institution, that provides you this service.

Moreover, these marketplaces regularly suffer from hacker attacks. Due to the fact, that who owns the private key owns the assets, and that the marketplace is a collection of various users’ wallets, where they are storing BTC, or other digital assets, it becomes a tidbit for various criminals.

Non-Custodial Crypto Wallet

The alternative way how to create a crypto wallet is to develop a non-custodial one. it is almost the complete opposite of the custodial solution and is developed on your own. As a great advantage, it is more secure and flexible. The developer of this wallet is the only owner of the private key. As a result, it is possible to ensure an additional layer of security measures and easier to hide from hackers. Also, there is no doubt that a single person’s account seems less valuable than a combination of multiple accounts with crypto assets.

If we will return to the bank analogy, it is possible to compare this type of crypto wallet with a safe. Its owner is the only person, who has full access to the safe itself and its contents in particular. However, if you lose the key - you will lose access too. Clearly, using non-custodial wallets means also taking responsibility. Additionally, this approach is much more complex, therefore its development requires some background knowledge. Thus, it is more suited for advanced users.

Finally, non-custodial wallets can be both software and hardware oriented. For instance, it is possible to transfer your wallet to a specified hardware device, similar to a USB drive. As a result, in addition to complex security measures, based on cryptography, it becomes impossible to manage your funds without a physical device, where the wallet is stored. Obviously, it is almost impossible to hack such a hardware wallet.

The major disadvantage is the fact, that it is possible to lose the private key. Mostly, in this case, it is impossible to recover access to the account. However, nowadays there is a solution even for such emergencies. For instance, some providers, that are helping to develop their own NCC wallet, provide their owners with a recovery method. It is also known as a seed or recovery phrase, which consists of numerous (12-24) random words, that are ordered. Yet, it is an essential component as well. Therefore, the one who owns this combination becomes the owner (again).

How To Create a Non-Custodial Wallet

Theoretical Part

Bitcoin(BTC) and Ethereum(ETH) blockchain networks use the same cryptography fundamentals for generating keys. Nowadays, the most reliable security algorithms are based on elliptic curves. It’s easy to generate required keys using an elliptic curve, but there is no way to hack that for a reasonable amount of time. BTC and ETH use the secp256k1 curve for building wallet keys.

The most important concepts that we should know are:

• Entropy - is a random sequence of bits. It should be as random as possible. If we will be able to find regularities in the entropy generation algorithm, it will be easy to hack our keys.
• Mnemonic phrase - bip39 standard describes the process of generating mnemonic using entropy. A mnemonic phrase is a sequence of binary numbers that are converted to human readable form using the dictionary with a limited amount of words that can represent our phrase.
• Seed - the result of pbkdf2 algorithm encryption of normalized mnemonic phrase
• Private key(pk) - generated from seed using elliptic curve. Which one will be used - depends on the blockchain that you are going to use. BTC and ETH use secp256k1; Solana - ed25519; TRX - sr25519; etc. You have to keep this key a secret, similar to a seed phrase.
• Public key (pubKey) - generated from the private key. Can be shared across the internet. The private key can’t be restored from it.
• Wallet address - generation based on public key transformations. No other secret keys are needed.

The sequence listed above starts with very secret keys ending with keys that can be shared without worries. The main concept of this algorithm is to provide a mechanism, where having key A on the first step, you can generate a key for step B, yet, you can’t restore key A from key B.

Moreover, if you need to create a wallet, which can generate multiple accounts for the same crypto asset, having only one seed phrase - you have to use BIP44. It defines the standard derivation path for wallets. BIP44 builds a tree, depending on the path.

Each asset key that is built using this path, has its private key. As a result, public keys and addresses are different. As a result, you can have multiple accounts, generated from a single seed. It is also a very secure approach. For example, if you lose your private key from one wallet, other wallets will still be safe.

Let’s leave it for now, it's a point for another article, but keep in mind that if you need multiple accounts - BIP44 is your choice.

Implementation on NodeJS

Let's consider the ETH address generation as an example. Generate mnemonic: For this purpose, we will install the bip39 package which will generate a mnemonic from the entropy

npm install bip39 --save

import * as bip39 from 'bip39';
const mnemonic = bip39.generateMnemonic();

Generate seed: For seed we can use the same package:

const librarySeed = (await bip39.mnemonicToSeed(mnemonic)).toString('hex');

However, it can be also generated by the native nodeJS crypto module:

const customSeed = crypto.pbkdf2Sync(
   Buffer.from(mnemonic.normalize('NFKD'), 'utf-8'),
   'mnemonic'.normalize('NFKD'),
   2048,
   64,
   'sha512',
 ).toString('hex'); 

After the seed phrase is done, we can generate a private key. In NodeJs we can use the ethers package to init our wallet and generate the required keys:

import * as ethers from 'ethers';
const wallet = ethers.Wallet.fromMnemonic(seedPhrase);
const privateKey = wallet.privateKey;
const publicKey = wallet.publicKey;
const walletAddress = wallet.address;

Under the hood, the address is generated using publicKey, and publicKey is generated from the private key, using secp256k1 cryptography. The private key is generated from the seed phrase.

Summary

Here is a brief and simplified explanation of how to create a crypto wallet, at least the non-custodial one. Clearly, there are much more aspects and development approaches, yet they are too complex and require a more detailed report. However, with the use of this article, combined with some googling it is possible to create your own advanced crypto wallet or simply to better understand such an obvious(at first glance) component as a crypto wallet, its elements, use purposes, etc.

Also, it is possible to claim that custodial wallets are simplified versions of non-custodial ones. The main difference is that there is no need for any background knowledge for using a custodial solution. Yet, some marketplaces, designed specifically for working with numerous types of cryptocurrency tokens should be considered separately, because in such cases, developers use completely different development approaches and principles.

If you are interested in other examples of (non)crypto software development, here is a list of our recent cases, where we describe the scale of work, the technologies we used, and the overall processes.