How does the client know the number of keys and coins when recovering from a seed?

7

2

When I have a seed and use it to recover my keys, how does a client find out which keys I had and their respective amounts?

To clarify, I understand how a deterministic key works and that we can generate more keys from it. What I'm not sure is how the client knows how many private keys / wallets I had and the units of currency in each of them.

Daniel

Posted 2017-01-03T21:26:35.010

Reputation: 267

Answers

8

There is a so-called gap limit. In Electrum, it's 20 by default but can be changed. But if you changed it up, remember that! Preferably write it next to your wallet's seed.

This means that the HD wallet determines the first 20 addresses and checks on a server whether any of them have every been involved in a transaction. Let's say these addresses are numbered. Number 7 is the one with the highest number to ever have been involved in a transaction. Then, 7+20 = 27 is computed and all addresses up until and including 27 are checked. It's found that 21, 23, and 25 have been involved in transactions. Then, 25+20 = 45 is computed and all addresses up until and including 45 are checked. It's found that none of the addresses from 28 to 45 ever had activity on them. Therefore, the search is stopped because there is a cap of at least 20 addresses. If address 46 had a transaction on it, that's not discovered until the user uses the wallet enough such that that address is searched for activity or the gap limit is increased.

UTF-8

Posted 2017-01-03T21:26:35.010

Reputation: 2 941

Since the asker tagged his question with "multibit-hd", it may be worth noting that Multibit also follows BIP44 and uses the same gap limit of 20.

Murch 2017-01-09T14:56:12.073

1

@Murch It seemed to me that OP wanted to know how it works in general and just stated an example HD wallet. Anyways, regarding Multibit HD: In their gap limit explanation, they refer to BIP 44 and then link to this paragraph which states: "Address gap limit is currently set to 20. If the software hits 20 unused addresses in a row, it expects there are no used addresses beyond this point and stops searching the address chain. [...]"

UTF-8 2017-01-09T15:01:03.270

Yes, that's the same page that I've linked to. The information should be added to the answer though, because probably the asker was interested in Multibit, or they wouldn't have added the tag after adding the more generic [deterministic] and [hd-wallet]. ;)Murch 2017-01-09T15:02:26.773

Asked: 2017-01-03T21:26:35.010

Viewed: 750 times

Active: 2017-06-06T00:46:00.053