Adding addresses without the CoolWallet, is my private key stored on the app?
Our CoolWallet private keys are stored in a secure element (CC EAL5+/6+) chipset in the wallet and can never be extracted. Thus, users are unable to obtain the private key from the app. The reason why users can generate the crypto addresses without the private key is that the "account key" is stored in the app and addresses are derived from the account key.
BIP44 Secret Key Structure:
m / purpose’/ coin_type’/ account’/ change / address_index
- Purpose: Purpose is a constant set to 44' (or 0x8000002C) following the BIP43 recommendation. It indicates that the subtree of this node is used according to this specification.
- Coin_type: refers to the category of the crypto (e.g. 0 for BTC)
- Account: This level splits the key space into independent user identities, so the wallet never mixes the coins across different accounts. (account key)
- Change: Constant 0 is used for the external chain and constant 1 for the internal chain (also known as change addresses).
- Address_index: This is the address index, starting at 0, which represents the number of addresses generated.
*Private keys can not be reverse-engineered from the account key.