HD Wallets in Bitpanda Custody
Bitpanda Custody uses Hierarchical Deterministic (HD) wallets to provide secure, scalable private key management. Each client is assigned a unique seed, generated by a Hardware Security Module (HSM), ensuring complete cryptographic segregation within our TrustVault platform.
HD wallets deterministically derive a hierarchy of keys from this seed using industry standards (BIP-32, BIP-39, BIP-44). All key material for a client is derived from their dedicated seed, allowing structured key management without cross-client exposure.
Key Features
- Client Isolation: Unique seed per client, securely stored in DynamoDB
- Structured Derivation: Paths segment use cases like trading or issuance
- Backup and Recovery: Encrypted seed backups ensure continuity
- Compatibility: Supports multi-signature and industry interoperability
- Auditability: Deterministic derivation enables transparent key lineage
Internal Use of Derivation Paths
Within a client’s HD tree, paths help structure keys by:
- Network (e.g. Ethereum mainnet vs testnet)
- Asset type (e.g. native ETH vs ERC-20)
- Function (e.g. fee collection, contract deployment)
Access control is handled at the orchestration level, not through path structure.
Example Derivation Paths
Purpose | Example Path |
---|---|
Ethereum Wallet | m/44'/60'/0'/0/0 |
Internal Change | m/44'/60'/0'/1/3 |
Contract Deployment | m/44'/60'/1001'/0/0 |
Standards
We follow BIP-32, BIP-39, BIP-44, and SLIP-44. Custom paths can be defined to meet institutional needs.