How Wallets and Accounts Work

While creating a wallet is a simple one-click process, there's a lot of powerful cryptography working behind the scenes to keep your assets secure. This guide provides an in-depth look at how your wallet is created and how your Stacks accounts are managed.

From Passkey to Wallet

Your entire wallet is secured by a passkey. Instead of a traditional seed phrase (a list of 12-24 words), Turnkey uses the secure hardware on your device (like a TPM or Secure Enclave) to generate and store a master private key.

• One-Click Creation: When you click "Create Wallet," Turnkey interacts with your device to generate a new, unique private key. This key is tied to your device's biometrics (fingerprint, Face ID) or a physical security key.
• No Seed Phrase to Lose: This master key never leaves your device's secure hardware, which is why you don't need to write down a seed phrase. It provides superior security against phishing and theft.

Understanding Derivation Paths

From this single master key, your wallet can derive a virtually infinite number of accounts for different blockchains. This is done using a standard called BIP44 (Bitcoin Improvement Proposal 44).

A derivation path is like a set of instructions that tells the wallet how to find a specific account key from the master key. The path for your first Stacks account is:

m/44'/5757'/0'/0/0

Breaking Down the Path

Each number in the path has a specific meaning:

Creating New Accounts

When you click "Create New Account" in the wallet dashboard, you are simply telling the wallet to derive a new key at the next account index.

• Account #0: m/44'/5757'/0'/0/0
• Account #1: m/44'/5757'/1'/0/0
• Account #2: m/44'/5757'/2'/0/0

Each of these accounts is cryptographically linked to your master passkey but has its own unique Stacks address and transaction history, allowing for clean and organized asset management.