Lisk uses cryptographic hashing in order to secure all aspects of the system. The system uses EdDSA as it provides a much faster mechanism for hashing and providing security; rather than ECDSA which is found in many other cryptocurrencies, such as Bitcoin.

Key pair

A keypair is consists of a private key and a public key. A private key is a piece of information known only to the owner of the key. The public key is derived from the private key and can be used to validate that the private key belongs to the owner, but not provide access to the owners private key. Elliptic curve cryptography is used to generate cryptographically secure key pairs.

The process used to generate the key pair operates under the following assumptions:

When a user creates an account, a BIP39 mnemonics (the passphrase) is generated for the user. This passphrase is hashed using the SHA-256 hash function into a 256 bits string. This hash is subsequently used as a seed in ed25519 to generate the private key ks and derives its public key kp.

With this private key, the user is able to sign transactions into a transaction object and broadcast that object to the network. The public key is included as part of the transaction and the nodes that receive the transaction are able to verify the validity of the signature using kp. This provides effective security for both the user and the network since ks is known only to the user and kp can validate that the signature is valid.

Second pass phrase

Lisk offers an additional layer of security for the user. Using a specific class of transaction, the user can register a second pass phrase that is associated with the kp. This relationship requires that all subsequent transactions to be signed using the second pass phrase in order to be considered valid. The process of generating the second key pair is the same as the one for the main key pair.


Lisk supports multisignature accounts as another security system for users requiring even greater security. A multisignature account is an account that requires multiple signers to submit signature transactions. Any user may enable multisignature on their account by issuing a special transaction (See Multisignature Registration Transaction) specifying a group of ksn and the require minimum amount of signatures required to confirm a transaction as valid. It is then mandated in the blockchain that any transactions originating from this account must be signed by a minimum quorum of associated accounts before any transaction from the account may be processed.


An address or the wallet ID is derived from the public key. The public key is hashed using SHA-256 then the first 8 bytes of the hash are reversed. The account ID is the numerical representation of those 8 bytes, with the ’L’ character appended at the end. The following figure is the representation of an address and its associated account details.

    "address": "16009998050678037905L",
    "unconfirmedBalance": "0",
    "balance": "0",
    "publicKey": "73ec4adbd8f99f0d46794aeda3c3d86b245bd9d27be2b282cdd38ad21988556b",
    "unconfirmedSignature": 0,
    "secondSignature": 0,
    "secondPublicKey": null,
    "multisignatures": [],
    "u_multisignatures": []

What's next?
Peers Communication