Skip to main content

QRL Wallet Overview

The Quantum Resistant Ledger's wallet functions similar to other cryptocurrencies in which there are both public and private keys that represent an address. Where the QRL wallet differs from most, and where the post quantum security derives, is the signature scheme used.

The QRL uses eXtended Merkle Signature Scheme (XMSS), a hash based cryptography that's been around since the 70's and recently approved for use in cryptographic systems by NIST.

XMSS is considered to be one of the most secure quantum resistant algorithms in use today. There is one drawback to hash based cryptography however, a signature key index may only be used one time.

OTS (One Time Signature) Key Index

OTS key indexes can only be used to sign one transaction. There are limited keys for an address depending on tree height selected during address creation. See the OTS Documentation for more information.

QRL Address Options

There are a few optional configuration properties that may be useful. The defaults settings are usually acceptable for most users.

Tree Height

This option allows you to create a wallet with varying tree size. In other words this controls the amount of signatures your wallet can use for transactions safely on the blockchain.

By default an XMSS Tree height of 10 provides 1024 One Time Signatures, or OTS key indexes. You may chose to create a wallet with more or less OTS keys used to sign transactions on the QRL network.

One of the main disadvantages to creating a larger tree height (amount of OTS Key Indexes) is the time required to generate the additional keys. Each time you access the wallet the keys must be calculated and thus adding time to opening a larger address.

These parameters can only be configured when a wallet is created. The height of the tree is fundamental to the OTS key index creation and adds to the uniqueness of a private key.

Tree HeightAvailable KeysNotes
8256Allows 256 transactions to be sent from the address
101,024Allows 1024 transactions to be sent from the address
124,096Allows 4,096 transactions to be sent from the address
1416,384Allows 16,384 transactions to be sent from the address
1665,536Allows 65,536 transactions to be sent from the address
18262,144Allows 262,144 transactions to be sent from the address

Hash Function

QRL can utilize multiple hash functions, depending on the setting used during the creation of the wallet.

By default the wallet will utilize the shake128 hash function if no configuration options are given.

Hash FunctionHash AlgorithmDescription
shake128SHA-3Secure Hash Algorithm 3 - Default used in the web wallet
sha2_256SHA-2Secure Hash Algorithm 2
shake256SHA-3Secure Hash Algorithm 3

All of these hash functions are considered to be secure, and the default is perfectly acceptable to use

QRL Wallet Applications

All of the wallets listed here are supported by the project and all can send quanta, the base currency of the Quantum Resistant Ledger. Some may provide advanced functionality and access to additional features.

QRL Web Wallet

This is the QRL Web wallet developed by The QRL team, hosted at

QRL Wallet Security

All QRL wallets are made up of a cryptographic key pair, or public and private keys, from which the Merkle tree of One Time Signature key indexes are generated. These OTS key indexes are then used individually to sign outgoing user transactions, never exposing the root secret "private" key.


Correctly recording and securing private recovery keys (mnemonic or hexphrase) and then verifying the recovery keys work, is the most important thing a user needs to do before interacting with the QRL network. This ensures that funds are not sent to an address out of your control.

Public Keys

At the base of the wallet is the QRL address. The public key starts with a Q and consists of 7979 hexadecimal characters. The Public address represents an account, and is what would be given to receive funds into the address.

Public keys are safe to share with trusted parties you will be transacting with. Use this to request funds from another user or to deposit funds yourself.

Example QRL Public Address


Private Keys

The private keys can be represented in either a hexseed, a mnemonic phrase, or a wallet.json file containing both. Any can be used to restore a wallet and best practice should be followed to ensure the security of these keys.

  • A private key is required to interact with the QRL blockchain
  • Private keys are used to sign transactions
  • No two private keys are the same
  • Anyone with this key can send transactions on behalf of the address.
  • Ensure any recovery keys open the address expected prior to using the address
Never Share Private Wallet Keys

Any of the private keys above will be able to recover an address and access all funds associated with that address. These keys should NEVER be shared!

It is up to the end user to ensure that any encryption phrase, and all secret keys are stored in a secure location. Any loss of funds will be at the owners fault if these keys are lost, compromised, or copied incorrectly. Verify that any backup method re-opens the same address as expected before depositing any funds into the address!

Private keys can not be recovered or regenerated if lost. Without them, any funds in the address will not be recoverable. Backup address keys and store them in a safe locations.

Typical QRL Private Key Format

Public and private keys can be stored in a multitude of ways and are typically utilized through a wallet application.

Private Key MediumInformation
wallet.json file
  • Contains both Hexphrase and Mnemonic as well as the Public Key
  • May be encrypted (recommended) and passphrase will be required to open
  • Generated from the Desktop, Web and CLI wallet applications
Mnemonic Phrase
  • Wordlist consisting of 34 selected words from the master QRL wordlist
  • Available using backup functions of the wallet applications
  • Provided during most address generation steps
  • Available using backup functions of the wallet applications
  • Hexstring consisting of 102 mixed alpha numeric characters
  • Provided during most address generation processes, or found in a "Backup Wallet" function
Ledger Hardware
  • Ledger manages QRL private keys on device, never exposing them to the end user
  • Master Ledger Recovery Seed is required to recover a QRL address stored on a Ledger device
Slave Keys
  • Advanced address functionality. CLI tools are required to generate slave Keys
  • Generated slaves files are typically named slaves.json or payment_slaves.json
  • Slave keys are additional secret key(s) that are allowed to spend for a given master address
Never Share Private Wallet Keys

These keys should never be shared! Anyone can transfer funds using a secret key.

Example QRL Mnemonic

This list of 34 works represents the same key as the hexseed, with each word corresponding to an index location in the QRL wordlist. This list is converted into binary/hexadecimal representation of the private keys.

absorb filled elder lake swing behind thirst ink easter lucy sinful viola judge flint sample bleak ransom supply very liquid silky tensor wild panel clue croft aroma duress nail gender milk myself devoid toward

Example QRL Hexseed


For more information on QRL's cryptography see the Address Scheme as well as the QRL Whitepaper (PDF)