Described as an “online deterministic wallet”, CarbonWallet doesn’t store bitcoins locally or on its servers. Instead, users create a passphrase that is turned into a 128-bit key, which is then used to generate bitcoin addresses.
“Your passphrase is your wallet access and wallet backup,” the CarbonWallet site states. “Determined bitcoin addresses mean no need for a remote server to hold keys and no need to store keys on a local hard drive.”
However – the approach also means users must ensure they don’t forget or lose their passphrases.
“Without the passphrase your coins are gone,” CarbonWallet warns. “There is no way to retrieve CarbonWallet wallets without the passphrase.”
The site recommends that users write down their passphrases and keep them stored someplace secure. It also warns that users need to be alert to potential attempts to steal their passphrases via phishing, social engineering, malware or brute force.
“According to “how big is your haystack?” (o)ur passphrases would take five-hundred trillion trillion trillion trillion trillion trillion trillion trillion centuries to break under a massive cracking scenario,” the site states.
CarbonWallet’s passphrases are compatible with both the Electrum bitcoin client and Brainwallet.org. That means users can take their passphrases to either of those wallets if CarbonWallet’s servers go down, ensuring they can still access their bitcoins.
More details on how CarbonWallet works can be found at its page on the code-sharing site GitHub.