TECHNICAL_DOC // KEYS / EXTENDED-KEYS
EXTENDED
KEYS
KEYS
Extended keys (xpub / xprv) are 78-byte serializations of wallet-hierarchical-deterministic/">HD wallet nodes
encoded as Base58Check. They bundle the key with its chain code and tree metadata, allowing
a wallet to reconstruct an entire subtree below the node. Different version-byte prefixes
encode the intended script type — xpub, ypub, zpub for legacy, P2SH-wrapped
SegWit, and native SegWit respectively (SLIP-0132).
EXTENDED_KEY_FORMAT
78-BYTE STRUCTURE (BIP 32)
Field Size Description
─────────────────────────────────────────────────────────
version 4 bytes Network + key type prefix
depth 1 byte Tree depth (0 for master)
parent_fingerprint 4 bytes HASH160(parent_pubkey)[0:4]
(zeros for master)
child_number 4 bytes Index of this child in parent
High bit set if hardened
chain_code 32 bytes Extra entropy for derivation
key 33 bytes 0x00 || privkey (xprv)
OR compressed pubkey (xpub)
Total payload: 78 bytes
Then encoded as Base58Check:
serialized = payload || SHA256d(payload)[0:4]
→ 111-character string starting with xpub/xprv/...
Version Bytes — SLIP-0132
PREFIXES
Although the BIP 32 spec defines only xpub/xprv, wallets adopted distinct version bytes per script type to disambiguate intended derivation. The visible Base58 prefix changes accordingly.
Mainnet:
Hex Prefix Script type BIP path
0x0488B21E xpub P2PKH/P2SH-multi m/44' legacy
0x0488ADE4 xprv "
0x049D7CB2 ypub P2SH-P2WPKH m/49' wrapped
0x049D7878 yprv "
0x04B24746 zpub P2WPKH (native) m/84' segwit
0x04B2430C zprv "
(Taproot has no separate version; xpub used with m/86')
Testnet:
0x043587CF tpub legacy
0x04358394 tprv
0x044A5262 upub P2SH-P2WPKH
0x044A4E28 uprv
0x045F1CF6 vpub P2WPKH
0x045F18BC vprv
Multisig variants (Ypub/Zpub) also exist but rarely seen.
Worked Example — Decoding an xpub
DECODE
Decoding the 111-character Base58Check string back into its 78-byte structure reveals every piece of metadata about the wallet node.
xpub: xpub6CUGRUonZSQ4TWtTMmzXdrXDtypWKiKrhko4egpiMZbpiaQL2jkwSB1icqYh2cfDfVxdx4df189oLKnC5fSwqPfgyP3hooxujYzAu3fDVmz
Base58 decode (drop checksum) → 78 bytes:
version: 0488B21E ← xpub mainnet
depth: 03 ← 3 levels deep
parent_fingerprint:88BD45F4 ← parent's HASH160[:4]
child_number: 80000000 ← hardened, index 0
chain_code: 37C5D... (32 bytes)
key: 0357BFE1E... (33 bytes compressed pubkey)
Interpretation:
This is a depth-3 node at index 0' of its parent.
Likely m/44'/0'/0' (BIP 44 first account).
Sharing this xpub allows anyone to derive
receive/change addresses without spend authority.
Use Cases
DEPLOYMENT
Extended keys decouple authority over the wallet from address generation, enabling several operational patterns.
Watch-only wallet:
Hardware wallet exports zpub
Mobile/desktop wallet imports zpub
→ Mobile generates addresses, displays balances
→ Spending requires hardware confirmation
Payment processor / merchant:
Customer-facing server holds xpub only
Generates fresh address per invoice (no privkey on server)
Cold-storage signer broadcasts to sweep funds
Multisig coordination:
Each cosigner exports xpub at e.g. m/48'/0'/0'/2'
Coordinator constructs descriptors from N xpubs
All parties watch the joint wallet; signers contribute when needed
Backup of HD wallet metadata:
xpub backed up in addition to seed
→ faster sync (no scanning all paths)
→ useful with sparse history
TERMINOLOGY_INDEX
xpub / xprv
Extended public/private key. Original BIP 32 serialization. Default version bytes 0x0488B21E / 0x0488ADE4.
ypub / zpub
SLIP-0132 prefixes signaling P2SH-wrapped SegWit and native P2WPKH script types respectively.
Fingerprint
First 4 bytes of HASH160 of the parent compressed pubkey. Identifies the parent in derivation paths.
Depth
Number of derivation steps from master. m = 0, m/0 = 1, m/0/0 = 2, etc.
INTERACTIVE — TRY IT YOURSELF
BIP32 / EXTENDED KEYS
Extended Keys
An extended key (xpub/xprv) is a 78-byte serialization of a BIP32 key that bundles everything needed to derive child keys: version, tree depth, parent fingerprint, child index, chain code, and the key itself. It's Base58Check-encoded, producing the familiar
xpub... or xprv... strings used to share entire key hierarchies.
78-BYTE STRUCTURE VISUALIZER
CLICK ANY FIELD TO INSPECTxpub/xprv = 78 bytes + 4 checksum = 82 bytes total
Click a field above to see its description.
EXTENDED KEY DECODER
PASTE xpub / xprv / ypub / zpubdecode any extended key
VERSION PREFIX TABLE (SLIP-0132)
VERSION BYTES → B58 PREFIX
| HEX VERSION | B58 PREFIX | TYPE | DERIVATION | NETWORK |
|---|---|---|---|---|
| 0488B21E | xpub | Public key | m/44' BIP44 P2PKH | Mainnet |
| 0488ADE4 | xprv | Private key | m/44' BIP44 P2PKH | Mainnet |
| 049D7CB2 | ypub | Public key | m/49' BIP49 P2SH-P2WPKH | Mainnet |
| 049D7878 | yprv | Private key | m/49' BIP49 P2SH-P2WPKH | Mainnet |
| 04B24746 | zpub | Public key | m/84' BIP84 P2WPKH | Mainnet |
| 04B2430C | zprv | Private key | m/84' BIP84 P2WPKH | Mainnet |
| 04358394 | xpub (test) | Public key | m/44' BIP44 | Testnet |
| 04358239 | xprv (test) | Private key | m/44' BIP44 | Testnet |
xpub sharing pattern: A hardware wallet generates the account-level xpub (e.g. at
m/84'/0'/0') and exports it to a watch-only wallet. The watch-only wallet can generate all receive and change addresses without ever seeing the private key. The private key stays on the hardware device and is only used when signing.