Swan BitcoinHome

What’s in an XPUB?

Posted 11/18/20 by Gigi

“What’s in a name? That which we call a rose
By any other name would smell as sweet.”

William Shake­speare, Romeo and Juliet

Bitcoin’s technical details are notori­ously diffi­cult to under­stand. Concepts like digital signa­tures, peer-to-peer distrib­uted systems, and public-private-keypairs are alien to most. Today, even though Bitcoin’s first decade is now behind us, we still have to grapple with some of the more esoteric (and technical) concepts to properly interact with the Bitcoin network.

This article will outline one of these concepts in partic­ular: extended public keys, or XPUBs. We discuss what they are, why they were intro­duced, how they evolved, and what problems they solve for Bitcoin’s users.

What is an XPUB?

As the name implies, an XPUB is a special kind of public key, namely an extended one.

While the details are more compli­cated, public keys can essen­tially be thought of as the basis of your receiving addresses, which is not unlike your postal or email address. Unlike your postal or email address, however, the Bitcoin protocol is designed to use a new receiving address for every trans­ac­tion.

Address reuse, the practice of reusing the same bitcoin address for multiple trans­ac­tions, is discour­aged for several reasons, the most perti­nent of which is the reduc­tion of privacy for yourself and others. 

However, using a different address for every trans­ac­tion leads to a problem: how do you keep track of your addresses, and how do you let others know which addresses are yours without revealing too much infor­ma­tion about yourself? After all, people have to know which address is yours in order to transact with you.

To deal with these and other problems, a Bitcoin Improve­ment Proposal was made: BIP 32, Hierar­chical Deter­min­istic Wallets. While the main motiva­tion was to fix the issue of wallet backups, the hierar­chical nature of these new wallets intro­duced another benefit: the ability to selec­tively reveal a set of addresses that belong to you.

Since extended public keys can be used to derive other public keys, they are also referred to as parent public keys (because the derived keys can be thought of as their “children”).

In short: an extended public key is a special key that effec­tively repre­sents a group of public keys, and by exten­sion, addresses. For this reason, an extended public key can also be thought of as a ‘read only’ view into a wallet.

XPUBs And Privacy

Thinking of extended public keys as ‘read only’ keys of your wallet makes the privacy impli­ca­tions of sharing such a key obvious: everyone who has access to it can see all the addresses that can be derived from it, and by exten­sion, can see the trans­ac­tions associ­ated with these addresses. Thus, it is advis­able that you do not share your extended public key lightly.

At Swan, our focus is on buying bitcoin securely, easily, and on a recur­ring basis. We believe that automatic DCA is the best and easiest way to acquire bitcoin over time. We also believe that educa­tion and self-custody are paramount, which is why we encourage our users to set up auto-withdrawal to a wallet of their control when they feel comfort­able doing so.

To provide a seamless experi­ence and avoid address reuse, we need a list of addresses that we can use to send funds to, which is where extended public keys come in.

Starting today, you can connect multiple addresses of your wallet with your Swan account and set up your auto-withdrawal plan to use these addresses in order.

We encourage you to use a dedicated account for your Swan savings plan if your wallet supports it. Most modern wallets, including the Ledger and Trezor hardware wallets, support the creation of multiple accounts. (If you have a COLDCARD, we assume you know what you’re doing anyway.)

A dedicated account will have its own child extended public key, meaning that anyone who has access to this key can only derive a subset of your wallet’s public keys.

We do not store your extended public key. We only store a relatively short list of addresses that we derive from it — just enough to have a new address for every payout. If we ever run out, we can reach out to you to ask you to re-connect your wallet.

The XPUB Zoo

Over time, the way bitcoins are sent and received — or, to be precise: how bitcoins are locked and unlocked — evolved, and Bitcoin’s address and key-formats evolved along with it.

As of this writing, a whole zoo of different extended public keys exists: xpub, ypub, zpub, tpub, upub, vpub — all of them are extended public keys, as are their “big brothers” Ypub, Zpub, Upub, and Vpub.

The different kinds simply denote different purposes, indicating if the wallet that gener­ated the extended public key is capable of using modern address formats or if the key relates to a single-signa­ture or multi-signa­ture scheme.

XPUB Tools

During the imple­men­ta­tion of this feature for our platform, we realized that the tools to interact with and derive addresses from XPUBs are far from ideal. While many excel­lent libraries exist already, most notably Unchained Capital’s unchained-bitcoin and Daniel Cousens’ bitcoinjs-lib, we decided to give back to the Bitcoin commu­nity and wider ecosystem by open-sourcing large parts of the code that is powering our multi-address wallet feature.

The following packages are avail­able on GitHub and via npm:

  • @swan-bitcoin/xpub-lib — A JavaScript library that derives bitcoin addresses from extended public keys.
  • @swan-bitcoin/xpub-cli — A small command-line tool to derive and validate bitcoin addresses from extended public keys. Supports xpub, ypub, and zpub extended public keys and their testnet equiv­a­lents. Support for legacy, SegWit, and native SegWit (bech32) addresses.

Future Developments

As Bitcoin evolves, new features will become widely used, and best practices will contin­u­ously change. XPUBs are undoubt­edly imper­fect, as the growing zoo of different extended public keys shows.

In the future, most wallets and services might switch to using output descrip­tors instead of extended public keys. We might also see a rise in the use of reusable payment codes, which are especially benefi­cial for privacy. And once the #reckless days of the Light­ning Network are behind us, we might even see a majority of services make the switch to higher layers when it comes to recur­ring payments.

Whatever the future might bring, we will remain at the forefront of Bitcoin educa­tion and will continue to offer services that let you stack sats safely and easily, improving both our customer experi­ence as well as the under­lying tools that make all of it possible.

This blog offers thoughts and opinions on Bitcoin from the Swan Bitcoin team and friends. Swan Bitcoin is the easiest way to buy Bitcoin using your bank account automatically every week or month, starting with as little as $10. Sign up or learn more here.

Gigi

Gigi is the author of 21 Lessons, a popular book about lessons learned from falling down the Bitcoin rabbit hole. He launched various projects in the space such as bitcoin-resources.com, bitcoin-quotes.com, “Einundzwanzig”, and others. Prior to taking the orange pill he was a researcher and software engineer leading multiple development teams that worked on critical large-scale apps. He is passionate about security, privacy, and of course, Bitcoin.

More from Swan Signal

Thoughts on Bitcoin from the Swan team and friends.

Jake Chervinsky and Rafael Yakobi: Swan Signal Live E38

By Brady Swenson

I do think that this was a message to other well-known leaders of offshore exchanges that may be servicing US customers, that if they don’t cooperate with the US govern­ment, it doesn’t matter where they are in the world, right?

Read More

Connecting it back into Breedlove’s recent piece, Bitcoin empowers the three princi­ples that underpin capitalism: honest money, property rights, and rule of law. Bitcoin is that distilled down version of capitalism.

Read More

Welcome to Bitcoin TV

By Cory Klippsten

Bitcoin TV makes it easy to sit back and learn all about this revolu­tionary new money.

Read More

Join our mailing list to receive new articles from the Swan Signal

Swan Bitcoin
© 2020 Swan Bitcoin
© 2020 Swan Bitcoin
Swan Bitcoin does not provide any investment, financial, tax, legal or other professional advice. We recommend that you consult with financial and tax advisors to understand the risks and consequences of buying, selling and holding Bitcoin.