What is an XPUB?
“What’s in a name? That which we call a rose. By any other name would smell as sweet.” — William Shakespeare
Bitcoin’s technical details are notoriously difficult to understand. Concepts like digital signatures, peer-to-peer distributed systems, and public-private-keypairs are alien to most. Even though Bitcoin’s first decade is behind us, we still have to grapple with some of the more esoteric (and technical) concepts to appropriately interact with the Bitcoin network.
This article will outline one of these concepts in particular: extended public keys, or XPUBs. We discuss what XPUBs are, why they were introduced, how they evolved, and what problems they solve for Bitcoin’s users.
As the name implies, an XPUB is a unique public key, namely an extended one.
While the details are more complicated, public keys can essentially be thought of as the basis of your receiving addresses, similar to your postal or email address. However, unlike your postal or email address, the Bitcoin protocol is designed to use a new receiving address for every transaction.
Address reuse, the practice of reusing the same bitcoin address for multiple transactions, is discouraged for several reasons, the most pertinent of which is the reduction of privacy for yourself and others.
However, using a different address for every transaction leads to a problem: how do you keep track of your addresses, and how do you let others know which addresses are yours without revealing too much information about yourself? After all, people must know your address to transact with you.
To deal with these and other problems, a Bitcoin Improvement Proposal was made: BIP 32, Hierarchical Deterministic Wallets. While the main motivation was to fix the issue of wallet backups, the hierarchical nature of these new wallets introduced another benefit: the ability to selectively reveal a set of addresses that belong to you.
Since extended public keys can be used to derive other public keys, they are also referred to as parent public keys (because the derived keys can be considered their “children”).
In short: an extended public key is a special key that effectively represents a group of public keys and, by extension, addresses. For this reason, an extended public key can also be thought of as a ‘read only’ view into a wallet.
Thinking of extended public keys as ‘read only’ keys of your wallet makes the privacy implications of sharing such a key obvious:
Everyone who has access to it can see all the addresses derived from it.
By extension, anyone can see the transactions associated with these addresses.
For this reason, it’s advisable that you do not share your extended public key lightly.
At Swan, we focus on buying bitcoin securely, efficiently, and on a recurring basis. We believe automatic DCA is the best and easiest way to acquire bitcoin over time. We also think that education and self-custody are paramount, which is why we encourage our users to set up auto-withdrawal to a wallet of their control when they feel comfortable doing so.
To provide a seamless experience and avoid address reuse, we need a list of addresses we can use to send funds to. This is where extended public keys come in.
Starting today, you can connect multiple addresses of your wallet with your Swan account and set up your auto-withdrawal plan to use these addresses in order.
A dedicated account will have its own child-extended public key, meaning that anyone with access to this key can only derive a subset of your wallet’s public keys.
We do not store your extended public key. We only maintain a relatively short list of addresses we derive from it — just enough to have a new address for every payout. If we ever run out, we can reach out to you to ask you to reconnect your wallet.
Over time, the way bitcoins are sent and received — or, to be precise: how bitcoins are locked and unlocked — evolved, and Bitcoin’s address and key-formats evolved along with it.
As of this writing, a whole zoo of different extended public keys exists: xpub, ypub, zpub, tpub, upub, vpub — all of them are extended public keys, as are their “big brothers” Ypub, Zpub, Upub, and Vpub.
The different kinds denote different purposes, indicating if the wallet that generated the extended public key can use modern address formats or if the key relates to a single-signature or multi-signature scheme.
During the implementation of this feature for our platform, we realized that the tools to interact with and derive addresses from XPUBs are far from ideal. While many excellent libraries exist already, most notably Unchained Capital’s unchained-bitcoin and Daniel Cousens’ bitcoinjs-lib, we decided to give back to the Bitcoin community and broader ecosystem by open-sourcing large parts of the code that is powering our multi-address wallet feature.
@swan-bitcoin/xpub-cli — A small command-line tool to derive and validate bitcoin addresses from extended public keys. Supports xpub, ypub, and zpub extended public keys and their testnet equivalents. Support for legacy, SegWit, and native SegWit (bech32) addresses.
As Bitcoin evolves, new features will become widely used, and best practices will continuously change. XPUBs are undoubtedly imperfect, as the growing zoo of different extended public keys shows.
Trends we can expect ahead:
Increased use for HD wallets: XPUBs are a core component of HD wallets. They are becoming increasingly popular due to their ease of use and enhanced security features. As the use of HD wallets continues to grow, the use of XPUBs will likely increase.
Improved privacy: To better protect users' financial information, there may be further developments in privacy-enhancing technologies for XPUBs, such as Confidential Transactions or Taproot.
Expanded compatibility: XPUBs may become more compatible with different platforms and devices, making it easier for users to manage their funds across other platforms.
In the future, most wallets and services might switch to output descriptors instead of extended public keys. We might also see a rise in reusable payment codes, which are especially beneficial for privacy. And once the #reckless days of the Lightning Network are behind us, we might even see a majority of services switch to higher layers when it comes to recurring payments.
Whatever the future might bring, Swan will remain at the forefront of Bitcoin education. We will continue to offer services that let you stack sats safely and easily, improving both our customer experience as well as the underlying tools that make all of it possible.
This blog offers thoughts and opinions on Bitcoin from the Swan Bitcoin team and friends. Swan Bitcoin is the easiest way to buy Bitcoin using your bank account automatically every week or month, starting with as little as $10. Sign up or learn more here.
Thoughts on Bitcoin from the Swan team and friends.
Swan Bitcoin does not provide investment, financial, tax, legal, or professional advice. We recommend that you consult with tax advisors and review tax guides to understand the risks and consequences of buying, selling, and holding Bitcoin. If you are interested in starting a Bitcoin IRA, we can help!
Sign up to start saving Bitcoin
Buy automatically every day, week, or month, starting with as little as $10.
Gigi is the author of 21 Lessons, a popular book about lessons learned from falling down the Bitcoin rabbit hole. He launched various projects in the space such as bitcoin-resources.com, bitcoin-quotes.com, “Einundzwanzig”, and others. Prior to taking the orange pill he was a researcher and software engineer leading multiple development teams that worked on critical large-scale apps. He is passionate about security, privacy, and of course, Bitcoin. The article is protected under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.
More from Swan Signal Blog
Thoughts on Bitcoin from the Swan team and friends.