What is an extended public key?

Every cryptocurrency wallet you create with your BitBox starts with a recovery phrase (often 12 or 24 words), also known as a seed phrase. This seed is the foundation of your wallet.

  • Deterministic Derivation: From this seed, your BitBox deterministically derives all your accounts. For cryptocurrencies that use hierarchical deterministic (HD) wallets to manage multiple addresses (like Bitcoin and Litecoin), each account has its own unique extended public key.
  • Generating Addresses: From this account-specific extended public key, a virtually limitless number of individual receiving addresses are generated. This is one of the reasons, and also to enhance your privacy, why our BitBoxApp will only show you unused Bitcoin addresses by default and hide those you’ve already used. You can theoretically re-use a Bitcoin address, but we strongly advise against doing so as it threatens your privacy.
  • Public Information (View-Only): An extended public key allows you or any service you share it with to see all transactions and balances for that specific account.
  • Cannot Spend Funds: It's crucial to understand that an extended public key does not allow spending of funds or access to your private keys. Your private keys, which are necessary for signing transactions, remain safely stored on your BitBox hardware wallet.
  • Privacy Considerations: Sharing your extended public key means the recipient service can track all activity (past, present, and future) of that specific account. Be cautious and only share it with trusted services.
  • Contrast with other cryptos: Cryptocurrencies like Ethereum primarily use a single address to manage funds and view transaction history; they do not use extended public keys in the same way as Bitcoin or Litecoin for generating multiple addresses. The BitBoxApp will always display the relevant account information for all supported coins.

How to view your extended public key in the BitBoxApp

Accessing an extended public key in the BitBoxApp is straightforward:

  1. Open the BitBoxApp.
    1. If you have enabled “Remember wallet”, you can view basic account information, including the extended public key, without your BitBox hardware wallet being immediately connected. 
    2. However, to use the 'Verify on device' feature for the key, or for other operations requiring the hardware wallet, ensure your BitBox is connected and unlocked.
  2. In the left-hand sidebar, select the cryptocurrency account whose extended public key you wish to view (e.g., a Bitcoin or Litecoin account).
  3. In the main account interface, click on the “Account info” button, usually located in the top right corner.
  4. A new window will open, displaying details for that account, including:
    1. Account Name
    2. Derivation Path (labeled "Keypath")
    3. Script Type (e.g., "P2WPKH" for Bitcoin Native SegWit accounts)
    4. Root Fingerprint
    5. Coin
    6. The Extended Public Key itself, presented as both a QR code for easy scanning and in plain text.

Extended public keys and your BitBox

For cryptocurrencies like Bitcoin and Litecoin that use hierarchical deterministic (HD) address generation, each account you manage in the BitBoxApp will have one or more associated extended public keys.

Specifically for your Bitcoin accounts in the BitBoxApp:

  • Default format for new accounts: When you create a new Bitcoin account, the BitBoxApp automatically uses the modern Native SegWit format. Addresses for these accounts typically start with bc1q..., and the corresponding extended public key displayed will be a zpub.
  • Multiple keys from one recovery phrase: Your BitBox wallet, secured by a single recovery phrase (seed), can hold many different accounts (e.g., "Bitcoin 1," "Bitcoin 2," "Litecoin Main"). Each of these HD accounts will have its own unique extended public key.
  • Converting key formats: Some third-party services or older wallets might require an extended public key in a different format than what is displayed by default (e.g., an xpub or ypub instead of the zpub for your Native SegWit account). For instructions on how to convert these, please refer to our guide: Convert your extended public key format 

Do I need my extended public key?

For most day-to-day operations like sending and receiving crypto with your BitBox, you won't need to directly use or even see your extended public keys.

However, there are a few specific scenarios where it might be useful:

  • Setting up watch-only wallets: You can import an extended public key into another app or wallet to monitor your account's balance and transactions without connecting your BitBox or exposing your private keys.
  • Accounting and tax software: Some financial tracking tools use extended public keys to import your transaction history for an account.
  • Specific third-party service integrations: Certain services might request an extended public key to generate new addresses for your account on their platform.

When viewing an extended public key in the BitBoxApp, you might see an option to "Verify on device." This step is generally not needed for typical use cases but can provide an extra layer of security if you are importing the key into a new, trusted application and want to confirm its accuracy.