Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

derive bip44 hardened addresses from xpub key

See original GitHub issue

It got my issues with deriving addresses from xpub keys answered very well: #584

Unfortunately, I run into problems when deriving addresses from xpub keys with hardened indexes. I checked the unit tests (https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/bip32.js#L50) which work great, however not with only a xpub as an input.

This triggers error: TypeError: Could not derive hardened child key

bitcoin.HDNode.fromBase58('xpub...').derivePath("m/44'/0'/0/0").getAddress();

This works without problems

bitcoin.HDNode.fromBase58('xpub...').derivePath("m/0/0").getAddress();

Strangely with testnet it doesn’t work, first line triggers the error: Error: Not a master node, second line works correctly

bitcoin.HDNode.fromBase58('tpub...', [bitcoin.networks.testnet]).derivePath("m/0/0").getAddress()
bitcoin.HDNode.fromBase58('tpub...', [bitcoin.networks.testnet]).derive(0).derive(0).getAddress()

My goal is to derive addresses from xpub keys exported from bip44 wallets. Testnet should also be supported. Can somebody give me an answer how this can be done? Referring to issue #584, is it only possible for non-hardened indexes?

Issue Analytics

State:
Created 6 years ago
Comments:10 (5 by maintainers)

Top GitHub Comments

13reactions

junderwcommented, Oct 18, 2017

Just to give you an idea of how the library works… here’s how:

let seed16to64bytes = someMnemonicObject.toSeedBuffer(); // BIP39 gives 64 byte hash of the phrase
let xprvString = bitcoin.HDNode.fromSeedBuffer(seed16to64bytes).toBase58();
// ----------------------------------------------------
// 2 levels of 0' here as per BIP44 spec
let xpubString = bitcoin.HDNode.fromBase58(xprvString).derivePath("m/44'/0'/0'").neutered().toBase58();
// no m/ since this xpub is the 3rd layer, not the top layer of the HD tree
let address = bitcoin.HDNode.fromBase58(xpubString).derivePath("0/0").getAddress();

Edit: xpubs (neutered HDNodes) can not derive a ’ path, any number with a ’ after it will throw the error you got.

6reactions

junderwcommented, May 24, 2018

@coinables From my earlier post (with extra comments to explain your use case):

The xpubString does not contain any private info, BUT it can derive unlimited addresses (and public keys) that can then be signed using private keys derived from the someMnemonicObject (aka your mnemonic)

// ************* THIS IS DONE OFFLINE
let seed16to64bytes = someMnemonicObject.toSeedBuffer(); // BIP39 gives 64 byte hash of the phrase
let xprvString = bitcoin.HDNode.fromSeedBuffer(seed16to64bytes).toBase58();
// ----------------------------------------------------
// 2 levels of 0' here as per BIP44 spec
let xpubString = bitcoin.HDNode.fromBase58(xprvString).derivePath("m/44'/0'/0'").neutered().toBase58();

// ************* TAKE xpubString STRING OFF THE OFFLINE PC VIA USB OR SOMETHING, BRING THE xpubString TO THE ONLINE COMPUTER

// ************* THIS IS DONE ONLINE
// no m/ since this xpub is the 3rd layer, not the top layer of the HD tree
let address = bitcoin.HDNode.fromBase58(xpubString).derivePath("0/0").getAddress();
// ************* address IS NOW AN ADDRESS THAT CAN BE CONTROLLED BY THE PRIVATE KEYS DERIVED FROM someMnemonicObject AND YOU CAN DERIVE AS MANY ADDRESSES AS YOU WANT (0/1, 0/2, 0/3 ...... 0/2348763 etc.) AND CHANGE ADDRESSES TOO ( 1/0, 1/1, 1/2, 1/3... 1/287366 etc.)