I've been playing around with multisig wallets using Sparrow. I've got two Ledger Nano hardware wallets, each set up with its own private key for single signature access. I created a 2 of 2 multisig wallet with these two. I expected the XPUB and ZPUB for each keystore to be the same as those from the single signature wallets on the same device. But to my surprise, they were different.
So, does using a set of private keys for a single signature wallet versus a multisig wallet lead to different XPUB and ZPUB values?
And if that's the case, do XPUB and ZPUB change depending on the number of signatures required for the multisig wallet?
Do XPUB and ZPUB differ between single and multisig wallets?
5 replies 375 views
gr3g.0rbitHero Member
Posts: 1025 · Reputation: 2646
#2Aug 22, 2025, 08:32 AM
It's the derivation from "master private key" to "extended public key".
The xpub/zpub are different because those are derived with different derivation paths which you can check in the wallet's 'Settings' under 'Keystores'.
For example (single-sig Native SegWit): m/84'/0'/0'
Each number separated with "/" starting from "m" (master private key) represents a key derivation index, which different index produce different child key.
The xpub is usually the child key at the last number of the derivation path shown.
Most multisig wallets are created from a set of seed phrases, one for each co-signer at least that's how it works in Electrum, so naturally when you go about deriving master public keys and extended public keys, the number of x/zpubs generated is going to be multiplied by the number of co-signers, because each one has a different seed.
Then each transaction will have a multisig script containing the public keys at the derived index e.g. 44'/0'/0'/0/0 for each co-signer's seed, for UTXOs of the first address.
king_tokenFull Member
Posts: 26 · Reputation: 293
#4Aug 22, 2025, 01:12 PM
when you're dealing with multisignature wallets, the XPUB and ZPUB values can indeed vary based on the multisig configuration. This is because multisig wallets use a different derivation path and a combination of public keys from the participating wallets to create a unique multisig address.
gr3g.0rbitHero Member
Posts: 1025 · Reputation: 2646
#5Aug 22, 2025, 06:45 PM
No, it's not in the derivation path; the script type (p2wpkh or p2sh-p2wpkh) only if it follows BIP48 standard but not the information about the consignees.
The number of required signatures is in the "redeem script" and the number of cosigners is based from the number of public keys in it.
That wont affect the derivation from the user's master private key to the extended public key that'll be used to derive the public keys in the MultiSig setup.
Different m-of-n setup wont produce a different xpub, it's just the difference in derivation path as explained in the previous posts.
jake.chainSenior Member
Posts: 280 · Reputation: 1307
#6Aug 23, 2025, 12:03 AM
The xpub or zpub is simply an encoding of the public key and chain code at that level. The only thing that will make it change is a different derivation path. Indeed, an xpub or a zpub (or any other type of master public key) at the same level encodes the exact same data other than the prefix and checksum.
For example, take the following seed phrase:
At m/0, the xpub is as follows:
If we decode that from Base58 to hex (and add in a few spaces for clarity), we get the following:
This is broken down as 4 byte version code, 1 byte key depth, 4 byte parent fingerprint, 4 byte child index number, 32 byte chain code, 33 byte public key, 8 byte checksum.
Now, let's take the zpub at the same derivation path:
Looks totally different, right? But let's decode that just as we did above:
The only thing that we change is the prefix version code, which is what changes the first four characters from "xpub" to "zpub". Because this has changed, the checksum changes too. And so the encoded key looks totally different, when in reality it is almost identical.
Related topics
- What Should I Know About Multisig Wallets? 13
- Creating a list of non-zero wallets and their balances using Python 4
- Difference between witness and signscript explained 5
- Restoring wallets from pre-fork days 7
- Best practices for securely storing newly generated wallets programmatically 14
- Ukraine plans to restrict crypto wallets for illegal funds, says finance minister 9