Anatomy of an xpub / xprv

When you see a string like xpub661MyMw..., you are looking at a 78-byte binary payload encoded in Base58Check. This payload contains all the metadata required to reconstruct a specific node in the HD Wallet tree.

1. The 78-Byte Structure

The raw data inside an extended key is strictly formatted:

Offset	Size	Name	Description
0	4	Version Bytes	Identifies xpub vs xprv and Network.
4	1	Depth	0 for master, 1 for child, etc.
5	4	Parent Fingerprint	The first 4 bytes of the parent's PK Hash.
9	4	Child Index	Which child number this is (0 to $2^{31}-1$).
13	32	Chain Code	The extra entropy for child derivation.
45	33	Key Data	Private key (with leading 00) or Public key.

2. The Version Bytes

The first 4 bytes determine the "Type" of the key.

• 0x0488B21E: Mainnet xpub

• 0x0488ADE4: Mainnet xprv

• 0x043587CF: Testnet tpub

• 0x04358394: Testnet tprv

3. The Chain Code (32 bytes)

This is the most critical part of an extended key. It is combined with the key data in a hash function (HMAC-SHA512) to produce the next generation of keys. Without the chain code, the key is "Blind" and cannot see its children.

4. The Parent Fingerprint

This is a small "Tag" that identifies the parent key. It is used by wallet software to visualize the tree structure. It does not provide security, only organizational context.

5. Child Index

Every parent can have up to 4 billion children.

• 0 to 2,147,483,647: Normal Children.

• 2,147,483,648 to 4,294,967,295: Hardened Children.

By storing the index in the payload, the key "Knows" its own position in the lineage of the master seed.

In the next section, we will explore the power of Public Parent to Public Child derivation.