Derivation Path

[blue Snow]

Derivation Path is just a fancy way of saying “this is the thing you use to get all your accounts from your mnemonic phrase"

This is what a derivation path looks like:

m/44'/0'/0'/0'/0

m’ / purpose’ / coin_type’ / account’ / change / address_index



Here are some actual derivation paths used by wallets.

BIP 32: m/0'/0/0 (old)
BIP 44: m/44'/0'/0'/0/0 > Legacy
BIP 49: m/49'/0'/0'/0/0 > Segwit
BIP 84: m/84'/0'/0'/0/0 > native
BIP 86: m/86'/0'/0'/0/0 > Taproot

Coin_type 0 is Bitcoin
Coin_type 1 is testnet (all testnet coin)
Coin_type 2 is Litecoin, example > m/49'/2'/0'/0/0 > Litecoin segwit
Coin_type 3 is Dogecoin, example > m/44'/3'/0'/0/0

...
coin_type 60 is ethereum, example > BIP 44: m/44'/60'/0'/0/0
Coin_type 128 is Monero, example > m/44'/128'/0'/0/0

for more coin code type, find out > https://github.com/satoshilabs/slips/blob/master/slip-0044.md

this is for example index:

m/44/0/0/0/0: 1AZnveys2k5taGCCF743RtrWGwc58UMeq
m/44/0/0/0/1: 1AMYJTJyV4o1hwNACJtfdXBW6BiD1f5FXb
m/44/0/0/0/2: 1NPFFtSiFRatoeUf35rwYb8j8C1u7sVhGa
m/44/0/0/0/3: 1L44VTYEzWesp8cxnXcPGbUzuwTYoSW9at
m/44/0/0/0/4: 1FK85vpZavzZu6oBCvBcmD4FWXQT5fVYRu
m/44/0/0/0/5: 12QaHfWLtyuMwNXuap3FscMY434bw4TS6n
m/44/0/0/0/6: 1NeFG5BYAR9bnjAG72SDYKvNZBH4kPa8r1

This is derivation path on hardware wallet connecting





while connecting your wallet don't forget your address and derivation path, be sure doesn't make mistake purpose and coin type

https://medium.com/mycrypto/wtf-is-a-derivation-path-c3493ca2eb52
https://medium.com/myetherwallet/hd-wallets-and-derivation-paths-explained-865a643c7bf2
https://learnmeabitcoin.com/guide/derivation-paths
https://blog.blocknative.com/blog/custom-derivation-paths

[1714146514]

1714146514

[1714146514]

1714146514

[1714146514]

1714146514

[1714146514]

1714146514

[1714146514]

1714146514

[1714146514]

1714146514

[Maus0728]

Hey I admire your effort in constructing the a simple guide regarding the derivation path use in many cryptocurrency wallet. I am hearing these terms when someone is having a trouble with their wallet in Developmental and Technical Discussions.

But it would be more useful if you are writing an in-depth explanation what is the use of derivation path, why is it useful and what are the prerequisites in order to fully understand them.

I admit that I am still a beginner when it comes to these matter but still I am trying to understand this as much as I can. 

[blue Snow]

But it would be more useful if you are writing an in-depth explanation what is the use of derivation path, why is it useful and what are the prerequisites in order to fully understand them.

for example you lost hardware wallet and want to recover into electrum, and you should to know most of Bitcoin address HD wallet come with 3 or segwit, different electrum use native or bc1.



After you tick BIP39 on already seed, you should change this path into p2sh-segwit



if you didn't change it you got different address, you will panic.

[o_e_l_e_o]

But it would be more useful if you are writing an in-depth explanation what is the use of derivation path, why is it useful and what are the prerequisites in order to fully understand them.

Derivation paths are explained in BIP44, and that's a good place to start reading if you want to understand them a bit more. Link here: https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki

BIP49 and BIP84 deal with derivation paths for P2SH-P2WPKH (nested segwit) and P2WPKH (native segwit) respectively. Links here: https://github.com/bitcoin/bips/blob/master/bip-0049.mediawiki and https://github.com/bitcoin/bips/blob/master/bip-0084.mediawiki

If you want to get even more technical, then once reading the BIPs above, you could read BIP32, which explains the algorithms used to derive child keys from their parent keys. Link here: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

[Maus0728]

Derivation paths are explained in BIP44, and that's a good place to start reading if you want to understand them a bit more. Link here: https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki

BIP49 and BIP84 deal with derivation paths for P2SH-P2WPKH (nested segwit) and P2WPKH (native segwit) respectively. Links here: https://github.com/bitcoin/bips/blob/master/bip-0049.mediawiki and https://github.com/bitcoin/bips/blob/master/bip-0084.mediawiki

If you want to get even more technical, then once reading the BIPs above, you could read BIP32, which explains the algorithms used to derive child keys from their parent keys. Link here: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

Is there any prerequisite subject to understand all of these related terms?

I am familiar using C++ programming language and I am currently using mycelium wallet just to familiarize myself to see the actual addresses of native segwit, legacy and segwit, I also understand the importance of seed phrase in a wallet. However, I think those are not enough to dive in to a more technical part of it.

Thank you for all of the guides @o_e_l_e_o. I assure you that I will study those lecture.

[o_e_l_e_o]

Is there any prerequisite subject to understand all of these related terms?

BIPs 44, 49, and 84 aren't very technical and should only really require a basic knowledge of how hierarchical deterministic wallets (i.e. pretty much every current wallet) work.

BIP32 is significantly more technical and requires reasonable knowledge of math, cryptography, and some basic coding. If you are finding it hard to understand, then you could try reading Mastering Bitcoin by Andreas Antonopoulos, particularly Chapter 5 "Wallets". It's available for free here: https://github.com/bitcoinbook/bitcoinbook

[blue Snow]

Thanks for @Captain-Cryptory and @o_e_l_e_o for answer the question, I am still beginner and need more knowledge for explaining hi-tech question.


If user have and created more account in hardware or other HD wallet, dont forget to change "account" on Derivation path from 0 to 1. if we don't changed, it will appears different address or will back to first account (0). (In programing, counting star from 0,1,2,3...so,, second account (1), third account (2)..)

m/44'/0'/1'/0'



First learning is account and index address are different thing.

[o_e_l_e_o]

So in the screenshot of Electrum you have posted there, as you say m/44'/0'/1' refers to legacy addresses (44'), for bitcoin mainnet (0'), on the second account (1'). Every address generated within that wallet will have the same m/44'/0'/1' beginning to their derivation paths. You don't specify the last two numbers (which refer to change and address index) when generating a wallet, because every address generated within that wallet will have different last two numbers. The first receiving address in this example would be m/44'/0'/1'/0/0, the second would be m/44'/0'/1'/0/1, and the first change address would be m/44'/0'/1'/1/0.

Now, you've written the following:

m/44'/0'/1'/0'

You need to be careful here, as you've added an extra /0' at the end that is unnecessary. If you override the suggested derivation path in Electrum with that, Electrum will use that to generate a wallet instead of m/44'/0'/1', so you will be left with a very non-standard derivation path of m/44'/0'/1'/0'/0/0 for your first address (and so on), which will generate an entirely new set of private keys and an entirely new set of addresses. If you don't remember that you've done that, then you could have serious problems trying to recover your coins in the future.

As Electrum says, if you don't fully understand derivation paths, it's best not to mess around with them, because you could lose your coins somewhere in the infinite number of addresses you can create.

[blue Snow]

Thank you for explain,

I don't know what i have done or missing something, I am making practise using Mnemonic Code Converter tool to get BIP 39 seed (orient size mass nut pipe jewel nut burst artist mixed perfect develop) and derivation path  m/44'/0'/1'/1 address showed 1Z1EMQjFuyRvG3vZhrQpQKPjbu4zwYXsh
make an equation, import same detil to electrum, suddenly got different address 1NAxsdvXQeuEozUVvyVgge5B3vv1SutCB1

[o_e_l_e_o]

I am making practise using Mnemonic Code Converter tool to get BIP 39 seed

It should go without saying, but please make sure you only use that seed for practicing, and never send any coins to any of the address, since it is now publicly viewable to anyone and everyone.

So, if you use the derivation path m/44'/0'/1'/1/0 with that seed, you get the address 1Z1EMQjFuyRvG3vZhrQpQKPjbu4zwYXsh as you say.

The address 1NAxsdvXQeuEozUVvyVgge5B3vv1SutCB1 is found at the derivation path m/44'/0'/1'/1'/0/0. This means that in the derivation path box in Electrum, you must have entered m/44'/0'/1'/1'.

As I said above, you've added an entire extra level by adding in an extra /1', which results in a completely non-standard derivation path. It is possible (but not recommended) to add as many extra levels as you like - the key at each level is simply derived from the parent key at the level above it. But as you have discovered, when adding in additional levels you will end up with a completely different set of addresses, you might not be sure how you got there, and there is a very high potential to lose your coins.

[o_e_l_e_o]

You have got different address cuz starting from the version 2.0 Electrum

derives keys and addresses from a hash of the UTF8 normalized seed phrase with no dependency on a fixed wordlist.

that isn't exactly the same as BIP39 scheme.

That's not accurate. Both address he gave are generate from the above BIP39 seed phrase at different derivation paths, as I showed in my last post.

Go to https://iancoleman.io/bip39/
Paste in the above seed phrase to the "BIP39 Mnemonic" field
Scroll down to "Derivation Path" and select "BIP32"
Under "Client" select "Custom derivation path"
Under "BIP32 Derivation Path" paste m/44'/0'/1'/1, scroll down, and the first address is 1Z1EM...
Under "BIP32 Derivation Path" paste m/44'/0'/1'/1'/0, scroll down, and the first address is 1NAxs...

Although Electrum by default doesn't use BIP39 seed phrases, when importing a seed phrase to Electrum you can click "Options" and select "BIP39 seed", as blue Snow must have done, otherwise he wouldn't have obtained the 1NAxs... address.

So, instead of "Custom Derivation Path" chose "Trezor, Ledger" option in  Client field  when fiddling with coleman generator.

Importing a non-BIP39 seed in to Electrum as a BIP39 seed will never give you the same addresses, regardless of how much you change the derivation path.

[pooya87]

OK. bare BIP39 is still supported but likely  be deprecated in the future versions,  at least that is what 3.3.8 client says right now. Anyway the generation scheme of the current and all future Electrum is different from bare BIP39. https://electrum.readthedocs.io/en/latest/seedphrase.html  That is why you had to scroll down to find that address.

i haven't seen the "deprecated in the future versions" anywhere, and i don't think features like that would ever be deprecated because wallets must always try to keep backward compatibility.
in any case if some day some wallet stopped supporting BIP-39 you can always find another tool (like IanColeman tool) and convert the mnemonic to an extended private key (starts with xprv) to use the more universal master key to import. or worst case scenario import individual keys.

[o_e_l_e_o]

at least that is what 3.3.8 client says right now.

It says "We do not guarantee that BIP39 imports will always be supported", which is a bit different to "They are likely to be deprecated". A very quick GitHub search says that message has been there for at least 2 years. Given how ubiquitous BIP39 seeds phrases are, I can't foresee the Electrum devs discontinuing support for them anytime soon.

Anyway the generation scheme of the current and all future Electrum is different from bare BIP39. https://electrum.readthedocs.io/en/latest/seedphrase.html  That is why you had to scroll down to find that address.

That's not the issue in blue Snow's case, though. If you use an Electrum generated non-BIP39 seed, then the default derivation path is m/0, meaning the first address is m/0/0, which is neither of the derivation paths he ended up on above. Even if he had managed to import that seed phrase as a non-BIP39 phrase (which he can't, because Electrum won't accept it as a non-BIP39 phrase), then the addresses at the derivation paths we have discussed above would be different to the addresses obtained. He obtained addresses linked to the BIP39 phrase both in and out of Electrum, so he managed to import the seed phrase correctly. His issue is with using custom derivation paths, not with importing the seed phrase incorrectly.

[pooya87]

It will,  as the  key generation scheme used by Electrum differs from bare BIP39 https://electrum.readthedocs.io/en/latest/seedphrase.html  Right now client is in position to  import BIP 39 SEED but says   that option can not be guaranteed one  in the future. You can check it.

backward compatibility means when a user is capable of importing his BIP-39 mnemonic in Electrum today and the wallet file stores it, then it must continue being able to read BIP-39 mnemonics and convert them to child keys otherwise the old user's wallet can break down.
could you quote the exact part from the doc where it says that? i honestly cant see it.

[o_e_l_e_o]

could you quote the exact part from the doc where it says that? i honestly cant see it.

It says it after you tick the "BIP39 seed" checkbox under the "Options" pop up when importing a seed in to Electrum:



https://github.com/spesmilo/electrum/blob/a0b096dcb2292c2826f7beae173c529d335142f0/electrum/gui/qt/seed_dialog.py#L77

[blue Snow]

true, as @o_e_l_e_o mentioned i was mistake, inserted wrong path into electrum m/44'/0'/1'/1' , changed 0 with 1 without delete (') single quote at least

[o_e_l_e_o]

The same for both me and Electrum team. If not guaranteed - then deprecated, forever for Electrum and me

Well, then you are completely free to choose another wallet which guarantee BIP39 support forever more. As pooya87 says, it's highly unlikely Electrum will stop supporting BIP39 since it means all Electrum wallets which use BIP39 suddenly become incompatible. They would be shooting themselves in the foot and alienating a large number of their customers. But even if they did, you can just take your BIP39 seed to another wallet, so no harm done to you individually.

You know,  by arbitrary  extending derivation path you can get all possible keys that could only exist.

Theoretically yes, but practically impossible, in the same way that address collision is theoretically possible but will never happen.

Even just looking at individual private keys, there are (just short of) 2²⁵⁶ keys. Given that each key is 32 bytes, that works out to somewhere in the region of 3*10⁵⁷ zettabytes just to store the private keys. For comparison, there is around 3 zettabytes of storage in the entire world right now. So we're off by a factor of around 1 billion trillion trillion trillion trillion just to be able to store the final private keys, even forgetting the multiple keys you have to derive to obtain each one, and forgetting generating addresses, and forgetting all the computing power to do so.

[blue Snow]

I am learning some thing new here about derivation path of native segwit.

m/48'/0'/0'/2' is the correct default derivation path for multi-sig native segwit in Electrum. m/84'/0'/0' is for standard (non-multi-sig) wallets.

Basic on this thread we should be careful different path multi signature native segwit with standar native segwit.

Multi-sig native segwit path begin with number 48 while standar native begin with 84 see quoted example. we can read something case here https://bitcoin.stackexchange.com/questions/92533/why-do-the-xpubs-from-electrum-and-trezor-not-match-when-creating-a-multisig-wal Trezor using BIP39 standar native segwit use 84 while electrum using native begin with 48

[o_e_l_e_o]

Multi-sig native segwit path begin with number 48 while standar native begin with 84 see quoted example.

That's the convention, but it is my no means the law. It is entirely possible to generate any type of address (multi-sig or not, native or nested or not segwit) at any derivation path. Electrum uses the following as default values for the purpose field:

44 - Legacy
45 - Legacy Multi-sig
48 - Segwit Multi-sig
49 - Nested Segwit
84 - Native Segwit

Electrum expands on Segwit Multi-sig by adding a "script type" field between the account and change fields, meaning the derivation path for Nested Segwit Multi-sig is m/48'/0'/0'/1', and for Native Segwit Multi-sig is m/48'/0'/0'/2'. You can read more at GitHub here: https://github.com/spesmilo/electrum/issues/4352.

But as I said, you can use any derivation path you like. Bitcoin Core, for example, uses m/0'/0' for all address types.

[Husna QA]

@blue Snow Sorry to bump your thread.
It seems that the derivation-paths-level image link listed in the directory on the web source you are using has changed.

Code:

https://learnmeabitcoin.com/guide/images/derivation-paths/levels.png

Here are the latest updates I found:

Code:

https://learnmeabitcoin.com/technical/images/derivation-paths/levels.png