Address Explorer
What is the Address Explorer?#
Video: COLDCARD Mk: Using Address Explorer
When interacting with a hardware wallet, the ability to verify the addresses displayed by your wallet interface on the hardware wallet is paramount. Failure to do so can leave you vulnerable to attacks via compromised mobile or desktop wallets that may be displaying addresses not generated by your COLDCARD®.
Video: COLDCARD Q: Using Address Explorer
COLDCARD's Address Explorer enables you to view, export and scan the addresses controlled by the device. For absolute peace of mind, you should leverage this feature, or the automatic address verification, each time you send Bitcoin to your COLDCARD.
Accessing Address Explorer#
Address Explorer is accessible directly from the main menu after entering your PIN. Don't forget to apply your wallet passphrase (if applicable) before viewing Address Explorer. Failure to do so will result in the incorrect addresses being displayed.
You will be shown this background information and warning text:
The following menu lists the first payment address
produced by various common wallet systems.
Choose the address that your desktop or mobile wallet
has shown you as the first receive address.
WARNING: Please understand that exceeding the gap limit
of your wallet, or choosing the wrong address on the next screen
may make it very difficult to recover your funds.
Address Types#
Address Explorer can display and export the following address types:
- Legacy
- Addresses starting with
1, also calledP2PKHor classic addresses. - Wrapped Segwit
- Addresses starting with
3a transitional format for segwit. - Segwit
- Addresses starting with
bc1, also calledP2WPKH. (Should be your first choice today.) - Applications
- Addresses specific to certain applications.
- Account Number
- Addresses within a user defined account (any non-zero account number).
- Custom Path
- Any address at a user-defined custom derivation path.
- Multi-sig
- Addresses within your existing multi-signature wallets.
- Start Idx:
- Set any index number to begin displaying addresses from (default is
0). Must be enabled inAdvanced/Tools > Danger Zone > AE Start Index.
As a safety feature, we present the first address of each type and you should pick the one that your desktop or mobile wallet has already generated for you. If you do not see a familiar address, then you should proceed with caution as you may have mistyped your wallet passphrase.
After selecting the desired address type, scroll down to view the first 10 addresses. When you reach the bottom of the screen, you'll be given a prompt to show the following 10.
Save to MicroSD Card#
After selecting the desired address type, you can save the next 250
addresses, beginning at the Start Idx (default 0), to a MicroSD
card or the Virtual Disk, if enabled.
The resulting file will be named addresses.csv, and can be imported
to another wallet without physical access to the COLDCARD.
On the Mk4, press 1 to save the address summary to a MicroSD card,
or press 2 to save to the Virtual Disk.
On the Q, press 1 to save the addresses to the MicroSD card in slot A,
press B to save to the MicroSD card in slot B, or press 2 to save to
the Virtual Disk.
Index Payment Address Derivation
0 bc1qdeej9p8rpxwypmpdgd0zqsmcta2y2pn25jfh59 m/84'/0'/0'/0/0
1 bc1q9wzwyrvmgnp2rr6y8zs939ztjenzg2r0sgtg6v m/84'/0'/0'/0/1
2 bc1qs7eecptfs4et6vpu8cgun3gcvc3pu6kxmfx6my m/84'/0'/0'/0/2
3 bc1qspqj2taxchke8atdchj3kckdkuf2krjt2zpfhr m/84'/0'/0'/0/3
4 bc1qxxdenujj8zw9wwwc39frmt6ld7d4c2nwm09hz2 m/84'/0'/0'/0/4
5 bc1qgwra4qpk7p6gdmdch4kh82k9k7vgtj2hhc4y02 m/84'/0'/0'/0/5
Store this file with great care. Anyone with access can view 250 addresses controlled by your COLDCARD, and that could impact your privacy. Another potential problem is an attacker could modify the file contents to send to his wallet rather than your COLDCARD.
View QR Codes#
After selecting the desired address type, pressing 4 on the Mk4 or
the QR key on the Q will prompt the COLDCARD to show each address, in
index order, along with a QR code version. Pressing down on the keypad
will move to the next address along the index.
Using this feature allows you to scan a QR code with any wallet and send Bitcoin directly to COLDCARD without ever needing to pair it with a third party wallet application.
Share Over NFC#
After selecting the desired address type (or multisig wallet), press 3 on
the Mk4 or the NFC key on the Q to share over NFC.
NFC has to be enabled in Settings > Hardware On/Off > NFC Sharing.
View Change Addresses#
After selecting the desired address type (or multisig wallet), press 0 and scroll down to view change addresses.
Don't Send Into The Void
Be careful to only send to an address that a blockchain-watching wallet is monitoring. Although it is possible to get funds back from any address shown by the explorer, it can be very difficult and quite technical.
The correct approach is to use the COLDCARD to verify and double-check addresses shown by your desktop/mobile wallet, which is watching the blockchain and able to generate PSBT files to someday move those coins.
Multisig Limitations#
Although the COLDCARD can generate addresses for multisig wallets, because there are other vendors involved, with unknowable signing policies and limitations, it is never safe to directly deposit to a multisig address generated solely on the COLDCARD.
For this reason, the COLDCARD will not show the entire address, and blanks out some of the middle digits with underscore. The remaining digits are visible and can be used to verify the address provided by other systems.
The QR code is not offered for multisig addresses because it would not be safe to use.
Custom Derivation Paths and Large Account numbers#
We allow you to enter arbitrary derivation paths, and huge account numbers. If you send to those addresses, you need some software that is able to track the UTXO created on the blockchain, and someday build a PSBT that the COLDCARD will sign. Without that software, your coins will be stuck.