Skip to main content

Watch-Only Wallet | Bitcoin Glossary | Mapping Bitcoin

Watch-Only Wallet

Security

Also known as: watch wallet

A wallet that can monitor addresses and balances but cannot sign or spend transactions because it does not hold private keys. Watch-only wallets are used for monitoring funds, generating receive addresses from an xpub, or preparing unsigned transactions for offline signing.

Overview

A watch-only wallet is a Bitcoin wallet configured with only public keys (or an extended public key) and no private keys. It can track balances, monitor incoming and outgoing transactions, and generate new receive addresses, but it cannot sign or broadcast transactions. This separation of monitoring and spending capabilities is a fundamental component of secure cold storage setups.

How It Works

Cold Storage Setup with Watch-Only Wallet:

┌──────────────────┐          ┌──────────────────┐
│  OFFLINE DEVICE  │          │  ONLINE DEVICE   │
│  (cold storage)  │          │  (watch-only)    │
│                  │          │                  │
│  Private Keys    │          │  xpub only       │
│  Seed Phrase     │   xpub   │  (no private     │
│  Signs txs       │────────> │   keys)          │
│                  │          │                  │
│  Air-gapped      │          │  Monitors balance│
│                  │          │  Generates addrs │
│                  │  PSBT    │  Creates unsigned│
│  Signs PSBT  <───│──────────│  transactions    │
│                  │          │                  │
│  Returns signed  │          │  Broadcasts      │
│  PSBT ──────────>│────────> │  signed tx       │
└──────────────────┘          └──────────────────┘

The xpub (extended public key) allows the watch-only wallet to derive all child public keys and addresses in the wallet's derivation path, enabling it to track the full balance without ever having access to spending authority.

Use Cases

  • Secure cold storage monitoring: Check balances and receive payments without exposing private keys to an internet-connected device.
  • Business accounting: Track incoming payments and generate invoices without giving the accounting system spending capability.
  • Hardware wallet companion: Desktop wallet software often operates in watch-only mode, preparing transactions for signing on the hardware device.
  • Multi-party monitoring: Share an xpub with an auditor or business partner who needs visibility into funds but should not be able to spend them.
  • PSBT workflow: Create Partially Signed Bitcoin Transactions (PSBTs) on the watch-only wallet, transfer them to an offline signer, and broadcast the signed result.

Privacy Considerations

Sharing an xpub reveals all current and future addresses derived from that key. Anyone with the xpub can see the entire transaction history and balance associated with that derivation path. Therefore, xpubs should be treated as sensitive information and shared only with trusted parties or services.

Common Misconceptions

A watch-only wallet is not less secure — it is actually a security feature. By separating the monitoring function (online) from the signing function (offline), watch-only wallets reduce the attack surface for cold storage by ensuring private keys never touch an internet-connected device.

Related Terms

Extended Public Key (xpub)Cryptography

A key derived from an HD wallet's master seed that can generate all public keys and addresses in a particular derivation path without access to private keys. Sharing an xpub allows others to monitor balances and generate receiving addresses but not spend funds.

WalletGeneral

Software or hardware that manages Bitcoin private keys, generates addresses, creates and signs transactions, and tracks balances. Wallets range from simple mobile apps to complex multi-signature setups and do not actually 'store' bitcoin, which exists only on the blockchain.

Cold StorageSecurity

A method of storing Bitcoin private keys on a device or medium that is not connected to the internet, providing protection against remote hacking and malware. Examples include hardware wallets, paper wallets, and air-gapped computers.

Hardware WalletSecurity

A dedicated physical device that stores Bitcoin private keys in a secure element and signs transactions offline, protecting keys from exposure to internet-connected computers. Popular hardware wallets include Trezor, Ledger, and ColdCard.