diff --git a/lightningd/Makefile b/lightningd/Makefile
index 8d1f383cf..466f24450 100644
--- a/lightningd/Makefile
+++ b/lightningd/Makefile
@@ -38,6 +38,7 @@ LIGHTNINGD_OLD_LIB_HEADERS := $(LIGHTNINGD_OLD_LIB_SRC:.c=.h)
 
 # FIXME: put in a library so we don't link all of them.
 LIGHTNINGD_LIB_SRC :=				\
+	lightningd/bip32.c			\
 	lightningd/channel.c			\
 	lightningd/channel_config.c		\
 	lightningd/commit_tx.c			\
diff --git a/lightningd/bip32.c b/lightningd/bip32.c
new file mode 100644
index 000000000..5839adcb8
--- /dev/null
+++ b/lightningd/bip32.c
@@ -0,0 +1,25 @@
+#include <lightningd/bip32.h>
+#include <wally_bip32.h>
+#include <wire/wire.h>
+
+/* We only ever send out the public seed. */
+void towire_ext_key(u8 **pptr, const struct ext_key *bip32)
+{
+	unsigned char out[BIP32_SERIALIZED_LEN];
+
+	if (bip32_key_serialize(bip32, BIP32_FLAG_KEY_PUBLIC, out,
+				sizeof(out)))
+		abort();
+
+	towire(pptr, out, sizeof(out));
+}
+
+void fromwire_ext_key(const u8 **cursor, size_t *max, struct ext_key *bip32)
+{
+	const u8 *in = fromwire(cursor, max, NULL, BIP32_SERIALIZED_LEN);
+	if (!in)
+		return;
+
+	if (bip32_key_unserialize(in, BIP32_SERIALIZED_LEN, bip32) != WALLY_OK)
+		fromwire_fail(cursor, max);
+}
diff --git a/lightningd/bip32.h b/lightningd/bip32.h
new file mode 100644
index 000000000..11a06f5cc
--- /dev/null
+++ b/lightningd/bip32.h
@@ -0,0 +1,12 @@
+#ifndef LIGHTNING_LIGHTNINGD_BIP32_H
+#define LIGHTNING_LIGHTNINGD_BIP32_H
+#include "config.h"
+#include <ccan/short_types/short_types.h>
+#include <stddef.h>
+
+struct ext_key;
+
+void towire_ext_key(u8 **pptr, const struct ext_key *bip32);
+void fromwire_ext_key(const u8 **cursor, size_t *max, struct ext_key *bip32);
+
+#endif /* LIGHTNING_LIGHTNINGD_BIP32_H */
diff --git a/lightningd/hsm/hsm.c b/lightningd/hsm/hsm.c
index 912aed273..d5f6afe54 100644
--- a/lightningd/hsm/hsm.c
+++ b/lightningd/hsm/hsm.c
@@ -243,23 +243,16 @@ static void send_init_response(struct daemon_conn *master)
 {
 	struct pubkey node_id;
 	struct secret peer_seed;
-	u8 *serialized_extkey = tal_arr(master, u8, BIP32_SERIALIZED_LEN), *msg;
+	u8 *msg;
 
 	hkdf_sha256(&peer_seed, sizeof(peer_seed), NULL, 0,
 		    &secretstuff.hsm_secret,
 		    sizeof(secretstuff.hsm_secret),
 		    "peer seed", strlen("peer seed"));
-
 	node_key(NULL, &node_id);
-	if (bip32_key_serialize(&secretstuff.bip32, BIP32_FLAG_KEY_PUBLIC,
-				serialized_extkey, tal_len(serialized_extkey))
-	    != WALLY_OK)
-		status_failed(WIRE_HSMSTATUS_KEY_FAILED,
-			      "Can't serialize bip32 public key");
 
 	msg = towire_hsmctl_init_reply(master, &node_id, &peer_seed,
-				       serialized_extkey);
-	tal_free(serialized_extkey);
+				       &secretstuff.bip32);
 	daemon_conn_send(master, take(msg));
 }
 
diff --git a/lightningd/hsm/hsm_wire.csv b/lightningd/hsm/hsm_wire.csv
index 4dd3d8424..135c8077b 100644
--- a/lightningd/hsm/hsm_wire.csv
+++ b/lightningd/hsm/hsm_wire.csv
@@ -15,11 +15,11 @@ hsmstatus_client_bad_request,,msg,len*u8
 hsmctl_init,1
 hsmctl_init,,new,bool
 
+#include <lightningd/bip32.h>
 hsmctl_init_reply,101
 hsmctl_init_reply,,node_id,33
 hsmctl_init_reply,,peer_seed,struct secret
-hsmctl_init_reply,,bip32_len,2
-hsmctl_init_reply,,bip32_seed,bip32_len*u8
+hsmctl_init_reply,,bip32,struct ext_key
 
 # ECDH returns an fd.
 hsmctl_hsmfd_ecdh,3
diff --git a/lightningd/hsm_control.c b/lightningd/hsm_control.c
index ffbe5f624..afef1ff6b 100644
--- a/lightningd/hsm_control.c
+++ b/lightningd/hsm_control.c
@@ -33,7 +33,7 @@ u8 *hsm_sync_read(const tal_t *ctx, struct lightningd *ld)
 void hsm_init(struct lightningd *ld, bool newdir)
 {
 	const tal_t *tmpctx = tal_tmpctx(ld);
-	u8 *msg, *serialized_extkey;
+	u8 *msg;
 	bool create;
 
 	ld->hsm_fd = subd_raw(ld, "lightningd_hsm");
@@ -48,17 +48,15 @@ void hsm_init(struct lightningd *ld, bool newdir)
 	if (!wire_sync_write(ld->hsm_fd, towire_hsmctl_init(tmpctx, create)))
 		err(1, "Writing init msg to hsm");
 
+	ld->bip32_base = tal(ld, struct ext_key);
 	msg = hsm_sync_read(tmpctx, ld);
-	if (!fromwire_hsmctl_init_reply(tmpctx, msg, NULL,
+	if (!fromwire_hsmctl_init_reply(msg, NULL,
 					&ld->dstate.id,
 					&ld->peer_seed,
-					&serialized_extkey))
+					ld->bip32_base))
 		errx(1, "HSM did not give init reply");
 
-	log_info_struct(ld->log, "Our ID: %s", struct pubkey, &ld->dstate.id);
-	ld->bip32_base = tal(ld, struct ext_key);
-	if (bip32_key_unserialize(serialized_extkey, tal_len(serialized_extkey),
-				  ld->bip32_base) != WALLY_OK)
-		errx(1, "HSM did not give unserializable BIP32 extkey");
+	/* FIXME... */
 	ld->wallet->bip32_base = ld->bip32_base;
+	tal_free(tmpctx);
 }
diff --git a/lightningd/opening/opening.c b/lightningd/opening/opening.c
index a7a75c376..7c806e58c 100644
--- a/lightningd/opening/opening.c
+++ b/lightningd/opening/opening.c
@@ -207,7 +207,7 @@ static u8 *funder_channel(struct state *state,
 			  u64 change_satoshis, u32 change_keyindex,
 			  u8 channel_flags,
 			  const struct utxo *utxos,
-			  const u8 *bip32_seed)
+			  const struct ext_key *bip32_base)
 {
 	const tal_t *tmpctx = tal_tmpctx(state);
 	struct channel_id channel_id, id_in;
@@ -219,14 +219,8 @@ static u8 *funder_channel(struct state *state,
 	u32 minimum_depth;
 	const u8 **wscripts;
 	struct bitcoin_tx *funding;
-	struct ext_key bip32_base;
 	const struct utxo **utxomap;
 
-	if (bip32_key_unserialize(bip32_seed, tal_len(bip32_seed), &bip32_base)
-	    != WALLY_OK)
-		status_failed(WIRE_OPENING_BAD_PARAM,
-			      "Bad BIP32 key %s", tal_hex(trc, bip32_seed));
-
 	set_reserve(&state->localconf.channel_reserve_satoshis,
 		    state->funding_satoshis);
 
@@ -328,7 +322,7 @@ static u8 *funder_channel(struct state *state,
 
 	/* Now, ask create funding transaction to pay those two addresses. */
 	if (change_satoshis) {
-		if (!bip32_pubkey(&bip32_base, &changekey, change_keyindex))
+		if (!bip32_pubkey(bip32_base, &changekey, change_keyindex))
 			status_failed(WIRE_OPENING_BAD_PARAM,
 				      "Bad change key %u", change_keyindex);
 	}
@@ -339,7 +333,7 @@ static u8 *funder_channel(struct state *state,
 			     our_funding_pubkey,
 			     &their_funding_pubkey,
 			     change_satoshis, &changekey,
-			     &bip32_base);
+			     bip32_base);
 	bitcoin_txid(funding, &state->funding_txid);
 
 	state->channel = new_channel(state,
@@ -695,7 +689,7 @@ int main(int argc, char *argv[])
 	u32 change_keyindex;
 	u8 channel_flags;
 	struct utxo *utxos;
-	u8 *bip32_seed;
+	struct ext_key bip32_base;
 	u32 network_index;
 
 	if (argc == 2 && streq(argv[1], "--version")) {
@@ -751,11 +745,11 @@ int main(int argc, char *argv[])
 				    &state->push_msat,
 				    &state->feerate_per_kw, &max_minimum_depth,
 				    &change_satoshis, &change_keyindex,
-				    &channel_flags, &utxos, &bip32_seed))
+				    &channel_flags, &utxos, &bip32_base))
 		msg = funder_channel(state, &our_funding_pubkey, &our_points,
 				     max_minimum_depth, change_satoshis,
 				     change_keyindex, channel_flags,
-				     utxos, bip32_seed);
+				     utxos, &bip32_base);
 	else if (fromwire_opening_fundee(state, msg, NULL, &minimum_depth,
 					 &min_feerate, &max_feerate, &peer_msg))
 		msg = fundee_channel(state, &our_funding_pubkey, &our_points,
diff --git a/lightningd/opening/opening_wire.csv b/lightningd/opening/opening_wire.csv
index 1e80ea952..5402a7179 100644
--- a/lightningd/opening/opening_wire.csv
+++ b/lightningd/opening/opening_wire.csv
@@ -25,6 +25,7 @@ opening_init,,crypto_state,struct crypto_state
 # Seed to generate all the keys from
 opening_init,,seed,struct privkey
 
+#include <lightningd/bip32.h>
 # This means we offer the open.
 opening_funder,1
 opening_funder,,funding_satoshis,8
@@ -37,8 +38,7 @@ opening_funder,,channel_flags,u8
 #include <lightningd/utxo.h>
 opening_funder,,num_inputs,u16
 opening_funder,,inputs,num_inputs*struct utxo
-opening_funder,,bip32_len,u16
-opening_funder,,bip32_seed,bip32_len*u8
+opening_funder,,bip32,struct ext_key
 
 # This gives their sig, means we can broadcast tx: we're done.
 opening_funder_reply,101
diff --git a/lightningd/peer_control.c b/lightningd/peer_control.c
index 78dab12bc..cdbe297fe 100644
--- a/lightningd/peer_control.c
+++ b/lightningd/peer_control.c
@@ -1938,7 +1938,6 @@ static bool gossip_peer_released(struct subd *gossip,
 	u8 *msg;
 	struct subd *opening;
 	struct utxo *utxos;
-	u8 *bip32_base;
 	struct crypto_state cs;
 
 	if (!fromwire_gossipctl_release_peer_reply(resp, NULL, &cs)) {
@@ -1985,11 +1984,6 @@ static bool gossip_peer_released(struct subd *gossip,
 	subd_send_msg(opening, take(msg));
 
 	utxos = from_utxoptr_arr(fc, fc->utxomap);
-	bip32_base = tal_arr(fc, u8, BIP32_SERIALIZED_LEN);
-	if (bip32_key_serialize(fc->peer->ld->bip32_base, BIP32_FLAG_KEY_PUBLIC,
-				bip32_base, tal_len(bip32_base))
-	    != WALLY_OK)
-		fatal("Can't serialize bip32 public key");
 
 	/* FIXME: Real feerate! */
 	msg = towire_opening_funder(fc, fc->peer->funding_satoshi,
@@ -1997,7 +1991,7 @@ static bool gossip_peer_released(struct subd *gossip,
 				    15000, max_minimum_depth,
 				    fc->change, fc->change_keyindex,
 				    fc->peer->channel_flags,
-				    utxos, bip32_base);
+				    utxos, fc->peer->ld->bip32_base);
 	subd_req(fc, opening, take(msg), -1, 2, opening_funder_finished, fc);
 	return true;
 }