I looked it up.

1. SHA-256: Used twice (double SHA-256) for block hashing and once in address generation.

2. RIPEMD-160: Used once in address generation (after SHA-256).

3. ECDSA: Used once for transaction signing and verification.

4. Base58Check: Used once for address encoding (includes a checksum generated using SHA-256).

For simple key derivation no, just the one pubkey. However most crypto wallets use a "hierarchical derivation" [1] scheme.

[1] https://www.ledger.com/academy/crypto/what-are-hierarchical-...

If you have a normal ECDSA private key, you get only one public key. However, there are ways to get a 1-to-many scheme, and similar ideas are used in U2F (yubikey or similar) systems.

The basic idea is you pick one private key that's a sequence of 256 bits or so, call this k. When you need a keypair, you compute H(k, tag) to get another bitstring, then turn that into an ECDSA private key (minding the bear traps here) and that then has a single public key.

For example in U2F, the key derivation is H(k, domain, ...) where k is the secret baked into the USB token, domain is the domain you're logging in to (this is the part that protects against phishing, among other things) and further protocol-specific information.