diff --git a/server/internal/core/application/covenant.go b/server/internal/core/application/covenant.go
index 374ac19..8a9f391 100644
--- a/server/internal/core/application/covenant.go
+++ b/server/internal/core/application/covenant.go
@@ -387,6 +387,11 @@ func (s *covenantService) ListVtxos(ctx context.Context, address string) ([]doma
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to decode address: %s", err)
 	}
+
+	if !bytes.Equal(schnorr.SerializePubKey(decodedAddress.Asp), schnorr.SerializePubKey(s.pubkey)) {
+		return nil, nil, fmt.Errorf("address does not match server pubkey")
+	}
+
 	pubkey := hex.EncodeToString(schnorr.SerializePubKey(decodedAddress.VtxoTapKey))
 
 	return s.repoManager.Vtxos().GetAllVtxos(ctx, pubkey)
diff --git a/server/internal/core/application/covenantless.go b/server/internal/core/application/covenantless.go
index 470272a..ad3fcc7 100644
--- a/server/internal/core/application/covenantless.go
+++ b/server/internal/core/application/covenantless.go
@@ -650,6 +650,11 @@ func (s *covenantlessService) ListVtxos(ctx context.Context, address string) ([]
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to decode address: %s", err)
 	}
+
+	if !bytes.Equal(schnorr.SerializePubKey(decodedAddress.Asp), schnorr.SerializePubKey(s.pubkey)) {
+		return nil, nil, fmt.Errorf("address does not match server pubkey")
+	}
+
 	pubkey := hex.EncodeToString(schnorr.SerializePubKey(decodedAddress.VtxoTapKey))
 
 	return s.repoManager.Vtxos().GetAllVtxos(ctx, pubkey)