-
Notifications
You must be signed in to change notification settings - Fork 1.3k
/
hdwallet.ts
269 lines (226 loc) · 8.07 KB
/
hdwallet.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
import { Base58 } from '@ethersproject/basex';
import type { BytesLike } from '@ethersproject/bytes';
import { hexDataSlice, hexlify, concat, hexZeroPad, arrayify } from '@ethersproject/bytes';
import { computeHmac, ripemd160, sha256, SupportedAlgorithm } from '@ethersproject/sha2';
import { toBigInt } from '@fuel-ts/math';
import { Mnemonic } from '@fuel-ts/mnemonic';
import { Signer } from '@fuel-ts/signer';
// "Bitcoin seed"
const HARDENED_INDEX = 0x80000000;
// 4 byte: version bytes (mainnet: 0x0488B21E public, 0x0488ADE4 private; testnet: 0x043587CF public, 0x04358394 private)
const MainnetPRV = hexlify('0x0488ade4');
const MainnetPUB = hexlify('0x0488b21e');
const TestnetPRV = hexlify('0x04358394');
const TestnetPUB = hexlify('0x043587cf');
function base58check(data: Uint8Array): string {
return Base58.encode(concat([data, hexDataSlice(sha256(sha256(data)), 0, 4)]));
}
function getExtendedKeyPrefix(isPublic: boolean = false, testnet: boolean = false) {
if (isPublic) {
return testnet ? TestnetPUB : MainnetPUB;
}
return testnet ? TestnetPRV : MainnetPRV;
}
function isPublicExtendedKey(extendedKey: Uint8Array) {
return [MainnetPUB, TestnetPUB].includes(hexlify(extendedKey.slice(0, 4)));
}
function isValidExtendedKey(extendedKey: Uint8Array) {
return [MainnetPRV, TestnetPRV, MainnetPUB, TestnetPUB].includes(
hexlify(extendedKey.slice(0, 4))
);
}
function parsePath(path: string, depth: number = 0) {
const components = path.split('/');
if (components.length === 0 || (components[0] === 'm' && depth !== 0)) {
throw new Error(`invalid path - ${path}`);
}
if (components[0] === 'm') {
components.shift();
}
return components.map((p) =>
~p.indexOf(`'`) ? parseInt(p, 10) + HARDENED_INDEX : parseInt(p, 10)
);
}
function to4Bytes(v: number) {
const data = new Uint8Array(4);
for (let i = 24; i >= 0; i -= 8) {
data[0 + (i >> 3)] = (v >> (24 - i)) & 0xff;
}
return data;
}
type HDWalletConfig = {
privateKey?: BytesLike;
publicKey?: BytesLike;
chainCode: BytesLike;
depth?: number;
index?: number;
parentFingerprint?: string;
};
class HDWallet {
depth: number = 0;
index: number = 0;
fingerprint: string = hexlify('0x00000000');
parentFingerprint: string = hexlify('0x00000000');
privateKey?: string;
publicKey: string;
chainCode: BytesLike;
/**
* HDWallet is a implementation of the BIP-0044 and BIP-0032, Multi-Account Hierarchy for Deterministic Wallets
*
* @param config - Wallet configurations
*/
constructor(config: HDWalletConfig) {
// TODO: set some asserts here
if (config.privateKey) {
const signer = new Signer(config.privateKey);
this.publicKey = hexlify(signer.compressedPublicKey);
this.privateKey = hexlify(config.privateKey);
} else {
if (!config.publicKey) {
throw new Error('Public and Private Key are missing!');
}
this.publicKey = hexlify(config.publicKey);
}
this.parentFingerprint = config.parentFingerprint || this.parentFingerprint;
this.fingerprint = hexDataSlice(ripemd160(sha256(this.publicKey)), 0, 4);
this.depth = config.depth || this.depth;
this.index = config.index || this.index;
this.chainCode = config.chainCode;
}
get extendedKey() {
return this.toExtendedKey();
}
/**
* Derive the current HDWallet instance navigating only on the index.
* `Ex.: m/44'/0 -> Ex.: m/44'/1 -> m/44'/2`. [Learn more](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki)
*
* @param index - Index of the child HDWallet.
* @returns A new instance of HDWallet on the derived index
*/
deriveIndex(index: number) {
const privateKey = this.privateKey && arrayify(this.privateKey);
const publicKey = arrayify(this.publicKey);
const chainCode = arrayify(this.chainCode);
const data = new Uint8Array(37);
if (index & HARDENED_INDEX) {
if (!privateKey) {
throw new Error('Derive hardened requires privateKey');
}
// 33 bytes: 0x00 || private key
data.set(privateKey, 1);
} else {
data.set(arrayify(this.publicKey));
}
// child number: ser32(i)
data.set(to4Bytes(index), 33);
const bytes = arrayify(computeHmac(SupportedAlgorithm.sha512, chainCode, data));
const IL = bytes.slice(0, 32);
const IR = bytes.slice(32);
if (privateKey) {
const N = BigInt('0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141');
// Child key ki is parse256(IL) + kpar (mod n).
const ki = arrayify(hexZeroPad(hexlify((toBigInt(IL) + toBigInt(privateKey)) % N), 32));
return new HDWallet({
privateKey: ki,
chainCode: IR,
index,
depth: this.depth + 1,
parentFingerprint: this.fingerprint,
});
}
const signer = new Signer(hexlify(IL));
const Ki = signer.addPoint(publicKey);
return new HDWallet({
publicKey: Ki,
chainCode: IR,
index,
depth: this.depth + 1,
parentFingerprint: this.fingerprint,
});
}
/**
* Derive the current HDWallet instance to the path. [Learn more](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki)
*
* @param path - The string representation of the child HDWallet. `Ex.: m/44'/0'/0'/0/0`
* @returns A new instance of HDWallet on the derived path
*/
derivePath(path: string) {
const paths = parsePath(path, this.depth);
return paths.reduce((hdwallet, index) => hdwallet.deriveIndex(index), <HDWallet>this);
}
/**
* Get the extendKey as defined on BIP-32 from the provided seed
*
* @param isPublic - enable to export public extendedKey, it not required when HDWallet didn't have the privateKey.
* @param testnet - Inform if should use testnet or mainnet prefix, default value is true (`mainnet`).
* @returns BIP-32 extended private key
*/
toExtendedKey(isPublic: boolean = false, testnet: boolean = false): string {
if (this.depth >= 256) {
throw new Error('Depth too large!');
}
const prefix = getExtendedKeyPrefix(this.privateKey == null || isPublic, testnet);
const depth = hexlify(this.depth);
const parentFingerprint = this.parentFingerprint;
const index = hexZeroPad(hexlify(this.index), 4);
// last 32 bites from the key
const chainCode = this.chainCode;
// first 32 bites from the key
const key =
this.privateKey != null && !isPublic ? concat(['0x00', this.privateKey]) : this.publicKey;
const extendedKey = concat([prefix, depth, parentFingerprint, index, chainCode, key]);
return base58check(extendedKey);
}
/**
* Create HDWallet instance from seed
*
* @param seed - Seed
* @returns A new instance of HDWallet
*/
static fromSeed(seed: string) {
const masterKey = Mnemonic.masterKeysFromSeed(seed);
return new HDWallet({
chainCode: arrayify(masterKey.slice(32)),
privateKey: arrayify(masterKey.slice(0, 32)),
});
}
static fromExtendedKey(extendedKey: string) {
const bytes = Base58.decode(extendedKey);
const validChecksum = base58check(bytes.slice(0, 78)) === extendedKey;
if (bytes.length !== 82 || !isValidExtendedKey(bytes)) {
throw new Error('Invalid extended key');
}
if (!validChecksum) throw new Error('Invalid checksum key');
const depth = bytes[4];
const parentFingerprint = hexlify(bytes.slice(5, 9));
const index = parseInt(hexlify(bytes.slice(9, 13)).substring(2), 16);
const chainCode = hexlify(bytes.slice(13, 45));
const key = bytes.slice(45, 78);
if ((depth === 0 && parentFingerprint !== '0x00000000') || (depth === 0 && index !== 0)) {
throw new Error('Invalid depth');
}
if (isPublicExtendedKey(bytes)) {
if (key[0] !== 3) {
throw new Error('Invalid public extended key');
}
return new HDWallet({
publicKey: key,
chainCode,
index,
depth,
parentFingerprint,
});
}
if (key[0] !== 0) {
throw new Error('Invalid private extended key');
}
return new HDWallet({
privateKey: key.slice(1),
chainCode,
index,
depth,
parentFingerprint,
});
}
}
export default HDWallet;