A Helium wallet implementation in Rust.
This is a simple wallet implementation that enables the creation and use of an encrypted wallet.
NOTE: This wallet is not the absolute safest way to create and store a private key. No guarantees are implied as to it's safety and suitability for use as a wallet associated with Helium crypto-tokens.
Download the latest binary for your platform here from
the zip file and place the
helium-wallet binary in your
You will need a working Rust tool-chain installed to build this CLI from source.
Clone this repo:
git clone https://github.com/helium/helium-wallet-rs
and build it using cargo:
cd helium-wallet-rs cargo build --release
target/release/helium-wallet is ready for use. Place
it somewhere in your
$PATH or run it straight from the the target
At any time use
--help to get more help for a command.
Create a wallet
helium-wallet create basic
The basic wallet will be stored in
wallet.key after specifying an
encryption password on the command line. Options exist to specify the
wallet output file and to force overwriting an existing wallet.
Create a sharded wallet
Sharding wallet keys is supported via Shamir's Secret
Sharing. A key can be broken into
N shards such that recovering the original key needs K distinct
shards. This can be done by passing options to
helium-wallet create sharded -n 5 -k 3
This will create wallet.key.1 through wallet.key.5 (the base name of
the wallet file can be supplied with the
When keys are sharded using
verify will require at least K distinct
A ed25519 key is generated via libsodium. The provided password is run through PBKDF2, with a configurable number of iterations and a random salt, and the resulting value is used as an AES key. When sharding is enabled, an additional AES key is randomly generated and the 2 keys are combined using a sha256 HMAC into the final AES key.
The private key is then encrypted with AES256-GCM and stored in the file along with the sharding information, the key share (if applicable), the AES initialization vector, the PBKDF2 salt and iteration count and the AES-GCM authentication tag.
helium-wallet info helium-wallet info -f my.key helium-wallet info -f wallet.key.1 -f wallet.key.2 -f my.key
The given wallets will be read and information about the wallet, including the public key, displayed. This command works for all wallet types.
Displaying information for one or more wallets without needing its password can be done using;
To display a QR code for the public key of the given wallet use:
helium-wallet info --qr
This is useful for sending tokens to the wallet from the mobile wallet.
Verifying a wallet takes a password and one or more wallet files and attempts to decrypt the wallet.
The wallet is assumed to be sharded if the first file given to the
verify command is a sharded wallet. The rest of the given files then
also have to be wallet shards. For a sharded wallet to be verified, at
K wallet files must be passed in, where
K is the value given
when creating the wallet.
helium-wallet verify helium-wallet verify -f wallet.key helium-wallet verify -f wallet.key.1 -f wallet.key.2 -f wallet.key.5
To send tokens to other accounts use:
helium-wallet pay <address> --hnt <hnt> [--hash]
<address> is the wallet address for the wallet you want to
<hnt> is the number of HNT you want to send. Since 1 HNT
is 100,000,000 bones the
hnt value can go up to 8 decimal digits of
--hash will only print out the resulting transaction
hash once the transaction has been submitted. This can be useful for
non-interactive commands or scripts that automate payment.
The following environment variables are supported:
HELIUM_API_URL- The API URL to use for commands that need API access, for example sending tokens.
HELIUM_WALLET_PASSWORD- The password to use to decrypt the wallet. Useful for scripting or other non-interactive commands, but use with care.