Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
github.com/decred/dcrd/hdkeychain/v3
- Version published
- Created
hdkeychain
Package hdkeychain provides an API for Decred hierarchical deterministic extended keys (based on BIP0032).
A comprehensive suite of tests is provided to ensure proper functionality.
Feature Overview
- Full BIP0032 implementation
- Single type for private and public extended keys
- Convenient cryptographically secure seed generation
- Simple creation of master nodes
- Support for multi-layer derivation
- Easy serialization and deserialization for both private and public extended keys
- Support for custom networks by accepting a network parameters interface
- Allows obtaining the underlying serialized secp256k1 pubkeys and privkeys directly so they can either be used directly or optionally converted to the secp256k1 types which provide powerful tools for working with them to do things like sign transactions and generate payment scripts
- Uses the highly-optimized secp256k1 package
- Code examples including:
- Generating a cryptographically secure random seed and deriving a master node from it
- Default HD wallet layout as described by BIP0032
- Audits use case as described by BIP0032
- Comprehensive test coverage including the BIP0032 test vectors
- Benchmarks
BIP0032 Conformity
Two different child key derivation functions are provided: the Child function derives extended keys using a modified scheme based on BIP0032, whereas ChildBIP32Std produces keys that strictly conform to the standard. The Child function should be used for Decred wallet key derivation for legacy reasons.
Installation and Updating
This package is part of the github.com/decred/dcrd/hdkeychain/v3 module. Use
the standard go tooling for working with modules to incorporate it.
Examples
- NewMaster Example Demonstrates how to generate a cryptographically random seed then use it to create a new master node (extended key).
- Default Wallet Layout Example Demonstrates the default hierarchical deterministic wallet layout as described in BIP0032.
- Audits Use Case Example Demonstrates the audits use case in BIP0032.
License
Package hdkeychain is licensed under the copyfree ISC License.
FAQs
Unknown package
Package last updated on 14 May 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024