@metamask/key-tree - npm Package Versions

[6.1.0]

Changed

• Update BIP-39 implementation from @scure/bip39 to MetaMask fork version @metamask/scure-bip39 (#101)
• The @metamask/scure-bip39 fork accepts secret recovery phrases in Uint8Array format making it possible to use more secure patterns of passing secret recovery phrases around. This change is non-breaking however, as the mnemonicToSeed function used in this package still accepts secret recovery phrases in string format.

[6.0.0]

Changed

• BREAKING: Rename all occurrences of Buffer with Bytes or Uint8Array (#84)
  • All [...]Buffer fields have been replaced with [...]Bytes, e.g., BIP44Node.privateKeyBuffer is now BIP44Node.privateKeyBytes.
  • This change does not affect the string fields, like BIP44Node.privateKey.
• BREAKING: Swap out Buffer with browser-compatible Uint8Array (#83)
  • All functions returning Buffers now return Uint8Arrays instead.
• Bump @metamask/utils to 3.3.0 (#85)

[5.0.2]

Fixed

• Export Buffer from buffer package explicitly (#76)
• Fix fingerprint derivation (#78)

[5.0.1]

Fixed

• Replace postinstall script with Yarn plugin (#74)

[5.0.0]

Added

• Add convenience field for getting the compressed public key (#71)
• Add master fingerprint field to SLIP10Node (#68)

Changed

• BREAKING: Bump minimum Node version to 16 and migrate to Yarn 3 (#70)
• Allow a depth larger than 5 for SLIP-10 nodes (#69)

[4.0.0]

Added

• NOTE: This version is a significant rewrite of this package, and virtually all existing usage will break upon migrating from a previous major version. All pre-existing functionality is supported through different means, and various new features have been added.
• Add extended public (xpub) and private (xprv) keys (#58)
• Add support for public key derivation (#56)
• Add support for non-secp256k1 curves via SLIP10Node class (#43, #37, #53)
  • Add support for ed25519 curve.
  • With this and other changes in this release, this package offers full SLIP-10 support for all curves except nist256p1.
  • These changes were made possible using the @noble/* suite of cryptography packages.
• Add extended key to BIP-44 coin type node (#59)
• Add convenience methods to get public keys and addresses (#50)
• Enable deriving hardened change and address_index using BIP44CoinTypeNode (#37)

Changed

• BREAKING: Change key representation format (#58, #54)
  • Encode string keys in hexadecimal instead of Base64.
  • Always return a SLIP10Node (or child class) object from derivation functions.
• BREAKING: Separate private keys and chain code into separate fields (#54)
• BREAKING: Use named arguments instead of positional arguments in various functions (#56)
• BREAKING: Make all derivation functions async (#43, #54)
  • All key derivation functions are now async, and node objects are initialized via a static, async .from(...) method. This is because some cryptographic dependencies are async.
• Update documentation to match new implementation (#60, #49)

Fixed

• Remove obsolete Jest snapshots (#41)
• Replace node symbol with private field (#42)

[3.0.1]

Changed

• Update cryptography dependencies (#29, #30, #31)
  • This results in an overall ~4x speedup in Node.js for operations with this package. Browser performance gains, if any, are not known at this time.
  • Individual pull requests:
    • bip39@3.0.4 (#29)
    • secp256k1@4.0.2 (#30)
    • keccak@3.0.2 (#31)

[3.0.0]

Changed

• BREAKING: Refactor package API (#25)
  • The new API is designed to make it harder to derive incorrect keys.
  • The previous exports of this package can no longer be accessed from the main entry file.
  • For the new API, please see the README.
• BREAKING: Bump minimum Node.js version to >=12.0.0 (#20)

Security

• Add reference implementation tests (#25)
  • The key derivation of this package is now tested against the BIP-32 specification and ethereumjs-wallet and @metamask/eth-hd-keyring.
  • The key derivation was found to be sound.

[2.0.1] - 2021-02-27

Fixed

• Correctly type deriveKeyFromPath parentKey param as optional (#14)
• Only accept lowercase BIP-39 seed phrases in deriveKeyFromPath (#15)

[2.0.0] - 2021-02-25

Changed

• BREAKING: Add input validation to deriveKeyFromPath (#3, #4)
• BREAKING: Change deriveKeyFromPath parameter order (#3)
• Migrate to TypeScript, update types (#10)