🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

@s1seven/js-bigchaindb-key-derivation

Package Overview
Dependencies
Maintainers
2
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@s1seven/js-bigchaindb-key-derivation

Key derivation for BigChainDB

0.2.0
latest
npm
Version published
Weekly downloads
1
Maintainers
2
Weekly downloads
 
Created
Source

key-derivation

Heavily inspired by stellar-hd-wallet. Complies to BIP44 and SLIP10.

Usage

TODO: DEMONSTRATE API

const BigChainWallet = require('@s1seven/js-bigchain-key-derivation');

TODOs

Account discovery

In an extra module ?

  • implement account discovery :
  • BIP44 spec
  • oip-hdmw
  • bip32-utils
  • With a query like :
async accountDiscovery(account: number | string, index: number, attempt = 0): Promise<boolean> {
  const conn = new Connection(this.networkUrl);
  const publicKey = this.getPublicKey(index, 'base58');
  // ? only check unspent ?
  const unspentTransactions = await conn.listOutputs(publicKey, false);
  const spentTransactions = await conn.listOutputs(publicKey, true);
  const transactions = [...unspentTransactions, ...spentTransactions];
  if (transactions.length) {
    return false;
  }
  if (!transactions.length) {
    return this.accountDiscovery(account, (index += 1), (attempt += 1));
  }
  if (attempt === 20) {
    return true;
  }
  return false;
}
  • add third property if keypair has unspent transaction ?
  • check that previous account has transaction history

DER / KeyObject / PEM encoding

  • Add missing alg to export as DER/PEM/Keyobject X25519 private key

Keywords

bigchain
ed25519
keys

FAQs

Package last updated on 22 Feb 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Research

Security News

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.

By Kirill Boychenko  -  May 23, 2025