What is @scure/bip32?
@scure/bip32 is a JavaScript library for working with BIP-32 hierarchical deterministic (HD) wallets. It allows developers to generate and manage HD wallets, derive child keys, and perform various cryptographic operations related to BIP-32.
What are @scure/bip32's main functionalities?
Generate a Master Key
This feature allows you to generate a master key from a mnemonic seed phrase. The code sample demonstrates how to convert a mnemonic phrase to a seed and then generate a master key from that seed.
const { mnemonicToSeedSync } = require('@scure/bip39');
const { BIP32Factory } = require('@scure/bip32');
const ecc = require('tiny-secp256k1');
const bip32 = BIP32Factory(ecc);
const seed = mnemonicToSeedSync('praise you muffin lion enable neck grocery crumble super myself license ghost');
const root = bip32.fromSeed(seed);
console.log(root.toBase58());
Derive Child Keys
This feature allows you to derive child keys from the master key using a specific derivation path. The code sample shows how to derive a child key using the BIP-44 path.
const child = root.derivePath('m/44'/0'/0'/0/0');
console.log(child.toBase58());
Get Public Key
This feature allows you to extract the public key from a derived key. The code sample demonstrates how to get the public key in hexadecimal format.
const publicKey = child.publicKey.toString('hex');
console.log(publicKey);
Sign a Message
This feature allows you to sign a message using a derived key. The code sample shows how to sign a message and get the signature in hexadecimal format.
const message = Buffer.from('Hello, world!');
const signature = child.sign(message);
console.log(signature.toString('hex'));
Verify a Signature
This feature allows you to verify a signature using a derived key. The code sample demonstrates how to verify a signature and check its validity.
const isValid = child.verify(message, signature);
console.log(isValid);
Other packages similar to @scure/bip32
bip32
The 'bip32' package is another popular library for working with BIP-32 hierarchical deterministic wallets. It provides similar functionalities such as generating master keys, deriving child keys, and performing cryptographic operations. However, it may have different dependencies and performance characteristics compared to @scure/bip32.
hdkey
The 'hdkey' package is a lightweight library for handling BIP-32 HD wallets. It offers basic functionalities like key derivation and public/private key management. While it is simpler and easier to use, it may lack some advanced features provided by @scure/bip32.
bitcoinjs-lib
The 'bitcoinjs-lib' package is a comprehensive library for Bitcoin-related operations, including BIP-32 HD wallet management. It provides a wide range of functionalities beyond just BIP-32, such as transaction creation and signing. It is more feature-rich but also more complex compared to @scure/bip32.
scure-bip32
Secure, audited & minimal implementation of BIP32 hierarchical deterministic (HD) wallets.
Compared to popular hdkey
package, scure-bip32:
- Is 418KB all-bundled instead of 5.9MB
- Uses 3 dependencies instead of 24
- Had an external security audit by Cure53 on Jan 5, 2022
Check out scure-bip39 if you need mnemonic phrases.
This library belongs to scure
scure — secure audited packages for every use case.
- Independent security audits
- All releases are signed with PGP keys
- Check out all libraries:
base,
bip32,
bip39
Usage
npm install @scure/bip32
Or
yarn add @scure/bip32
This module exports a single class HDKey
, which should be used like this:
const { HDKey } = require("@scure/bip32");
const hdkey1 = HDKey.fromMasterSeed(seed);
const hdkey2 = HDKey.fromExtendedKey(base58key);
const hdkey3 = HDKey.fromJSON({ xpriv: string });
[hdkey1.depth, hdkey1.index, hdkey1.chainCode];
console.log(hdkey2.privateKey, hdkey2.publicKey);
console.log(hdkey3.derive("m/0/2147483647'/1"));
const sig = hdkey3.sign(hash);
hdkey3.verify(hash, sig);
Note: chainCode
property is essentially a private part
of a secret "master" key, it should be guarded from unauthorized access.
The full API is:
class HDKey {
public static HARDENED_OFFSET: number;
public static fromMasterSeed(seed: Uint8Array, versions: Versions): HDKey;
public static fromExtendedKey(base58key: string, versions: Versions): HDKey;
public static fromJSON(json: { xpriv: string }): HDKey;
readonly versions: Versions;
readonly depth: number = 0;
readonly index: number = 0;
readonly chainCode: Uint8Array | null = null;
readonly parentFingerprint: number = 0;
get fingerprint(): number;
get identifier(): Uint8Array | undefined;
get pubKeyHash(): Uint8Array | undefined;
get privateKey(): Uint8Array | null;
get publicKey(): Uint8Array | null;
get privateExtendedKey(): string;
get publicExtendedKey(): string;
derive(path: string): HDKey;
deriveChild(index: number): HDKey;
sign(hash: Uint8Array): Uint8Array;
verify(hash: Uint8Array, signature: Uint8Array): boolean;
wipePrivateData(): this;
}
interface Versions {
private: number;
public: number;
}
The hdkey
submodule provides a library for keys derivation according to
BIP32.
It has almost the exact same API than the version 1.x
of
hdkey
from cryptocoinjs,
but it's backed by this package's primitives, and has built-in TypeScript types.
Its only difference is that it has to be be used with a named import.
The implementation is loosely based on hdkey, which has MIT License.
Security
The library has been audited by Cure53 on Jan 5, 2022. Check out the audit PDF & URL.
- The library was initially developed for js-ethereum-cryptography
- At commit ae00e6d7, it
was extracted to a separate package called
micro-bip32
- After the audit we've decided to use NPM namespace for security. Since
@micro
namespace was taken, we've renamed the package to @scure/bip32
License
MIT License
Copyright (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com)