@turnkey/crypto - npm Package Compare versions

Comparing version 2.2.0 to 2.3.0

CHANGELOG.md

 # @turnkey/crypto
 
+## 2.3.0
+
+### Minor Changes
+
+- 668edfa: Add keyformat to decryptExportBundle for displaying Solana private keys
+
 ## 2.2.0
@@ -4,0 +10,0 @@

dist/turnkey.d.ts

@@ -7,2 +7,3 @@ /// <reference lib="dom" />
     dangerouslyOverrideSignerPublicKey?: string;
+    keyFormat?: "SOLANA" | "HEXADECIMAL";
     returnMnemonic: boolean;
@@ -51,3 +52,3 @@ }
  */
-export declare const decryptExportBundle: ({ exportBundle, embeddedKey, organizationId, dangerouslyOverrideSignerPublicKey, returnMnemonic, }: DecryptExportBundleParams) => Promise<string>;
+export declare const decryptExportBundle: ({ exportBundle, embeddedKey, organizationId, dangerouslyOverrideSignerPublicKey, keyFormat, returnMnemonic, }: DecryptExportBundleParams) => Promise<string>;
 /**
@@ -54,0 +55,0 @@ * Verifies a signature from a Turnkey stamp using ECDSA and SHA-256.

dist/turnkey.js

@@ -8,2 +8,3 @@ 'use strict';
 var crypto$1 = require('./crypto.js');
+var ed25519 = require('@noble/curves/ed25519');
 
@@ -57,3 +58,3 @@ /// <reference lib="dom" />
  */
-const decryptExportBundle = async ({ exportBundle, embeddedKey, organizationId, dangerouslyOverrideSignerPublicKey, returnMnemonic, }) => {
+const decryptExportBundle = async ({ exportBundle, embeddedKey, organizationId, dangerouslyOverrideSignerPublicKey, keyFormat, returnMnemonic, }) => {
     try {
@@ -80,2 +81,15 @@ const parsedExportBundle = JSON.parse(exportBundle);
         });
+        if (keyFormat === "SOLANA" && !returnMnemonic) {
+            if (decryptedData.length !== 32) {
+                throw new Error(`invalid private key length. Expected 32 bytes. Got ${decryptedData.length}.`);
+            }
+            const publicKeyBytes = ed25519.ed25519.getPublicKey(decryptedData);
+            if (publicKeyBytes.length !== 32) {
+                throw new Error(`invalid public key length. Expected 32 bytes. Got ${publicKeyBytes.length}.`);
+            }
+            const concatenatedBytes = new Uint8Array(64);
+            concatenatedBytes.set(decryptedData, 0);
+            concatenatedBytes.set(publicKeyBytes, 32);
+            return bs58.encode(concatenatedBytes);
+        }
         const decryptedDataHex = encoding.uint8ArrayToHexString(decryptedData);
@@ -85,3 +99,3 @@ return returnMnemonic ? encoding.hexToAscii(decryptedDataHex) : decryptedDataHex;
     catch (error) {
-        throw new Error(`"Error decrypting bundle:", ${error}`);
+        throw new Error(`Error decrypting bundle: ${error}`);
     }
@@ -88,0 +102,0 @@ };

dist/turnkey.mjs

@@ -6,2 +6,3 @@ import bs58check from 'bs58check';
 import { uncompressRawPublicKey, hpkeDecrypt, fromDerSignature, hpkeEncrypt, formatHpkeBuf } from './crypto.mjs';
+import { ed25519 } from '@noble/curves/ed25519';
 
@@ -55,3 +56,3 @@ /// <reference lib="dom" />
  */
-const decryptExportBundle = async ({ exportBundle, embeddedKey, organizationId, dangerouslyOverrideSignerPublicKey, returnMnemonic, }) => {
+const decryptExportBundle = async ({ exportBundle, embeddedKey, organizationId, dangerouslyOverrideSignerPublicKey, keyFormat, returnMnemonic, }) => {
     try {
@@ -78,2 +79,15 @@ const parsedExportBundle = JSON.parse(exportBundle);
         });
+        if (keyFormat === "SOLANA" && !returnMnemonic) {
+            if (decryptedData.length !== 32) {
+                throw new Error(`invalid private key length. Expected 32 bytes. Got ${decryptedData.length}.`);
+            }
+            const publicKeyBytes = ed25519.getPublicKey(decryptedData);
+            if (publicKeyBytes.length !== 32) {
+                throw new Error(`invalid public key length. Expected 32 bytes. Got ${publicKeyBytes.length}.`);
+            }
+            const concatenatedBytes = new Uint8Array(64);
+            concatenatedBytes.set(decryptedData, 0);
+            concatenatedBytes.set(publicKeyBytes, 32);
+            return bs58.encode(concatenatedBytes);
+        }
         const decryptedDataHex = uint8ArrayToHexString(decryptedData);
@@ -83,3 +97,3 @@ return returnMnemonic ? hexToAscii(decryptedDataHex) : decryptedDataHex;
     catch (error) {
-        throw new Error(`"Error decrypting bundle:", ${error}`);
+        throw new Error(`Error decrypting bundle: ${error}`);
     }
@@ -86,0 +100,0 @@ };

package.json

 {
   "name": "@turnkey/crypto",
-  "version": "2.2.0",
+  "version": "2.3.0",
   "main": "./dist/index.js",
@@ -48,4 +48,4 @@ "module": "./dist/index.mjs",
     "@turnkey/encoding": "0.4.0",
-    "@turnkey/http": "2.16.0",
-    "@turnkey/sdk-server": "1.6.0"
+    "@turnkey/http": "2.17.0",
+    "@turnkey/sdk-server": "1.7.0"
   },
@@ -52,0 +52,0 @@ "scripts": {

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

157262

1.95%

Lines of code

1813

1.63%

Number of medium supply chain risk alerts

0

-100%

No dependency changes