bitcoinjs-lib
Advanced tools
The bitcoinjs-lib npm package is a library for Bitcoin-related operations in JavaScript. It provides tools for creating, signing, and verifying Bitcoin transactions, as well as generating and managing Bitcoin addresses and keys.
Generate a Bitcoin Address
This feature allows you to generate a new Bitcoin address. The code creates a random key pair and derives a Bitcoin address from the public key.
const bitcoin = require('bitcoinjs-lib');
const keyPair = bitcoin.ECPair.makeRandom();
const { address } = bitcoin.payments.p2pkh({ pubkey: keyPair.publicKey });
console.log(address);Create a Bitcoin Transaction
This feature allows you to create a Bitcoin transaction. The code builds a transaction by adding inputs and outputs, and then signs it with the private key.
const bitcoin = require('bitcoinjs-lib');
const keyPair = bitcoin.ECPair.fromWIF('your-private-key');
const txb = new bitcoin.TransactionBuilder();
txb.addInput('previous-txid', 0); // Add input (previous transaction)
txb.addOutput('recipient-address', 100000); // Add output (recipient address and amount in satoshis)
txb.sign(0, keyPair); // Sign the transaction
const tx = txb.build().toHex();
console.log(tx);Verify a Bitcoin Transaction
This feature allows you to verify a Bitcoin transaction. The code parses a transaction from its hexadecimal representation and checks if all inputs have valid scripts.
const bitcoin = require('bitcoinjs-lib');
const tx = bitcoin.Transaction.fromHex('transaction-hex');
const txb = bitcoin.TransactionBuilder.fromTransaction(tx);
const isValid = txb.inputs.every(input => input.script && input.script.length > 0);
console.log(isValid);Bitcore-lib is another JavaScript library for Bitcoin-related operations. It offers similar functionalities to bitcoinjs-lib, such as creating and signing transactions, generating addresses, and managing keys. Bitcore-lib is part of the Bitcore project, which includes additional tools and services for Bitcoin development.
Bcoin is a full Bitcoin node implementation in JavaScript. It provides a comprehensive set of tools for Bitcoin development, including wallet management, transaction creation, and blockchain interaction. Bcoin is more feature-rich compared to bitcoinjs-lib, as it can run as a full node and participate in the Bitcoin network.
Bitcoin-core is a JavaScript library for interacting with Bitcoin Core, the reference implementation of the Bitcoin protocol. It allows developers to communicate with a Bitcoin Core node using RPC calls, enabling functionalities such as transaction creation, address management, and blockchain querying. Unlike bitcoinjs-lib, which is a standalone library, bitcoin-core relies on a running Bitcoin Core node.
A javascript Bitcoin library for node.js and browsers. Written in TypeScript, but committing the JS files to verify.
Released under the terms of the MIT LICENSE.
If you are thinking of using the master branch of this library in production, stop. Master is not stable; it is our development branch, and only tagged releases may be classified as stable.
Don't trust. Verify.
We recommend every user of this library and the bitcoinjs ecosystem audit and verify any underlying code for its validity and suitability, including reviewing any and all of your project's dependencies.
Mistakes and bugs happen, but with your help in resolving and reporting issues, together we can produce open source software that is:
Buffer's throughout, andPresently, we do not have any formal documentation other than our examples, please ask for help if our examples aren't enough to guide you.
npm install bitcoinjs-lib
Typically we support the Node Maintenance LTS version. If in doubt, see the .travis.yml for what versions are used by our continuous integration tests.
WARNING: We presently don't provide any tooling to verify that the release on npm matches GitHub. As such, you should verify anything downloaded by npm against your own verified copy.
Crypto is hard.
When working with private keys, the random number generator is fundamentally one of the most important parts of any software you write.
For random number generation, we default to the randombytes module, which uses window.crypto.getRandomValues in the browser, or Node js' crypto.randomBytes, depending on your build system.
Although this default is ~OK, there is no simple way to detect if the underlying RNG provided is good enough, or if it is catastrophically bad.
You should always verify this yourself to your own standards.
This library uses tiny-secp256k1, which uses RFC6979 to help prevent k re-use and exploitation.
Unfortunately, this isn't a silver bullet.
Often, Javascript itself is working against us by bypassing these counter-measures.
Problems in Buffer (UInt8Array), for example, can trivially result in catastrophic fund loss without any warning.
It can do this through undermining your random number generation, accidentally producing a duplicate k value, sending Bitcoin to a malformed output script, or any of a million different ways.
Running tests in your target environment is important and a recommended step to verify continuously.
Finally, adhere to best practice. We are not an authorative source of best practice, but, at the very least:
Math.random - in any way - don't.The recommended method of using bitcoinjs-lib in your browser is through Browserify.
If you're familiar with how to use browserify, ignore this and carry on, otherwise, it is recommended to read the tutorial at https://browserify.org/.
NOTE: We use Node Maintenance LTS features, if you need strict ES5, use --transform babelify in conjunction with your browserify step (using an es2015 preset).
WARNING: iOS devices have problems, use atleast buffer@5.0.5 or greater, and enforce the test suites (for Buffer, and any other dependency) pass before use.
Type declarations for Typescript are included in this library. Normal installation should include all the needed type information.
The below examples are implemented as integration tests, they should be very easy to understand. Otherwise, pull requests are appreciated. Some examples interact (via HTTPS) with a 3rd Party Blockchain Provider (3PBP).
If you have a use case that you feel could be listed here, please ask for it!
See CONTRIBUTING.md.
npm test
npm run-script coverage
FAQs
Client-side Bitcoin JavaScript library
The npm package bitcoinjs-lib receives a total of 196,264 weekly downloads. As such, bitcoinjs-lib popularity was classified as popular.
We found that bitcoinjs-lib demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.