Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

electrum-mnemonic

Package Overview
Dependencies
Maintainers
1
Versions
10
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

electrum-mnemonic - npm Package Compare versions

Comparing version 1.0.5 to 1.0.6

3

package.json
{
"name": "electrum-mnemonic",
"version": "1.0.5",
"version": "1.0.6",
"description": "Electrum Mnemonics (electrum v2 and greater)",

@@ -46,2 +46,3 @@ "main": "src/index.js",

"@types/randombytes": "^2.0.0",
"bitcoinjs-lib": "5.1.7",
"jest": "^25.3.0",

@@ -48,0 +49,0 @@ "prettier": "^2.0.4",

1

src/encoding.d.ts

@@ -6,1 +6,2 @@ /// <reference types="node" />

export declare function normalizeText(str: string): string;
export declare function maskBytes(bytes: Buffer, bits: number): void;

12

src/encoding.js

@@ -11,2 +11,3 @@ "use strict";

const wordCount = Math.floor(dataBitLen / wordBitLen);
maskBytes(data, wordCount * wordBitLen);
const binStr = bufferToBin(data).slice(-1 * wordCount * wordBitLen);

@@ -59,2 +60,13 @@ const result = [];

exports.normalizeText = normalizeText;
// Only use when bytes.length * 8 >= bits
function maskBytes(bytes, bits) {
const skipByteCount = Math.floor(bits / 8);
let lastByteMask = (1 << bits % 8) - 1;
for (let i = bytes.length - 1 - skipByteCount; i >= 0; i--) {
bytes[i] &= lastByteMask;
if (lastByteMask)
lastByteMask = 0;
}
}
exports.maskBytes = maskBytes;
function bufferToBin(data) {

@@ -61,0 +73,0 @@ return Array.from(data)

19

src/mnemonic.js

@@ -22,2 +22,8 @@ "use strict";

const { prefix, strength, rng, wordlist } = Object.assign({}, DEFAULTGENOPTS, opts);
if (!prefix.match(/[0-9a-f]+/))
throw new Error('prefix must be a hex string');
if (prefix.length * 4 > strength / 2)
throw new Error(`strength must be at least 2x of prefix bit count to ` +
`lower endless loop probability.\nprefix: ${prefix} ` +
`(${prefix.length * 4} bits)\nstrength: ${strength}`);
const wordBitLen = encoding_1.bitlen(wordlist.length);

@@ -28,4 +34,6 @@ const wordCount = Math.ceil(strength / wordBitLen);

do {
result = encoding_1.encode(rng(byteCount), wordlist);
} while (!prefixMatches(result, prefix));
const bytes = rng(byteCount);
encoding_1.maskBytes(bytes, strength);
result = encoding_1.encode(bytes, wordlist);
} while (!prefixMatches(result, [prefix])[0]);
return result;

@@ -62,3 +70,3 @@ }

function matchesAnyPrefix(mnemonic, validPrefixes) {
return validPrefixes.some((prefix) => prefixMatches(mnemonic, prefix));
return prefixMatches(mnemonic, validPrefixes).some((v) => v);
}

@@ -69,6 +77,7 @@ function checkPrefix(mn, validPrefixes) {

}
function prefixMatches(phrase, prefix) {
function prefixMatches(phrase, prefixes) {
const hmac = createHmac('sha512', 'Seed version');
hmac.update(encoding_1.normalizeText(phrase));
return hmac.digest('hex').startsWith(prefix);
const hx = hmac.digest('hex');
return prefixes.map((prefix) => hx.startsWith(prefix.toLowerCase()));
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc