$ npm install @scure/bip32
scure-bip32
Audited & minimal implementation of BIP32 hierarchical deterministic (HD) wallets over secp256k1.
- ð Audited by an independent security firm
- ðŧ Tree-shakeable: unused code is excluded from your builds
- ðĶ ESM and common.js
- â° Only 3 audited dependencies by the same author: noble-curves, noble-hashes, and scure-base
- ðŠķ 300 lines. 90KB with all dependencies bundled
Check out scure-bip39 if you need mnemonic phrases. See key-producer if you need SLIP-0010/BIP32 ed25519 hdkey implementation.
This library belongs to scure
scure â audited micro-libraries.
- Zero or minimal dependencies
- Highly readable TypeScript / JS code
- PGP-signed releases and transparent NPM builds
- Check out homepage & all libraries: base, bip32, bip39, btc-signer, starknet
Usage
npm install @scure/bip32
This module exports a single class HDKey, which should be used like this:
import { HDKey } from "@scure/bip32";
const hdkey1 = HDKey.fromMasterSeed(seed);
const hdkey2 = HDKey.fromExtendedKey(base58key);
const hdkey3 = HDKey.fromJSON({ xpriv: string });
// props
[hdkey1.depth, hdkey1.index, hdkey1.chainCode];
console.log(hdkey2.privateKey, hdkey2.publicKey);
console.log(hdkey3.derive("m/0/2147483647'/1"));
const sig = hdkey3.sign(hash);
hdkey3.verify(hash, sig);
Note: chainCode property is essentially a private part
of a secret "master" key, it should be guarded from unauthorized access.
The full API is:
class HDKey {
public static HARDENED_OFFSET: number;
public static fromMasterSeed(seed: Uint8Array, versions: Versions): HDKey;
public static fromExtendedKey(base58key: string, versions: Versions): HDKey;
public static fromJSON(json: { xpriv: string }): HDKey;
readonly versions: Versions;
readonly depth: number = 0;
readonly index: number = 0;
readonly chainCode: Uint8Array | null = null;
readonly parentFingerprint: number = 0;
get fingerprint(): number;
get identifier(): Uint8Array | undefined;
get pubKeyHash(): Uint8Array | undefined;
get privateKey(): Uint8Array | null;
get publicKey(): Uint8Array | null;
get privateExtendedKey(): string;
get publicExtendedKey(): string;
derive(path: string): HDKey;
deriveChild(index: number): HDKey;
sign(hash: Uint8Array): Uint8Array;
verify(hash: Uint8Array, signature: Uint8Array): boolean;
wipePrivateData(): this;
}
interface Versions {
private: number;
public: number;
}
The module implements bip32 standard: check it out for additional documentation.
The implementation is loosely based on cryptocoinjs/hdkey, which has MIT License.
Security
The library has been independently audited:
- at version 1.0.1, in Jan 2022, by cure53
- PDFs: online, offline
- Changes since audit.
- The audit has been funded by Ethereum Foundation with help of Nomic Labs
The library was initially developed for js-ethereum-cryptography.
At commit ae00e6d7,
it was extracted to a separate package called micro-bip32.
After the audit we've decided to use @scure NPM namespace for security.
License
Copyright (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com)
Current Tags
- 1.6.0 ... latest (a month ago)
16 Versions
- 1.6.0 ... a month ago
- 1.5.0 ... 4 months ago
- 1.4.0 ... 9 months ago
- 1.3.3 ... a year ago
- 1.3.2 ... a year ago
- 1.3.1 ... a year ago
- 1.3.0 ... 2 years ago
- 1.2.0 ... 2 years ago
- 1.1.5 ... 2 years ago
- 1.1.4 ... 2 years ago
- 1.1.3 ... 2 years ago
- 1.1.2 ... 2 years ago
- 1.1.1 ... 2 years ago
- 1.1.0 ... 3 years ago
- 1.0.1 ... 3 years ago
- 1.0.0-rc1 ... 3 years ago
paulmillr
- @noble/curves ~1.7.0
- @noble/hashes ~1.6.0
- @scure/base ~1.2.1
- @paulmillr/jsbt 0.2.1
- micro-should 0.4.0
- prettier 3.3.2
- typescript 5.5.2