Audited & minimal implementation of BIP32 hierarchical deterministic (HD) wallets over secp256k1.
scure-bip32
Audited & minimal implementation of BIP32 hierarchical deterministic (HD) wallets over secp256k1.
- 🔒Audited by an independent security firm
- 🔻 Tree-shakeable: unused code is excluded from your builds
- 📦 ESM and common.js
- ➰ Only 3 audited dependencies by the same author:noble-curves,noble-hashes,andscure-base
- 🪶 49KB with all dependencies bundled (300 lines)
Check outscure-bip39 if you need mnemonic phrases.Seekey-producer if you need SLIP-0010/BIP32 ed25519 hdkey implementation.
This library belongs toscure
scure — audited micro-libraries.
- Zero or minimal dependencies
- Highly readable TypeScript / JS code
- PGP-signed releases and transparent NPM builds
- Check outhomepage & all libraries:base,bip32,bip39,btc-signer,starknet
Usage
npm install @scure/bip32
deno add jsr:@scure/bip32
deno doc jsr:@scure/bip32# command-line documentation
This module exports a single classHDKey, which should be used like this:
import {HDKey }from"@scure/bip32";const hdkey1=HDKey.fromMasterSeed(seed);const hdkey2=HDKey.fromExtendedKey(base58key);const hdkey3=HDKey.fromJSON({xpriv: string });// props[hdkey1.depth, hdkey1.index, hdkey1.chainCode];console.log(hdkey2.privateKey, hdkey2.publicKey);console.log(hdkey3.derive("m/0/2147483647'/1"));const sig= hdkey3.sign(hash);hdkey3.verify(hash, sig);
Note:chainCode property is essentially a private partof a secret "master" key, it should be guarded from unauthorized access.
The full API is:
classHDKey {publicstaticHARDENED_OFFSET:number;publicstaticfromMasterSeed(seed:Uint8Array, versions:Versions):HDKey;publicstaticfromExtendedKey(base58key:string, versions:Versions):HDKey;publicstaticfromJSON(json: {xpriv:string }):HDKey;readonlyversions:Versions;readonlydepth:number=0;readonlyindex:number=0;readonlychainCode:Uint8Array|null=null;readonlyparentFingerprint:number=0;getfingerprint():number;getidentifier():Uint8Array|undefined;getpubKeyHash():Uint8Array|undefined;getprivateKey():Uint8Array|null;getpublicKey():Uint8Array|null;getprivateExtendedKey():string;getpublicExtendedKey():string;derive(path:string):HDKey;deriveChild(index:number):HDKey;sign(hash:Uint8Array):Uint8Array;verify(hash:Uint8Array, signature:Uint8Array):boolean;wipePrivateData(): this;}interfaceVersions {private:number;public:number;}
The module implementsbip32 standard:check it out for additional documentation.
The implementation is loosely based on cryptocoinjs/hdkey,which has MIT License.
Security
The library has been independently audited:
- at version 1.0.1, in Jan 2022, bycure53
- PDFs:online,offline
- Changes since audit.
- The audit has been funded byEthereum Foundation with help ofNomic Labs
The library was initially developed forjs-ethereum-cryptography.At commitae00e6d7,it was extracted to a separate package calledmicro-bip32.After the audit we've decided to use@scure NPM namespace for security.
License
Copyright (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com)
Example 1
Example 1
import {HDKey }from"@scure/bip32";const hdkey1=HDKey.fromMasterSeed(seed);const hdkey2=HDKey.fromExtendedKey(base58key);const hdkey3=HDKey.fromJSON({xpriv: string });// props[hdkey1.depth, hdkey1.index, hdkey1.chainCode];console.log(hdkey2.privateKey, hdkey2.publicKey);console.log(hdkey3.derive("m/0/2147483647'/1"));const sig= hdkey3.sign(hash);hdkey3.verify(hash, sig);
Add Package
deno add jsr:@scure/bip32
Import symbol
import*as bip__from"@scure/bip32";
---- OR ----
Import directly with a jsr specifier
import*as bip__from"jsr:@scure/bip32";
Add Package
npx jsr add @scure/bip32
Import symbol
import*as bip__from"@scure/bip32";
Add Package
yarn dlx jsr add @scure/bip32
Import symbol
import*as bip__from"@scure/bip32";
Add Package
pnpm dlx jsr add @scure/bip32
Import symbol
import*as bip__from"@scure/bip32";
Add Package
bunx jsr add @scure/bip32
Import symbol
import*as bip__from"@scure/bip32";