import type { Ripemd160, Secp256k1, Sha256, Sha512 } from '../lib.js'; /** * Verify that a private key is valid for the Secp256k1 curve. Returns `true` * for success, or `false` on failure. * * Private keys are 256-bit numbers encoded as a 32-byte, big-endian Uint8Array. * Nearly every 256-bit number is a valid secp256k1 private key. Specifically, * any 256-bit number greater than `0x01` and less than * `0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141` * is a valid private key. This range is part of the definition of the * secp256k1 elliptic curve parameters. * * This method does not require a `Secp256k1` implementation. * * @param privateKey - The private key to validate. */ export declare const validateSecp256k1PrivateKey: (privateKey: Uint8Array) => boolean; /** * The networks that can be referenced by an HD public or private key. */ export type HdKeyNetwork = 'mainnet' | 'testnet'; type HdNodeBase = { /** * 32 bytes of additional entropy that can be used to derive HD child nodes. */ chainCode: Uint8Array; /** * The child index at which this node is derived from its parent node * (identified via `parentFingerprint`). Indexes less than `0x80000000` * (`2147483648`) use standard derivation, while indexes equal to or greater * than `0x80000000` use the "hardened" derivation algorithm. The maximum * index is `0xffffffff` (`4294967295`). * * In BIP32 HD derivation paths, hardened indexes are usually represented by * subtracting the hardened index offset (`2147483648`) and appending `'` to * the child index number. E.g. `0'` is a `childIndex` of `2147483648`, and * `2'` is a `childIndex` of `2147483650`. */ childIndex: number; /** * The depth of this node, between `0` (for master nodes) and `255`. E.g. for * a path of `m/0/0`, `depth` is `2`. */ depth: number; /** * The first 4 bytes of the parent node's identifier. This is used to quickly * identify the parent node in data structures, but collisions can occur. To * resolve collisions, use the full parent identifier. (See * {@link deriveHdPublicNodeIdentifier} for details.) */ parentFingerprint: Uint8Array; /** * The full identifier of the parent node. This can be used to resolve * collisions where two possible parent nodes share a `parentFingerprint`. * Since the full `parentIdentifier` is not encoded in BIP32 HD keys, it * might be unknown. */ parentIdentifier?: Uint8Array; }; /** * A valid private node in a Hierarchical Deterministic (HD) key tree. This node * can be used to derive further nodes, or the private key can be used to * generate a wallet address. */ export type HdPrivateNodeValid = HdNodeBase & { /** * This {@link HdPrivateNode}'s 32-byte valid Secp256k1 private key. */ privateKey: Uint8Array; }; /** * An invalid private node in a Hierarchical Deterministic (HD) key tree. This * is almost impossibly rare in a securely-random 32-byte Uint8Array * (probability less than 1 in 2^127). * * If this occurs during derivation from a seed, the error should be handled * and a different seed should be used. If this occurs during HD derivation, * BIP32 standardizes the procedure for skipping the offending key material by * using the next child index. I.e. the node ultimately derived at the invalid * child index is a duplicate of the node derived at `index + 1`. */ export type HdPrivateNodeInvalid = HdNodeBase & { /** * The 32-byte derivation result that caused this node to be invalid (either * an invalid Secp256k1 private key or a tweak value which causes the * resulting key to be invalid). This is almost impossibly rare in a * securely-random 32-byte Uint8Array (probability less than 1 in 2^127). * * See {@link validateSecp256k1PrivateKey} for details. */ invalidMaterial: Uint8Array; }; /** * A private node in a Hierarchical Deterministic (HD) key tree. To confirm the * validity of this node, try `if ('invalidMaterial' in node) ...`. * * Note, HD nodes are network-independent. A network is required only when * encoding the node as an HD key or using a derived public key in an address. */ export type HdPrivateNode = HdPrivateNodeInvalid | HdPrivateNodeValid; /** * An HD private node for which the parent node is known (and `parentIdentifier` * is guaranteed to be defined). */ export type HdPrivateNodeKnownParent = HdPrivateNodeType & { parentIdentifier: Uint8Array; }; /** * A public node in a Hierarchical Deterministic (HD) key tree. * * Note, HD nodes are network-independent. A network is required only when * encoding the node as an HD key or using a derived public key in an address. */ export type HdPublicNodeValid = HdNodeBase & { /** * This {@link HdPublicNodeValid}'s valid 33-byte Secp256k1 compressed * public key. */ publicKey: Uint8Array; }; /** * An invalid public node in a Hierarchical Deterministic (HD) key tree. This * is almost impossibly rare in a securely-random 32-byte Uint8Array * (probability less than 1 in 2^127). See {@link HdPrivateNodeInvalid} * for details. */ export type HdPublicNodeInvalid = HdNodeBase & { /** * The 32-byte derivation result that caused this node to be invalid. This is * almost impossibly rare in a securely-random 32-byte Uint8Array (probability * less than 1 in 2^127). * * See {@link validateSecp256k1PrivateKey} for details. */ invalidMaterial: Uint8Array; }; /** * A private node in a Hierarchical Deterministic (HD) key tree. To confirm the * validity of this node, check the value of its `valid` property. * * Note, HD nodes are network-independent. A network is required only when * encoding the node as an HD key or using a derived public key in an address. */ export type HdPublicNode = HdPublicNodeInvalid | HdPublicNodeValid; /** * An HD public node for which the parent node is known (and `parentIdentifier` * is guaranteed to be defined). */ export type HdPublicNodeKnownParent = HdPublicNodeType & { parentIdentifier: Uint8Array; }; /** * The decoded contents of an HD public or private key. */ export type DecodedHdKey = { node: NodeType; network: HdKeyNetwork; }; /** * An error in the derivation of child HD public or private nodes. */ export declare enum HdNodeDerivationError { childIndexExceedsMaximum = "HD node derivation error: child index exceeds maximum (4294967295).", requiresZeroDepthNode = "HD node derivation error: absolute derivation requires an HD node with a depth of 0.", hardenedDerivationRequiresPrivateNode = "HD node derivation error: derivation for hardened child indexes (indexes greater than or equal to 2147483648) requires an HD private node.", invalidAbsoluteDerivationPath = "HD node derivation error: invalid absolute derivation path; path must begin with \"m\" or \"M\" and contain only positive child index numbers, separated by forward slashes (\"/\"), with zero or one apostrophe (\"'\") after each child index number.", invalidRelativeDerivationPath = "HD node derivation error: invalid relative derivation path; path must contain only positive child index numbers, separated by forward slashes (\"/\"), with zero or one apostrophe (\"'\") after each child index number.", invalidDerivedKey = "HD node derivation error: an astronomically rare HMAC-SHA512 result produced an invalid Secp256k1 key.", invalidPrivateDerivationPrefix = "HD node derivation error: private derivation paths must begin with \"m\".", invalidPublicDerivationPrefix = "HD node derivation error: public derivation paths must begin with \"M\"." } /** * An error in the decoding of an HD public or private key. */ export declare enum HdKeyDecodingError { incorrectLength = "HD key decoding error: length is incorrect (must encode 82 bytes).", invalidChecksum = "HD key decoding error: checksum is invalid.", invalidPublicKey = "HD key decoding error: the public key for this HD public node is not a valid Secp256k1 public key.", invalidPrivateKey = "HD key decoding error: the key for this HD private node is not a valid Secp256k1 private key.", missingPrivateKeyPaddingByte = "HD key decoding error: version indicates a private key, but the key data is missing a padding byte.", privateKeyExpected = "HD key decoding error: expected an HD private key, but encountered an HD public key.", publicKeyExpected = "HD key decoding error: expected an HD public key, but encountered an HD private key.", unknownCharacter = "HD key decoding error: key includes a non-base58 character.", unknownVersion = "HD key decoding error: key uses an unknown version.", zeroDepthWithNonZeroChildIndex = "HD key decoding error: key encodes a depth of zero with a non-zero child index.", zeroDepthWithNonZeroParentFingerprint = "HD key decoding error: key encodes a depth of zero with a non-zero parent fingerprint." } /** * An error in the encoding of an HD public or private key. */ export declare enum HdKeyEncodingError { invalidChainCodeLength = "HD key encoding error: invalid chain code length. Chain code must be 32 bytes.", invalidChildDepth = "HD key encoding error: invalid child depth. Child depth must be between 0 and 255 (inclusive).", invalidChildIndex = "HD key encoding error: invalid child index. Child index must be between 0 and 4294967295 (inclusive).", invalidParentFingerprintLength = "HD key encoding error: invalid parent fingerprint length. Parent fingerprint must be 4 bytes.", invalidPrivateKeyLength = "HD key encoding error: invalid private key length. Secp256k1 private keys must be 32 bytes.", invalidPublicKeyLength = "HD key encoding error: invalid public key length. Public key must be 33 bytes (compressed).", invalidPublicKey = "HD key encoding error: the public key for this HD public node is not a valid Secp256k1 public key.", zeroDepthWithNonZeroChildIndex = "HD key encoding error: attempted to encode a zero depth key with a non-zero child index.", zeroDepthWithNonZeroParentFingerprint = "HD key encoding error: attempted to encode a zero depth key with a non-zero parent fingerprint." } /** * The HMAC SHA-512 key used by BIP32, "Bitcoin seed" * (`utf8ToBin('Bitcoin seed')`) */ export declare const bip32HmacSha512Key: Uint8Array; /** * Derive an {@link HdPrivateNode} from the provided seed following the BIP32 * specification. A seed should include between 16 bytes and 64 bytes of * entropy (recommended: 32 bytes). * * @param seed - the entropy from which to derive the {@link HdPrivateNode} */ export declare const deriveHdPrivateNodeFromSeed: (seed: Uint8Array, { assumeValidity, crypto, hmacSha512Key, throwErrors, }?: { /** * If set, the derived private key will not be checked for validity, and * will be assumed valid if `true` or invalid if `false` (this is useful * for testing). */ assumeValidity?: AssumeValidity | undefined; /** * An optional object containing an implementation of sha512. */ crypto?: { sha512: { hash: Sha512['hash']; }; } | undefined; /** * The HMAC SHA-512 key to use (defaults to the HMAC SHA-512 key used by * BIP32, `utf8ToBin('Bitcoin seed')`. */ hmacSha512Key?: Uint8Array | undefined; /** * If `true`, invalid key derivations (probability less than 1 in 2^127) * will throw an `Error` rather than returning an * {@link HdPrivateNodeInvalid} (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => AssumeValidity extends false ? ThrowErrors extends false ? HdPrivateNode : HdPrivateNodeValid : HdPrivateNodeValid; /** * Derive the public identifier for a given {@link HdPrivateNode}. This is used * to uniquely identify HD nodes in software. The first 4 bytes of this * identifier are considered its "fingerprint". * * @param hdPrivateNode - The {@link HdPrivateNode} from which to derive the * public identifier. */ export declare const deriveHdPrivateNodeIdentifier: (hdPrivateNode: HdPrivateNodeValid, { crypto, }?: { /** * An optional object containing implementations of sha256 hashing, * ripemd160 hashing, and secp256k1 compressed public key derivation to use. */ crypto?: { sha256: { hash: Sha256['hash']; }; ripemd160: { hash: Ripemd160['hash']; }; secp256k1: { derivePublicKeyCompressed: Secp256k1['derivePublicKeyCompressed']; }; } | undefined; }) => string | Uint8Array; /** * Derive the public identifier for a given {@link HdPublicNodeValid}. This is * used to uniquely identify HD nodes in software. The first 4 bytes of this * identifier are considered its fingerprint. * * @param node - The {@link HdPublicNodeValid} from which to derive the * public identifier. */ export declare const deriveHdPublicNodeIdentifier: (node: HdPublicNodeValid, { crypto, }?: { /** * An optional object containing implementations of sha256 and ripemd160 * to use. */ crypto?: { ripemd160: { hash: Ripemd160['hash']; }; sha256: { hash: Sha256['hash']; }; } | undefined; }) => Uint8Array; /** * The 4-byte version indicating the network and type of an {@link HdPrivateKey} * or {@link HdPublicKey}. */ export declare enum HdKeyVersion { /** * Version indicating the HD key is an {@link HdPrivateKey} intended for use * on the main network. Base58 encoding at the expected length of an HD key * results in a prefix of `xprv`. * * Hex: `0x0488ade4` */ mainnetPrivateKey = 76066276, /** * Version indicating the HD key is an {@link HdPrivateKey} intended for use * on the main network. Base58 encoding at the expected length of an HD key * results in a prefix of `xpub`. * * Hex: `0x0488b21e` */ mainnetPublicKey = 76067358, /** * Version indicating the HD key is an {@link HdPrivateKey} intended for use * on the test network. Base58 encoding at the expected length of an HD key * results in a prefix of `tprv`. * * Hex: `0x04358394` */ testnetPrivateKey = 70615956, /** * Version indicating the HD key is an {@link HdPrivateKey} intended for use * on the test network. Base58 encoding at the expected length of an HD key * results in a prefix of `tpub`. * * Hex: `0x043587cf` */ testnetPublicKey = 70617039 } export declare const hdKeyVersionIsPublicKey: (version: number) => boolean; export declare const hdKeyVersionIsPrivateKey: (version: number) => boolean; /** * Decode a string following the HD key format as defined by BIP32, returning a * `node` and a `version`. Decoding errors are returned as strings. * * This is a less strict variant of {@link decodeHdKey}; most applications * should instead use {@link decodeHdKey}, or if the type of the key is known, * either {@link decodeHdPrivateKey} or {@link decodeHdPublicKey}. * * @param hdKey - A BIP32 HD private key or HD public key. */ export declare const decodeHdKeyUnchecked: (hdKey: string, { crypto, }?: { /** * An optional object containing an implementation of sha256 and a Secp256k1 * `validatePublicKey` to use. */ crypto?: { secp256k1: { validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; }) => string | { node: HdPrivateNodeValid | HdPrivateNodeInvalid; version: number; } | { node: HdPublicNodeValid | HdPublicNodeInvalid; version: number; }; /** * Decode an HD key as defined by BIP32, returning a `node` and a `network`. * Decoding errors are returned as strings. * * If the type of the key is known, use {@link decodeHdPrivateKey} or * {@link decodeHdPublicKey}. For a variant with less strict validation, * use {@link decodeHdKeyUnchecked}. * * @param hdKey - A BIP32 HD private key or HD public key. */ export declare const decodeHdKey: (hdKey: string, { crypto, }?: { /** * An optional object containing an implementation of sha256 and a Secp256k1 * `validatePublicKey` to use. */ crypto?: { secp256k1: { validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; }) => DecodedHdKey | string; /** * Decode an HD private key as defined by BIP32. * * This method is similar to {@link decodeHdKey} but ensures that the result is * a valid HD private node. Decoding error messages are returned as strings. * * @param hdPrivateKey - A BIP32 HD private key. */ export declare const decodeHdPrivateKey: (hdPrivateKey: string, { crypto, }?: { /** * An optional object containing an implementation of sha256 and a * Secp256k1 `validatePublicKey` to use. */ crypto?: { secp256k1: { validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; }) => DecodedHdKey | string; /** * Decode an HD public key as defined by BIP32. * * This method is similar to {@link decodeHdKey} but ensures that the result is * a valid HD public node. Decoding error messages are returned as strings. * * @param hdPublicKey - A BIP32 HD public key. */ export declare const decodeHdPublicKey: (hdPublicKey: string, { crypto, }?: { /** * An optional object containing an implementation of sha256 and a Secp256k1 * `validatePublicKey` to use. */ crypto?: { secp256k1: { validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; }) => DecodedHdKey | string; /** * Decode the provided HD private key and compute its identifier. Error messages * are returned as a string. */ export declare const hdPrivateKeyToIdentifier: (hdPrivateKey: string, { crypto, }?: { crypto?: { secp256k1: { validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; }) => string | Uint8Array; /** * Decode the provided HD public key and compute its identifier. Error messages * are returned as a string. */ export declare const hdPublicKeyToIdentifier: (hdPublicKey: string, { crypto, }?: { crypto?: { secp256k1: { validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; }) => string | Uint8Array; /** * Encode the metadata portion of an HD key payload. */ export declare const encodeHdKeyPayloadMetadata: ({ version, keyParameters, throwErrors, }: { keyParameters: DecodedHdKey; /** * If `true`, this function will throw an `Error` when the provided HD node * cannot be encoded using the BIP32 serialization, format rather than * returning the error as a string (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; version: Uint8Array; }) => ThrowErrors extends true ? Uint8Array : string | Uint8Array; /** * Encode an HD private key (as defined by BIP32) payload (without the checksum) * given a valid {@link HdPrivateNode} and network. * * Note that this function defaults to throwing encoding errors. To handle * errors in a type-safe way, set `throwErrors` to `false`. * * @param keyParameters - A valid HD private node and the network for which to * encode the key. */ export declare const encodeHdPrivateKeyPayload: (keyParameters: DecodedHdKey, { throwErrors, }?: { /** * If `true`, this function will throw an `Error` when the provided HD node * has a `depth` exceeding the maximum depth that can be encoded using the * BIP32 serialization format rather than returning the error as a string * (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? Uint8Array : string | Uint8Array; /** * Encode an HD public key (as defined by BIP32) payload (without the checksum) * given a valid {@link HdPublicNodeValid} and network. * * Note that this function defaults to throwing encoding errors. To handle * errors in a type-safe way, set `throwErrors` to `false`. * * @param keyParameters - A valid HD public node and the network for which to * encode the key. */ export declare const encodeHdPublicKeyPayload: (keyParameters: DecodedHdKey, { throwErrors, }?: { /** * If `true`, this function will throw an `Error` when the provided HD node * has a `depth` exceeding the maximum depth that can be encoded using the * BIP32 serialization format rather than returning the error as a string * (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? Uint8Array : string | Uint8Array; /** * Encode an HD public or private key (as defined by BIP32) payload with * a checksum. * * @param payload - the HD public or private key payload to encode */ export declare const encodeHdKeyPayloadWithChecksum: (payload: Uint8Array, { crypto, }?: { /** * An optional object containing an implementation of sha256 to use. */ crypto?: { sha256: { hash: Sha256['hash']; }; } | undefined; }) => string; export type HdPrivateKeyEncodeResult = { /** * The HD private key. */ hdPrivateKey: string; }; /** * Encode an HD private key (as defined by BIP32) given a valid * {@link HdPrivateNode} and network. * * Note that this function defaults to throwing encoding errors. To handle * errors in a type-safe way, set `throwErrors` to `false`. * * @param keyParameters - A valid HD private node and the network for which to * encode the key. */ export declare const encodeHdPrivateKey: (keyParameters: DecodedHdKey, { crypto, throwErrors, }?: { /** * An optional object containing an implementation of sha256 to use. */ crypto?: { sha256: { hash: Sha256['hash']; }; } | undefined; /** * If `true`, this function will throw an `Error` when the provided HD node * has a `depth` exceeding the maximum depth that can be encoded using the * BIP32 serialization format rather than returning the error as a string * (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? HdPrivateKeyEncodeResult : string | HdPrivateKeyEncodeResult; export type HdPublicKeyEncodeResult = { /** * The HD public key. */ hdPublicKey: string; }; /** * Encode an HD public key (as defined by BIP32) given a valid * {@link HdPublicNodeValid} and network. * * Note that this function defaults to throwing encoding errors. To handle * errors in a type-safe way, set `throwErrors` to `false`. * * @param keyParameters - An HD public node and the network for which to encode * the key. */ export declare const encodeHdPublicKey: (keyParameters: DecodedHdKey, { crypto, throwErrors, }?: { /** * An optional object containing an implementation of sha256 to use. */ crypto?: { secp256k1: { validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; /** * If `true`, this function will throw an `Error` when the provided HD node * has a `depth` exceeding the maximum depth that can be encoded using the * BIP32 serialization format rather than returning the error as a string * (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? HdPublicKeyEncodeResult : string | HdPublicKeyEncodeResult; /** * Derive the HD public node of an HD private node. * * Though private keys cannot be derived from HD public keys, sharing HD public * keys still carries risk. Along with allowing an attacker to associate wallet * addresses together (breaking privacy), should an attacker gain knowledge of a * single child private key, **it's possible to derive all parent HD private * keys**. See {@link crackHdPrivateNodeFromHdPublicNodeAndChildPrivateNode} for * details. * * To derive an HD public key from an encoded HD private key, * use {@link deriveHdPublicKey}. * * @param node - A valid HD private node. */ export declare const deriveHdPublicNode: (node: PrivateNode, { crypto, }?: { /** * An optional object containing an implementation of secp256k1 * compressed public key derivation to use. */ crypto?: { secp256k1: { derivePublicKeyCompressed: Secp256k1['derivePublicKeyCompressed']; }; } | undefined; }) => PrivateNode extends HdPrivateNodeKnownParent ? HdPublicNodeKnownParent : HdPublicNodeValid; /** * Derive the HD public key of an HD private key. * * Though private keys cannot be derived from HD public keys, sharing HD public * keys still carries risk. Along with allowing an attacker to associate wallet * addresses together (breaking privacy), should an attacker gain knowledge of a * single child private key, **it's possible to derive all parent HD private * keys**. See {@link crackHdPrivateNodeFromHdPublicNodeAndChildPrivateNode} for * details. * * To derive the HD public node of an already-decoded HD private node, * use {@link deriveHdPublicNode}. * * Note that this function defaults to throwing errors. To handle errors in a * type-safe way, set `throwErrors` to `false`. * * @param hdPrivateKey - A BIP32 HD private key. */ export declare const deriveHdPublicKey: (privateKey: string, { crypto, throwErrors, }?: { /** * An optional object containing an implementation of sha256 and a Secp256k1 * `derivePublicKeyCompressed` and `validatePublicKey` to use. */ crypto?: { secp256k1: { derivePublicKeyCompressed: Secp256k1['derivePublicKeyCompressed']; validatePublicKey: Secp256k1['validatePublicKey']; }; sha256: { hash: Sha256['hash']; }; } | undefined; /** * If `true`, this function will throw an `Error` when the provided HD * private key is invalid rather than returning the error as a string * (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? HdPublicKeyEncodeResult : string | HdPublicKeyEncodeResult; /** * Derive a child HD private node from an HD private node. * * To derive a child HD public node, use {@link deriveHdPublicNode} on the * result of this method. If the child uses a non-hardened index, it's also * possible to use {@link deriveHdPublicNodeChild}. * * Note that this function defaults to throwing errors. To handle errors in a * type-safe way, set `throwErrors` to `false`. * * This function has a less than 1 in 2^127 probability of producing * an invalid result (where the resulting private key is not a valid Secp256k1 * private key, see {@link validateSecp256k1PrivateKey}). While this scenario is * unlikely to ever occur without a weakness in HMAC-SHA512, the * `returnInvalidNodes` parameter can be set to `true` to return the resulting * {@link HdPrivateNodeInvalid} rather than an error (defaults to `false`). * * @param node - The valid HD private node from which to derive the child node. * @param index - The index at which to derive the child node - indexes greater * than or equal to the hardened index offset (`0x80000000`/`2147483648`) are * derived using the "hardened" derivation algorithm. */ export declare const deriveHdPrivateNodeChild: (node: HdPrivateNodeValid, index: number, { crypto, throwErrors, returnInvalidNodes, }?: { /** * An optional object containing implementations of sha256, ripemd160, * secp256k1 compressed public key derivation, and secp256k1 private key * "tweak addition" (application of the EC group operation). */ crypto?: { ripemd160: { hash: Ripemd160['hash']; }; secp256k1: { addTweakPrivateKey: Secp256k1['addTweakPrivateKey']; derivePublicKeyCompressed: Secp256k1['derivePublicKeyCompressed']; }; sha256: { hash: Sha256['hash']; }; sha512: { hash: Sha512['hash']; }; } | undefined; /** * If `true`, this function will throw an `Error` rather than returning * derivation errors as a string (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; /** * If `false`, invalid derivations (probability less than 1 in 2^127) will * produce an error rather than an {@link HdPrivateNodeInvalid} (defaults * to `false`). To return the invalid node rather than throwing an error, * `throwErrors` must also be set to `false`. */ returnInvalidNodes?: ReturnInvalidNodes | undefined; }) => ThrowErrors extends true ? HdPrivateNodeKnownParent : ReturnInvalidNodes extends false ? string | HdPrivateNodeKnownParent : string | HdPrivateNodeKnownParent; /** * Derive a non-hardened, child HD public node from an HD public node. * * Because hardened derivation also requires knowledge of the parent private * node, it's not possible to use an HD public node to derive a hardened child * HD public node. (See {@link deriveHdPath} or {@link deriveHdPublicNode}.) * * Though private keys cannot be derived from HD public keys, sharing HD public * keys still carries risk. Along with allowing an attacker to associate wallet * addresses together (breaking privacy), should an attacker gain knowledge of a * single child private key, **it's possible to derive all parent HD private * keys**. See {@link crackHdPrivateNodeFromHdPublicNodeAndChildPrivateNode} * for details. * * This function has a less than 1 in 2^127 probability of producing * an invalid result (where the resulting public key is not a valid Secp256k1 * public key). While this scenario is unlikely to ever occur without a weakness * in HMAC-SHA512, the `returnInvalidNodes` parameter can be set to `true` to * return the resulting {@link HdPrivateNodeInvalid} rather than an error * (defaults to `false`). * * @param node - The valid HD public node from which to derive the child * public node. * @param index - The index at which to derive the child node. */ export declare const deriveHdPublicNodeChild: (node: HdPublicNodeValid, index: number, { crypto, returnInvalidNodes, throwErrors, }?: { /** * An optional object containing implementations of sha256, sha512, * ripemd160, and secp256k1 compressed public key "tweak addition" * (application of the EC group operation). */ crypto?: { ripemd160: { hash: Ripemd160['hash']; }; secp256k1: { addTweakPublicKeyCompressed: Secp256k1['addTweakPublicKeyCompressed']; }; sha256: { hash: Sha256['hash']; }; sha512: { hash: Sha512['hash']; }; } | undefined; /** * If `false`, invalid derivations (probability less than 1 in 2^127) will * return an error rather than an {@link HdPublicNodeInvalid} (defaults * to `false`). To return the invalid node rather than throwing an error, * `throwErrors` must also be set to `false`. */ returnInvalidNodes?: ReturnInvalidNodes | undefined; /** * If `true`, this function will throw an `Error` rather than returning * derivation errors as a string (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? HdPublicNodeKnownParent : ReturnInvalidNodes extends false ? string | HdPublicNodeKnownParent : string | HdPublicNodeKnownParent; export type HdNodeKnownParent = NodeType extends HdPrivateNodeValid ? HdPrivateNodeKnownParent : HdPublicNodeKnownParent; type RelativeDerivation = Path extends '' ? NodeType : HdNodeKnownParent; /** * Derive a child HD node from a parent node given a relative derivation path. * The resulting node is the same type as the parent node – private nodes return * private nodes, public nodes return public nodes. (To prevent implementation * errors, this function will not internally derive a public node from any * private node; for public derivation, use {@link deriveHdPublicNode} at the * desired BIP32 account level and provide the HD public key to this function.) * * Where possible, consider instead using {@link deriveHdPath} to reduce the * likelihood of implementation errors. * * By default, this function throws an `Error` rather than returning the error * as string when the provided path is invalid or cannot be derived from the * provided HD node (e.g. the path requests an excessive child index, a hardened * path is requested from a public node, or an astronomically rare HMAC-SHA512 * result produces and invalid node). * * While the throwing behavior is reasonable for the common case of deriving * known, fixed paths (e.g. the BCH account as standardized by SLIP44 at * `m/44'/145'/0'`), **it is recommended that `throwErrors` be set to `false` * for use cases where dynamic or user-specified paths might be derived**. In * these cases, deliberate error handling is recommended, e.g. saving any data * and safely shutting down, displaying troubleshooting information to the * user, etc. * * The derivation path uses the notation specified in BIP32; see * {@link deriveHdPath} for details. * * @param node - The HD node from which to begin the derivation – for private * derivation, an {@link HdPrivateNodeValid}; for public derivation, * an {@link HdPublicNodeValid}. * @param path - The relative BIP32 derivation path, e.g. `1'/2` or `3/4/5`. */ export declare const deriveHdPathRelative: (node: NodeType, path: Path, { crypto, throwErrors, }?: { /** * An optional object containing implementations of sha256 hashing, sha512 * hashing, ripemd160 hashing, and secp256k1 derivation functions. */ crypto?: { ripemd160: { hash: Ripemd160['hash']; }; secp256k1: { addTweakPrivateKey: Secp256k1['addTweakPrivateKey']; addTweakPublicKeyCompressed: Secp256k1['addTweakPublicKeyCompressed']; derivePublicKeyCompressed: Secp256k1['derivePublicKeyCompressed']; }; sha256: { hash: Sha256['hash']; }; sha512: { hash: Sha512['hash']; }; } | undefined; /** * If `true`, this function will throw an `Error` rather than returning the * error as a string when the provided path is invalid or cannot be derived * from the provided HD node (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? RelativeDerivation : string | RelativeDerivation; type AbsoluteDerivation = NodeType extends HdNodeKnownParent ? never : Path extends 'M' ? NodeType extends HdPublicNodeValid ? NodeType : never : Path extends 'm' ? NodeType extends HdPrivateNodeValid ? NodeType : never : /** * Unfortunately, paths of type `string` can still have the value `m` or * `M`, so we still have to return `NodeType` in this union: */ HdNodeKnownParent | NodeType; /** * Derive a child HD node from a master node given an absolute derivation path. * The resulting node is the same type as the parent node – private nodes return * private nodes, public nodes return public nodes. (To prevent implementation * errors, this function will not internally derive a public node from any * private node; for public derivation, use {@link deriveHdPublicNode} at the * desired BIP32 account level and provide the HD public key to this function.) * * The derivation path uses the notation specified in BIP32: the first character * must be either `m` for private derivation or `M` for public derivation, * followed by sets of `/` and a number representing the child index used in the * derivation at that depth. Hardened derivation is represented by a trailing * `'`, and may only appear in private derivation paths (hardened derivation * requires knowledge of the private key). Hardened child indexes are * represented with the hardened index offset (`2147483648`) subtracted. * * For example, `m/0/1'/2` uses private derivation (`m`), with child indexes in * the following order: * * `derivePrivate(derivePrivate(derivePrivate(node, 0), 2147483648 + 1), 2)` * * Likewise, `M/3/4/5` uses public derivation (`M`), with child indexes in the * following order: * * `derivePublic(derivePublic(derivePublic(node, 3), 4), 5)` * * Because hardened derivation requires a private node, paths that specify * public derivation (`M`) using hardened derivation (`'`) will return an error. * To derive the public node associated with a child private node that requires * hardened derivation, begin with private derivation, then provide the result * to {@link deriveHdPublicNode} or {@link deriveHdPathRelative}. * * By default, this function throws an `Error` rather than returning the error * as string when the provided path is invalid or cannot be derived from the * provided HD node (e.g. the path requests an excessive child index, a hardened * path is requested from a public node, or an astronomically rare HMAC-SHA512 * result produces and invalid node). * * While the throwing behavior is reasonable for the common case of deriving * known, fixed paths (e.g. the BCH account as standardized by SLIP44 at * `m/44'/145'/0'`), **it is recommended that `throwErrors` be set to `false` * for use cases where dynamic or user-specified paths might be derived**. In * these cases, deliberate error handling is recommended, e.g. saving any data * and safely shutting down, displaying troubleshooting information to the * user, etc. * * @param node - The HD node from which to begin the derivation – for paths * beginning with `m`, an {@link HdPrivateNodeValid}; for paths beginning with * `M`, an {@link HdPublicNodeValid}. * @param path - The BIP32 derivation path, e.g. `m/0/1'/2` or `M/3/4/5`. */ export declare const deriveHdPath: (node: NodeType, path: Path, { crypto, throwErrors, }?: { /** * An optional object containing implementations of sha256 hashing, sha512 * hashing, ripemd160 hashing, and secp256k1 derivation functions. */ crypto?: { ripemd160: { hash: Ripemd160['hash']; }; secp256k1: { addTweakPrivateKey: Secp256k1['addTweakPrivateKey']; addTweakPublicKeyCompressed: Secp256k1['addTweakPublicKeyCompressed']; derivePublicKeyCompressed: Secp256k1['derivePublicKeyCompressed']; }; sha256: { hash: Sha256['hash']; }; sha512: { hash: Sha512['hash']; }; } | undefined; /** * If `true`, this function will throw an `Error` rather than returning the * error as a string when the provided path is invalid or cannot be derived * from the provided HD node (defaults to `true`). */ throwErrors?: ThrowErrors | undefined; }) => ThrowErrors extends true ? AbsoluteDerivation : string | AbsoluteDerivation; export declare enum HdNodeCrackingError { cannotCrackHardenedDerivation = "HD node cracking error: cannot crack an HD parent node using hardened child node." } /** * Derive the HD private node from a HD public node, given any non-hardened * child private node. * * This exploits the "non-hardened" BIP32 derivation algorithm. Because * non-hardened derivation only requires knowledge of the "chain code" (rather * than requiring knowledge of the parent private key) it's possible to * calculate the value by which the parent private key is "tweaked" to arrive at * the child private key. Since we have the child private key, we simply * subtract this "tweaked" amount to get back to the parent private key. * * The BIP32 "hardened" derivation algorithm is designed to address this * weakness. Using hardened derivation, child private nodes can be shared * without risk of leaking the parent private node, but this comes at the cost * of public node derivation. Given only a parent public node, it is not * possible to derive hardened child public keys, so applications must choose * between support for HD public node derivation or support for sharing child * private nodes. * * @param parentPublicNode - the parent HD public node for which to derive a * private node. * @param childPrivateNode - Any non-hardened child private node of the parent * node (only the `privateKey` and the `childIndex` are required). */ export declare const crackHdPrivateNodeFromHdPublicNodeAndChildPrivateNode: (parentPublicNode: PublicNode, childPrivateNode: { childIndex: number; privateKey: Uint8Array; }, { crypto, }?: { /** * An optional object containing an implementation of sha512. */ crypto?: { sha512: { hash: Sha512['hash']; }; } | undefined; }) => HdNodeCrackingError.cannotCrackHardenedDerivation | (PublicNode extends HdPublicNodeKnownParent ? HdPrivateNodeKnownParent : HdPrivateNodeValid); export {}; //# sourceMappingURL=hd-key.d.ts.map