@swtc/keypairs
Version:
swtc keypairs
97 lines • 4.02 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.derivePrivateKey = derivePrivateKey;
exports.accountPublicFromPublicGenerator = accountPublicFromPublicGenerator;
const elliptic = __importStar(require("elliptic"));
const sha512_1 = __importDefault(require("./sha512"));
const secp256k1 = elliptic.ec("secp256k1");
// TODO: type of `discrim`?
function deriveScalar(bytes, discrim) {
const order = secp256k1.curve.n;
for (let i = 0; i <= 0xffffffff; i++) {
// We hash the bytes to find a 256 bit number, looping until we are sure it
// is less than the order of the curve.
const hasher = new sha512_1.default().add(bytes);
// If the optional discriminator index was passed in, update the hash.
if (discrim !== undefined) {
hasher.addU32(discrim);
}
hasher.addU32(i);
const key = hasher.first256BN();
if (key.cmpn(0) > 0 && key.cmp(order) < 0) {
return key;
}
}
throw new Error("impossible unicorn ;)");
}
/**
* @param {Array} seed - bytes
* @param {Object} [opts] - object
* @param {Number} [opts.accountIndex=0] - the account number to generate
* @param {Boolean} [opts.validator=false] - generate root key-pair,
* as used by validators.
* @return {bn.js} - 256 bit scalar value
*
*/
function derivePrivateKey(seed, opts = {}) {
const root = opts.validator;
const order = secp256k1.curve.n;
// This private generator represents the `root` private key, and is what's
// used by validators for signing when a keypair is generated from a seed.
const privateGen = deriveScalar(seed);
if (root) {
// As returned by validation_create for a given seed
return privateGen;
}
const publicGen = secp256k1.g.mul(privateGen);
// A seed can generate many keypairs as a function of the seed and a uint32.
// Almost everyone just uses the first account, `0`.
const accountIndex = opts.accountIndex || 0;
return deriveScalar(publicGen.encodeCompressed(), accountIndex)
.add(privateGen)
.mod(order);
}
function accountPublicFromPublicGenerator(publicGenBytes) {
const rootPubPoint = secp256k1.curve.decodePoint(publicGenBytes);
const scalar = deriveScalar(publicGenBytes, 0);
const point = secp256k1.g.mul(scalar);
const offset = rootPubPoint.add(point);
return offset.encodeCompressed();
}
//# sourceMappingURL=secp256k1.js.map