UNPKG

bitcore-mnemonic

Version:

BIP39 Mnemonics implemented for Bitcore.

github.com/bitpay/bitcore-mnemonic

bitpay/bitcore-mnemonic

340 lines (294 loc) 9.4 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
'use strict'; const bitcore = require('bitcore-lib'); const BN = bitcore.crypto.BN; const unorm = require('unorm'); const _ = bitcore.deps._; const pbkdf2 = require('./pbkdf2'); const errors = require('./errors'); const Hash = bitcore.crypto.Hash; const Random = bitcore.crypto.Random; const Network = bitcore.Networks; const HDErrors = bitcore.errors.HDPrivateKey; const $ = bitcore.util.preconditions; /** * This is an immutable class that represents a BIP39 Mnemonic code. * See BIP39 specification for more info: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki * A Mnemonic code is a a group of easy to remember words used for the generation * of deterministic wallets. A Mnemonic can be used to generate a seed using * an optional passphrase, for later generate a HDPrivateKey. * * @example * // generate a random mnemonic * var mnemonic = new Mnemonic(); * var phrase = mnemonic.phrase; * * // use a different language * var mnemonic = new Mnemonic(Mnemonic.Words.SPANISH); * var xprivkey = mnemonic.toHDPrivateKey(); * * @param {*=} data - a seed, phrase, or entropy to initialize (can be skipped) * @param {Array=} wordlist - the wordlist to generate mnemonics from * @returns {Mnemonic} A new instance of Mnemonic * @constructor */ const Mnemonic = function(data, wordlist) { if (!(this instanceof Mnemonic)) { return new Mnemonic(data, wordlist); } if (_.isArray(data)) { wordlist = data; data = null; } // handle data overloading var ent, phrase, seed; if (Buffer.isBuffer(data)) { seed = data; ent = seed.length * 8; } else if (_.isString(data)) { phrase = unorm.nfkd(data); } else if (_.isNumber(data)) { ent = data; } else if (data) { throw new bitcore.errors.InvalidArgument('data', 'Must be a Buffer, a string or an integer'); } ent = ent || 128; // check and detect wordlist wordlist = wordlist || Mnemonic._getDictionary(phrase); if (phrase && !wordlist) { throw new errors.UnknownWordlist(phrase); } wordlist = wordlist || Mnemonic.Words.ENGLISH; if (seed) { phrase = Mnemonic._entropy2mnemonic(seed, wordlist); } // validate phrase and ent if (phrase && !Mnemonic.isValid(phrase, wordlist)) { throw new errors.InvalidMnemonic(phrase); } if (ent % 32 !== 0 || ent < 128 || ent > 256) { throw new bitcore.errors.InvalidArgument('ENT', 'Values must be ENT > 128 and ENT < 256 and ENT % 32 == 0'); } phrase = phrase || Mnemonic._mnemonic(ent, wordlist); // this fixes spacing in JP phrase = unorm.nfkd(phrase); Object.defineProperty(this, 'wordlist', { configurable: false, value: wordlist }); Object.defineProperty(this, 'phrase', { configurable: false, value: phrase }); }; Mnemonic.Words = require('./words'); /** * Will return a boolean if the mnemonic is valid * * @example * * var valid = Mnemonic.isValid('lab rescue lunch elbow recall phrase perfect donkey biology guess moment husband'); * // true * * @param {String} mnemonic - The mnemonic string * @param {String} [wordlist] - The wordlist used * @returns {boolean} */ Mnemonic.isValid = function(mnemonic, wordlist) { mnemonic = unorm.nfkd(mnemonic); wordlist = wordlist || Mnemonic._getDictionary(mnemonic); if (!wordlist) { return false; } var words = mnemonic.split(' '); var bin = ''; for (var i = 0; i < words.length; i++) { var ind = wordlist.indexOf(words[i]); if (ind < 0) return false; bin = bin + ('00000000000' + ind.toString(2)).slice(-11); } var cs = bin.length / 33; var hash_bits = bin.slice(-cs); var nonhash_bits = bin.slice(0, bin.length - cs); var buf = Buffer.alloc(nonhash_bits.length / 8); for (i = 0; i < nonhash_bits.length / 8; i++) { buf.writeUInt8(parseInt(bin.slice(i * 8, (i + 1) * 8), 2), i); } var expected_hash_bits = Mnemonic._entropyChecksum(buf); return expected_hash_bits === hash_bits; }; /** * Internal function to check if a mnemonic belongs to a wordlist. * * @param {String} mnemonic - The mnemonic string * @param {String} wordlist - The wordlist * @returns {boolean} */ Mnemonic._belongsToWordlist = function(mnemonic, wordlist) { var words = unorm.nfkd(mnemonic).split(' '); for (var i = 0; i < words.length; i++) { var ind = wordlist.indexOf(words[i]); if (ind < 0) return false; } return true; }; /** * Internal function to detect the wordlist used to generate the mnemonic. * * @param {String} mnemonic - The mnemonic string * @returns {Array} the wordlist or null */ Mnemonic._getDictionary = function(mnemonic) { if (!mnemonic) return null; var dicts = Object.keys(Mnemonic.Words); for (var i = 0; i < dicts.length; i++) { var key = dicts[i]; if (Mnemonic._belongsToWordlist(mnemonic, Mnemonic.Words[key])) { return Mnemonic.Words[key]; } } return null; }; /** * Will generate a seed based on the mnemonic and optional passphrase. * * @param {String} [passphrase] * @returns {Buffer} */ Mnemonic.prototype.toSeed = function(passphrase) { passphrase = passphrase || ''; return pbkdf2(unorm.nfkd(this.phrase), unorm.nfkd('mnemonic' + passphrase), 2048, 64); }; /** * Will generate a Mnemonic object based on a seed. * * @param {Buffer} [seed] * @param {string} [wordlist] * @returns {Mnemonic} */ Mnemonic.fromSeed = function(seed, wordlist) { $.checkArgument(Buffer.isBuffer(seed), 'seed must be a Buffer.'); $.checkArgument(_.isArray(wordlist) || _.isString(wordlist), 'wordlist must be a string or an array.'); return new Mnemonic(seed, wordlist); }; /** * * Generates a HD Private Key from a Mnemonic. * Optionally receive a passphrase and bitcoin network. * * @param {String=} [passphrase] * @param {Network|String|number=} [network] - The network: 'livenet' or 'testnet' * @param {String=} [keyType] - The type of key used to compute HMAC-SHA512. Default 'Bitcoin'. Other options include ed25519 * @returns {HDPrivateKey} */ Mnemonic.prototype.toHDPrivateKey = function(passphrase, network, keyType) { const MINIMUM_ENTROPY_BITS = 128; const BITS_TO_BYTES = 1 / 8; const MAXIMUM_ENTROPY_BITS = 512; let hexa = this.toSeed(passphrase); let key = 'Bitcoin seed'; if ((typeof hexa === 'string' || hexa instanceof String) && /^[0-9a-fA-F]+$/.test(hexa)) { hexa = Buffer.from(hexa, 'hex'); } if (!Buffer.isBuffer(hexa)) { throw new HDErrors.InvalidEntropyArgument(hexa); } if (keyType && !Mnemonic.validKeyTypes.includes(keyType)) { throw new Error(`Invalid Key Type: ${keyType}`); } if (keyType) { key = `${keyType} seed`; } if (hexa.length < MINIMUM_ENTROPY_BITS * BITS_TO_BYTES) { throw new HDErrors.InvalidEntropyArgument.NotEnoughEntropy(hexa); } if (hexa.length > MAXIMUM_ENTROPY_BITS * BITS_TO_BYTES) { throw new HDErrors.InvalidEntropyArgument.TooMuchEntropy(hexa); } const hash = Hash.sha512hmac(hexa, Buffer.from(key)); return new bitcore.HDPrivateKey({ network: Network.get(network) || Network.defaultNetwork, depth: 0, parentFingerPrint: 0, childIndex: 0, privateKey: hash.slice(0, 32), chainCode: hash.slice(32, 64) }); }; Mnemonic.validKeyTypes = ['Bitcoin', 'ed25519']; /** * Will return a the string representation of the mnemonic * * @returns {String} Mnemonic */ Mnemonic.prototype.toString = function() { return this.phrase; }; /** * Will return a string formatted for the console * * @returns {String} Mnemonic */ Mnemonic.prototype.inspect = function() { return '<Mnemonic: ' + this.toString() + ' >'; }; /** * Internal function to generate a random mnemonic * * @param {Number} ENT - Entropy size, defaults to 128 * @param {Array} wordlist - Array of words to generate the mnemonic * @returns {String} Mnemonic string */ Mnemonic._mnemonic = function(ENT, wordlist) { var buf = Random.getRandomBuffer(ENT / 8); return Mnemonic._entropy2mnemonic(buf, wordlist); }; /** * Internal function to generate mnemonic based on entropy * * @param {Buffer} entropy - Entropy buffer * @param {Array} wordlist - Array of words to generate the mnemonic * @returns {String} Mnemonic string */ Mnemonic._entropy2mnemonic = function(entropy, wordlist) { var bin = ''; for (var i = 0; i < entropy.length; i++) { bin = bin + ('00000000' + entropy[i].toString(2)).slice(-8); } bin = bin + Mnemonic._entropyChecksum(entropy); if (bin.length % 11 !== 0) { throw new errors.InvalidEntropy(bin); } var mnemonic = []; for (i = 0; i < bin.length / 11; i++) { var wi = parseInt(bin.slice(i * 11, (i + 1) * 11), 2); mnemonic.push(wordlist[wi]); } var ret; if (wordlist === Mnemonic.Words.JAPANESE) { ret = mnemonic.join('\u3000'); } else { ret = mnemonic.join(' '); } return ret; }; /** * Internal function to create checksum of entropy * * @param {Buffer} entropy * @returns {string} Checksum of entropy length / 32 * @private */ Mnemonic._entropyChecksum = function(entropy) { var hash = Hash.sha256(entropy); var bits = entropy.length * 8; var cs = bits / 32; var hashbits = new BN(hash.toString('hex'), 16).toString(2); // zero pad the hash bits while (hashbits.length % 256 !== 0) { hashbits = '0' + hashbits; } var checksum = hashbits.slice(0, cs); return checksum; }; Mnemonic.bitcore = bitcore; module.exports = Mnemonic;