keyfork/crates/derive/keyfork-derive-util
Ryan Heywood 086e56bef0
keyfork-derive-util: minor refactor, tidy up publicness of modules
2024-02-11 01:04:13 -05:00
..
src keyfork-derive-util: minor refactor, tidy up publicness of modules 2024-02-11 01:04:13 -05:00
Cargo.toml reorganize crates 2024-01-15 00:12:34 -05:00
README.md keyfork-derive-util: more docs!!! 2024-02-11 00:32:10 -05:00

README.md

Keyfork Derive: BIP-0032 Key Derivation

Keyfork offers a BIP-0032 based hierarchial key derivation system enabling the ability to create keys based on a BIP-0032 seed, a value between 128 to 512 bits. The keys can be made using any algorithm supported by Keyfork Derive. Newtypes can be added to wrap around foreign key types that aren't supported by Keyfork.

Keys derived with the same parameters, from the same seed, will always return the same value. This makes Keyfork a reliable backend for generating encryption or signature keys, as every key can be recovered using the previously used derivation algorithm. However, this may be seen as a concern, as all an attacker may need to recreate all previously-used seeds would be the original derivation seed. For this reason, it is recommended to use the Keyfork server for derivation from the root seed. The Keyfork server will ensure the root seed and any highest-level keys (such as BIP-44, BIP-85, etc.) keys are not leaked.

The primary use case of Keyfork Derive will be the creation of Derivation Requests, to be used by Keyforkd Client. In the included example, derivation is performed directly on a master seed. This is how Keyforkd works internally.

Example

use std::str::FromStr;
use keyfork_mnemonic_util::Mnemonic;
use keyfork_derive_util::{*, request::*};

fn main() -> Result<(), Box<dyn std::error::Error>> {
    let mnemonic = Mnemonic::from_str(
        "enter settle kiwi high shift absorb protect sword talent museum lazy okay"
    )?;
    let path = DerivationPath::from_str("m/44'/0'/0'/0/0")?;

    let request = DerivationRequest::new(
        DerivationAlgorithm::Secp256k1,
        &path
    );

    let key1 = request.derive_with_mnemonic(&mnemonic)?;

    let seed = mnemonic.seed(None)?;
    let key2 = request.derive_with_master_seed(seed)?;

    assert_eq!(key1, key2);

    Ok(())
}