seedify

func BraveSync25thWord ¶

func BraveSync25thWord() (string, error)

BraveSync25thWord returns the 25th word for Brave Sync based on the current date. The 25th word changes daily and is calculated from the epoch date "Tue, 10 May 2022 00:00:00 GMT". The number of days since the epoch is used as an index into the BIP39 English word list.

This function replicates the logic from the JavaScript implementation at https://alexeybarabash.github.io/25th-brave-sync-word/

Returns an error if the current date is before the epoch date or if the calculated index is out of bounds for the BIP39 word list.

func BraveSync25thWordForDate ¶

func BraveSync25thWordForDate(date time.Time) (string, error)

BraveSync25thWordForDate returns the 25th word for Brave Sync for a specific date. This allows you to get the 25th word for any date, not just today.

The date parameter should be in UTC. The number of days since the epoch "Tue, 10 May 2022 00:00:00 GMT" is used as an index into the BIP39 English word list.

Returns an error if the provided date is before the epoch date or if the calculated index is out of bounds for the BIP39 word list.

func DeriveBitcoinAddress ¶

func DeriveBitcoinAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveBitcoinAddress derives a Bitcoin address from a BIP39 mnemonic phrase. The function follows BIP44 standard with derivation path m/44'/0'/0'/0/0. It returns a P2PKH address (starts with "1") for Bitcoin mainnet.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Bitcoin P2PKH address
• error: Any error that occurred during derivation

func DeriveBitcoinAddressNativeSegwit ¶

func DeriveBitcoinAddressNativeSegwit(mnemonic string, bip39Passphrase string) (string, error)

DeriveBitcoinAddressNativeSegwit derives a P2WPKH (Native SegWit) Bitcoin address. The function follows BIP84 standard with derivation path m/84'/0'/0'/0/0. It returns a Bech32 address (starts with "bc1q") for Bitcoin mainnet.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Bitcoin P2WPKH address (starts with "bc1q")
• error: Any error that occurred during derivation

package main

import (
	"crypto/ed25519"
	"fmt"

	"github.com/complex-gh/seedify"
)

// testKey returns a deterministic Ed25519 key for examples.
// In real usage this would come from an SSH key file.
func testKey() ed25519.PrivateKey {
	seed := make([]byte, ed25519.SeedSize)
	for i := range seed {
		seed[i] = byte(i + 1)
	}
	return ed25519.NewKeyFromSeed(seed)
}

func main() {
	key := testKey()

	mnemonic, _ := seedify.ToMnemonicWithLength(&key, 24, "", false, 0)

	addr, err := seedify.DeriveBitcoinAddressNativeSegwit(mnemonic, "")
	if err != nil {
		fmt.Println("error:", err)
		return
	}

	fmt.Println("starts with bc1q:", addr[:4] == "bc1q")
}

Output:

func DeriveBitcoinAddressNativeSegwitAtIndex ¶

func DeriveBitcoinAddressNativeSegwitAtIndex(mnemonic string, bip39Passphrase string, addressIndex uint32) (string, error)

DeriveBitcoinAddressNativeSegwitAtIndex derives a P2WPKH address at the given address index. Path: m/84'/0'/0'/0/{addressIndex}. Index 1-19 is typically used for DNS output.

func DeriveBitcoinAddressSegwit ¶

func DeriveBitcoinAddressSegwit(mnemonic string, bip39Passphrase string) (string, error)

DeriveBitcoinAddressSegwit derives a P2SH-P2WPKH (Nested SegWit) Bitcoin address. The function follows BIP49 standard with derivation path m/49'/0'/0'/0/0. It returns a P2SH-wrapped SegWit address (starts with "3") for Bitcoin mainnet.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Bitcoin P2SH-P2WPKH address (starts with "3")
• error: Any error that occurred during derivation

func DeriveBitcoinMasterFingerprint ¶

func DeriveBitcoinMasterFingerprint(mnemonic string, bip39Passphrase string) (string, error)

DeriveBitcoinMasterFingerprint derives the master key fingerprint from a BIP39 mnemonic. The fingerprint is the first 4 bytes of HASH160(compressed_master_public_key), encoded as a lowercase hex string (8 characters). This is commonly used in wallet descriptors and PSBTs (e.g., [d219d86d/48'/0'/0'/2']xpub...).

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• fingerprint: The 4-byte master fingerprint as a lowercase hex string
• error: Any error that occurred during derivation

func DeriveCosmosAddress ¶

func DeriveCosmosAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveCosmosAddress derives a Cosmos (ATOM) address from a BIP39 mnemonic. The function follows BIP44 standard with derivation path m/44'/118'/0'/0/0. It returns a Bech32 address with the "cosmos" prefix (starts with "cosmos1").

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Cosmos address (starts with "cosmos1")
• error: Any error that occurred during derivation

func DeriveDogecoinAddress ¶

func DeriveDogecoinAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveDogecoinAddress derives a Dogecoin P2PKH address from a BIP39 mnemonic. The function follows BIP44 standard with derivation path m/44'/3'/0'/0/0. It returns a Base58Check address (starts with "D") for Dogecoin mainnet.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Dogecoin P2PKH address (starts with "D")
• error: Any error that occurred during derivation

func DeriveEthereumAddress ¶

func DeriveEthereumAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveEthereumAddress derives an Ethereum address from a BIP39 mnemonic phrase. The function follows BIP44 standard with derivation path m/44'/60'/0'/0/0. It returns a checksummed Ethereum address (starts with "0x").

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Ethereum address with 0x prefix
• error: Any error that occurred during derivation

package main

import (
	"crypto/ed25519"
	"fmt"

	"github.com/complex-gh/seedify"
)

// testKey returns a deterministic Ed25519 key for examples.
// In real usage this would come from an SSH key file.
func testKey() ed25519.PrivateKey {
	seed := make([]byte, ed25519.SeedSize)
	for i := range seed {
		seed[i] = byte(i + 1)
	}
	return ed25519.NewKeyFromSeed(seed)
}

func main() {
	key := testKey()

	mnemonic, _ := seedify.ToMnemonicWithLength(&key, 24, "", false, 0)

	addr, err := seedify.DeriveEthereumAddress(mnemonic, "")
	if err != nil {
		fmt.Println("error:", err)
		return
	}

	fmt.Println("starts with 0x:", addr[:2] == "0x")
	fmt.Println("length:", len(addr))
}

Output:

func DeriveLitecoinAddress ¶

func DeriveLitecoinAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveLitecoinAddress derives a Litecoin native SegWit (P2WPKH) address from a BIP39 mnemonic. The function follows BIP84 standard with derivation path m/84'/2'/0'/0/0. It returns a Bech32 address (starts with "ltc1") for Litecoin mainnet.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Litecoin P2WPKH address (starts with "ltc1")
• error: Any error that occurred during derivation

func DeriveMoneroAddress ¶

func DeriveMoneroAddress(mnemonic string) (string, error)

DeriveMoneroAddress derives a Monero address from a polyseed mnemonic phrase. The function decodes the polyseed to extract the seed bytes, then derives the Monero spend and view keys from it.

Parameters:

• mnemonic: A valid 16-word polyseed mnemonic phrase

Returns:

• address: The Monero primary address (starts with "4")
• error: Any error that occurred during derivation

func DeriveMoneroSubaddressAtIndex ¶

func DeriveMoneroSubaddressAtIndex(mnemonic string, index uint32) (string, error)

DeriveMoneroSubaddressAtIndex derives a Monero receiving subaddress at the given index. Index 0 maps to subaddress (0,1), index 1 to (0,2), etc. Valid range: 0-19 for DNS output.

func DeriveNobleAddress ¶

func DeriveNobleAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveNobleAddress derives a Noble address from a BIP39 mnemonic. Noble uses the same key derivation as Cosmos (coin type 118) but with "noble" bech32 prefix.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Noble address (starts with "noble1")
• error: Any error that occurred during derivation

func DeriveNostrKeys ¶

func DeriveNostrKeys(mnemonic string, bip39Passphrase string) (npub string, nsec string, err error)

DeriveNostrKeys derives Nostr keys (npub/nsec) from a BIP39 mnemonic phrase. The function follows NIP-06 standard: it converts the mnemonic to a BIP39 seed, then uses BIP32 hierarchical derivation with path m/44'/1237'/0'/0/0 to derive the Nostr private key. The keys are encoded to npub/nsec format using bech32.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• npub: The Nostr public key in bech32 format (starts with "npub1")
• nsec: The Nostr private key in bech32 format (starts with "nsec1")
• error: Any error that occurred during derivation

func DeriveNostrKeysFromEd25519 ¶

func DeriveNostrKeysFromEd25519(key *ed25519.PrivateKey) (npub string, nsec string, err error)

DeriveNostrKeysFromEd25519 derives Nostr keys (npub/nsec) directly from an Ed25519 private key. This function is used to derive Nostr keys from SSH keys without going through seed phrases.

Parameters:

• key: An Ed25519 private key (e.g., from an SSH key)

Returns:

• npub: The Nostr public key in bech32 format (starts with "npub1")
• nsec: The Nostr private key in bech32 format (starts with "nsec1")
• error: Any error that occurred during derivation

func DeriveRippleAddress ¶

func DeriveRippleAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveRippleAddress derives an XRP Ledger address from a BIP39 mnemonic. The function follows BIP44 standard with derivation path m/44'/144'/0'/0/0. It returns a Ripple Base58Check address (starts with "r").

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The XRP address (starts with "r")
• error: Any error that occurred during derivation

func DeriveSilentPaymentAddress ¶

func DeriveSilentPaymentAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveSilentPaymentAddress derives a BIP 352 Silent Payment (sp1) address from a BIP39 mnemonic. The function follows BIP 352 derivation paths:

• scan key: m/352'/0'/0'/1'/0
• spend key: m/352'/0'/0'/0'/0

It returns a bech32m-encoded address (starts with "sp1") for Bitcoin mainnet. Silent Payments are privacy-preserving static addresses: each payment appears on-chain as a unique Taproot address, making it impossible for observers to link payments.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Bitcoin Silent Payment address (starts with "sp1")
• error: Any error that occurred during derivation

func DeriveSolanaAddress ¶

func DeriveSolanaAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveSolanaAddress derives a Solana address from a BIP39 mnemonic phrase. The function follows SLIP-0010/BIP44 standard with derivation path m/44'/501'/0'/0'. Solana uses Ed25519 keys, so all path components are hardened. It returns a Base58-encoded public key as the Solana address.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Solana address (Base58-encoded public key)
• error: Any error that occurred during derivation

func DeriveStellarAddress ¶

func DeriveStellarAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveStellarAddress derives a Stellar (XLM) address from a BIP39 mnemonic. The function follows SEP-0005 standard with derivation path m/44'/148'/0' using SLIP-0010 Ed25519 derivation. It returns a StrKey-encoded public key (starts with "G").

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Stellar address (starts with "G")
• error: Any error that occurred during derivation

func DeriveSuiAddress ¶

func DeriveSuiAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveSuiAddress derives a Sui address from a BIP39 mnemonic. The function follows SLIP-0010 Ed25519 derivation with path m/44'/784'/0'/0'/0'. It returns an address formatted as "0x" + hex(Blake2b-256(0x00 || pubkey)).

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Sui address (starts with "0x")
• error: Any error that occurred during derivation

func DeriveTronAddress ¶

func DeriveTronAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveTronAddress derives a Tron address from a BIP39 mnemonic phrase. The function follows BIP44 standard with derivation path m/44'/195'/0'/0/0. Tron uses the same secp256k1 key derivation and Keccak256 address computation as Ethereum, but encodes the address using Base58Check with a 0x41 prefix instead of hex with a 0x prefix. The resulting address starts with "T".

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Tron address (Base58Check-encoded, starts with "T")
• error: Any error that occurred during derivation

func DeriveZcashAddress ¶

func DeriveZcashAddress(mnemonic string, bip39Passphrase string) (string, error)

DeriveZcashAddress derives a Zcash transparent P2PKH (t1) address from a BIP39 mnemonic. The function follows BIP44 standard with derivation path m/44'/133'/0'/0/0 (coin type 133 = Zcash per SLIP-0044). It returns a Base58Check address (starts with "t1") for Zcash mainnet.

Parameters:

• mnemonic: A valid BIP39 mnemonic phrase
• bip39Passphrase: Optional BIP39 passphrase (empty string if not used)

Returns:

• address: The Zcash transparent P2PKH address (starts with "t1")
• error: Any error that occurred during derivation

func ToMnemonicWithBraveSync ¶

func ToMnemonicWithBraveSync(key *ed25519.PrivateKey, seedPassphrase string) (string, error)

ToMnemonicWithBraveSync generates a 24-word mnemonic with the "brave" prefix and appends the 25th word from Brave Sync. This creates a 25-word phrase suitable for use with Brave Sync.

The function generates 24 words using the same logic as ToMnemonicWithLength with the brave flag set, then appends the current day's 25th word from Brave Sync.

func ToMnemonicWithLength ¶

func ToMnemonicWithLength(key *ed25519.PrivateKey, wordCount int, seedPassphrase string, brave bool, birthday uint64) (string, error)

ToMnemonicWithLength takes an ed25519 private key and returns a mnemonic phrase of the specified word count. This is an auxiliary utility function. The generated phrases cannot be used with FromMnemonic to recover the original key if the word count is less than 24.

If seedPassphrase is provided (non-empty), it will be combined with the SSH key seed to add additional entropy: ENTROPY(seed-passphrase) + ENTROPY(ssh-key).

The word count is prepended to the entropy to ensure different word counts generate completely different words, not just truncated versions of the same phrase. Exception: For 24 words (when brave is false), the raw seed is used directly without prepending word count or hashing.

If brave is true, the hash of "brave" is prepended to the entropy (similar to word count) to generate a different set of words.

birthday is a Unix timestamp used as the polyseed creation date for 16-word mnemonics. Use PolyseedEpoch for deterministic output, or 0 for the current time. This parameter is ignored for non-polyseed word counts.

Valid word counts are: 12, 15, 16, 18, 21, or 24. The entropy size is determined by the word count:

• 12 words = 128 bits (16 bytes) - BIP39
• 15 words = 160 bits (20 bytes) - BIP39
• 16 words = 150 bits (19 bytes) - Polyseed format
• 18 words = 192 bits (24 bytes) - BIP39
• 21 words = 224 bits (28 bytes) - BIP39
• 24 words = 256 bits (32 bytes) - BIP39

package main

import (
	"crypto/ed25519"
	"fmt"

	"github.com/complex-gh/seedify"
)

// testKey returns a deterministic Ed25519 key for examples.
// In real usage this would come from an SSH key file.
func testKey() ed25519.PrivateKey {
	seed := make([]byte, ed25519.SeedSize)
	for i := range seed {
		seed[i] = byte(i + 1)
	}
	return ed25519.NewKeyFromSeed(seed)
}

func main() {
	key := testKey()

	mnemonic, err := seedify.ToMnemonicWithLength(&key, 12, "", false, 0)
	if err != nil {
		fmt.Println("error:", err)
		return
	}

	fmt.Println("word count: 12")
	fmt.Println("mnemonic:", mnemonic)
	// Output is deterministic but depends on the key bytes,
	// so we just verify it ran without error.
}

Output:

package main

import (
	"crypto/ed25519"
	"fmt"

	"github.com/complex-gh/seedify"
)

// testKey returns a deterministic Ed25519 key for examples.
// In real usage this would come from an SSH key file.
func testKey() ed25519.PrivateKey {
	seed := make([]byte, ed25519.SeedSize)
	for i := range seed {
		seed[i] = byte(i + 1)
	}
	return ed25519.NewKeyFromSeed(seed)
}

func main() {
	key := testKey()

	mnemonic, err := seedify.ToMnemonicWithLength(&key, 16, "", false, seedify.PolyseedDefaultBirthday)
	if err != nil {
		fmt.Println("error:", err)
		return
	}

	fmt.Println("word count: 16")
	fmt.Println("mnemonic:", mnemonic)
}

Output:

package main

import (
	"crypto/ed25519"
	"fmt"

	"github.com/complex-gh/seedify"
)

// testKey returns a deterministic Ed25519 key for examples.
// In real usage this would come from an SSH key file.
func testKey() ed25519.PrivateKey {
	seed := make([]byte, ed25519.SeedSize)
	for i := range seed {
		seed[i] = byte(i + 1)
	}
	return ed25519.NewKeyFromSeed(seed)
}

func main() {
	key := testKey()

	mnemonic, err := seedify.ToMnemonicWithLength(&key, 24, "", false, 0)
	if err != nil {
		fmt.Println("error:", err)
		return
	}

	fmt.Println("word count: 24")
	fmt.Println("mnemonic:", mnemonic)
}

Output:

package main

import (
	"crypto/ed25519"
	"fmt"

	"github.com/complex-gh/seedify"
)

// testKey returns a deterministic Ed25519 key for examples.
// In real usage this would come from an SSH key file.
func testKey() ed25519.PrivateKey {
	seed := make([]byte, ed25519.SeedSize)
	for i := range seed {
		seed[i] = byte(i + 1)
	}
	return ed25519.NewKeyFromSeed(seed)
}

func main() {
	key := testKey()

	m1, _ := seedify.ToMnemonicWithLength(&key, 24, "", false, 0)
	m2, _ := seedify.ToMnemonicWithLength(&key, 24, "my-secret", false, 0)

	// Different passphrases produce different mnemonics from the same key.
	fmt.Println("same mnemonic:", m1 == m2)
}

Output:
same mnemonic: false

func ToMnemonicWithPrefix ¶

func ToMnemonicWithPrefix(key *ed25519.PrivateKey, wordCount int, seedPassphrase string, prefix string, birthday uint64) (string, error)

ToMnemonicWithPrefix takes an ed25519 private key and returns a mnemonic phrase of the specified word count. It is a generalization of ToMnemonicWithLength that accepts an arbitrary prefix string instead of a boolean brave flag.

If prefix is non-empty, the hash of the prefix string is prepended to the entropy (similar to how the word count is prepended) to generate a completely different set of words. This allows generating distinct seed phrases for different applications (e.g., "brave" for Brave Sync, "wallet" for Brave Wallet).

If seedPassphrase is provided (non-empty), it will be combined with the SSH key seed to add additional entropy: ENTROPY(seed-passphrase) + ENTROPY(ssh-key).

The word count is prepended to the entropy to ensure different word counts generate completely different words, not just truncated versions of the same phrase. Exception: For 24 words (when prefix is empty), the raw seed is used directly without prepending word count or hashing.

birthday is a Unix timestamp used as the polyseed creation date for 16-word mnemonics. Use PolyseedEpoch for deterministic output, or 0 for the current time. This parameter is ignored for non-polyseed word counts.

Valid word counts are: 12, 15, 16, 18, 21, or 24. The entropy size is determined by the word count:

• 12 words = 128 bits (16 bytes) - BIP39
• 15 words = 160 bits (20 bytes) - BIP39
• 16 words = 150 bits (19 bytes) - Polyseed format
• 18 words = 192 bits (24 bytes) - BIP39
• 21 words = 224 bits (28 bytes) - BIP39
• 24 words = 256 bits (32 bytes) - BIP39