Documentation
¶
Index ¶
- Variables
- func ChangePassword(keystorePath string, currentPassword, newPassword []byte) error
- func CreateHDWallet(dir string, password []byte, entropyBits int) (address, walletPath string, err error)
- func CreateKeystore(dir string, password []byte) (string, string, error)
- func ExportMnemonic(walletPath string, password []byte) ([]byte, error)
- func GetKeystoreAddress(keystorePath string) (string, error)
- func ImportHDWallet(dir string, mnemonic []byte, password []byte) (address, walletPath string, err error)
- func ImportPrivateKey(dir string, privateKeyHex []byte, password []byte) (string, string, error)
- func IsTerminal() bool
- func ReadPasswordWithConfirm(ctx context.Context, prompt string) ([]byte, error)
- func ReadSecret(ctx context.Context) ([]byte, error)
- func SecureZeroize(data []byte)
- func VerifyHDWalletPassword(walletPath string, password []byte) error
- func VerifyPassword(keystorePath string, password []byte) error
- type HDConfig
- type HDWallet
- type HDWalletFile
- type HDWalletInfo
- type KeystoreInfo
- type SecureBytes
Constants ¶
This section is empty.
Variables ¶
var ( ErrHDWalletAlreadyExists = fmt.Errorf("HD wallet already exists") ErrHDWalletNotFound = fmt.Errorf("HD wallet file not found") ErrHDWalletDecryptFailed = fmt.Errorf("HD wallet decryption failed") ErrHDWalletInvalidVersion = fmt.Errorf("unsupported HD wallet version") ErrMnemonicInvalid = fmt.Errorf("invalid BIP-39 mnemonic") ErrHDWalletClosed = fmt.Errorf("HD wallet is closed") ErrHDDerivationFailed = fmt.Errorf("HD key derivation failed") ErrInvalidDerivationRange = fmt.Errorf("invalid derivation range: start must be less than end") )
var ( // ErrNotTerminal is returned when stdin is not a terminal ErrNotTerminal = errors.New("stdin is not a terminal, cannot read password securely") // ErrPasswordMismatch is returned when password confirmation does not match ErrPasswordMismatch = errors.New("passwords do not match") // ErrEmptyPassword is returned when password is empty ErrEmptyPassword = errors.New("password cannot be empty") // ErrContextCanceled is returned when context is canceled during password reading ErrContextCanceled = errors.New("password reading canceled by context") )
Functions ¶
func ChangePassword ¶
ChangePassword changes the password of an existing keystore file.
Parameters:
- keystorePath: Path to the keystore file
- currentPassword: Current password
- newPassword: New password
Returns:
- error: Any error that occurred
func CreateHDWallet ¶ added in v0.4.0
func CreateHDWallet(dir string, password []byte, entropyBits int) (address, walletPath string, err error)
CreateHDWallet generates a random BIP-39 mnemonic, encrypts its entropy, derives the primary address (index 0), and writes an hdwallet--<address>.json file into dir.
func CreateKeystore ¶
CreateKeystore creates a new keystore with a randomly generated key.
Parameters:
- dir: Directory to store the keystore file (will be created if not exists)
- password: Password to encrypt the keystore
Returns:
- address: The Ethereum address of the new key (0x prefixed)
- path: Full path to the created keystore file
- error: Any error that occurred
func ExportMnemonic ¶ added in v0.4.0
ExportMnemonic decrypts the HD wallet and returns the mnemonic words. The caller is responsible for securely zeroizing the returned bytes.
func GetKeystoreAddress ¶
GetKeystoreAddress reads a keystore file and returns the address without decrypting.
Parameters:
- keystorePath: Path to the keystore file
Returns:
- address: The Ethereum address (0x prefixed, checksummed)
- error: Any error that occurred
func ImportHDWallet ¶ added in v0.4.0
func ImportHDWallet(dir string, mnemonic []byte, password []byte) (address, walletPath string, err error)
ImportHDWallet validates the provided mnemonic, encrypts its entropy, and writes an hdwallet--<address>.json file into dir.
func ImportPrivateKey ¶
ImportPrivateKey imports a hex-encoded private key into a new keystore.
Parameters:
- dir: Directory to store the keystore file (will be created if not exists)
- privateKeyHex: Hex-encoded private key (with or without 0x prefix)
- password: Password to encrypt the keystore
Returns:
- address: The Ethereum address derived from the private key (0x prefixed)
- path: Full path to the created keystore file
- error: Any error that occurred
func ReadPasswordWithConfirm ¶
ReadPasswordWithConfirm reads a password twice for confirmation. Returns error if passwords don't match or if stdin is not a terminal.
func ReadSecret ¶
ReadSecret reads a secret from stdin without echoing, with context support. Returns error if stdin is not a terminal to prevent insecure piping. If context is canceled, it restores terminal state, unblocks the internal ReadPassword goroutine, and waits for it to exit before returning.
func SecureZeroize ¶
func SecureZeroize(data []byte)
SecureZeroize securely erases sensitive data from memory. This function should be called with defer after reading a password.
func VerifyHDWalletPassword ¶ added in v0.4.0
VerifyHDWalletPassword verifies that the password can decrypt the HD wallet without returning any secret material.
func VerifyPassword ¶
VerifyPassword verifies that the password can decrypt the keystore.
Parameters:
- keystorePath: Path to the keystore file
- password: Password to verify
Returns:
- error: nil if password is correct, error otherwise
Types ¶
type HDWallet ¶ added in v0.4.0
type HDWallet struct {
// contains filtered or unexported fields
}
HDWallet derives Ethereum keys from a BIP-39 seed held in memory.
func NewHDWallet ¶ added in v0.4.0
func NewHDWallet(seed []byte, basePath accounts.DerivationPath) (*HDWallet, error)
NewHDWallet constructs an HDWallet from a raw BIP-39 seed and base derivation path.
func OpenHDWallet ¶ added in v0.4.0
OpenHDWallet decrypts an HD wallet file and returns an HDWallet ready for key derivation.
func (*HDWallet) DeriveAddress ¶ added in v0.4.0
DeriveAddress derives the Ethereum address at basePath/index.
func (*HDWallet) DeriveAddresses ¶ added in v0.4.0
DeriveAddresses batch-derives addresses for indices [start, end).
type HDWalletFile ¶ added in v0.4.0
type HDWalletFile struct {
Version int `json:"version"`
PrimaryAddress string `json:"primary_address"`
Mnemonic keystore.CryptoJSON `json:"mnemonic"`
HDConfig HDConfig `json:"hd_config"`
}
HDWalletFile represents the encrypted HD wallet file on disk.
type HDWalletInfo ¶ added in v0.4.0
HDWalletInfo contains non-secret HD wallet metadata readable without decryption.
func GetHDWalletInfo ¶ added in v0.4.0
func GetHDWalletInfo(walletPath string) (*HDWalletInfo, error)
GetHDWalletInfo reads HD wallet metadata without requiring a password.
func ListHDWallets ¶ added in v0.4.0
func ListHDWallets(dir string) ([]HDWalletInfo, error)
ListHDWallets scans dir for HD wallet files and returns their metadata.
type KeystoreInfo ¶
KeystoreInfo contains information about a keystore file.
func ListKeystores ¶
func ListKeystores(dir string) ([]KeystoreInfo, error)
ListKeystores lists all keystore files in a directory.
Parameters:
- dir: Directory to scan for keystore files
Returns:
- []KeystoreInfo: List of keystores found
- error: Any error that occurred
type SecureBytes ¶ added in v0.4.0
type SecureBytes struct {
// contains filtered or unexported fields
}
SecureBytes wraps sensitive byte data with zeroization support.
func NewSecureBytes ¶ added in v0.4.0
func NewSecureBytes(data []byte) *SecureBytes
NewSecureBytes creates a SecureBytes from a copy of data.
func (*SecureBytes) Bytes ¶ added in v0.4.0
func (sb *SecureBytes) Bytes() []byte
Bytes returns a copy of the underlying data.
func (*SecureBytes) Zeroize ¶ added in v0.4.0
func (sb *SecureBytes) Zeroize()
Zeroize overwrites the data with zeros.
Source Files