Documentation
¶
Index ¶
- Variables
- func ChangeEnhancedKeyPassword(keystorePath string, currentPassword, newPassword []byte) error
- func ChangePassword(keystorePath string, currentPassword, newPassword []byte) error
- func CreateEnhancedKey(dir string, keyType KeyType, password []byte, label string) (identifier, path string, err error)
- func CreateHDWallet(dir string, password []byte, entropyBits int) (address, walletPath string, err error)
- func CreateKeystore(dir string, password []byte) (string, string, error)
- func ExportEnhancedKey(keystorePath string, password []byte, format KeyFormat) ([]byte, error)
- func ExportMnemonic(walletPath string, password []byte) ([]byte, error)
- func ExportNativeKey(keystorePath string, password []byte) ([]byte, error)
- func FormatKeyOutput(keyBytes []byte, format KeyFormat, keyType KeyType) ([]byte, error)
- func GetKeystoreAddress(keystorePath string) (string, error)
- func ImportEnhancedKey(dir string, input []byte, keyType KeyType, format KeyFormat, password []byte, ...) (identifier, path string, err error)
- func ImportHDWallet(dir string, mnemonic []byte, password []byte) (address, walletPath string, err error)
- func ImportPrivateKey(dir string, privateKeyHex []byte, password []byte) (string, string, error)
- func IsEnhancedKeyFile(filePath string) bool
- func IsTerminal() bool
- func ParseKeyInput(input []byte, format KeyFormat, keyType KeyType) ([]byte, error)
- func ReadPasswordWithConfirm(ctx context.Context, prompt string) ([]byte, error)
- func ReadSecret(ctx context.Context) ([]byte, error)
- func SecureZeroize(data []byte)
- func ValidateKeyBytes(keyBytes []byte, keyType KeyType) error
- func VerifyEnhancedKeyPassword(keystorePath string, password []byte) error
- func VerifyHDWalletPassword(walletPath string, password []byte) error
- func VerifyPassword(keystorePath string, password []byte) error
- type EnhancedKeyFile
- type EnhancedKeyInfo
- type HDConfig
- type HDWallet
- type HDWalletFile
- type HDWalletInfo
- type KeyFormat
- type KeyType
- type KeystoreInfo
- type SecureBytes
Constants ¶
This section is empty.
Variables ¶
var ( ErrHDWalletAlreadyExists = fmt.Errorf("HD wallet already exists") ErrHDWalletNotFound = fmt.Errorf("HD wallet file not found") ErrHDWalletDecryptFailed = fmt.Errorf("HD wallet decryption failed") ErrHDWalletInvalidVersion = fmt.Errorf("unsupported HD wallet version") ErrMnemonicInvalid = fmt.Errorf("invalid BIP-39 mnemonic") ErrHDWalletClosed = fmt.Errorf("HD wallet is closed") ErrHDDerivationFailed = fmt.Errorf("HD key derivation failed") ErrInvalidDerivationRange = fmt.Errorf("invalid derivation range: start must be less than end") )
var ( // ErrNotTerminal is returned when stdin is not a terminal ErrNotTerminal = errors.New("stdin is not a terminal, cannot read password securely") // ErrPasswordMismatch is returned when password confirmation does not match ErrPasswordMismatch = errors.New("passwords do not match") // ErrEmptyPassword is returned when password is empty ErrEmptyPassword = errors.New("password cannot be empty") // ErrContextCanceled is returned when context is canceled during password reading ErrContextCanceled = errors.New("password reading canceled by context") )
Functions ¶
func ChangeEnhancedKeyPassword ¶ added in v0.5.0
ChangeEnhancedKeyPassword changes the password of an enhanced key file.
func ChangePassword ¶
ChangePassword changes the password of an existing keystore file.
Parameters:
- keystorePath: Path to the keystore file
- currentPassword: Current password
- newPassword: New password
Returns:
- error: Any error that occurred
func CreateEnhancedKey ¶ added in v0.5.0
func CreateEnhancedKey(dir string, keyType KeyType, password []byte, label string) (identifier, path string, err error)
CreateEnhancedKey creates a new enhanced key of the given type.
func CreateHDWallet ¶ added in v0.4.0
func CreateHDWallet(dir string, password []byte, entropyBits int) (address, walletPath string, err error)
CreateHDWallet generates a random BIP-39 mnemonic, encrypts its entropy, derives the primary address (index 0), and writes an hdwallet--<address>.json file into dir.
func CreateKeystore ¶
CreateKeystore creates a new keystore with a randomly generated key.
Parameters:
- dir: Directory to store the keystore file (will be created if not exists)
- password: Password to encrypt the keystore
Returns:
- address: The Ethereum address of the new key (0x prefixed)
- path: Full path to the created keystore file
- error: Any error that occurred
func ExportEnhancedKey ¶ added in v0.5.0
ExportEnhancedKey decrypts and exports a key in the given format.
func ExportMnemonic ¶ added in v0.4.0
ExportMnemonic decrypts the HD wallet and returns the mnemonic words. The caller is responsible for securely zeroizing the returned bytes.
func ExportNativeKey ¶ added in v0.5.0
ExportNativeKey decrypts a native go-ethereum keystore and returns the raw private key bytes.
func FormatKeyOutput ¶ added in v0.5.0
FormatKeyOutput formats raw key bytes into the given format.
func GetKeystoreAddress ¶
GetKeystoreAddress reads a keystore file and returns the address without decrypting.
Parameters:
- keystorePath: Path to the keystore file
Returns:
- address: The Ethereum address (0x prefixed, checksummed)
- error: Any error that occurred
func ImportEnhancedKey ¶ added in v0.5.0
func ImportEnhancedKey(dir string, input []byte, keyType KeyType, format KeyFormat, password []byte, label string) (identifier, path string, err error)
ImportEnhancedKey imports a key from the given input and format.
func ImportHDWallet ¶ added in v0.4.0
func ImportHDWallet(dir string, mnemonic []byte, password []byte) (address, walletPath string, err error)
ImportHDWallet validates the provided mnemonic, encrypts its entropy, and writes an hdwallet--<address>.json file into dir.
func ImportPrivateKey ¶
ImportPrivateKey imports a hex-encoded private key into a new keystore.
Parameters:
- dir: Directory to store the keystore file (will be created if not exists)
- privateKeyHex: Hex-encoded private key (with or without 0x prefix)
- password: Password to encrypt the keystore
Returns:
- address: The Ethereum address derived from the private key (0x prefixed)
- path: Full path to the created keystore file
- error: Any error that occurred
func IsEnhancedKeyFile ¶ added in v0.5.0
IsEnhancedKeyFile checks if the given file is an enhanced key file by reading its JSON.
func ParseKeyInput ¶ added in v0.5.0
ParseKeyInput parses raw key bytes from the given format.
func ReadPasswordWithConfirm ¶
ReadPasswordWithConfirm reads a password twice for confirmation. Returns error if passwords don't match or if stdin is not a terminal.
func ReadSecret ¶
ReadSecret reads a secret from stdin without echoing, with context support. Returns error if stdin is not a terminal to prevent insecure piping. If context is canceled, it restores terminal state, unblocks the internal ReadPassword goroutine, and waits for it to exit before returning.
func SecureZeroize ¶
func SecureZeroize(data []byte)
SecureZeroize securely erases sensitive data from memory. This function should be called with defer after reading a password.
func ValidateKeyBytes ¶ added in v0.5.0
ValidateKeyBytes checks if the raw key bytes are valid for the given key type. It also validates compatibility with secp256k1 curve order since we use go-ethereum's EncryptDataV3 which stores arbitrary bytes, but we proactively check so that the key could also be loaded via the native ECDSA path if needed.
func VerifyEnhancedKeyPassword ¶ added in v0.5.0
VerifyEnhancedKeyPassword verifies password can decrypt the enhanced key.
func VerifyHDWalletPassword ¶ added in v0.4.0
VerifyHDWalletPassword verifies that the password can decrypt the HD wallet without returning any secret material.
func VerifyPassword ¶
VerifyPassword verifies that the password can decrypt the keystore.
Parameters:
- keystorePath: Path to the keystore file
- password: Password to verify
Returns:
- error: nil if password is correct, error otherwise
Types ¶
type EnhancedKeyFile ¶ added in v0.5.0
type EnhancedKeyFile struct {
Version int `json:"version"`
KeyType KeyType `json:"key_type"`
Identifier string `json:"identifier"`
Crypto ethkeystore.CryptoJSON `json:"crypto"`
Label string `json:"label,omitempty"`
}
EnhancedKeyFile represents the encrypted enhanced key file on disk.
type EnhancedKeyInfo ¶ added in v0.5.0
EnhancedKeyInfo contains metadata readable without decryption.
func GetEnhancedKeyInfo ¶ added in v0.5.0
func GetEnhancedKeyInfo(keystorePath string) (*EnhancedKeyInfo, error)
GetEnhancedKeyInfo reads enhanced key metadata without decryption.
func ListEnhancedKeys ¶ added in v0.5.0
func ListEnhancedKeys(dir string) ([]EnhancedKeyInfo, error)
ListEnhancedKeys lists all enhanced key files in a directory.
type HDWallet ¶ added in v0.4.0
type HDWallet struct {
// contains filtered or unexported fields
}
HDWallet derives Ethereum keys from a BIP-39 seed held in memory.
func NewHDWallet ¶ added in v0.4.0
func NewHDWallet(seed []byte, basePath accounts.DerivationPath) (*HDWallet, error)
NewHDWallet constructs an HDWallet from a raw BIP-39 seed and base derivation path.
func OpenHDWallet ¶ added in v0.4.0
OpenHDWallet decrypts an HD wallet file and returns an HDWallet ready for key derivation.
func (*HDWallet) DeriveAddress ¶ added in v0.4.0
DeriveAddress derives the Ethereum address at basePath/index.
func (*HDWallet) DeriveAddresses ¶ added in v0.4.0
DeriveAddresses batch-derives addresses for indices [start, end).
type HDWalletFile ¶ added in v0.4.0
type HDWalletFile struct {
Version int `json:"version"`
PrimaryAddress string `json:"primary_address"`
Mnemonic keystore.CryptoJSON `json:"mnemonic"`
HDConfig HDConfig `json:"hd_config"`
}
HDWalletFile represents the encrypted HD wallet file on disk.
type HDWalletInfo ¶ added in v0.4.0
HDWalletInfo contains non-secret HD wallet metadata readable without decryption.
func GetHDWalletInfo ¶ added in v0.4.0
func GetHDWalletInfo(walletPath string) (*HDWalletInfo, error)
GetHDWalletInfo reads HD wallet metadata without requiring a password.
func ListHDWallets ¶ added in v0.4.0
func ListHDWallets(dir string) ([]HDWalletInfo, error)
ListHDWallets scans dir for HD wallet files and returns their metadata.
type KeyFormat ¶ added in v0.5.0
type KeyFormat string
KeyFormat represents the input/output format for private keys.
type KeyType ¶ added in v0.5.0
type KeyType string
KeyType represents the type of cryptographic key.
type KeystoreInfo ¶
KeystoreInfo contains information about a keystore file.
func ListKeystores ¶
func ListKeystores(dir string) ([]KeystoreInfo, error)
ListKeystores lists all keystore files in a directory.
Parameters:
- dir: Directory to scan for keystore files
Returns:
- []KeystoreInfo: List of keystores found
- error: Any error that occurred
type SecureBytes ¶ added in v0.4.0
type SecureBytes struct {
// contains filtered or unexported fields
}
SecureBytes wraps sensitive byte data with zeroization support.
func NewSecureBytes ¶ added in v0.4.0
func NewSecureBytes(data []byte) *SecureBytes
NewSecureBytes creates a SecureBytes from a copy of data.
func (*SecureBytes) Bytes ¶ added in v0.4.0
func (sb *SecureBytes) Bytes() []byte
Bytes returns a copy of the underlying data.
func (*SecureBytes) Zeroize ¶ added in v0.4.0
func (sb *SecureBytes) Zeroize()
Zeroize overwrites the data with zeros.
Source Files