Class UnlockedSeedBundle

Represents a seed bundle with access to secret seeds for derivation.

WARNING: Before forgetting about an UnlockedKeyBundle instance, you should probably call the zero function to clear the internal secret data. HOWEVER, being javascript, there is no guarantee we haven't leaked secret data. You may want to consider using the rust library for seed generation and derivation.

Constructors

constructor

Properties

appData secret signPubKey

Methods

derive lock sign zero fromLocked newRandom

Constructors

constructor

  • new UnlockedSeedBundle(secret, appData?): UnlockedSeedBundle

  • You should not use this constructor directly. Use one of:

    • UnlockedKeyBundle.newRandom(appData)
    • UnlockedKeyBundle.fromLocked(encodedBytes) WARNING: see class-level note about zeroing / secrets.

    Parameters

    • secret: PrivSecretBuf

      the secret as a PrivSecretBuf.

    • Optional appData: object

      optional application data.

    Returns UnlockedSeedBundle

    Throws

    will throw an error if the secret is not an instance of PrivSecretBuf.

Properties

appData

appData: object = {}

Private secret

secret: PrivSecretBuf

signPubKey

signPubKey: Uint8Array

Methods

derive

  • derive(subkeyId, appData?): UnlockedSeedBundle

  • Derive a subkey / seed from this seed bundle seed. WARNING: see class-level note about zeroing / secrets.

    Parameters

    • subkeyId: number

      the subkey ID for derivation.

    • Optional appData: object

      optional application data.

    Returns UnlockedSeedBundle

    a new instance of UnlockedSeedBundle.

lock

  • lock(seedCipherList): Uint8Array

  • Encrypt this seed into seed bundle bytes with given seedCipherList - note, all seedCiphers will be zeroed. WARNING: see class-level note about zeroing / secrets.

    Parameters

    • seedCipherList: SeedCipher[]

      an array of SeedCipher instances.

    Returns Uint8Array

    the encoded locked seed bundle as a Uint8Array.

    Throws

    will throw an error if the seedCipherList is not an array or contains invalid elements.

sign

  • sign(message): Uint8Array

  • Signs a message using the secret.

    Parameters

    • message: string | Uint8Array

      the message to sign, either as a Uint8Array or a string.

    Returns Uint8Array

    the signature as a Uint8Array.

zero

  • zero(): void

  • Zero out the internal secret buffers. WARNING: see class-level note about zeroing / secrets.

    Returns void

Static fromLocked

  • fromLocked(encodedBytes): LockedSeedCipher[]

  • Extract the LockedSeedCipher list capable of decrypting an UnlockedSeedBundle from an encrypted SeedBundle. WARNING: see class-level note about zeroing / secrets.

    Parameters

    • encodedBytes: Uint8Array

      the encoded bytes representing the locked seed bundle.

    Returns LockedSeedCipher[]

    an array of LockedSeedCipher instances.

    Throws

    will throw an error if the encoded bytes are invalid.

Static newRandom

  • newRandom(appData?): UnlockedSeedBundle

  • Construct a new completely random root seed with given app / user data. WARNING: see class-level note about zeroing / secrets.

    Parameters

    • Optional appData: object

      optional application data.

    Returns UnlockedSeedBundle

    a new instance of UnlockedSeedBundle.

Settings

Member Visibility

Theme

On This Page

constructorappDatasecretsignPubKeyderivelocksignzerofromLockednewRandom