cardano_sdk/wallet/

standard.rs

//! Standard Cardano HD Wallet
//!
//! Based on HD stuff
//!
//! H(entropy) --- 1852' --- 1815' --- root-key --- 0' --- account-key --- type (0,1,2) --- keys
//!
use crate::chain::Ed25519KeyHash;
use crate::crypto::key::*;
use std::collections::BTreeMap;
use thiserror::*;

use bip39_dict::{Entropy, Mnemonics, ENGLISH};

/// "Standard" Wallet for cardano.
///
pub struct StandardWallet {
    account_key: HDPublicKey,
    spending: PublicKeys,
    changing: PublicKeys,
    staking: PublicKeys,
}

pub struct StandardWalletKeys {
    top_key: HDKey,
    root_key: HDKey,
    account_key: HDKey,
    spending: SecretKeys,
    changing: SecretKeys,
    staking: SecretKeys,
}

pub struct PublicKeys {
    #[allow(unused)]
    hdkey: HDPublicKey,
    pub latest: u32,
    #[allow(unused)]
    generated: Vec<(u32, Ed25519PublicKey, Ed25519KeyHash)>,
    hash_to_idx: BTreeMap<Ed25519KeyHash, u32>,
}

pub struct SecretKeys {
    hdkey: HDKey,
    generated: Vec<(u32, Ed25519ExtendedKey)>,
}

#[derive(Error, Debug)]
pub enum WalletError {
    #[error("mnemonics error {0}")]
    MnemonicsError(#[from] bip39_dict::MnemonicError),
    #[error("entropy error {0}")]
    EntropyError(#[from] bip39_dict::EntropyError),
    #[error("unknown words count {0}")]
    UnknownWordCount(usize),
}

const INDEX_SPENDING: Bip32Index = Bip32Index::soft(0);
const INDEX_CHANGING: Bip32Index = Bip32Index::soft(1);
const INDEX_STAKING: Bip32Index = Bip32Index::soft(2);

/// Get the top key of a standard HD wallet deriving the slowed hash entropy
fn words_to_top_key(words: &str, password: &[u8]) -> Result<HDKey, WalletError> {
    let nb_words = words.chars().filter(|c| *c == ' ').count() + 1;
    match nb_words {
        24 => {
            let mnemonics = Mnemonics::<24>::from_string(&ENGLISH, words).unwrap();
            let entropy = Entropy::<32>::from_mnemonics::<24, 8>(&mnemonics).unwrap();
            Ok(HDKey::from_bip39_entropy(&entropy.as_ref(), password))
        }
        21 => {
            let mnemonics = Mnemonics::<21>::from_string(&ENGLISH, words).unwrap();
            let entropy = Entropy::<28>::from_mnemonics::<21, 7>(&mnemonics).unwrap();
            Ok(HDKey::from_bip39_entropy(&entropy.as_ref(), password))
        }
        18 => {
            let mnemonics = Mnemonics::<18>::from_string(&ENGLISH, words).unwrap();
            let entropy = Entropy::<24>::from_mnemonics::<18, 6>(&mnemonics).unwrap();
            Ok(HDKey::from_bip39_entropy(&entropy.as_ref(), password))
        }
        15 => {
            let mnemonics = Mnemonics::<15>::from_string(&ENGLISH, words).unwrap();
            let entropy = Entropy::<20>::from_mnemonics::<15, 5>(&mnemonics).unwrap();
            Ok(HDKey::from_bip39_entropy(&entropy.as_ref(), password))
        }
        12 => {
            let mnemonics = Mnemonics::<12>::from_string(&ENGLISH, words).unwrap();
            let entropy = Entropy::<16>::from_mnemonics::<12, 4>(&mnemonics).unwrap();
            Ok(HDKey::from_bip39_entropy(&entropy.as_ref(), password))
        }
        _ => Err(WalletError::UnknownWordCount(nb_words)),
    }
}

/// Get the root key of a standard HD wallet deriving the slowed hash entropy with 2 hard derivations
/// with index 1852 and then index 1815.
#[allow(dead_code)]
pub(crate) fn words_to_root_key(words: &str, password: &[u8]) -> Result<HDKey, WalletError> {
    let top_key = words_to_top_key(words, password)?;
    let root_key = top_key
        .bip32_derive(Bip32Index::hard(1852))
        .bip32_derive(Bip32Index::hard(1815));
    Ok(root_key)
}

impl SecretKeys {
    pub fn new(hdkey: HDKey, lookahead: u32) -> Self {
        let generated = (0..lookahead)
            .map(|i| (i, hdkey.bip32_derive(Bip32Index::soft(i)).strip_hd()))
            .collect();

        Self { hdkey, generated }
    }

    pub fn to_public(&self) -> PublicKeys {
        let hdkey = self.hdkey.to_public();
        let generated = self
            .generated
            .iter()
            .map(|(i, k)| {
                let k = k.to_public();
                let h = k.hash();
                (*i, k, h)
            })
            .collect::<Vec<_>>();

        let hash_to_idx = generated.iter().map(|(i, _, h)| (h.clone(), *i)).collect();
        let latest = generated.iter().map(|(i, _, _)| *i).max().unwrap();

        PublicKeys {
            hdkey,
            latest,
            generated,
            hash_to_idx,
        }
    }
}

impl PublicKeys {
    pub fn new(hdkey: HDPublicKey, lookahead: u32) -> Self {
        let generated = (0..lookahead)
            .map(|i| {
                let key = hdkey.bip32_derive(Bip32Index::soft(i)).strip_hd();
                let key_hash = key.hash();
                (i, key, key_hash)
            })
            .collect::<Vec<_>>();
        let hash_to_idx = generated.iter().map(|(i, _, h)| (h.clone(), *i)).collect();
        let latest = generated.iter().map(|(i, _, _)| *i).max().unwrap();

        Self {
            hdkey,
            latest,
            generated,
            hash_to_idx,
        }
    }
}

impl StandardWalletKeys {
    /// Create a standard wallet private parts from a set of english BIP39 words (12, 15, 18, 21, 24)
    /// and a password
    pub fn from_words(words: &str, password: &[u8]) -> Result<Self, WalletError> {
        let top_key = words_to_top_key(words, password)?;
        let root_key = top_key
            .bip32_derive(Bip32Index::hard(1852))
            .bip32_derive(Bip32Index::hard(1815));
        let account_key = root_key.bip32_derive(Bip32Index::hard(0));

        let spending_gen_key = account_key.bip32_derive(INDEX_SPENDING);
        let changing_gen_key = account_key.bip32_derive(INDEX_CHANGING);
        let staking_gen_key = account_key.bip32_derive(INDEX_STAKING);

        Ok(Self {
            top_key,
            root_key,
            account_key,
            spending: SecretKeys::new(spending_gen_key, 10),
            changing: SecretKeys::new(changing_gen_key, 10),
            staking: SecretKeys::new(staking_gen_key, 10),
        })
    }

    pub fn to_public(&self) -> StandardWallet {
        StandardWallet {
            account_key: self.account_key.to_public(),
            spending: self.spending.to_public(),
            changing: self.changing.to_public(),
            staking: self.staking.to_public(),
        }
    }

    pub fn top_key(&self) -> &HDKey {
        &self.top_key
    }

    pub fn root_key(&self) -> &HDKey {
        &self.root_key
    }

    pub fn account_key(&self) -> &HDKey {
        &self.account_key
    }
}

impl StandardWallet {
    pub fn from_public_account_key(
        account_key: HDPublicKey,
        index_spend: u32,
        index_change: u32,
        index_staking: u32,
    ) -> Self {
        let spending_gen_key = account_key.bip32_derive(INDEX_SPENDING);
        let changing_gen_key = account_key.bip32_derive(INDEX_CHANGING);
        let staking_gen_key = account_key.bip32_derive(INDEX_STAKING);

        Self {
            account_key,
            spending: PublicKeys::new(spending_gen_key, index_spend),
            changing: PublicKeys::new(changing_gen_key, index_change),
            staking: PublicKeys::new(staking_gen_key, index_staking),
        }
    }

    pub fn account_key(&self) -> &HDPublicKey {
        &self.account_key
    }

    pub fn indexes(&self) -> (u32, u32, u32) {
        (
            self.spending.latest,
            self.changing.latest,
            self.staking.latest,
        )
    }

    pub fn match_credential(&self, h: &Ed25519KeyHash) -> Option<(u32, bool)> {
        match self.spending.hash_to_idx.get(&h) {
            None => match self.changing.hash_to_idx.get(&h) {
                None => None,
                Some(idx) => Some((*idx, true)),
            },
            Some(idx) => Some((*idx, false)),
        }
    }

    /*
    pub fn outputs_find_match<'a>(
        &self,
        txhash: &TxHash,
        tx_outputs: &'a TransactionOutputs,
    ) -> Vec<Matched<'a, ()>> {
        let mut found = Vec::new();

        let mut match_credential =
            |tx_idx, txo, h: &Ed25519KeyHash| match self.spending.hash_to_idx.get(&h) {
                None => match self.changing.hash_to_idx.get(&h) {
                    None => {}
                    Some(idx) => found.push(Matched {
                        tx_body_hash: txhash.clone(),
                        tx_idx,
                        tx_output: txo,
                        key_index: *idx,
                        change: true,
                    }),
                },
                Some(idx) => found.push(Matched {
                    tx_body_hash: txhash.clone(),
                    tx_idx,
                    tx_output: txo,
                    key_index: *idx,
                    change: false,
                }),
            };

        for (tx_idx, txo) in tx_outputs.iter_indexed() {
            let address = match txo {
                TransactionOutput::V1(s) => &s.address,
                TransactionOutput::V2(s) => &s.address,
            };
            match Address::from_bytes(address.as_ref()) {
                Err(_) => (),
                Ok(Address::Entreprise(_, payment)) => match &payment {
                    Credential::Key(h) => match_credential(tx_idx, txo, h),
                    Credential::Script(_) => {}
                },
                Ok(Address::Base(Base {
                    network: _,
                    payment,
                    stake: _,
                })) => match &payment {
                    Credential::Key(h) => match_credential(tx_idx, txo, h),
                    Credential::Script(_) => {
                        todo!()
                    }
                },
                Ok(addr) => {
                    println!("unsupported address {:?}", addr)
                }
            }
        }
        found
    }
    */
}

#[cfg(test)]
mod tests {
    use super::super::address::*;
    use crate::chaininfo::ChainInfo;
    use crate::crypto::key::*;

    fn root_key_15() -> HDKey {
        // art forum devote street sure rather head chuckle guard poverty release quote oak craft enemy
        let entropy = [
            0x0c, 0xcb, 0x74, 0xf3, 0x6b, 0x7d, 0xa1, 0x64, 0x9a, 0x81, 0x44, 0x67, 0x55, 0x22,
            0xd4, 0xd8, 0x09, 0x7c, 0x64, 0x12,
        ];
        HDKey::from_bip39_entropy(&entropy, &[])
    }

    #[test]
    fn bip32_15_base() {
        // value from https://github.com/Emurgo/cardano-serialization-lib/blob/master/rust/src/address.rs#L837
        // for interop purpose
        let top = root_key_15()
            .bip32_derive(Bip32Index::hard(1852))
            .bip32_derive(Bip32Index::hard(1815));

        let spend_key = top
            .bip32_derive(Bip32Index::hard(0))
            .bip32_derive(Bip32Index::soft(0))
            .bip32_derive(Bip32Index::soft(0));
        let stake_key = top
            .bip32_derive(Bip32Index::hard(0))
            .bip32_derive(Bip32Index::soft(2))
            .bip32_derive(Bip32Index::soft(0));

        let spend_pk = spend_key.to_public();
        let stake_pk = stake_key.to_public();

        let spend_cred = Credential::Key(spend_pk.hash());
        let stake_cred = Credential::Key(stake_pk.hash());

        let addr_net_0 = Address::Base(Base {
            network: ChainInfo::TESTNET.network_id,
            payment: spend_cred.clone(),
            stake: stake_cred.clone(),
        });
        assert_eq!(addr_net_0.serialize().to_bech32(ChainInfo::TESTNET.bech32_hrp_address), "addr_test1qpu5vlrf4xkxv2qpwngf6cjhtw542ayty80v8dyr49rf5ewvxwdrt70qlcpeeagscasafhffqsxy36t90ldv06wqrk2qum8x5w");

        let addr_net_3 = Address::Base(Base {
            network: ChainInfo::MAINNET.network_id,
            payment: spend_cred,
            stake: stake_cred,
        });
        assert_eq!(addr_net_3.serialize().to_bech32(ChainInfo::MAINNET.bech32_hrp_address), "addr1q9u5vlrf4xkxv2qpwngf6cjhtw542ayty80v8dyr49rf5ewvxwdrt70qlcpeeagscasafhffqsxy36t90ldv06wqrk2qld6xc3");
    }
}