bitcoin-encrypted-backup 0.0.1

Bitcoin Encrypted Backup
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

Command-line tool & Rust crate that lets you **encrypt descriptors (or arbitrary
data)** with a set of **public** keys (or xpubs) and later decrypt when **at least
one** of them is physically present—either via a local file containing the key or
automatically fetched from a signing device.
Devices are **not mandatory**; you can use the tool completely off-device.

## CLI

```
$ beb --help
Usage: beb <COMMAND>

Commands:
  encrypt  Encrypt some descriptor
  decrypt  Decrypt an encrypted descriptor with a given xpub
  help     Print this message or the help of the given subcommand(s)

Options:
  -h, --help     Print help
  -V, --version  Print version
```
```
$ beb encrypt --help
Encrypt some descriptor

Usage: beb encrypt [OPTIONS]

Options:
  -f, --file <FILE>      Input file containing the descriptor
  -o, --output <OUTPUT>  Optional output to encrypted descriptor
  -h, --help             Print help

```
```
$ beb decrypt --help
Decrypt an encrypted descriptor with a given xpub

Usage: beb decrypt [OPTIONS]

Options:
  -f, --file <FILE>      Input file to be decrypted
  -k, --key <KEY>        The key containing a xpub
  -o, --output <OUTPUT>  Optional decrypted descriptor
  -h, --help             Print help

```

Note: if a signing device supported by
[`async-hwi`](https://github.com/wizardsardine/async-hwi) is connected and unlocked,
the CLI will automatically try to fetch a set of xpubs from it.

## Library usage

### Encryption
```rust
let descriptor = Descriptor::<DescriptorPublicKey>::from_str("<descriptor
string>").unwrap();
let backp = EncryptedBackup::new().set_payload(&descriptor).unwrap();
let encrypted_blob = backp.encrypt().unwrap();
```

### Decryption
```rust

let encrypted_blob: Vec<u8> = vec![/* your encrypted descriptor*/];
let key = DescriptorPublicKey::from_str("<your xpub>").unwrap();
let descriptor = EncryptedBackup::new()
    .set_encrypted_payload(&encrypted_blob)
    .unwrap()
    .set_keys(vec![key])
    .decrypt()
    .unwrap();
```

## Features

| Feature flag        | Default | Description                                           |
|---------------------|---------|-------------------------------------------------------|
| `miniscript_12_0`   || Compile against `miniscript` v0.12.0                  |
| `miniscript_12_3_5` || Compile against `miniscript` v0.12.3.5                |
| `miniscript_latest` || Alias for `miniscript_12_3_5`                         |
| `devices`           || Enable automatic enumeration of signing devices.      |
| `tokio`             || Pull in `tokio` runtime used by the `devices`feature. |


Note: the `devices` feature uses
[`async-hwi`](https://github.com/wizardsardine/async-hwi) crate, see
[there](https://github.com/wizardsardine/async-hwi) for supported signing devices.