rustywallet-mnemonic 0.2.0

BIP39 mnemonic (seed phrase) generation and management for cryptocurrency wallets
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

//! Seed derivation from mnemonic using PBKDF2.

use crate::error::MnemonicError;
use crate::mnemonic::Mnemonic;
use hmac::Hmac;
use pbkdf2::pbkdf2;
use sha2::Sha512;
use std::fmt;
use zeroize::Zeroizing;

/// 512-bit seed derived from mnemonic.
///
/// The seed is derived using PBKDF2-HMAC-SHA512 with 2048 iterations.
/// The seed bytes are zeroized on drop.
///
/// # Example
///
/// ```
/// use rustywallet_mnemonic::{Mnemonic, Seed};
///
/// let phrase = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
/// let mnemonic = Mnemonic::from_phrase(phrase).unwrap();
///
/// // Derive seed with passphrase
/// let seed = Seed::new(&mnemonic, "TREZOR");
/// assert_eq!(seed.as_bytes().len(), 64);
///
/// // Derive seed without passphrase
/// let seed_no_pass = Seed::new(&mnemonic, "");
/// ```
pub struct Seed {
    bytes: Zeroizing<[u8; 64]>,
}

impl Seed {
    /// Create a new seed from mnemonic and passphrase.
    ///
    /// Uses PBKDF2-HMAC-SHA512 with 2048 iterations.
    /// Salt is "mnemonic" + passphrase.
    pub fn new(mnemonic: &Mnemonic, passphrase: &str) -> Self {
        let phrase = mnemonic.to_phrase();
        let salt = format!("mnemonic{}", passphrase);

        let mut seed = [0u8; 64];
        pbkdf2::<Hmac<Sha512>>(phrase.as_bytes(), salt.as_bytes(), 2048, &mut seed)
            .expect("PBKDF2 should not fail with valid parameters");

        Self {
            bytes: Zeroizing::new(seed),
        }
    }

    /// Get the seed bytes.
    pub fn as_bytes(&self) -> &[u8; 64] {
        &self.bytes
    }

    /// Derive a private key from the seed.
    ///
    /// Takes the first 32 bytes of the seed as the private key.
    pub fn to_private_key(&self) -> Result<rustywallet_keys::private_key::PrivateKey, MnemonicError> {
        let key_bytes: [u8; 32] = self.bytes[..32]
            .try_into()
            .expect("Slice is exactly 32 bytes");

        rustywallet_keys::private_key::PrivateKey::from_bytes(key_bytes)
            .map_err(|_| MnemonicError::InvalidPrivateKey)
    }

    /// Get seed as hex string.
    pub fn to_hex(&self) -> String {
        self.bytes
            .iter()
            .map(|b| format!("{:02x}", b))
            .collect()
    }
}

impl fmt::Debug for Seed {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(f, "Seed(****)")
    }
}

impl Clone for Seed {
    fn clone(&self) -> Self {
        Self {
            bytes: Zeroizing::new(*self.bytes),
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_bip39_test_vector() {
        // BIP39 test vector
        let phrase = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
        let mnemonic = Mnemonic::from_phrase(phrase).unwrap();
        let seed = Seed::new(&mnemonic, "TREZOR");

        let expected = "c55257c360c07c72029aebc1b53c05ed0362ada38ead3e3e9efa3708e53495531f09a6987599d18264c1e1c92f2cf141630c7a3c4ab7c81b2f001698e7463b04";
        assert_eq!(seed.to_hex(), expected);
    }

    #[test]
    fn test_seed_length() {
        let phrase = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
        let mnemonic = Mnemonic::from_phrase(phrase).unwrap();
        let seed = Seed::new(&mnemonic, "");
        assert_eq!(seed.as_bytes().len(), 64);
    }

    #[test]
    fn test_different_passphrase_different_seed() {
        let phrase = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
        let mnemonic = Mnemonic::from_phrase(phrase).unwrap();

        let seed1 = Seed::new(&mnemonic, "");
        let seed2 = Seed::new(&mnemonic, "password");

        assert_ne!(seed1.as_bytes(), seed2.as_bytes());
    }

    #[test]
    fn test_debug_masked() {
        let phrase = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
        let mnemonic = Mnemonic::from_phrase(phrase).unwrap();
        let seed = Seed::new(&mnemonic, "");

        let debug = format!("{:?}", seed);
        assert_eq!(debug, "Seed(****)");
    }

    #[test]
    fn test_to_private_key() {
        let phrase = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
        let mnemonic = Mnemonic::from_phrase(phrase).unwrap();
        let seed = Seed::new(&mnemonic, "");

        let private_key = seed.to_private_key();
        assert!(private_key.is_ok());
    }
}