spark_rust/signer/traits/

derivation_path.rs

//! Key derivation path handling for Spark wallet.
//!
//! This module implements the key derivation scheme for the Spark wallet, following
//! BIP43 conventions with a custom purpose identifier. The scheme is structured as:
//!
//! - Identity key: m/8797555'/account'/0'
//! - Base signing key: m/8797555'/account'/1'
//! - Temporary signing key: m/8797555'/account'/2'
//!
//! For leaf keys, an additional index is derived from the leaf ID:
//! - Leaf key: m/8797555'/account'/1'/hash(leaf_id)'
//!
//! The purpose value 8797555 is derived as the last 3 bytes of sha256("spark") in decimal (863d73).
//!
//! All indices use hardened derivation (denoted by the apostrophe) for enhanced security.
//! Account indices should start from 0.
//!
//! # WARNING
//!
//! Implementing this trait with non-standard derivation paths will make your wallet
//! incompatible with the Spark ecosystem. Only implement this trait if you fully understand
//! the consequences and are intentionally creating a non-standard wallet.

use crate::error::SparkSdkError;

use bitcoin::{
    bip32::ChildNumber,
    secp256k1::{PublicKey, SecretKey},
    Network,
};

/// Represents a BIP32 derivation path for wallet keys.
///
/// This struct wraps a vector of `ChildNumber` values that define a complete
/// derivation path for HD wallet keys. It provides convenience methods for
/// formatting and accessing the path components.
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct SparkDerivationPath(pub(crate) Vec<ChildNumber>);

impl std::ops::Deref for SparkDerivationPath {
    type Target = Vec<ChildNumber>;

    fn deref(&self) -> &Self::Target {
        &self.0
    }
}

impl std::fmt::Display for SparkDerivationPath {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        let mut output = String::new();

        // Only add the "m/" prefix for paths with more than one element
        // For single-element paths (like leaf indices), don't add the prefix
        if self.0.len() > 1 {
            output.push('m');
        }

        // Format each child number in the path
        for (i, child_number) in self.0.iter().enumerate() {
            // Only add slash if it's not the first element or if we have the m/ prefix
            if i > 0 || self.0.len() > 1 {
                output.push('/');
            }

            // Get the index value
            let index = match child_number {
                ChildNumber::Hardened { index } => index,
                ChildNumber::Normal { index } => index,
            };

            // Write the index
            output.push_str(&index.to_string());

            // Add apostrophe for hardened indices
            if child_number.is_hardened() {
                output.push('\'');
            }
        }

        write!(f, "{}", output)
    }
}

/// Key types for Spark wallet.
///
/// Each key type corresponds to a specific path in the hierarchical deterministic
/// wallet structure, with the path format: m/8797555'/account'/key_type'
///
/// - Identity key (type 0): Used for wallet identity purposes
/// - Base signing key (type 1): Used as the basis for leaf keys
/// - Temporary signing key (type 2): Used for deposit/temporary operations
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum SparkKeyType {
    /// Identity key with path m/8797555'/account'/0'
    Identity,

    /// Base signing key with path m/8797555'/account'/1'
    BaseSigning,

    /// Temporary signing key with path m/8797555'/account'/2'
    TemporarySigning,
}

pub trait SparkSignerDerivationPath {
    /// Derives the deposit signing key for the user. In Spark, currently users always have a single deposit key, derived deterministically from their seed.
    fn get_deposit_signing_key(&self, network: Network) -> Result<PublicKey, SparkSdkError>;

    /// Derives a Spark key for the specified key type, account, and optionally leaf ID. If the leaf ID is not provided, the function uses the identity.
    fn derive_spark_key(
        leaf_id: Option<String>,
        account: u32,
        seed_bytes: &[u8],
        key_type: SparkKeyType,
        network: Network,
    ) -> Result<SecretKey, SparkSdkError>;

    /// Returns the derivation path for the identity key.
    fn get_identity_derivation_path(
        account_index: u32,
    ) -> Result<SparkDerivationPath, SparkSdkError>;
}