Skip to main content

Module registered

zip32

Module registered 

Source
Expand description

Registered key derivation.

In the context of a particular application protocol defined by a ZIP, there is sometimes a need to define an HD subtree that will not collide with keys derived for other protocols, as far as that is possible to assure by following the ZIP process.

Within this subtree, the application protocol may use derivation paths related to those used for existing key material — for example, to derive an account-level key. The instantiation of the hardened key derivation framework in this module may be used for this purpose.

It is strongly RECOMMENDED that implementors ensure that documentation of the usage and derivation paths of the application protocol’s key tree in the corresponding ZIP is substantially complete, before public deployment of software or hardware using this mechanism. The ZIP process allows for subsequent updates and corrections.

The functionality of this module is similar to that of the zip32::arbitrary module, with the following improvements:

  • The key tree is associated with the ZIP that should document it, and cannot collide with the tree for any other ZIP.
  • Child indices may include byte sequence tags.
  • A 64-bit cryptovalue can be derived at the same path as any node in the tree, without any cryptographic unsafety.

The keys derived by the functions in this module will be unrelated to any keys derived by functions in the zip32::arbitrary module, even if the same context string and seed are used.

Defined in ZIP 32: Registered key derivation.

Structs§

PathElement
A ZIP 32 registered key derivation path element, consisting of a child index and an optionally-empty tag value.
SecretKey
A registered extended secret key.

Enums§

DerivationError
An error that occurred in cryptovalue derivation.

Functions§

cryptovalue_from_subpath
Derives a 64-byte cryptovalue (for use as key material for example), for a registered application protocol at the given non-empty subpath from the given seed. Each subpath element may consist of an index and a (possibly empty) tag.