Safe Haskell | None |
---|---|
Language | Haskell98 |
This package provides the elliptic curve cryptography required for creating and validating bitcoin transactions. It also provides SHA-256 and RIPEMD-160 hashing functions; as well as mnemonic keys from BIP-0039.
- type PubKey = PubKeyI Generic
- type PubKeyC = PubKeyI Compressed
- type PubKeyU = PubKeyI Uncompressed
- makePubKey :: PubKey -> PubKey
- makePubKeyG :: Bool -> PubKey -> PubKey
- makePubKeyC :: PubKey -> PubKeyC
- makePubKeyU :: PubKey -> PubKeyU
- toPubKeyG :: PubKeyI c -> PubKey
- eitherPubKey :: PubKeyI c -> Either PubKeyU PubKeyC
- maybePubKeyC :: PubKeyI c -> Maybe PubKeyC
- maybePubKeyU :: PubKeyI c -> Maybe PubKeyU
- derivePubKey :: PrvKeyI c -> PubKeyI c
- pubKeyAddr :: Serialize (PubKeyI c) => PubKeyI c -> Address
- tweakPubKeyC :: PubKeyC -> Hash256 -> Maybe PubKeyC
- type PrvKey = PrvKeyI Generic
- type PrvKeyC = PrvKeyI Compressed
- type PrvKeyU = PrvKeyI Uncompressed
- makePrvKey :: SecKey -> PrvKey
- makePrvKeyG :: Bool -> SecKey -> PrvKey
- makePrvKeyC :: SecKey -> PrvKeyC
- makePrvKeyU :: SecKey -> PrvKeyU
- toPrvKeyG :: PrvKeyI c -> PrvKey
- eitherPrvKey :: PrvKeyI c -> Either PrvKeyU PrvKeyC
- maybePrvKeyC :: PrvKeyI c -> Maybe PrvKeyC
- maybePrvKeyU :: PrvKeyI c -> Maybe PrvKeyU
- encodePrvKey :: PrvKeyI c -> ByteString
- decodePrvKey :: (SecKey -> PrvKeyI c) -> ByteString -> Maybe (PrvKeyI c)
- prvKeyPutMonad :: PrvKeyI c -> Put
- prvKeyGetMonad :: (SecKey -> PrvKeyI c) -> Get (PrvKeyI c)
- fromWif :: ByteString -> Maybe PrvKey
- toWif :: PrvKeyI c -> ByteString
- tweakPrvKeyC :: PrvKeyC -> Hash256 -> Maybe PrvKeyC
- type SecretT m = StateT (SecretState m) m
- withSource :: Monad m => (Int -> m ByteString) -> SecretT m a -> m a
- getEntropy :: Int -> IO ByteString
- genPrvKey :: Monad m => SecretT m PrvKey
- data Signature
- signMsg :: Hash256 -> PrvKeyI c -> Signature
- verifySig :: Hash256 -> Signature -> PubKeyI c -> Bool
- isCanonicalHalfOrder :: Signature -> Bool
- decodeDerSig :: ByteString -> Maybe Signature
- decodeStrictSig :: ByteString -> Maybe Signature
- data CheckSum32
- data Hash512
- data Hash256
- data Hash160
- bsToCheckSum32 :: ByteString -> Maybe CheckSum32
- bsToHash512 :: ByteString -> Maybe Hash512
- bsToHash256 :: ByteString -> Maybe Hash256
- bsToHash160 :: ByteString -> Maybe Hash160
- checkSum32 :: ByteString -> CheckSum32
- hash512 :: ByteString -> Hash512
- hash256 :: ByteString -> Hash256
- hash160 :: ByteString -> Hash160
- sha1 :: ByteString -> Hash160
- doubleHash256 :: ByteString -> Hash256
- hmac512 :: ByteString -> ByteString -> Hash512
- hmac256 :: ByteString -> ByteString -> Hash256
- split512 :: Hash512 -> (Hash256, Hash256)
- join512 :: (Hash256, Hash256) -> Hash512
- data Address
- = PubKeyAddress {
- getAddrHash :: !Hash160
- | ScriptAddress {
- getAddrHash :: !Hash160
- = PubKeyAddress {
- base58ToAddr :: ByteString -> Maybe Address
- addrToBase58 :: Address -> ByteString
- encodeBase58 :: ByteString -> ByteString
- decodeBase58 :: ByteString -> Maybe ByteString
- encodeBase58Check :: ByteString -> ByteString
- decodeBase58Check :: ByteString -> Maybe ByteString
- type Entropy = ByteString
- type Mnemonic = ByteString
- type Passphrase = ByteString
- type Seed = ByteString
- toMnemonic :: Entropy -> Either String Mnemonic
- mnemonicToSeed :: Passphrase -> Mnemonic -> Either String Seed
- type KeyIndex = Word32
- type ChainCode = Hash256
- data XPrvKey = XPrvKey {}
- makeXPrvKey :: ByteString -> XPrvKey
- xPrvIsHard :: XPrvKey -> Bool
- xPrvChild :: XPrvKey -> KeyIndex
- xPrvID :: XPrvKey -> Hash160
- xPrvFP :: XPrvKey -> Word32
- xPrvExport :: XPrvKey -> ByteString
- xPrvImport :: ByteString -> Maybe XPrvKey
- xPrvWif :: XPrvKey -> ByteString
- data XPubKey = XPubKey {}
- deriveXPubKey :: XPrvKey -> XPubKey
- xPubIsHard :: XPubKey -> Bool
- xPubChild :: XPubKey -> KeyIndex
- xPubID :: XPubKey -> Hash160
- xPubFP :: XPubKey -> Word32
- xPubAddr :: XPubKey -> Address
- xPubExport :: XPubKey -> ByteString
- xPubImport :: ByteString -> Maybe XPubKey
- prvSubKey :: XPrvKey -> KeyIndex -> XPrvKey
- pubSubKey :: XPubKey -> KeyIndex -> XPubKey
- hardSubKey :: XPrvKey -> KeyIndex -> XPrvKey
- prvSubKeys :: XPrvKey -> KeyIndex -> [(XPrvKey, KeyIndex)]
- pubSubKeys :: XPubKey -> KeyIndex -> [(XPubKey, KeyIndex)]
- hardSubKeys :: XPrvKey -> KeyIndex -> [(XPrvKey, KeyIndex)]
- deriveAddr :: XPubKey -> KeyIndex -> (Address, PubKeyC)
- deriveAddrs :: XPubKey -> KeyIndex -> [(Address, PubKeyC, KeyIndex)]
- deriveMSAddr :: [XPubKey] -> Int -> KeyIndex -> (Address, RedeemScript)
- deriveMSAddrs :: [XPubKey] -> Int -> KeyIndex -> [(Address, RedeemScript, KeyIndex)]
- data DerivPathI t where
- (:|) :: HardOrGeneric t => !(DerivPathI t) -> !KeyIndex -> DerivPathI t
- (:/) :: GenericOrSoft t => !(DerivPathI t) -> !KeyIndex -> DerivPathI t
- Deriv :: DerivPathI t
- type DerivPath = DerivPathI Generic
- type HardPath = DerivPathI Hard
- type SoftPath = DerivPathI Soft
- derivePath :: DerivPathI t -> XPrvKey -> XPrvKey
- derivePubPath :: SoftPath -> XPubKey -> XPubKey
- toHard :: DerivPathI t -> Maybe HardPath
- toSoft :: DerivPathI t -> Maybe SoftPath
- toGeneric :: DerivPathI t -> DerivPath
- (++/) :: DerivPathI t1 -> DerivPathI t2 -> DerivPath
- pathToStr :: DerivPathI t -> String
- data XKey
- = XPrv {
- getXPrvKey :: !XPrvKey
- | XPub {
- getXPubKey :: !XPubKey
- = XPrv {
- data ParsedPath
- = ParsedPrv { }
- | ParsedPub { }
- | ParsedEmpty { }
- parsePath :: String -> Maybe ParsedPath
- parseHard :: String -> Maybe HardPath
- parseSoft :: String -> Maybe SoftPath
- applyPath :: ParsedPath -> XKey -> Either String XKey
- derivePathAddr :: XPubKey -> SoftPath -> KeyIndex -> (Address, PubKeyC)
- derivePathAddrs :: XPubKey -> SoftPath -> KeyIndex -> [(Address, PubKeyC, KeyIndex)]
- derivePathMSAddr :: [XPubKey] -> SoftPath -> Int -> KeyIndex -> (Address, RedeemScript)
- derivePathMSAddrs :: [XPubKey] -> SoftPath -> Int -> KeyIndex -> [(Address, RedeemScript, KeyIndex)]
Elliptic Curve Keys
Public Keys
type PubKey = PubKeyI Generic Source #
Elliptic curve public key type. Two constructors are provided for creating compressed and uncompressed public keys from a Point. The use of compressed keys is preferred as it produces shorter keys without compromising security. Uncompressed keys are supported for backwards compatibility.
makePubKey :: PubKey -> PubKey Source #
makePubKeyC :: PubKey -> PubKeyC Source #
makePubKeyU :: PubKey -> PubKeyU Source #
derivePubKey :: PrvKeyI c -> PubKeyI c Source #
pubKeyAddr :: Serialize (PubKeyI c) => PubKeyI c -> Address Source #
Computes an Address
from a public key
Private Keys
makePrvKey :: SecKey -> PrvKey Source #
makePrvKeyC :: SecKey -> PrvKeyC Source #
makePrvKeyU :: SecKey -> PrvKeyU Source #
encodePrvKey :: PrvKeyI c -> ByteString Source #
Serialize private key as 32-byte big-endian ByteString
decodePrvKey :: (SecKey -> PrvKeyI c) -> ByteString -> Maybe (PrvKeyI c) Source #
Deserialize private key as 32-byte big-endian ByteString
prvKeyPutMonad :: PrvKeyI c -> Put Source #
fromWif :: ByteString -> Maybe PrvKey Source #
Decodes a private key from a WIF encoded ByteString
. This function can
fail if the input string does not decode correctly as a base 58 string or if
the checksum fails.
http://en.bitcoin.it/wiki/Wallet_import_format
toWif :: PrvKeyI c -> ByteString Source #
Encodes a private key into WIF format
ECDSA
SecretT Monad
The SecretT
monad is a monadic wrapper around HMAC DRBG
(deterministic random byte generator) using SHA-256. The specification is
defined in
http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf. The
SecretT
monad is used to generate random private keys.
type SecretT m = StateT (SecretState m) m Source #
StateT monad stack tracking the internal state of HMAC DRBG
pseudo random number generator using SHA-256. The SecretT
monad is
run with the withSource
function by providing it a source of entropy.
withSource :: Monad m => (Int -> m ByteString) -> SecretT m a -> m a Source #
Run a SecretT
monad by providing it a source of entropy. You can
use getEntropy
or provide your own entropy source function.
getEntropy :: Int -> IO ByteString #
Get a specific number of bytes of cryptographically secure random data using the system-specific facilities.
Use RDRAND if available and XOR with '/dev/urandom' on *nix and CryptAPI when on Windows. In short, this entropy is considered cryptographically secure but not true entropy.
Signatures
Elliptic curve cryptography standards are defined in http://www.secg.org/sec1-v2.pdf
Data type representing an ECDSA signature.
isCanonicalHalfOrder :: Signature -> Bool Source #
decodeDerSig :: ByteString -> Maybe Signature Source #
Hash functions
data CheckSum32 Source #
bsToHash512 :: ByteString -> Maybe Hash512 Source #
bsToHash256 :: ByteString -> Maybe Hash256 Source #
bsToHash160 :: ByteString -> Maybe Hash160 Source #
checkSum32 :: ByteString -> CheckSum32 Source #
Computes a 32 bit checksum.
hash512 :: ByteString -> Hash512 Source #
Compute SHA-512.
hash256 :: ByteString -> Hash256 Source #
Compute SHA-256.
hash160 :: ByteString -> Hash160 Source #
Compute RIPEMD-160.
sha1 :: ByteString -> Hash160 Source #
Compute SHA1
doubleHash256 :: ByteString -> Hash256 Source #
Compute two rounds of SHA-256.
hmac512 :: ByteString -> ByteString -> Hash512 Source #
Computes HMAC over SHA-512.
hmac256 :: ByteString -> ByteString -> Hash256 Source #
Computes HMAC over SHA-256.
Base58 and Addresses
Data type representing a Bitcoin address
PubKeyAddress | Public Key Hash Address |
| |
ScriptAddress | Script Hash Address |
|
base58ToAddr :: ByteString -> Maybe Address Source #
Decodes an Address from a base58 encoded String. This function can fail if the String is not properly encoded as base58 or the checksum fails.
addrToBase58 :: Address -> ByteString Source #
Transforms an Address into a base58 encoded String
encodeBase58 :: ByteString -> ByteString Source #
Encode a ByteString
to a base 58 representation.
decodeBase58 :: ByteString -> Maybe ByteString Source #
Decode a base58-encoded ByteString
. This can fail if the input
ByteString
contains invalid base58 characters such as 0, O, l, I.
encodeBase58Check :: ByteString -> ByteString Source #
Computes a checksum for the input ByteString
and encodes the input and
the checksum to a base58 representation.
decodeBase58Check :: ByteString -> Maybe ByteString Source #
Decode a base58-encoded string that contains a checksum. This function
returns Nothing
if the input string contains invalid base58 characters or
if the checksum fails.
Mnemonic keys (BIP-0039)
type Entropy = ByteString Source #
type Mnemonic = ByteString Source #
type Passphrase = ByteString Source #
type Seed = ByteString Source #
toMnemonic :: Entropy -> Either String Mnemonic Source #
Provide intial entropy as a ByteString
of length multiple of 4 bytes.
Output a mnemonic sentence.
mnemonicToSeed :: Passphrase -> Mnemonic -> Either String Seed Source #
Get a 512-bit seed from a mnemonic sentence. Will calculate checksum. Passphrase can be used to protect the mnemonic. Use an empty string as passphrase if none is required.
Extended Keys
Extended Private Keys
Data type representing an extended BIP32 private key. An extended key is a node in a tree of key derivations. It has a depth in the tree, a parent node and an index to differentiate it from other siblings.
makeXPrvKey :: ByteString -> XPrvKey Source #
Build a BIP32 compatible extended private key from a bytestring. This will produce a root node (depth=0 and parent=0).
xPrvIsHard :: XPrvKey -> Bool Source #
Returns True if the extended private key was derived through a hard derivation.
xPrvChild :: XPrvKey -> KeyIndex Source #
Returns the derivation index of this extended private key without the hard bit set.
xPrvExport :: XPrvKey -> ByteString Source #
Exports an extended private key to the BIP32 key export format (base 58).
xPrvImport :: ByteString -> Maybe XPrvKey Source #
Decodes a BIP32 encoded extended private key. This function will fail if invalid base 58 characters are detected or if the checksum fails.
xPrvWif :: XPrvKey -> ByteString Source #
Export an extended private key to WIF (Wallet Import Format).
Extended Public Keys
Data type representing an extended BIP32 public key.
deriveXPubKey :: XPrvKey -> XPubKey Source #
Derive an extended public key from an extended private key. This function will preserve the depth, parent, index and chaincode fields of the extended private keys.
xPubIsHard :: XPubKey -> Bool Source #
Returns True if the extended public key was derived through a hard derivation.
xPubChild :: XPubKey -> KeyIndex Source #
Returns the derivation index of this extended public key without the hard bit set.
xPubExport :: XPubKey -> ByteString Source #
Exports an extended public key to the BIP32 key export format (base 58).
xPubImport :: ByteString -> Maybe XPubKey Source #
Decodes a BIP32 encoded extended public key. This function will fail if invalid base 58 characters are detected or if the checksum fails.
Child key derivations
:: XPrvKey | Extended parent private key |
-> KeyIndex | Child derivation index |
-> XPrvKey | Extended child private key |
Compute a private, soft child key derivation. A private soft derivation will allow the equivalent extended public key to derive the public key for this child. Given a parent key m and a derivation index i, this function will compute m/i/.
Soft derivations allow for more flexibility such as read-only wallets. However, care must be taken not the leak both the parent extended public key and one of the extended child private keys as this would compromise the extended parent private key.
:: XPubKey | Extended Parent public key |
-> KeyIndex | Child derivation index |
-> XPubKey | Extended child public key |
Compute a public, soft child key derivation. Given a parent key M and a derivation index i, this function will compute M/i/.
:: XPrvKey | Extended Parent private key |
-> KeyIndex | Child derivation index |
-> XPrvKey | Extended child private key |
Compute a hard child key derivation. Hard derivations can only be computed for private keys. Hard derivations do not allow the parent public key to derive the child public keys. However, they are safer as a breach of the parent public key and child private keys does not lead to a breach of the parent private key. Given a parent key m and a derivation index i, this function will compute m/i'/.
prvSubKeys :: XPrvKey -> KeyIndex -> [(XPrvKey, KeyIndex)] Source #
Cyclic list of all private soft child key derivations of a parent key starting from an offset index.
pubSubKeys :: XPubKey -> KeyIndex -> [(XPubKey, KeyIndex)] Source #
Cyclic list of all public soft child key derivations of a parent key starting from an offset index.
hardSubKeys :: XPrvKey -> KeyIndex -> [(XPrvKey, KeyIndex)] Source #
Cyclic list of all hard child key derivations of a parent key starting from an offset index.
Address derivations
deriveAddr :: XPubKey -> KeyIndex -> (Address, PubKeyC) Source #
Derive an address from a public key and an index. The derivation type is a public, soft derivation.
deriveAddrs :: XPubKey -> KeyIndex -> [(Address, PubKeyC, KeyIndex)] Source #
Cyclic list of all addresses derived from a public key starting from an offset index. The derivation types are public, soft derivations.
deriveMSAddr :: [XPubKey] -> Int -> KeyIndex -> (Address, RedeemScript) Source #
Derive a multisig address from a list of public keys, the number of required signatures (m) and a derivation index. The derivation type is a public, soft derivation.
deriveMSAddrs :: [XPubKey] -> Int -> KeyIndex -> [(Address, RedeemScript, KeyIndex)] Source #
Cyclic list of all multisig addresses derived from a list of public keys, a number of required signatures (m) and starting from an offset index. The derivation type is a public, soft derivation.
Derivation paths
data DerivPathI t where Source #
Data type representing a derivation path. Two constructors are provided for specifying soft or hard derivations. The path 01'/2 for example can be expressed as Deriv : 0 :| 1 : 2. The HardOrGeneric and GenericOrSoft type classes are used to constrain the valid values for the phantom type t. If you mix hard (:|) and soft (:/) paths, the only valid type for t is Generic. Otherwise, t can be Hard if you only have hard derivation or Soft if you only have soft derivations.
Using this type is as easy as writing the required derivation like in these example: Deriv : 0 : 1 :/ 2 :: SoftPath Deriv :| 0 :| 1 :| 2 :: HardPath Deriv :| 0 : 1 : 2 :: DerivPath
(:|) :: HardOrGeneric t => !(DerivPathI t) -> !KeyIndex -> DerivPathI t | |
(:/) :: GenericOrSoft t => !(DerivPathI t) -> !KeyIndex -> DerivPathI t | |
Deriv :: DerivPathI t |
type DerivPath = DerivPathI Generic Source #
type HardPath = DerivPathI Hard Source #
type SoftPath = DerivPathI Soft Source #
derivePath :: DerivPathI t -> XPrvKey -> XPrvKey Source #
Derive a private key from a derivation path
derivePubPath :: SoftPath -> XPubKey -> XPubKey Source #
Derive a public key from a soft derivation path
toGeneric :: DerivPathI t -> DerivPath Source #
(++/) :: DerivPathI t1 -> DerivPathI t2 -> DerivPath Source #
Append two derivation paths together. The result will be a mixed derivation path.
pathToStr :: DerivPathI t -> String Source #
Derivation path parsing
XPrv | |
| |
XPub | |
|
parsePath :: String -> Maybe ParsedPath Source #
Parse derivation path string for extended key. Forms: “m0'2”, “M23/4”.
applyPath :: ParsedPath -> XKey -> Either String XKey Source #
Apply a parsed path to an extended key to derive the new key defined in the path. If the path starts with m/, a private key will be returned and if the path starts with M/, a public key will be returned. Private derivations on a public key, and public derivations with a hard segment, return an error value.
Custom path address derivations
derivePathAddr :: XPubKey -> SoftPath -> KeyIndex -> (Address, PubKeyC) Source #
Derive an address from a given parent path.
derivePathAddrs :: XPubKey -> SoftPath -> KeyIndex -> [(Address, PubKeyC, KeyIndex)] Source #
Cyclic list of all addresses derived from a given parent path and starting from the given offset index.
derivePathMSAddr :: [XPubKey] -> SoftPath -> Int -> KeyIndex -> (Address, RedeemScript) Source #
Derive a multisig address from a given parent path. The number of required signatures (m in m of n) is also needed.
derivePathMSAddrs :: [XPubKey] -> SoftPath -> Int -> KeyIndex -> [(Address, RedeemScript, KeyIndex)] Source #
Cyclic list of all multisig addresses derived from a given parent path and starting from the given offset index. The number of required signatures (m in m of n) is also needed.