Library and CLI tool for generating Radix Babylon Accounts.

Overview

Wallet Compatible Derivation

This repo is a package containing two crates - a library named wallet_compatible_derivation and binary named wallet_compatible_derivation_cli.

Important

You are responsible for retaining sole possession and ownership of, and for securing the mnemonics (seed phrase(s)) you use with this software.

You are responsible for reading the Security and License sections of this README respectively to understand the risks of using this software.

This software created Radix Babylon account address from hierarchical deterministic key pairs, derived using wallet compatible derivation paths which are compatible with the Radix Wallet available on iOS and Android. This means that the same (KeyPair, Address) tuples, contiguously, will be created by this software and the Radix Wallet software, for any given (Mnemonic, BIP-39 Passphrase, NetworkID) triple as input. Or in other words, given Mnemonic M and no BIP-39 passphrase, if the Radix Wallet will create account A, B, C at indices 0, 1 and 2, so will this software.

In order to stay compatible with the Radix Wallet, this software requires 24 words mnemonics, and to be fully compatible, do not use any BIP-39 passphrase (use an empty string).

The cryptographic curve used is Curve25519 (again, just like the Radix Wallet), and derivation scheme is SLIP-10 - and extension of BIP-32 made to support other curves than "the Bitcoin curve". The derivation path scheme is inspired by BIP-44, but is more advanced (see AccountPath for details), and is built for maximum key isolation, for security.

Address derivation is using the Radix-Engine-Toolkit.

Make sure to read the Security section below for security details.

wallet_compatible_derivation library

Here is a short example of how to use the library:

extern crate wallet_compatible_derivation;
use wallet_compatible_derivation::prelude::*;

// Create an hierarchical deterministic derivation path.
let path = AccountPath::new(
	&NetworkID::Mainnet, // Mainnet or Stokenet (testnet)
	0 // Account Index, 0 is first.
);

// 24 word BIP-39 English mnemonic
let mnemonic: Mnemonic24Words = "bright club bacon dinner achieve pull grid save ramp cereal blush woman humble limb repeat video sudden possible story mask neutral prize goose mandate".parse().unwrap();

// Derive Babylon Radix account...
let account = Account::derive(
	&mnemonic, 
	"radix", // BIP-39 passphrase (can be empty string)
	&path
);

// ... containing the Account Address
assert_eq!(account.address, "account_rdx12yy8n09a0w907vrjyj4hws2yptrm3rdjv84l9sr24e3w7pk7nuxst8");

// ... and its private key, public key, ....
assert_eq!(account.private_key.to_hex(), "cf52dbc7bb2663223e99fb31799281b813b939440a372d0aa92eb5f5b8516003");

// continue with next index, `1` to derive next account
let path_of_next_account = AccountPath::new(
	&NetworkID::Mainnet,
	1 // `1` comes after `0` (breaking news!)
);
let second_account = Account::derive(
	&mnemonic, 
	"radix",
	&path_of_next_account
);
// Next address...
assert_eq!(second_account.address, "account_rdx129a9wuey40lducsf6yu232zmzk5kscpvnl6fv472r0ja39f3hced69");

wallet_compatible_derivation_cli binary

wallet_compatible_derivation_cli is a CLI tool (binary) for derivation of keys and account addresses from a Mnemonic ("Seed Phrase"), optional BIP-39 passphrase, network id and an account index.

The wallet_compatible_derivation_cli binary uses the wallet_compatible_derivation library.

The CLI tool can be run in two different modes:

  • Run without "pager", where the arguments are provided directly, like the cat command. Whilst convenient, this mode is ☣️ particularly UNSAFE ☣️, because sensitives inputs such as the mnemonic, and outputs such as the private keys, are stored in your shell history. We advise against using this mode for mnemonics protecting assets.
  • Run with "pager", where the arguments are passed through a prompt, and outputs shown inside the application, like less. This is the default mode, and although inputs/outputs are not stored in the shell history, be warned that sensitive details may still live in memory of the terminal/application.

pager

The pager mode is the preferred mode of wallet_compatible_derivation_cli binary since history is not stored in plaintext, it is an interactive tool asking for input while being run (similar to gh auth login), instead of passing input using arguments, therefore the input will not be part of your shell history. The output of the binary is shown in a pager, just like less and when the pager is quit, the output is not part of your shell history. Be warned that sensitive details may still live in the memory of the terminal/application.

wallet_compatible_derivation_cli pager --include-private-key

Since pager is the default mode, you can omit it, and just run:

wallet_compatible_derivation_cli --include-private-key

The --include-private-key is optional, and when specified the output will display the private keys of each derived account. Since you are running in pager, those private keys are not part of your shell history.

Demo

demo_pager

no-pager

Important

In this mode, your mnemonic and your derived keys will be present in your shell's command history and output. ONLY use this for mnemonics and accounts you really do not care about.

wallet_compatible_derivation_cli --include-private-key no-pager \
--mnemonic  "zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo vote" \
--passphrase "secret" \
--network "mainnet" \
--start 100 \
--count 7

Omit --include-private-key if you don't want to print out the private keys of the derived accounts.

Help

wallet_compatible_derivation_cli no-pager --help

Installation

Easiest way to install the wallet_compatible_derivation_cli binary is to install Rust, and run this one liner:

cargo install --git https://github.com/radixdlt/wallet-compatible-derivation

Security

Important

Beware of key-loggers or spyware running on your machine! This software does not protect against any key-logging malware your computer might be infected with.

Even in pager mode, you are asked to type in your mnemonic and if your computer is infected by a key-logger malware you might lose all your funds. In either mode, spyware may be able to read secrets out of the memory of the terminal application.

Future iterations of this software might implement an interactive "picker" of characters/words in randomized order to allow safe input of your mnemonic, but there is no planned release date for such a few feature.

All sensitive types of the wallet_compatible_derivation library implement the traits ZeroizeOnDrop and Zeroize part of the zeroize crate meaning that the secrets are "zeroed out"/wiped when dropped, ensuring that those secrets are not kept around in memory.

The wallet_compatible_derivation_cli explicitly zeroize the mnemonic you input and all private keys, derivation paths and account addresses it derives. See for example the main function here.

Important

Use of Zeroize on secrets inside this library cannot ensure the secrets are wiped from other applications on your machine. Calling applications or terminals may keep their own copies of the input/output in memory, or they may be on your clipboard or in shell history if you use no-pager mode.

License

The wallet-compatible-derivation code is released under Radix Modified MIT License.

Copyright 2023 Radix Publishing Limited

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software for non-production informational and educational purposes without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

This notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE HAS BEEN CREATED AND IS PROVIDED FOR NON-PRODUCTION, INFORMATIONAL AND EDUCATIONAL PURPOSES ONLY. 

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ERROR-FREE PERFORMANCE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES, COSTS OR OTHER LIABILITY OF ANY NATURE WHATSOEVER, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE, MISUSE OR OTHER DEALINGS IN THE SOFTWARE. THE AUTHORS SHALL OWE NO DUTY OF CARE OR FIDUCIARY DUTIES TO USERS OF THE SOFTWARE. 
You might also like...
Kubernetes controller written in Rust for automatically generating and updating secrets

Kubernetes controller written in Rust for automatically generating and updating secrets

Common protocol for generating ZK proofs for blocks on different blockchains.

Proof Protocol Decoder A flexible protocol that clients (eg. full nodes) can use to easily generate block proofs for different chains. Specification I

Ethereum key tool - Lightweight CLI tool to deal with ETH keys written in rust

ekt - Etherum Key Tool ekt is a lightweight tool to generate ethereum keys and addresses. Installation Either clone it and run it with cargo or instal

An automated CLI tool that optimizes gas usage in Solidity smart contracts, focusing on storage and function call efficiency.

Solidity-Gas-Optimizoor An high performance automated CLI tool that optimizes gas usage in Solidity smart contracts, focusing on storage and function

CLI tool written in Rust which can be used to generate hashes

rustgenhash rustgenhash is a tool to generate hashes on the commandline from stdio. It can be used to generate single or multiple hashes for usage in

Steggy CLI Tool - hides data within the least significant bit of an image
Steggy CLI Tool - hides data within the least significant bit of an image

Written in Rust, features a simple cli and a client-side webapp. This tool hides data within the least significant bit of an image. Obfuscation techniques are utilized to make the

A mini CLI tool to detect secrets & credentials in source code
A mini CLI tool to detect secrets & credentials in source code

Fencer Fencer is a mini-CLI tool that can used to scan various kind of secrets/credentials that are hardcoded into a project source code files Feature

An easy-to-use CLI tool to recover files from zfs snapshots

zfs-undelete an easy-to-use cli tool to recover files from zfs snapshots Usage Use zfs-undelete file-to-restore. Works for file and folders. By defa

Built for Perpetual Protocol v2 Curie on Optimism chain. This CLI tool was built with Rust.
Built for Perpetual Protocol v2 Curie on Optimism chain. This CLI tool was built with Rust.

Perpetual Protocol CLI for Perp v2 Curie This tool is to provide a simple, fast and efficient way to interact Perpetual Protocol contracts from your t

Owner
Radix DLT
Radix DLT
CLI tool for deterministically building and verifying executable against on-chain programs or buffer accounts

Solana Verify CLI A command line tool to build and verify solana programs. Users can ensure that the hash of the on-chain program matches the hash of

Ellipsis Labs 5 Jan 30, 2023
Tool written in Rust to perform Password Spraying attacks against Azure/Office 365 accounts

AzurePasswordSprayer Tool written in Rust to perform Password Spraying attacks against Azure/Office 365 accounts. It is multi threaded and makes no co

Pierre 7 Feb 27, 2024
hello-world geyser plugin to stream accounts and transactions from a solana node

src/lib.rs: entrypoint src/plugin.rs: main plugin code to run: cargo build && solana-test-validator -r --geyser-plugin-config config.json note: make s

null 4 Nov 18, 2022
An easily deployable service to monitor mission-critical SPL token accounts

Vault watcher Monitoring critical spl-token accounts in real time Table of contents Introduction Usage Configuration Configuration examples Grafana In

null 21 Nov 29, 2022
Allows deploying modules to Aptos under resource accounts.

Aptos Deployer Module containing helpers for deploying resource accounts. Resource accounts allow the module to sign as itself on-chain, which is usef

Deploy DAO 6 Oct 31, 2022
Anchor Design of contract - Accounts, Parameters

MarketplaceDesign Anchor Design of contract - Accounts, Parameters Main Instructions are Initialize ListForSale AcceptOffer CancelList MakeOffer Cance

James Johnson 8 Sep 1, 2022
A fast, simple and powerful open-source cross platform utility tool for generating strong, unique and random passwords

password-generator-pro A fast, simple and powerful open-source cross platform utility tool for generating strong, unique and random passwords. Feature

Sebastien Rousseau 3 Dec 16, 2022
Lockbox is a command-line tool for generating and managing passwords

Lockbox is a command-line tool for generating and managing passwords. It uses strong encryption algorithms to securely store your passwords, so you can be sure that your data is safe.

Sonu Bardai 15 Oct 9, 2023
tool for generating wordlists or extending an existing one using mutations.

gorilla gorilla is the ultimate wordlist tool packing a lot of amazing utilities like: building wordlists based on patterns (like crunch) building wor

andrei 348 Jan 3, 2023
A Rust library for generating cryptocurrency wallets

Table of Contents 1. Overview 2. Build Guide 2.1 Install Rust 2.2a Build from Homebrew 2.2b Build from Crates.io 2.2c Build from Source Code 3. Usage

Aleo 552 Dec 29, 2022