302 lines (200 loc) · 14.6 KB

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

10.1.1

Changed

Further optimise performance of getting public keys (#218)
Tweak precompute window size for secp256k1 (#217)
- This can improve performance on some devices.

10.1.0

Added

Add fromSeed function to SLIP10Node, BIP44Node, BIP44CoinTypeNode (#212)
- This is only supported for secp256k1 and ed25519 at the moment.

Changed

Optimise performance of getting public keys (#213)
- Public keys are now re-used when possible, or lazily computed otherwise.
Tweak precompute window size for ed25519 (#209)
- This can improve performance on some devices.

10.0.2

Changed

Bump @metamask/utils from ^10.0.1 to ^11.0.1 (#205)

10.0.1

Fixed

Export CryptographicFunctions type (#202)

10.0.0

Added

Add network property to SLIP10Node, BIP44Node, and BIP44CoinTypeNode (#200)
- The network property is only used to determine which BIP-32 extended key version to use.
- For backwards compatibility, the property is optional, and defaults to mainnet.
Add option for custom cryptographic functions (#197)
- It's now possible to specify custom functions (hmacSha512 and pbkdf2Sha512) to improve performance.
Add extendedKey property to SLIP10Node (#196)
- This property can only be accessed on SLIP10Nodes using secp256k1.

Changed

BREAKING: Bump minimum Node version to 18.20 (#198)
Use WebCrypto API if available (#197)
Bump @metamask/utils from 9.0.0 to 9.3.0 (#191)

9.1.2

Changed

Bump @metamask/utils from ^8.3.0 to ^9.0.0 (#181)

9.1.1

Fixed

Fix ESM imports (#177)

9.1.0

Added

Add support for Cardano key derivation according to CIP3-Icarus (#158, #170, #171, #172)
Export getBIP44CoinTypeToAddressPathTuple function (#173)

Changed

Replace @noble/ed25519 and @noble/secp256k1 with @noble/curves (#154)
Bump several MetaMask dependencies (#151, #165, #167)

9.0.0

Changed

BREAKING: Disallow importing from ./dist paths (#147)
Export mnemonicPhraseToBytes and createBip39KeyFromSeed (#149)

Fixed

Add support for Node.js with ESM (#147)
Remove postinstall script (#146)
- This caused installation to fail.

8.0.0

Changed

BREAKING: Build the package as both CJS and ESM (#140)
- Distribution files have been moved from dist to dist/cjs (and dist/esm). If you are explicitly importing from dist, you have to update the import.
Bump @metamask/utils to 6.2.0 (#140)

7.1.1

Fixed

Fix isValidBIP32PathSegment to correctly check if BIP-32 path segment is <= 2^31-1 (#134)

7.1.0

Added

Add isValidBIP32PathSegment function (#131)

Changed

Bump @metamask/utils to 6.0.1 (#132)

7.0.0

Added

BREAKING: Add SLIP-10 (slip10:) path type (#124)
- bip32: can no longer be used to derive ed25519 keys

Changed

Handle errors when resulting public or private key is invalid (#120)
- Rather than throwing an error, a new key will be derived instead, as per the SLIP-10 or BIP-32 specification
Improve extended key validation (#121)
Validate that master private key and seed are within bounds (#118)
Allow zero private key for ed25519 (#122)
- Previously a zero private key 0x000..000 would be rejected when using ed25519, but all private keys are valid for ed25519

6.2.1

Fixed

Add missing curve parameter (#110)
- This fixes a bug introduced in 6.2.0, when using the ed25519 curve.

6.2.0

Added

Accept BIP-39 secret recovery phrase as Uint8Array (#107)
- Secret recovery phrases are now accepted both as a string in the bip39:... format, and as Uint8Array in the format used by @metamask/scure-bip39, in all functions that accept secret recovery phrases.

6.1.0

Changed

Update BIP-39 implementation from @scure/bip39 to MetaMask fork version @metamask/scure-bip39 (#101)
- The @metamask/scure-bip39 fork accepts secret recovery phrases in Uint8Array format making it possible to use more secure patterns of passing secret recovery phrases around. This change is non-breaking however, as the mnemonicToSeed function used in this package still accepts secret recovery phrases in string format.

6.0.0

Changed

BREAKING: Rename all occurrences of Buffer with Bytes or Uint8Array (#84)
- All [...]Buffer fields have been replaced with [...]Bytes, e.g., BIP44Node.privateKeyBuffer is now BIP44Node.privateKeyBytes.
- This change does not affect the string fields, like BIP44Node.privateKey.
BREAKING: Swap out Buffer with browser-compatible Uint8Array (#83)
- All functions returning Buffers now return Uint8Arrays instead.
Bump @metamask/utils to 3.3.0 (#85)

5.0.2

Fixed

Export Buffer from buffer package explicitly (#76)
Fix fingerprint derivation (#78)

5.0.1

Fixed

Replace postinstall script with Yarn plugin (#74)

5.0.0

Added

Add convenience field for getting the compressed public key (#71)
Add master fingerprint field to SLIP10Node (#68)

Changed

BREAKING: Bump minimum Node version to 16 and migrate to Yarn 3 (#70)
Allow a depth larger than 5 for SLIP-10 nodes (#69)

4.0.0

Added

NOTE: This version is a significant rewrite of this package, and virtually all existing usage will break upon migrating from a previous major version. All pre-existing functionality is supported through different means, and various new features have been added.
Add extended public (xpub) and private (xprv) keys (#58)
Add support for public key derivation (#56)
Add support for non-secp256k1 curves via SLIP10Node class (#43, #37, #53)
- Add support for ed25519 curve.
- With this and other changes in this release, this package offers full SLIP-10 support for all curves except nist256p1.
- These changes were made possible using the @noble/* suite of cryptography packages.
Add extended key to BIP-44 coin type node (#59)
Add convenience methods to get public keys and addresses (#50)
Enable deriving hardened change and address_index using BIP44CoinTypeNode (#37)

Changed

BREAKING: Change key representation format (#58, #54)
- Encode string keys in hexadecimal instead of Base64.
- Always return a SLIP10Node (or child class) object from derivation functions.
BREAKING: Separate private keys and chain code into separate fields (#54)
BREAKING: Use named arguments instead of positional arguments in various functions (#56)
BREAKING: Make all derivation functions async (#43, #54)
- All key derivation functions are now async, and node objects are initialized via a static, async .from(...) method. This is because some cryptographic dependencies are async.
Update documentation to match new implementation (#60, #49)

Fixed

Remove obsolete Jest snapshots (#41)
Replace node symbol with private field (#42)

3.0.1

Changed

Update cryptography dependencies (#29, #30, #31)
- This results in an overall ~4x speedup in Node.js for operations with this package. Browser performance gains, if any, are not known at this time.
- Individual pull requests:
  - bip39@3.0.4 (#29)
  - secp256k1@4.0.2 (#30)
  - keccak@3.0.2 (#31)

3.0.0

Changed

BREAKING: Refactor package API (#25)
- The new API is designed to make it harder to derive incorrect keys.
- The previous exports of this package can no longer be accessed from the main entry file.
- For the new API, please see the README.
BREAKING: Bump minimum Node.js version to >=12.0.0 (#20)

Security

Add reference implementation tests (#25)
- The key derivation of this package is now tested against the BIP-32 specification and ethereumjs-wallet and @metamask/eth-hd-keyring.
- The key derivation was found to be sound.

2.0.1 - 2021-02-27

Fixed

Correctly type deriveKeyFromPath parentKey param as optional (#14)
Only accept lowercase BIP-39 seed phrases in deriveKeyFromPath (#15)

2.0.0 - 2021-02-25

Changed

BREAKING: Add input validation to deriveKeyFromPath (#3, #4)
BREAKING: Change deriveKeyFromPath parameter order (#3)
Migrate to TypeScript, update types (#10)

1.0.0 - 2020-09-03

Added

Initial release.