akarve · BenWestgate · Aug 19, 2025 · Aug 19, 2025 · Aug 19, 2025 · Aug 19, 2025
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,4 @@
+{
+    "python-envs.pythonProjects": [],
+    "python-envs.defaultEnvManager": "ms-python.python:system"
+}
diff --git a/src/bipsea/bip85.py b/src/bipsea/bip85.py
@@ -11,6 +11,7 @@
 from .bip32 import derive_key as derive_key_bip32
 from .bip32 import hmac_sha512
 from .bip39 import LANGUAGES, N_WORDS_META, entropy_to_words, validate_mnemonic_words
+from .bip93 import CHARSET, ms32_recover, fingerprint, convertbits, ms32_interpolate, ms32_encode, validate_set
 from .util import LOGGER_NAME, to_hex_string
 
 logger = logging.getLogger(LOGGER_NAME)
@@ -23,6 +24,7 @@
     "drng": "0'",
     "hex": "128169'",
     "mnemonic": "39'",
+    "codex32": "93'",
     "wif": "2'",
     "xprv": "32'",
 }
@@ -51,6 +53,11 @@
     "9'": "portuguese",  # not in BIP-85 but in BIP-39 test vectors
 }
 
+INDEX_TO_HRP = {
+    "0'": "ms",
+    "1'": "cl",
+}
+
 assert set(INDEX_TO_LANGUAGE.values()) == set(LANGUAGES.keys())
 
 
@@ -83,6 +90,71 @@ def apply_85(derived_key: ExtendedKey, path: str) -> Dict[str, Union[bytes, str]
             "entropy": trimmed_entropy,
             "application": " ".join(words),
         }
+    elif app == APPLICATIONS["codex32"]:
+        hrp, threshold, share_count, byte_length, id0, id1, id2, id3 = indexes[:8]
+        if hrp == "0'":
+            hrp = 'ms'
+        elif hrp == "1'":
+            hrp = 'cl'
+        else:
+            raise ValueError(f"Unsupported human-readable prefix: {hrp}.")
+        threshold = int(threshold.rstrip("'"))
+        if not threshold or not 9 > threshold > 2:
+            raise ValueError(f"Threshold '{threshold}' is not an allowed value (2 through 9, or 0).")
+        k = CHARSET.find(str(threshold))
+        share_count = int(share_count.rstrip("'"))
+        if not 1 <= share_count <= 31:
+            raise ValueError(f"Share count '{share_count}' is not an allowed value (1 through 31).")
+        if threshold == 0 and share_count != 1:
+            raise ValueError(f"Share count '{share_count}' is not an allowed value (for threshold=0, share_count must be 1).")
+        byte_length = int(byte_length.rstrip("'"))
+        if not 16 <= byte_length <= 64:
+            raise ValueError(f"Byte length '{byte_length}' is not an allowed value (16 through 64).")
+        payload_length = byte_length * 8 // 5
+        identifier = []
+        for id_char in id0, id1, id2, id3:
+            id_char = int(id_char.rstrip("'"))
+            if not 0 <= id_char <= 32:
+                raise ValueError(f"Identifer value '{id_char}' is not an allowed value (0 through 32).")
+            identifier.append(id_char)
+        drng = DRNG(entropy)
+        alphabetized_charset = 'sacdefghjk' # threshold above 9 is invalid
+        initial_codex32_data = []
+        id = [0] * 4 if 32 in identifier else identifier
+        for i in range(bool(threshold), min(threshold, share_count) + 1):
+            data = [k] + [id] + [CHARSET.find(alphabetized_charset[i])]
+            while len(data) < 6 + payload_length:
+                data.append(int.from_bytes(drng.read(1), "big") >> 3)
+            initial_codex32_data.append(data)
+        codex32_secret = ms32_recover(initial_codex32_data) if len(
+            initial_codex32_data) > 1 else initial_codex32_data[0]
+        if 32 in identifier:
+            bip32_fp = fingerprint(convertbits(codex32_secret[6:], 5, 8))
+            for data in initial_codex32_data:
+                for i in range(1,5): # relabel shares with the BIP32 fingerprint
+                    data[i] = data[i] if identifier[i - 1] < 32 else bip32_fp[i - 1]
+        if threshold and share_count >= threshold:
+            strings = []
+            existing_share_indexes = [16]
+            for i in range(share_count):
+                fresh_share_index = 16
+                while fresh_share_index in existing_share_indexes:
+                    fresh_share_index = int.from_bytes(drng.read(1), "big") >> 3
+                existing_share_indexes.append(fresh_share_index)
+                if fresh_share_index in initial_codex32_data[:][6]:
+                    share_data = initial_codex32_data[
+                        initial_codex32_data[:][6].index(fresh_share_index)]
+                else:
+                    share_data = ms32_interpolate(initial_codex32_data, fresh_share_index)
+                strings.append(ms32_encode(hrp, share_data))
+        else:
+            strings = [ms32_encode(hrp, data) for data in initial_codex32_data]
+        assert validate_set(strings, len_must_match_k=False)
+
+        return {
+            "entropy": entropy,
+            "application": " ".join(strings),
+        }
     elif app == APPLICATIONS["wif"]:
         trimmed_entropy = entropy[: 256 // 8]
         prefix = b"\x80" if derived_key.get_network() == "mainnet" else b"\xef"