cosmos-sdk: Index | Examples | Files | Directories

package keys

import ""



Package Files

codec.go keybase.go keybase_base.go keyring.go keys.go lazy_keybase.go output.go types.go


const (
    // Secp256k1 uses the Bitcoin secp256k1 ECDSA parameters.
    Secp256k1 = SigningAlgo("secp256k1")
    // Ed25519 represents the Ed25519 signature system.
    // It is currently not supported for end-user keys (wallets/ledgers).
    Ed25519 = SigningAlgo("ed25519")
const (
    // used for deriving seed from mnemonic
    DefaultBIP39Passphrase = ""


var (
    // ErrUnsupportedSigningAlgo is raised when the caller tries to use a
    // different signing scheme than secp256k1.
    ErrUnsupportedSigningAlgo = errors.New("unsupported signing algo: only secp256k1 is supported")

    // ErrUnsupportedLanguage is raised when the caller tries to use a
    // different language than english for creating a mnemonic sentence.
    ErrUnsupportedLanguage = errors.New("unsupported language: only english is supported")

func ComputeDerivedKey Uses

func ComputeDerivedKey(seed []byte, fullHdPath string) ([32]byte, error)

ComputeDerivedKey derives and returns the private key for the given seed and HD path.

func CreateHDPath Uses

func CreateHDPath(account uint32, index uint32) *hd.BIP44Params

CreateHDPath returns BIP 44 object from account and index parameters.

func IsAlgoSupported Uses

func IsAlgoSupported(algo SigningAlgo) bool

IsAlgoSupported returns whether the signing algorithm is supported.

TODO: Refactor this to be configurable to support interchangeable key signing and addressing. Ref:

type Info Uses

type Info interface {
    // Human-readable type for key listing
    GetType() KeyType
    // Name of the key
    GetName() string
    // Public key
    GetPubKey() crypto.PubKey
    // Address
    GetAddress() types.AccAddress
    // Bip44 Path
    GetPath() (*hd.BIP44Params, error)

Info is the publicly exposed information about a keypair

func NewMultiInfo Uses

func NewMultiInfo(name string, pub crypto.PubKey) Info

NewMultiInfo creates a new multiInfo instance

type KeyOutput Uses

type KeyOutput struct {
    Name      string                 `json:"name" yaml:"name"`
    Type      string                 `json:"type" yaml:"type"`
    Address   string                 `json:"address" yaml:"address"`
    PubKey    string                 `json:"pubkey" yaml:"pubkey"`
    Mnemonic  string                 `json:"mnemonic,omitempty" yaml:"mnemonic"`
    Threshold uint                   `json:"threshold,omitempty" yaml:"threshold"`
    PubKeys   []multisigPubKeyOutput `json:"pubkeys,omitempty" yaml:"pubkeys"`

KeyOutput defines a structure wrapping around an Info object used for output functionality.

func Bech32ConsKeyOutput Uses

func Bech32ConsKeyOutput(keyInfo Info) (KeyOutput, error)

Bech32ConsKeyOutput create a KeyOutput in with "cons" Bech32 prefixes.

func Bech32KeyOutput Uses

func Bech32KeyOutput(keyInfo Info) (KeyOutput, error)

Bech32KeyOutput create a KeyOutput in with "acc" Bech32 prefixes. If the public key is a multisig public key, then the threshold and constituent public keys will be added.

func Bech32KeysOutput Uses

func Bech32KeysOutput(infos []Info) ([]KeyOutput, error)

Bech32KeysOutput returns a slice of KeyOutput objects, each with the "acc" Bech32 prefixes, given a slice of Info objects. It returns an error if any call to Bech32KeyOutput fails.

func Bech32ValKeyOutput Uses

func Bech32ValKeyOutput(keyInfo Info) (KeyOutput, error)

Bech32ValKeyOutput create a KeyOutput in with "val" Bech32 prefixes.

func NewKeyOutput Uses

func NewKeyOutput(name, keyType, address, pubkey string) KeyOutput

NewKeyOutput creates a default KeyOutput instance without Mnemonic, Threshold and PubKeys

type KeyType Uses

type KeyType uint

KeyType reflects a human-readable type for key listing.

const (
    TypeLocal   KeyType = 0
    TypeLedger  KeyType = 1
    TypeOffline KeyType = 2
    TypeMulti   KeyType = 3

Info KeyTypes

func (KeyType) String Uses

func (kt KeyType) String() string

String implements the stringer interface for KeyType.

type Keybase Uses

type Keybase interface {
    // CRUD on the keystore
    List() ([]Info, error)
    // Get returns the public information about one key.
    Get(name string) (Info, error)
    // Get performs a by-address lookup and returns the public
    // information about one key if there's any.
    GetByAddress(address types.AccAddress) (Info, error)
    // Delete removes a key.
    Delete(name, passphrase string, skipPass bool) error
    // Sign bytes, looking up the private key to use.
    Sign(name, passphrase string, msg []byte) ([]byte, crypto.PubKey, error)

    // CreateMnemonic generates a new mnemonic, derives a hierarchical deterministic
    // key from that. and persists it to storage, encrypted using the provided password.
    // It returns the generated mnemonic and the key Info. It returns an error if it fails to
    // generate a key for the given algo type, or if another key is already stored under the
    // same name.
    CreateMnemonic(name string, language Language, passwd string, algo SigningAlgo) (info Info, seed string, err error)

    // CreateAccount converts a mnemonic to a private key using a BIP44 path 44'/118'/{account}'/0/{index}
    // and persists it, encrypted with the given password.
    CreateAccount(name, mnemonic, bip39Passwd, encryptPasswd string, account uint32, index uint32) (Info, error)

    // Derive computes a BIP39 seed from th mnemonic and bip39Passwd.
    // Derive private key from the seed using the BIP44 params.
    // Encrypt the key to disk using encryptPasswd.
    // See
    Derive(name, mnemonic, bip39Passwd, encryptPasswd string, params hd.BIP44Params) (Info, error)

    // CreateLedger creates, stores, and returns a new Ledger key reference
    CreateLedger(name string, algo SigningAlgo, hrp string, account, index uint32) (info Info, err error)

    // CreateOffline creates, stores, and returns a new offline key reference
    CreateOffline(name string, pubkey crypto.PubKey) (info Info, err error)

    // CreateMulti creates, stores, and returns a new multsig (offline) key reference
    CreateMulti(name string, pubkey crypto.PubKey) (info Info, err error)

    // The following operations will *only* work on locally-stored keys
    Update(name, oldpass string, getNewpass func() (string, error)) error

    // Import imports ASCII armored Info objects.
    Import(name string, armor string) (err error)

    // ImportPrivKey imports a private key in ASCII armor format.
    // It returns an error if a key with the same name exists or a wrong encryption passphrase is
    // supplied.
    ImportPrivKey(name, armor, passphrase string) error

    // ImportPubKey imports ASCII-armored public keys.
    // Store a new Info object holding a public key only, i.e. it will
    // not be possible to sign with it as it lacks the secret key.
    ImportPubKey(name string, armor string) (err error)

    // Export exports an Info object in ASCII armored format.
    Export(name string) (armor string, err error)

    // ExportPubKey returns public keys in ASCII armored format.
    // Retrieve a Info object by its name and return the public key in
    // a portable format.
    ExportPubKey(name string) (armor string, err error)

    // ExportPrivKey returns a private key in ASCII armored format.
    // It returns an error if the key does not exist or a wrong encryption passphrase is supplied.
    ExportPrivKey(name, decryptPassphrase, encryptPassphrase string) (armor string, err error)

    // ExportPrivateKeyObject *only* works on locally-stored keys. Temporary method until we redo the exporting API
    ExportPrivateKeyObject(name string, passphrase string) (crypto.PrivKey, error)

    // CloseDB closes the database.

Keybase exposes operations on a generic keystore

func New Uses

func New(name, dir string) Keybase

New creates a new instance of a lazy keybase.


// Select the encryption and storage for your cryptostore
cstore := NewInMemory()

sec := Secp256k1

// Add keys and see they return in alphabetical order
bob, _, err := cstore.CreateMnemonic("Bob", English, "friend", sec)
if err != nil {
    // this should never happen
} else {
    // return info here just like in List
_, _, _ = cstore.CreateMnemonic("Alice", English, "secret", sec)
_, _, _ = cstore.CreateMnemonic("Carl", English, "mitm", sec)
info, _ := cstore.List()
for _, i := range info {

// We need to use passphrase to generate a signature
tx := []byte("deadbeef")
sig, pub, err := cstore.Sign("Bob", "friend", tx)
if err != nil {
    fmt.Println("don't accept real passphrase")

// and we can validate the signature with publicly available info
binfo, _ := cstore.Get("Bob")
if !binfo.GetPubKey().Equals(bob.GetPubKey()) {
    fmt.Println("Get and Create return different keys")

if pub.Equals(binfo.GetPubKey()) {
    fmt.Println("signed by Bob")
if !pub.VerifyBytes(tx, sig) {
    fmt.Println("invalid signature")


signed by Bob

func NewInMemory Uses

func NewInMemory() Keybase

NewInMemory creates a transient keybase on top of in-memory storage instance useful for testing purposes and on-the-fly key generation.

func NewKeyring Uses

func NewKeyring(name string, dir string, userInput io.Reader) (Keybase, error)

NewKeyring creates a new instance of a keyring.

func NewTestKeyring Uses

func NewTestKeyring(name string, dir string) (Keybase, error)

NewTestKeyring creates a new instance of a keyring for testing purposes that does not prompt users for password.

type Language Uses

type Language int

Language is a language to create the BIP 39 mnemonic in. Currently, only english is supported though. Find a list of all supported languages in the BIP 39 spec (word lists).

const (
    // English is the default language to create a mnemonic.
    // It is the only supported language by this package.
    English Language = iota + 1
    // Japanese is currently not supported.
    // Korean is currently not supported.
    // Spanish is currently not supported.
    // ChineseSimplified is currently not supported.
    // ChineseTraditional is currently not supported.
    // French is currently not supported.
    // Italian is currently not supported.

noinspection ALL

type SigningAlgo Uses

type SigningAlgo string

SigningAlgo defines an algorithm to derive key-pairs which can be used for cryptographic signing.


hdPackage hd provides basic functionality Hierarchical Deterministic Wallets.

Package keys imports 26 packages (graph) and is imported by 25 packages. Updated 2019-10-17. Refresh now. Tools for package owners.