coinbase-sdk 0.0.4 → 0.0.6

data/lib/coinbase/user.rb

@@ -20,21 +20,14 @@ module Coinbase
     end
 
     # Creates a new Wallet belonging to the User.
+    # @param network_id [String] (Optional) the ID of the blockchain network. Defaults to 'base-sepolia'.
     # @return [Coinbase::Wallet] the new Wallet
-    def create_wallet
-      create_wallet_request = {
-        wallet: {
-          # TODO: Don't hardcode this.
-          network_id: 'base-sepolia'
-        }
-      }
-      opts = { create_wallet_request: create_wallet_request }
-
-      model = Coinbase.call_api do
-        wallets_api.create_wallet(opts)
-      end
+    def create_wallet(create_wallet_options = {})
+      # For ruby 2.7 compatibility we cannot pass in keyword args when the create wallet
+      # options is empty
+      return Wallet.create if create_wallet_options.empty?
 
-      Wallet.new(model)
+      Wallet.create(**create_wallet_options)
     end
 
     # Imports a Wallet belonging to the User.
@@ -44,90 +37,53 @@ module Coinbase
       Wallet.import(data)
     end
 
-    # Lists the IDs of the Wallets belonging to the User.
-    # @return [Array<String>] the IDs of the Wallets belonging to the User
-    def wallet_ids
-      wallets = Coinbase.call_api do
-        wallets_api.list_wallets
-      end
+    # Lists the Wallets belonging to the User.
+    # @param page_size [Integer] (Optional) the number of Wallets to return per page. Defaults to 10
+    # @param next_page_token [String] (Optional) the token for the next page of Wallets
+    # @return [Array<Coinbase::Wallet, String>] the Wallets belonging to the User and the pagination token, if
+    #   any.
+    def wallets(page_size: 10, next_page_token: nil)
+      opts = {
+        limit: page_size
+      }
 
-      wallets.data.map(&:id)
-    end
+      opts[:page] = next_page_token unless next_page_token.nil?
 
-    # Saves a wallet to local file system. Wallet saved this way can be re-instantiated with load_wallets_from_local
-    # function, provided the backup_file is available. This is an insecure method of storing wallet seeds and should
-    # only be used for development purposes. If you call save_wallet_locally! twice with wallets containing the same
-    # wallet_id, the backup will be overwritten during the second attempt.
-    # The default backup_file is `seeds.json` in the root folder. It can be configured by changing
-    # Coinbase.configuration.backup_file_path.
-    #
-    # @param wallet [Coinbase::Wallet] The wallet model to save.
-    # @param encrypt [bool] (Optional) Boolean representing whether the backup persisted to local file system should be
-    # encrypted or not. Data is unencrypted by default.
-    # @return [Coinbase::Wallet] the saved wallet.
-    def save_wallet_locally!(wallet, encrypt: false)
-      existing_seeds_in_store = existing_seeds
-      data = wallet.export
-      seed_to_store = data.seed
-      auth_tag = ''
-      iv = ''
-      if encrypt
-        shared_secret = store_encryption_key
-        cipher = OpenSSL::Cipher.new('aes-256-gcm').encrypt
-        cipher.key = OpenSSL::Digest.digest('SHA256', shared_secret)
-        iv = cipher.random_iv
-        cipher.iv = iv
-        cipher.auth_data = ''
-        encrypted_data = cipher.update(data.seed) + cipher.final
-        auth_tag = cipher.auth_tag.unpack1('H*')
-        iv = iv.unpack1('H*')
-        seed_to_store = encrypted_data.unpack1('H*')
+      wallet_list = Coinbase.call_api do
+        wallets_api.list_wallets(opts)
       end
 
-      existing_seeds_in_store[data.wallet_id] = {
-        seed: seed_to_store,
-        encrypted: encrypt,
-        auth_tag: auth_tag,
-        iv: iv
-      }
+      # A map from wallet_id to address models.
+      address_model_map = {}
+
+      wallet_list.data.each do |wallet_model|
+        addresses_list = Coinbase.call_api do
+          addresses_api.list_addresses(wallet_model.id, { limit: Coinbase::Wallet::MAX_ADDRESSES })
+        end
+
+        address_model_map[wallet_model.id] = addresses_list.data
+      end
 
-      File.open(Coinbase.configuration.backup_file_path, 'w') do |file|
-        file.write(JSON.pretty_generate(existing_seeds_in_store))
+      wallets = wallet_list.data.map do |wallet_model|
+        Wallet.new(wallet_model, seed: '', address_models: address_model_map[wallet_model.id])
       end
-      wallet
+
+      [wallets, wallet_list.next_page]
     end
 
-    # Loads all wallets belonging to the User with backup persisted to the local file system.
-    # @return [Map<String>Coinbase::Wallet] the map of wallet_ids to the wallets.
-    def load_wallets_from_local
-      existing_seeds_in_store = existing_seeds
-      raise ArgumentError, 'Backup file not found' if existing_seeds_in_store == {}
-
-      wallets = {}
-      existing_seeds_in_store.each do |wallet_id, seed_data|
-        seed = seed_data['seed']
-        raise ArgumentError, 'Malformed backup data' if seed.nil? || seed == ''
-
-        if seed_data['encrypted']
-          shared_secret = store_encryption_key
-          raise ArgumentError, 'Malformed encrypted seed data' if seed_data['iv'] == '' ||
-                                                                  seed_data['auth_tag'] == ''
-
-          cipher = OpenSSL::Cipher.new('aes-256-gcm').decrypt
-          cipher.key = OpenSSL::Digest.digest('SHA256', shared_secret)
-          iv = [seed_data['iv']].pack('H*')
-          cipher.iv = iv
-          auth_tag = [seed_data['auth_tag']].pack('H*')
-          cipher.auth_tag = auth_tag
-          cipher.auth_data = ''
-          hex_decoded_data = [seed_data['seed']].pack('H*')
-          seed = cipher.update(hex_decoded_data) + cipher.final
-        end
+    # Returns the Wallet with the given ID.
+    # @param wallet_id [String] the ID of the Wallet
+    # @return [Coinbase::Wallet] the unhydrated Wallet
+    def wallet(wallet_id)
+      wallet_model = Coinbase.call_api do
+        wallets_api.get_wallet(wallet_id)
+      end
 
-        data = Coinbase::Wallet::Data.new(wallet_id: wallet_id, seed: seed)
-        wallets[wallet_id] = import_wallet(data)
+      addresses_list = Coinbase.call_api do
+        addresses_api.list_addresses(wallet_model.id, { limit: Coinbase::Wallet::MAX_ADDRESSES })
       end
-      wallets
+
+      Wallet.new(wallet_model, seed: '', address_models: addresses_list.data)
     end
 
     # Returns a string representation of the User.
@@ -151,22 +107,5 @@ module Coinbase
     def wallets_api
       @wallets_api ||= Coinbase::Client::WalletsApi.new(Coinbase.configuration.api_client)
     end
-
-    def existing_seeds
-      existing_seed_data = '{}'
-      file_path = Coinbase.configuration.backup_file_path
-      existing_seed_data = File.read(file_path) if File.exist?(file_path)
-      output = JSON.parse(existing_seed_data)
-
-      raise ArgumentError, 'Malformed backup data' unless output.is_a?(Hash)
-
-      output
-    end
-
-    def store_encryption_key
-      pk = OpenSSL::PKey.read(Coinbase.configuration.api_key_private_key)
-      public_key = pk.public_key # use own public key to generate the shared secret.
-      pk.dh_compute_key(public_key)
-    end
   end
 end

data/lib/coinbase/wallet.rb

@@ -12,7 +12,21 @@ module Coinbase
   # list their balances, and transfer Assets to other Addresses. Wallets should be created through User#create_wallet or
   # User#import_wallet.
   class Wallet
-    attr_reader :addresses
+    attr_reader :addresses, :model
+
+    # The maximum number of addresses in a Wallet.
+    MAX_ADDRESSES = 20
+
+    # A representation of ServerSigner status in a Wallet.
+    module ServerSignerStatus
+      # The Wallet is awaiting seed creation by the ServerSigner. At this point,
+      # the Wallet cannot create addresses or sign transactions.
+      PENDING = 'pending_seed_creation'
+
+      # The Wallet has an associated seed created by the ServerSigner. It is ready
+      # to create addresses and sign transactions.
+      ACTIVE = 'active_seed'
+    end
 
     class << self
       # Imports a Wallet from previously exported wallet data.
@@ -25,16 +39,70 @@ module Coinbase
           wallets_api.get_wallet(data.wallet_id)
         end
 
-        # TODO: Pass these addresses in directly
-        address_count = Coinbase.call_api do
-          addresses_api.list_addresses(model.id).total_count
+        address_list = Coinbase.call_api do
+          addresses_api.list_addresses(model.id, { limit: MAX_ADDRESSES })
         end
 
-        new(model, seed: data.seed, address_count: address_count)
+        new(model, seed: data.seed, address_models: address_list.data)
+      end
+
+      # Creates a new Wallet on the specified Network and generate a default address for it.
+      # @param network_id [String] (Optional) the ID of the blockchain network. Defaults to 'base-sepolia'.
+      # @param interval_seconds [Integer] The interval at which to poll the CDPService for the Wallet to
+      # have an active seed, if using a ServerSigner, in seconds
+      # @param timeout_seconds [Integer] The maximum amount of time to wait for the ServerSigner to
+      # create a seed for the Wallet, in seconds
+      # @return [Coinbase::Wallet] the new Wallet
+      def create(network_id: 'base-sepolia', interval_seconds: 0.2, timeout_seconds: 20)
+        model = Coinbase.call_api do
+          wallets_api.create_wallet(
+            create_wallet_request: {
+              wallet: {
+                network_id: network_id,
+                use_server_signer: Coinbase.use_server_signer?
+              }
+            }
+          )
+        end
+
+        wallet = new(model)
+
+        # When used with a ServerSigner, the Signer must first register
+        # with the Wallet before addresses can be created.
+        wait_for_signer(wallet.id, interval_seconds, timeout_seconds) if Coinbase.use_server_signer?
+
+        wallet.create_address
+        wallet
       end
 
       private
 
+      # Wait_for_signer waits until the ServerSigner has created a seed for the Wallet.
+      # Timeout::Error if the ServerSigner takes longer than the given timeout to create the seed.
+      # @param wallet_id [string] The ID of the Wallet that is awaiting seed creation.
+      # @param interval_seconds [Integer] The interval at which to poll the CDPService, in seconds
+      # @param timeout_seconds [Integer] The maximum amount of time to wait for the Signer to create a seed, in seconds
+      # @return [Wallet] The completed Wallet object that is ready to create addresses.
+      def wait_for_signer(wallet_id, interval_seconds, timeout_seconds)
+        start_time = Time.now
+
+        loop do
+          model = Coinbase.call_api do
+            wallets_api.get_wallet(wallet_id)
+          end
+
+          return self if model.server_signer_status == ServerSignerStatus::ACTIVE
+
+          if Time.now - start_time > timeout_seconds
+            raise Timeout::Error, 'Wallet creation timed out. Check status of your Server-Signer'
+          end
+
+          self.sleep interval_seconds
+        end
+
+        self
+      end
+
       # TODO: Memoize these objects in a thread-safe way at the top-level.
       def addresses_api
         Coinbase::Client::AddressesApi.new(Coinbase.configuration.api_client)
@@ -49,31 +117,23 @@ module Coinbase
     # User#import_wallet.
     # @param model [Coinbase::Client::Wallet] The underlying Wallet object
     # @param seed [String] (Optional) The seed to use for the Wallet. Expects a 32-byte hexadecimal with no 0x prefix.
-    #   If not provided, a new seed will be generated.
-    # @param address_count [Integer] (Optional) The number of addresses already registered for the Wallet.
+    #   If nil, a new seed will be generated. If the empty string, no seed is generated, and the Wallet will be
+    #   instantiated without a seed and its corresponding private keys.
+    # @param address_models [Array<Coinbase::Client::Address>] (Optional) The models of the addresses already registered
+    #   with the Wallet. If not provided, the Wallet will derive the first default address.
     # @param client [Jimson::Client] (Optional) The JSON RPC client to use for interacting with the Network
-    def initialize(model, seed: nil, address_count: 0)
-      raise ArgumentError, 'Seed must be 32 bytes' if !seed.nil? && seed.length != 64
+    def initialize(model, seed: nil, address_models: [])
+      validate_seed_and_address_models(seed, address_models) unless Coinbase.use_server_signer?
 
       @model = model
-
-      @master = seed.nil? ? MoneyTree::Master.new : MoneyTree::Master.new(seed_hex: seed)
-
-      # TODO: Make Network an argument to the constructor.
-      @network_id = :base_sepolia
       @addresses = []
 
-      # TODO: Adjust derivation path prefix based on network protocol.
-      @address_path_prefix = "m/44'/60'/0'/0"
-      @address_index = 0
-
-      if address_count.positive?
-        address_count.times { derive_address }
-      else
-        create_address
-        # Update the model to reflect the new default address.
-        update_model
+      unless Coinbase.use_server_signer?
+        @master = master_node(seed)
+        @private_key_index = 0
       end
+
+      derive_addresses(address_models)
     end
 
     # Returns the Wallet ID.
@@ -88,30 +148,60 @@ module Coinbase
       Coinbase.to_sym(@model.network_id)
     end
 
+    # Returns the ServerSigner Status of the Wallet.
+    # @return [Symbol] The ServerSigner Status
+    def server_signer_status
+      Coinbase.to_sym(@model.server_signer_status)
+    end
+
+    # Sets the seed of the Wallet. This seed is used to derive keys and sign transactions.
+    # @param seed [String] The seed to set. Expects a 32-byte hexadecimal with no 0x prefix.
+    def seed=(seed)
+      raise ArgumentError, 'Seed must be 32 bytes' if seed.length != 64
+      raise 'Seed is already set' unless @master.nil?
+      raise 'Cannot set seed for Wallet with non-zero private key index' if @private_key_index.positive?
+
+      @master = MoneyTree::Master.new(seed_hex: seed)
+
+      @addresses.each do
+        key = derive_key
+        a = address(key.address.to_s)
+        raise "Seed does not match wallet; cannot find address #{key.address}" if a.nil?
+
+        a.key = key
+      end
+    end
+
     # Creates a new Address in the Wallet.
     # @return [Address] The new Address
     def create_address
-      key = derive_key
-      attestation = create_attestation(key)
-      public_key = key.public_key.compressed.unpack1('H*')
+      opts = { create_address_request: {} }
 
-      opts = {
-        create_address_request: {
-          public_key: public_key,
-          attestation: attestation
+      unless Coinbase.use_server_signer?
+        key = derive_key
+
+        opts = {
+          create_address_request: {
+            public_key: key.public_key.compressed.unpack1('H*'),
+            attestation: create_attestation(key)
+          }
         }
-      }
+      end
+
       address_model = Coinbase.call_api do
         addresses_api.create_address(id, opts)
       end
 
+      # Auto-reload wallet to set default address on first address creation.
+      reload if addresses.empty?
+
       cache_address(address_model, key)
     end
 
     # Returns the default address of the Wallet.
     # @return [Address] The default address
     def default_address
-      address(@model.default_address.address_id)
+      address(@model.default_address&.address_id)
     end
 
     # Returns the Address with the given ID.
@@ -144,30 +234,25 @@ module Coinbase
       Coinbase::Balance.from_model_and_asset_id(response, asset_id).amount
     end
 
-    # Transfers the given amount of the given Asset to the given address. Only same-Network Transfers are supported.
-    # Currently only the default_address is used to source the Transfer.
+    # Transfers the given amount of the given Asset to the specified address or wallet.
+    # Only same-network Transfers are supported. Currently only the default_address is used to source the Transfer.
     # @param amount [Integer, Float, BigDecimal] The amount of the Asset to send
     # @param asset_id [Symbol] The ID of the Asset to send
     # @param destination [Wallet | Address | String] The destination of the transfer. If a Wallet, sends to the Wallet's
     #  default address. If a String, interprets it as the address ID.
     # @return [Transfer] The hash of the Transfer transaction.
     def transfer(amount, asset_id, destination)
-      if destination.is_a?(Wallet)
-        raise ArgumentError, 'Transfer must be on the same Network' if destination.network_id != @network_id
-
-        destination = destination.default_address.id
-      elsif destination.is_a?(Address)
-        raise ArgumentError, 'Transfer must be on the same Network' if destination.network_id != @network_id
-
-        destination = destination.id
-      end
-
       default_address.transfer(amount, asset_id, destination)
     end
 
     # Exports the Wallet's data to a Data object.
     # @return [Data] The Wallet data
     def export
+      # TODO: Improve this check by relying on the backend data to decide whether a wallet is server-signer backed.
+      raise 'Cannot export data for Server-Signer backed Wallet' if Coinbase.use_server_signer?
+
+      raise 'Cannot export Wallet without loaded seed' if @master.nil?
+
       Data.new(wallet_id: id, seed: @master.seed_hex)
     end
 
@@ -182,11 +267,98 @@ module Coinbase
       end
     end
 
+    # Returns whether the Wallet has a seed with which to derive keys and sign transactions.
+    # @return [Boolean] Whether the Wallet has a seed with which to derive keys and sign transactions.
+    def can_sign?
+      !@master.nil?
+    end
+
+    # Saves the seed of the Wallet to the given file. Wallets whose seeds are saved this way can be
+    # rehydrated using load_seed. A single file can be used for multiple Wallet seeds.
+    # This is an insecure method of storing Wallet seeds and should only be used for development purposes.
+    #
+    # @param file_path [String] The path of the file to save the seed to
+    # @param encrypt [bool] (Optional) Whether the seed information persisted to the local file system should be
+    # encrypted or not. Data is unencrypted by default.
+    # @return [String] A string indicating the success of the operation
+    def save_seed!(file_path, encrypt: false)
+      raise 'Wallet does not have seed loaded' if @master.nil?
+
+      existing_seeds_in_store = existing_seeds(file_path)
+
+      seed_to_store = @master.seed_hex
+      auth_tag = ''
+      iv = ''
+      if encrypt
+        cipher = OpenSSL::Cipher.new('aes-256-gcm').encrypt
+        cipher.key = OpenSSL::Digest.digest('SHA256', encryption_key)
+        iv = cipher.random_iv
+        cipher.iv = iv
+        cipher.auth_data = ''
+        encrypted_data = cipher.update(@master.seed_hex) + cipher.final
+        auth_tag = cipher.auth_tag.unpack1('H*')
+        iv = iv.unpack1('H*')
+        seed_to_store = encrypted_data.unpack1('H*')
+      end
+
+      existing_seeds_in_store[id] = {
+        seed: seed_to_store,
+        encrypted: encrypt,
+        auth_tag: auth_tag,
+        iv: iv
+      }
+
+      File.open(file_path, 'w') do |file|
+        file.write(JSON.pretty_generate(existing_seeds_in_store))
+      end
+
+      "Successfully saved seed for wallet #{id} to #{file_path}."
+    end
+
+    # Loads the seed of the Wallet from the given file.
+    # @param file_path [String] The path of the file to load the seed from
+    # @return [String] A string indicating the success of the operation
+    def load_seed(file_path)
+      raise 'Wallet already has seed loaded' unless @master.nil?
+
+      existing_seeds_in_store = existing_seeds(file_path)
+
+      raise ArgumentError, "File #{file_path} does not contain seed data" if existing_seeds_in_store == {}
+
+      if existing_seeds_in_store[id].nil?
+        raise ArgumentError, "File #{file_path} does not contain seed data for wallet #{id}"
+      end
+
+      seed_data = existing_seeds_in_store[id]
+      local_seed = seed_data['seed']
+
+      raise ArgumentError, 'Seed data is malformed' if local_seed.nil? || local_seed == ''
+
+      if seed_data['encrypted']
+        raise ArgumentError, 'Encrypted seed data is malformed' if seed_data['iv'] == '' ||
+                                                                   seed_data['auth_tag'] == ''
+
+        cipher = OpenSSL::Cipher.new('aes-256-gcm').decrypt
+        cipher.key = OpenSSL::Digest.digest('SHA256', encryption_key)
+        iv = [seed_data['iv']].pack('H*')
+        cipher.iv = iv
+        auth_tag = [seed_data['auth_tag']].pack('H*')
+        cipher.auth_tag = auth_tag
+        cipher.auth_data = ''
+        hex_decoded_data = [seed_data['seed']].pack('H*')
+        local_seed = cipher.update(hex_decoded_data) + cipher.final
+      end
+
+      self.seed = local_seed
+
+      "Successfully loaded seed for wallet #{id} from #{file_path}."
+    end
+
     # Returns a String representation of the Wallet.
     # @return [String] a String representation of the Wallet
     def to_s
       "Coinbase::Wallet{wallet_id: '#{id}', network_id: '#{network_id}', " \
-        "default_address: '#{default_address.id}'}"
+        "default_address: '#{@model.default_address&.address_id}'}"
     end
 
     # Same as to_s.
@@ -223,14 +395,55 @@ module Coinbase
 
     private
 
+    # Reloads the Wallet with the latest data.
+    def reload
+      @model = Coinbase.call_api do
+        wallets_api.get_wallet(id)
+      end
+    end
+
+    def master_node(seed)
+      return MoneyTree::Master.new if seed.nil?
+      return nil if seed.empty?
+
+      MoneyTree::Master.new(seed_hex: seed)
+    end
+
+    def address_path_prefix
+      # TODO: Add support for other networks.
+      @address_path_prefix ||= case network_id.to_s.split('_').first
+                               when 'base'
+                                 "m/44'/60'/0'/0"
+                               else
+                                 raise ArgumentError, "Unsupported network ID: #{network_id}"
+                               end
+    end
+
+    # Derives the registered Addresses in the Wallet.
+    # @param address_models [Array<Coinbase::Client::Address>] The models of the addresses already registered with the
+    #   Wallet
+    def derive_addresses(address_models)
+      return unless address_models.any?
+
+      # Create a map tracking which addresses are already registered with the Wallet.
+      address_map = build_address_map(address_models)
+
+      address_models.each do |address_model|
+        # Derive the addresses using the provided models.
+        derive_address(address_map, address_model)
+      end
+    end
+
     # Derives an already registered Address in the Wallet.
+    # @param address_map [Hash<String, Boolean>] The map of registered Address IDs
+    # @param address_model [Coinbase::Client::Address] The Address model
     # @return [Address] The new Address
-    def derive_address
-      key = derive_key
+    def derive_address(address_map, address_model)
+      key = @master.nil? ? nil : derive_key
 
-      address_id = key.address.to_s
-      address_model = Coinbase.call_api do
-        addresses_api.get_address(id, address_id)
+      unless key.nil?
+        address_from_key = key.address.to_s
+        raise 'Invalid address' if address_map[address_from_key].nil?
       end
 
       cache_address(address_model, key)
@@ -239,8 +452,11 @@ module Coinbase
     # Derives a key for an already registered Address in the Wallet.
     # @return [Eth::Key] The new key
     def derive_key
-      path = "#{@address_path_prefix}/#{@address_index}"
+      raise 'Cannot derive key for Wallet without seed loaded' if @master.nil?
+
+      path = "#{address_path_prefix}/#{@private_key_index}"
       private_key = @master.node_for_path(path).private_key.to_hex
+      @private_key_index += 1
       Eth::Key.new(priv: private_key)
     end
 
@@ -251,10 +467,22 @@ module Coinbase
     def cache_address(address_model, key)
       address = Address.new(address_model, key)
       @addresses << address
-      @address_index += 1
       address
     end
 
+    # Builds a Hash of the registered Addresses.
+    # @param address_models [Array<Coinbase::Client::Address>] The models of the addresses already registered with the
+    #   Wallet
+    # @return [Hash<String, Boolean>] The Hash of registered Addresses
+    def build_address_map(address_models)
+      address_map = {}
+      address_models.each do |address_model|
+        address_map[address_model.address_id] = true
+      end
+
+      address_map
+    end
+
     # Creates an attestation for the Address currently being created.
     # @param key [Eth::Key] The private key of the Address
     # @return [String] The attestation
@@ -279,11 +507,37 @@ module Coinbase
       new_signature_bytes.pack('C*').unpack1('H*')
     end
 
-    # Updates the Wallet model with the latest data.
-    def update_model
-      @model = Coinbase.call_api do
-        wallets_api.get_wallet(id)
-      end
+    # Validates the seed and address models passed to the constructor.
+    # @param seed [String] The seed to use for the Wallet
+    # @param address_models [Array<Coinbase::Client::Address>] The models of the addresses already registered with the
+    #   Wallet
+    def validate_seed_and_address_models(seed, address_models)
+      raise ArgumentError, 'Seed must be 32 bytes' if !seed.nil? && !seed.empty? && seed.length != 64
+
+      raise ArgumentError, 'Seed must be present if address_models are provided' if seed.nil? && address_models.any?
+
+      return unless !seed.nil? && seed.empty? && address_models.empty?
+
+      raise ArgumentError, 'Seed must be empty if address_models are not provided'
+    end
+
+    # Loads the Hash of Wallet seeds from the given file.
+    # @param file_path [String] The path of the file to load the seed from
+    # @return [Hash<String, Hash>] The Hash of from Wallet IDs to seed data
+    def existing_seeds(file_path)
+      existing_seed_data = '{}'
+      existing_seed_data = File.read(file_path) if File.exist?(file_path)
+      existing_seeds = JSON.parse(existing_seed_data)
+      raise ArgumentError, "#{file_path} is malformed, must be a valid JSON object" unless existing_seeds.is_a?(Hash)
+
+      existing_seeds
+    end
+
+    # Returns the shared secret to use for encrypting the seed.
+    def encryption_key
+      pk = OpenSSL::PKey.read(Coinbase.configuration.api_key_private_key)
+      public_key = pk.public_key # use own public key to generate the shared secret.
+      pk.dh_compute_key(public_key)
     end
 
     def addresses_api