@metamask/eth-hd-keyring 9.0.1 → 10.0.0

package/CHANGELOG.md

@@ -7,6 +7,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [10.0.0]
+
+### Added
+
+- Add `signEip7702Authorization` method ([#182](https://github.com/MetaMask/accounts/pull/182))
+
+### Changed
+
+- **BREAKING**: Added types to `HdKeyring` ([#166](https://github.com/MetaMask/accounts/pull/166))
+  - All methods on `HdKeyring` retain their existing signatures, but now have types.
+- Bump `@metamask/eth-sig-util` dependency from `^8.0.0` to `8.2.0` ([#177](https://github.com/MetaMask/accounts/pull/177)), ([#134](https://github.com/MetaMask/accounts/pull/134))
+- Bump `@metamask/utils` dependency from `^9.3.1` to `11.1.0` ([#134](https://github.com/MetaMask/accounts/pull/134)), ([#167](https://github.com/MetaMask/accounts/pull/167))
+
 ## [9.0.1]
 
 ### Changed
@@ -155,7 +168,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - Deserialize method (and `HdKeyring` constructor by extension) can no longer be passed an options object containing a value for `numberOfAccounts` if it is not also containing a value for `mnemonic`.
 - Package name changed from `eth-hd-keyring` to `@metamask/eth-hd-keyring`.
 
-[Unreleased]: https://github.com/MetaMask/accounts/compare/@metamask/eth-hd-keyring@9.0.1...HEAD
+[Unreleased]: https://github.com/MetaMask/accounts/compare/@metamask/eth-hd-keyring@10.0.0...HEAD
+[10.0.0]: https://github.com/MetaMask/accounts/compare/@metamask/eth-hd-keyring@9.0.1...@metamask/eth-hd-keyring@10.0.0
 [9.0.1]: https://github.com/MetaMask/accounts/compare/@metamask/eth-hd-keyring@9.0.0...@metamask/eth-hd-keyring@9.0.1
 [9.0.0]: https://github.com/MetaMask/accounts/compare/@metamask/eth-hd-keyring@8.0.0...@metamask/eth-hd-keyring@9.0.0
 [8.0.0]: https://github.com/MetaMask/accounts/compare/@metamask/eth-hd-keyring@7.0.4...@metamask/eth-hd-keyring@8.0.0

package/dist/index.cjs

@@ -1,4 +1,16 @@
 "use strict";
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _HdKeyring_instances, _HdKeyring_wallets, _HdKeyring_cryptographicFunctions, _HdKeyring_uint8ArrayToString, _HdKeyring_stringToUint8Array, _HdKeyring_mnemonicToUint8Array, _HdKeyring_getPrivateKeyFor, _HdKeyring_getWalletForAccount, _HdKeyring_initFromMnemonic, _HdKeyring_addressfromPublicKey, _HdKeyring_normalizeAddress;
 Object.defineProperty(exports, "__esModule", { value: true });
 const util_1 = require("@ethereumjs/util");
 const eth_sig_util_1 = require("@metamask/eth-sig-util");
@@ -12,61 +24,62 @@ const utils_2 = require("ethereum-cryptography/utils");
 // Options:
 const hdPathString = `m/44'/60'/0'/0`;
 const type = 'HD Key Tree';
+/**
+ * Checks if the given value is a valid serialized Buffer compatible with
+ * the return type of `Buffer.toJSON`.
+ *
+ * @param value - The value to check.
+ * @returns `true` if the value is a valid serialized buffer, `false` otherwise.
+ */
+function isSerializedBuffer(value) {
+    return (typeof value === 'object' &&
+        value !== null &&
+        'type' in value &&
+        value.type === 'Buffer' &&
+        'data' in value &&
+        Array.isArray(value.data));
+}
 class HdKeyring {
-    /* PUBLIC METHODS */
     constructor(opts = {}) {
+        _HdKeyring_instances.add(this);
         this.type = type;
-        this._wallets = [];
+        this.hdPath = hdPathString;
+        _HdKeyring_wallets.set(this, []);
+        _HdKeyring_cryptographicFunctions.set(this, void 0);
         // Cryptographic functions to be used by `@metamask/key-tree`. It will use built-in implementations if not provided here.
-        this._cryptographicFunctions = opts.cryptographicFunctions;
+        __classPrivateFieldSet(this, _HdKeyring_cryptographicFunctions, opts.cryptographicFunctions, "f");
     }
+    /**
+     * Initialize the keyring with a random mnemonic.
+     *
+     * @returns A promise that resolves when the process is complete.
+     */
     async generateRandomMnemonic() {
-        await this._initFromMnemonic((0, scure_bip39_1.generateMnemonic)(english_1.wordlist));
-    }
-    _uint8ArrayToString(mnemonic) {
-        const recoveredIndices = Array.from(new Uint16Array(new Uint8Array(mnemonic).buffer));
-        return recoveredIndices.map((i) => english_1.wordlist[i]).join(' ');
-    }
-    _stringToUint8Array(mnemonic) {
-        const indices = mnemonic.split(' ').map((word) => english_1.wordlist.indexOf(word));
-        return new Uint8Array(new Uint16Array(indices).buffer);
-    }
-    _mnemonicToUint8Array(mnemonic) {
-        let mnemonicData = mnemonic;
-        // when encrypted/decrypted, buffers get cast into js object with a property type set to buffer
-        if (mnemonic && mnemonic.type && mnemonic.type === 'Buffer') {
-            mnemonicData = mnemonic.data;
-        }
-        if (
-        // this block is for backwards compatibility with vaults that were previously stored as buffers, number arrays or plain text strings
-        typeof mnemonicData === 'string' ||
-            Buffer.isBuffer(mnemonicData) ||
-            Array.isArray(mnemonicData)) {
-            let mnemonicAsString = mnemonicData;
-            if (Array.isArray(mnemonicData)) {
-                mnemonicAsString = Buffer.from(mnemonicData).toString();
-            }
-            else if (Buffer.isBuffer(mnemonicData)) {
-                mnemonicAsString = mnemonicData.toString();
-            }
-            return this._stringToUint8Array(mnemonicAsString);
-        }
-        else if (mnemonicData instanceof Object &&
-            !(mnemonicData instanceof Uint8Array)) {
-            // when encrypted/decrypted the Uint8Array becomes a js object we need to cast back to a Uint8Array
-            return Uint8Array.from(Object.values(mnemonicData));
-        }
-        return mnemonicData;
+        await __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_initFromMnemonic).call(this, (0, scure_bip39_1.generateMnemonic)(english_1.wordlist));
     }
+    /**
+     * Return the serialized state of the keyring.
+     *
+     * @returns The serialized state of the keyring.
+     */
     async serialize() {
-        const mnemonicAsString = this._uint8ArrayToString(this.mnemonic);
-        const uint8ArrayMnemonic = new TextEncoder('utf-8').encode(mnemonicAsString);
+        let mnemonic = [];
+        if (this.mnemonic) {
+            const mnemonicAsString = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_uint8ArrayToString).call(this, this.mnemonic);
+            mnemonic = Array.from(new TextEncoder().encode(mnemonicAsString));
+        }
         return {
-            mnemonic: Array.from(uint8ArrayMnemonic),
-            numberOfAccounts: this._wallets.length,
+            mnemonic,
+            numberOfAccounts: __classPrivateFieldGet(this, _HdKeyring_wallets, "f").length,
             hdPath: this.hdPath,
         };
     }
+    /**
+     * Initialize the keyring with the given serialized state.
+     *
+     * @param opts - The serialized state of the keyring.
+     * @returns An empty array.
+     */
     async deserialize(opts = {}) {
         if (opts.numberOfAccounts && !opts.mnemonic) {
             throw new Error('Eth-Hd-Keyring: Deserialize method cannot be called with an opts value for numberOfAccounts and no menmonic');
@@ -74,159 +87,301 @@ class HdKeyring {
         if (this.root) {
             throw new Error('Eth-Hd-Keyring: Secret recovery phrase already provided');
         }
-        this.opts = opts;
-        this._wallets = [];
+        __classPrivateFieldSet(this, _HdKeyring_wallets, [], "f");
         this.mnemonic = null;
         this.root = null;
-        this.hdPath = opts.hdPath || hdPathString;
+        this.hdPath = opts.hdPath ?? hdPathString;
         if (opts.mnemonic) {
-            await this._initFromMnemonic(opts.mnemonic);
+            await __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_initFromMnemonic).call(this, opts.mnemonic);
         }
         if (opts.numberOfAccounts) {
             return this.addAccounts(opts.numberOfAccounts);
         }
         return [];
     }
-    addAccounts(numberOfAccounts = 1) {
+    /**
+     * Add new accounts to the keyring. The accounts will be derived
+     * sequentially from the root HD wallet, using increasing indices.
+     *
+     * @param numberOfAccounts - The number of accounts to add.
+     * @returns The addresses of the new accounts.
+     */
+    async addAccounts(numberOfAccounts = 1) {
         if (!this.root) {
             throw new Error('Eth-Hd-Keyring: No secret recovery phrase provided');
         }
-        const oldLen = this._wallets.length;
+        const oldLen = __classPrivateFieldGet(this, _HdKeyring_wallets, "f").length;
         const newWallets = [];
         for (let i = oldLen; i < numberOfAccounts + oldLen; i++) {
             const wallet = this.root.deriveChild(i);
             newWallets.push(wallet);
-            this._wallets.push(wallet);
+            __classPrivateFieldGet(this, _HdKeyring_wallets, "f").push(wallet);
         }
-        const hexWallets = newWallets.map((w) => {
-            return this._addressfromPublicKey(w.publicKey);
+        const hexWallets = newWallets.map((wallet) => {
+            (0, utils_1.assert)(wallet.publicKey, 'Expected public key to be set');
+            return __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_addressfromPublicKey).call(this, wallet.publicKey);
         });
         return Promise.resolve(hexWallets);
     }
+    /**
+     * Get the addresses of all accounts in the keyring.
+     *
+     * @returns The addresses of all accounts in the keyring.
+     */
     getAccounts() {
-        return this._wallets.map((w) => this._addressfromPublicKey(w.publicKey));
+        return __classPrivateFieldGet(this, _HdKeyring_wallets, "f").map((wallet) => {
+            (0, utils_1.assert)(wallet.publicKey, 'Expected public key to be set');
+            return __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_addressfromPublicKey).call(this, wallet.publicKey);
+        });
     }
-    /* BASE KEYRING METHODS */
-    // returns an address specific to an app
+    /**
+     * Get the public address of the account for the given app key origin.
+     *
+     * @param address - The address of the account.
+     * @param origin - The origin of the app requesting the account.
+     * @returns The public address of the account.
+     */
     async getAppKeyAddress(address, origin) {
         if (!origin || typeof origin !== 'string') {
             throw new Error(`'origin' must be a non-empty string`);
         }
-        const wallet = this._getWalletForAccount(address, {
+        const wallet = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getWalletForAccount).call(this, address, {
             withAppKeyOrigin: origin,
         });
-        const appKeyAddress = (0, eth_sig_util_1.normalize)((0, util_1.publicToAddress)(wallet.publicKey).toString('hex'));
+        (0, utils_1.assert)(wallet.publicKey, 'Expected public key to be set');
+        const appKeyAddress = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_normalizeAddress).call(this, (0, util_1.publicToAddress)(wallet.publicKey).toString('hex'));
         return appKeyAddress;
     }
-    // exportAccount should return a hex-encoded private key:
-    async exportAccount(address, opts = {}) {
-        const wallet = this._getWalletForAccount(address, opts);
-        return (0, utils_2.bytesToHex)(wallet.privateKey);
+    /**
+     * Export the private key for a specific account.
+     *
+     * @param address - The address of the account.
+     * @param opts - The options for exporting the account.
+     * @param opts.withAppKeyOrigin - An optional string to export the account
+     * for a specific app origin.
+     * @returns The private key of the account.
+     */
+    async exportAccount(address, opts) {
+        const wallet = opts
+            ? __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getWalletForAccount).call(this, address, opts)
+            : __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getWalletForAccount).call(this, address);
+        const { privateKey } = wallet;
+        (0, utils_1.assert)(privateKey instanceof Uint8Array, 'Expected private key to be of type Uint8Array');
+        return (0, utils_2.bytesToHex)(privateKey);
     }
-    // tx is an instance of the ethereumjs-transaction class.
+    /**
+     * Sign a transaction using the private key of the specified account.
+     *
+     * @param address - The address of the account.
+     * @param tx - The transaction to sign.
+     * @param opts - The options for signing the transaction.
+     * @returns The signed transaction.
+     */
     async signTransaction(address, tx, opts = {}) {
-        const privKey = this._getPrivateKeyFor(address, opts);
-        const signedTx = tx.sign(privKey);
+        const privKey = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getPrivateKeyFor).call(this, address, opts);
+        const signedTx = tx.sign(Buffer.from(privKey));
         // Newer versions of Ethereumjs-tx are immutable and return a new tx object
-        return signedTx === undefined ? tx : signedTx;
+        return signedTx ?? tx;
     }
-    // For eth_sign, we need to sign arbitrary data:
+    /**
+     * Sign a message using the private key of the specified account.
+     *
+     * @param address - The address of the account.
+     * @param data - The data to sign.
+     * @param opts - The options for signing the message.
+     * @returns The signature of the message.
+     */
     async signMessage(address, data, opts = {}) {
         (0, utils_1.assertIsHexString)(data);
         const message = (0, utils_1.remove0x)(data);
-        const privKey = this._getPrivateKeyFor(address, opts);
-        const msgSig = (0, util_1.ecsign)(Buffer.from(message, 'hex'), privKey);
-        const rawMsgSig = (0, eth_sig_util_1.concatSig)(msgSig.v, msgSig.r, msgSig.s);
+        const privKey = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getPrivateKeyFor).call(this, address, opts);
+        const msgSig = (0, util_1.ecsign)(Buffer.from(message, 'hex'), Buffer.from(privKey));
+        const rawMsgSig = (0, eth_sig_util_1.concatSig)(
+        // WARN: verify this cast to Buffer
+        msgSig.v, msgSig.r, msgSig.s);
         return rawMsgSig;
     }
-    // For personal_sign, we need to prefix the message:
+    /**
+     * Sign a personal message using the private key of the specified account.
+     * This method is compatible with the `personal_sign` RPC method.
+     *
+     * @param address - The address of the account.
+     * @param msgHex - The message to sign.
+     * @param opts - The options for signing the message.
+     * @returns The signature of the message.
+     */
     async signPersonalMessage(address, msgHex, opts = {}) {
-        const privKey = this._getPrivateKeyFor(address, opts);
-        const privateKey = Buffer.from(privKey, 'hex');
-        const sig = (0, eth_sig_util_1.personalSign)({ privateKey, data: msgHex });
-        return sig;
+        const privKey = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getPrivateKeyFor).call(this, address, opts);
+        const privateKey = Buffer.from(privKey);
+        return (0, eth_sig_util_1.personalSign)({ privateKey, data: msgHex });
     }
-    // For eth_decryptMessage:
+    /**
+     * Decrypt an encrypted message using the private key of the specified account.
+     * The message must be encrypted using the public key of the account.
+     * This method is compatible with the `eth_decryptMessage` RPC method
+     *
+     * @param withAccount - The address of the account.
+     * @param encryptedData - The encrypted data.
+     * @returns The decrypted message.
+     */
     async decryptMessage(withAccount, encryptedData) {
-        const wallet = this._getWalletForAccount(withAccount);
+        const wallet = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getWalletForAccount).call(this, withAccount);
         const { privateKey: privateKeyAsUint8Array } = wallet;
+        (0, utils_1.assert)(privateKeyAsUint8Array, 'Expected private key to be set');
         const privateKeyAsHex = Buffer.from(privateKeyAsUint8Array).toString('hex');
-        const sig = (0, eth_sig_util_1.decrypt)({ privateKey: privateKeyAsHex, encryptedData });
-        return sig;
+        return (0, eth_sig_util_1.decrypt)({ privateKey: privateKeyAsHex, encryptedData });
     }
-    // personal_signTypedData, signs data along with the schema
+    /**
+     * Sign a typed message using the private key of the specified account.
+     * This method is compatible with the `eth_signTypedData` RPC method.
+     *
+     * @param withAccount - The address of the account.
+     * @param typedData - The typed data to sign.
+     * @param opts - The options for signing the message.
+     * @returns The signature of the message.
+     */
     async signTypedData(withAccount, typedData, opts = { version: eth_sig_util_1.SignTypedDataVersion.V1 }) {
         // Treat invalid versions as "V1"
         const version = Object.keys(eth_sig_util_1.SignTypedDataVersion).includes(opts.version)
             ? opts.version
             : eth_sig_util_1.SignTypedDataVersion.V1;
-        const privateKey = this._getPrivateKeyFor(withAccount, opts);
-        return (0, eth_sig_util_1.signTypedData)({ privateKey, data: typedData, version });
+        const privateKey = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getPrivateKeyFor).call(this, withAccount, opts);
+        return (0, eth_sig_util_1.signTypedData)({
+            privateKey: Buffer.from(privateKey),
+            data: typedData,
+            version,
+        });
     }
+    /**
+     * Sign an EIP-7702 authorization using the private key of the specified account.
+     * This method is compatible with the EIP-7702 standard for enabling smart contract code for EOAs.
+     *
+     * @param withAccount - The address of the account.
+     * @param authorization - The EIP-7702 authorization to sign.
+     * @param opts - The options for selecting the account.
+     * @returns The signature of the authorization.
+     */
+    async signEip7702Authorization(withAccount, authorization, opts) {
+        const privateKey = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getPrivateKeyFor).call(this, withAccount, opts);
+        return (0, eth_sig_util_1.signEIP7702Authorization)({
+            privateKey: Buffer.from(privateKey),
+            authorization,
+        });
+    }
+    /**
+     * Remove an account from the keyring.
+     *
+     * @param account - The address of the account to remove.
+     */
     removeAccount(account) {
-        const address = (0, eth_sig_util_1.normalize)(account);
-        if (!this._wallets
-            .map(({ publicKey }) => this._addressfromPublicKey(publicKey))
+        const address = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_normalizeAddress).call(this, account);
+        if (!__classPrivateFieldGet(this, _HdKeyring_wallets, "f")
+            .map(({ publicKey }) => publicKey && __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_addressfromPublicKey).call(this, publicKey))
             .includes(address)) {
             throw new Error(`Address ${address} not found in this keyring`);
         }
-        this._wallets = this._wallets.filter(({ publicKey }) => this._addressfromPublicKey(publicKey) !== address);
+        __classPrivateFieldSet(this, _HdKeyring_wallets, __classPrivateFieldGet(this, _HdKeyring_wallets, "f").filter(({ publicKey }) => publicKey && __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_addressfromPublicKey).call(this, publicKey) !== address), "f");
     }
-    // get public key for nacl
+    /**
+     * Get the public key of the account to be used for encryption.
+     *
+     * @param withAccount - The address of the account.
+     * @param opts - The options for selecting the account.
+     * @returns The public key of the account.
+     */
     async getEncryptionPublicKey(withAccount, opts = {}) {
-        const privKey = this._getPrivateKeyFor(withAccount, opts);
-        const publicKey = (0, eth_sig_util_1.getEncryptionPublicKey)(privKey);
+        const privKey = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getPrivateKeyFor).call(this, withAccount, opts);
+        const publicKey = (0, eth_sig_util_1.getEncryptionPublicKey)((0, utils_2.bytesToHex)(privKey));
         return publicKey;
     }
-    _getPrivateKeyFor(address, opts = {}) {
-        if (!address) {
-            throw new Error('Must specify address.');
-        }
-        const wallet = this._getWalletForAccount(address, opts);
-        return wallet.privateKey;
+}
+_HdKeyring_wallets = new WeakMap(), _HdKeyring_cryptographicFunctions = new WeakMap(), _HdKeyring_instances = new WeakSet(), _HdKeyring_uint8ArrayToString = function _HdKeyring_uint8ArrayToString(mnemonic) {
+    const recoveredIndices = Array.from(new Uint16Array(new Uint8Array(mnemonic).buffer));
+    return recoveredIndices.map((i) => english_1.wordlist[i]).join(' ');
+}, _HdKeyring_stringToUint8Array = function _HdKeyring_stringToUint8Array(mnemonic) {
+    const indices = mnemonic.split(' ').map((word) => english_1.wordlist.indexOf(word));
+    return new Uint8Array(new Uint16Array(indices).buffer);
+}, _HdKeyring_mnemonicToUint8Array = function _HdKeyring_mnemonicToUint8Array(mnemonic) {
+    let mnemonicData = mnemonic;
+    // When using `Buffer.toJSON()`, the Buffer is serialized into an object
+    // with the structure `{ type: 'Buffer', data: [...] }`
+    if (isSerializedBuffer(mnemonic)) {
+        mnemonicData = mnemonic.data;
     }
-    _getWalletForAccount(account, opts = {}) {
-        const address = (0, eth_sig_util_1.normalize)(account);
-        let wallet = this._wallets.find(({ publicKey }) => {
-            return this._addressfromPublicKey(publicKey) === address;
-        });
-        if (!wallet) {
-            throw new Error('HD Keyring - Unable to find matching address.');
+    if (
+    // this block is for backwards compatibility with vaults that were previously stored as buffers, number arrays or plain text strings
+    typeof mnemonicData === 'string' ||
+        Buffer.isBuffer(mnemonicData) ||
+        Array.isArray(mnemonicData)) {
+        let mnemonicAsString;
+        if (Array.isArray(mnemonicData)) {
+            mnemonicAsString = Buffer.from(mnemonicData).toString();
         }
-        if (opts.withAppKeyOrigin) {
-            const { privateKey } = wallet;
-            const appKeyOriginBuffer = Buffer.from(opts.withAppKeyOrigin, 'utf8');
-            const appKeyBuffer = Buffer.concat([privateKey, appKeyOriginBuffer]);
-            const appKeyPrivateKey = (0, util_1.arrToBufArr)((0, keccak_1.keccak256)(appKeyBuffer, 256));
-            const appKeyPublicKey = (0, util_1.privateToPublic)(appKeyPrivateKey);
-            wallet = { privateKey: appKeyPrivateKey, publicKey: appKeyPublicKey };
+        else if (Buffer.isBuffer(mnemonicData)) {
+            mnemonicAsString = mnemonicData.toString();
         }
-        return wallet;
-    }
-    /* PRIVATE / UTILITY METHODS */
-    /**
-     * Sets appropriate properties for the keyring based on the given
-     * BIP39-compliant mnemonic.
-     *
-     * @param {string|Array<number>|Buffer} mnemonic - A seed phrase represented
-     * as a string, an array of UTF-8 bytes, or a Buffer. Mnemonic input
-     * passed as type buffer or array of UTF-8 bytes must be NFKD normalized.
-     */
-    async _initFromMnemonic(mnemonic) {
-        if (this.root) {
-            throw new Error('Eth-Hd-Keyring: Secret recovery phrase already provided');
+        else {
+            mnemonicAsString = mnemonicData;
         }
-        this.mnemonic = this._mnemonicToUint8Array(mnemonic);
-        const seed = await (0, key_tree_1.mnemonicToSeed)(this.mnemonic, '', // No passphrase
-        this._cryptographicFunctions);
-        this.hdWallet = hdkey_1.HDKey.fromMasterSeed(seed);
-        this.root = this.hdWallet.derive(this.hdPath);
+        return __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_stringToUint8Array).call(this, mnemonicAsString);
     }
-    // small helper function to convert publicKey in Uint8Array form to a publicAddress as a hex
-    _addressfromPublicKey(publicKey) {
-        return (0, util_1.bufferToHex)((0, util_1.publicToAddress)(Buffer.from(publicKey), true)).toLowerCase();
+    else if (mnemonicData instanceof Object &&
+        !(mnemonicData instanceof Uint8Array)) {
+        // when encrypted/decrypted the Uint8Array becomes a js object we need to cast back to a Uint8Array
+        return Uint8Array.from(Object.values(mnemonicData));
     }
-}
+    (0, utils_1.assert)(mnemonicData instanceof Uint8Array, 'Expected Uint8Array mnemonic');
+    return mnemonicData;
+}, _HdKeyring_getPrivateKeyFor = function _HdKeyring_getPrivateKeyFor(address, opts) {
+    if (!address) {
+        throw new Error('Must specify address.');
+    }
+    const wallet = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_getWalletForAccount).call(this, address, opts);
+    (0, utils_1.assert)(wallet.privateKey, 'Missing private key');
+    return wallet.privateKey;
+}, _HdKeyring_getWalletForAccount = function _HdKeyring_getWalletForAccount(account, { withAppKeyOrigin } = {}) {
+    const address = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_normalizeAddress).call(this, account);
+    const wallet = __classPrivateFieldGet(this, _HdKeyring_wallets, "f").find(({ publicKey }) => {
+        return publicKey && __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_addressfromPublicKey).call(this, publicKey) === address;
+    });
+    if (!wallet) {
+        throw new Error('HD Keyring - Unable to find matching address.');
+    }
+    if (withAppKeyOrigin) {
+        const { privateKey } = wallet;
+        (0, utils_1.assert)(privateKey, 'Expected private key to be set');
+        const appKeyOriginBuffer = Buffer.from(withAppKeyOrigin, 'utf8');
+        const appKeyBuffer = Buffer.concat([privateKey, appKeyOriginBuffer]);
+        const appKeyPrivateKey = (0, util_1.arrToBufArr)((0, keccak_1.keccak256)(appKeyBuffer));
+        const appKeyPublicKey = (0, util_1.privateToPublic)(appKeyPrivateKey);
+        return { privateKey: appKeyPrivateKey, publicKey: appKeyPublicKey };
+    }
+    return wallet;
+}, _HdKeyring_initFromMnemonic = 
+/**
+ * Sets appropriate properties for the keyring based on the given
+ * BIP39-compliant mnemonic.
+ *
+ * @param mnemonic - A seed phrase represented
+ * as a string, an array of UTF-8 bytes, or a Buffer. Mnemonic input
+ * passed as type buffer or array of UTF-8 bytes must be NFKD normalized.
+ */
+async function _HdKeyring_initFromMnemonic(mnemonic) {
+    if (this.root) {
+        throw new Error('Eth-Hd-Keyring: Secret recovery phrase already provided');
+    }
+    this.mnemonic = __classPrivateFieldGet(this, _HdKeyring_instances, "m", _HdKeyring_mnemonicToUint8Array).call(this, mnemonic);
+    const seed = await (0, key_tree_1.mnemonicToSeed)(this.mnemonic, '', // No passphrase
+    __classPrivateFieldGet(this, _HdKeyring_cryptographicFunctions, "f"));
+    this.hdWallet = hdkey_1.HDKey.fromMasterSeed(seed);
+    this.root = this.hdWallet.derive(this.hdPath);
+}, _HdKeyring_addressfromPublicKey = function _HdKeyring_addressfromPublicKey(publicKey) {
+    return (0, utils_1.add0x)((0, util_1.bufferToHex)((0, util_1.publicToAddress)(Buffer.from(publicKey), true)).toLowerCase());
+}, _HdKeyring_normalizeAddress = function _HdKeyring_normalizeAddress(address) {
+    const normalized = (0, eth_sig_util_1.normalize)(address);
+    (0, utils_1.assert)(normalized, 'Expected address to be set');
+    return (0, utils_1.add0x)(normalized);
+};
 HdKeyring.type = type;
 exports.default = HdKeyring;
 //# sourceMappingURL=index.cjs.map