@metamask/eth-simple-keyring 5.0.0

package/CHANGELOG.md

@@ -0,0 +1,25 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [5.0.0]
+### Changed
+- **BREAKING:** Makes version-specific `signTypedData` methods private ([#84](https://github.com/MetaMask/eth-simple-keyring/pull/84))
+    - Consumers should use the generic `signTypedData` method and pass the version they'd like as a property in the options argument.
+- **BREAKING:** Makes the `wallets` property private ([#87](https://github.com/MetaMask/eth-simple-keyring/pull/87))
+    - Consumers should not use this property as it is intended for internal use only.
+- **BREAKING:** Makes `getPrivateKeyFor` a private method ([#83](https://github.com/MetaMask/eth-simple-keyring/pull/83))
+    - Consumers who wish to get the private key for a given account should use the `exportAccount` method.
+- **BREAKING:** Set the minimum Node.js version to 12 ([#68](https://github.com/MetaMask/eth-simple-keyring/pull/68))
+- Always return rejected Promise upon failure ([#85](https://github.com/MetaMask/eth-simple-keyring/pull/85))
+
+### Removed
+- **BREAKING:** Remove redundant `newGethSignMessage` method ([#72](https://github.com/MetaMask/eth-simple-keyring/pull/72))
+    - Consumers can use `signPersonalMessage` method as a replacement for `newGethSignMessage`. 
+
+[Unreleased]: https://github.com/MetaMask/eth-simple-keyring/compare/v5.0.0...HEAD
+[5.0.0]: https://github.com/MetaMask/eth-simple-keyring/releases/tag/v5.0.0

package/LICENSE

@@ -0,0 +1,15 @@
+ISC License
+
+Copyright (c) 2020 MetaMask
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/README.md

@@ -0,0 +1,131 @@
+# Simple Keyring
+
+A simple JS class wrapped around [ethereumjs-wallet](https://github.com/ethereumjs/ethereumjs-wallet) designed to expose an interface common to many different signing strategies to be used in a `KeyringController`; such as the one used in [MetaMask](https://metamask.io/)
+
+## The Keyring Class Protocol
+
+One of the goals of this class is to allow developers to easily add new signing strategies to MetaMask. We call these signing strategies Keyrings, because they can manage multiple keys.
+
+### Keyring.type
+
+A class property that returns a unique string describing the Keyring.
+This is the only class property or method, the remaining methods are instance methods.
+
+### constructor( options )
+
+As a Javascript class, your Keyring object will be used to instantiate new Keyring instances using the new keyword. For example:
+
+```
+const keyring = new YourKeyringClass(options);
+```
+
+The constructor currently receives an options object that will be defined by your keyring-building UI, once the user has gone through the steps required for you to fully instantiate a new keyring. For example, choosing a pattern for a vanity account, or entering a seed phrase.
+
+We haven't defined the protocol for this account-generating UI yet, so for now please ensure your Keyring behaves nicely when not passed any options object.
+
+## Keyring Instance Methods
+
+All below instance methods must return Promises to allow asynchronous resolution.
+
+### serialize()
+
+In this method, you must return any JSON-serializable JavaScript object that you like. It will be encoded to a string, encrypted with the user's password, and stored to disk. This is the same object you will receive in the deserialize() method, so it should capture all the information you need to restore the Keyring's state.
+
+### deserialize( object )
+
+As discussed above, the deserialize() method will be passed the JavaScript object that you returned when the serialize() method was called.
+
+### addAccounts( n = 1 )
+
+The addAccounts(n) method is used to inform your keyring that the user wishes to create a new account. You should perform whatever internal steps are needed so that a call to serialize() will persist the new account, and then return an array of the new account addresses.
+
+The method may be called with or without an argument, specifying the number of accounts to create. You should generally default to 1 per call.
+
+### getAccounts()
+
+When this method is called, you must return an array of hex-string addresses for the accounts that your Keyring is able to sign for.
+
+### signTransaction(address, transaction)
+
+This method will receive a hex-prefixed, all-lowercase address string for the account you should sign the incoming transaction with.
+
+For your convenience, the transaction is an instance of ethereumjs-tx, (https://github.com/ethereumjs/ethereumjs-tx) so signing can be as simple as:
+
+```
+transaction.sign(privateKey)
+```
+
+You must return a valid signed ethereumjs-tx (https://github.com/ethereumjs/ethereumjs-tx) object when complete, it can be the same transaction you received.
+
+### signMessage(address, data)
+
+The `eth_sign` method will receive the incoming data, already hashed, and must sign that hash, and then return the raw signed hash.
+
+### getEncryptionPublicKey(address)
+
+This provides the public key for encryption function.
+
+### decryptMessage(address, data)
+
+The `eth_decryptMessage` method will receive the incoming data in array format that returns `encrypt` function in `eth-sig-util` and must decrypt message, and then return the raw message.
+
+### exportAccount(address)
+
+Exports the specified account as a private key hex string.
+
+### removeAccount(address)
+
+removes the specified account from the list of accounts.
+
+## Contributing
+
+### Setup
+
+- Install [Node.js](https://nodejs.org) version 12
+  - If you are using [nvm](https://github.com/creationix/nvm#installation) (recommended) running `nvm use` will automatically choose the right node version for you.
+- Install [Yarn v3](https://yarnpkg.com/getting-started/install)
+- Run `yarn install` to install dependencies and run any required post-install scripts
+
+### Testing and Linting
+
+Run `yarn test` to run the tests once. To run tests on file changes, run `yarn test:watch`.
+
+Run `yarn lint` to run the linter, or run `yarn lint:fix` to run the linter and fix any automatically fixable issues.
+
+### Release & Publishing
+
+The project follows the same release process as the other libraries in the MetaMask organization. The GitHub Actions [`action-create-release-pr`](https://github.com/MetaMask/action-create-release-pr) and [`action-publish-release`](https://github.com/MetaMask/action-publish-release) are used to automate the release process; see those repositories for more information about how they work.
+
+1. Choose a release version.
+
+   - The release version should be chosen according to SemVer. Analyze the changes to see whether they include any breaking changes, new features, or deprecations, then choose the appropriate SemVer version. See [the SemVer specification](https://semver.org/) for more information.
+
+2. If this release is backporting changes onto a previous release, then ensure there is a major version branch for that version (e.g. `1.x` for a `v1` backport release).
+
+   - The major version branch should be set to the most recent release with that major version. For example, when backporting a `v1.0.2` release, you'd want to ensure there was a `1.x` branch that was set to the `v1.0.1` tag.
+
+3. Trigger the [`workflow_dispatch`](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#workflow_dispatch) event [manually](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the `Create Release Pull Request` action to create the release PR.
+
+   - For a backport release, the base branch should be the major version branch that you ensured existed in step 2. For a normal release, the base branch should be the main branch for that repository (which should be the default value).
+   - This should trigger the [`action-create-release-pr`](https://github.com/MetaMask/action-create-release-pr) workflow to create the release PR.
+
+4. Update the changelog to move each change entry into the appropriate change category ([See here](https://keepachangelog.com/en/1.0.0/#types) for the full list of change categories, and the correct ordering), and edit them to be more easily understood by users of the package.
+
+   - Generally any changes that don't affect consumers of the package (e.g. lockfile changes or development environment changes) are omitted. Exceptions may be made for changes that might be of interest despite not having an effect upon the published package (e.g. major test improvements, security improvements, improved documentation, etc.).
+   - Try to explain each change in terms that users of the package would understand (e.g. avoid referencing internal variables/concepts).
+   - Consolidate related changes into one change entry if it makes it easier to explain.
+   - Run `yarn auto-changelog validate --rc` to check that the changelog is correctly formatted.
+
+5. Review and QA the release.
+
+   - If changes are made to the base branch, the release branch will need to be updated with these changes and review/QA will need to restart again. As such, it's probably best to avoid merging other PRs into the base branch while review is underway.
+
+6. Squash & Merge the release.
+
+   - This should trigger the [`action-publish-release`](https://github.com/MetaMask/action-publish-release) workflow to tag the final release commit and publish the release on GitHub.
+
+7. Publish the release on npm.
+
+   - Be very careful to use a clean local environment to publish the release, and follow exactly the same steps used during CI.
+   - Use `npm publish --dry-run` to examine the release contents to ensure the correct files are included. Compare to previous releases if necessary (e.g. using `https://unpkg.com/browse/[package name]@[package version]/`).
+   - Once you are confident the release contents are correct, publish the release using `npm publish`.

package/index.js

@@ -0,0 +1,206 @@
+const { EventEmitter } = require('events');
+const {
+  isValidPrivate,
+  stripHexPrefix,
+  privateToPublic,
+  bufferToHex,
+  publicToAddress,
+  ecsign,
+  arrToBufArr,
+} = require('@ethereumjs/util');
+const randomBytes = require('randombytes');
+const { keccak256 } = require('ethereum-cryptography/keccak');
+
+const type = 'Simple Key Pair';
+const {
+  concatSig,
+  decrypt,
+  getEncryptionPublicKey,
+  normalize,
+  personalSign,
+  signTypedData,
+  SignTypedDataVersion,
+} = require('@metamask/eth-sig-util');
+
+function generateKey() {
+  const privateKey = randomBytes(32);
+  // I don't think this is possible, but this validation was here previously,
+  // so it has been preserved just in case.
+  // istanbul ignore next
+  if (!isValidPrivate(privateKey)) {
+    throw new Error(
+      'Private key does not satisfy the curve requirements (ie. it is invalid)',
+    );
+  }
+  return privateKey;
+}
+
+class SimpleKeyring extends EventEmitter {
+  constructor(opts) {
+    super();
+    this.type = type;
+    this._wallets = [];
+    this.deserialize(opts);
+  }
+
+  async serialize() {
+    return this._wallets.map(({ privateKey }) => privateKey.toString('hex'));
+  }
+
+  async deserialize(privateKeys = []) {
+    this._wallets = privateKeys.map((hexPrivateKey) => {
+      const strippedHexPrivateKey = stripHexPrefix(hexPrivateKey);
+      const privateKey = Buffer.from(strippedHexPrivateKey, 'hex');
+      const publicKey = privateToPublic(privateKey);
+      return { privateKey, publicKey };
+    });
+  }
+
+  async addAccounts(n = 1) {
+    const newWallets = [];
+    for (let i = 0; i < n; i++) {
+      const privateKey = generateKey();
+      const publicKey = privateToPublic(privateKey);
+      newWallets.push({ privateKey, publicKey });
+    }
+    this._wallets = this._wallets.concat(newWallets);
+    const hexWallets = newWallets.map(({ publicKey }) =>
+      bufferToHex(publicToAddress(publicKey)),
+    );
+    return hexWallets;
+  }
+
+  async getAccounts() {
+    return this._wallets.map(({ publicKey }) =>
+      bufferToHex(publicToAddress(publicKey)),
+    );
+  }
+
+  // tx is an instance of the ethereumjs-transaction class.
+  async signTransaction(address, tx, opts = {}) {
+    const privKey = this._getPrivateKeyFor(address, opts);
+    const signedTx = tx.sign(privKey);
+    // Newer versions of Ethereumjs-tx are immutable and return a new tx object
+    return signedTx === undefined ? tx : signedTx;
+  }
+
+  // For eth_sign, we need to sign arbitrary data:
+  async signMessage(address, data, opts = {}) {
+    const message = stripHexPrefix(data);
+    const privKey = this._getPrivateKeyFor(address, opts);
+    const msgSig = ecsign(Buffer.from(message, 'hex'), privKey);
+    const rawMsgSig = concatSig(msgSig.v, msgSig.r, msgSig.s);
+    return rawMsgSig;
+  }
+
+  // For personal_sign, we need to prefix the message:
+  async signPersonalMessage(address, msgHex, opts = {}) {
+    const privKey = this._getPrivateKeyFor(address, opts);
+    const privateKey = Buffer.from(privKey, 'hex');
+    const sig = personalSign({ privateKey, data: msgHex });
+    return sig;
+  }
+
+  // For eth_decryptMessage:
+  async decryptMessage(withAccount, encryptedData) {
+    const wallet = this._getWalletForAccount(withAccount);
+    const { privateKey } = wallet;
+    const sig = decrypt({ privateKey, encryptedData });
+    return sig;
+  }
+
+  // personal_signTypedData, signs data along with the schema
+  async signTypedData(
+    withAccount,
+    typedData,
+    opts = { version: SignTypedDataVersion.V1 },
+  ) {
+    // Treat invalid versions as "V1"
+    const version = Object.keys(SignTypedDataVersion).includes(opts.version)
+      ? opts.version
+      : SignTypedDataVersion.V1;
+
+    const privateKey = this._getPrivateKeyFor(withAccount, opts);
+    return signTypedData({ privateKey, data: typedData, version });
+  }
+
+  // get public key for nacl
+  async getEncryptionPublicKey(withAccount, opts = {}) {
+    const privKey = this._getPrivateKeyFor(withAccount, opts);
+    const publicKey = getEncryptionPublicKey(privKey);
+    return publicKey;
+  }
+
+  _getPrivateKeyFor(address, opts = {}) {
+    if (!address) {
+      throw new Error('Must specify address.');
+    }
+    const wallet = this._getWalletForAccount(address, opts);
+    return wallet.privateKey;
+  }
+
+  // returns an address specific to an app
+  async getAppKeyAddress(address, origin) {
+    if (!origin || typeof origin !== 'string') {
+      throw new Error(`'origin' must be a non-empty string`);
+    }
+    const wallet = this._getWalletForAccount(address, {
+      withAppKeyOrigin: origin,
+    });
+    const appKeyAddress = normalize(
+      publicToAddress(wallet.publicKey).toString('hex'),
+    );
+    return appKeyAddress;
+  }
+
+  // exportAccount should return a hex-encoded private key:
+  async exportAccount(address, opts = {}) {
+    const wallet = this._getWalletForAccount(address, opts);
+    return wallet.privateKey.toString('hex');
+  }
+
+  removeAccount(address) {
+    if (
+      !this._wallets
+        .map(({ publicKey }) =>
+          bufferToHex(publicToAddress(publicKey)).toLowerCase(),
+        )
+        .includes(address.toLowerCase())
+    ) {
+      throw new Error(`Address ${address} not found in this keyring`);
+    }
+
+    this._wallets = this._wallets.filter(
+      ({ publicKey }) =>
+        bufferToHex(publicToAddress(publicKey)).toLowerCase() !==
+        address.toLowerCase(),
+    );
+  }
+
+  /**
+   * @private
+   */
+  _getWalletForAccount(account, opts = {}) {
+    const address = normalize(account);
+    let wallet = this._wallets.find(
+      ({ publicKey }) => bufferToHex(publicToAddress(publicKey)) === address,
+    );
+    if (!wallet) {
+      throw new Error('Simple Keyring - Unable to find matching address.');
+    }
+
+    if (opts.withAppKeyOrigin) {
+      const { privateKey } = wallet;
+      const appKeyOriginBuffer = Buffer.from(opts.withAppKeyOrigin, 'utf8');
+      const appKeyBuffer = Buffer.concat([privateKey, appKeyOriginBuffer]);
+      const appKeyPrivateKey = arrToBufArr(keccak256(appKeyBuffer, 256));
+      const appKeyPublicKey = privateToPublic(appKeyPrivateKey);
+      wallet = { privateKey: appKeyPrivateKey, publicKey: appKeyPublicKey };
+    }
+
+    return wallet;
+  }
+}
+
+SimpleKeyring.type = type;
+module.exports = SimpleKeyring;

package/package.json

@@ -0,0 +1,70 @@
+{
+  "name": "@metamask/eth-simple-keyring",
+  "version": "5.0.0",
+  "description": "A simple standard interface for a series of Ethereum private keys.",
+  "keywords": [
+    "ethereum",
+    "keyring"
+  ],
+  "homepage": "https://github.com/MetaMask/eth-simple-keyring#readme",
+  "bugs": {
+    "url": "https://github.com/MetaMask/eth-simple-keyring/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/MetaMask/eth-simple-keyring.git"
+  },
+  "license": "ISC",
+  "author": "Dan Finlay",
+  "main": "index.js",
+  "files": [
+    "index.js"
+  ],
+  "scripts": {
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "lint:eslint": "eslint . --cache --ext js,ts",
+    "lint:misc": "prettier '**/*.json' '**/*.md' '!CHANGELOG.md' '**/*.yml' '!.yarnrc.yml' --ignore-path .gitignore --no-error-on-unmatched-pattern",
+    "lint": "yarn lint:eslint && yarn lint:misc --check",
+    "lint:fix": "yarn lint:eslint --fix && yarn lint:misc --write"
+  },
+  "dependencies": {
+    "@ethereumjs/util": "^8.0.0",
+    "@metamask/eth-sig-util": "^5.0.1",
+    "ethereum-cryptography": "^1.1.2",
+    "randombytes": "^2.1.0"
+  },
+  "devDependencies": {
+    "@ethereumjs/tx": "^4.0.0",
+    "@lavamoat/allow-scripts": "^2.1.0",
+    "@metamask/auto-changelog": "^3.0.0",
+    "@metamask/eslint-config": "^8.0.0",
+    "@metamask/eslint-config-jest": "^11.0.0",
+    "@metamask/eslint-config-nodejs": "^11.0.1",
+    "@types/jest": "^26.0.24",
+    "eslint": "^7.30.0",
+    "eslint-config-prettier": "^8.3.0",
+    "eslint-plugin-import": "^2.23.4",
+    "eslint-plugin-jest": "^27.1.5",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-prettier": "^3.4.0",
+    "jest": "^27.0.6",
+    "prettier": "^2.3.2",
+    "prettier-plugin-packagejson": "^2.2.11"
+  },
+  "engines": {
+    "node": ">=14.0.0"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  },
+  "lavamoat": {
+    "allowScripts": {
+      "keccak": true,
+      "secp256k1": true,
+      "@lavamoat/preinstall-always-fail": false
+    }
+  },
+  "packageManager": "yarn@3.3.0"
+}

package/test/index.js

@@ -0,0 +1,759 @@
+const {
+  stripHexPrefix,
+  bufferToHex,
+  toBuffer,
+  ecrecover,
+  pubToAddress,
+  isValidAddress,
+} = require('@ethereumjs/util');
+const { keccak256 } = require('ethereum-cryptography/keccak');
+const {
+  encrypt,
+  getEncryptionPublicKey,
+  personalSign,
+  recoverPersonalSignature,
+  recoverTypedSignature,
+  signTypedData,
+  SignTypedDataVersion,
+} = require('@metamask/eth-sig-util');
+const {
+  TransactionFactory,
+  Transaction: EthereumTx,
+} = require('@ethereumjs/tx');
+const SimpleKeyring = require('..');
+
+const TYPE_STR = 'Simple Key Pair';
+
+// Sample account:
+const testAccount = {
+  key: '0xb8a9c05beeedb25df85f8d641538cbffedf67216048de9c678ee26260eb91952',
+  address: '0x01560cd3bac62cc6d7e6380600d9317363400896',
+};
+
+const notKeyringAddress = '0xbD20F6F5F1616947a39E11926E78ec94817B3931';
+
+describe('simple-keyring', function () {
+  let keyring;
+  beforeEach(function () {
+    keyring = new SimpleKeyring();
+  });
+
+  describe('Keyring.type', function () {
+    it('is a class property that returns the type string.', function () {
+      const { type } = SimpleKeyring;
+      expect(type).toBe(TYPE_STR);
+    });
+  });
+
+  describe('#serialize empty wallets.', function () {
+    it('serializes an empty array', async function () {
+      const output = await keyring.serialize();
+      expect(output).toHaveLength(0);
+    });
+  });
+
+  describe('#deserialize a private key', function () {
+    it('serializes what it deserializes', async function () {
+      await keyring.deserialize([testAccount.key]);
+      const serialized = await keyring.serialize();
+      expect(serialized).toHaveLength(1);
+      expect(serialized[0]).toBe(stripHexPrefix(testAccount.key));
+    });
+  });
+
+  describe('#constructor with a private key', function () {
+    it('has the correct addresses', async function () {
+      const newKeyring = new SimpleKeyring([testAccount.key]);
+      const accounts = await newKeyring.getAccounts();
+      expect(accounts).toStrictEqual([testAccount.address]);
+    });
+  });
+
+  describe('#signTransaction', function () {
+    const address = '0x9858e7d8b79fc3e6d989636721584498926da38a';
+    const privateKey =
+      '0x7dd98753d7b4394095de7d176c58128e2ed6ee600abe97c9f6d9fd65015d9b18';
+    const txParams = {
+      from: address,
+      nonce: '0x00',
+      gasPrice: '0x09184e72a000',
+      gasLimit: '0x2710',
+      to: address,
+      value: '0x1000',
+    };
+
+    it('returns a signed legacy tx object', async function () {
+      await keyring.deserialize([privateKey]);
+      const tx = new EthereumTx(txParams);
+      expect(tx.isSigned()).toBe(false);
+
+      const signed = await keyring.signTransaction(address, tx);
+      expect(signed.isSigned()).toBe(true);
+    });
+
+    it('returns a signed tx object', async function () {
+      await keyring.deserialize([privateKey]);
+      const tx = TransactionFactory.fromTxData(txParams);
+      expect(tx.isSigned()).toBe(false);
+
+      const signed = await keyring.signTransaction(address, tx);
+      expect(signed.isSigned()).toBe(true);
+    });
+
+    it('returns rejected promise if empty address is passed', async function () {
+      await keyring.deserialize([privateKey]);
+      const tx = TransactionFactory.fromTxData(txParams);
+      await expect(keyring.signTransaction('', tx)).rejects.toThrow(
+        'Must specify address.',
+      );
+    });
+
+    it('throw error if wrong address is passed', async function () {
+      await keyring.deserialize([privateKey]);
+      const tx = TransactionFactory.fromTxData(txParams);
+      await expect(
+        keyring.signTransaction(notKeyringAddress, tx),
+      ).rejects.toThrow('Simple Keyring - Unable to find matching address.');
+    });
+  });
+
+  describe('#signMessage', function () {
+    const address = '0x9858e7d8b79fc3e6d989636721584498926da38a';
+    const message =
+      '0x879a053d4800c6354e76c7985a865d2922c82fb5b3f4577b2fe08b998954f2e0';
+    const privateKey =
+      '0x7dd98753d7b4394095de7d176c58128e2ed6ee600abe97c9f6d9fd65015d9b18';
+    const expectedResult =
+      '0x28fcb6768e5110144a55b2e6ce9d1ea5a58103033632d272d2b5cf506906f7941a00b539383fd872109633d8c71c404e13dba87bc84166ee31b0e36061a69e161c';
+
+    it('passes the dennis test', async function () {
+      await keyring.deserialize([privateKey]);
+      const result = await keyring.signMessage(address, message);
+      expect(result).toBe(expectedResult);
+    });
+
+    it('reliably can decode messages it signs', async function () {
+      await keyring.deserialize([privateKey]);
+      const localMessage = 'hello there!';
+      const msgHashHex = bufferToHex(keccak256(Buffer.from(localMessage)));
+
+      await keyring.addAccounts(9);
+      const addresses = await keyring.getAccounts();
+      const signatures = await Promise.all(
+        addresses.map(async (accountAddress) => {
+          return await keyring.signMessage(accountAddress, msgHashHex);
+        }),
+      );
+      signatures.forEach((sgn, index) => {
+        const accountAddress = addresses[index];
+
+        const r = toBuffer(sgn.slice(0, 66));
+        const s = toBuffer(`0x${sgn.slice(66, 130)}`);
+        const v = BigInt(`0x${sgn.slice(130, 132)}`);
+        const m = toBuffer(msgHashHex);
+        const pub = ecrecover(m, v, r, s);
+        const adr = `0x${pubToAddress(pub).toString('hex')}`;
+
+        expect(adr).toBe(accountAddress);
+      });
+    });
+
+    it('throw error for invalid message', async function () {
+      await keyring.deserialize([privateKey]);
+      await expect(keyring.signMessage(address, '')).rejects.toThrow(
+        'Cannot convert 0x to a BigInt',
+      );
+    });
+
+    it('throw error if empty address is passed', async function () {
+      await keyring.deserialize([privateKey]);
+      await expect(keyring.signMessage('', message)).rejects.toThrow(
+        'Must specify address.',
+      );
+    });
+
+    it('throw error if address not associated with the current keyring is passed', async function () {
+      await keyring.deserialize([privateKey]);
+      await expect(
+        keyring.signMessage(notKeyringAddress, message),
+      ).rejects.toThrow('Simple Keyring - Unable to find matching address.');
+    });
+  });
+
+  describe('#addAccounts', function () {
+    describe('with no arguments', function () {
+      it('creates a single wallet', async function () {
+        await keyring.addAccounts();
+        const serializedKeyring = await keyring.serialize();
+        expect(serializedKeyring).toHaveLength(1);
+      });
+    });
+
+    describe('with a numeric argument', function () {
+      it('creates that number of wallets', async function () {
+        await keyring.addAccounts(3);
+        const serializedKeyring = await keyring.serialize();
+        expect(serializedKeyring).toHaveLength(3);
+      });
+    });
+  });
+
+  describe('#getAccounts', function () {
+    it('should return a list of addresses in wallet', async function () {
+      // Push a mock wallet
+      keyring.deserialize([testAccount.key]);
+
+      const output = await keyring.getAccounts();
+      expect(output).toHaveLength(1);
+      expect(output[0]).toBe(testAccount.address);
+    });
+  });
+
+  describe('#removeAccount', function () {
+    describe('if the account exists', function () {
+      it('should remove that account', async function () {
+        await keyring.addAccounts();
+        const addresses = await keyring.getAccounts();
+        expect(addresses).toHaveLength(1);
+        keyring.removeAccount(addresses[0]);
+        const addressesAfterRemoval = await keyring.getAccounts();
+        expect(addressesAfterRemoval).toHaveLength(0);
+      });
+    });
+
+    describe('if the account does not exist', function () {
+      it('should throw an error', function () {
+        const unexistingAccount = '0x0000000000000000000000000000000000000000';
+        expect(() => keyring.removeAccount(unexistingAccount)).toThrow(
+          `Address ${unexistingAccount} not found in this keyring`,
+        );
+      });
+    });
+  });
+
+  describe('#signPersonalMessage', function () {
+    const address = '0xbe93f9bacbcffc8ee6663f2647917ed7a20a57bb';
+    const privateKey = Buffer.from(
+      '6969696969696969696969696969696969696969696969696969696969696969',
+      'hex',
+    );
+    const privKeyHex = bufferToHex(privateKey);
+    const message = '0x68656c6c6f20776f726c64';
+    const expectedSignature =
+      '0xce909e8ea6851bc36c007a0072d0524b07a3ff8d4e623aca4c71ca8e57250c4d0a3fc38fa8fbaaa81ead4b9f6bd03356b6f8bf18bccad167d78891636e1d69561b';
+
+    it('returns the expected value', async function () {
+      await keyring.deserialize([privKeyHex]);
+      const signature = await keyring.signPersonalMessage(address, message);
+      expect(signature).toBe(expectedSignature);
+
+      const restored = recoverPersonalSignature({
+        data: message,
+        signature,
+      });
+      expect(restored).toBe(address);
+    });
+
+    it('throw error if empty address is passed', async function () {
+      await keyring.deserialize([privKeyHex]);
+      await expect(keyring.signPersonalMessage('', message)).rejects.toThrow(
+        'Must specify address.',
+      );
+    });
+
+    it('throw error if wrong address is passed', async function () {
+      await keyring.deserialize([privKeyHex]);
+      await expect(
+        keyring.signPersonalMessage(notKeyringAddress, message),
+      ).rejects.toThrow('Simple Keyring - Unable to find matching address.');
+    });
+  });
+
+  describe('#signTypedData', function () {
+    const address = '0x29c76e6ad8f28bb1004902578fb108c507be341b';
+    const privKeyHex =
+      '4af1bceebf7f3634ec3cff8a2c38e51178d5d4ce585c52d6043e5e2cc3418bb0';
+    const expectedSignature =
+      '0x49e75d475d767de7fcc67f521e0d86590723d872e6111e51c393e8c1e2f21d032dfaf5833af158915f035db6af4f37bf2d5d29781cd81f28a44c5cb4b9d241531b';
+
+    const typedData = [
+      {
+        type: 'string',
+        name: 'message',
+        value: 'Hi, Alice!',
+      },
+    ];
+
+    it('returns the expected value', async function () {
+      await keyring.deserialize([privKeyHex]);
+      const signature = await keyring.signTypedData(address, typedData);
+      expect(signature).toBe(expectedSignature);
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V1,
+      });
+      expect(restored).toBe(address);
+    });
+
+    it('returns the expected value if invalid version is given', async function () {
+      await keyring.deserialize([privKeyHex]);
+      const signature = await keyring.signTypedData(address, typedData, {
+        version: 'FOO',
+      });
+      expect(signature).toBe(expectedSignature);
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V1,
+      });
+      expect(restored).toBe(address);
+    });
+  });
+
+  describe('#signTypedData V1', function () {
+    const address = '0x29c76e6ad8f28bb1004902578fb108c507be341b';
+    const privKeyHex =
+      '4af1bceebf7f3634ec3cff8a2c38e51178d5d4ce585c52d6043e5e2cc3418bb0';
+    const expectedSignature =
+      '0x49e75d475d767de7fcc67f521e0d86590723d872e6111e51c393e8c1e2f21d032dfaf5833af158915f035db6af4f37bf2d5d29781cd81f28a44c5cb4b9d241531b';
+
+    const typedData = [
+      {
+        type: 'string',
+        name: 'message',
+        value: 'Hi, Alice!',
+      },
+    ];
+
+    it('returns the expected value', async function () {
+      await keyring.deserialize([privKeyHex]);
+      const signature = await keyring.signTypedData(address, typedData, {
+        version: 'V1',
+      });
+      expect(signature).toBe(expectedSignature);
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V1,
+      });
+      expect(restored).toBe(address);
+    });
+
+    it('works via version paramter', async function () {
+      await keyring.deserialize([privKeyHex]);
+      const signature = await keyring.signTypedData(address, typedData);
+      expect(signature).toBe(expectedSignature);
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V1,
+      });
+      expect(restored).toBe(address);
+    });
+  });
+
+  describe('#signTypedData V3', function () {
+    const address = '0x29c76e6ad8f28bb1004902578fb108c507be341b';
+    const privKeyHex =
+      '0x4af1bceebf7f3634ec3cff8a2c38e51178d5d4ce585c52d6043e5e2cc3418bb0';
+
+    it('returns the expected value', async function () {
+      const typedData = {
+        types: {
+          EIP712Domain: [],
+        },
+        domain: {},
+        primaryType: 'EIP712Domain',
+        message: {},
+      };
+
+      await keyring.deserialize([privKeyHex]);
+      const signature = await keyring.signTypedData(address, typedData, {
+        version: 'V3',
+      });
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V3,
+      });
+      expect(restored).toBe(address);
+    });
+  });
+
+  describe('#signTypedData V3 signature verification', function () {
+    const privKeyHex =
+      'c85ef7d79691fe79573b1a7064c19c1a9819ebdbd1faaab1a8ec92344438aaf4';
+    const expectedSignature =
+      '0x4355c47d63924e8a72e509b65029052eb6c299d53a04e167c5775fd466751c9d07299936d304c153f6443dfa05f40ff007d72911b6f72307f996231605b915621c';
+
+    it('returns the expected value', async function () {
+      const typedData = {
+        types: {
+          EIP712Domain: [
+            { name: 'name', type: 'string' },
+            { name: 'version', type: 'string' },
+            { name: 'chainId', type: 'uint256' },
+            { name: 'verifyingContract', type: 'address' },
+          ],
+          Person: [
+            { name: 'name', type: 'string' },
+            { name: 'wallet', type: 'address' },
+          ],
+          Mail: [
+            { name: 'from', type: 'Person' },
+            { name: 'to', type: 'Person' },
+            { name: 'contents', type: 'string' },
+          ],
+        },
+        primaryType: 'Mail',
+        domain: {
+          name: 'Ether Mail',
+          version: '1',
+          chainId: 1,
+          verifyingContract: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC',
+        },
+        message: {
+          from: {
+            name: 'Cow',
+            wallet: '0xCD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826',
+          },
+          to: {
+            name: 'Bob',
+            wallet: '0xbBbBBBBbbBBBbbbBbbBbbbbBBbBbbbbBbBbbBBbB',
+          },
+          contents: 'Hello, Bob!',
+        },
+      };
+
+      await keyring.deserialize([privKeyHex]);
+      const addresses = await keyring.getAccounts();
+      const [address] = addresses;
+      const signature = await keyring.signTypedData(address, typedData, {
+        version: 'V3',
+      });
+      expect(signature).toBe(expectedSignature);
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V3,
+      });
+      expect(restored).toBe(address);
+    });
+  });
+
+  describe('#signTypedData V4', function () {
+    const address = '0x29c76e6ad8f28bb1004902578fb108c507be341b';
+    const privKeyHex =
+      '0x4af1bceebf7f3634ec3cff8a2c38e51178d5d4ce585c52d6043e5e2cc3418bb0';
+
+    it('returns the expected value', async function () {
+      const typedData = {
+        types: {
+          EIP712Domain: [],
+        },
+        domain: {},
+        primaryType: 'EIP712Domain',
+        message: {},
+      };
+
+      await keyring.deserialize([privKeyHex]);
+      const signature = await keyring.signTypedData(address, typedData, {
+        version: 'V4',
+      });
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V4,
+      });
+      expect(restored).toBe(address);
+    });
+  });
+
+  describe('#decryptMessage', function () {
+    const address = '0xbe93f9bacbcffc8ee6663f2647917ed7a20a57bb';
+    const privateKey = Buffer.from(
+      '6969696969696969696969696969696969696969696969696969696969696969',
+      'hex',
+    );
+    const privKeyHex = bufferToHex(privateKey);
+    const message = 'Hello world!';
+    const encryptedMessage = encrypt({
+      publicKey: getEncryptionPublicKey(privateKey),
+      data: message,
+      version: 'x25519-xsalsa20-poly1305',
+    });
+
+    it('returns the expected value', async function () {
+      await keyring.deserialize([privKeyHex]);
+      const decryptedMessage = await keyring.decryptMessage(
+        address,
+        encryptedMessage,
+      );
+      expect(message).toBe(decryptedMessage);
+    });
+
+    it('throw error if address passed is not present in the keyring', async function () {
+      await keyring.deserialize([privKeyHex]);
+      await expect(
+        keyring.decryptMessage(notKeyringAddress, encryptedMessage),
+      ).rejects.toThrow('Simple Keyring - Unable to find matching address.');
+    });
+
+    it('throw error if wrong encrypted data object is passed', async function () {
+      await keyring.deserialize([privKeyHex]);
+      await expect(keyring.decryptMessage(address, {})).rejects.toThrow(
+        'Encryption type/version not supported.',
+      );
+    });
+  });
+
+  describe('#encryptionPublicKey', function () {
+    const address = '0xbe93f9bacbcffc8ee6663f2647917ed7a20a57bb';
+    const privateKey = Buffer.from(
+      '6969696969696969696969696969696969696969696969696969696969696969',
+      'hex',
+    );
+    const publicKey = 'GxuMqoE2oHsZzcQtv/WMNB3gCH2P6uzynuwO1P0MM1U=';
+    const privKeyHex = bufferToHex(privateKey);
+
+    it('returns the expected value', async function () {
+      await keyring.deserialize([privKeyHex]);
+      const encryptionPublicKey = await keyring.getEncryptionPublicKey(
+        address,
+        privateKey,
+      );
+      expect(publicKey).toBe(encryptionPublicKey);
+    });
+
+    it('throw error if address is blank', async function () {
+      await keyring.deserialize([privKeyHex]);
+      await expect(
+        keyring.getEncryptionPublicKey('', privateKey),
+      ).rejects.toThrow('Must specify address.');
+    });
+
+    it('throw error if address is not present in the keyring', async function () {
+      await keyring.deserialize([privKeyHex]);
+      await expect(
+        keyring.getEncryptionPublicKey(notKeyringAddress, privateKey),
+      ).rejects.toThrow('Simple Keyring - Unable to find matching address.');
+    });
+  });
+
+  describe('#signTypedData V4 signature verification', function () {
+    const privKeyHex =
+      'c85ef7d79691fe79573b1a7064c19c1a9819ebdbd1faaab1a8ec92344438aaf4';
+    const expectedSignature =
+      '0x65cbd956f2fae28a601bebc9b906cea0191744bd4c4247bcd27cd08f8eb6b71c78efdf7a31dc9abee78f492292721f362d296cf86b4538e07b51303b67f749061b';
+
+    it('returns the expected value', async function () {
+      const typedData = {
+        types: {
+          EIP712Domain: [
+            { name: 'name', type: 'string' },
+            { name: 'version', type: 'string' },
+            { name: 'chainId', type: 'uint256' },
+            { name: 'verifyingContract', type: 'address' },
+          ],
+          Person: [
+            { name: 'name', type: 'string' },
+            { name: 'wallets', type: 'address[]' },
+          ],
+          Mail: [
+            { name: 'from', type: 'Person' },
+            { name: 'to', type: 'Person[]' },
+            { name: 'contents', type: 'string' },
+          ],
+          Group: [
+            { name: 'name', type: 'string' },
+            { name: 'members', type: 'Person[]' },
+          ],
+        },
+        domain: {
+          name: 'Ether Mail',
+          version: '1',
+          chainId: 1,
+          verifyingContract: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC',
+        },
+        primaryType: 'Mail',
+        message: {
+          from: {
+            name: 'Cow',
+            wallets: [
+              '0xCD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826',
+              '0xDeaDbeefdEAdbeefdEadbEEFdeadbeEFdEaDbeeF',
+            ],
+          },
+          to: [
+            {
+              name: 'Bob',
+              wallets: [
+                '0xbBbBBBBbbBBBbbbBbbBbbbbBBbBbbbbBbBbbBBbB',
+                '0xB0BdaBea57B0BDABeA57b0bdABEA57b0BDabEa57',
+                '0xB0B0b0b0b0b0B000000000000000000000000000',
+              ],
+            },
+          ],
+          contents: 'Hello, Bob!',
+        },
+      };
+
+      await keyring.deserialize([privKeyHex]);
+
+      const addresses = await keyring.getAccounts();
+      const [address] = addresses;
+
+      const signature = await keyring.signTypedData(address, typedData, {
+        version: 'V4',
+      });
+      expect(signature).toBe(expectedSignature);
+      const restored = recoverTypedSignature({
+        data: typedData,
+        signature,
+        version: SignTypedDataVersion.V4,
+      });
+      expect(restored).toBe(address);
+    });
+  });
+
+  describe('getAppKeyAddress', function () {
+    it('should return a public address custom to the provided app key origin', async function () {
+      const { address } = testAccount;
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+
+      const appKeyAddress = await simpleKeyring.getAppKeyAddress(
+        address,
+        'someapp.origin.io',
+      );
+
+      expect(address).not.toBe(appKeyAddress);
+      expect(isValidAddress(appKeyAddress)).toBe(true);
+    });
+
+    it('should return different addresses when provided different app key origins', async function () {
+      const { address } = testAccount;
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+
+      const appKeyAddress1 = await simpleKeyring.getAppKeyAddress(
+        address,
+        'someapp.origin.io',
+      );
+
+      expect(isValidAddress(appKeyAddress1)).toBe(true);
+
+      const appKeyAddress2 = await simpleKeyring.getAppKeyAddress(
+        address,
+        'anotherapp.origin.io',
+      );
+
+      expect(isValidAddress(appKeyAddress2)).toBe(true);
+      expect(appKeyAddress1).not.toBe(appKeyAddress2);
+    });
+
+    it('should return the same address when called multiple times with the same params', async function () {
+      const { address } = testAccount;
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+
+      const appKeyAddress1 = await simpleKeyring.getAppKeyAddress(
+        address,
+        'someapp.origin.io',
+      );
+
+      expect(isValidAddress(appKeyAddress1)).toBe(true);
+
+      const appKeyAddress2 = await simpleKeyring.getAppKeyAddress(
+        address,
+        'someapp.origin.io',
+      );
+
+      expect(isValidAddress(appKeyAddress2)).toBe(true);
+      expect(appKeyAddress1).toBe(appKeyAddress2);
+    });
+
+    it('should throw error if the provided origin is not a string', async function () {
+      const { address } = testAccount;
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+
+      await expect(simpleKeyring.getAppKeyAddress(address, [])).rejects.toThrow(
+        `'origin' must be a non-empty string`,
+      );
+    });
+
+    it('should throw error if the provided origin is an empty string', async function () {
+      const { address } = testAccount;
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+
+      await expect(simpleKeyring.getAppKeyAddress(address, '')).rejects.toThrow(
+        `'origin' must be a non-empty string`,
+      );
+    });
+  });
+
+  describe('exportAccount', function () {
+    it('should return a hex-encoded private key', async function () {
+      const { address } = testAccount;
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+      const privKeyHexValue = await simpleKeyring.exportAccount(address);
+      expect(testAccount.key).toBe(`0x${privKeyHexValue}`);
+    });
+
+    it('throw error if account is not present', async function () {
+      await expect(keyring.exportAccount(notKeyringAddress)).rejects.toThrow(
+        'Simple Keyring - Unable to find matching address.',
+      );
+    });
+  });
+
+  describe('signing methods withAppKeyOrigin option', function () {
+    it('should signPersonalMessage with the expected key when passed a withAppKeyOrigin', async function () {
+      const { address } = testAccount;
+      const message = '0x68656c6c6f20776f726c64';
+
+      const privateKeyHex =
+        '4fbe006f0e9c2374f53eb1aef1b6970d20206c61ea05ad9591ef42176eb842c0';
+      const privateKey = Buffer.from(privateKeyHex, 'hex');
+      const expectedSignature = personalSign({ privateKey, data: message });
+
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+      const signature = await simpleKeyring.signPersonalMessage(
+        address,
+        message,
+        {
+          withAppKeyOrigin: 'someapp.origin.io',
+        },
+      );
+
+      expect(expectedSignature).toBe(signature);
+    });
+
+    it('should signTypedData V3 with the expected key when passed a withAppKeyOrigin', async function () {
+      const { address } = testAccount;
+      const typedData = {
+        types: {
+          EIP712Domain: [],
+        },
+        domain: {},
+        primaryType: 'EIP712Domain',
+        message: {},
+      };
+
+      const privateKeyHex =
+        '4fbe006f0e9c2374f53eb1aef1b6970d20206c61ea05ad9591ef42176eb842c0';
+      const privateKey = Buffer.from(privateKeyHex, 'hex');
+      const expectedSignature = signTypedData({
+        privateKey,
+        data: typedData,
+        version: SignTypedDataVersion.V3,
+      });
+
+      const simpleKeyring = new SimpleKeyring([testAccount.key]);
+      const signature = await simpleKeyring.signTypedData(address, typedData, {
+        withAppKeyOrigin: 'someapp.origin.io',
+        version: 'V3',
+      });
+
+      expect(expectedSignature).toBe(signature);
+    });
+  });
+});