@mybucks.online/core 1.1.2 → 2.0.0

package/README.md

@@ -79,11 +79,31 @@ console.log("https://app.mybucks.online/#wallet=" + token);
 
 ```javascript
 import { parseToken } from "@mybucks.online/core";
-const [passphrase, pin, network] = parseToken(token);
+const [passphrase, pin, network, legacy] = parseToken(token);
 console.log("Account credentials are: ", passphrase, pin);
 console.log("Network: ", network);
+console.log("Legacy token: ", legacy); // true if token was in legacy format
 ```
 
+## Changes (default vs legacy)
+
+To make the wallet more secure and resilient against attacks, and to meet standards and follow best practices (e.g. NIST SP 800-132, OWASP, RFC 7914), we introduced a new version that is now the default. A **`legacy`** flag is available for backward compatibility with existing wallets and tokens.
+
+**Scrypt parameters (default)**  
+- **N** is increased from 2^15 to **2^17** to raise the memory cost and make GPU/ASIC brute-force attacks much harder.  
+- **p** is reduced from 5 to **1** so hashing time stays the same or lower for users while resistance to brute-force is improved.
+
+**Salt generation (default)**  
+- Legacy used only the **last 4 characters of the passphrase** plus the pin, which discarded most of the passphrase entropy.  
+- The default now derives the salt from the **full passphrase and pin** via a structured encoding and adds a **domain separator** so hashes are bound to this KDF and not reusable in other protocols or versions.
+
+**Token generation (default)**  
+- Legacy encoded the transfer-link token by **concatenating** passphrase, pin and network with a delimiter, which is ambiguous for some inputs.  
+- The default uses **ABI encoding** for the payload so there is no concatenation ambiguity.  
+- `parseToken` accepts both legacy and default token formats automatically and returns `[passphrase, pin, network, legacy]`, where `legacy` is `true` if the token was in legacy format.
+
+Use `generateHash(passphrase, pin, cb, true)` or `generateToken(passphrase, pin, network, true)` only when you need to match existing legacy wallets or tokens.
+
 ## Test
 ```bash
 npm run test

package/index.js

@@ -8,13 +8,24 @@ import zxcvbn from "zxcvbn";
 const { scrypt } = scryptJS;
 const abi = new ethers.AbiCoder();
 
-const HASH_OPTIONS = {
+// Domain separator for the default (non-legacy) KDF path to prevent
+// cross-protocol and cross-version hash reuse.
+const KDF_DOMAIN_SEPARATOR = "mybucks.online-core.generateHash.v2";
+
+const HASH_OPTIONS_LEGACY = {
   N: 32768, // CPU/memory cost parameter, 2^15
   r: 8, // block size parameter
   p: 5, // parallelization parameter
   keyLen: 64,
 };
 
+const HASH_OPTIONS = {
+  N: 131072, // CPU/memory cost parameter, 2^17, OWASP recommendation
+  r: 8, // block size parameter
+  p: 1, // parallelization parameter
+  keyLen: 64,
+};
+
 export const PASSPHRASE_MIN_LENGTH = 12;
 export const PASSPHRASE_MAX_LENGTH = 128;
 export const PIN_MIN_LENGTH = 6;
@@ -24,22 +35,31 @@ export const PIN_MAX_LENGTH = 16;
  * This function computes the scrypt hash using provided passphrase and pin inputs.
  * Passphrase and pin are validated by length (see PASSPHRASE_MIN/MAX_LENGTH, PIN_MIN/MAX_LENGTH) and zxcvbn; invalid or weak values are rejected (returns "").
  *
- * @param {*} passphrase - Length in [PASSPHRASE_MIN_LENGTH, PASSPHRASE_MAX_LENGTH], zxcvbn score >= 3
- * @param {*} pin - Length in [PIN_MIN_LENGTH, PIN_MAX_LENGTH], zxcvbn score >= 1
+ * @param {string} passphrase - Length in [PASSPHRASE_MIN_LENGTH, PASSPHRASE_MAX_LENGTH], zxcvbn score >= 3
+ * @param {string} pin - Length in [PIN_MIN_LENGTH, PIN_MAX_LENGTH], zxcvbn score >= 1
  * @param {*} cb a callback function designed to receive the progress updates during the scrypt hashing process.
+ * @param {boolean} legacy - when true, uses the legacy behavior (HASH_OPTIONS_LEGACY and the original salt generation using the last 4 characters of passphrase plus the full pin); when false, uses HASH_OPTIONS and a keccak256-based salt derived from ABI-encoding passphrase and pin
  * @returns hash result as string format, or "" if passphrase/pin missing or too weak
  */
-export async function generateHash(passphrase, pin, cb = () => {}) {
+export async function generateHash(
+  passphrase,
+  pin,
+  cb = () => {},
+  legacy = false,
+) {
   if (!passphrase || !pin) {
     return "";
   }
 
-  const passphraseLen = String(passphrase).length;
-  if (passphraseLen < PASSPHRASE_MIN_LENGTH || passphraseLen > PASSPHRASE_MAX_LENGTH) {
+  const passphraseLen = passphrase.length;
+  if (
+    passphraseLen < PASSPHRASE_MIN_LENGTH ||
+    passphraseLen > PASSPHRASE_MAX_LENGTH
+  ) {
     return "";
   }
 
-  const pinLen = String(pin).length;
+  const pinLen = pin.length;
   if (pinLen < PIN_MIN_LENGTH || pinLen > PIN_MAX_LENGTH) {
     return "";
   }
@@ -54,19 +74,31 @@ export async function generateHash(passphrase, pin, cb = () => {}) {
     return "";
   }
 
-  const salt = `${passphrase.slice(-4)}${pin}`;
-
   const passwordBuffer = Buffer.from(passphrase);
-  const saltBuffer = Buffer.from(salt);
+  let saltBuffer;
+
+  if (legacy) {
+    const legacySalt = `${passphrase.slice(-4)}${pin}`;
+    saltBuffer = Buffer.from(legacySalt);
+  } else {
+    const encoded = abi.encode(
+      ["string", "string", "string"],
+      [KDF_DOMAIN_SEPARATOR, passphrase, pin],
+    );
+    const saltHash = ethers.keccak256(encoded);
+    saltBuffer = Buffer.from(saltHash.slice(2), "hex");
+  }
+
+  const options = legacy ? HASH_OPTIONS_LEGACY : HASH_OPTIONS;
 
   const hashBuffer = await scrypt(
     passwordBuffer,
     saltBuffer,
-    HASH_OPTIONS.N,
-    HASH_OPTIONS.r,
-    HASH_OPTIONS.p,
-    HASH_OPTIONS.keyLen,
-    cb
+    options.N,
+    options.r,
+    options.p,
+    options.keyLen,
+    cb,
   );
 
   return Buffer.from(hashBuffer).toString("hex");
@@ -103,6 +135,8 @@ export function getTronWalletAddress(hash) {
 }
 
 const URL_DELIMITER = "\u0002";
+const TOKEN_VERSION_ABI = 0x02;
+
 const NETWORKS = [
   "ethereum",
   "polygon",
@@ -114,16 +148,18 @@ const NETWORKS = [
   "tron",
 ];
 /**
- * This function generates a transfer-link token by encoding passphrase and PIN by Base64 and adding random padding.
+ * This function generates a transfer-link token by encoding passphrase, pin and network, and adding random padding.
  * The transfer-link enables users to send their full ownership of a wallet account to another user for gifting or airdropping.
- * Passphrase and PIN are validated with zxcvbn; weak values are rejected (returns null).
+ * Passphrase and PIN are validated by length (see PASSPHRASE_MIN/MAX_LENGTH, PIN_MIN/MAX_LENGTH) and zxcvbn; invalid or weak values are rejected (returns null).
+ * When legacy is false, payload is ABI-encoded to avoid concatenation ambiguity; when true, uses URL_DELIMITER concatenation.
  *
- * @param {*} passphrase - Must have zxcvbn score >= 3
- * @param {*} PIN - Must have zxcvbn score >= 1
- * @param {*} network ethereum | polygon | arbitrum | optimism | bsc | avalanche | base | tron
+ * @param {string} passphrase - Length in [PASSPHRASE_MIN_LENGTH, PASSPHRASE_MAX_LENGTH], zxcvbn score >= 3
+ * @param {string} pin - Length in [PIN_MIN_LENGTH, PIN_MAX_LENGTH], zxcvbn score >= 1
+ * @param {string} network - ethereum | polygon | arbitrum | optimism | bsc | avalanche | base | tron
+ * @param {boolean} legacy - when true, use URL_DELIMITER concatenation; when false, use ABI encoding for the payload
  * @returns A string formatted as a transfer-link token, which can be appended to `https://app.mybucks.online#wallet=`, or null if invalid/weak
  */
-export function generateToken(passphrase, pin, network) {
+export function generateToken(passphrase, pin, network, legacy = false) {
   if (!passphrase || !pin || !network) {
     return null;
   }
@@ -131,6 +167,19 @@ export function generateToken(passphrase, pin, network) {
     return null;
   }
 
+  const passphraseLen = passphrase.length;
+  if (
+    passphraseLen < PASSPHRASE_MIN_LENGTH ||
+    passphraseLen > PASSPHRASE_MAX_LENGTH
+  ) {
+    return null;
+  }
+
+  const pinLen = pin.length;
+  if (pinLen < PIN_MIN_LENGTH || pinLen > PIN_MAX_LENGTH) {
+    return null;
+  }
+
   if (zxcvbn(passphrase).score < 3) {
     return null;
   }
@@ -138,23 +187,48 @@ export function generateToken(passphrase, pin, network) {
     return null;
   }
 
-  const merged = Buffer.from(
-    passphrase + URL_DELIMITER + pin + URL_DELIMITER + network,
-    "utf-8"
-  );
-  const base64Encoded = merged.toString("base64");
+  let payloadBuffer;
+  if (legacy) {
+    payloadBuffer = Buffer.from(
+      passphrase + URL_DELIMITER + pin + URL_DELIMITER + network,
+      "utf-8",
+    );
+  } else {
+    const encoded = abi.encode(
+      ["string", "string", "string"],
+      [passphrase, pin, network],
+    );
+    const encodedBuffer = Buffer.from(encoded.slice(2), "hex");
+    payloadBuffer = Buffer.concat([
+      Buffer.from([TOKEN_VERSION_ABI]),
+      encodedBuffer,
+    ]);
+  }
+
+  const base64Encoded = payloadBuffer.toString("base64");
   const padding = nanoid(12);
   return padding.slice(0, 6) + base64Encoded + padding.slice(6);
 }
 
 /**
  * This function parses a transfer-link token generated by generateToken().
- * @param {*} token
- * @returns an array of strings, including the passphrase, pin and network.
+ * Tokens with version byte 0x02 are ABI-decoded; otherwise payload is treated as legacy (UTF-8 + URL_DELIMITER).
+ * @param {string} token - token string returned by generateToken()
+ * @returns {[string, string, string, boolean]} [passphrase, pin, network, legacy] - legacy is true if token was in legacy format, false if ABI-encoded
  */
 export function parseToken(token) {
   const payload = token.slice(6, token.length - 6);
-  const base64Decoded = Buffer.from(payload, "base64").toString("utf-8");
-  const [passphrase, pin, network] = base64Decoded.split(URL_DELIMITER);
-  return [passphrase, pin, network];
+  const decoded = Buffer.from(payload, "base64");
+
+  if (decoded[0] === TOKEN_VERSION_ABI) {
+    const hex = "0x" + decoded.subarray(1).toString("hex");
+    const [passphrase, pin, network] = abi.decode(
+      ["string", "string", "string"],
+      hex,
+    );
+    return [passphrase, pin, network, false];
+  }
+  const str = decoded.toString("utf-8");
+  const [passphrase, pin, network] = str.split(URL_DELIMITER);
+  return [passphrase, pin, network, true];
 }

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@mybucks.online/core",
-  "version": "1.1.2",
+  "version": "2.0.0",
   "description": "Core module of Mybucks.online Crypto Wallet",
   "main": "index.js",
   "type": "module",
   "scripts": {
-    "test": "node test/index.test.js"
+    "test": "node test/index.test.js && node test/legacy.test.js"
   },
   "repository": {
     "type": "git",

package/test/index.test.js

@@ -14,16 +14,15 @@ const DEMO_PIN = "112324";
 const DEMO_NETWORK = "optimism";
 
 const DEMO_HASH =
-  "af9a22d75f8f69d33fe8fc294e8f413219d9c75374dec07fda2e4a66868599609887a10e04981e17356d2c07432fc89c11089172fdf91c0015b9a4beef11e447";
+  "70198936dedf67b784a0a7271fca9e562467754eb012a8c9f3a97aaf4e2be725b0995ebfc9112a18395214b3357368f7e2812a23d013c2b42dec0701bc44dd68";
 const DEMO_PRIVATE_KEY =
-  "0x71743de900c63ed741263a2a4513c1b1829e80bd9f18d5d3a593e651b914cb3b";
-const DEMO_WALLET_EVM_ADDRESS = "0x347CEB6Bf002Ee1819009bA07d8dCAA95Efe6465";
-const DEMO_WALLET_TRON_ADDRESS = "TEkjnbpr2cTgRFgmrbv2Gb7GdgupZ5Sh3A";
+  "0x942d4f1a0e4bc3b525db81eacba59131ceef498e401142b821613e20539b89e7";
+const DEMO_WALLET_EVM_ADDRESS = "0xC3Bb18Ed137577e5482fA7C6AEaca8b3F68Dafba";
+const DEMO_WALLET_TRON_ADDRESS = "TTp8uDeig42XdefAoTGWTj61uNMYvEVnXR";
 
-const DEMO_TRANSFER_TOKEN =
-  "VWnsSGRGVtb0FjY291bnQ1JgIxMTIzMjQCb3B0aW1pc20=_wNovT";
+const DEMO_LEGACY_TOKEN = "VWnsSGRGVtb0FjY291bnQ1JgIxMTIzMjQCb3B0aW1pc20=_wNovT";
 
-describe("generateHash", () => {
+describe("generateHash (default)", () => {
   test("should return empty string if passphrase or pin is blank", async () => {
     const hash = await generateHash("", "");
     assert.strictEqual(hash, "");
@@ -63,35 +62,80 @@ describe("generateHash", () => {
     }
   });
 
-  test("should return scrypt hash result", async () => {
+  test("should return empty string if passphrase length is out of range", async () => {
+    const tooShort = "Abc!23xy"; // strong-ish but below min length
+    const tooLong = "Str0ng-and-L0ng-Passphrase-!".repeat(6); // strong but above max length
+
+    const hashShort = await generateHash(tooShort, DEMO_PIN);
+    const hashLong = await generateHash(tooLong, DEMO_PIN);
+
+    assert.strictEqual(hashShort, "");
+    assert.strictEqual(hashLong, "");
+  });
+
+  test("should return empty string if pin length is out of range", async () => {
+    const tooShort = "12aB!"; // strong-ish but below min length
+    const tooLong = "9aB!9aB!9aB!9aB!9"; // strong but above max length (> 16 chars)
+
+    const hashShort = await generateHash(DEMO_PASSPHRASE, tooShort);
+    const hashLong = await generateHash(DEMO_PASSPHRASE, tooLong);
+
+    assert.strictEqual(hashShort, "");
+    assert.strictEqual(hashLong, "");
+  });
+
+  test("should return valid scrypt hash result", async () => {
     const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN);
     assert.strictEqual(hash, DEMO_HASH);
   });
+
+  test("should return same hash for same passphrase and pin (deterministic)", async () => {
+    const hash1 = await generateHash(DEMO_PASSPHRASE, DEMO_PIN);
+    const hash2 = await generateHash(DEMO_PASSPHRASE, DEMO_PIN);
+    assert.strictEqual(hash1, hash2);
+  });
+
+  test("should generate different results for same naive concatenation", async () => {
+    // These two pairs share the same concatenated string
+    // passphrase1 + pin1 === passphrase2 + pin2
+    const passphrase1 = "My-1st-car-was-a-red-Ford-2005!";
+    const pin1 = "909011";
+    const passphrase2 = "My-1st-car-was-a-red-Ford-";
+    const pin2 = "2005!909011";
+
+    const hash1 = await generateHash(passphrase1, pin1);
+    const hash2 = await generateHash(passphrase2, pin2);
+
+    assert.notStrictEqual(hash1, "");
+    assert.notStrictEqual(hash2, "");
+    assert.notStrictEqual(
+      hash1,
+      hash2,
+      "hashes must differ even when naive concatenation matches"
+    );
+  });
 });
 
-describe("getEvmPrivateKey", () => {
-  test("should return 256bit private key", async () => {
+describe("getEvmPrivateKey (default)", () => {
+  test("should return 256bit private key from default hash", async () => {
     const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN);
     const privateKey = getEvmPrivateKey(hash);
-
     assert.strictEqual(privateKey, DEMO_PRIVATE_KEY);
   });
 });
 
-describe("getEvmWalletAddress", () => {
-  test("should return a valid wallet address", async () => {
+describe("getEvmWalletAddress (default)", () => {
+  test("should return a valid wallet address from default hash", async () => {
     const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN);
     const address = getEvmWalletAddress(hash);
-
     assert.strictEqual(address, DEMO_WALLET_EVM_ADDRESS);
   });
 });
 
-describe("getTronWalletAddress", () => {
-  test("should return a valid wallet address", async () => {
+describe("getTronWalletAddress (default)", () => {
+  test("should return a valid TRON wallet address from default hash", async () => {
     const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN);
     const address = getTronWalletAddress(hash);
-
     assert.strictEqual(address, DEMO_WALLET_TRON_ADDRESS);
   });
 });
@@ -105,6 +149,20 @@ describe("generateToken", () => {
     assert.strictEqual(generateToken("passphrase", "123456", "invalid"), null);
   });
 
+  test("should return null if passphrase length is out of range", () => {
+    const tooShort = "Abc!23xy"; // strong-ish but below min length
+    const tooLong = "Str0ng-and-L0ng-Passphrase-!".repeat(6); // strong but above max length
+    assert.strictEqual(generateToken(tooShort, DEMO_PIN, DEMO_NETWORK), null);
+    assert.strictEqual(generateToken(tooLong, DEMO_PIN, DEMO_NETWORK), null);
+  });
+
+  test("should return null if pin length is out of range", () => {
+    const tooShort = "12aB!"; // strong-ish but below min length
+    const tooLong = "9aB!9aB!9aB!9aB!9"; // strong but above max length (> 16 chars)
+    assert.strictEqual(generateToken(DEMO_PASSPHRASE, tooShort, DEMO_NETWORK), null);
+    assert.strictEqual(generateToken(DEMO_PASSPHRASE, tooLong, DEMO_NETWORK), null);
+  });
+
   test("should return null for weak passphrase (zxcvbn score < 3)", () => {
     const weakPassphrases = [
       "password",
@@ -141,68 +199,137 @@ describe("generateToken", () => {
     }
   });
 
-  test("should return valid token", async () => {
-    const token = generateToken(DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK);
+  test("should return valid token with padding (legacy=false)", () => {
+    const token = generateToken(DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK, false);
+    assert.ok(token !== null);
+    assert.ok(token.length >= 6 + 6, "token has 6-char prefix and suffix padding");
+  });
 
-    // The first and last 6 characters serve as random padding.
-    assert.strictEqual(
-      token.slice(6, token.length - 6),
-      DEMO_TRANSFER_TOKEN.slice(6, DEMO_TRANSFER_TOKEN.length - 6)
-    );
+  test("should return valid token with padding (legacy=true)", () => {
+    const token = generateToken(DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK, true);
+    assert.ok(token !== null);
+    assert.ok(token.length >= 6 + 6, "token has 6-char prefix and suffix padding");
   });
 
-  test("should return valid token for all networks", async () => {
-    assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "ethereum"),
-      null
-    );
-    assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "polygon"),
-      null
-    );
-    assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "arbitrum"),
-      null
-    );
-    assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "optimism"),
-      null
-    );
-    assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "bsc"),
-      null
-    );
-    assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "avalanche"),
-      null
-    );
-    assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "base"),
-      null
+  test("should return different token for same inputs when legacy true vs false", () => {
+    const tokenLegacy = generateToken(DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK, true);
+    const tokenAbi = generateToken(DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK, false);
+    const payloadLegacy = tokenLegacy.slice(6, tokenLegacy.length - 6);
+    const payloadAbi = tokenAbi.slice(6, tokenAbi.length - 6);
+    assert.notStrictEqual(payloadLegacy, payloadAbi, "payloads must differ (legacy vs ABI encoding)");
+  });
+
+  test("should generate different results for same naive concatenation (legacy=false)", () => {
+    const network = "polygon";
+    const passphrase1 = "My-1st-car-was-a-red-Ford-2005!";
+    const pin1 = "909011";
+    const passphrase2 = "My-1st-car-was-a-red-Ford-";
+    const pin2 = "2005!909011";
+    assert.strictEqual(
+      passphrase1 + pin1 + network,
+      passphrase2 + pin2 + network,
+      "same naive concatenation"
     );
+
+    const token1 = generateToken(passphrase1, pin1, network, false);
+    const token2 = generateToken(passphrase2, pin2, network, false);
+
+    assert.ok(token1 !== null);
+    assert.ok(token2 !== null);
+    const payload1 = token1.slice(6, token1.length - 6);
+    const payload2 = token2.slice(6, token2.length - 6);
     assert.notStrictEqual(
-      generateToken(DEMO_PASSPHRASE, DEMO_PIN, "tron"),
-      null
+      payload1,
+      payload2,
+      "payloads must differ even when naive concatenation matches"
     );
   });
+
+  test("should return valid token for all networks (legacy=false)", () => {
+    const networks = [
+      "ethereum",
+      "polygon",
+      "arbitrum",
+      "optimism",
+      "bsc",
+      "avalanche",
+      "base",
+      "tron",
+    ];
+    for (const network of networks) {
+      assert.notStrictEqual(
+        generateToken(DEMO_PASSPHRASE, DEMO_PIN, network, false),
+        null
+      );
+    }
+  });
+
+  test("should return valid token for all networks (legacy=true)", () => {
+    const networks = [
+      "ethereum",
+      "polygon",
+      "arbitrum",
+      "optimism",
+      "bsc",
+      "avalanche",
+      "base",
+      "tron",
+    ];
+    for (const network of networks) {
+      assert.notStrictEqual(
+        generateToken(DEMO_PASSPHRASE, DEMO_PIN, network, true),
+        null
+      );
+    }
+  });
 });
 
 describe("parseToken", () => {
-  test("should return array of passphrase, pin, and network", () => {
-    const [passphrase, pin, network] = parseToken(DEMO_TRANSFER_TOKEN);
+  test("should return [passphrase, pin, network, legacy] for token generated with legacy=false", () => {
+    const token = generateToken(DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK, false);
+    const [passphrase, pin, network, legacy] = parseToken(token);
+    assert.strictEqual(passphrase, DEMO_PASSPHRASE);
+    assert.strictEqual(pin, DEMO_PIN);
+    assert.strictEqual(network, DEMO_NETWORK);
+    assert.strictEqual(legacy, false);
+  });
 
+  test("should return [passphrase, pin, network, legacy] for token generated with legacy=true", () => {
+    const token = generateToken(DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK, true);
+    const [passphrase, pin, network, legacy] = parseToken(token);
     assert.strictEqual(passphrase, DEMO_PASSPHRASE);
     assert.strictEqual(pin, DEMO_PIN);
     assert.strictEqual(network, DEMO_NETWORK);
+    assert.strictEqual(legacy, true);
+  });
+
+  test("should parse DEMO_LEGACY_TOKEN and return DEMO_PASSPHRASE, DEMO_PIN, DEMO_NETWORK and legacy=true", () => {
+    const [passphrase, pin, network, legacy] = parseToken(DEMO_LEGACY_TOKEN);
+    assert.strictEqual(passphrase, DEMO_PASSPHRASE);
+    assert.strictEqual(pin, DEMO_PIN);
+    assert.strictEqual(network, DEMO_NETWORK);
+    assert.strictEqual(legacy, true);
   });
 });
 
 describe("generateToken and parseToken", () => {
-  test("should be compatible and return correct result", () => {
+  test("should round-trip when legacy=false", () => {
+    const testPassphrase = "My-1st-car-was-a-red-Ford-2005!";
+    const testPin = "909011";
+    const testNetwork = "polygon";
+    const token = generateToken(testPassphrase, testPin, testNetwork, false);
+
+    const [passphrase, pin, network] = parseToken(token);
+    assert.strictEqual(passphrase, testPassphrase);
+    assert.strictEqual(pin, testPin);
+    assert.strictEqual(network, testNetwork);
+  });
+
+  test("should round-trip when legacy=true", () => {
     const testPassphrase = "My-1st-car-was-a-red-Ford-2005!";
     const testPin = "909011";
     const testNetwork = "polygon";
-    const token = generateToken(testPassphrase, testPin, testNetwork);
+    const token = generateToken(testPassphrase, testPin, testNetwork, true);
 
     const [passphrase, pin, network] = parseToken(token);
     assert.strictEqual(passphrase, testPassphrase);

package/test/legacy.test.js

@@ -0,0 +1,91 @@
+import assert from "node:assert";
+import { describe, test } from "node:test";
+import {
+  generateHash,
+  getEvmPrivateKey,
+  getEvmWalletAddress,
+  getTronWalletAddress,
+} from "../index.js";
+
+const DEMO_PASSPHRASE = "DemoAccount5&";
+const DEMO_PIN = "112324";
+
+const DEMO_HASH =
+  "af9a22d75f8f69d33fe8fc294e8f413219d9c75374dec07fda2e4a66868599609887a10e04981e17356d2c07432fc89c11089172fdf91c0015b9a4beef11e447";
+const DEMO_PRIVATE_KEY =
+  "0x71743de900c63ed741263a2a4513c1b1829e80bd9f18d5d3a593e651b914cb3b";
+const DEMO_WALLET_EVM_ADDRESS = "0x347CEB6Bf002Ee1819009bA07d8dCAA95Efe6465";
+const DEMO_WALLET_TRON_ADDRESS = "TEkjnbpr2cTgRFgmrbv2Gb7GdgupZ5Sh3A";
+
+describe("generateHash (legacy)", () => {
+  test("should return empty string if passphrase or pin is blank", async () => {
+    const hash = await generateHash("", "", () => {}, true);
+    assert.strictEqual(hash, "");
+  });
+
+  test("should return empty string for weak passphrase (zxcvbn score < 3)", async () => {
+    const weakPassphrases = [
+      "password",
+      "asdfasdf",
+      "123123123",
+      "P@ssw0rd",
+      "London123",
+      "oxford2024",
+      "John19821012",
+      "asdfASDFaSdf",
+      "qwerqwerqwer",
+      "1234567890",
+      "Julia18921012",
+    ];
+    for (const passphrase of weakPassphrases) {
+      const hash = await generateHash(passphrase, DEMO_PIN, () => {}, true);
+      assert.strictEqual(hash, "");
+    }
+  });
+
+  test("should return empty string for weak pin (zxcvbn score < 1)", async () => {
+    const weakPins = [
+      "111111",
+      "111111111111111",
+      "12341234",
+      "aaaaaaaaaa",
+      "asdfasdf",
+    ];
+    for (const pin of weakPins) {
+      const hash = await generateHash(DEMO_PASSPHRASE, pin, () => {}, true);
+      assert.strictEqual(hash, "", `Expected "" for weak pin "${pin}"`);
+    }
+  });
+
+  test("should return scrypt hash result", async () => {
+    const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN, () => {}, true);
+    assert.strictEqual(hash, DEMO_HASH);
+  });
+});
+
+describe("getEvmPrivateKey (legacy)", () => {
+  test("should return 256bit private key", async () => {
+    const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN, () => {}, true);
+    const privateKey = getEvmPrivateKey(hash);
+
+    assert.strictEqual(privateKey, DEMO_PRIVATE_KEY);
+  });
+});
+
+describe("getEvmWalletAddress (legacy)", () => {
+  test("should return a valid wallet address", async () => {
+    const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN, () => {}, true);
+    const address = getEvmWalletAddress(hash);
+
+    assert.strictEqual(address, DEMO_WALLET_EVM_ADDRESS);
+  });
+});
+
+describe("getTronWalletAddress (legacy)", () => {
+  test("should return a valid wallet address", async () => {
+    const hash = await generateHash(DEMO_PASSPHRASE, DEMO_PIN, () => {}, true);
+    const address = getTronWalletAddress(hash);
+
+    assert.strictEqual(address, DEMO_WALLET_TRON_ADDRESS);
+  });
+});