@neuraiproject/neurai-key 3.1.0 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/README.md +38 -12
  2. package/dist/NeuraiKey.global.js +4461 -2883
  3. package/dist/NeuraiKey.global.js.map +1 -1
  4. package/dist/browser.js +4462 -2884
  5. package/dist/browser.js.map +1 -1
  6. package/dist/index.cjs +4466 -2883
  7. package/dist/index.cjs.map +1 -1
  8. package/dist/index.d.ts +30 -3
  9. package/dist/index.js +165 -30
  10. package/dist/index.js.map +1 -1
  11. package/package.json +1 -1
package/README.md CHANGED
@@ -5,7 +5,7 @@ Generate Neurai addresses from a mnemonic phrase following the standards BIP32,
5
5
  That is, use your 12 words to get addresses for Neurai mainnet and testnet.
6
6
 
7
7
  **NPM**: https://www.npmjs.com/package/@neuraiproject/neurai-key
8
- **CDN**: https://cdn.jsdelivr.net/npm/@neuraiproject/neurai-key@3.1.0/dist/NeuraiKey.global.js
8
+ **CDN**: https://cdn.jsdelivr.net/npm/@neuraiproject/neurai-key@4.0.0/dist/NeuraiKey.global.js
9
9
 
10
10
  ## Features
11
11
 
@@ -23,9 +23,15 @@ That is, use your 12 words to get addresses for Neurai mainnet and testnet.
23
23
 
24
24
  ## Compatibility Note
25
25
 
26
- Starting in `3.1.0`, PQ AuthScript descriptors are computed as `0x01 || HASH160(0x05 || rawPublicKey)` to match `neurai-sign-transaction` and the node implementation.
26
+ Starting in `4.0.0`, PQ HD derivation uses a native PQ tree (HMAC-SHA512 with `"Neurai PQ seed"`, all derivation levels hardened, path `m_pq/100'/coin'/0'/0'/index'`). The extended private key format is also updated (prefix `xpqp...` mainnet / `tpqp...` testnet, 74-byte padded layout matching BIP32 xprv length).
27
27
 
28
- This changes PQ AuthScript addresses and commitments compared to older releases of this library. If you previously generated PQ addresses with an older version of `neurai-key`, treat them as legacy outputs and verify fund exposure before migrating.
28
+ These are breaking changes versus `3.x`:
29
+ - PQ addresses produced from the same mnemonic will differ between `3.x` and `4.x`.
30
+ - PQ extended private keys exported by `3.x` (leading `DeG1...` / `Ck5n...`) are not readable by `4.x`.
31
+
32
+ If you have mnemonics from `3.x`, keep them — the mnemonic is the authoritative backup. Any funds on `3.x` PQ addresses should be moved before upgrading.
33
+
34
+ Since `3.1.0`, PQ AuthScript descriptors are computed as `0x01 || HASH160(0x05 || rawPublicKey)` to match `neurai-sign-transaction` and the node implementation.
29
35
 
30
36
  ## Network Types
31
37
 
@@ -38,7 +44,7 @@ This library supports three Neurai network configurations:
38
44
  The main difference is the derivation path and address encoding:
39
45
  - **XNA**: mainnet `m/44'/1900'/0'/0/0`, testnet `m/44'/1'/0'/0/0` — Base58Check (recommended for new wallets)
40
46
  - **XNA Legacy**: mainnet `m/44'/0'/0'/0/0`, testnet `m/44'/1'/0'/0/0` — Base58Check (for compatibility with older wallets)
41
- - **XNA PostQuantum**: mainnet `m/100'/1900'/0'/0/0`, testnet default/external `m/100'/1'/0'/0/0` — Bech32m (`nq1` / `tnq1`)
47
+ - **XNA PostQuantum**: mainnet `m_pq/100'/1900'/0'/0'/0'`, testnet default/external `m_pq/100'/1'/0'/0'/0'` — Bech32m (`nq1` / `tnq1`), native PQ HD tree with hardened-only derivation
42
48
 
43
49
  **Note**: Using different network types will generate completely different addresses from the same mnemonic.
44
50
 
@@ -226,10 +232,10 @@ Outputs
226
232
  authType: 1, // 0x01 = PQ single-key auth
227
233
  authDescriptor: '01...', // 0x01 || HASH160(0x05 || pq_pubkey)
228
234
  commitment: '...', // tagged_hash("NeuraiAuthScript", ...)
229
- path: "m/100'/1900'/0'/0/0", // PQ derivation path
235
+ path: "m_pq/100'/1900'/0'/0'/0'", // PQ derivation path (native PQ tree, all hardened)
230
236
  publicKey: '...', // ML-DSA-44 public key (2624 hex chars = 1312 bytes)
231
237
  privateKey: '...', // ML-DSA-44 private key (5120 hex chars = 2560 bytes)
232
- seedKey: '...', // 32-byte BIP32 seed used for ML-DSA keygen (64 hex chars)
238
+ seedKey: '...', // 32-byte native PQ seed used for ML-DSA keygen (64 hex chars)
233
239
  witnessScript: '51' // default OP_TRUE script for simple PQ auth
234
240
  }
235
241
  ```
@@ -344,10 +350,28 @@ console.log(legacyAuth.publicKey);
344
350
 
345
351
  ```javascript
346
352
  const hdKey = NeuraiKey.getPQHDKey("xna-pq", mnemonic);
347
- const addr0 = NeuraiKey.getPQAddressByPath("xna-pq", hdKey, "m/100'/1900'/0'/0/0");
348
- const addr1 = NeuraiKey.getPQAddressByPath("xna-pq", hdKey, "m/100'/1900'/0'/0/1");
353
+ const addr0 = NeuraiKey.getPQAddressByPath("xna-pq", hdKey, "m_pq/100'/1900'/0'/0'/0'");
354
+ const addr1 = NeuraiKey.getPQAddressByPath("xna-pq", hdKey, "m_pq/100'/1900'/0'/0'/1'");
349
355
  ```
350
356
 
357
+ All PQ derivation levels are hardened; a non-hardened segment (`.../0/0`) throws.
358
+
359
+ ### Export / import a PQ extended private key
360
+
361
+ ```javascript
362
+ const hdKey = NeuraiKey.getPQHDKey("xna-pq", mnemonic);
363
+
364
+ // Serialize master (or any subtree) as xpqpriv / tpqpriv
365
+ const xpqpriv = NeuraiKey.pqExtendedPrivateKey("xna-pq", hdKey);
366
+ // xpqpriv starts with "xpqp..." (mainnet) or "tpqp..." (testnet), 111 chars
367
+
368
+ // Restore from the serialized form and keep deriving
369
+ const restored = NeuraiKey.pqHDKeyFromExtended("xna-pq", xpqpriv);
370
+ const addr = NeuraiKey.getPQAddressByPath("xna-pq", restored, "m_pq/100'/1900'/0'/0'/0'");
371
+ ```
372
+
373
+ The binary layout (74 bytes: `depth + fingerprint + child + chainCode + 0x00 + pq_seed`) and version bytes (`0x0488AC24` mainnet, `0x043581D5` testnet) match the Neurai node's `CNeuraiExtKeyPQ` serialization.
374
+
351
375
  ### PQ AuthScript Details
352
376
 
353
377
  | Property | Value |
@@ -357,13 +381,15 @@ const addr1 = NeuraiKey.getPQAddressByPath("xna-pq", hdKey, "m/100'/1900'/0'/0/1
357
381
  | Mainnet HRP / prefix | `nq` / `nq1...` |
358
382
  | Testnet HRP / prefix | `tnq` / `tnq1...` |
359
383
  | Public key size | 1312 bytes |
360
- | Derivation path (mainnet) | `m/100'/1900'/0'/0/index` |
361
- | Derivation path (testnet default/external) | `m/100'/1'/account'/0/index` |
384
+ | HD tree | Native PQ, HMAC-SHA512 with key `"Neurai PQ seed"`, hardened-only |
385
+ | Derivation path (mainnet) | `m_pq/100'/1900'/0'/0'/index'` |
386
+ | Derivation path (testnet default/external) | `m_pq/100'/1'/0'/0'/index'` |
387
+ | Extended privkey prefix | `xpqp...` (mainnet) / `tpqp...` (testnet), 111 base58 chars |
362
388
  | Auth descriptor | `0x01 \|\| HASH160(0x05 \|\| pq_pubkey)` |
363
389
  | Commitment | `tagged_hash("NeuraiAuthScript", 0x01 \|\| auth_descriptor \|\| SHA256(witnessScript))` |
364
390
  | Default witnessScript | `OP_TRUE` (`51` in hex) |
365
391
 
366
- **Note**: PQ AuthScript addresses do not have a WIF (Wallet Import Format) field since WIF is specific to secp256k1 keys. The `seedKey` field contains the 32-byte BIP32-derived seed used for deterministic ML-DSA-44 key generation, useful for cross-implementation verification.
392
+ **Note**: PQ AuthScript addresses do not have a WIF (Wallet Import Format) field since WIF is specific to secp256k1 keys. The `seedKey` field contains the 32-byte native PQ seed used for deterministic ML-DSA-44 key generation, useful for cross-implementation verification.
367
393
 
368
394
  ## Get public key from WIF
369
395
 
@@ -412,7 +438,7 @@ const NeuraiKey = require("@neuraiproject/neurai-key");
412
438
  </html>
413
439
  ```
414
440
 
415
- ## Package layout in `3.1.0`
441
+ ## Package layout in `4.0.0`
416
442
 
417
443
  - `dist/index.js`: ESM main entry
418
444
  - `dist/index.cjs`: CommonJS entry