@theqrl/wallet.js 0.1.3 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +195 -1
  3. package/dist/cjs/package.json +1 -0
  4. package/dist/cjs/wallet.js +4856 -0
  5. package/dist/mjs/package.json +1 -0
  6. package/dist/mjs/wallet.js +4841 -0
  7. package/package.json +27 -7
  8. package/src/index.js +33 -13
  9. package/src/qrl/wordlist.js +11 -5
  10. package/src/utils/bytes.js +59 -0
  11. package/src/wallet/common/address.js +94 -0
  12. package/src/wallet/common/constants.js +16 -0
  13. package/src/wallet/common/descriptor.js +70 -0
  14. package/src/wallet/common/seed.js +123 -0
  15. package/src/wallet/common/wallettype.js +21 -0
  16. package/src/wallet/factory.js +39 -0
  17. package/src/wallet/misc/mnemonic.js +77 -0
  18. package/src/wallet/ml_dsa_87/crypto.js +90 -0
  19. package/src/wallet/ml_dsa_87/descriptor.js +18 -0
  20. package/src/wallet/ml_dsa_87/wallet.js +158 -0
  21. package/types/index.d.ts +12 -11
  22. package/types/qrl/wordlist.d.ts +9 -0
  23. package/types/qrl/wordlist.d.ts.map +1 -1
  24. package/types/utils/bytes.d.ts +27 -0
  25. package/types/utils/bytes.d.ts.map +1 -0
  26. package/types/wallet/common/address.d.ts +17 -0
  27. package/types/wallet/common/address.d.ts.map +1 -0
  28. package/types/wallet/common/constants.d.ts +13 -0
  29. package/types/wallet/common/constants.d.ts.map +1 -0
  30. package/types/wallet/common/descriptor.d.ts +32 -0
  31. package/types/wallet/common/descriptor.d.ts.map +1 -0
  32. package/types/wallet/common/seed.d.ts +67 -0
  33. package/types/wallet/common/seed.d.ts.map +1 -0
  34. package/types/wallet/common/wallettype.d.ts +19 -0
  35. package/types/wallet/common/wallettype.d.ts.map +1 -0
  36. package/types/wallet/factory.d.ts +9 -0
  37. package/types/wallet/factory.d.ts.map +1 -0
  38. package/types/wallet/misc/mnemonic.d.ts +13 -0
  39. package/types/wallet/misc/mnemonic.d.ts.map +1 -0
  40. package/types/wallet/ml_dsa_87/crypto.d.ts +24 -0
  41. package/types/wallet/ml_dsa_87/crypto.d.ts.map +1 -0
  42. package/types/wallet/ml_dsa_87/descriptor.d.ts +8 -0
  43. package/types/wallet/ml_dsa_87/descriptor.d.ts.map +1 -0
  44. package/types/wallet/ml_dsa_87/wallet.d.ts +74 -0
  45. package/types/wallet/ml_dsa_87/wallet.d.ts.map +1 -0
  46. package/src/dilithium.js +0 -158
  47. package/src/utils/mnemonic.js +0 -93
  48. package/types/dilithium.d.ts +0 -25
  49. package/types/dilithium.d.ts.map +0 -1
  50. package/types/utils/mnemonic.d.ts +0 -3
  51. package/types/utils/mnemonic.d.ts.map +0 -1
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2023-2026 The Quantum Resistant Ledger
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md CHANGED
@@ -3,4 +3,198 @@
3
3
  ![test](https://github.com/theQRL/wallet.js/actions/workflows/test.yml/badge.svg)
4
4
  [![codecov](https://codecov.io/gh/theQRL/wallet.js/branch/main/graph/badge.svg?token=HHVBFBVGFR)](https://codecov.io/gh/theQRL/wallet.js)
5
5
 
6
- WIP helper library for QRL Dilithium wallet
6
+ Quantum-resistant wallet library for The QRL using **ML-DSA-87** (FIPS 204).
7
+
8
+ ## Features
9
+
10
+ - ML-DSA-87 digital signatures (NIST post-quantum standard)
11
+ - Deterministic key derivation from seeds
12
+ - Mnemonic phrase backup (34 words)
13
+ - Address generation and validation
14
+ - Works in Node.js and browsers
15
+ - Dual ESM/CommonJS support
16
+
17
+ ## Installation
18
+
19
+ ```bash
20
+ npm install @theqrl/wallet.js
21
+ ```
22
+
23
+ ## Quick Start
24
+
25
+ ### ESM (recommended)
26
+
27
+ ```javascript
28
+ import { MLDSA87, Seed, isValidAddress } from '@theqrl/wallet.js';
29
+
30
+ // Create a new random wallet
31
+ const wallet = MLDSA87.newWallet();
32
+ console.log('Address:', wallet.getAddressStr());
33
+ console.log('Mnemonic:', wallet.getMnemonic());
34
+
35
+ // Sign a message
36
+ const message = new TextEncoder().encode('Hello QRL!');
37
+ const signature = wallet.sign(message);
38
+
39
+ // Verify signature
40
+ const isValid = MLDSA87.verify(signature, message, wallet.getPK());
41
+ console.log('Valid:', isValid); // true
42
+
43
+ // Clean up sensitive data
44
+ wallet.zeroize();
45
+ ```
46
+
47
+ ### CommonJS
48
+
49
+ ```javascript
50
+ const { MLDSA87, Seed, isValidAddress } = require('@theqrl/wallet.js');
51
+
52
+ const wallet = MLDSA87.newWallet();
53
+ console.log('Address:', wallet.getAddressStr());
54
+ ```
55
+
56
+ ## API Reference
57
+
58
+ ### Creating Wallets
59
+
60
+ #### `MLDSA87.newWallet([metadata])`
61
+
62
+ Creates a new wallet with a random seed.
63
+
64
+ ```javascript
65
+ const wallet = MLDSA87.newWallet();
66
+ const walletWithMeta = MLDSA87.newWallet([0x01, 0x02]); // Custom 2-byte metadata
67
+ ```
68
+
69
+ #### `MLDSA87.newWalletFromSeed(seed, [metadata])`
70
+
71
+ Creates a wallet from an existing seed (deterministic).
72
+
73
+ ```javascript
74
+ const seed = Seed.from('0x' + '00'.repeat(48)); // 48-byte hex string
75
+ const wallet = MLDSA87.newWalletFromSeed(seed);
76
+ ```
77
+
78
+ #### `MLDSA87.newWalletFromMnemonic(mnemonic)`
79
+
80
+ Restores a wallet from a mnemonic phrase.
81
+
82
+ ```javascript
83
+ const mnemonic = 'absorb aback veto waiter rail aroma...'; // 34 words
84
+ const wallet = MLDSA87.newWalletFromMnemonic(mnemonic);
85
+ ```
86
+
87
+ #### `newWalletFromExtendedSeed(extendedSeed)`
88
+
89
+ Factory function that auto-detects wallet type from extended seed.
90
+
91
+ ```javascript
92
+ import { newWalletFromExtendedSeed } from '@theqrl/wallet.js';
93
+
94
+ const wallet = newWalletFromExtendedSeed('0x01000000...'); // 51-byte hex
95
+ ```
96
+
97
+ ### Wallet Methods
98
+
99
+ | Method | Returns | Description |
100
+ |--------|---------|-------------|
101
+ | `getAddressStr()` | `string` | Address with Q prefix (e.g., `Qabc123...`) |
102
+ | `getAddress()` | `Uint8Array` | Raw 20-byte address |
103
+ | `getMnemonic()` | `string` | 34-word mnemonic phrase |
104
+ | `getPK()` | `Uint8Array` | Public key (2,592 bytes) |
105
+ | `getSK()` | `Uint8Array` | Secret key (4,896 bytes) |
106
+ | `getHexExtendedSeed()` | `string` | Extended seed as hex with 0x prefix |
107
+ | `sign(message)` | `Uint8Array` | Sign a message (4,627-byte signature) |
108
+ | `zeroize()` | `void` | Overwrite sensitive data with zeros |
109
+
110
+ ### Static Methods
111
+
112
+ | Method | Description |
113
+ |--------|-------------|
114
+ | `MLDSA87.verify(signature, message, pk)` | Verify a signature, returns `boolean` |
115
+
116
+ ### Address Utilities
117
+
118
+ ```javascript
119
+ import {
120
+ addressToString,
121
+ stringToAddress,
122
+ isValidAddress
123
+ } from '@theqrl/wallet.js';
124
+
125
+ // Convert bytes to string
126
+ const addrStr = addressToString(addressBytes); // 'Qabc...'
127
+
128
+ // Convert string to bytes
129
+ const addrBytes = stringToAddress('Qabc123...');
130
+
131
+ // Validate address format
132
+ if (isValidAddress(userInput)) {
133
+ // Safe to use
134
+ }
135
+ ```
136
+
137
+ ### Seeds and Descriptors
138
+
139
+ ```javascript
140
+ import {
141
+ Seed,
142
+ ExtendedSeed,
143
+ Descriptor,
144
+ newMLDSA87Descriptor,
145
+ SEED_SIZE, // 48
146
+ EXTENDED_SEED_SIZE, // 51
147
+ DESCRIPTOR_SIZE // 3
148
+ } from '@theqrl/wallet.js';
149
+
150
+ // Create seed from hex
151
+ const seed = Seed.from('0x' + 'ab'.repeat(48));
152
+
153
+ // Create descriptor
154
+ const descriptor = newMLDSA87Descriptor([0x00, 0x00]);
155
+
156
+ // Create extended seed
157
+ const extSeed = ExtendedSeed.newExtendedSeed(descriptor, seed);
158
+ ```
159
+
160
+ ## Security
161
+
162
+ See [SECURITY.md](SECURITY.md) for the security model and best practices.
163
+
164
+ **Important:**
165
+ - Always call `wallet.zeroize()` when done
166
+ - Never log or transmit mnemonics/seeds
167
+ - Validate addresses with `isValidAddress()` before use
168
+
169
+ ## Browser Usage
170
+
171
+ The library works in browsers via bundlers (webpack, vite, etc.):
172
+
173
+ ```javascript
174
+ import { MLDSA87 } from '@theqrl/wallet.js';
175
+
176
+ const wallet = MLDSA87.newWallet();
177
+ ```
178
+
179
+ Uses Web Crypto API for secure random number generation.
180
+
181
+ ## Wallet Type
182
+
183
+ This library currently supports **ML-DSA-87** (FIPS 204), the NIST standardized version of Dilithium.
184
+
185
+ | Property | Value |
186
+ |----------|-------|
187
+ | Security Level | NIST Level 5 |
188
+ | Public Key | 2,592 bytes |
189
+ | Secret Key | 4,896 bytes |
190
+ | Signature | 4,627 bytes |
191
+
192
+ ## Dependencies
193
+
194
+ - `@theqrl/mldsa87` - ML-DSA-87 implementation
195
+ - `@noble/hashes` - SHA-256, SHAKE-256
196
+ - `randombytes` - Secure random generation
197
+
198
+ ## License
199
+
200
+ MIT
package/dist/cjs/package.json ADDED
@@ -0,0 +1 @@
1
+ {"type": "commonjs"}