@theqrl/wallet.js 1.0.4 → 1.0.6

package/README.md

@@ -1,7 +1,7 @@
 # wallet.js
 
 [![npm version](https://img.shields.io/npm/v/@theqrl/wallet.js.svg)](https://www.npmjs.com/package/@theqrl/wallet.js)
-![test](https://github.com/theQRL/wallet.js/actions/workflows/test.yml/badge.svg)
+![test](https://github.com/theQRL/wallet.js/actions/workflows/release.yml/badge.svg)
 [![codecov](https://codecov.io/gh/theQRL/wallet.js/branch/main/graph/badge.svg?token=HHVBFBVGFR)](https://codecov.io/gh/theQRL/wallet.js)
 
 Quantum-resistant wallet library for The QRL using **ML-DSA-87** (FIPS 204).

package/dist/cjs/wallet.js

@@ -6,7 +6,6 @@ var sha2_js = require('@noble/hashes/sha2.js');
 var utils = require('@noble/hashes/utils');
 var utils_js = require('@noble/hashes/utils.js');
 
-var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
 /**
  * Constants used across wallet components.
  * @module wallet/common/constants
@@ -260,10 +259,15 @@ function getDescriptorBytes(walletType, metadata = [0, 0]) {
   if (!isValidWalletType(walletType)) {
     throw new Error('Invalid wallet type in descriptor');
   }
+  const m0 = metadata?.[0] ?? 0;
+  const m1 = metadata?.[1] ?? 0;
+  if (!Number.isInteger(m0) || m0 < 0 || m0 > 255 || !Number.isInteger(m1) || m1 < 0 || m1 > 255) {
+    throw new Error('Descriptor metadata bytes must be in range [0, 255]');
+  }
   const out = new Uint8Array(DESCRIPTOR_SIZE);
   out[0] = walletType >>> 0;
-  out[1] = (metadata?.[0] ?? 0) >>> 0;
-  out[2] = (metadata?.[1] ?? 0) >>> 0;
+  out[1] = m0;
+  out[2] = m1;
   return out;
 }
 
@@ -298,6 +302,13 @@ class Seed {
     return this.bytes.slice();
   }
 
+  /**
+   * Best-effort zeroize internal seed bytes.
+   */
+  zeroize() {
+    this.bytes.fill(0);
+  }
+
   /**
    * Constructor: accepts hex string / Uint8Array / Buffer / number[].
    * @param {string|Uint8Array|Buffer|number[]} input
@@ -373,7 +384,11 @@ class ExtendedSeed {
     const out = new Uint8Array(EXTENDED_SEED_SIZE);
     out.set(desc.toBytes(), 0);
     out.set(seed.toBytes(), DESCRIPTOR_SIZE);
-    return new ExtendedSeed(out);
+    try {
+      return new ExtendedSeed(out);
+    } finally {
+      out.fill(0);
+    }
   }
 
   /**
@@ -385,6 +400,13 @@ class ExtendedSeed {
     return new ExtendedSeed(toFixedU8(input, EXTENDED_SEED_SIZE, 'ExtendedSeed'));
   }
 
+  /**
+   * Best-effort zeroize internal extended seed bytes.
+   */
+  zeroize() {
+    this.bytes.fill(0);
+  }
+
   /**
    * Internal helper: construct without wallet type validation.
    * @param {string|Uint8Array|Buffer|number[]} input
@@ -414,61 +436,27 @@ function newMLDSA87Descriptor(metadata = [0, 0]) {
 
 /**
  * Secure random number generation for browser and Node.js environments.
+ * Requires Web Crypto API (globalThis.crypto.getRandomValues).
  * @module utils/random
  */
 
 const MAX_BYTES = 65536;
 
-function getGlobalScope() {
-  if (typeof globalThis === 'object') return globalThis;
-  // eslint-disable-next-line no-restricted-globals
-  if (typeof self === 'object') return self;
-  if (typeof window === 'object') return window;
-  if (typeof global === 'object') return global;
-  return {};
-}
-
 function getWebCrypto() {
-  const scope = getGlobalScope();
-  return scope.crypto || scope.msCrypto || null;
-}
-
-function getNodeRandomBytes() {
-  /* c8 ignore next */
-  const isNode = typeof process === 'object' && process !== null && process.versions && process.versions.node;
-  if (!isNode) return null;
-
-  let req = null;
-  if (typeof module !== 'undefined' && module && typeof module.require === 'function') {
-    req = module.require.bind(module);
-  } else if (typeof module !== 'undefined' && module && typeof module.createRequire === 'function') {
-    req = module.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('wallet.js', document.baseURI).href)));
-  } else if (typeof require === 'function') {
-    req = require;
-  }
-  if (!req) return null;
-
-  try {
-    const nodeCrypto = req('crypto');
-    if (nodeCrypto && typeof nodeCrypto.randomBytes === 'function') {
-      return nodeCrypto.randomBytes;
-    }
-  } catch {
-    return null;
-  }
-
+  if (typeof globalThis === 'object' && globalThis.crypto) return globalThis.crypto;
   return null;
 }
 
 /**
  * Generate cryptographically secure random bytes.
  *
- * Uses Web Crypto API (getRandomValues) in browsers and crypto.randomBytes in Node.js.
+ * Uses Web Crypto API (getRandomValues) exclusively.
+ * Throws if Web Crypto API is unavailable.
  *
  * @param {number} size - Number of random bytes to generate
  * @returns {Uint8Array} Random bytes
  * @throws {RangeError} If size is invalid or too large
- * @throws {Error} If no secure random source is available
+ * @throws {Error} If no secure random source is available or RNG output is suspect
  */
 function randomBytes(size) {
   if (!Number.isSafeInteger(size) || size < 0) {
@@ -481,14 +469,14 @@ function randomBytes(size) {
     for (let i = 0; i < size; i += MAX_BYTES) {
       cryptoObj.getRandomValues(out.subarray(i, Math.min(size, i + MAX_BYTES)));
     }
+    {
+      let acc = 0;
+      for (let i = 0; i < 16; i++) acc |= out[i];
+      if (acc === 0) throw new Error('getRandomValues returned all zeros');
+    }
     return out;
   }
 
-  const nodeRandomBytes = getNodeRandomBytes();
-  if (nodeRandomBytes) {
-    return nodeRandomBytes(size);
-  }
-
   throw new Error('Secure random number generation is not supported by this environment');
 }
 
@@ -4698,8 +4686,12 @@ function keygen(seed) {
   const sk = new Uint8Array(mldsa87.CryptoSecretKeyBytes);
   // FIPS 204 requires 32-byte seed; hash 48-byte QRL seed to derive it
   const seedBytes = new Uint8Array(seed.hashSHA256());
-  mldsa87.cryptoSignKeypair(seedBytes, pk, sk);
-  return { pk, sk };
+  try {
+    mldsa87.cryptoSignKeypair(seedBytes, pk, sk);
+    return { pk, sk };
+  } finally {
+    seedBytes.fill(0);
+  }
 }
 
 /**
@@ -4792,9 +4784,13 @@ class Wallet {
   static newWallet(metadata = [0, 0]) {
     const descriptor = newMLDSA87Descriptor(metadata);
     const seedBytes = randomBytes(48);
-    const seed = new Seed(seedBytes);
-    const { pk, sk } = keygen(seed);
-    return new Wallet({ descriptor, seed, pk, sk });
+    try {
+      const seed = new Seed(seedBytes);
+      const { pk, sk } = keygen(seed);
+      return new Wallet({ descriptor, seed, pk, sk });
+    } finally {
+      seedBytes.fill(0);
+    }
   }
 
   /**
@@ -4825,8 +4821,12 @@ class Wallet {
    */
   static newWalletFromMnemonic(mnemonic) {
     const bin = mnemonicToBin(mnemonic);
-    const extendedSeed = new ExtendedSeed(bin);
-    return this.newWalletFromExtendedSeed(extendedSeed);
+    try {
+      const extendedSeed = new ExtendedSeed(bin);
+      return this.newWalletFromExtendedSeed(extendedSeed);
+    } finally {
+      bin.fill(0);
+    }
   }
 
   /** @returns {Uint8Array} */
@@ -4874,7 +4874,13 @@ class Wallet {
     return this.pk.slice();
   }
 
-  /** @returns {Uint8Array} */
+  /**
+   * Returns a copy of the secret key.
+   * @returns {Uint8Array}
+   * @warning Caller is responsible for zeroing the returned buffer when done
+   * (e.g. `sk.fill(0)`). The Wallet's `zeroize()` method cannot reach copies
+   * returned by this method.
+   */
   getSK() {
     return this.sk.slice();
   }
@@ -4911,11 +4917,11 @@ class Wallet {
     if (this.sk) {
       this.sk.fill(0);
     }
-    if (this.seed && this.seed.bytes) {
-      this.seed.bytes.fill(0);
+    if (this.seed) {
+      this.seed.zeroize();
     }
-    if (this.extendedSeed && this.extendedSeed.bytes) {
-      this.extendedSeed.bytes.fill(0);
+    if (this.extendedSeed) {
+      this.extendedSeed.zeroize();
     }
   }
 }

package/dist/mjs/wallet.js

@@ -257,10 +257,15 @@ function getDescriptorBytes(walletType, metadata = [0, 0]) {
   if (!isValidWalletType(walletType)) {
     throw new Error('Invalid wallet type in descriptor');
   }
+  const m0 = metadata?.[0] ?? 0;
+  const m1 = metadata?.[1] ?? 0;
+  if (!Number.isInteger(m0) || m0 < 0 || m0 > 255 || !Number.isInteger(m1) || m1 < 0 || m1 > 255) {
+    throw new Error('Descriptor metadata bytes must be in range [0, 255]');
+  }
   const out = new Uint8Array(DESCRIPTOR_SIZE);
   out[0] = walletType >>> 0;
-  out[1] = (metadata?.[0] ?? 0) >>> 0;
-  out[2] = (metadata?.[1] ?? 0) >>> 0;
+  out[1] = m0;
+  out[2] = m1;
   return out;
 }
 
@@ -295,6 +300,13 @@ class Seed {
     return this.bytes.slice();
   }
 
+  /**
+   * Best-effort zeroize internal seed bytes.
+   */
+  zeroize() {
+    this.bytes.fill(0);
+  }
+
   /**
    * Constructor: accepts hex string / Uint8Array / Buffer / number[].
    * @param {string|Uint8Array|Buffer|number[]} input
@@ -370,7 +382,11 @@ class ExtendedSeed {
     const out = new Uint8Array(EXTENDED_SEED_SIZE);
     out.set(desc.toBytes(), 0);
     out.set(seed.toBytes(), DESCRIPTOR_SIZE);
-    return new ExtendedSeed(out);
+    try {
+      return new ExtendedSeed(out);
+    } finally {
+      out.fill(0);
+    }
   }
 
   /**
@@ -382,6 +398,13 @@ class ExtendedSeed {
     return new ExtendedSeed(toFixedU8(input, EXTENDED_SEED_SIZE, 'ExtendedSeed'));
   }
 
+  /**
+   * Best-effort zeroize internal extended seed bytes.
+   */
+  zeroize() {
+    this.bytes.fill(0);
+  }
+
   /**
    * Internal helper: construct without wallet type validation.
    * @param {string|Uint8Array|Buffer|number[]} input
@@ -411,61 +434,27 @@ function newMLDSA87Descriptor(metadata = [0, 0]) {
 
 /**
  * Secure random number generation for browser and Node.js environments.
+ * Requires Web Crypto API (globalThis.crypto.getRandomValues).
  * @module utils/random
  */
 
 const MAX_BYTES = 65536;
 
-function getGlobalScope() {
-  if (typeof globalThis === 'object') return globalThis;
-  // eslint-disable-next-line no-restricted-globals
-  if (typeof self === 'object') return self;
-  if (typeof window === 'object') return window;
-  if (typeof global === 'object') return global;
-  return {};
-}
-
 function getWebCrypto() {
-  const scope = getGlobalScope();
-  return scope.crypto || scope.msCrypto || null;
-}
-
-function getNodeRandomBytes() {
-  /* c8 ignore next */
-  const isNode = typeof process === 'object' && process !== null && process.versions && process.versions.node;
-  if (!isNode) return null;
-
-  let req = null;
-  if (typeof module !== 'undefined' && module && typeof module.require === 'function') {
-    req = module.require.bind(module);
-  } else if (typeof module !== 'undefined' && module && typeof module.createRequire === 'function') {
-    req = module.createRequire(import.meta.url);
-  } else if (typeof require === 'function') {
-    req = require;
-  }
-  if (!req) return null;
-
-  try {
-    const nodeCrypto = req('crypto');
-    if (nodeCrypto && typeof nodeCrypto.randomBytes === 'function') {
-      return nodeCrypto.randomBytes;
-    }
-  } catch {
-    return null;
-  }
-
+  if (typeof globalThis === 'object' && globalThis.crypto) return globalThis.crypto;
   return null;
 }
 
 /**
  * Generate cryptographically secure random bytes.
  *
- * Uses Web Crypto API (getRandomValues) in browsers and crypto.randomBytes in Node.js.
+ * Uses Web Crypto API (getRandomValues) exclusively.
+ * Throws if Web Crypto API is unavailable.
  *
  * @param {number} size - Number of random bytes to generate
  * @returns {Uint8Array} Random bytes
  * @throws {RangeError} If size is invalid or too large
- * @throws {Error} If no secure random source is available
+ * @throws {Error} If no secure random source is available or RNG output is suspect
  */
 function randomBytes(size) {
   if (!Number.isSafeInteger(size) || size < 0) {
@@ -478,14 +467,14 @@ function randomBytes(size) {
     for (let i = 0; i < size; i += MAX_BYTES) {
       cryptoObj.getRandomValues(out.subarray(i, Math.min(size, i + MAX_BYTES)));
     }
+    {
+      let acc = 0;
+      for (let i = 0; i < 16; i++) acc |= out[i];
+      if (acc === 0) throw new Error('getRandomValues returned all zeros');
+    }
     return out;
   }
 
-  const nodeRandomBytes = getNodeRandomBytes();
-  if (nodeRandomBytes) {
-    return nodeRandomBytes(size);
-  }
-
   throw new Error('Secure random number generation is not supported by this environment');
 }
 
@@ -4695,8 +4684,12 @@ function keygen(seed) {
   const sk = new Uint8Array(CryptoSecretKeyBytes);
   // FIPS 204 requires 32-byte seed; hash 48-byte QRL seed to derive it
   const seedBytes = new Uint8Array(seed.hashSHA256());
-  cryptoSignKeypair(seedBytes, pk, sk);
-  return { pk, sk };
+  try {
+    cryptoSignKeypair(seedBytes, pk, sk);
+    return { pk, sk };
+  } finally {
+    seedBytes.fill(0);
+  }
 }
 
 /**
@@ -4789,9 +4782,13 @@ class Wallet {
   static newWallet(metadata = [0, 0]) {
     const descriptor = newMLDSA87Descriptor(metadata);
     const seedBytes = randomBytes(48);
-    const seed = new Seed(seedBytes);
-    const { pk, sk } = keygen(seed);
-    return new Wallet({ descriptor, seed, pk, sk });
+    try {
+      const seed = new Seed(seedBytes);
+      const { pk, sk } = keygen(seed);
+      return new Wallet({ descriptor, seed, pk, sk });
+    } finally {
+      seedBytes.fill(0);
+    }
   }
 
   /**
@@ -4822,8 +4819,12 @@ class Wallet {
    */
   static newWalletFromMnemonic(mnemonic) {
     const bin = mnemonicToBin(mnemonic);
-    const extendedSeed = new ExtendedSeed(bin);
-    return this.newWalletFromExtendedSeed(extendedSeed);
+    try {
+      const extendedSeed = new ExtendedSeed(bin);
+      return this.newWalletFromExtendedSeed(extendedSeed);
+    } finally {
+      bin.fill(0);
+    }
   }
 
   /** @returns {Uint8Array} */
@@ -4871,7 +4872,13 @@ class Wallet {
     return this.pk.slice();
   }
 
-  /** @returns {Uint8Array} */
+  /**
+   * Returns a copy of the secret key.
+   * @returns {Uint8Array}
+   * @warning Caller is responsible for zeroing the returned buffer when done
+   * (e.g. `sk.fill(0)`). The Wallet's `zeroize()` method cannot reach copies
+   * returned by this method.
+   */
   getSK() {
     return this.sk.slice();
   }
@@ -4908,11 +4915,11 @@ class Wallet {
     if (this.sk) {
       this.sk.fill(0);
     }
-    if (this.seed && this.seed.bytes) {
-      this.seed.bytes.fill(0);
+    if (this.seed) {
+      this.seed.zeroize();
     }
-    if (this.extendedSeed && this.extendedSeed.bytes) {
-      this.extendedSeed.bytes.fill(0);
+    if (this.extendedSeed) {
+      this.extendedSeed.zeroize();
     }
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@theqrl/wallet.js",
-  "version": "1.0.4",
+  "version": "1.0.6",
   "description": "Quantum-resistant wallet library for The QRL using ML-DSA-87 (FIPS 204)",
   "type": "module",
   "main": "dist/cjs/wallet.js",
@@ -31,7 +31,7 @@
   },
   "dependencies": {
     "@noble/hashes": "^1.8.0",
-    "@theqrl/mldsa87": "^1.0.8"
+    "@theqrl/mldsa87": "^1.0.9"
   },
   "directories": {
     "lib": "src",

package/src/utils/random.js

@@ -1,61 +1,27 @@
 /**
  * Secure random number generation for browser and Node.js environments.
+ * Requires Web Crypto API (globalThis.crypto.getRandomValues).
  * @module utils/random
  */
 
 const MAX_BYTES = 65536;
 const MAX_UINT32 = 0xffffffff;
 
-function getGlobalScope() {
-  if (typeof globalThis === 'object') return globalThis;
-  // eslint-disable-next-line no-restricted-globals
-  if (typeof self === 'object') return self;
-  if (typeof window === 'object') return window;
-  if (typeof global === 'object') return global;
-  return {};
-}
-
 function getWebCrypto() {
-  const scope = getGlobalScope();
-  return scope.crypto || scope.msCrypto || null;
-}
-
-function getNodeRandomBytes() {
-  /* c8 ignore next */
-  const isNode = typeof process === 'object' && process !== null && process.versions && process.versions.node;
-  if (!isNode) return null;
-
-  let req = null;
-  if (typeof module !== 'undefined' && module && typeof module.require === 'function') {
-    req = module.require.bind(module);
-  } else if (typeof module !== 'undefined' && module && typeof module.createRequire === 'function') {
-    req = module.createRequire(import.meta.url);
-  } else if (typeof require === 'function') {
-    req = require;
-  }
-  if (!req) return null;
-
-  try {
-    const nodeCrypto = req('crypto');
-    if (nodeCrypto && typeof nodeCrypto.randomBytes === 'function') {
-      return nodeCrypto.randomBytes;
-    }
-  } catch {
-    return null;
-  }
-
+  if (typeof globalThis === 'object' && globalThis.crypto) return globalThis.crypto;
   return null;
 }
 
 /**
  * Generate cryptographically secure random bytes.
  *
- * Uses Web Crypto API (getRandomValues) in browsers and crypto.randomBytes in Node.js.
+ * Uses Web Crypto API (getRandomValues) exclusively.
+ * Throws if Web Crypto API is unavailable.
  *
  * @param {number} size - Number of random bytes to generate
  * @returns {Uint8Array} Random bytes
  * @throws {RangeError} If size is invalid or too large
- * @throws {Error} If no secure random source is available
+ * @throws {Error} If no secure random source is available or RNG output is suspect
  */
 export function randomBytes(size) {
   if (!Number.isSafeInteger(size) || size < 0) {
@@ -72,13 +38,13 @@ export function randomBytes(size) {
     for (let i = 0; i < size; i += MAX_BYTES) {
       cryptoObj.getRandomValues(out.subarray(i, Math.min(size, i + MAX_BYTES)));
     }
+    if (size >= 16) {
+      let acc = 0;
+      for (let i = 0; i < 16; i++) acc |= out[i];
+      if (acc === 0) throw new Error('getRandomValues returned all zeros');
+    }
     return out;
   }
 
-  const nodeRandomBytes = getNodeRandomBytes();
-  if (nodeRandomBytes) {
-    return nodeRandomBytes(size);
-  }
-
   throw new Error('Secure random number generation is not supported by this environment');
 }

package/src/wallet/common/descriptor.js

@@ -60,10 +60,15 @@ function getDescriptorBytes(walletType, metadata = [0, 0]) {
   if (!isValidWalletType(walletType)) {
     throw new Error('Invalid wallet type in descriptor');
   }
+  const m0 = metadata?.[0] ?? 0;
+  const m1 = metadata?.[1] ?? 0;
+  if (!Number.isInteger(m0) || m0 < 0 || m0 > 255 || !Number.isInteger(m1) || m1 < 0 || m1 > 255) {
+    throw new Error('Descriptor metadata bytes must be in range [0, 255]');
+  }
   const out = new Uint8Array(DESCRIPTOR_SIZE);
   out[0] = walletType >>> 0;
-  out[1] = (metadata?.[0] ?? 0) >>> 0;
-  out[2] = (metadata?.[1] ?? 0) >>> 0;
+  out[1] = m0;
+  out[2] = m1;
   return out;
 }
 

package/src/wallet/common/seed.js

@@ -34,6 +34,13 @@ class Seed {
     return this.bytes.slice();
   }
 
+  /**
+   * Best-effort zeroize internal seed bytes.
+   */
+  zeroize() {
+    this.bytes.fill(0);
+  }
+
   /**
    * Constructor: accepts hex string / Uint8Array / Buffer / number[].
    * @param {string|Uint8Array|Buffer|number[]} input
@@ -109,7 +116,11 @@ class ExtendedSeed {
     const out = new Uint8Array(EXTENDED_SEED_SIZE);
     out.set(desc.toBytes(), 0);
     out.set(seed.toBytes(), DESCRIPTOR_SIZE);
-    return new ExtendedSeed(out);
+    try {
+      return new ExtendedSeed(out);
+    } finally {
+      out.fill(0);
+    }
   }
 
   /**
@@ -121,6 +132,13 @@ class ExtendedSeed {
     return new ExtendedSeed(toFixedU8(input, EXTENDED_SEED_SIZE, 'ExtendedSeed'));
   }
 
+  /**
+   * Best-effort zeroize internal extended seed bytes.
+   */
+  zeroize() {
+    this.bytes.fill(0);
+  }
+
   /**
    * Internal helper: construct without wallet type validation.
    * @param {string|Uint8Array|Buffer|number[]} input

package/src/wallet/ml_dsa_87/crypto.js

@@ -26,8 +26,12 @@ function keygen(seed) {
   const sk = new Uint8Array(CryptoSecretKeyBytes);
   // FIPS 204 requires 32-byte seed; hash 48-byte QRL seed to derive it
   const seedBytes = new Uint8Array(seed.hashSHA256());
-  cryptoSignKeypair(seedBytes, pk, sk);
-  return { pk, sk };
+  try {
+    cryptoSignKeypair(seedBytes, pk, sk);
+    return { pk, sk };
+  } finally {
+    seedBytes.fill(0);
+  }
 }
 
 /**

package/src/wallet/ml_dsa_87/wallet.js

@@ -33,9 +33,13 @@ class Wallet {
   static newWallet(metadata = [0, 0]) {
     const descriptor = newMLDSA87Descriptor(metadata);
     const seedBytes = randomBytes(48);
-    const seed = new Seed(seedBytes);
-    const { pk, sk } = keygen(seed);
-    return new Wallet({ descriptor, seed, pk, sk });
+    try {
+      const seed = new Seed(seedBytes);
+      const { pk, sk } = keygen(seed);
+      return new Wallet({ descriptor, seed, pk, sk });
+    } finally {
+      seedBytes.fill(0);
+    }
   }
 
   /**
@@ -66,8 +70,12 @@ class Wallet {
    */
   static newWalletFromMnemonic(mnemonic) {
     const bin = mnemonicToBin(mnemonic);
-    const extendedSeed = new ExtendedSeed(bin);
-    return this.newWalletFromExtendedSeed(extendedSeed);
+    try {
+      const extendedSeed = new ExtendedSeed(bin);
+      return this.newWalletFromExtendedSeed(extendedSeed);
+    } finally {
+      bin.fill(0);
+    }
   }
 
   /** @returns {Uint8Array} */
@@ -115,7 +123,13 @@ class Wallet {
     return this.pk.slice();
   }
 
-  /** @returns {Uint8Array} */
+  /**
+   * Returns a copy of the secret key.
+   * @returns {Uint8Array}
+   * @warning Caller is responsible for zeroing the returned buffer when done
+   * (e.g. `sk.fill(0)`). The Wallet's `zeroize()` method cannot reach copies
+   * returned by this method.
+   */
   getSK() {
     return this.sk.slice();
   }
@@ -152,11 +166,11 @@ class Wallet {
     if (this.sk) {
       this.sk.fill(0);
     }
-    if (this.seed && this.seed.bytes) {
-      this.seed.bytes.fill(0);
+    if (this.seed) {
+      this.seed.zeroize();
     }
-    if (this.extendedSeed && this.extendedSeed.bytes) {
-      this.extendedSeed.bytes.fill(0);
+    if (this.extendedSeed) {
+      this.extendedSeed.zeroize();
     }
   }
 }